Category Archives: National Security

Early Returns: NSA Surveillance Reforms are Not Impressive

Posted on January 17, 2014 by Michael Froomkin

EFF tries to strike a note of cautious optimism about President Obama’s NSA reform package, Obama Takes First Steps Toward Reforming NSA Surveillance, but Leaves Many Issues Unaddressed, even though by my reading Obama’s reforms, such as they are, don’t do very well on yesterday’s EFF scorecarrd.

Simon Davis is more pessimistic:

US privacy advocates are right to conditionally welcome some of Obama’s reforms, but they should take into account two critically important implications that the President avoided.

The first of these is the NSA’s intimate operational partnership with Britain’s SIGINT agency, GCHQ. Nothing in his reform package indicates a brake on the current arrangements which allow GCHQ to collect information on US persons.

The second key element is that the proposals appear to merely shift the current collection and retention of metadata from a centralised NSA operation to more of a European-style communications data arrangement that requires commercial entities to maintain a distributed retention. That arrangement in Europe has been deemed unlawful, but there is every chance the US will adopt it.

All things considered, the prospects for genuine intelligence reform at the global level are more bleak than they were 24 hours ago.

Posted in Civil Liberties, Law: Privacy, National Security | 2 Comments

Obama Limitation on Bulk Collection of E-Data Amounts to ‘Trust Us’

Posted on January 17, 2014 by Michael Froomkin

I’m underwhelmed by President Obama’s new Presidential Policy Directive/Ppd-28 on Signals Intelligence.

As I read it, the document announces various fine principles for how drift-net collection of email and telephone and other computer data will be used, but says nothing about collecting any less of it. The memo purports to define “why, whether, and how” this data will be collected; in fact it has a lot more to say about limitations on use than collection, most of it pretty good. 1

Unfortunately the collection section, section 3, is the shortest and, on first reading, the worst. Here it is in full:

Sec. 3. Refining the Process for Collecting Signals Intelligence.

U.S. intelligence collection activities present the potential for national security damage if improperly disclosed. Signals intelligence collection raises special concerns, given the opportunities and risks created by the constantly evolving technological and geopolitical environment; the unique nature of such collection and the inherent concerns raised when signals intelligence can only be collected in bulk; and the risk of damage to our national security interests and our law enforcement, intelligence-sharing, and diplomatic relationships should our capabilities or activities be compromised. It is, therefore, essential that national security policymakers consider carefully the value of signals intelligence activities in light of the risks entailed in conducting these activities.

To enable this judgment, the heads of departments and agencies that participate in the policy processes for establishing signals intelligence priorities and requirements shall, on an annual basis, review any priorities or requirements identified by their departments or agencies and advise the DNI whether each should be maintained, with a copy of the advice provided to the APNSA.

Additionally, the classified Annex to this directive, which supplements the existing policy process for reviewing signals intelligence activities, affirms that determinations about whether and how to conduct signals intelligence activities must carefully evaluate the benefits to our national interests and the risks posed by those activities. (footnote omitted)

I read that to mean … “trust us”. Am I wrong?

  1. There is one odd footnote, footnote 5, that I don’t fully understand:

    The limitations contained in this section do not apply to signals intelligence data that is temporarily acquired to facilitate targeted collection. References to signals intelligence collected in “bulk” mean the authorized collection of large quantities of signals intelligence data which, due to technical or operational considerations, is acquired without the use of discriminants (e.g., specific identifiers, selection terms, etc.).

    []

Posted in Civil Liberties, Law: Privacy, National Security | Comments Off on Obama Limitation on Bulk Collection of E-Data Amounts to ‘Trust Us’

Big Win in No-Fly Case — But You Can’t Read the Decision, It’s Secret

Posted on January 15, 2014 by Michael Froomkin

Dr. Rahinah Ibrahim won her case against the DHS for erroneously putting her on the no-fly list (see No Fly List on Trial for background). The case was characterized by plausible allegations of various government shenanigans designed to keep Dr. Ibrahim’s US citizen daughter from attending the trial. 1 And of course Dr. Ibrahim herself couldn’t come either since she couldn’t fly there.

Rather than issue a public decision, the court issued a “public notice” stating that “findings of fact and conclusions of law” have been issued but would not be published. I’ve never seen one of those before. Usually courts that feel a need to redact things issue decisions with the secret parts whited out – even if they go for pages.

In any case, the short notice tells us the outcome: a win on the key aspects of the merits.

Interstingly, publication of the full opinion is stayed until April 15, 2014, pending a ruling by the Court of Appeals on the secrecy. If, as I assume, this is a CIPA case, I think this date means the trial judge wanted to publish the opinion and the government objected. That would give the government the right to an urgent interlocutory appeal on the issue — the only way I can see the Court of Appeals ruling on anything relating to this matter anywhere near that quickly.

  1. Note that I exclude from the category of shenanigans the denial of access to plaintiff’s counsel of classified info. If the court’s account of the conditions the lawyers demanded, which included discussing the material with their client, was accurate, the court had no choice but to deny the request since the law simply does not allow that.[]
Posted in Law: Right to Travel, National Security | 4 Comments

Thoughts on Snowden’s Dead Man’s Switch

Posted on July 18, 2013 by Michael Froomkin

It would have been more morally pure for Snowden to choose to stay home and face the consequences after his act of civil disobedience.

I don’t think it follows, however, that Snowden is acting irrationally or treasonously or (wrongly) “taking a hostage” by setting up (or claiming to set up) an information-disclosure insurance policy against reprisals by the US. For evidence for this proposition one need look no further than the very eloquent NYT op-ed by Nasser al-Awlaki, The Drone That Killed My Grandson. Remember that we now live in a country that has a track record of executing US citizens (so-called “targeted killing”) without trial, at least outside the US. The limiting principle, we are told, is that the US only does this when it considers them a grave threat, and cannot get hold of them any other way because they are beyond the reach of arrest — not principles likely to be of great comfort to a Snowden.

For a cryptographer’s analysis of this tactic, see Bruce Schneier’s, Snowden’s Dead Man’s Switch. Schneier suggests it may be counter-productive:

I’m not sure he’s thought this through, though. I would be more worried that someone would kill me in order to get the documents released than I would be that someone would kill me to prevent the documents from being released. Any real-world situation involves multiple adversaries, and it’s important to keep all of them in mind when designing a security system.

A commentator counters that in fact this creates a different incentive:

If the US does not want these secrets released then it is in their interests to keep him alive.

It’s also makes it more imperative to capture him in case anyone else kills him.

Posted in Cryptography, Law: Criminal Law, National Security, Padilla | 2 Comments

EFF Wins Round 1 of a Big One

Posted on March 15, 2013 by Michael Froomkin

National Security Letters Are Unconstitutional, Federal Judge Rules:

A federal district court judge in San Francisco has ruled that National Security Letter (NSL) provisions in federal law violate the Constitution. The decision came in a lawsuit challenging a NSL on behalf of an unnamed telecommunications company represented by the Electronic Frontier Foundation (EFF).

In the ruling publicly released today, Judge Susan Illston ordered that the Federal Bureau of Investigation (FBI) stop issuing NSLs and cease enforcing the gag provision in this or any other case. The landmark ruling is stayed for 90 days to allow the government to appeal.

The controversial NSL provisions EFF challenged on behalf of the unnamed client allow the FBI to issue administrative letters — on its own authority and without court approval — to telecommunications companies demanding information about their customers. The controversial provisions also permit the FBI to permanently gag service providers from revealing anything about the NSLs, including the fact that a demand was made, which prevents providers from notifying either their customers or the public. The limited judicial review provisions essentially write the courts out of the process.

In today’s ruling, the court held that the gag order provisions of the statute violate the First Amendment and that the review procedures violate separation of powers. Because those provisions were not separable from the rest of the statute, the court declared the entire statute unconstitutional.

Full text of the decision in In Re National Security Letter. If this is upheld by the 9th Circuit, I would imagine it would be headed straight for the Supreme Court.

OBDisclosure: I am proud to be a member of EFF’s Advisory Board.

Posted in Law: Constitutional Law, Law: Free Speech, National Security | 1 Comment

David Brin Says Republicans Don’t Know How Run Wars … But Democrats Do (They Just Can’t Market It)

Posted on October 28, 2012 by Michael Froomkin

David Brin, the science fiction writer and part-time sociologist, likes to annoy people, preferably everyone at once. He may have outdone himself in CONTRARY BRIN: How Democrats and Republicans Wage War.

A taste:

The contrast between Democratic and Republican styles of war could not be more stark. Beginning with the degree that they show deference to the United States Senior Officer Corps.

Do you know any generals or admirals? Ask them about this. Odds are, you’ll get no answer at all, due to their punctilious respect for civilian authority and resolve not to meddle in politics. But you may get hints. Anyway, continue searching and ask retired generals or admirals! And bear in mind these folks constitute the third best-educated clade in American life, after scientists and medical doctors.

One of these retired flag officers told me: “Democrats admit they don’t know anything about military matters. They consult. They ask questions. They listen.”

He added: “Republican presidents all assume they’re some mix of John Wayne and Patton. Plans are for nerds. Caution is for wimps.”

And this:

Republican administrations like war to look and feel like war! Tank armies and massed divisions… with politicians giving direct orders and over-ruling the professionals. And in the process, they pretty much destroyed the old-fashioned tools that they used.

When he entered office as Chairman of the Joint Chiefs of Staff, Admiral Mike Mullen was asked what he considered to be his most desperate concern. “The Army,” he said. Saving it from what had been done to it.

Now chew on this fact: When Bill Clinton left office, every U.S. Army and Marine Corps brigade was rated fully combat ready to defend the lives and interests of Americans. When George W. Bush left office, not one U.S. brigade was so rated. We went from all to none. And the GOP has a reputation for defense?

The Army that rolled over Saddam’s Republican Guard divisions in 92 and 03 does not exist anymore. What has replaced it is in some ways better, more agile, more professional, if also tired and badly in need of rest. It had to adapt and become agile, having been worn down to the bone. Things are better now, but it will take time. And meanwhile, we must confront deadly foes across a murky battlefield of terror and sabotage that spans the globe. So, whose doctrines are appropriate?

Posted in 2012 Election, National Security | Comments Off on David Brin Says Republicans Don’t Know How Run Wars … But Democrats Do (They Just Can’t Market It)