ODNI Lawyer Bob Litt Says There's No NSA Data Sharing With Law Enforcement... If You Don't Count The FBI, DEA, Etc.

from the a-fine-guest-post-full-of-classic-debunkables dept

Just when we thought some surveillance reforms might stick, the administration announced it was expanding law enforcement access to NSA data hauls. This prompted expressions of disbelief and dismay, along with a letter from Congressional representatives demanding the NSA cease this expanded information sharing immediately.

This backlash prompted Office of the Director of National Intelligence General Counsel Robert Litt to make an unscheduled appearance at Just Security to explain how this was all a matter of everyone else getting everything wrong, rather than simply taking the administration at its word.

There has been a lot of speculation about the content of proposed procedures that are being drafted to authorize the sharing of unevaluated signals intelligence. While the procedures are not yet in final form, it would be helpful to clarify what they are and are not. In particular, these procedures are not about law enforcement, but about improving our intelligence capabilities.
As Litt explains it, everything about this is lawful and subject to a variety of policies and procedures.
These procedures will thus not authorize any additional collection of anyone’s communications, but will only provide a framework for the sharing of lawfully collected signals intelligence information between elements of the Intelligence Community. Critically, they will authorize sharing only with elements of the Intelligence Community, and only for authorized foreign intelligence and counterintelligence purposes; they will not authorize sharing for law enforcement purposes. They will require individual elements of the Intelligence Community to establish a justification for access to signals intelligence consistent with the foreign intelligence or counterintelligence mission of the element. And finally, they will require Intelligence Community elements, as a condition of receiving signals intelligence, to apply to signals intelligence information the kind of strong protections for privacy and civil liberties, and the kind of oversight, that the National Security Agency currently has.
So, this all sounds like it has nothing to do with law enforcement. Just intelligence "elements" from the community. Except that law enforcement and intelligence agencies are hardly separate entities. We already know the NSA is allowed to "tip" data to the FBI if it might be relevant to criminal investigations. There's no clear dividing line between intelligence and law enforcement -- not with law enforcement's steady encroachment into national security territory. When Litt says "only intelligence agencies," he's actually referring to several law enforcement agencies, as Marcy Wheeler points out.
As a threshold matter, both FBI and DEA are elements of the intelligence community. Counterterrorism is considered part of FBI’s foreign intelligence function, and cyber investigations can be considered counterintelligence and foreign intelligence (the latter if done by a foreigner). International narcotics investigations have been considered a foreign intelligence purpose since EO 12333 was written.

In other words, this sharing would fall squarely in the area where eliminating the wall between intelligence and law enforcement in 2001-2002 also happened to erode fourth amendment protections for alleged Muslim (but not white supremacist) terrorists, drug dealers, and hackers.

So make no mistake, this will degrade the constitutional protections of a lot of people, who happen to be disproportionately communities of color.
And, to go back to Litt's statement, the whole thing starts with a dodge:
These procedures will thus not authorize any additional collection of anyone’s communications…
This is something no one has actually claimed. What people are concerned about is the NSA using its massive collection abilities to become an extension of domestic law enforcement, rather than the foreign-focused entity it's supposed to be.

And, as for Litt's claims that everything is subject to clearly-defined rules on minimization, those are also false. First off, the expanded permissions originate under Executive Order 12333, which has been revised in secret on more than one occasion -- all without the full participation of Congressional oversight. Not only that, but agencies that are recipients of unminimized data from the NSA are supposed to apply their own minimization procedures to better ensure "strong protections for privacy and civil liberties." Wheeler notes that two recipients have yet to put any minimization procedures in place, despite having had years to do so.
I also suspect that Treasury will be a likely recipient of this data; as of February 10, Treasury still did not have written EO 12333 protections that were mandated 35 years ago (and DEA’s were still pending at that point).
The backdoor search loophole has yet to be closed (which gives the FBI access to unminimized data and communications obtained via Section 702) and these agencies -- along with two consecutive, very compliant administrations -- have been tearing down any walls between the NSA and law enforcement for several years now.

Litt's reassurances are worthless. It namechecks all the stuff we know is mostly worthless: oversight, minimization procedures, the frankly laughable idea that the FBI cares more about privacy and civil liberties than making busts, etc. and asks us to believe that a tangled thicket of secretive agencies and even-more-secretive laws are all designed to protect us from government overreach.

Filed Under: bob litt, data sharing, dea, fbi, law enforcement, nsa, odni

Reader Comments

Subscribe: RSS

View by: Time | Thread

  1. identicon
    Anonymous Coward, 3 Apr 2016 @ 10:42am

    So exactly what kind of Chinese wall is the FBI expected to implement?

    The key word here is "unevaluated". This puts the responsibility for distinguishing between jurisdictions in the hands of the FBI. And that pretty much guarantees more parallel construction.

    Probably a better approach would be to use a model similar to forward air controllers. There should be an liason officer working for the FBI, at the NSA's facility whose duty is to fetch data relevant to state actors. That way the respective reports can be easily audited, and everybody experiences less friendly fire.

    Of course the FBI doesn't want that. Once data is inside the beltway it is going to be disseminated to everybody and their mother. So the current way certainly creates more plausible deniability if there are just big blocks of compressed files flying around.

    However it also creates exactly the environment required to allow the NSA to use the FBI as a cats paw. The FBI becomes a potential unwitting participant in domestic intelligence operations, up to, and potentially including a coupe de' tete, just by feeding the FBI bogus data.

    And THAT is why you don't do this. Everything else is small potatoes.

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here

Subscribe to the Techdirt Daily newsletter

Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Follow Techdirt
Techdirt Gear
Shop Now: Techdirt Logo Gear
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Report this ad  |  Hide Techdirt ads
Recent Stories
Report this ad  |  Hide Techdirt ads


Email This

This feature is only available to registered users. Register or sign in to use it.