Which Illegal Domestic Spying Program?
by emptywheel
I want to do several things with this post. First, I want to belatedly agree with lizard (partly) and Peter Swire: the program (or aspects of the program) to which Comey and Goldsmith and Philbin objected is different from the program that George Bush publicly acknowledged, the tapping of the domestic calls of people with six degrees of separation from bin Laden. Gonzales parsed too carefully for this not to be true.
SCHUMER: I concede all those points. Let me ask you about some specific reports.
It's been reported by multiple news outlets that the former number two man in the Justice Department, the premier terrorism prosecutor, Jim Comey, expressed grave reservations about the NSA program and at least once refused to give it his blessing. Is that true?
GONZALES: Senator, here's the response that I feel that I can give with respect to recent speculation or stories about disagreements.
There has not been any serious disagreement -- and I think this is accurate -- there has not been any serious disagreement about the program that the president has confirmed. There have been disagreements about other matters regarding operations which I cannot get into.
I will also say...
SCHUMER: But there was some -- I'm sorry to cut you off -- but there was some dissent within the administration. And Jim Comey did express, at some point -- that's all I asked you -- some reservations.
GONZALES: The point I want to make is that, to my knowledge, none of the reservations dealt with the program that we're talking about today. They dealt with operational capabilities that we're not talking about today. [my emphasis]
Next, I want to follow the lead of Anonymous Liberal in going back to the original reporting on the NSA program. The original NYT Risen-Lichtblau story on the program provides some clues as to why Comey objected.
Several senior government officials say that when the special operation began, there were few controls on it and little formal oversight outside the N.S.A. The agency can choose its eavesdropping targets and does not have to seek approval from Justice Department or other Bush administration officials.
[snip]
In mid-2004, concerns about the program expressed by national security officials, government lawyers and a judge prompted the Bush administration to suspend elements of the program and revamp it.
For the first time, the Justice Department audited the N.S.A. program, several officials said. And to provide more guidance, the Justice Department and the agency expanded and refined a checklist to follow in deciding whether probable cause existed to start monitoring someone's communications, several officials said.
A complaint from Judge Colleen Kollar-Kotelly, the federal judge who oversees the Federal Intelligence Surveillance Court, helped spur the suspension, officials said. The judge questioned whether information obtained under the N.S.A. program was being improperly used as the basis for F.I.S.A. wiretap warrant requests from the Justice Department, according to senior government officials. While not knowing all the details of the exchange, several government lawyers said there appeared to be concerns that the Justice Department, by trying to shield the existence of the N.S.A. program, was in danger of misleading the court about the origins of the information cited to justify the warrants.
So presumably in Fall 2003, not long after Goldsmith comes to OLC, Kollar-Kotelly complains about the program. OLC then reviews the program and realizes NSA is tapping people without probable cause. Not long after this article, Bush admits to the six degrees of separation program, and for months afterwords, the discussion remains focused on that program.
But even in the first week after the Risen-Lichtblau scoop, they reveal other details, details which may reveal more about the part of the program that Comey objected to. As I pointed out last year, on a Saturday Christmas Eve, undoubtedly one of the days of the year when people read the news least closely, they snuck a story pointing to technical details in the paper. The article is clearly a response to Bush's claims about the program: Lichtblau and Risen's sources point out that the program is much more extensive than Bush has admitted to.
The National Security Agency has traced and analyzed large volumes of telephone and Internet communications flowing into and out of the United States as part of the eavesdropping program that President Bush approved after the Sept. 11, 2001, attacks to hunt for evidence of terrorist activity, according to current and former government officials.
The volume of information harvested from telecommunication data and voice networks, without court-approved warrants, is much larger than the White House has acknowledged, the officials said. It was collected by tapping directly into some of the American telecommunication system's main arteries, they said.
[snip]
Since the disclosure last week of the N.S.A.'s domestic surveillance program, President Bush and his senior aides have stressed that his executive order allowing eavesdropping without warrants was limited to the monitoring of international phone and e-mail communications involving people with known links to Al Qaeda.
What has not been publicly acknowledged is that N.S.A. technicians, besides actually eavesdropping on specific conversations, have combed through large volumes of phone and Internet traffic in search of patterns that might point to terrorism suspects. Some officials describe the program as a large data-mining operation. [my emphasis]
Note, on January 1, Lichtblau and Risen publish the first account of the hospital meeting. This December 24 article comes between the December 16 story first revealing the NSA spying and the description of the hospital meeting in which Comey and Ashcroft objected to the program. So this revelation--given to Lichtblau and Risen in an attempt to explain that Bush was only admitting to part (the least damning part) of the program was clearly a key part of the program to which DOJ objected.
All of which suggests that Bush (and later Gonzales) revealed the six degrees of separation wiretapping, treating it as distinct from the data mining program, as a way of distracting from the more damning parts of the program.
There's something ironically revealing about this story: Kollar-Kotelly complained, partly, because she believed the government was shielding the existence of "the program" from her. But that's what appears to be going on now (and in the hearing on the NSA program). Bush is admitting the existence of a program tapping those with six degrees of separation from bin Laden as a way to shield this, the datamining program.
One final point. As I pointed out yesterday, Bush is still insisting on the authority to tap without a warrant even while discussing the six degrees of separation program. That is probably more of the same--a willingness to discuss and limit the more visible parts of the program, all the while ensuring that the Administration retains the ability to implement the larger, more heinous part of the program.
Hopefully, Schumer schedules Comey's closed door testimony to the SJC quickly so we can begin to put an end to all this fancy parsing.
After rereading some of the reporting, I see hints that the difficulty for DOJ may have been that the program copied all of a large volume of data, metadata and content, but had previously only been analyzing routing information and metadata, but had begun analysing content. No change in the actual data collected, a change only in which fraction was being used. That is speculation only, but seems reasonable. I would love to know what part of the data they collect is retained and for how long.
Posted by: lizard | May 17, 2007 at 09:27
Great work as usual, Marcy.
Posted by: TiredFed | May 17, 2007 at 09:31
OT--EW, I'm waiting for your take on Ralston's possible immunity deal and testimony before Waxman's committee.
This post sounds right to me--the USA Today story (which I know was discredited, although I never believed the discrediting)-- talked about the data mining. But then the press lost interest and we never heard again that the President of the US was spying on tens of thousands (more?) of Americans. I guess that isn't really news.
Posted by: Jane S. | May 17, 2007 at 09:36
lizard
I think that's about right. The issues were the amount of data being collected and kept, and the way in which it was being analyzed. There's also the point about the program acceleratinig after they got Zubaydah's computer, which I've always assumed meant they took that N of 1 and used it as a pattern of contacts from which to search Americans. Thus, they were tapping people whose contact pattern looked like Zubyahdah's, rather than having any real connection to him. The original reporting mentions an Iranian doctor. I wonder if, in the process of tapping him, Kollar-Kotelly figured out that the only thing he had in common with AQ was that he ate kebab as frequently as Zubaydah did.
Posted by: emptywheel | May 17, 2007 at 10:15
EW, I am sure you are aware of the EFF suit in Federal court in San Francisco where they are challenging I believe the data-mining and direct hoovering from the telco's. I remember seeing on some program the AT&T tech who provided the technical architecture and reported that a special room was constructed at an AT&T building in San Francisco which required NSA classification to enter. Reportedly all communications traffic was split and sent to that room ostensibly for collection and later data mining. Now apparaently in another case Verizon has requested that the court dismiss the case due to "state security". The courts specially with many wingnuts will tend to rule for the state and not for civil liberties and the constitution.
This is no different than Poindexter's Total Information Awareness program in the Pentagon that was defunded. It just found a new home in the NSA under Hayden who was quite happy to testify that the constitution allowed the C-in-C do as he pleases. What we have is currently a complete militarization of the intelligence complex with no oversight - with Hayden at CIA, the new DNI, State dept head of counter-terrorism. A perfect set up to carry out any activity against citizens with no "legal basis". Military men just follow orders - right?
Bottom line is that Schumer, Leahy, Rockefeller, Conyers, etc know about all this. I hope they are behind the scenes truly investigating this as this represents clearly a wilful disregard for the law and civil liberties. If they let this pass it will be a travesty since they have enabled all citizen protections under the constitution - the bill of rights - to be effectively gutted.
Posted by: ab initio | May 17, 2007 at 10:27
Parsing Gonzales a bit closer it is possible to see a really strenuous effort to imply denial of scope, and repeatedly , whenever he spoke about the narrow scope of the program, spoke only aboout "this" program. That sensativity toward scope seems to hint that the feeder progam is haphazard, broad and possibly arbitrary. I do think, ultimately what they are hiding is the retention of data and the assembly of the Total Information Awareness Program piecemeal, one large and arbitrary block at a time.
Posted by: lizard | May 17, 2007 at 10:29
I expect his careful parsing fits some defensible version of the truth as you say, but it's not going to be enough to protect him if there's ever a courtroom involved. The Senators asked their questions as carefully as he asked them. And then there's his comments like:
But, frankly, the Comey testimony is not Gonzales' only problem. His whole tenure at the DoJ is looking more and more like a planned criminal conspiracy to move the DoJ from Republican problem to Republican asset - with co-conspirators Rove and Mier. That it happened is highly probable. Is it provable? Lips are becoming looser these days, and somebody out there knows for sure...
Posted by: Mickey | May 17, 2007 at 10:52
Mickey - as far as perjury goes, Alberto also aught to be worried about when the seperation between the two programs (a technical seperation at best) happened, because if that seperation is a contrivance to avoid having to answer specific questions, that could be construed as obstruction, and if the seperation came after the answers, perjury, i think. But IANAL.
Posted by: lizard | May 17, 2007 at 10:58
I've been thinking more about the head of the FBI being so involved in the hospital drama. I'm wondering if it was partly a turf war--the FBI should have been involved if there was a domestic element to the programs, but it was going through NSA instead.
Posted by: SaltinWound | May 17, 2007 at 11:11
i don't understand (not unusual).
why are we discussing nsa spying
with heavy FBI involvement?
were fbi/justice worried about evidence collection standards re trials?
is there any chance this could have been about the notorious national security letters instead of nsa intercepts?
i have to say, too, that i still have the nagging suspicion that comey, current hero that he appears, may have just papered over
what amounts to a seriously improper government intrusion into the lives of american citizens.
and as always with this white house, one that was unnecessary to deal with terrorism probabilities -
the macho men using a howitzer to shoot rats at the dump.
Posted by: orionATL | May 17, 2007 at 11:39
i don't understand (not unusual).
why are we discussing nsa spying
with heavy FBI involvement?
were fbi/justice worried about evidence collection standards re trials?
is there any chance this could have been about the notorious national security letters instead of nsa intercepts?
i have to say, too, that i still have the nagging suspicion that comey, current hero that he appears, may have just papered over
what amounts to a seriously improper government intrusion into the lives of american citizens.
and as always with this white house, one that was unnecessary to deal with terrorism probabilities -
the macho men using a howitzer to shoot rats at the dump.
Posted by: orionATL | May 17, 2007 at 11:41
apologies for the double post. something's wacky with the computer/dsl -
probably nsa :)
Posted by: orionATL | May 17, 2007 at 11:45
There is a lot to these programs that hasn't been discussed. And yes the FBI was involved, extensively.
... and since I am not privy to the NSA/FBI secrets, ..., and never worked on those contracts, ... I am willing and can say that it is public knowledge as far as some of the FBI data acquisition efforts and systems.
I won't speak to the NSA efforts. No one in their right mind messes with NSA.
Particularly I know about the Internet Mining. It was so pervasive that everything that went on the Internet could have been perused. The problem for the FBI wasn't that they didn't have a system that worked, it was that the impact on the data stream was of a magnitude that they didn't understand or anticipate.
Imagine, you are on Vonage, and your conversation is like talking out to Jupiter, with minutes real time delay, or even hours perhaps, and is very inconsistent and uneven.
Anyway, the ISPs fought the requirements, and also came up with other alternative methods that met the court imposed requirements to work with the FBI.
Posted by: Jodi | May 17, 2007 at 12:13
ab initio, lizard -- Think that TIA was never really defunded, only the name was defunded. They've likely been burying part of it deeper inside the Pentagon, attached to the Information Operations Task Force after the Office of Strategic Information was folded (in name only) and its activities plowed back into the IOTF. I have also wondered whether some of the contracts banally labeled as "mail scanning" and awarded to MZM or to a related, collaborative umbrella organization under General Dynamics for "engineering and information warfare services" were really black ops to insert the TIA scanning/storage equipment into commercial networks. Here's a scanty timeline:
Nov 2002 - Rumsfeld "kills" OSI, but says he's keeping all its functions
Nov 2002 - MZM opens a computer center in VA for classified engineering intel
Sep 2003 - General Dynamics gets $252 million contract for "engineering and information warfare services"
Oct 2003 - Rumsfeld signs a secret order for "Information Operations Roadmap"
Oops, my tinfoil fell off, back in a few after I adjust it -- but you may see my point that there was some activity going on in regards to "information management" even though Rummy said OSI was dead.
Posted by: Rayne | May 17, 2007 at 12:25
I'm not sure what Jodi is saying here, but I do know that an ISP's permission is not needed to capture all data flow in the nation. All communications, data and phone, is now converted to either Ethernet packets or ATM cells, and transmitted through a series of switches and routers to backbone networks, eventually switched off the backbone to the destination switch/router. It's been reported, and it's clear to those of us who worked in the telecom/datacom industry, that the backbone switches (and the key switches linking to the backbone networks) is where the splitting of signals occurs and the data (remember all communications) is routed to a parallel network for analysis. There is no delay or modification of the original signal (your phone call to mom) whatsoever.
All data.
There are also products available that are capable of header/source/destination and keyword search in near-real time, and parallel server systems optimized to do extremely fast analysis, capturing all messages that fall into preset criteria and dumping all others. It's a large and complicated design job, but it's quite realistic.
And legal. As I've mentioned before, "legal intercept" is a requirement for all telecommunications and ISP operators, and "legal" has been interpreted very broadly by the operators: just having a badge or business card from a federal law enforcement or intel group is enough to authorize access to the switch and network.
When you throw the responsibility for analysis into the military under the assumption of fighting terrorism, you enter the realm of NSA and Pentagon blacker programs, where no one is going to know, and if someone spills the beans they are disappeared. Legally.
Just makes ya feel good all over, doesn't it?
Posted by: marksb | May 17, 2007 at 13:02
marksb - If they are 'copying' all data, the important question would be what portion of that data is being analyzed, and what portion of it is being indexed in real or near-real time (when the intercept would be very similar in effect to a roving wiretap and would certainly, under present law, require a warrant) and what portion is being saved for future analysis on a large scale (data mining) which might not require a warrant immediately, but would later when content (not simply routing information) were analyzed.
Posted by: lizard | May 17, 2007 at 13:37
I'm intrigued by Mueller's role. Did he and Ashcroft share a common link of being left out of the loop? (Makes me gag asking question) But, if indeed he and Ashcroft both were out of the NSA loop until Comey insisted upon access - for what 2-1/2 yrs - that would be astonishing.
I haven't heard what happened when Mueller got to the hospital. Perhaps his presence was why Card & Gonzales chose to retreat to their own turf. And interesting, Bush must have recognized the danger and chose not to intervene at that point with Mueller to tell his men to stand down.
Regardless, Muellers choices are fascinating here.
Posted by: mainsailset | May 17, 2007 at 13:42
I have a few comments about this. This whole effort to argue that there are multiple programs is not just a distinction without a difference, but a deliberate effort to deceive the public and Congress about what's really going on. The
Innocent AmericanTerrorist Surveillance Program can't exist without the "datamining" program. While the Administration has sought to portray the public aspect of the program as one in which monitoring occurs after someone has been identified as a suspected enemy of the state, this is transparently bogus. If that was the case, there would have been no reason to circumvent the FISA court. If you listen and read very closely to what the Administration has said, you realize very quickly that they start monitoring communications in response to an automated alert and in most cases these alerts are false positives. The "public" program could not exist without the one that Comey, et. al., objected to. I'm really curious how they "cured" this to his and Goldsmith's satisfaction (and whether or not they really made any changes or just lied to DOJ).Posted by: William Ockham | May 17, 2007 at 14:01
lizard - since we've been told there are but a handful of Farsi speaking analysts on board as opposed to English speaking, I'll be you a nickel there are higher stacks of unread, unanalyzed data sweepings of non English than English communications.
Posted by: mainsailset | May 17, 2007 at 14:09
One of Laura Rozen's readers also noted that Mueller and the FBI were involved in Comey's rush to the hospital, which raises the question of what the FBI's involvement might have been.
I also seem to remember Feinstein hinting at what lay beyond the edges of Gonzales' strict limitation on 'the program that the president has acknowledged'. It's fair to say that warrantless wiretaps are the tip of the iceberg. My only question is why this was being done internally, when ECHELON has traditionally been used to outsource domestic eavesdropping.
Posted by: pseudonymous in nc | May 17, 2007 at 14:12
marksb,
the ISPs were one of the FBI's preferred access points if not the primary one for Internet Traffic.
Some ISPs as I said just took the FBI preferred connects out of their main frame rooms and put them out closer to the warranted suspects, out in the field. This way a smaller stream was intercepted. The courts upheld this, where the ISPs gave the info on the specified targets to the FBI.
Other ISPs fought the whole thing.
It was and has been a mess.
Realtime analysis of the entire internet stream would take the power of the NSA's computers, and a massive storage system. Sure it could be done, but that is not what the FBI wished to do then, for even it knew they didn't have that technology.
Hey remember how many times the FBI's own system for keeping track of cases and perps has been contracted out, failed, and recontracted.
Posted by: Jodi | May 17, 2007 at 14:18
lizard 13:37 -- beginning to wonder if "programs" really means something other than separate systems, something less like projects and more like programming. In other words, the "wiretapping program" could be a program that gathers and interprets only select streams of data, but the "other program" being suggested by shadows is really the entirety of data being collected and stored, from which the "wiretapping program" pulls its data.
"wiretapping program" = system allowing specific queries
"other program" = mega-database gathering all data, from which the "wiretapping program" mines specific data
If firewalled off, it could be difficult to distinguish there was a larger database. Just look at how the Information Operations Roadmap (Joint Info Ops Plan) neatly bundles different functions and applies euphemistic labels, so that one cannot see the connection of OPSEC with a database, no technical terminology or specifications used at all.
mainsailset 13:42 -- knowing now what we know about Mueller, makes all the investigative activity we've seen escalating since the USA dismissal story broke a lot more interesting; has Mueller been held back until now, and has he now taken the gloves off with the White House, OVP and the rest of the racketeers?
Posted by: Rayne | May 17, 2007 at 14:21
Looks like AbuG is sticking to his parsing of "this program". Courtesy TPM.
No Dissent on Spying
OK. Its seems to me that "this program" is not what Comey, Ashcroft, Mueller were concerned about to threaten to resign. Now that Comey is not willing to speak about it will Schumer, Leahy, Rockefeller, Conyers spill the beans? They must know about these "programs".
Posted by: ab initio | May 17, 2007 at 14:39
Cool, Jodi, I understand. Different programs. The FBI's interaction with local ISPs, as I understand it, was an extension of the age old tap-the-suspected-perp's phone line, which makes total sense.
This "potential" program is a general sweep of all communications with the potential for long-term storage and both robotic and human content analysis. Without warrants.
Different beasties.
As far as FBI success in computer modernization, that's a failure of contractual management, from spec'ed requirements to project management. They're not alone: the FDA's air-control modernization effort is taught in business school as the best example of how not to spec and manage a project. I mean, when it comes to technology contracts, there seem to be a lot of management people in the government with their heads firmly planted. (If you want to have a bit of fun reading, find the old Scientific American article that discussed the FDA effort and what went wrong. It's devastating.)
BUT from an ex-datacom-telecom industry veteran, this project could be done today at the least, and done well, and has the potential to have been done for the last several years. Huge strides in IP processing technology and parallel server coordination were made between 2001 and about 2005. It's not just that processor capacity and speed increased substantially, it's also that packet switching and IP processing--as a native function within the switch--made a quantum leap in performance. And that backbone networks handling all IP and ATM traffic became the dominate traffic routing system. (Goddess I hope that makes sense. It's been six years since I left the field.)
My hope is that the management of this system is as hosed as the management of the FDA and FBI computer modernization, or of the recently canceled Coast Guard cutter project.
Posted by: marksb | May 17, 2007 at 14:51
marksb, add the NSAs Trailblazer program to that list.
Posted by: ab initio | May 17, 2007 at 14:54