Posts

CYBERCOM versus NSA: On Fighting Isis or Spying on Them

/6 Comments/in /by

I keep thinking back to this story, in which people in the immediate vicinity of Ash Carter and James Clapper told Ellen Nakashima that they had wanted to fire Admiral Mike Rogers, the dual hatted head of CyberCommand and NSA, in October. The sexy reason given for firing Rogers — one apparently driven by Clapper — is that NSA continued to leak critical documents after Rogers was brought in in the wake of the Snowden leaks.

But further down in the story, a description of why Carter wanted him fired appears. Carter’s angry because Rogers’ offensive hackers had not, up until around the period he recommended to Obama Rogers be fired, succeeded in sabotaging ISIS’ networks.

Rogers has not impressed Carter with his handling of U.S. Cyber Command’s cyberoffensive against the Islamic State. Over the past year or so, the command’s operations against the terrorist group’s networks in Syria and Iraq have not borne much fruit, officials said. In the past month, military hackers have been successful at disrupting some Islamic State networks, but it was the first time they had done that, the officials said.

Nakashima presents this in the context of the decision to split CYBERCOM from NSA and — click through to read that part further down in the piece — with Rogers’ decision to merge NSA’s Information Assurance Directorate (its defensive wing) with the offensive spying unit.

The expectation had been that Rogers would be replaced before the Nov. 8 election, but as part of an announcement about the change in leadership structure at the NSA and Cyber Command, a second administration official said.

“It was going to be part of a full package,” the official said. “The idea was not for any kind of public firing.” In any case, Rogers’s term at the NSA and Cyber Command is due to end in the spring, officials said.

The president would then appoint an acting NSA director, enabling his successor to nominate their own person. But a key lawmaker, Sen. John McCain (R-Ariz.), the chairman of the Senate Armed Services Committee, threatened to block any such nominee if the White House proceeded with the plan to split the leadership at the NSA and Cyber Command.

I was always in favor of splitting these entities — CYBERCOM, NSA, and IAD — into three, because I believed that was one of the only ways we’d get a robust defense. Until then, everything will be subordinated to offensive interests. But Nakashima’s article focuses on the other split, CYBERCOM and NSA, describing them as fundamentally different missions.

The rationale for splitting what is called the “dual-hat” arrangement is that the agencies’ missions are fundamentally different, that the nation’s cyberspies and military hackers should not be competing to use the same networks, and that the job of leading both organizations is too big for one person.

They are separate missions: CYBERCOM’s job is to sabotage things, NSA’s job is to collect information. That is made clear by the example that apparently irks Carter: CYBERCOM wasn’t sabotaging ISIS like he wanted.

It is not explicit here, but the suggestion is that CYBERCOM was not sabotaging ISIS because someone decided it was more important to collect information on it. That sounds like an innocent enough trade-off until you consider CIA’s prioritization for overthrowing Assad over eliminating ISIS, and its long willingness to overlook that its trained fighters were fighting with al Qaeda and sometimes even ISIS. Add in DOD’s abject failure at training their own rebels, such that the job reverted to CIA along with all the questionably loyalties in that agency.

There was a similar debate way back in 2010, when NSA and CIA and GCHQ were fighting about what to do with Inspire magazine: sabotage it (DOD’s preference, based on the understanding it might get people killed), tamper with it (GCHQ’s cupcake recipe), or use it to information gather (almost certainly with the help of NSA, tracking the metadata associated with the magazine). At the time, that was a relatively minor turf battle (though perhaps hinting at a bigger betrayed by DOD’s inability to kill Anwar al-Alwaki and CIA’s subsequent success as soon as it had built its own drone targeting base in Saudi Arabia).

This one, however, is bigger. Syria is a clusterfuck, and different people in different corners of the government have different priorities about whether Assad needs to go before we can get rid of ISIS. McCain is clearly on the side of ousting Assad, which may be another reason — beyond just turf battles — why he opposed the CYBERCOM/NSA split.

Add in the quickness with which Devin Nunes, Donald Trump transition team member, accused Nakashima’s sources of leaking classified information. The stuff about Rogers probably wasn’t classified (in any case, Carter and Clapper would have been the original classification authorities on that information). But the fact that we only just moved from collecting intelligence on ISIS to sabotaging them likely is.

CYBERCOM and NSA do have potentially conflicting missions. And it sounds like that was made abundantly clear as Rogers chose to prioritize intelligence gathering on ISIS over doing things that might help to kill them.

Trump Versus the [Dead-Ender] Spooks

/17 Comments/in /by

The big news from yesterday — aside from the blizzard of Mike Pence at Hamilton stories that drowned out news of Trump’s $25 million settlement for defrauding a bunch of Trump University students — is that NSA Director Mike Rogers had a meeting.

As the WaPo reported, Rogers met with Trump on Thursday morning without telling his bosses — Secretary of Defense Ash Carter and Director of National Intelligence James Clapper.

In a move apparently unprecedented for a military officer, Rogers, without notifying superiors, traveled to New York to meet with Trump on Thursday at Trump Tower. That caused consternation at senior levels of the administration, according to the officials, who spoke on the condition of anonymity to discuss internal personnel matters.

Actually, that’s not the lead of the story. This is:

The heads of the Pentagon and the nation’s intelligence community have recommended to President Obama that the director of the National Security Agency, Adm. Michael S. Rogers, be removed.

Which suggests that, in retaliation for having a meeting without their approval, people close to Carter and Clapper decided to reveal that they had been planning on firing Rogers, but simply haven’t gotten around to it.

The reason for firing Rogers is more obscure.

Carter has concerns with Rogers’s performance, officials said. The driving force for Clapper, meanwhile, was the separation of leadership roles at the NSA and U.S. Cyber Command, and his stance that the NSA should be headed by a civilian.

[snip]

Rogers was charged with making sure another insider breach never happened again.

Instead, in the past year and a half, officials have discovered two major compromises of sensitive hacking tools by personnel working at the NSA’s premier hacking unit: the Tailored Access Operations. One involved a Booz Allen Hamilton contractor, Harold T. Martin III, who is accused of carrying out the largest theft of classified government material. Although some of his activity took place before Rogers arrived and at other agencies, some of it — including the breach of some of the most sensitive tools — continued on Rogers’s watch, the officials said.

[snip]

But there was a second, previously undisclosed breach of cybertools, discovered in the summer of 2015, which was also carried out by a TAO employee, one official said. That individual also has been arrested, but his case has not been made public. The individual is not believed to have shared the material with another country, the official said.

Rogers was put on notice by his two bosses — Clapper and Carter — that he had to get control of internal security and improve his leadership style. There have been persistent complaints from NSA personnel that Rogers is aloof, frequently absent and does not listen to staff input.

The NYT version of this story makes it sound like Rogers was supposed to be relieved of duty when the CYBERCOM/NSA split was announced but that got delayed because John McCain complained.

But the WaPo’s sources piled on, blaming Rogers for the Martin theft that started even before his tenure, another still unrevealed one, and (later in the article) for another hack during his tenure as head of the Navy’s CyberCommand.

Which has Devin Nunes — ostensibly in his role as House Intelligence Chair, and not his role on Trump’s transition team — calling an immediate hearing (perhaps before Obama can fire Rogers?).

Ostensibly, this is a hearing scheduling meeting.

Accordingly, I will convene an open-session hearing at the earliest possible opportunity so the
Committee may understand the veracity of the Post article and fully understand the impact of the
proposed separation of NSA and USCYBERCOM on the IC. Please provide, no later than November
21, 2016, at 5:00pm, a list of dates and times you are available to appear before the Committee between
now and the end of December 2016.

Of course, usually such discussions take place between aides. But by including that language in his letter, Nunes invented an opportunity to issue an implicit threat — that something in the WaPo story (perhaps the detail that another person had been arrested for stealing TAO files) remained classified.

I am also concerned that the article may contain unauthorized disclosures of classified
information.

And to provide a vote of confidence for Rogers.

Since Admiral Rogers was appointed as NSA Director in April 2014, I have been consistently
impressed with his leadership and accomplishments. His professionalism, expertise, and deckplate
leadership have been remarkable during an extremely challenging period for NSA. I know other
members of Congress hold him in similarly high esteem.
Given the Committee’s constitutional responsibility to conduct oversight of the Intelligence
Community (IC), I am asking you to provide a full explanation of the allegations contained in the Post
article.

Nunes went on to demand briefing on the planned split (he is supposed to be on the opposite side as McCain, hoping for CYBERCOM to remain under DOD and the House Armed Service Committee, but NSA to become entirely a House Intelligence Committee issue, but I wonder whether Trump has something else entirely in mind).

Consider: A big part of this presidential campaign involved weekly leaks about an FBI investigation into a national security issue (Hillary’s potential mishandling of classified information). All through that, Nunes was at best silent, if not a willing participant. But here he is insinuating that the WaPo leak (presumably from two Original Classification Authorities) was improper?

And consider this detail: Trump has already picked Mike Flynn to be his National Security Adviser, whom Clapper and Mike Vickers got fired in 2014. The Thursday meeting between Rogers and Trump was reportedly a meeting about whether Rogers should become Director of National Intelligence. Yesterday, Trump interviewed General James Mattis to be Secretary of Defense; Obama fired Mattis from CENTCOM in 2013 for opposition to Obama’s Iran deal. There are also rumors that Trump is considering Stanley McChrystal for some role.

In other words, Trump seems to be going out of his way to select military officers who have a grudge against the Obama Administration (which goes along perfectly with his policy of hiring people like Jared Kushner and Jeff Sessions, white men who harbor grudges against some past perceived wrong).

But if Trump creates a NatSec team entirely of generals who’ve been fired for cause or dissent, what will that do for a Commander in Chief’s ability to assert civilian control by firing generals going forward? What kind of incentive will that give top officers to intervene in the political process?

Stay tuned.

The Purge, the Benghazi Report, and Trump’s Claim Obama Created ISIS

/18 Comments/in , /by

Please consider a donation to support this work — we’ve got a long haul ahead 

When I learned yesterday that, in addition to “purging” Mike Rogers, Trump had added Devin Nunes and Crazy Pete Hoekstra to his transition team (thus replacing Rogers with both his predecessor and successor as House Intelligence Chair), I wondered whether the Benghazi report had something to do with the exchange. As I noted when the House Intelligence Committee’s report came out, Nunes repeatedly asked questions that Rogers cut short.

The NYT confirms that that is, indeed, one of the reasons Rogers got purged.

One member of the transition team said that at least one reason Mr. Rogers had fallen out of favor among Mr. Trump’s advisers was that, as chairman of the House Intelligence Committee, he had overseen a report about the 2012 attacks on the American diplomatic compound in Benghazi, Libya, which concluded that the Obama administration had not intentionally misled the public about the events there. That report echoed the findings of numerous other government investigations into the episode.

The report’s conclusions were at odds with the campaign position of Mr. Trump, who repeatedly blamed Hillary Clinton, his Democratic opponent and the secretary of state during the attacks, for the resulting deaths of four Americans.

In point of fact, the Additional Views that Rogers released with three other Republicans on the committee (but not Nunes) did find,

Senior U.S. officials perpetuated an inaccurate story that matched the Administration’s misguided view that the United States was nearing victory over al-Qa’ida.

The Additional Views also blamed State for ignoring safety concerns in Benghazi.

So that may not be the key difference between Rogers and Trump with regards to the Benghazi report.

Instead, consider what the report did not say about CIA’s facilitation of Saudi, Qatari, and Turkish arms transfers to Syria during this period — and Nunes’ attempts to push this issue further.

The report concludes that, “The CIA was not collecting and shipping arms from Libya to Syria.” It then explains how it proved this, noting that all witnesses (it sourced its reports only to security personnel and the Benghazi base chief, not the officers at the Annex) said they had not seen any non-CIA weapons at the Annex. But then it said:

From the Annex in Benghazi, the CIA was collecting intelligence about foreign entities that were themselves collecting weapons in Libya and facilitating their passage to Syria.

Here’s what the transcript of the committee’s interview with Mike Morell and the other intel bosses actually shows (page 15):

Mr. [Devin] Nunes: Are we aware of any arms that are leaving that area and going into Syria?

Mr. Morell: Yes, sir.

Mr. Nunes: And who is coordinating that?

Mr. Morell: I believe largely the [redacted–right length for Saudis] are coordinating that.

Mr. Nunes: They are leaving Benghazi ports and going to Syria?

Mr. Morell: I don’t know how they are getting the weapons from Libya to Syria. But there are weapons going from Libya to Syria. And there are probably a number of actors involved in that. One of the biggest are the [redacted–could be Qataris]

Mr. Nunes: And were the CIA folks that were there, were they helping to coordinate that, or were they watching it, were they gathering information about it?

Mr. Morell: Sir, the focus of my officers in Benghazi was [redacted], to try to penetrate the terrorist groups that were there so we could learn their plans, intentions and capabilities

Mike Rogers then interrupts because not everyone in the room is cleared to hear about what the CIA was doing in Benghazi. (Note, Fox’s Catherine Herridge also covered this here.)

Four months later, in a follow-up interview of Morell (file one, file two, at the break), Nunes picked up that line of questioning again. Having gotten Morell to state that there were weapons for security folks at the annex, he tries to clarify that none of these were being sent on. Mike Rogers again interrupts to offer “clarification,” though it becomes clear that on at least one occasion the CIA facility was used to transfer weapons.

The Chairman: There may be an exception, but that was not the rule.

So at the very least CIA was watching its allies send weapons from Libya to Syria, which given the clusterfuck in Syria — most notably the possibility that these weapons are now in the hands of ISIL — may be one reason to moderate the report.

That is, the interviews behind the report include clear evidence that the CIA was watching our allies run arms to Syria (and note, even there, Morell stopped short of saying the CIA wasn’t directly involved). Evidence that Nunes had a particular interest in pursuing.

Now consider a pair of rather famous DIA reports — reports done at a time that Trump advisor Mike Flynn was running the agency — on how the US ended up on the same side as al Qaeda in Syria.

What did the CIA know and when did they know it?

That’s the real question that ought to be raised by a recently declassified Defense Intelligence Agency (DIA) report, obtained by Judicial Watch in a Freedom of Information Act lawsuit. The August 2012 document describes how the U.S. ended up on the same general side in the Syrian Civil War as Al Qaeda in Iraq, the predecessor to ISIS. “AQI supported the Syrian opposition from the beginning,” the report explained. Meanwhile, “[w]estern countries, the Gulf states, and Turkey are supporting” rebel efforts against the Assad regime in a proxy war, putting them on the same side as, if not working together with, the terrorists now overrunning Iraq.

Some outlets have concluded that this means “the West intentionally sponsored violent Islamist groups to destabilize Assad.”

But as Juan Cole counters, the report that western powers supported rebels “doesn’t say that the US created sectarian groups and it does not say that the US favors al-Qaeda in Syria or the so-called ‘Islamic State of Iraq.’” Cole continues, “It says that those powers (e.g. Turkey and the Gulf monarchies) supporting the opposition wanted to see the declaration of a Salafi (hard line Sunni) breakaway statelet, in order to put pressure on the al-Assad regime.”

In a nutshell, Cole argues that the U.S. didn’t support Al-Qaeda in Syria directly. But its allies certainly did.

Two months after the report laying out AQI support for the rebels — another of the documents obtained by Judicial Watch shows — the DIA provided a detailed description of how weapons got shipped from Benghazi to Syria, presumably for rebel groups. “During the immediate aftermath of, and following the uncertainty caused by, the downfall of the [Qaddafi] regime in October 2011 and up until early September of 2012,” the report explained, “weapons from the former Libya military stockpiles located in Benghazi, Libya were shipped from the port of Benghazi, Libya, to the ports of Banias and the Port of Borj Islam, Syria.”

The report obtained by Judicial Watch says that the weapons shipments ended in “early September of 2012.” But note what event this second report conspicuously does not mention: The Sept. 11 attack on the State Department and CIA facilities in Benghazi at the same time that the flow of weapons stopped.

By all appearances, the Benghazi attack interrupted a CIA effort to arm the rebels in Syria that the US government acknowledged were allied with al Qaeda.

That’s what the Rogers-directed HPSCI report did not include.

Just as importantly, this fits in with what Flynn has said during the campaign [RT link intentional]. which is where Trump got the claim that Obama (and Hillary) “created” ISIS.

In addition, recall that in Flynn’s wake, DIA whistleblowers revealed that their more pessimistic take on ISIS was getting softened before it got to CentCom bosses.

Two senior analysts at CENTCOM signed a written complaint sent to the Defense Department inspector general in July alleging that the reports, some of which were briefed to President Obama, portrayed the terror groups as weaker than the analysts believe they are. The reports were changed by CENTCOM higher-ups to adhere to the administration’s public line that the U.S. is winning the battle against ISIS and al Nusra, al Qaeda’s branch in Syria, the analysts claim.

That complaint was supported by 50 other analysts, some of whom have complained about politicizing of intelligence reports for months. That’s according to 11 individuals who are knowledgeable about the details of the report and who spoke to The Daily Beast on condition of anonymity.

You can see where this is going. One of the first things Trump has done has been to ensure agreement in its national security team on this point: that by letting our Middle Eastern allies arm al Qaeda-allied fighters, the Obama Administration created the mess that is in Syria.

And unanimity on that point — accompanied by what is sure to be a very ugly campaign of recriminations against the Obama Administration for cooking intelligence (even aside from the merit of this claim, Flynn has been bitter about his firing for what he sees as objecting to this cooked intelligence) — will provide the basis for Trump to work with Putin on ending the civil war in Syria to Bashar al-Assad’s advantage.

Why Is HPSCI’s Snowden Report So Inexcusably Shitty?

/11 Comments/in , /by

There’s now a growing list of things in the HPSCI report on Snowden that are either factually wrong, misleading, or spin.

One part of the spin the report admits itself: the committee assessed damage based on the 1.5 million documents Snowden touched — an approach the now discredited General Michael Flynn presented in briefings to the committee — rather than the far more limited set the Intelligence Community included in its damage assessment.

Over the past three years, the IC and the Department of Defense (DOD) have carried out separate reviews with differing methodologies of the damage Snowden caused. Out of an abundance of caution, DOD reviewed all 1.5 million documents Snowden removed. The IC, by contrast, has carried out a damage assessment for only a small subset of the documents. The Committee is concerned that the IC does not plan to assess the damage of the vast majority of documents Snowden removed.

Clearly, the IC wants a real assessment of the damage Snowden caused. HPSCI, however, appears to be interested in the most damning, which makes sense given that members of Congress actively solicited information they could use to damage Snowden.

Here are other problems with the report.

From Bart Gellman’s rebuttal:

  • HPSCI claimed the “bilateral tibial stress fractures” that led to Snowden’s discharge were “shin splints.”
  • HPSCI claimed he never got a GED. According to official Maryland records, Snowden got his equivalent degree on June 2, 2004.
  • HPSCI claimed Snowden was a computer technician at CIA. At the end he served as a “solutions referent/cyber referent” working on cyber contracts.
  • HPSCI claimed Snowden’s effort to show a security hole in CIA’s human resources intranet was an effort to doctor his performance evaluations.

From me:

HPSCI claimed Snowden failed the Section 702 training. According to an email from the SIGINT Compliance Chief, Snowden did pass it (the Chief had not checked whether or not Snowden had really failed it).“He said he had failed it multiple times (I’d have to check with ADET on that). He did pass the course at some point.”

The claim Snowden didn’t pass the test stems from an email written a year after an exchange between him and a Compliance training person. The training person wrote the email in direct response to Snowden’s claims that he had “contacted N.S.A. oversight and compliance bodies.” While it may be true Snowden failed the test before he passed it, there are enough irregularities with the email claim and related story it should not be credited without backup. When we asked NSA for specific answers about that email in conjunction with this story, they flipped out and went nuclear and preemptively released all the emails rather than provide the very easy answers to validate the email story.

From Patrick Eddington:

HPSCI claimed Snowden could have reported complaints to the committee, but HPSCI killed an effort to extend whistleblower protections to intelligence contractors in 2012.

Eddington and Steven Aftergood both suggest the shitty HPSCI report is good reason to embrace a set of reforms to improve HPSCI oversight.

But depending on the reason for the utter shittiness of the report, I think it might just warrant shutting the entire committee down and devolving oversight to real committees, like Judiciary, Homeland Security, and Armed Services. Remember, every single member of the committee, Democrat or Republican, signed this report. Every single one. For some reason, even fairly smart people like Adam Schiff and Jackie Speier signed off on something with inexcusable errors.

So I wanted to point to this passage on methodology.

The Committee’s review was careful not to disturb any criminal investigation or future prosecution of Snowden, who has remained in Russia since he fled there on June 23, 2013. Accordingly, the Committee did not interview individuals whom the Department of Justice identified as possible witnesses at Snowden’s trial, including Snowden himself, nor did the Committee request any matters that may have occurred before a grand jury. Instead, the IC provided the Committee with access to other individuals who possessed substantively similar knowledge as the possible witnesses. Similarly, rather than interview Snowden’s NSA coworkers and supervisors directly, Committee staff interviewed IC personnel who had reviewed reports of interviews with Snowden’s co-workers and supervisors.

So for this inexcusably shitty report, HPSCI did not interview:

  • Direct witnesses (presumably including the Compliance training woman whose email on 702 training is dodgy and probably also Booz and Dell contractors who might risk losing contracts)
  • Snowden’s co-workers
  • Snowden’s supervisors

They did interview:

  • People who possessed “substantively similar knowledge” as the people DOJ think might be witnesses at trial
  • People who reviewed reports of interviews with Snowden’s co-workers and supervisors

HPSCI spent two years but didn’t interview any of the direct witnesses.

Now, as a threshold matter, the publicly released emails provide good reason to doubt the adequacy of this indirect reporting on Snowden’s colleagues. Here’s how the Chief of NSA’s CI Division backed the conclusion that Snowden never talked about concerns about NSA surveillance with his colleagues.

Our findings are that we have found no evidence in the interviews, email, or chats reviewed that support his claims. Some coworkers reported discussing the Constitution with Snowden, specifically his interpretation of the Constitution as black and white, and others reported discussing general privacy issues as it relates to the Internet. Not one mentioned that Snowden mentioned a specific NSA program that he had a problem with. Actually, many of the people interviewed affirmed that he never complained about any NSA program. We also did not have any reflection that he asked anyone how he should/could report perceived wrongdoing.

So colleagues — who would presumably be in great fear of association with Snowden, especially in interviews with NSA’s Counterintelligence people — nevertheless revealed that they discussed the Constitution (and Snowden’s black and white interpretation of it) and general privacy issues about the Internet. “Many” of the interviewees said he never complained about any NSA program, which raises questions about what those excluded from this “many” said.

But it appears that NSA’s CI investigators only considered mention of specific programs to be a complaint, not general discussions about privacy and the Constitution.

We should assume the interview reports back to HPSCI members and staffers were similarly scoped.

There’s another reason I’m interested in this methodology section. That’s the implication from Spencer Ackerman’s series on SSCI’s Torture Report that CIA successfully used the John Durham investigation to undermine the SSCI investigation.

In August 2009, US attorney general Eric Holder expanded the remit of the prosecutor looking at the tapes destruction, John Durham, to include the torture program, much as the Senate committee had. The justice department’s new mandate was not as broad as the Senate’s. It would only concern itself with torture that exceeded the boundaries set for the CIA by the Bush-era justice department. Still, for all of Obama’s emphasis on looking forward and not backward, now the CIA had to face its greatest fear since launching the torture program: possible prosecution.

Holder’s decision, ironically, would ultimately hinder the committee more than the CIA, and lead to a criticism that the agency would later use as a cudgel against the Senate.

Typically, when the justice department and congressional inquiries coincide, the two will communicate in order to deconflict their tasks and their access. In the case of the dual torture investigations, it should have been easy: Durham’s team accessed CIA documents in the exact same building that Jones’s team did.

But every effort Jones made to talk with Durham failed. “Even later, he refused to meet with us,” Jones said.

Through a spokesman, Durham, an assistant US attorney in Connecticut, declined to be interviewed for this story.

The lack of communication had serious consequences. Without Durham specifying who at CIA he did and did not need to interview, Jones could interview no one, as the CIA would not make available for congressional interview people potentially subject to criminal penalty. Jones could not even get Durham to confirm which agency officials prosecutors had no interest in interviewing. “Regrettably, that made it difficult for our committee to do interviews. So the judgment was, use the record,” said Wyden, the Oregon Democrat on the panel.

[snip]

The CIA stopped compiling the Panetta Review in 2010 after Durham told Preston that CIA risked complicating any prosecution if it “made different judgments than the prosecutors had reached”, Charlie Savage reported in his 2015 book Power Wars.

Not only did CIA’s General Counsel Stephen Preston (who later served as DOD General Counsel from October 2013 until June 2015) use the Durham investigation to halt the CIA’s own internal investigation into the worthlessness of their torture, but it served as the excuse to withhold cooperation from SSCI. That, in turn, gave Republicans an excuse to disavow the report.

With the HPSCI report, an FBI investigation has again been used as an excuse to limit congressional oversight.

HPSCI’s failure to interview any of the relevant people directly is all the weirder given that there should be no problem for a witness to appear before both the grand jury and the committee. Certainly, House Oversight had no problem interviewing some of the subjects of the Hillary email investigation! And unlike the email investigation, with the Snowden one, few if any of the people who might serve as witnesses at any Snowden trial would be subjects of the investigation; they’d have no legal risk in also testifying to the committee. Snowden is the one at legal risk, and he has already been charged. And curiously, we’re hearing no squawking from Republicans about the necessity of direct interviews for the integrity of an investigation, like we heard with the Senate Torture Report.

One thing is certain: the public is owed an explanation for how HPSCI came to report knowably false information. The public is owed an explanation for why HPSCI is effectively serving as NSA’s propaganda wing.

And if we don’t get one, we should shut down the entire charade of post-Church Committee oversight committee.

HPSCI: We Must Spy Like Snowden To Prevent Another Snowden

/10 Comments/in , /by

I was going to write about this funny part of the HPSCI report anyway, but it makes a nice follow-up to my post on Snowden and cosmopolitanism, on the importance of upholding American values to keeping the servants of hegemon working to serve it.

As part of its attack on Edward Snowden released yesterday, the House Intelligence Committee accused Snowden of attacking his colleagues’ privacy.

To gather the files he took with him when he left the country for Hong Kong, Snowden infringed on the privacy of thousands of government employees and contractors. He obtained his colleagues’ security credentials through misleading means, abused his access as a systems administrator to search his co-workers’ personal drives, and removed the personally identifiable information of thousands of IC employees and contractors.

I have no doubt that many — most, perhaps — of Snowden’s colleagues feel like he violated their privacy, especially as their identities are now in the possession of a number of journalists. So I don’t make light of that, or the earnestness with which HPSCI’s sources presumably made this complaint (though IC employee privacy is one of the things all journalists who have reported these stories have redacted, to the best of my knowledge).

But it’s a funny claim for several reasons. Even ignoring that what the NSA does day in and day out is search people’s personal communications (including millions of innocent people), this kind of broad access is the definition of a SysAdmin.

HPSCI apparently never had a problem with techs getting direct access to our dragnet metadata, as they had and (now working in pairs) still have, for those of us two degrees away from a suspect.

Plus, HPSCI has never done anything publicly to help the 21 million clearance holders whose PII China now holds. Is it possible they’re more angry at Snowden than they are at China’s hackers, who have more ill-intent than Snowden?

But here’s the other reason this complaint is laugh-out-loud funny. HPSCI closes its report this way:

Finally, the Committee remains concerned that more than three years after the start of the unauthorized disclosures, NSA and the IC as a whole, have not done enough to minimize the risk of another massive unauthorized disclosure. Although it is impossible to reduce the change of another Snowden to zero, more work can and should be done to improve the security of the people and the computer networks that keep America’s most closely held secrets. For instance, a recent DOD Inspector General report directed by the Committee had yet to effectively implement its post-Snowden security improvements. The Committee has taken actions to improve IC information security in the Intelligence Authorization Acts for Fiscal Years 2014, 2015, 2016, and 2017, and looks forward to working with the IC to continue to improve security.

First, that timeline — showing an effort to improve network security in each year following the Snowden leaks — is completely disingenuous. It neglects to mention that the Intel Committees have actually been trying for longer than that. In the wake of the Manning leaks, it became clear that DOD’s networks were sieve-like. Congress tried to require network monitoring in the 2012 Intelligence Authorization. But the Administration responded by insisting 2013 — 3 years after Manning’s leaks — was too soon to plug all the holes in DOD’s networks. One reason Snowden succeeded in downloading all those files is because the network monitoring hadn’t been rolled out in Hawaii yet.

So HPSCI is trying to pretend Intel Committee past efforts didn’t actually precede Snowden by several years, but those efforts failed to stop Snowden.

The other reason I find this paragraph — which appears just four paragraphs after it attacks Snowden for the invasion of his colleagues’ privacy — so funny is that in the 2014 Intelligence Authorization (that is, the first one after the Snowden leaks), HPSCI codified an insider threat program, requiring the Director of National Intelligence to,

ensure that the background of each employee or officer of an element of the intelligence community, each contractor to an element of the intelligence community, and each individual employee of such a contractor who has been determined to be eligible for access to classified information is monitored on a continual basis under standards developed by the Director, including with respect to the frequency of evaluation, during the period of eligibility of such employee or officer of an element of the intelligence community, such contractor, or such individual employee to such a contractor to determine whether such employee or officer of an element of the intelligence community, such contractor, and such individual employee of such a contractor continues to meet the requirements for eligibility for access to classified information;

This insider threat program searches IC employees hard drives (one of Snowden’s sins).

Then, the following year, HPSCI got even more serious, mandating that the Director of National Intelligence look into credit reports, commercially available data, and social media accounts to hunt down insider threats, including by watching for changes in ideology like those Snowden exhibited, developing an outspoken concern about the Fourth Amendment.

I mean, on one hand, this isn’t funny at all — and I imagine that Snowden’s former colleagues blame him that they have gone from having almost no privacy as cleared employees to having none. This is what people like Carrie Cordero mean when they regret the loss of trust at the agency.

But as I have pointed out in the past, if someone like Snowden — who at least claims to have had good intentions — can walk away with the crown jewels, we should presume some much more malicious and/or greedy people have as well.

But here’s the thing: you cannot, as Cordero does, say that the “foreign intelligence collection activities [are] done with detailed oversight and lots of accountability” if it is, at the same time, possible for a SysAdmin to walk away with the family jewels, including raw data on targets. If Snowden could take all this data, then so can someone maliciously spying on Americans — it’s just that that person wouldn’t go to the press to report on it and so it can continue unabated. In fact, in addition to rolling out more whistleblower protections in the wake of Snowden, NSA has made some necessary changes (such as not permitting individual techs to have unaudited access to raw data anymore, which appears to have been used, at times, as a workaround for data access limits under FISA), even while ratcheting up the insider threat program that will, as Cordero suggested, chill certain useful activities. One might ask why the IC moved so quickly to insider threat programs rather than just implementing sound technical controls.

The Intelligence world has gotten itself into a pickle, at once demanding that a great deal of information be shared broadly, while trying to hide what information that includes, even from American citizens. It aspires to be at once an enormous fire hose and a leak-proof faucet. That is the inherent impossibility of letting the secret world grow so far beyond management — trying to make a fire hose leak proof.

Some people in the IC get that — I believe this is one of the reasons James Clapper has pushed to rein in classification, for example.

But HPSCI, the folks overseeing the fire hose? They don’t appear to realize that they’re trying to replicate and expand Snowden’s privacy violations, even as they condemn them.

If Snowden Doesn’t Know Privacy Protections of 702, That’s a Problem with NSA Training

/5 Comments/in /by

The House Intelligence Committee just released a report — ostensibly done to insist President Obama not pardon Snowden — that is instead surely designed as a rebuttal to the Snowden movie coming out in general release tomorrow. Why HPSCI sees it as their job to refute Hollywood I don’t know, especially since they didn’t make the same effort when Zero Dark Thirty came out, which suggests they are serving as handmaidens of the Intelligence Community, not an oversight committee.

There will be lots of debates about the validity of the report. In some ways, HPSCI admits they’re being as inflammatory as possible, as when they note that the IC only did a damage assessment of what they think Snowden took, whereas DOD did a damage assessment of every single thing he touched. HPSCI’s claims are all based on the latter.

There are things that HPSCI apparently doesn’t realize makes them and the IC look bad — not Snowden — such as the claim that he never obtained a high school equivalent degree; apparently people can just fake basic credentials and the CIA and NSA are incapable of identifying that. The report even admits a previously unknown contact between Snowden and CIA’s IG, regarding the training of IT specialists. BREAKING: Snowden did try to report something through an official channel!

It concerns me the “Intelligence Committee” can’t distinguish between details that help and hurt their case.

Meanwhile, Snowden has a bunch of rebuttals here, which extends the game of he says they say, but doesn’t help clarity much.

On one issue, however, I’m particularly concerned: with the HPSCI claim that Snowden may not understand the privacy impact of the programs he leaked because he failed Section 702 training:

It is also not clear Snowden understood the numerous privacy protections that govern the activities of the IC. He failed basic annual training for NSA employees on Section 702 of the Foreign Intelligence Surveillance Act (FISA) and complained the training was rigged to be overly difficult. This training included explanations of the privacy protections related to the PRISM program that Snowden would later disclose.

There are several implications about this allegation. First, the passage suggests that Snowden never passed 702 training. But he did. The Chief of the SIGINT Compliance Division said this in an email written on the low side (and as such, probably written with knowledge it would be released publicly). “He said he had failed it multiple times (I’d have to check with ADET on that). He did pass the course at some point.” Even in the middle of a big to-do over this training, the NSA knew one thing for certain: Snowden did pass the test (even if they weren’t sure whether he had really failed it).

The passage also suggests the training program was really basic. But a Lieutenant Colonel who clearly worked with a lot of 702 analysts at some point had this to say about it: “It is not a gentleman’s course; *I* failed it once, the first time I had to renew.”

The passage also suggests that the training was worthwhile. Except days before the conflict, NSA’s IG reissued an IG Report that revealed problems with this and related training — including that NSA still had outdated materials pertaining to the Protect America Act available as the “current” standard operating procedures available online.

There’s evidence the NSA’s training materials and courses at the time had significant errors. A revised Inspector General report on Section 702 of FISA, reissued just days before Snowden returned to Maryland for training on the program in 2013, found that the Standard Operating Procedures (SOPs) posted on the NSA’s internal website, purportedly telling analysts how to operate under the FISA Amendments Act passed in 2008, actually referenced a temporary law passed a year earlier, the Protect America Act.

“It is unclear whether some of the guidance is current,” the report stated, “because it refers only to the PAA,” a law that had expired years before. A key difference between the two laws pertains to whether the NSA can wiretap an American overseas under EO 12333 with approval from the attorney general rather than a judge in a FISA Court. If the SOPs remained on the website when Snowden was training, it would present a clear case in which NSA guidance permitted actions under EO 12333 that were no longer permitted under the law that had been passed in 2008.

Similarly, a key FISA Amendments Act training course (not the one described in the face-to-face exchange, but another one that would become mandatory for analysts) didn’t explain “the reasonable belief standard,” which refers to how certain an analyst must be that their target was not an American or a foreigner in the US — a key theme of Snowden’s disclosures. While some work on both these problems had clearly been completed between the time of the report’s initial release and its reissue just days before Snowden showed up in Maryland, both these findings remained open and had been assigned revised target completion dates in the reissued report, suggesting the IG had not yet confirmed they had been fixed.

Perhaps most troubling, to me, is that HPSCI repeats as true a story that should not be treated as such by anyone — because the story has a number of problems, and the person who told it almost certainly didn’t write it down for a full year after it happened, and then, only in response to Snowden’s claims about the interaction. I don’t know whether she was telling the truth or Snowden (or, most likely, both were shading the truth), but given the circumstances of the evidence, neither one should be assumed to be credible. But this report treats it, perhaps unaware of the many problems and inconsistencies with the story, as credible.

Ultimately, though, if Snowden didn’t fully appreciate the privacy protections of PRISM, you can’t attribute that to the training program, because he took and passed it.

Remarkably, this dodgy claim is the only evidence HPSCI has to claim that Snowden didn’t understand the privacy implications of what he was looking at. I’m fully willing to admit that reporting (that is, second-hand from Snowden) has made errors. But if NSA’s overseers can’t assess Snowden’s public comments about the programs they allegedly oversee, then they’re not doing their job.

Unless their job extends only to running PR for the agencies they are supposed to oversee.

On Responsible Sourcing for DNC Hack Stories

/47 Comments/in , /by

For some reason Lawfare thinks it is interesting that the two Democratic members of the Gang of Four — who have apparently not figured out there’s a difference between the hack (allegedly done by Russia) and the dissemination (done by Wikileaks, which has different motivations) are calling for information on the DNC hack to be released.

The recent hack into the servers of the Democratic National Committee (DNC) and the subsequent release via WikiLeaks of a cache of 20,000 internal e-mails, demonstrated yet again the vulnerability of our institutions to cyber intrusion and exploitation.  In its timing, content, and manner of release, the email dissemination was clearly intended to undermine the Democratic Party and the presidential campaign of Secretary Hillary Clinton, and disrupt the Democratic Party’s convention in Philadelphia.

[snip]

Specifically, we ask that the Administration consider declassifying and releasing, subject to redactions to protect sources and methods, any Intelligence Community assessments regarding the incident, including any that might illuminate potential Russian motivations for what would be an unprecedented interference in a U.S. Presidential race, and why President Putin could potentially feel compelled to authorize such an operation, given the high likelihood of eventual attribution.

For some equally bizarre reason, WaPo thinks Devin Nunes’ claim — in the same breath as he claims Donald Trump’s repeated calls on Russia to release Hillary’s email were sarcastic — that there is “no evidence, absolutely no evidence” that Russia hacked the DNC to influence the election is credible.

Rep. Devin Nunes (R-Calif.), the chairman of the House Intelligence Committee, told The Washington Post in an interview Wednesday that speculation about Russian attempts to sway the presidential election is unfounded.

“There is no evidence, absolutely no evidence, that the Russians are trying to influence the U.S. election,” Nunes said, repeatedly swatting away the suggestion made by some Democrats that the Russians may be using their intelligence and hacking capabilities to boost Donald Trump’s chances.

“There is evidence that the Russians are actively trying to hack into the United States — but it’s not only the Russians doing that. The Russians and the Chinese have been all over our networks for many years.”

These are two obvious (because they’re on the record) examples of partisans using their access to classified information to try to boost or refute a narrative that the Hillary Clinton campaign has explicitly adopted: focusing on the alleged Russian source of the hack rather on the content of the things the hack shows.

Kudos to Richard Burr, who is facing a surprisingly tough reelection campaign, for being the one Gang of Four member not to get involved in the partisan bullshit on this.

There are plenty of people with no known interest in either seeing a Trump or a Clinton presidency that have some measure of expertise on this issue (this is the rare moment, for example, when I’m welcoming the fact that FBI agents are sieves for inappropriate leaks). So no outlet should be posting something that obviously primarily serves the narrative one or the other candidate wants to adopt on the DNC hack without a giant sign saying “look at what partisans have been instructed to say by the campaign.” That’s all the more true for positions, like the Gang of Four, that we’d prefer to be as little politicized as possible. Please don’t encourage those people to use their positions to serve a partisan narrative, I beg of you!

For the same reason I’m peeved that Harry Reid suggested the Intelligence Community give Trump fake intelligence briefings. Haven’t we learned our lesson about politicizing intelligence?

More generally, I think journalists should be especially careful at this point to make it clear whether their anonymous sources have a partisan dog in this fight, because zero of those people should be considered to be unbiased when they make claims about the DNC hack.

A very special case of that comes in stories like this, where Neocon ideologue Eliot Cohen, identified as Bush appointee, is quoted attacking Trump for suggesting Russia should leak anymore emails.

But now Republican-aligned foreign policy experts are also weighing in along similar lines.

“It’s appalling,” Dr. Eliot A. Cohen, who was counselor of the State Department during the second term of George W. Bush’s presidency, said to me today. “Calling on a foreign government to go after your opponent in an American election?”

Cohen recently organized an open letter from a range of GOP national security leaders that denounced Trump in harsh terms, arguing that Trump’s “own statements” indicate that “he would use the authority of his office to act in ways that make America less safe, and which would diminish our standing in the world.” The letter said: “As committed and loyal Republicans, we are unable to support a Party ticket with Mr. Trump at its head. We commit ourselves to working energetically to prevent the election of someone so utterly unfitted to the office.”

But this latest from Trump, by pushing the envelope once again, raises the question of whether other prominent Republicans are ever going to join in.

For instance, to my knowledge, top national security advisers to George W. Bush, such as Stephen Hadley and Condoleezza Rice (who was also secretary of state), have yet to comment on anything we’ve heard thus far from Trump. Also, there could theoretically come a point where figures like former Defense Secretary Donald Rumsfeld and possibly even Dubya and George H.W. Bush feel compelled to weigh in.

Meanwhile, senior Republican elected officials who have backed Trump continue to refrain from taking on his comments forcefully or directly. Some Republicans actually defended Trump’s comments today. Paul Ryan’s spokesman issued a statement saying this: “Russia is a global menace led by a devious thug. Putin should stay out of this election.”

I feel differently about Trump’s asinine comment than I do about attribution of the attack. I’m all in favor of Hillary’s campaign attacking Trump for it, and frankly Cohen is a far more credible person to do so than Jake Sullivan and Leon Panetta, who also launched such attacks yesterday, because as far as I know Cohen has not mishandled classified information like the other two have.

But I would prefer if, rather than IDing Cohen as one of the Republicans who signed a letter opposing Trump, Greg Sargent had IDed him as someone who has also spoken affirmatively for Hillary.

On foreign policy, Hillary Clinton is far better: She believes in the old consensus and will take tough lines on China and, increasingly, Russia. She does not hesitate to make the case for human rights as a key part of our foreign policy. True, under pressure from her own left wing, she has backtracked on the Trans-Pacific Partnership, a set of trade deals that supports American interests by creating a counterbalance to China and American values by protecting workers’ rights. But she might edge back toward supporting it, once in.

Admittedly, this was at a time when Cohen and others still hoped some Mike Bloomberg like savior would offer them a third choice; that was before Bloomberg gave a very prominent speech endorsing Hillary last night.

Here’s the thing. The Neocons (led by Robert Kagan, who’s wife got named as a target of Russian aggression in the Feinstein-Schiff letter) are functioning as surrogates for Hillary just like top Democrats are. They are, just like Democrats are, now scrambling to turn their endorsements into both policy and personnel wins. Therefore we should no more trust the independence of a pro-Hillary Neocon — even if he did work for George Bush — than we would trust the many Democrats who have used their power to help Hillary win this election. Progressives should be very wary about the promises Hillary has made to get the growing number of Neocons (and people like Bloomberg) to so aggressively endorse her. Because those endorsements will come with payback, just like union or superdelegate endorsements do.

In any case, it’s hard enough to tease out attribution for two separate hacks and the subsequent publication of the hacked data by Wikileaks. Relying on obviously self-interested people as sources only further obscures the process.

Update: The Grammar Police actually nagged me to fix “whose/who’s” error in the Kagan sentence. Fun!

Why Tell the Israeli Spying Story Now?

/19 Comments/in , , /by

“Intelligence professionals have a saying: There are no friendly intelligence services,” the WSJ describes former House Intelligence Chair Mike Rogers saying, on the record. While there’s no way of telling — particularly not with WSJ’s described “more than two dozen current and former U.S. intelligence and administration officials” sources behind it’s blockbuster story on US spying on Bibi Netanyahu and other Israelis, Rogers is a likely candidate for some of the other statements attributed to “former US officials,” a moniker that can include agency officials, consultants, and members of Congress.

Which is awfully funny, given that two of the people squealing most loudly in response to the story are Rogers’ immediate predecessor, Crazy Pete Hoekstra, who called it a “Maybe unprecedented abuse of power,” and successor, Devin Nunes, who has already started an investigation into the allegations in the story.

It is the height of hypocrisy for these men, who have been privy to and by their silence have assented to this and, in Crazy Pete’s case, far worse patently illegal spying, to wail about a story that shows the Administration abiding by NSA minimization procedures they’ve both celebrated as more than adequate to protect US person privacy. If NSA’s minimization procedures are inadequate to protect US persons, the first thing Nunes should do is repeal FISA Amendments Act, which can expose far more people than the tailored, presumably EO 12333 tap placed on Bibi, not to mention OmniCISA, which can be targeted at Americans and will have even fewer protections for US persons.

The immediate attempt by a bunch of surveillance maximalists to turn compliant spying into a big scandal raises the question of why this story is coming out now, not incidentally just after Iran turned over its uranium stockpile over to Russia and in the process achieved another big step of the Iran deal.

I’m not in any way meaning to slight the WSJ reporting. Indeed, the story seems to show a breadth of sources that reflect a broad range of interests, and as such is not — as would otherwise be possible — Mike Rogers attempting to leak something to the WSJ so his fellow Republicans can make a stink about things.

This story includes “current and former U.S. officials” providing a list of leaders they claim were detasked from spying in 2014 — François Hollande, Angela Merkel, and other NATO leaders — and those they claim were not — along with Bibi Netanyahu, Turkey’s leader Recep Tayyip Erdogan. Of course, like James Clapper’s claim that Edward Snowden’s leaks forced the NSA to shut down its full take spying on Afghanistan, this “confirmation” may instead have been an effort to cover for collection that has since been restarted, especially given the story’s even more revealing explanation that, “Instead of removing the [surveillance] implants, Mr. Obama decided to shut off the NSA’s monitoring of phone numbers and email addresses of certain allied leaders—a move that could be reversed by the president or his successor.” Obama did not eliminate the infrastructure that allows him to request surveillance (in actually, monitoring of surveillance going on in any case) to be turned on like a switch, and this WSJ article just conveyed that detail to Hollande and Merkel.

So the story could serve as disinformation to cover up restarted surveillance, and it could serve as a cue for the bogus, unbelievably hypocritical political scandal that Crazy Pete and Nunes appear to want to make it.

But I’m just as interested in the dick-waving in the story.

Some of the most interesting details in the story — once you get beyond the wailing of people like Crazy Pete and Devin Nunes probably swept up in intercepts described in the story — pertain to what NSA did and did not learn about Bibi’s efforts, largely executed through Israeli Ambassador to the US Ron Dermer, to thwart the Iran deal. A key detail here is that while (it is implied) NSA destroyed most or all of the intercepts involving members of Congress directly with Bibi, they passed on (with US person identities masked) the reports back through foreign ministry channels of discussions with or on behalf of Bibi.

The NSA has leeway to collect and disseminate intercepted communications involving U.S. lawmakers if, for example, foreign ambassadors send messages to their foreign ministries that recount their private meetings or phone calls with members of Congress, current and former officials said.

“Either way, we got the same information,” a former official said, citing detailed reports prepared by the Israelis after exchanges with lawmakers.

In other words, NSA might not pass on the intercepts of calls members of Congress had with Bibi directly, but they would pass on the reports that Dermer or Bibi’s aides would summarize of such discussions. And according to “a former official” (curiously not described as high ranking) by passing on the reports of such conversations, “we got the same information.”

Usually, but not always, according to the story.

It describes that “Obama administration officials” (which may but probably doesn’t include intelligence officials) didn’t learn about John Boehner’s invitation to Bibi to address Congress ahead of time, even though Boehner extended that invite through Dermer.

On Jan. 8, John Boehner, then the Republican House Speaker, and incoming Republican Senate Majority Leader Mitch McConnell agreed on a plan. They would invite Mr. Netanyahu to deliver a speech to a joint session of Congress. A day later, Mr. Boehner called Ron Dermer, the Israeli ambassador, to get Mr. Netanyahu’s agreement.

Despite NSA surveillance, Obama administration officials said they were caught off guard when Mr. Boehner announced the invitation on Jan. 21.

According to the description of the article, this call should have been fair game to be shared with the White House as a report through the foreign ministry, but either wasn’t reported through normal channels on the Israeli side or NSA didn’t pass it along.

But, according to the story, the White House did get many of the details about Dermer’s attempt to scotch the Iran deal.

The NSA reports allowed administration officials to peer inside Israeli efforts to turn Congress against the deal. Mr. Dermer was described as coaching unnamed U.S. organizations—which officials could tell from the context were Jewish-American groups—on lines of argument to use with lawmakers, and Israeli officials were reported pressing lawmakers to oppose the deal.

[snip]

A U.S. intelligence official familiar with the intercepts said Israel’s pitch to undecided lawmakers often included such questions as: “How can we get your vote? What’s it going to take?”

Let me interject and note that, if the people squealing about these intercepts weren’t such raging hypocrites, I might be very concerned about this.

Consider the Jane Harman case. In 2009 it got reported that NSA and FBI collected conversations Jane Harman had (probably on an individual FISA wiretap) with AIPAC suspects in which Harman allegedly agreed to help squelch the criminal investigation into the organization in exchange for help getting the Chairmanship of the House Intelligence Committee. The position, not incidentally, that all the people (save Mike Rogers, who seems to have had no problem with them) squealing about these intercepts have held or currently hold. At least according to 2009 reports on this, lawyers in then Attorney General Alberto Gonzales’ DOJ considered criminal charges against Harman, but chose not to pursue them, because Gonzales — who had criminally, personally authorized the Stellar Wind program in March 2004 — needed Harman’s support in advance of NYT breaking the Stellar Wind story at the end of 2005. That suggests (if these stories are to be believed) Gonzales used Harman’s purported criminal exposure to get protection against his own.

Now, Crazy Pete was out of power well before these particular intercepts were described (though may have his own reason to be concerned about what such intercepts revealed), but in the same period, Devin Nunes got himself appointed HPSCI Chair, just like AIPAC was allegedly brokering with Harman. He got himself appointed HPSCI Chair by the guy, Boehner, who invited Bibi to address Congress.

And what were AIPAC and other groups — who allegedly were offering congressional leadership posts back in 2005 — offering lawmakers last year to oppose the Iran deal? “What’s it going to take?” the intercepts apparently recorded.

What were they offering?

This is the reason permitting lawmakers’ communications to be incidentally collected is such a risk — because it collects the sausage-making behind legislative stances — but also defensible — because it might disclose untoward quid pro quo by foreign governments of members of Congress. It is a real concern that the Executive is collecting details of Congress’ doings. More protections, both for Members of Congress and for regular schlubs, are needed. But wiretapping the incidentally collected communications with foreign leaders is not only solidly within the parameters of Congressionally-approved NSA spying, but may sometimes be important to protect the US.

That’s the kind of the thing the White House may have seen outlines of in the reports it got on Darmer’s attempts — though the report indicates that Democratic lawmakers and Israelis who supported the Iranian deal (probably including former Mossad head Efraim Halevy, who was criticizing Bibi and Darmer’s efforts in real time) were sharing details of Darmer’s efforts directly with the White House.

In the final months of the campaign, NSA intercepts yielded few surprises. Officials said the information reaffirmed what they heard directly from lawmakers and Israeli officials opposed to Mr. Netanyahu’s campaign—that the prime minister was focused on building opposition among Democratic lawmakers.

Which brings me to the dick-waving part. Here’s the last line of the WSJ story.

The NSA intercepts, however, revealed one surprise. Mr. Netanyahu and some of his allies voiced confidence they could win enough votes.

Some of this story is likely to be disinformation for our allies, much of this story seems to be warning (both friendly and unfriendly) to those likely implicated by the intercepts. But this just seems like dick-waving, the spook-and-politician equivalent of spiking the football and doing a lewd dance in the end zone. The Israelis surely knew all the monitoring was going on (even if members of Congress may have been stupid about them), especially given the way John Kerry, as laid out in the story, raised concerns about Israeli spying during negotiations. But this line, the final reveal in the story, mocks the Israelis and their American interlocutors for assuming they had enough to offer — “What’s it going to take to get your vote?”– to kill the Iran deal.

This may, in part, be an effort to get those implicated in the intercepts to exercise some more caution. But it also seems to be a victory dance, just as Russia ships away Iran’s uranium stockpiles.

Shorter Devin Nunes: There Are Privacy-Violating Covert Counter-Terrorism Programs We’re Hiding

/9 Comments/in /by

I want to return to a detail I pointed out in the Intelligence Authorization yesterday: This language, which would affirmatively clarify that the Privacy and Civil Liberties Oversight does not get access to information on covert operations.

ACCESS.—Nothing in this section shall be construed to authorize the Board, or any agent thereof, to gain access to information regarding an activity covered by section 503(a) of the National Security Act of 1947 (50 U.S.C. 3093(a)).

Some or several intelligence agencies are demanding this, presumably, at a time when PCLOB is working on a review of two EO 12333 authorized counterterrorism programs conducted by CIA or NSA that affect US persons.

During the next stage of its inquiry, the Board will select two counterterrorism-related activities governed by E.O. 12333, and will then conduct focused, in-depth examinations of those activities. The Board plans to concentrate on activities of the CIA and NSA, and to select activities that involve one or more of the following: (1) bulk collection involving a significant chance of acquiring U.S. person information; (2) use of incidentally collected U.S. person information; (3) targeting of U.S. persons; and (4) collection that occurs within the United States or from U.S. companies. Both reviews will involve assessing how the need for the activity in question is balanced with the need to protect privacy and civil liberties. The reviews will result in written reports and, if appropriate, recommendations for the enhancement of civil liberties and privacy.

It may be that the IC demanded this out of some generalized fear, of the sort Rachel Brand raised when she objected to PCLOB’s plan to conduct this EO 12333 (though none of what she says addresses the covert nature of any program, but only their classification). Indeed, given that PCLOB planned to finish the review in question by end of year 2015, it is unlikely that the two programs PCLOB pursued were covert operations. Furthermore, there is nothing in Ron Wyden’s statement opposing this language (which I’ve replicated in full below) that seems to indicate the specificity of concern as he had, for example, with location data or secret law or the OLC opinion affecting cybersecurity. Indeed, he specifically says, “this Board’s oversight activities to date have not focused on covert action.”

So there’s nothing in the public record to make me believe PCLOB has already butted up against a covert operation.

That said, I have in recent weeks become increasingly certain there are programs being run under the guise of counterterrorism, off the official books (and/or were, even after Stellar Wind was “shut down”), and probably in ways the affect the privacy of Americans, potentially a great many Americans.

I say that because there are places where the numbers in the public record don’t add up, where official sources are providing obviously bullshit explanations. I say that, too, because it is clear some places where you’d be able to manage such programs (via personnel labeled as “techs,” for example, and therefore not subject to the oversight of the publicly admitted programs) have been affirmatively preserved over the course of years. I say that because certain authorizations were pushed through with far too much urgency given their publicly described roll out over years. I also say that because it’s increasingly clear CIA, at least, views its surveillance mandate to extend to protecting itself, which in this era of inflamed counterintelligence concerns, might (and has in the past for DOD) extend to spying on its perceived enemies (indeed, one of the programs that I think might be such a covert action would be entirely about protecting the CIA).

I have a pretty good sense what at least a few of these programs are doing and where. I don’t know if they are formally covert operations or not — that’s a confusing question given how covert structure has increasingly been used to preserve deniability from US courts rather than foreign countries. But I do know that the IC’s demand that PCLOB be affirmatively disallowed access to such information suggests it knows such programs would not pass the muster of civil liberties review.

In any case, thanks to House Intelligence Chair Devin Nunes for making that so clear.

Wyden’s statement

This afternoon the House of Representatives passed a new version of the Intelligence Authorization bill for fiscal year 2016. I am concerned that section 305 of this bill would undermine independent oversight of US intelligence agencies, and if this language remains in the bill I will oppose any request to pass it by unanimous consent.

Section 305 would limit the authority of the watchdog body known as the Privacy and Civil Liberties Oversight Board. In my judgment, curtailing the authority of an independent oversight body like this Board would be a clearly unwise decision. Most Americans who I talk to want intelligence agencies to work to protect them from foreign threats, and they also want those agencies to be subject to strong, independent oversight. And this provision would undermine some of that oversight.

Section 305 states that the Privacy and Civil Liberties Board shall not have the authority to investigate any covert action program. This is problematic for two reasons. First, while this Board’s oversight activities to date have not focused on covert action, it is reasonably easy to envision a covert action program that could have a significant impact on Americans’ privacy and civil liberties – for example, if it included a significant surveillance component.

An even bigger concern is that the CIA in particular could attempt to take advantage of this language, and could refuse to cooperate with investigations of its surveillance activities by arguing that those activities were somehow connected to a covert action program. I recognize that this may not be the intent of this provision, but in my fifteen years on the Intelligence Committee I have repeatedly seen senior CIA officials go to striking lengths to resist external oversight of their activities. In my judgment Congress should be making it harder, not easier, for intelligence officials to stymie independent oversight.

For these reasons, it is my intention to object to any unanimous consent request to pass this bill in its current form. I look forward to working with my colleagues to modify or remove this provision

As One of First Acts as Speaker, Paul Ryan Retains Devin Nunes on HPSCI

/4 Comments/in /by

A few weeks ago, I noted that the new Speaker — officially yesterday, Paul Ryan — had an opportunity to name Chairmen of Select committees, most notably Devin Nunes on the House Intelligence Chair. I argued the new Speaker should do just that, with the aim of having more rigorous oversight of the nation’s Intelligence Community.

[I]t seems fair to suggest that Nunes should go too. While Nunes was actually better on Benghazi than his predecessor (raising questions about the CIA’s involvement in gun-running), he has otherwise been a typical rubber stamp for the intelligence community, rushing to pass info-sharing with Department of Energy even while commenting on their shitty security practices, and pitching partisan briefings to give the IC one more opportunity to explain why the phone dragnet was more useful than all the independent reviews say it was.
The Intelligence Community has lost credibility since 9/11, and having a series of rubber stamp oversight Chairs (excepting Silvestre Reyes, who was actually reasonably good) has only exacerbated that credibility problem. So why not call for the appointment of someone like former state judge Ted Poe, who has experience with intelligence related issues on both the Judiciary and Foreign Relations Committees, but who has also been a staunch defender of the Constitution.

[snip]

[N]o place in Congress needs to be reformed more than our intelligence oversight. And while picking a more independent Chair won’t revamp the legal structure of intelligence oversight, it might initiate a process of bringing more rigorous oversight to our nation’s intelligence agencies.

Apparently, Speaker Ryan disagrees. He issued this statement today (I guess Ryan is just a few years too young to remember that the world actually used to be a more dangerous place, but whatev).

The world has gotten only more dangerous, and serious times call for serious leaders. That’s why I’ve asked Rep. Devin Nunes to stay on as chairman of the House Intelligence Committee. Devin and Armed Services Committee Chairman Mac Thornberry have done great work holding the administration accountable for its national-security failures, and I want them to continue their strong partnership. Though Congressman Nunes has been a terrific ally and staunch defender of conservative principles on the Ways and Means Committee, I am grateful for his continued leadership of the Intelligence Committee.

It’s unclear whether this was an affirmative choice, or a bid to make the contest to replace Ryan as Chair of Ways and Means easier.

In accepting Ryan’s request, however, Nunes — apparently also too young to remember the Cold War in his assessment of global threats — pointed to cybersecurity (AKA domestic Internet spying) legislation as one of his priorities.

I am honored to have been asked by the new Speaker of the House, Paul Ryan, to continue serving as Chairman of the House Intelligence Committee. Our nation faces unprecedented global threats ranging from the growing risk of deadly terrorism to debilitating cyber-attacks, and the Intelligence Community’s response to these threats requires diligent Congressional oversight. After careful reflection and in light of the Speaker’s wish for me to continue this important role, I have decided to remain Chairman of the House Intelligence Committee. As we move forward under the leadership of Speaker Ryan, it will be important to complete the good work we have done on an intelligence authorization bill and to get cybersecurity legislation passed to the President’s desk.

Ah well. When Ryan runs for President I guess we can point to this as an indication of his desire to let the intelligence community continue to run roughshod.

Congratulations to James Clapper and the rest of the lot. You still run the joint!