Posts

[Photo: National Security Agency, Ft. Meade, MD via Wikimedia]

Jack Goldsmith and Susan Hennessey Run Cover for Those Giving Jeff Sessions Unreviewable Authority to Criminalize Dissent

I’m used to Susan Hennessey partnering with Ben Wittes to write apologies for NSA and FBI that ignore known facts. I’m a bit surprised that Jack Goldsmith did so in this defense of Democrats — like Adam Schiff and Nancy Pelosi and nineteen Democratic Senators — who have voted to give Jeff Sessions unreviewable authority to criminalize dissent using certain privacy tools.

NSA did not fix “abouts” problems before the issues became public

There are numerous problems with this post. The one that irks me the most, however, is the claim that the “system itself” identified and addressed problems with “abouts” collection before they became public.

We acknowledge that the program has raised hard legal questions as well as difficult compliance issues, primarily involving “abouts” collection. But these problems were identified by the system itself, long before the issues became public, and the practices were fixed or terminated.

This claim, one I’ve corrected Hennessey for on numerous occasions on Twitter, is false, and should be retracted.

I say that with great confidence, because I wrote about the problems on August 11, 2016, well before NSA failed to disclose the full extent of the problems in an October 4, 2016 hearing, which led the worst FISC judge ever, Rosemary Collyer, to complain about NSA’s institutional “lack of candor.”

At the October 26, 2016 hearing, the Court ascribed the government’s failure to disclose those IG and OCO reviews at the October 4, 2016 hearing to an institutional “lack of candor” on NSA’s part and emphasized that “this is a very serious Fourth Amendment issue.”

As a reminder, the problem (the FISC has) with “abouts” collection is not so much that it collected entirely domestic communications — that’s the complaint of the rest of us. It’s that NSA never ever complied with John Bates’ 2011 requirement that NSA not conduct back door searches on upstream collection, because it might result in searches of those entirely domestic communications. In my August 2016 post, I noted that reviewers kept discovering that NSA continued to do back door searches on upstream data in violation of that prohibition, and kept refusing to implement technical fixes to avoid them.

I also raised concerns about the oversight of 704/705(b), which is how the NSA first realized how badly non-compliant their upstream searches were, on May 13, 2016, That’s about when NSA first reported to DOJ “in May and June 2016” that “approximately eighty-five percent of” queries using a tool the NSA employs with 704/705b queries “were not compliant with the applicable minimization procedures.”

I’ll grant that I’m remarkably attentive to documents that get declassified years after the fact. But I’m nevertheless “the public.” If I’m identifying these problems — and NSA’s refusal to make the technical fixes to avoid them — before they get fully briefed to DOJ or FISC, then it is absolutely false to claim that “the system” fixed or terminated the problem long before they became public.

Again, Lawfare should issue a retraction for that claim.

Update, January 19: On Twitter yesterday, Hennessey claimed I misread this quote, and that her proof that the system works was that the NSA had gotten away with ignoring Bates’ orders for five years, but finally shut it down before the public learned that NSA had been ignoring FISC’s orders.

This is still factually false — as I responded to her, the NSA was still identifying problems for eight months after I wrote about the problems, even assuming it had found all of them by April 2017, which was the last declassified reporting on it. But her explanation actually makes the comment downright damning for the NSA. It suggests a lawyer who was at NSA during the period it was not in compliance believes that getting away with violating the Fourth Amendment for five years, but fixing it before documents released on a three year delay (and only because of Snowden) is a sign of a law-abiding agency.

A portrait of a guy who doesn’t know key details as a rigorous overseer

The fact that I was harping on the “abouts” problems before any overseers of the program managed to fully investigate and fix them by itself disproves the claims that Hennessey and Goldsmith make in their hagiography of Adam Schiff.

He is the ranking Democrat on the House intelligence committee and one of the most knowledgeable and informed members of Congress on intelligence matters. Schiff has not hesitated to be  when he sees fit. He has watched the 702 program up close over many years in classified settings in his oversight role. He knows well its virtues and its warts. We suppose it is possible that Schiff would vote to give the president, whose integrity he so obviously worries about, vast powers to spy on Americans in an abusive way. Given everything Schiff has publicly said and done over the last year, however, a much more plausible inference is that he knows not only how valuable the 702 program is but also how law-constrained and carefully controlled and monitored it is.

Plus, I’m not sure why they think that Schiff’s attempt to fix the Section 215 phone dragnet only after Edward Snowden made it public proves that Schiff “never hesitated to be critical of intelligence community practices.” On the contrary, it proves that he did hesitate to do so before excessive programs became public.

The distinction is utterly critical given something I’ve pointed out about this bill. The bill itself is an admission that the intelligence community is out of control, and that congressional overseers can’t get information they need to adequately oversee the program without demanding it in legislation. That’s because it requires the IC to provide information on two practices that Congress cannot be deemed competent to legislate on without having answers about first.

For example, the bill requires an IG Report on how FBI queries raw data.

(b) MATTERS INCLUDED.—The report under subsection (a) shall include, at a minimum, an assessment of the following:

(1) The interpretations by the Federal Bureau of Investigation and the National Security Division of the Department of Justice, respectively, relating to the querying procedures adopted under subsection (f) of section 702 of the Foreign Intelligence Surveillance Act of 1978 (50 U.S.C. 1881a(f)), as added by section 101.

[snip]

(6) The scope of access by the criminal division of the Federal Bureau of Investigation to information obtained pursuant to the Foreign Intelligence Surveillance Act of 1978 (50 U.S.C. 1801 et seq.), including with respect to information acquired under subsection (a) of such section 702 based on queries conducted by the criminal division.

(7) The frequency and nature of the reviews conducted by the National Security Division of the Department of Justice and the Office of the Director of National Intelligence relating to the compliance by the Federal Bureau of Investigation with such querying procedures.

I have explained (and I know Hennessey regards this as a problem too) that since 2012, FBI has devolved its access to raw 702 data to field offices. The FBI already conducted far, far less oversight of the back door searches it conducts than NSA does. But because the DOJ/DNI 702 review teams visit only a fraction of the FBI field offices with each review, and because FBI’s querying system doesn’t collect enough information to do oversight remotely, it is possible that the offices that are least familiar with 702 requirements are — for the smaller number of 702 queries they conduct — getting the least oversight.

You can’t pass a bill that effectively blesses FBI’s use of back door searches on Americans about whom it has no evidence of any wrongdoing, while admitting you don’t know how FBI conducts those back door searches, and make any claim to conduct adequate oversight. Rather, the bill permits FBI to continue practices it has stubbornly refused to brief Congress on, rather than demanding that FBI brief Congress first, so Congress can impose any restrictions that might be necessary to adequately protect Americans.

The bill also requires a briefing within six months to explain how DOJ complies with FISA’s legally mandated notice requirements (because notice under 702 is treated as notice under 106(c), this covers 702 surveillance as well).

Not later than 180 days after the date of the enactment of this Act, the Attorney General, in consultation with the Director of National Intelligence, shall provide to the Committee on the Judiciary and the Permanent Select Committee on Intelligence of the House of Representatives and the Committee on the Judiciary and the Select 10 Committee on Intelligence of the Senate a briefing with respect to how the Department of Justice interprets the requirements under sections 106(c), 305(d), and 405(c) of the Foreign Intelligence Surveillance Act of 1978 (50 14 U.S.C. 1806(c), 1825(d), and 1845(c)) to notify an aggrieved person under such sections of the use of information obtained or derived from electronic surveillance, physical search, or the use of a pen register or trap and trace device. The briefing shall focus on how the Department interprets the phrase ‘‘obtained or derived from’’ in such sections.

The public treatment of DOJ’s serial, obvious failures to give notice to defendants is a nifty trick. When DOJ fails to give notice, it clearly violates the law, but notice is not included in minimization procedure review, so therefore is not reviewed by the FISC. When surveillance boosters like Hennessey and Goldsmith say there have never been any willful violations of the law, they manage to ignore the notice violations that have allowed some pretty problematic practices to avoid judicial oversight only because by breaking the law DOJ ensures no court will find them to be breaking the law.

Catch 22: Heads legal violations never get reviewed by a court, tails surveillance boosters can claim the surveillance has a clean bill of health.

Again, this is a known, egregious problem with the implementation of 702.

But rather than do the obvious thing as part of what this post dubs “robust democratic deliberation,” which is to demand answers about how notice is (not) given and require DOJ to fix it as part of the bill, the bill instead simply requires DOJ to provide the information that Congress needs to do basic oversight six months after reauthorization, which effectively punts fixing the problem six years down the road.

How many Chinese-American scientists will be improperly prosecuted because FBI is technically inane in those 6 years, because a bunch of California legislators like Nancy Pelosi, Adam Schiff, and Dianne Feinstein chose to punt on basic oversight?

The most egregious example of this, however, involves the government’s obstinate refusal to explain how many US persons are affected by 702. This bill also did not incorporate an HJC proposal requiring a count of how many Americans got referred for criminal prosecution off of 702 collection.

Letting Jeff Sessions criminalize dissent

That refusal — the refusal to even legislatively require the government to report on the impact of 702 surveillance on Americans, via incidental collection and/or criminal referral — brings us to the problem with this bill that opponents are all raising, but about which Hennessey and Goldsmith are inexcusably silent: the codification of giving Jeff Sessions unreviewable authority to determine what counts as a “criminal proceeding [that] affects, involves, or is related to the national security of the United States.”

Here’s how Hennessey and Goldsmith describe the impact of this program on Americans.

As Lawfare readers know, Section 702 authorizes the intelligence community to target the communications of non-U.S. persons located outside the United States for foreign intelligence purposes. It does not permit the intelligence community to target a U.S. person anywhere in the world. But it does permit incidental collection on U.S. persons, subject to strict rules about minimization and use.

Their silence about how the bill doesn’t deal with back door searches is problematic enough.

But they predictably, but problematically, make no mention of the way the bill codifies the use of 702 in domestic law enforcement under the Tor/VPN exception.

As I have laid out, in 2014 FISC created an exception to the rule that NSA must detask from a facility as soon as they learn that Americans are also using that facility. That exception applies to Tor and (though I understand this part even less) VPN servers — basically the kinds of privacy tools that criminals, spies, journalists, and dissidents might use to hide their online activities. NSA has to sort through what they collect on the back end, but along the way, they get to decide to keep any entirely domestic traffic they find has significant foreign intelligence purpose or is evidence of a crime, among other reasons. The bill even codifies 8 enumerated crimes under which they can keep such data. Some of those crimes — child porn and murder — make sense, but others — like transnational crime (including local drug dealers selling imported drugs) and CFAA (with its well-known propensity for abuse) pose more potential for abuse.

But it’s the unreviewable authority for Jeff Sessions bit that is the real problem.

We know, for example, that painting Black Lives Matter as a national security threat is key to the Trump-Sessions effort to criminalize race. We also know that Trump has accused his opponents of treason, all for making critical comments about Trump.

This bill gives Sessions unreviewable authority to decide that a BLM protest organized using or whistleblowing relying on Tor, discovered by collection done in the name of hunting Russian spies, can be referred for prosecution. The fact that the underlying data predicating any prosecution was obtained without a warrant under 702 would — in part because this bill doesn’t add teeth to FISA notice — ensure that courts would never learn the genesis of the prosecution. Even if a court somehow managed to do so, however, it could never deem the domestic surveillance unlawful because the bill gives Jeff Sessions the unreviewable authority to treat dissent as a national security threat.

This is such an obviously bad idea, and it is being supported by people who talk incessantly about the threat that Trump and Sessions present. Yet, rather than addressing the issue head on (which I doubt Hennessey could legally do in any case), they simply remain silent about what is the biggest complaint from privacy activists, that this gives a racist, vindictive Attorney General far more authority than he should have, and does so without fixing the inadequate protections for criminal defendants along the way.

I mean, I get that surveillance boosters who recognize the threat Trump and Sessions pose want to absolve themselves for giving Trump tools that can so obviously be abused.

But this attempt does so precisely by dodging the most obvious reasons for which boosters should be held to account.

Update: Changed post to note that just Trump has accused FBI Agents of treason, not Sessions, and not (yet) journalists.

Update: Here’s the roll call of the 65-34 vote passage of the bill. Democrats who voted in favor are:

  1. Carper
  2. Casey
  3. Cortez Masto
  4. Donnelly
  5. Duckworth
  6. Feinstein
  7. Hassan
  8. Heitkamp
  9. Jones
  10. Klobuchar
  11. Manchin
  12. McCaskill
  13. Nelson
  14. Peters
  15. Reed
  16. Schumer
  17. Shaheen
  18. Stabenow
  19. Warner
  20. Whitehouse

 

A Dragnet of emptywheel’s Most Important Posts on Surveillance, 2007 to 2017

Happy Birthday to me! To us! To the emptywheel community!

On December 3, 2007, emptywheel first posted as a distinct website. That makes us, me, we, ten this week.

To celebrate, the emptywheel team has been sharing some of our favorite work from the last decade. This is my massive dragnet of surveillance posts.

For years, we’ve done this content ad free, relying on donations and me doing freelance work for others to fund the stuff you read here. I would make far more if I worked for some free-standing outlet, but I wouldn’t be able to do the weedy, iterative work that I do here, which would amount to not being able to do my best work.

If you’ve found this work valuable — if you’d like to ensure it remains available for the next ten years — please consider supporting the site.

2007

Whitehouse Reveals Smoking Gun of White House Claiming Not to Be Bound by Any Law

Just days after opening the new digs, I noticed Sheldon Whitehouse entering important details into the Senate record — notably, that John Yoo had pixie dusted EO 12333 to permit George Bush to authorize the Stellar Wind dragnet. In the ten years since, both parties worked to gradually expand spying on Americans under EO 12333, only to have Obama permit the sharing of raw EO 12333 data in its last days in office, completing the years long project of restoring Stellar Wind’s functionalities. This post, from 2016, analyzes a version of the underlying memo permitting the President to change EO 12333 without providing public notice he had done so.

2008

McConnell and Mukasey Tell Half Truths

In the wake of the Protect America Act, I started to track surveillance legislation as it was written, rather than figure out after the fact how the intelligence community snookered us. In this post, I examined the veto threats Mike McConnell and Michael Mukasey issued in response to some Russ Feingold amendments to the FISA Amendments Act and showed that the government intended to use that authority to access Americans’ communication via both what we now call back door searches and reverse targeting. “That is, one of the main purposes is to collect communications in the United States.”

9 years later, we’re still litigating this (though, since then FISC has permitted the NSA to collect entirely domestic communications under the 2014 exception).

2009

FISA + EO 12333 + [redacted] procedures = No Fourth Amendment

The Government Sez: We Don’t Have a Database of All Your Communication

After the FISCR opinion on what we now know to be the Yahoo challenge to Protect American Act first got declassified, I identified several issues that we now have much more visibility on. First, PAA permitted spying on Americans overseas under EO 12333. And it didn’t achieve particularity through the PAA, but instead through what we know to be targeting procedures, including contact chaining. Since then we’ve learned the role of SPCMA in this.

In addition, to avoid problems with back door searches, the government claimed it didn’t have a database of all our communication — a claim that, narrowly parsed might be true, but as to the intent of the question was deeply misleading. That claim is one of the reasons we’ve never had a real legal review of back door searches.

Bush’s Illegal Domestic Surveillance Program and Section 215

On PATRIOTs and JUSTICE: Feingold Aims for Justice

During the 2009 PATRIOT Act reauthorization, I continued to track what the government hated most as a way of understanding what Congress was really authorizing. I understood that Stellar Wind got replaced not just by PAA and FAA, but also by the PATRIOT authorities.

All of which is a very vague way to say we probably ought to be thinking of four programs–Bush’s illegal domestic surveillance program and the PAA/FAA program that replaced it, NSLs, Section 215 orders, and trap and trace devices–as one whole. As the authorities of one program got shut down by exposure or court rulings or internal dissent, it would migrate to another program. That might explain, for example, why Senators who opposed fishing expeditions in 2005 would come to embrace broadened use of Section 215 orders in 2009.

I guessed, for example, that the government was bulk collecting data and mining it to identify targets for surveillance.

We probably know what this is: the bulk collection and data mining of information to select targets under FISA. Feingold introduced a bajillion amendments that would have made data mining impossible, and each time Mike McConnell and Michael Mukasey would invent reasons why Feingold’s amendments would have dire consequences if they passed. And the legal information Feingold refers to is probably the way in which the Administration used EO 12333 and redacted procedures to authorize the use of data mining to select FISA targets.

Sadly, I allowed myself to get distracted by my parallel attempts to understand how the government used Section 215 to obtain TATP precursors. As more and more people confirmed that, I stopped pursuing the PATRIOT Act ties to 702 as aggressively.

2010

Throwing our PATRIOT at Assange

This may be controversial, given everything that has transpired since, but it is often forgotten what measures the US used against Wikileaks in 2010. The funding boycott is one thing (which is what led Wikileaks to embrace Bitcoin, which means it is now in great financial shape). But there’s a lot of reason to believe that the government used PATRIOT authorities to target not just Wikileaks, but its supporters and readers; this was one hint of that in real time.

2011

The March–and April or May–2004 Changes to the Illegal Wiretap Program

When the first iteration of the May 2004 Jack Goldsmith OLC memo first got released, I identified that there were multiple changes made and unpacked what some of them were. The observation that Goldsmith newly limited Stellar Wind to terrorist conversations is one another reporter would claim credit for “scooping” years later (and get the change wrong in the process). We’re now seeing the scope of targeting morph again, to include a range of domestic crimes.

Using Domestic Surveillance to Get Rapists to Spy for America

Something that is still not widely known about 702 and our other dragnets is how they are used to identify potential informants. This post, in which I note Ted Olson’s 2002 defense of using (traditional) FISA to find rapists whom FBI can then coerce to cooperate in investigations was the beginning of my focus on the topic.

2012

FISA Amendments Act: “Targeting” and “Querying” and “Searching” Are Different Things

During the 2012 702 reauthorization fight, Ron Wyden and Mark Udall tried to stop back door searches. They didn’t succeed, but their efforts to do so revealed that the government was doing so. Even back in 2012, Dianne Feinstein was using the same strategy the NSA currently uses — repeating the word “target” over and over — to deny the impact on Americans.

Sheldon Whitehouse Confirms FISA Amendments Act Permits Unwarranted Access to US Person Content

As part of the 2012 702 reauthorization, Sheldon Whitehouse said that requiring warrants to access the US person content collected incidentally would “kill the program.” I took that as confirmation of what Wyden was saying: the government was doing what we now call back door searches.

2013

20 Questions: Mike Rogers’ Vaunted Section 215 Briefings

After the Snowden leaks started, I spent a lot of time tracking bogus claims about oversight. After having pointed out that, contrary to Administration claims, Congress did not have the opportunity to be briefed on the phone dragnet before reauthorizing the PATRIOT Act in 2011, I then noted that in one of the only briefings available to non-HPSCI House members, FBI had lied by saying there had been no abuses of 215.

John Bates’ TWO Wiretapping Warnings: Why the Government Took Its Internet Dragnet Collection Overseas

Among the many posts I wrote on released FISA orders, this is among the most important (and least widely understood). It was a first glimpse into what now clearly appears to be 7 years of FISA violation by the PRTT Internet dragnet. It explains why they government moved much of that dragnet to SPCMA collection. And it laid out how John Bates used FISA clause 1809(a)(2) to force the government to destroy improperly collected data.

Federated Queries and EO 12333 FISC Workaround

In neither NSA nor FBI do the authorities work in isolation. That means you can conduct a query on federated databases and obtain redundant results in which the same data point might be obtained via two different authorities. For example, a call between Michigan and Yemen might be collected via bulk collection off a switch in or near Yemen (or any of the switches between there and the US), as well as in upstream collection from a switch entering the US (and all that’s assuming the American is not targeted). The NSA uses such redundancy to apply the optimal authority to a data point. With metadata, for example, it trained analysts to use SPCMA rather than PATRIOT authorities because they could disseminate it more easily and for more purposes. With content, NSA appears to default to PRISM where available, probably to bury the far more creative collection under EO 12333 for the same data, and also because that data comes in structured form.

Also not widely understood: the NSA can query across metadata types, returning both Internet and phone connection in the same query (which is probably all the more important now given how mobile phones collapse the distinction between telephony and Internet).

This post described how this worked with the metadata dragnets.

The Purpose(s) of the Dragnet, Revisited

The government likes to pretend it uses its dragnet only to find terrorists. But it does far more, as this analysis of some court filings lays out.

2014

The Corporate Store: Where NSA Goes to Shop Your Content and Your Lifestyle

There’s something poorly understood about the metadata dragnets NSA conducts. The contact-chaining isn’t the point. Rather, the contact-chaining serves as a kind of nomination process that puts individuals’ selectors, indefinitely, into the “corporate store,” where your identity can start attracting other related datapoints like a magnet. The contact-chaining is just a way of identifying which people are sufficiently interesting to submit them to that constant, ongoing data collection.

SPCMA: The Other NSA Dragnet Sucking In Americans

I’ve done a lot of work on SPCMA — the authorization that, starting in 2008, permitted the NSA to contact chain on and through Americans with EO 12333 data, which was one key building block to restoring access to EO 12333 analysis on Americans that had been partly ended by the hospital confrontation, and which is where much of the metadata analysis affecting Americans has long happened. This was my first comprehensive post on it.

The August 20, 2008 Correlations Opinion

A big part of both FBI and NSA’s surveillance involves correlating identities — basically, tracking all the known identities a person uses on telephony and the Internet (and financially, though we see fewer details of that), so as to be able to pull up all activities in one profile (what Bill Binney once called “dossiers”). It turns out the FISC opinion authorizing such correlations is among the documents the government still refuses to release under FOIA. Even as I was writing the post Snowden was explaining how it works with XKeyscore.

A Yahoo! Lesson for USA Freedom Act: Mission Creep

This is another post I refer back to constantly. It shows that, between the time Yahoo first discussed the kinds of information they’d have to hand over under PRISM in August 2007 and the time they got directives during their challenge, the kinds of information they were asked for expanded into all four of its business areas. This is concrete proof that it’s not just emails that Yahoo and other PRISM providers turn over — it’s also things like searches, location data, stored documents, photos, and cookies.

FISCR Used an Outdated Version of EO 12333 to Rule Protect America Act Legal

Confession: I have an entire chapter of the start of a book on the Yahoo challenge to PRISM. That’s because so much about it embodied the kind of dodgy practices the government has, at the most important times, used with the FISA Court. In this post, I showed that the documents that the government provided the FISCR hid the fact that the then-current versions of the documents had recently been modified. Using the active documents would have shown that Yahoo’s key argument — that the government could change the rules protecting Americans anytime, in secret — was correct.

2015

Is CISA the Upstream Cyber Certificate NSA Wanted But Didn’t Really Get?

Among the posts I wrote on CISA, I noted that because the main upstream 702 providers have a lot of federal business, they’ll “voluntarily” scan on any known cybersecurity signatures as part of protecting the federal government. Effectively, it gives the government the certificate it wanted, but without any of the FISA oversight or sharing restrictions. The government has repeatedly moved collection to new authorities when FISC proved too watchful of its practices.

The FISA Court’s Uncelebrated Good Points

Many civil libertarians are very critical of the FISC. Not me. In this post I point out that it has policed minimization procedures, conducted real First Amendment reviews, taken notice of magistrate decisions and, in some cases, adopted the highest common denominator, and limited dissemination.

How the Government Uses Location Data from Mobile Apps

Following up on a Ron Wyden breadcrumb, I figured out that the government — under both FISA and criminal law — obtain location data from mobile apps. While the government still has to adhere to the collection standard in any given jurisdiction, obtaining the data gives the government enhanced location data tied to social media, which can implicate associates of targets as well as the target himself.

The NSA (Said It) Ate Its Illegal Domestic Content Homework before Having to Turn It in to John Bates

I’m close to being able to show that even after John Bates reauthorized the Internet metadata dragnet in 2010, it remained out of compliance (meaning NSA was always violating FISA in obtaining Internet metadata from 2002 to 2011, with a brief lapse). That case was significantly bolstered when it became clear NSA hastily replaced the Internet dragnet with obtaining metadata from upstream collection after the October 2011 upstream opinion. NSA hid the evidence of problems on intake from its IG.

FBI Asks for at Least Eight Correlations with a Single NSL

As part of my ongoing effort to catalog the collection and impact of correlations, I showed that the NSL Nick Merrill started fighting in 2004 asked for eight different kinds of correlations before even asking for location data. Ultimately, it’s these correlations as much as any specific call records that the government appears to be obtaining with NSLs.

2016

What We Know about the Section 215 Phone Dragnet and Location Data

During the lead-up to the USA Freedom Debate, the government leaked stories about receiving a fraction of US phone records, reportedly because of location concerns. The leaks were ridiculously misleading, in part because they ignored that the US got redundant collection of many of exactly the same calls they were looking for from EO 12333 collection. Yet in spite of these leaks, the few figured out that the need to be able to force Verizon and other cell carriers to strip location data was a far bigger reason to pass USAF than anything Snowden had done. This post laid out what was known about location data and the phone dragnet.

While It Is Reauthorizing FISA Amendments Act, Congress Should Reform Section 704

When Congress passed FISA Amendments Act, it made a show of providing protections to Americans overseas. One authority, Section 703, was for spying on people overseas with help of US providers, and another was for spying on Americans overseas without that help. By May 2016, I had spent some time laying out that only the second, which has less FISC oversight, was used. And I was seeing problems with its use in reporting. So I suggested maybe Congress should look into that?

It turns out that at precisely that moment, NSA was wildly scrambling to get a hold on its 704 collection, having had an IG report earlier in the year showing they couldn’t audit it, find it all, or keep it within legal boundaries. This would be the source of the delay in the 702 reauthorization in 2016, which led to the prohibition on about searches.

The Yahoo Scan: On Facilities and FISA

The discussion last year of a scan the government asked Yahoo to do of all of its users was muddled because so few people, even within the privacy community, understand how broadly the NSA has interpreted the term “selector” or “facility” that it can target for collection. The confusion remains to this day, as some in the privacy community claim HPSCI’s use of facility based language in its 702 reauthorization bill reflects new practice. This post attempts to explain what we knew about the terms in 2016 (though the various 702 reauthorization bills have offered some new clarity about the distinctions between the language the government uses).

2017

Ron Wyden’s History of Bogus Excuses for Not Counting 702 US Person Collection

Ron Wyden has been asking for a count of how many Americans get swept up under 702 for years. The IC has been inventing bogus explanations for why they can’t do that for years. This post chronicles that process and explains why the debate is so important.

The Kelihos Pen Register: Codifying an Expansive Definition of DRAS?

When DOJ used its new Rule 41 hacking warrant against the Kelihos botnet this year, most of the attention focused on that first-known usage. But I was at least as interested in the accompanying Pen Register order, which I believe may serve to codify an expansion of the dialing, routing, addressing, and signaling information the government can obtain with a PRTT. A similar codification of an expansion exists in the HJC and Lee-Leahy bills reauthorizing 702.

The Problems with Rosemary Collyer’s Shitty Upstream 702 Opinion

The title speaks for itself. I don’t even consider Rosemary Collyer’s 2017 approval of 702 certificates her worst FISA opinion ever. But it is part of the reason why I consider her the worst FISC judge.

It Is False that Downstream 702 Collection Consists Only of To and From Communications

I pointed out a number of things not raised in a panel on 702, not least that the authorization of EO 12333 sharing this year probably replaces some of the “about” collection function. Most of all, though, I reminded that in spite of what often gets claimed, PRISM is far more than just communications to and from a target.

UNITEDRAKE and Hacking under FISA Orders

A document leaked by Shadow Brokers reveals a bit about how NSA uses hacking on FISA targets. Perhaps most alarmingly, the same tools that conduct such hacks can be used to impersonate a user. While that might be very useful for collection purposes, it also invites very serious abuse that might create a really nasty poisonous tree.

A Better Example of Article III FISA Oversight: Reaz Qadir Khan

In response to Glenn Gerstell’s claims that Article III courts have exercised oversight by approving FISA practices (though the reality on back door searches is not so cut and dry), I point to the case of Reaz Qadir Khan where, as Michael Mosman (who happens to serve on FISC) moved towards providing a CIPA review for surveillance techniques, Khan got a plea deal.

The NSA’s 5-Page Entirely Redacted Definition of Metadata

In 2010, John Bates redefined metadata. That five page entirely redacted definition became codified in 2011. Yet even as Congress moves to reauthorize 702, we don’t know what’s included in that definition (note: location would be included).

FISA and the Space-Time Continuum

This post talks about how NSA uses its various authorities to get around geographical and time restrictions on its spying.

The Senate Intelligence Committee 702 Bill Is a Domestic Spying Bill

This is one of the most important posts on FISA I’ve ever written. It explains how in 2014, to close an intelligence gap, the NSA got an exception to the rule it has to detask from a facility as soon as it identifies Americans using the facility. The government uses it to collect on Tor and, probably VPN, data. Because the government can keep entirely domestic communications that the DIRNSA has deemed evidence of a crime, the exception means that 702 has become a domestic spying authority for use with a broad range of crimes, not to mention anything the Attorney General deems a threat to national security.

“Hype:” How FBI Decided Searching 702 Content Was the Least Intrusive Means

In a response to a rare good faith defense of FBI’s back door searches, I pointed out that the FBI is obliged to consider the least intrusive means of investigation. Yet, even while it admits that accessing content like that obtained via 702 is extremely intrusive, it nevertheless uses the technique routinely at the assessment level.

Other Key Posts Threads

10 Years of emptywheel: Key Non-Surveillance Posts 2008-2010

10 Years of emptywheel: Key Non-Surveillance Posts 2011-2012

10 Years of emptywheel: Key Non-Surveillance Posts 2013-2015

10 Years of emptywheel: Key Non-Surveillance Posts 2016-2017

10 Years of emptywheel: Jim’s Dimestore

[Photo: National Security Agency, Ft. Meade, MD via Wikimedia]

The NSA’s 5-Page Entirely Redacted Definition of Metadata

In my post on Rosemary Collyer’s shitty upstream 702 opinion, I noted that the only known (but entirely redacted) discussions of what constituted metadata were part of the 2004 and 2010 authorizations for the Internet dragnet.

The documents liberated by Charlie Savage (starting at PDF 184) reveal the topic was actually discussed during the resolution of the 2011 upstream fight. In response to a Bates question to “fully describe what constitutes ‘metadata'” that can be extracted from Internet transactions, the government defined the term in a footnote that is substantially redacted.

That discussion is followed by five entirely redacted pages describing the three (also entirely redacted) categories of metadata.

So I apologize to the government for suggesting they’ve never defined the difference between content and metadata in the context of upstream content collection (the discussion probably closely follows the Internet dragnet discussion, which Bates had had with the government roughly 18 months earlier; that discussion allowed some dialing, routing, addressing, or signaling information that counted as content but didn’t convey the message of the communication to be treated as metadata).

That said, what the fuck are you thinking?!?!?

I mean, first of all, Congress is about to reauthorize 702, possibly trying to codify the prohibition on about searches. But most of Congress won’t go through the trouble to read this five page definition, much less consult with technical experts to understand if the definition is meaningful and how any draft bill would interact with this language. So it’s unclear how closely tested this has been.

As noted, even by the 2010 discussion, it was clear Bates was creating a middle ground for stuff that was technically content but which served a DRAS function — probably something akin to Steve Bellovin et al’s definition of architectural content. Given the way NSA asked to and did nuke the existing PRTT data at precisely this time (though without letting the Inspector General review their destruction of intake data) it’s highly likely they were violating those limits, at least through the processing stage. But legally, using this definition of metadata would all of a sudden be kosher, because the metadata would have been collected under a content standard, so the distinction of it being metadata would matter primarily for the privacy considerations (not least because Americans’ metadata collected off this upstream collection could and can be disseminated with a much lower standard than the one in place in the Internet dragnet, and can be disseminated for non-terrorism purposes), not legal ones. In other words, by collecting its domestic metadata using a content collection statute, the legal distinction between metadata and content would no longer matter, after 7 years of mattering.

Except now it does.

If the NSA’s five page definition of metadata includes stuff that is legally content, then the promise to avoid “about” collection is probably bogus, because it’d incorporate these definitions of metadata and thereby permit using metadata that actually counts as content as a selector.

Which is probably also why the government is so keen to avoid a prohibition on about searches — because what they’re doing, even today, amounts legally to about collection.

I’ll have to put some thought to the privacy implications of this (I suspect this explains the utility of upstream collection for cybersecurity purposes).

But if I’m right, there’s no way this should be classified, at least not entirely classified, not if the government has claimed to have gotten out of the business of searching for selectors in content.

[Photo: National Security Agency, Ft. Meade, MD via Wikimedia]

The NSA’s Purge Obfuscations

One thing that the 2011 702 documents Charlie Savage liberated make clear is that the government is (and was) obtaining more domestic communications — but purging them — than it wants to let on (and the numbers have surely gotten worse since 2011).

In a hearing on September 7, 2011, the first question that John Bates asked (starting at PDF 35) about the sampling the NSA had done is how many communications had been purged before the agency started counting its sample, a sample that included both PRISM and upstream collection. As Bates noted, it would be one thing if the NSA were purging half its collection and then counting than if it only had to purge a small amount.

During this exchange, the government was careful to limit their discussion of purged communications to upstream MCT related collection.

When the government responded (starting at PDF 117), it provided numbers for just what had gotten purged from upstream collection.

I’m not entirely sure their claim that none of this purged information was “upstream” collection — as opposed to MCT collection — is correct (as a post on the violations will explore). But they make it clear: the 18,446 purged communications were just Internet upstream. For every upstream  record purged because the target had roamed into the US, there might be correlated telephony collection that would get purged — some of the most commonly discussed purged communications. It might also include PRISM production that would have to get purged (if, for example, the target continued to use GMail while in the US). In addition, there might be targets discovered to be (perhaps by reading that PRISM production) Americans. So the 18,446 is just a portion of what got purged — but the government pointedly avoided telling Bates how much of the other kind there was.

Of the upstream Internet collection in 2011, .1% was getting purged.

The purge numbers for telephony and PRISM would not be the same as for upstream. The telephony numbers might be far far higher, given public reporting from the period. The NSA was working off some overcollection that was limited to upstream during this period, which would lead to more upstream communications being purged. But the rules on domestic collection of PRISM communications are different than they are for upstream.

In any case, the government’s careful dodge of providing Bates the full purge number suggests the telephony and PRISM purge numbers might be substantial, too. But we don’t get that number.

[Photo: National Security Agency, Ft. Meade, MD via Wikimedia]

The Reclassification of Details on the 2011 Upstream Fight

As I noted in this post, Charlie Savage recently liberated more details on the resolution of the 2011 upstream 702 problems.

With respect to some details, however, the newly liberated documents represent a reclassification of details that were made public when the October 3, 2011 John Bates opinion was released in 2013. The government has provided entirely classified documents that are probably the early exchanges on the problem, including language that was unclassified in Bates’ 2011 opinion. In addition, the government has redacted dates that were also made public in Bates’ opinion.

I laid out both the timeline and the language cited from those early exchanges in this post. As I noted in this post, that timeline makes it clear that at the same time John Bates was asking NSA to assess the impact of upstream collection on US persons by sampling real NSA collection, Ron Wyden and Mark Udall were asking for the same thing.

I’ve laid out the combined timeline below. What it — and the newly released documents — show is just how brazen James Clapper’s refusal to provide real numbers to Wyden and Udall was. Not only did their request exactly coincide with the government’s request for more time so they could get more data — the count of US persons — to Bates (though Clapper’s record quick response delivered his refusal before Bates got his first real numbers). But the 48-hour turnaround on analysis of SCTs in September shows how quickly NSA can get rough estimates of US person data when they need to.

There are more alarming things the reclassification of these details suggests, which I’ll address in a follow-up. But for now, know that in 2011, the Intelligence Community refused to treat Congress with the same respect due a co-equal branch of government as it was treating Bates (and that’s the deep background to James Clapper’s 2013 “not wittingly” response).

April 2011, unknown date: Wyden and Udall ask for estimate of US person collection verbally

 

April 19, 2011: Notice of two upstream overcollection violations [see PDF 144]

April 20, 2011: One recertification submission

April 22, 2011: Two more recertification submissions

May 2, 2011: Clarification letter first admits MCT problem

May 5, 2011: Government asks for extension until July 22, 2011

May 9, 2011: Court grants extension, issues briefing order

June 1, 2011: Government submits response to briefing order

June 17, 2011: Court presents follow-up questions

June 28, 2011: Government response to follow-up questions

July 8, 2011: Court (John Bates) meets with senior DOJ people, tells them he has serious concerns

July 14, 2011: Government files another extension; court grants extension to September 20, 2011

July 14, 2011: Wyden and Udall send letter to James Clapper asking (among other things):

  • In a December 2007 Statement of Administration Policy on the FISA Amendments Act, the Office of Management and Budget said that it would “likely be impossible” to count the number of people located in the United States whose communications were reviewed by the government pursuant to the FISA Amendments Act. Is this still the case? If so, is it possible to estimate this number with any accuracy?
  • Have any apparently law-abiding Americans had their communications collected by the government pursuant to the FISA Amendments Act?

July 26, 2011: Clapper responds to Wyden and Udall, refusing to give numbers or describe compliance incidents

August 16, 2011: Government files supplement, presenting results of “manual review of statistically representative sample” for 6 months

August 22, 2011: Meeting between Court and government

August 30, 2011: Government makes another submission

September 7, 2011: Court has hearing

September 9, 2011: Government files additional submission, submitting results of analysis of SCTs completed in just 48 hours

[Photo: National Security Agency, Ft. Meade, MD via Wikimedia]

The Domestic Communications NSA Won’t Reveal Are Almost Certainly Obscured Location Communications

The other day, I laid out the continuing fight between Director of National Intelligence Dan Coats and Senator Ron Wyden over the former’s unwillingness to explain why he can’t answer the question, “Can the government use FISA Act Section 702 to collect communications it knows are entirely domestic?” in unclassified form. As I noted, Coats is parsing the difference between “intentionally acquir[ing] any communication as to which the sender and all intended recipients are known at the time of acquisition to be located in the United States,” which Section 702 prohibits, and “collect[ing] communications [the government] knows are entirely domestic,” which this exchange and Wyden’s long history of calling out such things clearly indicates the government does.

As I noted, the earlier iteration of this debate took place in early June. Since then, we’ve gotten two sets of documents that all but prove that the entirely domestic communication the NSA refuses to tell us about involves communications that obscure their location, probably via Tor or VPNs.

Most Entirely Domestic Communications Collected Via Upstream Surveillance in 2011 Obscured Their Location

The first set of documents are those on the 2011 discussion about upstream collection liberated just recently by Charlie Savage. They show that in the September 7, 2011 hearing, John Bates told the government that he believed the collection of discrete communications the government had not examined in their sampling might also contain “about” communications that were entirely domestic. (PDF 113)

We also have this other category, in your random sampling, again, that is 9/10ths of the random sampling that was set aside as being discrete communications — 45,000 out of the 50,0000 — as to which our questioning has indicataed we have a concern that some of the about communications may actually have wholly domestic communications.

And I don’t think that you’ve really assessed that, either theoretically or by any actual examination of those particular transactions or communications. And I’m not indicating to you what I expect you to do, but I do have this concern that there are a fair number of wholly domestic communications in that category, and there’s nothing–you really haven’t had an opportunity to address that, but there’s nothing that has been said to date that would dissuade me from that conclusion. So I’m looking there for some convincing, if you will, assessment of why there are not wholly domestic communications with that body which is 9/10s of the random sample.

In a filing submitted two days later, the government tried to explain away the possibility this would include (many) domestic communications. (The discussion responding to this question starts at PDF 120.) First, the NSA used technical means to determine that 41,272 of the 45,359 communications in the sample were not entirely domestic. That left 4,087 communications, which the NSA was able to analyze in just 48 hours. Of those, the NSA found just 25 that were not to or from a tasked selector (meaning they were “abouts” or correlated identities, described as “potentially alternate accounts/addresses/identifiers for current NSA targets” in footnote 7, which may be the first public confirmation that NSA collects on correlated identifiers). NSA then did the same kind of analysis it does on the communications that it does as part of its pre-tasking determination that a target is located outside the US. This focused entirely on location data.

Notably, none of the reviewed transactions featured an account/address/identifier that resolved to the United States. Further, each of the 25 communications contained location information for at least one account/address/identifier such that NSA’s analysts were able assess [sic] that at least one communicant for each of these 25 communications was located outside of the United States. (PDF 121)

Note that the government here (finally) drops the charade that these are simply emails, discussing three kinds of collection: accounts (which could be both email and messenger accounts), addresses (which having excluded accounts would significantly include IP addresses), and identifiers. And they say that having identified an overseas location for the communication, NSA treats it as an overseas communication.

The next paragraph is even more remarkable. Rather than doing more analysis on those just 25 communications it effectively argues that because latency is bad, it’s safe to assume that any service that is available entirely within the US will be delivered to an American entirely within the US, and so those 25 communications must not be American.

Given the United States’ status as the “world’s premier electronic communications hub,” and further based on NSA’s knowledge of Internet routing patterns, the Government has already asserted that “the vast majority of communications between persons located in the United States are not routed through servers outside the United Staes.” See the Government’s June 1, 2011 Submission at 11. As a practical matter, it is a common business practice for Internet and web service providers alike to attempt to deliver their customers the best user experience possible by reducing latency and increasing capacity. Latency is determined in part by the geographical distance between the user and the server, thus, providers frequently host their services on servers close to their users, and users are frequently directed to the servers closest to them. While such practices are not absolute in any respect and are wholly contingent on potentially dynamic practices of particular service providers and users,9 if all parties to a communication are located in the United States and the required services are available in the United States, in most instances those communications will be routed by service providers through infrastructure wholly within the United States.

Amid a bunch of redactions (including footnote 9, which is around 16 lines long and entirely redacted), the government then claims that its IP filters would ensure that it wouldn’t pick up any of the entirely domestic exceptions to what I’ll call its “avoidance of latency” assumption and so these 25 communications are no biggie, from a Fourth Amendment perspective.

Of course, the entirety of this unredacted discussion presumes that all consumers will be working with providers whose goal is to avoid latency. None of the unredacted discussion admits that some consumers choose to accept some latency in order to obscure their location by routing it through one (VPN) or multiple (Tor) servers distant from their location, including servers located overseas.

For what it’s worth, I think the estimate Bates did on his own to come up with a number of these SCTs was high, in 2011. He guessed there would be 46,000 entirely domestic communications collected each year; by my admittedly rusty math, it appears it would be closer to 12,000 (25 / 50,000 comms in the sample = .05% of the total; .05% of the 11,925,000 upstream transactions in that 6 month period = 5,962, times 2 = roughly 12,000 a year). Still, it was a bigger part of the entirely domestic upstream collection than those collected as MCTs, and all those entirely domestic communications have been improperly back door searched in the interim.

Collyer claims to have ended “about” collection but admits upstream will still collect entirely domestic communications

Now, if that analysis done in 2011 were applicable to today’s collection, there shouldn’t be a way for the NSA to collect entirely domestic communications today. That’s because all of those 25 potentially domestic comms were described as “about” collection. Rosemary Collyer has, according to her IMO apparently imperfect understanding of upstream collection, shut down “about” collection. So that should have eliminated the possibility for entirely domestic collection via upstream, right?

Nope.

As she admits in her opinion, it will still be possible for the NSA to “acquire an MCT” (that is, bundled collection) “that contains a domestic communication.”

So there must be something that has changed since 2011 that would lead NSA to collect entirely domestic communications even if that communication didn’t include an “about” selector.

In 2014 Collyer enforced a practice that would expose Americans to 702 collection

Which brings me back to the practice approved in 2014 in which, according to providers newly targeted under the practice, “the communications of U.S. person will be collected as part of such surveillance.”

As I laid out in this post, in 2014 Thomas Hogan approved a change in the targeting procedures. Previously, all users of a targeted facility had to be foreign for it to qualify as a foreign target. But for some “limited” exception, Hogan for the first time permitted the NSA to collect on a facility even if Americans used that facility as well, along with the foreign targets.

The first revision to the NSA Targeting Procedures concerns who will be regarded as a “target” of acquisition or a “user” of a tasked facility for purposes of those procedures. As a general rule, and without exception under the NSA targeting procedures now in effect, any user of a tasked facility is regarded as a person targeted for acquisition. This approach has sometimes resulted in NSA’ s becoming obligated to detask a selector when it learns that [redacted]

The relevant revision would permit continued acquisition for such a facility.

It appears that Hogan agreed it would be adequate to weed out American communications after collection in post-task analysis.

Some months after this change, some providers got some directives (apparently spanning all three known certificates), and challenged them, though of course Collyer didn’t permit them to read the Hogan opinion approving the change.

Here’s some of what Collyer’s opinion enforcing the directives revealed about the practice.

Collyer’s opinion includes more of the provider’s arguments than the Reply did. It describes the Directives as involving “surveillance conducted on the servers of a U.S.-based provider” in which “the communications of U.S. person will be collected as part of such surveillance.” (29) It says [in Collyer’s words] that the provider “believes that the government will unreasonably intrude on the privacy interests of United States persons and persons in the United States [redacted] because the government will regularly acquire, store, and use their private communications and related information without a foreign intelligence or law enforcement justification.” (32-3) It notes that the provider argued there would be “a heightened risk of error” in tasking its customers. (12) The provider argued something about the targeting and minimization procedures “render[ed] the directives invalid as applied to its service.” (16) The provider also raised concerns that because the NSA “minimization procedures [] do not require the government to immediately delete such information[, they] do not adequately protect United States person.” (26)

[snip]

Collyer, too, says a few interesting things about the proposed surveillance. For example, she refers to a selector as an “electronic communications account” as distinct from an email — a rare public admission from the FISC that 702 targets things beyond just emails. And she treats these Directives as an “expansion of 702 acquisitions” to some new provider or technology.

Now, there’s no reason to believe this provider was involved in upstream collection. Clearly, they’re being asked to provide data from their own servers, not from the telecom backbone (in fact, I wonder whether this new practice is why NSA has renamed “PRISM” “downstream” collection).

But we know two things. First: the discrete domestic communications that got sucked up in upstream collection in 2011 appear to have obscured their location. And, there is now a means of collecting bundles of communications via upstream collection (assuming Collyer’s use of MCT here is correct, which it might not be) such that even communications involving no “about” collection would be swept up.

Again, the evidence is still circumstantial, but there is increasing evidence that in 2014 the NSA got approval to collect on servers that obscure location, and that that is the remaining kind of collection (which might exist under both upstream and downstream collection) that will knowingly be swept up under Section 702. That’s the collection, it seems likely, that Coats doesn’t want to admit.

The problems with permitting collection on location-obscured Americans

If I’m right about this, then there are three really big problems with this practice.

First, in 2011, location-obscuring servers would not themselves be targeted. Communications using such servers would only be collected (if the NSA’s response to Bates is to be believed) if they included an “about’ selector.

But it appears there is now some collection that specifically targets those location-obscuring servers, and knowingly collects US person communications along with whatever else the government is after. If that’s right, then it will affect far more than just 12,000 people a year.

That’s especially true given that a lot more people are using location-obscuring servers now than on October 3, 2011, when Bates issued his opinion. Tor usage in the US has gone from around 150,000 mean users a day to around 430,000 users.

And that’s just Tor. While fewer VPN users will consistently use overseas servers, sometimes it will happen for efficacy reasons and sometimes it will happen to access content that is unavailable in the US (like decent Olympics coverage).

In neither of Collyer’s opinions did she ask for the kind of numerical counts of people affected that Bates asked for in 2011. If 430,000 Americans a day are being exposed to this collection under the 2014 change, it represents a far bigger problem than the one Bates called a Fourth Amendment violation in 2011.

Finally, and perhaps most importantly, Collyer newly permitted back door searches on upstream collection, even though she knew that (for some reason) it would still collect US person communications. So not only could the NSA collect and hold location obscured US person communications, but those communications might be accessed (if they’re not encrypted) via back door searches that (with Attorney General approval) don’t require a FISA order (though Americans back door searched by NSA are often covered by FISA orders).

In other words, if I’m right about this, the NSA can use 702 to collect on Americans. And the NSA will be permitted to keep what they find (on a communication by communication basis) if they fall under four exceptions to the destruction requirement.

The government is, once again, fighting Congressional efforts to provide a count of how many Americans are getting sucked up in 702 (even though the documents liberated by Savage reveal that such a count wouldn’t take as long as the government keeps claiming). If any of this speculation is correct, it would explain the reluctance. Because once the NSA admits how much US person data it is collecting, it becomes illegal under John Bates’ 2010 PRTT order.

[Photo: National Security Agency, Ft. Meade, MD via Wikimedia]

Did NSA Start Using Section 702 to Collect from VPNs in 2014?

I’ve finally finished reading the set of 702 documents I Con the Record dumped a few weeks back. I did two posts on the dump and a related document Charlie Savage liberated. Both pertain, generally, to whether a 702 “selector” gets defined in a way that permits US person data to be sucked up as well. The first post reveals that, in 2010, the government tried to define a specific target under 702 (both AQAP and WikiLeaks might make sense given the timing) as including US persons. John Bates asked for legal justification for that, and the government withdrew its request.

The second reveals that, in 2011, as Bates was working through the mess of upstream surveillance, he asked whether the definition of “active user,” as it applies for a multiple communication transaction, referred to the individual user. The question is important because if a facility is defined to be used by a group — say, Al Qaeda or Wikileaks — it’s possible a user of that facility might be an unknown US person user, the communications of which would only be segregated under the new minimization procedures if the individual user’s communication were reviewed (not that it mattered in the end; NSA doesn’t appear to have implemented the segregation regime in meaningful fashion). Bates never got a public answer to that question, which is one of a number of reasons why Rosemary Collyer’s April 26 702 opinion may not solve the problem of upstream collection, especially not with back door searches permitted.

As it happens, some of the most important documents released in the dump may pertain to a closely related issue: whether the government can collect on selectors it knows may be used by US persons, only to weed out the US persons after the fact.

In 2014, a provider challenged orders (individual “Directives” listing account identifiers NSA wanted to collect) that it said would amount to conducting surveillance “on the servers of a U.S.-based provider” in which “the communications of U.S. persons will be collected as part of such surveillance.” The provider was prohibited from reading the opinions that set the precedent permitting this kind of collection. Unsurprisingly, the provider lost its challenge, so we should assume that some 702 collection collects US person communications, using the post-tasking process rather than pre-targeting intelligence to protect American privacy.

The documents

The documents that lay out the failed challenge are:

2014, redacted date: ACLU Document 420: The government response to the provider’s filing supporting its demand that FISC mandate compliance.

2014, redacted date: EFF Document 13: The provider(s) challenging the Directives asked for access to two opinions the government relied on in their argument. Rosemary Collyer refused to provide them, though they have since been released.

2014, redacted date: EFF Document 6 (ACLU 510): Unsurprisingly, Collyer also rejected the challenge to the individual Directives, finding that post-tasking analysis could adequately protect Americans.

The two opinions the providers requested, but were refused, are:

September 4, 2008 opinion: This opinion, by Mary McLaughlin, was the first approval of FAA certifications after passage of the law. It lays out many of the initial standards that would be used with FAA (which changed slightly from PAA). As part of that, McLaughin adopted standards regarding what kinds of US person collection would be subject to the minimization procedures.

August 26, 2014 opinion: This opinion, by Thomas Hogan, approved the certificates under which the providers had received Directives (which means the challenge took place between August and the end of 2014). But the government also probably relied on this opinion for a change Hogan had just approved, permitting NSA to remain tasked on a selector even if US persons also used the selector.

The argument also relies on the October 3, 2011 John Bates FAA opinion and the August 22, 2008 FISCR opinion denying Yahoo’s challenge to Protect America Act. The latter was released in a second, less redacted form on September 11, 2014, which means the challenge likely post-dated that release.

The government’s response

The government’s response consists of a filing by Stuart Evans (who has become DOJ’s go-to 702 hawk) as well as a declaration submitted by someone in NSA that had already reviewed some of the taskings done under the 2014 certificates (which again suggests this challenge must date to September at the earliest). There appear to be four sections to Evans’ response. Of those sections, the only one left substantially unredacted — as well as the bulk of the SIGINT declaration — pertains to the Targeting Procedures. So while targeting isn’t the only thing the provider challenged (another appears to be certification of foreign intelligence value), it appears to be the primary thing.

Much of what is unredacted reviews the public details of NSA’s targeting procedure. Analysts have to use the totality of circumstances to figure out whether someone is a non US person located overseas likely to have foreign intelligence value, relying on things like other SIGINT, HUMINT, and (though the opinion redacts this) geolocation information and/or filters to weed out known US IPs. After a facility has been targeted, the analyst is required to do post-task analysis, both to make sure that the selector is the one intended, but also to make sure that no new information identifies the selector as being used by a US person, as well as making sure that the target hasn’t “roamed” into the US. Post-task analysis also ensures that the selector really is providing foreign intelligence information (though in practice, per PCLOB and other sources, this is not closely reviewed).

Of particular importance, Evans dismisses concerns about what happens when a selector gets incorrectly tasked as a foreigner. “That such a determination may later prove to be incorrect because of changes in circumstances or information of which the government was unaware does not render unreasonable either the initial targeting determination or the procedures used to reach it.”

Evans also dismisses the concern that minimization procedures don’t protect the providers’ customers (presumably because they provide four ways US person content may be retained with DIRNSA approval). Relying on the 2008 opinion that states in part…

The government argues that, by its terms, Section 1806(i) applies only to a communication that is unintentionally acquired,” not to a communication that is intentionally acquired under a mistaken belief about the location or non-U.S. person status of the target or the location of the parties to the communication. See Government’s filing of August 28, 2008. The Court finds this analysis of Section 1806(i) persuasive, and on this basis concludes that Section 1806(i) does not require the destruction of the types of communications that are addressed by the special retention provisions.”

Evans then quotes McClaughlin judging that minimization procedures “constitute a safeguard against improper use of information about U.S. persons that is inadvertently or incidentally acquired.” In other words, he cites an opinion that permits the government to treat stuff that is initially targeted, even if it is later discovered to be an American’s communication, differently than it does other US person information as proof the minimization procedures are adequate.

The missing 2014 opinion references

As noted above, the provider challenging these Directives asked for both the 2008 opinion (cited liberally throughout the unredacted discussion in the government’s reply) and the 2014 one, which barely appears at all beyond the initial citation.  Given that Collyer reviewed substantial language from both opinions in denying the provider’s request to obtain them, the discussion must go beyond simply noting that the 2014 opinion governs the Directives in question. There must be something in the 2014 opinion, probably the targeting procedures, that gets cited in the vast swaths of redactions.

That’s especially true given that on the first page of Evans’ response claims the Directives address “a critical, ongoing foreign intelligence gap.” So it makes sense that the government would get some new practice approved in that year’s certification process, then serve Directives ostensibly authorized by the new certificate, only to have a provider challenge a new type of request and/or a new kind of provider challenge their first Directives.

One thing stands out in the 2014 opinion that might indicate the closing of a foreign intelligence gap.

Prior to 2014, the NSA could say an entity — say, Al Qaeda — used a facility, meaning they’d suck up any people that used that facility (think how useful it would be to declare a chat room a facility, for example). But (again, prior to 2014) as soon as a US person started “using” that facility — the word use here is squishy as someone talking to the target would not count as “using” it, but as incidental collection — then NSA would have to detask.

The 2014 certifications for the first time changed that.

The first revision to the NSA Targeting Procedures concerns who will be regarded as a “target” of acquisition or a “user” of a tasked facility for purposes of those procedures. As a general rule, and without exception under the NSA targeting procedures now in effect, any user of a tasked facility is regarded as a person targeted for acquisition. This approach has sometimes resulted in NSA’ s becoming obligated to detask a selector when it learns that [redacted]

The relevant revision would permit continued acquisition for such a facility.

[snip]

For purposes of electronic surveillance conducted under 50 U.S.C. §§ 1804-1805, the “target” of the surveillance ‘”is the individual or entity … about whom or from whom information is sought.”‘ In re Sealed Case, 310 F.3d 717, 740 (FISA Ct. Rev. 2002) (quoting H.R. Rep. 95-1283, at 73 (1978)). As the FISC has previously observed, “[t]here is no reason to think that a different meaning should apply” under Section 702. September 4, 2008 Memorandum Opinion at 18 n.16. It is evident that the Section 702 collection on a particular facility does not seek information from or about [redacted].

In other words, for the first time in 2014, the FISC bought off on letting the NSA target “facilities” that were used by a target as well as possibly innocent Americans, based on the assumption that the NSA would weed out the Americans in the post-tasking process, and anyway, Hogan figured, the NSA was unlikely to read that US person data because that’s not what they were interested in anyway.

Mind you, in his opinion approving the practice, Hogan included a bunch of mostly redacted language pretending to narrow the application of this language.

This amended provision might be read literally to apply where [redacted]

But those circumstances fall outside the accepted rationale for this amendment. The provision should be understood to apply only where [redacted]

But Hogan appears to be policing this limiting language by relying on the “rationale” of the approval, not any legal distinction.

The description of this change to tasking also appears in a 3.5 page discussion as the first item in the tasking discussion in the government’s 2014 application, which Collyer would attach to her opinion.

Collyer’s opinion

Collyer’s opinion includes more of the provider’s arguments than the Reply did. It describes the Directives as involving “surveillance conducted on the servers of a U.S.-based provider” in which “the communications of U.S. person will be collected as part of such surveillance.” (29) It says [in Collyer’s words] that the provider “believes that the government will unreasonably intrude on the privacy interests of United States persons and persons in the United States [redacted] because the government will regularly acquire, store, and use their private communications and related information without a foreign intelligence or law enforcement justification.” (32-3) It notes that the provider argued there would be “a heightened risk of error” in tasking its customers. (12) The provider argued something about the targeting and minimization procedures “render[ed] the directives invalid as applied to its service.” (16) The provider also raised concerns that because the NSA “minimization procedures [] do not require the government to immediately delete such information[, they] do not adequately protect United States person.” (26)

All of which suggests the provider believed that significant US person data would be collected off their servers without any requirement the US person data get deleted right away. And something about this provider’s customers put them at heightened risk of such collection, beyond (for example) regular upstream surveillance, which was already public by the time of this challenge.

Collyer, too, says a few interesting things about the proposed surveillance. For example, she refers to a selector as an “electronic communications account” as distinct from an email — a rare public admission from the FISC that 702 targets things beyond just emails. And she treats these Directives as an “expansion of 702 acquisitions” to some new provider or technology. Finally, Collyer explains that “the 2014 Directives are identical, except for each directive referencing the particular certification under which the directive is issued.” This means that the provider received more than one Directive, and they fall under more than one certificate, which means that the collection is being used for more than one kind of use (counterterrorism, counterproliferation, and foreign government plus cyber). So the provider is used by some combination of terrorists, proliferators, spies, or hackers.

Ultimately, though, Collyer rejected the challenge, finding the targeting and minimization procedures to be adequate protection of the US person data collected via this new approach.

Now, it is not certain that all this relied on the new targeting procedure. Little in Collyer’s language reflects passing familiarity with that new provision. Indeed, at one point she described the risk to US persons to involve “the government may mistakenly task the wrong account,” which suggests a more individualized impact.

Except that after her almost five pages entirely redacted of discussion of the provider’s claim that the targeting procedures are insufficient, Collyer argues that such issues don’t arise that frequently, and even if they do, they’d be dealt with in post-targeting analysis.

The Court is not convinced that [redacted] under any of the above-described circumstances occurs frequently, or even on a regular basis. Assuming arguendo that such scenarios will nonetheless occur with regard to selectors tasked under the 2014 Directives, the targeting procedures address each of the scenarios by requiring NSA to conduct post-targeting analysis [redacted]

Similarly, Collyer dismissed the likelihood that Americans’ data would be tasked that often.

[O]ne would not expect a large number of communications acquired under such circumstances to involve United States person [citation to a redacted footnote omitted]. Moreover, a substantial proportion of the United States person communications acquired under such circumstances are likely to be of foreign intelligence value.

As she did in her recent shitty opinion, Collyer appears to have made these determinations without requiring NSA to provide real numbers on past frequency or likely future frequency.

However often such collection had happened in the past (which she didn’t ask the NSA to explain) or would happen as this new provider started responding to Directives, this language does sound like it might implicate the new case of a selector that might be used both by legitimate foreign intelligence targets and by innocent Americans.

Does the government use 702 collection to obtain VPN traffic?

As I noted, it seems likely, though not certain, that the new collection exploited the new permission to keep tasking a selector even if US persons were using it, in addition to the actual foreigners targeted. I’m still trying to puzzle this through, but I’m wondering if the provider was a VPN provider, being asked to hand over data as it passed through the VPN server. (I think the application approved in 2014 would implicate Tor traffic as well, but I can’t see how a Tor provider would challenge the Directives, unless it was Nick Merrill again; in any case, there’d be no discussion of an “account” with Tor in the way Collyer uses it).

What does this mean for upstream surveillance

In any case, whether my guesstimates about what this is are correct, the description of the 2014 change and the discussion about the challenge would seem to raise very important questions given Collyer’s recent decision to expand the searching of upstream collection. While the description of collection from a provider’s server is not upstream, it would seem to raise the same problems, the collection of a great deal of associated US person collection that could later be brought up in a search. There’s no hint in any of the public opinions that such problems were considered.

When NSA Talks about Unintended Consequences, You Need to Ask a Follow-Up Question

In yesterday’s hearing on Section 702 reauthorization, Dianne Feinstein asked all DOJ, FBI, and NSA whether they opposed a statutory prohibition on “about” searches.

DOJ’s Stuart Evans falsely claimed that the FISC has found “about” collection to be legal; that’s not true given the assumption — which has proven out in practice — that NSA would do back door searches on the resulting domestic communications that result. Indeed, both judges who considered whether collecting and searching MCTs including domestic communications was constitutional, John Bates and Rosemary Collyer, called it a Fourth Amendment problem.

But I’m more interested in NSA Deputy General Counsel for Operations Paul Morris’ answer.

Morris: NSA opposes a statutory change at this point because that would box us in and possibly have unintended consequences.

Feinstein: Are you saying you would oppose this?

Morris: Oppose, right, we don’t think it would be a good idea at this time.

Feinstein: Huh. Thank you. That answers my question.

When the NSA complains preemptively about being “boxed in” to prevent a practice the FISC has found constitutionally problematic, it ought to elicit a follow-up question. Why doesn’t the NSA want to be prohibited from an activity that is constitutionally suspect?

More importantly, especially given that “abouts” collection is currently not defined in a way that has any technical meaning, Feinstein should have followed up to ask about what “unintended consequences” Morris worried about. Morris’ comment leads me to believe my suspicion — that the NSA continues to do things that have the same effect as “abouts” collection, even if they don’t reach into the “content” of emails that are only a subset of the kinds of things that get collected using upstream collection — is correct. It seems likely that Morris wants to protect collection that would violate any meaningful technical description of “abouts.”

Which suggests the heralded “end” to “abouts” collection is no such thing, it’s just the termination of one kind of collection that sniffs into content layers of packets.


Links to all posts on yesterday’s 702 hearing:

NSA talks about unintended consequences … no one asks what they might be

NSA argues waiting 4 years before dealing with systematic violations is not a lack of candor

FBI’s can only obtain raw feeds on selectors “relevant to” a full investigation

Everyone claims an FBI violation authorized by MOU aren’t willful 

Even amicus fans neglect to mention Rosemary Collyer violated USAF in not considering one

 

The [Publicly] Unanswered John Bates Question about How You Define an Active User of a Targeted Facility

In this post, I showed how sometime in fall 2010, the government tried to get the FISA Court to let it use Section 702 to spy on Americans. Specifically, it defined one of the terms used in its application (presumably its targeting certification) “to include US persons,” which Bates took to understand as a request to undertake the “intentional acquisition of communications of US persons reasonably believed to be located outside the United States.”

In addition to the big dump of 702 related documents released last week, Charlie Savage liberated some of the documents pertaining to upstream surveillance from 2011. One of the documents included a set of questions John Bates asked on November 7, in advance of approving the new minimization procedures. And one of the questions is one I asked — and for the same reason — in my post on Rosemary Collyer’s recent upstream opinion: how you define an “active user.”

The Court’s Memorandum defined “active user” to be “the individual using the electronic communications account/address/identifier to interact with his/her Internet service provider.” See Oct. 3, 2011 Memorandum Opinion at 35 n. 34 (emphasis added). However, the amended minimization procedures state that NSA will identify and segregate through technical means MCTs where “the active user of the transaction (i.e., the electronic communications account/address/identifier used to send or receive the Internet transaction to or from a service provider) is reasonably believed to be located in the United States; or the location of the active user is unknown.” See Section 3(b)(5)(a). Please confirm that NSA’s “technical means” for identification and segregation will focus on the location of the individual using the account.

Taken in the wake of the government’s 2010 effort to target a group that includes Americans, the importance of the answer is obvious. If, for example, the active user of a selector is the targeted group rather than a specific individual, then the Americans that are part of that targeted group would also have their communications collected and those communications wouldn’t get segregated as a result. For example, if the NSA were targeting the encryption keys that ISIS uses, and an American were also using that key to talk to other Americans, that communication would be collected but not segregated. So Bates, a year after backing the government down off its effort to use 702 to spy on Americans only to find that the government had been collecting on Americans for 4 years, seemed to be trying to make sure that the government didn’t achieve the same goal via different means.

Except, nowhere in the public record, did he explicitly force the government to integrate this focus on individual users into the minimization procedures. In his November 30, 2011 opinion approving the new MCT scheme, he cited of the requirement that MCTs including the communications of possible US persons get segregated, he added “the [user of]” to the language he cited from the minimization procedures.

Under the amended NSA minimization procedures, NSA must segregate and restrict access to certain portions of its upstream collection following acquisition.3 Section 3(b)(5)(a) requires NSA to

take reasonable steps post-acquisition to identify and segregate through technical means Internet transactions that cannot be reasonably identified as containing single, discrete communications where: the active user of the transaction (i.e., the [user of] the electronic communications account/address/identifier used to send or receive the Internet transaction to or from a service provider) is reasonably believed to be located in the United States; or the location of the active user is unknown.

But he didn’t specify that that user had to be an individual. In the same passage, he cited what are probably the responses to his November 7 questions, without citing the language used to respond to him.

Then, in restating the requirement to segregate such communications, Bates cited to his earlier opinion, but not the page he cited in his question invoking “individual” users.

Unlike the measures previously proposed by the government for MCTs, the new procedures require NSA, following acquisition, to identify and segregate the two categories of Internet transactions that are most likely to contain discrete wholly domestic communications and non-target communications to or from United States persons or persons located in the United States: (1) those as to which the “active user” is located inside the United States; and (2) those as to which the location of the active user is unknown. See Amended NSA Minimization Procedures at 4 (§ 3(b)(5)(a)); see also Oct. 3 Opinion at 37-41.

And neither the September 2012 opinion authorizing the next year’s certificates and clearing the government of ongoing violation of 1809(a)(2) doesn’t appear to mention active users.

I raised this issue with respect to Collyer’s opinion because, if the government can treat a group as a target and the group’s communication methods as a facility, then upstream surveillance will still collect entirely domestic communications that will newly be available via back door search (though in reality, NSA never fully implemented the scheme laid out in the 2011 opinion). Yet nowhere is this made clear.

In 2010, the Government Tried to Use Section 702 against US Persons

I’m working my way through the FISA related documents released last week. And I wanted to point out something that happened around October 2010: the NSA tried to turn 702 into a domestic surveillance program.

First, some background. Before 2011, it appears the government got 702 certificates approved every six months. Also, because the initial certificates were approved a month apart (in part because the initial PAA certificates were also approved a month apart for some really interesting reasons), the government submitted two sets of documents. That’s what explains the nearly identical pairs of documents released last week (Documents 11 and 5 approve 2009 certs, and Documents 4 and 2 approve 2010 certs).

Sometime in late summer to fall 2010, the government submitted a pretty dramatically altered request (see Document 16). [Update: This targeting certificate from 2010 was submitted on July 16, though that feels like odd timing and none of the targets are described as including US persons.]

As part of that, the government defined one of the targets to include US persons (albeit ones apparently located overseas).

Moreover, the government has defined the term [redacted] to include US persons, which raises the question whether permitting the intentional acquisition of communications of US persons reasonably believed to be located outside the United States is consistent with the requirements of 50 U. S.C. § 1881 a(b)(3).

In addition, the government requested to keep and disseminate any US person or domestic data it found “to the extent reasonably necessary to counter any imminent threat to human life or the national security that is related to the target.”

Another significant change to the minimization procedures relates to the provisions that allow NSA to retain, process, and disseminate any communication acquired while a target of 702 collection was inside the United States or after a target has been determined to be a United States person, “to the extent reasonably necessary to counter any imminent threat to human life or the national security that is related to the target, including obtaining authorization against the target pursuant to another section of the Act.” NSA Minimization Procedures at 7-10.

Whereas later minimization procedures have language about protecting imminent threats (defined broadly to include property), this request included vague “threat to national security” language.

Finally, John Bates implied that the submission implicated some prior court decision(s), including one by the FISCR.

Remarkably, these prior decisions (as well as the name of the target that includes US persons) were redacted with the b(7)E law enforcement technique exemption, not the b(1) or b(3) that covers most of the other redactions in these memos. I can’t recall any other b(7)E redaction in all the FISA orders I’ve read.

Also note, that in 2010, there were only two known FISCR opinions, the one tearing down the wall in 2002, and the one authorizing PRISM in 2008; this may be an as yet unidentified FISCR opinion.

By all appearances, in fall of 2010, the government tried to get approval to use 702 against US persons.

In response to this request, Bates basically said, “submit a legal justification.”

To date, the government has not provided the Court with an adequate legal basis upon which to undertake this review and make the required findings. Therefore, and in accordance with Rule 10(a)(ii) of the Foreign Intelligence Surveillance Court Rules of Procedure, the Court hereby ORDERS the government to file a written memorandum of law that addresses the legal issues identified in this Briefing Order and any others that have not previously been presented to the Court.

Document 4 and Document 2 reveal that the government submitted that memorandum. But after the court saw it and discussed it, the government basically said, “um, nevermind”

The government timely filed its Memorandum of Law on [redacted] 2010.

The Court then discussed the issues presented with representatives of the government on [redacted] 2010, at which time the Court identified certain concerns regarding the government’s submissions. On [redacted], 2010, the Attorney General and the DNI executed two amendments regarding the [redacted] Submission, which were filed with the Court as part of the [redacted] Submission. These amendments have the effect of reverting to the use of targeting and minimization procedures previously approved by the Court in the context of prior certifications.

Just to make sure the government got the message, Bates emphasized that his 2010 approvals were limited to non-US persons outside of the US.

Like the acquisitions approved by the Court in all of the Prior 702 Dockets, acquisitions under are limited to “the targeting of non-United States persons reasonably believed to be located outside the United States.”

This all had to have happened after July 2010 (because the approvals cite Bates July 2010 opinion restarting the PRTT dragnet). But the approvals almost certainly happened in November, because the government submitted its reauthorization applications on April 20 and 22 the following year and they were still doing reauthorizations every six months with applications submitted a month in advance.

So in 2010, the government asked to use 702 to spy on Americans, Bates called them on it, and they backed down.

Sort of. On May 2, the government confessed for the first time that it had been collecting US person data all along.