CryptoWars, the Obfuscation

/in , , /by

The US Courts released its semiannual Wiretap Report the other day, which reported that very few of the attempted wiretaps last year were encrypted, with even fewer thwarting law enforcement.

The number of state wiretaps in which encryption was encountered decreased from 41 in 2013 to 22 in 2014. In two of these wiretaps, officials were unable to decipher the plain text of the messages. Three federal wiretaps were reported as being encrypted in 2014, of which two could not be decrypted. Encryption was also reported for five federal wiretaps that were conducted during previous years, but reported to the AO for the first time in 2014. Officials were able to decipher the plain text of the communications in four of the five intercepts.

Motherboard has taken this data and concluded it means the Feds have been overstating their claim they’re “going dark.”

[N]ew numbers released by the US government seem to contradict this doomsday scenario.

[snip]

“They’re blowing it out of proportion,” Hanni Fahkoury, an attorney at the digital rights group Electronic Frontier Foundation (EFF), told Motherboard. “[Encryption] was only a problem in five cases of the more than 3,500 wiretaps they had up. Second, the presence of encryption was down by almost 50 percent from the previous year.

“So this is on a downward trend, not upward,” he wrote in an email.

Much as I’d like to, I’m not sure I agree with Motherboard’s (or Hanni Fahkoury’s) conclusion.

Here’s what the data show since 2012, which was the first year jurisdictions reported being unable to break encryption (2012; 2013):

Screen Shot 2015-07-02 at 11.07.09 AM

You’ll see lots of parenthetical entries and NRs. That’s because this data is not being reported systematically. Parenthetical references are to encrypted feeds not reported until years after they get set, and usually those have been decrypted by the time they’re reported. NRs show that we have not getting these numbers, if they exist, from federal law enforcement (and the numbers can’t be zero, as reported here, because FBI has been taking down targets like Silk Road). The reporting on this ought to raise real questions about the quality of the data being reported and perhaps might spark some interest in mandating better reporting of this data so it can be tracked. But it also suggests that — at a time when law enforcement are just beginning to find encryption they can’t break (immediately) — there’s a lot of noise in the data. Does 2013’s 2% of encrypted targets and half-percent that couldn’t be broken represent a big problem? It depends on who the target is — a point I’ll come back to.

Congress will soon have that opportunity (but won’t avail themselves of it).

Even as US Courts were reporting still very low levels of encryption challenges faced by law enforcement, both the Senate Judiciary Committee and the Senate Intelligence Committee announced hearings next Wednesday where Jim Comey will have yet another opportunity to try to present a compelling argument that he should have back doors into our communication. SJC even saw fit to invite witnesses with opposing viewpoints, which the “intelligence” committee saw no need to do.

In an apparent attempt to regain some credibility before these hearings (Jim Comey is nothing if not superb at working the media), Comey went to Ben Wittes to suggest his claimed concern with increasing use of encryption has to do with ISIS’ increasing use of encryption. Ben quotes from Comey’s earlier comments to CNN then riffs on that in light of what Comey just told him in a conversation.

“Our job is to find needles in a nationwide haystack, needles that are increasingly invisible to us because of end-to-end encryption,” Comey said. “This is the ‘going dark’ problem in high definition.”

Comey said ISIS is increasingly communicating with Americans via mobile apps that are difficult for the FBI to decrypt. He also explained that he had to balance the desire to intercept the communication with broader privacy concerns.

“It is a really, really hard problem, but the collision that’s going on between important privacy concerns and public safety is significant enough that we have to figure out a way to solve it,” Comey said.

Let’s unpack this.

As has been widely reported, the FBI has been busy recently dealing with ISIS threats. There have been a bunch of arrests, both because ISIS has gotten extremely good at the inducing self-radicalization in disaffected souls worldwide using Twitter and because of the convergence of Ramadan and the run-up to the July 4 holiday.

As has also been widely reported, the FBI is concerned about the effect of end-to-end encryption on its ability to conduct counterterrorism operations and other law enforcement functions. The concern is two-fold: It’s about data at rest on devices, data that is now being encrypted in a fashion that can’t easily be cracked when those devices are lawfully seized. And it’s also about data in transit between devices, data encrypted such that when captured with a lawful court-ordered wiretap, the signal intercepted is undecipherable.

[snip]

What was not clear to me until today, however, was the extent to which the ISIS concerns and the “going dark” concerns have converged. In his Brookings speech, Comey did not focus on counterterrorism in the examples he gave of the going dark problem. In the remarks quoted by CNN, and in his conversation with me today, however, he made clear that the landscape is changing fast. Initial recruitment may take place on Twitter, but the promising ISIS candidate quickly gets moved onto messaging platforms that are encrypted end to end. As a practical matter, that means there are people in the United States whom authorities reasonably believe to be in contact with ISIS for whom surveillance is lawful and appropriate but for whom useful signals interception is not technically feasible.

Now, Ben incorrectly blurs the several roles of FBI here. FBI’s interception of ISIS communiques may be both intelligence and law enforcement. To the extent they’re the former — to the extent they’re conducted under FISA — they won’t show up in US Courts’ annual report.

But they probably should, if Comey is to have any credibility on this front.

Moreover, Ben simply states that “there are people in the United States whom authorities reasonably believe to be in contact with ISIS for whom surveillance is lawful and appropriate.” But there’s no evidence presented to support this. Indeed, most of the so-called ISIS prosecutions have shown 1) where probable cause existed, it largely existed in the clear, in Twitter conversations and other online postings and 2) there may not have been probable cause before FBI ginned it up.

It ought to raise real questions about whether Comey’s going dark problem is a law enforcement one — with FBI being unable to to access evidence on real criminals — or is an intelligence one — with FBI being unable to access First Amendment protected speech that nevertheless may be important for an understanding of the threat ISIS poses domestically. Again, the data is not there, one way or another, but given the law enforcement data, we ought to demand real numbers for intelligence intercepts. Another pertinent question is whether this encrypted data is easily accessible to NSA (ISIS recruiters are almost entirely going to be legitimate NSA targets located overseas), but not to FBI?

And all this presumes that Comey is telling the truth about ISIS and not — as he and just about every member of the Intelligence Community has done routinely — used terror threats to be able to get authorities to wield against other kinds of threats, especially hackers (which is not to say hackers aren’t a target, just that the IC likes to pretend its authorities serve an exclusively CT purpose when they clearly do not). The law enforcement data, at least, show that even members of very sophisticated drug distribution networks are using encryption at a really low level. Is ISIS’ ability to coach potential recruits into using encrypted products on Twitter really that much better, or is Comey really talking about hackers who more obviously have the technical skills to encrypt their communications?

Thus far, Comey would have you believe that intelligence — counterterrorism — targets encrypt at a much higher rate than even drug targets. But the data also suggest even federal law enforcement (that is, Comey’s agency, among others) aren’t tracking this very effectively, and so can’t present reliable numbers.

Before we go any further in this cryptowar debate, we ought to be able to get real numbers on how serious the problem is.

Share this entry

Amid Even More Training Failures, US Frames Syrian Effort as Just Starting. Again.

/6 Comments/in , /by

Alert readers here who have kept their scorecards up to date know that the “secret” US effort to train rebels in Syria actually began as early as November of 2012, more than two and a half years ago, even though Obama did his best to obscure that date once it became expedient to nudge the date of entry for the first graduates of that program. The US later decided to go above-board with the training effort for Syria (after spectacular failures of identifying “moderates”), and last fall approved $500 million to a program to train and arm those elusive “moderates” once again. Despite the huge expenditure authorized for the program, it turns out that the US appears to have overlooked a key detail: the “moderate” rebels whom they seek to now fight only ISIS and not Assad simply don’t exist. We can only presume that those who wish to fight Assad are funneled to the covert program, which appears to have been put into place to topple Assad from power.

Robert Burns of AP has a story today describing how the US program has failed to produce the thousands of trainees that were planned:

Fewer than 100 Syrian rebels are currently being trained by the U.S. military to fight the Islamic State group, a tiny total for a sputtering program with a stated goal of producing 5,400 fighters a year.

The training effort is moving so slowly that critics question whether it can produce enough capable fighters quickly enough to make a difference. Military officials said last week that they still hope for 3,000 by year’s end. Privately, they acknowledge the trend is moving in the wrong direction.

/snip/

The main problem thus far has been finding enough Syrian recruits untainted by extremist affiliations or disqualified by physical or other flaws. Of approximately 6,000 volunteers, about 1,500 have passed muster and await movement to training camps in other countries. Citing security concerns, the Pentagon will not say exactly how many are in training. Officials said that as of Friday, the number was under 100 and that none has completed the program.

“We have set the bar very high on vetting,” said Col. Steve Warren, a Pentagon spokesman.

Maj. Gen. Michael Nagata, the Central Command special operations commander who is heading the program, wants volunteers with more than a will to fight.

“We are trying to recruit and identify people who … can be counted on … to fight, to have the right mindset and ideology,” and at the same time be willing to make combating IS their first priority, Defense Secretary Ash Carter told the House Armed Services Committee on June 17.

“It turns out to be very hard to identify people who meet both of those criteria,” Carter said.

Many Syrian rebel volunteers prefer to use their training to fight the government of President Bashar Assad, the original target of their revolution. While IS has been a brutal occupant of much of their country, the rebels see the extremists as fighting a parallel war.

Ah, but fear not, dear US war mongers! Burns reports that when Tammy Duckworth recently asked Joint Chiefs Chair Dempsey if this training effort was worth continuing, he had this ringing endorsement of the the program: “It’s a little too soon to give up on it.”

So, we’ve had the covert training going on for 32 months. We approved $500 million for open training nine months ago, but have under a hundred trainees in the program now, with zero graduates. And yet, if you ask the military, training in Syria is just getting started and it’s too soon to give up on it. Recognizing failure is just not possible in the US military.

Share this entry

Angry White Male Terror in US More Deadly Than Jihad Since 9/11

/28 Comments/in , /by

Remember back in 2009 when the Department of Homeland Security warned (pdf) against the growth of homegrown terror arising from right-wing extremism? Remember how the howls of protest from the same right-wing politicians who dog-whistle the right-wing extremists into action were so loud that DHS took the report off its website and even disbanded the research unit that produced the report? Here’s Daryl Johnson, who headed the group at DHS that produced the report, talking in 2011:

When the right-wing report was leaked and people politicized it, my management got scared and thought DHS would be scaled back. It created an environment where my analysts and I couldn’t get our work done. DHS stopped all of our work and instituted restrictive policies. Eventually, they ended up gutting my unit. All of this happened within six to nine months after the furor over the report. Analysts then began leaving DHS. One analyst went to ICE [U.S. Immigration and Customs Enforcement], another to the FBI, a third went to the U.S. Marshals, and so on. There is just one person there today who is still a “domestic terrorism” analyst.

Since our report was leaked, DHS has not released a single report of its own on this topic. Not anything dealing with non-Islamic domestic extremism—whether it’s anti-abortion extremists, white supremacists, “sovereign citizens,” eco-terrorists, the whole gamut.

Finally, in February of this year, DHS finally got around to mentioning the right-wing terror threat again:

A new intelligence assessment, circulated by the Department of Homeland Security this month and reviewed by CNN, focuses on the domestic terror threat from right-wing sovereign citizen extremists and comes as the Obama administration holds a White House conference to focus efforts to fight violent extremism.

Some federal and local law enforcement groups view the domestic terror threat from sovereign citizen groups as equal to — and in some cases greater than — the threat from foreign Islamic terror groups, such as ISIS, that garner more public attention.​

The Homeland Security report, produced in coordination with the FBI, counts 24 violent sovereign citizen-related attacks across the U.S. since 2010.

In a jaw-dropping revelation, the CNN article on the report goes on to note that there may be as many as 300,000 adherents to the sovereign citizen extremist movement.

But it’s the white supremacists who now are in the spotlight thanks to the racist terrorism in Charleston last week. And the New York Times is driving that point home by citing a New America analysis of terror attacks in the US since 9/11:

In the 14 years since Al Qaeda carried out attacks on New York and the Pentagon, extremists have regularly executed smaller lethal assaults in the United States, explaining their motives in online manifestoes or social media rants.

But the breakdown of extremist ideologies behind those attacks may come as a surprise. Since Sept. 11, 2001, nearly twice as many people have been killed by white supremacists, antigovernment fanatics and other non-Muslim extremists than by radical Muslims: 48 have been killed by extremists who are not Muslim, compared with 26 by self-proclaimed jihadists, according to a count by New America, a Washington research center.

The slaying of nine African-Americans in a Charleston, S.C., church last week, with an avowed white supremacist charged with their murders, was a particularly savage case. But it is only the latest in a string of lethal attacks by people espousing racial hatred, hostility to government and theories such as those of the “sovereign citizen” movement, which denies the legitimacy of most statutory law. The assaults have taken the lives of police officers, members of racial or religious minorities and random civilians.

When we go to the New America analysis, we see that half of the deaths from attacks termed jihadist came in a single attack, the one at Fort Hood. There are only seven entries on the list of jihadist attacks since 9/11. On the other hand, there are 19 entries on the right-wing attack list (and the biggest of those, the Oklahoma City bombing, was pre-9/11 and so is excluded from the list).

Despite the trillions spent and lives lost in fighting jihadists “over there” so that we won’t have to fight them here, the homegrown threat from angry white males is still stronger than the threat from jihadists inside the country. Just imagine the howls, though, should an extra 300,000 names of sovereign citizen adherents get added to the the Terrorist Screening Database. Meanwhile, panic buying of Confederate flags and guns continues. Angry white males are getting even angrier as they squirm under the spotlight.

Share this entry

The Appropriations Battle over Funding “Moderate” Terrorists

/10 Comments/in /by

Two weeks ago, John Brennan admitted on a Sunday show that sometimes when we “push the envelope … to protect this country” it “stimulates and spurs additional threats to our national security interests.” In a post on his comments, I suggested he might be thinking specifically of Syria as much as generally of counterterrorism.

Today, the WaPo cites “U.S. officials” complaining that the House Intelligence Committee voted to cut 10% off CIA’s Syrian budget.

The measure has provoked concern among CIA and White House officials, who warned that pulling money out of the CIA effort could weaken U.S.-backed insurgents just as they have begun to emerge as effective fighters. The White House declined to comment.

Arrayed against those anonymous whiners, the WaPo cites Adam Schiff on the record and a senior aide anonymously, describing how the CIA effort isn’t tracked with real metrics and hasn’t done much to weaken Assad.

“There is a great deal of concern on a very bipartisan basis with our strategy in Syria,” said Rep. Adam B. Schiff (Calif.), the ranking Democrat on the intelligence panel. He declined to comment on specific provisions of the committee’s bill but cited growing pessimism that the United States will be in a position “to help shape the aftermath” of Syria’s civil war.

[snip]

“Assad is increasingly in danger, and people may be taking bets on how long he can last, but it’s largely not as a result of action by so-called moderates on the ground,” said a senior Republican aide in Congress, who spoke on the condition of anonymity, citing the sensitivity of the subject.

[snip]

“Unfortunately, I think that ISIS, al-Nusra and some of the other radical Islamic factions are the best positioned to capi­tal­ize on the chaos that might accompany a rapid decline of the regime,” Schiff said.

Underlying it all, though, appears to be yet another effort (one we’ve seen with propaganda in the press as well) to claim those linked to al Qaeda in Syria are “moderate,” which in turn permits insiders to believe they’ll have some control over Syria after our Sunni and Israeli allies pull off his defeat.

Remember: Devin Nunes has long shown skepticism about our efforts to use proxy terrorists to spread democracy. And Adam Schiff is simply smarter than the kind of person who typically gets to be a ranking member of an Intelligence Committee. Good for them for finally insisting on metrics and — absent that — reining in the CIA’s gravy train.

Share this entry

Is John Brennan Confessing His (Petraeus’) Covert Ops in Syria Backfired?

/7 Comments/in /by

Both Michah Zenko and Jon Schwarz noted John Brennan making a remarkable admission on Face the Nation back on May 31: that sometimes US involvement in events exacerbates things.

But both seem to interpret Brennan’s comment as a general comment on US’s big foot stepping in shit around the world (my description, not theirs). Zenko reads this as “an unprecedented recognition by a senior official about how U.S. counterterrorism activities can increase direct threats to the United States and its ‘national security interests.'” And Schwarz interprets Brennan to be “acknowledg[ing] that U.S. foreign policy might sometimes cause terrorism.”

It may well be such a generalized admission.

But I wonder whether it’s not something more: a specific admission that the US fostered the rise of ISIS with its covert role in Syria in 2012 — a topic that has discussed of late because of documents released via a Judicial Watch FOIA on briefings to Congress about Benghazi (here’s the post I did on the documents).

Here’s the full exchange between Bob Schieffer and Brennan.

SCHIEFFER: Another question I asked Jeb Bush, some of the critics of this administration and some of them are within the government. The ones in the government are not saying these things publicly but saying that the president seems to be just trying to buy time here, that he’s not ready to make a full commitment here in this war on terrorism and basically is just trying to keep things together well enough that he can leave it to the next president to resolve it.

Do you see that?

BRENNAN: I don’t see anything like that. I’ve been involved in this administration in different capacities for the last six and a half years and there has been a full court effort to try to keep this country safe.

Dealing with some of these problems in the Middle East, whether you’re talking about Iraq, Iran, Syria, Yemen, Libya, others, these are some of the most complex and complicated issues that I’ve seen in my 35 years, working on national security issues. So there are no easy solutions.

I think the president has tried to make sure that we’re able to push the envelope when we can to protect this country. But we have to recognize that sometimes our engagement and direct involvement will stimulate and spur additional threats to our national security interests.

Brennan’s response comes — as Schieffer made clear — after Schieffer had already posed the question to Jeb!, and in that context, it specifically addressed ISIS.

SCHIEFFER: Some of the administration’s critics, even some people in the Pentagon, are saying privately that the administration is sort of just buying time and is trying to leave this for the next president to deal with.

BUSH: It looks that way, because you don’t have a clear strategy.

And I think the strategy is both military, as well as political. We need to make sure that Iraq is stable for the region and to create — narrowing the influence of ISIS not just in Iraq, but in Syria. So, it doesn’t appear that they have a strategy.

Then they put — every time that they talk about a strategy, they put conditions on that strategy to make it harder to actually implement it. So, I think the first thing you need to do is take advice of military leaders that know a lot about this than folks in the White House. Take their input. Create a strategy. Express what the strategy is.

And the strategy ought to be take out ISIS in coordinated way and do it over the long haul. This is not something that is going to happen overnight.

And while Brennan mentions two other places — Yemen and Iran — that may not (but they actually might!) be part of the covert operations in which CIA tried to arm “moderates” to oppose Syria but instead helped their buddies energize ISIS, the others were all part of the plan to deal Libyan weapons to the “moderate” liver-eaters in Syria.

The administration is still carefully protecting the details about what they did in Syria in 2012, even from Congress. But they have, in fact, been doing a lot in the Middle East, only most of it has been making things worse.

Share this entry

Ten Goodies USA F-ReDux Gives the Intelligence Community

/4 Comments/in , /by

Update, November 20, 2015: I’ve updated (and corrected, in the case of the parallel construction loophole) this post here

Amid renewed tactical leveraging from Mitch McConnell, USA F-ReDux boosters continue to remain silent (or worse, in denial) about the many advantages USA F-ReDux offers the Intelligence Community over the status quo.

But there are many reasons — aside from the general uselessness of the phone dragnet in its existing form — why USA F-ReDux is an improvement for the Intelligence Community. That doesn’t mean it doesn’t also have benefits for reformers (though we can respectfully disagree about how real those benefits are). It just means it also has at least as many benefits for the IC. Some of these are:

1. Inclusion of Internet calls, along with phone calls, in chaining system

Up until 2009, and then again from 2010 to 2011, NSA had two interlocking systems of domestic metadata tracking: the phone dragnet under Section 215 and the Internet dragnet under PRTT. Since the government shut down the latter, however, it has likely lost access to some purely domestic links that can’t be collected (and chained under SPCMA) overseas.

Update, May 7: According to Richard Burr, the government has been collecting IP “addresses,” so I guess they already include Internet access in their dragnet.

USA F-ReDux is technology neutral; unlike phone dragnet orders, it does not limit collection to telephony calls. This probably means the government will fill the gap in calls that has been growing of late (which anonymous sources have dubiously claimed to make up 70% of all calls). While it’s unlikely the NSA is really missing 70% of all domestic calls of interest, closing a significant gap of any kind will be a huge benefit for the IC.

2. Addition of emergency provision for all Section 215 applications

Currently, there is a FISC-authorized emergency provision for the phone dragnet, but not the rest of Section 215 production. That’s a problem, because the most common use of Section 215 is for more targeted (though it is unclear how targeted it really is) Internet production, and the application process for Section 215 can be slow. USA F-ReDux makes emergency application procedures available for all kinds of Section 215 applications.

3. Creation of giant parallel construction loophole under emergency provision

Not only does USA F-ReDux extend emergency provision authority to all Section 215 applications, but it changes the status quo FISC created in a way that invites abuse. That’s because, even if the FISC finds an agency collected records improperly under the emergency provision, the government doesn’t have to destroy those records. Indeed, the only restriction on those records is that they cannot be entered into any official proceeding. The Attorney General polices this, not the FISC. Moreover, the bill says nothing about derivative records. This is tantamount to saying that the government can do whatever it wants using the emergency provisions, so long as it promises to parallel construct improperly collected records if they want to use them against an American. The risk that the government will do this is not illusory; in the year since FISC created this emergency provision, they’ve already had reason to explicitly remind the government that even under emergency collection, the government still can’t collect on Americans solely for First Amendment protected activities.

4. Provision for a super-hop that might be used to access unavailable smart phone data

As happened last year, no one seems to understand the chaining procedure that is the heart of this bill. What’s clear is that, as written, it does not do what every news article (save mine) say it does; it does not simply provide an extra “hop” of call data. The language appears to permit the government to ask providers to use session-identifying information that cannot be collected (which might include things like location or super-cookies) to provide additional data that does fit the definition of Call Detail Record. As an example, the government might be able to ask providers to use location data to find co-located phones, which is a service AT&T already offers under Hemisphere; the government would only get the device identifiers for the phones, not the location itself, but would benefit from that location data. Another possible application would be to ask providers to use supercookie data to track online behavior. While there are likely good reasons for permitting the government to ask providers to conduct analysis on non CDR session identifying information — such as it provides a way for providers to help the government find burner phones or accounts — without more oversight or limiting language it might be very badly abused.

5. Elimination of pushback from providers

USA F-ReDux gives providers two things they don’t get under existing Section 215: immunity and compensation. This will make it far less likely that providers will push back against even unreasonable requests. Given the big parallel construction loophole in the emergency provisions and the super-hop in the chaining provision, this is particularly worrisome.

6. Expansion of data sharing

Currently, chaining data obtained under the phone dragnet is fairly closely held. Only specially trained analysts at NSA may access the data returned from phone dragnet queries, and analysts must get a named manager to certify that the data is for a counterterrorism purpose to share outside that group of trained analysts. Under this bill, all the returned data will be shared — in full, apparently — with the NSA, CIA, and FBI. And while the bill would require the government to report how often NSA and CIA does back door searches of the data, the FBI would be exempted from that reporting requirement.

Thus, this data, which would ostensibly be collected for a counterterrorism purpose, will apparently be available to FBI every time it does an assessment or opens up certain kinds of intelligence, even for non-counterterrorism purposes. Furthermore, because FBI’s data sharing rules are much more permissive than NSA’s, this data will be able to be shared more widely outside the federal government, including to localities. Thus, not only will it draw from far more data, but it will also share the data it obtains far more broadly.

7. Mooting of court challenges

Passage of USA F-ReDux would also likely moot at least the challenges to the phone dragnet (there are cases before the 2nd, 9th, and DC Circuits right now, as well as a slightly different challenge from EFF in Northern California). That’s important because these challenges — particularly as argued in the 2nd Circuit — might get to the underlying “relevant to” decision issued by the FISC back in 2004, as well as the abuse of the 3rd party doctrine that both bulk and bulky collection rely on. That’s important because USA F-ReDux not only does nothing about that “relevant to” decision, it relies on the language anew in the new chaining provision.

The bill would probably also moot a challenge to National Security Letter gag orders EFF has.

Update, May 7. Oops! I guess Congress didn’t move quickly enough to moot the 2nd Circuit.

8. Addition of 72-hour spying provisions

In addition to the additional things the IC gets related to its Section 215 spying, there are three unrelated things the House added. First, the bill authorizes the “emergency roamer” authority the IC has been asking for since 2013. It permits the government to continue spying on a legitimate non-US target if he enters the US for a 72-hour period, with Attorney General authorization. While in practice, the IC often misses these roamers until after this window, this will save the IC a lot of paperwork and bring down their violation numbers.

9. Expansion of proliferation-related spying

USA F-ReDux also expands the definition of “foreign power” under FISA to include not just those proliferating in weapons of mass destruction, but also those who “knowingly aid or abet” or “conspire” with those doing so. This will make it easier for the government to spy on more Iran-related targets (and similar such targets) in the US.

10. Lengthening of Material Support punishments

In perhaps the most gratuitous change, USA F-ReDux lengthens the potential sentence for someone convicted of material support for terrorism — which, remember, may be no more than speech! — from 15 years to 20. I’m aware of no real need to do this (except, perhaps, to more easily coerce people to inform for the government). But it is clearly something someone in the IC wanted.

Let me be clear: some of these provisions (like permission to chain on Internet calls) will likely make the chaining function more useful and therefore more likely to prevent attacks, even if it will also expose more innocent people to expanded spying. Some of these provisions (like the roamer provision) are fairly reasonably written. Some (like the changes from status quo in the emergency provision) are hard to understand as anything but clear intent to break the law, particularly given IC intransigence about fixing obvious problems with the provision as written. I’m not claiming that all of these provisions are bad for civil liberties (though a number are very bad).

But to pretend these don’t exist — to pretend the IC isn’t getting a whole lot that it has been asking for, sometimes for as long as 6 years — is either bad faith or evidence of ignorance about what the existing dragnet does and what this bill would do. It’s also bad negotiating strategy.

Share this entry

America’s Intelligence Empire

/21 Comments/in , , , /by

I’ve been reading Empire of Secrets, a book about the role of MI5 as the British spun off their empire. It describes how, in country after country, the government that took over from the British — even including people who had been surveilled and jailed by the British regime — retained the British intelligence apparatus and crafted a strong intelligence sharing relationship with their former colonizers. As an example, it describes how Indian Interior Minister, Sardr Patel, decided to keep the Intelligence Bureau rather than shut it down.

Like Nehru, Patel realised that the IB had probably compiled records on himself and most of the leaders of Congress. However, unlike Nehru, he did not allow this to colour his judgment about the crucial role that intelligence would play for the young Indian nation.

[snip]

Patel not only allowed the continued existence of the IB, but amazingly, also sanctioned the continued surveillance of extremist elements within this own Congress Party. As Smith’s report of the meeting reveals, Patel was adamant that the IB should ‘discontinue the collection of intelligence on orthodox Congress and Muslim League activity’, but at the same time he authorised it to continue observing ‘extremist organisations’. Patel was particularly concerned about the Congress Socialist Party, many of whose members were communist sympathisers.

[snip]

The reason Patel was so amenable to continued surveillance of some of his fellow Indian politicians (keeping tabs on his own supporters, as one IPI report put it) was his fear of communism.

And the same remarkable process, by which the colonized enthusiastically partnered with their former colonizers to spy on their own, happened in similar fashion in most of Britain’s former colonies.

That’s what I was thinking of on March 13, when John Brennan gave a speech to the Council on Foreign Relations. While it started by invoking an attack in Copenhagen and Charlie Hebdo, a huge chunk of the speech talked about the value of partnering with our intelligence allies.

Last month an extremist gunned down a film director at a cafe in Copenhagen, made his way across town and then shot and killed a security guard at a synagogue. Later the same day the terrorist group ISIL released a video showing the horrific execution of Coptic Christians on a beach in Libya.

The previous month, in a span of less than 24 hours, we saw a savage attack on the staff of the satirical newspaper Charlie Hebdo in France. We saw a car bomb kill dozens at a police academy in Yemen.

[snip]

As CIA tackles these challenges, we benefit greatly from the network of relationships we maintain with intelligence services throughout the world. This is a critically important and lesser known aspect of our efforts. I cannot overstate the value of these relationships to CIA’s mission and to our national security. Indeed, to the collective security of America and its allies.

By sharing intelligence, analysis, and know-how with these partner services, we open windows on regions and issues that might otherwise be closed to us. And when necessary, we set in concert to mitigate a common threat.

By collaborating with our partners we are much better able to close key intelligence gaps on our toughest targets, as well as fulfill CIA’s mission to provide global coverage and prevent surprises for our nation’s leaders. There is no way we could be successful in carrying out our mission of such scope and complexity on our own.

Naturally these are sensitive relationships built on mutual trust and confidentiality. Unauthorized disclosures in recent years by individuals who betrayed our country have created difficulties with these partner services that we have had to overcome.

But it is a testament to the strength and effectiveness of these relationships that our partners remain eager to work with us. With the stakes so high for our people’s safety, these alliances are simply too crucial to be allowed to fail.

From the largest services with global reach to those of smaller nations focused on local and regional issues, CIA has developed a range of working and productive relationships with our counterparts overseas. No issue highlights the importance of our international partnerships more right now than the challenge of foreign fighters entering and leaving the conflict in Syria and Iraq.

We roughly estimate that at least 20,000 fighters from more than 90 countries have gone to fight, several thousand of them from Western nations, including the United States. One thing that dangers these fighters pose upon their return is a top priority for the United States intelligence community, as well as our liaison partners.

We exchange information with our counterparts around the world to identify and track down men and women believed to be violent extremists. And because we have the wherewithal to maintain ties with so many national services, we act as a central repository of data and trends to advance the overall effort.

On this and in innumerable other challenges, our cooperation with foreign liaison quietly achieves significant results. Working together, we have disrupted terrorist attacks and rolled back groups that plot them, intercepted transfers of dangerous weapons and technology, brought international criminals to justice and shared vital intelligence and expertise on everything from the use of chemical armaments in Syria to the downing of the Malaysian airliner over Ukraine.

These relationships are an essential adjunct to diplomacy. And by working with some of these services in building their capabilities we have helped them become better prepared to tackled the challenges that threaten us all.

[snip]

With CIA’s support, I have seen counterparts develop into sophisticated and effective partners. Over time our engagement with partner services fosters a deeper, more candid give and take, a more robust exchange of information and assessments, and a better understanding of the world that often ultimately encourages better alignment on policy.

Another advantage of building and maintaining strong bilateral and multilateral intelligence relationships is that they can remain, albeit not entirely, insulated from the ups and downs of diplomatic ties. These lengths can provide an important conduit for a dispassionate dialogue during periods of tension, and for conveying the U.S. perspective on contentious issues.

In recognition of the importance of our liaison relationships, I recently reestablished a senior position at the CIA dedicated to ensuring that we are managing relationships in an integrated fashion. To developing a strategic vision and corporate goals for our key partnerships and to helping me carryout my statutory responsibility to coordinate the intelligence communities’ foreign intelligence relationships. [my emphasis]

We are and still remain in the same position as MI5, Brennan seems to want to assure the CFR types, in spite of the embarrassment experienced by our intelligence partners due to leaks by Chelsea Manning and Edward Snowden. Information sharing remains the cement of much of our relationships with allies; our ability to let them suck off our dragnet keeps them in line.

And of particular note, Brennan described these “strong bilateral and multilateral intelligence relationships …remain[ing], albeit not entirely, insulated from the ups and downs of diplomatic ties.”

The spooks keep working together regardless of what the political appointees do, Brennan suggested.

But that speech is all the more notable given the revelations in this Der Spiegel story. It describes how, because of the Snowden leaks, the Germans slowly started responding to something they had originally discovered in 2008. The US had been having BND spy on selectors well outside the Memorandum of Understanding governing the countries’ intelligence sharing, even including economic targets. At first, BND thought this was just 2,000 targets, but as the investigation grew more pointed, 40,000 suspicious selectors were found. Only on March 12 — the day before Brennan gave this remarkable speech — did Merkel’s office officially find out.

But in October 2013, not even the BND leadership was apparently informed of the violations that had been made. The Chancellery, which is charged with monitoring the BND, was also left in the dark. Instead, the agents turned to the Americans and asked them to cease and desist.

In spring 2014, the NSA investigative committee in German parliament, the Bundestag, began its work. When reports emerged that EADS and Eurocopter had been surveillance targets, the Left Party and the Greens filed an official request to obtain evidence of the violations.

At the BND, the project group charged with supporting the parliamentary investigative committee once again looked at the NSA selectors. In the end, they discovered fully 40,000 suspicious search parameters, including espionage targets in Western European governments and numerous companies. It was this number that SPIEGEL ONLINE reported on Thursday. The BND project group was also able to confirm suspicions that the NSA had systematically violated German interests. They concluded that the Americans could have perpetrated economic espionage directly under the Germans’ noses.

Only on March 12 of this year did the information end up in the Chancellery.

This has led to parliamentary accusations that BND lied in earlier testimony. The lies are notable, given how they echo the same kind of sentiment John Brennan expressed in his speech.

According to a classified memo, the agency told parliamentarians in 2013 that the cooperation with the US in Bad Aibling was consistent with the law and with the strict guidelines that had been established.

The memo notes: “The value for the BND (lies) in know-how benefits and in a closer partnership with the NSA relative to other partners.” The data provided by the US, the memo continued, “is checked for its conformance with the agreed guidelines before it is inputted” into the BND system.

Now, we know better. It remains to be determined whether the BND really was unaware at the time, or whether it simply did not want to be aware.

The NSA investigative committee has also questioned former and active BND agents regarding “selectors” and “search criteria” on several occasions. Prior to the beginning of each session, the agents were informed that providing false testimony to the body was unlawful. The BND agents repeatedly insisted that the selectors provided by the US were precisely checked.

As almost a snide aside, Der Spiegel notes that in spite of these lies, the public prosecutor has not yet been informed of these lies.

That is, the spooks have been lying — at least purportedly including up to and including Merkel’s office. But the government seems to be uninterested in pursuing those lies.

As Brennan said as this was just breaking out, the spooks retain their “strong bilateral and multilateral intelligence relationships …remain[ing], albeit not entirely, insulated from the ups and downs of diplomatic ties.”

And as with Brennan — who, as Gregory Johnsen chronicles in this long profile of the CIA Director published yesterday — the spooks always evade accountability.

Share this entry

Brennan’s Addiction to Signature Strikes Killed Weinstein

/3 Comments/in , /by

The US insists that the deaths of hostages Warren Weinstein and Giovanni Lo Porto were a “mistake”. Both the New York Times and Washington Post open their articles about the drone strike that killed them with descriptions couched in the language of error. The Times:

The first sign that something had gone terribly wrong was when officers from the C.I.A. saw that six bodies had been pulled from the rubble instead of four.

And in the Post:

After weeks of aerial surveillance, CIA analysts reached two conclusions about a compound to be targeted in a January drone strike: that it was used by al-Qaeda militants and that, in the moment before it was hit, it had exactly four occupants.

But as six bodies were removed from the rubble, the drone feeds that continued streaming back to CIA headquarters carried with them a new set of troubling questions, including who the two other victims were and how the agency’s pre-strike assessments could have been so flawed.

Consider that for a moment. Despite all the blathering from John Brennan about “near certainty” in his infamous drone rules (whose legal basis the government still steadfastly refuses to release), we are dealing yet again with deaths of innocents from a signature strike. In those strikes, the US kills without knowing precisely who the targets are. Instead, the US claims that the pattern of activities by those targeted match those of terrorists intent on striking out against the US. The more cynical among us note that there is hubbub over this strike merely because the innocents who were killed happen to be white instead of brown. But the outcome is the same: making the decision to kill based on incomplete evidence that doesn’t even include the actual identities of those in the crosshairs is bound to result in the collateral deaths of many who are not enemies of the US.

Recall that John Brennan made a power grab in the spring of 2012 to take charge of ordering signature strikes when JSOC told the White House that such strikes were not needed in Yemen. And, of course, Brennan immediately started using this tool as a political cudgel as well as the strategic weapon it was believed to represent. But let’s go for a moment to a part of Greg Miller’s Washington Post article linked above:

The deaths of the hostages follow other recent developments that have revealed divisions among the CIA and other agencies over whether to capture or kill a U.S. citizen.

Muhanad Mahmoud al Farekh was recently arraigned in a U.S. court on federal terrorism charges after he was captured by Pakistan and secretly flown to New York. His arrest raised questions about the frequency with which the U.S. government asserts that capturing terrorism suspects is not feasible. The CIA had been pushing to kill Farekh for more than a year before his arrest, current and former U.S. officials said.

Isn’t that interesting? It appears that Farekh was on CIA’s list of targets it would like to have killed in a targeted strike, with part of the justification for killing him being that it wouldn’t be feasible to capture him. And yet the Pakistanis did capture him. And that development points out an even bigger problem with the decision to hit the compound where Weinstein was killed: that compound is in the southern part of North Waziristan. Recall that Pakistan’s offensive to clear the tribal areas of terrorists began last June. See the map embedded in this post where I discussed the beginning of the offensive. Weinstein and Lo Porto were being held in the Shawal Valley, which is at the very southern end of North Waziristan. Miram Shah and Mir Ali, two of the hottest targets for US drone strikes sit in the central part.

Just a little more patience on the part of Brennan and his signature strike shop might have led to a very different outcome. In November, Pakistan’s military claimed that 90% of North Waziristan had been cleared of terrorists. And in the very same week of the strike that killed the hostages, Pakistan noted that the Shawal area was slated for clearing:

During a journalists briefing here, about the current visit of Chief of Army Staff General Raheel Sharif to Britain, he said operation Zarb-e-Azb was continuing successfully in North Waziristan and many areas including Mir Ali, Mirshah and Dattakhel were cleared of terrorists, many of whom were killed and arrested and their infrastructure was destroyed.

In these troubled areas, militants had set up infrastructure, training and call centres and they were making phone calls to people in other parts of the country for ransom, he added. Before start of the North Waziristan operation, Pakistan informed Afghanistan and International Security Assistance Force (ISAF), so that they could take action against terrorists who cross over the border.

Operations were continuing along the border areas with Afghanistan, with whom Pakistan had improved its relations and both countries were sharing intelligence, he added. He said in the next few months the remaining areas including Shawal would be cleared.

Although Pakistan’s military is not particularly noted for protecting citizens during these clearing actions in the tribal areas, it still stands out that Weinstein and Lo Porto were killed in Shawal on January 15 and Pakistan announced on the 18th that Shawal was next up for clearing. Would Pakistani forces have rescued the hostages? We will never know.

Even worse, Brennan was supposed to have stopped signature strikes in Pakistan. Returning to the Times article:

The strike was conducted despite Mr. Obama’s indication in a speech in 2013 that the C.I.A. would no longer conduct such signature strikes after 2014, when American “combat operations” in Afghanistan were scheduled to end. Several American officials said Thursday that the deadline had not been enforced.

Brennan will never give up his prized signature strikes. Greg Miller does note, though, that this strike was one of the last ones for “Roger”, who headed the counterterrorism center and was Brennan’s right hand man for signature strikes. But I’m pretty sure that we can count on Brennan to get Roger’s replacement up to speed on his prized tool very quickly.

Share this entry

“Security is a most seductive thing” and the Single Bus Line that Shut Down Boston

/19 Comments/in /by

The WSJ has a fascinating story this morning about 3 pages cut from an early draft of the kids book, A Wrinkle in Time. It includes a discussion between the heroine and her father, in which the latter describes the dangers of valuing security over all else. He starts by talking about totalitarian governments, but when Meg asks about their own country, he responds,

“It’s an equally logical outcome of too much prosperity. Or you could put it that it’s the result of too strong a desire for security.”

[snip]

I’ve come to the conclusion,” Mr. Murry said slowly, “that it’s the greatest evil there is. Suppose your great great grandmother, and all those like her, had worried about security? They’d never have gone across the land in flimsy covered wagons. Our country has been greatest when it has been most insecure. This sick longing for security is a dangerous thing, Meg,”

As it happens, immediately after I learned one of the signature American kids book originally compared US paranoia (during the height of the Cold War) with totalitarianism, I read this summary of an interview Juliette Kayyem did with former Boston Police Chief Ed Davis. In addition to confirming that the authorities immediately assumed this was an Al Qaeda attack (which fed some false assumptions about the attack) and providing background to the decision to release pictures of the brothers, Davis explained that then Massachusetts Secretary of Transportation successfully pushed to shut down the entire city because a single bus line crossed close to where Dzhokhar was believed to be hiding.

Davis gets into detail on another major debate: whether to issue a “shelter in place” order while law enforcement tracked down Dzhokhar Tsarnaev. Davis points to Richard Davey, then the state’s secretary of transportation (and now the CEO of the Boston 2024 Partnership) as having particular influence. Authorities were focused on an MBTA bus that passed through the area where they believed Dzhokhar was hiding. They didn’t want Tsarnaev to have access to the entire transit system, but Davey argued that it’s difficult to shut down just that bus route—just one piece of the system. It strands those who expect it to be up and running. Because of that perspective, the debate became more “all or nothing.” Shut nothing down or shut the city down. In the end, Governor Deval Patrick made the call, in part because the city had shut down for a snow storm the week before and, as Davis puts it, “This is at least as dangerous as a snow storm.”

This is craziness! They shut down an entire city rather than shutting down a single bus line (or, better, putting a cop on every bus on that line rather than having hundreds of cops shooting like drunken cowboys a few blocks away in Watertown). And the guy who made the decision is now heading Boston’s Olympics bid.

Madeleine L’Engle was onto something.

Davis also suggests that the FBI admitted knowing the brothers before they now claim to have confirmed that ID.

Share this entry

Citing Confidential Information Carmen Ortiz Appears to Recommit to Seeking Dzhokhar’s Execution

/12 Comments/in /by

Bill and Denise Richard, parents of one child killed and one maimed in the Boston Marathon attack, have a BoGlo op-ed calling for Dzhokhar Tsarnaev to receive life without parole. They specifically cite the importance of letting survivors set the narrative of the attack, not Dzhokhar, who will have the opportunity to expose some of his motivations in the sentencing phase due to start next week.

For us, the story of Marathon Monday 2013 should not be defined by the actions or beliefs of the defendant, but by the resiliency of the human spirit and the rallying cries of this great city. We can never replace what was taken from us, but we can continue to get up every morning and fight another day. As long as the defendant is in the spotlight, we have no choice but to live a story told on his terms, not ours. The minute the defendant fades from our newspapers and TV screens is the minute we begin the process of rebuilding our lives and our family.

Carmen Ortiz responded, citing the need to keep secrets in her explanation for why the government would still — seemingly — continue its pursuit of a death sentence for Dzhokhar Tsarnaev.

The attorneys in a criminal case are legally bound to keep many matters relating to the case confidential, even from the people most affected by the crimes.

I therefore cannot comment on the specifics of the statement.

A cynic might think Ortiz was unswayed by the Richards’ plea because she judges an execution will help her own career, even if polls show Massachusetts residents oppose the death penalty for Tsarnaev.

Still, I couldn’t help but wonder why she’s citing confidentiality when the next phase of the trial will presumably expose more of the details on the case the government would prefer to keep secret? What confidential reason does Ortiz — or the government more generally — have to want those details to come out?

Share this entry