The Lies Mike Rogers Told Congress About The USA Freedom Act

from the almost-none-of-this-is-true dept

One of the most obvious ways that you knew the USA Freedom Act that passed out of the House yesterday was clearly not real NSA reform was the simple fact that the NSA #1 defender in chief, Rep. Mike Rogers, not only voted for it, but spoke strongly in favor of it on the House floor. In typical Mike Rogers fashion, his statement is quite incredible for its bald faced lies. Let's dig in.

It is commendable that we have found a responsible legislative solution to address concerns about the bulk telephone metadata program so that we may move forward on other national security legislative priorities. Our obligation to protect this country should not be held hostage by the actions of traitors who leak classified information that puts our troops in the field at risk or those who fear-monger and spread mistruth to further their own misguided agenda.

Got that? The only reason that this debate is happening is because Ed Snowden revealed how the NSA was breaking the law. Rep. Sensenbrenner wrote the original USA Freedom Act to make it clear that what the NSA was doing directly violated what he intended the law to be when he wrote the original USA Patriot Act. To argue that revealing the NSA breaking the law makes him a "traitor" is just one of many of Rogers' continued lies and mistruths. But that opening paragraph also makes it clear that Rogers views the USA Freedom Act as a mere nuisance, which needs to be passed to get the privacy groups to shut up -- though, of course they won't.

And, despite all of Rogers' claims, there is still no evidence at all that any of the information "puts our trips in the field at risk." As for "fear-mongering" and "spreading mistruth" that has been the currency of Rogers himself -- in fact, in this very sentence, where he talks about "traitors" and putting the troops at risk.

Following the criminal disclosures of intelligence information last June, the Section 215 telephone metadata program has been the subject of intense, and often inaccurate, criticism. The bulk telephone metadata program is legal, overseen, and effective at saving American lives. All three branches of government oversee this program, including Congress, the FISC, inspectors general, and internal compliance and privacy and civil liberties offices in executive branch agencies.

Actually, that's not even close to true. The Privacy and Civil Liberties Oversight Board and the internal White House review panel both found that the Section 215 program was not at all effective. The PCLOB directly stated that "Section 215 of the USA Patriot Act, "does not provide an adequate basis to support this program." The White House's own review task force equally found that there was no basis for the program. One of the panel members, in discussing the evidence they saw concerning the "effectiveness" of the program stated:

“It was, ‘Huh, hello? What are we doing here?’” said Geoffrey Stone, a University of Chicago law professor, in an interview with NBC News. “The results were very thin.”

Later he's asked about whether the Section 215 program stopped any terrorist attacks, and Stone stated outright: "We found none."

Similarly, when the program was actually tested in court (not one of the FISC rubber stamping proceedings with no adversarial process), Judge Richard Leon similarly noted that the NSA failed to provide any evidence of effectiveness:

The Government could have requested permission to present additional, potentially classified evidence in camera, but it chose not to do so. Although the Government has publicly asserted that the NSA's surveillance programs have prevented fifty-four terrorist attacks, no proof of that has been put before me.

Similarly, Senator Patrick Leahy, who knows just as well as Rogers how the program has been used, has said that there is no evidence the program was effectively used to stop terrorism.

So Rogers appears to be flat out lying here. All of the evidence is against him, but he just can't stop.

He continues with his speech:

Despite the effectiveness of the program, and the immense safeguards on the data, many Americans and many Members of this body still have concerns about a potential for abuse. The legislation we are considering today is designed to address those concerns and reflects hundreds of hours of Member and staff work to negotiate a workable compromise.

Again, everyone has already said the program is not effective. And, furthermore, the legislation does not actually address the concerns. The original legislation addressed some of those concerns, but nearly everything that addressed concerns has been removed. The "hundreds of hours" was time Rogers' staff spent trying to strip the bill of any real meaning.

The USA Freedom Act provides the meaningful change to the telephone metadata program that Members of the House have been seeking.

Except it doesn't. Even the author of the bill, Jim Sensenbrenner has admitted that it does not do that.

And, finally, Rogers tops it all off with an insult for the President -- from the very same White House that actually demanded the House water down the bill to make it this useless.

If we had the fortune of having a Commander in Chief firmly dedicated to the preservation of this program as is, we may have been able to protect it in its entirety. With that not being the case, I believe this is a workable compromise that protects the core function of a counterterrorism program we know has saved lives around the world.

Sure, perhaps he's playing to his base with the Obama snub, but just the fact that he notes that this bill "protects the core function" of the bulk spying program, shows what the USA Freedom bill is really about.

Filed Under: bulk collection, mike rogers, nsa, section 215, surveillance, usa freedom act

House Passes Fake USA Freedom Act; Fight Turns To The Senate To Fix A Broken Bill

from the losing-hope dept

As explained earlier, due to pressure from the White House and NSA's supporters in Congress, what could have been real NSA reform was completely changed at the last minute, in secret. The bill, which was substantially different than what both the Judiciary and Intelligence Committees unanimously approved, went to a floor vote and passed 303 to 121. It seems notable that many of the no votes were from people who felt the bill didn't do enough to protect the public from the surveillance state, rather than NSA fanboys worried about reform. Basically, the NSA and its supporters hijacked the reform process and got a bill they wanted, rather than one that actually protects the American public.

Rep. Jim Sensenbrenner, who was the original sponsor of the bill admitted that he was disappointed in what his bill eventually turned into -- though he still voted for it:

“Let me be clear: I wish this bill did more,” Sensenbrenner said during floor debate Thursday. “To my colleagues who lament the changes, I agree with you. The privacy groups who are upset about lost provisions, I share your disappointment.”

There had been some hope that Rep. John Conyers might flip his vote and vote against it, but he not only voted for it, he falsely claimed that this bill would "end domestic bulk collection across the board." It does nothing of the sort. The folks who really understood this stuff were much more direct in saying what a bad bill this is. Last night, I had a chance to speak to Rep. Zoe Lofgren, who still hoped that there was a chance her colleagues would recognize how the bill had been changed in secret, and how problematic that was -- and she tried to fight the good fight on the floor this morning telling her colleagues (unlike what Conyers claimed) that this "is a bill that will actually not end bulk collection, regrettably." Furthermore, she tried to remind people that this was not the bill that was voted out of committee, to highlight the last minute changes.

Unfortunately, those who aren't paying close attention don't seem to care. They just want to be able to go back to their districts and claim they did something to "reform" the NSA, when they could have done much more. But this bill doesn't do that. As Lofgren noted on the floor: "If we leave any ambiguity at all, we have learned that the intelligence community will drive a truck through that ambiguity." And this bill leaves in a ton of ambiguity. On purpose. That was put in at the last minute, with help from the White House.

Either way, the fight now shifts over to the Senate, who will have to approve their own version. Senator Leahy has a version of the bill, but he will face fierce opposition from Senator Feinstein, and the support for reform in the Senate has always been weaker than in the House anyway. Still, some hope that a strong enough public outcry may pressure the Senate into at least something better than the House version.

Filed Under: bulk collection, congress, house, jim sensenbrenner, john conyers, nsa, section 215, surveillance, usa freedom act, zoe lofgren

Looks Like Sprint Did Challenge FISC Order For Call Data, Asked If It Was Serious

from the um...are-you-for-real? dept

Last September, we noted that the FISA Court had finally released a heavily redacted version of its attempt to justify the NSA's use of Section 215 of the PATRIOT Act to sweep up phone records on every phone call. It's noteworthy that this was the first time that the FISC had ever bothered to actually detail why it believed the program was legal, despite approving such bulk collection orders for years. In that ruling last fall (which had been written last July), one of the things that FISC Judge Claire Eagan stated was:

To date, no holder of records who has received an Order to produce bulk telephony metadata has challenged the legality of such an Order. Indeed, no recipient of any Section 215 Order has challenged the legality of such an Order, despite the explicit statutory mechanism for doing so.

We found that to be fairly disappointing that no company had stepped up to challenge these orders. In fact, we noted just last month that an unnamed phone company was the first to challenge the records -- but it turns out that's not true. In fact, it turns out that what Eagan claimed in her ruling isn't true either.

In some newly declassified documents from the Director of National Intelligence, it's revealed that Sprint challenged the order, and basically forced the government to reveal the actual legal basis for the request. Sprint isn't named in the declassified legal filing, but people have confirmed that that's who it was.

The actual filing is a "Motion for Amended Secondary Order" from the DOJ, in which it's pretty clear that Sprint basically asked the government "are you fucking serious? you want us to hand over everything?" The motion from the DOJ is basically asking the FISA Court to repeat its original order with a legalese version of "yes, we're serious." As Julian Sanchez points out, it seems pretty clear that Sprint basically went back to the government and said could you repeat that, so that we actually know this is for real?

The Washington Post further claims that Sprint had a legal challenge drafted and ready to go, but was eventually persuaded by the DOJ and/or FISC not to go that far. Still, the idea that no one had questioned the legality of these orders doesn't appear to be accurate. Yes, we could have hoped that Sprint would have gone to greater lengths, but as we were just discussing this morning, the government puts immense pressure (often in the form of lies) on anyone who dares to challenge its ability to spy on everyone.

Filed Under: bulk collection, business records, fisa, fisc, nsa, phone records, section 215, surveillance
Companies: sprint

Looks Like 'Compromise' Has Been Reached On NSA Reform Bills

from the and-that-may-not-be-a-good-thing dept

On Monday, we noted that two different competing NSA reform bills had started lurching forward in Congress, though in looking through the Manager's Amendment of the "good" bill, it quickly became clear that it had been very watered down, such that it really wasn't that "good" any more. Late last night, there was a report coming out that the NSA's number one defender, Rep. Mike Rogers, was actually much happier with the USA Freedom Act. In other words, it had been watered down so much that even Mike Rogers was willing to say it was a good bill.

In a dramatic change of tone, Rep. Mike Rogers, the chairman of the House Intelligence Committee, praised a bill in the House Judiciary Committee that would sharply curb the National Security Agency's surveillance powers. His remarks suggest that the powerful lawmaker may be more willing to vote for tougher reforms than previously anticipated.

Rogers and other national security hawks have spent weeks arguing that the USA Freedom Act, the most aggressive NSA reform bill under consideration in Congress, would remove tools that the government needs to track phone calls by foreign terrorists. Rogers, a staunch NSA supporter, is the sponsor of another bill that would codify many of the surveillance practices opposed by privacy advocates, such as the dragnet collection of records.

As we speak, the House markup on the bill is ongoing. However, in a twist, tomorrow's "competing" markup for the FISA Transparency and Modernization Act -- which is Rogers and Rep. Dutch Ruppersberger's "competing" bill -- has now added a markup of the USA Freedom Act to the agenda. That means that a deal has been made, and if Rogers is willing to add USA Freedom to his committee's schedule, it means that the "deal" is one that favors the NSA and not the public.

That is not to say that the USA Freedom Act does nothing. It actually does a few things to limit the NSA, but really does not tackle the largest problems. There was a lot of good stuff in the earlier version of the bill (which still didn't go far enough on its own) and now it's significantly weaker. So, rather than fixing the overall mess, the new USA Freedom Act makes some small fixes while leaving all sorts of problems.

Filed Under: bob goodlatte, bulk collection, bulk records, compromise, congress, dutch ruppersberger, jim sensenbrenner, mike rogers, nsa, surveillance, usa freedom act

Latest (Official) Document Release Takes A Look At The NSA's Bulk Collection Of Financial Records

from the phone-records-still-hogging-the-spotlight,-though dept

Three more documents have been pried from the cold, decidedly-not-dead hands of the Office of the Director of National Intelligence. Rather than tell us how INTERESTED the intelligence "community" is in this dialogue it's been forced into by leaked documents, the ODNI unceremoniously dumped these on the national desktop before skipping town for the weekend. At least this time, it had the decency to namecheck the EFF's FOIA lawsuit, albeit over at Twitter rather than at the official ODNI blog.

There are three documents this time around, one of which is an update of Judge Walton's corrective measures put in place after discovering the agency's phone metadata program had not been run correctly since its institution. It's a good read but most of it's been covered here before.

The most notable aspect is a discussion of the "alert list," the numbers the NSA used to search incoming phone records. As of 2006, the NSA had 3,980 phone numbers on the list, all of which were deemed to meet the "RAS (reasonable articulable suspicion) standard." This was what was represented to the court. But it was discovered that many more than that had been used for queries without RAS or court approval.

Unfortunately, the universe of compliance matters that have arisen under the Court's Orders for this business records collection extends beyond the events described above. On October 17, 2008, the govemment reported to the FISC that, after the FISC authorized the NSA to increase the number of authorized to access the BR metadata to 85, the NSA trained those newly authorized on Court-ordered procedures. Despite this training, however, the NSA subsequently determined that 31 NSA analysts had queried the BR metadata during a five day period in April 2008 "without being aware they were doing so." (emphasis added [by Judge Walton]). As a result, the NSA used 2,373 foreign telephone identifiers to query the BR metadata without first determining that the reasonable articulable suspicion standard had been satisfied.

That's five days worth of searching records with 2,373 numbers that didn't meet the FISC court's standards or the NSA's own stated minimization procedures, with a possible three "hops" worth of data added. As the court has pointed out before, bypassing these standards makes the harvesting of this data illegal.

Regardless of what factors contributed to making these misrepresentations, the Court finds that the government's failure to ensure that responsible officials adequately understood the NSA's alert list process, and to accurately report its implementation to the Court, has prevented, for more than two years, both the government and the FISC from taking steps to remedy daily violations of the minimization procedures set forth in FISC orders and designed to protect [redacted] call detail records pertaining to telephone communications of U.S. persons located within the United States who are not the subject of any FBI investigation and whose call detail information could not otherwise have been legally captured in bulk.

Illegal capture of data that went unhindered for two years, despite daily violations. Who's looking out for Americans? Well, supposedly it's the good people at the NSA, along with its various levels of oversight. But if the oversight only gets its "facts" from the NSA, it's hardly in any place to provide oversight.

Also included in this document dump is another FISA court order limiting the NSA to court-approved searches (with emergency exceptions). Again, this is a direct result of the NSA's continued failure to abide by the limitations of the law and its own internal policies.

The most interesting document is a supplemental order from the FISA court, which serves to remind everyone that Section 215 covers a whole lot more than just telephone metadata.

The RFPA generally provides that "no Government authority" may obtain "financial records" from a "financial institution" unless one of several exceptions applies. fig 12 U.S.C. 3402; see also id, 3403. Under one of those exceptions, the FBI may, without prior judicial review, compel a financial institution to produce financial records, provided that a designated FBI official has certified that the records are relevant to an authorized foreign intelligence investigation. 50 U.S.C. 34l4(a)(5)(A). Pursuant to Section 1861, the government may request, and this Court may grant, "an order requiring the production of Q1 tangible things (including books, records, papers, documents, and other items)" 50 U.S.C. 1861(a)(1) (emphasis added). Section 1861 requires the government to provide the Court with a "statement of facts showing that there are reasonable grounds to believe that the tangible things sought are relevant" to a foreign intelligence investigation, id, 1861(b)(2)(A), and the Court to determine that the application satisfies this requirement, 5; id 1861(c)(l), before records are ordered to be produced.

Although the RFPA contains no provision explicitly allowing the production of financial records pursuant to a Section 1861 order, the Court agrees with the government that it would have been anomalous for Congress to have deemed the FBI's application of a "relevance" standard, without prior judicial review, sufficient to obtain records subject to the RFPA, but to have deemed this Court's application of a closely similar "relevance" standard insufficient for the same purpose.

So, under the same authority, the FBI (and consequently, the NSA) is allowed to collect almost any "business record," provided it is deemed "relevant" to a foreign intelligence investigation. Marcy Wheeler suggests that this collection of financial records may explain the spike in FISC orders that began in 2010.

In addition, the number Section 215 orders started going up drastically in 2010, along with the number of orders the FISC modified to require minimization procedures.

Nevertheless, the reports show us two new things.



I’ve suggested that 176 modified applications may suggest the government has as many as 44 bulk collection programs, which would be renewed every three months (or, alternately, a whole lot more specific bulk collection orders).

That is, this rise in what are almost certainly bulk collection orders came around the same time as FISC “Bates-stamped” the collection of financial records with Section 215.

Phone metadata has been the issue on everyone's minds these past few weeks, but the reality is that the NSA is collecting several other bulk records under the same authority. And these are all obtained under the pretense that they're somehow "relevant" to a terrorist-related investigation, even though they're gathered in bulk and any minimization procedures can only be speculated on at this point in time.

Even "just metadata" from phone records can paint a pretty accurate picture about someone "incidentally" caught up in the NSA's dragnet. Add another few dozen forms of "metadata" and it's pretty much indistinguishable from giving the agency unfettered access to the everyday lives of millions of people.

Filed Under: bulk collection, financial records, james clapper, nsa, odni, surveillance

Mike Rogers' Plan To 'Stop' Bulk Collection Of Phone Records Riddled With Dangerous Loopholes That Will Expand Surveillance

from the but-of-course dept

Now that people have had a chance to go through the proposal by Reps. Mike Rogers and Dutch Ruppersberger to "stop" the bulk phone record collection under Section 215 of the Patriot Act, they're finding more and more things to be concerned about. We had noted some potential easter eggs in there for law enforcement, but the deeper people look, the worse it gets. Trevor Timm notes that the bill is really a trojan horse to expand surveillance capabilities, while pretending to end them.

Curiously, a large majority of the House bill focuses on new ways for the government to collect data from "electronic communications service providers" – also known as the internet companies. Why is a bill that's supposedly about ending bulk collection of phone-call data focused on more collection of data from internet companies?

From there, we turn to Julian Sanchez, who has given one of the most thorough explanations of what's actually in the bill, noting that it fails to really end the bulk collection of phone records while also potentially massively expanding other surveillance capabilities.

First, the HPSCI bill’s seemingly broad prohibition on bulk collection turns out to be riddled with ambiguities and potential loopholes. The fuzzy definition of “specific identifiers” leaves the door open to collection that’s extremely broad even if not completely indiscriminate. Because the provision dealing with “call detail records” applies only to &sect:215 and the provision dealing with “electronic communications records” excludes telephony records, the law does not bar the bulk collection of telephony records under FISA provisions other than §215. The prohibition on non-specific acquisition of other communications “records” probably does not preclude bulk collection under the FISA pen register provision that was previously used for the NSA Internet metadata dragnet. And, of course, none of these prohibitions apply to National Security Letters. If the government wanted to keep collecting metadata in bulk, it would have plenty of ways to do so within the parameters of this statute given a modicum of creative lawyering—at least if the FISC were to continue being as accommodating as it has been in the past.

Second, something like the novel authority created here may well be necessary to enable fast and flexible acquisition of targeted records without dragnet collection. However, once we get down to details—and even leaving aside the question of ex-post versus ex-ante judicial approval—this authority is in some respects broader than either the current §215 telephony program, the president’s proposal, or the pre-Snowden understanding of the FISA business records authority. Critically, it eliminates the required link to a predicated investigation—which, in the case of U.S. persons, must be for counterterror or counterespionage purposes.

In other words, this appears to be a superficial attempt to end bulk collection "under this program," while at the same time knocking down a bunch of barriers to much broader bulk collection under other authorities, with less oversight and fewer ways to push back against abuse. Did anyone really expect anything different from the NSA's two biggest defenders in the House?

Filed Under: bulk collection, business records, dutch ruppersberger, mike rogers, nsa, section 215, surveillance, trojan horse

New NSA Bill From House Intelligence Committee Aims To Head Off Future Challenges To Legality Of National Security Letters

from the assuring-no-standing-but-cutting-challenges-off-at-the-knee dept

When House Intelligence Committee ranking member Dutch Ruppersberger suggested replacing the NSA's bulk collections with something a bit more targeted, it was a little surprising. After all, this is the same man who has worked hand-in-hand with Mike Rogers to subject the NSA to as little oversight as possible over the last several years.

What he proposed sounded suspiciously like an old fashioned Pen Register, the sort of targeted call tracking that can easily be performed by any law enforcement/security agent. Julian Sanchez wondered why a new law was needed when one already on the books would suffice, provided it was scaled back from FISC judge Colleen Kollar-Kotelly's expansive interpretation.

Well, apparently the reason a new law was needed was to expand the NSA's powers, rather than contract them, contrary to the assertions of those pushing this legislation. As Mike noted on Tuesday, the bill aims to limit some aspects of the NSA's collections while simultaneously lowering the standards governing other collections. The bill dials back on "probable cause" and relies on "reasonable suspicion" only, while also eliminating the government's need to seek a warrant or court order to run a phone number for hits.

As Mike also noted, the full house bill hadn't been made public yet, so it was likely there were other tricks up the Rogers-Ruppersberger sleeve. Sure enough, Marcy Wheeler, who has done an amazing job digging up dirt in nearly every NSA-related document over the last several months, has indeed uncovered another small gift to the surveillance state in the "fake fix" bill.

Here's the wording:

If the judge determines that such petition consists of claims, defenses, or other legal contentions that are not warranted by existing law or consists of a frivolous argument for extending, modifying, or reversing existing law or for establishing new law, the judge shall immediately deny such petition and affirm the directive or any part of the directive that is the subject of the such petition and order the recipient to comply with the directive or any part of it.

And here's what that wording appears to be targeting:

I can’t help believing much of this bill was written with cases like Lavabit and the presumed Credo NSL challenges in mind, as it uses language disdainful of legal challenges.

This makes it that much more unlikely that challenging an order from the NSA will result in anything other than compliance by the entity on the receiving end. This strips away a little more of the facade the government portrays -- that those receiving national security letters and the like actually have any choice in the matter.

When the government demanded the SSL keys so it could access the data and communications of Ed Snowden's former email provider, Lavabit fought back. First, it closed down rather than be "complicit in crimes against the American people." Then the government dragged the provider to court to get the information it sought and Lavabit's lawyers fought back.

This is the way the system is supposed to work. Orders can be challenged, even if the chance of overturning them is microscopic. If this part of the bill goes through unaltered, judges will be granted the permission to simply shut down any petition they think seeks to challenge any aspect of the laws pertaining to the NSA's surveillance programs. It's the NSA's heckler's veto, granted by the House Intelligence Committee and delivered by judges who will be forbidden from respecting any challenges to the government's interpretation of these laws.

Filed Under: bulk collection, dutch ruppersberger, mike rogers, nsa, reform, surveillance

Senator Leahy: If President Obama Is Serious About Ending Bulk Collection, He Can Just End It This Friday

from the easy-peasy dept

As expected, President Obama outlined basic plans for ending bulk collection of phone records. While the actual details of the plan still haven't been revealed, apparently, the administration has some "enabling legislation" ready to go, which it hopes Congress will pass "quickly." In response to this, Senator Patrick Leahy pointed out that while he's very supportive of the move to end bulk collection of phone records, there's a much easier way to accomplish that. The authority to do so technically runs out on Friday of this week, so if the President wants to end the program, he can just not seek to renew the authority:

I look forward to having meaningful consultation with the administration on these matters and reviewing its proposal to evaluate whether it sufficiently protects Americans’ privacy. In the meantime, the President could end bulk collection once and for all on Friday by not seeking reauthorization of this program. Rather than postponing action any longer, I hope he chooses this path.

Anyone setting odds on the likelihood of this actually happening?

Filed Under: authority, barack obama, bulk collection, nsa, patrick leahy, phone records, section 215, surveillance

Obama Apparently Ready To Kill Bulk Phone Record Collection... As New House Bill Lowers Standards For Data Collection

from the how's-that-going-to-work dept

With two of his own review panels saying that the bulk collection of phone records under Section 215 of the PATRIOT Act had failed to produce anything of value, and one of them clearly stating that it was also illegal and unconstitutional, the NY Times is reporting that President Obama is finally ready to call for the true end of the NSA's bulk collection of phone records. Surprisingly, according to that report, President Obama is willing to do this without adding data retention requirements for the telcos to hold onto that data themselves. If true, that really is a pretty big deal -- though it only covers the issue of the bulk phone records collection. That leaves other forms of bulk collection under Section 215 in place. So, in effect, it seems like an agreement to kill off the one high profile problematic program that hasn't been remotely useful, rather than a full policy shift. It's a start, however.

Unfortunately, at the same time that's happening, it appears that the House Intelligence Committee, run by Rep. Mike Rogers is pushing a new bill that would take a step towards limiting some aspects of the NSA's data collection powers, but also lowering the standard by which the government could collect specific information:

The bill, titled the End Bulk Collection Act of 2014 and currently circulating on Capitol Hill, would prevent the government from acquiring "records of any electronic communication without the use of specific identifiers or selection terms," some 10 months after the Guardian first exposed the bulk collection based on leaks by the whistleblower Edward Snowden.

But the bill would allow the government to collect electronic communications records based on "reasonable articulable suspicion", rather than probable cause or relevance to a terrorism investigation, from someone deemed to be an agent of a foreign power, associated with an agent of a foreign power, or "in contact with, or known to, a suspected agent of a foreign power."

While a separate report says that this House bill would actually ban the mass collection of other types of data (including internet activity) as well as phone records (i.e., going further than the Obama proposal), it would leave out the requirement that a court approve specific requests for information before it's submitted to a company.

But unlike other pending legislation, it does not call for judicial approval of a specific phone number before a request for data is submitted to a company.

The Rogers-Ruppersberger legislation would have the court make that determination “promptly” after the FBI submits a number to a phone company. If the court did not approve the number as being linked to an agent of a foreign power, including terrorist groups, the data collected would be expunged.

The details of these proposals are going to matter a lot. The full House bill is expected to be introduced in a few hours, and it will take some time to go through the details to see if there are any dangerous easter eggs hidden in there. Still, for all the arguments from Rep. Rogers and the Obama administration about how "necessary" these programs have been and how horrible it's been that Ed Snowden revealed the details to the press, these moves show just how much of an impact the Snowden leaks have had on the public debate concerning surveillance. It will take some time to sort through the details of these proposals, but it's safe to say without Snowden's actions, none of this would be happening.

Filed Under: barack obama, bulk collection, metadata, mike rogers, phone records, reasonable articulable suspicion, section 215, warrant

NSA Decides It Wants To Hold Metadata Indefinitely, Asks FISA Court To Reverse Decision Telling It To Destroy Records

from the we-have-all-the-data,-now-we-have-all-the-time dept

A house set against itself cannot stand gets a win no matter who's dealing the cards. As was noted earlier, the NSA's metadata is currently integral to a series of lawsuits against the government. This fact prompted the DOJ to ask the FISA court to bend the minimization rules and extend the holding period from five years to "whenever."

This was shot down by FISC judge Reggie Walton, who pointed out that the government's argument was faulty on multiple levels. First of all, changing the stipulations of the minimization procedures put the entire metadata collection on shaky constitutional ground, seeing as it's almost entirely composed of data on American citizens not currently the subject of NSA investigations. Secondly, the DOJ cited evidence preservation statutes that applied solely to private corporations, something that clearly doesn't transfer directly to a government database composed of US citizens' "business records."

On March 10th, a contradictory decision was handed down by US District Court judge Jeffrey Wright, who declared the NSA was required to hold onto metadata relevant to ongoing lawsuits. This set up an interesting situation for the NSA, which would now have to decide whether it would rather have data with no expiration date or destroyed data that would never possibly appear in court.

The NSA has now shown its hand. In a motion filed Wednesday, the agency asked the FISA court to reverse its decision on destroying the held metadata. The filing refers to the temporary restraining order entered by Judge Jeffrey Wright which stipulates that the agency must hold onto the data until the cases are resolved. The NSA notes that it now is subject to two contradictory notices and is asking the FISA court to honor the other court's decision.

I'm not exactly sure how the FISA court will respond to this. Walton made it pretty clear that he felt the government's arguments were weak and jeopardized the minimal privacy protections surrounding the bulk records collections. Not only that, but presumably the FISA court's authority supersedes a district court, considering it is the entity charged with directly supervising the collection and handling of the NSA's bulk collections.

Well, no sooner had the ink dried on this post than FISC judge Reggie Walton delivered an opinion agreeing with the District Court's order and will allow the NSA to retain the metadata associated with the two cases listed in Judge Jeffrey Wright's order. Walton's decision to reverse the FISC's opinion hinges on these two specific cases, Jewel v. NSA and First Unitarian Church v. NSA. As he notes, the DOJ's request to hold the data was based on common law rules normally applied to retention of corporate data in civil cases, something entirely unrelated to bulk surveillance metadata. Addiitonally, he points out that none of the plaintiffs in the cases the DOJ listed had requested the data be retained.

The Court concluded that any interests the civil plaintiffs might assert in preserving all of the BR metadata was "unsubstantiated" on that record. The Court further observed that no District Court or Circuit Court of Appeals has entered a preservation order applicable to the BR metadata in question in any of the civil matters cited in the motion. Further, there is no indication that any of the plaintiffs have sought discovery of this information or made any effort to have it preserved, despite it being a matter of public record that BR metadata is routinely destroyed after five years.

Beyond the legal issues is the NSA itself, which probably wouldn't doesn't mind being able to hold onto metadata indefinitely. (Of course, the FISC court limits this metadata to these two specific cases where the plaintiffs have requested the data be held. There's a lot of plaintiffs in one of those cases [First Unitarian Church v. NSA], meaning a whole lot of records will be maintained.) There's always the concern that this evidence will need to be presented in court, but if the past is any indicator, the admission of these records will be fought vigorously by the agency. As for the data the DOJ requested to be held? It will simply vanish into the ether upon expiration, keeping it out of the public eye forever.

Filed Under: bulk collection, doj, fisa court, fisc, metadata, minimization, nsa, storage