Tag: warrantless wiretapping

The Country’s Biggest Spy Center

Under insufficiently sharp questioning, the head of the National Security Agency, Keith Alexander, has denied the substance of a Wired report on the agency’s massive new computer facility and the capabilities the government has to monitor our communications—even heavily encrypted communications.

If you want a sense of how Congress, still panicked by 9/11, has abdicated its responsibilities and permitted the construction of a “turnkey totalitarian state,” read the whole thing.

The Wall Street Journal’s Surveillance Fantasies

There are too few periodical venues for good short fiction these days, so I’d normally be enthusiastic about the Wall Street Journal’s decision to print works of fantasy. Unfortunately, they’ve opted to do so on their editorial page—starting with a long farrago of hypotheticals concerning the putative role of the Foreign Intelligence Surveillance Court in hindering the detection and apprehension of failed Times Square bomber Faisal Shahzad. In fairness to the editors, they acknowledge near the end of the piece that much of it is unvarnished speculation, but their flights of creative fancy extend to many claims presented as fact.

Let’s begin with the acknowledged fiction. The Journal editors wonder whether Shahzad might have been under surveillance before his botched Times Square attack, and posit that the NSA might have intercepted communications from “Waziristan Taliban talking about ‘our American brother Faisal,’ which could have been cross-referenced against Karachi flight manifests,” or “maybe Shahzad traded seemingly innocuous emails with Pakistani terrorists, and minimization precluded analysts from detecting a pattern.”  Anything is possible. But it’s a leap to make this inference merely because investigators appear to have had fairly specific knowledge about his contacts with terrorists after he had already been identified.  They would not have needed to “retroactively to reconstruct his activities from other already-gathered foreign wiretaps:” Once they had zeroed in on Shahzad, his calling patterns could have been reconstructed from phone company calling records whether or not he or his confederates were being targeted at the time the communications occurred, and indeed, those records could have been obtained by means of a National Security Letter without any oversight from the FISA Court.

This is part of a more general strategy we often see deployed by advocates of expanded surveillance powers. After the fact, one can always tell a story about how a known terrorist might have been detected by means of more unfettered spying authority, just as one can always tell a story about how any particular calamity would have been averted if the right sort of regulation were in place. Sometimes the story is even plausible. But if we look at the history of recent intelligence failures, it’s almost invariably the case that the real problem was the inability to connect the right set of data points from the flood of data already obtained, not insufficient ability to collect. The problem is that it’s easy and satisfying to call for legislation lifting the restraints on surveillance—and lifting still more when intelligence agencies fail to exhibit perfect clairvoyance—but difficult if not impossible, certainly for those of us without high-level clearances, to say anything useful about the internal process reforms that might help make better use of existing data. The pundit in me empathizes, but these just-so stories are a poor rationale for further diluting civil liberties protections.

Let’s move on to the unacknowledged fictions, of which there are many.  Perhaps most stunning is the claim that “U.S. intelligence-gathering capability has been substantially curtailed in stages over the last decade.” They mean, one supposes, that Congress ultimately imposed a patina of judicial oversight on the lawless program of warrantless wiretapping and data program authorized by the Bush administration in the aftermath of the 9/11 attacks. But the claim that somehow intelligence gathering is more constrained now than it was in 2000 just doesn’t pass the straight face test. In addition to the radical expansion of the aforementioned National Security Letter authorities, Congress approved roving wiretaps for domestic intelligence, broad FISA orders for the production of “any tangible thing,” so-called “sneak and peek” searches, looser restraints on existing FISA wiretap powers, and finally, with the FISA Amendments Act of 2008, executive power to authorize broad “programs” of surveillance without specified targets. In a handful of cases, legislators have rolled back slightly their initial grants of power or imposed some restraints on powers the executive arrogated to itself, but it is ludicrous to deny that the net trend over the decade has been toward more, rather than less, intelligence-gathering capability.

Speaking of executive arrogation of power, here’s how the Journal describes Bush’s warrantless Stellar Wind program:

Via executive order after 9/11, the Bush Administration created the covert Terrorist Surveillance Program. TSP allowed the National Security Agency to monitor the traffic and content of terrorist electronic communications overseas, unencumbered by FISA warrants even if one of the parties was in the U.S.

This is misleading.  There was no such thing as the “Terrorist Surveillance Program.”  That was a marketing term concocted after the fact to allow administration officials to narrowly discuss the components of Stellar Wind initially disclosed by the New York Times.  It allowed Alberto Gonzales to claim that there had been no serious internal dissent about the legality of “the program” by arbitrarily redefining it to exclude the parts that had caused the most controversy, such as the vast data mining effort that went far beyond suspected terrorists. It was this aspect of Stellar Wind, and not the monitoring of overseas communication, that occasioned the now-infamous confrontation at Attorney General John Ashcroft’s hospital bed described in the editorial’s subsequent paragraph. We continue:

In addition to excessive delays, the anonymous FISA judges demanded warrants even for foreign-to-foreign calls that were routed through U.S. switching networks. FISA was written in an analog era and meant to apply to domestic wiretaps in the context of the Cold War, not to limit what wiretaps were ever allowed.

Forgive me if I’m a broken record on this, but the persistence of the claim in that first sentence above is truly maddening.  It is false that “FISA judges demanded warrants even for foreign-to-foreign calls that were routed through U.S. switching networks.”  Anyone remotely familiar with the FISA law would have known it was false when it was first bandied about, and a Justice Department official confirmed that it was false two years ago. FISA has never required a warrant for foreign-to-foreign wire communications, wherever intercepted, though there was a narrower problem with some e-mail traffic.  To repeat the canard at this late date betrays either dishonesty or disqualifying ignorance of elementary facts. Further, while it’s true that a great deal of surveillance has always, by design, remained beyond the scope of FISA, it is clearly false that it was “meant to apply to domestic wiretaps” if by this we mean only “wiretaps where all parties to the communication are within the United States.” The plain text and legislative history of the law make it clear beyond any possible doubt that Congress meant to impose restraints on the acquisition of all U.S.-to-foreign wire communications, as well as radio communications targeting U.S. persons. (The legislative history further suggests that they had hoped to tighten up the restraints on radio communications, though technical considerations made it difficult to craft functional rules.) We continue:

The 2008 FISA law mandates “minimization” procedures to avoid targeting the communications of U.S. citizens or those that take place entirely within the U.S. As the NSA dragnet searches emails, mobile phone calls and the like, often it will pick up domestic information. Intelligence officials can analyze, retain and act on true smoking guns. But domestic intercepts must be effectively destroyed within 72 hours unless they indicate “a threat of death or serious bodily harm to any person” or constitute “evidence of a crime which has been, is being, or is about to be committed and that is to be retained or disseminated for law enforcement purposes.”

This means that potentially useful information must be discarded if it is too vague to obtain a traditional judicial warrant. Minimization is the FISA equivalent of a fishing license that requires throwing back catches that don’t meet the legal limit. Yet the nature of intelligence analysis is connecting small, suggestive and often scattered clues.

The kernel of truth here is that the FISA Amendments Act did impose some new constraints on the surveillance of Americans abroad. But the implication that “minimization” is some novel invention is just false. Minimization rules have always been part of FISA, and they exist precisely because the initial scope of FISA acquisition is so incredibly broad. And those minimization rules give investigators enormous latitude.  As the FISA Court itself explained in a rare published ruling:

Minimization is required only if the information “could not be” foreign intelligence. Thus, it is obvious that the standard for retention of FISA-acquired information is weighted heavily in favor of the government.

Similarly, the redaction of identifying information about U.S. persons is not required when that information is needed to properly interpret the intelligence, so the idea that analysts would have scrubbed mention of “our American brother Faisal” from an intercept of Taliban communications cannot be taken too seriously.  It’s not entirely clear what the editors are referring to when they say “domestic intercepts must be effectively destroyed within 72 hours:” Do they mean “inadvertent” intercepts of entirely domestic communications, or one-end domestic communications legitimately acquired under the FAA, or what? Either way, that’s not really consistent with what we know about FISA minimization in practice: At least as of 2005, it appears that “minimized” communications were at least sometimes retained in ultimately retrievable form, though not logged.  In any event, if I’m reading them correctly, the Journal is suggesting that NSA should be broadly sweeping up and retaining even the apparently innocent domestic communications of Americans, on the off chance that they might later prove useful? I can imagine being that consumed by terror, but I think I would be ashamed to admit it in public.  Moving on:

Meanwhile, the FISA court reported in April that the number of warrant applications fell to 1,376 in 2009, the lowest level since 2003. A change in quantity doesn’t necessarily mean a change in intelligence quality—though it might.

As it happens, I covered this in a post just the other day.  As a Justice Department official explained to the bloggers at Main Justice, the numerical decline is due to significant changes in the legal authorities that govern FISA surveillance — specifically, the enactment of the FISA Amendments Act in 2008 — and shifting operational demands, but the fluctuation in the number of applications does not in any way reflect a change in coverage.”  Finally:

These constraints are being imposed at the same time that domestic terror plots linked to, or inspired by, foreigners are increasing. Our spooks did manage to pre-empt Najibullah Zazi and his co-conspirators in a plot to bomb New York subways, but they missed Shahzad and Nidal Hasan, as well as Umar Farouk Abdulmutallab’s attempt to bring down Flight 253 on Christmas Day.

Abdulmutallab was a non-U.S. person who didn’t set foot in the country until after setting his underpants aflame; there is no reason whatever to believe that FISA restrictions would have posed an obstacle to monitoring him. As for Nidal Hasan, investigators did intercept his e-mails with radical cleric Anwar al Awlaki. While it seems clear in retrospect that the decision not to investigate further was an error in judgment, they were obviously not destroyed after the fact, since they were later quoted in various press accounts. Maybe those exchanges really did seem legitimately related to Hasan’s research at the time, or maybe investigators missed some red flags. Either way, the part of the process the Journal is wringing its hands about worked: The intercepts were retained and disseminated to the Joint Terrorism Task Force, which concluded that Hasan was “not involved in terrorist activities or terrorist planning” and, along with Army officials, declined to open an investigation. Rending already gossamer-thin minimization requirements is not going to avoid errors of that sort.

The Journal closes out their fantasy by melodramatically asking “whether FISA is in practice giving jihadists a license to kill.” But the only “license” I see here is of the “creative” variety; should they revisit the topic in the future, the editors might consider taking less of it.

State Secrets, Courts, and NSA’s Illegal Wiretapping

As Tim Lynch notes, Judge Vaughn Walker has ruled in favor of the now-defunct Al-Haramain Islamic Foundation—unique among the many litigants who have tried to challenge the Bush-era program of warrantless wiretapping by the National Security Agency because they actually had evidence, in the form of a document accidentally delivered to foundation lawyers by the government itself, that their personnel had been targeted for eavesdropping.

Other efforts to get a court to review the program’s legality had been caught in a kind of catch-22: Plaintiffs who merely feared that their calls might be subject to NSA filtering and interception lacked standing to sue, because they couldn’t show a specific, concrete injury resulting from the program.

But, of course, information about exactly who has been wiretapped is a closely guarded state secret. So closely guarded, in fact, that the Justice Department was able to force the return of the document that exposed the wiretapping of Al-Haramain, and then get it barred from the court’s consideration as a “secret” even after it had been disclosed. (Contrast, incidentally, the Supreme Court’s jurisprudence on individual privacy rights, which often denies any legitimate expectation of privacy in information once revealed to a third party.) Al-Haramain finally prevailed because they were ultimately able to assemble evidence from the public record showing they’d been wiretapped, and the government declined to produce anything resembling a warrant for that surveillance.

If you read over the actual opinion, however it may seem a little anticlimactic—as though something is missing. The ruling concludes that there’s prima facie evidence that Al-Haramain and their lawyers were wiretapped, that the government has failed to produce a warrant, and that this violates the Foreign Intelligence Surveillance Act. But of course, there was never any question about that. Not even the most strident apologists for the NSA program denied that it contravened FISA; rather, they offered a series of rationalizations for why the president was entitled to disregard a federal statute.

There was the John Yoo argument that the president essentially becomes omnipotent during wartime, and that if we can shoot Taliban on a foreign battlefield, surely we can wiretap Americans at home if they seem vaguely Taliban-ish. Even under Bush, the Office of Legal Counsel soon backed away from such… creative… lines of argument. Instead, they relied on the post-9/11 Authorization for the Use of Military Force (AUMF) against al-Qaeda, claiming it had implicitly created a loophole in the FISA law. It was David Kris, now head of DOJ’s National Security Division, who most decisively blew that one out of the water, concluding that it was “essentially impossible” to sustain the government’s reading of the AUMF.

Yet you’ll note that none of these issues arise in Walker’s opinion, because the DOJ, in effect, refused to play. They resisted the court at every step, insisting that a program discussed at length on the front pages of newspapers for years now was so very secret that no aspect of it could be discussed even in a closed setting. They continued to insist on this in the face of repeated court rulings to the contrary. So while Al-Haramain has prevailed, there’s no ruling on the validity of any of those arguments. That’s why I think Marcy Wheeler is probably correct when she predicts that the government will simply take its lumps and pay damages rather than risk an appeal. For one, while Obama administration has been happy to invoke state secrecy as vigorously as its predecessor, it would obviously be somewhat embarrassing for Obama’s DOJ to parrot Bush’s substantive claims of near-limitless executive power. Perhaps more to the point, though, some of those legal arguments may still be operative in secret OLC memos. The FISA Amendments Act aimed to put the unlawful Bush program under court supervision, and even reasserted FISA’s language establishing it as the “exclusive means” for electronic surveillance, which would seem to drive a final stake in the heart of any argument based on the AUMF. But we ultimately don’t know what legal rationales they still consider operative, and it would surely be awkward to have an appellate court knock the legs out from under some of these secret memoranda.

None of this is to deny that the ruling is a big deal—if nothing else because it suggests that the government does not enjoy total carte blanche to shield lawbreaking from review with broad, bald assertions of privilege. But I also know that civil libertarians had hoped that the courts might be the only path to a more full accounting of—and accountability for—the domestic spying program. If the upshot of this is simply that the government must pay a few tens, or even hundreds of thousands of dollars in damages, it’s hard not to see the victory as something of a disappointment.

The FISA Amendments: Behind the Scenes

I’ve been poring over the trove of documents the Electronic Frontier Foundation has obtained detailing the long process by which the FISA Amendments Act—which substantially expanded executive power to conduct sweeping surveillance with little oversight—was hammered out between Hill staffers and lawyers at the Department of Justice and intelligence agencies. The really interesting stuff, of course, is mostly redacted, and I’m only partway though the stacks, but there are a few interesting tidbits so far.

As Wired has already reported, one e-mail shows Bush officials feared that if the attorney general was given too much discretion over retroactive immunity for telecoms that aided in warrantless wiretapping, the next administration might refuse to provide it.

A couple other things stuck out for me. First, while it’s possible they’ve been released before and simply not crossed my desk, there are a series of position papers — so rife with  underlining that they look like some breathless magazine subscription pitch — circulated to Congress explaining the Bush administration’s opposition to various proposed amendments to the FAA. Among these was a proposal by Sen. Russ Feingold (D-WI) that would have barred “bulk collection” of international traffic and required that the broad new intelligence authorizations specify (though not necessarily by name) individual targets. The idea here was that if there were particular suspected terrorists (for instance) being monitored overseas, it would be fine to keep monitoring their communications if they began talking with Americans without pausing to get a full-blown warrant — but you didn’t want to give NSA carte blanche to just indiscriminately sweep in traffic between the U.S. and anyone abroad. The position paper included in these documents is more explicit than the others that I’ve seen about the motive for objecting to the bulk collection amendment. Which was, predictably, that they wanted to do bulk collection:

  • It also would prevent the intelligence community from conducting the types of intelligence collection necessary to track terrorits and develop new targets.
  • For example, this amendment could prevent the intelligence community from targeting a particular group of buildings or a geographic area abroad to collect foreign intelligence prior to operations by our armed forces.

So to be clear: Contra the rhetoric we heard at the time, the concern was not simply that NSA would be able to keep monitoring a suspected terrorist when he began calling up Americans. It was to permit the “targeting” of entire regions, scooping all communications between the United States and the chosen area.

One other exchange at least raises an eyebrow.  If you were following the battle in Congress at the time, you may recall that there was a period when the stopgap Protect America Act had expired — though surveillance authorized pursuant to the law could continue for many months — and before Congress approved the FAA. A week into that period, on February 22, 2008, the attorney general and director of national intelligence sent a letter warning Congress that they were now losing intelligence because providers were refusing to comply with new requests under existing PAA authorizations. A day later, they had to roll that back, and some of the correspondence from the EFF FOIA record makes clear that there was an issue with a single recalcitrant provider who decided to go along shortly after the letter was sent.

But there’s another wrinkle. A week prior to this, just before the PAA was set to expire, Jeremy Bash, the chief counsel for the House Permanent Select Committee on Intelligence, sent an email to “Ken and Ben,” about a recent press conference call. It’s clear from context that he’s writing to Assistant Attorney General Kenneth Wainstein and General Counsel for the Director of National Intelligence Ben Powell about this press call, where both men fairly clearly suggest that telecoms are balking for fear that they’ll no longer be immune from liability for participation in PAA surveillance after the statute lapses. Bash wants to confirm whether they really said that “private sector entities have refused to comply with PAA certifications because they were concerned that the law was temporary.” In particular, he wants to know whether this is actually true, because “the briefs I read provided a very different rationale.”  In other words, Bash — who we know was cleared for the most sensitive information about NSA surveillance — was aware of some service providers being reluctant to comply with “new taskings” under the law, but not because of the looming expiration of the statute. One of his correspondents — whether Wainstein or Powell is unclear — shoots back denying having said any such thing (read the transcript yourself) and concluding with a terse:

Not addressing what is in fact the situation on both those issues (compliance and threat to halt) on this email.

In other words, the actual compliance issues they were encountering would have to be discussed over a more secure channel. If the issue wasn’t the expiration, though, what would the issue have been? The obvious alternative possibility is that NSA (or another agency) was attempting to get them to carry out surveillance that they thought might fall outside the scope of either the PAA or a particular authorization. Given how sweeping these were, that should certainly give us pause. It should also raise some questions as to whether, even before that one holdout fell into compliance, the warning letter from the AG and the DNI was misleading. Was there really ever a “gap” resulting from the statute’s sunset, or was it a matter of telecoms balking at an attempt by the intelligence community to stretch the bounds of their legal authority? The latter would certainly fit a pattern we saw again and again under the Bush administration: break the law, inducing a legal crisis, then threaten bloody mayhem if the unlawful program is forced to abruptly halt — at which point a nervous Congress grants its blessing.