Judge Says NSA Can Continue To Destroy Evidence

from the bad-ruling dept

Well, this is unfortunate. After yesterday's back and forth between the DOJ and the EFF over the ongoing destruction of key evidence in the Jewel v. NSA case, the court ordered an emergency hearing for this afternoon. About an hour before the hearing, the DOJ presented its opposition to the temporary restraining order, arguing, basically, that it would be too damn complicated to stop destroying evidence in the case. Part of this is because the data collected under the Section 702 program apparently isn't just one big database, but is quickly fed into all sorts of other systems.
. Unlike the Section 215 telephony metadata program, which resides on a discrete computer systems architecture, communications acquired pursuant to Section 702 reside within multiple databases contained on multiple systems. Those databases and systems are designed to effectuate FISC-approved minimization procedures that require (with certain limitations) the destruction (purge) upon recognition of certain communications and the age-off of certain raw data within either two years or five years from the expiration of the certification authorizing its acquisition. Halting these purges and age-offs to preserve all Section 702 material, as we understand the Court to have ordered, would require significant technical changes to these databases and systems and would have the effect of forcing NSA into non-compliance with FISC-approved minimization procedures, thus placing the entire program in legal jeopardy
In short: because we're ordered to delete some data by the law to avoid spying on Americans, to now ask us not to delete any data would violate the law that says we have to delete some data. And, to figure out how to do this would be crazy confusing, because the NSA is a giant bureaucratic machine of spying, and you can't just throw a rock into it like that. Or something:
Changes of this magnitude to database and systems architecture normally take months to engineer and test; to comply immediately with the Court’s order, the NSA may have to shut down all the databases and systems that contain Section 702 information. Such a shutdown would suspend acquisition of communications pursuant to Section 702 and analyst access to communications acquired under Section 702. NSA would lose access to what would be otherwise lawfully collected signals intelligence information on foreign intelligence targets that are vital to the performance of NSA’s foreign intelligence mission. Section 702 is the most significant tool in NSA’s arsenal for detecting, identifying, and disrupting terrorist threats to the United States and around the world. The impact of a shutdown of the databases and systems that contain Section 702 information cannot be overstated.
After the hearing, the judge sided with the NSA/DOJ, basically saying that the original temporary restraining order blocking the destruction of evidence (from back in March) still stands, but that the issue of whether or not it actually also covers data collected under Section 702 will be briefed at a later date, and until that time the DOJ/NSA are free to continue destroying evidence.

If there's some sort of silver lining to all of this, it's at least the acknowledgement that the NSA really does have a minimization process to not hang onto information it's not supposed to have, and that it's not immediately easy to turn off the process of getting rid of that data. But, still, that's a small consolation, given the seriousness of the issues in the case, and the fact that the destroyed evidence may highlight more serious abuses by the NSA in conducting surveillance on Americans.
Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: destruction of evidence, doj, jewel v. nsa, minimization, nsa, section 702, surveillance
Companies: eff


Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. identicon
    Anonymous Coward, 6 Jun 2014 @ 6:39pm

    It also means that this is unbelievably institutionalized.

    link to this | view in thread ]

  2. identicon
    Anonymous Coward, 6 Jun 2014 @ 6:41pm

    Assuming they have any sort of active mirroring going on in a RAID-like array, they could just pull the mirrored hard drives and rebuild the array later.

    It can't seriously be that hard to not destroy the evidence.

    link to this | view in thread ]

  3. identicon
    Anonymous Anonymous Coward, 6 Jun 2014 @ 6:54pm

    Backups and Spiders

    An agency that depends upon data, and they have no backup? Unbelievable.

    Secondly, they could just borrow a spider from any search engine, along with a script to copy off any relevant data. If they don't know how, any search engine company could certainly tell them, but this is so easy to do for themselves that it is also unbelievable.

    link to this | view in thread ]

  4. icon
    orbitalinsertion (profile), 6 Jun 2014 @ 7:14pm

    So, how do they keep the data they do need for fighting terrorism?

    This sounds like an awful lot of bullshit. If you can save some data, you can save any data you so choose. All data is equal. It's not like "terrorist data" is oily and doesn't run out the bottom of the constantly-filling purge-bucket of water.

    They can go right ahead and effectuate themselves.

    link to this | view in thread ]

  5. identicon
    Anonymous Coward, 6 Jun 2014 @ 7:39pm

    Re: So, how do they keep the data they do need for fighting terrorism?

    Went to comments to post exactly this, just use the same mechanisms they use to save information about 'terrorists'.

    link to this | view in thread ]

  6. icon
    That One Guy (profile), 6 Jun 2014 @ 7:41pm

    If there's some sort of silver lining to all of this, it's at least the acknowledgement that the NSA really does have a minimization process to not hang onto information it's not supposed to have, and that it's not immediately easy to turn off the process of getting rid of that data.

    And the NSA/DOJ and what they claim became credible when exactly?

    They claim that they can't stop the data from being deleted, but given who is making the claim, and how insanely convenient it is for all that evidence to just go up in smoke, I'd say the odds of it really being impossible to back-up relevant files(like you can do with any computer), rather than just 'personally inconvenient' is likely zero to nil.

    link to this | view in thread ]

  7. icon
    MarcAnthony (profile), 6 Jun 2014 @ 7:44pm

    "Halting these purges and age-offs to preserve all Section 702 material, as we understand the Court to have ordered..."


    This statement sure sound weaselly, and I'd wager they are distorting the order (again) to circumvent its intent; they can understand the Court to have ordered whatever fits their desired interpretation. It should be trivially easy and within the law to produce copies of information to serve as evidence in a federal court case, and if it isn't, how can such a system comply with existing laws for records retention; further, how can we possibly retain our right to redress the grievance? It places an onerous and insurmountable burden on the plaintiff if the defendant can simply avoid producing evidence, and it seems they've jury-rigged their database(s) to do just that.

    link to this | view in thread ]

  8. identicon
    Anonymous Coward, 6 Jun 2014 @ 7:48pm

    Re:

    I wonder if the judge is afraid?

    link to this | view in thread ]

  9. identicon
    Anonymous Coward, 6 Jun 2014 @ 8:22pm

    Lulz! The NSA can't even search their own databases for the name 'Jewel', and then copy/backup any information relating to 'Jewel' from their own databases? How can the NSA catch terrorists if they can't search for names in their own databases?

    Once there's a backup of 'Jewel' that exists outside the databases, it no longer matters if information inside the databases 'rolls off' after 2-5 years.

    Ahhahahah! The NSA can engineer and construct multi-trillion dollar databases, but they have no idea how to copy information off those databases.

    Give me a break! It's laughable. In other words, the DOJ just confused the judge with a while bunch of technical mumbo-jumbo, and the judge turned around and said ok I believe you, because your the DOJ, pure as snow.

    Ahhhahahahah, what a mockery.

    link to this | view in thread ]

  10. icon
    That One Guy (profile), 6 Jun 2014 @ 8:33pm

    Re:

    It places an onerous and insurmountable burden on the plaintiff if the defendant can simply avoid producing evidence, and it seems they've jury-rigged their database(s) to do just that.

    Oh it gets worse. Assuming they're for once telling the truth(unlikely, but for the sake of argument) consider how it can take sometimes years to go through the process of case-appeal-case-appeal, and with a system like that in place it would be trivially easy for them to simply delay any case until all the relevant data/evidence is destroyed.

    The idea that they set up the system like that to 'protect the peoples' rights'? Yeah, no chance in hell.

    link to this | view in thread ]

  11. identicon
    Anonymous Coward, 6 Jun 2014 @ 9:57pm

    FFS. Just give the EFF the win already. NSA can't get away with destroying evidence. For all we know their system is built like this on purpose for such situations. I wish judges wouldn't be so damn gullible.

    link to this | view in thread ]

  12. icon
    Peter (profile), 6 Jun 2014 @ 10:22pm

    They are getting away too easy. Why not attach conditions to keep EFF and defendants on equal footing
    - waive the 'no standing' defense in return
    - reverse the burden of evidence. The DOJ can still decide if that is a price worth paying, of if they can find a way to preserve the evidence after all
    - run any search the EFF may want to run, and preserve any data that may result
    - turn over to the court very detailed metadata of the data destroyed (quantity, origin, data stored, reason stored, legal basis for storing, ...)
    - order storage of representative samples, i.e., keep x% data selected in a statistically meaningful way

    link to this | view in thread ]

  13. icon
    Peter (profile), 6 Jun 2014 @ 10:25pm

    The DOJ did not have a problem with shutting down an operation to preserve evidence when they were the accuser and the defendant Megaupload.

    link to this | view in thread ]

  14. identicon
    Anonymous Coward, 6 Jun 2014 @ 11:19pm

    Re: Re:

    Well, the NSA know where all the skeletons are buried...

    link to this | view in thread ]

  15. identicon
    Lurker Keith, 7 Jun 2014 @ 12:32am

    How do we know?

    Assuming their being honest that they actually do have hard-wired minimization, how do we know they didn't change the file Properties (eg. date collected) for the stuff the EFF wants, so it'd get caught in the filter early?

    link to this | view in thread ]

  16. identicon
    Lurker Keith, 7 Jun 2014 @ 12:34am

    Re: How do we know?

    they're*

    Grr! I am very careful regarding there, they're & their. How'd I screw it up?

    link to this | view in thread ]

  17. icon
    Michael Donnelly (profile), 7 Jun 2014 @ 12:34am

    The silver lining isn't that deep.

    What Mike meant to say (and I mean this in the least sarcastic way possible) is this:

    If there's some sort of silver lining to all of this, it's at least the acknowledgement that the NSA is willing to tell a court that it really does have a minimization process to not hang onto information it's not supposed to have, and that it's not immediately easy to turn off the process of getting rid of that data.

    The NSA's track record, and that of its "overseers", suggests that there might be a gap between what it says is true and what is actually true. Just a small gap. Like a teeny-tiny one. Maybe 300 million "targets", give or take. Little gap, I swear.

    link to this | view in thread ]

  18. identicon
    David, 7 Jun 2014 @ 1:06am

    You swallowed the cool-aid

    If there's some sort of silver lining to all of this, it's at least the acknowledgement that the NSA really does have a minimization process to not hang onto information it's not supposed to have,


    Uh, according the constitution the NSA is not supposed to record communications without a warrant. They are, however, recording what they can get from all internet traffic.

    They are clearly already operating in breach of the law. That's not their current problem. Their problem may be just fabrication, but it also may be that they don't have the capacity to retain all of their wiretappings because they are, illegally, tapping everything they can.

    The NSA most certainly does not have minimization processes to not hang onto information it's not supposed to have: if they are not supposed to have it, it means they are not supposed to collect it in the first place.

    What the NSA will have are minimization processes to not hang onto information it cannot afford to hang onto for technical reasons. For even the best indexable storage devices in the world, the Internet is a bit large.

    When we are talking about non-indexable devices, things become easier. The NSA could most certainly prepare a streamout of data to tapes. But it's not likely the EFF or whoever could make a lot of use of several containers full of magnetic tape.

    Not everyone has the processing power of the NSA...

    link to this | view in thread ]

  19. icon
    vancedecker (profile), 7 Jun 2014 @ 1:40am

    Re:

    Police work in poorly but cool, neon lit warehouses using advanced technology and forensic equipment.

    There is no need for the NSA to feed local police departments information since they have all the same equipment and cool hacker-turned-legit sometimes-asian goth chicks.

    I mean just watch NCIS Miami or Bones, you don't see the NSA swooping in and solving crimes do you?

    link to this | view in thread ]

  20. identicon
    Anonymous Coward, 7 Jun 2014 @ 2:22am

    Re: The silver lining isn't that deep.

    To be honest,t hat gap is approximately fifteen times the size of the DeepWeb. Also, the Mariana Trench.

    link to this | view in thread ]

  21. identicon
    Anonymous Coward, 7 Jun 2014 @ 5:11am

    Re: Re: How do we know?

    I always make stupid little mistakes and then I re-read it and I'm like what the heck?

    link to this | view in thread ]

  22. identicon
    David, 7 Jun 2014 @ 5:15am

    They are lying through their teeth

    All they need to preserve the evidence is mark the EFF as terrorists (if they have not done so already) and put a marker "do not disappear/kill right now because it would make a court mad" on it.

    If that does not preserve their records on them, they are not doing their job anyway.

    link to this | view in thread ]

  23. identicon
    Lurker Keith, 7 Jun 2014 @ 5:50am

    Re: Re:

    That's partly because it's illegal for the NSA to operate in the USA. They are supposed to be keeping tabs on foreign enemies. Not foreign allies. Not domestic anything. Foreign enemies.

    We have the FBI for local stuff the police are ill equipped to handle. & shows that demonstrate this (Criminal Minds, & Numb3rs, when it was on).

    link to this | view in thread ]

  24. identicon
    Anonymous Coward, 7 Jun 2014 @ 6:26am

    Re:

    And if the tables were turned and it was for the defence asking for that evidence (which could be shown/proved that their client was a terrorist) to be delted you could sure bet your life that the DOJ would argue for presevation of that data. Double standards me thinks.

    link to this | view in thread ]

  25. identicon
    Anonymous Coward, 7 Jun 2014 @ 7:15am

    Response to: Anonymous Coward on Jun 6th, 2014 @ 6:41pm

    Yes it can. The judge's order would require them to permanently store all sniffed data... including traffic which is normally scanned but not stored, any sort of temporary cache, spool, or rotating log. Its an indirect admission that they simply cannot store ALL snooped traffic.
    Not that I trust the NSA, I don't.

    link to this | view in thread ]

  26. icon
    GEMont (profile), 7 Jun 2014 @ 7:53am

    That was slick!

    "... at least the acknowledgement that the NSA really does have a minimization process to not hang onto information it's not supposed to have, and that it's not immediately easy to turn off the process of getting rid of that data."

    Unless, of course, the NSA, well, you know, simply lied once again in order to prevent the legal system from interfering with their activities and in doing so, learning that their activities, were, well, you know, illegal and such... I mean, it would not exactly be the first time they lied about such things.

    I must admit though, to turn the FISC orders around and use them as a defense, is bordering on genius and, well, to be honest, I really didn't think they had that sort of intelligence in their ranks.

    Live and learn eh.

    link to this | view in thread ]

  27. icon
    GEMont (profile), 7 Jun 2014 @ 8:03am

    Re: Response to: Anonymous Coward on Jun 6th, 2014 @ 6:41pm

    I suspect that the whole "but we simply cannot separate the data the court wants preserved from the rest of the data that needs to be regularly erased, because errrr..... complicated!!!" argument, is simply 100% NSA-BS.

    How do they pull out data that they want to use for special projects, if they do not have a method of isolation and extraction already in place? Obviously if they need to preserve soon to be eradicated data in order to use it in an investigation, they have the means to prevent it from being erased and to pull it from whatever computer network archives it is stored in, easily and quickly. That would be an absolute necessity in the designing of such a system.

    I'm beginning to think that the NSA cannot actually speak without shit falling out of its mouth. Its like they've been lying so long they no longer know how to do anything else.

    link to this | view in thread ]

  28. icon
    GEMont (profile), 7 Jun 2014 @ 8:12am

    Surprising Solidarity

    Damn. Looks like I should read all the comments already posted before adding my 2 cents.

    Nice to see that nobody here was fooled by the "too complicated" BS excuse the NSA gave the courts.

    Sad to see that the courts are still willing to let the NSA get away with everything, as long as they have at least a reasonably acceptable lie handy.

    Or maybe I'm giving the courts too much credit in thinking they are smart enough to see through the obvious BS excuse, and just want to please the administration... perhaps they actually believed the NSA. That would be even sadder.

    link to this | view in thread ]

  29. identicon
    David, 7 Jun 2014 @ 8:17am

    Re: That was slick!

    So they have a court order for it and cannot print out all records pertaining to the case, then store them?

    Does that mean that operating according to the Fourth Amendment (namely based on warrants for specific information) is not even feasible with their setup?

    "I am sorry, Dave, but I am afraid I can't do that."?

    So they have set up a big machinery that will not facilitate specific searches or court orders.

    What does it require to change the operating parameters? A SWAT team?

    Eisenhower sent the army to desegregate the Southern schools. But you can hardly send the army to change the operating parameters of the NSA since the NSA is the army.

    How does oversight work when the technicians trump the courts, because "reasons"?

    "If we didn't get to contemn the courts, we'd have to work harder to acquire blackmail material. We've already stopped zero terrorist plots, and being accountable would let that number drop significantly."

    link to this | view in thread ]

  30. identicon
    Anonymous Anonymous Coward, 7 Jun 2014 @ 8:42am

    Re: Surprising Solidarity

    "Or maybe I'm giving the courts too much credit in thinking they are smart enough to see through the obvious BS excuse"

    It may also be possible that some courts are operating under their normal rules, but the NSA isn't, then use 'National Security' as a standard of obfuscation.

    link to this | view in thread ]

  31. identicon
    Anonymous Coward, 7 Jun 2014 @ 8:55am

    If the NSA can't comply with the court order due to prior commitments and can't do a proper search to save all data relevant data to the case prior to erasure, then shouldn't the EFF apply for a summary judgement against the NSA? It is obvious that evidence is being destroyed and that the NSA is at fault. The NSA must comply with both court orders, but in realizing that the orders conflict it is the NSA's responsibility to 1) consult FISA and 2) backup data. The NSA is making a mockery of the legal system and the Judge should make an example of them. No person or agency is above the law.

    link to this | view in thread ]

  32. icon
    AJ (profile), 7 Jun 2014 @ 9:17am

    Depends on their system design

    As a foreigner I don't want to apologize for the NSA, but having worked with scientific systems that have to collect continuously arriving data I can understand why it might be technically impossible for them to stop destroying old data.

    The front end data collection process for each source is likely to be putting that raw data into a large circular buffer, such that incoming data overwrites the oldest data stored — the length of the buffer and the average data rate thus control how long you end up keeping that raw data. While the raw data is still in that buffer it can be queried and extracted, but to stop destroying old data you would have to stop collecting any new data that is going to overwrite it.

    Now each data source that they're monitoring is going to have its own buffer like this which is probably placed very close to the point where the data is collected, and the system will be designed to do the querying and extraction locally as well. This means that the bandwidth between that buffer and the NSAs external storage (such as that big data center in Utah) can be much smaller than the incoming raw data rate, so they just can't copy all of the buffered data to offline storage; there's just too much data in the buffers for that.

    This could also explain why they claim that they're not "collecting" data on everyone; until they actually enter a query that will select a particular data item and send it back to their data center, all those circular buffers are just holding the past history temporarily and aren't doing anything with it. If they wait too long it will get overwritten, thus fulfilling their limited time legal requirements.

    link to this | view in thread ]

  33. identicon
    Anonymous Coward, 7 Jun 2014 @ 9:47am

    it's at least the acknowledgement that the NSA really does have a minimization process to not hang onto information it's not supposed to have


    That's the purported reason they're destroying this evidence. It may not be the real one.

    link to this | view in thread ]

  34. icon
    That One Guy (profile), 7 Jun 2014 @ 2:31pm

    Re: Depends on their system design

    A few people have brought up problems with that excuse, and it basically boils down to the idea that if they're telling the truth, if something relevant is about to be overwritten(in this example something they don't want deleted), then they're completely out of luck.

    'We can't stop old data from being destroyed/overwritten' is very different than 'We can't create copies of data we currently have', even if they seem to be trying to say that the first automatically means the second is true, and if it is, then the system is a huge mess, and all but useless given the entire justification for scooping up all the data is supposed to be to 'help them connect the dots', a rather difficult task when the 'dots' can be removed completely outside your control.

    link to this | view in thread ]

  35. identicon
    Anonymous Coward, 7 Jun 2014 @ 4:44pm

    Changes of this magnitude to database and systems architecture normally take months to engineer and test; to comply immediately with the Court’s order, the NSA may have to shut down all the databases and systems that contain Section 702 information.


    Haven't they had months to do this? Or are they just going to hide behind their contradictory interpretations as an excuse for not starting to implement this months ago

    link to this | view in thread ]

  36. icon
    tddial (profile), 7 Jun 2014 @ 5:30pm

    Re: Backups and Spiders

    Certainly NSA has backups, but might have very limited or costly search mechanisms. They also could, as someone mentioned, snapshot the database; depending on the storage details that could present some difficulties, mostly a matter of resources. The technical justification is more than a tiny bit disingenuous.

    However, the minimization rules I have seen in the publicly available documents require that information about U. S. persons be purged immediately when recognized as such. Changing existing procedures for that would, indeed, force that agency into noncompliance with its own internal controls, FISC orders, and the law under which the program is authorized, as the brief argues, in part.

    Stipulating that the statement is true that the Section 702 collections that are the primary or exclusive target of the brief comprise multiple interrelated databases, and admitting the possibility that NSA has decent software development practices, several months may not be unreasonable for implementing the implied changes.

    link to this | view in thread ]

  37. icon
    tddial (profile), 7 Jun 2014 @ 5:43pm

    Re:

    What data in which Section 792 database can be identified by the search argument "Jewel" might not be a useful question. In fact, such a search might well return no results at all, any more than it would if applied to the Section 215 telephone metadata. In the latter case the relevant data probably would be found by searching the data for each telephone number that "Jewel" might have used during the period in question. That might not get them all (e. g., calls made from a public or other telephone) and might fetch back a few calls made by others. Most of the data collected initially will not contain much personal identification data, if any, and will not be useful to anyone until and unless merged with other data that does; that is likely to be nontrivial and not done on a uniform basis.

    link to this | view in thread ]

  38. icon
    tddial (profile), 7 Jun 2014 @ 5:44pm

    Re: Re:

    That wuuld be "Section 702", not "Section 792".

    link to this | view in thread ]

  39. icon
    tddial (profile), 7 Jun 2014 @ 5:51pm

    Re: The silver lining isn't that deep.

    The NSA has had minimization rules very similar to the present ones in place for about 40 years, since before the Church Committee hearings in late 1975.

    You might wish to argue that they did not follow them, but there seems to be no evidence for such a claim other than a few NSA employees who were punished or dismissed for personal use of some of the data.

    link to this | view in thread ]

  40. icon
    tddial (profile), 7 Jun 2014 @ 6:22pm

    Re: Depends on their system design

    This is one of the few technically informed comments in this thread, or indeed most of those I have seen on anything to do with signals intelligence in the last year. The published briefing charts seem to describe multi-tier filtering in which nearly all of the data is discarded in the initial collection phase, and the remainder is later matched and merged with other data one or more steps later.

    All things considered, it might not be completely unreasonable to argue that this does not constitute "spying" or even "collection" to the extent this is done by machine, for example based on comparison of source/destination IP address with known network structure. It would also, of course, be reasonable to argue that any agency that has a sniffer on the internet trunks needs very careful supervision, and that certainly would include the NSA, GCHQ, CSEC, ASD, and GCSB, as well as all employees of the companies who maintain the communication facilities.

    link to this | view in thread ]

  41. identicon
    Anonymous Coward, 7 Jun 2014 @ 7:46pm

    Once they're gone....

    How much do you want to bet that once the case gets dropped "due to lack of evidence" they'll immediately revert their back-ups so that the data sought isn't even destroyed?

    link to this | view in thread ]

  42. identicon
    David, 7 Jun 2014 @ 10:19pm

    Re: Once they're gone....

    "Revert their backups"? Why? The search data bases need to be online to do their "work". I presume that the data just gets tagged with "don't tell courts about this" which restricts access to proven liars.

    link to this | view in thread ]

  43. identicon
    Anonymous Coward, 8 Jun 2014 @ 2:49am

    The simplest way to fulfill the court order is to search for the defendant's names, and then print out the records using a paper printer. No complicated database backups, just click File on the toolbar and scroll down to Print.

    The NSA and DOJ are so full of shit.

    link to this | view in thread ]

  44. icon
    simality (profile), 8 Jun 2014 @ 10:34am

    Surprised? I'm not.

    This case is not being fought on a level playing field. Justice is not blind where the NSA is concerned nor are the courts independent and impartial. They are run by the federal government which also runs the NSA.

    That's called a conflict of interest and our government is long past the days where it would go out of its way to avoid taking advantage of such things.

    I'd of been shocked if the ruling had gone the other way.

    link to this | view in thread ]

  45. icon
    simality (profile), 8 Jun 2014 @ 10:46am

    Re: How do we know?

    In fairness, which I find difficult, database stuff doesn't have file properties as you are used to thinking of them. Yes there would be a "date collected" property but if I was building this infrastructure I would also input a hard-coded fail-safe that would throw up all sorts of alarms if that field was modified.

    link to this | view in thread ]

  46. identicon
    Candid Cameron, 8 Jun 2014 @ 11:51am

    Re: Re:

    Yeah, afraid to lose his job. This ruling is wrong and what's worse is that he no doubt KNOWS it's wrong. The only people who seem to have any guts these days are the whistle blowers and even they are few and far between. Does no one believe in things like honor, integrity, and honesty anymore? There doesn't seem to be a single person working over there with a spine, willing to stand up and simply tell the truth for once. It's all so damn tragic, not to mention very shameful, to care more about covering ones ass than upholding the constitution you swore an oath to uphold and protect. Yes, very shameful indeed.

    link to this | view in thread ]

  47. icon
    tddial (profile), 8 Jun 2014 @ 12:38pm

    Re: You swallowed the cool-aid

    "[A]ccording the constitution the NSA is not supposed to record communications without a warrant."

    Different rules apply to different kinds of communication. Telephone content is legally different from telephone company business records (the "metadata"), for example. The issue in this article appears to be mostly or entirely Section 702 collections, which are foreign targeted and for which warrants may not be required under the existing minimization rules for handling incidental capture of domestic data and data pertaining to U. S. citizens abroad.

    "They are clearly already operating in breach of the law."
    Actually, they are not. That is precisely the controversy in front of the court.

    The poster plainly is unfamiliar with the history of the FISA and its various reauthorizations and amendments, or with the general contents of Executive Order 12333. As I noted earlier, it is possible that the laws and order are being violated, but no real evidence of that seems to be available.

    link to this | view in thread ]

  48. icon
    tddial (profile), 8 Jun 2014 @ 12:56pm

    Re: Re: How do we know?

    Many database managers have a timestamp facility, and it is often used in application databases. It is likely that NSA database designers are aware of this and use it where that makes application sense.

    On the other hand, it is probable, and in agreement with the published NSA slides, that a large part of the data that is acquired, for some meaning of "acquired", is discarded almost immediately, for example:

    a. because both source and destination IP addresses are in the U. S.;

    b. because it clearly is noise (e. g., cat videos not to or from a targeted area);

    c. because it is a search for, or search result from, a query of no intelligence interest (e. g., my search for information about domestic dishwashers).

    Such information normally would not be placed in a database, and the claim in the governments brief that significant changes could be required to retain it is reasonably plausible, although possibly somewhat overstated.

    link to this | view in thread ]

  49. identicon
    Rick Caird, 8 Jun 2014 @ 3:54pm

    Re: Re: Re:

    I wonder if the judge was being blackmailed by the NSA.

    link to this | view in thread ]

  50. icon
    tddial (profile), 8 Jun 2014 @ 5:31pm

    No. Just no. The level of apparent paranoia on this site (more than anything the NSA or its Five Eyes associates have done) suggests a legitimacy problem in the US. (I assume most of the comments are from US residents.)

    Some things to keep in mind about the NSA is that its programs were

    - designed based on laws passed by the US Congress and signed by the contemporary President - several Congresses and Presidents.
    - developed by civilian and military government employees and US citizen contractors who, apart from being in the most intelligent tenth or so of the population, are mostly not distinguishable from the population as a whole, in particular in their concern for civil rights;
    - supervised by NSA management; the NSA legal office, the Inspector Generals of the NSA and DoD; the Attorney General; and a court composed of federal judges appointed by the President with the advice and consent of the Senate and designated for the Foreign Intelligence Surveillance Court by the Chief Justice of the Supreme Court (also appointed by the President with the advice and consent of the Senate).
    - reported upon regularly to the Intelligence Committees of the Senate and the House of Representatives.

    One may take this either as evidence that the entire government is, or is becoming, a tyranny or as evidence that controls are in place that might or might not be considered adequate.

    Contrary to often expressed opinion, it is not "obvious" that any of the reported activities violate either the Fourth Amendment or the law. Fourth Amendment law is both voluminous and complex, and skilled attorneys disagree about how to apply it in particular cases. That is what the case in hand is about.

    Demonizing the NSA or others in the Executive branch, or judges who may be hearing cases that involve them, is not useful. It also goes against the basic agreement that underlies all representative democratic regimes: that we accept the output of the legislative and legal processes (including the laws against corruption in office) even when we disagree with them.

    It is certain that the technical facilities available to the NSA and other intelligence agencies (and a large number of private sector organizations and individuals) have the potential for serious abuse. Depending on point of view there is little evidence for that at present, or none. It is certain as well that it is necessary to keep these intelligence programs and activities under close watch; review their operation often to identify actual, potential, or perceived misuse; and review their internal and external controls to identify potential areas for abuse (or where they might be limiting the legitimate use of a program).

    link to this | view in thread ]

  51. icon
    John Fenderson (profile), 8 Jun 2014 @ 5:57pm

    Re: Re: Re: How do we know?

    "because both source and destination IP addresses are in the U. S."

    This would not be cause to discard the data. The NSA is no doubt aware of the fact that IP addresses aren't anything like a reliable indicator of where the packets actually originate or end up. It is trivial to make communications appear to originate and end in the US when in fact neither end is in the US.

    "because it clearly is noise"

    How could they determine this? Those cat videos may contain steganographic communications.

    "because it is a search for, or search result from, a query of no intelligence interest (e. g., my search for information about domestic dishwashers)."

    This has the same problem as the noise issue. Communications could easily be encoded in search parameters. When you click on a link in nearly all search engine results, the search parameters used to find that link are included in the referral URL. This could be leveraged to encode communications through the use of code words.

    These are all issues that I'm certain the NSA (et al) are well aware of, and is probably a big part of why they have a stated goal of capturing and keeping all communications by everybody.

    link to this | view in thread ]

  52. icon
    tddial (profile), 8 Jun 2014 @ 7:05pm

    a. Absent other selectors (such as the IP address associated previously with a known target), both IP addresses indicating a US location would indicate traffic of little interest to an intelligence agency. Spoofing the source address certainly could be useful to obscure the sender's true location, but spoofing the destination, or both, seems unlikely to be useful.

    b. Again, unless other selectors apply, capturing the average YouTube stream probably is low priority.

    c. The objection seems to presume that commercial search engines and web sites have a rather larger degree of corruption than seems likely.

    A back of the envelope calculation suggests that NSA's Utah data center has enough floor space to accommodate storage for a couple of weeks of aggregate internet protocol data. They are pruning the data early and often. They may have a goal of scanning everything, but claims about plans to retain all of it do not compute, especially on an assumption that the intelligence agencies might be interested in something beyond IP traffic, like voice.

    link to this | view in thread ]

  53. icon
    MarcAnthony (profile), 8 Jun 2014 @ 7:15pm

    Re:

    @tddial
    It isn’t paranoia when there’s valid reason for suspicion and distrust. There is a legitimacy problem in that our government’s actions don’t conform to the law or that they are rewriting them and throwing up roadblocks to our challenges.

    Some things to keep in mind about the NSA is that its programs were
    • designed based on laws that were passed by a Congress that admits it was intentionally kept in the dark about various aspects of these programs
    • enabled by secrecy that undermines our right to representation
    • developed and run by people who may have no more (or possibly less) intelligence than is average and who are equally as capable as others of ethics violations
    • supervised by a management that has intentionally obfuscated facts, lied under oath, and has been found to overstep their authority even by the FISA court

    It is obvious that any government program that denies rights and liberties, such as the right to be free from unwarranted searches, is tyrannical; any such law passed, without first amending the Constitution, lacks legitimacy.

    Demonizing the NSA and the Executive is incredibly useful and has actually already started to produce at least token change from companies like Google and Microsoft. The fact is that we are increasingly losing our liberty and representation, since we can’t be represented in proceedings where we lack informed consent. When the founding fathers felt they lacked representation, they roused a rabble, and, if you don’t want to continue to see rights erosions, that is the kind of statesmanship we need now; the NSA must undergo a major correction, and the only way that will happen is with vocal disagreement with their policies and with any entity—government or corporation—that is enabling or siding with them.

    It is certain that the NSA has already abused its powers; e.g. loveint, and will continue to do so unless they are sufficiently challenged. We are supposed to have the Constitutional right to mount such legal challenge to redress grievances, so why do they keep stymieing those efforts? It’s almost certainly because we won’t like what we find.

    link to this | view in thread ]

  54. icon
    tddial (profile), 8 Jun 2014 @ 9:01pm

    One of the problems is that it has not been legally determined that the programs, as such, violate the law. Legislators who claim to have been kept in the dark might have an interest in taking that position, just as NSA and other intelligence agency managers may have an interest in justifying the programs. The text of the relevant section of 50 US Code 1861 is somewhat convoluted and grants a lot of authority to the FISC. Most of the legislators who approved it are attorneys, though, and should have been able to spot potential problems - if they or someone on their staffs actually had read it carefully. That some of them now claim to have been bamboozled is evidence enough to retire them at the next election for lack of intelligence or carelessness with the truth.

    LOVINT is a particularly inappropriate example of NSA institutional misbehavior. The violators were identified based on NSA's internal controls and procedures or confessed when it appeared likely they would be caught, the cases were handled according to applicable military or civil service procedures and mostly resulted in loss of job, and they were reported to the FISC as required. There are better examples in the incorrect capture of domestic traffic due to incorrect filter implementation and capture of domestic telephone traffic due to incorrect entry of an area code. Like LOVINT violations, neither of these indicates systematic abuse, and both were reported to the FISC as required. All three, however, indicate that internal design and operational controls warrant attention.

    The Constitutional right to mount a legal challenge to the predecessor of the Patriot Act Section 215 metadata program appears to be the substance of Jewel v. NSA, which is yet to be decided. The government's brief is part of the process, as is the plaintiff's brief seeking the temporary restraining order from which the government seeks relief.

    link to this | view in thread ]

  55. identicon
    AnonYMouse, 9 Jun 2014 @ 6:04am

    Replicated Personal Data??? No thank you

    Produce me logs of what is being deleted. Copy one or two or a dozen of the records before queued deletion. But copy the database? I thought we opposd the collection. And now we speaking of replicating the data?

    link to this | view in thread ]

  56. identicon
    Anonymous Coward, 9 Jun 2014 @ 10:06am

    Re: tddial Jun 8th, 2014 @ 9:01pm

    These programs have not been determined to violate the law because the government has repeatedly used every available technique, no matter how absurd, to prevent courts from reaching a ruling. If the government focused on defending the case on the merits rather than having it thrown out under unbelievable excuses, then there would be some merit to the observation that the programs have not been found to violate the law. As is, you could as well observe that everyone currently alive is immortal, because none of them have yet died and remained dead. That the event has not happened yet does not prove it cannot happen or even that it is particularly likely not to happen.

    The text and the authority it purportedly grants are valid only to the extent that they are consistent with the Constitution. The government has repeatedly shown contempt for the Constitution and sought to misread the law at every opportunity.

    The government is welcome to argue it should be permitted to destroy evidence, but as other posters have pointed out, the system described by the DOJ is either not an accurate representation of how NSA actually operates or it is broken by design. I see no way to reconcile the ideas that:

    1) NSA can collect this data, but only retain it for a specified period of time.
    2) Retaining it for longer than that time would be unconstitutional even when the sole purpose of such extended retention is to determine whether its existence demonstrates a violation of law and the subject of the retained information has not only consented to such limited purpose preservation, but specifically requested the court to order such preservation.
    3) NSA lacks the technical means to retain this data without halting the entire operation.
    4) NSA destruction of evidence must occur under circumstances such that there is no possibility for a court-appointed neutral party to review any of the evidence prior to its destruction, nor any possibility for a court-appointed neutral party to retain custody of any portion of the evidence.
    5) DOJ lawyers lack the awareness to recognize what is ordered until they have exhausted every vaguely plausible misunderstanding of the order.

    link to this | view in thread ]

  57. identicon
    Zonker, 9 Jun 2014 @ 11:22am

    Re:

    The DOJ ordered Megaupload to preserve evidence of copyright infringement by some users of their system and they complied. The DOJ then shut down and seized Megauploads servers for containing red flag copyright infringing material in violation of the law.

    The NSA was ordered to preserve evidence of Fourth Amendment violations of some Americans private communications and they destroyed it. The DOJ says if they had preserved the evidence, they would have had to shut down and seize their own servers for retaining data on Americans in violation of the law.

    So what the DOJ must be saying is that if they order you to preserve evidence for trial, you must destroy it in order to avoid being shut down. Once you have destroyed the evidence, you are free to continue operations uninterrupted. Right?

    link to this | view in thread ]

  58. identicon
    Anonymous, 9 Jun 2014 @ 12:01pm

    Confused:

    I want to ask a very high level question which I have not seen yet in this entire thread:

    1. Evidence of a process running and the details of that process and logs of that process should be sufficient evidence as to wrong doing -- if 702 / 792 are referenced.

    2. Controls within the process and system definition developed to execute the process should also be sufficient evidence -- taking into account rules built into the development.

    3. Why do we want a copy of the communications the database is 'logging' as a means of evidence? Isnt the platforms existance, performance, process, and controls enough to secure a breach of moral, ethical, and possibly constinutional rights?

    I do not understand why we feel a copy of the detailed communications being logged is necessary. I do believe copying or halting the destruction of the communications being logged would be a huge security risk -- further endangering citizens.

    Would someone please educate me on what is required -- from an evidenciary perspective -- to prove a breach or constitutional rights?

    link to this | view in thread ]

  59. icon
    tddial (profile), 9 Jun 2014 @ 9:20pm

    Re: Re:

    Not quite. The current state appears to be that the government claimed that the temporary restraining order requiring retention of certain data, if applied to FISA Section 702 data, was inconsistent with standing court orders requiring that the data be deleted as soon as possible and retained no longer than a specified period. The court granted the request and scheduled a hearing for argument of the issue by both litigants.

    link to this | view in thread ]

  60. identicon
    Anonymous Coward, 10 Jun 2014 @ 1:31am

    Re: Re: Backups and Spiders

    er... "require that information about U. S. persons be purged immediately when recognized as such..."

    Unless I'm reading this whole thing wrong, data on US citizens is erased from the archives (that apparently has no backups) as soon as it becomes known to be data on US citizens.

    That would mean that any information that NSA has on any US citizen, would already be gone, erased as soon as it was identified as such and re-designated as erasable, so the automated purge could take place.

    This process would HAVE TO BE a manual operation as somebody would have to 1. become aware that certain data was about a US citizen and then 2. alter the designation of that particular set of documents from collectible to erasable, before 3. any automated process could act upon and erase that data.

    If the data "is still being erased" after the courts have said to stop erasing the pertinent data, then somebody is still re-designating collectible data as erasable so that the system can act upon it, if the whole process is real.


    The NSA is saying that this particular set of documents was not recognised as pertaining to a US citizen until after the court demanded they preserve the data, otherwise, it would already have been purged, according to the laws they now claim to be concerned about breaking, if they do not purge the now-known-to-be-about-US-Citizen data.

    Nope. The NSA is doing the only thing they do better than spying on the world. They're lying to the world.

    Again.

    No surprises there.

    Reality.
    ===========

    They knew the data was about a US citizen. They keep lots of data on lots of US citizens. The whole story about the system they use being single minded and clunky is a sham.

    Its state of the art equipment paid for by the US taxpayers.

    The data is kept on a system that is basically a huge interactive database, designed specifically to allow the easy isolation and extraction of data, as well as the easy re-designation of all data for easy erasure - with multiple backups.

    They extracted a copy of the data from the system and used it as evidence against a US citizen. Since nobody re-designated the data as erasable, it remains on the system and in the backups.

    The courts figured out the NSA was using the data illegally and lying about it and demanded they preserve the same data for the courts to examine.

    The NSA immediately started purging the damning data so that the courts could not discover the proof that the NSA had indeed known from the start that the data was about a US citizen, and in so doing realize that maintaining databases on millions of US citizens was indeed policy.

    The courts said stop erasing data.

    The NSA kept on erasing the damning evidence of their crimes and to gain needed time, they have used the very laws that demanded they originally erase such data, as an excuse to keep on erasing the evidence of their wrong doing.

    They have to keep erasing the data over such a long period of time because it is held in multiple backups and has had multiple copies made for their own internal use and these copies and backups are now a tad difficult to track down and they have to get every copy before any court investigation allows a search of their database.

    Just a bunch of crooks covering their tracks - as usual.

    Case closed.

    link to this | view in thread ]

  61. identicon
    Anonymous Coward, 10 Jun 2014 @ 2:11am

    Re: Depends on their system design

    This sort of buffer-limited system would not be used by the NSA for their data collections.

    The NSA is collecting ALL the data and then, according to their own description, deleting any that is found to be pertaining to US citizens. That means that ALL the data has to be examined by a human, and if determined to be about a US citizen, by a human, have its designation changed from "keep" to "purge", by a human.

    To be a fully automated system, the computer could only make such decisions by reading the data's origin, if it has such - as is the case with emails and phone calls - and erase any that carry an American origin.

    But, if this were the case, it would mean that all such data pertaining to US citizens would have already been erased, utterly eliminating the need for the NSA to keep on manually erasing the data day after day as they claim to the courts they must now do in this case.

    The rest of the data is kept for how ever many years the current laws allow and then and only then is it (apparently) purged from the database.

    This part of the process could indeed be automated by date easily, but again, if any such data might allow them to prosecute an enemy later when more associated data turned up, it would need to be preserved via some mechanism, just in case.

    What you are describing, is a system where ALL collected data is homogenous and can be purged because the incoming data is only momentarily important, and needs to be erased to make room for new incoming data on a limited size buffer. If a glut of new data is incoming, then held data will be purged quicker than normal, and the reverse is also true. A buffer limited system would only be used for data whose pertinence lasted a very short time, like weather reports, or airline flight data and then became useless, or redundant.

    The NSA supposedly holds data as long as the law allows and needs to make determinations of content and pertinence before erasure of any part of the collection is considered, which utterly eliminates the possibility that they would use the type of system you describe.

    link to this | view in thread ]

  62. icon
    Khaim (profile), 10 Jun 2014 @ 6:44am

    Privilege

    If any private company tried these arguments, they'd be thrown out of court so fast the doors would fall off. Only the feds can point to another court ruling, say "golly gee it's too hard to do both of these at once", and get away with it.

    link to this | view in thread ]

  63. icon
    tddial (profile), 10 Jun 2014 @ 9:45am

    Re: Re: Depends on their system design

    This post (AC@Jun 10th, 2014 2:11am) almost certainly is incorrect in several respects.

    The NSA apparently has access to a quantity of data, both IP and telephone, that exceeds by orders of magnitude what could be examined by intelligence agencies that collectively employ in the neighborhood of 100,000 people, quite a few of them managers and support staff. The data quantity also exceeds by orders of magnitude what it would be possible to store for any reasonable period, although techniques like deduplication could be used for mitigation. But beyond any doubt they use programmed filters to ignore or discard a great deal of the data to which the have access.

    In the case of internet protocol traffic, such programmed filters might reject based on IP addresses, protocol, content type, email address, email body content, or possibly other characteristics. With appropriate equipment, something similar to Wireshark would be useful and automatic. Such devices would be imperfect and can be expected to be configured to err in the direction of overcollection subject to downstream capacity constraints. Manual review might begin at that point or be preceded by more complex automated filters, but eventually data would be available to intelligence analysts, who are required to eliminate "US Person" data that is not subject to legal collection. "US Persons" includes both foreign nationals legally in the US as and US citizens in other countries. Sorting these cases probably has a large manual component and deletions are legally required to be done immediately on recognition. Remaining data may be retained for varying periods specified in law, but remains subject to a legal and FISC-ordered requirement for immediate removal should it later be found to refer to US persons and its retention not authorized as part of an investigation. The same legal and court orders require it to be purged at the end of its lawful retention period.

    As many have stated, it probably would be relatively straightforward to suspend the time based purging, but changes to upstream automated and manual minimization procedures might well be both complicated and time consuming to make.

    link to this | view in thread ]

  64. icon
    tddial (profile), 11 Jun 2014 @ 8:06pm

    No. Just no. The level of apparent paranoia on this site (more than anything the NSA or its Five Eyes associates have done) suggests a legitimacy problem in the US. (I assume most of the comments are from US residents.)

    Some things to keep in mind about the NSA is that its programs were

    - designed based on laws passed by the US Congress and signed by the contemporary President - several Congresses and Presidents.
    - developed by civilian and military government employees and US citizen contractors who, apart from being in the most intelligent tenth or so of the population, are mostly not distinguishable from the population as a whole, in particular in their concern for civil rights;
    - supervised by NSA management; the NSA legal office, the Inspector Generals of the NSA and DoD; the Attorney General; and a court composed of federal judges appointed by the President with the advice and consent of the Senate and designated for the Foreign Intelligence Surveillance Court by the Chief Justice of the Supreme Court (also appointed by the President with the advice and consent of the Senate).
    - reported upon regularly to the Intelligence Committees of the Senate and the House of Representatives.

    One may take this either as evidence that the entire government is, or is becoming, a tyranny or as evidence that controls are in place that might or might not be considered adequate.

    Contrary to often expressed opinion, it is not "obvious" that any of the reported activities violate either the Fourth Amendment or the law. Fourth Amendment law is both voluminous and complex, and skilled attorneys disagree about how to apply it in particular cases. That is what the case in hand is about.

    Demonizing the NSA or others in the Executive branch, or judges who may be hearing cases that involve them, is not useful. It also goes against the basic agreement that underlies all representative democratic regimes: that we accept the output of the legislative and legal processes (including the laws against corruption in office) even when we disagree with them.

    It is certain that the technical facilities available to the NSA and other intelligence agencies (and a large number of private sector organizations and individuals) have the potential for serious abuse. Depending on point of view there is little evidence for that at present, or none. It is certain as well that it is necessary to keep these intelligence programs and activities under close watch; review their operation often to identify actual, potential, or perceived misuse; and review their internal and external controls to identify potential areas for abuse (or where they might be limiting the legitimate use of a program).

    link to this | view in thread ]

  65. icon
    tddial (profile), 11 Jun 2014 @ 8:15pm

    Re: Re:

    Not quite. The current state appears to be that the government claimed that the temporary restraining order requiring retention of certain data, if applied to FISA Section 702 data, was inconsistent with standing court orders requiring that the data be deleted as soon as possible and retained no longer than a specified period. The court granted the request and scheduled a hearing for argument of the issue by both litigants.

    link to this | view in thread ]

  66. icon
    tddial (profile), 11 Jun 2014 @ 8:16pm

    Re: Re: Depends on their system design

    This post (AC@Jun 10th, 2014 2:11am) almost certainly is incorrect in several respects.

    The NSA apparently has access to a quantity of data, both IP and telephone, that exceeds by orders of magnitude what could be examined by intelligence agencies that collectively employ in the neighborhood of 100,000 people, quite a few of them managers and support staff. The data quantity also exceeds by orders of magnitude what it would be possible to store for any reasonable period, although techniques like deduplication could be used for mitigation. But beyond any doubt they use programmed filters to ignore or discard a great deal of the data to which the have access.

    In the case of internet protocol traffic, such programmed filters might reject based on IP addresses, protocol, content type, email address, email body content, or possibly other characteristics. With appropriate equipment, something similar to Wireshark would be useful and automatic. Such devices would be imperfect and can be expected to be configured to err in the direction of overcollection subject to downstream capacity constraints. Manual review might begin at that point or be preceded by more complex automated filters, but eventually data would be available to intelligence analysts, who are required to eliminate "US Person" data that is not subject to legal collection. "US Persons" includes both foreign nationals legally in the US as and US citizens in other countries. Sorting these cases probably has a large manual component and deletions are legally required to be done immediately on recognition. Remaining data may be retained for varying periods specified in law, but remains subject to a legal and FISC-ordered requirement for immediate removal should it later be found to refer to US persons and its retention not authorized as part of an investigation. The same legal and court orders require it to be purged at the end of its lawful retention period.

    As many have stated, it probably would be relatively straightforward to suspend the time based purging, but changes to upstream automated and manual minimization procedures might well be both complicated and time consuming to make.

    link to this | view in thread ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.