So, the NSA Broke the Law

A lot. Let us count the violations:

The documents, provided earlier this summer to The Washington Post by former NSA contractor Edward Snowden, include a level of detail and analysis that is not routinely shared with Congress or the special court that oversees surveillance. In one of the documents, agency personnel are instructed to remove details and substitute more generic language in reports to the Justice Department and the Office of the Director of National Intelligence.

In one instance, the NSA decided that it need not report the unintended surveillance of Americans. A notable example in 2008 was the interception of a “large number” of calls placed from Washington when a programming error confused the U.S. area code 202 for 20, the international dialing code for Egypt, according to a “quality assurance” review that was not distributed to the NSA’s oversight staff.

In another case, the Foreign Intelligence Surveillance Court, which has authority over some NSA operations, did not learn about a new collection method until it had been in operation for many months. The court ruled it unconstitutional.

The Obama administration has provided almost no public information about the NSA’s compliance record. In June, after promising to explain the NSA’s record in “as transparent a way as we possibly can,” Deputy Attorney General James Cole described extensive safeguards and oversight that keep the agency in check. “Every now and then, there may be a mistake,” Cole said in congressional testimony.

To be sure, as the Post report points out, most of the violations were unintended, and the percentage of violations was quite small, given the vast amount of activity that the NSA engages in. But that hardly obviates one's concerns. And some of the violations are quite serious, consisting, as they do, of "unauthorized access to intercepted communications, the distribution of protected content and the use of automated systems without built-in safeguards to prevent unlawful surveillance." Additionally,

[i]n what appears to be one of the most serious violations, the NSA diverted large volumes of international data passing through fiber-optic cables in the United States into a repository where the material could be stored temporarily for processing and selection.

The operation to obtain what the agency called “multiple communications transactions” collected and commingled U.S. and foreign e-mails, according to an article in SSO News, a top-secret internal newsletter of the NSA’s Special Source Operations unit. NSA lawyers told the court that the agency could not practicably filter out the communications of Americans.

In October 2011, months after the program got underway, the Foreign Intelligence Surveillance Court ruled that the collection effort was unconstitutional. The court said that the methods used were “deficient on statutory and constitutional grounds,” according to a top-secret summary of the opinion, and it ordered the NSA to comply with standard privacy protections or stop the program.

James R. Clapper Jr., the director of national intelligence, has acknowledged that the court found the NSA in breach of the Fourth Amendment, which prohibits unreasonable searches and seizures, but the Obama administration has fought a Freedom of Information lawsuit that seeks the opinion.

The mind reels. How any of this activity helps protect the country and makes Americans feel safer and more secure is left almost entirely to the imagination, especially given the NSA's efforts to circumvent FISA Amendment Act audits that are designed to keep the program honest.

Of course, you should read the whole report. But doing so may depress you tremendously. You have been warned.

Behold, the Apocalypse Is Upon Us

I actually agree with Jeffrey Toobin on whether Edward Snowden is a hero. Therefore, we must be doomed. The asteroid will hit at any moment:

Edward Snowden, a twenty-nine-year-old former C.I.A. employee and current government contractor, has leaked news of National Security Agency programs that collect vast amounts of information about the telephone calls made by millions of Americans, as well as e-mails and other files of foreign targets and their American connections. For this, some, including my colleague John Cassidy, are hailing him as a hero and a whistle-blower. He is neither. He is, rather, a grandiose narcissist who deserves to be in prison.

Snowden provided information to the Washington 
Post and the Guardian, which also posted a video interview with him. In it, he describes himself as appalled by the government he served:

The N.S.A. has built an infrastructure that allows it to intercept almost everything. With this capability, the vast majority of human communications are automatically ingested without targeting. If I wanted to see your e-mails or your wife’s phone, all I have to do is use intercepts. I can get your e-mails, passwords, phone records, credit cards.

I don’t want to live in a society that does these sort of things… I do not want to live in a world where everything I do and say is recorded. That is not something I am willing to support or live under.

What, one wonders, did Snowden think the N.S.A. did? Any marginally attentive citizen, much less N.S.A. employee or contractor, knows that the entire mission of the agency is to intercept electronic communications. Perhaps he thought that the N.S.A. operated only outside the United States; in that case, he hadn’t been paying very close attention. In any event, Snowden decided that he does not “want to live in a society” that intercepts private communications. His latter-day conversion is dubious.

This is . . . actually very well put. While I am open to the possibility that the monitoring of Verizon phone calls and the PRISM program might have been necessary in order to prevent future terrorist attacks, I am uncomfortable with these programs. Very uncomfortable, in fact. That having been written, I am also uncomfortable with vigilantes inside the United States government deciding what will and will not be kept secret. Yes, I am aware of the fact that without Snowden, we might never have known about these programs, or that we may have had to learn about them from another leaker, and obviously, I struggle with the irony of decrying a leak that informed me of a government program I don't particularly like and would like to see come to an end if at all possible. But I will be the first to admit that the United States government needs to be able to keep some secrets in order to be able to do its job, and that people like Edward Snowden make it very difficult for the United States government to carry out its legitimate functions, even as they may shine a spotlight on a disturbing government activity. 

I am not as disturbed about agreeing with David Brooks, who also makes some very good points about Snowden:

For society to function well, there have to be basic levels of trust and cooperation, a respect for institutions and deference to common procedures. By deciding to unilaterally leak secret N.S.A. documents, Snowden has betrayed all of these things.

He betrayed honesty and integrity, the foundation of all cooperative activity. He made explicit and implicit oaths to respect the secrecy of the information with which he was entrusted. He betrayed his oaths.

He betrayed his friends. Anybody who worked with him will be suspect. Young people in positions like that will no longer be trusted with responsibility for fear that they will turn into another Snowden.

He betrayed his employers. Booz Allen and the C.I.A. took a high-school dropout and offered him positions with lavish salaries. He is violating the honor codes of all those who enabled him to rise.

He betrayed the cause of open government. Every time there is a leak like this, the powers that be close the circle of trust a little tighter. They limit debate a little more.

He betrayed the privacy of us all. If federal security agencies can’t do vast data sweeps, they will inevitably revert to the older, more intrusive eavesdropping methods.

He betrayed the Constitution. The founders did not create the United States so that some solitary 29-year-old could make unilateral decisions about what should be exposed. Snowden self-indulgently short-circuited the democratic structures of accountability, putting his own preferences above everything else.

Brooks appears to be much less disturbed about these government programs than I am. But that doesn't make his objections to Snowden's behavior any less valid.

So. We're Being Spied On.

I am late to the party when it comes to discussing the revelations regarding the National Security Agency's domestic spying program, but I want to make sure that I put out my comment for the record. First, some basics regarding the monitoring of Verizon phone calls

The National Security Agency has been collecting the telephone records of millions of U.S. customers of Verizon under a top secret court order, according to a report in Britain's Guardian newspaper.

The order was granted by the secret Foreign Intelligence Surveillance Court on April 25 and is good until July 19, the newspaper reported Wednesday. The order requires Verizon, one of the nation's largest telecommunications companies, on an "ongoing, daily basis" to give the NSA information on all telephone calls in its systems, both within the U.S. and between the U.S. and other countries.

The newspaper said the document, a copy of which it had obtained, shows for the first time that under the Obama administration the communication records of millions of U.S. citizens were being collected indiscriminately and in bulk, regardless of whether they were suspected of any wrongdoing.

The Associated Press could not authenticate the order because documents from the court are classified.

Verizon spokesman Ed McFadden said Wednesday the company had no comment. The White House declined comment and referred questions to the NSA. The NSA had no immediate comment.

It is important to note that this program was designed to target Americans, not foreigners:

The National Security Agency has long justified its spying powers by arguing that its charter allows surveillance on those outside of the United States, while avoiding intrusions into the private communications of American citizens. But the latest revelation of the extent of the NSA’s surveillance shows that it has focused specifically on Americans, to the degree that its data collection has in at least one major spying incident explicitly excluded those outside the United States.

In a top secret order obtained by the Guardian newspaper and published Wednesday evening, the FBI on the NSA’s behalf demanded that Verizon turn over all metadata for phone records originating in the United States for the three months beginning in late April and ending on the 19th of July. That metadata includes all so-called “non-content” data for millions of American customers’ phone calls, such as the subscriber data, recipients, locations, times and durations of every call made during that period.

Aside from the sheer scope of that surveillance order, reminiscent of the warrantless wiretapping scandal under the Bush administration, the other shocking aspect of the order its target: The order specifically states that only data regarding calls originating in America are to be handed over, not those between foreigners.

“It is hereby ordered that [Verizon Business Network Services'] Custodian of Records shall produce to the National Security Agency…all call detail records or ‘telephony metadata’ created by Verizon for communications (i) between the United States and abroad; or (ii) wholly within the United States, including local telephone calls,” the Guardian’s copy of the order reads. “This Order does not require Verizon to include telephony metadata for communications wholly originating and terminating in foreign countries.”

Though the classified, top secret order comes from the FBI, it clearly states that the data is to be given to the NSA. That means the leaked document may serve as one of the first concrete pieces of evidence that the NSA’s spying goes beyond foreigners to include Americans, despite its charter specifically disallowing surveillance of those within the United States.

Naturally, the Electronic Frontier Foundation is outraged:

Today, the Guardian newspaper confirmed what EFF (and many others) have long claimed: the NSA is conducting widespread, untargeted, domestic surveillance on millions of Americans. This revelation should end, once and for all, the government's long-discredited secrecy claims about its dragnet domestic surveillance programs. It should spur Congress and the American people to make the President finally tell the truth about the government's spying on innocent Americans. 

In a report by Glenn Greenwald, the paper published 
an order from the Foreign Intelligence Surveillance Court (or FISC) that directs Verizon to provide “on an ongoing daily basis” all call records for any call “wholly within the United States, including local telephone calls” and any call made “between the United States and abroad.”

In plain language: the order gave the NSA a record of 
every Verizon customer’s call history -- every call made, the location of the phone, the time of the call, the duration of the call, and other “identifying information” for the phone and call -- from April 25, 2013 (the date the order was issued) to July 19, 2013.  The order does not require content or the name of any subscriber and is issued under 50 USC sec.1861, also known as section 215 of the Patriot Act.

There is no indication that this order to Verizon was unique or novel. It is very likely that business records orders like this exist for every major American telecommunication company, meaning that, if you make calls in the United States, the NSA has those records. And this has been going on 
for at least 7 years, and probably longer.

More on this issue from the New York Times. Within short order, we realized that there was even more to this story than the monitoring of Verizon calls:

The National Security Agency has obtained direct access to the systems of Google, Facebook, Apple and other US internet giants, according to a top secret document obtained by the Guardian.

The NSA access is part of a previously undisclosed program called Prism, which allows officials to collect material including search history, the content of emails, file transfers and live chats, the document says.
The Guardian has verified the authenticity of the document, a 41-slide PowerPoint presentation – classified as top secret with no distribution to foreign allies – which was apparently used to train intelligence operatives on the capabilities of the program. The document claims "collection directly from the servers" of major US service providers.

Although the presentation claims the program is run with the assistance of the companies, all those who responded to a Guardian request for comment on Thursday denied knowledge of any such program.

In a statement, Google said: "Google cares deeply about the security of our users' data. We disclose user data to government in accordance with the law, and we review all such requests carefully. From time to time, people allege that we have created a government 'back door' into our systems, but Google does not have a back door for the government to access private user data."

Several senior tech executives insisted that they had no knowledge of Prism or of any similar scheme. They said they would never have been involved in such a program. "If they are doing this, they are doing it without our knowledge," one said.

An Apple spokesman said it had "never heard" of Prism.

I have had my differences with Glenn Greenwald in the past, and I doubtless will have more differences with him in the future, but credit where it is due; this is a big scoop. Perhaps if Greenwald chooses not to occupy himself so much with the writing of blog porn for anti-Semites, he might be able to provide us with more such big scoops, but that is another subject for another time, I suppose. More on PRISM from the Washington Post:

The National Security Agency and the FBI are tapping directly into the central servers of nine leading U.S. Internet companies, extracting audio and video chats, photographs, e-mails, documents, and connection logs that enable analysts to track foreign targets, according to a top-secret document obtained by The Washington Post.

The program, code-named PRISM, has not been made public until now. It may be the first of its kind. The NSA prides itself on stealing secrets and breaking codes, and it is accustomed to corporate partnerships that help it divert data traffic or sidestep barriers. But there has never been a Google or Facebook before, and it is unlikely that there are richer troves of valuable intelligence than the ones in Silicon Valley.

Equally unusual is the way the NSA extracts what it wants, according to the document: “Collection directly from the servers of these U.S. Service Providers: Microsoft, Yahoo, Google, Facebook, PalTalk, AOL, Skype, YouTube, Apple.”

London’s Guardian newspaper reported Friday that GCHQ, Britain’s equivalent of the NSA, also has been secretly gathering intelligence from the same internet companies through an operation set up by the NSA.

According to documents obtained by The Guardian, PRISM would appear to allow GCHQ to circumvent the formal legal process required in Britain to seek personal material such as emails, photos and videos from an internet company based outside of the country.

PRISM was launched from the ashes of President George W. Bush’s secret program of warrantless domestic surveillance in 2007, after news media disclosures, lawsuits and the Foreign Intelligence Surveillance Court forced the president to look for new authority.

It is worth noting some of the reaction to all of this. Ron Fournier is outraged. Andrew Kaczynski points out some hypocrisy on the part of the president of the United States regarding this general issue. And even the editorial board of the New York Times is irate with Barack Obama (though it has found a way to tone down its outrage:

Within hours of the disclosure that federal authorities routinely collect data on phone calls Americans make, regardless of whether they have any bearing on a counterterrorism investigation, the Obama administration issued the same platitude it has offered every time President Obama has been caught overreaching in the use of his powers: Terrorists are a real menace and you should just trust us to deal with them because we have internal mechanisms (that we are not going to tell you about) to make sure we do not violate your rights.

Those reassurances have never been persuasive — whether on secret warrants to scoop up a news agency’s phone records or secret orders to kill an American suspected of terrorism — especially coming from a president who once promised transparency and accountability.

The administration has now lost all credibility on this issue. Mr. Obama is proving the truism that the executive branch will use any power it is given and very likely abuse it. That is one reason we have long argued that the Patriot Act, enacted in the heat of fear after the Sept. 11, 2001, attacks by members of Congress who mostly had not even read it, was reckless in its assignment of unnecessary and overbroad surveillance powers.

The president informs us that if we cannot trust government, we are going to have some problems, which I suppose means that we officially have some problems. I mean, I imagine that we are going to have a lot of people who have problems with this:

The National Security Agency's warrant for metadata on every single Verizon call for three months is jaw-dropping in its scope. Except, well, the NSA's surveillance of our communications is most likely much, much bigger than that. Technology has made it possible for the American government to spy on citizens to an extent East Germany could only dream of. Basically everything we say that can be traced digitally is being collected by the NSA. We're supposed to trust that our government will be much better behaved, but they're not, and the White House almost admits it. That doesn't mean they're admitting everything.

"On its face, the document suggests that the U.S. government regularly collects and stores all domestic telephone records," 
The Week's Marc Ambinder writes of Glenn Greenwald's scoop last night. "My own understanding is that the NSA routinely collects millions of domestic-to-domestic phone records. It does not do anything with them unless there is a need to search through them for lawful purposes." Previous reporting from many outlets suggests that's true. In 2006, USA Today's Leslie Cauley reported the NSA was secretly collecting call records with data from AT&T, Verizon, and BellSouth. A source told Cauley, "It's the largest database ever assembled in the world" and that the NSA wanted "to create a database of every call ever made" within U.S. territory. Likewise, in 2011, The New Yorker's Jane Mayer spoke to former NSA crypto-mathematician Bill Binney, who "believes that the agency now stores copies of all e-mails transmitted in America, in case the government wants to retrieve the details later." He thinks the NSA wants all emails to be searchable, the same way we search with Google. "The agency reportedly has the capacity to intercept and download, every six hours, electronic communications equivalent to the contents of the Library of Congress," Mayer said. As Mark Rumold, a staff attorney at the Electronic Frontier Foundation, told The Atlantic Wire last night, "This is confirmation of what we've long feared, that the NSA has been tracking the calling patterns of the entire country." Update: In defending the program, California Sen. Dianne Feinstein seems to indicate that the court order is a regular, quarterly thing. "There is nothing new in this program. The fact of the matter is, that this was a routine three-month approval under seal that was leaked," Feinstein said on Thursday.

And the NSA isn't just collecting the things we say. It's also tracking what we buy and where we go. In 2008,
The Wall Street Journal's Siobhan Gorman reported that the NSA's domestic data collection "have evolved to reach more broadly into data about people's communications, travel and finances in the U.S. than the domestic surveillance programs brought to light since the 2001 terrorist attacks." That means emails records, bank transfers, phone records, travel records.

And this:

U.S. border agents should continue to be allowed to search a traveler’s laptop, cellphone or other electronic device and keep copies of any data on them based on no more than a hunch, according to an internal Homeland Security Department study. It contends limiting such searches would prevent the U.S. from detecting child pornographers or terrorists and expose the government to lawsuits.

The 23-page report, obtained by The Associated Press and the American Civil Liberties Union under the U.S. Freedom of Information Act, provides a rare glimpse of the Obama administration’s thinking on the long-standing but controversial practice of border agents and immigration officers searching and in some cases holding for weeks or months the digital devices of anyone trying to enter the U.S.

Since his election, President Barack Obama has taken an expansive view of legal authorities in the name of national security, asserting that he can order the deaths of U.S. citizens abroad who are suspected of terrorism without involvement by courts, investigate reporters as criminals and — in this case — read and copy the contents of computers carried by U.S. travelers without a good reason to suspect wrongdoing.

And this

The National Security Agency has at times mistakenly intercepted the private email messages and phone calls of Americans who had no link to terrorism, requiring Justice Department officials to report the errors to a secret national security court and destroy the data, according to two former U.S. intelligence officials.

At least some of the phone calls and emails were pulled from among the hundreds of millions stored by telecommunications companies as part of an NSA surveillance program. James Clapper, the director of national intelligence, Thursday night 
publicly acknowledged what he called “a sensitive intelligence collection program” after its existence was disclosed by the Guardian newspaper.

Ret. Adm. Dennis Blair, who served as President Obama’s DNI in 2009 and 2010, told NBC News that, in one instance in 2009, analysts entered a phone number into agency computers and “put one digit wrong,” and mined a large volume of information about Americans with no connection to terror. The matter was reported to the Foreign Intelligence Surveillance Court, whose judges required that all the data be destroyed, he said.

Another former senior official, who asked not to be identified, confirmed Blair’s recollection and said the incident created serious problems for the Justice Department, which represents the NSA before the federal judges on the secret court.

The judges “were really upset about this,” said the former official. As a result, Attorney General Eric Holder pledged to the judges that the intelligence agencies would take steps to correct the problem as a condition of renewing the NSA’s surveillance program. 

I imagine that President Obama will respond to these objections by saying that they are part of a broader discussion, and that discussion is "a sign of maturity because probably five years ago, six years ago we might not have been having this debate." As though we weren't fiercely arguing about the balance between security and liberty back in the Bush administration. Does this president believe that we don't have Google? Or memories? Incidentally, be sure to read on how this president has changed his tune when it comes to the issue of surveillance.

There are claims that the spying program has foiled attacks on New York city subways, but those claims are contradicted  by "British and American legal documents." The administration claims that Congress has been briefed on these programs, but that claim is disputed:

Sen. Jeff Merkley (D-Ore.) on Friday disputed a claim President Obama made at a press conference only moments earlier, when the president said that every member of Congress had been briefed on the National Security Agency’s (NSA) domestic phone surveillance program.

Merkley said only select members of the House and Senate Intelligence Committees had been briefed on the program, and that he was only aware of it because he obtained “special permission” to review the pertinent documents after hearing about it second-hand.

“I knew about the program because I specifically sought it out,” Merkley said on MSNBC. “It’s not something that’s briefed outside the Intelligence Committee. I had to get special permission to find out about the program. It raised concerns for me. … When I saw what was being done, I felt it was so out of sync with the plain language of the law and that it merited full public examination, and that’s why I called for the declassification.”

 More:

President Barack Obama’s chief defense of his administration’s wide-ranging data-gathering programs Friday: Congress authorized them, with “every member” well aware of the details.

Not so, say many members of Congress — Democrats and Republicans alike.

Typically, members of Congress “don’t receive this kind of briefing,” Senate Majority Whip Dick Durbin (D-Ill.) told POLITICO Friday. They wouldn’t have known about the programs unless they were on an intelligence committee, attended special sessions last held in 2011 or specifically asked to be briefed – something they would only know to do if they were clued in by an colleague who was already aware.

Durbin said he learned about the two programs himself only after requesting a briefing under “classified circumstances” after being urged to do so by Sen. Ron Wyden (D-Ore.).

Congressional leadership and intelligence committees had access to information about the programs, he said — but the “average member” of Congress likely wouldn’t have been aware of the breadth of the telephone and Internet surveillance.

There’s no public record of who has attended any of these sessions — and even the Obama administration couldn’t confirm the president’s claim that “every member of Congress” had been briefed.

None of these revelations would have been possible without the presence of a whistleblower, and today, that whistleblower was identified:

Edward Snowden, a 29-year-old former undercover CIA employee, unmasked himself Sunday as the principal source of recent Washington Post and Guardian disclosures about top-secret National Security Agency programs.

Snowden, who has contracted for the NSA and works for the consulting firm Booz Allen Hamilton, denounced what he described as systematic
 surveillance of innocent citizens and said in an interview that “it’s important to send a message to government that people will not be intimidated.”

Director of National Intelligence James R. Clapper Jr. said Saturday that the NSA had initiated a Justice Department investigation into who leaked the information — an investigation supported by intelligence officials in Congress.

Snowden, whose full name is Edward Joseph Snowden, said he understands the risks of disclosing the information but felt it was important to do.

“I intend to ask for asylum from any countries that believe in free speech and oppose the victimization of global privacy,” Snowden told The Post from Hong Kong, where he has been staying. The Guardian was the first to publicly identify Snowden. Both media organizations made his name public with his consent.

“I’m not going to hide,” Snowden said Sunday afternoon. “Allowing the U.S. government to intimidate its people with threats of retaliation for revealing wrongdoing is contrary to the public interest.”

Of course, this is still a developing story, so we are going to hear and read a whole lot more about this issue. But for now, I'll say this: The Verizon phone-monitoring and the PRISM program may be necessary to prevent future terrorist attacks, but we need to have an open and public debate over whether that truly is the case. And this administration has a lot of 'splainin' to do--to Congress, to the American people, and especially to voters who were once led to believe that Barack Obama would never tolerate the existence of these kinds of domestic espionage programs.

 

In Praise of James Comey

Benjamin Wittes discusses the reasons why we should be glad that James Comey was nominated to be the next FBI director--reasons I am fully in agreement with:

Here’s the easy part: A qualified director of the FBI needs to have significant managerial experience in law enforcement. These days, you particularly want someone with a real intimacy with national security investigations and counterterrorism cases. You want someone who knows the bureau and can command the respect of its famously insular culture. You want someone with that ineffable quality of great leadership. And you want someone who somehow projects an anti-Hoover-like incorruptibility. Put this all together, and the easy part is not at all easy. There are very few people who truly have all of these qualities—and Comey is one of them.

But Comey also has an additional quality that makes him a unique candidate for the position—unique not just now but over a very long time. To be a successful FBI director, you have to be someone the public believes is truly independent, someone who will follow the facts wherever they go, who will investigate other members of the administration in which you (sort of) serve. The public should even believe that if it came to that, you would stare down the President himself over compliance with the law. It requires highly specialized circumstances to establish this particular quality beyond a shade of public doubt—and most people, fortunately for them and for the public—never have the opportunity to do so. But Comey 
did have this quality of his leadership tested—and in an episode initially secret, and now famous, he showed himself capable of looking a president of his own party in the eye and telling him that he would resign unless legal problems in a high-stakes classified program were fixed.  Nobody, including Barack Obama, can now doubt for a minute that he is capable of doing what needs to be done and telling the president the painful truths he may need to hear.

Wittes calls for Comey to be confirmed as soon as possible. I join that call, and congratulate President Obama on a very good selection.