Posts

Verizon Counsel Speaks Out Against “Outsourcing” Intelligence

One of the concerns I’ve raised about HR 3361 — AKA USA Freedumber — regards who will do some of the data analysis that the NSA “data integrity analysts” currently do before the contact-chaining stage. As I’ve noted, the most privacy protective thing would be to have the telecoms do it, but that would put them in an inappropriate role of performing analysis for the intelligence community.

Apparently, Verizon agrees with that. As part of Verizon Associate General Counsel Michael Woods’ testimony to the Senate Intelligence Committee the other day, he emphasized how inappropriate it would be for the telecoms to serve as surrogates for the intelligence community. (He emphasized this in his answers as well.)

Included in the reform discussions has been the idea that the collection, searching, and perhaps even analysis, of potentially relevant data is best done not by the government, but by the private holders of that data. One recommendation that garnered particular attention was that bulk collection of telephony metadata might be replaced by a system in which such metadata is held instead either by private providers or by a private third party.

This proposal opens a very complex debate, even when that debate is restricted to just traditional telephony, but the bottom line is this: national security is a fundamental government function that should not be outsourced to private companies.

Verizon is in the business of providing communications and other services to our customers. Data generated by that process is held only if, and only for long as, there is a business purpose in doing so. Outside of internal business operations, there typically is no need for companies to retain data for extended periods of time.

If a company is required to retain data for the use of intelligence agencies, it is no longer acting pursuant to a business purpose. Rather, it is serving the government’s purpose. In this context, the company has become an agent or surrogate of the government. Any Constitutional benefit of having the data held by private entities is lost when, by compelling retention of that data for non-business purposes, the private entity becomes a functional surrogate of the government. Public trust would exist to the extent that companies are believed to be truly independent of the government. When the companies are seen as surrogates for intelligence agencies, such trust will dissipate.

Nor would outsourcing offer any promise of efficiency. Technology is changing too rapidly — telecommunications networks are evolving beyond traditional switched telephony. Voice over Internet Protocol (VoIP) technologies handle voice traffic over the Internet (as opposed to the public switched telephone networks) and already account for a substantial portion of voice traffic. Even more dramatic has been the rise of “over-the-top” applications that use peer to peer or other technologies to establish direct connections between users over the Internet. In 2012, one such application accounted for 34% of all international voice calling minutes. VoIP and over-the-top applications traverse IP networks as Internet traffic and thus do not generate CDRs or similar telephony business records. U.S. intelligence agencies would need to approach application owners to establish access equivalent to the CDRs they obtain under the existing program. The technical difficulties multiply if the intelligence agencies were to eventually seek the same sort of access to IP metadata from Internet Service Providers.

Finally, the commercial effect on U.S. companies of outsourcing collection ought to be considered. No company will be eager to undertake the increased responsibility, scrutiny, and liability entailed by having its employees become surrogates for the government in the collection of intelligence. More troubling for large companies is the negative effect in the international market of overt association with a U.S. intelligence agency.

H.R. 3361 does not include any provisions which would require data retention by telecommunications companies. For all the foregoing reasons, that is a good thing. A framework under which intelligence agencies retain and analyze data that has been obtained from telecommunications companies in a “arms length” transaction compelled by a FISA order should continue. [my emphasis]

I quote this in full not to make you laugh at the prospect of Verizon balking at “becoming” a surrogate of the government.

I think this statement was clearly meant to lay out some clear principles going forward (and I suspect Verizon is by far the most important player in USA Freedumber, so Congress may well listen). Whatever Verizon has done in the past — before Edward Snowden and after him, ODNI exposed it, alone among the telecom companies, as turning over all our phone records to the government — it has made several efforts, some half-hearted and some potentially more significant to establish some space between it and the government. If Verizon has decided it’s time to set real boundaries in its cooperation with the government I’m all in favor of that going forward.

Much of this statement is just a clear warning that Verizon won’t abide by requests to extend their data retention practices, which it terms acting as an agent of the government. That will, by itself, limit the program. As Woods explained, they don’t really need Call Detail Records that long (and I assume they need smart phone data even less). What they keep the required 18 months is just billing records, which doesn’t provide the granular data the government would want. So if Verizon refuses to change its data retention approach, it will put a limit on what the government can access.

That said, that’s clearly what a number of Senators would like to do — mandate the retention of CDRs 18 months, which would in turn significantly raise the cost of this (about which more in a later post). So this could actually become a quite heated battle, aside from what privacy activists do.

There are a few more details of this I’m particularly intrigued by (aside from Woods’ warning that the records of interest will all be Internet-based calls within very short order).

Note that Woods admits there has been some discussion of having telecoms do “analysis” (and I assume he’s not talking just about me). Given his statements, it seems Verizon would refuse that too (good!). But remember: the last round of USA Freedumbing included compensation and immunity for Booz-type contractors in addition to the telecoms, so NSA may still be outsourcing this analysis, just to other contractors (and given that this was a late add, it may have come in response to Verizon’s reluctance to do NSA’s analysis for it).

When Woods claims this is difficult, “even when that debate is restricted to just traditional telephony,” he suggests the debate may not be restricted to traditional telephony. Obviously, Verizon must still be involved in upstream production. And it either is or may well be asked to resume its involvement in Internet metadata collection, because USA Freedumber doesn’t hide the intent to return to Internet dragnet collection. Then there’s the possibility Mark Warner’s questions elicited, that the telecoms will be getting hybrid orders asking for telephony metadata as well as other things, not limited to location.

When we talk about the various ways the NSA may try to deputize the telecoms, the possibilities are very broad — and alarming. So I’m happy to hear that Verizon, at least, is claiming to be unwilling to play that role.

Mark Warner Lays Out How USA Freedumber Will Put the NSA in Your Smartphone

I noted this yesterday in a quick post, but I wanted to post the video and my transcription of Mark Warner’s efforts to lay out some of the privacy problems with HR 3361, which I call USA Freedumber.

Warner, who made his fortune as a telecom mogul, points out that USA Freedumber will be able to access calls from smaller cell companies that are currently not included as primary providers to NSA (he doesn’t mention it, but USA Freedumber will also be able to access VOIP).

Warner: It was reported when we think about 215 in the previous program that that collected metadata that was with those entities — those companies — that entered into some relationship with the IC, and I believe there was a February WSJ article that reported — and I don’t want to get into percentages here — that while the large entities, large companies were involved, that in many cases, the fastest growing set of telephone calls, wireless calls, were actually a relatively small percentage. Is that an accurate description of how the press has presented the 215 program prior — previously?

Ledgett: Yes, that’s how the press represented it.

Warner: And if that was an accurate presentation, wouldn’t the universe of calls that are now potentially exposed to these kind of inquiries be actually dramatically larger since any telco, regardless of whether they had a relationship with the IC or not, and any type of call, whether it is wire or wireless, be subject to the inquiries that could be now made through this new process.

Ledgett: Uh Yes, Senator, that’s accurate.

Warner: So, again, with the notion here that under the guise of further protecting privacy, I think on a factual basis, of the number of calls potentially scrutinized, the universe will be exponentially larger than what the prior system was. Is that an accurate statement.

Ledgett: No, Senator, I don’t believe so, because the only calls that the government will see are those that are directly responsive to to the predicate information that we have.

Warner: No, In terms of actual inquiries, correct, but the the universe of potential calls that you could query, when prior to the calls were only queried out of the 215 database that was held at the NSA, which as press reports said did not include — in many cases — the fastest growing number of new calls, wireless calls, now the universe of — even though the number of queries may be the same, because the protections are still the same, the actual universe of potential calls that could be queried against is dramatically larger than what 215 has right now.

Ledgett: Potentially yes, that’s right Senator.

From there, Warner focuses on a more troubling issue: the likelihood that NSA could get cell location data and call detail records with the same request. Read more

As Snowden Leak Anniversary Approaches, Intelligence Community Prepares to Declare Victory

As June 5 approaches — and with it the one year anniversary of the first reporting on Edward Snowden’s leaks — the privacy community is calling supporters to redouble efforts to improve the NSA “reform bill,” which I call the USA Freedumber Act, in the Senate.

I explained here why the Senate is unlikely to improve USA Freedumber in any meaningful way. The votes just aren’t there — not even in the Senate Judiciary Committee.

Ominously, Dianne Feinstein just scheduled an NSA hearing for Thursday afternoon, when most of the privacy community will be out rallying the troops.

Unless the surveillance community finds some way to defeat USA Freedumber, the intelligence community will soon be toasting themselves that they used the cover of Edward Snowden’s disclosures to expand surveillance. The “Edward Snowden Put the NSA in Your Smartphone Act,” they might call it.

To prevent that, the privacy community needs to find a way to defeat USA Freedumber. It’s not enough, in my opinion, to point to the judicial review codified by USA Freedumber to accede to letting this pass. Not only doesn’t USA Freedumber end what most normal people call, “bulk collection,” but it expands collection in a number of ways.

That’s true, in part, because of the way the bill defines “bulk collection.” USA Freedumber only considers something “bulk collection” if it collects all of some kind of data (so, all phone data in the US). If NSA limits collection at all — selecting to collect all the phone records from Area Code 202, for example — it no longer qualifies as bulk collection under the Intel Community definition used in the bill, no matter how broadly they’re collecting.

Here’s a post where I lay that out.

To make things worse, the last version of the House bill changed the term “selection term” to make it very broad: including “entities,” “addresses,” and “devices” among the things that count as a single target, all of which invite mass targeting. I was always skeptical about “specific selection term” serving as the limiting factor in the bill; key language about how the FISC currently understands “selection term” remains classified. But I do know that Zoe Lofgren and others in the House kept saying that under the current definition of the bill the government could collect all records in, say, my Area Code 202 example. And if that’s possible, it means the phone dragnet under this “reform” may be little more targeted than upstream Section 702 collection currently is, which has telecoms sniff through up to 75% of US Internet traffic.

But it’s not just that the bill doesn’t deliver what its boosters claim it does.

There are 4 other ways that the bill makes the status quo worse, as I show in this post:

  • The move to telecoms codifies changes in the chaining process that will almost certainly expand the universe of data being analyzed — potentially significantly
  • In three ways, the bill would permit the use of phone chaining for purposes beyond counterterrorism, which isn’t currently permitted
  • The bill weakens the minimization procedures on upstream Section 702 collection imposed by FISC Judge John Bates in 2011, making it easier for the government to collect and keep domestic content domestically
  • The bill moves the authority to set minimization procedures for Pen Registers from FISC to the Attorney General (and weakens them significantly), thus eliminating the tool John Bates used to shut down illegal content-as-metadata collection

In my opinion, these changes mean the NSA will be able to do much of what they were doing in 2009, before what were then called abuses — but under this bill would be legalized — were discovered. That, plus they’re likely to expand the dragnet beyond terrorism targets.

For a year, privacy advocates have believed we’d get reform in response to Snowden’s leaks. For too long, advocates treated HR 3361 as positive reform.

But unless we defeat USA Freedumber, the Intelligence Community will have used the event of Snowden’s leaks as an opportunity to expand the dragnet.

What If the Democratic Response to Snowden Is to Expand Surveillance?

I got distracted reading two pieces this morning. This great Andrew O’Hehir piece, on how those attacking Edward Snowden and Glenn Greenwald ought to consider the lesson of Justice Louis Brandeis’ dissent in Olmstead.

In the famous wiretapping case Olmstead v. United States, argued before the Supreme Court in 1928, Justice Louis Brandeis wrote one of the most influential dissenting opinionsin the history of American jurisprudence. Those who are currently engaged in what might be called the Establishment counterattack against Glenn Greenwald and Edward Snowden,including the eminent liberal journalists Michael Kinsley and George Packer, might benefit from giving it a close reading and a good, long think.

Brandeis’ understanding of the problems posed by a government that could spy on its own citizens without any practical limits was so far-sighted as to seem uncanny. (We’ll get to that.) But it was his conclusion that produced a flight of memorable rhetoric from one of the most eloquent stylists ever to sit on the federal bench. Government and its officers, Brandeis argued, must be held to the same rules and laws that command individual citizens. Once you start making special rules for the rulers and their police – for instance, the near-total impunity and thick scrim of secrecy behind which government espionage has operated for more than 60 years – you undermine the rule of law and the principles of democracy.

“Our Government is the potent, the omnipresent teacher,” Brandeis concluded. “For good or for ill, it teaches the whole people by its example. Crime is contagious. If the Government becomes a lawbreaker, it breeds contempt for law; it invites every man to become a law unto himself; it invites anarchy. To declare that in the administration of the criminal law the end justifies the means — to declare that the Government may commit crimes in order to secure the conviction of a private criminal — would bring terrible retribution.”

And this more problematic Eben Moglen piece talking about how Snowden revealed a threat to democracy we must now respond to.

So [Snowden] did what it takes great courage to do in the presence of what you believe to be radical injustice. He wasn’t first, he won’t be last, but he sacrificed his life as he knew it to tell us things we needed to know. Snowden committed espionage on behalf of the human race. He knew the price, he knew the reason. But as he said, only the American people could decide, by their response, whether sacrificing his life was worth it.

So our most important effort is to understand the message: to understand its context, purpose, and meaning, and to experience the consequences of having received the communication.

Even once we have understood, it will be difficult to judge Snowden, because there is always much to say on both sides when someone is greatly right too soon.

I raise them in tandem here because both address the threat of spying to something called democracy. And the second piece raises it amid the context of American Empire (he compares the US to the Roman decline into slavery).

I raise them here for two reasons.

First, because neither directly notes that Snowden claimed he leaked the documents to give us a choice, the “chance to determine if it should change itself.”

“For me, in terms of personal satisfaction, the mission’s already accomplished,” he said. “I already won. As soon as the journalists were able to work, everything that I had been trying to do was validated. Because, remember, I didn’t want to change society. I wanted to give society a chance to determine if it should change itself.”

“All I wanted was for the public to be able to have a say in how they are governed,” he said. “That is a milestone we left a long time ago. Right now, all we are looking at are stretch goals.”

Snowden, at least, claims to have contemplated the possibility that, given a choice, we won’t change how we’re governed.

And neither O’Hehir nor Moglen contemplates the state we’re currently in, in which what we call democracy is choosing to expand surveillance in response to Snowden’s disclosures.

Admittedly, the response to Snowden is not limited to HR 3361. I have long thought a more effective response might (or might not!) be found in courts — that if, if the legal process does not get pre-empted by legislation. I have long thought the pressure on Internet companies would be one of the most powerful engines of change, not our failed democratic process.

But as far as Congress is concerned, our stunted legislative process has started down the road of expanding surveillance in response to Edward Snowden.

And that’s where I find Moglen useful but also problematic.

He notes that the surveillance before us is not just part of domestic control (indeed, he actually pays less attention to the victims of domestic surveillance than I might have, but his is ultimately a technical argument), but also of Empire.

While I don’t think it’s the primary reason driving the democratic response to Snowden to increase surveillance (I think that also stems from the Deep State’s power and the influence of money on Congress, though many of the surveillance supporters in Congress are also supporting a certain model of US power), I think far too many people act on surveillance out of either explicit or implicit beliefs about the role of US hegemony.

There are some very rational self-interested reasons for Americans to embrace surveillance.

For the average American, there’s the pride that comes from living in the most powerful country in history, all the more so now that that power is under attack, and perhaps the belief that “Us” have a duty to take it to “Them” who currently threaten our power. And while most won’t acknowledge it, even the declining American standard of living still relies on our position atop the world power structure. We get cheap goods because America is the hegemonic power.

To the extent that spying on the rest of the world serves to shore up our hegemonic position then, the average American might well have reason to embrace the spying, because it keeps them in flat screen TVs.

But that privilege is just enjoyed by some in America. Moglen, tellingly, talks a lot about slavery but says nothing about Jim Crow or the other instruments of domestic oppression that have long used authoritarian measures against targeted populations to protect white male power. American history looked at not against the history of a slavery that is past, but rather against the continuity of history in which some people — usually poor and brown and/or female — don’t participate in the American “liberty” and “privacy” Moglen celebrates, our spying on the rest of the world is more of the same, a difference in reach but not in kind. Our war on drugs and war on terror spying domestically is of a piece with our dragnet internationally, if thus far more circumscribed by law (but that law is expanding and that will serve existing structures of power!).

But there’s another reason Americans — those of the Michael Kinsley and George Packer class — might embrace surveillance. That’s the notion that American hegemony is, for all its warts, the least bad power out there. I suspect Kinsley and (to a lesser extent) Packer would go further, saying that American power is affirmatively good for the rest of the world. And so we must use whatever it takes to sustain that power.

It sounds stupid when I say it that way. I’m definitely oversimplifying the thought process involved. Still, it is a good faith claim: that if the US curtails its omnipresent dragnet and China instead becomes the dominant world power (or, just as likely, global order will dissolve into chaos), we’ll all be worse off.

I do think there’s something to this belief, though it suppresses the other alternative — that the US could use this moment to improve the basis from which US exercises its hegemony rather than accept the increasingly coercive exercise of our power — or better yet use the twilight of our hegemony to embrace something more fair (and also something more likely to adequately respond to the global threat of climate change). But I do believe those who claim US hegemony serves the rest of the world believe it fairly uncritically.

One more thing. Those who believe that American power is affirmatively benign power may be inclined to think the old ways of ensuring that power — which includes a docile press — are justified. As much as journalism embraced an adversarial self-image after Watergate, the fundamentally complicit role of journalism really didn’t change for most. Thus, there remains a culture of journalism in which it was justified to tell stories to the American people — and the rest of the world — to sustain American power.

One of those stories, for example, is the narrative of freedom that Moglen embraces.

That is, for those who believe it is worth doing whatever it takes to sustain the purportedly benign American hegemon, it would be consistent to also believe that journalists must also do whatever it takes to sustain purportedly benign system of (white male) power domestically, which we call democracy but which doesn’t actually serve the needs of average Americans.

And for better or worse, those who embrace that power structure, either domestically and/or internationally, expanding surveillance is rational, so long as you ignore the collateral damage.

Update: Tempered critique of Packer because I agree he’s not embracing this journalist as narrative teller as much.

USA Freedumber Will Not Get Better in the “Prosecutors” Committee

Having been badly outmaneuvered on USA Freedumber — what was sold as reform but is in my opinion an expansion of spying in several ways — in the House, civil liberties groups are promising a real fight in the Senate.

“This is going to be the fight of the summer,” vowed Gabe Rottman, legislative counsel with the American Civil Liberties Union.

If advocates are able to change the House bill’s language to prohibit NSA agents from collecting large quantities of data, “then that’s a win,” he added.

“The bill still is not ideal even with those changes, but that would be an improvement,” Rottman said.

[snip]

“We were of course very disappointed at the weakening of the bill,” said Robyn Greene, policy counsel at the New America Foundation’s Open Technology Institute. “Right now we really are turning our attention to the Senate to make sure that doesn’t happen again.”

[snip]

One factor working in the reformers’ favor is the strong support of Senate Judiciary Chairman Patrick Leahy (D-Vt.).

Unlike House Judiciary Chairman Bob Goodlatte (R-Va.), who only came to support the bill after negotiations to produce a manager’s amendment, Leahy was the lead Senate sponsor of the USA Freedom Act.

The fact that Leahy controls the committee gavel means he should be able to guide the bill through when it comes up for discussion next month, advocates said.

“The fact that he is the chairman and it’s his bill and this is an issue that he has been passionate about for many years” is comforting, Greene said.

I hope they prove me wrong. But claims this will get better in the Senate seem to ignore the recent history of the Senate Judiciary Committee’s involvement in surveillance bills, not to mention the likely vote counts.

It is true Pat Leahy wants real reform. And he has a few allies on SJC. But in recent years, every surveillance-related bill that came through SJC has been watered down when Dianne Feinstein offered an alternative (which Leahy sometimes adopted as a manager’s amendment, perhaps realizing he didn’t have the votes). After DiFi offered reform, Sheldon Whitehouse (who a number of less sophisticated SJC members look to as a guide on these issues) enthusiastically embraced it, and everyone fell into line. Often, a Republican comes in and offers a “bipartisan reform” (meaning conservative Republicans joining with the Deep State) that further guts the bill.

This is how the Administration (shacking up with Jeff Sessions) defeated an effort to rein in Section 215 and Pen Registers in 2009.

This is how DiFi defeated an effort to close the backdoor loophole in 2012.

As this was happening in 2009, Russ Feingold called out SJC for acting as if it were the “Prosecutors Committee,” rather than the Judiciary Committee.

(Note, in both of those cases as well as on the original passage of Section 702, I understood fairly clearly what the efforts to stymie reform would do, up to 4 years before those programs were publicly revealed; I’ve got a pretty good record on this front!)

And if you don’t believe this is going to happen again, tell me why this whip count is wrong:

Screen shot 2014-05-26 at 5.18.49 PM

If my read here is right, the best case scenario — short of convincing Sheldon Whitehouse some of what the government wants to do is unconstitutional, which John Bates has already ruled that it is — is relying on people like Ted Cruz (whose posturing on civil liberties is often no more than that) and Jeff Flake (who was great on these issues in the House but has been silent and absent throughout this entire debate). And that’s all to reach a 9-9 tie in SJC.

Which shouldn’t be surprising. Had Leahy had the votes to move USA Freedom Act through SJC, he would have done so in October.

That was the entire point of starting in the House: because there was such a large number of people (albeit, for the  most part without gavels) supporting real reform in the House. But because reformers (starting with John Conyers and Jerry Nadler) uncritically accepted a bad compromise and then let it be gutted, that leverage was squandered.

Right now, we’re looking at a bill that outsources an expanded phone dragnet to the telecoms (with some advantages and some drawbacks), but along the way resets other programs to what they were before the FISC reined them in from 2009 to 2011. That’s the starting point. With a vote count that leaves us susceptible to further corruption of the bill along the way.

Edward Snowden risked his freedom to try to rein in the dragnet, and instead, as of right now it looks like Congress will expand it.

Update: I’ve moved Richard Blumenthal into the “pro reform” category based on this statement after the passage of USA Freedumber. Thanks to Katherine Hawkins for alerting me to the statement.

Four Reasons USA Freedumber is Worse than the Status Quo

In the post-HR 3361 passage press conference yesterday, Jerry Nadler suggested the only reason civil libertarians oppose the bill is because it does not go far enough.

That is, at least in my case, false.

While I have concerns about unintended consequences of outsourcing holding the call data to the telecoms (see my skepticism that it ends bulk collection here and my concerns about high volume numbers here), there are a number of ways that USA Freedumber is worse than the status quo.

These are:

  • The move to telecoms codifies changes in the chaining process that will almost certainly expand the universe of data being analyzed
  • In three ways, the bill permits phone chaining for purposes outside of counterterrorism
  • The bill weakens minimization procedures on upstream collection imposed by John Bates, making it easier for the government to collect domestic content domestically
  • The bill guts the current controls on Pen Register authority, making it likely the government will resume its Internet dragnet

The NSA in your smart phone: Freedumber codifies changes to the chaining process

As I have described, the language in USA Freedumber makes it explicit that the government and its telecom partners can chain on connections as well as actual phone call contacts. While the new automatic search process approved by the FISA Court in 2012 included such chaining, by passing this bill Congress endorses this approach. Moreover, the government has never been able to start running such automatic queries; it appears they have to outsource to the telecoms to be able to do so (probably in part to make legal and technical use of location data). Thus, moving the phone chaining to the telecoms expands on the kinds of chaining that will be done with calls.

We don’t know all that that entails. At a minimum (and, assuming the standard of proof is rigorous, uncontroversially) the move will allow the government to track burner phones, the new cell phones targets adopt after getting rid of an old one.

It also surely involves location mapping. I say that, in part, because if they weren’t going to use location data, they wouldn’t have had to move to the telecoms. In addition, AT&T’s Hemisphere program uses location data, and it would be unrealistic to assume this program wouldn’t include at least all of what Hemisphere already does.

But beyond those two functions, your guess is as good as mine. While the chaining must produce a Call Detail Record at the interim step (which limits how far away from actual phone calls the analysis can get), it is at least conceivable the chaining could include any of a number of kinds of data available to the telecoms from smart phones, including things like calendars, address books, and email.

The fact that the telecoms and subsidiary contractors get immunity and compensation makes it more likely that this new chaining will be expansive, because natural sources of friction on telecom cooperation will have been removed.

Freedumber provides three ways for NSA to use the phone dragnet for purposes besides counterterrorism

As far as we know, the current dragnet may only be used for actual terrorist targets and Iran. But USA Freedumber would permit the government to use the phone dragnet to collect other data by:

  • Requiring only that selection terms be associated with a foreign power
  • Permitting the retention of data for foreign intelligence, not just counterterrorism, purposes
  • Allowing the use of emergency queries for non-terrorism uses

Freedumber permits searches on selection terms associated with foreign powers

On its face, USA Freedumber preserves this counterterrorism focus, requiring any records obtained to be “relevant to” an international terrorist investigation. Unfortunately, we now know that FISC has already blown up the meaning of “relevant to,” making all data effectively relevant.

The judicial approval of the specific selection term, however — the court review that should be an improvement over the status quo — is not that tie to terrorism, but evidence that the selection term is a foreign power or agent thereof.

Thus, the government could cite narcoterrorism, and use the chaining program to investigate Mexican drug cartels. The government could raise concerns that al Qaeda wants to hack our networks, and use chaining to investigate hackers with foreign ties. The government could allege Venezuela supports terrorism and investigate Venezuelan government sympathizers.

There are a whole range of scenarios in which the government could use this chaining program for purposes other than counterterrorism.

Freedumber permits the retention of any data that serves a foreign intelligence purpose

And once it gets that data, the government can keep it, so long as it claims (to itself, with uncertain oversight from the FISC) that the data has a foreign intelligence purpose.

At one level, this is a distinction without a difference from the language that USA Freedumb had used, which required the NSA to destroy the data after five years unless it was relevant to a terrorism investigation (which all data turned over to NSA would be, by definition). But the change in language serves as legislative approval that the use of the data received via this program can be used for other purposes.

That will likely have an impact on minimization procedures. Currently, the NSA needs a foreign intelligence purpose to access the corporate store, but can only disseminate data from it for counterterrorism purposes. I would imagine the changed language of the bill will lead the government to successfully argue that the minimization procedures permit the dissemination of US person data so long as it meets only this flimsy foreign intelligence purpose. In other words, US person data collected in chaining would be circulating around the government more freely.

Freedumber’s emergency queries do not require any tie to terrorism

As I noted, the revisions USA Freedumber made to USA Freedumb explicitly removed a requirement that emergency queries be tied to a terrorism investigation.

(A) reasonably determines that an emergency situation requires the production of tangible things to obtain information for an authorized investigation (other than a threat assessment) conducted in accordance with subsection (a)(2) to protect against international terrorism before an order authorizing such production can with due diligence be obtained;

That’s particularly troublesome, because even if the FISC rules the emergency claim (certified by the Attorney General) was not legally valid after the fact, not only does the government not have to get rid of that data, but the Attorney General (the one who originally authorized its collection) is the one in charge of making sure it doesn’t get used in a trial or similar proceeding.

In short, these three changes together permit the government to use the phone dragnet for a lot more uses than they currently can.

Freedumber invites the expansion of upstream collection

When John Bates declared aspects of upstream collection to be unconstitutional in 2011, he used the threat of referrals under 50 USC 1809(a) to require the government to provide additional protection both to entirely domestic communications that contained a specific selector, and to get rid of domestic communications that did not contain that specific selector at all. The government objected (and considered appealing), claiming that because it hadn’t really intended to collect this data, it should be able to keep it and use it. But ultimately, that threat (especially threats tied to the government’s use of this data for ongoing FISA orders) led the government to capitulate.

The changes in Freedumber basically allow the government to adopt its old “intentional” claim, reversing Bates’ restrictions. Read more

Why USA Freedumber Doesn’t End (What You and I Think of as) Bulk Collection

I fear, reading this Kevin Drum post, that my explanations of why USA Freedumber will not end what you and I think of as bulk collection have not been clear enough. So I’m going to try again.

It is now, with the bill in current form, a 4-part argument:

  • The bill uses the intelligence community definition of bulk collection in its claim to end bulk collection, not the plain English language meaning of it
  • The bill retains the “relevant to” language that got us into this problem
  • The “selection terms” it uses to prevent bulk collection would permit the collection of vast swaths of innocent people’s records
  • Such a reading would probably not rely on any new FISA Court opinion; existing opinions probably already authorize such collection

The intelligence versus the plain English definition of bulk collection

This entire bill is based on the intelligence community definition of bulk collection, not the common English definition of it. As defined by President Obama’s Presidential Policy Directive on SIGINT, bulk collection means,

the authorized collection of large quantities of signals intelligence data which, due to technical or operational considerations, is acquired without the use of discriminants (e.g., specific identifiers, selection terms, etc.).

Bulk collection, as defined by the intelligence commonly, only means collection that obtains all of a particular type of record: all phone records, all Internet metadata, all credit card records. Anything that stops short of that — all 202 Area Code phone records, all credit card records buying pressure cookers, all Internet metadata for email sent to Yemen — would not count as bulk collection under this definition.

A more commonsense meaning of bulk collection would be the collection of large volumes of data, sweeping up the data of totally innocent people, on which to do further (sometimes technically intrusive) searches to find the data of interest. What we call “Big Data,” for example, would very often not qualify as bulk collection as the intelligence community defines it (perhaps its starts with the health data of everyone born after 1946, for example, or the purchase records from just one online store) but would qualify as bulk collection as you and I would define it.

As I explained in this post, the means USA Freedumber uses to ensure that it does not permit bulk collection is to require the collection start from a “selection term.” Thus, by definition, it cannot be bulk collection because the technical (but not commonsense) definition of bulk collection is that which uses a selection term.

And because they defined it that way, it means that every time some well-intentioned Congressman (it was all men, pushing this bill) boasted that this bill “ends bulk collection” they were only laying a legislative record that would prohibit the intelligence community definition of bulk collection, not the commonsense meaning.

The bill retains the “relevant to” language that gave us bulk collection in the first place

Man, Jim Sensenbrenner must have complained about the way the FISA Court reinterpreted the plain meaning of “relevant to” from the 2006 reauthorization of the PATRIOT Act three or four times in the post-passage press conference. He’s still angry, you see, that a court, in secret, defined the term “relevant to” to mean “any data that could possibly include.”

But this bill does nothing to change that erroneous meaning of the term.

Worse, it relies on it!

For most authorities — the Pen Register (PRTT) authority, the non-call record Section 215 authority, and all National Security Letter authorities –USA Freedumber leaves that language intact. It now requires the use of a selection term, but unlike the new call record language, those authorities don’t require that the selection term be “associated with a foreign power or an agent of a foreign power.” (You can compare the language for traditional Section 215 and the new call records Section 215 at b2B and b2C in this post.)  They don’t even require that the selection term itself be relevant to the investigation!

Thus, so long as there is a selection term — some term to ensure the NSA isn’t grabbing all of a certain kind of record — they’re going to still be able to get that data so long as they can argue that sorting through whatever data they get will yield useful information.

“Specific selection term” is too broad

Now, all that wouldn’t matter if the bill required specific selection terms to be tied to the individual or entity under investigation. Even the USA Freedumb bill didn’t require that.

But the language in USA Freedumber that got passed today makes things worse.

SPECIFIC SELECTION TERM.—The term ‘specific selection term’ means a discrete term, such as a term specifically identifying a person, entity, account, address, or device, used by the Government to limit the scope of the information or tangible things sought pursuant to the statute authorizing the provision of such information or tangible things to the Government.’

Again, note that the selection term only needs to limit the scope of production, not have a tie to the target of the investigation.

And while I actually find comfort from some of these terms — I’d be happy if the financial NSLs could only search on a specific account and the toll record NSL could only get phone records of a specific device (though FBI does use NSLs to get 2 degree separation, so this would return more than just that device’s records). As I’ve said in the past, “entity” is far too broad. It could include al Qaeda — allowing the NSA to obtain all data that might have al Qaeda data within it — or VISA — allowing the NSA to obtain all of that credit card entity’s data.

Read more

95 People Learn to Love the Dragnet

Earlier this morning, the House passed HR 3361, which I call the USA Freedumber Act.

The bill passed by a large margin: 303 to 121.

That means that somewhere in the neighborhood of 86 people who voted for Amash-Conyers less than a year ago voted for a bill that in some ways expands what the government can do with phone records. For example, today’s bill endorsed the chaining of identifiers “connected” to a chain seed, rather than just chaining on actual phone calls. The FISA Court had endorsed this kind of chaining back in 2012, but it only recently became public, and the government is likely to be able to do far more of this connection-based chaining with the phone records in telecom custody. That surely includes the use of geolocation to make connections, something the government could not legally do under the current program.

In addition, those 95 people who voted against the dragnet last year today endorsed language that seems to permit — and immunize — the Internet dragnet, which has been found to be illegal. If the government chooses to use this new language (and I doubt they would have stuck it in the bill at the last minute if they didn’t intend to use it), then this bill represents a vast expansion of domestic spying off what those 86 people voted against last year.

To be fair, I doubt most of the people who flip-flopped on the dragnet understand this. Mike Rogers and Bob Goodlatte both made misleading comments during the debate, with Rogers outright lying. Even John Conyers and Jerry Nadler (and especially Sheila Jackson Lee) made comments about the bill that are only narrowly true.

That’s all another good reason to call this thing USA Freedumber. Read more

USA Freedumber Appears to Strengthen RuppRoge’s Affirmative Endorsement of an Internet Dragnet

Working on a detailed comparison of the difference between the USA Freedumb and USA Freedumber bills, one of the most alarming changes is the gutting of Pen Register minimization procedures. They took language not only adding minimization procedures to Pen Register orders,

(b) APPLICATION.—Section 402(c) (50 U.S.C. 1842(c)), as amended by section 201 of this Act, is further amended by adding at the end the following new paragraph:

(4) a statement of proposed minimization procedures.

(c) ORDER.—Section 402(d) (50 U.S.C. 1842(d)) is amended—

(1) in paragraph (1), by inserting ‘‘and that the proposed minimization procedures meet the definition of minimization procedures under this title’’

But permitting the court to review whether the government met those minimization procedures.

(h) At or before the end of the period of time for which the installation and use of a pen register or trap and trace device is approved under an order or an extension under this section, the judge may assess compliance with the minimization procedures by reviewing the circumstances under which information concerning United States persons was retained or disseminated.’

They even specified the government had to follow those minimization procedures!

USA Freedumber changed that by letting the Attorney General review what are are now called “privacy procedures.”

(h) The Attorney General shall ensure that appropriate policies and procedures are in place to safeguard non-publicly available information concerning United States persons that is collected through the use of a pen register or trap and trace device installed under this section. Such policies and procedures shall, to the maximum extent practicable and consistent with the need to protect  national security, include protections for the collection, retention, and use of information concerning United States persons.

They limit the extent of these “privacy procedures” “to the extent practicable … with the need to protect national security.” That is, they don’t have to follow these “privacy procedures” if it’ll harm national security, and the change seems to show legislative intent to deprive the FISC of any review.

That’s alarming for a number of reasons:

  • From the very beginning of the Internet dragnet, the government claimed FISC had almost no authority over the approval process (much less compliance) on Pen Registers
  • This language comes right out of — but makes worse — the section of Mike Rogers’ RuppRoge bill that affirmatively approves the (re)creation of an Internet dragnet
  • There’s a curious entry in the NSA classification guide showing FBI conducting a PRTT program after the time NSA’s program got shut down

NSA versus FISC

According to a footnote in the 2010 John Bates opinion on the Internet dragnet, when the government first applied to Colleen Kollar-Kotelly for a FISC order to authorize the dragnet, they claimed she had no authority to do anything but rubber stamp the application.

2010 Bates Opinion footnote

We know that, having made that argument, the government got caught in violating the rules Kollar-Kotelly placed on the collection, but then continued to violate the rules for at least 5 more years, until 2009, when it got shut down for a while.

It would seem that the original language in USA Freedom Act would have clarified this issue, and made clear the FISC could exercise real oversight over any PRTT collection.

Adopting RuppRoge’s Internet Dragnet language

This language adopts the nomenclature from the HPSCI’s RuppRoge bill. (See page 18.)

But these “privacy procedures” seem qualitatively worse than the RuppRoge bill in several ways. RuppRoge provides loosey goosey judicial review of the privacy procedures. And it did not include the “extent practicable” language.

Given the background — given the fact that the government has already told the FISC it shouldn’t have real oversight over PRTT — this language seems to lay clear legislative intent that FISC should have no role whatsoever, especially not with minimization procedures (which, after all, is what they fought with the FISC over for at least  years).

The secrecy behind the FBI’s PRTT orders on behalf of NSA

PRTT1

Finally, there’s a series of entries on the classification guide for FISA programs leaked by Edward Snowden.

These entries show that FBI obtained counterterrorism information using PRTTs for NSA — which was considered Secret.

But that the FBI PR/TT program — which seems different than these individual orders — was considered TS/SI/NOFORN.

PRTT2

If you compare these entries with the rest of the classification guide, you see that this information — the fact that NSA gets PRTT information from FBI (in addition to information from Pen Registers, which seems to be treated differently at the Secret level)  — is treated with the same degree of secrecy as the actual targeting information or raw collected data on all other programs.

This is considered one of the most sensitive secrets in the whole FISA package.

PRTT3

Even minimized PRTT data is considered TS/SCI.

PRTT4

Now, it is true that this establishes an exact parallel with the BR FISA program (which the classification guide makes clear NSA obtained directly). So it may be attributable to the fact that the existence of the programs themselves was considered a highly sensitive secret.

So maybe that’s it. Maybe this just reflects paranoia about the way NSA was secretly relying on the PATRIOT Act to conduct massive dragnet programs.

Except there’s the date.

This classification guide was updated on February 7, 2012 — over a month after NSA shut down the PRTT program. Also, over a month after — according to Theresa Shea — the NSA destroyed all the data it had obtained under PRTT. (Note, her language seems to make clear that this was the NSA’s program, not the FBI’s.)

That is, over a month after the NSA ended its PRTT program and destroyed the data from it (at least according to sworn declarations before a court), the NSA’s classification guide referred to an FBI PRTT program that it considered one of its most sensitive secrets. And seemed to consider active.

If FBI had a PRTT program active in 2012 that was separate from the NSA PRTT program (I’m not sure that’s the case; it could be they just didn’t update this part of the classification guide), then is it still active? Has the Internet dragnet just moved to FBI?

If so, it’s no wonder why the Intelligence Community would want to guarantee that FISC had no review of it.

Update: Note, too, that the bill removes reporting requirements related to PRTT.

 

Freedumb versus Freedumber

I’ve already done a few posts on the USA Freedumber bill, AKA HR 3361. This post shows that the Administration has gotten explicit that the chaining process is now about “connected” identifiers and not necessarily “contacts” between them. And this post shows they’ve added another trough of compensation at which intelligence contractors can feed.

But I realize now it really needs a systematic comparison of the bill with USA Freedumb, the previously gutted manager’s amendment. This will be a working thread.

PDF 3 Freedumber: Includes language explicitly envisioning getting call records outside of the limited method rolled out here.

(including an application for the production of call detail records other than in the manner described in subparagraph (C))

We know they always planned to be able to get historical call records via the old means (though new language in section C makes it clear the systematic program can get historical records too), but I wonder if this is also there to get call detail records from smaller telecoms.

Here’s that historical language:

in the case of an application for the production on a daily basis of call detail records created before, on, or after the date of the application relating to an authorized investigation [my emphasis]

See this post for how they changed the chaining language on PDF 5.

PDF6 : They changed the minimization language to be tied to “foreign intelligence” information. I wrote about it in this post at the Guardian.

PDF 7: They’ve gotten rid of language limiting emergency authorities to terrorist investigations as shown:

(A) reasonably determines that an emergency situation requires the production of tangible things to obtain information for an authorized investigation (other than a threat assessment) conducted in accordance with subsection (a)(2) to protect against international terrorism before an order authorizing such production can with due diligence be obtained;

The bill keeps the weak prohibition on using stuff that shouldn’t have been gotten under emergency powers (the AG ensures that such data are not used, but then AG is the one who originally thought it’d be kosher in the first place, making the AG the worst person to police its non-usage). So it turns the emergency powers into a bigger loophole.

PDF 11: I noted that they’ve extended compensation beyond just the telecoms to other advisors (AKA Booz). They’ve also given the Booz figures immunity.

(e)(1) No cause of action shall lie in any court against a person who—

(A) produces tangible things or provides information, facilities, or technical assistance pursuant to an order issued or an emergency production required under this section; or

(B) otherwise provides technical assistance to the Government under this section or to implement the amendments made to this section by the USA FREEDOM Act.

PDF 13: Here’s the new definition for Specific Selection Term. I’ll have a post on this later, but suffice it to say that “such as” is the new “relevant to.”

SPECIFIC SELECTION TERM.—The term ‘specific selection term’ means a discrete term, such as a term specifically identifying a person, entity, account, address, or device, used by the Government to limit the scope of the information or tangible things sought pursuant to the statute authorizing the provision of such information or tangible things to the Government.’

I’m not as bugged by “address” or “device” as some others are–I actually think they’re useful. Still, it’s far too broad.

PDF 15: For some reason, Freedumber gives the IC IG 6 months after the DOJ IG finishes his IG report (which retains the gap where 2010 and 2011 are) before he has to submit his report.

Not later than 180 days after the date on which the Inspector General of the Department of Justice submits the report required under subsection (c)(3), the Inspector General of the Intelligence Community  shall submit

These shouldn’t need to be sequential. So I wonder why they did this, if not to delay the required reporting out beyond the beginning of consideration of the sunset.

PDF 18: They can keep on dragnetting up until the moment when the new law goes into effect.

RULE OF CONSTRUCTION.—Nothing in this Act shall be construed to alter or eliminate the authority of the Government to obtain an order under title V of the Foreign Intelligence Surveillance Act of 1978 (50 U.S.C. 1861 et seq.) as in effect prior to the effective date described in subsection (a) during the period ending on such effective date.

So they’re stocking up on data. And why not! You never know what fun new data you’ll get under the new system you need a dragnet for?

PDF 19: The NGO community is really excited about this addition.

SEC. 110. RULE OF CONSTRUCTION.

Nothing in this Act shall be construed to authorize the production of the contents (as such term is defined in section 2510(8) of title 18, United States Code) of any electronic communication from an electronic communication service provider (as such term is defined in section 701(b)(4) of the Foreign Intelligence Surveillance Act of 1978 (50 U.S.C. 1881(b)(4)) under title V of the Foreign Intelligence Surveillance Act of 1978 (50 U.S.C. 1861 et seq.).

I’m not so excited. First, while this language makes it clear the bill does not affirmatively authorized such production, if FISC has already approved it, they don’t need a bill, they’ve got authorization. In addition, I think there are some Internet entities that aren’t included in the definition of electronic communication service providers.’

PDF 20: Wow, they’ve utterly gutted the minimization procedures they had tried to add to Pen Register authority (which had included minimization procedures in applications and allowed the judge to review them). Instead of that we get,

(h) The Attorney General shall ensure that appropriate policies and procedures are in place to safeguard nonpublicly available information concerning United States persons that is collected through the use of a pen register or trap and trace device installed under this section. Such policies and procedures shall, to the maximum extent practicable and consistent with the need to protect  national security, include protections for the collection, retention, and use of information concerning United States persons.

Which would lead me to believe they either are or intend to resume using this abusively.

PDF 21: THe new bill takes out language trying to cut down on reverse targeting (it had made it illegal if it was a purpose of the acquisition at all). Great. So they’re now legislatively approving reverse targeting.

PDF 21: They changed limits on upstream collection from this:

(B) consistent with such definition, minimize the acquisition, and prohibit the retention and dissemination, of any communication as to which the sender and all intended recipients are determined to be located in the United States and prohibit the use of any discrete, non-target communication that is determined to be to or from a United States person or a person who appears to be located in the United States, except to protect against an immediate threat to  human life.’’.

To this (emphasis mine):

(B) consistent with such definition—

(i) minimize the acquisition, and prohibit the retention and dissemination, of any communication as to which the sender and all intended recipients are determined to be located in the United States at the time of acquisition, consistent with the need of the United States to obtain, produce, and disseminate foreign intelligence information; and

(ii) prohibit the use of any discrete communication that is not to, from, or about the target of an acquisition and is to or from an identifiable United States person or a person reasonably believed to be located in the United States, except to protect against an immediate threat to human life.’

The first clause could be read two ways: either to require minimization of data for which recipients were in the US when the data was collected. Or, more likely, they mean to require minimization of data that NSA immediately determines (at the the acquisition) to be in the US. If it’s the latter, it expands upstream collection.

The second clause limits the prohibition on using MCATs (that is, unrelated comms picked up off of targeted comms in the associated inbox) that aren’t targeted to those that involve identifiable US persons. In its discussions with John Bates, the NSA claimed it couldn’t identify which comms were USPs. Which means this would gut the minimization procedures put in place in 2011.

In other words, this language guts John Bates’ efforts to rein in illegal unconstitutional collection of US person content within the US.

PDF 27: As others have noted Freedumber gives the DNI the authority over declassification decisions on significant FISC opinions. It specifies the requirement to apply to any “significant interpretation of the term ‘specific selection term’.”

PDF 33: A reporting requirement on Section 215 is watered down to become a summary of compliance reviews, rather than the reviews themselves.

More troubling still, the same passage eliminates the language requiring reports on PRTT.

(6) any compliance reviews conducted by the Federal Government of electronic surveillance, physical searches, the installation of pen register or trap  and trace devices, access to records, or acquisitions conducted under this Act.’’.

PDF 33-34: Freedumber includes a DNI report of aggregate requests, but only with detail on targets, not on number of people affected (or even number of selectors). This is the cover up report for the dragnets. For NSLs, it also only provides the number of requests for information, but doesn’t break out targets. This may be solely because of the subscriber function but it would seem to permit the hiding of bulk collection under other NSLs. (That is, this may well be worse than current reporting.)

PDF 40: Freedumber shifts reporting requirements pertaining to FISC decisions such that Congress only gets notice of a denied or modified application if it includes a significant construction of law. Given that there’s been a huge increase in modified programs, this would serve to hide the kinds of bulk collection going on. It also takes out a requirement that the government summarize what went on.

In addition, there are changes on transparency the companies can do. I’ll sort that out at another time, but even what is there is not transparent.