Schneier on Security
A blog covering security and security technology.
« DHS Funding Open Source Security |
| Liberty Increases Security »
January 18, 2006
NSA Eavesdropping Yields Dead Ends
All of that extra-legal NSA eavesdropping resulted in a whole lot of dead ends.
In the anxious months after the Sept. 11 attacks, the National Security Agency began sending a steady stream of telephone numbers, e-mail addresses and names to the F.B.I. in search of terrorists. The stream soon became a flood, requiring hundreds of agents to check out thousands of tips a month.
But virtually all of them, current and former officials say, led to dead ends or innocent Americans.
Surely this can't be a surprise to anyone? And as I've been arguing for years, programs like this divert resources from real investigations.
President Bush has characterized the eavesdropping program as a "vital tool" against terrorism; Vice President Dick Cheney has said it has saved "thousands of lives."
But the results of the program look very different to some officials charged with tracking terrorism in the United States. More than a dozen current and former law enforcement and counterterrorism officials, including some in the small circle who knew of the secret program and how it played out at the F.B.I., said the torrent of tips led them to few potential terrorists inside the country they did not know of from other sources and diverted agents from counterterrorism work they viewed as more productive.
A lot of this article reads like a turf war between the NSA and the FBI, but the "inside baseball" aspects are interesting.
EDITED TO ADD (1/18): Jennifer Granick has written on the topic.
Posted on January 18, 2006 at 6:51 AM
• 70 Comments
To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter.
I do find it interesting that "the torrent of tips led them to [a] few potential terrorists inside the country they did not know of from other sources".
I don't know what the opportunity costs were to find those guys in terms of other avenues of investigation left undone, etc. Still, the fact that they turned up some (potential) terrorists seems important.
this is what happens when you try to re-purpose a cold war intelligence asset in another venue. same problem exists on the imagery side. horribly inefficient, and with potentially negative consequences.
I wonder what it takes for a person to be a "potential terrorist" in the eyes of the Bush administration.
What is a potential terrorist? Interesting is that as far as I know. Not one person has been convicted in a court of law in connection with the 911 bombings.
IIRC, those who committed the 9/11 attacks are beyond the reach of any earthly court of law, and the court they face isn't worried about search warrants.
A couple of interesting points:
1) "In the anxious months after the Sept. 11 attacks..." -- this effort was a response (admittedly somewhat knee-jerk) to those attacks, and in hindsight it isn't all that surprising that the effort was made, and that it was untimately futile (as far as finding terrorists was concerned.) In the same context, the use of the Air Force and Navy to patrol the skies could be seen as futile (and the sight of a flight of F-16s flying Combat Air Patrol over a major US city was certainly intimidating to the civilians who saw them) -- after all, no other airliners were hijacked / turned into IEDs.
2) "National Security Agency began sending a steady stream..." -- pretty much unheard of pre-9/11, the attacks lead to a major change in behavior -- a behavior that came out of the Watergate era, and that has been criticized for preventing the exchange of information that might have prevented the attacks.
I see this effort not as the act of a government bent on taking over our lives, but of a government trying to deal with an attack that caught it flat-footed (under the doctrine of "fool me once, shame on you -- fool me twice, shame on me".)
@ Ed T:
How about Osama bin Laden? He has long ceased being USA's first and foremost menace, or at least it is what it seems. Maybe he's been fired from the AlQaeda Board of Directors and the TLAs never told us?
@ EdT 0833,
If you want to play that game, try this on for size. The reason why those courts aren't concerned about search warrents is that those courts are also free from human error.
As for your second post's point 2, the behavior you are pointing out prior to 9/11 did not follow from Watergate. It came from Ashcroft's turning a blind eye to terrorism in favor of porn and Bush's (or rather the so-called adults of Bush's inner council) minimal attension to the national security briefings.
Well, at least the resources spent monitoring terminally ill people in Oregon can be diverted into something more productive.
A machine, or any mechanism, can work tirelessly at the most tedious detection task with merely routine maintenance.
When a human is assigned a huge volume of possible leads to winnow the paydirt from the bum steers, then if the prevalence of true positives is nearly zero, it will not take years or months for the mind to grow numb, nor weeks or days, but only hours or even minutes. The worker grows blind, so even when a true positive comes along they are almost certain to not see it.
After closing each lead with a check in the 'unfounded' box, in endless itereation, the checker will become simply a human mechanism for checking that box.
Their only way of finding true positives was checking to see if the lead squared with information they already had from other sources. They squandered resources, learning nothing.
Roy, who is the "they" you refer to?
Quote: "Surely this can't be a surprise to anyone? And as I've been arguing for years, programs like this divert resources from real investigations."
So just a quick recap....
In relation to any story about any security upgrades you have argued that these are all a waste of money unless they protect all possible terrorist targets and that resources should instead be put into intelligence to address terrorist cells rather than what they target.
In relation to the US using the capabailities they have always had to monitor the entire planet's communications you've said this is a waste of time.
This leaves your intelligence plan without SIGINT and only HUMINT. I haven't yet seen you comment on the fact that...
[a] the US has basically zero HUMINT capabilities of its own in capable of addressing muslim extremist networks
[b] such assets typically take many many years or even decades to cultivate
[c] even if it were a viable option to go without such an ability for such a period, the cell structures used to date throughout Europe put the chances of penetration at pretty much 0.0 in a million.
...for obvious reasons.
Or in summary, you just don't like any of it Bruce, and after pointing to one solution to replace all measures you've denounced to date... well turns out you don't go much on that either.
There is a simple reason you are able to take this position. In much the same way there are 1000 valid reasons that seatbelts in cars are a bad security measure if your assessment of them doesn't need to take into account the one thing they are designed to address.
If your analysis isn't required to actually address the threat of bodily harm in a car crash (or actually uncover terrorist cells) then you can rag on every security measure you read about without detriment to your arguement. Because unlike the US government, your position isn't related to doing anything useful.
This is why you can continue to suggest diverting funds from specific programs into the deliciously non-specific "intelligence" which apparently exists as a notion something akin to "magic" here. Then go about pointing out how the specific functions of that mysterious "intelligence" are also useless.
Tell you what, why don't you watch 24 and Die Hard, declare the concept of human penetration of a terrorist network as a "movie plot myth" and you'll have just about covered all your bases on how everything that could possibly be used in addressing the threat of counterterrorism is bad policy. No need to replace any of them with something else, that will work itself out.
Are you insane?
Bruce has complained about the waste of money in expensive security theatre. He has suggested that the money would be best spent in two ways...
1) First responders. These don't protect against anything but they help mitigate the results of ANY threat or natural disaster. If instead of scanning my shoes for explosive traces every time I fly, emergency services had been a priority do you think the outcome of Katrina might have been different?
2) Intelligence efforts, both HUMINT and SIGINT. The complaints about the NSA eavesdropping without warrants are still valid. Let me give you some reasons why...
a) There is a process to get wiretap orders upto 72 hours retroactively through the FISA courts. Thus there is no "need to move fast" as the need is already there.
b) Anyone who is targeted because of one of these warrantless wiretaps can now argue that the evidence should be thrown out because it was obtained illegally.
c) Anyone who wasn't targeted because of these wiretaps can make the same case, and there is no way to prove that they are wrong.
d) Overloading an intelligence service because someone said "bomb" or "President" or... on an international phone call is a denial of service attack. I've called my parents in the UK and talked about things like "The President said X" or "I just heard about the London Bombs, is everyone OK?". All perfectly legitimate conversation topics. Should I be a target?
The NSA can legally (at least from the US point of view) intercept signals throughout the rest of the world. If there is someone that they are interested in inside the US the FISA courts allow them to intercept internal signals too. So as you are so hot on the idea, do you want to explain why warrantless wiretapping should be allowed despite it being illegal?
Can you point to a single benefit that it has given?
It has created overworked FBI agents, it has given few (if any) leads, and it has infringed on the rights of Citizens... like you.
So, what is the benefit? Does it outweigh the costs/risks? The only benefit that I see is that the wholesale surveillance of the population might have generated "a few leads". Is it worth the huge cost in terms of both money to check out all the dead ends and in terms of the damage to the constitution and the rule of law? I would say no.
Maybe those "giving comfort to the enemy" by
* questioning the war,
* critisizing the administration,
* condeming prisoner 'treatment',
* calling for shortened occupation,
* protesting FISA-free domestic spying
Zwack: When attempting to look like a credible person on the subject of computer security, not providing a link to your personal website which features, nay "is dominated by", a giant Robert Anton Wilson quote.
1) It's fiction.
2) Worse yet, it's science fiction.
3) We all read it, too. When we were in high school. Twenty years ago.
Here is the part of my post that I would post some hilariously ironic high school-ish book quote, if I had the time. I do not.
I personally get better results when I gather information about something, instead of gathering everything and looking for a pattern. If I investigate the reading habits of someone "funny" I get more relevant data than I would looking at books checked out in all the libraries in America. The only time you start using the "shotgun" approach is when all leads fail or you don't have a clue as to what you're looking for. I was figuring the noise level would ruin the data gathering, and it seems all the work done up to now is worthless because of it.
The behavior I referred to in my second point of the first post (EdT 0833) was the practice of the various agencies not communicating with each other (in the context of not passing along intelligence data that might be relevant to the others.) This was a matter of policy (written policy, not verbal) in the mid-1970s -- at least for the agency I worked for. Back then, the "firewall" was real.
Oops. When I said "computer security", I meant "national security".
Excellent example of an ad hominem attack.
Any other logical fallacies you'd like to include in your argument?
"Tank, Are you insane?"
You've said this then proceeded to talk about FISA like it actually means something. I may be insane but you are irrelevant.
The NSA spies on you pal. They always have and they always will. They were spying on you the day before 9/11, the day before Bush decided to run for office and the day before Clinton didn't break the FISA laws about whatever physical seaches bullshit that was about.
Until you come to grips with this what you think isn't really interesting or based on reality.
Which as I said leaves us with the recommendation to promote intelligence programs as the most useful tool in addressing the threat of terrorism.... the realisation that you have no human intelligence assets and no likelyhood of developing any this side of your next 5 birthdays.... and whats left in the intelligence basket.... nah we dont want that either.
What is a potential terrorist? Interesting is that as far as I know. Not one person has been convicted in a court of law in connection with the 911 bombings.
Posted by: swiss connection at January 18, 2006 08:25 AM
There have been many captured though, including the guys who planned the 9/11 attacks and ran the Hamburg cell that carried them out.
Coincidently they were caught by the NSA using phone intercepts to pinpoint voices to service locations.
Rather defeatist post. "The government breaks the law, there's nothing you can do about it. If you complain, you complain uselessly. Moreover, if you're upset about this, I can label you unrealistic and ignore any points you may bring up."
Note (for the record) that I agree that Bruce spends more time pointing out crappy security than he does suggesting good security, and that it would be interesting to see what Bruce recommends be done (in terms of suggested actual programs, rather than vague terms). In defense, though, there are a lot more stories about crappy security than there are stories about good security.
Bruce isn't the head of DHS, and it's certainly not his responsibility to develop good intelligence programs on his own time out of the goodness of his heart. However, he is a taxpayer (and I assume a voter) and as such he gets the right to complain about the government spending money badly.
Saying that Bruce is a complainer (whether it is true or not) doesn't make Bruce's points less valid and is irrevelant to any cogent argument.
I can sit back, suggest nothing positive, and point out idiocy in all sorts of security measures and that doesn't make my analysis incorrect.
If you disagree with his analysis, and think that something Bruce disagrees with is a *good* use of intelligence gathering dollars, I'd like to hear your reasoning. Just saying, "You don't offer anything positive so you're opinion isn't worth considering" isn't argumentation.
Some of you don't seem to be aware that the US has been doing warrantless surveillance on US citizens continually, since FISA was passed, and the courts have approved it (after the fact) in every case. Aldrich Ames, for example, underwent both warrantless surveillance and a warrantless physical search of his residence (this was during the Clinton administration), all legal, all signed off by the courts.
The key is, are you a foreign agent?
Well, as long as you are bringing up history you could also cite the fact that Woodrow Wilson's folks seemed to be rather effective at finding German agents, but almost useless at uncovering Russian ones. And Eugene Debs, who won 6% of the vote when he ran for President in 1912, was sentenced to 30 years in jail for his "anti-war" rhetoric in 1918. So perhaps the key to today's warrantless surveillance is more subtle than just whether you are foreign agent? Bush and Cheney do tend to banter about "clear and present danger" and the need for an unfettered executive, which is hardly necessary for routine "foreign agent" monitoring.
"Bruce spends more time pointing out crappy security than he does suggesting good security"
When someone points out a flaw, aren't they therefore creating a context for which a fix can be discussed? Maybe the fix is quick and dirty (perhaps myopic) or maybe it is long term (perhaps holistic), but if you don't celebrate the fact that someone is actually bringing the flaws to light...forget progress.
> When someone points out a flaw, aren't they therefore creating
> a context for which a fix can be discussed?
Note, I wasn't saying that *I* think Bruce is just a complainer. I think there are lots of valid reasons why there are more "this is bad security" posts originating from Bruce on this web site than there are "this is good security".
I was just pointing out to Tank that even if I did agree with his general complaint about Bruce, his dismissive attitude of Bruce's arguments doesn't follow.
"If instead of scanning my shoes for explosive traces every time I fly, emergency services had been a priority do you think the outcome of Katrina might have been different?"
Nope -- Katrina would probably still have hit the Gulf Coast, and there would have still been reports of great white sharks swimming down Canal Street eating old women and children ;-)
Seriously -- This particular quote compares two totally different activities, and therefore the argument is fallacious. Using the same line of reasoning, if searching for box cutters had been a priority for the FAA prior to 9/11, instead of spending all that money on air traffic controllers, maybe the WTC towers would still be standing.
Does scanning shoes for explosives make sense? I don't know, although it is a real annoyance to doff shoes, jackets, etc. before flying. Could FEMA have been better prepared as far as response to the hurricanes last year? No doubt. However, curtailing security checks at airports would likely have had NO EFFECT on the damage Katrina (and the other storms, for that matter) caused. Hurricanes are big freakin' storms, and they are gonna cause a lot of damage wherever they hit.
-EdT. (a survivor of, oh, about a half dozen hurricanes, several earthquakes, and a tornado which went right over his head.)
No, I'm content with just that solitary ad hominem. It's a timeless classic; reels 'em in every time.
I've had remarkable luck with the slippery slope fallacy, but that's demonstrating itself here without my help.
Davi, I give you an example from the previous administration and you counter with a century ago? I suppose what you're trying to say is it was OK for the Clinton administration to do warrantless surveillance of foreign agents but it's not OK for the Bush administration to do the same thing?
OK. Justify your reasoning. What is the "subtlety" that I've missed? The party of the President?
I said, it's established law, since FISA became law (that's post 1978) that the President can do this legally. Please show me a current case that refutes that. Or explain why every President, since FISA became law, has done warrantless surveillance AND claimed it was within his power to do so legally AND Congress never complained AND the courts never rejected the argument.
Maybe then we can talk about subtleties?
"In relation to any story about any security upgrades you have argued that these are all a waste of money unless they protect all possible terrorist targets and that resources should instead be put into intelligence to address terrorist cells rather than what they target."
You can't possibly be saying that I agree with this, can you? If you, you clearly haven't been reading much of what I've been saying.
"I was just pointing out to Tank that even if I did agree with his general complaint about Bruce, his dismissive attitude of Bruce's arguments doesn't follow."
Righto. I completely agree with you and was trying to add a bit. Sorry if I wasn't clear.
"Davi, I give you an example from the previous administration and you counter with a century ago?"
More than a century actually, but nonetheless a time rich with mistakes we would do well to avoid.
"I suppose what you're trying to say is it was OK for the Clinton administration to do warrantless surveillance of foreign agents but it's not OK for the Bush administration to do the same thing?"
I think this might be called *you* trying to stick your foot into *my* mouth. The current administration is arguing that they have the right to warrantless surveillance of domestic communication for domestic agents. I actually find it hilarious that after all the "no way will Bush be anything like Clinton" has given way to "we're just following Clinton's lead". But that does nothing to change the point that even if it had been Clinton's policy it would still be subject to criticism today. Bush doens't get a get-out-of-jail-free card just because the prior exec made mistakes, or the prior one, or the prior one, etc.
It wasn't a lack of information that stymied the FBI from acting to stop the foreign agents prior to 9/11. And it wasn't a lack of information that prevented Bush from finding and attacking Al Qaeda prior to 9/11...the premise for expanded surveillance is that it will be more effective, but it's proving to be ineffective, and it's solving the wrong problem. What you end up with is a giant square peg that doesn't fit the round hole, compounded by additional/residual harm of constantly trying to bang it through despite valid opposition.
"There have been many captured though, including the guys who planned the 9/11 attacks and ran the Hamburg cell that carried them out.
Coincidently they were caught by the NSA using phone intercepts to pinpoint voices to service locations."
Who exactly was captured, who exactly was caught by the NSA using which phone intercepts, and who exactly was convicted of terrorism-related crimes thanks to NSA eavesdropping?
"What is the 'subtlety' that I've missed"
There are many, but a prime example of things that are most troubling is the fact that a phrase like "foreign agent" often gives way to the term "terrorist". The latter not only lacks clarity, but carries a perjorative weight that can make risk assessments less effective.
Take for instance that Chechen rebels were not considered terrorists by the US State Department in 2001, although they were by the French. This has been cited as one of the contributing reasons that the FBI did not act upon information from a MN flight school that a French Moroccan with links to the Chechen rebels was acting suspciously.
Moreover, trying to arrive at a concept of what constitutes a "foreign power" with "agents" is behind policy-makers wrangling over how to understand and prioritize true threats and vulnerability to attack.
The subtleties, actually, are what make good policy. Tossing all that aside and demanding absolute rights to peer into anything, anywhere, anytime without checks and balances...that's just another example of Bush looking for a white horse, a mask and a silver bullet. Unfortunately, it just isn't that easy...
"The NSA spies on you pal. They always have and they always will."
Yo, Tank. That don't make it legal.
I understand the difference between domestically following up on a lead, where an oversight mechanism (FISA) exists, and generating leads by (dumb) electronic driftnet, for which there is no oversight mechanism and no legal authorization. If such mechanisms do exist please do correct me.
Since the administration believes such domestic lead-generation is required, they should ask Congress for a legal framework in which to perform it. At a minimum, it would go like this:
"Your FISA honor, here are two lists of emails we intercepted in the last 72 hours: The first list has those who did not generate any leads and will not be followed up any further. The second contains those that did generate leads and we are therefore asking, retroactively, for FISA search warrants on their owners".
This probably only ensures the minimum "a judge knows who you're snooping on" type of oversight, other measures might be required.
Our fearless leader failed in not pushing for this. PATRIOT doesn't count due to lack of judicial oversight provisions.
And the relevance is? That quote has been on my website for a long time. I thought that it was interesting that EXACTLY what was described was happening in America. It has nothing to do with my arguments, it has nothing to do with the validity of my comments. The fact that Science Fiction seems to be relevant to the future of America (1984?) is NOT something I mentioned. Feel free to visit my personal web site or not. I use the same information every time I post here as a way to identify myself and not as a proof of my comment.
"You've said this then proceeded to talk about FISA like it actually means something. I may be insane but you are irrelevant."
FISA shouldn't be irrelevant. It is a legal law which allows for wiretapping and allows for the warrants to be obtained after the fact. The fact that the President believes that he is above the law is scary to me. If you are happy about it then fine, but I don't agree with you.
"The NSA spies on you pal. They always have and they always will. They were spying on you the day before 9/11, the day before Bush decided to run for office and the day before Clinton didn't break the FISA laws about whatever physical searches bullshit that was about."
Two points... What the NSA does and should do may be two different things. The NSA is not supposed to spy on anyone within the US without a warrant. If they do that it's wrong and should be stopped. Point two, when Aldrich Ames was subject to Physical searches, FISA didn't cover that at all. It was modified later. But, on topic, Clinton did not give any Presidential orders to the NSA, or anyone else, to break the law. Bush did.
"Until you come to grips with this what you think isn't really interesting or based on reality."
What I think is certainly interesting to me. And it is based on Reality... The Reality is that the NSA were operating illegally. The Reality is that it doesn't matter WHY but the fact that they were is relevant to any discussion of their actions. The fact that their illegal activities compromised both the efficiency of another organisation and the integrity of that other organisations legal activities is highly relevant.
"Which as I said leaves us with the recommendation to promote intelligence programs as the most useful tool in addressing the threat of terrorism..."
I don't see this the way you do. Promoting intelligence activities within the law and without compromising the effectiveness of other activities makes perfect sense to me. I can't speak for Bruce but the impression I got from this posting is that the fact that the NSA activities are indiscriminate and so wide ranging that they are practically useless. It sounds like I could be just as effective by sending the FBI a list of all people with the surname "Wills" and saying "these are all potential terrorists". By the time that the FBI has checked them all out it might have found one or two suspicious people, but how many would it have had to check.
On the subject of potential terrorists you said "There have been many captured though, including the guys who planned the 9/11 attacks and ran the Hamburg cell that carried them out. Coincidently they were caught by the NSA using phone intercepts to pinpoint voices to service locations."
Given the state of US Law these people are not "Terrorists" but "suspected Terrorists" and as such are innocent until proven guilty in a court of law. Given the lack of trials this just means that you have found some people that you think that you might be able to prove are terrorists. If they are within the US then the warrantless wiretapping could mean that some of the evidence is thrown out. If they are outside the US then the NSA didn't do anything wrong under American law. American law allows for the NSA to monitor foreign signals without warrants. It's when the "signals" are domestic that warrants are required. You may not be able to see the distinction but it is there and it is huge.
@antimedia See above for comments about the physical search. The point about the NSA warrantless wiretaps is not that they followed the law and asked for the warrant within 72 hours of starting the wiretap (thus making it retroactively legal) but that they completely ignored the warrant process and just did it. They ignored a law that allows them to ask for permission after they've started because they didn't want to follow it. Yes these can be legal, but the FISA court could deny the warrant and any evidence gathered up to that point should be ignored. The fact that they didn't even apply is the point.
The money that pays for however many people to stand around and harrass innocent travellers at airports could have been used instead to reinforce the levees, to create disaster plans for what happens when a large disaster hits a major US city, to help evacuate people in the time before the hurricane hit (as the plans and resources could have been ready), to have needed food, water and medical supply stockpiles positioned in readiness around the country... Yes, the sharks would still be there, but people might have been better prepared.
If evacuation plans had been better for the WTC, then perhaps fewer people would have been lost without the FAA having to switch from ATC to box cutter searches. I don't have any figures, but if the search of the rubble had been more efficient then perhaps more lives could have been saved. Perhaps nothing could have stopped this attack, but having people trained and equipped to deal with emergencies seems like a higher priority to me than checking shoes for traces of potential explosives. I guess that demoitions workers, miners, pyrotechnicians and doctors could all provide false positives while travelling. I would also guess that there are more of those than terrorists. Curtailing security checks at airports would free up a lot of money that could be used to prepare for general emergencies, whether caused by Terrorists or Nature.
I am a Survivor of, oh, about half a dozen terrorist attacks, several earthquakes, and the Lockerbie disaster.
Seriously, I have been lucky in avoiding Terrorist attacks. I lived in Warrington until shortly before an IRA bomb killed two children in the town centre. I passed through Manchester city centre about an hour before the corn exchange was blown up... And I was on a train through Lockerbie the day after the Pan-Am flight hit.
The Clinton administration was responsible for a warrantless physical search of Aldrich Ames in 1994. In 1995 FISA was amended to cover Physical Searches.
So, in one case we have an administration who followed the law at the time, and in the other case we have an administration that broke the law at the time.
You might want to read Vice President Al Gore's response to the White House smears...
FISA allows Domestic Warrantless surveillance provided that a warrant is obtained from the FISA court within 72 hours of the surveillance starting. Until 1995 this did not include physical searches as the LAW did not include physical searches.
So until 1995 the president COULD authorise warrantless physical searches. I guess that includes every administration between 1978 and 1995. As the previous administration ran from 1992 - 2000 there was a point at which they could legally do warrantless physical searches and a point where they couldn't. The only administration that, throughout it's entire period in office, has NOT been able to do this is the current one.
You might want to read some more about what FISA said and when (you do know that laws change over time don't you?).
> I suppose what you're trying to say is it was OK for the Clinton administration
> to do warrantless surveillance of foreign agents but it's not OK for the
> Bush administration to do the same thing?
The AP clears up the Ames incident:
McClellan said the Clinton-Gore administration had engaged in warrantless physical searches, and he cited an FBI search of the home of CIA turncoat Aldrich Ames without permission from a judge. He said Clinton's deputy attorney general, Jamie Gorelick, had testified before Congress that the president had the inherent authority to engage in physical searches without warrants.
"I think his hypocrisy knows no bounds," McClellan said of Gore.
But at the time of the Ames search in 1993 and when Gorelick testified a year later, the Foreign Intelligence Surveillance Act required warrants for electronic surveillance for intelligence purposes, but did not cover physical searches. The law was changed to cover physical searches in 1995 under legislation that Clinton supported and signed.
Parrot discredited WH talking points a lot?
We're not talking about physical searches. When Clinton did the searches he did BOTH physical AND electronic surveillance, BOTH without a warrant. So did Reagan. So did Carter. All of them have claimed the right under their Article II powers to do so when a foreign agent is involved.
When FISA was amended to include physical searches aftwards, that still doesn't explain why Clinton thought he could do ELECTRONIC SURVEILLANCE without a warrant. Get it now?
FISA doesn't cover your butt if you're a foreign agent, US citizen or not.
And sorry - I have no idea what the administration is saying. I don't follow their press releases.
Davi wrote, "The current administration is arguing that they have the right to warrantless surveillance of domestic communication for domestic agents."
False. The current administration is arguing that they have the right to warrantless surveillance of INTERNATIONAL communications between members of Al Qaeda and (potentially) FOREIGN agents inside the US borders under the President's Article II powers as CinC.
Foreign agents is defined in the law, including FISA (more correctly "agents of a foreign power".) It encompasses more than just terrorists, but includes terrorists.
If my citation below is correct, it is very likely that Clinton did indeed follow FISA for his electronic surveillance. Remember that the surveillance (under FISA) can begin and be in place for 72 hours before the AG has to submit a request to the FISA court:
(I have not yet fact-checked this):
At the time of the Ames investigation, FISA did require warrants for wiretaps -- as it does now -- **and there is ample evidence that the Clinton administration complied with those requirements** [emphasis mine]. In a 2002 speech, U.S. District Court Judge Royce C. Lamberth, who previously served on the FISA Court, noted the "key role" the court played in that case to "authorize physical entries to plant eavesdropping devices":
LAMBERTH: I'm sure all of you recall the Aldrich Ames case, the CIA officer who was a Russian spy, and the key role the Foreign Intelligence Surveillance Court played in his case. The attorney general had also authorized physical searches of Ames's home, not pursuant to court order, that turned out to be very productive. Had Ames gone to trial, that would have been a hotly litigated issue. The president and the Congress wisely reacted by amending the statute to now require that physical searches for national security reasons also be authorized by the court. The court had authority all along to authorize physical entries to plant eavesdropping devices, but the court had never authorized physical searches for information.
The Clinton administration's compliance with the FISA requirements regarding electronic surveillance was further substantiated by Mark M. Richard, a former deputy assistant attorney general. According to a Department of Justice (DOJ) review -- conducted by then-assistant U.S. attorney Randy I. Bellows -- of the Los Alamos National Laboratory investigation, Richard established in 1999 that, during the Ames investigation, "the Attorney General was asked to sign as many as nine certifications to the FISA Court in support of applications for FISA surveillance."
> False. The current administration is arguing that they have the
> right to warrantless surveillance of INTERNATIONAL communications
> between members of Al Qaeda and (potentially) FOREIGN agents inside
> the US borders under the President's Article II powers as CinC.
If "(potentially) FOREIGN agents" = "american citizens" then FISA applies, and the administration is wrong.
The whole point of FISA is that the executive branch can't violate U.S. citizen's constitutionally protected right to unreasonable seizure without a judicial oversight.
You can call them whatever you like, if they're U.S. citizens, they're entitled to due process.
Following up on that last post:
Under the Fourth Amendment, a search warrant must be based on probable cause to believe that a crime has been or is being committed. This is not the general rule under FISA: surveillance under FISA is permitted based on a finding of probable cause that the surveillance target is a foreign power or an agent of a foreign power, irrespective of whether the target is suspected of engaging in criminal activity. However, if the target is a "U.S. person," there must be probable cause to believe that the U.S. person's activities may involve espionage or other similar conduct in violation of the criminal statutes of the United States. Nor may a U.S. person be determined to be an agent of a foreign power "solely upon the basis of activities protected by the first amendment to the Constitution of the United States."
"If '(potentially) FOREIGN agents' = 'american citizens' then FISA applies, and the administration is wrong."
Right. I find it particularly interesting who can be defined as a "foreign power" and under what terms someone is considered their "agent". We discussed this a little a while back with regard to spies, etc. and that's what made me reference the Wilson period. China is clearly defined as a foreign power. But what if you define a group rather than a nation as a foreign power? Is Al Qaeda is a foreign power? Then does it follow that someone who is a domestic agent working for a foreign power is a foreign agent, although they are a domestically-based citizen?
"Foreign agents is defined in the law, including FISA"
That's really funny. Do you mean it *would* have been defined in the law, *if* the President actually abided by the laws of the nation. Another example of why the President doesn't want to get a warrant, since the court might not define "foreign agents" in the way that the President tells them to...or those he asks to interpret the law might just make mistakes. The case of Wen Ho Lee comes to mind, and I've already mentioned Moussaoui. The fact is that a misinterpretation of the law was at fault in those two cases, which doesn't lead directly to the conclusion that the law is flawed and/or the President should operate above it.
Read the report yourself:
Davi, foreign agents is defined in law, INCLUDING BUT NOT LIMITED TO FISA. Does that clear it up for you?
Read the DOJ report. There's something missing from it. N. S. A. Get it?
The NSA is a military signals intelligence unit, not a law enforcement agency. They have no ability to investigate anyone, no power to arrest anyone, no power to prosecute anyone. They collect intelligence. That's all.
The DoJ conducts criminal investigations, not the DoD. If the F.B.I. is after you, you might be in serious trouble. If the N.S.A. is after you, they're probably trying to recruit you.
Read USSID 18, the guidelines for NSA. The Attorney General may authorize warrantless surveillance, without the involvement of the FISA court, when the purpose of the surveillance is foreign intelligence. In fact, a US citizen, living in a foreign country, has been convicted using evidence obtained through warrantless surveillance. See USA v. Bin Laden, 2002.
Furthermore, your rights are fully protected under the Constitution, including the Fourth Amendment. You don't need FISA to protect your rights.
Finally, after researching the issue thoroughly, I'm convinced that FISA is unconstitutional, at least in part. That's not the argument the administration is making. That's the argument I think they SHOULD make.
An executive order signed by President Carter in May of 1979 reads, "The attorney general is authorized to approve electronic surveillance to acquire foreign intelligence information without a court order."
That was AFTER FISA became law.
You lost me on that one. Have you just been idling away in order to make a tenuous segway into a "repeal FISA" line? Please, are you being serious or facetious?
"If the NSA is after you, they're probably trying to recruit you."
If that were true, do you really think the President would say "unauthorized disclosure of this effort damages our national security and puts our citizens at risk".
Uh huh. Your statement is something like "Nothing to see here folks, just your basic government spying on its own people in order to figure out who the bad guys are, move along."
"foreign agents is defined in law"
This again? It is poorly defined, as proven by the famous cases mentioned above, and basically irrelevant when the President can choose to define anyone talking with anyone overseas as a foreign agent.
Interesting that you should bring up the diffs between the agencies, since that is also an excellent reason to review the origins and failures of the intelligence/counterspy agencies. Yes, I'm referring to Wilson again...
Oh, and I suggest you rewind a few log pages. The Carter/Clinton topic has been covered extensively already...
> Read USSID 18, the guidelines for NSA. The Attorney General may
> authorize warrantless surveillance, without the involvement of
> the FISA court, when the purpose of the surveillance is foreign intelligence
From USSID 18:
> 4.1 (S-CCO) Communications which are known to be to, from
> or about U.S. PERSONS not be intentionally intercepted.
> [1 line redacted.]
> a. With the approval of the United States Foreign Intelligence
> Surveillance Court under the conditions outlined in
> Annex A of this USSID.
> b. With the approval of the Attorney General of the United
> States, if:
> (1) The COLLECTION is directed against the following:
> (a) Communications to or from U.S. PERSONS outside of the
> UNITED STATES, or
> (b) International communications to, from, [1 line redacted.]
> (c) Communications which are not to or from but merely
> about U.S. PERSONS (wherever located).
> (2) The person is an AGENT OF A FOREIGN POWER, and
> (3) The purpose of the COLLECTION is to acquire
> significant FOREIGN INTELLIGENCE information
So you're partially right.
The NSA (under USSID 18) is authorized to intercept communications to, from, or about US citizens in exactly two cases:
#1 -> with approval of the FISA court
#2 -> with approval of the AG *if and only if*
either of the following three conditions apply
a. the communications have an endpoint outside the U.S.
b. the communications have both endpoints outside the U.S.
c. the communications are not *from or to* a U.S. citizen, only about a U.S. citizen
AND the following two conditions apply
a. the person is an agent of a foreign power
b. the purpose of the collection is foreign intelligence (ie, not criminal investigation
or domestic intelligence).
In other words, the foreign agent clause is indeed a requirement, but there are other requirements.
By my read, if you're a U.S. citizen who is merely suspected of being an "agent of a foreign power" you need a FISA warrant.
The AG can't just say, "Dude's an agent of a foreign power". You would need to have that established. If someone was already convicted of being a spy, or if they weren't a U.S. citizen, the AG could get away with saying they were. However, USSID 18 doesn't say, "the person is suspected of being an agent of a foreign power".
In 1980 the Carter administration argued in the Truong case that the government could conduct domestic, warrantless wiretaps of conversations between a U.S. and a Vietnamese citizen who had been passing on U.S. military intelligence to the North Vietnamese. The Supreme Court agreed.
In 1982 a federal court of appeals ruled that "the National Security Agency may lawfully intercept messages between United States citizens and people overseas, even if there is no cause to believe the Americans are foreign agent."
And in 2002 the FISA court said that the president has "inherent constitutional authority to conduct warrantless foreign intelligence surveillance."
Davi writes "You lost me on that one. Have you just been idling away in order to make a tenuous segway into a "repeal FISA" line? Please, are you being serious or facetious?"
There's no segue there. I was giving you my opinion, which has nothing to do with anyone else's opinion or what the administration may or may not argue. I believe FISA is unconstitutional. I don't think it should be repealed. I think it should be thrown out by the court.
"If the NSA is after you, they're probably trying to recruit you."
"If that were true, do you really think the President would say "unauthorized disclosure of this effort damages our national security and puts our citizens at risk". "
Huh? What's the relationship here? Revealing the program tips off to Al Qaeda what we're dong to track them. That is what puts the nation at risk. I don't see how my statement ties into that at all.
Davi, you've lost me on the USSID 18 reasoning. I see it this way:
The AG can approve if - conditions 1, 2 & 3 are true. Conditions 2 & 3 require that the person targeted by an agent of a foreign power and that the purpose be "signifcant" foreign intelligence. Under these two conditions, if one end of the conversation is a known Al Qaeda agent.
Now, the first condition has three parts. The second is redacted, so it's impossible to be certain what the conditions really are. However, in USA v. Bin Laden, an American citizen was convicted of a crime based upon warrantless surveillance, the purpose of which was to learn about Al Qaeda. The court rejected El Hage's request to have the evidence thrown out because, in their view, the purpose of obtaining the evidence was not to convict El Hage but to obtain intelligence about Al Qaeda.
I base my opinion about the legality of the program, in great part, on USSID 18 and the 2002 case which articulated how the courts view intelligence collection. There were two main requirements. SOMEONE had to be a foreign agent AND the purpose of the collection was the crux of the issue. If it was intelligence collection, the court found it was OK.
In the end, nothing we write here will matter one whit. The issue will be decided in the courts. I expect that the program will be found legal. I could be wrong.
"The issue will be decided in the courts. I expect that the program will be found legal. I could be wrong."
Oh, to be so naive as to think that the courts matter when a President has already said he doesn't give a damn what they say unless it agrees with his view of the world. This is a guy who cheated his way through school, military duty, business, and then politics. You think he's going to let some court rule against him now?
You also continuously miss the point about who can be defined as foreign agents and what constitutes a foreign power. It is not clearly defined in the law, but again, even if it were that becomes irrelevant when a President insists he has the authority to monitor all domestic communication that touches foreign systems.
The Foreign Intelligence Surveillance Act self-evidently does not authorize what the NSA has been doing, and no one inside or outside the Administration claims that it does. Incredibly, the Administration claims instead that the surveillance was implicitly authorized when Congress voted to use force against those who attacked us on September 11th.
This argument just does not hold any water. Without getting into the legal intricacies, it faces a number of embarrassing facts. First, another admission by the Attorney General: he concedes that the Administration knew that the NSA project was prohibited by existing law and that they consulted with some members of Congress about changing the statute. Gonzalez says that they were told this probably would not be possible. So how can they now argue that the Authorization for the Use of Military Force somehow implicitly authorized it all along? Second, when the Authorization was being debated, the Administration did in fact seek to have language inserted in it that would have authorized them to use military force domestically - and the Congress did not agree. Senator Ted Stevens and Representative Jim McGovern, among others, made statements during the Authorization debate clearly restating that that Authorization did not operate domestically.
When President Bush failed to convince Congress to give him all the power he wanted when they passed the AUMF, he secretly assumed that power anyway, as if congressional authorization was a useless bother. But as Justice Frankfurter once wrote: "To find authority so explicitly withheld is not merely to disregard in a particular instance the clear will of Congress. It is to disrespect the whole legislative process and the constitutional division of authority between President and Congress."
This is precisely the "disrespect" for the law that the Supreme Court struck down in the steel seizure case.
It is this same disrespect for America's Constitution which has now brought our republic to the brink of a dangerous breach in the fabric of the Constitution. And the disrespect embodied in these apparent mass violations of the law is part of a larger pattern of seeming indifference to the Constitution that is deeply troubling to millions of Americans in both political parties.
@ Pat Cahalan at January 18, 2006 11:34 AM
>"Rather defeatist post. "The government breaks the law, there's
> nothing you can do about it. If you complain, you complain uselessly.
> Moreover, if you're upset about this, I can label you unrealistic and ignore any
> points you may bring up."
That's not being defeatist, that's being realistic. Are you under the impression that whether you do nothing, vote liberal, protest or assassinate somebody that the outcome in regard to you getting spied on is going to change ?
If so you're a bit naive. If not then apparently being defeatist just means not doing something pointless which serves only to allow you to keep pretending you are doing something useful in regard to defending a state of security or privacy which is completely uneffected by your actions.
Or to put it another way, you have the same goals and outcomes as tin-foil-hat guy.
> Saying that Bruce is a complainer (whether it is true or not) doesn't make
> Bruce's points less valid and is irrevelant to any cogent argument.
> I can sit back, suggest nothing positive, and point out idiocy in all sorts
>of security measures and that doesn't make my analysis incorrect.
Sure. But it does make you ridiculous when you move from that to also pointing out you are also against pretty much all faceats of the one solution you have proposed. You might have noticed this was the point I was making.
ie... a better critique of what I've said here would be to point out the one intelligence asset, program or facility which is useful in terms of addressing the threat of terrorism which Schneier hasn't already assessed as a poor choice.
Take you a lot less time to write out too. Try bullet points if it's more convenient, assuming there is more than one.
@ Bruce Schneier at January 18, 2006 01:13 PM
>>In relation to any story about any security upgrades you have argued that
>> these are all a waste of money unless they protect all possible terrorist
>> targets and that resources should instead be put into intelligence to
>> address terrorist cells rather than what they target." - Tank
> You can't possibly be saying that I agree with this, can you? If you, you
> clearly haven't been reading much of what I've been saying.
I read this...
Quote: "Final note: I often get comments along the lines of "Stop criticizing stuff; tell us what we should do." My answer is always the same. Counterterrorism is most effective when it doesn't make arbitrary assumptions about the terrorists' plans. Stop searching bags on the subways, and spend the money on 1) intelligence and investigation -- stopping the terrorists regardless of what their plans are, and 2) emergency response -- lessening the impact of a terrorist attack, regardless of what the plans are. Countermeasures that defend against particular targets, or assume particular tactics, or cause the terrorists to make insignificant modifications in their plans, or that surveil the entire population looking for the few terrorists, are largely not worth it."
Likewise you can't have read the post you replied to if you think my criticism was of you opting for one solution over another, rather than you opting for one solution over another then pointing out neither of them are a solution.
Seriously Bruce, what is left in terms of this broad "intelligence" solution which you haven't already criticised as individual faceats ?
What intelligence resource or program have you not yet singled out as something which will/does not work which you believe is/will be useful in addressing the threat of terrorism.
For instance, the NSA eavedropping which doesn't work here is the only reason the US caught the al Qaeda guy who ran the Hamburg cell.
You counter example would be ?
"NSA eavedropping which doesn't work here is the only reason the US caught the al Qaeda guy who ran the Hamburg cell."
Interesting point. I've never heard that. In fact, I seem to remember that it was Germany's Office for the Protection of the Constitution (BfV) who started monitoring the Hamburg cell and who alerted the CIA about the men, all in due time. The failure of the CIA to share this information with other intelligence agencies was a problem, but there was no special extra-legal wiretap issue going on. In fact, the German's arrested an al Qaeda operative in 1998 who was visiting the Hamburg group and believed to be connected to the US embassy bombing. After that point the CIA was obviously monitoring the Hamburg cell themselves. Who knows why they weren't collaborating well with the Germans...anyway, the point is that I haven't see anything about warrantless executive-branch wiretaps related to the Hamburg cell. It was all pretty straight-forward intelligence stuff with standard legal oversight, and vastly different than the NSA eavesdropping we're now debating.
"But, on topic, Clinton did not give any Presidential orders to the NSA, or anyone else, to break the law. Bush did."
That's the topic ? Strange there is so little coverage of Halliburton dealing with Iran if Whitehouse illegalities is the relevant topic of this blog and why this story is here.
On the other hand the blog title does specify security and privacy issues as the specialty. Neither of which are effected by anything Bush ordered.
When I say FISA is irrelevant I don't mean that it isn't involved in this issue, I mean that whether it is followed or not has no bearing on how your privacy is violated by the NSA.
Or put it this way - When Halliburton legally set up a mailbox in the Cayman Islands so they could do business with the trade-restricted dangerous Islamic fundamentalists in Iran this really is no different from the NSA getting Canada to spy on US citizens for them when they aren't able to do this themselves. Both use a bullshit proxy that is enough to fool the law but shouldn't be enough to fool people who are even marginally switched on.
So unless you see both as equally valid and the only illegality occurring if mail went directly to Texas rather than via the mailbox in the Caymans then it might be time to get over this FISA/Bush authorisation deal like it means something in relation to your privacy. It doesn't.
72 hours isn't the amount of time they had to obtain a court order. It is the amount of time that should have been enough for you to come to grips with the whole FISA court order issue then move on.
Seriously, 72 hours is more time than it took Bush to personally and in the national media admit to the main charge the NYT article made in regard to him authorising an illegal act yet a month later here you are still telling this to people like it's in dispute.
I guess I should clarify that I was trying to say the intelligence work on the Hamburg cell pre-dated 9/11 and there was evidence that a lack of cooperation between agencies with information was the only real problem.
"It's been four months now since President Bush and the German Chancellor Gerhardt Schroeder, once warm allies, have spoken to one another, after the German leader infuriated the White House by ruling out support for U.S. military action against Iraq. [...] In Hamburg, the police say that breakdown in communications between the U.S. and German governments has also led to a dramatic reduction in the amount of investigative help they're getting from the U.S.A. [...] The Hamburg authorities say even success in existing prosecutions is now threatened by the information breakdown, and they're worried about the prospects for bringing additional defendants before the courts"
So instead of bringing agencies and intelligence experts to the table, the Bush Administration appears to have tried to manufacture the need for unilateralist solutions. Again, extra-legal wiretapping does not appear to have been used or even necessary, given the extant capabilities already under way.
> Are you under the impression that whether you do nothing, vote liberal, protest
> or assassinate somebody that the outcome in regard to you getting spied on is
> going to change ?
If I'm reading this correctly, yes. While you're correct that in almost all cases of all of the above, when attempted by individuals, fail to produce results, it is still true that all of the above, when attempted by individuals, were the root causes of a great many societal changes.
> If so you're a bit naive.
Perhaps. However, I have noticed that (in historical terms) if nobody does anything, nothing changes. If somebody tries to affect change, he or she may fail (in fact, most often/virtually always does fail), but changes eventually come about, and when they do there are usually a number of individuals involved in small ways that get the ball rolling.
Put another way, I'd rather be a voice even if I'm only heard by friends and family than do nothing. The probability of me making a difference is pretty close to zero, but the probability that a great number of people acting like me will affect some positive change over time is decidedly non-trivial. Whereas if everyone sits back and says, "You're just naive to even try", well, then nothing ever changes. I'd rather not be a free rider, thanks.
If you don't think you can make any changes, then why do you even bother commenting on these threads?
> But it does make you ridiculous when you move from that to also pointing
> out you are also against pretty much all faceats of the one solution you
> have proposed.
I think that FISA could be prone to abuse, simply because it is oversight rather than approval, but I don't think it's unreasonable to revisit FISA and keep something like it in place. I do think it is unreasonable for a branch of government to spy on their own citizens without oversight, however. Not because it won't produce results, but because it can be VERY prone to abuse without any oversight mechanism. Like I pointed out on the other FISA/NSA thread, it's not oversight if the people "giving approval" are underneath you in an org chart.
Take your Hamburg example. Regardless of the accuracy of claims about who knew what about the cell, when they knew it, and whether or not they learned it from this NSA program or German Intelligence, I do not understand why it was impossible to send this to FISA for review.
In short, traffic analysis, SIGINT with the roots in human intelligence (instead of the other way around), cooperation with foreign intelligence agencies, etc. are all "good" facets of intelligence as an anti-terror weapon. Proper oversight and audit, and a difficult vector of abuse are characteristics of "good" intelligence gathering.
> Put another way, I'd rather be a voice even if I'm only heard by friends and
> family than do nothing. The probability of me making a difference is
> pretty close to zero, but the probability that a great number of
> people acting like me will affect some positive change over time is decidedly
> non-trivial. Whereas if everyone sits back and says, "You're just naive to
> even try", well, then nothing ever changes. I'd rather not be a free rider, thanks.
You have a population of 297m. If you get 298m people together to sign a petition, protest and all vote for a particular party nothing will change. This isn't because the public support isn't strong enough, it's because public support has fkall to do with these decisions in the first place.
The population didn't decide to create blanket surveillence systems just like they didn't decide to create nuclear weapons and policies for mutual destruction of your entire country like you accidentaly avoided in the Cuban missile crisis.
I mean seriously. You reckon you need a poll to find out public support in the 60s for having the entire US vaporised over the issue of defending against socialism ?
Everyone hated the reds... but nobody hated them that much. Exactly 0. Yet there you go.
And if the objection to this being the state of reality is "but we live in a democracy" well I'd really like you to accompany it with an explanation for the programs of mass murder and human rights abuses you've been participating in like it's a sport for the past 50 years. Because you either believe your opinions and wishes are what determines the policies of your military and intelligence programs or you don't.
> I think that FISA could be prone to abuse, simply because it is oversight
> rather than approval, but I don't think it's unreasonable to revisit FISA and
> keep something like it in place.
Whereas I think this is as pointless as revising the duck-and-cover guidelines for nuclear protection. Makes you feel good but doesn't really do anything useful. FISA covers people who are targetted by US agencies in US investigations. That's all.
It in no way limits spying on US citizens or the operations of US intelligence other than those they submit for on-the-record investigations.
The only reason there was a FISA issue in the wake of 9/11 was because the NSA simply didn't trust the foreign governments doing their domestic spying for them to give as much of a shit about pursuing leads as they did. That is the entire reason for this "scandal" right there. It's got nothing to do with Bush issuing approval after the fact and nothing to do with public opinion.
However a nice excercise might be come up with an estimate of the level of support if the public had been asked this at the time. You know... interrupt the non-stop images of grieving dust-covered NYC residents to ask whether the US should trust someone else to investigate this or do it themselves. About 100% you reckon ?
After all it's nice to have protections against abuse of intel services on domestic soil but in the wake of something like this (and lets quit pretending the NSA gave a toss what you ordered from Dominos when their choice was to find that out or whether their were further cells operating in the US) it really is a joke to protest that they pulled all stops out.
You already paid for the most well funded and largest intelligence agencies on the planet. When it came time to turn them against a real domestic threat that's what happened.
It's like the CEO of Ferrari rushing his pregnant wife to the maternity ward on public transport because using the Ferrari in his driveway would be misuse of company assets. Nice in theory but get real.
> I do think it is unreasonable for a branch of government to spy on their
> own citizens without oversight, however. Not because it won't produce
> results, but because it can be VERY prone to abuse without any oversight mechanism.
I completely agree. The difference is I've asked myself whether I think this was the case in the wake of 9/11. When the option to investigate terrorism or abuse the system existed just how big of a cherry the latter was when it was being done under Presidential authority.
> Take your Hamburg example. Regardless of the accuracy of claims
> about who knew what about the cell, when they knew it, and whether or not
> they learned it from this NSA program or German Intelligence
The Hamburg cell all died on 9/11 apart from the one hijacker who couldn't get entry to the US so he instead acted as the liason between the cell and al Qaeda. His voice pattern got picked up by ECHELON and his location was pinpointed to a particular phone service which allowed his capture.
>, I do not understand why it was impossible to send this to FISA for review.
Well it's been discussed elsewhere (aint that a bitch) that data mining involves aggregating information, actions and communications which are unlikely to all occur within a timeframe of weeks let alone hours.
But in this specific case read the story here. What is evident is that the NSA wanted to look at EVERYONE with even the slightest chance connection to suspect people and organisations.
I mean does that even need explaining ? That the reason you avoid getting a court approval for something is that you think you wont get it.
> In short, traffic analysis, SIGINT with the roots in human intelligence (instead
> of the other way around), cooperation with foreign intelligence agencies, etc.
> are all "good" facets of intelligence as an anti-terror weapon. Proper oversight
> and audit, and a difficult vector of abuse are characteristics of "good"
> intelligence gathering.
No doubt. You are still left with the situation though that nobody gives a toss about uncovering plots against the US like the US does. After all non-spefic German intel on 9/11 is one thing... the Pakistanis on the other hand could have told the CIA the boarding pass numbers. They were less cooperative in regards to 9/11. Or more... depending on which side you are on.
Seriously take a look at the country producing the majority of suicide bombers in Iraq, hijackers and fundamentalist extremist teachings. You're still waiting on them to investigate attacks from the 90s for the sole reason that THEIR constitution is the same one quoted in justifying terrorist attacks against the US.
> " I haven't see anything about warrantless executive-branch wiretaps
> related to the Hamburg cell. It was all pretty straight-forward intelligence stuff
> with standard legal oversight, and vastly different than the NSA
> eavesdropping we're now debating."
This shouldn't suprise you for several reasons. Firstly, you should expect all wiretaps by the NSA to be warrantless (this particular one was of a foreign subject but since the world's communications are monitored that's not really the point).
Secondly you shouldn't expect any "executive-level" NSA surveillence since they really don't operate at the direction of the Whitehouse.
And I'll guarantee you never hear about anything similar ever again. After all the only "executive level" involvement here is that Bush was stupid enough to involve himself in approving something illegal. If anyones expecting this level of executive retardation to be repeated then wiretaps are the least of your worries. You realise he's still got the nuclear codes right ?
What seems to be a common theme here is that people believe that Bush was somehow responsible for this spying occurring. If so you know the reason the administration failed to act on prior intelligence in preventing 9/11. Bush was only in office like 10 months before 9/11. How long do you think it would take for him to even have it explained to him what the NSA even does let alone get to the point where he was instrumental in directing it's activities ?
I'm backing he still doesn't.
> I find it particularly interesting who can be defined as a "foreign power" and
> under what terms someone is considered their "agent". ... Is Al Qaeda is
> a foreign power? Then does it follow that someone who is a domestic agent
> working for a foreign power is a foreign agent, although they are a
They do qualify as this and this was something resolved very early on. If it was actually a problem then we wouldn't be discussing FISA because it would have been thrown out in Sept 2001.
This question avoids asking a more difficult question which is much more relevant to the issue: Is 72 hours an adequate amount of time to determine whether this US person is acting as an agent of a foreign enemy ?
Our favorite troll here is getting too much food. Tank has claimed: "There have been many captured though, including the guys who planned the 9/11 attacks and ran the Hamburg cell that carried them out. Coincidently they were caught by the NSA using phone intercepts to pinpoint voices to service locations." Tank has also said: "The Hamburg cell all died on 9/11 apart from the one hijacker who couldn't get entry to the US so he instead acted as the liason between the cell and al Qaeda."
So they died, but nevertheless they were caught by the NSA. Good work.
One alleged member of the Hamburg cell, Abdelghani Mzoudi, was tried in court in Germany, on evidence that had nothing to do with NSA intercepts. He was convicted but freed on appeal. The judges ruled that witnesses that were in US custody might be relevant for the case. When the USA refused to cooperate, the case died.
Once again: "Who exactly was captured, who exactly was caught by the NSA using which phone intercepts, and who exactly was convicted of terrorism-related crimes thanks to NSA eavesdropping?"
If you can't answer that (with references), you don't have a case, period.
> The AG can approve if - conditions 1, 2 & 3 are true. Conditions 2 & 3 require that
> the person targeted by an agent of a foreign power and that the purpose
> be "signifcant" foreign intelligence. Under these two conditions, if one end of the
> conversation is a known Al Qaeda agent.
Right. Somewhat. The "target" of the surveillance has to be a foreign agent. I'm imagining the whole reason this blew up is because you have a situation like this:
Bob Al Qaeda (known foreign terrorist) corresponds with Joe American (citizen of US with no criminal record). Joe American then corresponds with everyone else (s)he normally corresponds with. The NSA is eavesdropping on Bob Al Qaeda, traces something to Joe American, and then begins eavesdropping on Joe American without getting a FISA warrant. Moreover, they begin eavesdropping on everyone Joe corresponds with, again without a warrant.
The problems here are many -> Bob may be sending Joe email, they could both be posting to the same Islamic web site, Bob may be a hacker and have a botnet that has Joe's computer in it, Bob and Joe can be related and Bob's emailing Joe their grandmother's cookbook, etc. etc. We don't know what the NSA regards as "communications" between Bob and Joe.
Even if the communications are simple and bi-directional (they're emailing each other, or having running commentary on a blog like we are here), we don't know how the NSA is judging their communications... "are they really talking about coconut curry, or is everything in code?" They could be related, but have differing political views. We don't know anything about Joe.
I agree, from an intelligence standpoint, that it is important to monitor Bob Al Qaeda's communications. I agree again that if you're trying to find terror "cells", it makes sense to do investigations into Joe and his/her doings.
I disagree that you should (or even legally can) be eavesdropping on Joe without a warrant. We have as yet no evidence that he's a terrorist (nothing to prove he's an agent of a foreign power). It's trivial to get a FISA warrant to eavesdrop on Joe, and we can point Joe out to the FBI so that the FBI can do a background check on Joe to find out if it's even remotely likely that he's a terrorist.
Of course, the NSA and the FBI aren't bed buddies, so probably what's going on is that the NSA is giving the FBI a huge list of Joes and all of the Joes' collective communication partners. They're probably not even doing any preliminary investigation into the Joes (that's not their job, anyway). They're just gathering everything they can possibly gather and shoving it at the FBI to sort out.
After all, if the boss (the President) tells you that you can gather pretty much whatever you want, and if you're aware that one of the consequences of another successful terror attack is that the resulting investigation will point out any leads you didn't follow up and you're going to be roasted by a Senate committee and the general public, aren't you going to just grab everything, just to CYA?
This is bad intelligence gathering - blanket sweeps gathering undifferentiated information.
The NSA and the FBI/CIA should be working as a unit -> the CIA gives the NSA information about the Bobs, the NSA eavesdrops on the Bobs, the NSA tells the FBI about the Joes (and the CIA about any new Bobs), the FBI tells the NSA which Joes to continue to monitor, the NSA gets FISA warrants to monitor the Joes, monitors the Joes, and reports back to the FBI and/or the CIA to follow up on any Janes... repeat cycle.
>Tank has also said: "The Hamburg cell all died on 9/11 apart from the one hijacker who couldn't get entry
> to the US so he instead acted as the liason between the cell and al Qaeda."
>So they died, but nevertheless they were caught by the NSA. Good work.
You are not bright. Try figuring out if they all died except one guy, which one guy I could be talking about when I refer to a later capture. Sheeesh.
> Once again: "Who exactly was captured, who exactly was caught by the
> NSA using which phone intercepts, and who exactly was convicted of
> terrorism-related crimes thanks to NSA eavesdropping?"
"U.S. intelligence and counterterrorism officials confirmed to the Los Angeles Times that NSA intercepts were instrumental in capturing such high-value Al Qaeda chieftains as Khalid Shaikh Mohammed and Ramzi Binalshibh, who had both boasted shortly before their capture in 2003 of being masterminds of the Sept. 11 attacks. NSA intercepts also placed Osama bin Laden at the battle of Tora Bora in Afghanistan."
"His brazenness caught up with him and, on Sept. 11, 2002, his voice on the audiotaped interview was matched to a phone call.
Exactly a year to the day after the 9/11 attacks, he was arrested in Karachi.
That arrest tightened the noose. And last Saturday morning, Khalid Shaikh Mohammed received a wakeup call. Osama bin Laden may still be at large, but al Qaeda may never be the same."
" For a phone call gave away the Karachi hide-out of Ramzi Binalshibh, the senior al-Qaeda suspect caught last September. It is thought a sample of his voice - recorded from an al-Jazeera interview - was fed into the NSA's computers; within days he made a satellite phone call, and the US had a location.
And an intercepted e-mail led to the arrest last March of another suspected bin Laden aide, Khalid Sheikh Mohammed. As "chatter" indicated he was planning further attacks, satellite tracking of his associates' communications threw up an e-mail with his address. "
> If you can't answer that (with references), you don't have a case, period.
This raises the question what you think "the case" I am making is. If you think NSA spying does nothing why not take it a step further and say there is no such thing as the NSA or intelligence services. Even if this extreme was the case, what bearing do you think this would have on the original 20th hijacker being denied a US visa ?
Or is the idea that there was such a person but he hasn't been captured ?
Because if you do know that much then google aint no big secret and you really should be able to find details of how he was captured on your own rather than coming here and suggesting I've invented the whole thing.
Tank: "You are not bright. Try figuring out if they all died except one guy, which one guy I could be talking about when I refer to a later capture."
Tank: "There have been many captured though, including the guys who planned the 9/11 attacks and ran the Hamburg cell that carried them out."
To me, it seems like "guys" refers to more than one guy.
IP phones with stenogr. functions would be fine. The listners hear a conversation generated by a machine or something from a film but the real conversation is encrypted with SRTP. Is this possible? Wouldn't it be fine to use these days.
NN, you will want to ignore what I say because I have a quote from "Illuminatus" on my home page. No, I don't understand that either...
IP phones with steganography functions wouldn't provide much advantage over any other data stream with steganography... Steganography does not carry as large a signal as the actual carrier, by definition. Otherwise the modifications in the carrier will be too obvious to casual observers.
The best method that I can think of for allowing instantaneous two way communications would be to send an audio signal (using lossless compression) with a carrier wave embedded into it that uses frequency modulation (or two using phase modulation) to carry the "secret" audio message.
But that might show up given a simple frequency analysis of the signal.
It would be better to embed a simpler message in the data stream. Say IM embedded in an IP phone message. That would show up a lot less easily to the casual observer.
In other words the use of IP phones is probably irrelevant compared to the basic use of steganography and encryption in a much larger and more innocent data feed.
For wide scale distribution steganography of messages into an internet "radio" broadcast or at least a podcast would work quite well.
Schneier.com is a personal website. Opinions expressed are not necessarily those of BT.