Why the Current Section 215 Reform Debate Doesn't Matter Much

The ACLU’s Chris Soghoian explains (time 25:52-30:55) why the current debate over Section 215 of the Patriot Act is just a minor facet of a large and complex bulk collection program by the FBI and the NSA.

There were 180 orders authorized last year by the FISA Court under Section 215—180 orders issued by this court. Only five of those orders relate to the telephony metadata program. There are 175 orders about completely separate things. In six weeks, Congress will either reauthorize this statute or let it expire, and we’re having a debate—to the extent we’re even having a debate—but the debate that’s taking place is focused on five of the 180, and there’s no debate at all about the other 175 orders.

Now, Senator Wyden has said there are other bulk collection programs targeted at Americans that the public would be shocked to learn about. We don’t know, for example, how the government collects records from Internet providers. We don’t know how they get bulk metadata from tech companies about Americans. We don’t know how the American government gets calling card records.

If we take General Hayden at face value—and I think you’re an honest guy—if the purpose of the 215 program is to identify people who are calling Yemen and Pakistan and Somalia, where one end is in the United States, your average Somali-American is not calling Somalia from their land line phone or their cell phone for the simple reason that AT&T will charge them $7.00 a minute in long distance fees. The way that people in the diaspora call home—the way that people in the Somali or Yemeni community call their family and friends back home—they walk into convenience stores and they buy prepaid calling cards. That is how regular people make international long distance calls.

So the 215 program that has been disclosed publicly, the 215 program that is being debated publicly, is about records to major carriers like AT&T and Verizon. We have not had a debate about surveillance requests, bulk orders to calling card companies, to Skype, to voice over Internet protocol companies. Now, if NSA isn’t collecting those records, they’re not doing their job. I actually think that that’s where the most useful data is. But why are we having this debate about these records that don’t contain a lot of calls to Somalia when we should be having a debate about the records that do contain calls to Somalia and do contain records of e-mails and instant messages and searches and people posting inflammatory videos to YouTube?

Certainly the government is collecting that data, but we don’t know how they’re doing it, we don’t know at what scale they’re doing it, and we don’t know with which authority they’re doing it. And I think it is a farce to say that we’re having a debate about the surveillance authority when really, we’re just debating this very narrow usage of the statute.

Further underscoring this point, yesterday the Department of Justice’s Office of the Inspector General released a redacted version of its internal audit of the FBI’s use of Section 215: “A Review of the FBI’s Use of Section 215 Orders: Assessment of Progress in Implementing Recommendations and Examination of Use in 2007 through 2009,” following the reports of the statute’s use from 2002-2005 and 2006. (Remember that the FBI and the NSA are inexorably connected here. The order to Verizon was from the FBI, requiring it to turn data over to the NSA.)

Details about legal justifications are all in the report (see here for an important point about minimization), but detailed data on exactly what the FBI is collecting—whether targeted or bulk—is left out. We read that the FBI demanded “customer information” (p. 36), “medical and educational records” (p. 39) “account information and electronic communications transactional records” (p. 41), “information regarding other cyber activity” (p. 42). Some of this was undoubtedly targeted against individuals; some of it was undoubtedly bulk.

I believe bulk collection is discussed in detail in Chapter VI. The chapter title is redacted, as well as the introduction (p. 46). Section A is “Bulk Telephony Metadata.” Section B (pp. 59-63) is completely redacted, including the section title. There’s a summary in the Introduction (p. 3): “In Section VI, we update the information about the uses of Section 215 authority described [redacted word] Classified Appendices to our last report. These appendices described the FBI’s use of Section 215 authority on behalf of the NSA to obtain bulk collections of telephony metadata [long redacted clause].” Sounds like a comprehensive discussion of bulk collection under Section 215.

What’s in there? As Soghoian says, certainly other communications systems like prepaid calling cards, Skype, text messaging systems, and e-mails. Search history and browser logs? Financial transactions? The “medical and educational records” mentioned above? Probably all of them—and the data is in the report, redacted (p. 29)—but there’s nothing public.

The problem is that those are the pages Congress should be debating, and not the telephony metadata program exposed by Snowden.

EDITED TO ADD: Marcy Wheeler is going through the document line by line.

Tags: , , , , , , , , , , ,

Posted on May 22, 2015 at 5:45 AM23 Comments

Comments

K.S. May 22, 2015 8:09 AM

All these mass surveillance programs are very expensive. To the tune of multiples of NASA budget. We could probably fund Mars base with these fund.

What really boggles my mind is how apparently ineffective this surveillance is. All we hear about are obvious entrapment schemes by FBI, where mentally damaged people are hand-walked by paid informants in engaging in “terrorist activities”.

In my mind the key question, could these abuses and pervasive surveillance be ever justified by non-absolutist observer, or are they just abuse of power by entrenched “military-industrial” complex?

Lathrop May 22, 2015 8:21 AM

Textual “Law” is only part of the game — enforcing the law is the hard part.

NSA/FBI/CIA/etc routinely have … and will in the future … ignore or work around any statutory legal restrictions that they don’t like. There is no accountability — nobody goes to jail, nor even gets a serious reprimand.
Such legal restrictions are a joke.

Therefore it’s silly to agonize over what the Patriot Act or FISA laws do… or might say, if modified.

Tyrannical Surveillance is merely a sub-issue — Rule-of-Law itself has been lost here… the U.S. Government itself operates outside the rule of law.

Citizens can’t defeat the Game if they don’t recognize what game is being played against them.

Winter May 22, 2015 8:40 AM

@K.S.
“All these mass surveillance programs are very expensive. To the tune of multiples of NASA budget. We could probably fund Mars base with these fund.”

There is a big question mark over all this data collection. We know that Facebook, Google, et al live by user data. But it seems to be almost impossible to get any reasonable numbers on what the real worth is of all these data.

We could have a debate on whether users who trade personal information for “Free online services” get value for money. But we little about how much these data are worth.

But we could start to make some estimates based on guesswork. Facebook has $10B revenue and $2.9B profits. That runs about $7 revenue and $2 profit for each of its 1.39B active users.
http://www.bbc.com/news/business-31031650

These are not unreasonable numbers.

So, using these numbers, the most comprehensive collector of personal data gets only some $7 per year out of an active user at a cost of roughly $5 per user.

The NSA budget seems to be around the same as Facebook’s revenue. So if we assume the NSA works like Facebook in mostly passive spying 1-2B people, that would not be overly expensive.

Where did I go wrong? After word 1 or later?
😉

Snarki, child of Loki May 22, 2015 9:53 AM

What Lathrop said.

If the new, improved restrictions on the NSA do not include punitive provisions,
they will be worthless.

Punitive probably has to be stated in terms of megaton yield over Ft. Meade, to be effective.

Dick Mills May 22, 2015 9:57 AM

They don’t even mention data laundering. NSA acknowledges that they share bulk colledtion raw data with allies. A US government employee can request access to a CCHQ terminal in England (locally or remotely) and using that terminal query all the data while totally bypassing NSA minimization procedures.

65535 May 22, 2015 10:13 AM

There are many tentacles to this monster and Section 215 is one of the bigger ones. I say shut it down!

We have to start some place. Section 215 is a good place to start because it shields the telecoms from lawsuits. Section 215 is worthless and causes complete damage to the Fourth Amendment. Once it is gone the lawsuits will hit hard causing the telecoms to think about their financial position.

Then start chopping away at the others like 702, EO 12333 and section 213. Start with Section 215 then chop the others one at a time.

GameOverMan May 22, 2015 10:49 AM

By the time the truth comes out, by definition when you understand how illegal, immoral, ruthless, robotic, and routine these ‘honing of tools of great power’ have become, well then it’s already too late now isn’t it?

As stated above, it’s the total disregard for the law, every time all the time. You will never regain control. Read the first few sentences:

https://en.wikipedia.org/wiki/Coup_d%27%C3%A9tat

Think you can change things? How you gonna do that? Vote? Remember, the NSA spyed on then Senator Obama.

All this talk about key lengths, side-channel attacks, etc. It’s just talk! The poster above is right, there needs to be punitive responses. Eventually, and soon, these powers that be are gonna realize that their best directed most efficient use of force/time will NOT be more computing power to spy on, understand and pattern and predict and control you! No, they will wake up to the realization that LEGAL power is much more direct and cost effective. What will you do when encryption is outlawed? When all privacy is lost, both physical and intangible? As you can see, already this very day, several politions are calling for just these things!

The people in charge don’t represent you, they are not you, they don’t even think about ‘you’ in a specific sense. To them, the 1%, the eternal rich, those whose security clearences show them the unredacted truth, you are cattle, plain and simple. How to harness your economic cattle energy is the name of the game, and you can never stop playing because you already lost! (Rolling boulders uphill for infinity remind you of anyplace?)

Nuke it from orbit, it’s the only way to be sure.

Clive Robinson May 22, 2015 11:24 AM

Whilst the way electronic communications gets hovered up in a multitude of ways, we also need to consider other communications.

Back in the Victorian era telephones and other communications were not available or much wanted by “the common clay”, they had other less expensive ways, many of which were not amenable to surveillance then or for that matter now.

The methods included “word of mouth”, a note via “the butchers boy”, even runners, horse drawn taxis and “messenger boys” and a reliable postal system. However there was also less obvious ways such as notes left in shops, and for covert “lovers trists” even classifieds ads in newspapers. The latter were often in code or simple cipher of some form, which provided the likes of Babage and Wheatstone with entertainment not just decrypting but also replying with false messages.

Some of these methods are more than viable today and I suspect some people if not already using them will consider using them in the future to avoid the NSA and Federal authorities hovering up process.

Which begs the question of what the Federal auhorities are doing about these non electronic methods. It would begger belief that they are not aware of them, thus it is likely they have legislation secret or otherwise in place. But have they for all methods? How about shop windows for instance, is every shop required to log who places the messages and provide this and copies to the Fedral authorities, this would curently appear to not be happening. The next question would I guess be “But for how much longer”…

Not you again May 22, 2015 2:16 PM

Separation of Powers (executive/jurisdiction/legislative) and Human Rights (including the Freedom of Speech) date back more than 2000 years!

I am not worried about the intelligence community being involved with spying, although I do not believe it to be a sustainable way of doing things. What worries me is that they are out of any legal/political control. The separation of power and basic human rights are becoming wishy-washy concepts, as torture is being justified in the name of the “war on pretty much anybody”, as Laura Poitras once put it, and by the purpose to which post 9/11 laws and other laws are being used. Intelligence agencies are part of the military, and the FBI is part of the executive, both should be supervised transparently. But to grant either of them overlapping powers can only result in blurred boundaries. This could go into a direction, where all animals are equal, but some are more equal than others.

It is time to take things apart again, evaluate, and take decisions based on the reality we live in, not some imaginary dark painted dystopian terrorist plot, that is convenient to the ones in power.

I will go with @65535, Section 215 is a good place to start!

Ken Hagler May 22, 2015 2:27 PM

More to the point, the current debate doesn’t matter because they government will just do whatever they want regardless of the outcome.

rgaff May 22, 2015 2:27 PM

Here’s a thought: Could many of the posters above whining about how useless it is to fight the system be paid shills by the government, to try to stop us from trying? Think psych tricks!

How do you fight a large many-tentacled monster trying to kill everyone? Well one tentacle at a time, of course! You just keep chopping and hacking until it’s dead. Of course it takes a while, more than one short lifetime even. But you have to start somewhere. So start already!

Not you again May 22, 2015 3:29 PM

@rgaff I think this is not the only open forum, that attracts people who would like to lead opinions, either out of a need for attention, click-bait, or because they are getting paid for it. The Chinese government is known for its online commentators.
https://en.wikipedia.org/wiki/50_cents_party#References
On another note, Ai Waiwai conducted a great interview with one of them
http://www.newstatesman.com/politics/politics/2012/10/china%E2%80%99s-paid-trolls-meet-50-cent-party

There is one guy who keeps posting his nonsense on theintercept.com under various aliases, trying to discourage people from using basics like for instance built in full disk encryption on OSX and Windows, because he wants others to think it is too complicated. He always starts his comments with “even with a degree in computer science and a certification in computer security, I find (…) nearly impossible to do correctly.”

I have seen others write similar things on other forums and mailing lists.

Whatever the motivation for troll talk is, I am personally over-saturated. It totally absolutely and ultimately bores me to read the s.o.s., the same old phrases, the same destructiveness and negativity, the same fallacies, put in different words. Or sometimes people do not even bother to use their own words, but just copy&paste stuff they read elsewhere. It bores me to such a degree, that I just can not continue reading, if I sense any kind of trolling.

Ceterum censeo: take things apart, evaluate, and take decisions based on the reality we live in! Connect with others who do the same. A good time to start is now.

me May 22, 2015 3:39 PM

I think its nearly time for another shoe to drop. Greenwald et al have a bunch of ’em. Guesses at 11 as to which one they pick.

name.withheld.for.obvious.reasons May 22, 2015 4:33 PM

There is an effect, individuals have expressed their disgust in mass to representatives and the press. Whether it is covered in the general media, NY Times, Post, Herald, etc. the notion that the government(s) are out of control is known. The level of trust between the citizenry and their government(s) is at an all time low. It used to be said “How do you know he is lying? He’s lips are moving.” and now it is “How do you know is lying? He’s still alive.”

In the past I have been hypercritical of the intelligentsia–largely absent for the debate or have turned cheerleader for fear of being labeled “with the terrorists”–it will be a matter of time when “they” realize that seeking the cover of fascist systems will ultimately fail. Once the chicken hawks are dragged out into the streets and exposed to the sunlight, we, the people, will have made substantive progress in returning to the rule of law.

tyr May 22, 2015 4:42 PM

If you give up before the fight starts you have already lost
the fight. The most effective place to curb excessive forms
of government is cut the budget. That’s why you see all the
focus on any place debate or opinion forming takes place,
they really do fear the budget cuts. You see the same thing
in the military, leadership is intensely focused on money
flow to the detriment of accomplishing the tasks assigned.

A good place to start is with the doom cryers and their
fiscal cliffs, if the economics are that bad maybe a 50%
reduction in the intelligence budget is the place to start
cutting. Every assessment of the giant data stack has made
it clear that it is a waste because it makes doing the
assigned job harder. It only makes influencing politicians
easier and they control the purse strings.

If we need new law, how about this one. No government Agency
shall share its collected information with a foreign power.
Business proceeds as usual, the IC has to work with what
they have internally and their worldwide empire of crooked
deals falls apart.

History has shown clearly that these regimes fall and they fall
hard, usually to the guillotine or by hanging the leadership
from trees. Painting the current excesses as unchangeable is
just encouraging them in illegal behaviors.

One rule of thumb that might help is to realize if it is against
the law for you to do it, it is also against the law for anyone
in government to do.

We are never going to make a heaven on earth, but we don’t have
to live in a man-made hell.

uh, Mike May 22, 2015 9:46 PM

First we take away their cell phone logs. Then we go for the calling card surveillance. Then we take back our land lines. After that, we flush out the remaining spooks and force them to watch West Wing reruns until they can giggle.

Don’t expect it all at once.

R May 25, 2015 12:50 PM

All you can do is stop playing the game. Live a simple life and watch the economy crash and burn. Free yourself and help those you can.

gordo May 29, 2015 7:36 AM

As the U.S. Senate prepares to convene for a special session on the USA Freedom Act and all things surveillance this Sunday, May 31st, and who knows what else from the parliamentarians, I found a couple of cogent editorial reminders citing a few different issues that are in play/being contested. Here are a couple of excerpts from each.

Freedom Act Does Little to Curtail Dragnet NSA
Andrew Napolitano | Newsmax Insider | 28 May 2015

The Freedom Act would get the NSA’s computer geeks physically out of the facilities of telecoms and computer servers, but would let them back in digitally with the FISA court’s approval, and that approval is not conditioned on probable cause. Rather, it is to be granted whenever the NSA needs the data. In the 14 years of all this spying, the NSA has made more than 34,000 requests of the FISA court; only 12 have been denied.

If section 215 expires next week, the feds will need individualized search warrants in order to listen to phone calls. They already have been getting individualized search warrants for the phone calls and emails of potential lone-wolf terrorists and for the business records of suspected terrorist groups and those whom they have successfully prosecuted for terrorist acts. (par. 12-13)

https://www.newsmax.com/AndrewNapolitano/Freedom-Act-NSA-Patriot-Act/2015/05/28/id/647200/

A Sunset Is A Beautiful Thing
Jennifer Granick | Forbes’ Valley Voices | 5/28/2015

In the wake of a recent appellate court’s decision USAF [The USA Freedom Act] was negotiated at a time when we had very little information on whether and how the FBI, as opposed to the NSA, was using the provision for dragnet spying on Americans. In fact, USAF exempts the FBI from certain reporting requirements. But just this week, the government released a Department of Justice Inspector General (IG) report yesterday, which tells us the FBI has also been abusing section 215 for bulk collection. The Justice Department, supposed to oversee the FBI, for seven years failed to create privacy rules required by the permissive FISA Court. Perhaps the worst part is that the FBI has, get this, a classified definition of what it means to be a United States Person entitled to privacy protections under intelligence laws. You don’t even know if you are entitled to be treated as an American or not. If this doesn’t blow your mind, you aren’t paying attention. This is a great reason to hold off on USAF. We can’t be sure USAF fixes the problem if we are still learning what the problems are. (par. 8)

http://www.forbes.com/sites/valleyvoices/2015/05/28/a-sunset-is-a-beautiful-thing/

======

These days, considering how folks tend to ignore facts, and as some may object to their import, I did some checking on a number of the claims/documentary references made in the above excerpts, and for a little exercise.

Links to claims made/documents referenced by Napolitano:

H.R.2048 – USA FREEDOM Act of 2015

114th Congress (2015-2016)
[See Summary (3), TITLE I–FISA BUSINESS RECORDS REFORMS, (Sec. 101)]
https://www.congress.gov/bill/114th-congress/house-bill/2048

Foreign Intelligence Surveillance Act Court Orders 1979-2014
EPIC (Electronic Privacy Information Center) | epic.org
[See the second table, “Traditional FISA Surveillance Orders”; add ‘em up;
the 34,000 figure is all FISA applications presented to the court from 1979 through 2013; since 2001, however, that figure comes in at well over 22,000; the FISA court has only rejected 12 applications in its history, the first of which was in 2003.]
https://epic.org/privacy/wiretap/stats/fisa_stats.html

Most of Judge Napolitano’s second paragraph is standard operating procedure. This next piece, however, tells that story from a different angle, especially paragraphs 10-12.

‘Big Win’ for Big Brother: NSA Celebrates the Bill That’s Designed to Cuff Them
Shane Harris | The Daily Beast | 5/14/15
http://www.thedailybeast.com/articles/2015/05/14/nsa-loves-the-nothing-burger-spying-reform-bill.html

Also, gleaned from a 2011 CATO Policy Analysis, which gleaned it from a 2009 Wired article, as of 2009, the lone-wolf provision had never been used. From the source document, a letter from Ronald Weich, Assistant Attorney General to Senator Patrick Leahy in response to the senator’s request for recommendations on three FISA provisions:

To date, the Government has not encountered a case in which this definition was both necessary and available, i.e., the target was a non-United States person. Thus, the definition has never been used in a FISA application. However, we do not believe that this means the authority is now unnecessary. Subsection 1O1(b) of FISA provides ten separate definitions for the term “agent of a foreign power” (five applicable only to non-United States persons, and five applicable to all persons). Some of these definitions cover the most common fact patterns; others describe narrow categories that may be encountered rarely. However, this latter group includes legitimate targets that could not be accommodated under the more generic definitions and would escape surveillance but for the more specific definitions. (p. 5, first full paragraph)

http://www.wired.com/images_blogs/threatlevel/2009/09/leahyletter.pdf

Links to claims made/documents referenced by Granick:

ACLU v. Clapper

http://www.ca2.uscourts.gov/decisions/isysquery/773a98db-d41d-4db8-95aa-182f994923b5/1/doc/14-42_complete_opn.pdf

H.R.2048 – USA FREEDOM Act of 2015
114th Congress (2015-2016)
[See Summary (3), TITLE VI–FISA TRANSPARENCY AND REPORTING REQUIREMENTS, “Exempts certain queries by the FBI from such estimates.”
(Sec. 602, last sentence)]
https://www.congress.gov/bill/114th-congress/house-bill/2048

A Review of the FBI’s Use of Section 215 Orders: Assessment of Progress in Implementing Recommendations and Examination of Use in 2007 through 2009. Unclassified. Office of the Inspector General, U.S. Department of Justice. Oversight and Review Division 05-15. May 2015.
[See page v, first full paragraph; PDF p. 6]
https://oig.justice.gov/reports/2015/o1505.pdf

The Attorney General’s Guidelines for Domestic FBI Operations
Michael B. Mukasey, Attorney General, September 29, 2008
[See Definition U: United States Person (p. 46)]
http://www.justice.gov/sites/default/files/ag/legacy/2008/10/03/guidelines.pdf

/ Open to corrections.

gordo May 30, 2015 12:48 PM

Who Needs Edward Snowden?
Mattathias Schwartz | The New Yorker | May 28, 2015

With Congress now poised to renew, not renew, or revise the N.S.A.’s bulk metadata program, it’s worth thinking about where we would be now if a twenty-nine-year-old contractor for Booz Allen Hamilton hadn’t left Hawaii for Hong Kong, and a new life as an outlaw ombudsman.

[…]

Some have argued that the current surveillance regime isn’t as bad as the activities of Henry Kissinger, who ordered wiretaps on his rivals during the Vietnam era, or of J. Edgar Hoover, who used the F.B.I. to authorize the covert infiltration of left-wing groups and terrorized Martin Luther King, Jr., with anonymous threats. Those abuses led to the lengthy investigations of the Church Committee, and the current system of judicial and congressional oversight. It’s true that the modern surveillance regime is less about the passions of individuals and more about the tendencies of institutions. But those tendencies—especially the belief that national security can trump the plain English of the law—will likely make it hard for this generation to achieve meaningful surveillance reform. This week’s debate over Section 215 should be the beginning of a much larger conversation.

http://www.newyorker.com/news/news-desk/who-needs-edward-snowden

Leave a comment

Login

Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via https://michelf.ca/projects/php-markdown/extra/

Sidebar photo of Bruce Schneier by Joe MacInnis.