NSA Agents Told To Withhold Target Information From Those In Charge Of Oversight
from the and-the-hits-keep-coming dept
There’s so much information that’s coming out of last night’s Washington Post bombshell that just continues to yield incredible information about what defenders of these programs have been saying as compared to what’s actually happening. Here’s another one. One of the documents released with the report, via Ed Snowden, shows that NSA agents were directly told to give their overseers as little information as possible. The document explains to agents the process for justifying why they were requesting targeting (i.e., a more detailed look concerning an individual or group — not just at that person’s communications, but potentially anyone even remotely connected to them), and makes it clear that they are to give the bare minimum necessary to fulfill their reporting requirements, but not even the slightest bit beyond that. In fact, they’re told to give a single short sentence, and to make sure it includes no “extraneous information.”
The basic premise of this process is to memorialize why you the analyst have requested targeting. This rationale will be provided to our external FISA Amendment Act (FAA) overseers, the Department of Justice and Office of the Director of National Intelligence, for all FAA targeting.
While we do want to provide our FAA overseers with the information they need, we DO NOT want to give them any extraneous information…. This rationale can be no longer than one short sentence.
[….] Your rationale MUST NOT contain any additional information including: probable cause-like information (i.e., proof of your analytic judgment), how you came to your analytic conclusions, any RAGTIME information, classification marking or selector information.
The document goes on to list a variety of “example” rationale sentences, all pretty short and sweet, which basically demonstrate to NSA agents how to remove any pertinent information for oversight, while still giving a “reason” for targeting someone. It’s a lesson in stripping out information and, as the Washington Post notes, replacing it with “generic” info that will pass muster with the folks supposedly in charge of oversight. As an aside, while parts of them are redacted, there are a few “fake” names given, including “Mohammad Badguy” and “Muhammad Fake Name.” No profiling there.
Either way, this once again suggests that the “oversight” going on here is something of a joke. Analysts are directly being told to be careful not to explain very much at all, giving the briefest (“one short sentence, no extraneous information”) basis for getting access to all sorts of information concerning a “target” — which might include a variety of communications and metadata concerning a huge number of people very, very, very loosely connected with that target. It certainly suggests that this idea of “oversight” is pretty laughable. Concoct a one sentence “rationale” that sounds vaguely plausible, and it appears that no one’s going to ask any questions at all.
Filed Under: justification, nsa, nsa surveillance, oversight, targeting, withhold information
Comments on “NSA Agents Told To Withhold Target Information From Those In Charge Of Oversight”
I’m really interested in the reaction of Mr Rogers and Feinstein now.
I think this is officially the worst crisis the US Govt is going under ever. It’s a crisis of ethics, public trust and morals (as in the morals they always championed such as human rights, freedom of speech etc).
Re: Re:
To be fair, most of the lot that are in office right now and have been for more than two terms could really give a shit. This has been going on since 9/11, and for some time before that.
Re: Re:
Yes, but Obama campaigned hard against Bush policies. He also got the Nobel Peace Prize for not being Bush. And the Bush admin would’ve either given no comment or been like, you caught us, here’s our rationale (even if it was racist and overly hawkish). Now it’s like that kid that gets caught lying and just keeps lying and lying and everybody’s just looking at him like he’s stupid.
Re: Re:
You missed constitutional, legal, and oversight crisis.
Let me use this "one short sentence" approach:
I’m against Google because it spies on me constantly and gives NSA “direct access” too.
Re: Let me use this "one short sentence" approach:
Here?s a one-sentence approach to your problem:
Block Google and all its various services via NoScript, Adblock, HOSTS file blocking, and any other tools or methods available to you.
Re: Re: Let me use this "one short sentence" approach:
I believe that was a fake OOTB. It wasn’t long and rambling.
Re: Let me use this "one short sentence" approach:
At least Google is up front and honest about the fact they gather information about you and that they will share it with government when the law requires them to do so.
No one is forcing you to use Google’s products so you can even opt out of their information gathering by not using their products.
The NSA only lies to you about what they gather, gives you no way to opt out and lies to you more.
Re: Re: Let me use this "one short sentence" approach:
And, if you say something bad about google they can’t (directly) detain you, arrest you, or incarcerate you.
Here’s a single sentence: The Constitution limits the federal government, not corporations.
Here’s another: Google doesn’t have guns, jails, extraordinary rendition, or tax auditors to make your life hell.
Re: Re: Let me use this "one short sentence" approach:
Re: Let me use this "one short sentence" approach:
You are an idiot trying to distract the conversation from what could possibly be the biggest constitutional violation in history which makes me believe you are in bed with the scum bags involved in this.
Re: Let me use this "one short sentence" approach:
No, you aren’t against Google, because you continue to use it.
Re: Let me use this "one short sentence" approach:
Spying implies a lack of consent so that’s not applicable and gives implies a choice which isn’t applicable either. So basically you’re against Google because of ‘reasons.’
Re: Let me use this "one short sentence" approach:
That’s because you insist on using it, you liar and hypocrite. You claimed to not be using gmail, remember. And you already know that all the services you use from Google are available elsewhere, so don’t roll naked in poison ivy and complain about the resulting rash, you fool.
But the "Mission"
We have had the “But the Children” excuse and “But, But Terrorist” excuses bandied about. Well here’s a new one “But the Mission”. Considering how many generals and ex-military seem to be walking around the NSA, it seems the mindset came along as well.
Similar to the mindset we’ve seen at the DOJ, “Must WIN at all Costs”. This means innocent people get put in jail at DOJ, and for NSA, people lose all the rights granted by the Constitution that NSA is supposed to be protecting.
While it is an admirable but misguided goal, the NSA (plus NYPD and other law enforcement agencies) are trying to stop crime before it happens, to “you know”, save lives. But they are doing it by taking away our rights.
While crime prevention is an admirable goal, they are not the pre-crime unit with people who can see the future. The worst part of it is that they are the ones who are committing the whopping big crime of violating the Constitution.
These revelations leave me thinking that they have a criminal lawyer sitting at there shoulder saying “Objection, don’t answer that question” who also spent some time “prepping the witness”.
The “good guys” who are supposed to be preserving our constitutional rights have gotten themselves so focused on “completing the mission” of saving the lives of everyone have lost focus of everything else. Including the fact that they are “in spirit” and “in fact” trampling the very Constitutional laws they are supposed to be upholding.
As an aside, while parts of them are redacted, there are a few “fake” names given, including “Mohammad Badguy” and “Muhammad Fake Name.” No profiling there.
Maybe they should be looking for “Sven Badguy” or Lars Fake Name” instead?
Re: Re:
Maybe Kevin Badguy and Thomas Fake Name might be better…
Oversight? Not happening!
Our “esteemed” Congress is supposed to provide oversight of these TLA’s (Three Letter Agencies), but they keep harping upon their oath to “protect the American people”. What boneheads! Their oath of office has always been to “protect, and defend the Constitution”, NOT to “protect the American people”. From the US Senate web site, the Senate Oath of Office:
“I do solemnly swear (or affirm) that I will support and defend the Constitution of the United States against all enemies, foreign and domestic; that I will bear true faith and allegiance to the same; that I take this obligation freely, without any mental reservation or purpose of evasion; and that I will well and faithfully discharge the duties of the office on which I am about to enter: So help me God.”
Nothing there about “protect the people”…
So, these asshats are all (with a few exceptions) violating their oaths, and are thus liable for impeachment and recall from office.
Specifically denying those in oversight any information resembling probable cause is pretty damning. One would think that half the point of oversight was to make sure you had reasonable probably cause to target someone.
Re: Re:
Heck, it’s not just oversight. How about:
Because
I’m sick of all this “oath to defend the constitution yada yada yada…” The oaths they take are given to nobody, its not signed, and has no legal force whatsoever. Its less than a primise even, because a promise you make to another person. The “oath” is akin to a new years resolution to quit smoking. Its NOT A CONTRACT. I’m sorry if you thought otherwise.
Re: Re:
Talk about missing the forest for the trees.
Re: Re:
The oath of office is important enough that when John Roberts botched it for Obama back in 2009, they re-did the swearing of the oath the next day. And all that was wrong was the placement of the word faithfully.
Re: Re:
Without that oath there is no allegiance and if there is no allegiance then there is no law to abide.
It is, if you’re not aware, the only valid link between the constitution and enforcement.
Who would possibly care about a constitution if nobody swears to uphold it?
I’m sorry that you’re sick of it though because it is, in effect, the only thing that matters.
Oversight is impossible
unless those doing the oversight have the same level of access to information as those being overseen.
Re: Oversight is impossible
unless those doing the overseeing can have direct access to the people being overseen, which includes the workers. relying on paper and in person reports from managers means filtered information, and possibly outright lies.
To be fair
asking for a field to be short and punchy is a pretty normal and reasonable practice in database management. It’s usually to do with producing tabular reports that don’t have really wide columns.
But then…
– the field is required to have 3 elements, why not have 3 fields?
– why is the justification in the comments field, not the shareable justification field?
– why the need for the TAR flag?
My thoughts are that the database was set up to receive detailed justifications, but the process has been evolved to put a summarised title justification there instead. I suspect that there are more flags like TAR that aren’t being used (e.g. detailed explanation).
What this really comes down to is that the FAA overseers have been lazy in accepting this level of detail without further questioning. It suggests the entire process of oversight was running a finger down a column and saying “this looks ok – all nice and regular”.
If no one asks for the information, why would they provide the information?
Re: To be fair
It suggests that because that’s the way it actually is — but I don’t think it’s laziness. I think it’s the intentional design.
Re: Re: To be fair
Don’t think it’s intentional design – otherwise the forms would be different.
And I just noticed the last paragraph of the article sort of says what I meant in my post.
But that leads to asking what the “full recipes” actually say, whether overseers are provided with that info automatically or have to ask for it, and whether they every actually read it.
A lot of this is starting to reek of typical “big company” practices – work to the bare minimum; guidelines become strict rules; the summary report be all and end all. As such, that would make me less concerned about such practices. But then that further leads to bigger questions – why change the laws to accommodate such things? why hide them? why lie about them?
I think they started off going “yeah, we’ve got oversight and good practice coming out of ears. Bring it on!” Then they’ve looked at it and gone “Oh shit”.
Re: Re: Re: To be fair
Hmm, good points, all.
Normal SOP - Move on nothing new here
I can see that this can viewed as trying to hide stuff and it more than likely has some of that going on. But really it is SOP for the letter orgs. I bet if you looked at the internal documents from any of them, FBI, CIA, NSA, NASA, DOE, DOI, and any other one you can think of they would pretty much read close to the above documents.
They don’t want oversight. They don’t like oversight. They like to do what they think they need to do and only subject themselves to providing the overseers with the legally required information. And not one single thing more.
And as much as I hate to admit it, that is actually logical. The people in Congress are largely elected based on some knowledge and a lot of personality. So 90% of time they really don’t know what the heck they are looking at.
For example: Let’s say you are computer tech. You fix a customer’s computer. Do you explain to them all the steps you had to do to remove the 5000 pieces of spyware and viruses from there computer and why it was causing all the issues they were seeing? Or do you give them the simple break down. “Everything is fixed and your computer is running great now.”
I know my answer.
Re: Normal SOP - Move on nothing new here
If the customer asks, then yes. And that’s the problem here — the “customer” isn’t asking.
Re: Re: Normal SOP - Move on nothing new here
Right! But even if they ask you still don’t spell it out in too much detail. You give them enough detail to make them understand how much work you did. Unless of course you are trying to impress them with all the hard work it took.
Re: Re: Re: Normal SOP - Move on nothing new here
Or unless the reason they’re asking is to confirm that you did what you were supposed to do, and no more…
Re: Re: Re: Normal SOP - Move on nothing new here
Perhaps, but in this case they’re they’re not only not ‘spelling things out’ and explaining in heavy detail, they are flat out lying on the few details they do give.
It’s like the difference between ‘You had some programs at risk, I updated them, you should be good'(Truth) and ‘You had a whole slew of virus’ and malware, and while I think I got them all, I’ll have to come in regularly to make sure. That’ll be $150′(Not so truth)
Now I understand what the NSA means by “minimalization procedures.”
memorialize
I could only wish they meant memorialize. That would be mean the targeting is coming to an end and I would like to see the targeting of Americans (Canucks too), at least, come to an end. I would have used “memolate” or maybe “obfuminiscate”.
Email your Reps. and Sens.
Email your Reps. and Sens.
And ask one simple question:
Did the (Rep./Sen.) swear an Oath of Office, and if so, what did it consist of?
So all the analysts need is “rubber stamp” each, with a generic reason for targeting – then the other rubber stamp court can use theirs .. rubber stamps all round
Missing an Important Point?
The non-tech folks seem to be responding to the idea of “programming errors” as a factor in the errors reported in the WaPo NSA audit article. But it might be useful to let the natives know that the level of “programming” required seems to be on par with typing in your CCV code when buying something online. In other words, the real story is about hiw ridiculously easy it is for ANY operator to acquire,collect, and examine any form of digital information from ANY SOURCE in the world… unless that xKEYSCORE screen cap isn’t really like enCASE….