NSA Tries To Justify Its Surveillance Programs With Ridiculous Assertions

from the what-a-joke dept

As President Obama was laying out his "plan" in response to the public's concerns over NSA spying, both the DOJ and the NSA released some documents defending the various programs. I would imagine it will surprise none of you that these documents are chock full of hilarious and misleading claims. Let's highlight a few, starting with the NSA's document, which is shorter, more general and covers all the various programs more broadly. It's also a complete joke. We'll get to the DOJ one in another post.

In his May 2013 address at the National Defense University, the President made clear that we, as a Government, need to review the surveillance authorities used by our law enforcement and intelligence community professionals so that we can collect information needed to keep us safe and ensure that we are undertaking the right kinds of privacy protections to prevent abuse.

Somehow, I think this document has a lot more to do with Ed Snowden's leaks a month later than the speech Obama gave in May...

After the al-Qa'ida attacks on the World Trade Center and the Pentagon, the 9/11 Commission found that the U.S. Government had failed to identify and connect the many "dots" of information that would have uncovered the planning and preparation for those attacks.

Actually, the Commission said that you had collected all that information, but you failed to connect the pieces. Collecting more data does not help with that problem. In fact, the very heads of the Commission that you're citing in defense of these programs have come out publicly to say that the NSA has gone way too far with these programs. So, yeah, you're barking up the wrong tree.

We strive to achieve this through a system that is carefully designed to be consistent with Authorities and Controls and enabled by capabilities that allow us to Collect, Analyze, and Report intelligence needed to protect national security.

As always, the NSA goes back to its authority rather than what it's actually doing and what its abilities are.

This process will often involve the collection of communications metadata -- data that helps NSA understand where to find valid foreign intelligence information needed to protect U.S. national security interests in a large and complicated global network. For instance, the collection of overseas communications metadata associated with telephone calls -- such as the telephone numbers, and time and duration of calls -- allows NSA to map communications between terrorists and their associates.

Well, yes, and also map out communications between everyone else. But, here's where the NSA has some fun. They claim that collecting all that metadata is actually good for American's privacy because by using it to map out networks among real terrorists it means they don't actually go after your stuff:

This strategy helps ensure that NSA's collection of communications content is more precisely focused on only those targets necessary to respond to identified foreign intelligence requirements.

Did you catch that? They only spy on all of us so they know how to avoid spying on all of us.

For a variety of reasons, including technical ones, the communications of U.S. persons are sometimes incidentally acquired in targeting the foreign entities. For example, a U.S. person might be courtesy copied on an e-mail to or from a legitimate foreign target, or a person in the U.S. might be in contact with a known terrorist target.

Or, for example, a US person might be using encryption which makes us think you're a terrorist. Or, you might just be emailing anyone outside of the country. Or that.

In those cases, minimization procedures adopted by the Attorney General in consultation with the Director of National Intelligence and approved by the Foreign Intelligence Surveillance Court are used to protect the privacy of the U.S. person.

The same "minimization procedures" that say if you use encryption, you might be evil so they don't have to protect your privacy any more. Very convincing.

FISA regulates certain types of foreign intelligence collection including certain collection that occurs with compelled assistance from U.S. telecommunications companies.

I just love the lyrical phrase "compelled assistance." That's called "we're the government, we have guns and jails, and you have the info we want, fork it over."

The Government cannot conduct substantive queries of the bulk records for any purpose other than counterterrorism.

Right, but don't ask us about those time when we feed info to the DEA and IRS and then instruct them to launder it so they can pretend they didn't get it from us. Because, you know... that's getting a bit personal.

The BR FISA program is used in cases where there is believed to be a threat to the homeland. Of the 54 terrorism events recently discussed in public, 13 of them had a homeland nexus, and in 12 of those cases, BR FISA played a role.

"Played a role." Except that multiple Senators have now said you've presented absolutely no evidence whatsoever that the BR FISA program (Section 215 of the Patriot Act) has "helped thwart or prevent" any terrorist plots.

Scope and Scale of NSA Collection

According to figures published by a major tech provider, the Internet carries 1,826 Petabytes of information per day. In its foreign intelligence mission, NSA touches about 1.6% of that. However, of the 1.6% of the data, only 0.025% is actually selected for review. The net effect is that NSA analysts look at 0.00004% of the world's traffic in conducting their mission -- that's less than one part in a million. Put another way, if a standard basketball court represented the global communications environment, NSA's total collection would be represented by an area smaller than a dime on that basketball court.

A dime on a basketball court? Huh? Also, almost nothing in the above statements is believable given earlier revelations. Also, what the hell do they mean by "touches"? Collected? Searched? Looked at closely? Fondled lovingly?

In addition to NSA's compliance safeguards, NSA personnel are obligated to report when they believe NSA is not, or may not be, acting consistently with law, policy or procedure. This self-reporting is part of the culture and fabric of NSA. If NSA is not acting in accordance with law, policy or procedure, NSA will report through its internal and external intelligence oversight channels, conduct reviews to understand the root cause, and make appropriate adjustments to improve.

This is guffaw inducing. If you haven't yet, now might be a good time to reread Jane Mayer's 2011 article about what the federal government did to Thomas Drake, Bill Binney and J. Kirk Wiebe for doing exactly that. The idea that this is a part of the "culture and fabric of the NSA" is laughable. That article describes the insanity of former director Michael Hayden in absolutely flipping out when Binney and Wiebe went behind his back and through the "official" channels.

The NSA has absolutely no credibility on this subject, and the claims in this document are simply laughable.

Filed Under: fisa, nsa, nsa surveillance, section 215

Dueling Amendments To Cut NSA Surveillance Funding; But One Is A Red Herring To Trick Congress

from the vote-for-the-right-one dept

We've been talking about the effort by Rep. Justin Amash to pass an amendment to the defense appropriations bill that would strip funding from the NSA when it comes to their surveillance efforts. While some in the House were trying to block his amendment from getting anywhere, it's been ruled in order and is likely to be voted on this week, most likely tomorrow (Wednesday). To be clear (as we'll describe in more detail below), it only tries to stop the funding of one specific program: the bulk collection of metadata. You can see the amendment here, but the key text:

None of the funds made available by this Act may be used to execute a Foreign Intelligence Surveillance Court order pursuant to section 501 of the Foreign Intelligence Surveillance Act of 1978 (50 U.S.C. 1861) that does not include the following sentence: ‘‘This Order limits the collection of any tangible things (including telephone numbers dialed, telephone numbers of incoming calls, and the duration of calls) that may be authorized to be collected pursuant to this Order to those tangible things that pertain to a person who is the subject of an investigation described in section 501 of the Foreign Intelligence Surveillance Act of 1978 (50 U.S.C. 1861).’’

To translate this back to English, it's saying that Congress would basically defund the vast dragnet gathering of every bit of metadata done by the NSA on all phone records (and potentially other bulk records not yet revealed). These are done under a very questionable interpretation of §215 of the Patriot Act, which is the "tangible things" section or the "business records" section. In the law, it's also known as 50 USC 1861, where any common sense reading of the law would suggest that it only applies to specific records related to a non-US person under investigation. But, it's been twisted and stretched to mean the NSA can collect all records on all phone calls to search through at a later date at their leisure. What Amash's amendment is seeking to do is to basically say no funds can be use for this crazy and twisted interpretation, but rather funds can be used for the original and common sense interpretation. That is, the feds can still request business records under this section, but only if those specific records "pertain to a person who is the subject of an investigation."

In short: this part of the law can no longer be used to justify "collect everything and sort it out later."

However, since NSA supporters were unable to kill the Amash amendment outright, it looks like they've moved onto a sneaky alternative move: getting Rep. Richard Nugent to introduce a competing amendment that looks like it does something similar in defunding NSA surveillance, but in reality just reinforces the status quo. In other words, the Nugent amendment is a nefarious red herring, designed to attract votes from Reps away from Amash's amendment. It's a pretty scammy trick. The Nugent Amendment reads as follows:

None of funds made available by this Act may be used by the National Security Agency to—

(1) conduct an acquisition pursuant to section 702 of the Foreign Intelligence Surveillance Act of 1978 for the purpose of targeting a United States person; or

(2) acquire, monitor, or store the contents (as such term is defined in section 2510(8) of title 18, United States Code) of any electronic communication of a United States person from a provider of electronic communication services to the public pursuant to section 501 of the Foreign Intelligence Surveillance Act of 1978.

At a quick glance, these amendments may look similar. Both say stuff about how no funds can be used for certain forms of surveillance. But the specifics are very important here. There's been an awful lot of confusion over the past couple of months of revelations between two different programs and which laws they come under. As described above, much of the concern with the vast collection of data is about Section 215 under the Patriot Act. The separate concerns, about the PRISM program, fall under Section 702 of FISA. It looks like the Nugent amendment may be pulling funding from that, but it's not. It just says that it wouldn't allow funds to be used for Section 702 if it's "targeting a US person." But Section 702 already forbids the targeting of US persons and while there are some questions as to how well the NSA follows this limitation, so far there's been no real evidence that 702 is used to target US persons. So, this is just restating the status quo, and doing absolutely nothing to fix the gross reinterpretation of Section 215.

There are problems with a wide variety of NSA programs, but the Amash amendment actually seeks to pull funding from one of the worst parts, while the Nugent amendment has the appearance of doing so while actually just reinforcing the status quo. Someone looks like they're trying to pull a fast one on everyone. Now might be a good time to phone your own elected representative to tell them that you expect them to support the Amash Amendment. If the Amash Amendment passes, there's nothing wrong with the Nugent Amendment also passing -- it doesn't really change anything. But if any Rep votes for the Nugent Amendment believing it's an alternative to the Amash Amendment, they're making a huge mistake.

Filed Under: fisa, funding, justin amash, nsa, nsa surveillance, patriot act, red hering, richard nugent, section 215, section 702

FISC Says It Will Declassify Ruling That Forced Yahoo Into PRISM

from the how-much-black-ink-will-they-use-up? dept

Last month, we noted that, while it was known that a tech company had fought back against a surveillance effort by the government and lost, it hadn't yet been revealed who that company was. The NY Times then revealed that it was Yahoo!, and it involved whether or not Yahoo! would be involved in PRISM. Yahoo tried to fight it, lost, and had to comply -- but the details (of course) remained entirely sealed. It appears that's changing. Yahoo! has been asking the government if it can reveal more info, and eventually the government (at the very least) allowed Yahoo to admit that it was the party in the case. After that, Yahoo asked FISC if the ruling could be declassified, and the court has now told the government to review the ruling to figure out what can be declassified.

The Government shall conduct a declassification review of this Court's Memorandum Opinion of April 25, 2008, and (2) the legal briefs submitted by the parties to this Court in this matter. After such review, the Court anticipates publishing that Memorandum Opinion in a form that redacts any properly classified information.

Of course, given the government's history of over-redacting, I fully expect a document with a ridiculous amount of black ink applied (invest now in black ink!). However, I do wonder if this is part of the various FISC judges realizing that there's been a fairly strong outcry against their secret court with a big rubber stamp.

Filed Under: declassify, doj, fisa, fisc, nsa, nsa surveillance, prism, surveillance
Companies: yahoo

DOJ Says Public Has No Right To Know About The Secret Laws The Feds Use To Spy On Us

from the what,-you-want-to-know-that-stuff? dept

So, we were just discussing the insanity of the FISA court (FISC) basically acting as a shadow Supreme Court, making broad rulings in total secrecy that have created a secret body of law that the public is not allowed to know about. Given increasing revelations about these shadow laws, the ACLU and other public interest groups are trying, yet again, to get access to some of these key rulings. All along, they've been extremely careful to note that they're not asking FISC to reveal specific foreign intelligence issues, operations or targets: merely the parts of the rulings that identify what the law is -- i.e., how it's being interpreted by the courts. Because that seems rather fundamental to a functioning democracy.

However, as you might expect, the Justice Department has now hit back with a new filing that says, flat out, the public has no right to know what the secret court is ruling on and how it's codifying secret laws. The argument is, basically, that because FISC rulings have almost always been secret, then it's perfectly reasonable that they're secret. In other words, it's perfectly legal for secret laws to remain secret, because they're secret. Later it also argues that actually revealing the law would be (oooooooh, scary!) dangerous.

Let's make this simple: yes, revealing specific details of various surveillance efforts and targets could create security issues, no doubt. But revealing how a United States' law is interpreted can never by itself create a national security issue. And that's all that's being asked of here. The DOJ is being incredibly dishonest and disingenuous in conflating the two issues, arguing that because the FISC deals with intelligence operations, that its rulings on the interpretation of the law must also be secret. But that's wrong. You can reveal the basic interpretation of the law without revealing the specific intelligence efforts and methods. The only reason to keep the interpretation of the law a secret is because it'll be a huge embarrassment and show widespread abuse.

Filed Under: doj, fisa, fisa court, fisc, nsa, secret laws, surveillance

A Secret Court Making Secret Laws? That's No Democracy

from the get-rid-of-the-fisa-court dept

Last December, well before the Ed Snowden leaks revealed some information about the FISA court (FISC) and its rulings, we had already noted that the court itself was almost certainly unconstitutional. More recently, we talked about how the fact that all the court's judges are appointed by the Chief Justice of the Supreme Court means that the court has turned into a rubber stamp made in the image of some of the most "law and order"-minded Chief Justices from the past few decades. Ezra Klein has since expanded on that to discuss the oddity of how current Chief Justice John Roberts is basically the Chief Justice of the Surveillance State, answerable to absolutely no one: "You have exclusive, unaccountable, lifetime power to shape the surveillance state."

Over the weekend, the NY Times put out a powerful piece discussing how FISC has basically become a shadow Supreme Court, doling out all sorts of important rulings in total secrecy. It rules on cases where it only hears one side, and where there are no appeals, no guarantee that the full story is presented, and involves a bunch of judges who tend to have law enforcement backgrounds before being appointed to the court. In the end, you have a secret court issuing secret rulings by ex-law enforcement officials, allowing their former colleagues ever greater power to spy on everyone.

The 11-member Foreign Intelligence Surveillance Court, known as the FISA court, was once mostly focused on approving case-by-case wiretapping orders. But since major changes in legislation and greater judicial oversight of intelligence operations were instituted six years ago, it has quietly become almost a parallel Supreme Court, serving as the ultimate arbiter on surveillance issues and delivering opinions that will most likely shape intelligence practices for years to come, the officials said.

[....] Unlike the Supreme Court, the FISA court hears from only one side in the case — the government — and its findings are almost never made public. A Court of Review is empaneled to hear appeals, but that is known to have happened only a handful of times in the court’s history, and no case has ever been taken to the Supreme Court. In fact, it is not clear in all circumstances whether Internet and phone companies that are turning over the reams of data even have the right to appear before the FISA court.

As an example of how FISC has basically completely overturned the rules of surveillance in secret, the NY Times reveals the details of some of its thinking, taking a extremely narrow ruling meant to apply in special cases, and turning it into a general rule that has allowed the vast capture of information:

In one of the court’s most important decisions, the judges have expanded the use in terrorism cases of a legal principle known as the “special needs” doctrine and carved out an exception to the Fourth Amendment’s requirement of a warrant for searches and seizures, the officials said.

The special needs doctrine was originally established in 1989 by the Supreme Court in a ruling allowing the drug testing of railway workers, finding that a minimal intrusion on privacy was justified by the government’s need to combat an overriding public danger. Applying that concept more broadly, the FISA judges have ruled that the N.S.A.’s collection and examination of Americans’ communications data to track possible terrorists does not run afoul of the Fourth Amendment, the officials said.

That legal interpretation is significant, several outside legal experts said, because it uses a relatively narrow area of the law — used to justify airport screenings, for instance, or drunken-driving checkpoints — and applies it much more broadly, in secret, to the wholesale collection of communications in pursuit of terrorism suspects. “It seems like a legal stretch,” William C. Banks, a national security law expert at Syracuse University, said in response to a description of the decision. “It’s another way of tilting the scales toward the government in its access to all this data.”

I don't care where you come down on the importance of widespread surveillance -- I just don't see how you can possibly square the above interpretation of the law with the 4th Amendment. If "special needs" can be used to justify mass collection of data on just about everyone "just in case" it might stop some sort of terrorist attack, then you no longer have a 4th Amendment. At all.

But, the bigger issue here is just the fact that we have a secret court issuing secret interpretations of the law that have a massive impact on our privacy. This is supposed to be an open democracy. An open democracy doesn't involve secret courts and secret laws. We have laws that everyone knows, and which the public can discuss and weigh in on through their elected officials. When you set up a secret court, making secret rules with no oversight, and with all of the judges appointed by a single Supreme Court Justice with a particular bias, you no longer have a functioning democracy at all. And that's downright scary.

This is a point that some Senators have been making for years now, but the leaks from Ed Snowden have really made it that much clearer just how insane the situation is. Earlier, it had seemed like perhaps there was one or two rulings from FISC that had some oddities in the interpretation, and which should probably be revealed to the public. However, the various revelations so far suggest that the issue is much, much bigger, and we have a secret "shadow court" system that is systematically obliterating the 4th Amendment and helping to create and then "legitimize" the vast surveillance state.

The Snowden leaks have shone a number of lights on various bad things within our government, but one thing that they have made abundantly clear is that the FISC needs to go. Whether that means it needs to be opened up, or to have greater oversight, or just be done away with completely, could be up for discussion. But if it remains the way it is, it's clear that we've thrown away our basic democratic principles, and moved towards the same sorts of autocratic regimes with secret courts that the US has always presented itself as being against.

Filed Under: democracy, fisa, fisa court, fisc, rulings, secret law, secret rulings

How Three Decades Of Conservative Chief Justices Turned The FISA Court Into A Rubber Stamp

from the FISC:-both-the-wheels-AND-the-grease dept

The FISA court has been deemed a "rubber stamp" and with good reason. Not a single request was rejected over the last two years and over the last twelve years, the court has only rejected 10 out of 20,909 requests.

Reuters has put together a long and detailed piece showing why the court is so compliant. Much of it has to do with who was selected and who selected them.

Selected by the Chief Justice of the United States, FISA judges serve for staggered seven-year terms. Although the court carries 11 judges at a time, 14 have served this year because of routine turnover.

Six of the 14 were originally appointed to the trial courts by George W. Bush; five by Ronald Reagan; two by Clinton and one by George H. W. Bush.

"Since FISA was enacted in 1978, we've had three chief justices, and they have all been conservative Republicans, so I think one can worry that there is insufficient diversity," said Stephen Vladeck, a law professor at American University's Washington College of Law.

The court is currently comprised of 14 judges, 12 of which are Republican. Half are former prosecutors. Reggie Walton helped lead the War on Drugs under William Bennett. James Zagel spent seven years as the director of the Illinois State Police, following a dozen years in the state attorney's office (including three years as Chief Prosecutor). John Bates spent some time as an assistant state's attorney but more notably has spent a large part of his judicial career dismissing cases brought against the US government and its officials, including a challenge to an Obama-approved targeted killing and Privacy Act claim brought against the DOJ. Mary McLaughlin (the sole Democrat) spent four years as a prosecutor. Raymond Dearie has years of experience as an Assistant United States Attorney for the Eastern District of NY, along with other work done in conjunction with law enforcement. Thomas Hogan was involved in a ruling that restricted public access to Nixon's White House records (and ordered Playboy to continue printing copies in Braille) as well as jailing a NY Times writer for refusing to disclose a source and authorizing an FBI raid on a congressman's office -- a first in the government's history.

It's unsurprising that George W. Bush would find the makeup of the court to his liking when pushing his "War on Terror" policies -- conservatives with backgrounds in crime and (especially) punishment. (There's no bigger crime than terrorism.) Obama should have been the wild card -- someone who could have attempted to tilt things back in a more moderate direction or at least questioned the court's overwhelmingly partisan composition. Instead, he extended and expanded many of Bush's policies and realized there was no one better to carry out these directives than adherents to the party line.

Almost all of the current FISA judges declined to comment or be interviewed. Only one (Reggie Walton) responded, issuing this rather indignant statement:

"The perception that the court is a rubber stamp is absolutely false. There is a rigorous review process of applications submitted by the executive branch, spearheaded initially by five judicial branch lawyers who are national security experts, and then by the judges, to ensure that the court's authorizations comport with what the applicable statutes authorize."

Walton may not like the "rubber stamp" designation but the only information the public is allowed to look at indicates a vast majority of requests are granted, no matter how wide a net the requesting agents wish to cast.

Walton's claim that the court's authorizations "comport with what the applicable statutes authorize" is similarly hollow. What's been at least as surprising as the scope and reach of the NSA and FBI's granted requests is the fact that this massive-scale domestic surveillance still somehow falls under the protection of existing laws, or at least the secret interpretation of these laws.

Other information gathered by Reuters suggests some sort of oversight is being applied, but without further details, it's very hard to determine its effect on granted requests.

The records also show that FISA judges ordered "substantial modifications" to 497 surveillance and property warrants and 428 of the business record warrants

The statistics are especially intriguing for business record warrants for 2011 and 2012. Of 417 warrants authorized, the court "substantially modified" 376.

There are a few educated guesses as to what "substantially modified" means, and it very likely doesn't mean "protecting the privacy of US citizens."

Syracuse University College of Law professor William C. Banks, who follows the FISA court closely, said he suspects that warrants are "modified" when judges request more information about a warrant or decide to split a warrant with multiple suspects, phone numbers and locations into several, more specific ones.

"We can't tell the extent of modification, but clearly it suggests that the judges are taking a real look at these things and are at least modifying them in some respect," said Penn Law professor Theodore Ruger. "But I don't think it answers the bigger, more important question of whether this court is acting as a balanced check on the government's authority."

To date, the court has been little more than a complicit tool of two consecutive administrations. Exacerbating this problem is the fact that the Chief Justice of the United States is free to pick FISA judges that align with their viewpoints on crime, terrorism and security. What may have originally served as a functioning part of our system of checks and balances has now become an administrative lapdog and a willing cog in the War on Terror machinery.

William C. Banks pointed this out to current and former FISA judges in his keynote speech given at an American Bar Association dinner celebrating the 35th anniversary of the FISA court.

"FISA envisioned case-specific surveillance, not a generic surveillance operation, and its approval architecture was accordingly geared to specific, narrowly targeted applications," Banks told the FISA judges, according to a transcript. The 2008 changes to the law, he said, have "strained its utility as an independent arbiter of lawful FISA surveillance."

His speech received "polite, if tepid, applause."

Judge Walton may bristle at the "rubber stamp" label and everyone from the administration all the way on down to the requesting agent may insist that nothing is done with oversight and strict adherence to applicable laws, but the track record speaks for itself. 12 years. 20,909 requests. 10 rejections. 36 withdrawn by the court.

Either the court is stocked with judges who can rubber stamp their approval and still somehow delude themselves into believing they're giving everything their full attention and consideration, or they've simply bought into the "terrorist" rhetoric and see no other option but complicity to keep this country "safe." Either way, it's a travesty.

Filed Under: fisa, fisa court, fisc, law enforcement, prosecutors, supreme court, surveillance

Latest NSA Leak: Rules On How They Use Data Without A Warrant

from the wow dept

Glenn Greenwald had promised that there were more incredible leaks concerning the NSA to come, and here's the first big one. Greenwald has revealed the NSA's rules that show the procedures for targeting non-US persons, and also how they "minimize" data collected on US persons when dealing with the "bulk" data records collection they do, such as with all of the data around every phone call made. These are two key parts to the NSA's insistence that they're staying within the law and not spying on people in the US. The details here, however, suggest a very different story. The FISA court has signed off on these rules that appear to grant incredibly wide latitude for the NSA to make use of data, rather than really "minimize" its usage. While President Obama and others have insisted that the rules make sure that the NSA really isn't collecting data on Americans, the reality shows that FISC approved rules let the NSA:

• Keep data that could potentially contain details of US persons for up to five years;
• Retain and make use of "inadvertently acquired" domestic communications if they contain usable intelligence, information on criminal activity, threat of harm to people or property, are encrypted, or are believed to contain any information relevant to cybersecurity;
• Preserve "foreign intelligence information" contained within attorney-client communications;
• Access the content of communications gathered from "U.S. based machine[s]" or phone numbers in order to establish if targets are located in the US, for the purposes of ceasing further surveillance.

The report from Greenwald also reveals that orders he has seen from the FISA court concerning broad data collection do not appear to include details or explanations, other than your basic rubber stamp that FISC says it's okay.

One such warrant seen by the Guardian shows that they do not contain detailed legal rulings or explanation. Instead, the one-paragraph order, signed by a Fisa court judge in 2010, declares that the procedures submitted by the attorney general on behalf of the NSA are consistent with US law and the fourth amendment.

But since those procedures have now been leaked, we can see that they're not very carefully targeted at all. If the NSA doesn't know where someone is located, it can assume the person is foreign:

In the absence of specific information regarding whether a target is a United States person, a person reasonably believed to be located outside the United States or whose location is not known will be presumed to be a non-United States person unless such person can be positively identified as a United States person.

That part about how the NSA can still keep data on US persons if they believe the data contains "evidence of a crime," "technical data base information" or "information pertaining to a threat of serious harm to life or property" obviously give the NSA incredible powers to -- contrary to what they've stated publicly -- retain all sorts of info on Americans.

Once we and others have had a chance to dig deeper through these, I'm sure we'll have more to say, but for now, it appears that, once again, the NSA and its defenders were less than fully forthcoming about how the NSA uses the data it collects and how it makes sure that Americans aren't targeted.

Filed Under: fisa, fisa court, fisc, foreign persons, minimization, nsa, nsa surveillance, oversight, targeting, us persons, warrants

Google, Without Admitting It Gets FISA Orders, Files Lawsuit To Challenge FISA Gag Orders

from the well-that-ought-to-be-interesting dept

Google appears to be stepping it up a notch in trying to fight back against the claims that it is somehow opening up its system to the NSA or other law enforcement folks. As you now know well, one of the leaks from Ed Snowden a few weeks ago was about a system called PRISM, which is associated with how tech companies provide information to the federal government in response to FISA court orders. The initial reports, claiming that the NSA had full direct access to servers and could see what people were doing in real time, appear to have been extremely overblown, as it now seems clear that this was much more narrow. But there's still a big question of how narrow. Google sent an open letter to the DOJ, asking for permission to reveal basic numbers on how many FISA requests they receive and how many people have had information passed along to the government under the program. The government then gave "permission" in a way that actually further obfuscated things, only allowing the release of numbers when combined with all sorts of other government requests.

Now, Google has filed a lawsuit against the government, arguing that gag orders on FISA requests violate the First Amendment. The filing itself is an interesting read, in part for its first footnote:

Nothing in this Motion is intended to confirm or deny that Google has received any order or orders issued by this Court.

Of course, that might lead some to suggest that Google can't actually have standing, but there's an interesting legal argument here. Basically, Google is arguing that the perception that it's opened up its network to the NSA, as suggested in various reports, and which it cannot refute fully without revealing some details of FISA orders it has received, has caused it harm.

Google's reputation and business has been harmed by the false or misleading reports in the media, and Google's users are concerned by the allegations. Google must respond to such claims with more than generalities. Moreover, these are matters of significant weight and importance, and transparency is critical to advancing public debate in a thoughtful and democratic manner.

Given that, Google is seeking a declaratory judgment from the court that it has a First Amendment right to publish the total number of FISA requests it receives and the total number of users associated with those requests, though obviously not anything more. I'm sure the government will come back with all sorts of excuses as to why this is horrible, but it certainly presents an interesting legal challenge to the FISA court's gag orders.

Filed Under: first amendment, fisa, fisa court, free speech, gag order, prism
Companies: google

Retired Federal Judge Explains Why The FISA Court Should Not Be Trusted

from the secret-courts-do-bad-things dept

Retired federal judge Nancy Gertner, who has appeared in stories here for years (she was the original judge in the Tenenbaum trial, and also spoke out about how US attorney Carmen Ortiz handled the Aaron Swartz case), has now highlighted a very important point about all of the NSA surveillance stories: at the heart of much of it is the secretive FISA court, and that court should not be trusted.

As a former Article III judge, I can tell you that your faith in the FISA Court is dramatically misplaced.

Two reasons: One … The Fourth Amendment frameworks have been substantially diluted in the ordinary police case. One can only imagine what the dilution is in a national security setting. Two, the people who make it on the FISA court, who are appointed to the FISA court, are not judges like me. Enough said....

It’s an anointment process. It’s not a selection process. But you know, it’s not boat rockers. So you have a [federal] bench which is way more conservative than before. This is a subset of that. And it’s a subset of that who are operating under privacy, confidentiality, and national security. To suggest that there is meaningful review it seems to me is an illusion.

The "judges" on the FISA Court are appointed by the Chief Justice of the Supreme Court. And that's it. As we were just discussing, they hear only one side of a case, and their rulings are kept secret. When you have a party that only hears one side of things and never, ever has to be subject to public review or criticism of decisions, take a wild guess what happens? You get a court that is judicially captured, and sides very much with the intelligence infrastructure that it spends most of its time dealing with.

On top of that, there's a very big question: why are these rulings secret? Something like an interpretation of the law should never, ever be considered secret. Yes, it makes sense to keep something secret if it exposes direct information on a specific case that is being worked on, but basic rulings about what the law actually says should never be. But they are, because the FISA court can do that sort of thing. And that's a huge problem. Late last year, we had a post linking to a story by another former judge, Andrew Napolitano, explaining why the entire FISA court was almost certainly unconstitutional:

The constitutional standard for all search warrants is probable cause of crime. FISA, however, established a new, different and lesser standard -- thus unconstitutional on its face since Congress is bound by, and cannot change, the Constitution -- of probable cause of status. The status was that of an agent of a foreign power.... Over time, the requirement of status as a foreign agent was modified to status as a foreign person. This, of course, was an even lesser standard and one rarely rejected by the FISA court.

With everything that's been going on, most of the attention has been on the administration -- including both the NSA and the DOJ -- as well as some companies participating in the various surveillance programs. But, increasingly, it seems that perhaps a lot more attention should be paid to the entire concept and structure of the FISA court.

Filed Under: fisa, fisa court, fisc, judicial capture, nancy gertner, nsa, nsa surveillance, secret courts

DOJ Says Tech Companies Can Sort Of Release FISA Numbers, But.. In A Way That Decreases Transparency

from the that's-not-good dept

Last week, we noted that Google had publicly requested from the DOJ that it be allowed to reveal information about the FISA surveillance requests it gets, and put them in its well-respected transparency report. Facebook, Microsoft and Twitter quickly followed with similar requests. Late Friday, the DOJ "gave permission," but in perhaps the most useless way possible. Facebook was the first to post the data that the DOJ allowed it to post, and you might immediately see the problem:

As of today, the government will only authorize us to communicate about these numbers in aggregate, and as a range...

For the six months ending December 31, 2012, the total number of user-data requests Facebook received from any and all government entities in the U.S. (including local, state, and federal, and including criminal and national security-related requests) – was between 9,000 and 10,000. These requests run the gamut – from things like a local sheriff trying to find a missing child, to a federal marshal tracking a fugitive, to a police department investigating an assault, to a national security official investigating a terrorist threat. The total number of Facebook user accounts for which data was requested pursuant to the entirety of those 9-10 thousand requests was between 18,000 and 19,000 accounts.

Right. So you may notice that this tells us absolutely nothing about the FISA requests. Because the only way that it could actually reveal anything was to bury them in with every other possible type of request. Facebook did, properly, point out that this wasn't really all that transparent:

This is progress, but we’re continuing to push for even more transparency, so that our users around the world can understand how infrequently we are asked to provide user data on national security grounds.

Microsoft posted something quite similar. And equally useless.

Here is what the data shows: For the six months ended December 31, 2012, Microsoft received between 6,000 and 7,000 criminal and national security warrants, subpoenas and orders affecting between 31,000 and 32,000 consumer accounts from U.S. governmental entities (including local, state and federal).

Microsoft, too, noted the limitation that the DOJ gave them:

We are permitted to publish data on national security orders received (including, if any, FISA Orders and FISA Directives), but only if aggregated with law enforcement requests from all other U.S. local, state and federal law enforcement agencies; only for the six-month period of July 1, 2012 thru December 31, 2012; only if the totals are presented in bands of 1,000; and all Microsoft consumer services had to be reported together.

There is one interesting tidbit:

We have not received any national security orders of the type that Verizon was reported to have received that required Verizon to provide business records about U.S. customers.

Considering that this surveillance program -- the so-called "business records" search, which comes from Section 215 of the Patriot Act with a still-secret interpretation by the FISA Court that appears to allow blanket requests for pretty much all data -- is the much more serious issue, it's nice to see Microsoft being able to say that it has received no such orders.

Google and Twitter also both received the same "permission," but both quickly realized that this was not transparency at all. Lumping in FISA requests with everything else does absolutely nothing to reveal the extent of those FISA requests. In fact, it obfuscates them:

“We have always believed that it’s important to differentiate between different types of government requests,” a Google spokesperson said in a statement. “We already publish criminal requests separately from National Security Letters. Lumping the two categories together would be a step back for users. Our request to the government is clear: to be able to publish aggregate numbers of national security requests, including FISA disclosures, separately.”

Twitter responded with a simple tweet (you expected more?) from legal director Ben Lee, saying:

We agree with @Google: It's important to be able to publish numbers of national security requests—including FISA disclosures—separately.

So, once again, we have the federal government pretending to be transparent, when it's really not. It's only trying to hide the actual number of FISA requests and the number of users impacted. Frankly, this whole demand for excess secrecy over these things makes no sense at all. What could we possibly be "alerting our enemies" to if there were broad general numbers of the number of FISA requests that were sent to Google, Twitter, Facebook and Microsoft? Sure, the actual information requested should remain secret. But the number of requests? That makes no sense at all.

Filed Under: doj, fisa, fisa court, fisa requests, fisc, transparency, transparency report
Companies: facebook, google, microsoft, twitter