At the end of September, I Con the Record released a bunch of documents relating to 2014’s Section 702 certification process including the August 26, 2014 Thomas Hogan opinion that, among other things, authorized an expansion of FBI’s minimization procedures.
The memo reflects a 2013 change to FBI minimization procedures (it was first approved on September 20, 2012) that permits it to disseminate information that,
is evidence of a crime and that it reasonably believes may assist in the mitigation or prevention of computer intrusions or attacks to private entities or individuals that have been or are at risk of being victimized by such intrusions or attacks, or to private entities or individuals … capable of providing assistance in mitigating or preventing such intrusions or attacks. Wherever reasonably practicable, such disseminations should not include United States person identifying information unless the FBI reasonably believes it is necessary to enable the recipient to assist in the mitigation or prevention of computer intrusion or attacks. (18)
This order expands that dissemination permission to include “dissemination of Section 702 information to someone in the private sector in order to mitigate other forms of serious harm, such as ‘a plot to destroy a building or monument.” The change “enables the FBI to disseminate information to private parties in less extreme cases.” Update: Since this language appears to exist only in the FBI minimization procedures, it should refer only to PRISM data, not upstream data, since FBI doesn’t get the latter in unminimized form, unless that has changed in some way that is not obvious in the minimization procedures.
Finally, Hogan approved a change to the FBI minimization procedures that permitted dissemination of 702-collected information to the National Center for Missing and Exploited Children if it is “evidence of a crime related to child exploitation material, including child pornography,” or for the purpose of obtaining technical assistance (the NCMEC keeps databases of images of child porn to track when new images are released).
While these are all generally included in the serious bodily harm provision of Section 702 — to say nothing of NSA’s broad inclusion of “property” in “bodily harm” — they show three clear expansions of the use of Section 702 for criminal investigations in recent years (and the computer intrusion language impacts my questions about how CISA interacts with Section 702).
Not only are those expansions worth noting in their own right, but they’re also worth considering in light of Bob Litt’s disclosure on February 4, 2015 (that is, chronologically after this change, but before this change got publicly released) of the crimes that FBI may use Section 702 information to prosecute.
And so today I want to say that in fact the list of crimes other than national security crimes for which we can use Section 702 information about U.S. persons is crimes involving death, kidnapping, substantial bodily harm, conduct that is a specified offense against a minor as defined in a particular statute, incapacitation or destruction of critical infrastructure, cyber security, transnational crimes, or human trafficking.
Litt’s list seems broader than, though clearly related to, the items approved in the unredacted parts of the FBI minimization procedures, though the language from the minimization procedures seems to explain what “incapacitation” of critical infrastructure is. As always, remember that “transnational crime” is a politicized subsection of mob crimes that never includes the crimes implicating our nations mob-banksters.
And keep in mind. This language would have been operative in the weeks leading up to the Sony hack. And yet the ability to share such intelligence with Sony did not prevent the hack.
In any case, I’m going to do a series of posts on the Snooper’s Charter released yesterday in the UK, and I wanted to clarify precisely what the available uses of Section 702 to investigate crimes are.