Posts

Robert Litt and Mike Rogers KNOW Congress Hasn’t Ratified the Phone Dragnet

WaPo has a biting profile of Robert Litt, ODNI’s General Counsel who made one more failed attempt to rationalize James Clapper’s lies to Congress last week.

One of the most newsworthy bits is that WaPo published the name of Alfreda Frances Bikowsky, the analyst who got Khaled el-Masri kidnapped and tortured by mistake, for the first time.

A far more subtle but equally important detail comes in its description of why House Intelligence Chair Mike Rogers banned Litt from appearing before the Committee last summer.

Some lawmakers have found Litt’s manner off-putting at best. Rogers, the chairman of the House Intelligence Committee, made clear to the DNI’s office last summer that Litt was no longer welcome before his panel.

“The committee has not found Bob to be the most effective witness to explain complex legal and policy issues,” said a U.S. government official familiar with the falling-out. Rogers was also bothered that Litt faulted the committee for not doing more to share information about the surveillance programs with other members, unaware that doing so would have violated committee rules. [my emphasis]

For what it’s worth, I suspect Rogers is not worried as much about Litt’s honesty (Rogers hasn’t objected to James Clapper or Keith Alexander’s lies, for example, and has himself been a key participant in sustaining them), but rather, for his usual candor and abrasiveness, which the article also shows inspiring members of Congress to want to repeal the dragnet. Litt couches his answers in legalese, but unlike most IC witnesses, you can often parse it to discern where the outlines of truth are.

But I am acutely interested that Litt blames Rogers for not “doing more to share information about the surveillance programs with other members.”

That refers, of course, to Rogers’ failure to make the Administration’s notice on the phone dragnet available to members in 2011, before the PATRIOT Reauthorization. As a result of that, 65 Congressmen voted to reauthorize the PATRIOT Act without full notice (perhaps any formal notice) of the phone dragnet — a sufficiently large block to make the difference in the vote. In spite of that fact, the Administration and even FISA Judges have repeatedly pointed to Congress’ reauthorization of the phone dragnet to explain why it’s legal even though it so obviously exceeds the intent of the Section 215 as passed.

Apparently Litt blames Rogers for that. And doing so got him banished from the Committee.

Frankly, Litt is right in this dispute. Rogers’ excuse that committee rules prevented him from sharing the letter the Administration stated they wanted to be shared with the rest of Congress rings hollow, given that just one year earlier, Silvestre Reyes did make the previous letter available. If committee rules prevent such a thing, they are Rogers’ committee rules, and they were fairly new at the time. (Ironically, by imposing those rules, Rogers prevented members of his own party, elected with strong Tea Party backing, from learning about intelligence programs, though he may have just imposed the rules to increase the value of his own special access.)

So it is Rogers’ fault the Administration should not be able to claim Congress ratified the FISA Court’s expansive understanding of Section 215.

And Rogers and Litt’s spat about it make it clear they both know the significance of it: claims of legislative ratification fail because Congress did not, in fact, know what they were voting on, at least in 2011.

Unsurprisingly, that has not prevented the Administration from making that claim. Litt himself made a variety of it before PCLOB in November, months after he had this fight with Rogers.

[NSA General Counsel Raj] DE: So in other words, and some of this is obviously known to you all but just to make sure members of the public are aware, not only was this program approved by the Foreign Intelligence Surveillance Court every 90 days, it was twice, the particular provision was twice re-authorized by Congress with full information from the Executive Branch about the use of the provision.

[snip]

MR. LITT: I just want to add one very brief comment to Raj’s in terms of the extent to which Congress was kept informed. By statute we’re required to provide copies of significant opinion and decisions of the FISC to the Intelligence and Judiciary Committees of both Houses of Congress and they got the materials relating to this program, as we were required to by law.

Now, Litt’s intejection here is particularly interesting. He doesn’t correct De. He shifts the claim somewhat, to rely on Judiciary and Intelligence Committee notice. But even there, his claim fails, given that the Administration did not provide all relevant opinions to those Committees until after the first dragnet reauthorization in 2010. Litt probably thinks that’s okay because he didn’t qualify when Congress got the materials.

But it’s still a blatant lie, according to the public record.

More significantly, the Administration repeated that lie to both the FISC and, more significantly still, the 3 Article III Judges presiding over challenges to the dragnet generally.

The Administration keeps running around, telling everyone who is obligated to listen that Congress has ratified their expansive interpretation of the phone dragnet. It’s not true. And the fact that Litt and Rogers fought — way back in the summer — over who is responsible makes it clear they know it’s not true.

But they still keep saying it.

Is PCLOB Holding Out for EO 12,333 Information?

As you know, I’ve been tracking the way President Obama seems to want to game the various legislative and review group recommendations with his own.

Which is why I’m interested in this anonymous complaint, from someone in the White House, that PCLOB has not yet released its report.

Before making his final decisions, the president was supposed to receive a separate report from a semi-independent commission known as the Privacy and Civil Liberties Oversight Board, which was created by Congress. However, that panel’s report has been delayed without explanation until at least late January, meaning it won’t reach the president until after he makes his decisions public.

Members of that oversight board met with the president on Wednesday and have briefed other administration officials on some of their preliminary findings. In a statement, the five-member panel said its meeting with the Mr. Obama focused on the NSA phone collection program and the Foreign Intelligence Surveillance Court, which oversees the data sweeps.

It’s unclear why the president will announce his recommendations before receiving the report from the privacy and civil liberties board. One official familiar with the review process said some White House officials were puzzled by the board’s delay. The report would still be available to Congress, where legislators are grappling with several bills aimed at dismantling or preserving the NSA’s authority. [my emphasis]

The complaint is interesting not just because it betrays some consternation that the White House won’t be able to control the timing on all of this.

Last we heard from PCLOB on November 4, they said publicly that that report would focus on just Section 215 and 702 programs, the two programs the Administration has been trying to provide a limited hangout on since June (though in their Semi-Annual Report from November 3, they also said they were focusing on 12333 guidelines).

But different board members were also focusing on EO 12333 activities. PCLOB Chair David Medine asked about the theft of Google and Yahoo data off their fiber in Europe; Patricia Wald asked whether EO 12333 guidelines legally governed the dissemination of Section 215 data even if the FISC imposed more stringent guidelines; Medine asked whether searches of the corporate store (phone dragnet query results) are governed by EO 12333; and James Dempsey asked what governs the back door searches of data collected under EO 12333.

PCLOB board members clearly get that they can’t understand the NSA’s activities without understanding what goes on under EO 12333. Yet on one occasion (in response to the Google and Yahoo question), NSA’s General Counsel Raj De tried to defer any answer because it was not a Section 215 or 702 question.

MR. DE: Even by the terms of the article itself there is no connection to the 702 or 215 programs that we are here to discuss. I would suggest though that any implication which seemed to be made in some of the press coverage of this issue that NSA uses Executive Order 12333 to undermine, or circumvent or get around the Foreign Intelligence Surveillance Act is simply inaccurate.

Later, Dempsey asked ODNI’s General Counsel Robert Litt when PCLOB was going to get the guidelines NSA used for “other types of collection,” meaning that collected under EO 12333.

MR. DEMPSEY: We have asked about, in fact months ago, several months ago we asked about guidelines for other types of collection, and where do we stand on getting feedback on that? Because you said 18, for example, is the minimization provisions for collection outside the United States, and that’s pretty old. Where do we stand on looking at how that data is treated?

MR. LITT: I think we’re setting up a briefing for you on that. I believe we’re setting up a briefing for you on that. We did lose a few weeks.

MR. DEMPSEY: No, I understand. I was wondering if you could go beyond saying we’re setting up a briefing.

MR. LITT: Well, I mean we’re in the process of reviewing and updating guidelines for all agencies under 12333. It’s an arduous process. You know, it’s something that we’ve been working on for some time and we’re continuing to work on it.

They’re referring to a letter PCLOB sent back in August about outdated guidelines limiting the dissemination of US person data, a James Clapper response a month later promising and a follow-up 10 days later, on October 3,  reminding PCLOB had asked for a briefing and updates on agencies’ EO 12333 procedures.

And a month later, PCLOB still had not gotten either the briefing or the written description of where agencies were.

During that entire time, it was becoming more and more clear that the NSA might be moving programs overseas (and therefore under EO 12333) that had been governed by FISA. If that is happening, it’s a matter of significant concern.

Reports on Obama’s review say he wants to roll out reforms that might cover any disclosures to come.

Obama is expected to deliver a national address announcing a set of intelligence-gathering changes. His aim is to set in place guidelines that will convince critics he is serious about reform and that will withstand future disclosures.

[snip]

“The bulk of the work on this is the policy review, not reacting to what the next story is,” said another senior administration official, who requested anonymity to discuss the internal deliberations. “We don’t know what the next thing will be, and we do have to deal with what comes next. But getting the policy right is what’s important so that as new things come, we’ve addressed the core of it.

I’m of the opinion that the disclosures to come will continue to focus attention on what the NSA does under EO 12333.

So is that what’s holding up PCLOB?

In Naming Its Man of the Year, Time Proves It Doesn’t Even READ the News

I’m probably fairly lonely among my crowd to be satisfied that Time picked Pope Francis over Edward Snowden to be Person of the Year. Not only do I prefer that the focus remain on the reporting on NSA than revert back to caricatures like Time creates of Snowden as a “Dark Prophet” reading Dostoevsky. The Pope’s criticism of — above all — inequality may have as much or more impact on people around the globe as Snowden’s criticism of the surveillance state.

Would that both the Catholic Church and the United States live up to the idealist claims they purport to espouse.

But reading the profile Time did of Snowden, I can’t help but suspect they picked the Pope out of either fear or ignorance about what Snowden actually revealed. Consider this paragraph, which introduces a section on the lies NSA has told.

The NSA, for its part, has always prided itself on being different from the intelligence services of authoritarian regimes, and it has long collected far less information on Americans than it could. The programs Snowden revealed in U.S. ­surveillance agencies, at least since the 1970s, are subject to a strict, regularly audited system of checks and balances and a complex set of rules that restrict the circumstances under which the data gathered on Americans can be reviewed. As a general rule, a court order is still expected to review the content of American phone calls and e-mail ­messages. Unclassified talking points sent home with NSA employees for Thanksgiving put it this way: “The NSA performs its mission the right way—­lawful, compliant and in a way that protects civil liberties and privacy.” Indeed, none of the Snowden disclosures published to date have revealed any ongoing programs that clearly violate current law, at least in a way that any court has so far identified. Parts of all three branches of government had been briefed and had given their approval.

It’s full of bullshit. There’s the claim that NSA collects far less on Americans than it could. Does that account for the fact that, in the Internet dragnet and upstream collection programs, it collected far more than it was authorized to? Those same programs prove that surveillance can go on for (in the case of the Internet dragnet) 5 years before anyone realizes it has been violating the law — not exactly the definition of a regularly audited system. And, with its claim that “all three branches of government have been briefed,” Time must have missed Dianne Feinstein’s admission that the stunning sweep of the programs conducted under EO 12333 (which also collect US person data) don’t get close scrutiny from her committee (and none from the FISA Court).

But this claim most pisses me off:

As a general rule, a court order is still expected to review the content of American phone calls and e-mail ­messages.

Journalistic outlet Time must have missed where NSA’s General Counsel Raj De, in a public hearing, testified that NSA doesn’t even need Reasonable Articulable Suspicion — much less a court order — to read the content of Americans’ data collected incidentally under the FISA Amendment Act’s broad sweep, to say nothing of the even greater collection of data swept up under 12333. To support this demonstrably false claim, Time then points to the similarly false talking points the NSA sent home at Thanksgiving. It points to the NSA’s talking points just two paragraphs before Time lays out how often NSA has lied, both describing the government as actively misleading…

At the time Snowden went public, the American people had not just been kept in the dark; they had actively been misled about the actions of their government.

And then describing the specific lies of Keith Alexander and James Clapper.

The NSA lies, and lies often. But Time points to the NSA’s own lies to support its bad reporting.

At the same time, Time dances around the many things the US does that make us less secure. For example, it gives credence to the nonsense claim that Snowden singlehandedly prevented us from pressuring China into stopping hacking of us.

While in Hong Kong, Snowden gave an interview and documents to the South China Morning Post describing NSA spying on Chinese universities, a disclosure that frustrated American attempts to embarrass China into reducing its industrial-espionage efforts against U.S. firms.

This repeats the anachronistic claims and silence about US cyberwar that Kurt Eichenwald made in Newsweek.

And Time says Bullrun — a program that involves inserting vulnerabilities into code — “decodes encrypted messages to defeat network security,” which also minimizes the dangerous implications of NSA’s hacking.

If Time had actually read the news, rather than wax romantic about Russian literature, it might report that NSA in fact does collect vast amounts of and can the read incidentally collected content of most Americans. It might describe the several times NSA has been found to be violating the law, for years at a time. It might explain that many of these programs, because they operate solely under the President’s authority, might never get court review without Snowden’s leaks. And Time might bother to tell readers that, in some ways at least, the NSA makes us less safe because it prioritizes offensive cyberattacks (and not just on China) over keeping American networks safe.

As I said, I could have been happy about either a Pope Francis or an Edward Snowden selection. But as it is, Time might better call their scheme “Caricature of the Year,” because at least in their Snowden profile, they’re not actually presenting the news.

DiFi Fake FISA Fix Explicitly Allows Contractors to Conduct Suspicionless Searches on US Person Data

The Senate Intelligence Committee has released its report on DiFi’s Fake FISA Fix. The report makes it clearer than ever that this is not at all an improvement, but rather an attempt to use the Snowden leaks as an opportunity to make the spying programs explicitly worse, which I’ll explain at more length later.

Just as an example, however, take a look at what they do with back door searches. As I explained here, the bill describes new reporting for a tiny fraction of back door searches, those that search on a US identifier as content, presumably to trick people in thinking that does anything for the vast majority of back door searches on US identifiers as metadata (DiFi’s staffers all but admitted that, anonymously, here). Thus, it provides new reports for a tiny fraction of this practice, while endorsing the vast majority of such searches — and the far more intrusive ones — to go on with no reporting requirements. And since I laid that out, NSA General Counsel Raj De and DNI General Counsel Robert Litt made it clear that NSA does not currently require even Reasonable Articulable Suspicion to search any content collected incidentally.

Here’s what the report adds to that, explicitly.

The Committee believes that, to the greatest extent practicable, all queries conducted to the authorities established under this section should be performed by Federal employees. Nonetheless, the Committee acknowledges that it may be necessary in some cases to use contractors to perform such queries. By using the term “government personnel” the Committee does not intend to prohibit such contractor use.

The NSA just had a contractor walk off with unbelievable amounts of data.

And the Senate Intelligence Committee’s response to that is to explicitly give contractors the authority to conduct suspicionless searches through vast quantity of data to access and read the content of US person data, with no reporting requirements.

I guess when they named this the “intelligence” committee they were just making an elaborate joke.

(Note: Snoopdidoo had some more observations on the report in comments to this thread.)

Was Adel Daoud Targeted Off of a Back Door Search of Traditional FISA Collection?

Daoud Adel is a 20-year old US citizen from suburban Chicago who was charged last year in an FBI sting in which he allegedly tried to set off a car bomb outside a night club. Last year, during the debate on FISA Amendments Act reauthorization, Dianne Feinstein named his case directly, suggesting he had been busted using the legislation before the Senate. His legal team first demanded the FAA material she suggested existed back in May. And in September, they requested discovery for materials relating to FAA.

The government, however, strongly suggests none of the communications used to charge him were collected under FAA. It even suggests he misunderstands the meaning of DiFi’s comment.

Any discovery based on the FAA is unwarranted here because the FAA is simply not at issue in this case. As the Government explained in a previous filing, it “does not intend to use any such evidence obtained or derived from FAA-authorized surveillance in the course of this prosecution.” (DE 49, at 2).

[snip]

The defendant’s claim that the Government should disclose “the nature of the FAA surveillance in this case even, for instance[,] Defendant’s communications themselves were not intercepted” is perplexing. (DE 52, at 15 n.11). If Daoud’s communications were not intercepted, or his facilities not targeted, he would not be aggrieved and have no basis to challenge the collection. The Government sees no legal relevance to his broad discovery request.

Moreover, the defendant has also made multiple claims, in this motion and others, based on his interpretation of a single public remark. While the Government appreciates the defendant’s position in litigating FISA-related matters, it offers that the defendant may misunderstand this public remark, which is not a revelation that has any legal implication.

[snip]

As the Government has explained, this case singularly involves “traditional” FISA surveillance. [my emphasis]

Soapbox Orator’s comments in response to one of my posts on back door searches led me to examine the government’s response closely and I now suspect Daoud may have been identified using a back door search on traditional FISA collection.

Much of this debate centers on comments DiFi made on December 27, 2012, which seemed to suggest the 8 cases she named involved FAA.  But those comments were in response to comments Ron Wyden had just made. In that speech Wyden described (among other problems with FAA) back door searches.

The fact is, once the government has this pile of communications, which contains an unknown but potentially very large number of Americans’ phone calls and e-mails, there are surprisingly few rules about what can be done with it.

For example, there is nothing in the law that prevents government officials from going to that pile of communications and deliberately searching for the phone calls or e-mails of a specific American, even if they do not have any actual evidence that the American is involved in some kind of wrongdoing, some kind of nefarious activity.

Read more

The Leahy-Sensenbrenner Language on Back Door Searches Improves But Doesn’t Eliminate the Back Door

As the top Intelligence Community lawyers have made clear, the IC maintains it can search US person data incidentally collected under Section 702 without any suspicion, as well as for the purposes of making algorithms, cracking encryption, and to protect property.

The Leahy-Sensenbrenner bill tries to rein in this problem. And its fix is far better than what we’ve got now. But it almost certainly won’t fix the underlying problem.

Here’s what the law would do to the “Limitations” section of Section 702. The underlined language is new.

(b) Limitations

(1) IN GENERAL.—An acquisition

(A) may not intentionally target any person known at the time of acquisition to be located in the United States;

(B) may not intentionally target a person reasonably believed to be located outside the United States if a significant purpose of such acquisition is to target a particular, known person reasonably believed to be in the United States;

(C) may not intentionally target a United States person reasonably believed to be located outside the United States;

(D) may not intentionally acquire any communication as to which the sender and all intended recipients are known at the time of the acquisition to be located in the United States; and

(E) shall be conducted in a manner consistent with the fourth amendment to the Constitution of the United States.

(2) CLARIFICATION ON PROHIBITION ON SEARCHING OF COLLECTIONS OF COMMUNICATIONS OF UNITED STATES PERSONS.—

(A) IN GENERAL.—Except as provided in subparagraph (B), no officer or employee of the United States may conduct a search of a collection of communications acquired under this section in an effort to find communications of a particular United States person (other than a corporation).

Read more

The Intelligence Community’s Wide Open, Unprotected Back Door to All Your Content

PCLOB has posted the transcript from the first part of its hearing on Monday. So I want to return to the issue I raised here: both Director of National Intelligence General Counsel Robert Litt and NSA General Counsel Raj De admit that there are almost no limits on Intelligence Community searches of incidentally collection US person data (we know that FBI, NSA, and CIA have this authority, and I suspect National Counterterrorism Center does as well).

This discussion starts when PCLOB Chair David Medine asks whether the IC would consider getting a warrant before searching on incidentally collected data.

MR. MEDINE: And so turning to the protections for U.S. persons, as I understand it under the 702 program when you may target a non-U.S. person overseas you may capture communications where a U.S. person in the United States is on the other end of the communication. Would you be open to a warrant requirement for searching that data when your focus is on the U.S. person on the theory that they would be entitled to Fourth Amendment rights for the search of information about that U.S. person?

MR. DE: Do you want me to take this?

MR. LITT: Thanks, Raj. Raj is always easy, he raises his hands for all the easy ones.

MR. DE: I can speak for NSA but this obviously has implications beyond just NSA as well.

MR. LITT: I think that’s really an unusual and extraordinary step to take with respect to information that has been lawfully required.

I mean I started out as a prosecutor. There were all sorts of circumstances in which information is lawfully acquired that relates to persons who are not the subject of investigations. You can be overheard on a Title III wiretap, you can overheard on a Title I FISA wiretap. Somebody’s computer can be seized and there may be information about you on it.

The general rule and premise has been that information that’s lawfully acquired can be used by the government in the proper exercise of authorities.

Now we do have rules that limit our ability to collect, retain and disseminate information about U.S. persons. Those rules, as know, are fairly detailed. But generally speaking, we can’t do that except for foreign intelligence purposes, or when there’s evidence of a crime, or so on and so forth. But what we can’t do under Section 702 is go out and affirmatively use the collection authority for the purpose of getting information about U.S. persons. Once we have that information I don’t think it makes sense to say, you know, a year later if something comes up we need to go back and get a warrant to search that information. [my emphasis]

Litt compares finding incidental information on a laptop, presumably seized using a warrant, with searching for incidental information on a digital collection that includes very few limits on specificity. Remember, NSA can and has claimed a targeted “facility” may mean all the Internet traffic from a particular country or at least a region of a country. This is petabytes of data obtained with a directive, not gigabytes obtained with a specific warrant.

Read more

DOJ Did Not Fulfill Legally Required Disclosure on Section 215 to Congress Until After PATRIOT Reauthorization

In the Guardian’s superb summary of the importance of the NSA leaks, Zoe Lofgren challenges the claims that Congress has received all the documents NSA claims it has gotten.

I do serve on the Judiciary Committee and various statements have been made that the Judiciary Committee members were told about all of this and those statements are untrue, not the facts, we have not been provided the documents that the Agency said that we were.

In a Privacy and Civil Liberties Oversight Board today, NSA General Counsel Raj De and ODNI General Counsel Robert Litt both repeated such claims (these are from my notes on twitter; I’ll check my transcription later). De said that Section 215 “had all indicia of official legitimacy” which in part came because it was “twice reauthorized by Congress with full information from exec.” And Litt said they are “by statute required to provide copies [of FISC documents] to both houses. They got materials relating to this [Section 215] program.”

Obviously, we know De is wrong, and he must know it, because a sufficiently large block of Congressmen never had the opportunity to read the Executive’s official notice to make the difference in the 2011 reauthorization. His statement is a clear lie.

But I’m just as interested in Litt’s claim (which would rely on notice to the Judiciary and Intelligence Committees).

This most recent I Con dump provides some evidence that illuminates Lofgen’s implicit dispute of Litt’s claims. Remember this paragraph, which is one of the most specific claims about what notice the Administration gave to Congress about using Section 215 to authorize the phone dragnet.

Moreover, in early 2007, the Department of Justice began providing all significant FISC pleadings and orders related to this [Section 215] program to the Senate and House Intelligence and Judiciary committees. By December 2008, all four committees had received the initial application and primary order authorizing the telephony metadata collection. Thereafter, all pleadings and orders reflecting significant legal developments regarding the program were produced to all four committees.

As I noted in this post, the specific language (in bold) regarding the first, May 2006, authorization of the phone dragnet at least suggested, in this context, there wasn’t an opinion at all, as did a lot more evidence. But recent reporting strongly suggests there was (see this post where I argue this is likely the phone dragnet opinion).

Government lawyers have told the ACLU that they are withholding at least two significant FISC opinions — one from 2008 and one from 2010 — relating to the Patriot Act’s Section 215, or “business records” provision.

This would seem to indicate that Congress was not provided the original 2006 opinion (as distinct from the application and primary order) “by December 2008.”

With that mind, consider this document released by the I Con, an August 16, 2010 memo from Office of Legislative Affairs Assistant Attorney General Ronald Weich to the Chairs of the Judiciary and Intelligence Committees.

Pursuant to section 1871 of United States Code Title 50, we are providing the Committees with copies of the remaining decisions, orders, or opinions issued by the Foreign Intelligence Surveillance Court, and pleadings, applications, or memoranda of law associated therewith, that contain significant constructions or interpretations of any provision of FISA during the five-year period ending July 10, 2008. See 50 U.S.C. § 1871(c)(2). We have provided similar materials for the same time period. 

Now remember, while ODNI made a big show of releasing these documents, they released them as part of the ACLU’s FOIA for documents on Section 215 and all the documents released pertain to Section 215. I Con describes the memo as referring to “several documents to the Congressional Intelligence and Judiciary Committees relating to NSA collection of bulk telephony metadata under Section 501 of the FISA, as amended by Section 215 of the USA PATRIOT Act,” confirming they pertain to Section 215.

The Patriot Act was reauthorized in February 2010.

At a minimum, this suggests the White Paper provided in August may have been highly misleading. When it said “Thereafter, all pleadings and orders reflecting significant legal developments regarding the program were produced to all four committees,” it did not mean that by December 2008, the four oversight committees had all the significant opinions in hand. Even assuming the Weich brief was correct, which Lofgren’s comment suggests it might not be, they didn’t get around to handing over opinions pertaining to Section 215 going back to July 10, 2003 until August 2010. That period — July 10, 2003 to July 10, 2008 — would cover both the July 2004 Colleen Kollar-Kotelly opinion authorizing using the Pen Register/Trap and Trace to collect Internet metadata, and the May 2006 opinion authorizing the phone dragnet. While we don’t know that the Kollar-Kotelly opinion was withheld until 2010, the language of the White Paper (which suggests the opinion itself was not provided) strongly suggests the May 2006 one was.

The law requiring such disclosure, 50 U.S.C. § 1871(c)(2), was part of the FISA Amendments Act, so had been in place for a full year by the time the PATRIOT Act reauthorization got started, yet DOJ didn’t get around to complying with it until 2 years after the law passed. And the law specifically requires disclosure of both the PR/T&T and the Section 215 authorities.

The possibility that DOJ did not turn over the original phone dragnet opinion is utterly damning given David Kris’ suggestion that the initial approval of the phone dragnet — the 2006 opinion — may have been erroneous.

More broadly, it is important to consider the context in which the FISA Court initially approved the bulk collection. Unverified media reports (discussed above) state that bulk telephony metadata collection was occurring before May 2006; even if that is not the case, perhaps such collection could have occurred at that time based on voluntary cooperation from the telecommunications providers. If so, the practical question before the FISC in 2006 was not whether the collection should occur, but whether it should occur under judicial standards and supervision, or unilaterally under the authority of the Executive Branch.

[snip]

The briefings and other historical evidence raise the question whether Congress’s repeated reauthorization of the tangible things provision effectively incorporates the FISC’s interpretation of the law, at least as to the authorized scope of collection, such that even if it had been erroneous when first issued, it is now—by definition—correct.

David Kris at least entertains the possibility that the original May 2006 opinion was “erroneous,” but points to Congress’ reauthorization of the PATRIOT Act to claim it had incorporated FISC’s interpretation of the law.

But now we know that DOJ did not provide all of FISC’s significant opinions pertaining to Section 215 to the key oversight committees until August 16, 2010, over two years after they were obligated to do so — and the plain language of the White Paper strongly suggests that DOJ did not provide the key May 2006 opinion to the oversight committees.

This doesn’t yet prove that DOJ withheld the May 2006 opinion that Kris suggests might be “erroneous” until after Congress reauthorized the PATRIOT Act. But it strongly suggests that is the case.

Update: PATRIOT Act Reauthorization line moved per Anonster’s suggestion.

Update: Added the language I Con used to describe the documents handed over in August 2010.