Thursday, June 6, 2013

Who exactly are they targeting? Terrorists, Republicans, TEA Party, other political enemies.

NSA's Verizon Spying Order Specifically Targeted Americans, Not Foreigners

The National Security Agency has long justified its spying powers by arguing that its charter allows surveillance on those outside of the United States, while avoiding intrusions into the private communications of American citizens. But the latest revelation of the extent of the NSA’s surveillance shows that it has focused specifically on Americans, to the degree that its data collection has in at least one major spying incident explicitlyexcluded those outside the United States.
In a top secret order obtained by the Guardian newspaper and published Wednesday evening, the FBI on the NSA’s behalf demanded that Verizon turn over all metadata for phone records originating in the United States for the three months beginning in late April and ending on the 19th of July. That metadata includes all so-called “non-content” data for millions of American customers’ phone calls, such as the subscriber data, recipients, locations, times and durations of every call made during that period.
Aside from the sheer scope of that surveillance order, reminiscent of the warrantless wiretapping scandal under the Bush administration, the other shocking aspect of the order its target: The order specifically states that only data regarding calls originating in America are to be handed over, not those between foreigners.

“It is hereby ordered that [Verizon Business Network Services'] Custodian of Records shall produce to the National Security Agency…all call detail records or ‘telephony metadata’ created by Verizon for communications (i) between the United States and abroad; or (ii) wholly within the United States, including local telephone calls,” the Guardian’s copy of the order reads. “This Order does not require Verizon to include telephony metadata for communications wholly originating and terminating in foreign countries.”
Though the classified, top secret order comes from the FBI, it clearly states that the data is to be given to the NSA. That means the leaked document may serve as one of the first concrete pieces of evidence that the NSA’s spying goes beyond foreigners to include Americans, despite its charter specifically disallowing surveillance of those within the United States.
“In many ways it’s even more troubling than [Bush era] warrantless wiretapping, in part because the program is purely domestic,” says Alex Abdo, a staff attorney with the American Civil Liberties Union’s National Security Project.”But this is also an indiscriminate dragnet. Say what you will about warrantless wiretapping, at least it was targeted at agents of Al Qaeda. This includes every customer of Verizon Business Services.”
The leaked document, in fact, is labelled as an order from the Foreign Intelligence Surveillance Court, a body whose powers were created under the Foreign Intelligence Surveillance Act of 1978 and then broadened after the September 11th, 2001 attacks, with the purpose of intercepting communications between foreign agents and those between enemies abroad and their agents within the U.S. Similarly, the NSA’s charter states that it focuses on interception and analysis of foreign communications, not those within the United States.
But the Verizon order seems to show that the NSA, using FISA, has specifically gathered communications data that both begins and ends with Americans. That domestic surveillance may be allowed under FISA’s low standard for the “relevance” of the data demanded from Internet companies and telephone carriers in the investigations of foreigners, says Julian Sanchez, a research fellow with the CATO Institute focused on privacy and civil liberties. ”The overall purpose of this program is to identify foreign terrorists,” says Julian Sanchez. “But in fact it extends well beyond whether the individual you’re investigating is foreign. If you think an American citizens’s email has information about what a foreign power or individual is doing, that’s ‘relevant.’ The purpose of the investigation is not a constraint on the target or the people from whom the information is sought.”
“If they data mine huge blocks of call records, they’re getting lots of innocent Americans’ data,” adds Sanchez, “But the argument, I imagine, is ‘we’re doing data mining to look for suspicious patterns to help us identify foreign terrorists.’”
My colleague Kashmir Hill has contacted the NSA and Verizon for comment, and I’ll update this post if we hear back from either of the two. Update: Verizon has declined to comment.
In fact, the Verizon order may be just a glimpse of a much larger surveillance program. It’s unclear whether other carriers, not to mention Internet giants like Google, Microsoft and Facebook, have been caught up in similar domestic surveillance, or how long that surveillance has been taking place. But as theGuardian notes, Senators Ron Wyden and Mark Udall have issued cryptic warnings for the last two years that the Obama administration has engaged in widespread surveillance of Americans.
Other phone carriers including AT&T, T-Mobile and Sprint all responded to a congressional inquiry on government surveillance last year, stating that they had turned over hundreds of thousands of users’ records to law enforcement agencies, though that inquiry didn’t focus on intelligence agency requests.
In a congressional hearing in March of last year, the NSA’s Director Keith Alexander responded to questions from Georgia Congressman Hank Johnson, who brought up allegations of the NSA’s domestic spying made in a Wiredmagazine article earlier that month, denying fourteen times that the NSA intercepted Americans’ communications.
“What judicial consent is required for NSA to intercept communications and information involving American citizens?” Johnson asked at the time.
“Within the United States, that would be the FBI lead,” responded Alexander. “If it were a foreign actor in the United States, the FBI would still have to lead. It could work that with NSA or other intelligence agencies as authorized. But to conduct that kind of collection in the United States it would have to go through a court order, and the court would have to authorize it. We’re not authorized to do it, nor do we do it.”
In light of this latest leak and the surveillance it’s exposed, the NSA may have some more explaining to do.

Read the full FISA court order sent to Verizon here.

More questions:

How Outraged Should You Be About the NSA Grabbing Your Phone Logs?

And six other questions arising from the latest White House scandal.

Washington is reeling after a court order was uncovered last night showing Verizon has secretly been handing over reams of customer phone records to the National Security Agency on a daily basis. The records don’t contain the content of phone calls—so, just to be clear, this isn’t wiretapping—but they do contain information such as phone numbers, the location and duration of calls, and subscriber and handset ID numbers, all of which fall under the category of “telephony metadata.”
Unless the NSA has some superpowered intelligence algorithm that helps them separate signal from noise, the agency is simply Hoovering up vast amounts of noise for little if any signal.
Calibrating the appropriate level of outrage will probably occupy us for most of the day. But far from a frivolous exercise, it’s an important process, because it involves the weighing of factors that might or might not matter to you depending on how serious (or potentially expansive) you think this violation of user privacy really is.
The court order alone probably doesn’t merit the ACLU’s chargethat it was “beyond Orwellian”—though it’s no small irony that “1984” was published 64 years ago today.
By itself, metadata can’t tell you very much about—well, you. Nor is it likely that our lives will proceed any differently today than they did for the last couple months. This particular surveillance program has been in effect at least since April, and the Bush administration engaged in similar activities. If you didn’t notice anything amiss then, your life will probably continue unchanged now.
But this is the latest in a string of scandals dealing specifically with the Obama administration and its use of phone records in potentially unethical ways. Previous incidents had the government targeting journalists as a way to get to whistleblowers, but as we indicated last month, nothing in those cases ruled out the broader surveillance of the American public. And now, via The Guardian’s original report, we seem to have found it.
The White House has gone to extraordinary lengths to punish previous administration leakers. For Obama, there’s even more at stake than there was with the AP scandal or the Rosen case. Those were about deterrence and retribution for bygone events. The Guardian’s revelation interferes with an ongoing government mission. The White House this morning defended the general practice of mass surveillance—but wouldn’t confirm specifics—saying it is “a critical tool in protecting the nation from terrorist threats.” As my colleague Garance Franke-Ruta pointed out last night:
Yet even if we grant Obama the benefit of the doubt, it’s not clear how gathering cell phone metadata actually helps the administration do its job better. One of the enduring paradoxes of intelligence is that the more you have of it, the harder it is to find what you’re actually looking for.
“Intelligence collection and targeting systems operate efficiently today in real time,” writes the intelligence scholar G. Murphy Donovan. “The strategic analysis process, however, does not provide a comparable return on investment.”
Unless the NSA has some superpowered intelligence algorithm that helps them separate signal from noise, the agency is simply Hoovering up vast amounts of noise for little if any signal. The idea that this is a standing court order without a clear, pre-identified suspect is further reinforced by a legal expert’s suspicions that whatThe Guardian uncovered was simply a routine three-month extension of an existing order dating as far back as 2006.
Six other questions remain.
Were other communications companies other than Verizon involved?
The Electronic Frontier Foundation has reason to believe AT&T may also have been complicit, citing evidence that one of its technicians installed hardware designed to copy and forward Internet traffic to the NSA.
Does “telephony metadata” cover more than just phone calls?
The text of the court order doesn’t rule out text messages, multimedia messages, or other forms of communication conducted over telephony services. Did the NSA gather information about that stuff, too?
If the NSA has access to phone records, why the need to subpoena the AP’s logs?
As Marc Ambinder points out, if the NSA is already collecting metadata, why should the government need to subpoena said information to go after whistleblowers? In principle, barriers exist between the NSA (Pentagon) and the FBI (Justice Department) to prevent this sort of thing. In practice, however, the court order shows NSA was gathering the metadata on behalf of the FBI, so those barriers didn’t appear to operate as intended this time. One answer may be that even if DOJ had been able to look at the NSA’s information, it wouldn’t have been admissible as evidence in court—hence the need for subpoena. I’ve reached out to legal experts for a clearer answer, and I’ll update if and when we know more.
What does this mean for Eric Holder and James Comey?
Attorney General Holder goes to Capitol Hill later this morning to face lawmakers’ questions again. The scheduled appearance just got a lot more interesting. Comey, Obama’s pick for FBI director, famously opposed the warrantless wiretapping program under President George W. Bush. But it’s not clear whether this current form of domestic surveillance, one that involves a court order, is something he would support. Comey’s confirmation hearing just a lot more interesting, too.
What does this mean for the future of cybersecurity legislation?
President Obama recently appointed the nation’s first privacy adviser. She probably has her hands full today. But more importantly, the revelation about Obama’s NSA surveillance program casts his cybersecurity efforts in a much different light. The White House has opposed the House cybersecurity bill , CISPA, on privacy grounds. But if the NSA court order is true, what the public thought was a principled stand by the president might turn out to be a matter of political expediency after all.
How hard will Obama go after his latest whistleblower?

Remember when Obama campaigned against the Patriot Act?

No comments: