Group items tagged

Anyone who submits a mandatory declassification review request to the Office of the Director of National Intelligence seeking release of classified records “shall be responsible for paying all fees” resulting from the request, according to a new ODNI regulation. And those fees are considerable. A search for a requested document costs from $20-$72 per hour. Document review runs $40-$72 per hour. And photocopying costs fifty cents per page, the new ODNI regulation said. It was published in the Federal Register on Friday, with a request for public comments. The mandatory declassification review (MDR) process was established by executive order 13526 to permit requests for declassification of information that no longer meets the standards for national security classification. The executive order’s implementing directive states that fees may be charged for responding to MDR requests for classified records. But the proposed ODNI fees seem extravagant on their face. No commercial enterprise charges anything close to fifty cents to photocopy a single page. Neither do most of ODNI’s peer agencies.

The Department of Defense permits (though it does not require) DoD agencies to charge fees for search, review and reproduction (pursuant to DoD Manual 5230.30-M). But the DoD schedule of fees is well below the proposed ODNI rate. Instead of fifty cents per page, DoD charges thirteen cents. Instead of up to $72 per hour for search and review, DoD charges no more than $52.60 per hour. ODNI wants $10 for a CD, but DoD asks only $1.25. (See DoD 7000.14-R, Volume 11A, Chapter 4, Appendix 2, Schedule of Fees and Rates, at page 4-13). And while ODNI would make requesters liable for “all fees,” DoD says that “Fees will not be charged if the total amount to process your request is $30.00 or less.” Similarly, at the Department of State, “Records shall be duplicated at a rate of $.15 per page.” In a 2011 rule, the Central Intelligence Agency did mandate a fifty cent per page photocopy fee for MDR requests, as well as a $15 minimum charge. But the CIA policy was suspended in response to public criticism and a legal challenge from the non-profit National Security Counselors. That challenge is still pending.

“There is nothing unusual about these [search and review] fees,” CIA told a court in 2014 in response to the legal challenge. “And the reproduction costs are similar to those employed by other agencies.” CIA noted that a National Archives regulation sets reproduction costs as high as 75 cents per page. (Last year it reached 80 cents, although a self-service copier is sometimes available for 25 cents per page.) Furthermore, CIA said in 2014, “neither set of costs reimburses the CIA for the full cost of providing the declassification review service to the requester.”

n response to criticism of the hefty fees that could be charged to public requesters in its new Mandatory Declassification Review (MDR) rule, the Office of the Director of National Intelligence has agreed to modify the rule. The revised rule will adopt the more flexible and forgiving approach used in ODNI’s Freedom of Information Act (FOIA) program. “We will pull back the MDR rule and swap out the fee structure there for the fee structure in the FOIA policy,” said Jennifer Hudson, director of the ODNI Information Management Division. This represents a substantial change. In comments on the rule submitted yesterday by the Federation of American Scientists, we recommended such a change. We noted that the MDR fee schedule was inconsistent in several respects with existing law and policy and, in particular, that it differed from the cost recovery procedures in ODNI’s FOIA program: *     The MDR rule would charge 50 cents per page for photocopying, but ODNI charges only 10 cents per page for responses to FOIA requests. *     The MDR rule would have made requesters responsible “for paying all fees,” but ODNI always waives costs of $10 or lower under FOIA. *     The MDR rule did not provide for discretionary fee waivers for public interest or other reasons, but the FOIA policy does.

Now all of these discrepancies will be eliminated. Perhaps most significantly, “We will also make sure that there is room [in the MDR process] for discretion in charging fees,” Ms. Hudson said in an email message. “I’m sure you know from looking at our FOIA reports that we have exercised our discretion to not charge fees quite a bit in the past.” She noted, however, that “The search/review charges are identical” under the proposed MDR rule and under FOIA. “FOIA just breaks [the charges] down into 15 minute increments where the MDR rule is by the hour. The end result is the same.” “At the end of the day, I don’t think it will make as much of a difference as people think,” she said.

Contrary to the general impression in Congress and the news media, the Syria chemical warfare intelligence summary released by the Barack Obama administration Aug. 30 did not represent an intelligence community assessment, an IPS analysis and interviews with former intelligence officials reveals. The evidence indicates that Director of National Intelligence James Clapper culled intelligence analyses from various agencies and by the White House itself, but that the White House itself had the final say in the contents of the document. Leading members of Congress to believe that the document was an intelligence community assessment and thus represents a credible picture of the intelligence on the alleged chemical attack of Aug. 21 has been a central element in the Obama administration’s case for war in Syria. That part of the strategy, at least, has been successful. Despite strong opposition in Congress to the proposed military strike in Syria, no one in either chamber has yet challenged the administration’s characterisation of the intelligence. But the administration is vulnerable to the charge that it has put out an intelligence document that does not fully and accurately reflect the views of intelligence analysts. Former intelligence officials told IPS that that the paper does not represent a genuine intelligence community assessment but rather one reflecting a predominantly Obama administration influence.

In essence, the White House selected those elements of the intelligence community assessments that supported the administration’s policy of planning a strike against the Syrian government force and omitted those that didn’t. In a radical departure from normal practice involving summaries or excerpts of intelligence documents that are made public, the Syria chemical weapons intelligence summary document was not released by the Office of the Director of National Intelligence but by the White House Office of the Press Secretary. It was titled “Government Assessment of the Syrian Government’s Use of Chemical Weapons on August 21, 2013.” The first sentence begins, “The United States government assesses,” and the second sentence begins, “We assess”. The introductory paragraph refers to the main body of the text as a summary of “the intelligence community’s analysis” of the issue, rather than as an “intelligence community assessment”, which would have been used had the entire intelligence community endorsed the document.

A former senior intelligence official who asked not to be identified told IPS in an e-mail Friday that the language used by the White House “means that this is not an intelligence community document”. The former senior official, who held dozens of security classifications over a decades-long intelligence career, said he had “never seen a document about an international crisis at any classification described/slugged as a U.S. government assessment.” The document further indicates that the administration “decided on a position and cherry-picked the intelligence to fit it,” he said. “The result is not a balanced assessment of the intelligence.” Greg Thielmann, whose last position before retiring from the State Department was director of the Strategic, Proliferation and Military Affairs Office in the Bureau of Intelligence and Research, told IPS he has never seen a government document labeled “Government Assessment” either. “If it’s an intelligence assessment,” Thielmann said, “why didn’t they label it as such?”

The Obama administration secretly won permission from a surveillance court in 2011 to reverse restrictions on the National Security Agency’s use of intercepted phone calls and e-mails, permitting the agency to search deliberately for Americans’ communications in its massive databases, according to interviews with government officials and recently declassified material. In addition, the court extended the length of time that the NSA is allowed to retain intercepted U.S. communications from five years to six years — and more under special circumstances, according to the documents, which include a recently released 2011 opinion by U.S. District Judge John D. Bates, then chief judge of the Foreign Intelligence Surveillance Court.

What had not been previously acknowledged is that the court in 2008 imposed an explicit ban — at the government’s request — on those kinds of searches, that officials in 2011 got the court to lift the bar and that the search authority has been used. Together the permission to search and to keep data longer expanded the NSA’s authority in significant ways without public debate or any specific authority from Congress. The administration’s assurances rely on legalistic definitions of the term “target” that can be at odds with ordinary English usage. The enlarged authority is part of a fundamental shift in the government’s approach to surveillance: collecting first, and protecting Americans’ privacy later.

“The government says, ‘We’re not targeting U.S. persons,’ ” said Gregory T. Nojeim, senior counsel at the Center for Democracy and Technology. “But then they never say, ‘We turn around and deliberately search for Americans’ records in what we took from the wire.’ That, to me, is not so different from targeting Americans at the outset.”

Director of National Intelligence James Clapper this morning released a report detailing new rules aimed at reforming the way signals intelligence is collected and stored by certain members of the United States Intelligence Community (IC). The long-awaited changes follow up on an order announced by President Obama one year ago that laid out the White House’s principles governing the collection of signals intelligence. That order, commonly known as PPD-28, purports to place limits on the use of data collected in bulk and to increase privacy protections related to the data collected, regardless of nationality. Accordingly, most of the changes presented as “new” by Clapper’s office  (ODNI) stem directly from the guidance provided in PPD-28, and so aren’t truly new. And of the biggest changes outlined in the report, there are still large exceptions that appear to allow the government to escape the restrictions with relative ease. Here’s a quick rundown.

Retention policy for non-U.S. persons. The new rules say that the IC must now delete information about “non-U.S. persons” that’s been gathered via signals intelligence after five-years. However, there is a loophole that will let spies hold onto that information indefinitely whenever the Director of National Intelligence determines (after considering the views of the ODNI’s Civil Liberties Protection Officer) that retaining information is in the interest of national security. The new rules don’t say whether the exceptions will be directed at entire groups of people or individual surveillance targets.  Section 215 metadata. Updates to the rules concerning the use of data collected under Section 215 of the Patriot Act includes the requirement that the Foreign Intelligence Surveillance Court (rather than authorized NSA officials) must determine spies have “reasonable, articulable suspicion” prior to query Section 215 data, outside of emergency circumstances. What qualifies as an emergency for these purposes? We don’t know. Additionally, the IC is now limited to two “hops” in querying the database. This means that spies can only play two degrees of Kevin Bacon, instead of the previously allowed three degrees, with the contacts of anyone targeted under Section 215. The report doesn’t explain what would prevent the NSA (or other agency using the 215 databases) from getting around this limit by redesignating a phone number found in the first or second hop as a new “target,” thereby allowing the agency to continue the contact chain.

National security letters (NSLs). The report also states that the FBI’s gag orders related to NSLs expire three years after the opening of a full-blown investigation or three years after an investigation’s close, whichever is earlier. However, these expiration dates can be easily overridden by by an FBI Special Agent in Charge or a Deputy Assistant FBI Director who finds that the statutory standards for secrecy about the NSL continue to be satisfied (which at least one court has said isn’t a very high bar). This exception also doesn’t address concerns that NSL gag orders lack adequate due process protections, lack basic judicial oversight, and may violate the First Amendment.

A bipartisan group of 26 US senators has written to intelligence chiefs to complain that the administration is relying on a "secret body of law" to collect massive amounts of data on US citizens.The senators accuse officials of making misleading statements and demand that the director of national intelligence James Clapper answer a series of specific questions on the scale of domestic surveillance as well as the legal justification for it.In their strongly-worded letter to Clapper, the senators said they believed the government may be misinterpreting existing legislation to justify the sweeping collection of telephone and internet data revealed by the Guardian."We are concerned that by depending on secret interpretations of the Patriot Act that differed from an intuitive reading of the statute, this program essentially relied for years on a secret body of law," they say.

"This and misleading statements by intelligence officials have prevented our constituents from evaluating the decisions that their government was making, and will unfortunately undermine trust in government more broadly."This is the strongest attack yet from Congress since the disclosures began, and comes after Clapper admitted he had given "the least untruthful answer possible" when pushed on these issues by Senators at a hearing before the latest revelations by the Guardian and the Washington Post.In a press statement, the group of senators added: "The recent public disclosures of secret government surveillance programs have exposed how secret interpretations of the USA Patriot Act have allowed for the bulk collection of massive amounts of data on the communications of ordinary Americans with no connection to wrongdoing."

They said: "Reliance on secret law to conduct domestic surveillance activities raises serious civil liberty concerns and all but removes the public from an informed national security and civil liberty debate." A spokesman for the office of the director of national intelligence (ODNI) acknowledged the letter. "The ODNI received a letter from 26 senators this morning requesting further engagement on vital intelligence programs recently disclosed in the media, which we are still evaluating. The intelligence and law enforcement communities will continue to work with all members of Congress to ensure the proper balance of privacy and protection for American citizens."The letter was organised by Oregan Democrat Ron Wyden, a member of the intelligence committee, but includes four Republican senators: Mark Kirk, Mike Lee, Lisa Murkowski and Dean Heller.

September 6, 2013 It should hardly be surprising that our intelligence agencies seek ways to counteract our adversaries’ use of encryption.  Throughout history, nations have used encryption to protect their secrets, and today, terrorists, cybercriminals, human traffickers and others also use code to hide their activities.  Our intelligence community would not be doing its job if we did not try to counter that.  While the specifics of how our intelligence agencies carry out this cryptanalytic mission have been kept secret, the fact that NSA’s mission includes deciphering enciphered communications is not a secret, and is not news. Indeed, NSA’s public website states that its mission includes leading “the U.S. Government in cryptology … in order to gain a decision advantage for the Nation and our allies.” The stories published yesterday, however, reveal specific and classified details about how we conduct this critical intelligence activity. Anything that yesterday’s disclosures add to the ongoing public debate is outweighed by the road map they give to our adversaries about the specific techniques we are using to try to intercept their communications in our attempts to keep America and our allies safe and to provide our leaders with the information they need to make difficult and critical national security decisions.

The National Security Agency will no longer be able to collect phone records in bulk starting Nov. 29, the Office of the Director of National Intelligence said in a statement Friday.The program's closure was required by the USA Freedom Act, signed by President Barack Obama in early June. The program was allowed to continue since then as part of a six-month wind-down period, in which intelligence officials could create and test a new phone records program where the government can only obtain records connected to a specific entity like a person or device that is associated with a foreign power or terrorist group.Some Senate Republicans, led by Sen. Tom Cotton of Arkansas and 2016 presidential candidate Sen. Marco Rubio of Florida, tried to delay the program’s official end this month in the wake of the Paris terrorist attacks. But despite support from Senate Majority Leader Mitch McConnell (R-Ky.), the effort got no traction in Congress.

The NSA has requested that some officials continue to have access to data already collected by the agency for “technical” purposes — but not intelligence analysis— for another three months, according to ODNI. The Foreign Intelligence Surveillance Court is currently reviewing that request, ODNI said.A federal court issued an order earlier this month holding the program unconstitutional and barring the collection of phone metadata pertaining to one California attorney and his law practice. However, after authorities argued that implementing the order would require the early shutdown of the whole program, a federal appeals court stayed the ruling.

The National Security Agency created a "secret backdoor" so its massive databases could be searched for the contents of U.S. citizens' confidential phone calls and e-mail messages without a warrant, according to the latest classified documents leaked by Edward Snowden. A report in the Guardian on Friday quoted Sen. Ron Wyden, an Oregon Democrat who serves on the Senate Intelligence Committee, as saying the secret rule offers a loophole allowing "warrantless searches for the phone calls or emails of law-abiding Americans." That appears to confirm what Rep. Jerrold Nadler, a New York Democrat, said in June after receiving a classified briefing from administration officials a few days earlier on the extent of the NSA's domestic surveillance operations. If the NSA wants "to listen to the phone," an analyst's decision is sufficient, without any other legal authorization required, Nadler said he had been told during the briefing. "I was rather startled," said Nadler, an attorney who serves on the House Judiciary Committee.

FBI Director Robert Mueller responded by assuring Nadler, according to a transcript of the hearing, that to "listen to the phone," the government would need "a particularized order" from the Foreign Intelligence Surveillance Court -- a claim that is contradicted by today's Guardian report and other documents. Mueller has been succeeded by James Comey, who was confirmed last month by the Senate. In response to a CNET article at the time, Director of National Intelligence James Clapper released a statement saying: "The statement that a single analyst can eavesdrop on domestic communications without proper legal authorization is incorrect and was not briefed to Congress." Clapper never elaborated, however, on what "proper" authorization would be. Today's top-secret document leaked by Snowden reveals that "procedures approved on 3 October 2011 now allow for use of certain United States person names and identifiers as query terms when reviewing collected FAA 702 data."

FAA 702 is a reference to section 702 of a 2008 law that amended the Foreign Intelligence Surveillance Act. Those amendments created a warrantless surveillance process that could be employed by NSA analysts, but Congress never intended it to be used domestically against American citizens: A congressional report accompanying the law claimed it allows electronic surveillance only of "persons located outside the United States in order to acquire foreign intelligence information." In reality, though, the Obama Justice Department has devised secret interpretations of FAA 702 carving out loopholes in what were intended to be strict privacy safeguards. One loophole revealed in June shows that NSA, CIA, and FBI analysts are granted broad access to data vacuumed up by the world's most powerful intelligence agency -- but are supposed to follow certain "targeting" and "minimization" procedures to limit the number of Americans who become individual targets of warrantless surveillance.

The National Security Agency has been secretly granted legal authority to operate a massive domestic eavesdropping system that vacuums up Americans' phone calls and Internet communications, newly leaked documents show. A pair of classified government documents (No. 1 and No. 2) signed by Attorney General Eric Holder and posted by the Guardian on Thursday show that NSA analysts are able to listen to Americans' intercepted phone calls without asking a judge for a warrant first. That appears to be at odds with what President Obama said earlier this week in defense of the NSA's surveillance efforts. "I can say unequivocally is that if you are a U.S. person, the NSA cannot listen to your telephone calls and the NSA cannot target your e-mails," Obama said. The new documents indicate, however, that NSA, CIA, and FBI analysts are granted broad access to data vacuumed up by the world's most powerful intelligence agency -- but are supposed to follow certain "targeting" and "minimization" procedures to limit the number of Americans who become individual targets of warrantless surveillance.

Analysts are expected to exercise "reasonable judgment" in determining which data to use, according to the documents, and "inadvertently acquired communications of or concerning a United States person may be retained no longer than five years." The documents also refer to "content repositories" that contain records of devices' "previous Internet activity," and say the NSA keeps records of Americans' "electronic communications accounts/addresses/identifiers" in an apparent effort to avoid targeting them in future eavesdropping efforts. The Holder procedures were blessed in advance by the secret Foreign Intelligence Surveillance Court, the Guardian reported, meaning that the judges would have issued a general order that authorizes the NSA to engage in warrantless surveillance as long as it's primarily aimed at foreign targets, subject to some limited judicial oversight. Today's disclosure jibes with what Edward Snowden, the former NSA contractor who leaked top-secret documents, alleged in an online chat earlier this week. Snowden said, referring to the contents of e-mail and phone calls, that "Americans' communications are collected and viewed on a daily basis on the certification of an analyst rather than a warrant."

On Sunday, Director of National Intelligence James Clapper released a carefully-worded statement in response to a CNET article and other reports questioning when intelligence analysts can listen to domestic phone calls. Clapper said: "The statement that a single analyst can eavesdrop on domestic communications without proper legal authorization is incorrect and was not briefed to Congress." Clapper's statement was viewed as a denial, but it wasn't. Today's disclosures reveal why: Because the Justice Department granted intelligence analysts "proper legal authorization" in advance through the Holder regulations. "The DNI has a history of playing games with wording, using terms with carefully obscured meanings to leave an impression different from the truth," Kurt Opsahl, a senior staff attorney at the Electronic Frontier Foundation who has litigated domestic surveillance cases, told CNET earlier this week.

U.S. officials are alerting some foreign intelligence services that documents detailing their secret cooperation with the United States have been obtained by former National Security Agency contractor Edward Snowden, according to government officials.Snowden, U.S. officials said, took tens of thousands of documents, some of which contain sensitive material about collection programs against adversaries such as Iran, Russia and China. Some refer to operations that in some cases involve countries not publicly allied with the United States.The process of informing officials in capital after capital about the risk of disclosure is delicate. In some cases, one part of the cooperating government may know about the collaboration while others may not, the officials said. The documents, if disclosed, could compromise operations, officials said.

The Office of the Director of National Intelligence is handling the job of informing the other intelligence services, the officials said. ODNI declined to comment.

Snowden lifted the documents from a top secret network run by the Defense Intelligence Agency and used by intelligence arms of the Army, Air Force, Navy and Marines, according to sources, who spoke on the condition of anonymity to discuss sensitive matters.Snowden took 30,000 documents that involve the intelligence work of one of the services, the official said. He gained access to the documents through the Joint Worldwide Intelligence Communications System, or JWICS, for top secret/sensitive compartmented information, the sources said.The material in question does not deal with NSA surveillance but primarily with standard intelligence about other countries' military capabilities, including weapons systems-missiles, ships and jets, the officials say.

The National Security Agency has a secret backdoor into its vast databases under a legal authority enabling it to search for US citizens' email and phone calls without a warrant, according to a top-secret document passed to the Guardian by Edward Snowden.The previously undisclosed rule change allows NSA operatives to hunt for individual Americans' communications using their name or other identifying information. Senator Ron Wyden told the Guardian that the law provides the NSA with a loophole potentially allowing "warrantless searches for the phone calls or emails of law-abiding Americans".The authority, approved in 2011, appears to contrast with repeated assurances from Barack Obama and senior intelligence officials to both Congress and the American public that the privacy of US citizens is protected from the NSA's dragnet surveillance programs.

The intelligence data is being gathered under Section 702 of the of the Fisa Amendments Act (FAA), which gives the NSA authority to target without warrant the communications of foreign targets, who must be non-US citizens and outside the US at the point of collection.The communications of Americans in direct contact with foreign targets can also be collected without a warrant, and the intelligence agencies acknowledge that purely domestic communications can also be inadvertently swept into its databases. That process is known as "incidental collection" in surveillance parlance.But this is the first evidence that the NSA has permission to search those databases for specific US individuals' communications.

A secret glossary document provided to operatives in the NSA's Special Source Operations division – which runs the Prism program and large-scale cable intercepts through corporate partnerships with technology companies – details an update to the "minimization" procedures that govern how the agency must handle the communications of US persons. That group is defined as both American citizens and foreigners located in the US."While the FAA 702 minimization procedures approved on 3 October 2011 now allow for use of certain United States person names and identifiers as query terms when reviewing collected FAA 702 data," the glossary states, "analysts may NOT/NOT [not repeat not] implement any USP [US persons] queries until an effective oversight process has been developed by NSA and agreed to by DOJ/ODNI [Office of the Director of National Intelligence]."The term "identifiers" is NSA jargon for information relating to an individual, such as telephone number, email address, IP address and username as well as their name.The document – which is undated, though metadata suggests this version was last updated in June 2012 – does not say whether the oversight process it mentions has been established or whether any searches against US person names have taken place.

Four months from now, at the same time that the National Security Agency finally abandons the massive domestic telephone dragnet exposed by whistleblower Edward Snowden, it will also stop perusing the vast archive of data collected by the program. The NSA announced on Monday that it will expunge all the telephone metadata it previously swept up, citing Section 215 of the U.S.A Patriot Act. The program was ruled illegal by a federal appeals court in May. In June, Congress voted to end the program, but gave the NSA until the end of November to phase it out. The historical metadata —  records of American phone calls showing who called who, when, and for how long — will be put out of the reach of analysts on November 29, although technical personnel will have access for three more months. The program started 14 years ago, and operated under rules requiring data be retained for five years, and then destroyed.

The only possible hold-up, ironically, would be if any of the civil lawsuits prompted by the program prohibit the destruction of the data. “The telephony metadata” will be “preserved solely because of preservation obligations in pending civil litigation,” the Office of the Director of National Intelligence announced. “As soon as possible, NSA will destroy the Section 215 bulk telephony metadata upon expiration of its litigation preservation obligations.” ACLU staff attorney Alex Abdo told The Intercept his organization is “pleased that the NSA intends to purge the call records it has collected illegally.” But, he added: “Even with today’s pledge, the devil may be in the details.”

Does the National Security Agency (NSA) have the authority to collect and keep all encrypted Internet traffic for as long as is necessary to decrypt that traffic? That was a question first raised in June 2013, after the minimization procedures governing telephone and Internet records collected under Section 702 of the Foreign Intelligence Surveillance Act were disclosed by Edward Snowden. The issue quickly receded into the background, however, as the world struggled to keep up with the deluge of surveillance disclosures. The Intelligence Authorization Act of 2015, which passed Congress this last December, should bring the question back to the fore. It established retention guidelines for communications collected under Executive Order 12333 and included an exception that allows NSA to keep ‘incidentally’ collected encrypted communications for an indefinite period of time. This creates a massive loophole in the guidelines. NSA’s retention of encrypted communications deserves further consideration today, now that these retention guidelines have been written into law. It has become increasingly clear over the last year that surveillance reform will be driven by technological change—specifically by the growing use of encryption technologies. Therefore, any legislation touching on encryption should receive close scrutiny.

Section 309 of the intel authorization bill describes “procedures for the retention of incidentally acquired communications.” It establishes retention guidelines for surveillance programs that are “reasonably anticipated to result in the acquisition of [telephone or electronic communications] to or from a United States person.” Communications to or from a United States person are ‘incidentally’ collected because the U.S. person is not the actual target of the collection. Section 309 states that these incidentally collected communications must be deleted after five years unless they meet a number of exceptions. One of these exceptions is that “the communication is enciphered or reasonably believed to have a secret meaning.” This exception appears to be directly lifted from NSA’s minimization procedures for data collected under Section 702 of FISA, which were declassified in 2013. 

While Section 309 specifically applies to collection taking place under E.O. 12333, not FISA, several of the exceptions described in Section 309 closely match exceptions in the FISA minimization procedures. That includes the exception for “enciphered” communications. Those minimization procedures almost certainly served as a model for these retention guidelines and will likely shape how this new language is interpreted by the Executive Branch. Section 309 also asks the heads of each relevant member of the intelligence community to develop procedures to ensure compliance with new retention requirements. I expect those procedures to look a lot like the FISA minimization guidelines.

Canada’s electronic surveillance agency has secretly developed an arsenal of cyberweapons capable of stealing data and destroying adversaries’ infrastructure, according to newly revealed classified documents. Communications Security Establishment, or CSE, has also covertly hacked into computers across the world to gather intelligence, breaking into networks in Europe, Mexico, the Middle East and North Africa, the documents show. The revelations, reported Monday by CBC News in collaboration with The Intercept, shine a light for the first time on how Canada has adopted aggressive tactics to attack, sabotage and infiltrate targeted computer systems. The latest disclosures come as the Canadian government debates whether to hand over more powers to its spies to disrupt threats as part of the controversial anti-terrorism law, Bill C-51.

Christopher Parsons, a surveillance expert at the University of Toronto’s Citizen Lab, told CBC News that the new revelations showed that Canada’s computer networks had already been “turned into a battlefield without any Canadian being asked: Should it be done? How should it be done?” According to documents obtained by The Intercept from National Security Agency whistleblower Edward Snowden, CSE has a wide range of powerful tools to perform “computer network exploitation” and “computer network attack” operations. These involve hacking into networks to either gather intelligence or to damage adversaries’ infrastructure, potentially including electricity, transportation or banking systems. The most well-known example of a state-sponsored “attack” operation involved the use of Stuxnet, a computer worm that was reportedly developed by the United States and Israel to sabotage Iranian nuclear facilities. One document from CSE, dated from 2011, outlines the range of methods the Canadian agency has at its disposal as part of a “cyber activity spectrum” to both defend against hacking attacks and to perpetrate them. CSE says in the document that it can “disable adversary infrastructure,” “control adversary infrastructure,” or “destroy adversary infrastructure” using the attack techniques. It can also insert malware “implants” on computers to steal data.

According to one top-secret NSA briefing paper, dated from 2013, Canada is considered an important player in global hacking operations. Under the heading “NSA and CSEC cooperate closely in the following areas,” the paper notes that the agencies work together on “active computer network access and exploitation on a variety of foreign intelligence targets, including CT [counter terrorism], Middle East, North Africa, Europe, and Mexico.” (The NSA had not responded to a request for comment at time of publication. The agency has previously told The Intercept that it “works with foreign partners to address a wide array of serious threats, including terrorist plots, the proliferation of weapons of mass destruction, and foreign aggression.”) Notably, CSE has gone beyond just adopting a range of tools to hack computers. According to the Snowden documents, it has a range of “deception techniques” in its toolbox. These include “false flag” operations to “create unrest,” and using so-called “effects” operations to “alter adversary perception.” A false-flag operation usually means carrying out an attack, but making it look like it was performed by another group — in this case, likely another government or hacker. Effects operations can involve sending out propaganda across social media or disrupting communications services. The newly revealed documents also reveal that CSE says it can plant a “honeypot” as part of its deception tactics, possibly a reference to some sort of bait posted online that lures in targets so that they can be hacked or monitored.

Until just last week, the U.S. government kept up the charade that its use of a stockpile of security vulnerabilities for hacking was a closely held secret.1 In fact, in response to EFF’s FOIA suit to get access to the official U.S. policy on zero days, the government redacted every single reference to “offensive” use of vulnerabilities. To add insult to injury, the government’s claim was that even admitting to offensive use would cause damage to national security. Now, in the face of EFF’s brief marshaling overwhelming evidence to the contrary, the charade is over. In response to EFF’s motion for summary judgment, the government has disclosed a new version of the Vulnerabilities Equities Process, minus many of the worst redactions. First and foremost, it now admits that the “discovery of vulnerabilities in commercial information technology may present competing ‘equities’ for the [government’s] offensive and defensive mission.” That might seem painfully obvious—a flaw or backdoor in a Juniper router is dangerous for anyone running a network, whether that network is in the U.S. or Iran. But the government’s failure to adequately weigh these “competing equities” was so severe that in 2013 a group of experts appointed by President Obama recommended that the policy favor disclosure “in almost all instances for widely used code.” [.pdf].

The newly disclosed version of the Vulnerabilities Equities Process (VEP) also officially confirms what everyone already knew: the use of zero days isn’t confined to the spies. Rather, the policy states that the “law enforcement community may want to use information pertaining to a vulnerability for similar offensive or defensive purposes but for the ultimate end of law enforcement.” Similarly it explains that “counterintelligence equities can be defensive, offensive, and/or law enforcement-related” and may “also have prosecutorial responsibilities.” Given that the government is currently prosecuting users for committing crimes over Tor hidden services, and that it identified these individuals using vulnerabilities called a “Network Investigative Technique”, this too doesn’t exactly come as a shocker. Just a few weeks ago, the government swore that even acknowledging the mere fact that it uses vulnerabilities offensively “could be expected to cause serious damage to the national security.” That’s a standard move in FOIA cases involving classified information, even though the government unnecessarily classifies documents at an astounding rate. In this case, the government relented only after nearly a year and a half of litigation by EFF. The government would be well advised to stop relying on such weak secrecy claims—it only risks undermining its own credibility.

The new version of the VEP also reveals significantly more information about the general process the government follows when a vulnerability is identified. In a nutshell, an agency that discovers a zero day is responsible for invoking the VEP, which then provides for centralized coordination and weighing of equities among all affected agencies. Along with a declaration from an official at the Office of the Director of National Intelligence, this new information provides more background on the reasons why the government decided to develop an overarching zero day policy in the first place: it “recognized that not all organizations see the entire picture of vulnerabilities, and each organization may have its own equities and concerns regarding the prioritization of patches and fixes, as well as its own distinct mission obligations.” We now know the VEP was finalized in February 2010, but the government apparently failed to implement it in any substantial way, prompting the presidential review group’s recommendation to prioritize disclosure over offensive hacking. We’re glad to have forced a little more transparency on this important issue, but the government is still foolishly holding on to a few last redactions, including refusing to name which agencies participate in the VEP. That’s just not supportable, and we’ll be in court next month to argue that the names of these agencies must be disclosed. 

The first (and thus far only) roll-back of post-9/11 surveillance authorities was implemented over the weekend: The National Security Agency shuttered its program for collecting and holding the metadata of Americans’ phone calls under Section 215 of the Patriot Act. While bulk collection under Section 215 has ended, the government can obtain access to this information under the procedures specified in the USA Freedom Act. Indeed, some experts have argued that the Agency likely has access to more metadata because its earlier dragnet didn’t cover cell phones or Internet calling. In addition, the metadata of calls made by an individual in the United States to someone overseas and vice versa can still be collected in bulk — this takes place abroad under Executive Order 12333. No doubt the NSA wishes that this was the end of the surveillance reform story and the Paris attacks initially gave them an opening. John Brennan, the Director of the CIA, implied that the attacks were somehow related to “hand wringing” about spying and Sen. Tom Cotton (R-Ark.) introduced a bill to delay the shut down of the 215 program. Opponents of encryption were quick to say: “I told you so.”

But the facts that have emerged thus far tell a different story. It appears that much of the planning took place IRL (that’s “in real life” for those of you who don’t have teenagers). The attackers, several of whom were on law enforcement’s radar, communicated openly over the Internet. If France ever has a 9/11 Commission-type inquiry, it could well conclude that the Paris attacks were a failure of the intelligence agencies rather than a failure of intelligence authorities. Despite the passage of the USA Freedom Act, US surveillance authorities have remained largely intact. Section 702 of the FISA Amendments Act — which is the basis of programs like PRISM and the NSA’s Upstream collection of information from Internet cables — sunsets in the summer of 2017. While it’s difficult to predict the political environment that far out, meaningful reform of Section 702 faces significant obstacles. Unlike the Section 215 program, which was clearly aimed at Americans, Section 702 is supposedly targeted at foreigners and only picks up information about Americans “incidentally.” The NSA has refused to provide an estimate of how many Americans’ information it collects under Section 702, despite repeated requests from lawmakers and most recently a large cohort of advocates. The Section 215 program was held illegal by two federal courts (here and here), but civil attempts to challenge Section 702 have run into standing barriers. Finally, while two review panels concluded that the Section 215 program provided little counterterrorism benefit (here and here), they found that the Section 702 program had been useful.

There is, nonetheless, some pressure to narrow the reach of Section 702. The recent decision by the European Court of Justice in the safe harbor case suggests that data flows between Europe and the US may be restricted unless the PRISM program is modified to protect the information of Europeans (see here, here, and here for discussion of the decision and reform options). Pressure from Internet companies whose business is suffering — estimates run to the tune of $35 to 180 billion — as a result of disclosures about NSA spying may also nudge lawmakers towards reform. One of the courts currently considering criminal cases which rely on evidence derived from Section 702 surveillance may hold the program unconstitutional either on the basis of the Fourth Amendment or Article III for the reasons set out in this Brennan Center report. A federal district court in Colorado recently rejected such a challenge, although as explained in Steve’s post, the decision did not seriously explore the issues. Further litigation in the European courts too could have an impact on the debate.