The NSA Didn't Actually Address All Of The FISA Court's Concerns, Contrary To What It Claims
from the that's-just-not-true dept
Many of you quite enjoyed former Ron Wyden deputy chief of staff, Jennifer Hoelzer's post a few weeks ago, and we're bringing you another post by her, this one crossposted from her own blog where she's going to be covering these kinds of issues. We encourage you to head over there now and to visit it often.
The Director of National Intelligence, James Clapper, would very much like you to view the previously classified documents his office released last month as proof that the National Security Agency’s secret surveillance activities have not only been subjected to vigorous oversight, they have taken it seriously.
I mean, the Office of the Director of National Intelligence (ODNI) didn’t just declassify the long sought Foreign Intelligence Surveillance Court (FISC) opinion that indicated the NSA’s foreign intelligence collection activities haven’t been as problem free as the administration’s suggested.
No, the ODNI – not exactly known for its fondness for declassification - also declassified the government’s response to the FISC opinion, and the FISC opinion on the government’s response to the original FISC opinion, and the minimization procedures the NSA uses “in connection with acquisitions of foreign intelligence information pursuant to Section 702” and the “Semi-Annual Assessment of Compliance with the Procedures and Guidelines issued pursuant to Section 702” plus all of the previously classified testimony the Administration gave to Congress discussing 702, including a memo that the administration had previously made available to members of Congress in which they described FISC’s having raised concerns about the Administration’s collection activities as an example of “how well the existing oversight regime works.” (An ironic choice of words given that they were being used to describe a legal opinion in which a federal judge used a footnote to smack the Administration for substantially misrepresenting the “scope of a major collection program”)
And, if all of that information wasn’t enough to convince you that FISC’s concerns about the Administration’s compliance with Section 702 of the FAA were nothing when compared to the extraordinary efforts the government employs to ensure that these programs are conducted with respect to the rule of law, the Director of National Intelligence himself wrote a three page cover letter to accompany the release of these documents. The letter acknowledged that the court had determined that:
For highly technical reasons…the minimization procedures proposed by the government as applied to a discrete subset of NSA’s upstream collection of electronic communications did not satisfy certain statutory requirements in FISA and that the targeting and minimization procedures as applied to the same subset of communications did not satisfy Fourth Amendment requirements.
But – if you followed that -- fear not! Because, “In the end,” the DNI wrote:
the Government satisfied the concerns raised by the Court and the Court found that the revised procedures satisfied the law and the Constitution. These documents reflect the Government’s serious commitment to getting it right and the Court’s careful and searching review of matters within its jurisdiction.
For the record, I don’t blame the DNI for being defensive. While his actions have left plenty of room for criticism, James Clapper is not a bad guy. He’s not slaughtering puppies or making millions gambling with people’s home mortgages. In fact, in any other context, I’m pretty sure we’d be calling him a hero. Not only is he a decorated veteran, who spent thirty-two years in uniform, including two combat tours in Southeast Asia, at 73-years-old, he continues to work seven days a week for a government salary in an effort to keep Americans safe.
That’s not to say I agree with his approach to keeping Americans safe. I don’t. But I don’t doubt that his heart is in the right place and I can only imagine how much it must suck to have the public he’s dedicated his life to protect turn on him with such anger.
Problem is, though, he’s wrong.
The plethora of documents General Clapper declassified are not proof that Intelligence Community oversight is working, because despite what General Clapper says, the government did not satisfy all of the concerns that the Court raised about the Administration’s Section 702 collections activities.
For those following along at home, Section 702 of the FISA Amendments Act gives the Administration the authority to collect an American citizen’s communications (without a warrant) if – and only if – their communications are collected incidental to the Intelligence Community’s efforts to collect the communications of a foreigner.
In other words, if the NSA wants to collect a foreigner’s emails, it can basically download everything in that foreigner’s gmail account directly into the U.S. government database without worrying that some of the emails in that account might be from an American citizen. Obviously, if the government was targeting that American citizen directly, it would need a warrant to collect and read those emails, but thanks to Section 702 of the FAA, if the government unintentionally collects an American citizen's calls or emails, it can review them without a warrant.
In October 2011, the Foreign Intelligence Surveillance Court found that the NSA had been violating both FAA and the Fourth Amendment by scooping up tens of thousands of “wholly domestic” communications that had nothing to do with a targeted foreigner. This was attributed to the technical challenges of collecting multiple communications at once and the administration found a way to resolve the problem and address the Court’s concerns.
But, if you turn to page 33 and 34 of the FISA Court’s October 3, 2011 opinion. You’ll see that that wasn’t the Court’s only concern about the NSA’s Section 702 collection activities:
…in addition to these MCT’s, NSA likely acquires tens of thousands more wholly domestic communications every year, given that NSA’s upstream collection devices will acquire a wholly domestic ‘about’ SCT if it is routed internationally.
(For the record, the FISA Court underlined “more,” not me.)
What this means is the NSA isn’t just collecting emails sent to and from a targeted foreigner’s email address, they are collecting emails that include the targeted foreigner’s email address in the body of the message. So, if a friend asks you to forward them an email address, if that email address belongs to a targeted foreigner, your email could end up in the government database even if both you and your friend are American citizens located in the United States.
If you flip to page 48 of FISC’s opinion, you’ll see that the Court has definite concerns about this:
Given that NSA’s upstream collection devices lack the capacity to detect wholly domestic communications at the time an Internet transaction is acquired, the Court is inexorably led to the conclusion that the targeting procedures are “reasonably designed” to prevent the intentional acquisition of any communication as to which the sender and all intended recipients are known at the time of the acquisition to be located in the United States. This is true despite the fact that the NSA knows with certainty that upstream collection, viewed as a whole, results in the acquisition of wholly domestic communications.
By expanding its Section 702 acquisitions to include the acquisition of Internet transactions through its upstream collection, NSA, has, as a practical matter, circumvented the spirit of Section 1881 a(b)(4) and (d)(1) with regard to that collection. NSA’s knowing acquisition of tens of thousands of wholly domestic communications through its upstream collection is a cause for concern for the court.
[Note: If you aren’t familiar with the word “inexorably” its legal speak for “not to be persuaded.” As in the court isn’t persuaded that the NSA’s targeting procedures have been “reasonably designed” to prevent the intentional collection of wholly domestic communications.]
So, the court raised concerns that the NSA is actively collecting emails that mention targeted foreigners even though the NSA knows they’ll likely collect tens of thousands of wholly domestic communications each year. This, the court says, violates the spirit of Section 702 of the FAA, which explicitly prohibits the government from “knowingly” collecting wholly domestic communications.
The IC did not address this concern. And, if you refer to page 4 of the memo that the ODNI sent the Intelligence Committees on May 4, 2012 to argue for FAA’s reauthorization, you will see that this collection is ongoing.
“[Upstream collection] lets the NSA collect electronic communications that contain the targeted e-mail address in the body of a communications between third parties.”
[I think it’s worth noting that in mentioning this capability to Congress, the Administration failed to mention that the Foreign Intelligence Surveillance Court had raised concerns that this practice violates the spirit of the FAA.]
Why does this matter? I mean if one American is forwarding a terrorist’s address to another American, that email is clearly “relevant” to a terrorism investigation and should be collected, right?
Not exactly. Just because an email contains the address of a “targeted foreigner” does not mean it has anything to do with terrorism, because Section 702 does not limit surveillance to terrorism suspects.
Rather, Section 702 applies to all foreign intelligence gathering for any foreign intelligence purpose. Which means that the government can use its Section 702 authority to target basically any foreigner that it thinks might have information the U.S. government might find useful. This can include: foreign officials, business people, journalists, human rights advocates, etc. etc.
So, while it may be reasonable to assume that two Americans sharing a terrorist’s email address are probably up to no good, I can think of a whole lot of very innocent reasons that one American might share the email address of a targeted foreigner with another. Heck, just last month, I shared a foreign reporter’s email address with a friend who was looking for a hotel recommendation for his dad. Did that email end up in a government database?
Again, why should you care? That information is only being used for terrorist investigations, right?
No. As recently disclosed documents reveal, the Administration believes that as long as communications are “lawfully” collected, the government doesn’t need a warrant to use them for other purposes. In other words, while the government would need to get a warrant to read your emails, the government does not need a warrant to read emails that it may have “accidentally” collected on you. (The fact that it didn’t need a warrant to collect those emails in the first place is considered irrelevant.)
My former boss, attempted to close this loophole in early 2012, when, during a closed Intelligence Committee mark-up, he introduced an amendment to the FISA Amendments Act that would have required the government to get a warrant before being allowed to search the government database for the name of an American citizen.
I don’t think that’s unreasonable. If the government has a legitimate cause to target an American it can get a warrant to search the database. Meanwhile, warrant requirements could prevent LOVEINT-esque incidents in which NSA personnel might be tempted to search the database for names that they have no legitimate, foreign intelligence reason to target.
But, despite the President’s oft-repeated claims that the government can not read an American’s emails and/or listen to the content of their conversations without a warrant, the administration quietly opposed Wyden’s attempt to require government agents to get warrants to do just that.
To their credit, after quashing Congress’s attempt to limit the executive branch’s authority, the executive branch appears to have issued an alert that analysts should not query the database for the name of a U.S. person “until an effective oversight process has been developed by NSA and agreed to by DOJ/ODNI.” That is, of course, better than nothing, but am I the only one who thinks it’s a problem that the only entity conducting oversight over the Intelligence Community is the Intelligence Community?
Again, as you can see from the ODNI’s rollout of FISC’s Section 702 opinions, Director Clapper would very much like you to believe that the Intelligence Community is “commit[ed] to detecting, correcting, and reporting mistakes, and to continually improving its oversight and compliance processes.” But is the IC as committed to detecting, correcting and reporting mistakes that others identify?
We’ve been told that the Intelligence Community has implemented safeguards that it believes to be effective. It is declassifying the documents that it believes are in the public’s best interests to see, and when they tell you they “satisfied the concerns raised by the court,” they mean they satisfied the court’s concerns that they decided were worth satisfying. (Which, again, is not the same as saying the Intelligence Community satisfied all of the Court’s concerns.)
And let’s not forget, the Intelligence Community is engaged in these surveillance activities because they believe they are necessary to national security.
But is any of that the same as saying these programs are being subjected to effective oversight?
Doesn’t oversight imply that your work is being reviewed by someone who has an incentive to raise concerns and/or might catch something you may have missed? Doesn’t the fact that the NSA apparently didn’t think to implement safeguards to its database query process until AFTER Senator Wyden raised concerns about it suggest that maybe the NSA isn’t catching all of its mistakes and outside oversight can be a good thing?
Because, I’m sorry, I have a hard time believing that the administration is committed to oversight, when the only oversight it appears to be committed to is oversight conducted by folks that agree with what they are doing. Also – and maybe this isn’t fair – I have a hard time trusting the Intelligence Community to identify and correct possible problems related to its secret surveillance programs, when no one in the IC apparently noticed that there might be a problem with the name of its new Tumblr account: http://icontherecord.tumblr.com/. But maybe that’s just me.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: fisa, fisa court, fisc, james clapper, keith alexander, nsa, nsa surveillance
Reader Comments
Subscribe: RSS
View by: Time | Thread
Sorry, Ms (Mrs?) Hoelzer, I have to disagree. I don't care if Clapper fought in a war, stormed an enemy camp all alone, rescued a thousand American troops being held prisoner (and for the cherry on top, rescued an adorable little puppy and ran, shielding it from gunfire with his own body), that still does not excuse in any way what he has done.
He is the head of what must be the most pernicious intelligence body in the US, and has actively worked to see its activities and influence spread as far and wide as possible. Under his leadership, the NSA has infiltrated major US corporations, side-stepped pretty much as many laws as possible, weakened computer based encryption and trust in the same, collected as much information as possible on as many people as possible, and then, when asked by a man whom he was supposed to report to, whether he did anything wrong, said no, not intentionally.
[ link to this | view in chronology ]
Re: Holy cow! Hoelzer has united Rikuo and me!
[ link to this | view in chronology ]
Re:
But if we want things to change, making the Intel community out to be the enemy isn't going to work. It just confirms their opinion of their critics and convinces them they are right about everything including shutting the public out of these debates. (Which is why I'm trying to keep my commentary fact-based.) I mean, at the end of the day, Congress and the White House can mandate legislative reforms, but nothing changes if we can't get the Intel Community to buy in.
These guys think they are patriots trying to keep us safe. We need to get them to see that there are better ways to be patriotic and keep the country safe. That good intentions don't necessarily lead to good decisions.
[ link to this | view in chronology ]
Re: Re:
I appreciate what you're saying, and it makes a certain strategic sense, but... we didn't make the intel community out to be enemies. They made us out to be enemies.
[ link to this | view in chronology ]
Re: Re:
That's the same as saying the NSA is going to continue doing whatever the hell they want to no matter what Congress or the White House does. Which is sad, but probably true.
[ link to this | view in chronology ]
Re: Re:
(sorry for replying late here)
If Congress and the White House do introduce legislation that specifically says that all the nasty stuff the NSA does is illegal, but the NSA continues to do it anyway, then Obama will be fully justified, and will have the blessing of the American citizenry, to call in the troops to forcibly shut it down, since at that point, the NSA will have demonstrated beyond any kind of defence that it is a rogue agency that ignores orders from its commander-in-chief.
[ link to this | view in chronology ]
Re: Re: Re:
He's only making the timid steps he's taking now because public outcry is forcing him to. He would never shut down the NSA, forcibly or otherwise. If he could have, he would have swept this whole thing back under the rug where he seems to believe it belongs.
[ link to this | view in chronology ]
Re: Re:
But if we want things to change, making the Intel community out to be the enemy isn't going to work.
Ma'am, I applaud your work but I believe you have to consider what our history has told us about the intelligence community. They are very small and they have great power over the public. This isn't just one incident. It goes back to the 1930s and the problems inherent when you give people a lot of power.
The intelligence community has another stain on it called James Clapper. During the 1980s, it added Oliver North. Preceding that, it was Hunt and Hoover. These are people that show us what happens when you give the intelligence community power. They corrupt. And their corruption has dire effects on the democratic republic they're supposed to uphold.
During the Church committee, there were laws passed to stop just such behavior. But like any business, the intelligence community routed around those issues.
This has been going on far longer than most of us have been alive. It's time to take away their power and have their actions discussed and punishments found out by the people who have had their lives affected by their decisions.
[ link to this | view in chronology ]
Inexorably
So, the court is saying that it cannot be stopped from being "led to the conclusion that the targeting procedures are 'reasonably designed' to prevent the intentional acquisition of any communication as to which the sender and all intended recipients are known at the time of the acquisition to be located in the United States." I do not believe the court is saying that it "isn’t persuaded that the NSA’s targeting procedures have been 'reasonably designed' to prevent the intentional collection of wholly domestic communications," as you state.
An example in the dictionary is "the inexorable rise of a political movement." In other words, you can't stop the rise of the political movement.
I do not know if this changes the outcome of your article. TL;DR.
[ link to this | view in chronology ]
Re: Inexorably
[ link to this | view in chronology ]
Re: Inexorably
[ link to this | view in chronology ]
"James Clapper is not a bad guy." ??? -- He's an OFFICE.
At all defending a public servant who's a known liar -- well, that's to be expected from a person formerly in gov't: power corrupts everyone and all the criminals ultimately stick together against the people -- just saves me from analyzing the rest to see if you plant more subtle poison pills.
Time for weasealing is over. If you can't say that Clapper should be CLAPPED into jail, then you're not on our side.
[ link to this | view in chronology ]
Re: "James Clapper is not a bad guy." ??? -- He's an OFFICE.
Dude, I'm not really sure anyone is on your side.
To be honest, I'm not really sure what your side is. I hear lots of conflicting crazy talk from you, that's about it.
[ link to this | view in chronology ]
Re: Re: "James Clapper is not a bad guy." ??? -- He's an OFFICE.
I'm certain you aren't hearing me, so must be those voices again, you pitiable old fool.
In any case, I never see a SINGLE idea of yours, "Gwiz"! You do nothing but ad hom. How about you state something positive that you believe in, so I can jeer and call you crazy?
You're just like Mike, lots of complaining, not a single solution.
[ link to this | view in chronology ]
Re: Re: Re: "James Clapper is not a bad guy." ??? -- He's an OFFICE.
Ad hom.
In any case, I never see a SINGLE idea of yours, "Gwiz"!
Then you simply aren't paying attention, Blue. I've put forth a couple few ideas throughout the years here at Techdirt and they usually earn an insightful badge. But try not to be jealous, k?
You do nothing but ad hom.
Usually only at you Blue, because you deserve it for all ad homs you toss out every single day. See your above comment where it says "you pitiable old fool" for an example.
How about you state something positive that you believe in, so I can jeer and call you crazy?
Go for it Dude. Knock yourself out. Let me get you started even. Here is the one and only post I've written for Techdirt. Check out the second paragraph, it lays out some of my beliefs pretty clearly there.
You're just like Mike, lots of complaining, not a single solution.
Really? Complaining? Really? And what is it that you do everyday here?
The way I see it, 80% of your comments are complaining about something Blue, from Google to "The Rich", all the way to the regular commentators refuting the silly things you say. Pot meet kettle.
If you weren't so damn annoying I might have, at one time, been interested in your take on things.
[ link to this | view in chronology ]
Re: "James Clapper is not a bad guy." ??? -- He's an OFFICE.
[ link to this | view in chronology ]
There are no bad guys
Judge people by what they do. Their goals, motives and intentions are meaningless.
[ link to this | view in chronology ]
If the data is already in a government database, this requirement is no better than trust us we will not misuse the data. It does not stop anybody with access to the database from abusing it. It would not be a real improvement on the existing situation as it would rely on monitoring of use of the database. One thing Snowden has demonstrated is that NSA have not been able to effectively monitor use of their databases.
[ link to this | view in chronology ]
Every time something is released claiming to be a step forward in transparency, it's either a lie, a carefully worded statement that is full of misdirection, or totally ignores the scope to focus in on some small little item that might support their stance while ignoring the rest of the elephant in the room. This is not a mistake, not a mere oversight of missing a document but rather by the past actions up to date a purposeful and willful plan to try and contain the damage while not giving info on the real core problems such as has been outlined here.
At one point claiming that warrants aren't needed to call up data on emails yet fighting the attempt at passing a law requiring it tells you more than all the fancy words. No one would be concerned were it not already happening and wanting to protect that turf.
Sorry but once again we are left with a glaring, carefully attempted crafting of hiding the real facts. As such, it is time to hunt heads, remove senior staff, and look at Obama with the question of if he knew, when he knew, and if he directed this. If so, impeachment is not out of the question. Clinton was attempted to be impeached merely for lying about a blow job and this has far, far, more weight to the matter.
[ link to this | view in chronology ]
i see what you did there
I con the record
I see what you did there IC ... if(when) caught lying again, you can always say .. 'see, even the name says we are conning you!'
[ link to this | view in chronology ]
[ link to this | view in chronology ]
I think you missed the line item in the latest NSA budget: "Research into puppy pain tolerance and response to visual images of puppy death - $147m".
[ link to this | view in chronology ]
Re:
(couldn't resist ^^)
[ link to this | view in chronology ]
[ link to this | view in chronology ]