NSA Used FBI Abuses To Justify Metadata Collection

from the another-bad-argument,-'bolstered'-by-worse-tactics dept

James Clapper's office has released another batch of documents in a grudging nod to the transparency forced on it by the ACLU's FOIA requests (and subsequent lawsuit). Mike covered one yesterday that detailed the NSA's collection of location data, something it had previously assured legislators hadn't actually happened. Well, it did happen but the agency excused it as a "test," something it felt the FISA bulk records orders allowed it to do. Tellingly, it informed officials after the fact, rather than seeking explicit approval beforehand.

Beyond that, these documents are rather light on details. If I were in Clapper's position, these are the sorts of documents I'd release -- ones that nod toward openness but provide as little information as possible. Most of what's been released is memos issued to intelligence committees stating that the NSA has fixed its problems (the end-to-end reviews) and is behaving itself. The memos also indicate that the NSA has a very bad habit of doing things first and seeking permission or forgiveness later -- "playing to the edges of the box," as it were.

That's not to say there's nothing useful, informative or revealing in this release, but what is there is very limited, and a handful of the memos are redundant. All in all, it's a very safe document release.

One of the more interesting bits appears in a joint statement issued in October, 2009 by the National Counterterrorism Center and the NSA in support of the PATRIOT Act reauthorization.

While defending the Section 215 collections, the following points are listed as evidence of the program's worthiness.

FBI representatives have indicated to NSA that the telephone contact reporting has provided leads and linkages to individuals in the United States with potential ties to terrorism who may not have otherwise been known to or identified by the FBI. In Calendar Year 2008, telephone numbers tipped from the NSA business records results either added value or led to:

  • the opening of over 240 Threat Assessments
  • the opening of over 100 Preliminary Investigations
  • the opening of approximately 15 Full Investigations
  • 180 National Security Letters issued.
That both the NSA and FBI actually believe "threat assessments" and NSLs hold any worth indicates there's been a little too much Kool-Aid in the interdepartmental water cooler, to say nothing about the fact that 100 "preliminary investigations" resulted in only 15 "full investigations."

The ACLU's rundown of the FBI's abuse of its powers had this to say about the uselessness of "threat assessments."
In 2008, the US Attorney General granted the FBI permission to utilize investigations called "assessments" which required no predicate and granted the agency power to conduct these as though they were actual investigations and use all the tools normally available. The FBI was only too happy to take the AG up on his offer.

In a two-year period from 2009 to 2011, the FBI opened over 82,000 “assessments” of individuals or organizations, less than 3,500 of which discovered information justifying further investigation.
To credit the NSA with "tipping" leads that resulted in "assessments" is hardly an indicator of the program's usefulness. The FBI's enthusiasm for exploiting this "tool" is well documented. Handing the FBI a few random pages from the nearest phonebook would likely have resulted in the same number of "assessments" over that same time period.

The FBI has a fondness for National Security Letters as well. These allow agents to bypass legal safeguards when seeking info -- little things like warrants, subpoenas and court orders. The FBI's abuse of NSLs is also well-documented.
A 2007 Inspector General audit revealed that from 2003 through 2005 the FBI issued over 140,000 National Security Letters —secret demands for certain account information from telecommunications companies, financial institutions, and credit agencies that require no judicial approval — almost half of which targeted Americans.

The FBI's abuse of the NSLs goes even further than the fact that the agency nearly continuously wrote itself blank surveillance checks for three straight years. The ACLU notes that the agency so thoroughly abused the program that it truly had no idea how many letters had been issued. An audit of the program also found that 60% of the audited files had no supporting documentation and that 22% contained at least one unreported legal violation.
And when the agency's NSL abuse came under fire, it switched to exigent circumstance letters, Post-It notes or showing up at the telco offices and reading search results over employees' shoulders.

The NSA using these horrendously abused processes as "proof" of the bulk records collection's worth is just as ridiculous as someone pointing to overflowing prisons as proof minimum sentencing standards are an effective deterrent of criminal activity.

The paper also makes the claim that having these records would have prevented the 9/11 attacks which, if nothing else, gives some idea how long that particular (bad) argument has been in play. It points to the fact that it couldn't collect domestic phone data at that point as the essential missing element, while omitting any mention of the CIA's failure to put Khalid al-Mihdhar on a watch list, which allowed him to return to the US unnoticed after he fell off the agency's radar during a visit to the Middle East.

In all likelihood, this "essential element" would have been just another dot for the NSA to connect. Whether or not it would have made the connection in time to prevent the attack is open to speculation. NSA heads and its defenders believe it would have, but there's been no evidence produced so far that would indicate the 215 programs do anything more than create another set of dots.

The key element would have been preventing al-Mihdhar from boarding that plane on 9/11. If the CIA had placed him on a watch list after it lost track of him, this could very well have been prevented as any attempts to travel would have triggered a response from security and intelligence agencies.

Finally, there's this bizarre redaction, which directly follows discussion of the tracking and arrest of a suspected al-Qaeda member.


Given the context, this missing word can't be anything other than al-Qaeda ("continues their aspirations and attempts to achieve another spectacular attack in the United States..."). There's that over-classification and opacity at work again, redacting a word that can be inferred by context and which would come as no surprise to any al-Qaeda members who might be viewing the DNI's recently released documents.


Reader Comments (rss)

(Flattened / Threaded)

  •  
    identicon
    Anonymous Coward, Oct 31st, 2013 @ 2:45pm

    I think you're assuming too much at the end there - there's no telling who was redacted, really, the US does have many enemies.

    I think the smart money is on Gordon Ramsay. He's had it in for us for years. The redacted portion is too small though, so it's probably actually his street name "G-Rammz".

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Oct 31st, 2013 @ 3:01pm

    Why is anyone still listening to the NSA when they have proven multiple times they will do anything, anything at all to prevent having to tell the truth or own up to doing anything they are accused of? We've had far too many examples to date that acknowledging they have exceeded their mandate is not one of them.

    Other than reading the responses put out by NSA apologists as either a joke sheet or to see how much can be read from between the lines, their responses no longer are creditable.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Brazenly anonymous, Oct 31st, 2013 @ 3:29pm

    Another pointless redaction

    The name of the other person preparing the joint statement, which was redacted from the document, is Robert E Joyce, the current head of the NSA's cyber espionage unit. See http://www.matthewaid.com/post/51875378172/new-top-leadership-at-nsas-cyber-espionage-unit and http://www.zoominfo.com/p/Robert-Joyce/1783797859.

     

    reply to this | link to this | view in chronology ]

  • This comment has been flagged by the community. Click here to show it
     
    identicon
    out_of_the_blue, Oct 31st, 2013 @ 5:07pm

    "I'd annex the Sudetenland."

    From the Monty Python skit, in answer to "What would you do if you were Hitler?" -- Eerily similar to your "If I were in Clapper's position, these are the sorts of documents I'd release" -- So, you'd do the same instead of better? It's an interesting peek into your psyche. Evidently, you actually are a Non-Player Character, having no will or conscience of your own.

     

    reply to this | link to this | view in chronology ]

    •  
      identicon
      Brazenly anonymous, Oct 31st, 2013 @ 5:45pm

      Re: "I'd annex the Sudetenland."

      Clapper's position includes his objectives when analyzing the strategic position he is taking. I can't speak to whether or not Tim would embrace those same objectives.

      I see distinct indicators in my own personality that point to a high probability that I would abuse such power if I held it, and thus exercise my will in avoiding seeking positions of power. Those who can legitimately exert substantial enough willpower to avoid such abuse and whom see such a stance as beneficial are substantially rare that relying on them coming to power is foolish. Thus, it is far better to devise a system that denies anyone from obtaining such power, as eventually someone who does would abuse it.

      If you are so naive as to attribute no probability that you would abuse the system with such power, then I say that you would be more than willing to annex the Sudetenland, believing yourself to be such a great ruler that this foul act would be an act of liberation. You'd probably come to power through revolution rather than a coup though, so you're more of a Stalin than a Hitler.

       

      reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Oct 31st, 2013 @ 5:38pm

    The opening of over 240 Threat Assessments
    The opening of over 100 Preliminary Investigations
    The opening of approximately 15 Full Investigations
    180 National Security Letters issued.

    And Millions of privacy violations

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Nov 3rd, 2013 @ 8:36am

    Everything's always crystal clear, in hindsight...

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Nov 3rd, 2013 @ 5:15pm

    So by carefully analyzing the evidence put forth by the NSA here, it would seem all the dots are pointing to the surveillance community being utterly incompetent.

     

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
A word from our sponsors...
Essential Reading
Techdirt Reading List
Techdirt Insider Chat
A word from our sponsors...
Recent Stories
A word from our sponsors...

Close

Email This