Director Of National Intelligence Hammers Final Official Nail Into Bulk Phone Records Program

from the will-still-need-six-to-nine-months-of-additional-hammering-though dept

The Office of the Director of National Intelligence has issued a statement addressing the inevitable shutdown of the Section 215 bulk phone metadata program.

NSA has determined that analytic access to that historical metadata collected under Section 215 (any data collected before November 29, 2015) will cease on November 29, 2015. However, solely for data integrity purposes to verify the records produced under the new targeted production authorized by the USA FREEDOM Act, NSA will allow technical personnel to continue to have access to the historical metadata for an additional three months.

Caveats apply. Data will still be held as required by a handful of ongoing lawsuits. With the "bulk" part of the bulk records program shut down (but not completely), the government is obviously hoping for a speedy end to the litigation resulting from the Snowden leaks. That's the other motivating factor behind this public statement that not only states an end date, but the additional restrictions past that point.

This is a pretty remarkable moment in the security v. privacy battle, but there are still reasons to be concerned. The bulk telephony metadata program has received a majority of the focus since Snowden's initial leak and the NSA, at times, has seemed almost too willing to let this program act as a scapegoat for its multiple privacy-violating surveillance programs.

Not that there haven't been seriously heated (and seriously misguided) arguments offered in support of this program, but if you take a close look at the history of the debate over Section 215, the most-spirited defenses have not been raised by the NSA, but by legislators and former intelligence officials. The program appears to have been sacrificed in order to prevent more intrusive surveillance programs from being subjected to more intense scrutiny.

And it's not even the totality of what can be collected under Section 215. The statement from the ODNI specifically addresses only one kind of "tangible thing."

The telephony metadata preserved solely because of preservation obligations in pending civil litigation will not be used or accessed for any other purpose, and, as soon as possible, NSA will destroy the Section 215 bulk telephony metadata upon expiration of its litigation preservation obligations.

We don't know what else is being collected in bulk under the PATRIOT Act provision -- the same authority that expired this year and was replaced with the stipulations of the USA Freedom Act -- but we know it's more than just "telephony metadata." "Tangible things" encompasses far more than phone metadata ("books, records, papers, documents, and other items"), but this statement -- as well as arguments it's made in court in support of the six-month wind-down period -- only address phone records.

The Second Circuit Court found that the bulk collection of records under Section 215 was likely illegal. That opinion called into question anything collected under this authority, but the government here (and in its recent filing in the Second Circuit Court) acts as though the "illegal" collection activity is limited solely to phone records.

Other NSA programs are going to be far more useful in gathering data and intelligence than the collection of phone records. Phone calls may never go away entirely, but the shift to mobile communications (followed shortly thereafter by the shift to feature phones and smartphones) has made phone calls the least used feature on these devices. Messaging programs and social media platforms now carry the bulk of everyday communications. And the NSA has programs in place to sweep up these as well, whether as content or metadata. So, all of this focus on "telephony" only serves to obscure what else it may still collect with the revamped program, as well as everything else it does under much more secretive legal authorities.

Filed Under: bulk phone records, bulk records, james clapper, nsa, odni, section 215, surveillance, usa freedom act

Turns Out Feds Actually Tracked Most International Calls For Nearly A Decade Before 9/11 -- Didn't Stop The Attack

from the well,-look-at-that dept

One of the big arguments trotted out repeatedly by surveillance state defenders concerning the NSA's Section 215 program to collect records on all phone calls is that such a thing "would have prevented 9/11" if it had been in place at the time. Here's former FBI boss Robert Mueller making just that argument right after the initial Snowden leaks. Here's Dianne Feinstein making the argument that if we had that phone tracking program before September 11th, we could have stopped the attacks. And here's former NSA top lawyer and still top NSA supporter Stewart Baker arguing that the program is necessary because the lack of such a program failed to stop 9/11.

Except, it turns out, the feds did have just such a program prior to 9/11 -- run by the DEA. As you may recall, back in January it was revealed that the DEA had its own database of phone call metadata of nearly all calls from inside the US to foreign countries. Brad Heath at USA Today came out with a report yesterday that goes into much more detail on the program, showing that it dates back to at least 1992 -- meaning that the feds almost certainly had the calls that Feinstein and Mueller pretended the government didn't have prior to 9/11.

The now-discontinued operation, carried out by the DEA's intelligence arm, was the government's first known effort to gather data on Americans in bulk, sweeping up records of telephone calls made by millions of U.S. citizens regardless of whether they were suspected of a crime. It was a model for the massive phone surveillance system the NSA launched to identify terrorists after the Sept. 11 attacks. That dragnet drew sharp criticism that the government had intruded too deeply into Americans' privacy after former NSA contractor Edward Snowden leaked it to the news media two years ago.

But, you might say, perhaps the DEA didn't share that info with the NSA. Well... if we go back to some of the NY Times award-winning reporting on the NSA's surveillance programs from 2007, we see that it actually mentions this DEA program... and notes that the NSA worked with the DEA on it:

In the drug-trafficking operation, the N.S.A. has been helping the Drug Enforcement Administration in collecting the phone records showing patterns of calls between the United States, Latin America and other drug-producing regions. The program dates to the 1990s, according to several government officials, but it appears to have expanded in recent years.

Officials say the government has not listened to the communications, but has instead used phone numbers and e-mail addresses to analyze links between people in the United States and overseas. Senior Justice Department officials in the Bush and Clinton administrations signed off on the operation, which uses broad administrative subpoenas but does not require court approval to demand the records.

That's from 2007 reporting by James Risen, Eric Liechtblau and Scott Shane. Heath's reporting fills in some additional gaps:

The data collection began in 1992 during the administration of President George H.W. Bush, nine years before his son, President George W. Bush, authorized the NSA to gather its own logs of Americans' phone calls in 2001. It was approved by top Justice Department officials in four presidential administrations and detailed in occasional briefings to members of Congress but otherwise had little independent oversight, according to officials involved with running it.

The DEA used its data collection extensively and in ways that the NSA is now prohibited from doing. Agents gathered the records without court approval, searched them more often in a day than the spy agency does in a year and automatically linked the numbers the agency gathered to large electronic collections of investigative reports, domestic call records accumulated by its agents and intelligence data from overseas.

The result was "a treasure trove of very important information on trafficking," former DEA administrator Thomas Constantine said in an interview.

The report also shows how the DEA got this info from telcos using the simple process of an administrative subpoena, so there was no court review. Telcos could have protested and gone to court, but the DOJ urged them not to do so:

The DEA obtained those records using administrative subpoenas that allow the agency to collect records "relevant or material to" federal drug investigations. Officials acknowledged it was an expansive interpretation of that authority but one that was not likely to be challenged because unlike search warrants, DEA subpoenas do not require a judge's approval. "We knew we were stretching the definition," a former official involved in the process said.

Officials said a few telephone companies were reluctant to provide so much information, but none challenged the subpoenas in court. Those that hesitated received letters from the Justice Department urging them to comply.

After Sprint executives expressed reservations in 1998, for example, Warren, the head of the department's drug section, responded with a letter telling the company that "the initiative has been determined to be legally appropriate" and that turning over the call data was "appropriate and required by law." The letter said the data would be used by authorities "to focus scarce investigative resources by means of sophisticated pattern and link analysis."

And, of course, the DEA kept this whole database of metadata a secret by... using parallel construction:

To keep the program secret, the DEA sought not to use the information as evidence in criminal prosecutions or in its justification for warrants or other searches. Instead, its Special Operations Division passed the data to field agents as tips to help them find new targets or focus existing investigations, a process approved by Justice Department lawyers. Many of those tips were classified because the DEA phone searches drew on other intelligence data.

That practice sparked a furor when the Reuters news agency reported in 2013 that the DEA trained agents to conceal the sources of those tips from judges and defense lawyers. Reuters said the tips were based on wiretaps, foreign intelligence and a DEA database of telephone calls gathered through routine subpoenas and search warrants.

As a result, "the government short-circuited any debate about the legality and wisdom of putting the call records of millions of innocent people in the hands of the DEA," American Civil Liberties Union lawyer Patrick Toomey said.

Heath's report also notes that the NSA metadata collection under Section 215 was very much modeled on the DEA's collection that began a decade earlier. If there are any differences between the two it seems that the NSA was actually much more restrained in how it used all the phone call metadata.

For one thing, DEA analysts queried their data collection far more often. The NSA said analysts searched its telephone database only about 300 times in 2012; DEA analysts routinely performed that many searches in a day, former officials said.

Again, this DEA program isn't really a new revelation, but Heath's reporting sheds a lot more light on how widespread it was and how it was used over the years.

And, also, as we are less than two months away from the big fight over renewing Section 215 of the PATRIOT Act, you can be sure that some surveillance state defender is going to cite 9/11 as a reason why we need to keep the program. Hopefully, people can remind them that it appears we had just such a program (which was even more widely used) at the time, and it did not stop 9/11.

Furthermore, Heath's reporting shows that once the program disappeared, while the DEA claims it missed the program, it was quickly able to build a more reasonable followup by just targeting specific numbers:

The DEA asked the Justice Department to restart the surveillance program in December 2013. It withdrew that request when agents came up with a new solution. Every day, the agency assembles a list of the telephone numbers its agents suspect may be tied to drug trafficking. Each day, it sends electronic subpoenas — sometimes listing more than a thousand numbers — to telephone companies seeking logs of international telephone calls linked to those numbers, two official familiar with the program said.

In other words, targeted surveillance, rather than mass surveillance. As many have been arguing for years, there's no reason why the NSA can't adopt a similar program. So don't believe the intelligence community and its apologists when they wrongly insist that such a mass surveillance program is necessary.

Filed Under: 9/11, administrative subpoena, bulk phone records, dea, judicial oversight, metadata, phone records, section 215, surveillance

Judge Gives DOJ Until The End Of The Month To Submit Declassified Opinion Containing FISA Court's Justifications For The Section 215 Program

from the surveillance-state-sausage-making dept

It appears the government will finally be releasing the FISA court's thought process justifying the mass harvesting of Americans' metadata from fully-immunized telcos under the Section 215 program (now 501). An earlier court order from FISA judge Dennis Saylor discussing the potential release of this court opinion described it thusly:

The government has identified the Opinion issued in Docket Number BR 13-25 on February 19, 2013, as one that "contain[s] analysis by this Court evaluating the meaning, scope, and/or constitutionality" of Section 215 of the USA PATRIOT Act, codified as amended at 50 U.S.C. § 1861.

Whether it will be instructive and enlightening (rather than stuffed full of Third Party Doctrine bullshit and circular "it's legal because it's legal" reasoning) remains to be seen. But the last two words of that previous sentence are something at least: it will "be seen." And, apparently, with a minimum of redactions.

For the reasons stated herein, the Court is directing the government to prepare and declassify a redacted version of the opinion issued by the Foreign Intelligence Surveillance Court (FISC) in Docket Number BR-25 on February 19, 2013.

The ACLU (and others) have pushed for a release of this particular FISC opinion for more than a year now. The court doesn't even attempt to address the First Amendment implications of withholding the opinion from the public because there are plenty of other angles justifying its release. The court notes that the release would serve the public's interest as recent disclosures (both authorized and unauthorized) have brought the Section 215 program into the court of public opinion (as well as actual federal courtrooms).

While the FISA court may have arrived at this conclusion based on ongoing events, the government arrived somewhere completely different.

After appropriations had been reinstated and a timetable for declassification review had been set, the government advised that, “[a]fter careful review of the [February 19, 2013] Opinion by senior intelligence officials and the U.S. Department of Justice, the Executive Branch has determined that the Opinion should be withheld in full and a public version of the Opinion cannot be provided.”

The FISA court asked for the combined brain power of the DOJ, Executive Branch and an unspecified number of "senior intelligence officials" to explain their thought process and got a lot of unintelligible mumbles and floor-staring in return.

Noting that “the government has provided no explanation of this conclusion,” the Court ordered the government to submit “a detailed explanation of its conclusion that the Opinion is classified in full and cannot be made public, even in a redacted form.”

Duly chastened, the brain trust resorted to one of its favorites: making this info public would jeopardize ongoing investigations. But it conceded that the opinion could still be declassified if a sufficient amount of black ink is spilled. The FISC pressed harder, asking for narrower redactions that removed only the targets in question, rather than the accompanying language that would clarify the court's stance on the bulk collection issue. Surprisingly, despite its lack of practice with operating anything narrowly-defined or targeted, the government managed to come up with a redacted version that satisfied the unexpectedly demanding FISA court.

[T]he Court notes that releasing the February 19, 2013 Opinion pursuant to the Second Redaction Proposal achieves the basic objective sought by the movants: disclosure of the Court’s legal reasoning, to the extent that it can reasonably be segregated from properly classified facts. There is an inherent risk that the end product of such an exercise “may confuse or obscure, rather than illuminate, the decision[ ] in question.” In re Motion for Release of Court Records, 526 F. Supp.2d at 495. On balance, however, the Court is satisfied that publication of the February 19, 2013 Opinion in conformance with the Second Redaction Proposal would enhance, rather than detract from, public understanding of the Court’s reasoning as to the legal issues presented.

Well, I guess we'll see what it looks like when we get it. August 29th is deadline for the submission of a formally declassified version of the (supposedly) narrowly-redacted opinion. The FISA court then needs to give it a quick once-over before publishing it "immediately" to its website. I don't expect to see it any sooner than the end of this month, but we'll be taking a good look at it when it finally arrives.

Filed Under: bulk data collection, bulk phone records, doj, fisa court, fisc, foia, justification, legal justification, nsa, section 215

Senators To Obama: Hey You Can End Bulk Phone Data Collection Today; Obama: Ha, Ha, Ha, Nope!

from the well,-that-was-an-idea dept

This morning, a group of Senators, Mark Udall, Ron Wyden and Martin Heinrich, sent President Obama a letter reminding him that he can live up to his promise to end bulk phone record collection today by simply having the DOJ not seek to renew the court order from the FISA Court getting the phone operators to hand over that data.

We welcome your proposal, announced on March 27, 2014, to end the bulk collection of Americans' phone records under Section 215 of the USA PATRIOT Act. We believe as you do that the government can protect national security by collecting the phone records of individuals connected to terrorism, instead of collecting the records of millions of law-abiding Americans. We also believe that you have the authority to implement your proposal now, rather than continuing to reauthorize the existing bulk collection program in 90-day increments.

And, of course, just hours later, James Clapper responded, not to the letter, but in a Tumblr post, which again mentions how President Obama promised to end such bulk collection, but then saying that the administration is still seeking the next 90 day extension to keep collecting those phone records. The post even calls out the passage of the totally watered-down USA Freedom Act in the House as "prohibiting" such bulk collection (even though it doesn't really do that, since it allows broad selectors that give the NSA effectively the same power). However...

Given that legislation has not yet been enacted, and given the importance of maintaining the capabilities of the Section 215 telephony metadata program, the government has sought a 90-day reauthorization of the existing program, as modified by the changes the President announced earlier this year.

Consistent with prior declassification decisions, in light of the significant and continuing public interest in the telephony metadata collection program, the Director of National Intelligence, James Clapper, has declassified the fact that the government’s application to renew the program was approved yesterday by the FISC. The order issued yesterday expires on September 12, 2014.

Wait. Given what importance of maintaining the capabilities? So far, every analysis of the program has shown that it wasn't important at all. How could anyone in the administration still claim with a straight face that the Section 215 bulk phone records collection is "important" when everyone who's seen the evidence agrees that the program has been next to useless in stopping terrorism.

Either way, even though President Obama has already said that he wants the program ended, and he could do so, he's still keeping it going.

Filed Under: bulk phone records, james clapper, mark udall, martin heinrich, nsa, odni, ron wyden, section 215, surveillance

Obama Still Asking FISA Court To Renew Bulk Phone Collection

from the because dept

After President Obama announced his willingness to really end the bulk collection of phone records under Section 215 of the Patriot Act, Senator Patrick Leahy pointed out that the easiest way to do that was to simply not ask the FISA Court to renew that authority this Friday when it expired. The NY Times editorial board picked up that ball and ran with it, publishing an editorial saying that if the President wants us to believe he's serious about ending bulk phone surveillance he should end the program on Friday.

No such luck.

While plenty of people are still waiting for the actual "legislative package" the administration claims it's putting together to accomplish its plan to end bulk phone record collection (but not other bulk collections), the White House has now released a "fact sheet" about its plans that concludes at the bottom by saying that the President has still asked the DOJ to renew the authority:

Legislation will be needed to implement the President’s proposal. The Administration has been in consultation with congressional leadership and members of the Intelligence and Judiciary Committees on this important issue throughout the last year, and we look forward to continuing to work with Congress to pass a bill that achieves the goals the President has put forward. Given that this legislation will not be in place by March 28 and given the importance of maintaining the capabilities in question, the President has directed DOJ to seek from the FISC a 90-day reauthorization of the existing program, which includes the substantial modifications in effect since February.

There are still numerous questions raised by the President's proposal, and it really seems entirely focused on just one problematic aspect of the NSA's surveillance capabilities. Yes, it's the part that has received the most attention, and yes it's the part that also has been shown to have never actually been useful. But this proposal seems a lot more focused on pre-empting much more comprehensive legislation like the USA Freedom Act. Furthermore, the fact that the President still refuses to just kill off the program while waiting for Congress to act suggests this is all for show. Tossing this on Congress is a great way for the President to pretend to do something while knowing nothing will actually happen.

Filed Under: barack obama, bulk phone records, fisa, fisc, metadata, nsa, section 215, surveillance