Posts

Did Pompeo Also Get an Obstruction Call from Trump?

/14 Comments/in , /by

The WaPo reports that Trump called both Admiral Mike Rogers and Dan Coats to ask if they could issue statements denying any collusion between Trump’s campaign and Russia.

Trump made separate appeals to the director of national intelligence, Daniel Coats, and to Adm. Michael S. Rogers, the director of the National Security Agency, urging them to publicly deny the existence of any evidence of collusion during the 2016 election.

Coats and Rogers refused to comply with the requests, which they both deemed to be inappropriate, according to two current and two former officials, who spoke on the condition of anonymity to discuss private communications with the president.

If Trump was calling spooks, he presumably would have called all spooks, including CIA Director Mike Pompeo (with whom he is probably closer than the other two). So why aren’t we hearing about that call? Is Pompeo just better at keeping secrets than his counterparts? Or is he hiding it because he didn’t object as strongly as his counterparts?

I Con the Record’s “Generally” Useful Section 702 Q&A

/1 Comment/in /by

As the next step in the effort to reauthorize FISA Section 702, I Con the Record has a released a “generally” useful Q&A document on the law. For those who haven’t been following along, it includes links to many (though not all) of the public resources on Section 702. It provides a generally fair overview, with some new almost admissions, which should at least provide Congress with a road map for unanswered questions they should demand answers on.

Downplaying FBI back door searches

My biggest gripe with the report parallels a gripe I’ve had about public testimony on Section 702 since the first confirmations that the NSA, CIA, and FBI can conduct queries on raw data — back door searches. In public hearings, the intelligence community always sends NSA witnesses who can describe, as former NSA lawyer April Doss did in March, a back door search process that is fairly constrained.

I’m most familiar with NSA’s processes: NSA analysts must obtain prior approval to run U.S. person identifier queries in FAA 702 content; there must be a basis to believe the query is reasonably likely to return foreign intelligence information; all queries are logged and reviewed after the fact by NSA; and DoJ and ODNI review every U.S. person query run at NSA and CIA, along with the documented justifications for those queries.

Of course, even though this description is completely true (as far as we know), it is completely useless when it comes to helping Congress understand the problems inherent to back door searches.

Here’s what the Q&A document says about back door searches.

The government’s minimization procedures restrict the ability of analysts to query the databases that hold “raw” Section 702 information (i.e., where information identifying a U.S. person has not yet been minimized for permanent retention) using an identifier, such as a name or telephone number, that is associated with a U.S. person. Generally, queries of raw content are only permitted if they are reasonably designed to identify foreign intelligence information, although the FBI also may conduct such queries to identify evidence of a crime. As part of Section 702’s extensive oversight, DOJ and ODNI review the agencies’ U.S. person queries of content to ensure the query satisfies the legal standard. Any compliance incidents are reported to Congress and the FISC.

12 Queries of Section 702 data using U.S. person identifiers are sometimes mischaracterized in the public discourse as “backdoor searches.”

While it’s true that NSA and CIA minimization procedures impose limits on when an analyst can query raw data for content (but not for metadata at CIA), that’s simply not true at FBI, where the primary rule is that if someone is not cleared for FISA themselves, they ask a buddy to access the information. As a result — and because FBI queries FISA data for any national security assessment and “with some frequency” in the course of criminal investigations. In other words, partly because FBI is a domestic agency and partly because it has broader querying authorities, it conduct a “substantial” number of queries as opposed to the thousands done by CIA. Here’s how PCLOB describes it:

In 2013, the NSA approved 198 U.S. person identifiers to be used as content query terms.

[snip]

In 2013, the CIA conducted approximately 1,900 content queries using U.S. person identifiers. Approximately forty percent of these content queries were at the request of other U.S. intelligence agencies. Some identifiers were queried more than once; the CIA has advised that approximately 1,400 unique identifiers were queried during this period.

[snip]

The CIA does not track how many metadata-only queries using U.S. person identities have been conducted.

[snip]

[T]he FBI’s minimization procedures differ from the NSA and CIA’s procedures insofar as they permit the FBI to conduct reasonably designed queries “to find and extract” both “foreign intelligence information” and “evidence of a crime.”

[snip]

Because they are not identified as such in FBI systems, the FBI does not track the number of queries using U.S. person identifiers. The number of such queries, however, is substantial for two reasons. First, the FBI stores electronic data obtained from traditional FISA electronic surveillance and physical searches, which often target U.S. persons, in the same repositories as the FBI stores Section 702–acquired data, which cannot be acquired through the intentional targeting of U.S. persons. As such, FBI agents and analysts who query data using the identifiers of their U.S. person traditional FISA targets will also simultaneously query Section 702–acquired data. Second, whenever the FBI opens a new national security investigation or assessment, FBI personnel will query previously acquired information from a variety of sources, including Section 702, for information relevant to the investigation or assessment. With some frequency, FBI personnel will also query this data, including Section 702– acquired information, in the course of criminal investigations and assessments that are unrelated to national security efforts.

So it’s simply dishonest to say that, “Generally, queries of raw content are only permitted if they are reasonably designed to identify foreign intelligence information,” because the most common queries involve national security and common criminal purposes as well. “Generally,” the queries don’t require such things, unless you’re focusing primarily at CIA and NSA, where the threat to US person privacy at the least.

Then, one thing this Q&A doesn’t say is that Judge Thomas Hogan required the FBI to tell FISC of any positive hits on searches for entirely criminal purposes. Congress should know that, because it’s an easy data point that the IC should be able to share with Congress.

And while the document generally describes giving notice to defendants,

Section 706 governs the use of Title VII-derived information in litigation; as with Traditional FISA, it requires the government to give notice to aggrieved persons when the government intends to use evidence obtained or derived from Title VII collection in legal proceedings.

It doesn’t hint at how apparently inadequate this notice has been. Those are all details that Congress needs to know.

Hiding a cybersecurity certificate in the cheap seats?

I’m also interested in how the Q&A describes the purpose of 702. Here’s the 5 bullet points describing 702 successes (I’ve changed ODNI’s bullets to numbers for ease of reference):

  1. NSA has used collection authorized under FISA Section 702 to acquire extensive insight into the highest level decision-making of a Middle Eastern government. This reporting from Section 702 collection provided U.S. policymakers with the clearest picture of a regional conflict and, in many cases, directly informed U.S. engagement with the country. Section 702 collection provides NSA with sensitive internal policy discussions of foreign intelligence value.
  2. NSA has used collection authorized under FISA Section 702 to develop a body of knowledge regarding the proliferation of military communications equipment and sanctions evasion activity by a sanctions-restricted country. Additionally, Section 702 collection provided foreign intelligence information that was key to interdicting shipments of prohibited goods by the target country.
  3. Based on FISA Section 702 collection, CIA alerted a foreign partner to the presence within its borders of an al-Qaeda sympathizer. Our foreign partner investigated the individual and subsequently recruited him as a source. Since his recruitment, the individual has continued to work with the foreign partner against al-Qaeda and ISIS affiliates within the country.
  4. CIA has used FISA Section 702 collection to uncover details, including a photograph, that enabled an African partner to arrest two ISIS-affiliated militants who had traveled from Turkey and were connected to planning a specific and immediate threat against U.S. personnel and interests. Data recovered from the arrest enabled CIA to learn additional information about ISIS and uncovered actionable intelligence on an ISIS facilitation network and ISIS attack planning.
  5. NSA FISA Section 702 collection against an email address used by an al-Qaeda courier in Pakistan resulted in the acquisition of a communication sent to that address by an unknown individual located in the United States. The message indicated that the United States-based individual was urgently seeking advice regarding how to make explosives. The NSA passed this information to the FBI. Using a National Security Letter (NSL), the FBI was able to quickly identify the individual as Najibullah Zazi. Further investigation revealed that Zazi and a group of confederates had imminent plans to detonate explosives on subway lines in Manhattan. Zazi and his co-conspirators were arrested and pled guilty or were convicted of their roles in the planned attack. As the Privacy and Civil Liberties Oversight Board (PCLOB) found in its report, “[w]ithout the initial tip-off about Zazi and his plans, which came about by monitoring an overseas foreigner under Section 702, the subway bombing plot might have succeeded.”

The list has two advantages over the lists the IC was releasing in 2013. First, it’s more modest about its claims, not, this time, listing every quasi-thwarted terrorist funding opportunity as a big success. In addition, it describes all three confirmed certificates (from the Snowden documents): counterterrorism (bullets 3 through 5), counterproliferation (2), and foreign government (1, though if this is Iran, it might also be counterproliferation). It also admits that one point of all this spying is to find informants (bullet 3), even if not as explicitly as some court filings and IG reports do. That purpose — and the associated sensitivities (including whether and how it is used by FBI) is one thing all members of Congress should be briefed on.

That said, the description of the foreign government certificate doesn’t come close to describing the kinds of people who might be swept up in it, and as such provides what I believe to be a misleading understanding of who might be targeted under 702.

Note, too, the silence about the use of certificates for counterintelligence purposes, which the government surely does. Again, that would present different threats to Americans’ privacy.

Then there’s the last sentence of the document, in the upstream collection section.

Furthermore, this collection has allowed the IC to acquire unique intelligence that informs cybersecurity efforts.

Oh, huh, what’s that doing there in the last line of the document rather than in the successes section?

From the very first public discussions of 702 after Edward Snowden, ODNI included cybersecurity among the successes, even before it had a certificate. In fact, the document released June 8, 2013, just three days after the first Snowden release, echoed some of the same language:

Communications collected under Section 702 have provided significant and unique intelligence regarding potential cyber threats to the United States including specific potential computer network attacks. This insight has led to successful efforts to mitigate these threats.

This is a problem! Whether or not upstream 702 could be used for cyber purposes has been an undercurrent since the first USA Freedom Act. There are conflicting reports on whether NSA did obtain a cyber certificate in 2012, as they hoped to, or whether that was denied or so limited that it didn’t serve the function the NSA needed. I’ve even been told that CISA is supposed to serve the same purpose.That said, FBI’s minimization procedures (but not, by my read, NSA’s) include some language directed at cybersecurity.

Congress deserves to have a better sense of whether and how the government is using upstream 702 for cybersecurity, because there are unique issues associated with it. It’s clearly a great application of upstream searches, but not one without some risks. So the government should be more clear about this, at least in classified briefings available to all members.

Admitting NSA uses Section 704 not Section 703

Finally, this language is as close as the IC has come to admitting that it uses Section 704, not Section 703, to target Americans overseas.

In contrast to Section 702, which focuses on foreign targets, Section 704 provides additional protection for collection activities directed against U.S. persons located outside of the United States. Section 2.5 of Executive Order 12333 requires the AG to approve the use of “any technique for which a warrant would be required if undertaken for law enforcement purposes” against U.S. persons abroad for intelligence purposes. The AG’s approval must be based on a determination that probable cause exists to believe the U.S. person is a foreign power or an agent of a foreign power. Section 704 builds upon these pre-FAA requirements and provides that, in addition to the AG’s approval, the government must obtain an order from the FISC in situations where the U.S. person target has “a reasonable expectation of privacy and a warrant would be required if the acquisition were conducted inside the United States for law enforcement purposes.” The FISC order must be based upon a finding that there is probable cause to believe that the target is a foreign power, an agent of a foreign power, or an officer or employee of a foreign power and that the target is reasonably believed to be located outside the United States. By requiring the approval of the FISC in addition to the approval of the AG, Section 704 provides an additional layer of civil liberties and privacy protection for U.S. persons located abroad.

In addition to Sections 702 and 704, the FAA added several other provisions to FISA. Section 701 provides definitions for Title VII. Section 703 allows the FISC to authorize an application targeting a U.S. person located outside the U.S. when the collection is conducted inside the United States. Like Section 704, Section 703 requires a finding by the FISC that there is probable cause to believe that the target is a foreign power, an agent of a foreign power, or an officer or employee of a foreign power and is reasonably believed to be located outside the United States.

I’ve written about the distinction here.

Now, in theory, the authority used may not make a difference. Moreover, it’s possible that the NSA simply uses 705b for Americans overseas, meaning they can rely on domestic providers for stored Internet data, while using their more powerful spying for overseas content (in which case Congress should know that too).

But I also think the methods used may have an impact on US persons’ privacy, both the target and others. I’ll try to lay this out in a post in the coming days.

All of which is to say, this document is useful. But there are a few areas — particularly with FBI back door searches, which is the most important area — where the document gets noticeably silent.

 

Ron Wyden’s History of Bogus Excuses for Not Counting 702 US Person Collection

/6 Comments/in , /by

The other day, Ron Wyden gave a long speech on FISA Section 702, purportedly explaining why he was voting against Dan Coats to be Director of National Intelligence. Wyden voted against Coats because his former colleague would not commit to providing a number of the number of Americans swept up under Section 702. Given that it’s always a good idea to read Wyden closely, I wanted to summarize what he said. I’ll look at his complaints in a separate post, but for now I wanted to focus on Wyden’s description of the bogus explanations James Clapper and others gave Wyden in his past efforts to get the number of Americans sucked up in 702. I summarized the known exchanges that occurred on this issue before Clapper’s famous “not wittingly” lie here.

In 2011, both Wyden and John Bates were asking for numbers at the same time — NSA refused both

The first request for a count is temporally significant(update: I think I just missed this one in the past). In April 2011, Wyden and Mark Udall asked for the number.

In April of 2011, our former colleague, Senator Mark Udall, and I then asked the Director of National Intelligence, James Clapper, for an estimate.

According to Clapper’s response, they sent a written letter with the request on July 14, 2011. The timing of this request is critically important because it means Wyden and Udall made the request during the period when NSA and FISA Judge John Bates were discussing the upstream violations (see this post for a timeline). As part of that long discussion Bates had NSA do analysis of how often it collected US person communications that were completely unrelated to a targeted one (MCTs). Once Bates understood the scope of the problem, he asked how many US person communications it collected that were a positive hit on the target that were the only communication collected (SCTs).

But the timing demands even closer scrutiny. On July 8, John Bates went to DOJ to express “serious concerns” — basically, warning them he might not be able to reauthorize upstream surveillance. On July 14 — the same day Wyden and Udall asked Clapper for this information — DOJ asked Bates for another extension to respond to his questions, promising more information. Clapper blew off Wyden and Udall’s request in what must be record time — on July 26. On August 16, DOJ provided their promised additional information to Bates. That ended up being a count of how many Americans were affected in MCTs.

That means Clapper claimed he couldn’t offer a number even as NSA was doing precisely the kind of count that Wyden and Udall wanted, albeit for just one kind of 702 collection. And, as Wyden suggested in his speech, Clapper’s answer was non-responsive, answering how many US persons had their communications reviewed, rather than how many had their communications collected.

In July of that year, the director wrote back and said, and I quote, it was not reasonably possible to identify the number of people located in the United States whose communications may have been reviewed under the authority of the Foreign Intelligence Surveillance Act. He suggested reviewing the classified number of disseminated intelligence reports containing a reference to a U.S. Person, but that is very different than the number of Americans whose communications have been collected in the first place. And that’s what this is all about.

Then, after the government presented the information on how many US persons were collected via MCTs to Bates in August, Bates asked them to go back and count SCTs.

NSA refused.

Both FISC and members of SSCI were asking for this information in the same time period, and NSA refused to provide the count.

Since NSA wouldn’t help him, Bates invented an estimate himself, calculating that some 46,000 entirely domestic communications were collected under upstream collection each year.

NSA’s manual review focused on examining the MCTs acquired through NSA’s upstream collection in order to assess whether any contained wholly domestic communications. Sept. 7, 2011 Hearing Tr. at 13-14. As a result, once NSA determined that a transaction contained a single discrete communication, no further analysis of that transaction was done. See Aug. 16 Submission at 3. After the Court expressed concern that this category of transactions might also contain wholly domestic communications, NSA conducted a further review. See Sept. 9 Submission at 4. NSA ultimately did not provide the Court with an estimate of the number of wholly domestic “about” SCTs that may be acquired through its upstream collection. Instead, NSA has concluded that “the probability of encountering wholly domestic communications in transactions that feature only a single, discrete communication should be smaller — and certainly no greater — than potentially encountering wholly domestic communications within MCTs.” Sept. 13 Submission at 2.

The Court understands this to mean that the percentage of wholly domestic communications within the universe of SCTs acquired through NSA’s upstream collection should not exceed the percentage of MCTs within its statistical sample. Since NSA found 10 MCTs with wholly domestic communications within the 5,081 MCTs reviewed, the relevant percentage is .197% (10/5,081). Aug. 16 Submission at 5.

NSA’s manual review found that approximately 90% of the 50,440 transactions in the same were SCTs. Id. at 3. Ninety percent of the approximately 13, 25 million total Internet transactions acquired by NSA through its upstream collection during the six-month period, works out to be approximately 11,925,000 transactions. Those 11,925,000 transactions would constitute the universe of SCTs acquired during the six-month period, and .197% of that universe would be approximately 23,000 wholly domestic SCTs. Thus, NSA may be acquiring as many as 46,000 wholly domestic “about” SCTs each year, in addition to the 2,000-10,000 MCTs referenced above.

Presumably, Wyden learned that NSA had been doing such a count in October, well after Clapper had given his first non-responsive answer.

The 2012 privacy violation claim

Wyden skips the next request he made, when on May 4, 2012, he and Udall asked the Intelligence Community Inspector General Charles McCullough for a number (I laid out the timing of the request in this post). When they also tried to include language in the FAA reauthorization requiring the IGs to come up with a number, SSCI refused, citing their outstanding request to McCullough. Of course, McCullough did not get back to the Senators with his refusal to do such a count until after the bill had passed out of committee. He responded by saying NSA IG George Ellard didn’t have the capacity for such a review, and besides, it would violate the privacy of Americans to find out how much NSA was violating their privacy.

I defer to his conclusion that obtaining such an estimate was beyond the capacity of his office and dedicating sufficient additional resources would likely impede the NSA’s mission. He further stated that his office and NSA leadership agreed that an IG review of the sort suggested would itself violate the privacy of U.S. persons.

Clapper blows off 12 Senators

In response, Wyden rounded up some privacy minded Senators to sign onto a letter asking for an estimate of the number. In this week’s speech, Wyden noted that he said he’d be willing to take an estimate. He didn’t remind his listeners that he and his friends also asked whether such an estimate had been done.

  • Have any entities made any estimates — even imprecise estimates — about how many US communications have been collected under section 702 authorities?

The answer to that question — at least with regards to upstream collection — was yes. NSA had estimated the MCTs and Bates, using their estimate, had made an even rougher estimate of the SCTs. But as I noted here, members of Congress relying on the purported disclosure to Congress about the upstream violations wouldn’t know that — or that the upstream violations involved entirely US person collection. As Wyden noted in his speech, Congress didn’t get this information before the reauthorized FAA.

We still got no answer. And section 702 was reauthorized without this necessary information.

Clapper’s least untruthful answer

Wyden also doesn’t address Clapper’s famous March 2013 lie. Since the exposure of the phone dragnet, most discussions have assumed Wyden was probing only about that program. But the question, as asked, absolutely applied to incidental collection.

Wyden: Does the NSA collect any type of data, at all, on millions, or hundreds of millions of Americans?

Clapper: No sir.

Wyden: It does not?

Clapper: There are cases where they could inadvertently, perhaps, uh, collect, but not wittingly.

Indeed, several of Clapper’s many excuses claim he was thinking of content when he responded. Even if he were, his first answer would still be yes: the NSA collects on so many millions of Americans incidentally that it refuses to count it. But Clapper’s “not wittingly” response is almost certainly not a goof, since he gave it after Wyden had provided a day’s warning the question would be asked and after two different John Bates’ opinions that made it clear that he would forgive the collection of content so long as NSA didn’t know about it, but once they knew about it, then it would become illegal. The not wittingly response reinforces my firm belief that the reason the government refuses to count this is because then a great deal of their Section 702 collection would be deemed illegal under those two FISC precedents.

Clapper’s blow-off becomes Dan Coats’ blow-off

Which is where Wyden brings us up to date, with both house of Congress asking for such a number and — after promises it would be forthcoming — not getting it.

So last year looking at the prospect of the law coming up, there was a renewed effort to find out how many law-abiding Americans are getting swept up in these searches of foreigners. In April 2016 a bipartisan letter from members of the House Judiciary Committee asked the Director of National Intelligence for a public estimate of the number of communications or transactions involving United States persons are collected under section 702 on an annual basis. This letter coming from the House Democrats and Republicans, again asked for a rough estimate. This bipartisan group suggested working with director clapper to determine the methodology to get this estimate.

In December there were hints in the news media that something might be forthcoming, but now we’re here with a new administration considering the nomination of the next head of the intelligence community who has said that reauthorizing section 702 is his top legislative priority and that there is no answer in sight to the question Democrats and Republicans have been asking for over six years. How many innocent law-abiding Americans are getting swept up in these searches under a law that targets foreigners overseas?

There’s one tiny tidbit he doesn’t mention here. Coats never answered that he wouldn’t provide an answer. Rather, he said he didn’t understand the technical difficulties behind providing one (not even after participating in the 2012 vote where this was discussed). In his confirmation hearing, Coats explained one reason why he couldn’t learn what the technical difficulties were before he was confirmed. When he resigned the Senate, his clearance had lapsed, and during his confirmation process, his new clearance was being processed. That meant that for this — and any other classified question that Coats might want to consider anew — he was unable to get information.

The Senate doesn’t seem to care about this serial obstruction, however. Coats was confirmed with an 85-12 vote, with the following Senators voting against confirmation.

Baldwin (D-WI)
Booker (D-NJ)
Duckworth (D-IL)
Gillibrand (D-NY)
Harris (D-CA)
Markey (D-MA)
Merkley (D-OR)
Paul (R-KY)
Sanders (I-VT)
Udall (D-NM)
Warren (D-MA)
Wyden (D-OR)

Given how hard the IC is trying to hide this, the actual exposure of US persons must be fairly significant. We’ll see whether Congress finds another way to force this information out of the IC.

Updated with more granular timing on the 2011 exchange.

The Ironies of the EO 12333 Sharing Expansion for Obama and Trump

/8 Comments/in , , /by

In one of his first acts as leader of the Democratic party in 2008, Barack Obama flipped his position on telecom immunity under FISA Amendments Act, which cleared the way for its passage. That was a key step in the legalization of the Stellar Wind dragnet illegally launched by George Bush in 2001, the normalization of turnkey surveillance of the rest of the world, surveillance that has also exposed countless Americans to warrantless surveillance.

Bookends of the Constitutional law president’s tenure: codifying and expanding Stellar Wind

So it is ironic that, with one of his final acts as President, Obama completed the process of normalizing and expanding Stellar Wind with the expansion of EO 12333 information sharing.

As I laid out some weeks ago, on January 3, Loretta Lynch signed procedures that permit the NSA to share its data with any of America’s other 16 intelligence agencies. This gives CIA direct access to NSA data, including on Americans. It gives all agencies who jump through some hoops that ability to access US person metadata available overseas for the kind of analysis allegedly shut down under USA Freedom Act, with far fewer limits in place than existed under the old Section 215 dragnet exposed by Edward Snowden.

And it did so just as an obvious authoritarian took over the White House.

I’ve was at a privacy conference in Europe this week (which is my partial explanation for being AWOL all week), and no one there, American or European, could understand why the Obama Administration would give Trump such powerful tools.

About the only one who has tried to explain it is former NSA lawyer Susan Hennessey in this Atlantic interview.

12333 is not constrained by statute; it’s constrained by executive order. In theory, a president could change an executive order—that’s within his constitutional power. It’s not as easy as just a pen stroke, but it’s theoretically possible.

[snip]

When they were in rewrites, they were sort of vulnerable. There was the possibility that an incoming administration would say, “Hey! While you’re in the process of rewriting, let’s go ahead and adjust some of the domestic protections.” And I think a reasonable observer might assume that while the protections the Obama administration was interested in putting into place increased privacy protections—or at the very least did not reduce them—that the incoming administration has indicated that they are less inclined to be less protective of privacy and civil liberties. So I think it is a good sign that these procedures have been finalized, in part because it’s so hard to change procedures once they’re finalized.

[snip]

I think the bottom line is that it’s comforting to a large national-security community that these are procedures that are signed off by Director of National Intelligence James Clapper and Attorney General Loretta Lynch, and not by the DNI and attorney general that will ultimately be confirmed under the Trump Administration.

Hennessey’s assurances ring hollow. That’s true, first of all, because it is actually easier to change an EO — and EO 12333 specifically — than “a pen stroke.” We know that because John Yoo did just that, in authorizing Stellar Wind, when he eliminated restrictions on SIGINT sharing without amending EO 12333 at all. “An executive order cannot limit a President,” Yoo wrote in the 2001 memo authorizing Stellar Wind. “There is no constitutional requirement for a President to issue a new executive order whenever he wishes to depart from the terms of a previous executive order. Rather than violate an executive order, the President has instead modified or waived it.” And so it was that the NSA shared Stellar Wind data with CIA, in violation of the plain language of EO 12333 Section 2.3, until that sharing was constrained in 2004.

Yes, in 2008, the Bush Administration finally changed the language of 2.3 to reflect the SIGINT sharing it had started to resume in 2007-2008. Yes, this year the Obama Administration finally made public these guidelines that govern that sharing. But recent history shows that no one should take comfort that EOs can bind a president. They cannot. The Executive has never formally retracted that part of the 2001 opinion, which in any case relies on a 1986 OLC opinion on Iran-Contra arguing largely the same thing.

No statutorily independent oversight over vastly expanded information sharing

Which brings us to whether the EO sharing procedures, as released, might bind Trump anymore than EO 12333 bound Bush in 2001.

In general, the sharing procedures are not even as stringent as other surveillance documents from the Obama Administration. The utter lack of any reasonable oversight is best embodied, in my opinion, by the oversight built into the procedures. A key cog in that oversight is the Department of National Intelligence’s Privacy and Civil Liberties Officer — long inhabited by a guy, Alex Joel, who had no problem with Stellar Wind. That role will lead reviews of the implementation of this data sharing. In addition to DNI’s PCLO, NSA’s PCLO will have a review role, along with the General Counsels of the agencies in question, and in some limited areas (such as Attorney Client communications), so will DOJ’s National Security Division head.

What the oversight of these new sharing procedures does not include is any statutorily independent position, someone independently confirmed by the Senate who can decide what to investigate on her own. Notably, there is not a single reference to Inspectors General in these procedures, even where other surveillance programs rely heavily on IGs for oversight.

There is abundant reason to believe that the PATRIOT Act phone and Internet dragnets violated the restrictions imposed by the FISA Court for years in part because NSA’s IG’s suggestions were ignored, and it wasn’t until, in 2009, the FISC mandated NSA’s IG review the Internet dragnet that NSA’s GC “discovered” that every single record ingested under the program violated FISC’s rules after having not discovered that fact in 25 previous spot checks. In the past, then, internal oversight of surveillance has primarily come when IGs had the independence to actually review the programs.

Of course, there won’t be any FISC review here, so it’s not even clear whether explicit IG oversight of the sharing would be enough, but it would be far more than what the procedures require.

I’d add that the Privacy and Civil Liberties Oversight Board, which provided key insight into the Section 215 and 702 programs, also has no role — except that PCLOB is for all intents and purposes defunct at this point, and there’s no reason to believe it’ll become operational under Trump.

Obama vastly expanded information sharing with these procedures without implementing the most obvious and necessary oversight over that sharing, statutorily independent oversight.

Limits on using the dragnet to affect political processes

There is just one limit in the new procedures that I think will have any effect whatsoever — but I think Trump may have already moved to undercut it.

The procedures explicitly prohibit what everyone should be terrified about under Trump — that he’ll use this dragnet to persecute his political enemies. Here’s that that prohibition looks like.

Any IC element that obtains access to raw SIGINT under these Procedures will:

[snip]

Political process in the United States. Not engage in any intelligence activity authorized by these Procedures, including disseminations to the White House, for the purpose of affecting the political process in the United States. The IC element will comply with the guidance applicable to NSA regarding the application of this prohibition. Questions about whether a particular activity falls within this prohibition will be resolved in consultation with the element’s legal counsel and the General Counsel of the Office of the Director of National Intelligence (ODNI) (and the DoD’s Office of the General Counsel in the case of a DoD IC element).

If you need to say the IC should not share data with the White House for purposes of affecting the political process, maybe your info sharing procedures are too dangerous?

Anyway, among the long list of things the IC is not supposed to do, this is the only one that I think is so clear that it would likely elicit leaks if it were violated (though obviously that sharing would have to be discovered by someone inclined to leak).

All that said, note who is in charge of determining whether something constitutes affecting political processes? The IC agency’s and ODNI’s General Counsel (the latter position is vacant right now). Given that the Director of National Intelligence is one of the positions that just got excluded from de facto participation in Trump’s National Security Council (in any case, Republican Senator Dan Coats has been picked for that position, which isn’t exactly someone you can trust to protect Democratic or even democratic interests), it would be fairly easy to hide even more significant persecution of political opponents.

FBI and CIA’s expanded access to Russian counterintelligence information

There is, however, one aspect of these sharing guidelines that may have work to limit Trump’s power.

In the procedures, the conditions on page 7 and 8 under which an American can be spied on under EO 12333 are partially redacted. But the language on page 11 (and in some other parallel regulations) make it clear one purpose under which such surveillance would be acceptable, as in this passage.

Communications solely between U.S. persons inadvertently retrieved during the selection of foreign communications will be destroyed upon recognition, except:

When the communication contains significant foreign intelligence or counterintelligence, the head of the recipient IC element may waive the destruction requirement and subsequently notify the DIRNSA and NSA’s OGC;

Under these procedures generally, communications between an American and a foreigner can be read. But communications between Americans must be destroyed except if there is significant foreign intelligence or counterintelligence focus. This EO 12333 sharing will be used not just to spy on foreigners, but also to identify counterintelligence threats (which would presumably include leaks but especially would focus on Americans serving as spies for foreign governments) within the US.

Understand: On January 3, 2017, amid heated discussions of the Russian hack of the DNC and public reporting that at least four of Trump’s close associates may have had inappropriate conversations with Russia, conversations that may be inaccessible under FISA’s probable cause standard, Loretta Lynch signed an order permitting the bulk sharing of data to (in part) find counterintelligence threats in the US.

This makes at least five years of information collected on Russian targets available, with few limits, to both the CIA and FBI. So long as the CIA or FBI were to tell DIRNSA or NSA’s OGC they were doing so, they could even keep conversations between Americans identified “incidentally” in this data.

I still don’t think giving the CIA and FBI (and 14 other agencies) access to NSA’s bulk SIGINT data with so little oversight is prudent.

But one of the only beneficial aspects of such sharing might be if, before Trump inevitably uses bulk SIGINT data to persecute his political enemies, CIA and FBI use such bulk data to chase down any Russian spies that may have had a role in defeating Hillary Clinton.

“Is Our Congressmens Learning?

/9 Comments/in , /by

George Bush once famously asked whether “our children is learning,” demonstrating that those setting policy for education might be least suited for measuring the efficacy of education.

Two different members of Congress in the last day suggest the same is true of counterterrorism policy.

First there was IN Senator Dan Coats, who apparently attributed his understanding of terrorism tactics to 24 and Homeland yesterday. As Mia Bloom pointed out, they’re fiction (though probably supported by intelligence agencies). Experts have attacked the realism of both shows.

The worst part of Coats admitting he takes 24 and Homeland as true, though, is that he’s on the Senate Intelligence Committee. He has — or should have — a way of getting factual details about terrorist tactics. He appears to turn to fiction instead.

Who knows what source CA Congresswoman (and Senate candidate) Loretta Sanchez relied on for her claim that 5 to 20% of Muslims want a Caliphate.

“There is a small group, and we don’t know how big that is—it can be anywhere between 5 and 20 percent, from the people that I speak to—that Islam is their religion and who have a desire for a caliphate and to institute that in anyway possible, and in particular go after what they consider Western norms—our way of life,” she said.

But she, like Coats, is privy to intelligence briefings on both the Armed Services and — especially, in this context — Homeland Security Committees. Did some whackdoodle from Homeland Security tell Sanchez a significant chunk of Muslims are itching to set up an all-Muslim empire?

Something’s wrong with our congressional briefing process. Either these people aren’t attending, they’re not useful, or they’re being fed junk.

And it’s making America less safe.

Update: Dan Coats’ state corrected thanks to “mitch daniels.”

Your Obligatory Fran Fragos Townsend Leak

/8 Comments/in , , /by

Remember how the detail that UndieBomb 2.0 involved a Saudi infiltrator got out? John Brennan had a private teleconference with Richard Clarke and Fran Fragos Townsend and implied as much, which led to Clarke reporting it (and not long after, ABC confirming it with foreign sources).

At about 5:45 p.m. EDT on Monday, May 7, just before the evening newscasts, John Brennan, President Barack Obama’s top White House adviser on counter-terrorism, held a small, private teleconference to brief former counter-terrorism advisers who have become frequent commentators on TV news shows.

According to five people familiar with the call, Brennan stressed that the plot was never a threat to the U.S. public or air safety because Washington had “inside control” over it.

Brennan’s comment appears unintentionally to have helped lead to disclosure of the secret at the heart of a joint U.S.-British-Saudi undercover counter-terrorism operation.

A few minutes after Brennan’s teleconference, on ABC’s World News Tonight, Richard Clarke, former chief of counter-terrorism in the Clinton White House and a participant on the Brennan call, said the underwear bomb plot “never came close because they had insider information, insider control.”

Now, National Security Council Spokesperson Tommy Vietor, who aggressively but rather unconvincingly tried to claim that the Administration had never intended to publicly announce UndieBomb 2.0, is claiming that the Administration is obligated to hold such teleconferences because the Administration is obligated to be “transparent” about potential threats.

The Yemen plot had many intelligence and national security officials flummoxed and angered by its public airing.  Despite that, a senior administration official then briefed network counterterrorism analysts, including CNN’s Frances Townsend, about parts of the operation.

But such briefings are an “obligation” for the administration once a story like the Yemen plot is publicized, insisted National Security Council spokesman Tommy Vietor.

“The reason that we brief former counterterrorism officials is because they are extremely conscientious about working with us about what can and cannot be said or disclosed,” Vietor told Security Clearance.  “They understand that there is an obligation for the U.S. to be transparent with American people about potential threats but will work with us to protect operational equities because they’ve walked in our shoes.”

This is the Administration that appears to have just fired a guy for revealing that the bankster threat is growing while the terrorist threat is diminishing, claiming they had to hold a teleconference with TV commentators just before prime time to make sure Americans regarded a Saudi-managed plot as a real threat.

Vietor’s in trouble. Presumably on his advice, the White House was prepping a big roll out of UndieBomb 2.0 the day after this call with Townsend and Clarke. Clearly, by going ahead with the teleconference, he was trying to get maximum spin value out of the plot, after the AP had broken it. Indeed, the detail that led Clarke to learn the “plot” was really a sting–that we (or our buddies the Saudis) were in control the whole time–is precisely the same spin that Brennan’s sanctioned leaks have pushed in the Kill List and StuxNet stories.

But for a variety of reasons, it has become politically costly to admit the White House had planned to spin this. And so, Tommy Vietor keeps trying to tell new stories, hoping one will hold together.

Read more

Dan Coats’ Hypocritical Lobbying: Floorplans, Not Cars

/9 Comments/in /by

Eric Kleefield uncovers a heap of hypocrisy in IN Senate candidate Dan Coats’ lobbying record, but he misunderstands what it means.

Former Sen. Dan Coats (R-IN) is running for his old Senate seat, apparently on a platform of opposing government takeover of the private sector. But as it turns out, in 2008 he lobbied the Senate on the TARP bill, on behalf of none other than Chrysler’s parent company.

The NBC affiliate in South Bend quoted Coats early this week, explaining why he was returning to politics. “Well, nobody anticipated that government’s going to try to run auto companies, bank insurance companies, take over the private sector,” said Coats.

However, according to a federal lobbying report for the third quarter of 2008, Coats served as a lobbyist on behalf of Cerberus Capital Management, the firm that owned a majority share in Chrysler.

[snip]

Coats’s campaign press secretary Pete Seat says that despite what the lobbying filings show, Coats did not seek bailout help for Chrysler. “Dan Coats never lobbied on behalf of Chrysler in pursuing federal assistance. Anything to the contrary is false and pure politics,” Seat told us.

Instead, Seat says, Coats was lobbying for “small business” loan guarantees. Seat says: “Dan’s only related work was on behalf of small businesses – the very lifeblood of our economy – to ensure they could raise the capital needed to increase production, inventory and add jobs. Dan Coats did more for job growth in the third quarter of 2008 than Democrats did in all of 2009.”

Kleefield spends some time talking about Cerberus’ stake in Chrysler, the car company. But he seems unaware of what Cerberus’ big interest was: Chrysler Financial and GMAC–and of what the phrase “small business loan guarantees” means in the auto business.

Cerberus, after all, was really never that interested in the car business, notwithstanding that little Chrysler millstone it had around its neck. Rather, in the years leading up to 2008’s crash, Cerberus was making a big play for finance companies–Chrysler Financial and GMAC. And certainly in 2008, when the auto business was going south, it hoped that it would be able to become the big auto finance company.

And the GOP-wired company in fact did manage to get into the TARP world by managing to turn GMAC into a bank holding company (though it had to give up much of its 51% stake in the company to do so). Read more