Group items tagged

Hillary Clinton E-Mail Controversy Illuminates Government-Wide Failure National Security Archive Lawsuit Established E-Mails as Records in 1993 CIO Council Repeats as Rosemary "Winner" for Doubling Down On "Lifetime Failure" Only White House Saves Its E-Mail Electronically, Agencies No Deadline Until 2016

The Federal Chief Information Officers (CIO) Council has won the infamous Rosemary Award for worst open government performance of 2014, according to the citation published today by the National Security Archive at www.nsarchive.org. The National Security Archive had hoped that awarding the 2010 Rosemary Award to the Federal Chief Information Officers Council for never addressing the government's "lifetime failure" of saving its e-mail electronically would serve as a government-wide wakeup call that saving e-mails was a priority. Fallout from the Hillary Clinton e-mail debacle shows, however, that rather than "waking up," the top officials have opted to hit the "snooze" button. The Archive established the not-so-coveted Rosemary Award in 2005, named after President Nixon's secretary, Rose Mary Woods, who testified she had erased 18-and-a-half minutes of a crucial Watergate tape — stretching, as she showed photographers, to answer the phone with her foot still on the transcription pedal. Bestowed annually to highlight the lowlights of government secrecy, the Rosemary Award has recognized a rogue's gallery of open government scofflaws, including the CIA, the Treasury Department, the Air Force, the FBI, the Justice Department, and Director of National Intelligence James Clapper.

Chief Information Officer of the United States Tony Scott was appointed to lead the Federal CIO Council on February 5, 2015, and his brief tenure has already seen more references in the news media to the importance of maintaining electronic government records, including e-mail, and the requirements of the Federal Records Act, than the past five years. Hopefully Mr. Scott, along with Office of Management & Budget Deputy Director for Management Ms. Beth Cobert will embrace the challenge of their Council being named a repeat Rosemary Award winner and use it as a baton to spur change rather than a cross to bear.

The USA PATRIOT Act granted the government powerful new spying capabilities that have grown out of control—but the provision that the FBI and NSA have been using to collect the phone records of millions of innocent people expires on June 1. Tell Congress: it’s time to rethink out-of-control spying. A vote to reauthorize Section 215 is a vote against the Constitution.

On June 5, 2013, the Guardian published a secret court order showing that the NSA has interpreted Section 215 to mean that, with the help of the FBI, it can collect the private calling records of millions of innocent people. The government could even try to use Section 215 for bulk collection of financial records. The NSA’s defenders argue that invading our privacy is the only way to keep us safe. But the White House itself, along with the President’s Review Board has said that the government can accomplish its goals without bulk telephone records collection. And the Privacy and Civil Liberties Oversight Board said, “We have not identified a single instance involving a threat to the United States in which [bulk collection under Section 215 of the PATRIOT Act] made a concrete difference in the outcome of a counterterrorism investigation.” Since June of 2013, we’ve continued to learn more about how out of control the NSA is. But what has not happened since June is legislative reform of the NSA. There have been myriad bipartisan proposals in Congress—some authentic and some not—but lawmakers didn’t pass anything. We need comprehensive reform that addresses all the ways the NSA has overstepped its authority and provides the NSA with appropriate and constitutional tools to keep America safe. In the meantime, tell Congress to take a stand. A vote against reauthorization of Section 215 is a vote for the Constitution.

There's been a lot of focus elsewhere concerning the FISA rulings that were leaked, showing that the government is scooping up the details of pretty much every phone call. However, a case concerning some guys who were trying to rob an armored truck may lead to some interesting revelations related to what the government collects. Daryl Davis, Hasam Williams, Terrance Brown, Toriano Johnson, and Joseph K. Simmons were charged with trying to rob a bunch of armored Brink's trucks, in which one of the robberies went wrong and a Brink's employee was shot and killed. As part of the case against the group, the DOJ obtained call records. However, during discovery, the government refused to hand over call records for July of 2010, claiming that when they sought them from the telco, the DOJ was told that those records had been purged. Terrance Brown's lawyer is now claiming that since it appears the NSA has sucked up all of this data for quite some time, it would appear that the government should, in fact, already have the phone records from July 2010, which he argues would show that he was nowhere near the robbery when it happened. Defendant Brown urges that the records are important to his defense because cell-site records could be used to show that Brown was not in the vicinity of the attempted robbery that allegedly occurred in July 2010. And, relying on a June 5, 2013, Guardian newspaper article that published a FISA Court order relating to cellular telephone data collected by Verizon,1 Defendant Brown now suggests that the Government likely actually does possess the metadata relating to telephone calls made in July 2010 from the two numbers attributed to Defendant Brown.

The court agrees that, under the law, the government may need to produce those records. Here, Defendant asserts that, under Brady v. Maryland, 373 U.S. 83 (1963), due process requires the production of the July 2010 telephone records because they are anticipated to be exculpatory in that they are expected to show that Defendant Brown was not physically located at the scene of the alleged attempted Brink’s truck robbery in July 2010. In view of Defendant Brown’s Motion and the requirements of FISA, it is hereby ORDERED and ADJUDGED that the Government shall respond to Defendant Brown’s Motion and, if desired, shall file an affidavit of the Attorney General of the United States. That order was actually issued Monday, only giving the government until yesterday to comply. At the time of posting, the government's reply has not yet shown up in PACER, though it may pop up soon. I'm guessing that they'll try to either get some sort of extension or explain why those records are somehow inaccessible -- but it could get interesting.

The US has set a new record for denying and censoring federal files under the Freedom of Information Act, analysis by the Associated Press reveals. For the second consecutive year, the Obama administration more often than ever censored government files or outright denied access to them under the open-government legislation. The government took longer to turn over files when it provided any, said more regularly that it couldn’t find documents, and refused a record number of times to turn over files quickly that might be especially newsworthy.

It also acknowledged in nearly one in three cases that its initial decisions to withhold or censor records were improper under the law – but only when it was challenged. Its backlog of unanswered requests at year’s end grew remarkably by 55% to more than 200,000. The government’s new figures, published Tuesday, covered all requests to 100 federal agencies during fiscal 2014 under the Freedom of Information law, which is heralded globally as a model for transparent government. They showed that despite disappointments and failed promises by the White House to make meaningful improvements in the way it releases records, the law was more popular than ever. Citizens, journalists, businesses and others made a record 714,231 requests for information. The US spent a record $434m trying to keep up.

The government responded to 647,142 requests, a 4% decrease over the previous year. The government more than ever censored materials it turned over or fully denied access to them, in 250,581 cases or 39% of all requests. Sometimes, the government censored only a few words or an employee’s phone number, but other times it completely marked out nearly every paragraph on pages. On 215,584 other occasions, the government said it couldn’t find records, a person refused to pay for copies or the government determined the request to be unreasonable or improper. The White House touted its success under its own analysis. It routinely excludes from its assessment instances when it couldn’t find records, a person refused to pay for copies or the request was determined to be improper under the law, and said under this calculation it released all or parts of records in 91% of requests – still a record low since Barack Obama took office using the White House’s own math.

Secret mass surveillance conducted by the Drug Enforcement Administration is falling under renewed scrutiny after fresh revelations about the broad scope of the agency’s electronic spying. On Tuesday, USA Today reported that for more than two decades, dating back to 1992, the DEA and the Justice Department “amassed logs of virtually all telephone calls from the USA to as many as 116 countries linked to drug trafficking.” Citing anonymous current and former officials “involved with the operation,” USA Today reported that Americans’ calls were logged between the United States and targeted countries and regions including Canada, Mexico, and Central and South America.

The DEA’s data dragnet was apparently shut down by Attorney General Eric Holder in September 2013. But on Wednesday, following USA Today’s report, Human Rights Watch launched a lawsuit against the DEA over its bulk collection of phone records and is seeking a retrospective declaration that the surveillance was unlawful. The latest revelations shine more light on the broad scope of the DEA’s involvement in mass surveillance programs, which can be traced back to a secret program named “Project Crisscross” in the early 1990s, as The Intercept previously revealed. Documents from National Security Agency whistleblower Edward Snowden, published by The Intercept in August last year, showed that the DEA was involved in collecting and sharing billions of phone records alongside agencies such as the NSA, the CIA and the FBI.

The vast program reported on by USA Today shares some of the same hallmarks of Project Crisscross: it began in the early 1990s, was ostensibly aimed at gathering intelligence about drug trafficking, and targeted countries worldwide, with focus on Central and South America. It is also reminiscent of the so-called Hemisphere Project, a DEA operation revealed in September 2013 by The New York Times, which dated as far back as 1987, and used subpoenas to collect vast amounts of international call records every day. There is crossover, too, with a DEA database called DICE, revealed by Reuters in August 2013, which reportedly contains phone and Internet communication records gathered by the DEA through subpoenas and search warrants nationwide. The precise relationship between Crisscross, DICE, Hemisphere and the surveillance program revealed by USA Today is unclear. Whether or not they were part of a single overarching operation, the phone records and other data collected by each were likely accessible to DEA agents through the same computer interfaces and search and analysis tools.

Less than a week after the attacks in Paris — while the public and policymakers were still reeling, and the investigation had barely gotten off the ground — Cy Vance, Manhattan’s District Attorney, released a policy paper calling for legislation requiring companies to provide the government with backdoor access to their smartphones and other mobile devices. This is the first concrete proposal of this type since September 2014, when FBI Director James Comey reignited the “Crypto Wars” in response to Apple’s and Google’s decisions to use default encryption on their smartphones. Though Comey seized on Apple’s and Google’s decisions to encrypt their devices by default, his concerns are primarily related to end-to-end encryption, which protects communications that are in transit. Vance’s proposal, on the other hand, is only concerned with device encryption, which protects data stored on phones. It is still unclear whether encryption played any role in the Paris attacks, though we do know that the attackers were using unencrypted SMS text messages on the night of the attack, and that some of them were even known to intelligence agencies and had previously been under surveillance. But regardless of whether encryption was used at some point during the planning of the attacks, as I lay out below, prohibiting companies from selling encrypted devices would not prevent criminals or terrorists from being able to access unbreakable encryption. Vance’s primary complaint is that Apple’s and Google’s decisions to provide their customers with more secure devices through encryption interferes with criminal investigations. He claims encryption prevents law enforcement from accessing stored data like iMessages, photos and videos, Internet search histories, and third party app data. He makes several arguments to justify his proposal to build backdoors into encrypted smartphones, but none of them hold water.

Before addressing the major privacy, security, and implementation concerns that his proposal raises, it is worth noting that while an increase in use of fully encrypted devices could interfere with some law enforcement investigations, it will help prevent far more crimes — especially smartphone theft, and the consequent potential for identity theft. According to Consumer Reports, in 2014 there were more than two million victims of smartphone theft, and nearly two-thirds of all smartphone users either took no steps to secure their phones or their data or failed to implement passcode access for their phones. Default encryption could reduce instances of theft because perpetrators would no longer be able to break into the phone to steal the data.

Vance argues that creating a weakness in encryption to allow law enforcement to access data stored on devices does not raise serious concerns for security and privacy, since in order to exploit the vulnerability one would need access to the actual device. He considers this an acceptable risk, claiming it would not be the same as creating a widespread vulnerability in encryption protecting communications in transit (like emails), and that it would be cheap and easy for companies to implement. But Vance seems to be underestimating the risks involved with his plan. It is increasingly important that smartphones and other devices are protected by the strongest encryption possible. Our devices and the apps on them contain astonishing amounts of personal information, so much that an unprecedented level of harm could be caused if a smartphone or device with an exploitable vulnerability is stolen, not least in the forms of identity fraud and credit card theft. We bank on our phones, and have access to credit card payments with services like Apple Pay. Our contact lists are stored on our phones, including phone numbers, emails, social media accounts, and addresses. Passwords are often stored on people’s phones. And phones and apps are often full of personal details about their lives, from food diaries to logs of favorite places to personal photographs. Symantec conducted a study, where the company spread 50 “lost” phones in public to see what people who picked up the phones would do with them. The company found that 95 percent of those people tried to access the phone, and while nearly 90 percent tried to access private information stored on the phone or in other private accounts such as banking services and email, only 50 percent attempted contacting the owner.

(AP) — The U.S. government is looking at ways to prevent anyone from spying on its own surveillance of Americans' phone records. As the Obama administration considers shifting the collection of those records from the National Security Agency to requiring that they be stored at phone companies or elsewhere, it's quietly funding research to prevent phone company employees or eavesdroppers from seeing whom the U.S. is spying on, The Associated Press has learned. The Office of the Director of National Intelligence has paid at least five research teams across the country to develop a system for high-volume, encrypted searches of electronic records kept outside the government's possession. The project is among several ideas that would allow the government to discontinue storing Americans' phone records, but still search them as needed.

Under the research, U.S. data mining would be shielded by secret coding that could conceal identifying details from outsiders and even the owners of the targeted databases, according to public documents obtained by The Associated Press and AP interviews with researchers, corporate executives and government officials.

Internal documents describing the Security and Privacy Assurance Research project do not cite the NSA or its phone surveillance program. But if the project were to prove successful, its encrypted search technology could pave the way for the government to shift storage of the records from NSA computers to either phone companies or a third-party organization. A DNI spokesman, Michael Birmingham, confirmed that the research was relevant to the NSA's phone records program. He cited "interest throughout the intelligence community" but cautioned that it may be some time before the technology is used. The intelligence director's office is by law exempt from disclosing detailed budget figures, so it's unclear how much money the government has spent on the SPAR project, which is overseen by the DNI's Intelligence Advanced Research Projects Activity office. Birmingham said the research is aimed for use in a "situation where a large sensitive data set is held by one party which another seeks to query, preserving privacy and enforcing access policies."

The National Security Agency is secretly intercepting, recording, and archiving the audio of virtually every cell phone conversation on the island nation of the Bahamas. According to documents provided by NSA whistleblower Edward Snowden, the surveillance is part of a top-secret system – code-named SOMALGET – that was implemented without the knowledge or consent of the Bahamian government. Instead, the agency appears to have used access legally obtained in cooperation with the U.S. Drug Enforcement Administration to open a backdoor to the country’s cellular telephone network, enabling it to covertly record and store the “full-take audio” of every mobile call made to, from and within the Bahamas – and to replay those calls for up to a month. SOMALGET is part of a broader NSA program called MYSTIC, which The Intercept has learned is being used to secretly monitor the telecommunications systems of the Bahamas and several other countries, including Mexico, the Philippines, and Kenya. But while MYSTIC scrapes mobile networks for so-called “metadata” – information that reveals the time, source, and destination of calls – SOMALGET is a cutting-edge tool that enables the NSA to vacuum up and store the actual content of every conversation in an entire country.

All told, the NSA is using MYSTIC to gather personal data on mobile calls placed in countries with a combined population of more than 250 million people. And according to classified documents, the agency is seeking funding to export the sweeping surveillance capability elsewhere. The program raises profound questions about the nature and extent of American surveillance abroad. The U.S. intelligence community routinely justifies its massive spying efforts by citing the threats to national security posed by global terrorism and unpredictable rival nations like Russia and Iran. But the NSA documents indicate that SOMALGET has been deployed in the Bahamas to locate “international narcotics traffickers and special-interest alien smugglers” – traditional law-enforcement concerns, but a far cry from derailing terror plots or intercepting weapons of mass destruction.

By targeting the Bahamas’ entire mobile network, the NSA is intentionally collecting and retaining intelligence on millions of people who have not been accused of any crime or terrorist activity. Nearly five million Americans visit the country each year, and many prominent U.S. citizens keep homes there, including Sen. Tom Harkin (D-Iowa), Bill Gates, and Oprah Winfrey.

Twenty-two organizations including Unitarian church groups, gun ownership advocates, and a broad coalition of membership and political advocacy organizations filed suit against the National Security Agency for violating their First Amendment right of association by illegally collecting their call records. The coalition is represented by EFF. At the heart of First Unitarian Church of Los Angeles v. NSA is the bulk telephone records collection program that was confirmed by the publication of an order from the Foreign Intelligence Surveillance Court (FISC) in June of 2013. The Director of National Intelligence (DNI) further confirmed that this formerly secret document was authentic, and part of a broader program to collect all major telecommunications customers’ call history. The order demands wholesale collection of every call made, the location of the phone, the time of the call, the duration of the call, and other “identifying information” for every phone and call for all customers of Verizon for a period of three months. Government officials further confirmed that this was just one of series of orders issued on a rolling basis since at least 2006. First Unitarian v. NSA argues that this spying violates the First Amendment, which protects the freedom to associate and express political views as a group.

Twenty-two organizations including Unitarian church groups, gun ownership advocates, and a broad coalition of membership and political advocacy organizations filed suit against the National Security Agency for violating their First Amendment right of association by illegally collecting their call records. The coalition is represented by EFF. At the heart of First Unitarian Church of Los Angeles v. NSA is the bulk telephone records collection program that was confirmed by the publication of an order from the Foreign Intelligence Surveillance Court (FISC) in June of 2013. The Director of National Intelligence (DNI) further confirmed that this formerly secret document was authentic, and part of a broader program to collect all major telecommunications customers’ call history. The order demands wholesale collection of every call made, the location of the phone, the time of the call, the duration of the call, and other “identifying information” for every phone and call for all customers of Verizon for a period of three months. Government officials further confirmed that this was just one of series of orders issued on a rolling basis since at least 2006. First Unitarian v. NSA argues that this spying violates the First Amendment, which protects the freedom to associate and express political views as a group.

The case challenges the mass telephone records collection that was confirmed by the FISA Order that was published on June 5, 2013 and confirmed by the Director of National Intelligence (DNI) on June 6, 2013. The DNI confirmed that the collection was “broad in scope” and conducted under the “business records” provision of the Foreign Intelligence Surveillance Act, also known as section 215 of the Patriot Act and 50 U.S.C. section 1861. The facts have long been part of EFF’s Jewel v. NSA case. The case does not include section 702 programs, which includes the recently made public and called the PRISM program or the fiber optic splitter program that is included (along with the telephone records program) in the Jewel v. NSA case. 

The Obama administration is preparing to unveil a legislative proposal for a far-reaching overhaul of the National Security Agency’s once-secret bulk phone records program in a way that — if approved by Congress — would end the aspect that has most alarmed privacy advocates since its existence was leaked last year, according to senior administration officials.Under the proposal, they said, the N.S.A. would end its systematic collection of data about Americans’ calling habits. The bulk records would stay in the hands of phone companies, which would not be required to retain the data for any longer than they normally would. And the N.S.A. could obtain specific records only with permission from a judge, using a new kind of court order. In a speech in January, President Obama said he wanted to get the N.S.A. out of the business of collecting call records in bulk while preserving the program’s abilities. He acknowledged, however, that there was no easy way to do so, and had instructed Justice Department and intelligence officials to come up with a plan by March 28 — Friday — when the current court order authorizing the program expires.

As part of the proposal, the administration has decided to ask the Foreign Intelligence Surveillance Court to renew the program as it exists for at least one more 90-day cycle, senior administration officials said. But under the plan the administration has developed and now advocates, the officials said, it would later undergo major changes. The new type of surveillance court orders envisioned by the administration would require phone companies to swiftly provide records in a technologically compatible data format, including making available, on a continuing basis, data about any new calls placed or received after the order is received, the officials said. They would also allow the government to swiftly seek related records for callers up to two phone calls, or “hops,” removed from the number that has come under suspicion, even if those callers are customers of other companies.

The N.S.A. now retains the phone data for five years. But the administration considered and rejected imposing a mandate on phone companies that they hold on to their customers’ calling records for a period longer than the 18 months that federal regulations already generally require — a burden that the companies had resisted shouldering and that was seen as a major obstacle to keeping the data in their hands. A senior administration official said that intelligence agencies had concluded that the operational impact of that change would be small because older data is less important.The N.S.A. uses the once-secret call records program — sometimes known as the 215 program, after Section 215 of the Patriot Act — to analyze links between callers in an effort to identify hidden terrorist associates, if they exist. It was part of the secret surveillance program that President George W. Bush unilaterally put in place after the terrorist attacks of Sept. 11, 2001, outside of any legal framework or court oversight.

The nation’s top technology firms and a coalition of privacy groups are urging Congress to place curbs on government surveillance in the face of a fast-approaching deadline for legislative action. A set of key Patriot Act surveillance authorities expire June 1, but the effective date is May 21 — the last day before Congress breaks for a Memorial Day recess. In a letter to be sent Wednesday to the Obama administration and senior lawmakers, the coalition vowed to oppose any legislation that, among other things, does not ban the “bulk collection” of Americans’ phone records and other data.

We know that there are some in Congress who think that they can get away with reauthorizing the expiring provisions of the Patriot Act without any reforms at all,” said Kevin Bankston, policy director of New America Foundation’s Open Technology Institute, a privacy group that organized the effort. “This letter draws a line in the sand that makes clear that the privacy community and the Internet industry do not intend to let that happen without a fight.” At issue is the bulk collection of Americans’ data by intelligence agencies such as the National Security Agency. The NSA’s daily gathering of millions of records logging phone call times, lengths and other “metadata” stirred controversy when it was revealed in June 2013 by former NSA contractor Edward Snowden. The records are placed in a database that can, with a judge’s permission, be searched for links to foreign terrorists.They do not include the content of conversations.

That program, placed under federal surveillance court oversight in 2006, was authorized by the court in secret under Section 215 of the Patriot Act — one of the expiring provisions. The public outcry that ensued after the program was disclosed forced President Obama in January 2014 to call for an end to the NSA’s storage of the data. He also appealed to Congress to find a way to preserve the agency’s access to the data for counterterrorism information.

HERE WAS A SIMPLE AIM at the heart of the top-secret program: Record the website browsing habits of “every visible user on the Internet.” Before long, billions of digital records about ordinary people’s online activities were being stored every day. Among them were details cataloging visits to porn, social media and news websites, search engines, chat forums, and blogs. The mass surveillance operation — code-named KARMA POLICE — was launched by British spies about seven years ago without any public debate or scrutiny. It was just one part of a giant global Internet spying apparatus built by the United Kingdom’s electronic eavesdropping agency, Government Communications Headquarters, or GCHQ. The revelations about the scope of the British agency’s surveillance are contained in documents obtained by The Intercept from National Security Agency whistleblower Edward Snowden. Previous reports based on the leaked files have exposed how GCHQ taps into Internet cables to monitor communications on a vast scale, but many details about what happens to the data after it has been vacuumed up have remained unclear.

Amid a renewed push from the U.K. government for more surveillance powers, more than two dozen documents being disclosed today by The Intercept reveal for the first time several major strands of GCHQ’s existing electronic eavesdropping capabilities.

The surveillance is underpinned by an opaque legal regime that has authorized GCHQ to sift through huge archives of metadata about the private phone calls, emails and Internet browsing logs of Brits, Americans, and any other citizens — all without a court order or judicial warrant

If you’re reading this, then I’m willing to bet that you’ve been called many different names throughout your life. If I were to hazard a guess, I would say they were names like kook, paranoid, conspiracy theorist, alarmist, insane, or gullible. And after this week, you can go by a new name: Vindicated. I’m of course talking about recent revelations from the NSA. Long before Edward Snowden came along, it was no secret that the NSA was spying on everyone without good cause. Anyone who believed that fact was called a conspiracy theorist, but their fears were eventually validated. These same people also understood that the NSA’s surveillance powers would never be used exclusively against terrorists and hostile governments. The power they have is just too tempting for any government. If various government agencies weren’t using the NSA’s surveillance apparatus to solve domestic crimes, it was only a matter of time before it was used for just that.

And again, they called us conspiracy theorists for believing that. And again, we were right all long. A while back, we noted a report showing that the “sneak-and-peek” provision of the Patriot Act that was alleged to be used only in national security and terrorism investigations has overwhelmingly been used in narcotics cases. Now the New York Times reports that National Security Agency data will be shared with other intelligence agencies like the FBI without first applying any screens for privacy. The ACLU of Massachusetts blog Privacy SOS explains why this is important: What does this rule change mean for you? In short, domestic law enforcement officials now have access to huge troves of American communications, obtained without warrants, that they can use to put people in cages. FBI agents don’t need to have any “national security” related reason to plug your name, email address, phone number, or other “selector” into the NSA’s gargantuan data trove. They can simply poke around in your private information in the course of totally routine investigations. And if they find something that suggests, say, involvement in illegal drug activity, they can send that information to local or state police. That means information the NSA collects for purposes of so-called “national security” will be used by police to lock up ordinary Americans for routine crimes.

Anybody who knows anything about how governments work, should not surprised. You can’t give them any kind of power, and expect them to use it responsibly. You can’t give them any stipulations. Eventually they’ll find a legal loophole to work around any limitations that have been placed on them. In other news, the Pentagon admitted this week that they’ve been deploying military drones over the United States for domestic surveillance purposes. Much like the NSA’s surveillance apparatus, we were assured that drones were for terrorists in faraway lands. Nothing so Orwellian would ever be used against ordinary American citizens at home. Yet here we are, with more to come.

U. S. Senators Ron Wyden (D-Ore.) and Mark Udall (D-Colo.), both members of the Senate Intelligence Committee, released the following statement regarding the recent disclosure by intelligence officials that the NSA operated a bulk email records collection program under the authority of the Patriot Act until 2011.  This program is distinct from the internet-related collection carried out under section 702 of the FISA Amendments Act (which involves the PRISM computer system).   “We are quite familiar with the bulk email records collection program that operated under the USA Patriot Act and has now been confirmed by senior intelligence officials.  We were very concerned about this program’s impact on Americans’ civil liberties and privacy rights, and we spent a significant portion of 2011 pressing intelligence officials to provide evidence of its effectiveness.  They were unable to do so, and the program was shut down that year.  

“As we have noted, the Patriot Act’s surveillance authorities are not limited to phone records.  In fact, section 215 of the Patriot Act can be used to collect any type of records whatsoever.  The fact that Patriot Act authorities were used for the bulk collection of email records as well as phone records underscores our concern that this authority could be used to collect other types of records in bulk as well, including information on credit card purchases, medical records, library records, firearm sales records, financial information and a range of other sensitive subjects.  These other types of collection could clearly have a significant impact on Americans’ constitutional rights.   “Intelligence officials have noted that the bulk email records program was discussed with both Congress and the Foreign Intelligence Surveillance Court.  In our judgment it is also important to note that intelligence agencies made statements to both Congress and the Court that significantly exaggerated this program’s effectiveness.  This experience demonstrates to us that intelligence agencies’ assessments of the usefulness of particular collection programs – even significant ones – are not always accurate.  This experience has also led us to be skeptical of claims about the value of the bulk phone records collection program in particular.  

“We believe that the broader lesson here is that even though intelligence officials may be well-intentioned, assertions from intelligence agencies about the value and effectiveness of particular programs should not simply be accepted at face value by policymakers or oversight bodies any more than statements about the usefulness of other government programs should be taken at face value when they are made by other government officials.  It is up to Congress, the courts and the public to ask the tough questions and press even experienced intelligence officials to back their assertions up with actual evidence, rather than simply deferring to these officials’ conclusions without challenging them.   “We look forward to continuing the debate about the effectiveness of the ongoing Patriot Act phone records collection program in the days and weeks ahead.”

On March 12, 2004, acting attorney general James B. Comey and the Justice Department’s top leadership reached the brink of resignation over electronic surveillance orders that they believed to be illegal. President George W. Bush backed down, halting secret foreign-intelligence-gathering operations that had crossed into domestic terrain. That morning marked the beginning of the end of STELLARWIND, the cover name for a set of four surveillance programs that brought Americans and American territory within the domain of the National Security Agency for the first time in decades. It was also a prelude to new legal structures that allowed Bush and then President Obama to reproduce each of those programs and expand their reach.What exactly STELLARWIND did has never been disclosed in an unclassified form. Which parts of it did Comey approve? Which did he shut down? What became of the programs when the crisis passed and Comey, now Obama’s expected nominee for FBI director, returned to private life?Authoritative new answers to those questions, drawing upon a classified NSA history of STELLARWIND and interviews with high-ranking intelligence officials, offer the clearest map yet of the Bush-era programs and the NSA’s contemporary U.S. operations.STELLARWIND was succeeded by four major lines of intelligence collection in the territorial United States, together capable of spanning the full range of modern telecommunications, according to the interviews and documents.

Two of the four collection programs, one each for telephony and the Internet, process trillions of “metadata” records for storage and analysis in systems called MAINWAY and MARINA, respectively. Metadata includes highly revealing information about the times, places, devices and participants in electronic communication, but not its contents. The bulk collection of telephone call records from Verizon Business Services, disclosed this month by the British newspaper the Guardian, is one source of raw intelligence for MAINWAY.The other two types of collection, which operate on a much smaller scale, are aimed at content. One of them intercepts telephone calls and routes the spoken words to a system called ­NUCLEON.For Internet content, the most important source collection is the PRISM project reported on June 6 by The Washington Post and the Guardian. It draws from data held by Google, Yahoo, Microsoft and other Silicon Valley giants, collectively the richest depositories of personal information in history.

The debate has focused on two of the four U.S.-based collection programs: PRISM, for Internet content, and the comprehensive collection of telephone call records, foreign and domestic, that the Guardian revealed by posting a classified order from the Foreign Intelligence Surveillance Court to Verizon Business Services.The Post has learned that similar orders have been renewed every three months for other large U.S. phone companies, including Bell South and AT&T, since May 24, 2006. On that day, the surveillance court made a fundamental shift in its approach to Section 215 of the Patriot Act, which permits the FBI to compel production of “business records” that are relevant to a particular terrorism investigation and to share those in some circumstances with the NSA. Henceforth, the court ruled, it would define the relevant business records as the entirety of a telephone company’s call database.The Bush administration, by then, had been taking “bulk metadata” from the phone companies under voluntary agreements for more than four years. The volume of information overwhelmed the MAINWAY database, according to a classified report from the NSA inspector general in 2009. The agency spent $146 million in supplemental counterterrorism funds to buy new hardware and contract support — and to make unspecified payments to the phone companies for “collaborative partnerships.”When the New York Times revealed the warrantless surveillance of voice calls, in December 2005, the telephone companies got nervous. One of them, unnamed in the report, approached the NSA with a request. Rather than volunteer the data, at a price, the “provider preferred to be compelled to do so by a court order,” the report said. Other companies followed suit. The surveillance court order that recast the meaning of business records “essentially gave NSA the same authority to collect bulk telephony metadata from business records that it had” under Bush’s asserted authority alone.

The U.S. government started keeping secret records of Americans' international telephone calls nearly a decade before the Sept. 11 terrorist attacks, harvesting billions of calls in a program that provided a blueprint for the far broader National Security Agency surveillance that followed.For more than two decades, the Justice Department and the Drug Enforcement Administration amassed logs of virtually all telephone calls from the USA to as many as 116 countries linked to drug trafficking, current and former officials involved with the operation said. The targeted countries changed over time but included Canada, Mexico and most of Central and South America.Federal investigators used the call records to track drug cartels' distribution networks in the USA, allowing agents to detect previously unknown trafficking rings and money handlers. They also used the records to help rule out foreign ties to the bombing in 1995 of a federal building in Oklahoma City and to identify U.S. suspects in a wide range of other investigations.The Justice Department revealed in January that the DEA had collected data about calls to "designated foreign countries." But the history and vast scale of that operation have not been disclosed until now.

The now-discontinued operation, carried out by the DEA's intelligence arm, was the government's first known effort to gather data on Americans in bulk, sweeping up records of telephone calls made by millions of U.S. citizens regardless of whether they were suspected of a crime. It was a model for the massive phone surveillance system the NSA launched to identify terrorists after the Sept. 11 attacks. That dragnet drew sharp criticism that the government had intruded too deeply into Americans' privacy after former NSA contractor Edward Snowden leaked it to the news media two years ago.More than a dozen current and former law enforcement and intelligence officials described the details of the Justice Department operation to USA TODAY. Most did so on the condition of anonymity because they were not authorized to publicly discuss the intelligence program, part of which remains classified.The DEA program did not intercept the content of Americans' calls, but the records — which numbers were dialed and when — allowed agents to map suspects' communications and link them to troves of other police and intelligence data. At first, the drug agency did so with help from military computers and intelligence analysts

The extent of that surveillance alarmed privacy advocates, who questioned its legality. "This was aimed squarely at Americans," said Mark Rumold, an attorney with the Electronic Frontier Foundation. "That's very significant from a constitutional perspective."Holder halted the data collection in September 2013 amid the fallout from Snowden's revelations about other surveillance programs. In its place, current and former officials said the drug agency sends telecom companies daily subpoenas for international calling records involving only phone numbers that agents suspect are linked to the drug trade or other crimes — sometimes a thousand or more numbers a day.Tuesday, Justice Department spokesman Patrick Rodenbush said the DEA "is no longer collecting bulk telephony metadata from U.S. service providers." A DEA spokesman declined to comment.

WASHINGTON (AP) -- The Obama administration has been quietly advising local police not to disclose details about surveillance technology they are using to sweep up basic cellphone data from entire neighborhoods, The Associated Press has learned. Citing security reasons, the U.S. has intervened in routine state public records cases and criminal trials regarding use of the technology. This has resulted in police departments withholding materials or heavily censoring documents in rare instances when they disclose any about the purchase and use of such powerful surveillance equipment. Federal involvement in local open records proceedings is unusual. It comes at a time when President Barack Obama has said he welcomes a debate on government surveillance and called for more transparency about spying in the wake of disclosures about classified federal surveillance programs.

One well-known type of this surveillance equipment is known as a Stingray, an innovative way for law enforcement to track cellphones used by suspects and gather evidence. The equipment tricks cellphones into identifying some of their owners' account information, like a unique subscriber number, and transmitting data to police as if it were a phone company's tower. That allows police to obtain cellphone information without having to ask for help from service providers, such as Verizon or AT&T, and can locate a phone without the user even making a call or sending a text message. But without more details about how the technology works and under what circumstances it's used, it's unclear whether the technology might violate a person's constitutional rights or whether it's a good investment of taxpayer dollars. Interviews, court records and public-records requests show the Obama administration is asking agencies to withhold common information about the equipment, such as how the technology is used and how to turn it on. That pushback has come in the form of FBI affidavits and consultation in local criminal cases.

"These extreme secrecy efforts are in relation to very controversial, local government surveillance practices using highly invasive technology," said Nathan Freed Wessler, a staff attorney with the American Civil Liberties Union, which has fought for the release of these types of records. "If public participation means anything, people should have the facts about what the government is doing to them." Harris Corp., a key manufacturer of this equipment, built a secrecy element into its authorization agreement with the Federal Communications Commission in 2011. That authorization has an unusual requirement: that local law enforcement "coordinate with the FBI the acquisition and use of the equipment." Companies like Harris need FCC authorization in order to sell wireless equipment that could interfere with radio frequencies. A spokesman from Harris Corp. said the company will not discuss its products for the Defense Department and law enforcement agencies, although public filings showed government sales of communications systems such as the Stingray accounted for nearly one-third of its $5 billion in revenue. "As a government contractor, our solutions are regulated and their use is restricted," spokesman Jim Burke said.

NSA has collected cell records from all major mobile networks.

SMITH v. MARYLAND, 442 U.S. 735 (1979)

The telephone company, at police request, installed at its central offices a pen register to record the numbers dialed from the telephone at petitioner's home. Prior to his robbery trial, petitioner moved to suppress "all fruits derived from" the pen register. The Maryland trial court denied this motion, holding that the warrantless installation of the pen register did not violate the Fourth Amendment. Petitioner was convicted, and the Maryland Court of Appeals affirmed. Held: The installation and use of the pen register was not a "search" within the meaning of the Fourth Amendment, and hence no warrant was required. Pp. 739-746. (a) Application of the Fourth Amendment depends on whether the person invoking its protection can claim a "legitimate expectation of privacy" that has been invaded by government action. This inquiry normally embraces two questions: first, whether the individual has exhibited an actual (subjective) expectation of privacy; and second, whether his expectation is one that society is prepared to recognize as "reasonable." Katz v. United States, 389 U.S. 347 . Pp. 739-741.

(b) Petitioner in all probability entertained no actual expectation of privacy in the phone numbers he dialed, and even if he did, his expectation was not "legitimate." First, it is doubtful that telephone users in general have any expectation of privacy regarding the numbers they dial, since they typically know that they must convey phone numbers to the telephone company and that the company has facilities for recording this information and does in fact record it for various legitimate business purposes. And petitioner did not demonstrate an expectation of privacy merely by using his home phone rather than some other phone, since his conduct, although perhaps calculated to keep the contents of his conversation private, was not calculated to preserve the privacy of the number he dialed. Second, even if petitioner did harbor some subjective expectation of privacy, this expectation was not one that society is prepared to recognize as "reasonable." When petitioner voluntarily conveyed numerical information to the phone company and "exposed" that information to its equipment in the normal course of business, he assumed the risk that the company would reveal the information [442 U.S. 735, 736]   to the police, cf. United States v. Miller, 425 U.S. 435 . Pp. 741-746. 283 Md. 156, 389 A. 2d 858, affirmed.

With only days left to act and Rand Paul threatening a filibuster, Senate Republicans remain deeply divided over the future of the PATRIOT Act and have no clear path to keep key government spying authorities from expiring at the end of the month. Crucial parts of the PATRIOT Act, including a provision authorizing the government’s controversial bulk collection of American phone records, first revealed by Edward Snowden, are due to lapse May 31. That means Congress has barely a week to figure out a fix before before lawmakers leave town for Memorial Day recess at the end of the next week. Story Continued Below The prospects of a deal look grim: Senate Majority Leader Mitch McConnell on Thursday night proposed just a two-month extension of expiring PATRIOT Act provisions to give the two sides more time to negotiate, but even that was immediately dismissed by critics of the program.