Posts

Three Things: Shocker, Badger, Vapor

Summer doldrums are hitting hard here; it’s too steamy today to do much but watch the garden grow and the ‘hot takes’ bloom. Let’s breeze through these.

~ 1 ~

Shocker: The White House had its ass handed to it last night, alongside a serving of vanilla ice cream and peach cobbler. While it was kissing up to some über conservative Senators, Utah’s Mike Lee and Kansas’ Jerry Moran announced they would not support the Motion to Proceed on the latest POS edition of AHCA.

Excellent work on the dual tweets dispatched simultaneously at 8:30 p.m., by the way (see this one and this one). Live by the tweets, die by the tweets, Littlehands.

What I find particularly interesting is the secrecy this announcement revealed. Not just the discreet collaboration between two senators from very red states, taking advantage of the additional time afforded them by John McCain’s personal health care challenge. Apparently Senate Majority Leader Mitch “Yertle” McConnell has had such a tight grip on the legislative process that even his wingman, John Cornyn, doesn’t know what’s going on until McConnell’s office emails his deputies.

Not exactly a way to win friends and influence enemies, that.

(For some reason McConnell’s super-secret hyper control makes me think of the compartments Washington Post wrote about with regard to the Russian election hacks and the subsequent investigation. Why is that?)

~ 2 ~

Badger: Russia is pissed off about its dachas-away-from-home, threatening retaliation if they’re not returned. Uh, right. Like the U.S. suddenly decided to boot Russian occupants out of the Long Island and Maryland digs for no good reason last year. Russian Foreign Ministry “reserves the right to retaliate based on the principle of reciprocity,” forgetting that Obama took a too-measured response to repeated incursions by Russia into U.S. information systems — including hacks of the White House and Defense Department in 2015 — not to mention the ‘Illegals Program‘ spy who worked at Microsoft circa 2010. (Let’s also not forget an ‘Illegals Program’ spy worked their way close to Hillary Clinton’s 2008 campaign co-chair.) The U.S. could and should have been far more aggressive in its response; Russia isn’t entitled to reciprocity.

This is a test for Congressional Republicans. Either cement sanctions against Russia including the ‘foreclosure’ on these two compounds, or admit complicity in the undermining of democratic process last year. The GOP needs to revisit a CRS report on U.S.-Russia relations and Executive Orders 13660, 13661, and 13662 before they give any ground. [EDIT: See also EO 13964, issued April 1, 2016 in response to “malicious cyberactivity” — this EO the GOP will probably ignore just as it has all signs of Team Trump collusion as well as Russian interference in the 2016 general election.]

If there are truly compelling reasons in the nation’s interest for conceding these compounds, give them back — but only after the buildings have been razed and permits for reconstruction are denied under sanctions. The Russian government can work out of trailers on the property, or on boats from the dock. They do not need to be any more comfortable than they have been.

~ 3 ~

Vapor: No longer a ghost — we  now know who the eighth attendee was at Donnie Junior’s June 9th meeting at Trump Tower last year. Lucky number seven is believed to be a translator — and wow, so is number eight!

Which seems kind of odd — in the information Junior dumped online, there was no mention that Veselnitskaya didn’t speak English and needed a translator, or who would be the translator. Doesn’t it seem strange that there would be no concerns about security clearance into Trump Tower or a meeting with a presidential candidate’s son and/or campaign team given the meeting requester was a foreign national?

Perhaps because there was little concern, Body Number Eight, Ike Kaveladze, purportedly showed up as Veselnitskaya’s translator only to learn she had brought her own, Body Number Seven, Anatoli Samochornov. It’s not clear from USA Today’s reporting who asked Kaveladze to attend; did Junior just let any Russian in the neighborhood attend the meeting? Aras Agalarov sent Kaveladze “just to make sure it happened and to serve as an interpreter if necessary,” Kaveladze’s lawyer told NYT. Why so many witnesses?

The room must have been a little crowded with Junior, Jared Kushner, Paul Manafort, Rob Goldstone, Veselnitskaya and two translators as well as Rinat Akhmetshin.

Given the two translators, Akhmetshin’s presence seems even more curious. Why was he there if there were two translators?

~ ~ ~

That’s that. I could go on but it’s too damned hot here. Refresh your iced tea and settle yourself in front of the fan. This is an open thread — behave.

Blogger since 2002, political activist since 2003, geek since birth. Opinions informed by mixed-race, multi-ethnic, cis-female condition, further shaped by kind friends of all persuasions. Sci-tech frenemy, wannabe artist, decent cook, determined author, successful troublemaker. Mother of invention and two excessively smart-assed young adult kids. Attended School of Hard Knocks; Rather Unfortunate Smallish Private Business School in Midwest; Affordable Mid-State Community College w/evening classes. Self-employed at Tiny Consulting Business; previously at Large-ish Chemical Company with HQ in Midwest in multiple marginalizing corporate drone roles, and at Rather Big IT Service Provider as a project manager, preceded by a motley assortment of gigs before the gig economy was a thing. Blogging experience includes a personal blog at the original blogs.salon.com, managing editor for a state-based news site, and a stint at Firedoglake before landing here at emptywheel as technology’s less-virginal-but-still-accursed Cassandra.

One Takeaway from the Five Takeaways from the Comey Hearing: Election 2016 Continues to Suffocate Oversight

The Senate Judiciary Committee had an oversight hearing with Jim Comey yesterday, which I live-tweeted in great depth. As you can imagine, most of the questions pertained either to Comey’s handing of the Hillary investigation and/or to the investigation into Russian interference in the election. So much so that The Hill, in its “Five Takeaways from Comey’s testimony,” described only things that had to do with the election:

  • Comey isn’t sorry (but he was “mildly nauseous” that his conduct may have affected the outcome)
  • Emotions over the election are still raw
  • Comey explains DOJ dynamic: “I hope someday you’ll understand”
  • The FBI may be investigating internal leaks
  • Trump, Clinton investigations are dominating FBI oversight

The Hill’s description of that third bullet doesn’t even include the “news” from Comey’s statement: that there is some still-classified detail, in addition to Loretta Lynch’s tarmac meeting with Bill Clinton and the intercepted Hillary aide email saying Lynch would make sure nothing happened with the investigation, that led Comey to believe he had to take the lead on the non-indictment in July.

I struggled as we got closer to the end of it with the — a number things had gone on, some of which I can’t talk about yet, that made me worry that the department leadership could not credibly complete the investigation and declined prosecution without grievous damage to the American people’s confidence in the — in the justice system.

As I said, it is true that most questions pertained to Hillary’s emails or Russia. Still, reports like this, read primarily by people on the Hill, has the effect of self-fulfilling prophecy by obscuring what little real oversight happened. So here’s my list of five pieces of actual oversight that happened.

Neither Grassley nor Feinstein understand how FISA back door searches work

While they primarily focused on the import of reauthorizing Section 702 (and pretended that there were no interim options between clean reauthorization and a lapse), SJC Chair Chuck Grassley and SJC Ranking Member Dianne Feinstein both said things that made it clear they didn’t understand how FISA back door searches work.

At one point, in a discussion of the leaks about Mike Flynn’s conversation with Sergey Kislyak, Grassley tried to suggest that only a few people at FBI would have access to the unmasked identity in those intercepts.

There are several senior FBI officials who would’ve had access to the classified information that was leaked, including yourself and the deputy director.

He appeared unaware that as soon as the FBI started focusing on either Kislyak or Flynn, a back door search on the FISA content would return those conversations in unmasked form, which would mean a significant number of FBI Agents (and anyone else on that task force) would have access to the information that was leaked.

Likewise, at one point Feinstein was leading Comey through a discussion of why they needed to have easy back door access to communication content collected without a warrant (so we don’t stovepipe anything, Comey said), she said, “so you are not unmasking the data,” as if data obtained through a back door search would be masked, which genuinely (and rightly) confused Comey.

FEINSTEIN: So you are not masking the data — unmasking the data?

COMEY: I’m not sure what that means in this context.

It’s raw data. It would not be masked. That Feinstein, who has been a chief overseer of this program for the entire time back door searches were permitted doesn’t know this, that she repeatedly led the effort to defeat efforts to close the back door loophole, and that she doesn’t know what it means that this is raw data is unbelievably damning.

Incidentally, as part of the exchange wit Feinstein, Comey said the FISA data sits in a cloud type environment.

Comey claims the government doesn’t need the foreign government certificate except to target spies

Several hours into the hearing, Mike Lee asked some questions about surveillance. In particular, he asked if the targeting certificates for 702 ever targeted someone abroad for purposes unrelated to national security. Comey seemingly listed off the certificates we do have — foreign government, counterterrorism, and counterproliferation, noting that cyber gets worked into other ones.

LEE: Yes. Let’s talk about Section 702, for a minute. Section 702 of the Foreign Intelligence Surveillance Amendments Act authorizes the surveillance, the use of U.S. signals surveillance equipment to obtain foreign intelligence information.

The definition includes information that is directly related to national security, but it also includes quote, “information that is relevant to the foreign affairs of the United States,” close quote, regardless of whether that foreign affairs related information is relevant to a national security threat. To your knowledge, has the attorney general or has the DNI ever used Section 702 to target individuals abroad in a situation unrelated to a national security threat?

COMEY: Not that I’m aware of. I think — I could be wrong, but I don’t think so, I think it’s confined to counterterrorism to espionage, to counter proliferation. And — those — those are the buckets. I was going to say cyber but cyber is fits within…

He said they don’t need any FG information except that which targets diplomats and spies.

LEE: Right. So if Section 702 were narrowed to exclude such information, to exclude information that is relevant to foreign affairs, but not relevant to a national security threat, would that mean that the government would be able to obtain the information it needs in order to protect national security?

COMEY: Would seem so logically. I mean to me, the value of 702 is — is exactly that, where the rubber hits the road in the national security context, especially counterterrorism, counter proliferation.

I assume that Comey said this because the FBI doesn’t get all the other FG-collected stuff in raw form and so isn’t as aware that it exists. I assume that CIA and NSA, which presumably use this raw data far more than FBI, will find a way to push back on this claim.

But for now, we have the FBI Director stating that we could limit 702 collection to national security functions, a limitation that was defeated in 2008.

Comey says FBI only needs top level URLs for ECTR searches

In another exchange, Lee asked Comey about the FBI’s continued push to be able to get Electronic Communication Transaction Records. Specifically, he noted that being able to get URLs means being able to find out what someone was reading.

In response, Comey said he thought they could only get the top-level URL.

After some confusion that revealed Comey’s lie about the exclusion of ECTRs from NSLs being just a typo, Comey said FBI did not need any more than the top domain, and Lee answered that the current bill would permit more than that.

LEE: Yes. Based on the legislation that I’ve reviewed, it’s not my recollection that that is the case. Now, what — what I’ve been told is that — it would not necessarily be the policy of the government to use it, to go to that level of granularity. But that the language itself would allow it, is that inconsistent with your understanding?

COMEY: It is and my understanding is we — we’re not looking for that authority.

LEE: You don’t want that authority…

(CROSSTALK)

COMEY: That’s my understanding. What — what we’d like is, the functional equivalent of the dialing information, where you — the address you e-mailed to or the — or the webpage you went to, not where you went within it.

This exchange should be useful for limiting any ECTR provision gets rushed through to what FBI claims it needs.

The publication of (US) intelligence information counts as intelligence porn and therefore not journalism

Ben Sasse asked Comey about the discussion of indicting Wikileaks. Comey’s first refusal to answer whether DOJ would indict Wikileaks led me to believe they already had.

I don’t want to confirm whether or not there are charges pending. He hasn’t been apprehended because he’s inside the Ecuadorian embassy in London.

But as part of that discussion, Comey explained that Wikileaks’ publication of loads of classified materials amounted to intelligence porn, which therefore (particularly since Wikileaks didn’t call the IC for comment first, even though they have in the past) meant they weren’t journalism.

COMEY: Yes and again, I want to be careful that I don’t prejudice any future proceeding. It’s an important question, because all of us care deeply about the First Amendment and the ability of a free press, to get information about our work and — and publish it.

To my mind, it crosses a line when it moves from being about trying to educate a public and instead just becomes about intelligence porn, frankly. Just pushing out information about sources and methods without regard to interest, without regard to the First Amendment values that normally underlie press reporting.

[snip]

[I]n my view, a huge portion of WikiLeaks’s activities has nothing to do with legitimate newsgathering, informing the public, commenting on important public controversies, but is simply about releasing classified information to damage the United States of America. And — and — and people sometimes get cynical about journalists.

American journalists do not do that. They will almost always call us before they publish classified information and say, is there anything about this that’s going to put lives in danger, that’s going to jeopardize government people, military people or — or innocent civilians anywhere in the world.

I’ll write about this more at length.

Relatedly (though technically a Russian investigation detail), Comey revealed that the investigation into Trump ties to Russia is being done at Main Justice and EDVA.

COMEY: Yes, well — two sets of prosecutors, the Main Justice the National Security Division and the Eastern District of Virginia U.S. Attorney’s Office.

That makes Dana Boente’s role, first as Acting Attorney General for the Russian investigation and now the Acting Assistant Attorney General for National Security, all the more interesting, as it means he is the person who can make key approvals related to the investigation.

I don’t have any problem with him being chosen for these acting roles. But I think it supremely unwise to effectively eliminate levels of oversight on these sensitive cases (Russia and Wikileaks) by making the US Attorney already overseeing them also the guys who oversees his own oversight of them.

The US is on its way to becoming the last haven of shell corporations

Okay, technically these were Sheldon Whitehouse and Amy Klobuchar comments about Russia. But as part of a (typically prosecutorial) line of questioning about things related to the Russian investigation, Whitehouse got Comey to acknowledge that as the EU tries to crack down on shell companies, that increasingly leaves the US as the remaining haven for shell companies that can hide who is paying for things like election hacks.

WHITEHOUSE: And lastly, the European Union is moving towards requiring transparency of incorporations so that shell corporations are harder to create. That risks leaving the United States as the last big haven for shell corporations. Is it true that shell corporations are often used as a device for criminal money laundering?

COMEY: Yes.

[snip]

WHITEHOUSE: What do you think the hazards are for the United States with respect to election interference of continuing to maintain a system in which shell corporations — that you never know who’s really behind them are common place?

COMEY: I suppose one risk is it makes it easier for illicit money to make its way into a political environment.

WHITEHOUSE: And that’s not a good thing.

COMEY: I don’t think it is.

And Klobuchar addressed the point specifically as it relates to high end real estate (not mentioning that both Trump and Paul Manafort have been alleged to be involved in such transactions).

There have been recent concerns that organized criminals, including Russians, are using the luxury real estate market to launder money. The Treasury Department has noted a significant rise in the use of shell companies in real estate transactions, because foreign buyers use them as a way to hide their identity and find a safe haven for their money in the U.S. In fact, nearly half of all homes in the U.S. worth at least $5 million are purchased using shell companies.

Does the anonymity associated with the use of shell companies to buy real estate hurt the FBI’s ability to trace the flow of illicit money and fight organized crime? And do you support efforts by the Treasury Department to use its existing authority to require more transparency in these transactions?

COMEY: Yes and yes.

It’s a real problem, and not just because of the way it facilitates election hacks, and it’d be nice if Congress would fix it.

Marcy has been blogging full time since 2007. She’s known for her live-blogging of the Scooter Libby trial, her discovery of the number of times Khalid Sheikh Mohammed was waterboarded, and generally for her weedy analysis of document dumps.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including the Guardian, Salon, and the Progressive, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse and dog in Grand Rapids, MI.

After We Help the Saudis Commit More War Crimes We’re Going to Mars!

mars-globe-valles-marineris-enhanced-br2This afternoon, the Senate had a debate on Chris Murphy and Rand Paul’s resolution to halt the sale of $1.5 billion in arms to the Saudis to use on their invasion of Yemen.

The debate was repulsive.

The opponents of the measure — led by Mitch McConnell, John McCain, and Lindsey Graham — had little to say about the well-being of Yemenis.

Lindsey even shrugged off both Saudi support for terrorism.

[shrugs] They have double dealing in the past of helping terrorist organizations.

And Saudi bombing of civilians.

They have dropped bombs on civilians. There’s no way to wage war without [shrugs again] mistakes being made.

But we had to help the Saudis kill Yemeni civilians, Lindsey argued, because Iran humiliated American sailors who entered Iranian waters, purportedly because of navigation errors.

That argument — one which expressed no interest in the well-being of Yemenis but instead pitched this as a battle for hegemony in the Middle East — held the day. By a vote of 71-27, the Senate voted to table the resolution.

If your Senators voted against tabling this amendment, please call to thank them:

Baldwin (D-WI)
Blumenthal (D-CT)
Booker (D-NJ)
Boxer (D-CA)
Cantwell (D-WA)
Durbin (D-IL)
Franken (D-MN)
Gillibrand (D-NY)
Heinrich (D-NM)
Heller (R-NV)
Hirono (D-HI)
Kirk (R-IL)
Klobuchar (D-MN)
Leahy (D-VT)
Lee (R-UT)
Markey (D-MA)
Murphy (D-CT)
Murray (D-WA)
Paul (R-KY)
Reid (D-NV)
Sanders (I-VT)
Schatz (D-HI)
Stabenow (D-MI)
Tester (D-MT)
Udall (D-NM)
Warren (D-MA)
Wyden (D-OR)

The creepiest thing, however, came just after the vote. Bill Nelson (D-Mission to Space) got up, not just to do a victory lap that the US would continue to support Saudi war crimes. But he also announced a resolution passed earlier, which funds NASA to send humans to Mars by 2030, with an eye to colonizing the red planet.

It was as if he was saying that proliferating arms and war crimes on this globe won’t matter so much because we can just go colonize another.

Marcy has been blogging full time since 2007. She’s known for her live-blogging of the Scooter Libby trial, her discovery of the number of times Khalid Sheikh Mohammed was waterboarded, and generally for her weedy analysis of document dumps.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including the Guardian, Salon, and the Progressive, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse and dog in Grand Rapids, MI.

Why Is the Government Poison-Pilling ECPA Reform?

Back in 2009, the Obama Administration had Jeff Sessions gut an effort by Dianne Feinstein to gut an effort by Patrick Leahy to gut an effort by Russ Feingold to halt the phone and Internet dragnet programs (as well as, probably, some Post Cut Through Dialed Digit collections we don’t yet know about).

See what Jeff Sesssions–I mean Barack Obama–did in complete secrecy and behind the cover of Jeff Sessions’ skirts the other night?

They absolutely gutted the minimization procedures tied to pen registers! Pen registers are almost certainly the means by which the government is conducting the data mining of American people (using the meta-data from their calls and emails to decide whether to tap them fully). And Jeff Sesssions–I mean Barack Obama–simply gutted any requirement that the government get rid of all this meta-data when they’re done with it. They gutted any prohibitions against sharing this information widely. In fact, they’ve specified that judges should only require minimization procedures in extraordinary circumstances. Otherwise, there is very little limiting what they can do with your data and mine once they’ve collected it. [no idea why I was spelling Sessions with 3 ses]

At each stage of this gutting process, Feingold’s effort to end bulk collection got watered down until, with Sessons’ amendments, the Internet dragnet was permitted to operate as it had been. Almost the very same time this happened, NSA’s General Counsel finally admitted that every single record the agency had collected under the dragnet program had violated the category restrictions set back in 2004. Probably 20 days later, Reggie Walton would shut down the dragnet until at least July 2010.

But before that happened, the Administration made what appears to be — now knowing all that we know now — an effort to legalize the illegal Internet dragnet that had replaced the prior illegal Internet dragnet.

I think that past history provides an instructive lens with which to review what may happen to ECPA reform on Thursday. A version of the bill, which would require the government to obtain a warrant for any data held on the cloud, passed the House unanimously. But several amendments have been added to the bill in the Senate Judiciary Committee that I think are designed to serve as poison pills to kill the bill.

The first is language that would let the FBI resume obtaining Electronic Communication Transaction Records with just a National Security Letter (similar language got added to the Intelligence Authorization; I’ll return to this issue, which I think has been curiously reported).

The second is language that would provide a vast emergency exception to the new warrant requirement, as described by Jennifer Daskal in this post.

[T]here has been relatively little attention to an equally, if not more, troubling emergency authorization provision being offered by Sen. Jeff Sessions. (An excellent post by Al Gidari and op-ed by a retired DC homicide detective are two examples to the contrary.)

The amendment would allow the government to bypass the warrant requirement in times of claimed emergency. Specifically, it would mandate that providers turn over sought-after data in response to a claimed emergency from federal, state, or local law enforcement officials. Under current law, companies are permitted, but not required, to comply with such emergency — and warrantless — requests for data.

There are two huge problems with this proposal. First, it appears to be responding to a problem that doesn’t exist. Companies already have discretion to make emergency disclosures to governmental officials, and proponents of the legislation have failed to identify a single instance in which providers failed to disclose sought-after information in response to an actual, life-threatening emergency. To the contrary, the data suggest that providers do in fact regularly cooperate in response to emergency requests. (See the discussion here.)

Second, and of particular concern, the emergency disclosure mandate operates with no judicial backstop. None. Whatsoever. This is in direct contrast with the provisions in both the Wiretap Act and Foreign Intelligence Surveillance Act (FISA) that require companies to comply with emergency disclosure orders, but then also require subsequent post-hoc review by a court. Under the Wiretap Act, an emergency order has to be followed up with an application for a court authorization within 48 hours (see 18 U.S.C. § 2518(7)). And under FISA, an emergency order has to be followed with an application to the court within 7 days (see 50 U.S.C. § 1805(5)). If the order isn’t filed or the court application denied, the collection has to cease.

The proposed Sessions amendment, by contrast, allows the government to claim emergency and compel production of emails, without any back-end review.

Albert Gidari notes that providers are already getting a ton of emergency requests, and a good number of them turn out to be unfounded.

For the last 15 years, providers have routinely assisted law enforcement in emergency cases by voluntarily disclosing stored content and transactional information as permitted by section 2702 (b)(8) and (c)(4) of Title 18. Providers recently began including data about emergency disclosures in their transparency reports and the data is illuminating. For example, for the period January to June 2015, Google reports that it received 236 requests affecting 351 user accounts and that it produced data in 69% of the cases. For July to December 2015, Microsoft reports that it received 146 requests affecting 226 users and that it produced content in 8% of the cases, transactional information in 54% of the cases and that it rejected about 20% of the requests. For the same period, Facebook reports that it received 855 requests affecting 1223 users and that it produced some data in response in 74% of the cases. Traditional residential and wireless phone companies receive orders of magnitude more emergency requests. AT&T, for example, reports receiving 56,359 requests affecting 62,829 users. Verizon reports getting approximately 50,000 requests from law enforcement each year.

[snip]

Remember, in an emergency, there is no court oversight or legal process in advance of the disclosure. For over 15 years, Congress correctly has relied on providers to make a good faith determination that there is an emergency that requires disclosure before legal process can be obtained. Providers have procedures and trained personnel to winnow out the non-emergency cases and to deal with some law enforcement agencies for whom the term “emergency” is an elastic concept and its definition expansive.

Part of the problem, and the temptation, is that there is no nunc pro tunc court order or oversight for emergency requests or disclosures. Law enforcement does not have to show a court after the fact that the disclosure was warranted at the time; indeed, no one may ever know about the request or disclosure at all if it doesn’t result in a criminal proceeding where the evidence is introduced at trial. In wiretaps and pen register emergencies, the law requires providers to cut off continued disclosure if law enforcement hasn’t applied for an order within 48 hours.  But if disclosure were mandatory for stored content, all of a user’s content would be out the door and no court would ever be the wiser. At least today, under the voluntary disclosure rules, providers stand in the way of excessive or non-emergency disclosures.

[snip]

A very common experience among providers when the factual basis of an emergency request is questioned is that the requesting agency simply withdraws the request, never to be heard from again. This suggests that to some, emergency requests are viewed as shortcuts or pretexts for expediting an investigation. In other cases when questioned, agents withdraw the emergency request and return with proper legal process in hand shortly thereafter, which suggests it was no emergency at all but rather an inconvenience to procure process. In still other cases, some agents refuse to reveal the circumstances giving rise to the putative emergency. This is why some providers require written certification of an emergency and a short statement of the facts so as to create a record of events — putting it in writing goes a long way to ensuring an emergency exists that requires disclosure. But when all is in place, providers respond promptly, often within an hour because most have a professional, well-trained team available 7×24.

In other words, what seems to happen now, is law enforcement use emergency requests to go on fishing expeditions, some of which are thwarted by provider gatekeeping. Jeff Sessions — the guy who 7 years ago helped the Obama Administration preserve the dragnets — now wants to make it so these fishing expeditions will have no oversight at all, a move that would make ECPA reform meaningless.

The effort to lard up ECPA reform with things that make surveillance worse (not to mention the government’s disinterest in reforming ECPA since 2007, when it first started identifying language it wanted to reform) has my spidey sense tingling. The FBI has claimed, repeatedly, in sworn testimony, that since the 2010 Warshak decision in the Sixth Circuit, it has adopted that ruling everywhere (meaning that it has obtained a warrant for stored email). If that’s true, it should have no objection to ECPA reform. And yet … it does.

I’m guessing these emergency requests are why. I suspect, too, that there are some providers that we haven’t even thought of that are even more permissive when turning over “emergency” content than the telecoms.

 

Marcy has been blogging full time since 2007. She’s known for her live-blogging of the Scooter Libby trial, her discovery of the number of times Khalid Sheikh Mohammed was waterboarded, and generally for her weedy analysis of document dumps.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including the Guardian, Salon, and the Progressive, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse and dog in Grand Rapids, MI.

Friday Morning: Dark Water Jazz

It’s Friday and that means jazz here at emptywheel. But no genre exploration today, just this lovely, evocative downtempo jazz/trip hop fusion work.

It’s dark water jazz indeed this week…

Congress oublies the Flint water crisis
I can’t find anything in C-SPAN about the House Energy and Commerce Committee hearing which was to address the crisis. Convenient for Republicans running for office right now to keep themselves at arm’s length from a Republican scandal. We’re lucky the hearing was captured at all; it can be found at the committee’s website. (Video 3:44:08)

It must be difficult to kowtow to traditional GOP underwriters while trying to appear like you’re doing a credible job of representing Americans most in need. But it’s a lot easier to bury and forget the inconvenient.

The latest scuttlebutt is that the bipartisan Energy Policy Modernization Act of 2015 (S.2012) will proceed without additional funding to remedy Flint’s damaged water system, still replete with lead piping. Senate Republicans led by Senator Mike Lee of Utah protested the inclusion of funding for Flint in this bill, threatening to reject it altogether.

Wait — you know who’s up for reelection this season? Senator Mike Lee! Amazing coincidence! Or not. You know, Senator Lee, when your fellow senators leak about your obstruction, you should catch a clue. Sometimes actually helping Americans is more important than sucking up to your anti-tax overlords.

You know who else is up for reelection this season? Senator Lisa Murkowski, the chair of the counterpart Senate Energy Committee and the sponsor of S.2012. You’d think she’d want to look effective as a leader and at governance.

Roughly 8,000 children will continue to live as if they are in a third world country, with a patchwork of assistance for their health and education, but no relief from the lead pipes which continue to run from the water department to their homes. Imagine them drinking water out bottles for the rest of their childhoods, their families having to take additional time and effort to lug bottles upon bottles for their daily essential needs.

Don’t even suggest these families leave. They are stuck, STUCK in Flint, because their property values have been gutted by the failure of a GOP-led state administration, and the continued avoidance by a GOP-led Congress. Who wants to buy a home with lead pipes in Flint now? Which banks want to finance new mortgages to those homes? Which insurers want to write coverage on them?

Some government aid has been offered to Flint — which the ever-ineffectual Rep. Fred Upton recited like a litany during the hearing (see 0:13:30 in the video) — but none of it addresses the lead piping.

Donald Trump won the Republican primary in Flint’s home county of Genessee, by the way. Can’t understand why…

Cleaning off the desk
Stuff worth perusing, but I’m not going to elaborate on before I chuck it in the bin for the week.

  • Microsoft suing U.S. government for gagging the software company about government requests for users’ information. (Microsoft) — MSFT president Brad Smith wrote in a blog post about the suit; note the complaint here (pdf) in which MSFT shared these details:

    Between September 2014 and March 2016, Microsoft received 5,624 federal demands for customer information or data. Of those, nearly half—2,576—were accompanied by secrecy orders, forbidding Microsoft from telling the affected customers that the government was looking at their information. The vast majority of these secrecy orders related to consumer accounts and prevent Microsoft from telling affected individuals about the government’s intrusion into their personal affairs; others prevent Microsoft from telling business customers that the government has searched and seized the emails of individual employees of the customer. Further, 1,752 of these secrecy orders contained no time limit, meaning that Microsoft could forever be barred from telling the affected customer about the government’s intrusion. The government has used this tactic in this District. Since September 2014, Microsoft received 25 secrecy orders issued in this District, none of which contained any time limit. These secrecy orders prohibit Microsoft from speaking about the government’s specific demands to anyone and forbid Microsoft from ever telling its customers whose documents and communications the government has obtained. The secrecy orders thus prevent Microsoft’s customers and the public at large from ever learning the full extent of government access to private, online information

    Emphasis Microsoft’s. Therein the one way to release a limited amount of information: file suit against the government.

  • Claims after March attack that Brussels airport security was lax impels Belgium’s transport minister to quit (euronews) — Bombs were detonated before security clearance area; not certain how minister could have prevented bombing except to move clearance all the way to the edge of the airport’s perimeter instead of after check-in.
  • UC-Davis sanitized the internet to prop its image (SacBee) — School paid $175K to excise references to a 2011 attack on student protesters by police using teargas. Should keep in mind UC-Davis is part of the University of California, of which former Homeland Secretary Janet Napolitano is president, who authorized spying-by-malware on UC-Berkeley.
  • Hey, did you know there’s a tiny sovereign country inside U.S. borders? (Atlas Obscura) — Welcome to Molossia, have a nice day! Surprised no uber-wealthy hit on this as a potential money-laundering. tax-avoidance strategy: make your own country inside the U.S.

And with that we’re off, headed for a nice spring weekend ahead. Have a good one!

Blogger since 2002, political activist since 2003, geek since birth. Opinions informed by mixed-race, multi-ethnic, cis-female condition, further shaped by kind friends of all persuasions. Sci-tech frenemy, wannabe artist, decent cook, determined author, successful troublemaker. Mother of invention and two excessively smart-assed young adult kids. Attended School of Hard Knocks; Rather Unfortunate Smallish Private Business School in Midwest; Affordable Mid-State Community College w/evening classes. Self-employed at Tiny Consulting Business; previously at Large-ish Chemical Company with HQ in Midwest in multiple marginalizing corporate drone roles, and at Rather Big IT Service Provider as a project manager, preceded by a motley assortment of gigs before the gig economy was a thing. Blogging experience includes a personal blog at the original blogs.salon.com, managing editor for a state-based news site, and a stint at Firedoglake before landing here at emptywheel as technology’s less-virginal-but-still-accursed Cassandra.

NSA Propagandist John Schindler Suggests Boston Marathon Terrorist Attack Not “Major Jihadist Attack”

NSA propagandist John Schindler has used the San Bernardino attack as an opportunity to blame Edward Snowden for the spy world’s diminished effectiveness, again.

Perhaps the most interesting detail in his column is his claim that 80% of thwarted attacks come from an NSA SIGINT hit.

Something like eighty percent of disrupted terrorism cases in the United States begin with a SIGINT “hit” by NSA.

That’s mighty curious, given that defendants in these cases aren’t getting notice of such SIGINT hits, as required by law, as ACLU’s Patrick Toomey reminded just last week. Indeed, the claim is wholly inconsistent with the claims FBI made when it tried to claim the dragnet was effective after the Snowden leaks, and inconsistent with PCLOB’s findings that the FBI generally finds such intelligence on its own. Whatever. I’m sure the discrepancy is one Schindler will be able to explain to defense attorneys when they subpoena him to explain the claim.

Then there’s Schindler’s entirely illogical claim that the shut-down of the phone dragnet just days before the attack might have helped to prevent it.

The recent Congressionally-mandated halt on NSA holding phone call information, so-called metadata, has harmed counterterrorism, though to what extent remains unclear. FBI Director James Comey has stated, “We don’t know yet” whether the curtailing of NSA’s metadata program, which went into effect just days before the San Bernardino attack, would have made a difference. Anti-intelligence activists have predictably said it’s irrelevant, while some on the Right have made opposite claims. The latter have overstated their case but are closer to the truth.

As Mike Lee patiently got Jim Comey to admit last week, if the Section 215 phone dragnet (as opposed to the EO 12333 phone dragnet, which remains in place) was going to prevent this attack, it would have.

Schindler then made an error that obscures one of the many ways the new phone dragnet will be better suited to counterterrorism. Echoing a right wing complaint that the government doesn’t currently review social media accounts as part of the visa process, he claimed “Tashfeen Malik’s social media writings [supporting jihad] could have been easily found.” Yet at least according to ABC, it would not have been so easy. “Officials said that because Malik used a pseudonym in her online messages, it is not clear that her support for terror groups would have become known even if the U.S. conducted a full review of her online traffic.” [See update.] Indeed, authorities found the Facebook post where Malik claimed allegiance to ISIS by correlating her known email with her then unknown alias on Facebook. NSA’s new phone program, because it asks providers for “connections” as well as “contacts,” is far more likely to identify multiple identities that get linked by providers than the old program (though it is less likely to correlate burner identities via bulk analysis).

Really, though, whether or not the dragnet could have prevented San Bernardino which, as far as is evident, was carried out with no international coordination, is sort of a meaningless measure of NSA’s spying. To suggest you’re going to get useful SIGINT about a couple who, after all lived together and therefore didn’t need to use electronic communications devices to plot, is silliness. A number of recent terrorist attacks have been planned by family members, including one cell of the Paris attack and the Charlie Hebdo attack, and you’re far less likely to get SIGINT from people who live together.

Which brings me to the most amazing part of Schindler’s piece. He argues that Americans have developed a sense of security in recent years (he of course ignores right wing terrorism and other gun violence) because “the NSA-FBI combination had a near-perfect track record of cutting short major jihadist attacks on Americans at home since late 2001.” Here’s how he makes that claim.

Making matters worse, most Americans felt reasonably safe from the threat of domestic jihadism in recent years, despite repeated warnings about the rise of the Islamic State and terrible attacks like the recent mass-casualty atrocity in Paris. Although the November 2009 Fort Hood massacre, perpetrated by Army Major Nidal Hasan, killed thirteen, it happened within the confines of a military base and did not involve the general public.

Two months before that, authorities rolled up a major jihadist cell in the New York City area that was plotting complex attacks that would have rivalled the 2005 London 7/7 atrocity in scope and lethality. That plot was backed by Al-Qa’ida Central in Pakistan and might have changed the debate on terrorism in the United States, but it was happily halted before execution – “left of boom” as counterterrorism professionals put it.

Jumping from the 2009 attacks (and skipping the 2009 Undiebomb and 2010 Faisal Shahzad attempts) to the Paris attack allows him to suggest any failure to find recent plots derives from Snowden’s leaks, which first started in June 2013.

However, the effectiveness of the NSA-FBI counterterrorism team has begun to erode in the last couple years, thanks in no small part to the work of such journalists-cum-activists. Since June 2013, when the former NSA IT contactor [sic] Edward Snowden defected to Moscow, leaking the biggest trove of classified material in all intelligence history, American SIGINT has been subjected to unprecedented criticism and scrutiny.

There is, of course, one enormous thing missing from Schindler’s narrative of NSA perfection: the Boston Marathon attack, committed months before the first Snowden disclosures became public. Indeed, even though the NSA was bizarrely not included in a post-Marathon Inspector General review of how the brothers got missed, it turns out NSA did have intelligence on them (Tamerlan Tsarnaev was in international contact with known extremists and also downloaded AQAP’s Inspire magazine repeatedly). Only, that intelligence got missed, even with the multiple warnings from FSB about Tamerlan.

Perhaps Schindler thinks that Snowden retroactively caused the NSA to overlook the intelligence on Tamerlan Tsarnaev? Perhaps Schindler doesn’t consider an attack that killed 3 and injured 260 people a “major jihadist attack”?

It’s very confusing, because I thought the Boston attack was a major terrorist attack, but I guess right wing propagandists trying to score points out of tragedy can ignore such things if it will spoil their tale of perfection.

Update: LAT reports that Malik’s Facebook posts were also private, on top of being written under a pseudonym. Oh, and also in Urdu, a language the NSA has too few translators in. The NSA (but definitely not the State Department) does have the ability to 1) correlate IDs to identify pseudonyms, 2) require providers to turn over private messages — they could use PRISM and 3) translate Urdu to English. But this would be very resources intensive and as soon as State made it a visa requirement, anyone trying to could probably thwart the correlation process.

Marcy has been blogging full time since 2007. She’s known for her live-blogging of the Scooter Libby trial, her discovery of the number of times Khalid Sheikh Mohammed was waterboarded, and generally for her weedy analysis of document dumps.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including the Guardian, Salon, and the Progressive, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse and dog in Grand Rapids, MI.

If Ending DOD’s Train and Assist Program Is about Returning to Covert Status, Will Congress Get Details?

When Mike Lee, Joe Manchin, Chris Murphy, and Tom Udall wrote the Administration calling for an end to the Syria Train and Equip Program last week, they addressed it to CIA Director John Brennan, along with Defense Secretary Ash Carter (its primary addressee, given the clear reference to details about DOD’s T&E mission) and Secretary of State John Kerry.

It appears the Senators got the result they desired. As a number of outlets are reporting, Carter has decided to end DOD’s T&E program, which has done little except arm al Qaeda affiliates in Syria. But it’s not that we’re going to end our involvement in Syria. The stories provide different descriptions of what we intend to continue doing. The NYT, which pretended not to know about the CIA covert program, described a shift of training to Turkey, while discussing armed Sunnis in eastern Syria.

A senior Defense Department official, who was not authorized to speak publicly and who spoke on the condition of anonymity, said that there would no longer be any more recruiting of so-called moderate Syrian rebels to go through training programs in Jordan, Qatar, Saudi Arabia or the United Arab Emirates. Instead, a much smaller training center would be set up in Turkey, where a small group of “enablers” — mostly leaders of opposition groups — would be taught operational maneuvers like how to call in airstrikes.

[snip]

The official said the training was “to be suspended, with the option to restart if conditions dictate, opportunities arise.” The official also said that support to Sunni Arab fighters in eastern Syria was an example of focusing on groups already fighting the Islamic State, also known as ISIS or ISIL, “rather than using training to try to manufacture new brigades.”

The LAT to its credit did acknowledge the parallel CIA program in a piece vaguely describing our “new” approach of working with a wide range of groups on the Turkish border.

Under the new approach, the administration will continue to work with a range of groups to capitalize on the successes that Kurdish, Arab and Turkmen groups have had over the last several months driving the Islamic State forces out of much of the Turkey-Syria border region.‎

[snip]

The decision to end the Pentagon training program does not appear to immediately affect a separate program run by the CIA.

While Ash Carter’s public remarks associated with this discussion make it clear Russia’s actions in the same region remain a concern, the reporting I’ve seen thus far hasn’t tied the decision to end the DOD program to the need to respond to Russia in any way.

Which raises the question: is this just an attempt to shift our existing T&E efforts entirely under a covert structure again? There are many reasons why you’d want to do that, not least because it would make it a lot easier to hide that not only aren’t your “rebels” “moderate,” but they’re al Qaeda affiliates (as David Petraeus and others were floating we should do). Given Qatari and Saudi efforts to flood more weapons into Syria in response to Russia’s involvement, you’d think the US would want to play along too.

But especially since Tom Udall is the guy who — a year ago — raised the crazy notion that Congress should know some details about the (at that point) two year long effort by CIA to support “moderate” forces …

Everybody’s well aware there’s been a covert operation, operating in the region to train forces, moderate forces, to go into Syria and to be out there, that we’ve been doing this the last two years. And probably the most true measure of the effectiveness of moderate forces would be, what has been the effectiveness over that last two years of this covert operation, of training 2,000 to 3,000 of these moderates? Are they a growing force? Have they gained ground? How effective are they? What can you tell us about this effort that’s gone on, and has it been a part of the success that you see that you’re presenting this new plan on?

… I wonder whether Congress has ever gotten fully briefed on that program — and whether they would going forward.

After all, none of the men who signed this letter would be privy to how a covert effort to train rebels was going under normal guidelines unless Udall or Murphy were getting details on the Appropriations Committee.

So while it may be — and I think it likely this is — just an effort to make it easier to partner with al Qaeda to defeat Bashar al-Assad and Putin (teaming with al Qaeda to fight Russia! just like old times!) — I also wonder whether this is an effort to avoid telling most of Congress just how problematic (even if effective from an anti-Assad perspective) both the DOD and CIA effort are.

 

Marcy has been blogging full time since 2007. She’s known for her live-blogging of the Scooter Libby trial, her discovery of the number of times Khalid Sheikh Mohammed was waterboarded, and generally for her weedy analysis of document dumps.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including the Guardian, Salon, and the Progressive, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse and dog in Grand Rapids, MI.

What Is the Point of the SEC ECPA-Reform Power Grab?

Last week, the Senate Judiciary Committee had a hearing on Electronic Communication Privacy Act reform, the main goal of which is to provide protection for content served on a third party’s server. Because reform is looking more inevitable in Congress (the House version of the bill has more sponsors than any other), government agencies used the hearing as an opportunity to present their wish list for the bill. That includes asking for an expansion of the status quo for civil agencies, with witnesses from SEC, DOJ, and FTC testifying (DOJ also made some other requests that I hope to return to).

Effectively, the civil agencies want to create some kind of court order that will provide them access to stored content. A number of the agencies’ witnesses — especially SEC’s Andrew Ceresney — claimed that a warrant is the same as an order, which culminated in Sheldon Whitehouse arguing (after 45:30) that an order requiring court review is actually less intrusive than a warrant because the latter is conducted ex parte.

It took until CDT policy counsel (and former ACLU lawyer) Chris Calabrese to explain why that’s not true (after 2:08):

We have conflated two really different and very different things in this committee today. One is a court, some kind of court based on a subpoena and one is a probable cause warrant. These are not the same thing. A subpoena gives you access to all information that is relevant. As pursuant, relevant to a civil investigation, a civil infraction. So if you make a mistake on your taxes, that’s a potential civil infraction. Nothing that has been put forward by the SEC would do anything but be a dramatic expansion of their authority to get at ordinary people’s in-boxes. Not just the subjects of investigation, but ordinary folks who may be witnesses. Those people would have the–everything in their in-boxes that was relevant to an investigation, so a dramatic amount of information, as opposed to probable cause of evidence of a crime. That’s a really troubling privacy invasion.

I’m utterly sympathetic with Calabrese’s (and the EFF’s) argument that the bid for some kind of civil investigative order is a power grab designed to bypass probable cause.

But I wonder whether there isn’t another kind of power grab going on as well — a bid to force banks to be investigated in a certain kind of fashion.

It was really hard, to begin with, to have former and (presumably) future Debevoise & Plimpton white collar defense attorney Andrew Ceresney to talk about how seriously SEC takes it job of  “the swift and vigorous pursuit of those who have broken the securities laws through the use of all lawful tools available to us,” as he said in his testimony and during the hearing. There’s just been no evidence of it.

Moreover, as Ceresney admitted, SEC hasn’t tried to obtain email records via an order since the US v. Warshak decision required a warrant in the 6th Circuit, even though SEC believes its approach — getting an order but also providing notice to the target — isn’t governed by Warshak. As SEC Chair Mary Jo White (another revolving door Debevoise & Plimpton white collar defense attorney) said earlier this year,

“We’ve not, to date, to my know­ledge, pro­ceeded to sub­poena the ISPs,” White said. “But that is something that we think is a crit­ic­al au­thor­ity to be able to main­tain, done in the right way and with suf­fi­cient so­li­cit­ous­ness.”

For five years, the SEC hasn’t even tried to use this authority, all while insisting they needed it — even while promising they would remain “solicitous,” if there were any worries about that.

Claims that the SEC needed such authority might be more convincing if SEC was actually pursuing crooks, but there’s little evidence of that.

Which is why I’m interested in this passage, from a letter White sent to Pat Leahy in April 2013 and appended to Ceresney’s testimony, explaining why SEC can’t have DOJ obtain orders for this material.

DOJ only has authority to seek search warrants to advance its own investigations, not SEC investigations. Thus, the Commission cannot request that the DOJ apply for a search warrant on the SEC’s behalf. Second, many SEC investigations of potential civil securities law violations do not involve a parallel criminal investigation, and thus there is no practical potential avenue for obtaining a search warrant in those cases. The large category of cases handled by the SEC without criminal involvement, however, have real investor impact, and are vital to our ability to protect- and, where feasible, make whole – harmed investors.

The only times when SEC would need their fancy new order is if the subject of an investigation refuses to turn information voluntarily, and the threat that they could obtain an order anyway is, according to Ceresney, they key reason SEC wants to maintain this authority (though he didn’t argue the apparent absence of authority has been responsible for SEC’s indolence over the last 5 years). But that act, refusing to cooperate, would get companies more closely into criminal action and — especially under DOJ’s purportedly new policy of demanding that companies offer up their criminal employees — into real risk of forgoing any leniency for cooperation. But White is saying (or was, in 2013, when it was clear Eric Holder’s DOJ wasn’t going to prosecute) that SEC can’t ask DOJ to subpoena something because that would entail a potentially criminal investigation.

Well yeah, that’s the point.

Then add in the presumption here. One problem with prosecuting corporations is they hide their crimes behind attorney-client and trade secret privileges. I presume that’s partly what Sally Yates meant in her new “policy” memo, noting that investigations require a “painstaking review of corporate documents … which may be difficult to collect because of legal restrictions.” SEC’s policy would be designed for maximal privilege claims, because it would involve the subject in the process.

 

If the legislation were so structured, an individual would have the ability to raise with a court any privilege, relevancy, or other concerns before the communications are provided by an ISP, while civil law enforcement would still maintain a limited avenue to access existing electronic communications in appropriate circumstances from ISPs.

 

Other criminals don’t get this treatment. Perhaps the problems posed by financial crime — as well as the necessity for broader relevancy based evidence requests — are unique, though I’m not sure I buy that.

But that does seem to be a presumption behind this SEC power grab: retention of the special treatment financial criminals get that has thus far resulted in their impunity.

Marcy has been blogging full time since 2007. She’s known for her live-blogging of the Scooter Libby trial, her discovery of the number of times Khalid Sheikh Mohammed was waterboarded, and generally for her weedy analysis of document dumps.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including the Guardian, Salon, and the Progressive, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse and dog in Grand Rapids, MI.

On Carrots, Sticks, and Rand Paul

Now that USA F-ReDux has become USA FreeDone, I wanted to look at Steve Vladeck’s two bizarre posts attacking Rand Paul’s opposition to USA F-ReDux as a way of doing a post-mortem on the process.

I say bizarre because Vladeck complains that Paul “seize[d] the national spotlight in order to focus everyone’s attention on a hyper-specific question” — that of the Section 215 dragnet — when Vladeck has, at this late date, joined those of us who have long been pushing a focus on broader issues, specifically EO 12333 and Section 702. To support his claim that Paul is singularly focused on Section 215, Vladeck links to a second-hand report of a sentence in Paul’s campaign announcement, rather than to the announcement itself which (while more muddled than in other statements where Paul has named EO 12333 directly) invokes surveillance authorized by Executive Order, not the PATRIOT Act.

The president created this vast dragnet by executive order. And as president on day one, I will immediately end this unconstitutional surveillance.

Contrary to Vladeck’s miscitation, in this and other comments, Paul seized the national spotlight, in significant part, to talk about the broader issues, specifically EO 12333 and Section 702, that those pushing USA F-ReDux had set aside for future fights. Indeed, big parts of Paul’s filibuster speech — including his 10 and Ron Wyden’s 2 references to EO 12333 and his 18 and Wyden’s 3 references to 702 — sounds a lot like Vladeck’s series of posts worrying that this will be the only shot at reform and therefore regretting that we didn’t talk about the bigger issues as part of it.

Another deficiency of the USA FREEDOM Act is that it does not address bulk collection under Executive Order 12333. The bill also fails to address bulk collection under section 702 of the FISA Amendments Act.

One could say: What are you complaining about? You are getting some improvement. You still have problems, but you are getting some improvement.

I guess my point is that we are having this debate, and we don’t have it very often. We are having the debate every 3 years, and some people have tried to make this permanent, where we would never have any debate. Even though we are only having it every3 years, it is still uncertain whether I will be granted any amendments to this bill.

So, yes, I would like to address everything while we can. I think we ought to address section 702. I think we ought to–for goodness’ sake, why won’t we have some hearings on Executive Order 12333? I think they may be having them in secret, but I go back to what Senator Wyden said earlier. I think the principles of the law could be discussed in public. We don’t have to reveal how we do stuff. Do we think anybody in the world thinks we are not looking at their stuff? Why don’t we
explore the legality and the law of how we are doing it as opposed to leaving it unsaid and unknown in secret?

In other words, unlike the drone filibuster Vladeck points to as proof of “libertarian hijacking” — where Paul definitely defined his terms narrowly (but in a later iteration did succeed in getting more response from Jim Comey than Ron Wyden making demands) — Paul was arguing for precisely what Vladeck said we should be arguing about. He just has cooties, I guess is the substance of Vladeck’s argument, so Vladeck doesn’t want him as an ally.

Equally bizarre is Vladeck’s claim that, “it was the very same Senator Paul who all-but-singlehandedly torpedoed the Leahy bill back in November, helping to force the entirely unnecessary political and legal brinkmanship of the past week.” That’s bizarre because, as a matter of fact, Paul did not “singlehandedly” torpedo the bill; Bill Nelson played an equal role (and that’s even assuming the bill had enough votes to pass, which given that I know of 1 pro-cloture vote who was a no vote on passage and a significant number who weren’t committed to vote for it without improving amendment, was never a foregone conclusion). It’s easy to blame Paul because it absolves whoever it was that whipped a bill but didn’t even count all the Democratic votes on it, but Paul was in no way singlehandedly responsible.

But the view all the more bizarre, coming from Vladeck, because if Paul singlehandedly torpedoed the bill (he didn’t) he also singlehandedly made the 2nd Circuit ruling for ACLU possible (he didn’t, but that is Vladeck’s logic). And unlike most USA F-ReDux champions, Vladeck has been very attentive– if, at times, arguably mistaken in his understanding of it — to the interaction of USA F-ReDux legislation and the courts. While USA F-ReDux is — important additional Congressional reporting requirements on PRTT and bulky 215 collection notwithstanding — definitely a worse bill than its predecessor, that’s not the measure. So long as the 2nd Circuit decision ruling against “relevant to” and finding a Fourth Amendment interest at the moment of collection rather than review stands (the government still has a few weeks to challenge it), the measure is USA F-ReDux plusthe 2nd Circuit decision as compared to USAF without the additional leverage of an appellate court ruling. There are very important things the 2nd Circuit decision may add to USA F-ReDux. Every commenter is entitled to weigh that measure themselves, but if you’re going to hold Paul responsible for torpedoing the legislation last fall you also have to credit him with buying time so the 2nd Circuit could weigh in.

Which brings me to leverage.

I was not a fan of any version of USAF because all left every key provision save the CDR function (and even some of that was left dangerously open to interpretation until HJC wrote its final bill report) subject to the whim of the Executive and/or the FISC, and the bill itself jettisoned necessary leverage over the Executive (Vladeck has written about the gutting of the FISC advocate, and a parallel gutting has happened on transparency provisions from the start). That is, rather than exercise some kind of authority over the Executive, Congress basically wrote down what the Executive wanted and passed it in a way that the Executive still had a lot of leeway to decide what it wanted to do.

I get why that happened and I don’t mean to diminish the work of those who pushed for more: the votes and leadership buy-in simply isn’t there yet to actually start limiting what Article II will do in secret.

But that means none of the other things Vladeck wants will be possible until we get more leverage. And while the outcome of the bill may be the same and/or worse, what is different about the passage of USA F-ReDux is that leadership in both house of Congress barely kept it together.

And Rand Paul, whether he has cooties or not, was key to that process.

That’s true, in large part, because Mitch McConnell was aiming to set up an urgent crisis as a way to scare people into making the bill worse. He succeeded in doing so by delaying consideration of the bill until the last minute, but when Paul — and Ron Wyden and Martin Heinrich — prevented him from getting a short-term extension to do so without lapsing the dragnet, that changed the calculus of the crisis. It meant those who had bought into the idea you need a dragnet to keep the country safe could be pressured to vote against McConnell’s efforts to weaken USA F-ReDux. (Note, there are some who have claimed that Paul objected to immediately considering USA F-ReDux Sunday night, giving McConnell his opportunity to amend the bill, but the congressional record doesn’t support that; McConnell didn’t call for immediate consideration of the bill itself until he had already filled the tree with amendments.)

And while I don’t want to minimize the utterly crucial efforts of Mike Lee to actually whip the vote, that effort was made easier by the very real threat that if the bill had to go back to the House it would die, resulting in a more permanent lapse to Section 215 and the other expired authorities. Leahy and others used that threat repeatedly, in fact, to argue that surveillance hawks needed to support an amended bill. And the threat was heightened because John Boehner had real worries that if he tried something funny, his own leadership would be at risk.

Last year, the privacy community was mostly fighting with carrots against an Executive branch that was dictating what it was willing to give up. Now, it’s fighting with carrots and sticks. We haven’t gotten the Executive branch to give up anything it didn’t already want to give up yet. But having dealt McConnell a big defeat and having the threat to do so with Boehner might make that possible going forward.

Having someone like Rand Paul, who is not afraid to be accused of having cooties, to make that possible is a critical part of that process. That doesn’t negate the efforts of anyone else (again, I’m really encouraged by Mike Lee’s role in all this). But it does mean people holding carrots but demanding things that will only be obtained with some sticks, too, ought not to dismiss the efforts to make the threat of a stick real.

 

Marcy has been blogging full time since 2007. She’s known for her live-blogging of the Scooter Libby trial, her discovery of the number of times Khalid Sheikh Mohammed was waterboarded, and generally for her weedy analysis of document dumps.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including the Guardian, Salon, and the Progressive, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse and dog in Grand Rapids, MI.

If Section 215 Lapsed, Would the Government Finally Accede to ECPA Reform?

Now that the Section 215 Sunset draws nearer, the debate over what reformers should do has shifted away from whether USA Freedom Act is adequate reform to whether it is wise to push for Section 215 to sunset.

That debate, repeatedly, has focused almost entirely on the phone dragnet that Section 215 authorizes. It seems most of the people engaging in this debate or reporting on it are unaware or uninterested in what the other roughly 175 Section 215 orders authorized last year did (just 5 orders authorized the phone dragnet).

But if Section 215 sunsets in June, those other 175 orders will be affected too (though thus far it looks like FISC is approving fewer 215 orders than they did last year). Yet the government won’t tell us what those 175 orders do.

We know — or suspect — some of what these other orders do. NYT and WSJ reported on a Western Union dragnet that would probably amount to 4-5 orders a year (and would have been unaffected and hidden in transparency reporting under USA Freedom Act).

The FBI has previously confirmed that it used Section 215 to collect records of explosives precursors — things like large quantities of acetone, hydrogen peroxide, fertilizer, and (probably now) pressure cookers; given that the Presidential Review Group consulted with ATF on its review of Section 215, it’s likely these are programmatic collection. (If the government told us it was, we might then be able to ask why these materials couldn’t be handled the same way Sudafed is handled, too, which might force the government to tie it more closely to actual threats.) This too would have been unaffected by USAF.

The government also probably uses Section 215 to collect hotel records (which is what it was originally designed for, though not in the bulk it is probably accomplished). This use of Section 215 will likely be reinforced if and when SCOTUS affirms the collection of hotel records in Los Angeles v. Patel.

But the majority of those 175 Section 215 orders, we now know, are for some kind of Internet records that may or may not relate to cyber investigations, depending on whether you think FBI talks out of its arse when trying to keep authorities, but which they almost certainly collect in sufficient bulk that FISC imposed minimization procedures on FBI.

Which brings me to my argument that reauthorizing Section 215 will forestall any ECPA reform.

We know most Section 215 orders are for Internet records because someone reliable — DOJ’s Inspector General in last year’s report on National Security Letters — told us that a collection of Internet companies successfully challenged FBI’s use of NSLs to collect this stuff after DOJ published an opinion on ECPA in 2008.

The decision of these [redacted] Internet companies to discontinue producing electronic communication transactional records in response to NSLs followed public release of a legal opinion issued by the Department’s Office of Legal Counsel (OLC) regarding the application of ECPA Section 2709 to various types of information. The FBI General Counsel sought guidance from the OLC on, among other things, whether the four types of information listed in subsection (b) of Section 2709 — the subscriber’s name, address, length of service, and local and long distance toll billing records — are exhaustive or merely illustrative of the information that the FBI may request in an NSL. In a November 2008 opinion, the OLC concluded that the records identified in Section 2709(b) constitute the exclusive list of records that may be obtained through an ECPA NSL.

Although the OLC opinion did not focus on electronic communication transaction records specifically, according to the FBI, [redacted] took a legal position based on the opinion that if the records identified in Section 2709(b) constitute the exclusive list of records that may be obtained through an ECPA NSL, then the FBI does not have the authority to compel the production of electronic communication transactional records because that term does not appear in subsection (b).

That report went on to explain that FBI considered fixing this problem by amending the definition for toll records in Section 2709, but then bagged that plan and just moved all this collection to Section 215, which takes longer.

In the absence of a legislative amendment to Section 2709, [2.5 lines redacted]. [Deputy General Counsel of FBI’s National Security Law Branch] Siegel told us that the process of generating and approving a Section 215 application is similar to the NSL process for the agents and supervisors in the field, but then the applications undergo a review process in NSLB and the Department’s National Security Division, which submits the application to the Foreign Intelligence Surveillance Court (FISA Court). According to Siegel, a request that at one time could be accomplished with an NSL in a matter of hours if necessary, now takes about 30-40 days to accomplish with a standard Section 215 application.

In addition to increasing the time it takes to obtain transactional records, Section 215 requests, unlike NSL requests, require the involvement of FBI Headquarters, NSD, and the FISA Court. Supervisors in the Operations Section of NSD, which submits Section 215 applications to the FISA Court, told us that the majority of Section 215 applications submitted to the FISA Court [redacted] in 2010 and [redacted] in 2011 — concerned requests for electronic communication transaction records.

The NSD supervisors told us that at first they intended the [3.5 lines redacted] They told us that when a legislative change no longer appeared imminent and [3 lines redacted] and by taking steps to better streamline the application process.

The government is, according to the report, going through all sorts of hoop-jumping on these records rather than working with Congress to pass ECPA reform.

Why?

That’s not all the Report told us. Even earlier than that problem, in 2007, the IG identified other uncertainties about what the FBI should be obtaining with an NSL, and FBI actually put together a proposal to Congress. The proposed definition included both financial information and what could be construed as location data in toll records. That bill has never been passed.

But while Internet companies have shown reluctance to let the FBI secretly expand the meaning of toll record, two telecoms have not (a third, which I suspect is Verizon, backed out of closer cooperation on NSLs in 2009, and presumably a fourth, which probably is T-Mobile, was never a part of it).

And here’s what happened to the kinds of records FBI has been obtaining (almost certainly from AT&T) in the interim:

Screen Shot 2015-03-19 at 5.15.23 PM

 

FBI is collecting 7 kinds of things from (probably) AT&T that the Inspector General doesn’t think fits under ECPA.

Now, I’m not sure precisely why ECPA reform has gone nowhere in the last 8 years, but all this redaction suggests one reason is the government doesn’t want to be bound by a traditional definition of toll record, so much so it’s willing to put up with the aggravation of getting Section 215 orders for (what may be the same kind of) information from Internet companies in order to not be bound by limits on its telecom (or at least AT&T) NSLs.

Don’t get me wrong. I’d rather have the Internet stuff be under Section 215 orders, where it will be treated with some kind of minimization (the FBI is still completely ignoring the 2006 language in Section 215 requiring it to adopt minimization procedures for that section, but FISC has stepped into the void and imposed some itself).

But ultimately what’s going on — in addition to the adoption of a dragnet approach for phone records (that might have been deemed a violation of 18 USC 2302-3 if litigated with an adversary) and financial records (that might have been deemed a violation of 12 USC 3401-3422 if litigated with an adversary), is that the government is also, apparently, far exceeding the common understanding of NSLs without going back to Congress to get them to amend the law (and this goes well beyond communities of interest — two or maybe three hop collection under an NSL — which isn’t entirely redacted in this report).

It may be moot anyway. I actually wonder whether Internet companies will use the immunity of CISA, if and when it passes, to turn whatever they’re turning over without a Section 215 order.

And it’s not like Pat Leahy and Mike Lee have been successful in their efforts to get ECPA reform that protects electronic communications passed. ECPA isn’t happening anyway.

But maybe it might, if Section 215 were to lapse and the government were forced to stop kluging all the programs that have never really been approved by Congress in the first place into Section 215.

Marcy has been blogging full time since 2007. She’s known for her live-blogging of the Scooter Libby trial, her discovery of the number of times Khalid Sheikh Mohammed was waterboarded, and generally for her weedy analysis of document dumps.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including the Guardian, Salon, and the Progressive, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse and dog in Grand Rapids, MI.