Posts

The Odd Projection by the Steele Dosser’s Claimed Alfa Bank Source

Way back in March 2017, I noted that there was a clear feedback loop behind the Steele dossier. As part of that post, I noted how weird the single report on Alfa Bank in the dossier was. Rather than writing damning information about Trump — which was the entire point of the dossier — it instead described the relationship between Putin and a guy named Oleg Govorun, who the dossier claimed worked for Alfa in the 1990s (that date was wrong but not the affiliation).

Consider report 112, dated September 14. It pertains to “Kremlin-Alpha Group Cooperation.” It doesn’t have much point in a dossier aiming to hurt Trump. None of his associates nor the Russian DNC hack are mentioned. It does suggest that that Alfa Group had a “bag carrier … to deliver large amounts of illicit cash to” Putin when he was Deputy Mayor of St. Petersburg, though describes the current relationship as “both carrot and stick,” relying in part on kompromat pertaining to Putin’s activities while Deputy Mayor. It makes no allegations of current bribery, though says mutual leverage helps Putin “do his political bidding.”

As I said, there’s no point to have that Alfa Bank passage in a dossier on Trump. But it does serve, in its disclosure, to add a data point (albeit not a very interesting one) to the Alfa Server story that (we now know) FBI was already reviewing but which hadn’t been pitched to the press yet. In Corn’s piece, he mentions the Alfa Bank story but not the report on Putin’s ties to it. It may be in there because someone — perhaps already in possession of the Alfa Bank allegations — asked Steele to lay out more about Alfa’s ties with Putin.

Here’s one reason that’s interesting, though. Even aside from all the other reasons the Alfa story is dodgy, it was deliberately packaged for press consumption. Rather than the at least 19 servers that Trump’s spam email was pinging, it revealed just two: Alfa Bank and Spectrum Health (the latter of which got spun, anachronistically, as a DeVos organization that thus had to be tight with Trump). Which is to say, the Alfa story was dodgy and packaged by yet unknown people.

Even though the report didn’t say anything really damning about current Alfa bank personnel, the oligarchs who own the bank have nevertheless engaged in protracted lawfare that seems set on ruining those behind the dossier. As part of the lawsuit against Fusion GPS, the Alfa oligarchs recently submitted declarations from the presumed sources of Igor Danchenko, Steele’s primary subsource. (And yes, two of these declarations claim to be Subsource 4, in both English and Russian.)

Subsource 1: Sergey Vladimirovich Abyshev

Subsource 2: Ivan Mikhailovich Vorontsov

Subsource 3: Olga Aleksandrovna Galkina

Subsource 4: Alexey Sergeyevich Dundich

Subsource 4: Ivan Ivanovich Kurilla

Subsource 5: Lyudmila Nikolayevna Podobedova

With the exception of Galkina, all of these purported subsources state that they have not read the dossier except for the Alfa Bank report, and then assert that they were not a source for the dossier. For example, this is how Dundich disclaimed being a source for the dossier as a whole, which he is sure is low-quality, while admitting he only read one report from it.

I am aware of the Steele Dossier (“Dossier”), but I have never read it save for Company Intelligence Report 112 (“CIR 112”).

[snip]

In contrast to what Mr. Danchenko told U.S. authorities, I was not a “source” of information for the Dossier. I never gave Mr. Danchenko (or anyone else) any information associated with the contents of the Dossier, including CIR 112, Mr. Fridman, Mr. Aven, Mr. Khan, or Alfa. I believe that Mr. Danchenko framed me as Sub-Source 4 to add credibility to his low-quality work, which is not based on real information or in-depth analysis.

Even Galkina, who stated that she had read the dossier when it was published by BuzzFeed, issues a non-denial denial, stating only that when she traveled to the US in 2016 she and Danchenko did not discuss anything about the dossier (the FBI interviewed her in August 2017, which she doesn’t mention here, and she does travel to the States, so she’d be at risk of prosecution if she said anything conflicting with her prior statements or material known to have been obtained from her via FISA 702).

Mr. Danchenko and I met once in 2016. In connection with my job at Servers.com, I traveled to the United States in the spring of 2016 to participate in the Game Developers Conference event and investigate the prospects of running a public relations campaign for the company in the United States. I asked Mr. Danchenko to assist those efforts, and he introduced me to a third party, Charles Dolan, whom he thought could help. Mr. Danchenko and I did not discuss anything related to the Dossier or its contents during this meeting.

But she doesn’t describe her communications with Danchenko via phone and text, which is how Danchenko said he got some of the most important stories sourced to her. And a later denial in her declaration seems to be a (poorly translated) denial limited to providing information specific to the Alfa Bank materials, not a denial of providing other information in it.

I did not provide Mr. Danchenko (or anyone else) with any information mentioned in the Dossier and that was connected to Mr. Fridman, Mr. Aven, Mr. Khan, or Alfa. I believe that Mr. Danchenko identified me as Sub-Source 3 to create more authoritativeness for his work.

In short, none of these declarations could be denials they provided Danchenko information in the dossier, because the one person who has actually read it doesn’t deny she did provide information (that said, her information was some of the most likely to be deliberate disinformation).

These declarations, then, don’t do what a filing attempting to use them to force Danchenko to set for a deposition claims they do, making general denials of being a source for the dossier.

Even more importantly, Mr. Danchenko’s claimed sub-sources have now denied, under penalty of perjury, providing Mr. Danchenko with information related to the contents of the dossier generally or with respect to CIR 112 and Plaintiffs specifically.7

Galkina’s the only one who’d be able to make such a denial, and she doesn’t do so in her declaration.

But I find Abyshev’s denials of interest for other reasons. He admits that he and Vorontsov met with Danchenko on June 15, 2016 and claims that Danchenko got very drunk (earlier he claimed that Danchenko had a drinking problem for a year or two after the compilation of the dossier).

I met with Mr. Danchenko once in 2016, the year that, as I understand, the Dossier was prepared. On June 15, 2016, Mr. Danchenko, Ivan Vorontsov, and I met in Moscow. I recall that Mr. Danchenko appeared very intoxicated and was not able to maintain a conversation. During the meeting, I spoke with Mr. Vorontsov about investments and finance. I do not recall any conversation related to the contents of the Dossier, including allegations related to CIR 112, Mr. Fridman, Mr. Aven, Mr. Khan, or Alfa. This was my last meeting with Mr. Danchenko.

He further admits that Danchenko raised Alfa on a phone call with him at some time that year, but claims he told Danchenko the subject was inappropriate and he should go find out the answers to the question himself.

On one occasion, during a phone call in 2016, Mr. Danchenko asked me how close Mr. Fridman is to President Putin and whether Mr. Fridman had met with President Putin in 2016. I did not respond to Mr. Danchenko’s questions. Instead, I made it clear that the questions were inappropriate and that Mr. Danchenko should seek out answers to them himself.

This denial comes on top of Abyshev’s more general denial about being a source for the report in question.

Contrary to what Mr. Danchenko told U.S. authorities, I was not a “source” of the Dossier. I never provided Mr. Danchenko (or anyone else) with any information related to the contents of the Dossier, including CIR 112, Mr. Fridman, Mr. Aven, Mr. Khan, or Alfa.

On this point, Abyshev’s denial is the only one that is really pertinent, because he’s the only one that Danchenko mentioned in his FBI interview in conjunction with this report (the FBI interviewed Danchenko two more times after this, but those interviews must not be helpful for Trump, because Republicans have never demanded those reports be declassified).

While Danchenko seems to suggest that Source 1, Abyshev, was involved in this story, he doesn’t actually say that. Instead, he explained that he had been working on this story for ten years and that Source 1 had provided him other information on corruption unrelated to Alfa.

That’s interesting, not least because Vorontsov actually said that if you wanted information about the oligarchs running Alfa, you’d look outside of Russia (probably London).

I do not believe that Mr. Danchenko asked anyone inside Russia about Mr. Fridman, Mr. Aven, or Mr. Khan. If Mr. Danchenko were interested in those individuals, he would have sought information from people living outside Russia who would have greater knowledge of Mr. Fridman, Mr. Aven, and Mr. Khan.

In Vorontsov’s opinion, this is the part of the dossier for which Danchenko wouldn’t need a source in Russia.

Here’s where things get interesting. Like everyone save Galkina, Abyshev says the only part of the dossier he read was the Alfa Bank report.

I am aware of the so-called Steele Dossier (“Dossier”), but I have never read it save for the Russian translation of Company Intelligence Report 112 (“CIR 112”), which raises various allegations about Mikhail Fridman, Petr Aven, German Khan, and Alfa.

Having not read the dossier, however, Abyshev claims that Danchenko’s job was to substantiate stories his clients want him to tell.

My understanding of Mr. Danchenko’s information-gathering process is that he first receives a story from his clients that he then must substantiate in any manner possible

This actually conflicts with Danchenko’s FBI interview, at least part of which Abyshev claims to have read, in which he says he tried to find information on Paul Manafort but failed to find much.

More interesting still, Abyshev offers up this explanation for what Danchenko was doing.

I infer from my interactions with Mr. Danchenko, from that 2016 telephone conversation, and from the content of what was ultimately published in CIR 112, that Mr. Danchenko had a working theory regarding the relationship between Alfa and its shareholders on the one hand, and President Putin on the other, and that Mr. Danchenko was fishing for information that would fit that preconceived narrative.

I believe it is likely that someone ensured that CIR 112 was included in the Dossier in an effort to persuade U.S. authorities to sanction Mr. Fridman, Mr. Aven, Mr. Khan, and Alfa.

I find that interesting — first, because decades old allegations of corruption would not substantiate a sanctions designation. Abyshev’s claims make no sense given the content that ended up in the report.

More interesting still is how closely Abyshev’s claims match Petr Aven’s testimony to Mueller’s team about how Putin pressured him to try to set up a back channel with Trump’s team during the transition by warning that Alfa would be sanctioned in the aftermath of the 2016 election.

Aven told the Office that he is one of approximately 50 wealthy Russian businessmen who regularly meet with Putin in the Kremlin; these 50 men are often referred to as “oligarchs.”977 Aven told the Office that he met on a quarterly basis with Putin, including in the fourth quarter (Q4) of 2016, shortly after the U.S. presidential election.978 Aven said that he took these meetings seriously and understood that any suggestions or critiques that Putin made during these meetings were implicit directives, and that there would be consequences for A ven if he did not follow through.979 As was typical, the 2016 Q4 meeting with Putin was preceded by a preparatory meeting with Putin’s chief of staff, Anton Vaino.980

According to Aven, at his Q4 2016 one-on-one meeting with Putin,981 Putin raised the prospect that the United States would impose additional sanctions on Russian interests, including sanctions against Aven and/or Alfa-Bank.982 Putin suggested that Aven needed to take steps to protect himself and Alfa-Bank.983 Aven also testified that Putin spoke of the difficulty faced by the Russian government in getting in touch with the incoming Trump Administration.984 According to Aven, Putin indicated that he did not know with whom formally to speak and generally did not know the people around the President-Elect.985

Aven [grand jury redaction] told Putin he would take steps to protect himself and the Alfa-Bank shareholders from potential sanctions, and one of those steps would be to try to reach out to the incoming Administration to establish a line of communication.986

[snip]

In December 2016, weeks after the one-on-one meeting with Putin described in Volume I, Section IV.B.1.b, supra, Petr Aven attended what he described as a separate “all-hands” oligarch meeting between Putin and Russia’s most prominent businessmen. 1167 As in Aven’s one-on-one meeting, a main topic of discussion at the oligarch meeting in December 2016 was the prospect of forthcoming U.S. economic sanctions. 1168

After the December 2016 all-hands meeting, Aven tried to establish a connection to the Trump team. Aven instructed Richard Burt to make contact with the incoming Trump Administration. Burt was on the board of directors for LetterOne (L 1 ), another company headed by Aven, and had done work for Alfa-Bank. 1169 Burt had previously served as U.S. ambassador to Germany and Assistant Secretary of State for European and Canadian Affairs, and one of his primary roles with Alfa-Bank and Ll was to facilitate introductions to business contacts in the United States and other Western countries. 1170

I’ve always believed the Trump Tower server story to be an elaborate disinformation effort, which had the added benefit of drawing attention to Erik Prince but not the things that Prince was doing that were key to the Russian operation (his communications about which were done via garden variety encrypted apps). I likewise always believed that Aven’s testimony might explain why Russia would craft such disinformation: not only to distract from the things that Prince and others really were doing, but to present a way to recruit Alfa’s oligarchs more centrally into Russia’s efforts to push back on sanctions, as oligarchs who weren’t as western-focused had long been.

Here, a filing in a lawsuit attempting to make maximal advantage of whatever success Russia had feeding an old nemesis of theirs disinformation as part of the larger 2016 operation makes the same argument that (according to Aven’s own testimony) Putin made to Aven, only insinuating that the argument would have come from Danchenko, not a Russian disinformation source.

Abyshev is, in addition to Danchenko’s source on the pee tape (at that meeting where Abyshev says Danchenko was badly drunk), also someone Danchenko understood to have close ties to Russian intelligence who appears to have known of Danchenko’s tie to Steele.

The Dragnet Donald Trump Will Wield Is Not Just the Section 215 One

I’ve been eagerly anticipating the moment Rick Perlstein uses his historical work on Nixon to analyze Trump. Today, he doesn’t disappoint, calling Trump more paranoid than Nixon, warning of what Trump will do with the powerful surveillance machine laying ready for his use.

Revenge is a narcotic, and Trump of all people will be in need of a regular, ongoing fix. Ordering his people to abuse the surveillance state to harass and destroy his enemies will offer the quickest and most satisfying kick he can get. The tragedy, as James Madison could have told us, is that the good stuff is now lying around everywhere, just waiting for the next aspiring dictator to cop.

But along the way, Perlstein presents a bizarre picture of what happened to the Section 215 phone dragnet under Barack Obama.

That’s not to say that Obama hasn’t abused his powers: Just ask the journalists at the Associated Press whose phone records were subpoenaed by the Justice Department. But had he wanted to go further in spying on his enemies, there are few checks in place to stop him. In the very first ruling on the National Security Administration’s sweeping collection of “bulk metadata,” federal judge Richard Leon blasted the surveillance as downright Orwellian. “I cannot imagine a more ‘indiscriminate’ and ‘arbitrary’ invasion than this collection and retention of personal data,” he ruled. “Surely, such a program infringes on ‘that degree of privacy’ that the founders enshrined in the Fourth Amendment.”

But the judge’s outrage did nothing to stop the surveillance: In 2015, an appeals court remanded the case back to district court, and the NSA’s massive surveillance apparatus—soon to be under the command of President Trump—remains fully operational. The potential of the system, as former NSA official William Binney has described it, is nothing short of “turnkey totalitarianism.”

There are several things wrong with this.

First, neither Richard Leon nor any other judge has reviewed the NSA’s “sweeping collection of ‘bulk metadata.'” What Leon reviewed — in Larry Klayman’s lawsuit challenging the collection of phone metadata authorized by Section 215 revealed by Edward Snowden — was just a small fraction of NSA’s dragnet. In 2013, the collection of phone metadata authorized by Section 215 collected domestic and international phone records from domestic producers, but even there, Verizon had found a way to exclude collection of its cell records.

But NSA collected phone records — indeed, many of the very same phone records, as they collected a great deal of international records — overseas as well. In addition, NSA collected a great deal of Internet metadata records, as well as financial and anything else records. Basically, anything the NSA can collect “overseas” (which is interpreted liberally) it does, and because of the way modern communications works, those records include a significant portion of the metadata of Americans’ everyday communications.

It is important for people to understand that the focus on Section 215 was an artificial creation, a limited hangout, an absolutely brilliant strategy (well done, Bob Litt, who has now moved off to retirement) to get activists to focus on one small part of the dragnet that had limitations anyway and NSA had already considered amending. It succeeded in pre-empting a discussion of just what the full dragnet entailed.

Assessments of whether Edward Snowden is a traitor or a saint always miss this, when they say they’d be happy if Snowden had just exposed the Section 215 program. Snowden didn’t want the focus to be on just that little corner of the dragnet. He wanted to expose the full dragnet, but Litt and others succeeded in pretending the Section 215 dragnet was the dragnet, and also pretending that Snowden’s other disclosures weren’t just as intrusive on Americans.

Anyway, another place where Perlstein is wrong is in suggesting there was just one Appeals Court decision. The far more important one is the authorized by Gerard Lynch in the Second Circuit, which ruled that Section 215 was not lawfully authorized. It was a far more modest decision, as it did not reach constitutional questions. But Lynch better understood that the principle involved more than phone records; what really scared him was the mixing of financial records with phone records, which is actually what the dragnet really is.

That ruling, on top of better understanding the import of dragnets, is important because it is one of the things that led to the passage of USA Freedom Act, a law that, contrary to Perlstein’s claim, did change the phone dragnet, both for good and ill.

The USA Freedom Act, by imposing limitations on how broadly dragnet orders (for communications but not for financial and other dragnets) can be targeted, adds a check at the beginning of the process. It means only people 2 degrees away from a terrorism suspect will be collected under this program (even while the NSA continues to collect in bulk under EO 12333). So the government will have in its possession far fewer phone records collected under Section 215 (but it will still suck in massive amounts of phone records via EO 12333, including massive amounts of Americans’ records).

All that said, Section 215 now draws from a larger collection of records. It now includes the Verizon cell records not included under the old Section 215 dragnet, as well as some universe of metadata records deemed to be fair game under a loose definition of “phone company.” At a minimum, it probably includes iMessage, WhatsApp, and Skype metadata, but I would bet the government is trying to get Signal and other messaging metadata (note, Signal metadata cannot be collected retroactively; it’s unclear whether it can be collected with standing daily prospective orders). This means the Section 215 collection will be more effective in finding all the people who are 2 degrees from a target (because it will include any communications that exist solely in Verizon cell or iMessage networks, as well as whatever other metadata they’re collecting). But it also means far more innocent people will be impacted.

To understand why that’s important, it’s important to understand what purpose all this metadata collection serves.

It was never the case that the collection of metadata, however intrusive, was the end goal of the process. Sure, identifying someone’s communications shows when you’ve been to an abortion clinic or when you’re conducting an affair.

But the dragnet (the one that includes limited Section 215 collection and EO 12333 collection limited only by technology, not law) actually serves two other primary purposes.

The first is to enable the creation of dossiers with the click of a few keys. Because the NSA is sitting on so much metadata — not just phone records, but Internet, financial, travel, location, and other data — it can put together a snapshot of your life as soon as they begin to correlate all the identifiers that make up your identity. One advantage of the new kind of collection under USAF, I suspect, is it will draw from the more certain correlations you give to your communications providers, rather than relying more heavily on algorithmic analysis of bulk data. Facebook knows with certainty what email address and phone number tie to your Facebook account, whereas the NSA’s algorithms only guess that with (this is an educated guess) ~95+% accuracy.

This creation of dossiers is the same kind of analysis Facebook does, but instead of selling you plane tickets the goal is government scrutiny of your life.

The Section 215 orders long included explicit permission to subject identifiers found via 2-degree collection to all the analytical tools of the NSA. That means, for any person — complicit or innocent — identified via Section 215, the NSA can start to glue together the pieces of dossier it already has in its possession. While not an exact analogue, you might think of collection under Section 215 as a nomination to be on the equivalent of J Edgar Hoover’s old subversives list. Only, poor J Edgar mostly kept his list on index cards. Now, the list of those the government wants to have a network analysis and dossier on is kept in massive server farms and compiled using supercomputers.

Note, the Section 215 collection is still limited to terrorism suspects — that was an important win in the USA Freedom fight — but the EO 12333 collection, with whatever limits on nominating US persons, is not. Plus, it will be trivial for Trump to expand the definition of terrorist; the groundwork is already being laid to do so with Black Lives Matter.

The other purpose of the dragnet is to identify which content the NSA will invest the time and energy into reading. Most content collected is not read in real time. But Americans’ communications with a terrorism suspect will probably be, because of the concern that those Americans might be plotting a domestic plot. The same is almost certainly true of, say, Chinese-Americans conversing with scientists in China, because of a concern they might be trading US secrets. Likewise it is almost certainly true of Iranian-Americans talking with government officials, because of a concern they might be dealing in nuclear dual use items. The choice to prioritize Americans makes sense from a national security perspective, but it also means certain kinds of people — Muslim immigrants, Chinese-Americans, Iranian-Americans — will be far more likely to have their communications read without a warrant than whitebread America, even if those whitebread Americans have ties to (say) NeoNazi groups.

Of course, none of this undermines Perlstein’s ultimate categorization, as voiced by Bill Binney, who created this system only to see the privacy protections he believed necessary get wiped away: the dragnet — both that authorized by USAF and that governed by EO 12333 — creates the structure for turnkey totalitarianism, especially as more and more data becomes available to NSA under EO 12333 collection rules.

But it is important to understand Obama’s history with this dragnet. Because while Obama did tweak the dragnet, two facts about it remain. First, while there are more protections built in on the domestic collection authorized by Section 215, that came with an expansion of the universe of people that will be affected by it, which must have the effect of “nominating” more people to be on this late day “Subversives” list.

Obama also, in PPD-28, “limited” bulk collection to a series of purposes. That sounds nice, but the purposes are so broad, they would permit bulk collection in any area of the world, and once you’ve collected in bulk, it is trivial to then call up that data under a more broad foreign intelligence purpose. In any case, Trump will almost certainly disavow PPD-28.

Which makes Perlstein’s larger point all the more sobering. J Edgar and Richard Nixon were out of control. But the dragnet Trump will inherit is far more powerful.

Guy Who Worked at White House When It Self-Authorized Dragnet Thinks Dragnets Are Cool

Eleven judges from the DC Circuit denied Larry Klayman’s request to overturn the stay that a panel put on Richard Leon’s injunction against the dragnet today.

Of those 11 judges, just one decided to weigh in on the legality of the dragnet Leon had ruled unconstitutional: Brett Kavanaugh. In doing so, he laid out a condensed version of the Special Needs search used by dragnet boosters.

I vote to deny plaintiffs’ emergency petition for rehearing en banc. I do so because, in my view, the Government’s metadata collection program is entirely consistent with the Fourth Amendment. Therefore, plaintiffs cannot show a likelihood of success on the merits of their claim, and this Court was right to stay the District Court’s injunction against the Government’s program.

[snip]

Even if the bulk collection of telephony metadata constitutes a search, cf. United States v. Jones, 132 S. Ct. 945, 954-57 (2012) (Sotomayor, J., concurring), the Fourth Amendment does not bar all searches and seizures. It bars only unreasonable searches and seizures. And the Government’s metadata collection program readily qualifies as reasonable under the Supreme Court’s case law. The Fourth Amendment allows governmental searches and seizures without individualized suspicion when the Government demonstrates a sufficient “special need” – that is, a need beyond the normal need for law enforcement – that outweighs the intrusion on individual liberty.

[snip]

The Government’s program for bulk collection of telephony metadata serves a critically important special need – preventing terrorist attacks on the United States. See THE 9/11 COMMISSION REPORT (2004). In my view, that critical national security need outweighs the impact on privacy occasioned by this program.

Kavanaugh, of course, served as a White House lawyer and as Staff Secretary during the period when George Bush kept self-authorizing such a dragnet. While there’s no reason to believe he was involved in the dubious theories used to justify Stellar Wind (which were largely a version of this Special Needs argument), he may well have been consulted — as he apparently was on detainee treatment, though he claimed not to have been during his confirmation. He may also have seen the paperwork authorizing the program.

No doubt Kavanaugh would espouse this view whether or not he had worked for a guy who might face real legal trouble if this theory didn’t hold sway. But as people cite from this language in the future, they should remember that of all the judges who reviewed this decision, only Kavanaugh had this kind of personal tie to the dragnet. And only Kavanaugh saw fit to weigh in.

The Government’s Bad Faith Arguments Demanding a Dragnet Stay

As expected, the government requested an immediate stay of Richard Leon’s decision yesterday to enjoin the dragnet from collecting JJ Little’s phone records.

Their argument is noteworthy for its stubbornness — reasserting many of the same arguments Leon just ruled against — and logical inconsistency. The brief claims, for example, that termination of the dragnet would cause the government irreparable harm, even while suggesting that it’s possible they’ve stopped collecting data from Verizon Business Network Services, which they’ve just claimed would cause irreparable harm.

But the brief also argues that the only way to comply with the injunction is to shut down the entire dragnet.

As the Government Defendants have explained, however, the only practicable way for the NSA to comply with the Court’s preliminary injunction is immediately to cease all collection and queries of telephony metadata under the Section 215 program—that is, to shut the program down. That is so because the technical steps required in order to prevent the further collection of and to segregate the metadata associated with particular persons’ calls would take the NSA months to complete. Gov’t Defs.’ Opp. to Pls.’ Renewed Mot. for a Prelim. Inj. (ECF No. 150) (“Gov’t PI Opp.”) at 41-44, citing Potter Decl. (Gov’t PI Opp. Exh. 4) ¶¶ 20-27.

That’s not actually what the Potter declaration the discussion cites to says. Potter says there is a way to make Little’s records inaccessible — though it claims implausibly that it would take two weeks to accomplish.

With respect to a requirement that the NSA cease analytic access to any records about plaintiffs’ calls that may already have been collected under the Program, NSA has developed a process that can be used to prevent analytic access to metadata containing specified identifiers. This capability prevents the use of particular identifiers to conduct queries, and prevents analysts from accessing records containing those identifiers even if responsive to queries using different identifiers. NSA technical personnel estimate that eliminating analytic access to metadata associated with plaintiffs’ calls could be completed within approximately 2 weeks after receipt of the plaintiffs’ telephone numbers and the time-frames during which they were used.

This is the defeat list process I’ve discussed repeatedly, by which high volume numbers (like Verizon’s voice mail number and pizza joints) and other sensitive numbers (likely including Congress’ official numbers as well as informants) are made inaccessible to querying.

Consider me skeptical that it really takes 2 weeks to put something on a defeat list, as not doing so makes queries unusable. If it took 2 weeks, then the dragnet would frequently return crap for 2 weeks as techs tried to stay ahead of the defeat list numbers.

There’s one more thing that yesterday’s brief and the underlying declaration make clear though: The government is collecting records off telecom backbones, not off any billing system (contrary to what some reports still claim).

That’s true because the only way that the government wouldn’t be sure that Little’s records were collected under an order to VBNS is if they weren’t getting actual subscribers information. Moreover, Little’s records still show up on AT&T’s compliance, too (anytime his calls transit their backbone, not to mention any time he calls someone who uses AT&T).

That, of course, means that Larry Klayman and everyone else in the United States has standing if the Fourth Amendment injury comes with collection — because everyone’s records transit the major telecom backbones of the country. But the government has been claiming all this time they can’t be sure that’s the case.

The government will get their stay, and they will moot this decision (if not overturn it) at the end of the month. But not before engaging in some serious bad faith in claims to the court.

Richard Leon Halts the Dragnet for One Plaintiff

Judge Richard Leon has just issued an injunction on the NSA’s collection of the phone metadata of J.J. Little and his lawfirm. Little got added as a plaintiff to Larry Klayman’s suit (in which Leon earlier found the program unconstitutional but stayed his own injunction) so as to have a Verizon Business Services customer who could be certain his phone records had been collected.

The order will undoubtedly set off a bit of a scramble, not because pulling Little’s phone records really presents any difficulty for the NSA (they already defeat list so many records it’s clear they have the ability to at least make those records inaccessible to a search, though they don’t want to explain the full application of that process; hopefully this ruling will lead to more candor on this point). Rather, the NSA will want to ensure this program has constitutional sanction because it also collects so many other records of Americans (in his book, for example, Charlie Savage confirmed my earlier analysis that the Internet dragnet moved, in part, overseas rather than being shut down). And the DC Circuit is likely to respond to quickly override Leon.

That said, Leon’s order is most interesting for its analysis of the government’s claim it can carry out this program because of a Special Need. In it, he repeats efficacy arguments he made in his earlier ruling: rather than present any new evidence that the program has been useful, it has instead just said the threat environment requires it. But he also notes that this special need, unlike that of, say, a TSA check, does not have a deterrence effect. That’s interesting because the government’s own secrecy about how many calls are collected would make any deterrence uncertain (indeed, terrorists might be expected to move communications to the Internet, believing falsely that attracts less attention).

As I said, the DC Circuit is likely to overturn this. But it will give the government a few days of headaches until that point.

Delusional DOJ Claims Documents Declassified, Released Under FOIA Not Declassified, Not Authentic

Screen Shot 2015-08-28 at 11.22.34 AM
Back in March, NYT’s Charlie Savage sued to get the NSA to respond to a FOIA request asking for “copies of — and declassification review of, as necessary” a bunch of things, including IG reports on “bulk phone records collection activities under Section 215 of the PATRIOT Act.”

In late August, they delivered an installment of their response to that suit to him including a series of IG Reports on the 215 program. Among other things, the FOIA response included an August 2, 2010 letter to FISC Judge John Bates referring to a compliance violation in Docket BR 10-10 (the order is dated February 26, 2010). In referring to the caption of that docket (and the caption redactions in other dockets are consistent in size), it named Verizon Wireless.

As I pointed out at the time, this provides Larry Klayman and other Verizon Wireless subscribers challenging the phone dragnet basis to establish standing to sue. While in the Klayman suit, Judge Richard Leon invited Klayman just to add a plaintiff who subscribed to Verizon Business Services, in Northern CA, EFF requested the 9th Circuit take judicial notice of the document.

So now DOJ has gone a bit batshit. (Josh Gerstein first reported on this here.) It mocks that EFF head Cindy Cohn “apparently believes” it fair to conclude Verizon Wireless took part in the phone dragnet because of a reference to “a company name that includes the term ‘Verizon Wireless’ in the caption of a purported FISC filing” that happens to govern the entire phone dragnet. It suggests the accuracy of the document DOJ gave to Savage can be reasonably questioned, apparently disputing its own FOIA response to Savage. And it bitches that EFF “does not contend that this document was declassified,” even though it was given to Savage pursuant to his request for “declassification review [] as necessary.”

In short, in an effort to argue the document doesn’t say what it says (which may, I admit, not mean what it says, but such is the wackiness of the secret FISA Court and the secret phone dragnet), DOJ is saying that DOJ didn’t provide Charlie Savage authentic, declassified documents like he sued to get. DOJ uses words like “purported” to describe DOJ’s own FOIA response.

I mean, I’ll grant you, those of us outside DOJ often doubt the accuracy of their FOIA responses to us. But usually DOJ at least pretends they’re giving us authentic documents.

DOJ Threatens to Invoke State Secrets Over Something Released in FOIA

Screen Shot 2015-08-28 at 11.22.34 AM
In a hearing today, Judge Richard Leon said that Larry Klayman could pursue his dragnet challenge by adding a plaintiff who did business with Verizon Business Services. But as part of Klayman’s effort, he noted — weakly — that evidence got released showing Verizon Wireless was included in the dragnet. Klayman cited just the Charlie Savage article, not the document released under FOIA showing VZ Wireless on a FISC caption (though I presume his underlying 49 page exhibit includes the actual report — just not necessarily with the passage in question highlighted).

It was disclosed on August 12, 2015 by Charlie Savage of The New York Times that Verizon Wireless, as this Court had already ruled in its Order of December 16, 2013, at all material times was conducting and continuing to conduct unconstitutional and illegal dragnet “almost Orwellian” surveillance on Plaintiffs and millions of other American citizens. See Exhibit 1, which is a Government document evidencing this, incorporated herein by reference, and see Exhibit 2, the New York Times article.

Moreover, Klayman surely overstated what the inclusion of VZ Wireless in a phone dragnet Primary Order caption from 2010 showed. Which probably explains why DOJ said “The government has not admitted in any way, shape, or form that Verizon Wireless participated” in the Section 215 phone dragnet, according to Devlin Barrett.

The point is, they should have to explain why it is that, according to a document they’ve released, VZ Wireless was targeted under the program. Perhaps we’ll get that in Northern California, where EFF very competently pointed to what evidence there was.

Which is why the government’s threat to invoke state secrets was so interesting.

The Court should avoid discovery or other proceedings that would unnecessarily implicate classified national-security information, and the potential need to assert and resolve a claim of the state secrets privilege: Plaintiffs’ proposed amendments, in particular their new allegations regarding the asserted participation of Verizon Wireless in the Section 215 program, implicate matters of a classified nature. The Government has acknowledged that the program involves collection of data from multiple telecommunications service providers, and that VBNS (allegedly the Little Plaintiffs’ provider) was the recipient of a now-expired April 25, 2013, FISC Secondary Order. But otherwise the identities of the carriers participating in the program, now, or at any other time, remain classified for reasons of national security. See Klayman, 2015 WL 5058403, at *6 (Williams, S.J.).

At this time the Government Defendants do not believe that it would be necessary to assert the state secrets privilege to respond to a motion by Plaintiffs for expedited injunctive relief that is based on the allegations of the Little Plaintiffs, or even the proposed new allegations (and exhibit) regarding Verizon Wireless. Nor should it be necessary to permit discovery into matters that would risk or require the disclosure of classified national-security information and thus precipitate the need to assert the state secrets privilege. Nevertheless, if Plaintiffs were permitted to seek discovery on the question of whether Verizon Wireless is now or ever has been a participating provider in the Section 215 program, the discovery sought could call for the disclosure of classified national-security information, in which case the Government would have to consider whether to assert the state secrets privilege over that information.

As the Supreme Court has advised, the state secrets privilege “is not to be lightly invoked.” United States v. Reynolds, 345 U.S. 1, 7 (1953). “To invoke the . . . privilege, a formal claim of privilege must be lodged by the head of the department which has control over the matter after actual personal consideration by that officer.” Id. at 7-8. To defend an assertion of the privilege in court also requires the personal approval of the Attorney General. Policies and Procedures Governing Invocation of the State Secrets Privilege at 1-3, http://www.justice.gov/opa/documents/state-secret-privileges.pdf. The Government should not be forced to make so important a decision as whether or not to assert the state secrets privilege in circumstances where the challenged program is winding down and will end in a matter of weeks. Moreover, discovery into national-security information should be unnecessary to the extent the standing of the newly added Little Plaintiffs, and the appropriateness of injunctive relief, may be litigated without resort to such information.

If, however, discovery into national-security information is permitted, the Government must be allowed sufficient time to give the decision whether to assert the state secrets privilege the serious consideration it requires. And if a decision to assert the privilege is made, the Government must also be given adequate time to prepare the senior-level declarations and other materials needed to support the claim of privilege, to ensure that the national security interests at stake are appropriately protected. See, e.g., Mohamed v. Jeppesen Dataplan, Inc., 614 F.3d 1070, 1077, 1090 (9th Cir. 2009).

I think it’s quite possible that VZW was not turning over phone records under the Section 215 program in 2010 (which is quite another matter than suggesting NSA was not obtaining a great deal, if not most, of VZW phone records generally). I believe it quite likely NSA obtained some VZW records under Section 215 during the 2010 period.

But I also believe explaining the distinctions between those issues would be very illuminating.

Meanwhile, the threat of stalling, with all the attendant rigamarole, served to scare Leon — he wants this to move quickly as badly as Klayman does. After all, Leon will have much less ability to issue a ruling that will stand after November 28, when the current dragnet dies.

We shall see what happens in CA when DOJ attempts to make a similar argument.

Government Recently Released Information Proving Larry Klayman Has Standing

Screen Shot 2015-08-28 at 11.22.34 AM

As I noted, the DC Circuit Court reversed Judge Richard Leon’s injunction against the phone dragnet. The judges disagreed on whether Larry Klayman had standing — because he is a Verizon Wireless but not Verizon landline subscriber, which had been the only thing confirmed by the government. All agreed he had not shown he had the high certainty of standing required to uphold an injunction against the program. But the per curium opinion did agree that the case has not been mooted, because by immediately restarting the bulk program after the passage of USA F-ReDux, the government showed that the harm could recur.

That’s important, because information proving that Klayman does have standing has recently been released in an official (albeit probably inadvertent) release.

Part of the IG Reports on the phone dragnet Charlie Savage obtained by suing shows that — at least in 2010 — the Primary Order for the phone dragnet went to AT&T, Sprint, Verizon’s subsidiaries (the former MCI part of Verizon’s business, which I believe is its backbone), and “Cellco Partnership d/b/a Verizon Wireless.”

I’ll say more about what I think this really means in a later post — and why I think the suit against bulk surveillance needs to be, and can be, tweaked somewhat to ensure standing.

But for the moment, know that for at least one 90 day period in 2010, Verizon Wireless as well as Verizon’s landline was ordered to turn over phone records.

The Section 215 Rap Sheet

Marco Rubio, who is running for President as an authoritarian, claims that “There is not a single documented case of abuse of this program.”

He’s not alone. One after another defender of the dragnet make such claims. FBI witnesses who were asked specifically about abuses in 2011 claimed FBI did not know of any abuses (even though FBI Director Robert Mueller had had to justify FBI’s use of the program to get it turned back on after abuses discovered in 2009).

Comment — Russ Feingold said that Section 215 authorities have been abused. How does the FBI respond to that accusation?

A — To the FBI’s knowledge, those authorities have not been abused.

Though Section 215 boosters tend to get sort of squishy on their vocabulary, changing language about whether this was illegal, unconstitutional, or abusive.

Here’s what we actually know about the abuses, illegality, and unconstitutionality of Section 215, both the phone dragnet program and Section 215 more generally.

Judges

First, here’s what judges have said about the program:

1) The phone dragnet has been reapproved around 41 times by at least 17 different FISC judges

The government points to this detail as justification for the program. It’s worth noting, however, that FISC didn’t get around to writing an opinion assessing the program legally until 10 judges and 34 orders in.  Since Snowden exposed the program, the FISC appears to have made a concerted effort to have new judges sign off on each new opinion.

2) Three Article III courts have upheld the program:

Judges William Pauley and Lynn Winmill upheld the constitutionality of the program (but did not asses the legality of it); though Pauley was reversed on statutory, not constitutional grounds. Judge Jeffrey Miller upheld the use of Section 215 evidence against Basaaly Moalin on constitutional grounds.

3) One Article III court — Judge Richard Leon in Klayman v. Obama — found the program unconstitutional.

4) The Second Circuit (along with PCLOB, including retired Circuit Court judge Patricia Wald, though they’re not a court), found the program not authorized by statute.

The latter decision, of course, is thus far the binding one. And the 2nd Circuit has suggested that if it has to consider the program on constitution grounds, it might well find it unconstitutional as well.

Statutory abuses

1) As DOJ’s IG confirmed yesterday, for most of the life of the phone dragnet (September 2006 through November 2013), the FBI flouted a mandate imposed by Congress in 2006 to adopt Section 215-specific minimization procedures that would give Americans additional protections under the provision (note–this affects all Section 215 programs, not just the phone dragnet). While, after a few years, FISC started imposing its own minimization procedures and reporting requirements (and rejected proposed minimization procedures in 2010), it nevertheless kept approving Section 215 orders.

In other words, in addition to being illegal (per the 2nd Circuit), the program also violated this part of the law for 7 years.

2) Along with all the violations of minimization procedures imposed by FISC discovered in 2009, the NSA admitted that it had been tracking roughly 3,000 presumed US persons against data collected under Section 215 without first certifying that they weren’t targeted on the basis of First Amendment protected activities, as required by the statute.

Between 24 May 2006 and 2 February 2009, NSA Homeland Mission Coordinators (HMCs) or their predecessors concluded that approximately 3,000 domestic telephone identifiers reported to Intelligence Community agencies satisfied the RAS standard and could be used as seed identifiers. However, at the time these domestic telephone identifiers were designated as RAS-approved, NSA’s OGC had not reviewed and approved their use as “seeds” as required by the Court’s Orders. NSA remedied this compliance incident by re-designating all such telephone identifiers as non RAS-approved for use as seed identifiers in early February 2009. NSA verified that although some of the 3,000 domestic identifiers generated alerts as a result of the Telephony Activity Detection Process discussed above, none of those alerts resulted in reports to Intelligence Community agencies.

NSA did not fix this problem by reviewing the basis for their targeting; instead, it simply moved these US person identifiers back onto the EO 12333 only list.

While we don’t have the background explanation, in the last year, FISC reiterated that the government must give First Amendment review before targeting people under Emergency Provisions. If so, that would reflect the second time where close FISC review led the government to admit it wasn’t doing proper First Amendment reviews, which may reflect a more systematic problem. That would not be surprising, since the government has already been chipping away at that First Amendment review via specific orders.

Minimization procedure abuses

1) The best known abuses of minimization procedures imposed by the FISC were disclosed to the FISC in 2009. The main item disclosed involved the fact that NSA had been abusing the term “archive” to create a pre-archive search against identifiers not approved for search. While NSA claimed this problem arose because no one person knew what the requirements were, in point of fact, NSA’s Inspector General warned that this alert function should be disclosed to FISC, and it was a function from the Stellar Wind program that NSA simply did not turn off when FISC set new requirements when it rubber-stamped the program.

But there were a slew of other violations of FISC-imposed minimization procedures disclosed at that time, almost all arising because NSA treated 215 data just like it treats EO 12333, in spite of FISC’s clear requirements that such data be treated with additional protections. That includes making query results available to CIA and FBI, the use of automatic search functions, and including querying on any “correlated” identifiers. These violations, in sum, are very instructive for the USA F-ReDux debate because NSA has never managed to turn these automated processes back on since, and one thing they presumably hope to gain out of moving data to the providers is to better automate the process.

2) A potentially far more egregious abuse of minimization procedures was discovered (and disclosed) in 2012, when NSA discovered that raw data NSA’s techs were using over 3,000 files of phone dragnet data on their technical server past the destruction date.

As of 16 February 2012, NSA determined that approximately 3,032 files containing call detail records potentially collected pursuant to prior BR Orders were retained on a server and been collected more than five years ago in violation of the 5-year retention period established for BR collection. Specifically, these files were retained on a server used by technical personnel working with the Business Records metadata to maintain documentation of provider feed data formats and performed background analysis to document why certain contact chaining rules were created. In addition to the BR work, this server also contains information related to the STELLARWIND program and files which do not appear to be related to either of these programs. NSA bases its determination that these files may be in violation of BR 11-191 because of the type of information contained in the files (i.e., call detail records), the access to the server by technical personnel who worked with the BR metadata, and the listed “creation date” for the files. It is possible that these files contain STELLARWIND data, despite the creation date. The STELLARWIND data could have been copied to this server, and that process could have changed the creation date to a timeframe that appears to indicate that they may contain BR metadata.

But rather than investigate this violation — rather than clarify how much data this entailed, whether it had been mingled with Stellar Wind data, whether any other violations had occurred — NSA destroyed the data.

In one incident, NSA technical personnel discovered a technical server with nearly 3,000 files containing call detail records that were more than five years old, but that had not been destroyed in accordance with the applicable retention rules. These files were among those used in connection with a migration of call detail records to a new system. Because a single file may contain more than one call detail record, and because the files were promptly destroyed by agency technical personnel, the NSA could not provide an estimate regarding the volume of calling records that were retained beyond the five-year limit. The technical server in question was not available to intelligence analysts.

From everything we’ve seen the tech and research functions are not audited, not even when they’re playing with raw data (which is, I guess, why SysAdmin Edward Snowden could walk away with so many records). So not only does this violation show that tech access to raw data falls outside of the compliance mechanisms laid out in minimization procedures (in part, with explicit permission), but that NSA doesn’t try very hard to track down very significant violations that happen.

Overall sloppiness

Finally, while sloppiness on applications is not a legal violation, it does raise concerns about production under the statute. The IG Report reviewed just six case files which used Section 215 orders. Although the section is heavily redacted, there are reasons to be significantly concerned about four of those.

  • An application made using expedited approval that made a material misstatement about where FBI obtained a tip about the content of a phone call. The FBI agent involved “is no longer with the FBI.” The target was prosecuted for unlawful disclosure of nuke information, but the Section 215 evidence was not introduced into trial and therefore he did not have an opportunity to challenge any illegal investigative methods.
  • A 2009 application involving significant minimization concerns and for which FBI rolled out a “investigative value” exception for access limits on Section 215 databases. This also may involve FBI’s secret definition of US person, which I suspect pertains to treating IP addresses as non-US persons until they know it is a US person (this is akin to what they do under 702 MPs). DOJ’s minimization report to FISC included inaccuracies not fixed until June 13, 2013.
  • A 2009 application for a preliminary investigation that obtained medical and education records from the target’s employer. FBI ultimately determined the target “had no nexus to terrorism,” though it appears FBI kept all information on the target (meaning he will have records at FBI for 30 years). The FBI’s minimization report included an error not fixed until June 13, 2013, after the IG pointed it out.
  • A cyber-investigation for which the case agent could not locate the original production, which he claims was never placed in the case file.

And that’s just what can be discerned from the unredacted bits.

Remember, too: the inaccuracies (as opposed to the material misstatement) were on minimization procedures. Which suggests FBI was either deceitful — or inattentive — to how it was complying with FISC-mandated minimization procedures designed to protect innocent Americans’ privacy.

And remember — all this is just Section 215. The legal violations under PRTT were far more egregious, and there are other known violations and misstatements to FISC on other programs.

This is a troubling program, one that several judges have found either unconstitutional or illegal.

 

How the Second Circuit, FISC, and the Telecoms Might Respond to McConnell’s USA F-ReDux Gambit

Update: Jennifer Granick (who unlike me, is a lawyer) says telecoms will be subject to suit if they continue to comply with dragnet orders. 

Any company that breaches confidentiality except as required by law is liable for damages and attorneys’ fees under 47 U.S.C. 206. And there is a private right of action under 47 U.S.C. 207.

Note that there’s no good faith exception in the statute, no immunity for acting pursuant to court order. Rather, the company is liable unless it was required by law to disclose. So Verizon could face a FISC 215 dragnet order on one side and an order from the Southern District of New York enjoining the dragnet on the other. Is Verizon required by law to disclose in those circumstances? If not, the company could be liable. And did I mention the statute provides for attorneys’ fees?

Everything is different now than it was last week. Reauthorization won’t protect the telecoms from civil liability. It won’t enable the dragnet. As of last Thursday, the dragnet is dead, unless a phone company decides to put its shareholders’ money on the line to maintain its relationships with the intelligence community.

Last night, Mitch McConnell introduced a bill for a 2-month straight reauthorization of the expiring PATRIOT provisions as well as USA F-ReDux under a rule that bypasses Committee structure, meaning he will be able to bring that long-term straight reauthorization, that short term one, or USA F-ReDux to the floor next week.

Given that a short term reauthorization would present a scenario not envisioned in Gerard Lynch’s opinion ruling the Section 215 dragnet unlawful, it has elicited a lot of discussion about how the Second Circuit, FISC, and the telecoms might respond in case of a short term reauthorization. But these discussions are almost entirely divorced from some evidence at hand. So I’m going to lay out what we know about both past telecom and FISA Court behavior.

Because of the details I lay out below, I predict that so long as Congress looks like it is moving towards an alternative, both the telecoms and the FISC will continue the phone dragnet in the short term, and the Second Circuit won’t weigh in either.

The phone dragnet will continue for another six months even under USA F-ReDux

As I pointed out here, even if USA F-ReDux passed tomorrow, the phone dragnet would continue for another 6 months. That’s because the bill gives the government 180 days — two dragnet periods — to set up the new system.

(a) IN GENERAL.—The amendments made by sections 101 through 103 shall take effect on the date that is 180 days after the date of the enactment of this Act.

(b) RULE OF CONSTRUCTION.—Nothing in this Act shall be construed to alter or eliminate the authority of the Government to obtain an order under title V of the Foreign Intelligence Surveillance Act of 1978 (50 U.S.C. 24 1861 et seq.) as in effect prior to the effective date described in subsection (a) during the period ending on such effective date.

The Second Circuit took note of USA F-ReDux specifically in its order, so it would be hard to argue that it doesn’t agree Congress has the authority to provide time to put an alternative in place. Which probably means (even though I oppose Mitch’s short-term reauth in most scenarios) that the Second Circuit isn’t going to balk — short of the ACLU making a big stink — at a short term reauth for the purported purpose of better crafting a bill that reflects the intent of Congress. (Though the Second Circuit likely won’t look all that kindly on Mitch’s secret hearing the other day, which violates the standards of debate the Second Circuit laid out.)

Heck, the Second Circuit waited 8 months — and one failed reform effort — to lay out its concerns about the phone dragnet’s legality that were, in large part, fully formed opinions at least September’s hearing. The Second Circuit wants Congress to deal with this and they’re probably okay with Congress taking a few more months to do so.

FISC has already asked for briefing on any reauthorization

A number of commentators have also suggested that the Administration could just use the grandfather clause in the existing sunset to continue collection or might blow off the Appeals Court decision entirely.

But the FISC is not sitting dumbly by, oblivious to the debate before Congress and the Courts. As I laid out here, in his February dragnet order, James Boasberg required timely briefing from the government in each of 3 scenarios:

  • A ruling from an Appellate Court
  • Passage of USA F-ReDux introduces new issues of law that must be considered
  • A plan to continue production under the grandfather clause

And to be clear, the FISC has not issued such an order in any of the publicly released dragnet orders leading up to past reauthorizations, not even in advance of the 2009-2010 reauthorizations, which happened at a much more fraught time from the FISC’s perspective (because FISC had had to closely monitor the phone dragnet production for 6 months and actually shut down the Internet dragnet in fall 2009). The FISC clearly regards this PATRIOT sunset different than past ones and plans to at least make a show of considering the legal implications of it deliberately.

FISC does take notice of other courts

Of course, all that raises questions about whether FISC feels bound by the Second Circuit decision — because, of course, it has its very own appellate court (FISCR) which would be where any binding precedent would come from.

There was an interesting conversation on that topic last week between (in part) Office of Director of National Intelligence General Counsel Bob Litt and ACLU’s Patrick Toomey (who was part of the team that won the Second Circuit decision). That conversation largely concluded that FISC would probably not be bound by the Second Circuit, but Litt’s boss, James Clapper (one of the defendants in the suit) would be if the Second Circuit ever issued an injunction.

Sunlight Foundation’s Sean Vitka: Bob, I have like a jurisdictional question that I honestly don’t know the answer to. The Court of Appeals for the Second Circuit. They say that this is unlawful. Obviously there’s the opportunity to appeal to the Supreme Court. But, the FISA Court of Review is also an Appeals Court. Does the FISC have to listen to that opinion if it stands?

Bob Litt: Um, I’m probably not the right person to ask that. I think the answer is no. I don’t think the Second Circuit Court of Appeals has direct authority over the FISA Court. I don’t think it’s any different than a District Court in Idaho wouldn’t have to listen to the Second Circuit’s opinion. It would be something they would take into account. But I don’t think it’s binding upon them.

Vitka: Is there — Does that change at all given that the harms that the Second Circuit acknowledged are felt in that jurisdiction?

Litt: Again, I’m not an expert in appellate jurisdiction. I don’t think that’s relevant to the question of whether the Second Circuit has binding authority over a court that is not within the Second Circuit. I don’t know Patrick if you have a different view on that?

Third Way’s Mieke Eoyang: But the injunction would be, right? If they got to a point where they issued an injunction that would be binding…

Litt: It wouldn’t be binding on the FISA Court. It would be binding on the persons who received the —

Eoyong: On the program itself.

Patrick Toomey: The defendants in the case are the agency officials. And so an injunction issued by the Second Circuit would be directed at those officials.

But there is reason to believe — even beyond FISC’s request for briefing on this topic — that FISC will take notice of the Second Circuit’s decision, if not abide by any injunction it eventually issues.

That’s because, twice before, it has even taken notice of magistrate judge decisions.

The first known example came in the weeks before the March 2006 reauthorization of the PATRIOT Act would go into effect. During 2005, several magistrate judges had ruled that the government could not add a 2703(d) order to a pen register to obtain prospective cell site data along with other phone data. By all appearances, the government was doing the same with the equivalent FISA orders (this application of a “combined” Business Record and Pen Register order is redacted in the 2008 DOJ IG Report on Section 215, but contextually it’s fairly clear this is close to what happened). Those magistrate decisions became a problem when, in 2005, Congress limited Section 215 order production to that which could be obtained with a grand jury subpoena. Effectively, the magistrates had said you couldn’t get prospective cell site location with just a subpoena, which therefore would limit whether FBI could get cell site location with a Section 215 order.

While it is clear that FISC required briefing on this point, it’s not entirely clear what FISC’s response was. For a variety of reasons, it appears FISC stopped these combined application sometime in 2006 — the reauthorization went into effect in March 2006 — though not immediately (which suggests, in the interim, DOJ just found a new shell to put its location data collection under).

The other time FISC took notice of magistrate opinions pertained to Post Cut Through Dialed Digits (those are the things like pin and extension numbers you dial after your call or Internet connection has been established). From 2006 through 2009, some of the same magistrates ruled the government must set its pen register collection to avoid collecting PCTDD. By that point, FISC appears to have already ruled the government could collect that data, but would have to deal with it through minimization. But the FISC appears to have twice required the government to explain whether and how its minimization of PCTDD did not constitute the collection of content, though it appears that in each case, FISC permitted the government to go on collecting PCTDD under FISA pen registers. (Note, this is another ruling that may be affected by the Second Circuit’s focus on the seizure, not access, of data.)

In other words, even on issues not treating FISC decisions specifically, the FISC has historically taken notice of decisions made in courts that have no jurisdiction over its decisions (and in one case, FISC appears to have limited government production as a result). So it would be a pretty remarkable deviation from that past practice for FISC to completely blow off the Second Circuit decision, even if it may not feel bound by it.

Verizon responds to court orders, but in half-assed fashion

Finally, there’s the question of how the telecoms will react to the Second Circuit decision. And even there, we have some basis for prediction.

In January 2014, after receiving the Secondary Order issued in the wake of Judge Richard Leon’s decision in Klayman v. Obama that the dragnet was unconstitutional, Verizon made a somewhat half-assed challenge to the order.

Leon issued his decision December 16. Verizon did not ask the FISC for guidance (which makes sense because they are only permitted to challenge orders).

Verizon got a new Secondary Order after the January 3 reauthorization. It did not immediately challenge the order.

It only got around to doing so on January 22 (interestingly, a few days after ODNI exposed Verizon’s role in the phone dragnet a second time), and didn’t do several things — like asking for a hearing or challenging the legality of the dragnet under 50 USC 1861 as applied — that might reflect real concern about anything but the public appearance of legality. (Note, that timing is of particular interest, given that the very next day, on January 23, PCLOB would issue its report finding the dragnet did not adhere to Section 215 generally.)

Indeed, this challenge might not have generated a separate opinion if the government weren’t so boneheaded about secrecy.

Verizon’s petition is less a challenge of the program than an inquiry whether the FISC has considered Leon’s opinion.

It may well be the case that this Court, in issuing the January 3,2014 production order, has already considered and rejected the analysis contained in the Memorandum Order. [redacted] has not been provided with the Court’s underlying legal analysis, however, nor [redacted] been allowed access to such analysis previously, and the order [redacted] does not refer to any consideration given to Judge Leon’s Memorandum Opinion. In light of Judge Leon’s Opinion, it is appropriate [redacted] inquire directly of the Court into the legal basis for the January 3, 2014 production order,

As it turns out, Judge Thomas Hogan (who will take over the thankless presiding judge position from Reggie Walton next month) did consider Leon’s opinion in his January 3 order, as he noted in a footnote.

Screen Shot 2014-04-28 at 10.49.42 AM

And that’s about all the government said in its response to the petition (see paragraph 3): that Hogan considered it so the FISC should just affirm it.

Verizon didn’t know that Hogan had considered the opinion, of course, because it never gets Primary Orders (as it makes clear in its petition) and so is not permitted to know the legal logic behind the dragnet unless it asks nicely, which is all this amounted to at first.

Ultimately, Verizon asked to see proof that FISC had considered Leon’s decision. But it did not do any of the things people think might happen here — it did not immediately cease production, it did not itself challenge the legality of the dragnet, and it did not even ask for a hearing.

Verizon just wanted to make sure it was covered; it did not, apparently, show much concern about continued participation in it.

And this is somewhat consistent with the request for more information Sprint made in 2009.

So that’s what Verizon would do if it received another Secondary Order in the next few weeks. Until such time as the Second Circuit issues an injunction, I suspect Verizon would likely continue producing records, even though it might ask to see evidence that FISC had considered the Second Circuit ruling before issuing any new orders.