Earlier this week, we wrote about an absolutely ridiculous Associated Press story by reporter Ted Bridis, claiming that law enforcement investigating the San Bernardino shootings are being somehow held back because of the close of the NSA's Section 215 phone records program. There were all sorts of problems with that story, so it's great to see the Associated Press ask one of its enterprising young reporters -- a guy who goes by the name Ted Bridis -- to do a "fact check" piece on Republican Presidential candidates who are now repeating the very claims that Bridis himself made earlier in the week.
This "other" Ted Bridis (along with Ken Dilanian) suddenly notices that the claims that Ted Bridis of earlier this week reported are magically false when repeated by others:
In the wake of the California shootings, Republican presidential candidates Marco Rubio, Jeb Bush, Chris Christie and Lindsey Graham are complaining that U.S. intelligence agencies have lost their authority to collect phone records on Americans under a controversial National Security Agency surveillance program. They want the government to bring that program back.
All four candidates have overstated their case.
Their comments fail to acknowledge key provisions of a new U.S. law. While the new law ended the bulk collection of phone records, it still allows the government to obtain records on a case-by-case basis with court approval.
The new "fact check" piece even admits that Rubio, at the very least, cited Bridis' earlier report, but then tries to pretend he just didn't read it right. Except that's bullshit. The problem was with the article, which had a giant headline reading: "California terror investigators can't view NSA phone records" and includes ominous descriptions like the following:
Under a shutdown order by the Foreign Intelligence Surveillance Court, the government was prohibited from collecting phone records in wholesale ways starting Nov. 29.
"After November 28, 2015, no access to the BR (business record) metadata (phone records) will be permitted for intelligence analysis purposes," U.S. District Judge Michael W. Mosman of Portland ruled. "Hence, queries of the BR metadata for the purpose of obtaining foreign intelligence information will no longer be permitted."
The California shootings happened four days later. The court revealed the order publicly just hours before the shootings.
The clear -- but totally bullshit -- implications of this are that the shutting down of the Section 215 records collection somehow harms the investigation. To then come back a day or so later and pretend that politicians running with this clear implication of your own article are somehow the ones to be shamed is pretty ridiculous.
from the 'reform'-as-in-'maintain-status-quo' dept
The NSA's bulk phone metadata collection may no longer technically be a "collection" (the NSA now has to seek responsive metadata from telcos using targeted court orders), but that doesn't mean the agency isn't still seeking ways to keep the "dragnet" in "dragnet surveillance."
The NSA was only supposed to have access to previously collected bulk metadata for "analytic purposes." Apparently, "analyzing" the data also means searching the data, as was pointed out by FISA Court on Twitter (not affiliated at all with the actual FISA Court).
Fascinating: the Court will let NSA compare old bulk call data to new responses for a while.
The court finds that the USA Freedom Act did not expressly dictate limits on use of the metadata collected under Section 215 previous to the enactment of the surveillance reform bill. Because of this lack of statutory specificity, the court has agreed to grant NSA both access and extended retention of the data for two reasons.
The first is to verify the completeness of phone records obtained with targeted FISC orders.
[F]or a period ending on February 29, 2016, appropriately trained and authorized technical personnel will have access to the BR Metadata solely for the purpose of verifying the completeness and accuracy of call detail records produced under the targeted (i.e., non-bulk) production orders issued by the Court after November 28, 2015. According to the government, verification will involve a comparison of the two sets of records (i.e., the BR Metadata and call detail records received pursuant to subsequent, targeted orders). See Government Response at 9. NSA technical personnel will compare the number of call detail records produced for a specific selection term with the number of call detail records identified in response to a query of the BR Metadata using the same identifier. See id at 9-10. Such comparisons will help provide assurance that the new collection process is working as intended.
Extended retention of the bulk metadata will be permitted because the records themselves are still the subject of multiple lawsuits.
Analysis of the data will also double as a search of the data, mixing newly-obtained phone records with the old ones and muddying the line between what is explicitly permitted under USA Freedom and what isn't explicitly forbidden.
Once the NSA has obtained the responsive records, they will stay in the agency's hands for five years, presumably. At that point, they will become part of the larger collection -- some of which will never be destroyed.
Information obtained or derived from call detail records which has been previously disseminated in accordance with approved minimization procedures will not be recalled or destroyed. Also, select query results generated by pre-November 29, 2015, queries of the bulk records that formed the basis of a dissemination in accordance with approved minimization procedures will not be destroyed.
 This practice does not differ from similar circumstances where, for example Court-authorized electronic surveillance and/or physical search authorities under Title I or III expire. While raw (unminimized) information is handled and destroyed in accordance with applicable minimization procedures, prior authorized disseminations and the material underpinning those disseminations are not recalled or otherwise destroyed.
It would appear that minimization, as far as the NSA is concerned, occurs at the point of handover from telcos. Records considered "minimized" by the FISA Court include those swept up by the agency's contact chaining, and these also will be compared to the "old" database for analytical purposes. As Marcy Wheeler explains, the dragnet isn't dead yet.
This means that everyone within two or three degrees of a target that the NSA has found interesting — potentially over the last decade — will remain available and subject to NSA’s analytical toys from here on out.
So, while some of the bulk metadata "ages off" at the five-year point, the NSA apparently considers "material" it has previously disseminated to other agencies or to its own analysts to be excluded from this time limit. How much data that involves is only known to the agency, which is being trusted to abide by the stipulations of the USA Freedom Act and destroy its Section 215 records once given the go-ahead from the FISA Court.
Sens. Tom Cotton (R-Ark.) and Angus King (I-Maine) on Thursday introduced a bill requiring telephone companies to notify the government if they plan on altering their policies for storing consumers’ phone data.
The new bill from King and Cotton would force companies to give the Justice Department at least 180 days notice if they plan to retain the call records for less than 18 months. The bill is called the Private Sector Call Record Retention Act.
“Our legislation would simply require that U.S. officials are provided with adequate warning if a company decides it no longer will hold these vital records, allowing time to ensure that we don’t lose a potentially valuable tool in the battle against terrorism,” King said in a statement.
This is Cotton's baby. After all, he's been trying to block the implementation of the USA Freedom Act's surveillance reforms since the terrorist attacks in Paris, after months of being a vocal opponent of the legislation.
Critics of the new process -- where the NSA takes its reasonable suspicion-supported court orders to telephone companies to obtain call data -- somehow believe these companies, which historically have been enthusiastic enablers of dragnet surveillance, will suddenly decide to start deleting records just to screw with the government.
Beyond the fact that telcos tend to be proactive in their "assistance" of intelligence and law enforcement agencies is the fact that these companies have never before expressed a desire to hastily delete phone records. They've held onto them for indefinite periods of time -- not out of deference to the NSA, FBI, et al, but because extended retention is obviously of some value to these companies. It makes no sense to assume they'll suddenly alter their retention tactics just because they no longer need to produce all phone records in rolling three-month blocks.
That's not the only ridiculous fear being voiced. The other asinine assertion is that the program is somehow integral to combating terrorism. Over the past couple of years, the debate has raged and supporters of the program have insisted the program has paid its debt to the Fourth Amendment several times over with all the terrorism it's stopped… all without presenting any evidence that backs these statements up.
This sort of legislation does nothing but impose additional government requirements on data retention. This is no different than what was (temporarily) put in place in the UK -- legislative demands for the onsite storage of records companies may not even need, simply because the government has decided it does. This isn't an idea our legislators should be emulating, but unsurprisingly, the stoutest supporters of domestic surveillance are using a terrorist attack in another country to make a play for expanded government power.
The U.S. government's ability to review and analyze five years' worth of telephone records for the married couple blamed in the deadly shootings in California lapsed just four days earlier when the National Security Agency's controversial mass surveillance program was formally shut down.
Under a court order, those historical calling records at the NSA are now off-limits to agents running the FBI terrorism investigation even with a warrant.
The post -- which runs for several hundred more misleading words -- was immediately attacked online by Marcy Wheeler and others who actually have been paying attention to the details surrounding the 215 program. Ted Bridis and the AP have covered these developments as well, but apparently felt it better to ignore previous knowledge in favor of spewing propaganda-ish ignorance.
[T]he real problem with this utterly erroneous article is that it suggests the “US government” can’t get any records from NSA, which in turn suggests the only records of interest the NSA might have came from the Section 215 dragnet, which is of course nonsense. Not only does the NSA get far more records than what they got under Section 215 — that dragnet was, according to Richard Clarke, just a fraction of what NSA got, and according to NSA’s training, it was significantly redundant with EO 12333 collection on international calls to the US, which the NSA can collect with fewer limits as to format and share more freely with the FBI — but there are plenty of other places where the FBI can get records.
So the AP didn’t mention all the ways FBI gets records on its own, and it didn’t mention the larger NSA EO 12333 bulk collection that NSA can share more freely with FBI.
But the article was useful for some very non-useful idiots. Presidential candidate Marco Rubio was one of the first to retweet the misleading article. Others like him are using this article as a way to push for a rollback of the recently-implemented reform.
The post would have us believe that the FBI won't be able to investigate this thoroughly or uncover future plots because it no longer has access to bulk phone records. This is completely untrue. It also would have us believe that the shutdown of the collection (as it were) will lead to further attacks in the future -- portraying one small (and ultimately expendable) part of the NSA's surveillance apparatus as an insurmountable loss to intelligence gathering.
Politicians with a domestic surveillance ax to grind are using this point to further their views. Rubio is only one of them. Tom Cotton, who tried to block the implementation of the USA Freedom Act, similarly seized the moment (and Ted Bridis' misleading article) to issue more bogus claims about the shutdown of Section 215.
On Wednesday two terrorists killed 14 innocent people and injured 21 in San Bernandino, California. The hours and days that follow an attack of this nature are critical to discovering its origins and thwarting other attacks. But the FBI has been forced to investigate this attack with one hand tied behind their back because our valuable NSA metadata program was shut down just days earlier.
"To put it simply: the deadliest terrorist attack in the United States since Fort Hood is now serving as the guinea pig in a giant experiment on our national security. It's a frightening and uncomfortable thought."
Once again, the narrative that the FBI has little to no access to phone records is pushed. As is pointed out in Wheeler's post, at the very minimum (if you believe everyone who has been completely wrong on this) the FBI has two years' worth of phone records it can look through, which covers the entire period the attackers were in the US. This may not cover Tashfeen Malik's overseas years, but then again, Section 215 was a domestic program. The NSA's many other surveillance programs would have gathered not just phone records, but internet history, email and other communications. That's if Malik was on its radar, which no one seems to have confirmed to be the case.
So, the FBI would be covered, even in the AP's metadatapocalypse scenario. Chances are, it has years and years of phone records to look through as it investigates this shooting. The NSA has already stated (in its latest FISA court appearance) that records of interest or previously disseminated (to the FBI, for example) will still be accessible by its analysts. Those records go back a minimum of five years. And other records not collected by the Section 215 program go back even further. Marcy Wheeler:
AP misstated how many years of records the FBI might be able to get, claiming it was just two, rather than 28 or more in the case of AT&T’s backbone, covering virtually the entire period during which the husband from the San Bernardino couple, Farook, presumably could speak.
Bridis' article so badly misstates the reality that it encourages theories about government intervention. Did someone nudge Bridis in this direction in hopes of turning public opinion against the recent 215 shutdown? It's hard to believe something this ridiculous would appear unbidden. But, on the other hand, there's no shortage of stupid out there while actual malice remains a far more limited commodity.
After Edward Snowden's revelations about the extent of spying being carried out around the world by the NSA and its Five Eyes friends, there have been a number of attempts in other countries to find out what has been going on. One of the most thoroughgoing of these is in Germany, where there is a major parliamentary inquiry into NSA activities in that country. As Techdirt reported back in May, a surprising piece of information to emerge from this is that Germany's secret service has been carrying out spying on behalf of the NSA, which sent across various "selectors" -- search terms -- that it wanted investigated in the German spies' surveillance databases.
The German Foreign Intelligence Services, supported by the government, tapped the German Internet Exchange Point Decix, the largest internet exchange point globally. While the G10 Commission had approved the blanket tapping, they were unaware that some of the tapped data were forwarded to the NSA, the US National Security Agency, based on a list of so-called "selectors" -- names or numbers the NSA sent to their German colleagues.
Understandably annoyed, the G10 Commission demanded to see a complete list of those selectors so that it could check what information had been passed to the NSA, and whether any laws had been broken. The German government said that it would not disclose them. After misleading the oversight body about who would have access to information obtained from the Decix tapping, the German government's refusal to provide the selectors adds insult to injury. So much so, that it has apparently driven the G10 Commission to take unprecedented action: hauling the German government before the country's constitutional court, which decides weighty matters of this kind.
Since this is uncharted territory -- the G10 Commission had to find out whether taking legal action against the government in this way was even possible -- nobody really knows what might come of the move. But at the very least, it's yet another indication of the seismic shifts that are still occurring throughout the world of surveillance as a result of Snowden's unprecedented leaks.
The NSA's frontmouth, the Office of the Director of National Intelligence, is burying news again. Not that it could help it. Normally, the ODNI likes to do its document dumps (most often consisting of documents ordered out of its hands by federal judges presiding over FOIA lawsuits) on Friday afternoons or shortly before a holiday to buy itself some response time before dealing with journalists and Congressional committees.
In this case, it delivered its latest news on Black Friday, while most of America was either out shopping or covering the story of Americans shopping for the local newsjobber. The timing would be suspect if it weren't for the fact that the NSA's bulk phone metadata program ended (at least in this form) at 11:59 PM Saturday night.
On June 2, 2015, Congress passed and the President signed the USA FREEDOM Act of 2015. The Act reauthorized several important national security authorities; banned bulk collection under Section 215 of the USA PATRIOT Act, under the pen register and trap and trace provisions found in Title IV of Foreign Intelligence Surveillance Act (FISA), or pursuant to National Security Letters; adopted the new legal mechanism proposed by the President regarding the targeted production of telephony metadata; made significant modifications to proceedings before the FISC; and built on the U.S. Government’s unprecedented transparency about intelligence activities. With respect to the new mechanism for the targeted production of telephony metadata, to allow sufficient time to implement a new system while at the same time avoiding any lapse in a national security program, the USA FREEDOM Act provided for a 180-day transition period during which the existing NSA bulk telephony metadata program may continue.
The six months are up and so is the NSA's Section 215 collection. While this means phone records will be held where they've always been held (phone companies) and the NSA must now approach providers with FISA court orders, this does not mean the NSA will no longer be collecting phone records in bulk. It just means it won't be doing this under those particular authorities (Section 215, PR/TT provisions, NSLs). It still has plenty of options.
For one, it appears to have access to more records than it used to under Section 215. From the fact sheet:
[T]he overall volume of call detail records subject to query pursuant to court order is greater under USA FREEDOM Act.
This could mean the new method (approaching phone companies directly) may give the NSA access to records it couldn't obtain under Section 215, like additional cell phone records or other communications methods like VOIP. In other words, the requests will be more targeted but capable of obtaining a greater variety of records responsive to the court-approved identifiers.
As I've said before, I suspect the NSA was willing to let Section 215 provide bus traction for the administration's minimal surveillance reform efforts. As long as everyone kept worrying about the bulk phone metadata (subject of multiple lawsuits that are now basically moot as far as the courts are concerned), the NSA would be able to keep its multiple other, more intrusive programs intact. As Marcy Wheeler notes, this program may be dead, but it doesn't mark the end of the NSA's bulk phone records collection.
Just a tiny corner of the phone dragnet will shut down, and the government will continue to collect “telephony metadata records in bulk … including records of both U.S. and non-U.S. persons” under EO 12333. Hypothetically, for every single international call that had been picked up under the Section 215 dragnet and more (at a minimum, because NSA collects phone records overseas with location information), a matching record has been and will continue to be collected overseas, under EO 12333.
They’re still collecting your phone records in bulk, not to mention collecting a great deal of your Internet records in bulk as well.
The DNI himself, James Clapper, threw his weight behind reforming this high-profile but ultimately minimal part of the NSA's dragnet. That should have been indication enough that killing off the Section 215 program wouldn't severely limit the NSA's surveillance options, despite the occasional bit of FUD directed at legislators (or parroted by them).
from the NSA!-NSA!-NSA!-NSA!-[performs-'Wave'-by-himself] dept
Once upon a time, a DC district court judge found the NSA's bulk phone metadata collection to be a violation of the Fourth Amendment. Wailing, gnashing of teeth and a round of appeals ensued.
Nearly two years later, this judge (Richard Leon) reiterated his position after the appeals court overturned his decision. Judge Leon again issued an injunction preventing the NSA from collecting the phone records of two of the plaintiffs. This too was almost immediately stayed following the government's swift appeal.
One of the plaintiffs not included in Leon's injunction was Larry Klayman. Klayman petitioned the appeals court for an en banc rehearing of its decision to stay Leon's order. The court has turned him down. But rather than simply turn Klayman down with a single paragraph noting the denial of his request, Judge Brett Kavanaugh took it upon himself to pen a full-throated defense of the NSA's bulk metadata collection.
I vote to deny plaintiffs’ emergency petition for rehearing en banc. I do so because, in my view, the Government’s metadata collection program is entirely consistent with the Fourth Amendment. Therefore, plaintiffs cannot show a likelihood of success on the merits of their claim, and this Court was right to stay the District Court’s injunction against the Government’s program.
The Government’s collection of telephony metadata from a third party such as a telecommunications service provider is not considered a search under the Fourth Amendment, at least under the Supreme Court’s decision in Smith v. Maryland, 442 U.S. 735 (1979). That precedent remains binding on lower courts in our hierarchical system of absolute vertical stare decisis.
Even if the bulk collection of telephony metadata constitutes a search, cf. United States v. Jones, 132 S. Ct. 945, 954-57 (2012) (Sotomayor, J., concurring), the Fourth Amendment does not bar all searches and seizures. It bars only unreasonable searches and seizures. And the Government’s metadata collection program readily qualifies as reasonable under the Supreme Court’s case law. The Fourth Amendment allows governmental searches and seizures without individualized suspicion when the Government demonstrates a sufficient “special need” – that is, a need beyond the normal need for law enforcement – that outweighs the intrusion on individual liberty. [...] The Government’s program for bulk collection of telephony metadata serves a critically important special need – preventing terrorist attacks on the United States. See THE 9/11 COMMISSION REPORT (2004). In my view, that critical national security need outweighs the impact on privacy occasioned by this program. The Government’s program does not capture the content of communications, but rather the time and duration of calls, and the numbers called. In short, the Government’s program fits comfortably within the Supreme Court precedents applying the special needs doctrine.
Kavanaugh makes these assertions about "special needs" and claims the government's metadata program is instrumental in preventing terrorist attacks, despite no intelligence official ever having presented evidence that supports this assertion.
While it isn't unusual to see judges align themselves with the government's "special needs" in cases where counterterrorism efforts are implicated, it's a bit strange to see a judge step up, unbidden, to tell a plaintiff that, in no uncertain terms, as long as he's wearing the robe, no one's going to be questioning the constitutionality of the NSA's national security efforts.
But why would Kavanaugh feel so compelled to defend dragnet surveillance efforts, especially one that's becoming much less of a dragnet in the near future? Marcy Wheeler has the answer:
Kavanaugh, of course, served as a White House lawyer and as Staff Secretary during the period when George Bush kept self-authorizing such a dragnet.
[A]s people cite from this language in the future, they should remember that of all the judges who reviewed this decision, only Kavanaugh had this kind of personal tie to the dragnet. And only Kavanaugh saw fit to weigh in.
Klayman, along with other plaintiffs and Judge Richard Leon, have questioned the asserted "cuteness" of Kavanaugh's baby. And Kavanaugh apparently is not about to let that slide. So, we get an en banc denial with several paragraphs of Kavanaugh's surveillance state boosterism needlessly attached.
While that particular secret program stopped, newly disclosed documents show that the N.S.A. had found a way to create a functional equivalent. The shift has permitted the agency to continue analyzing social links revealed by Americans’ email patterns, but without collecting the data in bulk from American telecommunications companies — and with less oversight by the Foreign Intelligence Surveillance Court.
The new document is an Inspector General's report detailing the NSA's failure to follow the restrictions laid down by FISC Judge John Bates in his October 3, 2011 opinion. Bates felt the collection of US persons' email content in this fashion amounted to an illegal wiretap. This would be the same collection the NSA defended (before it was given more power to collect domestic data without a warrant by the 2008 FISA Amendments Act) in the FISA court by claiming an email address was the same thing as a "facility," because email addresses "facilitate" communications.
So, the reassurances -- offered in response to the Snowden leaks -- that the program had been shut down are essentially meaningless. The NSA halted a particular collection method, but did not halt the collection of domestic emails.
The report explained that there were two other legal ways to get such data. One was the collection of bulk data that had been gathered in other countries, where the N.S.A.’s activities are largely not subject to regulation by the Foreign Intelligence Surveillance Act and oversight by the intelligence court. Because of the way the Internet operates, domestic data is often found on fiber optic cables abroad.
Given the length of the redacted date (it is one character longer than “9 December 2011”), we can say with some confidence that Keith Alexander approved the end and destruction of the dragnet between November 10 and 30 — during the same period the government was considering appealing Bates’ ruling, close to the day — November 22 — NSA submitted a motion arguing that Section 1809(a)(2)’s wiretapping rules don’t apply to it, and the day, a week later, it told John Bates it could not segregate the pre-October 31 dragnet data from post October 31 dragnet data.
Think how busy a time this already was for the legal and tech people, given the scramble to keep upstream 702 approved! And yet, at precisely the same time, they decided they should nuke the dragnet, and nuke it immediately, before the existing dragnet order expired, creating another headache for the legal and tech people. My apologies to the people who missed Thanksgiving dinner in 2011 dealing with both these headaches at once.
Not only did NSA nuke the dragnet, but they did it quickly. As I said, it appears Alexander approved nuking it November 10 or later. By December 9, it was gone.
As she goes on to detail, the program the Inspector General was looking for was indeed gone. But the collection itself wasn't. As far as the IG could tell, the NSA was mostly in compliance. The IG's report, however, notes its powers to assess the collection, storage and access to email data and content are very limited. As Wheeler puts it, the NSA "ate" its homework before the IG had a chance to assess its compliance.
As to the the intake side,those folks started destroying the dragnet before the IG could come by and check their before status:
"However, S3 had completed its purge before we had the opportunity to observe. As a result we were able to review the [data acquisition database] purge procedures only for reasonableness; we were not able to do the before and after comparisons that we did for the TD systems and databases disclosed to us."
Poof! All gone, before the IG can even come over and take a look at what they actually had.
Importantly, the IG stresses that his team doesn’t have a way of proving the dragnet isn’t hidden somewhere in NSA’s servers.
"It is important to note that we lack the necessary system accesses and technical resources to search NSA’s networks to independently verify that only the disclosed repositories stored PR/TT metadata."
The Inspector General's office appears to have been steered to its conclusion by the NSA, which dumped the data from the places it expected the IG to look ("disclosed repositories") and utilized a new collection method that wasn't subject to FISA court restrictions or nearly as much IG oversight.
So, the NSA's statements about shutting down the email program in 2011 are technically correct. It was shut down. The NSA, however, simply chose to siphon as much domestic data from its overseas collections as possible to ensure it never really had to end its warrantless collection of US persons' emails.
Current and former government officials have been pointing to the terror attacks in Paris as justification for mass surveillance programs. CIA Director John Brennan accused privacy advocates of "hand-wringing" that has made "our ability collectively internationally to find these terrorists much more challenging." Former National Security Agency and CIA director Michael Hayden said, "In the wake of Paris, a big stack of metadata doesn't seem to be the scariest thing in the room."
Ultimately, it's impossible to know just how successful sweeping surveillance has been, since much of the work is secret. But what has been disclosed so far suggests the programs have been of limited value. Here's a roundup of what we know.
An internal review of the Bush administration's warrantless program – called Stellarwind – found it resulted in few useful leads from 2001–2004, and none after that. New York Times reporter Charlie Savage obtained the findings through a Freedom of Information Act lawsuit and published them in his new book, Power Wars: Inside Obama's Post–9/11 Presidency:
[The FBI general counsel] defined as useful those [leads] that made a substantive contribution to identifying a terrorist, or identifying a potential confidential informant. Just 1.2 percent of them fit that category. In 2006, she conducted a comprehensive study of all the leads generated from the content basket of Stellarwind between March 2004 and January 2006 and discovered that zero of those had been useful.
In an end note, Savage then added:
The program was generating numerous tips to the FBI about suspicious phone numbers and e-mail addresses, and it was the job of the FBI field offices to pursue those leads and scrutinize the people behind them. (The tips were so frequent and such a waste of time that the field offices reported back, in frustration, "You're sending us garbage.")
In 2014, the President's Review Group on Intelligence and Communications Technologies analyzed terrorism cases from 2001 on, and determined that the NSA's bulk collection of phone records "was not essential to preventing attacks." According to the group's report,
In at least 48 instances, traditional surveillance warrants obtained from the Foreign Intelligence Surveillance Court were used to obtain evidence through intercepts of phone calls and e-mails, said the researchers, whose results are in an online database.
More than half of the cases were initiated as a result of traditional investigative tools. The most common was a community or family tip to the authorities. Other methods included the use of informants, a suspicious-activity report filed by a business or community member to the FBI, or information turned up in investigations of non-terrorism cases.
Another 2014 report by the nonprofit New America Foundation echoed those conclusions. It described the government claims about the success of surveillance programs in the wake of the 9/11 attacks as "overblown and even misleading."
An in-depth analysis of 225 individuals recruited by al-Qaeda or a like-minded group or inspired by al-Qaeda's ideology, and charged in the United States with an act of terrorism since 9/11, demonstrates that traditional investigative methods, such as the use of informants, tips from local communities, and targeted intelligence operations, provided the initial impetus for investigations in the majority of cases, while the contribution of NSA's bulk surveillance programs to these cases was minimal.
Edward Snowden's leaks about the scope of the NSA's surveillance system in the summer of 2013 put government officials on the defensive. Many politicians and media outlets echoed the agency's claim that it had successfully thwarted more than 50 terror attacks. ProPublica examined the claim and found "no evidence that the oft-cited figure is accurate."
It's impossible to assess the role NSA surveillance played in the 54 cases because, while the agency has provided a full list to Congress, it remains classified.
The NSA has publicly discussed four cases, and just one in which surveillance made a significant difference. That case involved a San Diego taxi driver named Basaaly Moalin, who sent $8,500 to the Somali terrorist group al-Shabab. But even the details of that case are murky. From the Washington Post:
In 2009, an FBI field intelligence group assessed that Moalin's support for al-Shabab was not ideological. Rather, according to an FBI document provided to his defense team, Moalin probably sent money to an al-Shabab leader out of "tribal affiliation" and to "promote his own status" with tribal elders.
Also in the months after the Snowden revelations, the Justice Department said publicly that it had used warrantless wiretapping to gather evidence in a criminal case against another terrorist sympathizer, which fueled ongoing debates over the constitutionality of those methods. From the New York Times:
Prosecutors filed such a notice late Friday in the case of Jamshid Muhtorov, who was charged in Colorado in January 2012 with providing material support to the Islamic Jihad Union, a designated terrorist organization based in Uzbekistan.
Mr. Muhtorov is accused of planning to travel abroad to join the militants and has pleaded not guilty. A criminal complaint against him showed that much of the government's case was based on intercepted e-mails and phone calls.
Local police departments have also acknowledged the limitations of mass surveillance, as Boston Police Commissioner Ed Davis did after the Boston Marathon bombings in 2013. Federal authorities had received Russian intelligence reports about bomber Tamerlan Tsarnaev, but had not shared this information with authorities in Massachusetts or Boston. During a House Homeland Security Committee hearing, Davis said,
"There's no computer that's going to spit out a terrorist's name. It's the community being involved in the conversation and being appropriately open to communicating with law enforcement when something awry is identified. That really needs to happen and should be our first step."
Republished from ProPublica.
ProPublica is a Pulitzer Prize-winning investigative newsroom. Sign up for their newsletter.
I happen to be in Washington DC this week for some events and meetings -- and it's a... ridiculous week to be here, apparently (of course, that could be true of just about any week here). Earlier this week, we noted the pathological ridiculousness of surveillance state apologists like former NSA top lawyer Stewart Baker arguing that the Paris attacks are evidence for why the NSA should not roll back its Section 215 collection. The 215 collection is, of course, the completely unconstitutional (as declared by both an appeals court and the White House's own civil liberties board) program by which the NSA slurped up basically all phone records, claiming that Section 215 of the PATRIOT Act allowed this.
Of course, the primary sponsor of the PATRIOT Act, Rep. Jim Sensenbrenner, has flat out said that Section 215 was written to prevent that kind of mass surveillance, not to enable it. And so, earlier this year, Congress finally pushed through the USA Freedom Act, which was far from perfect, but still did put an end to the Section 215 collection as it stands (while still leaving open ways for the NSA to effectively get the same data). There was a six-month "transition period" which is about to close, meaning that we're officially mere days away from ending the specific 215 bulk collection.
Or, maybe not. As Baker hinted at, the surveillance state apologists are gleefully exploiting the Paris attacks to try to claw back this very, very minor victory against mass surveillance. Senator Tom Cotton quickly rushed out a bill to "postpone" indefinitely the transition away from the 215 program, because of the Paris attacks.
"The terrorist attacks in Paris last week are a terrible reminder of the threats we face every day. And it made clear that the President’s empty policy of tough talk and little action isn’t working against ISIS. Regrettably, these policy follies also extend to the Intelligence Community, whose hands were tied by the passage of the USA FREEDOM ACT. This legislation, along with President Obama’s unilateral actions to restrict the Intelligence Community’s ability to track terrorist communications, takes us from a constitutional, legal, and proven NSA collection architecture to an untested, hypothetical one that will be less effective. And this transition will occur less than two weeks from today, at a time when our threat level is incredibly high.
"If we take anything from the Paris attacks, it should be that vigilance and safety go hand-in-hand. Now is not the time to sacrifice our national security for political talking points. We should allow the Intelligence Community to do their job and provide them with the tools they need to keep us safe. Passing the Liberty Through Strength Act will empower the NSA to uncover threats against the United States and our allies, help keep terrorists out of the United States, and track down those responsible in the wake of the Paris terrorist attacks."
Almost everything in Cotton's statement is a lie. First of all, the FREEDOM Act hasn't even gone into effect yet, so even if it did "tie the hands" of the intelligence community, it had not done so yet. Second, the program has been declared unconstitutional by multiple courts and the administration's own review board. For him to call it constitutional suggests he has no problem flat out lying. Also the idea that it's "proven"? Need we remind you of two facts? (1) To date, the Section 215 program has never -- not even once -- been shown to have been useful in stopping a terrorist attack. (2) It clearly didn't make a difference in dealing with the Paris attacks (and, again, notably the US has even greater surveillance powers overseas, as do the French). So to claim that this one unconstitutional and proven useless program is necessary is just... weird.
Sensenbrenner was at an event I attended last evening and said that he didn't think Cotton's ridiculous bill had much of a chance, but did note that it was hardly the end of surveillance state apologists from trying to expand unconstitutional surveillance powers. Cotton's is just the first attempt, but expect there to be many more.