Section 215 Archives - Page 6 of 8

Posts

Who Are the Potential Targets of the OTHER Section 215 Program(s)

June 13, 2013/18 Comments/in Drug War, FISA, Leak Investigations, PATRIOT /by emptywheel

There are several small, but significant, discrepancies between what Dianne Feinstein and Keith Alexander said in yesterday’s Senate Appropriation Committee hearing on cyber and what others have said. As one example, last week James Clapper said this was the standard for accessing the dragnet of Americans’ call data:

The court only allows the data to be queried when there is a reasonable suspicion, based on specific facts, that the particular basis for the query is associated with a foreign terrorist organization. [my emphasis]

DiFi yesterday said this was the standard:

It can only look at that data after a showing that there is a reasonable, articulable suspicion that a specific individual is involved in terrorism, actually related to al Qaeda or Iran. [my emphasis]

These are slightly different things (and Congress has fought hard over the word “articulable” in very similar contexts to this in the past — plus, whichever word is used may trace back to Jack Goldsmith’s 2004 OLC opinion on the illegal wiretap program). It’s possible — likely even — that Clapper was just dumbing down his statement the other day. But it is a difference.

I’m particularly interested in the point I raised yesterday. DiFi, in discussing the NSA’s use of the Section 215 data, says it can only be used to find people in the US with ties to terrorists or Iran.

But when Clapper discussed all the potential targets the Intelligence Community might want to trace using Section 215 data, he mentioned a broader group.

There are no limitations on the customers who can use this library. Many and millions of innocent people doing min– millions of innocent things use this library, but there are also nefarious people who use it. Terrorists, drug cartels, human traffickers, criminals also take advantage of the same technology. So the task for us in the interest of preserving security and preserving civil liberties and privacy is to be as precise as we possibly can be when we go in that library and look for the books that we need to open up and actually read. [my emphasis]

But remember. Clapper oversees all 16 members of the intelligence community, including FBI and the National Counterterrorism Center. DiFi’s statement (and Alexander’s confirmation) applied only to NSA. Elsewhere in the hearing, Alexander said NSA only used what he called “BR” (for business records) to collect phone records. And we know that — at least as recently as 2011 — there was at least one other secret collection program using Section 215. So one of those other entities — almost certainly FBI — must run that program.

Moreover, there’s no reason to believe that Edward Snowden, who had unbelievable access to NSA’s networks and, some time ago, CIA’s records, would have access to programs that didn’t involve those agencies.

And Keith Alexander probably knows that.

Also, terrorists, certainly, and Iran, sort of, are legitimate targets for DOD (I’m actually wondering if the government has acrobatically justified going after Iranian contacts by relying on the still extant Iraq AUMF). For NSA to pursue drug cartels and criminals might present a posse comitatus problem (one that I believe was part of the problem behind the 2004 hospital confrontation).

So I’m wondering how many of the answers we’re getting are designed to minimize the scope of what we know by referring only to the NSA programs?

BREAKING: Iran Is a Terrorist Organization

June 12, 2013/15 Comments/in FISA, PATRIOT, Terrorism /by emptywheel

I’m trying to sort through the irreconcilable claims about the Section 215 and PRISM/702 programs made in today’s Senate Appropriations Committee hearing on cyber.

But for now, I want to post Dianne Feinstein’s statement about what Section 215 does because, well, it seems Iran is now a terrorist. (This is around 1:55)

The Section 215 Business Records provision was created in 2001 in the PATRIOT for tangible things: hotel records, credit card statements, etcetera. Things that are not phone or email communications. The FBI uses that authority as part of its terrorism investigations. The NSA only uses Section 215 for phone call records — not for Google searches or other things. Under Section 215, NSA collects phone records pursuant to a court record. It can only look at that data after a showing that there is a reasonable, articulable that a specific individual is involved in terrorism, actually related to al Qaeda or Iran. At that point, the database can be searched. But that search only provides metadata, of those phone numbers. Of things that are in the phone bill. That person, um [flips paper] So the vast majority of records in the database are never accessed, and are deleted after a period of five years. To look at, or use content, a court warrant must be obtained.

Is that a fair description, or can you correct it in any way?

Keith Alexander: That is correct, Senator.

Frankly, Dianne Feinstein has appeared to keep her facts straight about Section 215, at least, better than Mike Rogers and James Clapper over the last week. But this statement conflicts in some important ways with what others are saying.

So maybe this is not accurate.

But according to DiFi — and backed by General Keith Alexander, head of NSA — Iran, along with al Qaeda, is now a terrorist organization.

NSA PRISM Slides: Notice Anything Unusual or Missing?

June 12, 2013/76 Comments/in Cybersecurity, FISA, Intelligence /by Rayne

We haven’t seen (and likely will never see) all of the NSA slides former Booz Allen employee Edward Snowden shared with the Guardian-UK and the Washington Post. But the few that we have seen shared by these two news outlets tell us a lot — even content we might expect to see but don’t tells us something.

First, let’s compare what appears to be the title slide of the presentation — the Guardian’s version first, followed by the WaPo’s version. You’d think on the face of it they’d be the same, but they aren’t.

[NSA presentation, title slide, via Guardian-UK]

[NSA presentation, title slide, via Washington Post]

Note the name of the preparer or presenter has been redacted on both versions; however, the Guardian retains the title of this person, “PRISM Collection Manager, S35333,” while the WaPo completely redacts both name and title.

This suggests there’s an entire department for this program requiring at least one manager. There are a number of folks who are plugging away at this without uttering a peep.

More importantly, they are working on collection — not exclusively on search.

The boldface reference to “The SIGAD Used Most in NSA Reporting” suggests there are more than the PRISM in use as SIGINT Activity Designator tools. What’s not clear from this slide is whether PRISM is a subset of US-984XN or whether PRISM is one-for-one the same as US-984XN.

Regardless of whether PRISM is inside or all of US-984XN, the presentation addresses the program “used most” for reporting; can we conclude that reporting means the culled output of mass collection? Read more →

Is the Section 215 Dragnet Limited to Terrorism Investigations?

June 12, 2013/28 Comments/in Drug War, Financial Fraud, FISA, PATRIOT /by emptywheel

Unlike PRISM, most public discussions about the Section 215 dragnet program suggest that it is tied to terrorism. It’s a claim, for example, that Charlie Savage makes in this story, which he traces back to this statement from Director of National Security James Clapper.

And indeed, that statement does claim the program is limited to terrorism investigations.

The collection is broad in scope because more narrow collection would limit our ability to screen for and identify terrorism-related communications. Acquiring this information allows us to make connections related to terrorist activities over time. The FISA Court specifically approved this method of collection as lawful, subject to stringent restrictions.

The information acquired has been part of an overall strategy to protect the nation from terrorist threats to the United States, as it may assist counterterrorism personnel to discover whether known or suspected terrorists have been in contact with other persons who may be engaged in terrorist activities.

[snip]

By order of the FISC, the Government is prohibited from indiscriminately sifting through the telephony metadata acquired under the program. All information that is acquired under this program is subject to strict, court-imposed restrictions on review and handling. The court only allows the data to be queried when there is a reasonable suspicion, based on specific facts, that the particular basis for the query is associated with a foreign terrorist organization. Only specially cleared counterterrorism personnel specifically trained in the Court-approved procedures may even access the records.

All information that is acquired under this order is subject to strict restrictions on handling and is overseen by the Department of Justice and the FISA Court. Only a very small fraction of the records are ever reviewed because the vast majority of the data is not responsive to any terrorism-related query. [my emphasis]

Even assuming James “Least Untruthful Too Cute by Half” Clapper can be trusted on this point, consider a few things about this statement.

It was released after only the first Guardian release. Thus, it was almost certainly rushed. And while NSA has claimed they had identified Edward Snowden before he started publishing, it is possible they did not know precisely what he had taken (though it is equally possible they already knew).
Clapper avoids mentioning precisely what program he is referring to in this statement, not even mentioning the Section 215 authority directly (though he does mention the PATRIOT Act. The Executive Branch has a well-established history — on this and related programs precisely — in addressing just a subset of a program so as to try to hide larger parts of it.

In addition, recall that when DOJ Inspector General Glenn Fine referred to these secret programs in a 2008 report on the use of Section 215, he spoke in the plural and included two classified appendices to describe them. In 2011, Acting Assistant Attorney General Todd Hinnen referred only to programs, plural. Thus, there almost certainly are at least two secret programs, and Michael Hayden has claimed Obama has expanded the use of this authority, which might mean there are more than two.

Furthermore, compare Clapper’s statement from June 6 — which mentioned only terrorists — with how he explained the dragnet program to Andrea Mitchell on June 9.

ANDREA MITCHELL: At the same time, when Americans woke up and learned because of these leaks that every single telephone call in this United States, as well as elsewhere, but every call made by these telephone companies that they collect is archived, the numbers, just the numbers, and the duration of these calls. People were astounded by that. They had no idea. They felt invaded.

JAMES CLAPPER: I understand that. But first let me say that I and everyone in the intelligence community all– who are also citizens, who also care very deeply about our– our privacy and civil liberties, I certainly do. So let me say that at the outset. I think a lot of what people are– are reading and seeing in the media is a lot of hyper– hyperbole.
A metaphor I think might be helpful for people to understand this is to think of a huge library with literally millions of volumes of books in it, an electronic library. Seventy percent of those books are on bookcases in the United States, meaning that the bulk of the of the world’s infrastructure, communications infrastructure is in the United States.

There are no limitations on the customers who can use this library. Many and millions of innocent people doing min– millions of innocent things use this library, but there are also nefarious people who use it. Terrorists, drug cartels, human traffickers, criminals also take advantage of the same technology. So the task for us in the interest of preserving security and preserving civil liberties and privacy is to be as precise as we possibly can be when we go in that library and look for the books that we need to open up and actually read.

You think of the li– and by the way, all these books are arranged randomly. They’re not arranged by subject or topic matter. And they’re constantly changing. And so when we go into this library, first we have to have a library card, the people that actually do this work.

Which connotes their training and certification and recertification. So when we pull out a book, based on its essentially is– electronic Dewey Decimal System, which is zeroes and ones, we have to be very precise about which book we’re picking out. And if it’s one that belongs to the– was put in there by an American citizen or a U.S. person.

We ha– we are under strict court supervision and have to get stricter– and have to get permission to actually– actually look at that. So the notion that we’re trolling through everyone’s emails and voyeuristically reading them, or listening to everyone’s phone calls is on its face absurd. We couldn’t do it even if we wanted to. And I assure you, we don’t want to.

ANDREA MITCHELL: Why do you need every telephone number? Why is it such a broad vacuum cleaner approach?

JAMES CLAPPER: Well, you have to start someplace. If– and over the years that this program has operated, we have refined it and tried to– to make it ever more precise and more disciplined as to which– which things we take out of the library. But you have to be in the– in the– in the chamber in order to be able to pick and choose those things that we need in the interest of protecting the country and gleaning information on terrorists who are plotting to kill Americans, to destroy our economy, and destroy our way of life.

In speaking of the way in which the government uses this dragnet collection as a kind of Dewey Decimal system to identify communications it wants to go back and view, he doesn’t limit it to terrorists. Indeed, he doesn’t even limit it to those foreign intelligence uses the PATRIOT Act authorizes, like counterintelligence (though Obama’s roll-out of Transnational Crime Organization initiative in 2011 — which effectively started treating certain transnational crime networks just like terrorists — may suggest only those crime organizations are being targeted).

Given two more days of disclosures after his initial Section 215 statement, Clapper acknowledged that PRISM has been used (at a minimum) to pursue weapons proliferators and hackers in addition to terrorists. Then, the next day, he at least seemed to suggest that Section 215 collection is used to pinpoint not just terrorists, but also drug cartels and other criminal networks.

And as I’ll show in a follow-up post, it seems to have targeted far more than that.

The Section 215 Dragnet Started as Abusive Exigent Letter Practice Wound Down

June 11, 2013/7 Comments/in FISA, PATRIOT /by emptywheel

Julian Sanchez (who, if you’re not already following, you should, @normative) just made an important observation about the Section 215 collection that collects metadata on all phone calls every day.

Carriers keep call detail records for years. No earthly reason to demand DAILY updates just to preserve.

Thunk. The penny dropped.

In theory, no, there’s no reason to demand daily updates from the telecoms. In fact, in theory, you could always just ask the telecoms to conduct the kind of data analysis that is now being done by NSA.

But there’s a very good reason why they’re not doing it that way.

They tried. It was badly abused.

And they started moving away from that approach in March 2006, precisely when we know the Section 215 program started.

Most of what we know about the exigent letters program comes from a report DOJ’s Inspector General did in March 2007 [ed 6/16: oops–all this time I had the least damning report linked. read this one] (my posts are here, here, here, here, here, here, here). But the short version is that the NY FBI office set up an office to have representatives of the three major telecom companies come in and directly access their data with FBI Agents looking over their back. As such, it’s probably similar to what PRISM accomplishes for internet providers (except that an NSA employee rather than a telecom employee does the search), and presumably akin to whatever NSA does with the Section 215 dragnet information (which, after all, replicates the telecom databases perfectly).

The problems — that that we know about from the unclassified report (there are secret and TS/SCI versions which probably have bigger horrors) — include:

FBI General Counsel had no apparent knowledge of 17% of the searches
Thousands of searches never got recorded
FBI lied to the telecoms about how urgent the information was to get the information
FBI did an unknown number of sneak peeks into the data to see if there was something worth getting formally

Altogether, the unclassified IG Report described 26 abuses that should have been reported to then (and once again, since Chuck Hagel became Defense Secretary) inoperable Intelligence Oversight Board.

That includes the tracking of journalist call records in at least three cases (one of which I suspect is James Risen).

In short, it violated many legal principles. And that’s just the stuff that actually got recorded and showed up in an unclassified report.

The Executive spent years trying to clean up the legal mess, with four OLC opinions between November 8, 2008 and January 8, 2010 making one after another argument to justify the mess.

And just as it became clear what a godforsaken mess all this was in March 2006, they started using Section 215 to collect all call records.

The effectively created the same databases that had been abused when the FBI had telecom employees doing the work, to have NSA or FBI do the very same work as well.

In short, the reason we don’t do what Sanchez is absolutely right we should do — ask the telecoms for information as we need it — is it’s not easy enough.

What I look forward to learning, though, is how having government employees do the work that telecom employees — who at least were bound by ECPA — avoids the same kind of abusive fishing expeditions.

Update: Here’s a description I wrote to summarize this 3 years ago.

This IG Report was the third DOJ’s Inspector General, Glenn Fine, has done on the FBI’s use of National Security Letters and “exigent letters,” though this is the first to focus almost exclusively on exigent letters. In 2003, the FBI installed representatives of AT&T and (later) Verizon and MCI onsite, with computers hooked up to their respective companies’ databases. Rather than using a subpoena or a National Security Letter to get phone records from them (both of which would have required a higher level of review), the FBI basically gave them a boilerplate letters saying it was an emergency (thus the “exigent”) and could they please give the FBI the phone data; the FBI promised grand jury subpoenas to follow. Only, in many cases, these weren’t emergencies, they never sent the grand jury subpoenas, and many weren’t even associated with investigations into international terrorism. In other words, FBI massively abused this system to get phone data without necessary oversight. Fine has been pressing FBI to either establish some legal basis for getting this data or purging it from FBI databases for three years, and they have done that with some, but not all, of the data collected. But the FBI has tried about three different ways to bring this practice into conformity with legal guidelines, all unpersuasive to Fine. The OLC opinion is the most recent of these efforts.

Also, here’s a timeline.

Have Clapper, Feinstein, and Rogers Confused the Distinct Issues of Section 215 and PRISM? Or Are They Indistinct?

June 11, 2013/23 Comments/in FISA, PATRIOT /by emptywheel

[youtube]hmw4G5q1OkE[/youtube]

Last year, when Pat Leahy tried to switch the FISA Amendments Act reauthorization to a 3 year extension instead of 5, which would have meant PATRIOT and FAA would be reconsidered together in 2015, the White House crafted a talking point claiming that would risk confusing the two provisions.

Aligning FAA with expiration of provisions of the Patriot Act risks confusing distinct issues.

In the last week, the Guardian had one scoop pertaining to FAA (the PRISM program) and another to PATRIOT (the use of Section 215 to conduct dragnet collection of Americans’ phone records).

Since then, almost everyone discussing the issues seems to have confused the two.

Including, at a minimum, Mike Rogers, as demonstrated by the video above. When Dianne Feinstein started explaining the Section 215 Verizon order, Mike Rogers interrupted to say that the program could not be targeted at Americans. But of course the Section 215 order was explicitly limited to calls within the US, so he had to have been thinking of PRISM.

Then there what, on first glance, appears to be confusion on the part of journalists. I noted how Reuters’ Rogers-related sources were clearly confused (or in possession of a time machine) when they made such claims, and NYT appeared to conflate the issues as well. Similarly, Andrea Mitchell took this exchange — which is clearly about Section 215 — and elsewhere reported that the law allowing NSA to wiretap Americans (which could be FISA or FAA) stopped the attack.

ANDREA MITCHELL:

At the same time, when Americans woke up and learned because of these leaks that every single telephone call in this United States, as well as elsewhere, but every call made by these telephone companies that they collect is archived, the numbers, just the numbers, and the duration of these calls. People were astounded by that. They had no idea. They felt invaded.

JAMES CLAPPER:

I understand that.

[snip]

A metaphor I think might be helpful for people to understand this is to think of a huge library with literally millions of volumes of books in it, an electronic library. Seventy percent of those books are on bookcases in the United States, meaning that the bulk of the of the world’s infrastructure, communications infrastructure is in the United States.

[snip]

So the task for us in the interest of preserving security and preserving civil liberties and privacy is to be as precise as we possibly can be when we go in that library and look for the books that we need to open up and actually read.

[snip]

So when we pull out a book, based on its essentially is– electronic Dewey Decimal System, which is zeroes and ones, we have to be very precise about which book we’re picking out. And if it’s one that belongs to the– was put in there by an American citizen or a U.S. person.

We ha– we are under strict court supervision and have to get stricter– and have to get permission to actually– actually look at that. So the notion that we’re trolling through everyone’s emails and voyeuristically reading them, or listening to everyone’s phone calls is on its face absurd. We couldn’t do it even if we wanted to. And I assure you, we don’t want to.

ANDREA MITCHELL:

Why do you need every telephone number? Why is it such a broad vacuum cleaner approach?

JAMES CLAPPER:

Well, you have to start someplace. If– and over the years that this program has operated, we have refined it and tried to– to make it ever more precise and more disciplined as to which– which things we take out of the library. But you have to be in the– in the– in the chamber in order to be able to pick and choose those things that we need in the interest of protecting the country and gleaning information on terrorists who are plotting to kill Americans, to destroy our economy, and destroy our way of life.

ANDREA MITCHELL:

Can you give me any example where it actually prevented a terror plot?

JAMES CLAPPER:

Well, two cases that– come to mind, which are a little dated, but I think in the interest of this discourse, should be shared with the American people. They both occurred in 2009. One was the aborted plot to bomb the subway in New York City in the fall of 2009.

And this all started with a communication from Pakistan to a U.S. person in Colorado. And that led to the identification of a cell in New York City who was bent on– make– a major explosion, bombing of the New York City subway. And a cell was rolled up, and in their apartment, we found backpacks with bombs.

A second example, also occurring in 2009, involved– the– one of the– those involved, perpetrators of the Mumbai bombing in India, David Headley. And we aborted a plot against a Danish news publisher based on– the same kind of information. So those are two specific cases of uncovering plots through this mechanism that– prevented terrorist attacks.

What would seem to support the conclusion that everyone was just very confused is that, in his talking points on the two programs, Clapper claims three examples as successes for the use of PRISM, none of which is Zazi or Headley.

Now, the AP reports Clapper’s office (which is fast losing credibility) has circulated talking points making the claim that PRISM helped nab Zazi.

The Obama administration declassified a handful of details Tuesday that credited its PRISM Internet spying program with intercepting a key email that unraveled a 2009 terrorist plot in New York.

The details, declassified by the director of national intelligence, were circulated on Capitol Hill as part of government efforts to tamp down criticism of two recently revealed National Security Agency surveillance programs.

But, as I suggested last year, the White House clearly wasn’t concerned about us confusing our pretty little heads by conflating FAA and Section 215. Rather, it seemed then to want to hide the relationship between the dragnet collection of Americans calls and the direct access to Internet providers’ data.

But Clapper and DiFi seem to hint at the relationship between them.

In her first comments about Section 215 (even before PRISM had broken) DiFi said this.

The information goes into a database, the metadata, but cannot be accessed without what’s called, and I quote, “reasonable, articulable suspicion” that the records are relevant and related to terrorist activity.

And in his talking points on 215, Clapper said this.

By order of the FISC, the Government is prohibited from indiscriminately sifting through the telephony metadata acquired under the program. All information that is acquired under this program is subject to strict, court-imposed restrictions on review and handling. The court only allows the data to be queried when there is a reasonable suspicion, based on specific facts, that the particular basis for the query is associated with a foreign terrorist organization.

This standard — reasonable suspicion that the records are relevant to or associated with a terrorist investigation (I’ll come back to the terrorism issue in another post) — is not the 215 standard, because it requires reasonable suspicion. But it’s not as high as a FISA warrant would be, which requires it to be more closely related than “relevant” to a terrorist investigation.

So what standard is this, and where did it come from? Read more →

Clapper Couldn’t Even Do Better Than “Least Untruthful” with a Day’s Notice

June 11, 2013/14 Comments/in FISA, PATRIOT /by emptywheel

As I noted yesterday, when Andrea Mitchell asked James Clapper about his lie to Ron Wyden earlier this year, Clapper offered a baloney answer, admitting both that he gave the “least untruthful” answer and that he had been “too cute by half.”

First– as I said, I have great respect for Senator Wyden. I thought, though in retrospect, I was asked– “When are you going to start– stop beating your wife” kind of question, which is meaning not– answerable necessarily by a simple yes or no. So I responded in what I thought was the most truthful, or least untruthful manner by saying no.

[snip]

And this has to do with of course somewhat of a semantic, perhaps some would say too– too cute by half. But it is– there are honest differences on the semantics of what– when someone says “collection” to me, that has a specific meaning, which may have a different meaning to him. [my emphasis]

It was such a terrible response to Mitchell’s question, for ten whole minutes I wished Rahm Emanuel were back in the White House to rip Clapper to shreds for such a media fail.

But what makes Clapper’s answer — and his retroactive explanations for it — far, far worse is that Ron Wyden gave him a day to figure out how to answer.

One of the most important responsibilities a Senator has is oversight of the intelligence community. This job cannot be done responsibly if Senators aren’t getting straight answers to direct questions. When NSA Director Alexander failed to clarify previous public statements about domestic surveillance, it was necessary to put the question to the Director of National Intelligence. So that he would be prepared to answer, I sent the question to Director Clapper’s office a day in advance. [my emphasis]

And after Clapper lied to Wyden’s face, Wyden gave him a chance to amend it, which he did not take.

After the hearing was over my staff and I gave his office a chance to amend his answer. Now public hearings are needed to address the recent disclosures and the American people have the right to expect straight answers from the intelligence leadership to the questions asked by their representatives. [my emphasis]

Wyden is making it clear: this was a deliberate, knowing lie to Congress. And no one wants to talk about it.

Which, as Wyden further notes, undermines any pretense that Congress exercise adequate oversight over the Executive Branch.

Is Robert Mueller, a Purported Hero of the Hospital Confrontation, Responsible for Section 215 Use?

June 10, 2013/7 Comments/in FISA, PATRIOT /by emptywheel

On March 23, 2004 at noon, less than two weeks after the dramatic hospital confrontation and threats to quit reportedly got the Administration to agree to stop data mining Americans, FBI Director Robert Mueller had a meeting with Dick Cheney, at the Vice President’s request, in the Vice President’s office. In his notes, Mueller doesn’t describe what the VIce President wanted, nor am I aware that it has even been reported in the press.

The next day, the Chief Division Counsel of some Division of the FBI wrote a memo to the FBI General Counsel noting that FBI was using a “new standard” with Section 215 of the PATRIOT Act and indicating that a “recent decision” had been made to bypass the review of the Office of Intelligence Policy and Review on Section 215 applications.

In part, the apparent decision to bypass OIPR, which had rejected the premise of the previous Section 215 orders FBI had submitted in the past, reflected no more than a concerted effort on FBI’s part to make sure it could start using all the PATRIOT authorities it had been granted in 2001 in anticipation of renewal discussions that would take place the following year. Yet the timing of this change is particularly curious, given that we now know Section 215 has been used to collect data that could be used for data mining Americans, precisely the problem that had caused the hospital confrontation 12 days earlier.

At the very least, however, it shows that sometime around the same time as Jim Comey and others at DOJ tried to stop the data mining of Americans under NSA’s illegal program, FBI claimed to have eliminated one review step for Section 215 orders and changed the standard used for them. That reference notwithstanding, DOJ Inspector General at least reported that OIPR continued to have a role. (Note, the office that got cut out of the process, OIPR, is where one of the key whistleblowers on the illegal program, Thomas Tamm worked, though I have asked him if he knew whether they used Section 215 to accomplish the same program and he didn’t know anything about it.)

On May 21, 2004, just as the the confrontation was settling down, FBI got its first Section 215 order approved. MIRACLES! the memo subject line read. “We got our first business record order signed today. It only took two and a half years.”

Now, at least some of the people commenting publicly on the confirmation that Section 215 has been used to compile a database recording details on all calls Americans make say Section 215 has supported that purpose only since 2006. Dianne Feinstein, for example, says the practice has gone on for 7 years.

As far as I know, this is the exact three month renewal of what has been the case for the past seven years. This renewal is carried out by the FISA Court under the business records section of the Patriot Act. Therefore, it is lawful.

Seven years would put its start almost exactly at the March 9, 2006 renewal of the PATRIOT Act, which added new language on Section 215 in the wake of the December 15, 2005 exposure of Bush’s illegal wiretap program. In discussions of this collection program since last week, it has generally been accepted that’s when it all started.

Curiously (particularly given his insistence that PRISM only started in 2008, slides to the contrary notwithstanding), James Clapper made no claims about precisely when this practice started.

The Patriot Act was signed into law in October 2001 and included authority to compel production of business records and other tangible things relevant to an authorized national security investigation with the approval of the FISC. This provision has subsequently been reauthorized over the course of two Administrations – in 2006 and in 2011. It has been an important investigative tool that has been used over the course of two Administrations, with the authorization and oversight of the FISC and the Congress.

It is possible that this program was conducted under a different PATRIOT provision (such as the Pen Register ones) prior to 2006; in fact, Clapper never mentions the term “Section 215” in his purported clarification of the program.

Now, consider one more detail. In a statement before the 2009 debate on PATRIOT Act reauthorization focusing closely on Section 215, Russ Feingold suggested that the debate over reauthorization in 2005, which led to purported initial use of Section 215 to conduct this dragnet, had been stymied by classification of how the PATRIOT had been implemented.

I remain concerned that critical information about the implementation of the Patriot Act has not been made public – information that I believe would have a significant impact on the debate. During the debate on the Protect America Act and the FISA Amendments Acts in 2007 and 2008, critical legal and factual information remained unknown to the public and to most members of Congress – information that was certainly relevant to the debate and might even have made a difference in votes. And during the last Patriot Act reauthorization debate in 2005, a great deal of implementation information remained classified.

[snip]

But there also is information about the use of Section 215 orders that I believe Congress and the American people deserve to know. I do not underestimate the importance of protecting our national security secrets. But before we decide whether and in what form to extend these authorities, Congress and the American people deserve to know at least basic information about how they have been used. So I hope that the administration will consider seriously making public some additional basic information, particularly with respect to the use of Section 215 orders.

There can be no question that statutory changes to our surveillance laws are necessary. Since the Patriot Act was first passed in 2001, we have learned important lessons, and perhaps the most important of all is that Congress cannot grant the government overly broad authorities and just keep its fingers crossed that they won’t be misused, or interpreted by aggressive executive branch lawyers in as broad a way as possible. [my emphasis]

This suggests the plan to use Section 215 may have been explicit in those classified debates.

Mike Rogers: As Confused about Telecom Surveillance as He Is about Drone Strikes

June 7, 2013/26 Comments/in FISA, PATRIOT, Terrorism /by emptywheel

Congressman Mike Rogers, like most members of the ranking Gang of Four members of the Intelligence Committees, has long made obviously false claims about the drone program, such as that public reports of civilian casualties (which were being misreported in intelligence reports) were overstated.

That’s just one of the many reasons I was dubious about this report, claiming that, well … it’s not entirely clear what it claimed. Here’s the lead two paragraphs:

A secret U.S. intelligence program to collect emails that is at the heart of an uproar over government surveillance helped foil an Islamist militant plot to bomb the New York City subway system in 2009, U.S. government sources said on Friday.

The sources said Representative Mike Rogers, chairman of the House of Representatives Intelligence Committee, was talking about a plot hatched by Najibullah Zazi, an Afghan-born U.S. resident, when he said on Thursday that such surveillance had helped thwart a significant terrorist plot in recent years.

These paragraphs suggest that we found Najibullah Zazi — pretty clearly the most successful effort to prevent a known terrorist attack since 9/11 — because of one of the programs the Guardian (and WaPo) broke over the last few days.

Some paragraphs down, the piece explains the program in question was the “one that collected email data on foreign intelligence suspects.” Which is weird, because we’ve learned about a program to collect email data on everyone in the United States, not “foreign intelligence suspects.” And a program to collect a range of telecom content on known foreign intelligence suspects and their associates. Already, Reuters’ sources seemed confused.

The next paragraph describes the PRISM program by name.

The Washington Post and Britain’s Guardian newspaper on Thursday published top-secret information from inside NSA that described how the agency gathered masses of email data from prominent Internet firms, including Google, Facebook and Apple under the PRISM program.

And the rest of the report traces what former Agent and now FBI mouthpiece CBS pundit John Miller had to say.

All of that might lead you to believe this is a story reporting that we had foiled Zazi’s plot using PRISM, the program that involves the NSA accessing bulk data on everything these foreign targets were doing. But even that is problematic, since Zazi is a US person, whose communications are supposedly excluded from this program.

Then there are the problems with the actual content of this.

Meet 3 PATRIOT Act False Positives Investigated for Buying Beauty Supplies

June 7, 2013/42 Comments/in FISA, PATRIOT /by emptywheel

Both Mike Rogers and Ron Wyden made claims about the efficacy of the surveillance scoops of the last few days, especially the use of Section 215 to collect the phone data — and other tangible stuff, including credit card records — of every American.

The assessment of efficacy ought to consider a number of factors: Whether this surveillance has prevented any attacks (Rogers says it has, but mentions only one in the entire 7 year span of the program). Why it didn’t prevent an attack like the Boston Marathon bombing, which was carried out by two guys whose lives and extremist interests were splashed all over social media, and one of whom was discussed in international texts that would have been fair game for collection under PRISM.

But an efficacy assessment also needs to find a way to quantify the costs such surveillance has on false positives.

So let’s consider what may have happened to three probable false positives who had their lives thoroughly investigated in 2009 after being — wrongly, apparently — tied to Najibullah Zazi’s plot to bomb the NYC subway.

We first learned of these three people when they appeared in the detention motion the FBI used to keep him in custody in Brooklyn. As part of the proof offered that Zazi was a real threat, FBI described 3 people in Aurora, CO, who bought large amounts of beauty supplies.

Evidence that “individuals associated with Zazi purchased unusual quantities of hydrogen and acetone products in July, August, and September 2009 from three different beauty supply stores in and around Aurora;” these purchases include:

Person one: a one-gallon container of a product containing 20% hydrogen peroxide and an 8-oz bottle of acetone

Person two: an acetone product

Person three: 32-oz bottles of Ion Sensitive Scalp Developer three different times

Unlike just about everything else cited in the detention motion, there was no obvious means by which these individuals were identified.

During the debate on PATRIOT Act reauthorization later that fall, Dianne Feinstein used the Zazi investigation to insist that Section 215 retain its broad “relevant to” standard. Given her insistence Section 215 had been important to the investigation, and given that the identification of these beauty supply buying subjects appeared to work backwards from their purchase of beauty supplies, I guessed at the time that the FBI used Section 215 to cross reference all the people who had bought these beauty supplies in Aurora, CO — which are precursors for the TATP explosive Zazi made — with possible associations with Zazi.

Just days later, as part of the debate, Ben Cardin discussed using National Security Letters to track people who buy “cleaning products that could be used to make explosive device.” And John Kyl discussed wanting to “know about Joe Blow buying hydogen peroxide.” Acetone and hydrogen peroxide, the same precursors used to implicate these three people.

In February 2011, Robert Mueller confirmed explicitly that Section 215 had been used to collect “records relating to the purchase of hydrogen peroxide.”

That seems to suggest that the government used Section 215 or NSLs to search on all the people who bought acetone and hydrogen peroxide in Aurora (by all public reporting, Zazi kept to himself the entire time he lived in CO).

But here’s the thing: these three people never appeared again in the legal case against Zazi and his co-conspirators. The only one from CO ever implicated in the plot was Zazi’s father, who had lied to protect his son.

Poof!

They were three known associates buying dangerous explosives precursors one day, and apparently became either cleared innocents or recruited confidential informants the next day.

In other words, they appear to be false positives identified by the Section 215 dragnet celebrated by Obama and DiFi and everyone else implicated in it now as a great way to prevent terrorism (Zazi, remember, was discovered through legal FISA intercepts obtained after we got a tip from Pakistan).

Now, no one, as far as I know, has ever found these three probable false positives to ask them what they went through during the period when they were suspected of being co-conspirators in the biggest terrorist attack since 9/11. But given the likelihood that the association with Zazi went through his mosque (the other likely possibility is another driver from the airport), I imagine that their neighbors and employers got awfully suspicious when the FBI showed up and started asking questions. How badly does being actively — and, apparently, falsely — investigated for being a terrorist ruin your life if you’re an American Muslim? Do you lose job security? Do other kids’ parents refuse to let their kids play with yours? Does your homeowners association try to cause you trouble?

That’s what this debate about efficacy needs to quantify. Data mining is never completely accurate, and given the small number of terrorists and therefore the high degree of guessworks that goes into what counts as an association, you’re going to have false positives, as appears to have happened here.

Lots of apologists are saying they never do anything wrong, and therefore they don’t have to worry. But it appears that doing something as innocent as buying hair bleach can get you sucked into this dragnet.