EFF

1 2 3 6

I Con the Record: Drop the Lawsuits and We’ll Release the Data Hostages

I Con the Record just announced that the NSA will make the phone dragnet data it has “analytically unavailable” after the new system goes live in November, and unavailable even to techs three months later.

On June 29, 2015, the Foreign Intelligence Surveillance Court approved the Government’s application to resume the Section 215 bulk telephony metadata program pursuant to the USA FREEDOM Act’s 180-day transition provision. As part of our effort to transition to the new authority, we have evaluated whether NSA should maintain access to the historical metadata after the conclusion of that 180-day period.

NSA has determined that analytic access to that historical metadata collected under Section 215 (any data collected before November 29, 2015) will cease on November 29, 2015.  However, solely for data integrity purposes to verify the records produced under the new targeted production authorized by the USA FREEDOM Act, NSA will allow technical personnel to continue to have access to the historical metadata for an additional three months.

Separately, NSA remains under a continuing legal obligation to preserve its bulk 215 telephony metadata collection until civil litigation regarding the program is resolved, or the relevant courts relieve NSA of such obligations. The telephony metadata preserved solely because of preservation obligations in pending civil litigation will not be used or accessed for any other purpose, and, as soon as possible, NSA will destroy the Section 215 bulk telephony metadata upon expiration of its litigation preservation obligations.

As I understand it, whatever data has been found to be two or three degrees of separation from a baddie will remain in NSA’s maw, but the data that has never returned off a search will not.

I’m pleasantly surprised by this, as I suspect it reflects a decision to accept the Second Circuit verdict in ACLU v. Clapper and to move to shut down other lawsuits.

As I noted, two weeks ago, the ACLU moved for an injunction against the dragnet, which not only might have led to the Second Circuit ordering the government to purge ACLU’s data right away (and possibly, to stop collecting all data), but also basically teed up the Second Circuit to remind the FISC it is not an appellate court. I worried that would lead the FISC to ask FISCR to review its dragnet decisions under a provision newly provided under the USA F-ReDux.

Shortly after ACLU filed its request for an injunction, the government asked for an extension to … today, which the court granted.

So I assume we’ll shortly see that filing arguing that, since the government has voluntarily set a purge date for all the dragnet data, ACLU should not get its injunction.

That doesn’t necessarily rule out a FISCR fast track request, but I think it makes it less likely.

The other player here, however, is the EFF.

I believe both ACLU and EFF’s phone dragnet client Council on American Islamic Relations, had not only standing as clients of dragnetted companies, but probably got swept up in the two-degree dragnet. But CAIR probably has an even stronger case, because it is public that FISC approved a traditional FISA order against CAIR founder Nihad Awad. Any traditional FISA target has always been approved as a RAS seed to check the dragnet, and NSA almost certainly used that more back when Awad was tapped, which continued until 2008. In other words, CAIR has very good reason to suspect the entire organization has been swept up in the dragnet and subjected to all of NSA’s other analytical toys.

EFF, remember, is the one NGO that has a preservation order, which got extended from its earlier NSA lawsuits (like Jewel) to the current dragnet suit. So when I Con the Record says it can’t destroy all the data yet, it’s talking EFF, and by extension, CAIR. So this announcement — in addition to preparing whatever they’ll file to get the Second Circuit off its back — is likely an effort to moot that lawsuit, which in my opinion poses by far the biggest threat of real fireworks about the dragnet (not least because it would easily be shown to violate a prior SCOTUS decision prohibiting the mapping of organizations).

We’ll see soon enough. For the moment, though, I’m a bit surprised by the cautious approach this seems to represent.

Update: Timeline on data availability fixed.

Update: Here’s the government’s brief submitted today. I’m rather intrigued by how often the brief claims USA F-ReDux was about bulk “telephony” data when it was supposed to be about all bulk collection. But I guess I can return to that point.

Update: They depart from describing USA F-ReDux as a ban bulk collection of telephony when they describe it as a ban on collection of bulk collection under Section 215, also not what the bill says.

Part of the compromise on which Congress settled, which the President supported, was to add an unequivocal ban on bulk collection under Section 215 specifying that “[n]o order issued under” Section 215(b)(2) “may authorize collection of tangible things without the use of a specific selection term that meets the requirements” of that subsection.

Update: This is key language — and slightly different from what they argued before FISC. I will return to it.

Plaintiffs assert that, by not changing the language of Section 215 authorizing the collection of business records during the transition period, Congress implicitly incorporated into the USA FREEDOM Act this Court’s opinion holding that Section 215 did not authorize bulk collection. See Pls.’ Mot. 7- 8. Plaintiffs rely on language providing that the legislation does not “alter or eliminate the authority of the Government to obtain an order under” Section 215 “as in effect prior to the effective date” of the statute. USA FREEDOM Act § 109, 129 Stat. at 276. That language does not advance plaintiffs’ argument, however, because the statute says nothing expressly about what preexisting authority the government had under Section 215 to obtain telephony metadata in bulk. It is implausible that Congress employed the  word “authority” to signify that the government lacked authority to conduct the Section 215 bulk telephony-metadata program during the 180-day transition period, contrary to the FISC’s repeated orders and the Executive Branch’s longstanding and continuing interpretation and application of the law, and notwithstanding the active litigation of that question in this Court. That is especially so because language in the USA FREEDOM Act providing for the 180-day transition period has long been a proposed feature of the legislation. It is thus much more plausible that the “authority” Congress was referring to was not the understanding of Section 215 reflected in this Court’s recent interpretation of Section 215, but rather the consistent interpretation of Section 215 by 19 different FISC judges: to permit bulk collection of telephony metadata.

CryptoWars, the Obfuscation

The US Courts released its semiannual Wiretap Report the other day, which reported that very few of the attempted wiretaps last year were encrypted, with even fewer thwarting law enforcement.

The number of state wiretaps in which encryption was encountered decreased from 41 in 2013 to 22 in 2014. In two of these wiretaps, officials were unable to decipher the plain text of the messages. Three federal wiretaps were reported as being encrypted in 2014, of which two could not be decrypted. Encryption was also reported for five federal wiretaps that were conducted during previous years, but reported to the AO for the first time in 2014. Officials were able to decipher the plain text of the communications in four of the five intercepts.

Motherboard has taken this data and concluded it means the Feds have been overstating their claim they’re “going dark.”

[N]ew numbers released by the US government seem to contradict this doomsday scenario.

[snip]

“They’re blowing it out of proportion,” Hanni Fahkoury, an attorney at the digital rights group Electronic Frontier Foundation (EFF), told Motherboard. “[Encryption] was only a problem in five cases of the more than 3,500 wiretaps they had up. Second, the presence of encryption was down by almost 50 percent from the previous year.

“So this is on a downward trend, not upward,” he wrote in an email.

Much as I’d like to, I’m not sure I agree with Motherboard’s (or Hanni Fahkoury’s) conclusion.

Here’s what the data show since 2012, which was the first year jurisdictions reported being unable to break encryption (2012; 2013):

Screen Shot 2015-07-02 at 11.07.09 AM

You’ll see lots of parenthetical entries and NRs. That’s because this data is not being reported systematically. Parenthetical references are to encrypted feeds not reported until years after they get set, and usually those have been decrypted by the time they’re reported. NRs show that we have not getting these numbers, if they exist, from federal law enforcement (and the numbers can’t be zero, as reported here, because FBI has been taking down targets like Silk Road). The reporting on this ought to raise real questions about the quality of the data being reported and perhaps might spark some interest in mandating better reporting of this data so it can be tracked. But it also suggests that — at a time when law enforcement are just beginning to find encryption they can’t break (immediately) — there’s a lot of noise in the data. Does 2013’s 2% of encrypted targets and half-percent that couldn’t be broken represent a big problem? It depends on who the target is — a point I’ll come back to.

Congress will soon have that opportunity (but won’t avail themselves of it).

Even as US Courts were reporting still very low levels of encryption challenges faced by law enforcement, both the Senate Judiciary Committee and the Senate Intelligence Committee announced hearings next Wednesday where Jim Comey will have yet another opportunity to try to present a compelling argument that he should have back doors into our communication. SJC even saw fit to invite witnesses with opposing viewpoints, which the “intelligence” committee saw no need to do.

In an apparent attempt to regain some credibility before these hearings (Jim Comey is nothing if not superb at working the media), Comey went to Ben Wittes to suggest his claimed concern with increasing use of encryption has to do with ISIS’ increasing use of encryption. Ben quotes from Comey’s earlier comments to CNN then riffs on that in light of what Comey just told him in a conversation.

“Our job is to find needles in a nationwide haystack, needles that are increasingly invisible to us because of end-to-end encryption,” Comey said. “This is the ‘going dark’ problem in high definition.”

Comey said ISIS is increasingly communicating with Americans via mobile apps that are difficult for the FBI to decrypt. He also explained that he had to balance the desire to intercept the communication with broader privacy concerns.

“It is a really, really hard problem, but the collision that’s going on between important privacy concerns and public safety is significant enough that we have to figure out a way to solve it,” Comey said.

Let’s unpack this.

As has been widely reported, the FBI has been busy recently dealing with ISIS threats. There have been a bunch of arrests, both because ISIS has gotten extremely good at the inducing self-radicalization in disaffected souls worldwide using Twitter and because of the convergence of Ramadan and the run-up to the July 4 holiday.

As has also been widely reported, the FBI is concerned about the effect of end-to-end encryption on its ability to conduct counterterrorism operations and other law enforcement functions. The concern is two-fold: It’s about data at rest on devices, data that is now being encrypted in a fashion that can’t easily be cracked when those devices are lawfully seized. And it’s also about data in transit between devices, data encrypted such that when captured with a lawful court-ordered wiretap, the signal intercepted is undecipherable.

[snip]

What was not clear to me until today, however, was the extent to which the ISIS concerns and the “going dark” concerns have converged. In his Brookings speech, Comey did not focus on counterterrorism in the examples he gave of the going dark problem. In the remarks quoted by CNN, and in his conversation with me today, however, he made clear that the landscape is changing fast. Initial recruitment may take place on Twitter, but the promising ISIS candidate quickly gets moved onto messaging platforms that are encrypted end to end. As a practical matter, that means there are people in the United States whom authorities reasonably believe to be in contact with ISIS for whom surveillance is lawful and appropriate but for whom useful signals interception is not technically feasible.

Now, Ben incorrectly blurs the several roles of FBI here. FBI’s interception of ISIS communiques may be both intelligence and law enforcement. To the extent they’re the former — to the extent they’re conducted under FISA — they won’t show up in US Courts’ annual report.

But they probably should, if Comey is to have any credibility on this front.

Moreover, Ben simply states that “there are people in the United States whom authorities reasonably believe to be in contact with ISIS for whom surveillance is lawful and appropriate.” But there’s no evidence presented to support this. Indeed, most of the so-called ISIS prosecutions have shown 1) where probable cause existed, it largely existed in the clear, in Twitter conversations and other online postings and 2) there may not have been probable cause before FBI ginned it up.

It ought to raise real questions about whether Comey’s going dark problem is a law enforcement one — with FBI being unable to to access evidence on real criminals — or is an intelligence one — with FBI being unable to access First Amendment protected speech that nevertheless may be important for an understanding of the threat ISIS poses domestically. Again, the data is not there, one way or another, but given the law enforcement data, we ought to demand real numbers for intelligence intercepts. Another pertinent question is whether this encrypted data is easily accessible to NSA (ISIS recruiters are almost entirely going to be legitimate NSA targets located overseas), but not to FBI?

And all this presumes that Comey is telling the truth about ISIS and not — as he and just about every member of the Intelligence Community has done routinely — used terror threats to be able to get authorities to wield against other kinds of threats, especially hackers (which is not to say hackers aren’t a target, just that the IC likes to pretend its authorities serve an exclusively CT purpose when they clearly do not). The law enforcement data, at least, show that even members of very sophisticated drug distribution networks are using encryption at a really low level. Is ISIS’ ability to coach potential recruits into using encrypted products on Twitter really that much better, or is Comey really talking about hackers who more obviously have the technical skills to encrypt their communications?

Thus far, Comey would have you believe that intelligence — counterterrorism — targets encrypt at a much higher rate than even drug targets. But the data also suggest even federal law enforcement (that is, Comey’s agency, among others) aren’t tracking this very effectively, and so can’t present reliable numbers.

Before we go any further in this cryptowar debate, we ought to be able to get real numbers on how serious the problem is.

Judge White Makes Crucial Error While Capitulating to State Secrets, Again

Judge Jeffrey White, who has been presiding over the EFF’s challenges to warrantless wiretapping since Vaughn Walker retired, just threw out part of Carolyn Jewel’s challenge to the dragnet on standing and state secrets ground (h/t Mike Scarcella).

Based on the public record, the Court finds that the Plaintiffs have failed to establish a sufficient factual basis to find they have standing to sue under the Fourth Amendment regarding the possible interception of their Internet communications. Further, having reviewed the Government Defendants’ classified submissions, the Court finds that the Claim must be dismissed because even if Plaintiffs could establish standing, a potential Fourth Amendment Claim would have to be dismissed on the basis that any possible defenses would require impermissible disclosure of state secret information.

White also does what no self-respecting judge should ever do: cite Sammy Alito on Amnesty’s “speculative” claims about Section 702 collection in Amnesty v. Clapper, which have since been proven to be based off false government claims.

In Clapper, the Court found that allegations that plaintiffs’ communications were intercepted were too speculative, attenuated, and indirect to establish injury in fact that was fairly traceable to the governmental surveillance activities. Id. at 1147-50. The Clapper Court held that plaintiffs lacked standing to challenge NSA surveillance under FISA because their “highly speculative fear” that they would be targeted by surveillance relied on a “speculative chain of possibilities” insufficient to establish a “certainly impending” injury.

Also along the way, White claims the plaintiffs had made errors in their depiction of the upstream dragnet.

But I’m fairly certain he has done the same when he claims that only specific communications accounts can be targeted under both PRISM and upstream Section 702 collection.

Once designated by the NSA as a target, the NSA tries to identify a specific means by which the target communicates, such as an e-mail address or telephone number. That identifier is referred to a “selector.” Selectors are only specific communications accounts, addresses, or identifiers. (See id; see also Privacy and Civil Liberties Oversight Board Report on the Surveillance Program Operated Pursuant to Section 702 of the Foreign Intelligence Surveillance Act (“PCLOB Report”) at 32-33, 36.)

Indeed, his citation to PCLOB doesn’t support his point at all. Here are what I guess he means to be the relevant sections.

The Section 702 certifications permit non-U.S. persons to be targeted only through the “tasking” of what are called “selectors.” A selector must be a specific communications facility that is assessed to be used by the target, such as the target’s email address or telephone number.113 Thus, in the terminology of Section 702, people (non-U.S. persons reasonably believed to be located outside the United States) are targeted; selectors (e.g., email addresses, telephone numbers) are tasked.

[snip]

Because such terms would not identify specific communications facilities, selectors may not be key words (such as “bomb” or “attack”), or the names of targeted individuals (“Osama Bin Laden”).114 Under the NSA targeting procedures, if a U.S. person or a person located in the United States is determined to be a user of a selector, that selector may not be tasked to Section 702 acquisition or must be promptly detasked if the selector has already been tasked.115

[snip]

The process of tasking selectors to acquire Internet transactions is similar to tasking selectors to PRISM and upstream telephony acquisition, but the actual acquisition is substantially different. Like PRISM and upstream telephony acquisition, the NSA may only target non-U.S. persons by tasking specific selectors to upstream Internet transaction collection.131 And, like other forms of Section 702 collection, selectors tasked for upstream Internet transaction collection must be specific selectors (such as an email address), and may not be key words or the names of targeted individuals.132

First of all, unless they’ve changed the meaning of “such as” and “for example,” PCLOB’s use of email and telephone numbers is not exhaustive (though it does mirror the party line witnesses before PCLOB used, and accurately reflects PCLOB’s irresponsible silence on the use of 702 — upstream and downstream — for cybersecurity, even after ODNI has written publicly on the topic). Indeed, the NSA uses other selectors, including cyberattack signatures, in addition to things more traditionally considered a selector.

And given the government’s past, documented, expansion of the term “facility” beyond all meaning, there’s no reason to believe the government’s use of “use” distinguishes appropriately between participants in communications.

Ah well, all that discussion probably counts as a state secret. A concept which is getting more and more farcical every year.

Update: Clarified to note this is only partial summary judgment.

Why Did ODNI Fight So Hard to Hide the Census Opinion?

Congratulations to EFF, which yesterday liberated another document on Section 215: a 2010 OLC opinion finding that the Department of Commerce (then counseled by Cameron Kerry who, curiously enough, hosted the Bob Litt speech the other day) did not have to turn over data to the FBI under Section 215 (which was the only one of many statutes it reviewed that OLC considered possibly binding).

After reviewing a bunch of legislative language on both Congress’ intent to provide affirmative confidentiality to census data and on its silence on census data during the PATRIOT Act reauthorization debates, Deputy Assistant Attorney Genereal Jeannie Rhee concluded,

We therefore conclude that section 215 should not be construed torepeal otherwise applicable Census Act protections for covered census information, such that they would require their disclosure by the Department of Commerce.Because no other PatriotAct provision that you have, identified, nor any such provision that we have separately reviewed, would appear to have that effect, we agree that the Patriot Act, as amended, does not alter the. confidentiality protections in sections 8, 9, and 214 of the Census Act in a manner that could require the Secretary of Commerce to disclose such information.

Many outlets are hailing this as OLC noting some limits to the otherwise unlimited demands the government thinks it can make under Section 215.

But I’m left puzzled.

Why did the Administration fight so hard to keep this secret? This suit has been going on for years, and ODNI tried to keep this secret long after reams of more interesting — and more classified — information got released on the phone dragnet and related authorities.

I can think of several possible reasons (and these are all speculative):

FISC decisions

Perhaps the government thinks this might endanger FISC’s decision that Section 215 does repeal two other privacy statutes. In 2008, Judge Reggie Walton found that Section 215 overrode the privacy protections for call data under ECPA [SCA]. And in 2010, John Bates found that it overrode the privacy protections in RFPA. Effectively, both decisions found that the government could do with Section 215 (and court review) what the FBI could otherwise do with NSLs. But of course, by doing them under Section 215, the government managed to do them in greater bulk, and probably with some exotic requests added in. At least the ECPA opinon was probably elicited by DOJ IG pointing out that the NSL rule did prevent other access to such data. In both opinions, the FISC reviewed the absence of legislative language and used it to conclude something dissimilar to what OLC concluded here: that in the absence of language, it provided permission. Does ODNI think the publication of this OLC opinion will make it easier to challenge the use of Section 215 for phone and financial records?

Update: This passage, from ACLU’s challenge to the phone dragnet, more eloquently suggests this is precisely why ODNI wanted to bury this opinion. It cites the importance of statutory construction, and then notes ties it to earlier statements on the Census Act.

On its face, Section 215 provides the government with general authority to compel the disclosure of tangible things. However, the Stored Communications Act (“SCA”) specifically addresses the circumstances in which the government can compel the disclosure of phone records in particular. The SCA provision states that a “provider of remote computing service or electronic communication service to the public shall not knowingly divulge a record or other information pertaining to a subscriber to or customer of such service . . . to any governmental entity.” 18 U.S.C. § 2702(a)(3). While the SCA provision lists exceptions to its otherwise categorical prohibition, see id. §§ 2702(c), 2703, Section 215 is not among them. This omission is particularly notable because Congress enacted sections 2702(c) and 2703 in the same bill as Section 215.

The district court held that Section 215 constitutes an implicit exception to Section 2702 because Section 215 orders “are functionally equivalent to grand jury subpoenas.” SPA027. But well-settled rules of statutory construction require that the list of exceptions in section 2702 and 2703 be treated as exhaustive. See United States v. Smith, 499 U.S. 160, 167 (1991) (“Where Congress explicitly enumerates certain exceptions . . . additional exceptions are not to be implied, in the absence of evidence of a contrary legislative intent.” (quotation marks omitted)). Congress has enacted a comprehensive scheme to regulate the government’s collection of electronic communications and records relating to those communications. That comprehensive scheme, which addresses the precise circumstances in which the government can collect the records at issue in this case, must be given precedence over provisions that are more general. See In re Stoltz, 315 F.3d 80, 93 (2d Cir. 2002) (holding that it is a “basic principle of statutory construction that a specific statute . . . controls over a general provision” (quoting HCSC–Laundry v. United States, 450 U.S. 1, 6 (1981))); see also PCLOB Report 92–93.

Indeed, the Justice Department has itself acknowledged that it would contravene the structure of the SCA to “infer additional exceptions” to the “background rule of privacy” set out in section 2702(a). See Office of Legal Counsel, Memorandum Opinion for the General Counsel [of the] FBI: Requests for Information Under the Electronic Communications Privacy Act 3 (Nov. 5, 2008), http://1.usa.gov/1e5GbvC (concluding that the FBI could not use national security letters to compel the production of records beyond those specifically exempted from the general privacy rule). Moreover, it has acknowledged that principle with respect to Section 215 itself, concluding that the statute does not override the privacy protections of the Census Act, 13 U.S.C. §§ 8, 9, 214. Letter from Ronald Weich, Assistant Attorney General, to Hon. Nydia Velázquez, Chair, Congressional Hispanic Caucus, U.S. House of Representatives (Mar. 3, 2010), http://wapo.st/aEsETd. [my emphasis]

The Second Circuit already sounded like it wanted to boot the dragnet on statutory grounds (if they did, doing so should have the same effect for financial records as well). And the release of this opinion may well help them do that.

Presumptive Section 215 Collection

In 2010, this OLC memo reveals, DOJ’s National Security Division — then headed by David Kris — believed that the government ought to be able to use Section 215 to obtain raw census data (the rest of DOJ, curiously, did not agree). Kris lost that battle.

But data very similar to census data is readily available, from private marketing brokers. If NSD saw the need to obtain this kind of data, it’s not clear what would prevent the government from just obtaining very similar data from marketing firms. Should we assume it has done so?

Census data in racial profiling

I also wonder whether this came up in the context of ways both the NYPD (with CIA assist) and FBI have used census data to conduct their racial profiling efforts. Both have relied on published (aggregated) census data to find which neighborhoods to spy on. Was there some kind of effort to fine tune this racial profiling by using the underlying data?

NCTC’s access to internal databases

Finally, I wonder whether ODNI’s reticence about this OLC opinion pertains to its own National Counterterrorism Center guidelines  on information sharing, which permit NCTC to demand entire databases from other government agencies if it says the database includes information on terrorists (effectively making us all terrorists). Discussions about doing so started in 2011 and resulted in broad new data sharing guidelines in 2012, so that change actually took place after this opinion. Also note the opinion’s interesting timing: January 4, 2010, so probably too soon after the UndieBomb attempt on Christmas day in 2009 to be considered part of the expanded information sharing that happened after that attack, though not so long after the Nidal Hassan attack.

Whatever the timing, I’m curious how this opinion has influenced discussions about and limits to that data-sharing initiative — and how it should have influenced such data sharing?

 

The FBI PRTT Documents: Combined Orders

As I noted the other day, I’m working through documents submitted in EPIC’s FOIA for PRTT documents (see all of EPIC’s documents on this case here).

In addition to the documents released (the reports to Congress, the extensive reporting on the Internet dragnet), the government submitted descriptions of what appear to be two (possibly three) sets of documents withheld: documents pertaining to orders combining a PRTT and Section 215 order, and documents pertaining to a secret technique, which we’ll call the Paragraph 31 technique. In this post I’ll examine the “combined order” documents.

The Vaughn Index for this FOIA made it clear that a number of the documents Withheld in Full (WIF) pertained to orders combing the Pen Register and Section 215 (Business Record) authorities, as does this list from David Hardy’s second declaration.

Screen Shot 2014-11-30 at 11.46.30 AM

Footnotes 3, 4, and 5 all note that these documents have already been successfully withheld in the EFF’s FOIA for Section 215 documents, and by comparing the page numbers in that Vaughn Index in that case, we can guess with some confidence that these orders are the following documents and dates:

  • Document 16 is EFF 89D, dated  2/17/2006, 17 pages
  • Document 17 is EFF 89K,  dated 2/24/2006, 8 pages

As I’ll show, this correlates with what we can glean from the DOJ IG Reports on Section 215.

I’m less certain about Document 12. Both the EFF and ACLU Vaughn Indices show a 10/31/06 document (it is 82C in the EFF Vaughn) that is the correct length, 4 pages, that is linked with another 10/31/06 document (see 82B and 84, for example). For a variety of reasons, however, I think we can’t rule out Document 89S which appears only in the EFF FOIA (but not the ACLU FOIA), which is dated December 16, 2005 (intriguingly, the day after NYT exposed Stellar Wind), in which case the withheld portion might be the relevant 4 pages of a longer 16 page order.

Continue reading

Why DOJ Withheld the Correlations Opinion: The DC Circuit’s Mosaic

On January 9, 2014, the government appealed Judge Richard Leon’s decision finding the phone dragnet in Klayman v. Obama to the DC Circuit.

The DC Circuit, of course, is the court that issued US. v Maynard in 2010, the first big court decision backing a mosaic theory of the Fourth Amendment. And while the panel that ultimately heard the Klayman appeal included two judges who voted to have the entire circuit review Maynard, the circuit precedent in Maynard includes the following statement.

As with the “mosaic theory” often invoked by the Government in cases involving national security information, “What may seem trivial to the uninformed, may appear of great moment to one who has a broad view of the scene.” CIA v. Sims, 471 U.S. 159, 178 (1985) (internal quotation marks deleted); see J. Roderick MacArthur Found. v. F.B.I., 102 F.3d 600, 604 (D.C. Cir. 1996). Prolonged surveillance reveals types of information not revealed by short-term surveillance, such as what a person does repeatedly, what he does not do, and what he does ensemble. These types of information can each reveal more about a person than does any individual trip viewed in isolation. Repeated visits to a church, a gym, a bar, or a bookie tell a story not told by any single visit, as does one‘s not visiting any of these places over the course of a month. The sequence of a person‘s movements can reveal still more; a single trip to a gynecologist‘s office tells little about a woman, but that trip followed a few weeks later by a visit to a baby supply store tells a different story.* A person who knows all of another‘s travels can deduce whether he is a weekly church goer, a heavy drinker, a regular at the gym, an unfaithful husband, an outpatient receiving medical treatment, an associate of particular individuals or political groups — and not just one such fact about a person, but all such facts.

With that precedent, the DC Circuit is a particularly dangerous court for the Administration to review a dragnet that aspires to collect all Americans’ call records and hold them for 5 years.

On March 31, 2014, the government submitted a motion for summary judgment in EFF’s FOIA for Section 215 documents with an equivalent to the ACLU. One of the only things the government specifically withheld — on the grounds that it described a dragnet analysis technique it was still using — was an August 20, 2008 FISC opinion authorizing the technique in question, which it did not name.

Two days before FISC issued that August 20, 2008 opinion, the NSA was explaining to the court how it made correlations between identifiers to contact chain on all those identifiers. Two days is about what we’ve seen for final applications before the FISC rules on issues, to the extent we’ve seen dates, suggesting the opinion is likely about correlations.

Here’s how the government described correlations, in various documents submitted to the court in 2009.

They define what a correlated address is (and note, this passage, as well as other passages, do not limit correlations to telephone metadata — indeed, the use of “address” suggests correlations include Internet identifiers).

The analysis of SIGINT relies on many techniques to more fully understand the data. One technique commonly used is correlated selectors. A communications address, or selector, is considered correlated with other communications addresses when each additional address is shown to identify the same communicant as the original address.

They describe how the NSA establishes correlations via many means, but primarily through one particular database.

NSA obtained [redacted] correlations from a variety of sources to include Intelligence Community reporting, but the tool that the analysts authorized to query the BR FISA metadata primarily used to make correlations is called [redacted].

[redacted] — a database that holds correlations [redacted] between identifiers of interest, to include results from [redacted] was the primary means by which [redacted] correlated identifiers were used to query the BR FISA metadata.

They make clear that NSA treated all correlated identifiers as RAS approved so long as one identifier from that user was RAS approved.

In other words, if there: was a successful RAS determination made on any one of the selectors in the correlation, all were considered .AS-a. ,)roved for purposes of the query because they were all associated with the same [redacted] account

And they reveal that until February 6, 2009, this tool provided “automated correlation results to BR FISA-authorized analysts.” While the practice was shut down in February 2009, the filings make clear NSA intended to get the automated correlation functions working again,

While it’s unclear whether this screen capture describes the specific database named behind the redactions in the passages above, it appears to describe an at-least related process of identifying all the equivalent identities for a given target (in this case to conduct a hack, but it can be used for many applications).

Correlations

If I’m right that the August 20, 2008 memo describes this correlations process, it means one of the things the government decided to withhold from EFF and ACLU (who joined Klayman as amici) after deciding to challenge Leon’s decision in a court with a precedent of recognizing a mosaic theory of the Fourth Amendment was a document that shows the government creates a mosaic of all these dragnets.

It’s not just a phone dragnet (and it’s not just US collected phone records). It’s a domestic and internationally-collected phone and Internet and other metadata dragnet, and after that point, if it sucks you into that dragnet, it’s a financial record and other communications dragnet as well (for foreigners, I imagine, you get sucked in first, without an interim stage).

Even though both Janice Rogers Brown and David Sentelle voted to reconsider the mosaic theory in 2010, Sentelle’s questions seemed to reflect a real concern about it. Unsurprisingly, given that he authored a fairly important opinion in US v Quartavious Davis holding that the government needed a warrant to get stored cell site location data while he was out on loan to the 11th Circuit earlier this year, his questions focused on location.

Sentelle: What information if any is gathered about the physical location of wireless callers, if anything? Cell tower type information.

Thomas Byron: So Judge Sentelle, what is not included. Cell tower information is not included in this metadata and that’s made clear in the FISC orders.  The courts have specified that it’s not included.

Note how Byron specified that “cell tower information is not included in this metadata”? Note how he also explains that the FISC has specified that CSLI is not included, without explaining that that’s only been true for 15 months (meaning that there may still be incidentally collected CSLI in the databases). Alternately, if the NSA gets cell location from the FBI’s PRTT program (my well-educated guess is that the FBI’s unexplained dragnet — the data from which it shares with the NSA — is a Stingray program), then that data would get analyzed along with the call records tied to the same phones, though it’s not clear that this location data would be available from the known but dated metadata access, which is known only to include Internet, and EO 12333 and BRFISA phone metadata).

Stephen Williams seemed even more concerned with the Maynard precedent, raising it specifically, and using it to express concern about the government stashing 5 years of phone records.

Williams: Does it make a significant difference that these data are collected for a five year period.

Byron’s response was particularly weak on this point, trying to claim that the government’s 90-day reauthorizations made the 5 years of data that would seem to be clearly unacceptable under Maynard (which found a problem with one week of GPS data) acceptable.

Byron: It’s not clear in the record of this case how much time the telephone companies keep the data but the point is that there’s a 90 day period during which the FISC orders are operative and require the telephone companies to turn over the information from their records to the government for purposes of this program. Now the government may retain it for five years but that’s not the same as asking whether the telephone company must keep it for five years.

Williams: How can we discard the five year period that the government keeps it?

Williams also, later, asked about what kind of identities are involved, which would also go to the heart of the way the government correlates identities (and should warrant questions about whether the government is obtaining Verizon’s supercookie).

Byron expressed incredible (as in, not credible) ignorance about how long the phone companies keep this data; only AT&T keeps its data that long. Meaning the government is hoarding records well beyond what users should have an expectation the third party in question would hoard the data, which ought to eliminate the third party justification by itself.

Janice Rogers Brown mostly seemed to want things to be easy, one bright line that cops could use to determine what they could and could not obtain. Still, she was the only one to raise the other kinds of data the government might obtain.

JRB: Does it matter to whom the record has been conveyed. For instance, medical records? That would be a third party’s record but could you draw the same line.

Byron: Judge Brown, I’m glad you mentioned this because it’s really important to recognize in the context of medical records just as in the context, by the way, of telephone records, wiretap provisions, etcetera, Congress has acted to protect privacy in all of these areas. For example, following the Miller case, Congress passed a statute governing the secrecy of bank records. Following the Smith case, Congress passed a statute governing wiretaps. HIPAA, in your example, Judge Brown, would govern the restrictions, would impose restrictions on the proper use of medical information. So too here, FISA imposes requirements that are then enforced by the Foreign Intelligence Surveillance Court. And those protections are essential to understanding the program and the very limited intrusion on any privacy interest.

While Byron had a number of very misleading answers, this probably aggravated me the most. After all, the protections that Congress created after the Miller case and the Smith case were secretly overridden by the FISC in 2008 and 2010, when it said limitations under FISA extended for NSLs could also be extended for 215 orders. And we have every reason the government could, if not has, obtained medical records if not actual DNA using a Section 215 order; I believe both would fall under a national security exception to HIPAA. Thus, whatever minimization procedures FISC might impose, it has, at the same time blown off precisely the guidelines imposed by Congress.

The point is, all three judges seemed to be thinking — to a greater or lesser extent — of this in light of the Maynard precedent, Williams particularly so. And yet because the government hid the most important useful evidence about how they use correlations (though admittedly the plaintiffs could have submitted the correlations data, especially in this circuit), the legal implications of this dragnet being tied to other phone and Internet dragnets and from there more generalized dragnets never got discussed.

Don’t get me wrong. Larry Klayman likely doomed this appeal in any case. On top of being overly dramatic (which I think the judges would have tolerated), he misstated at least two things. For example, he claimed violations reported at the NSA generally happened in this program alone. He didn’t need to do that. He could have noted that 3,000 people were dragnetted in 2009 without the legally required First Amendment review. He could have noted 3,000 files of phone dragnet data were not destroyed in timely fashion, apparently because techs were using the real data on a research server. The evidence to show this program has been — in the past at least — violative even of the FISC’s minimization requirements is available.

Klayman also claimed the government was collecting location data. He got caught, like a badly prepared school child, scrambling for the reference to location in Ed Felten’s declaration, which talked about trunk location rather than CSLI.

In substantive form, I don’t think those were worse than Byron’s bad evasions … just more painful.

All that said, all these judges — Williams in particular — seemed to want to think of this in terms of how it fit in a mosaic. On that basis, the phone dragnet should be even more unsustainable than it already is. And some of that evidence is in the public record, and should have been submitted into the record here.

Still, what may be the most important part of the record was probably withheld, by DOJ, after DOJ decided it was going to appeal in a circuit where that information would have been centrally important.

The Klayman Hearing: Everyone Can Stand If DOJ Has the Backbone

Update: See this post, which explains that I’m wrong about the timing of Verizon’s different approach to production than AT&T. And that difference precedes Verizon’s withdrawal from the FBI call record program in 2009 — it goes back to 2007.

I’m finally getting around to listening to the Klayman v. Obama hearing from the other day, which you can listen to here. I’ll have more to say on it later. But my impression is that — because of the incomplete reporting of a bunch of NSA beat reporters — Klayman may be improperly thrown out on standing because he is only a Verizon cell customer, not a Verizon landline customer.

Back on June 14, 2013, the WSJ reported that Verizon Wireless and T-Mobile don’t turn over records under the phone dragnet, but that the government obtains those records anyway as they travel across the domestic backbone, largely owned by AT&T and Verizon Business Services.

The National Security Agency’s controversial data program, which seeks to stockpile records on all calls made in the U.S., doesn’t collect information directly from T-Mobile USA and Verizon Wireless, in part because of their foreign ownership ties, people familiar with the matter said.

The blind spot for U.S. intelligence is relatively small, according to a U.S. official. Officials believe they can still capture information, or metadata, on 99% of U.S. phone traffic because nearly all calls eventually travel over networks owned by U.S. companies that work with the NSA.

[snip]

Much of the U.S.’s telecom backbone is owned by two companies: AT&T and Verizon Business Network Services Inc., a U.S. subsidiary of Verizon Communications that it views as a separate network from its mobile business. It was the Verizon subsidiary that was named in the FISA warrant leaked by NSA contractor Edward Snowden to the Guardian newspaper and revealed last week.

When a T-Mobile or Verizon Wireless call is made, it often must travel over one of these networks, requiring the carrier to pay the cable owner. The information related to that transaction—such as the phone numbers involved and length of call—is recorded and can then be passed to the NSA through its existing relationships.

Then, on February 7, 2014, the WSJ (and 3 other outlets) reported something entirely different — that the phone dragnet only collects around 20% of phone records (others reported the number to be a higher amount).

The National Security Agency’s collection of phone data, at the center of the controversy over U.S. surveillance operations, gathers information from about 20% or less of all U.S. calls—much less than previously thought, according to people familiar with the NSA program.

The program had been described as collecting records on almost every phone call placed in the U.S. But, in fact, it doesn’t collect records for most cellphones, the fastest-growing sector in telephony and an area where the agency has struggled to keep pace, the people said.

Over the course of 8 months, the WSJ’s own claim went from the government collecting 99% of phone data (defined as telephony) to the government collecting 20% (probably defining “call data” broadly to include VOIP), without offering an explanation of what changed. And it was not just its own earlier reporting with which WSJ conflicted; aspects of it also conflicted with a lot of publicly released primary documents about what the program has done in the past. Nevertheless, there was remarkably little interest in explaining the discrepancy.

I’m getting a lot closer to being able to explain the discrepancy in WSJ’s reporting. And if I’m right, then Larry Klayman should have standing (though I’m less certain about Anna Smith, who is appealing a suit in the 9th Circuit).

I’m fairly certain (let me caveat: I think this is the underlying dynamic; the question is the timing) the discrepancy arises from the fact that, for the first time ever, on July 19, 2013 (a month after the WSJ’s first report) the FISA Court explicitly prohibited the collection of Cell Site Location Information.

Furthermore, this Order does not authorize the production of cell site location information (CSLI).

We’ve learned several details since February that puts this in context.

First, the NSL IG Report revealed that one of the three providers who had been part of FBI’s onsite call records access from 2003 to 2006 did not renew the contract for that program in 2009.

Company A, Company B, and Company C are the three telephone carriers described in our Exigent Letters Report that provided telephone records to the TCAU in response to exigent letters and other informal requests between 2003 and 2006. As described in our Exigent Letters Report, the FBI entered into contracts with these carriers in 2003 and 2004, which required that the communication service providers place their employees in the TCAU’s office space and give these employees access to their companies’ databases so they could immediately service FBI requests for telephone records. Exigent Letters Report, 20. As described in the next chapter, TCAU no longer shares office space with the telephone providers. Companies A and C continue to serve FBI requests for telephone records and provide the records electronically to the TCAU. Company B did not renew its contract with the FBI in 2009 and is no longer providing telephone records directly to the TCAU. Company B continues to provide telephone records in response to NSL requests issued directly by the field without TCAU’s assistance.

The original WSJ, in retrospect, makes it fairly clear that Company B is Verizon (though I believe it provides the wrong explanation otherwise for Verizon’s inability to provide records, that it was partly foreign owned–though admittedly it only claims to be providing part of the explanation).

Unlike Sprint and AT&T, [Verizon Wireless and T-Mobile] also don’t perform classified work for the government. Such contracts require secure facilities that make cooperating with NSA programs simpler, people familiar with the matter said.

Verizon Associate General Counsel Michael Woods’ response to questions at a hearing earlier this year made it even more clear. He said that Verizon does not keep call detail records — as distinct from billing records — long at all (and they only keep billing records on the landline side for 18 months).

The contract with TCAU, the NSL IG Report (and the earlier Exigent Letters report) makes clear, would require providers to keep records for longer to facilitate some bells and whistles. That’s a big part of what the “make cooperating with NSA programs simpler” is likely about. Therefore, Verizon must be the provider that stopped retaining records in 2009 for the purpose of the government (It also just so happens to be the provider that doesn’t need the government cash as part of its business model). I suspect that TCAU remains closely related to Hemisphere, which may be why when I asked FBI about its participation in that unclassified project, FBI refused to comment at all.

If all that’s right, then AT&T and Sprint retain their call detail records because they have signed a contract with the government to do so. Verizon does not.

That means, at least since 2009, Verizon has been relying on actual call detail records to fulfill its obligations under Section 215, not a database that makes it easier to pull out precisely what the government wants (indeed, I suspect the end of the contract created the problems where Verizon was providing entirely foreign calls along with its domestic calls starting with the May 29, 2009 order).  The business records that Verizon had on hand was a CDR that, in the case of cell phones, necessarily included CSLI.

Verizon is still (the Verizon-specific language remains in the dragnet orders, and they challenged the first order after Leon’s decision in this case) providing records of landline calls that traverse its backbone.

But when FISC made it a violation — rather than just overproduction they otherwise would have and have, in both this and other programs, approved — to provide CSLI, and made that public, it gave Verizon the opportunity to say it had no way to provide the cell data legally.

That’s sort of what the later WSJ report says, though it doesn’t explain why this would be limited in time or why NSA would have a problem when it collects CDRs internationally with CSLI with no problem.

Moreover, the NSA has been stymied by how to remove location data—which it isn’t allowed to collect without getting additional court approval—from U.S. cellphone records collected in bulk, a U.S. official said.

I’m not sure whether it’s the case that Verizon couldn’t very easily pull that CSLI off or not. But I do suspect — particularly for a program that offers no compensation — that Verizon no longer had a legal obligation to. (This probably answers, by the way, how AT&T and Sprint are getting paid here: they’re being paid to keep their CDRs under the old TCAU contracts with the FBI.)

The government repeats over and over that they’re only getting business records the companies already have. Verizon has made it clear it doesn’t have cell call detail records without the location attached. And therefore, I suspect, the government lost its ability to make Verizon comply. That is also why, I suspect, the President claims he needs new legislation to make this happen: because he needs language forcing the providers to provide the CDRs in the form the government wants it in.

If I’m right, though — that the government had 99% coverage of telephony until Claire Eagan specifically excluded cell location — then Klayman should have standing. That’s because Richard Leon’s injunction not only prohibited the government from collecting any new records from Klayman, he also required the government to “destroy any such metadata in its possession that was collected through the bulk collection program.”

Assuming Verizon just stopped providing cell data in 2013 pursuant to Eagan’s order, then there would still be over 3 years of call records in the government’s possession available for search. Which would mean he would still be exposed to the government’s improper querying of his records.

It is certainly possible that Verizon stopped providing cell data once it ended its TCAU contact in 2009. If that’s the case, the government’s hasty destruction of call records in March would probably have eliminated the last of the data it had on Klayman (though not on ACLU, since ACLU is a landline customer as well as a wireless customer).

But if Verizon just stopped handing over cell records in 2013 after Claire Eagan made it impossible for the government to force Verizon to comply with such orders, then Klayman — and everyone else whose records transited Verizon’s backbone — should still have standing.

Update: I provided this further explanation to someone via email.

I should have said this more clearly in the post. But the only way everyone is correct: including WSJ in June, Claire Eagan’s invocation of “substantially all” in July, the PRG’s claims they weren’t getting as much as thought in December, and WSJ’s claims they weren’t much at all in February, is if Verizon shut down cell collection sometime during that period. The July order and the aftermath would explain that.

I suspect the number is now closer to 50-60% of US based telephony records within the US (remember, on almost all international traffic, there should be near duplication, because they’re collecting that at scale offshore), but there’s also VOIP and other forms of “calls” and texts that they’re not getting, which is how you get down to the intentionally alarmist 20%. One reason I think Comey’s going after Apple is because iMessage is being carved out, and Verizon is already pissed, so he needs to find a way to ensure that Apple doesn’t get a competitive advantage over Verizon by going through WiFi that may not be available to Verizon because it is itself the backbone. But if you lose both Verizon’s cell traffic AND any cell traffic they carry, you lose a ton of traffic.
That gets you to the import of the FBI contract. It is a current business purpose of AT&T and Sprint to create a database that they can charge the FBI to use to do additional searching, including location data and burner phones and the like. AT&T’s version of this is probably Hemisphere right now (thus, in FBI-speak, TCAU would be Hemisphere), meaning they also get DEA and other agencies to pay for it. In that business purpose, the FBI is a customer of AT&T and Sprint’s business decision to create its own version of the NSA’s database, including all its calls as well as things like location data the FBI can get so on individualized basis.
Verizon used to choose to pursue this business (this is the significance, I think, of the government partially relying on a claim to voluntary production, per Kris). In 2009, they changed their business approach and stopped doing that. So they no longer have a business need to create and keep a database of all its phone records.
What they do still have are SS7 routing records of all traffic on their backbone, which they need to route calls through their networks (which is what AT&T uses to build their database). That’s the business record they use to respond to their daily obligations.
But there seem to be two likely reasons why the FISC can’t force Verizon to alter those SS7 records, stripping the CSLI before delivering it to the government. First, there is no means to compensate the providers under Section 215. That clearly indicates Congress had no plan to ask providers to provide all their records on a daily basis. But without compensation, you can’t ask the providers to do a lot of tweaking.
The other problem is if you’re asking the providers to create a record, then you’re getting away from the Third Party doctrine, aren’t you? In any case, the government and judges have repeated over and over, they can only get existing business records the providers already have. Asking Verizon to do a bunch to tweak those records turns it into a database that Verizon has created not for its own business purpose, but to fulfill the government’s spying demands.
I think this is the underlying point of Woods’ testimony where he made it clear Verizon had no intent of playing Intelligence agent for the government. Verizon seems to have made it very clear they will challenge any order to go back into the spying for the government business (all the more so after losing some German business because of too-close ties to the USG). And since Verizon is presumably now doing this for relatively free (since 2009, as opposed to AT&T and Sprint, who are still getting paid via their FBI contract), the government has far less ability to make demands.
This is also where I think the cost from getting complete coverage comes from. You have to pay provider sufficiently such that they are really doing the database-keeping voluntarily, which presumably gets it well beyond reasonable cost compensation.
Update: One final point (and it’s a point William Ockham made a billion years ago). The foreign data problem Verizon had starting in 2009 would be completely consistent with a shift from database production to SS7 production, because SS7 records are going to have everything that transits the circuit.

The Last Time NSA Submitted Secret Authorities, It Was Actively Hiding Illegal Wiretapping

Via Mike Masnick, I see that in addition to submitting a new state secrets declaration and a filing claiming EFF’s clients in Jewel v. NSA don’t have standing, the government also submitted a secret supplemental brief on its statement of authorities, which EFF has challenged.

The secret supplemental brief is interesting given the government’s outrageous state secrets claim in the lawsuit against United Against a Nuclear Iran, in which it refuses to explain why it must protect the intelligence sources and methods of an allegedly independent NGO. It seems the government’s state secrets claims are getting even more outrageous than they already were.

That’s particularly interesting given what appears to be the outlines of a claim that if the court recognizes Jewel’s standing, then all hell will break loose.

Due to the failings of Plaintiffs’ evidence described above, the Court need not consider the impact of the state secrets privilege on the standing issue. However, if the Court were to find Plaintiffs’ declarations admissible and sufficiently probative of Plaintiffs’ standing to raise a genuine issue meriting further inquiry (which it should not), adjudication f the standing issue could not proceed without risking exceptionally grave damage to national security (a threshold issue on which the Court requested briefing). That is so because operational details of Upstream collection that are subject to the DNI’s assertion of the state secrets privilege in this case are necessary to address Plaintiffs’ theory of standing. The Government presented this evidence to the Court in the DNI’s and NSA’s classified declarations of December 20, 2013, and supplements it with the Classified Declaration of Miriam P., NSA, submitted in camera, ex parte, herewith. Disclosure of this evidence would risk informing our Nation’s adversaries of the operational details of the NSA’s Upstream collection, including the identities of electronic-communications-service providers assisting with Upstream collection.

Behind these claims of grave harm are the reality that if US persons started to get standing under the dragnet, then under John Bates’ rules (in which illegal wiretapping is only illegal if the government knows US persons are targeted), the entire program would become illegal. So I suspect the government is ultimately arguing that Jewel can’t have standing because it would make the entire program illegal (which is sort of the point!).

But the biggest reason I’m intrigued by the government’s sneaky filing is because of what happened the last time it submitted such a sneaky filing.

I laid out in this post how a state secrets filing submitted in EFF’s related Shubert lawsuit by Keith Alexander on October 30, 2009 demonstrably lied. Go back and read it–it’s a good one. A lot of what I show involves Alexander downplaying the extent of the phone dragnet problems.

But we now know more about how much more Alexander was downplaying in that declaration.

As I show in this working thread, it is virtually certain that on September 30, 2009, Reggie Walton signed this order, effectively shutting down the Internet dragnet (I’m just now noticing that ODNI did not — as it has with the other FISC dragnet orders — release a copy with the timestamp that goes on all of these orders, which means we can’t determine what time of the day this was signed). Some time in the weeks before October 30, DOJ had submitted this notice, admitting that NSA had been violating the limits on “metadata” collection from the very start, effectively meaning it had been collecting content in the US for 5 years.

Precisely the kind of illegal dragnet Virginia Shubert was suing the government to prevent.

Mind you, there are hints of NSA’s Internet dragnet violations in Alexander’s declaration. In ¶59, Alexander says of the dragnet, “The FISC Telephone Business Records Order was most recently reauthorized on September 3, 2009, with authority continuing until October 30, 2009″ (Walton signed the October 30, 2009 phone dragnet order around 2:30 ET, which would be 11:30 in NDCA where this declaration was filed). In ¶58, he says, “The FISC Pen Register Order was most recently reauthorized on [redacted], 2009, and requires continued assistance by the providers through [redacted] 2009″ (this is a longer redaction than October 30 would take up, so it may reflect the 5PM shutdown Walton had imposed). So it may be that one of the redacted passages in Alexander’s declaration admitted that FISC had ordered the Internet dragnet shut down.

In addition, footnote 24 is quite long (note it carries onto a second page); particularly given that the tense used to describe the dragnets in the referenced paragraph differ (the Internet dragnet is in the past tense, the phone dragnet is in the present tense), it is possible Alexander admitted to both the compliance violation and that NSA had “voluntarily” stopped querying the dragnet data.

Further, in his later discussions, he refers to this data as “non-content metadata” and “records about communication transactions,” which may reflect a tacit (or prior) acknowledgment that the NSA had been collecting more than what, to the telecoms who were providing it, was legally metadata, or, if you will, was in fact “content as metadata.”

To the extent that the plaintiffs “dragnet” allegations also implicate other NSA activities, such as the bulk collection of non-content communications meta data or the collection of communications records, see, e.g., Amended Compl ¶58, addressing their assertions would require disclosure of NSA sources and methods that would cause exceptionally grave harm to national security.

[snip]

Accordingly, adjudication of plaintiffs’ allegations concerning the collection of non-content meta data and records about communication transactions would risk or require disclosure of critical NSA sources and methods for [redacted] contacts of terrorist communications as well as the existence of current NSA activities under FISC Orders. Despite media speculation about those activities, official confirmation and disclosure of the NSA’s bulk collection and targeted analysis of telephony meta data would confirm to all of our foreign adversaries [redacted] the existence of these critical intelligence capabilities and thereby severely undermine NSA’s ability to gather information concerning terrorist connections and cause exceptionally grave harm to national security.

So it seems that Alexander provided some glimpse to Vaughn Walker of the troubles with the Internet dragnet program. So when after several long paragraphs describing the phone dragnet problems (making no mention even of the related Internet dragnet ones), Alexander promised to work with the FISC on the phone dragnet “and other compliance issues,” he likely invoked an earlier reference to the far more egregious Internet dragnet ones.

NSA is committed to working with the FISC on this and other compliance issues to ensure that this vital intelligence tool works appropriately and effectively. For purposes of this litigation, and the privilege assertions now made by the DNI and by the NSA, the intelligence sources and methods described herein remain highly classified and the disclosure that [redacted] would compromise vital NSA sources and methods and result in exceptionally grave harm to national security.

I find it tremendously telling how closely Alexander ties the violations themselves to the state secrets invocation.

The thing is, at this point in the litigation, the only honest thing to submit would have been a declaration stating, “Judge Walker? It turns out we’ve just alerted the FISC that we’ve been doing precisely what the plaintiffs in this case have accused of us — we’ve been doing it, in fact, for 5 years.” An honest declaration would have amounted to concession of the suit.

But it didn’t.

And that state secrets declaration, like the one the government submitted at the end of September, was accompanied by a secret statement of authorities, a document that (unless I’m mistaken) is among the very few that the government hasn’t released to EFF.

Which is why I find it so interesting that the government is now, specifically with reference to upstream collection, following the same approach.

Do these secret statements of authority basically say, “We admit it, judge, we’ve been violating the law in precisely the way the plaintiffs claim we have. But you have to bury that fact behind state secrets privilege, because our dragnets are more important than the Fourth Amendment”? Or do they claim they’re doing this illegal dragnettery under EO 12333 so the court can’t stop them?

If so, I can see why the government would want to keep them secret.

Update: I originally got the name of Shubert wrong. Virginia Shubert is the plaintiff.

USA Gag Freedom Act

As you likely know, there have been two developments with NSLs in the last few days. First, Twitter sued DOJ, on First Amendment grounds, to be able to publish how many NSLs and FISA orders it has received. And EFF argued before the 9th Circuit that the entire NSL statute should be declared unconstitutional.

These developments intersect with the USA Freedom Act in an interesting way. In the 9th Circuit, the Court (I believe this is Mary Murguia based on tweets from lawyers who were there, but am not certain) asked why Congress hasn’t just fixed the Constitutional problems identified in Doe v. Mukasey with NSL gag orders.

That set off DOJ Appellate lawyer Douglas Letter hemming and hawing in rather unspecific language (my transcription).

Mary Murguia: Have any measures been taken to Congress to try to change that reciprocal notice procedure, to make it legal as the 2nd Circuit suggested?

Douglas Letter: Your honor, my understanding is, and I’m a little hesitant to talk about this in this sense, as we know proposals can be made to Congress and who knows what will happen? The government is working on some, a, is working with Congressional staffers etcetera, we would hope that at some point we would have legislation. We do not as this point. I’m not, I’m not going to here make any predictions whether anything passes.

What Letter was talking about — bizarrely without mentioning it — was a provision addressing the unconstitutional NSL gags in USA Freedom Act.

The provision fixes one part of the NSLs by putting the onus on FBI to review every year whether gags must remain in place.

(3) TERMINATION.—

(A) IN GENERAL.—In the case of any request under subsection (b) for which a recipient has submitted a notification to the Government under section 3511(b)(1)(A) or filed a petition for judicial review under subsection (d)—

(i) an appropriate official of the Federal Bureau of Investigation shall, until termination of the nondisclosure requirement, review the facts supporting a nondisclosure requirement annually and upon closure of the investigation; and

(ii) if, upon a review under clause (i), the facts no longer support the nondisclosure requirement, an appropriate official of the Federal Bureau of Investigation shall promptly notify the wire or electronic service provider, or officer, employee, or agent thereof, subject to the nondisclosure requirement, and the court as appropriate, that the nondisclosure requirement is no longer in effect.

This would fix the problem identified by the 2nd Circuit.

Except that, bizarrely, it would require FBI to do what Letter represented to the Court FBI could not do — review the gags every year. Presumably, they assume so few providers will challenge the gag that they’ll be able to manage those few yearly reviews that would be required.

Which might be what this language is about.

(B) CLOSURE OF INVESTIGATION.—Upon closure of the investigation—

(i) the Federal Bureau of Investigation may petition the court before which a notification or petition for judicial review under subsection (d) has been filed for a determination that disclosure may result in the harm described in clause (i), (ii), (iii), or (iv) of paragraph (1)(B), if it notifies the recipient of such petition;

(ii) the court shall review such a petition pursuant to the procedures under section 3511; and

(iii) if the court determines that there is reason to believe that disclosure may result in the harm described in clause (i), (ii), (iii), or (iv) of paragraph (1)(B), the Federal Bureau of Investigation shall no longer be required to conduct the annual review of the facts supporting the nondisclosure requirement under subparagraph (A).

That is, in addition to fixing the constitutional problem with NSLs, USAF provides FBI way out of the supposedly onerous problem that fix requires, by establishing a way to get a permanent gag.

The NSL provisions in USAF have not gone totally unnoticed. Perhaps appropriately, one of the few public comments on it came from the EFF. It lumps it in with FBI’s exemption from reporting back door searches.

The FBI is exempt from Section 702 reporting, and the bill appears to provide a path for the FBI to get permanent gag orders in connection with national security letters.

And bill champion Kevin Bankston is acutely aware of the dynamic as well; after Twitter announced his suit he suggested this was a good reason to pass USAF.

Bankston NSL

 

Me, I’d rather let the courts work and get the leverage we might get that way.

Especially since it seems like FBI is more able to review yearly gag renewals that Letter told the court.

 

Did Anthony Coppolino Fib about NSA’s New Architecture?

On Tuesday, EFF told the tale of yet another government freak-out over purportedly classified information. The DOJ lawyer litigating their multiple dragnet challenges, Anthony Coppolino, accidentally uttered classified information in a hearing in June. So the government tried to take the classified information out of the transcript without admitting they did so. After Judge Jeffrey White let EFF have a say about all this, the government ultimately decided the information wasn’t classified after all. So the Court finally released the transcript.

My wildarseguess is that this is the passage in question:

Judge Bates never ultimately held that the acquisition violated the Constitution. The problem in that case was the minimization procedures were not sufficient to protect the Fourth Amendment interests of the people of the United States.

And so he ordered that they be changed, and they were changed. And he approved them. And in addition, in the process of not only approving the minimization procedures, NSA implemented new system architecture that did a better job at assuring that those communications were minimized and ultimately destroyed, which is the goal here. It’s part of the statutory framework not to collect on U.S. citizens and when you’ve incidentally done it, destroy it. [my emphasis]

According to the John Bates opinions relating to this incident, the NSA implemented a new system of ingesting this data, marking it, checking it before it gets moved into the general repository of data, and purging it if it includes entirely domestic commuincations. But does that count as new architecture? I’m not sure.

Meanwhile, the NSA has been upgrading their architecture. We learned that (among other places) in the most recent Theresa Shea declaration on NSA systems in EFF’s Jewel case. It doesn’t mention new architecture pertaining to  upstream  702, though she does discuss a more general architecture upgrade and how it affects Section 215 specifically.

Then there’s this language, addressing the NSA’s inability to filter US person data reliably, from PCLOB.

The NSA’s acquisition of MCTs is a function of the collection devices it has designed. Based on government representations, the FISC has stated that the “NSA’s upstream Internet collection devices are generally incapable of distinguishing between transactions containing only a single discrete communication to, from, or about a tasked selector and transactions containing multiple discrete communications, not all of which are to, from, or about a tasked selector.”155 While some distinction between SCTs and MCTs can be made with respect to some communications in conducting acquisition, the government has not been able to design a filter that would acquire only the single discrete communications within transactions that contain a Section 702 selector. This is due to the constant changes in the protocols used by Internet service providers and the services provided.156 If time were frozen and the NSA built the perfect filter to acquire only single, discrete communications, that filter would be out-of-date as soon as time was restarted and a protocol changed, a new service or function was offered, or a user changed his or her settings to interact with the Internet in a different way. Conducting upstream Internet acquisition will therefore continue to result in the acquisition of some communications that are unrelated to the intended targets.

The fact that the NSA acquires Internet communications through the acquisition of Internet transactions, be they SCTs or MCTs, has implications for the technical measures, such as IP filters, that the NSA employs to prevent the intentional acquisition of wholly domestic communications. With respect to SCTs, wholly domestic communications that are routed via a foreign server for any reason are susceptible to Section 702 acquisition if the SCT contains a Section 702 tasked selector.157 With respect to MCTs, wholly domestic communications also may be embedded within Internet transactions that also contain foreign communications with a Section 702 target. The NSA’s technical means for filtering domestic communications cannot currently discover and prevent the acquisition of such MCTs.158 

The footnotes in this section all cite to John Bates’ 2011 opinion (including, probably, some language that remains redacted in the public copy, such as on page 47). So we might presume it is out of date.  Except that PCLOB has done independent work on these issues and the end of the first paragraph includes language not sourced at all.

That is, PCLOB seems to think there remain technical problems with sorting out US person data, the filtering problem cannot be solved. (Which makes the ridiculous John Bates more skeptical on this point than PCLOB.)

So do the data segregation techniques implemented in 2011 amount to new architecture? Does the larger architecture upgrade going on going to affect upstream collection in some more meaningful fashion?

I don’t know. One other reason I think this might be the language is because Coppolino was — as he frequently does — running his mouth. Bates did rule the US person data collected before 2011 violated the Fourth Amendment, even if the task before him was solely to judge whether the minimization procedures before him did. More importantly, Bates was quite clear that this US person collection was intentional, not incidental.

So Coppolino was making claims about one of the practices (the PRTT collection is another) that is most likely to help EFF win their suit, upstream collection, which actually does entail domestic wiretapping of US person content. He made a claim that suggested — with the fancy word “architecture” — that NSA had made technical fixes. But PCLOB, at least, doesn’t believe they’ve gotten to the real issue.

Who knows? It’s just a guess. What’s not a guess is that Coppolino seems to recognize upstream 702 presents a real problem in this suit.

1 2 3 6
Emptywheel Twitterverse
emptywheel @p2wy gotta do better than that to be an MLive commenter.
11mreplyretweetfavorite
emptywheel @nickmanes1 at the gym...
16mreplyretweetfavorite
emptywheel @p2wy note my clarification. Bliss is in neighborhood but not precincts AFAIK.
16mreplyretweetfavorite
emptywheel Note: ref to "the mayors" was to current and former.
18mreplyretweetfavorite
emptywheel Voter 140 in combined precincts on Jefferson. Poll ladies also wondering when "the mayors" would be voting. Tho Heartwell already moved?
24mreplyretweetfavorite
JimWhiteGNV Hello, Home Depot? I'd like to order some gopher wood. Let's say, 300 cubits by fifty cubits by 30 cubits. And several buckets of pitch...
35mreplyretweetfavorite
emptywheel @radleybalko Had exactly the same thought.
51mreplyretweetfavorite
emptywheel @b_cavello Except for all the menopause-having people who are running far far hotter than everyone else.
1hreplyretweetfavorite
emptywheel Air conditioning debate SHOULD NOT be abt difference bt sexes. It should be opportunity to liberate men from their dumb suit-&-tie costumes
1hreplyretweetfavorite
emptywheel @DPRK_News I confess I'm disappointed not to read of NK's best in world diver on this feed. Surely proof of NK's superiority over all?
1hreplyretweetfavorite
emptywheel @JoeSudbay Sure, but as that post demonstrates, one can make certain assumptions based on kid number. @adambonin
1hreplyretweetfavorite
August 2015
S M T W T F S
« Jul    
 1
2345678
9101112131415
16171819202122
23242526272829
3031