Posts

Between the Annual Release of FISA Statistics and the Release of the FISA 702 Opinion, FBI Rolled Up Turla

I’m curious about the timing of the release of the FISC 702 opinion, dated April 21, 2022, approving Section 702 certificates that would last until April 21, 2023. I laid out a Modest Proposal in response to that opinion here.

In the past, the government has often released the prior year’s FISC opinion around the same time as it releases all the FISA transparency reports, which it released this year on April 28, 2023. But ODNI didn’t release the opinion itself until May 19, eight days after the FBI released a FISA-related audit that covers many of the same violative queries laid out in the FISC opinion and three weeks after the other transparency filings. The delayed release resulted in the release of significantly overlapping bad news twice, a week apart, at a time when the spooks already face an uphill climb to get 702 reauthorized before the end of the year.

One possible explanation for the delayed release is that there was a one-month delay in reapproval of new 702 certificates, meaning that ODNI held back the opinion until such time as a new opinion had replaced the old one.

But as I read, especially, a separate opinion released along with the 702 one, I couldn’t help but note that between the date when ODNI would customarily release the prior FISC authorization and the date it did, FBI rolled up the Turla malware.

May 4, 2023: Search warrant affidavit

May 8, 2023: Planned operation

May 9, 2023: DOJ Press releaseNSA press releaseJoint Cybersecurity Advisory

When I wrote my post on the operation, I laid out how, starting in 2016, the FBI had learned how Turla worked via voluntary monitoring of US-based victims from whose servers the malware was launching attacks in other countries.

A key part of the affidavit’s narrative describes that monitoring process. The FBI discovered that Turla compromised computers at US Victim A in San Jose, which let the FBI monitor how the malware worked. Using US Victim A, Turla compromised US Victim B in Syracuse, which in turn let the FBI monitor what happened from there. Using both US Victims A and B, Turla compromised US Victim D in Columbia, SC, which in turn let the FBI monitor traffic. Using Victim B, Turla compromised US Victim C, in Boardman, OR, which in turn let the FBI monitor traffic.

Over seven years, then, the FBI has been monitoring communications traffic from a growing number of US victim companies that Turla used as nodes. The affidavit emphasizes that these sites were used to attack overseas targets — like the presumed German and French targets mentioned in the affidavit. Aside from the journalist working for a US outlet (who could be stationed overseas), the affidavit doesn’t mention any US collection targets. Nor does it explain whence Turla targets US collection targets.

But there were two or three companies that refused to allow the FBI to engage in consensual monitoring of their victimized servers: Victim-E, Victim-F, and Victim-G, all of which were discovered in 2021 or 2022 (Victim-F went defunct and destroyed its computers).

According to the FBI search warrant, then, it launched a global operation to roll up the Turla Snake’s many nodes around the world without the benefit of at least two US-based nodes from which it could discover other victims. That didn’t make sense to me.

The other FISA opinion released with the 702 one sought authorization to conduct physical surveillance of two locations in the US used by an agent of a foreign power; the government uses physical surveillance to obtain data in rest on a server. DOJ first submitted the application in early 2021. FISC appointed former cybersecurity prosecutor and current tech attorney Marc Zwillinger and retired EDNY Magistrate James Orenstein as amici and conducted several rounds of briefing and a hearing. Orenstein would have still been a Magistrate in EDNY when the grand jury behind this operation was seated there in 2018; he retired in 2020.

The heavily redacted opinion itself is pretty short — just 6 pages. It explains that “the Court has little difficulty finding probable cause to believe that the intended targets … are agents of a foreign power.” It had a harder time with two other issues, though: proving that the premises to be searched “is or is about to be owned, used, possessed by … that foreign power.” Suggestions from Zwillinger and Orenstein provided limits to the order such that FISC presiding Judge Rudolph Contreras could meet that standard.

The government also noted that the data in the targeted location “might not be owned or used by” the agents of the foreign power in question. Contreras imposed a 60-day deadline for the government to destroy everything that was not.

With those limitations, Contreras approved the FISC order on September 27, 2021.

Both of these issues are common ones in cybersecurity surveillance. Hackers hijack others’ servers, and from that sanctuary, victimize others. And then hackers transport data that are the fruits of theft, not communications about such a crime, via these nodes. So one way or another, the opinion sounds like it could pertain to cybersecurity surveillance. The timing is what makes me wonder whether the order was withheld until the end of the Turla operation.

Zwillinger and Orenstein were appointed as amici in 2022 as well.

Note, there’s a technique that got authorized in the 702 opinion, first proposed in March 2021, which involved two different amici, Georgetown Professor Laura Donohue, who asked for the assistance of Dr. Wayne Chung, the Chief Technology Officer of BlueVoyant, a cybersecurity company. That discussion is even more heavily redacted. But the issues debated appear to include:

  • Whether the thing obtained using 702 was included in the definition of intelligence permitted for collection
  • Whether the assistance required in the US came from an Electronic Communications Service Provider (Victim A from the Turla operation was located in San Jose, and the Victim G that refused to cooperate was described as a cloud service provider located in Gaithersberg)
  • Whether the assistance from the ECSP is covered by 702
  • Whether the intended use of the information fit the definition of querying
  • Whether NSA should have used another provision of FISA
  • Whether all the targets were overseas
  • What kind of minimization procedures the kind of information that would be obtained required

The 702 application is even more obscure than the physical search one. But if the latter pertains to Turla, it’s not inconceivable that the former does too.

How the FISC Takes Notice of Magistrate Decisions and DOJ Tries to Hide That

Since it’s fashionable to debate whether the FISA Court is a rubber stamp or not, I wanted to point to this document, released to EFF under FOIA yesterday. Is is an August 7, 2006 order from Colleen Kollar-Kotelly for additional briefing on whether the government can retain the Post Cut Through Dialed Digits collected as part of a pen register. In this release, the government has redacted the date. We know the date — and the general circumstances of the request — from documents released in 2014 and another earlier EFF FOIA. I covered it here.

During this period, on August 7, 2006, Colleen Kollar-Kotelly ordered briefing in docket PRTT 06-102 on how FBI was fulfilling its obligation, apparently under the 2002 DOJ directive FBI maintained did not apply to FISA, not to affirmatively use PCTDD for any investigative purpose.  PDF 39-40

Judge Kotelly has ordered the FBI to submit a report no later than September 25 (2006). This report must contain:

(1) an explanation of how the FBI is implementing its obligation to make no affirmative investigative use, through pen register authorization, of post-cut-through digits that do not constitute call dialing, routing, addressing or signaling information, except in a rare case in order to prevent an immediate danger of death, serious physical injury or harm to the National Security, addressing in particular: a) whether post-cut-through digits obtained via FISA pen register surveillance are uploaded into TA, Proton, IDW, EDMS, TED, or any other FBI system; and b) if so what procedures are in place to ensure that no affirmative investigative use is made of postcut-through digits that do not constitute call dialing, routing, addressing or signaling information, including whether such procedures mandate that this information be deleted from the relevant system.

(2) an explanation of what procedures are in place to ensure that the Court is notified, as required pursuant to the Courts Order in the above captioned matter, whenever the government decides to make affirmative investigative use of post-cut-through digits that do not constitute call dialing, routing, addressing or signaling information in order to prevent an immediate danger of death, serious physical injury, or harm to the national security.

At the time, at least some of FBI’s lawyers believed that for FISA Pen Registers, FBI retained all the PCTDD. PDF 38

When DSC 3000 is used for a FISA collection, doesn’t the DCS 3000 pass all to the [redacted](DSC 5000) including the PCTDD–in other words for FISAs the DCS3000 does NOT use the default of not recoding [sic] the PCTTD???? [sic]

This report — dated September 25, 2006 — appears to be the report Kollar-Kotelly requested. It implores her not to follow [redacted], which appears to is a reference the EDNY court Texas decision.

That report is followed by this one — which was submitted on November 1, 2006 — which appears to propose new procedures to convince her to permit the FBI to continue to collect and retain PCTDD.

This new document, the briefing order, adds almost nothing to the discussion.

Except for this: it reveals that FISC — not DOJ — raised Stephen Smith’s opinion.

This is why I defend the FISC against claims it’s a rubber stamp. It has, on at least some occasions, done the work an adversary would normally do. And for at least 3 years, DOJ has tried to hide that FISC had to do so here.

Note what has happened in the interim? The government didn’t release this in FOIA in 2013-2014, though it was responsive to those earlier FOIA requests.

It did, however, release it now.

In the interim, DOJ gamed the new FISCR fast-track process, so as to be able to get an appellate decision approving the broader retention that Kollar-Kotelly first questioned back in 2006. Now, with that FISCR decision in pocket, DOJ has all of a sudden decided this order is no longer too classified to release (even while it still hides the timing of it).

The FISC is not perfect. But when weighing whether the FISC or DOJ (saddled, perhaps, with incomplete disclosure from NSA) has more often resulted in questionable decisions, I would almost always blame DOJ and NSA over the FISC.

[Photo: National Security Agency via Wikimedia]

If a Tech Amicus Falls in the Woods but Rosemary Collyer Ignores It, Would It Matter?

Six senators (Ron Wyden, Pat Leahy, Al Franken, Martin Heinrich, Richard Blumenthal, and Mike Lee) have just written presiding FISA Court judge Rosemary Collyer, urging her to add a tech amicus — or even better, a full time technical staffer — to the FISA Court.

The letter makes no mention of Collyer’s recent consideration of the 702 reauthorization certificates, nor even of any specific questions the tech amicus might consider.

That’s unfortunate. In my opinion, the letter entirely dodges the real underlying issue, at least as it pertains to Collyer, which is her unwillingness to adequately challenge or review Executive branch assertions.

In her opinion reauthorizing Section 702, Collyer apparently never once considered appointing an amicus, even a legal one (who, under the USA Freedom structure, could have suggested bringing in a technical expert). She refused to do so in a reconsideration process that — because of persistent problems arising from technical issues — stretched over seven months.

I argued then that that means Collyer broke the law, violating USA Freedom Act’s requirement that the FISC at least consider appointing an amicus on matters raising novel or significant issues and, if choosing not to do so, explain that decision.

In any case, this opinion makes clear that what should have happened, years ago, is a careful discussion of how packet sniffing works, and where a packet collected by a backbone provider stops being metadata and starts being content, and all the kinds of data NSA might want to and does collect via domestic packet sniffing. (They collect far more under EO 12333.) As mentioned, some of that discussion may have taken place in advance of the 2004 and 2010 opinions approving upstream collection of Internet metadata (though, again, I’m now convinced NSA was always lying about what it would take to process that data). But there’s no evidence the discussion has ever happened when discussing the collection of upstream content. As a result, judges are still using made up terms like MCTs, rather than adopting terms that have real technical meaning.

For that reason, it’s particularly troubling Collyer didn’t use — didn’t even consider using, according to the available documentation — an amicus. As Collyer herself notes, upstream surveillance “has represented more than its share of the challenges in implementing Section 702” (and, I’d add, Internet metadata collection).

At a minimum, when NSA was pitching fixes to this, she should have stopped and said, “this sounds like a significant decision” and brought in amicus Amy Jeffress or Marc Zwillinger to help her think through whether this solution really fixes the problem. Even better, she should have brought in a technical expert who, at a minimum, could have explained to her that SCTs pose as big a problem as MCTs; Steve Bellovin — one of the authors of this paper that explores the content versus metadata issue in depth — was already cleared to serve as the Privacy and Civil Liberties Oversight Board’s technical expert, so presumably could easily have been brought into consult here.

That didn’t happen. And while the decision whether or not to appoint an amicus is at the court’s discretion, Collyer is obligated to explain why she didn’t choose to appoint one for anything that presents a significant interpretation of the law.

A court established under subsection (a) or (b), consistent with the requirement of subsection (c) and any other statutory requirement that the court act expeditiously or within a stated time–

(A) shall appoint an individual who has been designated under paragraph (1) to serve as amicus curiae to assist such court in the consideration of any application for an order or review that, in the opinion of the court, presents a novel or significant interpretation of the law, unless the court issues a finding that such appointment is not appropriate;

For what it’s worth, my guess is that Collyer didn’t want to extend the 2015 certificates (as it was, she didn’t extend them as long as NSA had asked in January), so figured there wasn’t time. There are other aspects of this opinion that make it seem like she just gave up at the end. But that still doesn’t excuse her from explaining why she didn’t appoint one.

Instead, she wrote a shitty opinion that doesn’t appear to fully understand the issue and that defers, once again, the issue of what counts as content in a packet.

Without even considering an amicus, Collyer for the first time affirmatively approved the back door searches of content she knows will include entirely domestic communications, effectively affirmatively permitting the NSA to conduct warrantless searches of entirely domestic communications, and with those searches to use FISA for domestic surveillance. In approving those back door searches, Collyer did not conduct her own Fourth Amendment review of the practice.

Moreover, she adopted a claimed fix to a persistent problem — the collection of domestic communications via packet sniffing — without showing any inkling of testing whether the fix accomplished what it needed to. Significantly, in spite of 13 years of problems with packet sniffing collection under FISA, the court still has no public definition about where in a packet metadata ends and content begins, making her “abouts” fix — a fix that prohibits content sniffing without defining content — problematic at best.

I absolutely agree with these senators that the FISC should have its own technical experts.

But in Collyer’s case, the problem is larger than that. Collyer simply blew off USA Freedom Act’s obligation to consider an amicus entirely. Had she appointed Marc Zwillinger, I’m confident he would have raised concerns about the definition of content (as he did when he served as amicus on a PRTT application), whether or not he persuaded her to bring in a technical expert to further lay out the problems.

Collyer never availed herself of the expertise of Zwillinger or any other independent entity, though. And she did so in defiance of the intent of Congress, that she at least explain why she felt she didn’t need such outside expertise.

And she did so in an opinion that made it all too clear she really, really needed that help.

In my opinion, Collyer badly screwed up this year’s reauthorization certificates, kicking the problems created by upstream collection down the road, to remain a persistent FISA problem for years to come. But she did so by blowing off the clear requirement of law, not because she didn’t have technical expertise to rely on (though the technical expertise is probably necessary to finally resolve the issues raised by packet sniffing).

Yet no one but me — not even privacy advocates testifying before Congress — want to call her out for that.

Congress already told the FISA court they “shall” ask for help if they need it. Collyer demonstrably needed that help but refused to consider using it. That’s the real problem here.

I agree with these senators that FISC badly needs its own technical experts. But a technical amicus will do no good if, as Collyer did, a FISC judge fails to consult her amici.

FISC Makes Far Better Amicus Choices Than I Expected

I’ve long been skeptical about the potential efficacy of the amicus provision in USA Freedom Act, especially because the government can always withhold information.

But the FISC (and FISCR’s, they make clear) choices for potential amici is far better than I expected.

Screen Shot 2015-11-25 at 2.09.12 PM

Laura Donohue, besides being an important voice on surveillance reform, is one of the few people who has as weedy an understanding of the details of the surveillance programs as I do. Plus, unlike me, she can argue the legal aspects of it with authority.

Marc Zwillinger has represented at least one corporation — Yahoo, in its 2007-8 challenge to Protect American Act — before FISC already (as well as an industry push for the right to provide more transparency numbers), and is currently representing Apple in an EDNY discussion about back doors. He even has experience not receiving notice of unclassified details necessary to his arguments before FISC!! At a PCLOB hearing on this topic, he and others predicted he’d likely be among those picked. Voila!

John Cline is probably best known to readers of this blog for the representation he gave Scooter Libby. But he did so because he has represented a wide range of defendants dealing with classified information — he’s one of the best on such issues. That perspective is one that even most (though not all) judges on the FISC lack, and I’m impressed they would let someone have vision on both processes.

Jonathan Cedarbaum was acting head at OLC for a while, though mostly worked on domestic policy issues. Though I think he did work on some cybersecurity issues. The closest tie I know of to counterterrorism came in his role on the Boumedienne case, for which he was targeted by right wingers while at DOJ.

I’m perhaps least thrilled about Amy Jeffress (whose father also represented Scooter Libby) on the panel. She has a ton of experience on all kinds of national security cases — but overwhelmingly as a prosecutor. She almost got the Assistant Attorney for National Security job until it was given to John Carlin. While a top advisor to Eric Holder, she likely saw some things that might get debated at FISC (in the same way Rachel Brand and Elisabeth Collins Cook were involved in things at DOJ during the Bush Administration that PCLOB has reviewed), which might lead her to be more invested in the government outcome than I’d like. But from everything I know she’s a very good lawyer.

All in all, a far better collection of lawyers than I expected, and any of them is a better choice than Preston Burton.

 

“There Is No Database”

I Con the Record has released the transcript for the Yahoo hearing before the FISA Court of Review.

I’ll come back to the substance of it, but I did want to point to the lie that underscores this entire case.

There Is No Database

 

On page 41, Acting Solicitor General Gregory Garre claims there is no database of incidentally collected information.

That’s of course false — the incidentally collected information is kept right along with the targeted information.

The FISCR used this in its ruling Protect America Act was constitutional.

Funny how that works…

FISCR Used an Outdated Version of EO 12333 to Rule Protect America Act Legal

If the documents relating to Yahoo’s challenge of Protect America Act released last month are accurate reflections of the documents actually submitted to the FISC and FISCR, then the government submitted a misleading document on June 5, 2008 that was central to FISCR’s ultimate ruling.

As I laid out here in 2009, FISCR relied on the the requirement  in EO 12333 that the Attorney General determine there is probable cause a wiretapping technique used in the US is directed against a foreign power to judge the Protect America Act met probable cause requirements.

The procedures incorporated through section 2.5 of Executive Order 12333, made applicable to the surveillances through the certifications and directives, serve to allay the probable cause concern.

The Attorney General hereby is delegated the power to approve the use for intelligence purposes, within the United States or against a United States person abroad, of any technique for which a warrant would be required if undertaken for law enforcement purposes, provided that such techniques shall not be undertaken unless the Attorney General has determined in each case that there is probable cause to believe that the technique is directed against a foreign power or an agent of a foreign power.

44 Fed. Reg. at 59,951 (emphasis supplied). Thus, in order for the government to act upon the certifications, the AG first had to make a determination that probable cause existed to believe that the targeted person is a foreign power or an agent of a foreign power. Moreover, this determination was not made in a vacuum. The AG’s decision was informed by the contents of an application made pursuant to Department of Defense (DOD) regulations. See DOD, Procedures Governing the Activities of DOD Intelligence Components that Affect United States Persons, DOD 5240.1-R, Proc. 5, Pt. 2.C.  (Dec. 1982).

Yahoo didn’t buy this argument. It had a number of problems with it, notably that nothing prevented the government from changing Executive Orders.

While Executive Order 12333 (if not repealed), provides some additional protections, it is still not enough.

[snip]

Thus, to the extent that it is even appropriate to examine the protections in the Executive Order that are not statutorily required, the scales of the reasonableness determination sway but do not tip towards reasonableness.

Yahoo made that argument on May 29, 2008.

Sadly, Yahoo appears not to have noticed the best argument that Courts shouldn’t rely on EO 12333 because the President could always change it: Sheldon Whitehouse’s revelation on December 7, 2007 (right in the middle of this litigation) that OLC had ruled the President could change it in secret and not note the change publicly. Whitehouse strongly suggested that the Executive in fact had changed EO 12333 without notice to accommodate its illegal wiretap program.

But the government appears to have intentionally withheld further evidence about how easily it could change EO 12333 — and in fact had, right in the middle of the litigation.

This is the copy of the Classified Annex to EO 12333 that (at least according to the ODNI release) the government submitted to FISCR in a classified appendix on June 5, 2008 (that is, after Yahoo had already argued that an EO, and the protections it affords, might change). It is a copy of the original Classified Appendix signed by Ed Meese in 1988.

As I have shown, Michael Hayden modified NSA/CSS Policy 1-23 on March 11, 2004, which includes and incorporates EO 12333, the day after the hospital confrontation. The content of the Classified Annex released in 2013 appears to be identical, in its unredacted bits, to the original as released in 1988 (see below for a list of the different things redacted in each version). So the actual content of what the government presented may (or may not be) a faithful representation of the Classified Appendix as it currently existed.

But the version of NSA/CSS Policy 1-23 released last year (starting at page 110) provides this modification history:

This Policy 1-23 supersedes Directive 10-30, dated 20 September 1990, and Change One thereto, dated June 1998. The Associate Director for Policy endorsed an administrative update, effective 27 December 2007 to make minor adjustments to this policy. This 29 May 2009 administrative update includes changes due to the FISA Amendments Act of 2008 and in core training requirements.

That is, Michael Hayden’s March 11, 2004 modification of the Policy changed to the Directive as existed before 2 changes made under Clinton.

Just as importantly, the modification history reflects “an administrative update” making “minor adjustments to this policy” effective December 27, 2007 — a month and a half after this challenge started.

By presenting the original Classified Appendix — to which Hayden had apparently reverted in 2004 — rather than the up-to-date Policy, the government was presenting what they were currently using. But they hid the fact that they had made changes to it right in the middle of this litigation. A fact that would have made it clear that Courts can’t rely on Executive Orders to protect the rights of Americans, especially when they include Classified Annexes hidden within Procedures.

In its language relying on EO 12333, FISCR specifically pointed to DOD 5240.1-R. The Classified Annex to EO 12333 is required under compliance with part of that that complies with the August 27, 2007 PAA compliance.

That is, this Classified Annex is a part of the Russian dolls of interlocking directives and orders that implement EO 12333.

And they were changing, even as this litigation was moving forward.

Only, the government appears to have hidden that information from the FISCR.

Update: Clarified that NSA/CSS Policy 1-23 is what got changed.

Update: Hahaha. The copy of DOD 5240.1 R which the government submitted on December 11, 2007, still bears the cover sheet labeling it as an Annex to NSA/CSS Directive 10-30. Which of course had been superseded in 2004.

Note how they cut off the date to hide that it was 1990?

Note how they cut off the date to hide that it was 1990?

Read more