There were a number of interesting exchanges in the Senate Armed Services Committee on cybersecurity hearing today, which I’ll return to in a bit. But for the moment I wanted to point to this bizarre exchange featuring Bill Nelson.
Nelson: Admiral, I’m concerned about all of these private telecoms that are going to encrypt. If you have encryption of everything, how, in your opinion, does that affect Section 702 and 215 collection programs?
Rogers: It certainly makes it more difficult.
Nelson: Does the Administration have a policy position on this?
Rogers: No. I think we’re still — I mean, we’re the first to acknowledge this is an incredibly complicated issue, with a lot of very valid perspectives. And we’re still, I think, collectively trying to work through what’s the right way ahead, here, recognizing that there’s a lot of very valid perspectives but from the perspective as CyberCommand and NSA as I look at this issue, there’s a huge challenge here that we have got to deal with.
Nelson: A huge challenge? And I have a policy position. And that is that the telecoms better cooperate with the United States government or else … it just magnifies the ability for the bad guys to utilize the Internet to achieve their purposes.
Bill Nelson is apparently very upset by the increasing use of encryption, but seems to believe Apple — which is at the center of these discussions — is a telecom. I’m happy to consider Apple a “phone company,” given that iMessage messages would go through the Internet and Apple rather than cell providers, and I think the IC increasingly thinks of Apple as a phone company. But it’s not a telecom, which is a different legal category.
He also believes that Apple’s encryption would hurt NSA’s Section 215 collection program. And NSA Director Mike Rogers appears to agree!
It shouldn’t. While Apple’s use of encryption will make it harder to get iMessage content, the metadata should still be available. So I’m rather curious why it is that Rogers agreed with Nelson?
In any case, Nelson doesn’t seem very interested in why Rogers immediately noted how complicated this question is — this is, after all, a hearing on cybersecurity and we know the Administration admits that more widespread encryption actually helps cybersecurity (especially since sophisticated hackers will be able to use other available encryption methods).
But I am intrigued that Rogers didn’t correct Nelson’s assertion that encryption would hurt the Section 215 program.
Update: This, from Apple’s transparency report, is one more reason Rogers’ agreement that encryption creates problems for the Section 215 program is so curious.
To date, Apple has not received any orders for bulk data.
34 years ago Ronald Reagan issued the Executive Order that still governs most of our country’s intelligence activities, EO 12333.
As part of it, the EO required any agency using information concerning US persons to have a set of procedures laying out how it obtains, handles, and disseminates information (see the language of 2.3 below).
Only — as the Privacy and Civil Liberties Oversight Board started pointing out in August 2013 — some agencies have never complied. In February, PCLOB revealed the 4 agencies that are still flouting Reagan’s rules, along with what they have been using:
The Department of Homeland Security’s notoriously shoddy Office of Intelligence and Analysis: Pending issuance of final procedures, I&A is operating pursuant to Interim Intelligence Oversight Procedures, issued jointly by the Under Secretary for Intelligence and Analysis and the Associate General Counsel for Intelligence (April 3, 2008).
United States Coast Guard (USCG)- Intelligence and counterintelligence elements: Pending issuance of final procedures, operating pursuant to Commandant Instruction – COMDINST 3820.12, Coast Guard Intelligence Activities (August 28, 2003).
Department of Treasury Office of Intelligence and Analysis (OIA): Pending issuance of final procedures. While draft guidelines are being reviewed in the interagency approval process, the Office of Intelligence and Analysis conducts intelligence operations pursuant to EO 12333 and statutory responsibilities of the IC element, as advised by supporting legal counsel.
Drug Enforcement Administration, Office of National Security Intelligence (ONSI): Pending issuance of final procedures, operates pursuant to guidance of the Office of Chief Counsel, other guidance, and: Attorney General approved “Guidelines for Disclosure of Grand Jury and Electronic, Wire, and Oral Interception Information Identifying United States Persons” (September 23, 2002); Attorney General approved “Guidelines Regarding Disclosure to the Director of Central Intelligence and Homeland Security Officials of Foreign Intelligence Acquired in the Course of a Criminal Investigation” (September 23, 2002).
Last year’s House Intelligence Committee version of NSA reform (the one I called RuppRoge) would have included language requiring agencies to finish these procedures — mandated 34 years ago — within 6 months. And now, over a year later, Dianne Feinstein’s latest attempt at reform echoed that language.
Which strongly suggests these agencies are still deadbeats.
As I said in February, I’m most concerned about DEA (because DEA is out of control) and, especially, Treasury (because Treasury’s intelligence activities are a black box with little court review). Treasury is making judgements that can blacklist someone financially, but it has thus far refused to institute procedures to protect Americans’ privacy while it does so.
And no one seems to be rushing to require them to do so.
2.3 Collection of Information. Agencies within the Intelligence Community are authorized to collect, retain or disseminate information concerning United States persons only in accordance with procedures established by the head of the agency concerned and approved by the Attorney General, consistent with the authorities provided by Part 1 of this Order. Those procedures shall permit collection, retention and dissemination of the following types of information:
(a) Information that is publicly available or collected with the consent of the person concerned;
(b) Information constituting foreign intelligence or counterintelligence, including such information concerning corporations or other commercial organizations. Collection within the United States of foreign intelligence not otherwise obtainable shall be undertaken by the FBI or, when significant foreign intelligence is sought, by other authorized agencies of the Intelligence Community, provided that no foreign intelligence collection by such agencies may be undertaken for the purpose of acquiring information concerning the domestic activities of United States persons;
(c) Information obtained in the course of a lawful foreign intelligence, counterintelligence, international narcotics or international terrorism investigation;
(d) Information needed to protect the safety of any persons or organizations, including those who are targets, victims or hostages of international terrorist organizations;
(e) Information needed to protect foreign intelligence or counterintelligence sources or methods from unauthorized disclosure. Collection within the United States shall be undertaken by the FBI except that other agencies of the Intelligence Community may also collect such information concerning present or former employees, present or former intelligence agency contractors or their present or former employees, or applicants for any such employment or contracting;
(f) Information concerning persons who are reasonably believed to be potential sources or contacts for the purpose of determining their suitability or credibility;
(g) Information arising out of a lawful personnel, physical or communications security investigation;
(h) Information acquired by overhead reconnaissance not directed at specific United States persons;
(i) Incidentally obtained information that may indicate involvement in activities that may violate federal, state, local or foreign laws; and
(j) Information necessary for administrative purposes.
In addition, agencies within the Intelligence Community may disseminate information, other than information derived from signals intelligence, to each appropriate agency within the Intelligence Community for purposes of allowing the recipient agency to determine whether the information is relevant to its responsibilities and can be retained by it.
On May 7, the very same day the Second Circuit ruled that Congress has to say specifically what a surveillance bill means for the bill to mean that thing, Richard Burr engaged in a staged colloquy on the Senate floor where he claimed that the Section 215 bulk collection program collects IP addresses. After Andrew Blake alerted me to that and I wrote it up, Burr stuffed the claim into the memory hole and claimed, dubiously, to have made a misstatement in a planned colloquy.
Then, after Mitch McConnell created a crisis by missing the first Section 215 reauthorization deadlines, Burr submitted a bill that would immediately permit the bulk collection of IP addresses, plus a whole lot more, falsely telling reporters this was a “compromise” bill that would ensure a smooth transition between the current (phone) dragnet and its replacement system.
Which strongly suggests Burr’s initial “misstatement” was simply an attempt to create a legislative record approving a vast expansion of the current dragnet that, when he got caught, led Burr to submit a bill that actually would implement that in fact.
This has convinced me we’re going to need to watch these authoritarians like hawks, to prevent them from creating the appearance of authorizing vast surveillance systems without general knowledge that’s what’s happening.
So I reviewed the speech Mitch made on Friday (this appears after 4:30 to 15:00; unlike Burr’s speech, the congressional record does reflect what Mitch actually said; h/t Steve Aftergood for Congressional Record transcript). And amid misleading claims about what the “compromise” bill Burr was working on, Mitch suggested something remarkable: among the data he’s demanding be retained are documents, not just call data.
I’ve placed the key part of Mitch’s comments below the rule, with my interspersed comments. As I show, one thing Mitch does is accuse providers of an unwillingness to provide data when in fact what he means is far more extensive cooperation. But I’m particularly interested in what he says about data retention:
The problem, of course, is that the providers have made it abundantly clear that they will not commit to retaining the data for any period of time as contemplated by the House-passed bill unless they are legally required to do so. There is no such requirement in the bill. For example, one provider said the following: “[We are] not prepared to commit to voluntarily retain documents for any particular period of time pursuant to the proposed USA FREEDOM Act if not otherwise required by law.”
Now, one credulous journalist told me the other day that telecoms were refusing to speak to the Administration at all, which he presumably parroted from sources like Mitch. That’s funny, because not only did the telecom key to making the program work — Verizon — provide testimony to Congress (which is worth reviewing, because Verizon Associate General Counsel — and former FBI lawyer — Michael Woods pointed to precisely what the dragnet would encompass under Burr’s bill, including VOIP, peer-to-peer, and IP collection), but Senator Feinstein has repeatedly made clear the telecoms have agreed with the President to keep data for two years.
Furthermore, McConnell’s quotation of this line from a (surely highly classified letter) cannot be relied on. Verizon at first refused to retain data before it made its data handshake with the President. So when did this provider send this letter, and does their stance remain the same? Mitch doesn’t say, and given how many other misleading comments he made in his speech, it’s unwise to trust him on this point.
Most curiously, though, look at what they’re refusing to keep. Not phone data! But documents.
Both USA F-ReDux and Burr’s bill only protect messaging contents, not other kinds of content (and Burr’s excludes anything that might be Dialing, Routing Addressing and Signaling data from his definition of content, which is the definition John Bates adopted in 2010 to be able to permit NSA to resume collecting Internet metadata in bulk). Both include remote computing services (cloud services) among the providers envisioned to be included not just under the bill, but under the “Call Detail Record” provision.
Perhaps there’s some other connotation for this use of the word “documents.” Remember, I think the major target of data retention mandates is Apple, because Jim Comey wants iMessage data that would only be available from their cloud.
But documents? What the hell kind of “Call Detail Records” is Mitch planning on here?
One more thing is remarkable about this. Mitch is suggesting it will take longer for providers to comply with this system than it took them to comply with Protect America Act. Yahoo, for example, challenged its orders and immediately refused to comply on November 8, 2007. Yet, even in spite of challenging that order and appealing, Yahoo started complying with it on May 5, 2008, that same 180-time frame envisioned here. And virtually all of the major providers already have some kind of compliance mechanism in place, either through PRISM (Apple, Google, and Microsoft) or upstream 702 compliance (AT&T and Verizon).
At the end of a must-read article on how the people — whom it names — in charge of the CIA’s drone program are the same people who were in charge of the torture program, the NYT also reveals that Richard Burr joined Mike Rogers pressuring CIA to kill American citizen Mohanad Mahmoud Al Farekh — who recently got captured and charged in the US with material support for terrorism — be drone killed.
The Republican lawmakers, Senator Richard M. Burr of North Carolina and Representative Mike Rogers of Michigan, said during the closed sessions that the administration was being timid, and urged that [Mohanad Mahmoud Al] Farekh be hunted and killed.
Burr is, as he likes to point out, a relative of Aaron Burr, who killed Treasury Secretary Alexander Hamilton in a duel, a detail about which Burr reminded Treasury Secretary Jack Lew last year. It appears the Burr family no longer operates with the faux honor of dueling, but instead sits inside secret closets and demands CIA conduct assassination by remotely piloted drone.
And that’s why NYT’s decision to name names is so notable.
The C.I.A. asked that Mr. D’Andrea’s name and the names of some other top agency officials be withheld from this article, but The New York Times is publishing them because they have leadership roles in one of the government’s most significant paramilitary programs and their roles are known to foreign governments and many others.
The article names D’Andrea — the long-time head of CIA’s Counterterrorism Center, whom Gawker named last month but whom the WaPo continued to refer to under the pseudonym Roger last month, it named his replacement, Chris Wood, who has served in ALEC station and oversaw operations in Afghanistan and Pakistan, and it named the Operations Chief, Greg Vogel, who was Kabul Station Chief before leading the CIA’s paramilitary Special Activities Division.
These are the men who invite people like Rogers and Burr and Dianne Feinstein (who is a champion of D’Andrea) and their staffers to watch a monthly snuff film of drone operations and with it convince them that CIA should remain in charge of assassinations.
As the NYT notes in explaining why it was refusing to cede to John Brennan’s demand that the paper hide these identities, others know who they are. It’s just the public, those who pay their salaries and in whose name those assassinations are conducted, that didn’t know.
That, of course, prevents anyone — the family of Warren Weinstein, for example — from holding them to legal account.
But it also prevents us from holding Feinstein accountable when she shields the same people who oversaw the torture program she claims to abhor.
Perhaps the NYT’s decision to break the spell of false secrecy will demonstrate that these men’s identities were’t really secrets. They were rather just a vacuum of accountability.
In an article describing the current state of play on the Section 215 sunset, WaPo quotes Devin Nunes claiming that the poor maligned phone dragnet is just misunderstood. So he plans on having more briefings (curiously, just for the Republican caucus).
“NSA programs, including the bulk telephone metadata program, are crucial anti-terror and foreign intelligence tools that should be reauthorized,” said Rep. Devin Nunes (R-Calif.), chairman of the House Intelligence Committee.
He told reporters on Tuesday that he felt the program has been misunderstood and that he would hold classified briefings for the GOP caucus.
But I do think it worth noting two things.
First, Nunes’ decision to tell Republicans more, coming relatively soon after he took over the House Intelligence Chair from Mike Rogers, suggests that Mike Rogers was never fully forthcoming — not even in the secret briefings he gave in lieu of passing on Executive Branch explanations of the phone dragnet — about what it did.
But Nunes’ response is not to require the government to itself explain publicly what it’s really doing with the phone dragnet. But instead to hold classified briefings that often serve as a means to buy silence from those who attend.
In any case, that story you’ve been told for almost two years about how the phone dragnet identifies who is two degrees away from Osama bin Laden? Unsurprisingly, it’s nowhere near the full story.
[A]ssessments of the phone dragnet […] don’t even take the IC at its word in its other, quieter admissions of how it uses the dragnet (notably, in none of Stone’s five posts on the dragnet does he mention any of these — one, two, three, four,five — raising questions whether he ever learned or considered them). These uses include:
Corporate store: As the minimization procedures and a few FISC documents make clear, once the NSA has run a query, the results of that query are placed in a “corporate store,” a database of all previous query results.
ACLU’s Patrick Toomey has described this in depth, but the key takeaways are once data gets into the corporate store, NSA can use “the full range of SIGINT analytic tradecraft” on it, and none of that activity is audited.
NSA would have you believe very few Americans’ data gets into that corporate store, but even if the NSA treats queries it says it does, it could well be in the millions. Worse, if NSA doesn’t do what they say they do in removing high volume numbers like telemarketers, pizza joints, and cell voice mail numbers, literally everyone could be in the corporate store. As far as I’ve seen, the metrics measuring the phone dragnet only involve tips going out to FBI and not the gross number of Americans’ data going into the corporate store and therefore subject to “the full range of analytic tradecraft,” so we (and probably even the FISC) don’t know how many Americans get sucked into it. Worse, we don’t know what’s included in “the full range of SIGINT analytic tradecraft” (see this post for some of what they do with Internet metadata), but we should assume it includes the data mining the government says it’s not doing on the database itself.
The government doesn’t datamine phone records in the main dragnet database, but they’re legally permitted to datamine anyone’s phone records who has come within 3 degrees of separation from someone suspected of having ties to terrorism.
“Data integrity” analysis: As noted, the NSA claims that before analysts start doing more formal queries of the phone dragnet data, “data integrity” analysts standardize it and do something (it’s unclear whether they delete or just suppress) “high volume numbers.” They also — and the details on this are even sketchier — use this live data to develop algorithms. This has the possibility of significantly changing the dragnet and what it does; at the very least, it risks eliminating precisely the numbers that might be most valuable (as in the Boston Marathon case, where a pizza joint plays a central role in the Tsarnaev brothers’ activities). The auditing on this activity has varied over time, but Dianne Feinstein’s bill would eliminate it by statute. Without such oversight, data integrity analysts have in the past, moved chunks of data, disaggregated them from any identifying (collection date and source) information, and done … we don’t know what with it. So one question about the data integrity analyst position is how narrowly scoped the high volume numbers are (if it’s not narrow, then everyone’s in the corporate store); an even bigger is what they do with the data in often unaudited behavior before it’s place into the main database.
Informants: Then there’s the very specific, admitted use of the dragnet that no one besides me (as far as I know) has spoken about: to find potential informants. From thevery start of the FISC-approved program, the government maintained the dragnet “may help to discover individuals willing to become FBI assets,” and given that the government repeated that claim 3 years later, it does seem to have been used to find informants.
This is an example of a use that would support “connecting the dots” (as the program’s defenders all claim it does) but that could ruin the lives of people who have no tie to actual terrorists (aside from speaking on the phone to someone one or two degrees away from a suspected terror affiliate). The government has in the past told FISCR it might use FISA data to find evidence of other crimes — even rape — to coerce people to become informants, and in some cases, metadata (especially that in the corporate store, enhanced by “the full range of analytic tradecraft”) could pinpoint not just potential criminals, but people whose visa violations and extramarital affairs might make them amenable to narcing on the people in their mosque (with the additional side effect of building distrust within a worship community). There’s not all that much oversight over FBI’s use of informants in any case (aside from permitting us to learn that they’re letting their informants commit more and more crimes), so it’s pretty safe to assume no one is tracking the efficacy of the informants recruited using the powerful tools of the phone dragnet.
Index: Finally, there’s the NSA’s use of this metadata as a Dewey Decimal System (to useJames Clapper’s description) to pull already-collected content off the shelf to listen to — a use even alluded to in the NSA’s declarations in suits trying to shut down the dragnet.
Section 215 bulk telephony metadata complements other counterterrorist-related collection sources by serving as a significant enabler for NSA intelligence analysis. It assists the NSA in applying limited linguistic resources available to the counterterrorism mission against links that have the highest probability of connection to terrorist targets. Put another way, while Section 215 does not contain content, analysis of the Section 215 metadata can help the NSA prioritize for content analysis communications of non-U.S. persons which it acquires under other authorities. Such persons are of heightened interest if they are in a communication network with persons located in the U.S. Thus, Section 215 metadata can provide the means for steering and applying content analysis so that the U.S. Government gains the best possible understanding of terrorist target actions and intentions. [my emphasis]
Don’t get me wrong. Given how poorly the NSA has addressed its longterm failure to hire enough translators in target languages, I can understand how much easier it must be to pick what to read based on metadata analysis (though see my concerns, above, about whether the NSA’s assessment techniques are valid). But when the NSA says, “non-US persons” here, what they mean is “content collected by targeting non-US persons,” which includes a great deal of content of US persons.
Which is another way of saying the dragnet serves as an excuse to read US person content.
One former and one current high-ranking intelligence official (is that you Keith?) have gone to CNBC to complain that tech firms are showing reluctance to get more of their people security clearances.
U.S. government officials say privately they are frustrated that Silicon Valley technology firms are not obtaining U.S. security clearances for enough of their top executives, according to interviews with officials and executives in Washington and California. Those clearances would allow the government to talk freely with executives in a timely manner about intelligence they receive, hopefully helping to thwart the spread of a hack, or other security issues.
The lack of cooperation from Silicon Valley, Washington officials complain, injects friction into a process that everyone agrees is central to the fight to protect critical U.S. cyberinfrastructure: Real-time threat information sharing between government and the private sector.
The former intelligence official said dealing with Silicon Valley firms is much different than his experience in other industries—or with all American companies a generation ago. “It used to be, during World War II or the Cold War, that getting cooperation from boards of directors was pretty straightforward. That’s not true today, particularly at these huge start-ups that went from nothing to billions.”
It’s interesting that this complainer went to CNBC’s Eamon Javers, who covers the overlap between corporations and intelligence, rather than someone like Kim Zetter or Shane Harris, who just finished interesting books on cybersecurity. Because the only challenge to those DC insiders’ claims about the importance of information sharing comes from this anonymous executive’s suggestion that the intelligence they’d get from the government isn’t all that useful.
In Silicon Valley, however, cybersecurity executives have a different perspective on the tension. “I believe that this is more about the overclassification of information and the relatively low value that government cyberintel has for tech firms,” said one Silicon Valley executive. “Clearances are a pain to get, despite what government people think. Filling out the paper work … is a nightmare, and the investigation takes a ridiculous amount of time.”
More generally (including in each of their books), I think people are raising more questions about the value of information sharing. At a recent panel on cybersecurity (starting at 12:20) for example, a bunch of security experts seemed to agree that information sharing shouldn’t be the priority it is. Yahoo CISO Alex Stamos (who at the same conference had this awesome exchange with NSA Director Mike Rogers) argued that the government emphasizes information sharing because it’s easy — he’d rather see the government cancel just one F-35 and put the money into bug bounties for open source software.
Nevertheless, these sources have been granted anonymity to suggest tech companies are un-American because they’re not rushing to share more data with the federal government.
Not to mention, not rushing to sign up to have their lives regulated by the McCarthyite system of security clearances.
Because it’s not just that the security clearance application that is unwieldy. It’s that clearance comes with a gag order about certain issues, backed by the threat of prison (I forget whether it was Harris’ or Zetter’s book, but one describes a tech expert talking about that aspect of clearance).
Why would anyone sign up for that if the tech companies have more that the government wants than the government has that the tech companies need?
So it will be interesting to see how the security establishment respond to this. It would be a wonderful way to force the government fix some of the problems with overclassification to be able to obtain the cooperation of what are supposed to be private corporations.
There is an exception to every rule, standard operating procedure, and policy; it is up to leaders to determine when exceptions should be made and to explain why they made them.
— David Petraeus’ Rules for Living, as presented by Paula Broadwell as they were being caught in an FBI investigation
Predictably, Trey Gowdy has subpoenaed more information about Hillary Clinton’s email personal email revealed this week.
But it seems he also ought to call David Petraeus in for another chat about Benghazi in light of details in the former CIA Director’s plea deal.
That’s because the Plea Documents show that the investigation into Petraeus and Paula Broadwell intersects with the Benghazi investigation in ways that are even more interesting than was already clear. Consider what those two timelines look like when you add in the fact that Petraeus lied to the FBI about leaking information to his mistress on October 26, 2012, which has been updated from this post (note that contemporaneous reporting dated Petraeus’ FBI interview to October 29).
From the sex and leaking standpoint, the revised timeline is interesting because it shows Petraeus and Broadwell together at — of all places! — the annual celebration for old-style subterfuge, the OSS dinner, between the time Petraeus lied to the FBI and the time Broadwell was interviewed a second time.
But from a Benghazi perspective, it shows that on the same day Petraeus lied to the FBI, Paula Broadwell made the accusation that the attack was really about freeing militia members held at the CIA annex. The next day Petraeus and Broadwell hobnobbed together among the old style spooks. and then days later — even as an FBI whistleblower was forcing the investigation into the public, without which it might have been dropped — Petraeus went on a “fact-finding” mission to Cairo, in part to consult with some of the people involved in the Benghazi response.
Petraeus did a report on that trip, but Dianne Feinstein was complaining that her committee had not received a copy of it on November 12 (Petraeus was resisting, in part, because he no longer worked at CIA).
There’s no evidence that the House Intelligence Committee consulted Petraeus’ trip report when they did their report on the attack. (Indeed, the report shows remarkable lack of interest in Petraeus’ role altogether, in spite of the fact that he watched the later parts of the attack develop via the drone surveillance camera feed piped to the SCIF at his home.)
Did either of the Intelligence Committees ever get the report on the trip Petraeus did after he knew he was in trouble with the FBI, at a time when his ex-girlfriend was claiming the reason behind the attack was entirely different from what we’ve been told?
As I’ve noted, more than anyone else, current HPSCI Chair Devin Nunes showed significant interest in that claim about detainees, as reflected in the backup to a report that Mike Rogers made sure to get done before he left Nunes in charge. In response to his question (as well as some questions about arms-running) Nunes got non-denials denials.
In a related detail, in the earlier session Nunes also elicited a non-denial denial about detainees (and accusation first leveled by David Petraeus’ mistress Paula Broadwell), the other alleged reason for the attack on US entities in Benghazi.
Mr. Nunes: Okay. To the detainees, were there ever any detainees at either of these locations in the last year of any kind?
Mr. Morell: Not with regard to the CIA facility, sir.
Mr. Kennedy: And the State Department does not engage in detentions overseas.
Rather than just answering no, between them Morell and Kennedy carved out a space where it might be possible the CIA (or someone else, possibly JSOC) were holding detainees at the TMF or elsewhere in Benghazi.
Maybe Petraeus’ last minute trip to do a personal investigation of the aftermath of Benghazi — the results of which Petraeus resisted sharing with the Committees investigating the attack — is just a coinkydink.
But given the timing — and Petraeus’ sweetheart plea deal — it’d be nice if the Benghazi Committee asked a few more questions about that coinkydink. Continue reading
You’ve no doubt heard that, last Friday (a pre-holiday Friday, as some people are already on their way to Thanksgiving), the Benghazi scandal ended with a fizzle.
The House Intelligence Committee released its report on the Benghazi attack, which basically says all the scandal mongering has been wrong, that Susan Rice’s talking points came from the CIA, that no one held up any rescue attempts, and so on and so on. This post will attempt to lay out why that might have happened. The short version, however, is that the report reveals (but does not dwell on) a number of failures on the part of the CIA that should raise real concerns about Syria.
Note that not all Republicans were as polite as the ultimate report. Mike Rogers, Jeff Miller, Jack Conaway, and Peter King released an additional views report, making precisely the points you’d expect them to — though it takes them until the 4th summary bullet to claim that Administration officials “perpetuated an inaccurate story that matched the Administration’s misguided view that the United States was nearing victory over al-Qa’ida.” Democrats released their own report noting that “there was no AQ mastermind” and that “extremists who were already well-armed and well-trained took advantage of regional violence” to launch the attack. Among the Republicans who presumably supported the middle ground were firebrands like Michele Bachmann and Mike Pompeo, as well as rising Chair Devin Nunes (as you’ll see, Nunes was a lot more interested in what the hell CIA was doing in Benghazi than Rogers). The day after the initial release Rogers released a second statement defending — and pointing to the limits of and Additional Views on — his report.
Now consider what this report is and is not.
The report boasts about the 1000s of hours of work and 1000s of pages of intelligence review, as well as 20 committee events, interviews with “senior intelligence officials” and 8 security personnel (whom elsewhere the report calls “the eight surviving U.S. personnel”) who were among the eyewitnesses in Benghazi. But the bulk of the report is sourced to 10 interviews (the 8 security guys, plus the Benghazi and Tripoli CIA Chiefs), and a November 15, 2012 presentation by James Clapper, Mike Morell, Matt Olsen, and Patrick Kennedy. (Here are the slides from that briefing: part one, part two.) As I’ll show, this means some of the claims in this report are not sourced to the people who directly witnessed the events. And the reports sources almost nothing to David Petraeus, who was CIA Director at the time.
One of the best explanations for why this is such a tempered report may be that FBI performed better analysis of the cause of the attack than CIA did. This is somewhat clear from the summary (though buried as the 4th bullet):
There was no protest. The CIA only changed its initial assessment about a protest on September 24, 2012, when closed caption television footage became available on September 18, 2012 (two days after Ambassador Susan Rice spoke), and after the FBI began publishing its interviews with U.S. officials on the ground on September 22, 2012.
That is, one reason Susan Rice’s talking points said what they did is because CIA’s analytical reports still backed the claim there had been a protest outside State’s Temporary Mission Facility.
Moreover, in sustaining its judgment there had been a protest as long as it did, CIA was actually ignoring both a report from Tripoli dated September 14, and the assessment of the Chief of Station in Tripoli, who wrote the following to Mike Morell on September 15.
We lack any ground-truth information that protest actually occurred, specifically in the vicinity of the consulate and leading up to the attack. We therefore judge events unfolded in a much different manner than in Tunis, Cairo, Khartoum, and Sanaa, which appear to the the result of escalating mob violence.
In a statement for the record issued in April 2014, Mike Morell explained that Chiefs of Station “do not/not make analytic calls for the Agency.” But it’s not clear whether Morell explained why CIA appears to have ignored their own officer.
While the report doesn’t dwell on this fact, the implication is that the FBI was more successful at interviewing people on the ground — including CIA officers!! — to rebut a common assumption arising from public reporting. That’s a condemnation of CIA’s analytical process, not to mention a suggestion FBI is better at collecting information from humans than CIA is. But HPSCI doesn’t seem all that worried about these CIA failures in its core missions.
Or maybe CIA failed for some other reason. Continue reading
On Sunday I asked who was crying wolf — JP Morgan itself, or Mike Rogers — about the claimed JP Morgan attack that might not be a serious attack at all and had been attributed to Russia without yet proof of that.
So who should crawl out of his sinecure but Keith Alexander?
Keith Alexander, the NSA director from 2005 until last March, said he had no direct knowledge of the attack though it could have been backed by the Russian government in response to sanctions imposed by the U.S. and EU over the crisis in Ukraine.
“How would you shake the United States back? Attack a bank in cyberspace,” said Alexander, a retired U.S. Army general who has started his own cybersecurity company to sell services to U.S. banks. “If it was them, they just sent a real message: ‘You’re vulnerable.’”
The hackers who attacked JPMorgan, the biggest U.S. bank, were “a group with exceptional skills or a nation-state backed group,” Alexander said in an interview yesterday at Bloomberg’s Washington bureau.
“If you wanted to send a message, do you think that was significant enough for the U.S. government to say one of the best banks that we have from a cybersecurity perspective was infiltrated by somebody?” Alexander asked. “And if they could get in to do that, even if they never use it, they could get in and collapse it. Does that cause you concern?”
Note how Alexander admits he has no personal knowledge of the attack but then opines about the skills of the hackers and goes from there to hypothesize how this was a response from Russia?
So maybe it wasn’t JP Morgan or Mike Rogers crying wolf. It sure looks like Alexander is willingly feeding the poorly evidenced claims about this hack.
But don’t worry, Keith Alexander doesn’t have a conflict of interest at all.
Let me say straight out: Privacy and Civil Liberties Oversight Board member Rachel Brand is no slouch. She’s very smart and very accomplished.
All that said, I am rather intrigued by the way she consulted NSA General Counsel Raj De several times — as illustrated by these emails Jason Leopold liberated from PCLOB — as she worked on her dissent to the Democratic PCLOB members’ conclusion that the Section 215 dragnet is illegal.
On January 6, Brand emailed De. “Do you have a couple minutes to talk about a PCLOB matter today or tomorrow?” They scheduled some time to talk at midday the next day — though a request from Keith Alexander appears to have forced De to delay. Nevertheless, by 1:30 on January 7, it appears De and Brand spoke, because De forwarded two things: I Con the Record’s press release announcing the FISA Court had reauthorized the dragnet even after Judge Richard Leon ruled it unconstitutional (De makes no mention in his email, but the order had considered Leon’s ruling before reauthorizing the program), and the GPO transcript of Robert Mueller’s claim in a June 2013 House Judiciary Committee hearing that the dragnet would have prevented 9/11.
Ten days later, on January 17, Brand was emailing De again, after having seen each other that morning (that was the morning President Obama announced his own reforms to the dragnet, so it may have been in that context). She sent NSA’s General Counsel a paragraph, with one sentence highlighted, asking if it was accurate. He responded with “some suggestions for accuracy for your consideration … Feel free to give a call if you want to discuss, or would like more detail.”
Then, over that weekend, Brand and De exchanged the following emails:
Saturday, January 18, 12:31: Brand sends “the current draft of my separate statement” stating she wants “to be sure there is nothing factually or legally inaccurate in it;” she says it is currently 5 pages and tells De she needs to give PCLOB Chair David Medine the final by Sunday night
Saturday, January 18, 2:11: De responds, “happy to”
Sunday, January 19, 10:51: De responds, saying, “not that you need or want my validation, but for what’s [sic] it is worth it really reads quite well.” De then provides 3 “additional factual details” which “might fit in if you wanted to use them;” those bullets are redacted
Sunday, January 19, 3:47: Brand replies, stating that Beth (Elisebeth Collins Cook, the other Republican on PCLOB) “explicitly makes the first two in her separate statement” and that she’s “trying to keep this short, so have to forego making every available point”