NSA Claims Surveillance Programs Aided The Stopping Of 50 Attacks; Details Lacking

from the obfuscate,-obfuscate,-obfuscate dept

In a hearing before the House Intelligence Committee today, NSA boss Keith Alexander once again claimed that the big NSA surveillance programs had stopped terrorist attacks. Rather than the "dozens" he stated last week, today it became "more than 50 potential terrorist events." Of course, as is typical, both the questions (asked by NSA supporters) and the answers were pretty carefully choreographed. Digging in, you find out that Alexander was specifically referring to PRISM, and not the (much more worrisome) dragnet of all phone records. On that program, there doesn't appear to be any actual data on what it was used for. On top of that, when asked about whether or not these programs were essential or necessary to stopping those attacks, as compared to other programs, no one would say that they were necessary or essential.

The other careful choice of words was people would ask about whether or not phone calls had been recorded under these particular programs, but not other programs. When Deputy Attorney General James Cole was specifically asked about other programs, he responded that that was classified information. Make of that what you will. Cole also claimed that the program to collect all phone numbers "is not a program that's off the books, that's been hidden away." Of course, if that were true, why are so many people -- including politicians who supposedly have oversight over the program -- so surprised about it? How come there has been no reporting on it? How come, when asked about it, Director of National Intelligence, James Clapper said "no" to whether or not information was collected on millions of Americans? It certainly sounds "hidden away."

Meanwhile, the really shameful performance came from Rep. Mike Rogers, who led the hearing, who again claimed that Ed Snowden both was lying and that his revelations weakened American security by revealing secrets to enemies. And then he pulled out this whopper:

"It is at times like these when our enemies within become almost as damaging as the enemies on the outside. It is critically important to protect sources and methods so we aren't giving the enemy our playbook."

So, again, no one understands the programs revealed, because Snowden's leaked info is wrong... and now our enemies know what we're doing... and Snowden is "almost as damaging" as those who wish to attack us. None of that makes any sense at all.

In the end, though, it's more of the same. Even if we could say that these programs were useful in stopping a potential attack, what we don't know is if the program was necessary to do so. We don't know what sort of collateral damage was caused. We don't know if traditional methods of investigation would have worked just as well, with no violations of privacy for Americans. We're just being told on faith to "trust the NSA."

Filed Under: congress, ed snowden, james clapper, james cole, keith alexander, mike rogers, nsa, nsa surveillance, prism

Even The AP Is Calling Bull On Government Claims Of PRISM Helping Stop NYC Subway Bomb

from the when-you-can't-even-convince-them... dept

We've already explained how some NSA supporters, including Rep. Mike Rogers and Senator Dianne Feinstein, are trying to defend PRISM and other NSA surveillance efforts by saying that it stopped a NYC subway bombing but their claims don't seem to hold up under scrutiny. Now even the Associated Press is calling out those statements as highly questionable, which is somewhat amazing for the AP, as it normally loves to just present "both sides of the story" and then let you decide what's real. But the article linked above actually digs in and points out where the claims by the NSA's defenders don't seem to add up to anything.

Director of National Intelligence James Clapper said investigators "found backpacks with bombs." Really, the bombs hadn't been completed and the backpacks the FBI found were unrelated to the plot.

Feinstein said the FBI had Zazi under surveillance for six months. Court testimony showed Zazi was watched only for about two weeks before he was arrested.

But there's a much bigger point that the AP makes. Even if the claim was somehow true that PRISM was useful, nowhere does that claim show how a standard warrant wouldn't have provided the same information:

That's because, even before the surveillance laws of 2007 and 2008, the FBI had the authority to - and did, regularly - monitor email accounts linked to terrorists. The only difference was, before the laws changed, the government needed a warrant.

To get a warrant, the law requires that the government show that the target is a suspected member of a terrorist group or foreign government, something that had been well established at that point in the Zazi case.

In other words, even if PRISM was used, there's no evidence that it was needed, because the NSA could have easily obtained the same information through traditional means -- getting a warrant -- and without potentially violating the privacy of millions of others.

Filed Under: dianne feinstein, exaggeration, james clapper, mike rogers, nsa, nsa surveillance, nyc subway bomb, prism, warrants, zazi

Senator Wyden Calls For Hearings Over Intelligence Officials Lying To Congress

from the about-time dept

We've discussed in great detail how the Director of National Intelligence, James Clapper, lied to Congress concerning NSA surveillance and why he should face the consequences of such lies. What hasn't been noted as much is that NSA boss Keith Alexander more or less told the same lies to Congress a few months earlier, in a letter responding to some of Senator Wyden's questions.

Now Wyden is pointing out that this is unacceptable and calling for hearings on the claims of the intelligence community to Congress:

“One of the most important responsibilities a Senator has is oversight of the intelligence community. This job cannot be done responsibly if Senators aren’t getting straight answers to direct questions. When NSA Director Alexander failed to clarify previous public statements about domestic surveillance, it was necessary to put the question to the Director of National Intelligence. So that he would be prepared to answer, I sent the question to Director Clapper’s office a day in advance. After the hearing was over my staff and I gave his office a chance to amend his answer. Now public hearings are needed to address the recent disclosures and the American people have the right to expect straight answers from the intelligence leadership to the questions asked by their representatives.”

The specifics here are important, because last week, Clapper suggested that his answer was about whether or not the NSA collected emails from millions of Americans, even though Wyden's direct question concerned "any type of data." Now we know that (1) Clapper had this question ahead of time and (2) was later given a chance to clarify his answer. And he still stood by his "no" answer -- which he now calls "the least untruthful" answer. But we can drop the "least" part of that. It was untruthful. Extremely untruthful in light of the evidence that the NSA is collecting all phone records from at least Verizon and AT&T, but likely from others as well.

Update: For clarification purposes, it appears that the hearings Wyden is requesting are about the data collection program, not specifically Clapper and Alexander's statements. Though, I would imagine that those hearings may turn up more evidence that the earlier statements were, in fact, false.

Filed Under: james clapper, keith alexander, lying to congress, nsa, nsa surveillance, ron wyden

Why James Clapper Should Be Impeached For Lying To Congress

from the throw-him-out dept

We've already covered how Director of National Intelligence James Clapper not only lied to Congress, but has now admitted he lied by claiming he told the "least untruthful answer" he could think of, which was extremely untruthful, in that it was untruthful. He was asked whether or not the NSA collects any type of data on millions of Americans and he said no. The full collection of records on every phone call for the past seven years (at least) proves that statement was categorically false. Derek Khanna has an excellent and detailed opinion piece up on how this clearly constitutes an impeachable offense in the form of lying to Congress.

The whole thing is worth reading, but after going through the background leading up to the question and answer, followed by an explanation that Wyden clearly wasn't fishing, but was asking from direct knowledge of what the NSA was doing, Khanna gets to the point of why this is so horrific for a functioning democracy:

Clapper's statement appears to have misled the relevant Congressional Committee, and more importantly, misled Members of Congress who don't receive the information that the Intelligence Committee receives. Ultimately these statements misled the general public. This obfuscation of the truth inhibited the Intelligence Committee from performing proper oversight, which is the primary role of the Intelligence Committee. There is little point in having an oversight committee for intelligence if members of the intelligence community can simply lie when asked questions before a hearing.

Misspeaking at a hearing may be a mistake. Misspeaking before the Intelligence Committee is an extremely grievous mistake. But even more egregious here is the Clapper had ample time to correct the record and apparently failed to do so. Statements made at hearings are not coffee shop like discussions; rather, they are carefully prepared in advance. If Clapper did not have a prepared answer for this question, it's extremely likely that the NSA counsel would have reviewed his statement after the hearing - putting him on notice that if his statement was incorrect he had the obligation to correct it. In fact, if the NSA's counsel knew that Clapper was lying or misspeaking, he may have had a legal obligation to tell Clapper to inform the Committee of his misstatement. And, under a similar procedure for lying at court, if Clapper refused to correct the record then the Counsel may have had an obligation to tell the Committee anyway. This gives some perspective on the legal severity of lying to a congressional committee.

In other words, if Clapper is allowed to lie, expect plenty of other administration officials to lie as well, and say goodbye to any oversight authority that Congress may have once had.

Furthermore, as Khanna points out, President Obama's claims that Congress was "fully informed" about these programs ring hollow when put into context:

President Obama has claimed that Congress was aware of all ongoing programs of this nature. The Administration can't have it both ways. It can't claim that Congress was in the loop and signed off when the Director of National Intelligence appears to have at best misled and at worst lied to the relevant oversight branch.

We've gone through this before. The intelligence community's rogue nature was supposed to have been reined in 40 years or so ago, but in the last decade it appears to have gone right back to the way it used to be. If there is no real oversight, is it really any surprise that they start increasingly looking to expand and abuse the tools they have at their disposal. It seems, at the very least, that Congress should be exploring, deeply, whether or not the administration, and James Clapper in particular, directly lied to Congress, and then continued to lie after that initial lie.

Filed Under: dni, impeachment, james clapper, lying to congress, nsa, nsa surveillance, ron wyden

Clapper: I Gave 'The Least Untruthful Answer' To Wyden's 'Beating Your Wife' Question On Data Surveillance

from the oh-really-now? dept

There's been a lot of coverage of the exchange between Senator Ron Wyden and Director of National Intelligence James Clapper, in which Wyden asked Clapper about whether or not data on millions of Americans has been captured. Here's the exact text:

Wyden: Does the NSA collect any type of data at all on millions or hundreds of millions of Americans?

Clapper: No sir.

Wyden: It does not?

Clapper: Not wittingly. There are cases where they could, inadvertently perhaps, collect—but not wittingly.

If you'd like to see the exchange for yourself, here you go: Last week, Clapper claimed that he thought that Wyden was only asking him about emails, even though Wyden clearly states "any type of data." This week, it appears that Clapper is taking a different position, claiming that the question itself was unfair and a form of the loaded question logical fallacy often referred to "have you stopped beating your wife?" which is exactly what Clapper described Wyden's question as being:

ANDREA MITCHELL:

Senator Wyden made quite a lot out of your exchange with him last March during the hearings. Can you explain what you meant when you said that there was not data collection on millions of Americans?

JAMES CLAPPER:

First-- as I said, I have great respect for Senator Wyden. I thought, though in retrospect, I was asked-- "When are you going to start-- stop beating your wife" kind of question, which is meaning not-- answerable necessarily by a simple yes or no. So I responded in what I thought was the most truthful, or least untruthful manner by saying no.

That's quite an answer. First, let's go with the big one: Least untruthful manner? In other words, it was a lie, but I could have told bigger lies. But he's still admitting that it was a lie. Lying to Congress is generally not a good idea. Second: in what possible way is "Does the NSA collect any type of data at all on millions or hundreds of millions of Americans?" a loaded question of the "when did you stop beating your wife?" variety? There doesn't seem to be any unjustified assumption within the question at all. It's a pretty basic question, in which a truthful answer ("yes, we do") does not lead to a fallacious admission.

So, now we have the Director of National Intelligence lying, admitting to lying, and then blaming the questioner by making two separate false claims about his question ("it was about email" and "it was a loaded question"). Why is he still in this job?

Filed Under: james clapper, least untruthful, loaded question, logical fallacy, lying to congress, nsa, nsa surveillance, ron wyden

How Can NSA Surveillance Leaks Both Be No Big Deal And Put Us All In Danger?

from the do-tell dept

As the NSA and the administration continue to seek to spin the fallout from the leaks that revealed some of the overreaching surveillance efforts of the NSA, what's incredible is how self-contradictory the statements are, even when coming from the same source. The go-to defender of the program has been Director of National Intelligence James Clapper, who has tried arguing both that the leaks and these programs are no big deal and that they present a grave danger to intelligence operations. It's incredible.

First, there's playing it down as no big deal:

In a statement issued Saturday, Director of National Intelligence James R. Clapper Jr. described PRISM as “an internal government computer system used to facilitate the government’s statutorily authorized collection of foreign intelligence information from electronic communication service providers under court supervision.”

“PRISM is not an undisclosed collection or data mining program,” the statement said.

Hmm. So if it's no big deal, and all they're doing is facilitating statutorily authorized collection of data, why all the secrecy? Why not be transparent about all of that? And, also, if it's just keeping track of all the legally obtained stuff, why then would he also say the following:

“For me, it is literally – not figuratively – literally gut-wrenching to see this happen because of the huge, grave damage it does to our intelligence capabilities,” Clapper told NBC News’s Andrea Mitchell.

And later, he claimed that the leaker (this was before Snowden revealed himself) had "chosen to violate a sacred trust for this country" and that the leaks "affects the safety and security of this country."

I can't see any way to put together the earlier statements with the later statements that makes any sense at all. If all they were doing is analyzing statutorily authorized data, then there shouldn't be any concern. We'd expect the NSA to have a computer system to do exactly that, right? So... um... why is it damaging to the nation and putting us all at risk? It seems more likely that the truth is that what was revealed wasn't just a simple system for collecting data, as we can see, but rather just how much information the NSA is gathering up into its huge databases. Furthermore, the idea that this puts us in danger is, frankly, insulting. Most folks involved in terrorist activity already assume their phone calls are being tracked, so it's not like this is going to change their tactics.

Filed Under: dni, james clapper, no big deal, nsa, nsa surveillance, prism, secrecy, transparency

Yet Another Leak Shows NSA Lied About Not Being Able To Geolocate Data It Scoops Up

from the whoops dept

And... yet another leak of NSA surveillance capabilities to The Guardian's Glenn Greenwald (who damn well better get a Pulitzer Prize for this) suggests pretty strongly that the NSA has directly lied, multiple times, when asked to disclose how many people it had spied on in the US. As we've noted for a while, the NSA has claimed that it was not possible to determine how many Americans it had data on. In a letter to Senator Ron Wyden, Director of National Intelligence James Clapper had stated:

While it is not reasonably possible to identify the number of people located in the United States whose communications may have been reviewed...

An NSA spokesperson also said that it was not possible to figure that out:

Judith Emmel, an NSA spokeswoman, told the Guardian in a response to the latest disclosures: "NSA has consistently reported – including to Congress – that we do not have the ability to determine with certainty the identity or location of all communicants within a given communication. That remains the case."

But, as Greenwald reveals, the NSA appears to have a program, called Boundless Informant (quite a name, huh) that does exactly that. The leaks are coming fast and furious at this point, and I doubt they're going to stop soon.

Filed Under: dni, faa, fisa amendments act, geolocation, james clapper, leaks, lies, nsa, nsa suveillance, ron wyden, spying on americans

Intelligence Boss Claims The Real Villain Here Is The Press For Revealing His Secret Spying Program

from the nice-try,-clapper dept

So we already wrote a bit about how Director of National Intelligence James Clapper was using weasel words or outright lying, in trying to insist that the NSA wasn't actually gathering up data on pretty much every American. However, his statements go even further into the ridiculous. In his initial statement, even the title is combative:

DNI Statement on Recent Unauthorized Disclosures of Classified Information

Notice the focus is not on the unauthorized disclosure of widespread NSA surveillance, but rather "disclosure of classified information." So he's already priming the pump for the "real" villain: the press who are reporting on this.

The unauthorized disclosure of a top secret U.S. court document threatens potentially long-lasting and irreversible harm to our ability to identify and respond to the many threats facing our nation.

We've heard that before, and it's ridiculous on multiple levels. First, most would-be terrorists are likely to assume that the government is monitoring all of this stuff anyway, because there have been plenty of hints in the past. So, it's not really that likely that this sudden "revelation" is going to lead some massive change in how bad people communicate. But, more importantly, even if monitoring certain terrorists was so key to dealing with threats, that still doesn't matter. The DNI's job is not "stop threats by any means necessary." Because that's crazy. While it might help government respond to illegal activity, that doesn't mean that we give up our 4th Amendment rights, nor does it mean we need such broad, all-encompassing orders. Such things could easily have been done using a specific, targeted warrant, seeking information on a specific individual. That is, they could have done targeting which would have been useful, but they chose not to, and instead demanded all data.

But, of course, he doubles down at the end on how awful it is that people are talking about this (not that the NSA has access to so much data on everybody):

Discussing programs like this publicly will have an impact on the behavior of our adversaries and make it more difficult for us to understand their intentions.

Basically "hey everybody, shut up and stop confirming what everyone knew already: that the US spied on lots and lots of stuff." Also, this appears to be a government official telling everyone to not exercise their 1st Amendment rights to complain about the NSA violating their 4th Amendment rights. The Constitution is crying in the corner.

Filed Under: blame, james clapper, national security, press, surveillance

The NSA's Favorite Weasel Word To Pretend It's Claiming It Doesn't Spy On Americans

from the target-target-target dept

Well, well. In the aftermath of the revelations that the NSA is getting records of every phone call from Verizon, followed up by the news that most of the biggest tech companies are supposedly giving direct access to the NSA, the intelligence community is responding the same way it always does: with weasel words. First up, you can see Director of National Intelligence James Clapper's statement about the spying, which we'll be discussing again in a bit.

But, a bunch of folks have been reasonably pointing out that Clapper appears to have lied to Congress. Of course, it's not like this wasn't easily called. Two years ago, we wrote about Clapper's answers to Senators Wyden and Udall, which we pointed out was a ridiculous answer that was clearly sidestepping the real questions. However, looking over that letter again now, and having become a bit more familiar with the weasel words the NSA likes to use, it's easy to look at Clapper's statement and explain why he can "stand by it" while the clear implication of it was the opposite of what he meant.

You asked whether communications of Americans have been collected… Section 702 of the FAA [FISA Amendments Act] explicitly prohibits the intentional targeting of persons reasonably believed to be located in the United States or United States persons located abroad. The Intelligence Community has put in place a variety of procedures, which have been approved by the FISA Court as required by law, to ensure that only persons reasonably believed to be located outside the United States are targeted and to prevent the intentional acquisition of any communications as to which the sender and all intended recipients are known to be located in the United States. Guidelines are also required by law to ensure compliance with other limitations on FAA collection, including the requirement that a U.S. person may not be intentionally targeted under section 702. If it is discovered that a target has entered the U.S. or is a U.S. person, he or she is promptly detargeted and reports are made as appropriate to the Department of Justice (DOJ), the Office of the Director of National Intelligence (ODNI) and the FISA Court. Moreover, when communications from persons located in the United States are collected because they are communicating with a lawful target, the privacy and civil liberty rights of U.S. persons are protected through the careful implementation of the procedures required under the FAA to ’minimize the acquisition and retention, and prohibit the dissemination“ of information about U.S. persons.’”

Most people would read this to be him saying that they do not spy on Americans. And that's obviously what he's trying to imply. But that's not what he's actually saying. He's using the NSA's favorite weasel word: "target." Now, most people assume that means one of the people on the call must be outside the US. But, you could -- if you were devious intelligence official trying to mislead Congress and the American public (hypothetically) -- interpret the word "target" to mean "if we, in general are 'targeting' foreign threats, no matter what they might be like, and this information we're collecting might help in that process, then we can snarf up this data."

In other words, most people think that "target" would mean one of the people on the phone. But, the NSA means "this overall investigation is about targeting foreign threats, so we can take whatever data we want because the goal is to stop foreign threats with it -- and therefore our mandate not to spy on Americans doesn't apply."

So, it shouldn't be particularly surprising to see that the administration's "response" to this is to highlight, yet again, that this only "targets" non-US persons:

Information collected through a U.S. government surveillance program that taps into the servers of internet companies targets only non-U.S. persons living outside the United States, a senior administration official said on Thursday.

The U.S. law that allows the collection of data under this program does not allow the targeting of any U.S. citizen or of any person located in the United States, the official said, speaking on condition of anonymity.

Right, but whether or not they're "targeting" a person, is separate from whether or not they're spying on the data of Americans. As long as it's all part of a process that "targets" non-US persons, they can claim that they're playing by the rules.

Given that, however, I don't see how Clapper can reasonably standby the following statements:

Wyden: Does the NSA collect any type of data at all on millions or hundreds of millions of Americans?

Clapper: No sir.

Wyden: It does not?

Clapper: Not wittingly. There are cases where they could, inadvertently perhaps, collect—but not wittingly.

Clapper is insisting that he didn't lie in his comments, but he then pretends that he was only talking about email:

What I said was, the NSA does not voyeuristically pore through U.S. citizens' e-mails. I stand by that.

Except, that's not what he was asked, nor was it what he said. He was specifically asked if the NSA collects any type of data at all, and he said no. Up above, he was using weasel words, but here it looks like he was flat out lying directly to Congress. Usually, Congress doesn't like that.

Filed Under: james clapper, nsa, spying, surveillance, target, weasel words

Director Of National Intelligence Admits That There's Little Risk Of A 'Cyber Pearl Harbor'

from the so-why-are-we-rushing? dept

We've been pointing out for years that all the talk about "cyberattacks" and "cybersecurity" appear to be FUD, mostly designed to scare up money for "defense" contractors looking for a new digital angle. And yet, we keep seeing fear-mongering report after fear mongering report insisting that we're facing imminent threats of such a dire nature that multiple people keep referring to this ridiculous concept of the "cyber Pearl Harbor" which is going to happen any day now if we don't pass vaguely worded bills that will surely ramp up huge contracts. And yet, every time we'd hear these cinematic scare stories, we'd point out that no one has yet died from a "cyber attack" and ask: where was the actual evidence of real harm? Yes, we've seen hack attacks that are disruptive or really about espionage. But that "big threat" coming down to get us all? There's been nothing to support it.

And perhaps that's because it doesn't exist. Amazingly, the Director of National Intelligence, James Clapper, actually admitted in a Senate hearing that there's little risk of any "cyber Pearl Harbor" in the foreseeable future:

“We judge that there is a remote chance of a major cyber attack against U.S. critical infrastructure systems during the next two years that would result in long-term, wide-scale disruption of services, such as a regional power outage,” Clapper said in his statement to the committee. “The level of technical expertise and operational sophistication required for such an attack — including the ability to create physical damage or overcome mitigation factors like manual overrides — will be out of reach for most actors during this time frame. Advanced cyber actors — such as Russia and China — are unlikely to launch such a devastating attack against the United States outside of a military conflict or crisis that they believe threatens their vital interests.”

He later admitted that some others -- who weren't as knowledgeable -- might be able to sneak in some attacks here or there, but that the impact would likely be minimal:

“These less advanced but highly motivated actors could access some poorly protected US networks that control core functions, such as power generation, during the next two years, although their ability to leverage that access to cause high-impact, systemic disruptions will probably be limited. At the same time, there is a risk that unsophisticated attacks would have significant outcomes due to unexpected system configurations and mistakes, or that vulnerability at one node might spill over and contaminate other parts of a networked system,” he said.

Of course, at the very same hearing, the NSA's General Keith Alexander kept up the propaganda about threats. Alexander has been among those who have been spreading FUD about the "threats" -- including ridiculous claims about Anonymous shutting down the power grid -- so sticking to that line is hardly much of a surprise. This time around he focused on an increasing rate of attacks on Wall Street banks.

He also pulled out the old "the Chinese are stealing our business secrets!" claim. That always sounds good for Congress, but it is unclear how much real impact it has had.

But the Cyber Command chief stressed that the U.S. needs to clamp down on this intellectual property theft, warning it will ultimately "hurt our nation significantly."

"For the nation as a whole, this is our future. This intellectual property, from an economic perspective, represents future wealth and we're losing that," Alexander said.

It doesn't appear he has any real basis for saying that. There are all sorts of ways to compete and to innovate, and falling back on relying intellectual property laws may be the least useful and least efficient manner for doing so.

It would be nice if we could stop all the blatant fear mongering and focus on any actual problems, such as highlighting what important information isn't being shared today, since we keep getting told that it's our lack of information sharing that will lead to a cyber pearl harbor. Now that we know the threat isn't imminent, can we sit back and look at the actual evidence, understand what the real problem is, and see if there's a way to solve it that doesn't involve giving up everyone's privacy rights?

Filed Under: cispa, cybersecurity, digital pearl harbor, dni, james clapper, keith alexander, nsa