from the but-of-course dept
The other shoe just dropped when it comes to how the federal government
illegally spies on Americans. Last summer, the details of the NSA's
"backdoor searches" were revealed. This involved big collections of
content and metadata
(so, no, not "just metadata" as meaningless as that phrase is) that
were collected under Section 702 of the FISA Amendments Act (FAA). This
is part of the program that the infamous PRISM effort operates under,
and which allows the NSA to collect all sorts of content, including
communications to, from or
about a "target" -- where a "target"
can be incredibly loosely defined (i.e., it can include groups or
machines or just about anything). The "backdoor searches" were a special
loophole added in 2011 allowing the NSA to make use of "US person names
and identifiers as query terms." In the past, it had been limited (as
per the NSA's mandate) to only non-US persons.
This morning, James Clapper finally responded to a request from Senator
Ron Wyden concerning the number of such backdoor searches using US
identifiers that were done by various government agencies. And,
surprisingly, it's
redaction free.
The big reveal is... that it's not just the NSA doing these searches,
but the CIA and FBI as well. This is especially concerning with regards
to the FBI. This means that the FBI, who does surveillance on Americans,
is spying on Americans communications that were collected by the NSA
and
that they're doing so without anything resembling a warrant. Oh, and
let's make this even worse: the FBI isn't even tracking how often it
does this. It's just doing it willy nilly:
The FBI does not track how many queries it conducts using U.S. person
identifiers. The FBI is responsible for identifying and countering threats to the homeland, such
as terrorism pilots and espionage, inside the U.S. Unlike other IC agencies, because of its
domestic mission, the FBI routinely deals with information about US persons and is expected to
look for domestic connections to threats emanating from abroad, including threats involving
Section 702 non-US. person targets. To fulfill its mission and avoid missing connections within
the information lawfully in its possession, the FBI does not distinguish between U.S. and non-
U.S. persons for purposes of querying Section 702 collection. It should be noted that the FBI
does not receive all of Section 702 collection; rather, the FBI only requests and receives a
small percentage of total Section 702 collection and only for those selectors in which the
FBI has an investigative interest.
Moreover, because the FBI stores Section 702 collection in the same database as
its "traditional" FISA collection, a query of "traditional" FISA collection will also query Section
702 collection. In addition, the FBI routinely conducts queries across its databases in an effort to
locate relevant information that is already in its possession when it opens new national security
investigations and assessments. Therefore, the FBI believes the number of queries is substantial.
However, only FBI personnel trained in the Section 702 minimization procedures are able to
View any Section 702 collection that is responsive to any query.
Got that? Basically, the FBI often asks the NSA for a big chunk of data
that the NSA probably shouldn't have in the first place -- including
tons
of Americans' communications, and the FBI gets to dump it into the same
database that it is free to query. And the FBI tracks none of this,
other than to say that it believes that there are a "substantial" number
of such queries. This would seem to be a pretty blatant attempt to end
run around the 4th Amendment, giving the FBI broad access to searching
through the communications of Americans with what appears to be almost
no oversight.
Yikes!
Oh, and it's not just the NSA, but the CIA as well. Remember, the CIA is not supposed to be doing
any
surveillance on US persons (like the NSA), but that's not what's
happening at all. At least the CIA tracks some (but not all) of its
abuse of backdoor searches:
In calendar year 2013, CIA conducted fewer than 1900 queries of Section
702-acquired communications using specific U.S. person identifiers as
query terms or other more general query terms if they are intended to
return information about a particular U.S. person. Of
that total number approximately 40% were conducted as a result of
requests for
counterterrorism-related information from other U.S. intelligence
agencies. Approximately 27%
of the total number are duplicative or recurring queries conducted at
different times using the
same identifiers but that CIA nonetheless counts as separate queries.
CIA also uses U.S. person
identifiers to conduct metadata-only queries against metadata derived
from the FISA Section 702
collection. However, the CIA does not track the number of metadata-only
queries using U.S.
person identifiers.
So, the CIA is doing these kinds of warrantless fishing expeditions into
the communications of Americans as well, but at least the CIA tracks
how often it's doing so. Of course, when it comes to metadata searches,
the CIA doesn't bother. It's also a bit bizarre that the CIA is
apparently carrying out a bunch of those searches for "other U.S.
intelligence agencies," when the CIA should be especially limited in its
ability to do these searches in the first place.
Senator Wyden has responded to these revelations by pointing out how
"flawed" the oversight system is that these have been allowed:
When the FBI says it conducts a substantial number of searches and it
has no idea of what the number is, it shows how flawed this system is
and the consequences of inadequate oversight. This huge gap in oversight
is a problem now, and will only grow as global communications systems
become more interconnected. The findings transmitted to me raise
questions about whether the FBI is exercising any internal controls over
the use of backdoor searches including who and how many government
employees can access the personal data of individual Americans. I intend
to follow this up until it is fixed.
Hopefully, now you are starting to recognize what a big deal it was last week when the House of Representatives recently
voted to defund the ability to do these kinds of backdoor searches. Still, much more needs to be done.
Oh, and in case you're wondering why Clapper finally 'fessed up to the
FBI and CIA making use of these data to warrantlessly spy on Americans,
it's worth noting that the Privacy and Civil Liberties Oversight Board
(PCLOB) is expected to come out with its report on the Section 702
surveillance program on July 2nd (7/02, get it?). It seems likely that
the report will discuss these backdoor searches on Americans and how
other agencies besides the NSA has been involved in the practice.
No comments:
Post a Comment