Long time readers likely know I’ve been obsessed with the decision, which as far as we currently know started in 2007 after Alberto Gonzales and (since returned as FBI General Counsel) James Baker left DOJ, to let DOD chain through US person identifiers on metadata collected under EO 12333, what gets described as Special Procedures Governing Communications Metadata Analysis, or SPCMA. Here’s a post that describes it at more length.
Though it is not included in what Snowden leaked, the memo describes a third Appendix, Appendix C:
On July 20, 2004, the General Counsel of CIA wrote to the General Counsel of NSA and to the Counsel for Intelligence Policy asking that CIA receive from NSA United States communications metadata that NSA does not currently provide to CIA. The letter from CIA is attached at Tab C.
The government has not released an official version of the packet such as it got leaked by Snowden. However, it did release Appendix A, the approval memo, in Fall 2014 as part of the declassification of the Yahoo challenge to the Protect America Act. As I laid out in this post, the government not only got this document approved after the passage of PAA and while Yahoo was challenging orders received under it, but DOJ tried to hide it from FISC Judge Reggie Walton. They only handed it over — though without the context of the approval memo that made it clear it was about contact chaining including Americans — after he had scolded DOJ several times about not handing over all the documentation related to PAA.
DOJ did not submit the procedures to FISC in a February 20, 2008 collection of documents they submitted after being ordered to by Judge Walton after he caught them hiding other materials; they did not submit them until March 14, 2008.
So to sum up: We have 16 pages (the memo and two of three appendices) thanks to Edward Snowden, and we have an official copy of just the 2-page approval memo, released on the context of the Yahoo declassification.
I lay all this out because this entry, in the National Security Division Vaughn Index provided to ACLU last month, is undoubtedly this same memo.
The date is the same, the description is almost the same. The only difference is that the withheld document has 20 pages, as compared to the 16 pages that Snowden gave us.
From that I conclude that the 2004 CIA memo is four pages long (three, plus a cover sheet). Note the date: squarely during the period when spooks were trying to put discontinued parts of Stellar Wind under some kind of legal authority.
Here’s how the NSA declared Exemptions 1 and 3 over this document.
56. NSD fully withheld Document 4 on its Vaughn index in part because the release of any portion of that document would disclose classified information about functions or activities of NSA. The document is a 20-page document dated 20 November 2007 and is described as NSD Legal Memo on Amending DoD Procedures and Accompanying Documentation.” This document. including its full title, was withheld in full under Exemption 1 and Exemption 3. I have reviewed the information withheld and determined that the information is currently and properly classified at the SECRET level in accordance with EO 13526 because the release of this information could reasonably be expected to cause serious damage to the national security. The information withheld pertains to intelligence activities, intelligence sources or methods, or cryptology. or the vulnerabilities or capabilities of systems or projects relating to the national security and therefore meets the criteria for classification set for in Sections 1.4(c) and 1.4(g) of EO 13526. The harm to national security of releasing any portion of this document and the reasons that no portion of this document can be released without disclosing classified information cannot be fully described on the public record. As a result my ex parte. in camera classified declaration more fully explains why this document was withheld in full.
57. The information withheld in N 0 Document 4 also relates to a “function of the National Security Agency” 50 U.S.C. § 3605. Indeed. this information relates to one of NSA’s primary functions, its SIGINT mission. Any disclosure of the withheld information would reveal NSA ·s capabilities and the tradecraft used to carry out this vital mission. Further. revealing these details would disclose “information with respect to lNSA ‘s] activities” in furtherance of its SIGINT mission. 50 U .. C. § 3605. Therefore. the information withheld is also protected from release by statute and is exempt from release based on FOIA Exemption 3. 5 U.S.C. § 552(b)(3).
The government asserted secrecy over the title of an already (and officially) released document in a recent EFF challenge, so this would not be the first time the government claimed the title of an already released document was secret to prevent nasty civil liberties groups from confirming that a FOIAed document was the same as a previously known one.
In NSD’s declaration, Bradley Weigmann indicated that “the vast majority” of the document pertained to attorney-client privilege.
NSD Document 17, the vast majority of a certain memorandum in NSD Document 4, and an email message in NSD Document 31 are protected by the attorney-client privilege. These documents discuss legal issues pertaining to an NSA program, set forth legal advice prepared by NSD lawyers for other attorneys to assist those other attorneys in representing the Government, and were sought by a decision-maker for the Government to obtain legal advice on questions of law and indeed reflect such advice. As such, NSD Document 17, the vast majority of a certain memorandum in NSD Document 4, and an email message in NSD Document 31 are protected from disclosure under the attorney-client privilege.
More interestingly, by referring to “an NSA program” it seemed to tie this document with this 2003 OIPR memo.
And this November 12, 2013 email (written during a period in the aftermath of the Snowden releases as the government was trying to decide how to respond to various FOIAs as well as Yahoo’s request to unseal its challenge, not to mention after ACLU submitted this FOIA, which was actually submitted before the first Snowden leaks).
Note, NSD won’t tell us what date in 2003 someone at OIPR (already headed by James Baker, one of the few people briefed on Stellar Wind) wrote about “an NSA program” that appears to be tied the chaining on US person metadata.
I have long believed one of the known but still as yet undescribed modifications to Stellar Wind (there is still at least one, though I believe there are two) enacted after the hospital confrontation in 2004 has to have been either at CIA or DOD, because it doesn’t appear in the unredacted NSA IG Report Snowden gave us. Here, we see CIA unsuccessfully asking for US person metadata at the time everyone was re-establishing Stellar Wind under more legal cover. Assuming NSA document 4 is this memo, the only thing the government is withholding that we haven’t seen yet is the CIA memo. I have a lot more suspicions about this program, too, that I still need to write up.
But I suspect they’re hiding these documents from us — and just as importantly, from the FISA Court — to prevent us from putting the various details of how US person metadata has been used over time. Or rather, to prevent us from laying out how the point of these foreign-targeted surveillance programs is to spy on Americans.
ACLU has already told the government they’re challenging the withholding of these documents.
There’s an interesting passage in the DOJ IG discussion of Jack Goldsmith’s efforts to rewrite the Stellar Wind OLC memos (PDF 456).
The first passage describes Jim Comey permitting a lower standard of review to apply for activities already in process.
In explaining the rationale for the revise opinion, Comey described to the OIG his view of two approaches or standards that could be used to undertake legal analysis of government action. If the government is contemplating taking a particular action, OLC’s legal analysis will be based on a “best view of the law” standard. However, if the government already is taking the action, the analysis should instead focus on whether reasonable legal arguments can be made to support the continuation of the conduct.137
137 Goldsmith emphasized to us that this second situation almost never presents itself, and that OLC rarely is asked to furnish legal advise on an ongoing program because the pressure “to say ‘yes’ to the President” invariably would result in applying a lower standard of review. Goldsmith stated that OLC’s involvement in Stellar Wind was “unprecedented” because OLC is always asked to review the facts and formulate its advice “up front.”
If it was unprecedented on March 1, 2004, it quickly became common.
After all, Goldsmith was asked to consider how the Geneva Convention applied to various types of detainees in Iraq, after the Administration had already been and continued to render people out of that occupied country. And he was also in the midst of a review of the torture program.
Indeed, Daniel Levin, who would go on to reconsider torture approvals until Cheney booted him out of the way to have Steven Bradbury rubberstamp things, would have been a part of those discussions.
So when, in fall 2004, he was asked to reconsider torture, that lower standard of review would have been in his mind.
You could even say that this standard of review gave CIA an incentive to start and continue torturing Janat Gul, on whom they pinned their need to resume torture, even after they accepted he was not, as a fabricator had claimed, planning election year plots in the US. So long as they tortured Gul, Levin would be permitted to apply a lower standard to that torture.
In any case, if this was unprecedented then, I suspect it’s not anymore. After all, by the time David Barron first considered the drone killing memo for Anwar al-Awlaki, the Administration had apparently already tried to kill him once. And the Libyan war had already started when OLC started reviewing it (though they made a heroic effort to rule it illegal, which is a testament to just how illegal it was).
With regards to the Stellar Wind OLC, the discussion of what Goldsmith found so problematic is mostly redacted. Which is why I’m interested in his opinion that “‘we can get there’ as to [redacted] albeit by using an aggressive legal analysis.” That says that one of the things his opinion would approve — either the content collection of one-end foreign communications or the dragnet collection of telephone metadata — involved “aggressive legal analysis” even to meet this lower standard.
It’d sure be nice to know which practice was considered so marginally legal.
In the interest of describing why CIA’s efforts to invent a reason to torture Janat Gul are so important, I wanted to do a very quick summary of what I understand CIA’s legal means of avoiding criminal prosecution was.
Torture began — certainly at surrogates overseas — long before anyone even thought of having OLC write memos for it. At that point, the legal cover for the torture would have been only the Presidential Finding signed September 17, 2001 (which said nothing explicit about torture; but then, it probably also said nothing about killing US citizens with drones though it did cover the use of killing high value Al Qaeda figures with drones).
I believe Ali Soufan’s complaints about the methods used at the Thai black site created a problem with that arrangement. When he — an FBI Agent — came away saying what they were doing was “borderline torture,” it created legal problems for the CIA, because an FBI Agent had witnesses a crime. I think Soufan’s reaction to the coffin-like box they intended to use with Abu Zubaydah caused particular problems.
All that came to a head in July 2002, when lawyers responding to “an issue that had come up” asked for a pre-declination memo from Chertoff, even while they were trying, among other things, to get approval to use “mock burial.” I don’t know that Criminal Chief Michael Chertoff was all that squeamish about torture, except with Soufan’s complaint about the coffin, it made mock burial (and with it, I suspect, mock execution) unsupportable by DOJ.
On July 13, 2002, three things happened. John Rizzo presented the torture techniques to people at DOJ. Having had that presentation, Chertoff refused to pre-decline to prosecute. So John Yoo wrote a fax that CTC would ultimately use in crafting the legal direction to torturers (and in recommending against prosecution in the future).
Three days later, David Addington appears to have told Yoo to include presidential immunity language in more public OLC memos. All the important work was being negotiated via back channels (remember, Jay Bybee was busy protecting Cheneys’ Energy Task Force from any oversight); the front channels involving Condi Rice were in a large part show.
But that led to the position where CIA was working off a two page fax that Yoo had freelanced to produce which provided absolutely no description of or limitation on techniques. But DOJ held CIA it to the August 1, 2002 memo.
Within short order, CIA was using techniques that had never been approved. Importantly, they hosed down Gul Rahman before he froze to death, not waterboarding, per se, but an additional technique not approved by DOJ.
When Inspector General John Helgerson started investigating in early 2003, DOJ told him he could develop the fact pattern to determine if any crimes had been committed. So CTC worked with Jennifer Koester and John Yoo to develop their own legal guidelines that not only would include some more of the torture techniques they had used but not approved, but also include a “shock the conscience” analysis. That’s what the IG used to assess whether any crimes had been committed, which is important, because he found that torture as executed did humiliate detainees (and therefore violated the Constitution), but could point to (invalid) legal analysis pre-approving this. (Remember, Dick Cheney got an early review of all this.)
The problem was, DOJ’s OLC refused to accept that document. In June 2003, Patrick Philbin refused. And in May 2004, Jack Goldsmith did again.
So it was not just that Goldsmith withdrew the Bybee Memos (though said CIA could use all the torture techniques except waterboarding while he worked on a replacement). It’s that DOJ refused to accept CIA’s own legal analysis as DOJ’s official opinion. CIA was more anxious about getting some document judging the torture didn’t violate the Constitution. That’s what (as I’ll show) CIA was demanding when they raised the case of Janat Gul to get the Principals to reauthorize the use of torture in July 2004.
Just on the case of Janat Gul — who was detained based off a fabricated claim of election year plotting — CIA got OLC’s Daniel Levin to authorize all the old techniques (including waterboarding) as well as the 4 that CIA had used but not approved. Significantly, that included water dousing, the “technique” that had contributed to Gul Rahman’s death.
But that left two other concerns: the constitutional problem, and the use of techniques in combination, which (among other things) had led to severe hallucinations in 2004. That’s what the 2005 memos were meant to do: use the torture Hassan Ghul and Janat Gul had survived in 2004 to provide a rubber stamp on both the combination issue and the Constitutional one, and provide it roughly in time to be able to use to torture Abu Faraj al-Libi (though the third 2005 memo actually got signed after al-Libi’s torture began).
Neither Hassan Ghul (who was very cooperative before torture) nor Janat Gul should have been tortured. The latter probably was largely just to have one tortured body, any body, on which to hang new OLC memos.
NPR’s Carrie Johnson reports that OLC head Virginia Seitz quietly left OLC before Christmas.
Virginia Seitz, who won Senate confirmation after an earlier candidate under president Obama foundered, resigned from federal service after two-and-a-half years on the job. The timing is unusual because her unit plays a critical role in drawing the legal boundaries of executive branch action —at a time when President Obama says he will do more to bypass a divided Congress and do more governing by way of executive order.
And while DOJ’s official line is that Seitz left entirely for personal reasons, two sources told Johnson the ongoing discussions about whether to drone kill another American were another factor.
Two other sources suggested that aside from the tough work, another issue weighed heavily on her mind over the last several months: the question of whether and when the US can target its own citizens overseas with a weaponized drone or missile attack. American officials are considering such a strike against at least one citizen linked to al Qaeda, the sources said.
While a “law enforcement” source (but wait! the entire point of drone assassinations is they replace law enforcement with intelligence entirely!) suggests the decision has not yet been made.
A law enforcement source told NPR the controversy over the use of drones against Americans in foreign lands did not play a major role in Seitz’s decision to leave government, since the OLC is continuing to do legal analysis on the issue and there was no firm conclusion to which she may have objected or disagreed.
Which is sort of funny, because Kimberly Dozier’s report on the American in question says DOD, at least, has made its decision.
But one U.S. official said the Defense Department was divided over whether the man is dangerous enough to merit the potential domestic fallout of killing an American without charging him with a crime or trying him, and the potential international fallout of such an operation in a country that has been resistant to U.S. action.
Another of the U.S. officials said the Pentagon did ultimately decide to recommend lethal action.
And remember, as I’ve pointed out, this potential drone execution target is differently situated from Anwar al-Awlaki, in that there appears to be no claim this one is targeting civilians in the US.
But let’s take a step back and consider some other interesting details of timing.
First, on November 29 of last year, Ron Wyden, Mark Udall, and Martin Heinrich released a letter they sent to Eric Holder asking for more clarity on when the President could kill an American.
[W]e have concluded that the limits and boundaries of the President’s power to authorize the deliberate killing of Americans need to be laid out with much greater specificity. It is extremely important for both Congress and the public to have a fully understanding of what the executive branch thinks the President’s authorities are, so that lawmakers and the American people can decide whether these authorities are subject to adequate limits and safeguards.
Retrospectively, it seems this letter may have pertained to this new execution target, particularly given the different circumstances regarding his alleged attacks against the US. I might even imagine this serving as a public demand that DOJ not simply rely on the existing Awlaki drone assassination memo, creating the need to do a new one.
Now consider how (currently acting OLC head) Caroline Krass’ confirmation hearing plays in. On December 17, Wyden asked her who had the authority to withdraw an OLC opinion (the opinion in question pertains to common commercial services in some way related to cybersecurity, but I find it interesting in retrospect).
Wyden: But I want to make sure nobody else ever relies on that particular opinion and I’m concerned that a different attorney could take a different view and argue that the opinion is still legally valid because it’s not been withdrawn. Now, we have tried to get Attorney General Holder to withdraw it, and I’m trying to figure out — he has not answered our letters — who at the Justice Department has the authority to withdraw the opinion. Do you currently have the authority to withdraw the opinion?
Krass: No I do not currently have that authority.
Wyden: Okay. Who does, at the Justice Department?
Krass: Well, for an OLC opinion to be withdrawn, on OLC’s own initiative or on the initiative of the Attorney General would be extremely unusual.
She said she did not “currently have that authority.” Was she about to get that authority in days or hours?
Then finally there are the implications for Krass’ confirmation. The leaks about this current drone execution target almost certainly came from Mike Rogers’ immediate vicinity. He’s torqued because Obama’s efforts to impose some limits on the drone war have allegedly made it more difficult to execute this American with no due process.
And while Rogers doesn’t get a vote over Krass’ confirmation to be CIA General Counsel, Dianne Feinstein and Saxby Chambliss do. And their efforts to keep CIA in the drone business may well have an impact on — and may have been motivated by — our ability to assassinate Americans.
I don’t recall Krass getting questions that directly addressed drone killing, though she did get some that hinted at the edges of such questions, such as this one:
Are there circumstances in which a use of force, or other action, by the U.S. government that would be unlawful if carried out overtly is lawful when carried out covertly? Please explain.
ANSWER: As a matter of domestic law, I cannot think of any circumstances in which a use of force or other action by the U.S. government that would be unlawful if carried out overtly would be lawful when carried out covertly, but I have not studied this question.
This seems to be a question she would have had to consider if she had any involvement in OLC’s consideration of a new drone execution memo.
All that said, she hasn’t yet gotten her vote (though any delay may arise from holds relating to the Senate Torture Report).
It just seems likely that — as we did in May 2005 when Steven Bradbury reapproved torture in anticipation of a promotion to head OLC — we’re faced yet again with a lawyer waiting for a promotion being asked to give legal sanction to legally suspect activity. My impression is that Krass has far more integrity than Bradbury (remember, she’s the one who originally imposed limits on the Libya campaign), so I’m only raising this because of the circumstances, not any reason to doubt her character.
It just seems like if you need lawyers to rubber stamp legally suspect activities, there ought to be more transparency about what promotions and resignations are going on.
In December, I wrote a post noting that NSA personnel performing analysis on PATRIOT-authorized metadata (both phone or Internet) can choose to contact chain on just that US-collected data, or — in what’s call a “federated query” — on foreign collected data, collected under Executive Order 12333, as well. It also appears (though I’m less certain of this) that analysts can do contact chains that mix phone and Internet data, which presumably is made easier by the rise of smart phones.
Section 215 is just a small part of the dragnet
This is one reason I keep complaining that journalists reporting the claim that NSA only collects 20-30% of US phone data need to specify they’re talking about just Section 215 collection. Because we know, in part because Richard Clarke said this explicitly at a Senate Judiciary Committee hearing last month, that Section “215 produces a small percentage of the overall data that’s collected.” At the very least, the EO 12333 data will include the domestic end of any foreign-to-domestic calls it collects, whether made via land line or cell. And that doesn’t account for any metadata acquired from GCHQ, which might include far more US person data.
The Section 215 phone dragnet is just a small part of a larger largely-integrated global dragnet, and even the records of US person calls and emails in that dragnet may derive from multiple different authorities, in addition to the PATRIOT Act ones.
SPCMA provided NSA a second way to contact chain on US person identifiers
With that background, I want to look at one part of that dragnet: “SPCMA,” which stands for “Special Procedures Governing Communications Metadata Analysis,” and which (the screen capture above shows) is one way to access the dragnet of US-collected (“1st person”) data. SPCMA provides a way for NSA to include US person data in its analysis of foreign-collected intelligence.
According to what is currently in the public record, SPCMA dates to Ken Wainstein and Steven Bradbury’s efforts in 2007 to end some limits on NSA’s non-PATRIOT authority metadata analysis involving US persons. (They don’t call it SPCMA, but the name of their special procedures match the name used in later years; the word, “governing,” is for some reason not included in the acronym)
Wainstein and Bradbury were effectively adding a second way to contact chain on US person data.
They were proposing this change 3 years after Collen Kollar-Kotelly permitted the collection and analysis of domestic Internet metadata and 1 year after Malcolm Howard permitted the collection and analysis of domestic phone metadata under PATRIOT authorities, both with some restrictions, By that point, the NSA’s FISC-authorized Internet metadata program had already violated — indeed, was still in violation — of Kollar-Kotelly’s category restrictions on Internet metadata collection; in fact, the program never came into compliance until it was restarted in 2010.
By treating data as already-collected, SPCMA got around legal problems with Internet metadata
Against that background, Wainstein and Bradbury requested newly confirmed Attorney General Michael Mukasey to approve a change in how NSA treated metadata collected under a range of other authorities (Defense Secretary Bob Gates had already approved the change). They argued the change would serve to make available foreign intelligence information that had been unavailable because of what they described as an “over-identification” of US persons in the data set.
NSA’s present practice is to “stop” when a chain hits a telephone number or address believed to be used by a United States person. NSA believes that it is over-identifying numbers and addresses that belong to United States persons and that modifying its practice to chain through all telephone numbers and addresses, including those reasonably believed to be used by a United States person, will yield valuable foreign intelligence information primarily concerning non-United States persons outside the United States. It is not clear, however, whether NSA’s current procedures permit chaining through a United States telephone number, IP address or e-mail address.
They also argued making the change would pave the way for sharing more metadata analysis with CIA and other parts of DOD.
The proposal appears to have aimed to do two things. First, to permit the same kind of contact chaining — including US person data — authorized under the phone and Internet dragnets, but using data collected under other authorities (in 2007, Wainstein and Bradbury said some of the data would be collected under traditional FISA). But also to do so without the dissemination restrictions imposed by FISC on those PATRIOT-authorized dragnets.
In addition (whether this was one of the goals or not), SPCMA defined metadata in a way that almost certainly permitted contact chaining on metadata not permitted under Kollar-Kotelly’s order.
“Metadata” also means (1) information about the Internet-protocol (IP) address of the computer from which an e-mail or other electronic communication was sent and, depending on the circumstances, the IP address of routers and servers on the Internet that have handled the communication during transmission; (2) the exchange of an IP address and e-mail address that occurs when a user logs into a web-based e-mail service; and (3) for certain logins to web-based e-mail accounts, inbox metadata that is transmitted to the user upon accessing the account.
Some of this information — such as the web-based email exchange — almost certainly would have been excluded from Kollar-Kotelly’s permitted categories because it would constitute content, not metadata, to the telecoms collecting it under PATRIOT Authorities.
Wainstein and Bradbury appear to have gotten around that legal problem — which was almost certainly the legal problem behind the 2004 hospital confrontation — by just assuming the data was already collected, giving it a sort of legal virgin birth.
Doing so allowed them to distinguish this data from Pen Register data (ironically, precisely the authority Kollar-Kotelly relied on to authorize PATRIOT-authorized Internet metadata collection) because it was no longer in motion.
First, for the purpose of these provisions, “pen register” is defined as “a device or process which records or decodes dialing, routing, addressing or signaling information.” 18 U.S.C. § 3127(3); 50 U.S.C. § 1841 (2). When NSA will conduct the analysis it proposes, however, the dialing and other information will have been already recorded and decoded. Second, a “trap and trace device” is defined as “a device or process which captures the incoming electronic or other impulses which identify the originating number or other dialing, routing, addressing and signaling information.” 18 U.S.C. § 3127(4); 50 U.S.C. § 1841(2). Again, those impulses will already have been captured at the point that NSA conducts chaining. Thus, NSA’s communications metadata analysis falls outside the coverage of these provisions.
And it allowed them to distinguish it from “electronic surveillance.”
The fourth definition of electronic surveillance involves “the acquisition by an electronic, mechanical, or other surveillance device of the contents of any wire communication …. ” 50 U.S.C. § 1802(f)(2). “Wire communication” is, in turn, defined as “any communication while it is being carried by a wire, cable, or other like com1ection furnished or operated by any person engaged as a common carrier …. ” !d. § 1801 (1). The data that the NSA wishes to analyze already resides in its databases. The proposed analysis thus does not involve the acquisition of a communication “while it is being carried” by a connection furnished or operated by a common carrier.
This legal argument, it seems, provided them a way to carve out metadata analysis under DOD’s secret rules on electronic surveillance, distinguishing the treatment of this data from “interception” and “selection.”
For purposes of Procedure 5 of DoD Regulation 5240.1-R and the Classified Annex thereto, contact chaining and other metadata analysis don’t qualify as the “interception” or “selection” of communications, nor do they qualify as “us[ing] a selection term,” including using a selection term “intended to intercept a communication on the basis of … [some] aspect of the content of the communication.”
This approach reversed an earlier interpretation made by then Counsel of DOJ’s Office of Intelligence and Policy Review James A Baker.
Baker may play an interesting role in the timing of SPCMA. He had just left in 2007 when Bradbury and Wainstein proposed the change. After a stint in academics, Baker served as Verizon’s Assistant General Counsel for National Security (!) until 2009, when he returned to DOJ as an Associate Deputy Attorney General. Baker, incidentally, got named FBI General Counsel last month.
NSA implemented SPCMA as a pilot in 2009 and more broadly in 2011
It wasn’t until 2009, amid NSA’s long investigation into NSA’s phone and Internet dragnet violations that NSA first started rolling out this new contact chaining approach. I’ve noted that the rollout of this new contact-chaining approach occurred in that time frame.
Comparing the name …
SIGINT Management Directive 424 (“SIGINT Development-Communications Metadata Analysis”) provides guidance on the NSA/ CSS implementation of the “Department of Defense Supplemental Procedures Governing Communications Metadata Analysis” (SPCMA), as approved by the U.S. Attorney General and the Secretary of Defense. [my emphasis]
And the description of the change …
Specifically, these new procedures permit contact chaining, and other analysis, from and through any selector, irrespective of nationality or location, in order to follow or discover valid foreign intelligence targets. (Formerly analysts were required to determine whether or not selectors were associated with US communicants.) [emphasis origina]
,,, Make it clear it is the same program.
NSA appears to have made a few changes in the interim. Continue reading
As I noted in my last post, seven Bush dead-enders plus KS Representative and House Intelligence member Mike Pompeo wrote a letter to … someone … pushing back against the RNC condemnation of the NSA dragnet. As I noted in that post, along with waggling their collective national security experience, the dead-enders used the same old stale tricks to deny that the dragnet surveils US person content.
The stale tricks, by now, are uninteresting. I find the list of the dead-enders (Eli Lake fleshed it out here) more so.
Here’s the list of the dead-enders:
Some of these we expect. Michael Hayden and Stewart Baker have been two of the main cheerleaders for NSA since the start of Snowden’s leaks, and Michael Chertoff’s firm (at which Hayden works) seems to be working under some kind of incentive to have as many of its top people defend the dragnet as well. Further, both Bradbury and Wainstein have testified to various entities along the way.
So in some senses, it’s the usual gang of dead-enders.
But I find the collection of Michael Mukasey, Bradbury, and Wainstein, to be particularly interesting.
After all, they’re the 3 names (and in Mukasey’s case, authorizing signature) on this memo, which on January 3, 2008 authorized NSA to contact chain Internet (and phone) “metadata” of Americans collected via a variety of means, including FISA, broadly defined, which would include Protect America Act, and EO 12333 and potentially other means — but let’s just assume it was collected legally, Bradbury and Wainstein say twice in the memo.
They implemented this change, in part, to make it easier to share “United States communications metadata” outside of the NSA, including with CIA, by name (though CIA made that request in 2004, before Hayden had moved over to CIA).
When implementing the change, they defined Internet “metadata” this way:
b) For electronic communications, “metadata” includes the information appearing on the “to,” “from,” “cc,” and “bcc” lines of a standard e-mail or other electronic communication. For e-mail communications, the “from” line contains the e-mail address of the sender, and the “to,” “cc,” and “bcc” lines contain the e-mail addresses of the recipients. “Metadata” also means (1) information about the Internet-protocol (IP) address of the computer from which an e-mail or other electronic communication was sent and, depending on the circumstances, the IP address of routers and servers on the Internet that have handled the communication during transmission; (2) the exchange of an IP address and e-mail address that occurs when a user logs into a web-based e-mail service; and (3) for certain logins to web-based e-mail accounts, inbox metadata that is transmitted to the user upon accessing the account. “Metadata” associated with electronic communications does not include information from the “subject” or “re” line of an e-mail or information from the body of an e-mail.
It includes IP (both sender and recipient, as well as interim), email address, inbox metadata which has reported to include content as well.
But let’s take a step back and remember some timing.
In 2004 DOJ tried to clean up NSA’s Internet metadata problem which legally implicated Michael Hayden directly (because he personally continued it after such time as DOJ said it was not legal). The solution was to get Colleen Kollar-Kotelly sign an opinion (dated July 14, 2004) approving the Internet collection as a Pen Register/Trap and Trace order. But she limited what categories of “metadata” could be collected, almost certainly to ensure the metadata in question was actually metadata to the telecoms collecting it.
Before the very first order expired — so before October 12, 2004 — the NSA already started breaking those rules. When they disclosed that violation, they provided some of the same excuses as when they disclosed the phone dragnet violations in 2009: that the people who knew the rules didn’t communicate them adequately to the people implementing the rules (see page 10ff of this order). As part of those disclosures, however, they falsely represented to the FISC that they had only collected the categories of “metadata” Kollar-Kotelly had approved.
The Court had specifically directed the government to explain whether this unauthorized collection involved the acquisition of information other than the approved Categories [redacted] Order at 7. In response, the Deputy Secretary of Defense [Paul Wolfowitz] stated that the “Director of NSA [Michael Hayden] has informed me that at no time did NSA collect any category of information … other than the [redacted] categories of meta data” approved in the [redacted] Opinion, but also note that NSA’s Inspector General [Joel Brenner] had not completed his assessment of this issue. [redacted] Decl. at 21.13 As discussed below, this assurance turned out to be untrue.
In my last post, I noted that in his report that Hassan Ghul served as a double agent before we offed him with a drone, Aram Roston stated, without confirming via sources, that Ghul is the person whose name was not entirely redacted on the bottom of page 7 in the May 2005 Convention Against Torture (CAT) torture memo. I noted that if Ghul is the detainee (and I do think he is, contrary to what sources told AP when the CIA was hunting Ghul down with drones in 2011), then we’re going to be hearing about him — and arguing about his treatment — quite a bit more in the coming weeks.
That’s because, according to information released by Mark Udall, the detainee named in the CAT memo is one of the detainees about whose treatment the CIA lied most egregiously to DOJ. This is apparently one of the key findings from the Senate Intelligence Committee Torture Report that CIA is fighting so hard to suppress.
Mark Udall’s list of torture lies
Back in August, Mark Udall posed a set of follow-up questions to then CIA and now DOD General Counsel Stephen Preston. Udall was trying to get Preston to endorse findings that appeared in the Torture Report that hadn’t appeared elsewhere (in his first set of responses about CIA’s lies to DOJ, Preston had focused on CIA’s lies about the number of waterboardings, which the CIA IG Report had first revealed). Udall noted that that lie (“discrepancy”) was known prior to the Torture Report, and asked Preston to review the “Representations” section of the Torture Report again to see whether he thought the lies (“discrepancies”) described there — and not described elsewhere — would have been material to OLC’s judgements on torture.
Udall gave Preston this list of OLC judgements that might have been different had CIA not lied to DOJ. (links added)
The 2002 memo is the original Abu Zubaydah memo, the lies in which (pertaining to who AZ was, what the torture consisted of, what had already been done to him, and whether it worked) I’ve explicated in depth elsewhere. The 2006 memo authorizes torture in the name of keeping order in confinement and the 2007 memo authorizes torture (especially sleep deprivation); both of these later memos not only rely on the 2005 memos, but on the false claims about efficacy CIA made in 2005 in their support. The lies in them pertain largely to the purpose CIA wanted to use the techniques for.
Which leaves the claims behind the 2004 letters and the 2005 memos as the key lies CIA told DOJ that remain unexplored.
The 2004 and 2005 lies to reauthorize and expand torture
I’m going to save some of these details for a post on what I think the lies told to DOJ might be, but there are two pieces of evidence showing that the 2005 memos were written to retrospectively codify authorizations given in 2004, many of them in the 2004 letters cited by Udall.
We know the 2005 memos served to retroactively authorize the treatment given to what are described as two detainees in 2004, purportedly in the months after July 2004 (though this may be part of the lie, in Ghul’s case) when DOJ and CIA were trying to draw new lines on torture in the wake of the completion of the CIA IG Report and Jack Goldsmith’s withdrawal of the Bybee Memo.
We know the May 10 Combined Memo was retroactive because Jim Comey made that clear in emails raising alarm about it.
I just finished a long call from Ted Ullyot. He said he was calling to tell me that “circumstances” were likely to require that the second opinion “be sent over tomorrow.” He said Pat had shared my concerns, which he understood to be concerns about the prospective nature of the opinion and its focus on “prototypical” interrogation.
He mentioned at one point that OLC didn’t feel like it could accede to my request to make the opinion focused on one person because they don’t give retrospective advice. I said I understood that, but that the treatment of that person had been the subject of oral advice, which OLC would simply be confirming in writing, something they do quite often.
This memo probably, though not definitely, refers to a detainee captured in August 2004 in anticipation of what the Administration claimed (almost certainly falsely) were election-related plots in the US.
And we know the May 10 Techniques and May 30 CAT memos are retroactive because we can trace back the citations about the treatment of one detainee, the detainee who appears to be Ghul, to the earlier letters from 2004.
Just as an example, the August 26 letter cited in Udall’s list relies on the August 25 CIA letter that is also cited in the CAT Memo using the name Gul (the July 22 and August 6 letters are also references, at least in part, to the same detainee).
So we know the 2005 memos served to codify the authorizations for torture that had happened in 2004, during a volatile time for the torture program.
The description of Hassan Ghul in the lying memo
There are still some very funky things about these memos’ tie to Hassan Ghul (again, that’s going to be in a later post), notably that Bush figures referred to the Ghul of the August letters as Janat Gul, including in a Principals meeting discussing his torture on July 2, 2004; sources told the AP after OBL’s killing that this Janat was different than Hassan and different than the very skinny Janat Gul who had been a Gitmo detainee.
But this description — the timing of the initial references and the description of his mission to reestablish contact with Abu Musab al-Zarqawi — should allay any doubts that Ghul is one of two detainees referenced in the CAT memo.
Intelligence indicated that prior to his capture, [redacted] “perform[ed] critical facilitation and finance activities for al-Qa’ida,” including “transporting people, funds, and documents.” Fax for Jack Goldsmith, III, Assistant Attorney General, Office of Legal Counsel, from [redacted] Assistant General Counsel, Central Intelligence Agency (March 12, 2004). The CIA also suspected [redacted] played an active part in planning attacks against United States forces [redacted] had extensive contacts with key members of al Qaeda, including, prior to their captures, Khalid Sheikh Mohammed (“KSM”) and Abu Zubaydah. See id. [redacted] was captured while on a mission from [redacted] to reestablish contact with al-Zarqawi. See CIA Directorate of Intelligence, US Efforts Grinding Down al-Qa’ida 2 (Feb 21, 2004).
Ghul was captured by Kurds around January 23, 2004, carrying a letter from Zarqawi to Osama bin Laden.
So while there are a lot of details that the Senate Torture Report presumably sorts out in detail, it seems fairly clear that Ghul is the subject of some of the documents in question, and that, therefore, there are aspects of the treatment he endured at CIA’s hands that CIA felt the need to lie to DOJ about.
We’ve known for years that CIA lied to DOJ about what they had done and planned to do with Abu Zubaydah. But a great deal of evidence suggests that CIA lied to DOJ about what they did to Hassan Ghul, a detainee (the Senate Report also shows) who provided the key clue to finding Osama bin Laden before he was tortured.
If that’s the case, then I find the release of a story that, after that treatment, he turned double agent either directly or indirectly in our service to be awfully curious timing given the increasing chance we’re about to learn more about these lies and this treatment with any release of the Torture Report.
In addition, in those cases where NSA seeks to acquire communications about the target that are not to or from the target, SNA will either employ an Internet Protocol filter to ensure that the person from whom it seeks to obtain foreign intelligence information is located overseas, or it will target Internet links that terminate in a foreign country. In either event, NSA will direct surveillance at a party to the communication reasonably believed to be outside the United States.
Savage explained that it refers to the way the US snoops through almost all cross-border traffic for certain keywords.
To conduct the surveillance, the N.S.A. is temporarily copying and then sifting through the contents of what is apparently most e-mails and other text-based communications that cross the border. The senior intelligence official, who, like other former and current government officials, spoke on condition of anonymity because of the sensitivity of the topic, said the N.S.A. makes a “clone of selected communication links” to gather the communications, but declined to specify details, like the volume of the data that passes through them.
The official said that a computer searches the data for the identifying keywords or other “selectors” and stores those that match so that human analysts could later examine them. The remaining communications, the official said, are deleted; the entire process takes “a small number of seconds,” and the system has no ability to perform “retrospective searching.”
The official said the keyword and other terms were “very precise” to minimize the number of innocent American communications that were flagged by the program. At the same time, the official acknowledged that there had been times when changes by telecommunications providers or in the technology had led to inadvertent overcollection. The N.S.A. monitors for these problems, fixes them and reports such incidents to its overseers in the government, the official said.
In his post on Savage’s story (which I think misreads what Savage describes), Ben Wittes focused closely on the last paragraphs of the story.
But that leaves a big oddity with respect to the story. The end of Savage’s story reads as follows:
There has been no public disclosure of any ruling by the Foreign Intelligence Surveillance Court explaining its legal analysis of the 2008 FISA law and the Fourth Amendment as allowing “about the target” searches of Americans’ cross-border communications. But in 2009, the Justice Department’s Office of Legal Counsel signed off on a similar process for searching federal employees’ communications without a warrant to make sure none contain malicious computer code.
That opinion, by Steven G. Bradbury, who led the office in the Bush administration, may echo the still-secret legal analysis. He wrote that because that system, called EINSTEIN 2.0, scanned communications traffic “only for particular malicious computer code” and there was no authorization to acquire the content for unrelated purposes, it “imposes, at worst, a minimal burden upon legitimate privacy rights.”
The Bradbury opinion was echoed by a later Obama-era opinion by David Barron, and Bradbury later wrote an article about the issue. But here’s the thing: If my read is right and the rule Savage cites permits only acquisition of communications “about” potential targets only from folks reasonably believed themselves to be overseas, these opinions are of questionable relevance. Indeed, if my reading is correct, why is there a Fourth Amendment issue here at all? The Fourth Amendment, after all, does not generally have extraterritorial application. This may be a reason to suspect that the issue is more complicated than I’m suggesting here. It may also merely suggest that someone cited to Savage a memo that is of questionable relevance to the issue at hand.
In his letter to John Brennan in January asking for a slew of things, Ron Wyden mentioned two opinions that may be the still-secret legal analysis mentioned by Savage.
Third, over two years ago, Senator Feingold and I wrote to the Attorney General regarding two classified opinions from the Justice Department’s Office of Legal Counsel, including an opinion that interprets common commercial service agreements. We asked the Attorney General to declassify both of these opinions, and to revoke the opinion pertaining to commercial service agreements. Last summer, I repeated the request, and noted that the opinion regarding commercial service agreements has direct relevance to ongoing congressional debates regarding cybersecurity legislation. The Justice Department still has not responded to these letters.
The opinions would have to pre-date January 14, 2011, because Feingold and Wyden requested the opinions before that date.
The reason I think the service agreements one may be relevant is because the opinions Ben cites focus on whether government users have given consent for EINSTEIN surveillance; in his article on it Bradbury focuses on whether the government could accomplish something similar with critical infrastructure networks.
Remember, we do know of one OLC memo — dated January 8, 2010 — that pertains to the government obtaining international communications willingly from service providers. We learned about it in the context of the Exigent Letters IG Report, which first led observers to believe it pertained to phone records.
(f) Nothing contained in this chapter or chapter 121 or 206 of this title, or section 705 of the Communications Act of 1934, shall be deemed to affect the acquisition by the United States Government of foreign intelligence information from international or foreign communications, or foreign intelligence activities conducted in accordance with otherwise applicable Federal law involving a foreign electronic communications system, utilizing a means other than electronic surveillance as defined in section 101 of the Foreign Intelligence Surveillance Act of 1978, and procedures in this chapter or chapter 121 and the Foreign Intelligence Surveillance Act of 1978 shall be the exclusive means by which electronic surveillance, as defined in section 101 of such Act, and the interception of domestic wire, oral, and electronic communications may be conducted.
Savage’s reference to the Bradbury opinion suggests all this happens at the packet stage, which may be one (arguably indefensible) way around the electronic communications dodge.
The FBI had not relied on the opinion as of 2010, when we first learned about it. But we also know that since then, the government stopped collecting Internet metadata using a Pen Regsiter/Trap and Trace order.
We know that Feingold and Wyden, with Dick Durbin, asked for a copy of the opinion themselves shortly after the IG Report revealed it. It’s possible that the former two asked for it to be declassified.
This is, frankly, all a wildarsed guess. But Wyden certainly thinks there are two problematic OLC memos out there pertaining to cybersecurity. And Savage seems to think this process parallels the means the government is using for cybersecurity. So it may be these are the opinions.
As you may have seen from the reporting or my live-tweeting of yesterday’s Privacy and Civil Liberties Oversight Board hearing on the government’s surveillance program, there were a few interesting bits of news, starting with former FISC judge James Robertson’s assertion that what FISC has done since it started approving bulk collection amounts to “approval” not “adjudication” and puts the court in an inappropriate policy making role. Robertson also said FISC needs an adversarial role it doesn’t currently have. Robertson also raised the possibility Section 215 could be used to create a gun registry not otherwise authorized by law, a point ignored by the former government officials on his panel.
I also thought James Baker’s testimony was interesting. In his prepared statements, Baker seemed to suggest the entire hearing was a wasted exercise, because the program had plenty of oversight. (Remember, Baker was in a key role at DOJ working with FISC through 2007, and got stuck trying to keep intelligence gathered under the illegal program out of traditional FISA applications.) But just before the end of the hearing Baker said before all the bulk collection, FISA worked. He repeated it, FISA worked. Baker may have come to accept these bulk programs, but he sure seemed to think they weren’t necessary.
But the most telling part of the hearing, in my opinion, is the presence of Steven Bradbury and Ken Wainstein on the panel.
There were plenty of other former government officials on the panels, representing all branches. But these two were in far more central positions in the roll out of both the legal and illegal programs. One of the key documents released by the Guardian, showing Wainstein and Bradbury recommending that newly confirmed Attorney General Michael Mukasey resume the contact chaining of Internet metadata, shows them expanding one of the most legally questionable aspects of this surveillance.
The ground rules of the hearing made it worse. The hearing followed the inane rules the Obama Administration adopts in the face of large leaks, pretending these public documents aren’t public. The Chair of PCLOB, David Medine, said no one could confirm anything that hadn’t already been declassified by the government.
Which not only put that document outside the scope of the discussion. But meant neither Bradbury nor Wainstein disclosed this clear conflict.
At one point in the hearing, the moderator even suggested that every time ACLU’s Jameel Jaffer said something, either Bradbury or Wainstein should have an opportunity to rebut what Jaffer said.
Yes, there were a number of interesting revelations at the hearing, along with the typical inanity from Wainstein and, especially, Bradbury. But it was set up with all the conflicts of a Presidential Commission meant to dispel controversy, not a real champion for privacy or civil liberties.
And its treatment of these two former government shills is just representative of that.
At the core of the expanding dragnet approved in secret by the FISA Court, Eric Lichtblau explained, is the application of “special needs” to “track” terrorists.
In one of the court’s most important decisions, the judges have expanded the use in terrorism cases of a legal principle known as the “special needs” doctrine and carved out an exception to the Fourth Amendment’s requirement of a warrant for searches and seizures, the officials said.
The special needs doctrine was originally established in 1989 by the Supreme Court in a ruling allowing the drug testing of railway workers, finding that a minimal intrusion on privacy was justified by the government’s need to combat an overriding public danger. Applying that concept more broadly, the FISA judges have ruled that the N.S.A.’s collection and examination of Americans’ communications data to track possible terrorists does not run afoul of the Fourth Amendment, the officials said.
That legal interpretation is significant, several outside legal experts said, because it uses a relatively narrow area of the law — used to justify airport screenings, for instance, or drunken-driving checkpoints — and applies it much more broadly, in secret, to the wholesale collection of communications in pursuit of terrorism suspects. “It seems like a legal stretch,” William C. Banks, a national security law expert at Syracuse University, said in response to a description of the decision. [my emphasis]
That’s actually not entirely secret. We see the beginnings of the process in the 2002 In Re Sealed Case decision by the FISC Court of Review, which thwarted FISA Court Chief Judge Royce Lamberth’s attempt to limit how much FISA information got shared for criminal prosecutions. In approving the “significant purpose” language passed in the PATRIOT Act which made it far easier for the government to use FISA information to justify criminal investigations, the decision pointed to the post-9/11 threat of terrorism to justify FISA as a special needs program (though as I lay out in this post, they also pointed to the judicial review and specificity of FISA to deem it constitutional, which should have presented problems for the dragnet programs that followed).
FISA’s general programmatic purpose, to protect the nation against terrorists and espionage threats directed by foreign powers, has from its outset been distinguishable from “ordinary crime control.” After the events of September 11, 2001, though, it is hard to imagine greater emergencies facing Americans than those experienced on that date.
We acknowledge, however, that the constitutional question presented by this case–whether Congress’s disapproval of the primary purpose test is consistent with the Fourth Amendment–has no definitive jurisprudential answer. The Supreme Court’s special needs cases involve random stops (seizures) not electronic searches. In one sense, they can be thought of as a greater encroachment into personal privacy because they are not based on any particular suspicion. On the other hand, wiretapping is a good deal more intrusive than an automobile stop accompanied by questioning.
Although the Court in City of Indianapolis cautioned that the threat to society is not dispositive in determining whether a search or seizure is reasonable, it certainly remains a crucial factor. Our case may well involve the most serious threat our country faces. Even without taking into account the President’s inherent constitutional authority to conduct warrantless foreign intelligence surveillance, we think the procedures and government showings required under FISA, if they do not meet the minimum Fourth Amendment warrant standards, certainly come close. We, therefore, believe firmly, applying the balancing test drawn from Keith, that FISA as amended is constitutional because the surveillances it authorizes are reasonable. [my emphasis]
Even in one of the only two FISA opinions (this from the Court of Review) that we’ve seen, then, the courts used the urgent threat of terrorism post-9/11 to justify searches that they found to be very close constitutional questions.
Terrorism was “the most serious threat” our country faces, the argument went, so this seeming violation of the Fourth Amendment was nevertheless reasonable.
Or at least close, a per curium panel including longtime FISA foe Laurence Silberman argued.
And in fact, this argument has always been built into the larger dragnet programs. Jack Goldsmith’s 2004 memo on the illegal program describes how it is premised on intelligence — gathered largely from interrogations of al Qaeda operatives — showing al Qaeda wants to attack in the United States.
As explained in more detail below, since the inception of [the program] intelligence from various sources (particularly from interrogations of detained al Qaeda operatives) has provided a continuing flow of information indicating that al Qaeda has had, and continues to have, multiple redundant plans for executing further attacks within the United States. Continue reading