Posts

The October Non-Surprise

Both the Wikileaks Podesta release and the Access Hollywood tape drowned out the Intelligence Community report on Russia

Earlier this week, in an interview with Politico (the story and the interview transcript seem to be memory holed for now), Obama’s Homeland Security Czar Lisa Monaco insisted that the Obama response to the Russian hack of the DNC was actually quite forceful, but that it got lost in the release of the Access Hollywood video showing Trump threatening to grab women by the pussy.

But strong supporters of Clinton’s campaign argued—some at the time, many more in the wake of the former secretary of state’s shocking November election defeat—that the Obama team should have done more to publicize the hacking for what it was: a heavy-handed Kremlin intervention on behalf of one side in America’s presidential election. Monaco pushed back against that, recalling that the heads of U.S. intelligence agencies issued a joint statement publicly blaming the Russians for the pre-election hack on Oct. 7. “That was an unprecedented statement,” she says, “a fact that sometimes gets lost in this discussion” given that it came on the same day as the revelation of the “Access Hollywood” tape showing Trump joking about sexually assaulting a woman.

I point to Monaco’s argument because it’s a mirror image to claims Hillary supporters make about the same week. They argue that the release of the John Podesta emails drowned out the Access Hollywood video. Here’s John Podesta in a December appearance on Meet the Press.

So October 7th, Wiki– October 7th, let’s go through the chronology. On October 7th, the Access Hollywood tape comes out. One hour later, WikiLeaks starts dropping my emails into the public. One could say that there might, those things might not have been a coincidence.

Monaco is in the right here. The Google Trends graph above maps “Wikileaks emails” in blue, “Access Hollywood” in red, and “Russian hack” in yellow (“Grab them by the pussy” shows a more extreme but shorter spike, “John Podesta” doesn’t show as high). In fact, the Grab them by the pussy video drowned out the first releases of the Podesta emails — which suggests it would have been stupid strategy to intentionally release them at the same time, as doing so would mean fewer people would read the excerpts from Hillary’s speeches that got released on the first day. By the following Tuesday, Wikileaks had taken over. By comparison, the Russian hack was a mere blip compared to those two stories, though.

The Roger Stone and Wikileaks narrative misses a few data points

I return to this chronology for another reason. The events of the week of October 3 have been in the news for another reason: their role in the claim that Roger Stone was coordinating with Wikileaks during that week (which is presumably a big part of the reason Podesta insinuated there was coordination on that timing).

CNN has a timeline of many of Stone’s Wikileaks related comments, which actually shows that in August, at least, Stone believed Wikileaks would release Clinton Foundation emails (a claim that derived from other known sources, including Bill Binney’s claim that the NSA should have all the Clinton Foundation emails).

It notes, as many timelines of Stone’s claims do, that on Saturday October 1 (or early morning on October 2 in GMT; the Twitter times in this post have been calculated off the unix time in the source code), Stone said that on Wednesday (October 5), Hillary Clinton is done.

Fewer of these timelines note that Wikileaks didn’t release anything that Wednesday. It did, however, call out Guccifer 2.0’s purported release of Clinton Foundation documents (though the documents were real, they were almost certainly mislabeled Democratic Party documents) on October 5. The fact that Guccifer 2.0 chose to mislabel those documents is worth further consideration, especially given public focus on the Foundation documents rather than other Democratic ones. I’ll come back to that.

Throughout the week — both before and after the Guccifer 2.0 release — Stone kept tweeting that he trusted the Wikileaks dump was still coming.

Monday, October 3:

Wednesday, October 5 (though this would have been middle of the night ET):

Thursday, October 6 (again, this would have been nighttime ET, after it was clear Wikileaks had not released on Wednesday):

On October 7, at 4:03PM, David Fahrenthold tweeted out the Access Hollywood video.

On October 7, at 4:32 PM, Wikileaks started releasing the Podesta emails.

Stone didn’t really comment on the substance of the Wikileaks release. In fact, even before the Access Hollywood release, he was accusing Bill Clinton of rape, and he continued in that vein after the release of the video, virtually ignoring the Podesta emails.

For its part, Wikileaks was denying it had any knowing contact with Stone within a week, as it had before. CNN finally reported those denials in the wake of reporting on Stone’s August 2016 contacts with Guccifer 2.0. It’s worth noting that in precisely that time period, Wikileaks managed to discredit a still unexplained US-based hoax launched against Julian Assange, accusing him of soliciting a minor via the online dating site Todd and Claire. In addition, this was the period when the odd Alfa Bank story was being pitched to journalists.

Thus far, anyway, the full chronology suggests that either Stone’s information was only vaguely accurate or Wikileaks delayed its release for a few days. That does weird things to Podesta’s narrative, since either Wikileaks delayed their release so the actually newsworthy part of it — Hillary’s speech excerpts — would be overshadowed (as it was) by the Access Hollywood video, or the Access Hollywood video was timed to coincide with the Wikileaks release — which after all had been announced publicly in a way the Access Hollywood video had not been.

Democrats had more warning of impending emails than Podesta makes out

There’s another part of Podesta’s narrative that deserves review. He liked to suggest he had no idea when his emails were being released — in part, to criticize the FBI for not warning him.

It’s not just that Stone appears to have had a vaguer sense of when the next dump (which, as noted, he appeared to believe would be Clinton Foundation emails) was coming than often made out. Democrats also had more warning than often claimed.

In his December Meet the Press appearance, Podesta made a big deal out of the fact that the FBI had not informed him before the October 7 release.

CHUCK TODD:

This is your personal account that was hacked. I’ve got to think you’re getting updates on the investigation that others would not. What can you share?

JOHN PODESTA:

I will share this with you, Chuck. The first time I was contacted by the F.B.I. was two days after WikiLeaks started dropping my emails.

CHUCK TODD:

Let me pause here.

JOHN PODESTA:

The first, the first–

CHUCK TODD:

Two days after?

But as he went on to reveal, he had seen a document released earlier that he had reason to believe may have been from him (I think, but will have to return to this, that it may have been one of the original Guccifer 2.0 documents).

CHUCK TODD:

But when were you aware that you had been hacked? Before October 7th?

JOHN PODESTA:

I think it was confirmed on October 7th in some of the D.N.C. dumps that had occurred earlier.

CHUCK TODD:

Earlier, yeah.

JOHN PODESTA:

And other campaign officials also had their emails divulge earlier than October 7th. But in one of those D.N.C. dumps, there was a document that appeared to me was– that appeared came– might have come from my account. So I wasn’t sure, I didn’t know, I didn’t know what they had, what they didn’t have. It wasn’t until October 7th when Assange both really in his first statements said things that were incorrect, but started dumping them out and said they were going to all dump out. That’s when I knew that they had the contents of my email account.

Even putting aside Podesta’s suspicion one of the release documents had come from him and Stone’s warnings, Podesta would have had one more warning there would be a further release: from the Christopher Steele reports being done as opposition research for the Hillary campaign.

On September 14, Steele reported that the Russians were considering releasing more emails after the September 18 Duma elections, though the Russians thought they might not have to release any more emails to make Hillary look “weak and stupid.”

Russians do have further “kompromat” on CLINTON (e-mails) and considering disseminating it after Duma (legislative elections) in late September. Presidential spokesman PESKOV continues to lead on this.

[snip]

Continuing on this theme, the senior PA official said the situation was that the Kremlin had further “kompromat” on candidate CLINTON and had been considering releasing this via “plausibly deniable” channels after the Duma (legislative elections) were out of the way in mid-September. There was however a growing train of thought and associated lobby, arguing that the Russians could still make candidate CLINTON look “weak and stupid” by provoking her into railing against PUTIN and Russia without the need to release more of her e-mails.

Curiously, as with all other Wikileaks releases, the publicly-released Steele reports never prospectively confirm a release. Steele’s sources seemed to have little prospective insight to offer about non-public events tied to the release of emails. But on October 12, a report (based on undated early October reporting, which raises questions why the reporting on this wasn’t as quick as on some other reports) notes that the Russians have dumped more anti-Clinton material, which would continue until election day.

Russians have injected further anti-CLINTON material into the “plausibly deniable” leaks pipeline which will continue to surface, but best material already in public domain.

[snip]

Speaking separately in confidence to a trusted compatriot in early October 2016, a senior Russian leadership figure and a Foreign Ministry official reported on recent developments concerning the Kremlin’s operation to support Republican candidate Donald TRUMP in the US presidential election. The senior leadership figure said that a degree of buyer’s remorse was setting in among Russian leaders concerning TRUMP, PUTIN and his colleagues were surprised and disappointed that leaks of Democratic candidate, Hillary CLINTON’s hacked e-mails had not had greater impact on the campaign.

Continuing on this theme, the senior leadership figure commented that a stream of further hacked CLINTON material already had been injected by the Kremlin into compliant western media outlets like Wikileaks, which remained at least “plausibly deniable”, so the stream of these would continue through October and up to the election. However s/he understood that the best material the Russians had already was out and there were no real game-changers to come.

Suffice it to say, even without an FBI warning, Podesta had good reason to expect the emails would occur, though he may have had only a vague idea of the timing.

The other missing detail

Which brings me to one final event from that week that rarely makes the timelines, particularly not the Democratic ones (though Glenn Greenwald pointed out some of it in this post).

From at least the time of the DNC email release in July, Democrats insinuated that Russia and/or Wikileaks had doctored the emails, without ever offering proof, besides the original obvious doctoring of metadata in the Guccifer 2.0 documents (though some DNC people have since credibly claimed that not all of their emails got published). Chief among those people was Malcolm Nance, who was writing a book on the hack. He started warning of spoofed emails in late July. He started pitching his book, which predicted the leaks would include tampering, at the end of September.

And then, just over an hour after the Podesta emails dropped (5:44PM) documents including excerpts from Hillary’s speeches, a pro-Clinton Twitter account responded to Michael Tracey’s observations about the excerpts with a badly faked transcript of a Hillary Goldman Sachs speech.

At 7:25PM, one of the key Russian story commenters linked to it, accusing “Trumpists” of “dirtying docs.” Then at 7:43PM, Nance tweeted, “Official Warning: #PodestaEmails are already proving to be riddled with obvious forgeries & #blackpropaganda not even professionally done.”

Click through to Greenwald’s post to see how it went viral after that (MSNBC’s Joy Reid, who had repeatedly had Nance on, was key to both of Nance’s claims of forgeries go viral), including how it got picked up in the Democrats’ own fake news sites.

Here’s the thing: in multiple places, the guy who later claimed credit, under the name “Marco Chacon,” for the hoax stated he had done the transcript in advance of the release of the emails.

The biggest breakout I had came when a Vice reporter, Michael Tracey, was holding forth on Twitter in the wake of the Podesta Email leaks. He was speaking about the Goldman Sachs transcripts—and I had one.

I had written up a fake Goldman Sachs transcript days before, wherein Hillary Clinton is preparing a run for president and is speaking to the board of directors in 2014 about the coming threat to Wall Street and Washington power. That threat? Bronies, adult male fans of the cartoon My Little Pony: Friendship Is Magic. She has to explain this “Bronie Threat” to them and, in the process, describes a group of internet denizens she calls a “bucket of losers.”

When I tweeted the link and an image of some of the text at Tracey, I did it because I find him to be something of a self-important git and wanted to poke fun at him. I didn’t know at the time that there were Goldman Sachs transcript fragments in the WikiLeaks release.

Note, too, that his claim that when he tweeted the hoax transcript to Tracey, he didn’t know there were Goldman transcripts in the Wikileaks release is laughable: That’s what Tracey’s tweet was about!

Just days later, Kurt Eichenwald would make another claim that Russia had doctored emails that went even more wildly viral (and became among the most remembered fake news stories of the election cycle). In Eichenwald’s discussions with the Sputnik writer in question, Bill Moran, he insisted that spooks had alerted him to the (mis)use of his story.

There is definitely evidence that Roger Stone had at least enough feedback with those leaking stolen emails to know to expect them the first week of October — though he clearly didn’t know precisely when or what to expect. Moreover, he clearly didn’t have an open channel with Assange to find out when the delayed release would be — it appears, instead, he got a warning, but no update.

But there are at least as many reasons to ask whether the Democrats (or perhaps even a government agency) had advance warning of what was coming, and had planned in response.

And all that played out at the time when, per Lisa Monaco, the Intelligence Community made what they viewed as an unprecedented announcement blaming Russia for the hack of the Democrats.

There are definitely reasons to scrutinize Stone’s foreknowledge in all this. But that is by no means the only feedback loop that appears to have been in operation by this point.

Trump’s Muslim Ban Forces IC to Conduct Actual Assessment of Terror Threats

CNN reports that the Trump Administration has asked DHS and DOJ to come up with an intelligence report backing the selection of the seven Muslim banned countries. According to CNN, some of those working on the report feel they’re being asked to fit a report to a desired conclusion.

President Donald Trump has assigned the Department of Homeland Security, working with the Justice Department, to help build the legal case for its temporary travel ban on individuals from seven countries, a senior White House official tells CNN.

Other Trump administration sources tell CNN that this is an assignment that has caused concern among some administration intelligence officials, who see the White House charge as the politicization of intelligence — the notion of a conclusion in search of evidence to support it after being blocked by the courts. Still others in the intelligence community disagree with the conclusion and are finding their work disparaged by their own department.

This is another of those areas where I’m grateful for the incompetence of the Trump Administration. If it were me, I’d call the four Obama Administration officials who first named these seven countries a threat: former Deputy CIA Director Avril Haines, former Secretary of State John Kerry, former Homeland Security Czar Lisa Monaco, and former National Security Advisor Susan Rice. They’re already on a court declaration in this case, so even the ones who might have been able to dodge testifying normally, they wouldn’t be able to. Make them explain why Iran and Sudan are on this list. They would either have to admit the truth: that our notions of terrorism generally are utterly politicized, and that if we were to measure on actual threat, our close allies Saudi Arabia and Pakistan would lead the list. Or they’d have to invent something to justify their past politicized actions.

Instead, Trump is trying to politicize intelligence, which not only has elicited this backlash, but will never be able to accomplish its objective. Even after redefining terror attack down to include material support (something that is actually consistent with the last 15 years of FBI fluffing their terror prosecution numbers), it is still impossible to present Iran as a bigger terrorist threat than Saudi Arabia (plus, you’d have to acknowledge that the listing and delisting of MEK, which a number of Trump officials have supported for cash payments, is also totally politicized).

Hopefully, that will lead to a larger reassessment of how we think of terrorism, including the recognition that our allies are actually the problem, not our arch-enemy Iran. That’s obviously wildly optimistic. But it is the kind of possibility that Trump’s incompetence allows us to consider.

The Folks Who Picked the Stupid Seven Banned Countries Say the Muslim Ban Is Stupid

Buried in a declaration written by a bunch of former national security officials in the Washington v Trump suit opposing Trump’s Muslim ban is this passage:

Because various threat streams are constantly mutating, as government officials, we sought continually to improve that vetting, as was done in response to particular threats identified by U.S. intelligence in 2011 and 2015. Placing additional restrictions on individuals from certain countries in the visa waiver program –as has been done on occasion in the past – merely allows for more individualized vettings before individuals with particular passports are permitted to travel to the United States.

These officials, which include (among others) former Deputy CIA Director Avril Haines, former Secretary of State John Kerry, former Homeland Security Czar Lisa Monaco, and former National Security Advisor Susan Rice argue that the practice is to tweak immigration rules based on changing threat patterns rather than impose broad bans not driven by necessity and logic. They argue that additional restrictions imposed on certain immigrants in 2015 were “in response to particular threats identified by U.S. intelligence.”

That’s really interesting because the 2015 change they reference is the basis of the Trump list that excludes countries that are real threats and includes others (especially Iran) that are not. Here’s how CNN describes the genesis of the seven countries covered by Trump’s ban.

In December 2015, President Obama signed into law a measure placing limited restrictions on certain travelers who had visited Iran, Iraq, Sudan, or Syria on or after March 1, 2011. Two months later, the Obama administration added Libya, Somalia, and Yemen to the list, in what it called an effort to address “the growing threat from foreign terrorist fighters.

The restrictions specifically limited what is known as visa-waiver travel by those who had visited one of the seven countries within the specified time period. People who previously could have entered the United States without a visa were instead required to apply for one if they had traveled to one of the seven countries.

Under the law, dual citizens of visa-waiver countries and Iran, Iraq, Sudan, or Syria could no longer travel to the U.S. without a visa. Dual citizens of Libya, Somalia, and Yemen could, however, still use the visa-waiver program if they hadn’t traveled to any of the seven countries after March 2011.

Now, Haines, Kerry, Monaco, and Rice might be excused for opposing Trump’s ban on seven poorly picked countries that themselves had a hand in picking. After all, the changes derived from bills presented by Republicans, Candace Miller and Ron Johnson, which got passed as part of the Omnibus in 2015. Obama can’t be expected to veto the entire spending bill because some Republicans wanted to make life harder on some immigrants.

Except that, as far as I understand, the Obama Administration extended the restrictions from the original law, which pertained only to people from or who had traveled to Syria and Iraq, to Iran and Sudan. And then (as CNN notes) they extended it again to three other countries, Libya, Somalia, and Yemen (notably, all countries we destabilized).

So it’s partly the fault of Haines, Kerry, Monaco, and Rice that Iran, which hasn’t targeted the US in real terrorism for decades, is on the list. It’s partly the fault of Haines, Kerry, Monaco, and Rice that countries with actual ties to terrorists who have attacked inside the US — most notably Saudi Arabia and Pakistan — are not on the list.

I have no doubt that the argument presented in the declaration (which was also signed by a bunch of people who weren’t part of Obama’s second term national security team) is right: Trump’s Muslim ban is badly conceived and makes us less safe. But one reason they likely know that is because their own visa restrictions were badly conceived and did little to make us more safe.

Trump is pursuing a lot of stupid policies. But we should remain honest that they largely build on stupid policies of those who came before.

Update: Corrected that this is not an amicus, but a declaration submitted with state opposition.

The Game of Telephone about the Election Hacking Review

This morning, the White House announced that Obama has ordered a review of election-related hacking, to be completed before Donald Trump takes over. I want to capture the varying descriptions of what the review will entail.

Politico: The review will look at the hacks blamed on the Russians this year and malicious cyber activity (publicly understood to be China in 2008 and someone else in 2012) going back to 2008

The review will put the spate of hacks — which officials have blamed on Russia — “in a greater context” by framing them against the “malicious cyber activity” that may have occurred around the edges of the 2008 and 2012 president elections, said White House principal deputy press secretary Eric Schultz at a briefing.

“This will be a review that is broad and deep at the same time,” he added.

[snip]

In 2008, the campaigns for both Sen. John McCain (R-Ariz.) and Obama were bombarded by suspected Chinese hackers, according to U.S. intelligence officials. The digital intruders were reportedly after internal policy papers and the emails of top advisers.

And in 2012, Gawker reported that hackers had broken into Republican presidential candidate Mitt Romney’s personal Hotmail account after correctly answering his backup security question: “What is your favorite pet?”

“We will be looking at all foreign actors and any attempt to interfere with the elections,” Schultz said.

WaPo: The review will be a “full review” of Russian hacking during the November election

President Obama has ordered a “full review” of Russian hacking during the November election, as pressure from Congress has grown for greater public understanding of exactly what Moscow did to interfere in the electoral process.

[snip]

U.S. intelligence and law enforcement agencies had already been probing what they see as a broad covert Russian operation to sow distrust in the presidential election process. It was their briefings of senior lawmakers that led a number of them to press for more information to be made public.

[snip]

Though Russia has long conducted cyberspying on U.S. agencies, companies and organizations, this presidential campaign marks the first time Russia has attempted through cyber means to interfere in, if not actively influence, the outcome of an election, the officials said.

CNN: The review will look at “hacking by the Russians aimed at influencing US elections going back to 2008” (CNN notes that the IC “never said there was strong evidence that [hacks of voter registration systems were] tied to the Russian government”)

President Barack Obama has ordered a full review into hacking by the Russians aimed at influencing US elections going back to 2008, the White House said Friday.

“The President has directed the Intelligence Community to conduct a full review of what happened during the 2016 election process. It is to capture lessons learned from that and to report to a range of stakeholders,” White House Homeland Security and Counterterrorism Adviser Lisa Monaco said at a Christian Science Monitor breakfast with reporters Friday. “This is consistent with the work that we did over the summer to engage Congress on the threats that we were seeing.”
White House spokesman Eric Schultz added later that the review would encompass malicious cyber activity related to US elections going back to 2008. [my emphasis]

Wikileaks (relying on the CNN story): The review will look at Wikileaks

CNN: Obama orders report into WikiLeaks timed for release just prior to Trump presidency

NYT: The review will look at all Russian efforts to influence the 2016 election, including publishing email contents and probing the “vote-counting system” (presumably a reference to voter lists that have nothing to do with vote counting)

President Obama has ordered American intelligence agencies to produce a full report on Russian efforts to influence the 2016 presidential election, his homeland security adviser said on Friday. He also directed them to develop a list of “lessons learned” from the broad campaign the United States has accused Russia of carrying out to steal emails, publish their contents and probe the vote-counting system.

The Reason Obama Capitulated on the (Phone) Dragnet

This will be a bit of a contrary take on what I believe to be the reasons for President Obama’s capitulation on the dragnet, announcing support today for a plan to outsource the first query in the dragnetting process to the telecoms.

It goes back to the claims — rolled out in February — that the NSA has only been getting 20 to 30% of the call data in the US. Those reports were always silent or sketchy on several items:

  • The claims were always silent that they applied only to Section 215, and did not account for the vast amount of data, including US person cell data, collected under EO 12333.
  • The claims were sketchy about the timing of the claim, especially in light of known collection of cell data in 2010 and 2011, showing that at that point NSA had no legal restrictions on accepting such data.
  • The claims were silent about why, in both sworn court declarations and statements to Congress, Administration officials said the collection (sometimes modified by Section 215, often, especially in court declarations, not) was comprehensive.

Here’s what I think lies behind those claims.

We know that as recently as September 1, 2011, the NSA believed it had the legal authority to collect cell location data under Section 215, because they were doing just that. Congress apparently did not respond well to learning, belatedly, that the government was collecting location data in a secret interpretation of a secret interpretation. Nevertheless, it appears the government still believed it had that authority — though was reevaluating it — on January 31, 2012, when Ron Wyden asked James Clapper about it — invoking the “secret law” we know to be Section 215 — during his yearly grilling of Clapper in the Global Threat hearing.

Wyden: Director Clapper, as you know the Supreme Court ruled last week that it was unconstitutional for federal agents to attach a GPS tracking device to an individual’s car and monitor their movements 24/7 without a warrant. Because the Chair was being very gracious, I want to do this briefly. Can you tell me as of now what you believe this means for the intelligence community, number 1, and 2, would you be willing to commit this morning to giving me an unclassified response with respect to what you believe the law authorizes. This goes to the point that you and I have talked, Sir, about in the past, the question of secret law, I strongly feel that the laws and their interpretations must be public. And then of course the important work that all of you’re doing we very often have to keep that classified in order to protect secrets and the well-being of your capable staff. So just two parts, 1, what you think the law means as of now, and will you commit to giving me an unclassified answer on the point of what you believe the law actually authorizes.

Clapper: Sir, the judgment rendered was, as you stated, was in a law enforcement context. We are now examining, and the lawyers are, what are the potential implications for intelligence, you know, foreign or domestic. So, that reading is of great interest to us. And I’m sure we can share it with you. [looks around for confirmation] One more point I need to make, though. In all of this, we will–we have and will continue to abide by the Fourth Amendment. [my emphasis]

Unsurprisingly, as far as I know, Clapper never gave Wyden an unclassified answer.

Nevertheless, since then the government has come to believe it cannot accept cell data under Section 215. Perhaps in 2012 as part of the review Clapper said was ongoing, the government decided the Jones decision made their collection of the cell location of every cell phone in the US illegal or at least problematic. Maybe, in one of the 7 Primary orders DOJ is still withholding from 2011 to 2013, the FISC decided Jones made it illegal to accept data that included cell location. It may be that a February 24, 2013 FISC opinion — not a primary order but one that significantly reinterpreted Section 215 — did so. Certainly, by July 19, 2013, when Claire Eagan prohibited it explicitly in a primary order, it became illegal for the government to accept cell location data.

That much is clear, though: until at least 2011, DOJ believed accepting cell location under Section 215 was legal. At least by July 19, 2013, FISC made it clear that would not be legal.

That, I believe, is where the problems accepting cell phone data as part of Section 215 come from (though this doesn’t affect EO 12333 data at all, and NSA surely still gets much of what it wants via EO 12333). Theresa Shea has explicitly said in sworn declarations that the NSA only gets existing business records. As William Ockham and Mindrayge have helped me understand, unless a telecom makes it own daily record of all the calls carried on its network — which we know AT&T does in the Hemisphere program, funded by the White House Drug Czar — then the business ecords the phone company will have are its SS7 routing records. And that’s going to include cell phone records. And those include location data for cell phones.

Now, it may be that the telecoms chose not to scan out this information for the government. It may be that after the program got exposed they chose to do the bare minimum, and the cell restrictions allowed them to limit what they turned over (something similar may have happened with VOIP calls carried across their networks). It may be that Verizon and even AT&T chose to only provide that kind of data via EO 12333 program that, because they are voluntary, get paid at a much higher rate. In any case, I have very little doubt that NSA got the phone records from Verizon, just not via Section 215.

But I’m increasingly sure the conflict between Section 215’s limit to existing business record and the limits imposed on Section 215 via whatever means was the source of the “problem” that led NSA to only get 30% of phone records [via the Section 215 program, which is different than saying they only got 30% of all records from US calls].

And a key feature of both the President’s sketchy program…

  • the companies would be compelled by court order to provide technical assistance to ensure that the records can be queried and that results are transmitted to the government in a usable format and in a timely manner.

And the RuppRoge Fake Fix…

(h)(1)(A) immediately provide the Government with records, whether existing or created in the future, in the format specified by the Government

[snip]

(h)(2) The Government may provide any information, facilities, or assistance necessary to aid an electronic communications service provider in complying with a directive issued pursuant to paragraph (1).

Is that the government gets to dictate what format they get records in here, which they couldn’t do under Section 215. That means, among other things, they can dictate that the telecoms strip out any location data before it gets to NSA, meaning NSA would remain compliant with whatever secret orders have made the collection of cell location in bulk illegal.

Remember, too, that both of these programs will have an alert feature. In spite of getting an alert system to replace the one deemed illegal in 2009 approved on November 8 2012, the government has not yet gotten that alert function working for what are described as technical reasons.

The Court understands that to date NSA has not implemented, and for the duration of this authorization will not as a technical matter be in a position to implement, the automated query process authorized by prior orders of this Court for analytical purposes. Accordingly, this amendment to the Primary Order authorizes the use of this automated query process for development and testing purposes only. No query results from such testing shall be made available for analytic purposes. Use of this automated query process for analytical purposes requires further order of this Court.

It’s possible that, simply doing the alert on exclusively legally authorized data (as opposed to data mixing EO 12333 and FISC data) solves the technical problems that had stymied NSA from rolling out the alert system they have been trying to replace for 5 years. It’s possible that because NSA was getting its comprehensive coverage of US calls via different authorities, it could not comply with the FISC’s legal limits on the alert system. But we know there will be an alert function if either of these bills are passed.

The point is, here, too, outsourcing the initial query process solves a legal-technical problem the government has been struggling with for years.

The Obama plan is an improvement over the status quo (though I do have grave concerns about its applicability in non-terrorist contexts, and my concerns about what the government does with the data of tens to hundreds of thousands of innocent Americans remain).

But don’t be fooled. Obama’s doing this as much because it’s the easiest way to solve legal and technical problems that have long existed because the government chose to apply a law that was entirely inapt to the function they wanted to use it for.

Shockers! A more privacy protective solution also happens to provide the best technical and legal solution to the problem at hand.

Update: Forgot to add that, assuming I’m right, this will be a pressure point that Members of Congress will know about but we won’t get to talk about. That is, a significant subset of Congress will know that unless they do something drastic, like threatening legal penalties or specifically defunding any dragnetting, the Executive will continue to do this one way or another, whether it’s under a hybrid of Section 215 and EO 12333 collection, or under this new program. That is, it will be a selling point to people like Adam Schiff (who advocated taking the call records out of government hands but who has also backed these proposals) that this could bring all US intelligence collection under the oversight of the FISC (it won’t, really, especially without a very strong exclusivity provision that prohibits using other means, which the Administration will refuse because it would make a lot of what it does overseas illegal). This is the same tension that won the support of moderates during the FISA Amendments Act, a hope to resolve real separation of powers concerns with an imperfect law. So long as the Leahy-Sensenbrenner supporters remain firm on their demands for more reforms, we may be able to make this a less imperfect law. But understand that some members of Congress will view passing this law as a way to impose oversight over a practice (the EO 12333 collection of US phone records) that has none.

Update: Verizon has released this telling statement.

This week Congressmen Mike Rogers (R-MI) and Dutch Ruppersberger (D-MD) released the “End Bulk Collection Act of 2014”, which would end bulk collection of data related to electronic communications. The White House also announced that it is proposing an approach to end bulk collection. We applaud these proposals to end Section 215 bulk collection, but feel that it is critical to get the details of this important effort right. So at this early point in the process, we propose this basic principle that should guide the effort: the reformed collection process should not require companies to store data for longer than, or in formats that differ from, what they already do for business purposes. If Verizon receives a valid request for business records, we will respond in a timely way, but companies should not be required to create, analyze or retain records for reasons other than business purposes. [my emphasis]

It’s telling, first of all, because Verizon still doesn’t want to have to fuss with anything but their business records. That says it has been unwilling to do so, in the past, which, in my schema, totally explains why the government couldn’t get Verizon cell records using Section 215. (I have wondered whether this was a newfound complaint, since they got exposed whereas AT&T did not; and even in spite of Randal Milch’s denial, I still do wonder whether the Verizon-Vodaphone split hasn’t freed them of some data compliance obligations.)

Just as importantly, Verizon doesn’t want to analyze any of this data. As I have pointed out, someone is going to have to do high volume number analysis, because otherwise the number of US person records turned over will be inappropriately large but small enough it will be a significant privacy violation to do it at that point (for some things, it requires access to the raw data).

I’m unclear whether the RuppRuge Fake Fix plan of offering assistance (that is, having NSA onsite) fixes this, because NSA could do this analysis at Verizon.

The White House — Lisa Monaco? — “Cutting Off the Intelligence Community”

Too bad for Obama he has decided the great new way to aggressively prosecute leaks without the bad PR of doing it through the Courts is to have James Clapper’s Inspector General investigate them. Because I’m betting the IC IG will be unenthusiastic about hunting down this admitted leaker.

Some U.S. intelligence officials said they were being blamed by the White House for conducting surveillance that was authorized under the law and utilized at the White House.

“People are furious,” said a senior intelligence official who would not be identified discussing classified information. “This is officially the White House cutting off the intelligence community.”

But I’m a bit more interested in this barb, putting Homeland Security Advisor Lisa Monaco solidly in the line of communication receiving intelligence from wiretaps on foreign leaders.

Any decision to spy on friendly foreign leaders is made with input from the State Department, which considers the political risk, the official said. Any useful intelligence is then given to the president’s counter-terrorism advisor, Lisa Monaco, among other White House officials.

As I have twice noted, Monaco brings dramatically different experience to the position than her predecessor, John Brennan. Rather than being implicated in the illegal program that was the root of many of the problems as the program moved under FISA Court review, she had had to try to clean them up while Assistant Attorney General for National Security, including at least the upstream violations. She also participated in the decision to shut down the Internet dragnet collection program.

After prior bitching about her silence during this scandal, she penned an op-ed last week laying out the evolving White House position.

Today’s world is highly interconnected, and the flow of large amounts of data is unprecedented. That’s why the president has directed us to review our surveillance capabilities, including with respect to our foreign partners. We want to ensure we are collecting information because we need it and not just because we can.

[snip]

Going forward, we will continue to gather the information we need to keep ourselves and our allies safe, while giving even greater focus to ensuring that we are balancing our security needs with the privacy concerns all people share.

The implication, of course, is that the same person voicing this “because we need it and not just because we can” has been implicated by receiving intelligence with Merkel’s and other leaders names on it, and may be responsible for not alerting the President to it. The accuracy of the claim, of course, depends on whether the White House really shut down the collection on Merkel earlier this summer or only in the last week or so; remember tasking priorities are reassessed biannually. Moreover, it’s not like wiretaps on allied leaders would be the primary focus of someone whose job centers on counterterrorism.

The thing is, this attack can backfire, as having received this information puts Monaco in an appropriate position to know whether we were collecting it because we could, not because we need to.

Monaco has, in the past, been part of a team that deemed a program not valuable enough to sustain. Which means she has a little experience for the pushback the IC may be throwing at her in coming days.

The NSA Hides Its Domestic Collection by Refusing to Count It

In his speech at Cato last week Ron Wyden made it clear that when he asked Keith Alexander and James Clapper in advance of the reauthorization of the FISA Amendments Act for the number of Americans’ communications that had been collected under Section 702, he meant to elicit the estimates John Bates made in his October 3, 2011 opinion.

I spent much of 2012 asking the NSA and the DNI [Director of National Intelligence] whether anyone had done an estimate of how many American communications had been collected under section 702. The ODNI and the NSA insisted that such an estimate was impossible, but what they failed to tell the public was that the Fisa court had already done one.

Bates had the NSA conduct a manual review of a statistical subsection of 50,440 transactions collected via upstream collection between January and June 2011. (Note, it appears Bates may have had to raise dire warnings with “top DOJ officials” on July 8, 2011 before he got such a review.) He then annualized the results and estimated that the NSA was collecting up to 56,000 communications of Americans each year, made up of 46,000 communications consisting entirely of an American’s communication (Single Communication Transactions), and 10,000 in which their communication got included in a Multiple Communication Transaction swept up in the search.

Given what we’ve learned about the 2011 confrontation, Wyden’s serial requests for this information take on added importance for two reasons.

Administration never disclosed its domestic collection to the most Members of Congress

First, because the Administration very pointedly did not inform the bulk of Congress that NSA had been — and had been allowed to continue — collecting purely domestic communications from telecom switches. Neither the February 9, 2012 statement to the Senate Intelligence Committee nor the May 4, 2012 notice to Congress provided any indication that this violation involved collecting domestic communications (the December 8, 2011 statement to the House Intelligence Committee did, and both Committees, presumably as well as the Judiciary Committees, received the opinion itself, which makes that clear). It’s also not clear whether any of these notices included any mention of the SCTs, those single communication transactions involving just a US person communication.

Read more

The 2011 Disclosures

This post simply breaks out the dates in the October 3, 2011 John Bates opinion, adding the claims the government made at the time. It provides a somewhat better idea of the circumstances surrounding the manual review of upstream collection NSA did.

Read more

Findings versus Law: “The Intelligence Community Does Not Task Itself”

Predictably, Ben Wittes adopted the Shane Harris piece airing NSA gripes about the White House’s flaccid defense of them as part of Lawfare’s Empathy for Wiretappers series (brought to you in part by NSA contractor Northrop Grumman!).

In his commentary on the piece, Wittes compares Bush’s defense of torture (which Wittes calls coercive interrogation) and warrantless wiretapping (I assume he means the illegal warrantless wiretapping, as distinct from the warrantless wiretapping permitted under the existing legally sanctioned program) with Obama’s relative silence on NSA’s programs.

Another comparison would be to the way President Bush handled the firestorms over NSA’s warrantless wiretapping program and the CIA’s coercive interrogation program. Whatever one thinks of the programs in question, in my view the comparison does not flatter Obama.

Say what you will about Bush and the CIA’s interrogation program; there’s no question that he owned it. Nobody in the public ever thought that the program belonged to then-CIA Director George Tenet—though Tenet certainly was an enthusiastic executor. It was Bush’s program, and the reason it came off this way was that Bush publicly, repeatedly, and personally defended it. He made speeches about it. He wrote about it in his book. He never ran away from it. Nor, notably, did his attorney general. Similarly, Bush never ran away from warrantless wiretapping program. We associate him so personally with these programs, because he stoutly stood by them.

Obama has a lot on his plate right now. But he and his White House should not be leaving defense of intelligence programs he believes in to the intelligence community. Nor should Eric Holder, whose department convinced the FISA Court of the legal views currently at issue and oversees day-to-day FISA collection activity at NSA.

The intelligence community does not task itself. And when the political leadership tasks it to do something that then engulfs it in controversy, it should be a matter of honor not to let it dangle in the breeze.

As a threshold matter, who in their right mind would ask Eric Holder to defend a program? For better or worse, he has no more credibility right now than James Clapper or Keith Alexander, particularly among conservatives who believe he’s responsible for Fast and Furious. That may make him ineffective as an AG, but that is the AG Obama has chosen to retain.

Furthermore, which Attorney General does Ben have in mind that also defended these programs (or does he mean just torture?). Not only did John Ashcroft refuse to reauthorize parts of the illegal wiretap program, but Alberto Gonzales lied about it to get confirmed as Attorney General. Or does he mean Michael Mukasey, who by all appearances sold his soul at a meeting with David Addington, promising he wouldn’t oppose torture, in order to become Attorney General in the first place?

But I’m more interested, generally, in what I consider an inapt comparison.

One can argue that the President should aggressively defend whatever intelligence activities take place under his watch. But there is a big difference between the illegal wiretap and torture programs — which were authorized by a Presidential Directive and Finding, respectively — and the surveillance programs being exposed as a result of the Snowden  leaks — which were authorized by law.

In the former case, the intelligence agencies are all the more reliant on the President’s vocal defense, because without it they are entirely illegal. And for better and worse, the President should (but didn’t, at least not in the case of torture) pay close attention to the execution of those programs because he’s on the hook for them himself. That makes it much harder for the President to criticize any violations of the programs he authorized (like torture contractors James Mitchell and Bruce Jessen exceeding the terms of the program).

To the extent that the Intelligence Committees operate within the terms of the law, the same could be said of congressionally sanctioned programs.

That’s not what we’re talking about here. We’re talking about phone dragnet, Internet dragnet, and upstream collection, all of which violated the laws and/or Court ordered procedures authorizing them. When the government moved the phone dragnet under Section 215, it retained access for other agencies, performed contact chaining on unapproved selectors, and allowed access to the database from other NSA interfaces, old features of the illegal program that should have been turned off in 2006. We don’t know what the Internet dragnet violations were, but they’re likely also continuations of the illegal program. And NSA used FISA to intentionally target (according to John Bates) US person communications, in violation of the law and the Fourth Amendment, but also a practice that continued from the illegal program.

And the phone dragnet and (presuming they were discovered as part of the end-to-end review, though if they weren’t it’d be even more damning) Internet dragnet violations were admitted, after having persisted for 3 years, just as Obama entered the White House. The phone dragnet violations, at least, did not operate unchecked under the Obama Administration.

Further, as I noted yesterday, the woman now being criticized for her silence, Lisa Monaco, is one of the handful of people who had to ride herd on NSA as DOJ’s National Security Division brought NSA practices into compliance with the actual letter of the law.

I’d like to learn more about the tensions between Agencies as the Administration tried to bring the NSA programs into line with the letter of the law and FISC orders. Perhaps NSA worked proactively to reveal and fix everything (though the record seems to suggest the opposite). Perhaps it didn’t, and David Kris and Lisa Monaco had to push to force them to comply. But under Keith Alexander, the NSA failed to stay within the letter of the law (which ought to be reason enough to fire him). That makes the problems now being revealed substantively different from the torture and illegal wiretap programs, where the Executive only had to comply with what the President personally bought off on.

It may well be that Obama has approved all of what we’re seeing (he certainly approved an expanded StuxNet so should be held responsible for much of the hacking we’re doing; note that our offensive attacks actually are parallel to the covert programs raised by Wittes), though he couldn’t have approved the phone dragnet violations. It may well be that his Administration instead reined them in as soon as they discovered them, with whatever cooperation or resistance from NSA. We simply don’t know.

But an Agency violating the letter of the law and court orders affirmatively authorizing their actions is qualitatively different than an Agency violating the law based on direct orders from the President.

“Together, we all prevail”

For a 1,500-word Shane Harris piece that could be part of Lawfare’s Empathy for Wiretappers series (brought to you by NSA contractor Northrop Grumman!), Stewart Baker blames the White House failure to mount a vocal defense of NSA on John Brennan’s departure.

“I think actually this is the first signal that John Brennan is gone,” said Baker, the former NSA general counsel. “I think that if Brennan had still been there he would have immediately appreciated the importance, and communicated that to the president, of defending the program.”

John Brennan, of course, played a key role in rationalizing Dick Cheney’s illegal wiretap program, and therefore not only has a stake in protecting NSA, but also in insisting that the current program — which is just a rehashed version of the illegal program — is critical for detecting terrorists.

By comparison, Lisa Monaco, whom Baker implicitly criticizes (and the article explicitly notes) for her silence in the face of NSA’s problems, headed DOJ’s National Security Division from 2010 2011 until this year, and so likely had to deal with the aftermath of the phone dragnet problems, the full brunt of the Internet dragnet problems (which purportedly got shut down under her tenure), and the upstream collection problems — all three “features” of the illegal program that never got shut down when it moved under FISA Court supervision, and got called “bugs” when DOJ (Monaco!) had to reveal them.

And while the piece provides interesting new details about White House’s chilly relationship with a man they’ve nevertheless given vastly increasing amounts of power to,

The weak backing from top administration officials has aggravated the relationship between Alexander and the White House, where he has never been warmly embraced.

[snip]

Alexander has never been especially close to Obama or White House officials. Some thought he had tried to amass too much surveillance authority without appreciating the legal constraints on his agency, according to a former administration official. “I don’t understand why the White House didn’t throw Alexander under the bus,” the official added.

It actually doesn’t consider whether the Administration might be pursuing a conscious strategy of weakening Alexander’s considerable power (I have no reason to believe they are, but I can imagine why they might want to weaken someone who has only expanded his power since 2005 and got caught in serial fuck-ups as well).

It also doesn’t consider the possibility that one reason NSA employees are dispirited is because they’re learning about programs that violate the self-image they’ve got of their Agency.

Former intelligence officials who remain in regular contact with those still in government say that morale at the NSA is low, both because of the reaction to leaks by former contractor Edward Snowden, which put the normally secretive agency under intense scrutiny, and because of budget cutbacks and the continuing government shutdown, which has left some employees furloughed without pay.

Ah well. The NSA spokesperson is issuing slogans, so all is well in the national security world.

An NSA spokesperson downplayed any rift between the agency and the administration. “National security is a team sport. For us, collaboration is built into the very fabric of who we are,” said Vanee Vines. “There is no truth to rumors of dissension between NSA and the administration regarding the Agency’s mission to help defend the nation and save lives. Together, we all prevail.”

Together, we all prevail.