The Government Spoliationing for a Fight with EFF

On November 6, 2007, Judge Vaughn Walker issued a preservation order in EFF’s challenge to what we now know to be Stellar Wind, the Shubert case (which would be applied to the Jewel case after that). Nevertheless, in spite of that order, in 2009 the NSA started destroying evidence that it had collected data outside of the categories Judge Colleen Kollar-Kotelly authorized way back in 2004.

Also in 2009, NSA shifted records showing 3,000 people — which highly likely included CAIR’s staff and clients — had been dragnetted without the First Amendment review mandated by Section 215 (CAIR wasn’t a plaintiff on EFF’s earlier suits but they are on EFF’s phone dragnet suit, First Unitarian United). When they did, the government even appeared to consider the existing protection order in the EFF case; I have FOIAed their deliberations on that issue, but thus far have been stonewalled.

Finally, in 2011, NSA destroyed — on very little notice and without letting their own IG confirm the destruction of data that came in through NSA’s intake process — all of its Internet dragnet data.

In other words, on three known occasions, the NSA destroyed data covered by the protection order in Northern California, one of them even after admitting a protection order might cover the data in question. In two of those cases, we know the data either exceeded FISA’s orders or violated the law.

In fact, it wasn’t until 2014, when the government started asking Judge Reggie Walton for permission to destroy the phone dragnet data and EFF complained mightily, that NSA started complying with the earlier protection order. Later that same year, it finally asked FISC to keep the Protect America Act and FISA Amendments Act data also included under that order in its minimization procedures.

These posts provide more background on this issue: postpost, post, post.

In other words, on three different occasions (even ignoring the content collection), NSA destroyed data covered by the protection order. spoiling the evidence related to EFF’s lawsuits.

Which is why I find this claim — in the January 8 filing I’ve been waiting to read, but which was just posted on March 4 (that is, 5 days after the NSA would have otherwise had to destroy everything on February 29 under USA Freedom Act).

The Government remains concerned that in these cases, absent relief from district courts or explicit agreement from the plaintiffs, the destruction of the BR Metadata, even pursuant to FISC Order, could lead the plaintiffs to accuse the Government of spoliation. In Jewel, the plaintiffs have already moved for spoliation sanctions, including an adverse inference against the Government on the standing issue, based on the destruction of aged-off BR Metadata undertaken in accordance with FISC Orders. See Jewel Pls.’ Brief Re: the Government’s Non-compliance with the Court’s Evidence Preservation Orders, ECF No. 233.

Gosh, after destroying data on at least three different occasions (again, ignoring at least two years of content they destroyed), the government is worried that if it destroyed more it might get in trouble? Please!

Elsewhere, the strategy in this filing seems to be to expand the possible universe they’d have to set aside under the three cases (plus Klayman) for which there is a protection order as to make it virtually impossible to set it aside so as to destroy the rest. In addition, having let the time when they could have set aside such data easily pass because they were still permitted to access the data (say, back in 2014, when they got caught violating their protection order), they now claim that the closure of the dragnet makes such a search virtually impossible now.

It’s a nifty gimmick. They can’t find a way to destroy the data because they already destroyed even legally suspect data. And we learn about it only now, after the data would otherwise be destroyed, but now can’t be because they didn’t find some better resolution 2 years ago.

Guy Who Worked at White House When It Self-Authorized Dragnet Thinks Dragnets Are Cool

Eleven judges from the DC Circuit denied Larry Klayman’s request to overturn the stay that a panel put on Richard Leon’s injunction against the dragnet today.

Of those 11 judges, just one decided to weigh in on the legality of the dragnet Leon had ruled unconstitutional: Brett Kavanaugh. In doing so, he laid out a condensed version of the Special Needs search used by dragnet boosters.

I vote to deny plaintiffs’ emergency petition for rehearing en banc. I do so because, in my view, the Government’s metadata collection program is entirely consistent with the Fourth Amendment. Therefore, plaintiffs cannot show a likelihood of success on the merits of their claim, and this Court was right to stay the District Court’s injunction against the Government’s program.


Even if the bulk collection of telephony metadata constitutes a search, cf. United States v. Jones, 132 S. Ct. 945, 954-57 (2012) (Sotomayor, J., concurring), the Fourth Amendment does not bar all searches and seizures. It bars only unreasonable searches and seizures. And the Government’s metadata collection program readily qualifies as reasonable under the Supreme Court’s case law. The Fourth Amendment allows governmental searches and seizures without individualized suspicion when the Government demonstrates a sufficient “special need” – that is, a need beyond the normal need for law enforcement – that outweighs the intrusion on individual liberty.


The Government’s program for bulk collection of telephony metadata serves a critically important special need – preventing terrorist attacks on the United States. See THE 9/11 COMMISSION REPORT (2004). In my view, that critical national security need outweighs the impact on privacy occasioned by this program.

Kavanaugh, of course, served as a White House lawyer and as Staff Secretary during the period when George Bush kept self-authorizing such a dragnet. While there’s no reason to believe he was involved in the dubious theories used to justify Stellar Wind (which were largely a version of this Special Needs argument), he may well have been consulted — as he apparently was on detainee treatment, though he claimed not to have been during his confirmation. He may also have seen the paperwork authorizing the program.

No doubt Kavanaugh would espouse this view whether or not he had worked for a guy who might face real legal trouble if this theory didn’t hold sway. But as people cite from this language in the future, they should remember that of all the judges who reviewed this decision, only Kavanaugh had this kind of personal tie to the dragnet. And only Kavanaugh saw fit to weigh in.

The Government’s Bad Faith Arguments Demanding a Dragnet Stay

As expected, the government requested an immediate stay of Richard Leon’s decision yesterday to enjoin the dragnet from collecting JJ Little’s phone records.

Their argument is noteworthy for its stubbornness — reasserting many of the same arguments Leon just ruled against — and logical inconsistency. The brief claims, for example, that termination of the dragnet would cause the government irreparable harm, even while suggesting that it’s possible they’ve stopped collecting data from Verizon Business Network Services, which they’ve just claimed would cause irreparable harm.

But the brief also argues that the only way to comply with the injunction is to shut down the entire dragnet.

As the Government Defendants have explained, however, the only practicable way for the NSA to comply with the Court’s preliminary injunction is immediately to cease all collection and queries of telephony metadata under the Section 215 program—that is, to shut the program down. That is so because the technical steps required in order to prevent the further collection of and to segregate the metadata associated with particular persons’ calls would take the NSA months to complete. Gov’t Defs.’ Opp. to Pls.’ Renewed Mot. for a Prelim. Inj. (ECF No. 150) (“Gov’t PI Opp.”) at 41-44, citing Potter Decl. (Gov’t PI Opp. Exh. 4) ¶¶ 20-27.

That’s not actually what the Potter declaration the discussion cites to says. Potter says there is a way to make Little’s records inaccessible — though it claims implausibly that it would take two weeks to accomplish.

With respect to a requirement that the NSA cease analytic access to any records about plaintiffs’ calls that may already have been collected under the Program, NSA has developed a process that can be used to prevent analytic access to metadata containing specified identifiers. This capability prevents the use of particular identifiers to conduct queries, and prevents analysts from accessing records containing those identifiers even if responsive to queries using different identifiers. NSA technical personnel estimate that eliminating analytic access to metadata associated with plaintiffs’ calls could be completed within approximately 2 weeks after receipt of the plaintiffs’ telephone numbers and the time-frames during which they were used.

This is the defeat list process I’ve discussed repeatedly, by which high volume numbers (like Verizon’s voice mail number and pizza joints) and other sensitive numbers (likely including Congress’ official numbers as well as informants) are made inaccessible to querying.

Consider me skeptical that it really takes 2 weeks to put something on a defeat list, as not doing so makes queries unusable. If it took 2 weeks, then the dragnet would frequently return crap for 2 weeks as techs tried to stay ahead of the defeat list numbers.

There’s one more thing that yesterday’s brief and the underlying declaration make clear though: The government is collecting records off telecom backbones, not off any billing system (contrary to what some reports still claim).

That’s true because the only way that the government wouldn’t be sure that Little’s records were collected under an order to VBNS is if they weren’t getting actual subscribers information. Moreover, Little’s records still show up on AT&T’s compliance, too (anytime his calls transit their backbone, not to mention any time he calls someone who uses AT&T).

That, of course, means that Larry Klayman and everyone else in the United States has standing if the Fourth Amendment injury comes with collection — because everyone’s records transit the major telecom backbones of the country. But the government has been claiming all this time they can’t be sure that’s the case.

The government will get their stay, and they will moot this decision (if not overturn it) at the end of the month. But not before engaging in some serious bad faith in claims to the court.

Richard Leon Halts the Dragnet for One Plaintiff

Judge Richard Leon has just issued an injunction on the NSA’s collection of the phone metadata of J.J. Little and his lawfirm. Little got added as a plaintiff to Larry Klayman’s suit (in which Leon earlier found the program unconstitutional but stayed his own injunction) so as to have a Verizon Business Services customer who could be certain his phone records had been collected.

The order will undoubtedly set off a bit of a scramble, not because pulling Little’s phone records really presents any difficulty for the NSA (they already defeat list so many records it’s clear they have the ability to at least make those records inaccessible to a search, though they don’t want to explain the full application of that process; hopefully this ruling will lead to more candor on this point). Rather, the NSA will want to ensure this program has constitutional sanction because it also collects so many other records of Americans (in his book, for example, Charlie Savage confirmed my earlier analysis that the Internet dragnet moved, in part, overseas rather than being shut down). And the DC Circuit is likely to respond to quickly override Leon.

That said, Leon’s order is most interesting for its analysis of the government’s claim it can carry out this program because of a Special Need. In it, he repeats efficacy arguments he made in his earlier ruling: rather than present any new evidence that the program has been useful, it has instead just said the threat environment requires it. But he also notes that this special need, unlike that of, say, a TSA check, does not have a deterrence effect. That’s interesting because the government’s own secrecy about how many calls are collected would make any deterrence uncertain (indeed, terrorists might be expected to move communications to the Internet, believing falsely that attracts less attention).

As I said, the DC Circuit is likely to overturn this. But it will give the government a few days of headaches until that point.

Delusional DOJ Claims Documents Declassified, Released Under FOIA Not Declassified, Not Authentic

Screen Shot 2015-08-28 at 11.22.34 AM
Back in March, NYT’s Charlie Savage sued to get the NSA to respond to a FOIA request asking for “copies of — and declassification review of, as necessary” a bunch of things, including IG reports on “bulk phone records collection activities under Section 215 of the PATRIOT Act.”

In late August, they delivered an installment of their response to that suit to him including a series of IG Reports on the 215 program. Among other things, the FOIA response included an August 2, 2010 letter to FISC Judge John Bates referring to a compliance violation in Docket BR 10-10 (the order is dated February 26, 2010). In referring to the caption of that docket (and the caption redactions in other dockets are consistent in size), it named Verizon Wireless.

As I pointed out at the time, this provides Larry Klayman and other Verizon Wireless subscribers challenging the phone dragnet basis to establish standing to sue. While in the Klayman suit, Judge Richard Leon invited Klayman just to add a plaintiff who subscribed to Verizon Business Services, in Northern CA, EFF requested the 9th Circuit take judicial notice of the document.

So now DOJ has gone a bit batshit. (Josh Gerstein first reported on this here.) It mocks that EFF head Cindy Cohn “apparently believes” it fair to conclude Verizon Wireless took part in the phone dragnet because of a reference to “a company name that includes the term ‘Verizon Wireless’ in the caption of a purported FISC filing” that happens to govern the entire phone dragnet. It suggests the accuracy of the document DOJ gave to Savage can be reasonably questioned, apparently disputing its own FOIA response to Savage. And it bitches that EFF “does not contend that this document was declassified,” even though it was given to Savage pursuant to his request for “declassification review [] as necessary.”

In short, in an effort to argue the document doesn’t say what it says (which may, I admit, not mean what it says, but such is the wackiness of the secret FISA Court and the secret phone dragnet), DOJ is saying that DOJ didn’t provide Charlie Savage authentic, declassified documents like he sued to get. DOJ uses words like “purported” to describe DOJ’s own FOIA response.

I mean, I’ll grant you, those of us outside DOJ often doubt the accuracy of their FOIA responses to us. But usually DOJ at least pretends they’re giving us authentic documents.

DOJ Threatens to Invoke State Secrets Over Something Released in FOIA

Screen Shot 2015-08-28 at 11.22.34 AM
In a hearing today, Judge Richard Leon said that Larry Klayman could pursue his dragnet challenge by adding a plaintiff who did business with Verizon Business Services. But as part of Klayman’s effort, he noted — weakly — that evidence got released showing Verizon Wireless was included in the dragnet. Klayman cited just the Charlie Savage article, not the document released under FOIA showing VZ Wireless on a FISC caption (though I presume his underlying 49 page exhibit includes the actual report — just not necessarily with the passage in question highlighted).

It was disclosed on August 12, 2015 by Charlie Savage of The New York Times that Verizon Wireless, as this Court had already ruled in its Order of December 16, 2013, at all material times was conducting and continuing to conduct unconstitutional and illegal dragnet “almost Orwellian” surveillance on Plaintiffs and millions of other American citizens. See Exhibit 1, which is a Government document evidencing this, incorporated herein by reference, and see Exhibit 2, the New York Times article.

Moreover, Klayman surely overstated what the inclusion of VZ Wireless in a phone dragnet Primary Order caption from 2010 showed. Which probably explains why DOJ said “The government has not admitted in any way, shape, or form that Verizon Wireless participated” in the Section 215 phone dragnet, according to Devlin Barrett.

The point is, they should have to explain why it is that, according to a document they’ve released, VZ Wireless was targeted under the program. Perhaps we’ll get that in Northern California, where EFF very competently pointed to what evidence there was.

Which is why the government’s threat to invoke state secrets was so interesting.

The Court should avoid discovery or other proceedings that would unnecessarily implicate classified national-security information, and the potential need to assert and resolve a claim of the state secrets privilege: Plaintiffs’ proposed amendments, in particular their new allegations regarding the asserted participation of Verizon Wireless in the Section 215 program, implicate matters of a classified nature. The Government has acknowledged that the program involves collection of data from multiple telecommunications service providers, and that VBNS (allegedly the Little Plaintiffs’ provider) was the recipient of a now-expired April 25, 2013, FISC Secondary Order. But otherwise the identities of the carriers participating in the program, now, or at any other time, remain classified for reasons of national security. See Klayman, 2015 WL 5058403, at *6 (Williams, S.J.).

At this time the Government Defendants do not believe that it would be necessary to assert the state secrets privilege to respond to a motion by Plaintiffs for expedited injunctive relief that is based on the allegations of the Little Plaintiffs, or even the proposed new allegations (and exhibit) regarding Verizon Wireless. Nor should it be necessary to permit discovery into matters that would risk or require the disclosure of classified national-security information and thus precipitate the need to assert the state secrets privilege. Nevertheless, if Plaintiffs were permitted to seek discovery on the question of whether Verizon Wireless is now or ever has been a participating provider in the Section 215 program, the discovery sought could call for the disclosure of classified national-security information, in which case the Government would have to consider whether to assert the state secrets privilege over that information.

As the Supreme Court has advised, the state secrets privilege “is not to be lightly invoked.” United States v. Reynolds, 345 U.S. 1, 7 (1953). “To invoke the . . . privilege, a formal claim of privilege must be lodged by the head of the department which has control over the matter after actual personal consideration by that officer.” Id. at 7-8. To defend an assertion of the privilege in court also requires the personal approval of the Attorney General. Policies and Procedures Governing Invocation of the State Secrets Privilege at 1-3, The Government should not be forced to make so important a decision as whether or not to assert the state secrets privilege in circumstances where the challenged program is winding down and will end in a matter of weeks. Moreover, discovery into national-security information should be unnecessary to the extent the standing of the newly added Little Plaintiffs, and the appropriateness of injunctive relief, may be litigated without resort to such information.

If, however, discovery into national-security information is permitted, the Government must be allowed sufficient time to give the decision whether to assert the state secrets privilege the serious consideration it requires. And if a decision to assert the privilege is made, the Government must also be given adequate time to prepare the senior-level declarations and other materials needed to support the claim of privilege, to ensure that the national security interests at stake are appropriately protected. See, e.g., Mohamed v. Jeppesen Dataplan, Inc., 614 F.3d 1070, 1077, 1090 (9th Cir. 2009).

I think it’s quite possible that VZW was not turning over phone records under the Section 215 program in 2010 (which is quite another matter than suggesting NSA was not obtaining a great deal, if not most, of VZW phone records generally). I believe it quite likely NSA obtained some VZW records under Section 215 during the 2010 period.

But I also believe explaining the distinctions between those issues would be very illuminating.

Meanwhile, the threat of stalling, with all the attendant rigamarole, served to scare Leon — he wants this to move quickly as badly as Klayman does. After all, Leon will have much less ability to issue a ruling that will stand after November 28, when the current dragnet dies.

We shall see what happens in CA when DOJ attempts to make a similar argument.

Government Recently Released Information Proving Larry Klayman Has Standing

Screen Shot 2015-08-28 at 11.22.34 AM

As I noted, the DC Circuit Court reversed Judge Richard Leon’s injunction against the phone dragnet. The judges disagreed on whether Larry Klayman had standing — because he is a Verizon Wireless but not Verizon landline subscriber, which had been the only thing confirmed by the government. All agreed he had not shown he had the high certainty of standing required to uphold an injunction against the program. But the per curium opinion did agree that the case has not been mooted, because by immediately restarting the bulk program after the passage of USA F-ReDux, the government showed that the harm could recur.

That’s important, because information proving that Klayman does have standing has recently been released in an official (albeit probably inadvertent) release.

Part of the IG Reports on the phone dragnet Charlie Savage obtained by suing shows that — at least in 2010 — the Primary Order for the phone dragnet went to AT&T, Sprint, Verizon’s subsidiaries (the former MCI part of Verizon’s business, which I believe is its backbone), and “Cellco Partnership d/b/a Verizon Wireless.”

I’ll say more about what I think this really means in a later post — and why I think the suit against bulk surveillance needs to be, and can be, tweaked somewhat to ensure standing.

But for the moment, know that for at least one 90 day period in 2010, Verizon Wireless as well as Verizon’s landline was ordered to turn over phone records.

The Government’s Unexplained Iran Dragnet

Just the other day, I observed that the government likely has a problem with the authorities it has used to police its sanction regime against Iran. First, the government appears to have had a counterproliferation certification under Protect America Act that may have had legal issues; with FISA Amendments Act, Congress authorized such a certification as foreign intelligence. Then, at some point over the course of the phone dragnet, FISC approved the use of the dragnet with Iran under an alleged terrorism purpose. But the primary claimed Iranian terrorism in this country was propagated by DEA; clearly the NSA was using the dragnet for an inherently counterproliferation purpose.

A judge in DC just ruled for the government in a case against an Iranian American, Shantia Hassanshahi, that implicates many of these problems, and broader problems with the dragnet, though he did so by largely sidestepping the underlying issue.

Basically, the case that Hassanshahi violated sanctions stems from the following evidentiary steps:

  1. An unsolicited tip from an (apparently) paid informant
  2. A query request submitted to some unnamed database on a suspect number, which returned a single call with a number associated with Hassanshahi
  3. Based on that and 1 other call to Iran, the government stopped Hassanshahi as he returned from a trip to Iran and seized his devices in CA
  4. A forensic search of his laptop resulted in incriminating documents showing the sale of non-military energy-related goods to Iran

Hassanshahi argued that the query of the database — which he argued was either the phone dragnet database or something nearly identical and therefore just as unconstitutional — was illegal, citing Richard Leon’s Larry Klayman ruling. And he argued that everything else not only followed as fruit of the poison tree from there, but that the device search violated the 9th Circuit’s precedent requiring probable cause to conduct a forensic border search (his devices were seized in CA, not in DC). Judge Rudolph Contreras rejected Hassanshahi’s bid to have the evidence suppressed by dodging the question of the legality of the database query, treating it as unconstitutional (I think this overstates what the government was saying here).

In response, the Government sidesteps Hassanshahi’s argument by taking the position that although the NSA telephony database was not used, the Court nevertheless should assume arguendo that the law enforcement database HSI did use was unconstitutional. See Gov’t’s  Mem. Opp’n Mot. Suppress 12. Consistent with this position, the Government refuses to provide details about its law enforcement database on the basis that such information is irrelevant once the Court accepts the facial illegality of the database. See id. at 11-12. Regrettably, the Court therefore starts its analysis from the posture that HSI’s initial search of the mysterious law enforcement database, which uncovered one call between Sheikhi’s business telephone number and the 818 number linked to Hassanshahi, was unconstitutional

But based on the time that elapsed between the query he treated as unconstitutional and the border search, and based on Hassanshahi’s voluntary arrival in LAX (where a 9th Circuit ruling would require reasonable suspicion) and some really crazy details even the government didn’t argue that strongly constituted reasonable suspicion, he ruled the forensic search in LA legal.

This is where things get bizarre. Having already ruled that this was not flagrant enough to make the subsequent search improper, Contreras then throws up his hands, notes that if the government did use the NSA phone dragnet  (which is supposed to be limited to counterterrorism purposes and therefore should be inapplicable in this case) or if the dragnet it used doesn’t have the controls that the NSA dragnet does it might be a problem, he says he will require the government to submit an ex parte filing explaining the database.

But, at the same time, the Court does not know with certainty whether the HSI database actually involves the same public interests, characteristics, and limitations as the NSA program such that both databases should be regarded similarly under the Fourth Amendment. In particular, the NSA program was specifically limited to being used for counterterrorism purposes, see Klayman, 957 F. Supp. 2d at 15-16, and it remains unclear if the database that HSI searched imposed a similar counterterrorism requirement. If the HSI database did have such a limitation, that might suggest some level of flagrancy by HSI because it was clear that neither Sheikhi nor Hassanshahi was involved in terrorism activities. With so many caveats, the Government’s litigation posture leaves the Court in a difficult, and frustrating, situation. Yet, even assuming that the HSI database was misused to develop the lead into Hassanshahi, HSI’s conduct appears no more flagrant than law enforcement conduct in other “unlawful lead” cases,which still held that the attenuation exception applied nonetheless.6

66 The Government’s silence regarding the nature of the law enforcement database has made the Court’s analysis more complex than it should be. Although the Court still concludes that the attenuation exception applies in large part based on the “unlawful lead” line of cases, the Court will order that the Government provide the Court with an ex parte declaration summarizing the contours of the mysterious law enforcement database used by HSI, including any limitations on how and when the database may be used.

Of course he only requires this after ruling that the evidence can come in!

Now, I can think of four possibilities to explain the search:

  • The government searched the dragnet under its “Iranian” allowance (which only Josh Gerstein and I have ever reported), exposing what I noted above — that they’re using a CT tool for a fundamentally CP function
  • The government searched Hemisphere
  • The government searched SPMCA, the authority permitting it to contact-chain on US person data collected under EO 12333 or it originally searched on the Section 215 phone dragnet then re-ran the search under EO 12333 so it could share the link
  • There’s yet another dragnet

Something’s definitely fishy about the government’s claims, because the Homeland Security investigator in the case, Joshua Akronowitz changed his story twice in meaningful ways.

For example, the affidavit the government used to justify his arrest said he personally searched “HSI accessible law enforcement databases.” Read more

Fixes for USA Freedom Act

I’m now being accused by USA Freedom Act champions of not providing constructive suggestions on how to improve USAF (even though I have, both via channels they were involved in and channels they are not party to) [oops, try this tweet, which is still active].

Now that it appears people who previously claimed I was making all this up now concede some of my critiques as a valid, here goes: my suggestions for how to fix the problems I identified in this post.

Problem: No one will say how the key phone record provision of the bill will work

Fix: Permit the use of correlations — but provide notice to defendants because this is probably unconstitutional warrantless surveillance

There is one application of connection chaining that I find legitimate, and two that are probably unconstitutional. The legitimate application is the burner phone one: to ask providers to use their algorithms (including new profiles of online use) to find the new phones or online accounts that people adopt after dropping previous ones, which is what AT&T offers under Hemisphere. To permit that, you might alter the connection chaining language to say providers can chain on calls and texts made, as well as ask providers to access their own records to find replacement phones. Note, however, that accuracy on this mapping is only about 94% per Hemisphere documents, so it seems there needs to be some kind of check before using those records.

The two other applications — the ones I’m pretty sure are or should be unconstitutional without a warrant — are 1) the use of cloud data, like address books, calendars, and photos, to establish connections, and 2) the use of phone records like Verizon’s supercookie to establish one-to-one correlations between identities across different platforms. I think these are both squarely unconstitutional under the DC Circuit’s Maynard decision, because both are key functions in linking all these metadata profiles together, and language in Riley would support that too. But who knows? I’m not an appellate judge.

To prevent the government from doing this without really independent judicial review — and more generally to ensure Section 215 is not abused going forward — the best fix is to require notice to defendants if any evidence from Section 215 or anything derived from it, including the use of metadata as an index to identify content, is used in a proceeding against them. Given that Section 215’s secret application is now unclassified, they should even get a fairly robust description of how it was used. After all, if this is just third party doctrine stuff, it can’t be all that secret!

Problem: USAF negotiates from a weak position and likely moots potentially significant court gains

Fix (sort of): Provide notice to defendants under Section 215

I’m frankly of the opinion that ACLU’s Alex Abdo kicked DOJ’s ass so thoroughly in the 2nd Circuit, that unless that decision is mooted, it will provide a better halt to dragnets than any legislation could. But I get that that’s a risk, especially with Larry Klayman botching an even better setup in the DC Circuit.

But I do think the one way to make sure we don’t lose the opportunity for a judicial fix to this is to provide notice to defendants of any use or derivative use of Section 215. The government has insisted (most recently in the Reaz Qadir Khan case, but also did so in the Dzhokhar Tsarnaev and derivative cases, where we know they used the phone dragnet) that it doesn’t have to give such notice. If they get it — with the ability to demonstrate that their prosecution arises out of a warrantless mosaic analysis of their lives which provides the basis for the order providing access to their content — then at least there may be a limited judicial remedy in the future, even if it’s not Abdo fighting for his own organization. FISCR said PAA was legal because of precisely these linking procedures, but if they’re not (or if they require a warrant) then PRISM is not legal either. Defendants must have the ability to argue that in court.

Problem: USAF’s effects in limiting bulk collection are overstated

Fix: Put temporal limits on traditional 215 collection, add flexibility into the emergency provision, but adopt existing emergency provision

USAF prohibits using a communications provider corporate person as a selector, but permits the use of a non-communications corporate person as a selector, meaning it could still get all of Visa’s or Western Union’s records. I understand the government claims it needs to retain the use for corporate person selectors to get things like all the guests at Caesars Palace to see if there are suspected terrorists there. The way to permit this, without at the same time permitting a programmatic dragnet (of, say, all Las Vegas hotels all the time), might be to temporally limit the order — say, limit the use of any non-communications provider order to get a month of records.

But this creates a problem, which is that it currently takes (per the NSL IG Report) 30-40 days to get a Section 215 order. The way to make it possible to get records when you need them, rather than keeping a dragnet, is to permit the use of the emergency provision more broadly. You might permit it to be used with counterintelligence uses as well as the current counterterrorism use (that is, make it available in any case where Section 215 would be available), though you should still limit use of any data collected to the purpose for which it was collected. You might even extend the deadline to submit an application beyond 7 days.

That exacerbates the existing problems with the emergency provision, however, which is that the government gets to keep records if the court finds they misused the statute. To fix this, I’d advise tying the change to the adoption of the existing language from the emergency provision currently in place on the phone dragnet order, specifically permitting FISC to require records be discarded if the government shouldn’t have obtained them. I’d also add a reporting requirement on how many emergency provisions were used (that one would be included in the public reporting) and, in classified form to the intelligence and judiciary committees, fairly precisely what it had been used for. I’d additionally require FBI track this data, so it can easily report what has become of it.

Given that the government may have already abused the emergency provisions, this requires close monitoring. So no loosening of the emergency provision should be put into place without the simultaneous controls.

Problem: USAF would eliminate any pushback from providers

Fix: Put “good faith” language back in the law and provide appeal of demand for proprietary requests

I’d do two things to fix the current overly expansive immunity provisions. First, I’d put the language that exists in other immunity provisions requiring good faith compliance with orders, such that providers can’t be immunized for stuff that they recognize is illegal.

I’d also add language giving them an appeal if the government were obtaining proprietary information. While under current law the government should be able to obtain call records, they shouldn’t be able to require providers also share their algorithms about business records, which is (I suspect) where this going (indeed, the Yahoo documents suggest that’s where it has already gone under PRISM). So make it clear there’s a limit to what is included under third party doctrine, and provide providers with a way to protect their data derived from customer records.

Problem: USAF may have the effect of weakening existing minimization procedures

Fix: Include language permitting FISC approval and review of compliance with traditional 215 minimization procedures and PRTT, adopt emergency provision language currently in place

This should be simple. Just include language letting the court review minimization procedures and review compliance, which is currently what happens and should happen as we get deeper and deeper into mosaic collection (indeed, this might be pitched as a solution to what should be a very urgent constitutional problem for the status quo practice).

Additionally, the bill should integrate the emergency provision currently applicable to the phone dragnet for all Section 215 use, along with reporting on how often and how it is used.

Both of these, importantly, simply codify the current status quo. If the government won’t accept the current status quo, after years of evidence on why it needs this minimal level of oversight from FISC, then that by itself should raise questions about the intelligence community’s intent going forward.

Problem: USAF’s transparency provisions are bullshit

Fix: Require reporting from all providers, give FBI 2 years and a budget to eliminate exemptions, give NSA 2 years to be able to answer all questions

One minimal fix to the transparency provisions is to require reporting not just from all communications providers, but from all providers who have received orders, such that the government would have to report on financial and location dragnets, which are both currently excluded. This would ensure that financial and location dragnets that currently exist and are currently exempted from reporting are included.

As to the other transparency provisions, the biggest problem is that the bill permits both the NSA and FBI to say “omigosh we simply can’t count all this.” I think they’re doing so for different reasons. In my opinion, the NSA is doing so because it is conducting illegal domestic wiretapping, especially to pursue cybersecurity targets. It is doing so because it hasn’t gotten Congress to buy off on using domestic wiretapping to pursue cybertargets. I would impose a 2 year limit on how long ODNI can avoid reporting this number, which should provide plenty of time for Congress to legislate a legal way to pursue cybertargets (along with limits to what kind of cybertargets merit such domestic wiretapping, if any).

I think the FBI refusing to count its collection because it wants to passively collect huge databases of US persons so it can just look up whether people who come under its radar are suspicious. I believe this is unconstitutional — it’s certainly something the government lied to the FISCR in order to beat back Yahoo’s challenge, and arguably the government made a similar lie in Amnesty v. Clapper. If I had my way, I’d require FBI to count how many US persons it was collecting on and back door searching yesterday. But if accommodation must be made, FBI, too, should get just 2 years (and significant funding) to be able to 1) tag all its data (as NSA does, so most of it would come tagged) 2) count it and its back door searches 3) determine whether incoming data is of interest within a short period of time, rather than sitting on it for 30 years. Ideally, FBI would also get 2 years to do the same things with its NSL data.

Again, I think the better option is just to make NSA and FBI count their data, which will show both are violating the Constitution. Apparently, Congress doesn’t want to make them do that. So make them do that over the next 2 years, giving them time to replace unconstitutional programs.

Problem: Other laudable provisions — like the Advocate — will easily be undercut

Fix: Add exemption in the ex parte language on FISA review for the advocate

In this post, I noted that the provision requiring the advocate have all the material she needs to do to do her job conflicts with the provision permitting the government to withhold information on classification or privilege grounds. If there is any way to limit this — perhaps by requiring the advocate be given clearance into any compartments for the surveillance under question (though not necessarily the underlying sources and methods used in an affidavit), as well as mandating that originator controlled (ORCON) documents be required to be shared. This might work like a CIPA provision, that the government must be willing to share something if it wants FISC approval (and with it, the authority to obligate providers).

But since that post, we’ve seen how, in the Yahoo challenge, the government convinced Reggie Walton to apply the ex parte provisions applying to defendants to Yahoo. That precedent would now, in my opinion, apply language on review to any adversary. To fix that, the bill should include conforming language in all the places (such as at 50 USC 1861(c)) that call for ex parte review to make it clear that ex parte review does not apply to an advocate’s review of an order.

I fully expect the IC to find this unacceptable (Clapper has already made it clear he’ll only accept an advocate that is too weak to be effective). But bill reformers should point to the clear language in the President’s speech calling for “a panel of advocates from outside government to provide an independent voice in significant cases before the Foreign Intelligence Surveillance Court.” If the IC refuses to have an advocate that can do the job laid out by statute, they should have to answer to the President, who has called for real advocates (not amici). 

To recap — all this pertains only to the bill on its face, not to the important things the bill is missing, such as a prohibition on back door searches. But these are things that would make USA Freedom Act far better.

I suspect the intelligence community would object to many, if not all of them. But if they do, then it would certainly clarify what their intent really is.

Why DOJ Withheld the Correlations Opinion: The DC Circuit’s Mosaic

On January 9, 2014, the government appealed Judge Richard Leon’s decision finding the phone dragnet in Klayman v. Obama to the DC Circuit.

The DC Circuit, of course, is the court that issued US. v Maynard in 2010, the first big court decision backing a mosaic theory of the Fourth Amendment. And while the panel that ultimately heard the Klayman appeal included two judges who voted to have the entire circuit review Maynard, the circuit precedent in Maynard includes the following statement.

As with the “mosaic theory” often invoked by the Government in cases involving national security information, “What may seem trivial to the uninformed, may appear of great moment to one who has a broad view of the scene.” CIA v. Sims, 471 U.S. 159, 178 (1985) (internal quotation marks deleted); see J. Roderick MacArthur Found. v. F.B.I., 102 F.3d 600, 604 (D.C. Cir. 1996). Prolonged surveillance reveals types of information not revealed by short-term surveillance, such as what a person does repeatedly, what he does not do, and what he does ensemble. These types of information can each reveal more about a person than does any individual trip viewed in isolation. Repeated visits to a church, a gym, a bar, or a bookie tell a story not told by any single visit, as does one‘s not visiting any of these places over the course of a month. The sequence of a person‘s movements can reveal still more; a single trip to a gynecologist‘s office tells little about a woman, but that trip followed a few weeks later by a visit to a baby supply store tells a different story.* A person who knows all of another‘s travels can deduce whether he is a weekly church goer, a heavy drinker, a regular at the gym, an unfaithful husband, an outpatient receiving medical treatment, an associate of particular individuals or political groups — and not just one such fact about a person, but all such facts.

With that precedent, the DC Circuit is a particularly dangerous court for the Administration to review a dragnet that aspires to collect all Americans’ call records and hold them for 5 years.

On March 31, 2014, the government submitted a motion for summary judgment in EFF’s FOIA for Section 215 documents with an equivalent to the ACLU. One of the only things the government specifically withheld — on the grounds that it described a dragnet analysis technique it was still using — was an August 20, 2008 FISC opinion authorizing the technique in question, which it did not name.

Two days before FISC issued that August 20, 2008 opinion, the NSA was explaining to the court how it made correlations between identifiers to contact chain on all those identifiers. Two days is about what we’ve seen for final applications before the FISC rules on issues, to the extent we’ve seen dates, suggesting the opinion is likely about correlations.

Here’s how the government described correlations, in various documents submitted to the court in 2009.

They define what a correlated address is (and note, this passage, as well as other passages, do not limit correlations to telephone metadata — indeed, the use of “address” suggests correlations include Internet identifiers).

The analysis of SIGINT relies on many techniques to more fully understand the data. One technique commonly used is correlated selectors. A communications address, or selector, is considered correlated with other communications addresses when each additional address is shown to identify the same communicant as the original address.

They describe how the NSA establishes correlations via many means, but primarily through one particular database.

NSA obtained [redacted] correlations from a variety of sources to include Intelligence Community reporting, but the tool that the analysts authorized to query the BR FISA metadata primarily used to make correlations is called [redacted].

[redacted] — a database that holds correlations [redacted] between identifiers of interest, to include results from [redacted] was the primary means by which [redacted] correlated identifiers were used to query the BR FISA metadata.

They make clear that NSA treated all correlated identifiers as RAS approved so long as one identifier from that user was RAS approved.

In other words, if there: was a successful RAS determination made on any one of the selectors in the correlation, all were considered .AS-a. ,)roved for purposes of the query because they were all associated with the same [redacted] account

And they reveal that until February 6, 2009, this tool provided “automated correlation results to BR FISA-authorized analysts.” While the practice was shut down in February 2009, the filings make clear NSA intended to get the automated correlation functions working again,

While it’s unclear whether this screen capture describes the specific database named behind the redactions in the passages above, it appears to describe an at-least related process of identifying all the equivalent identities for a given target (in this case to conduct a hack, but it can be used for many applications).


If I’m right that the August 20, 2008 memo describes this correlations process, it means one of the things the government decided to withhold from EFF and ACLU (who joined Klayman as amici) after deciding to challenge Leon’s decision in a court with a precedent of recognizing a mosaic theory of the Fourth Amendment was a document that shows the government creates a mosaic of all these dragnets.

It’s not just a phone dragnet (and it’s not just US collected phone records). It’s a domestic and internationally-collected phone and Internet and other metadata dragnet, and after that point, if it sucks you into that dragnet, it’s a financial record and other communications dragnet as well (for foreigners, I imagine, you get sucked in first, without an interim stage).

Even though both Janice Rogers Brown and David Sentelle voted to reconsider the mosaic theory in 2010, Sentelle’s questions seemed to reflect a real concern about it. Unsurprisingly, given that he authored a fairly important opinion in US v Quartavious Davis holding that the government needed a warrant to get stored cell site location data while he was out on loan to the 11th Circuit earlier this year, his questions focused on location.

Sentelle: What information if any is gathered about the physical location of wireless callers, if anything? Cell tower type information.

Thomas Byron: So Judge Sentelle, what is not included. Cell tower information is not included in this metadata and that’s made clear in the FISC orders.  The courts have specified that it’s not included.

Note how Byron specified that “cell tower information is not included in this metadata”? Note how he also explains that the FISC has specified that CSLI is not included, without explaining that that’s only been true for 15 months (meaning that there may still be incidentally collected CSLI in the databases). Alternately, if the NSA gets cell location from the FBI’s PRTT program (my well-educated guess is that the FBI’s unexplained dragnet — the data from which it shares with the NSA — is a Stingray program), then that data would get analyzed along with the call records tied to the same phones, though it’s not clear that this location data would be available from the known but dated metadata access, which is known only to include Internet, and EO 12333 and BRFISA phone metadata).

Stephen Williams seemed even more concerned with the Maynard precedent, raising it specifically, and using it to express concern about the government stashing 5 years of phone records.

Williams: Does it make a significant difference that these data are collected for a five year period.

Byron’s response was particularly weak on this point, trying to claim that the government’s 90-day reauthorizations made the 5 years of data that would seem to be clearly unacceptable under Maynard (which found a problem with one week of GPS data) acceptable.

Byron: It’s not clear in the record of this case how much time the telephone companies keep the data but the point is that there’s a 90 day period during which the FISC orders are operative and require the telephone companies to turn over the information from their records to the government for purposes of this program. Now the government may retain it for five years but that’s not the same as asking whether the telephone company must keep it for five years.

Williams: How can we discard the five year period that the government keeps it?

Williams also, later, asked about what kind of identities are involved, which would also go to the heart of the way the government correlates identities (and should warrant questions about whether the government is obtaining Verizon’s supercookie).

Byron expressed incredible (as in, not credible) ignorance about how long the phone companies keep this data; only AT&T keeps its data that long. Meaning the government is hoarding records well beyond what users should have an expectation the third party in question would hoard the data, which ought to eliminate the third party justification by itself.

Janice Rogers Brown mostly seemed to want things to be easy, one bright line that cops could use to determine what they could and could not obtain. Still, she was the only one to raise the other kinds of data the government might obtain.

JRB: Does it matter to whom the record has been conveyed. For instance, medical records? That would be a third party’s record but could you draw the same line.

Byron: Judge Brown, I’m glad you mentioned this because it’s really important to recognize in the context of medical records just as in the context, by the way, of telephone records, wiretap provisions, etcetera, Congress has acted to protect privacy in all of these areas. For example, following the Miller case, Congress passed a statute governing the secrecy of bank records. Following the Smith case, Congress passed a statute governing wiretaps. HIPAA, in your example, Judge Brown, would govern the restrictions, would impose restrictions on the proper use of medical information. So too here, FISA imposes requirements that are then enforced by the Foreign Intelligence Surveillance Court. And those protections are essential to understanding the program and the very limited intrusion on any privacy interest.

While Byron had a number of very misleading answers, this probably aggravated me the most. After all, the protections that Congress created after the Miller case and the Smith case were secretly overridden by the FISC in 2008 and 2010, when it said limitations under FISA extended for NSLs could also be extended for 215 orders. And we have every reason the government could, if not has, obtained medical records if not actual DNA using a Section 215 order; I believe both would fall under a national security exception to HIPAA. Thus, whatever minimization procedures FISC might impose, it has, at the same time blown off precisely the guidelines imposed by Congress.

The point is, all three judges seemed to be thinking — to a greater or lesser extent — of this in light of the Maynard precedent, Williams particularly so. And yet because the government hid the most important useful evidence about how they use correlations (though admittedly the plaintiffs could have submitted the correlations data, especially in this circuit), the legal implications of this dragnet being tied to other phone and Internet dragnets and from there more generalized dragnets never got discussed.

Don’t get me wrong. Larry Klayman likely doomed this appeal in any case. On top of being overly dramatic (which I think the judges would have tolerated), he misstated at least two things. For example, he claimed violations reported at the NSA generally happened in this program alone. He didn’t need to do that. He could have noted that 3,000 people were dragnetted in 2009 without the legally required First Amendment review. He could have noted 3,000 files of phone dragnet data were not destroyed in timely fashion, apparently because techs were using the real data on a research server. The evidence to show this program has been — in the past at least — violative even of the FISC’s minimization requirements is available.

Klayman also claimed the government was collecting location data. He got caught, like a badly prepared school child, scrambling for the reference to location in Ed Felten’s declaration, which talked about trunk location rather than CSLI.

In substantive form, I don’t think those were worse than Byron’s bad evasions … just more painful.

All that said, all these judges — Williams in particular — seemed to want to think of this in terms of how it fit in a mosaic. On that basis, the phone dragnet should be even more unsustainable than it already is. And some of that evidence is in the public record, and should have been submitted into the record here.

Still, what may be the most important part of the record was probably withheld, by DOJ, after DOJ decided it was going to appeal in a circuit where that information would have been centrally important.