No. For example, Smith v. Maryland, 442 US 735 (1979) supports the notion of a "pen register", which, under subsequent case law, supports the collection of other types of communications metadata without a warrant. This includes items such as IP addresses, To: and From: information on email messages, and other "wrapper" information that does not constitute the substance or content of the communication.
Additionally, the entirety of the communications traffic of non-US Persons may be collected at any time, without a warrant, even when that collection occurs physically inside of the the US. This is the legal landscape that was extremely murky from 2001 to 2007. What was clear was that the existing law left the Intelligence Community completely hamstrung with increasing amounts of traffic that touched the US.
However, this gap in the law has been closed, and the stopgap (and now-sunset) Protect America Act of 2007 (and the 2008 FISC ruling which supported it), and the law in force after the FISA Amendments Act of 2008 make this abundantly clear. Note that that a US Person may be an incidental party to these communications; when/if they are, they are subject to clear protections under the Constitution and the law. Also, communications traffic metadata must be examined to support targeting: how do you know whether foobar@yahoo.co.uk is sending a message if you're not able to examine the message traffic? That's the whole point, and is what the current law firmly and clearly supports.
So, as I said, and which you completely and utterly missed and misunderstood, it is incorrect to say "warrantless wiretaps are illegal", because there are any number of ways that this statement is demonstrably (and legally) false. What it is accurate to say is that "warrantless wiretaps which deliberately and knowingly target the substantive content of the communications of US Persons" is illegal. That was and is always true. What was and is also always true is that the communications traffic of non-US Persons outside of the US is fair game without any kind of warrant whatever.
The difficulty arose when an increasing amount of traffic of non-US Persons outside of the US (and some inside of the US, but with no legal status in the US) began traveling through communications channels and equipment physically located within the US: suddenly the path traffic takes restricts intelligence agencies from performing legitimate collection. The new law clearly supports collection on non-US Persons, regardless of where that collection occurs. Conversely, a warrant is required for collection on US Persons, regardless of where that person is on the globe. The result is the elimination of ridiculous restrictions on collection, and stronger protections for US Persons than existed previously.
Whether you would admit it or not, the current law, supported by a supermajority of both houses of Congress, and both the previous and current presidential administrations, supports "warrantless wiretapping" in a number of lawful scenarios, including examination of traffic that may belong to US Persons in order to support lawful collection on non-US Persons. The problem is that so many people don't clearly define terms, and equate "warrantless wiretapping" to "the government is illegally listening to the whole of conversations of innocent Americans without warrants", which is utterly false.
But by all means, keep turning a blind eye to the complexity of the situation, and the policy, technical, and legal frameworks surrounding and supporting it.
Warrantless wiretaps where a US Person is a deliberate target are illegal.
There are any number of ways to legally perform wiretaps without a warrant. There are even ways that it can be done where a US Person is one member of a conversation, as long as they aren't a target and proper protective measures are undertaken. There are ways to perform surveillance without a warrant to collect communications metadata (incoming/outgoing phone numbers, to/from information) in order to support collection against non-US Persons.
The FISA Amendments Act of 2008, passed by a supermajority of both houses of Congress and signed into law, and the August 2008 FISC ruling affirm that collection within the US is legal when the target is not a US Person. Conversely, a warrant is now required to target a US Person anywhere in the world -- this is stricter than previous law. In order to support collection targeting, the metadata of traffic may legally be examined. (Also, the law was anything but clear from 2001-2007. The only thing that was clear is we needed to find new ways to collect on persons plotting against the United States, whose conversations were now traveling through a glass pipe in San Francisco instead of over the air via walkie-talkies on the streets of Yemen.)
Two important takeaways in this discussion:
1. The intelligence gap that exists as more information enters the digital realm from the old analog realms is being closed, and
2. Intelligence and national security interests transcend presidential administrations and politics.
his is getting absurd. Mexico's response has been so disorganized they have no CLUE who "patient zero" is. But it sure is a good opportunity to rail on "factory farms". US-owned, no less! I suppose US owned factory farms also caused the other flu pandemics since the 1500s...
FISC needs to approve surveillance requiring a warrant within 72 hours under FISA's emergency authorization provisions.
The FISC affirmation I am referring to is the August 2008 court decision affirming that the surveillance conducted under the guise of the temporary Protect America Act, and thus the current law as amended by the FISA Amendments Act of 2008, is legal -- and that includes warrantless monitoring of identified foreign intelligence targets, and the technical mechanisms via which their communications can be located, targeted, and extracted from data streams.
The main issue between 2001 and 2007 was whether the same collection -- both collection that is explicitly legal now, and collection on US Persons identified to be communicating with terrorist targets -- was allowable under the administration's Article II and AUMF claims. That is a question that is not legally clear cut, and may never be answered by the courts. Then again, one of the ongoing court cases relating to the surveillance may end up getting that question answered-- and if it is, is it productive to go back and prosecute individuals who acted in the interests of protecting the United States from attack for activity that has subsequently been made explicitly legal by a supermajority of Congress and affirmed by the relevant court? Moreover, if the current law stays the same under President Obama the current political composition of Congress, was it really the exclusively political issue it was made out to be, or was that just political opportunism?
Having an issue with what you believe or infer to be the technical implementation that supports this collection is different from whether or not foreign intelligence should be able to be collected on US soil. The hallmark of the FISA amendments are judiciously protecting US persons, while removing restrictions on where and how foreign intelligence on non-US Persons can be collected simply because it's traveling through a glass pipe in San Francisco instead of over the air on the streets of Yemen. When the Legislative, Judicial, and Executive branches all agree with the new principles relating to foreign collection, the discussion doesn't distill down to the minutiae of what exact parts and techniques are being used to actually enable practical collection.
A technical surveillance mechanism can always be abused. It is our system of laws, courts, and other oversight that prevent it, not technical implementations or controls. The key is oversight and accountability, not the ability to publicly examine every piece of equipment and line of code. And in the context of foreign intelligence collection, that happens via the intelligence oversight committees in both houses of Congress and their staffs, the legal counsel and Inspector Generals' offices of Intelligence Community components, the Justice Department, and the Foreign Intelligence Surveillance Court -- among these are technical experts familiar with exactly how the implementations are deployed and used.
The analogy falls apart when all the packets are copied from the optical splitter, and not just the IP headers showing the needed routing information, doesn't it?
No, it does not.
Even if a technical implementation diverts all traffic to the mechanisms which then perform the examination and collection, it does not imply that all of the content is stored. You are operating under the assumption that there MUST be technical controls that do not allow the government access in any form to the entirety of the traffic. And that assumption itself rests on the basis of grossly incomplete information. You see a "secret room" and a parts list, and assume that the government MUST be storing ALL traffic. Wrong. The technical implementation of the collection is utterly irrelevant to its lawful usage.
And considering FISC affirmed exactly the activity that is occurring at the telecoms as legal and Constitutional, the case is closed. You can make arguments about how you think the surveillance should be conducted, but, not to sound obnoxious, you have zero idea about how the surveillance is implemented -- even with claims from people like Klein and Tice. You're seeing a vanishingly small segment of the complete picture, itself based on their own assumptions (and, unfortunately, political motivations and in some cases ego). If you can't take Congress, FISC, and Justice all agreeing that the stated collection activity -- and its associated technical implementation -- is legal, then I don't think there is much more to say.
No, I am not. But I see you're still lying. Here are comments from Sen. Dianne Feinstein on the FISA Amendments Act of 2008. I know you think DNI McConnell lied to Harvard, lied on Charlie Rose, and that I'm lying; do you also think Sen. Feinstein is lying?
This bill, in some respects, improves even on the base bill, the 1978 Foreign Intelligence Surveillance Act. [b]It provides clear protections for U.S. persons both at home and abroad. It ensures that the Government cannot conduct electronic surveillance on an American anywhere in the world without a warrant. No legislation has done that up to this point.[/b]
Care to comment?
"Pen register" is the legal construct which supports the metadata collection. In this discussion, it has nothing to do with actual pen registers, which is why it is in quotes. But since that is the legal framework under which warrantless metadata collection is understood, I include the term. The collection mechanism that is occurring for digital data enables collection of the CONTENT of communications which may be lawfully monitored without a warrant after examination of the metadata confirming it as such, tied with other identifying information that confirms the target as not representing a US Person.
I don't see where the FISA law makes a distinction between metadata and actual data, but, even if one assumes that other laws make the collection of metadata legal for US persons, the article suggests that collection of the contents of emails, not just metadata, was done for US organizations and people (US based or US citizens)-- which would clearly be illegal under FISA.
Metadata monitoring is allowable under Smith v Maryland (1979), and subsequent case law. NSA has long understood that monitoring the "envelope" of communications for foreign intelligence purposes, but not the content, is allowable without a warrant.
The article -- this and many others -- "suggests" that all traffic was collected...but Tice himself doesn't say that. Any traffic's metadata may be monitored to see if it represents a target whose communications content can be lawfully collected. This means that all traffic may be funneled through a mechanism that supports this task. Tice says this specifically, and repeatedly alludes to it throughout the interview: "even for the NSA it's impossible to literally collect all communications.... What was done was sort of an ability to look at the metadata... and ferret that information to determine what communications would ultimately be collected." [...] "we looked at organizations, just supposedly so that we would not target them." Etc.
You're misunderstanding the situation. The law allows the collection of the content of communications of non-US Persons outside of the US, even when the collection happens within the US. In order to support this collection, the metadata, NOT the content of arbitrary traffic -- even including the traffic of US Persons inside of the US -- may be lawfully monitored.
In order to find out whether traffic is coming from a US person, more than just the source and destination IP has to be collected and analyzed - that's the entire problem of sigint. For you to blithely assume that sigint can magically distinguish between a US citizen and a foreign citizen when sniffing traffic coming to and from Internet cafes is.... astounding. As in, pie-in-the-sky, Puff-the-magic-dragon and magic-mushroom astounding.
NeutronCowboy,
The procedures for targeting are carefully established and reviewed by the Justice Department and FISC. The fact that there is a new burden on determining the legal status of individuals (e.g., whether someone is a US Person) is necessary to ensure that the rights of US Persons are protected.
The paradigm has been shifted from something (a collection point, a person) being physically within the US to the legal status of the person or entity itself. This is a higher standard, but it is one that enables foreign intelligence services do do their jobs, particularly with regard to SIGINT.
So, the larger question is, do we want to subject the entirety of foreign SIGINT to direct judicial review and a warrant process, or can we establish a system of oversight and checks that allows foreign SIGINT to continue unimpeded in a digital world, while protecting the privacy and rights of US Persons under the law and the Constitution?
The Wikipedia page you cited does not support that claim (or, I can't find anything that supports your claim on the WP page).
Of course, the real question is whether any such provision will survive an appeal to the supreme court. So far, the governement has been stalling this by attemtpting to prevent people from showing that they have standing.
The Wikipedia page is just a reference. The fact that collection on non-US Persons can occur within the US is one of the hallmarks of this revision, and one of the main reasons this Act, and the whole debate, even exists. The full bill text is here.
See:
Title I, Sec. 101. Additional procedures regarding certain persons outside the United States
Specifically, the amendments to Title VII, Secs. 701-704.
So you're saying the only real issue is that the President of the United States broke the law from 2001 to 2007.
No, I'm saying the question of whether any of that activity was illegal isn't answered, and may never be. These were simply interpretations of US law that might or might not have withstood the scrutiny of the courts.
But thank you for ignoring the meat of my post, which is that the exact activity that Tice is trying to get everyone up-in-arms about is explicitly legal at present, and will likely remain so under President Obama.
And, under the current law and the August 2008 Foreign Intelligence Surveillance Court of Review ruling, it is explicitly legal.
The FISA Amendments Act of 2008, passed by a two-thirds majority in both houses of Congress, allows for foreign intelligence collection on non-US Persons without a warrant, no matter where the collection occurs. The longstanding Smith v. Maryland, 442 US 735 (1979), allows for the collection of communications metadata, i.e., "to" and "from" information, without a warrant. The FISC ruling explicitly finds legal such collection under the now-sunset Protect America Act and, thus, the current FISA Amendments Act of 2008.
In order to determine which traffic content may be collected for foreign intelligence purposes, the traffic metadata must be examined. Even when a target in question is a specific non-US Person of foreign intelligence interest, traffic metadata must first be examined in order to target that person! Because examining traffic metadata was found explicitly legal and Constitutional three decades ago by the United States Supreme Court, doing so in order to target legitimate foreign intelligence collection is allowable under the law.
The major issues for foreign SIGINT were twofold:
- A lot of traffic is now digital versus analog, and cannot be targeted by aiming a directional antenna at a particular geographic locale. It is now traveling largely via things like fiber optic cables, intermixed with all manner of other communications. In order to target the collection, it is no longer a case of sitting on a Navy vessel offshore from some area of interest between individuals talking on two-way radios; it's finding that traffic in a sea of global digital communications.
- Foreign communications of non-US Persons physically outside of the US was increasingly traveling through the US. Previously fair game for foreign intelligence collection throughout the history of such collection in the United States, it suddenly became off-limits without a warrant because it was incidentally routed through locations in the United States. Foreign intelligence collection on non-US Persons outside of the US does not require a warrant, and fundamentally still shouldn't simply because their traffic happens to enter the US.
This was a case of changing technology necessitating an update to a law. A supermajority of both houses of Congress agreed.
Unfortunately, this discussion is so mired in politics, personal grinding of axes, confusion about early NSA programs (like the so-called Terrorist Surveillance Program, or TSP, which was not renewed after January 2007), and isolated examples of legitimate abuse or misconduct, that not many seem interested in having any real discussion about how foreign intelligence can be reasonably conducted in the digital age. Instead it is a sea of frantic arm-waving and breathless blogging about how the Constitution is being shredded, when the mechanisms of law and judicial oversight have explicitly established the activities as legal.
Ironically, Tice's interview is spot-on. He says, "What was done was sort of an ability to look at the metadata... and ferret that information to determine what communications would ultimately be collected," and adds, "we looked at organizations, just supposedly so that we would not target them."
"Supposedly?"
That's the whole point. So here's an example of someone explaining more or less what is happening, namely, that traffic metadata is examined to determine whether or not it constitutes a foreign intelligence target, and that measures were undertaken to not intercept the content of communications of entities which are not legitima
The main reason for the President himself to not to have something like a personal BlackBerry or other personal communications devices -- ones which is he is publicly known to have, anyway -- is simply the high-profile nature and symbolism of the target. It doesn't matter that other federal agencies and the military use them for one purpose or another.
This is the case even with all the compelling "finger on the pulse of [insert subject du jour here]" and Information Age tempo arguments. The fact is that the President will have an army of aides who can all have their fingers directly on the multitude of things that the President cares about and needs to know about.
And in the event that a case is made, internal to the administration, that the President -- now or in the future -- really needs to have his own personal communications device(s), that fact in itself -- not to mention the specific equipment and carriers -- doesn't need to be, and, frankly, shouldn't be, publicly disclosed.
Also, from the article:
Obama and other officials won't be able to use Instant Messaging in the White House.
This is for a variety of reasons, but security is not necessarily one of them. For example, an IM service offered by the DNI's Intelligence Community Enterprise Solutions group does provide instant messaging services using the open Jabber protocol up to the TOP SECRET/SCI level.
IM has the same applications and benefits, such as presence notification and real-time textual interaction, in an enterprise environment as it does elsewhere.
And why does the internet need blogs? Are there some blogs from some individuals or organizations that have greater insight, more useful information, more applicability to your work or interests, and that you follow more regularly? Why are blogs a valuable way for information sharing and communication on the internet at large?
I would say that depending on where you are, there's certainly no question that there is a lot of Windows on the desktop. There are many reasons for this.
The main place where open source shines is in central service delivery...the client is irrelevant. The client piece is more complicated: sure, you can argue cost benefits for running Linux on the desktop, but even on the unclass side, there are still practical benefits to using a commodity OS. Some of it is management, some of it is tools. A lot of it comes back to familiarity of the user...in that setting who doesn't know Windows and Microsoft Office?
I don't think open source on the desktop is the place to start. The place that open source software can make the most impact and positively affect the most people, at present, is on the server and service end of things.
In just the Intelligence Community alone, there is great support for open source software and open standards and protocols.
As part of Community-wide tools and services, the Intelligence Community takes advantage of:
- MediaWiki for Intellipedia - WordPress for blogs - Jabber (XMPP) for instant messaging - Zimbra for enterprise email - Linux, Apache, MySQL, and PHP to support and provide many of these services - LDAP backends for single signon and other authentication tasks - RSS for blogs, social bookmarking, news feeds, realtime information, etc - Open APIs and standards whenever possible
All of these services and tools are available via a suite called Intelink, and are available to all 16 Intelligence Community components, the military, federal government, and law enforcement and homeland security partners at the state and local levels. They are accredited for use for information anywhere from UNCLASSIFIED to TOP SECRET/SCI, and everything in between.
Open source works, and has allowed the Intelligence Community to rapidly provide a secure and robust suite of tools to its personnel, easily respond to changing requirements and requests, and all for far less money and far more flexibly than many commercial solutions. And the Intelligence Community isn't alone.
No, no such admission has been made. That someone may make light of, e.g., a new technology that could be used to support sniper operations, does not make that person a sociopath. You are simply and patently incorrect.
Chris, the fact that TSP was authorized by the President and reviewed by Congress is not something I take legal issue with. There are other, isolated, examples of abuses that I do take issue with. And even then, the public is not privy to all of the details. We have an issue of the conflation of multiple different situations: TSP, monitoring of US Persons in military theaters, monitoring of US Persons as part of terrorism investigations, incidental collection on US Persons under FISA, accidental collection on US Persons, and cases of arguable violation of the law, with the last of these being the smallest part of the equation.
Because of the current state of affairs in which illegal behavior is not only suspected but assumed, there has not been an honest, dispassionate debate about the powers Bush adopted for TSP. There have been legal scholars on both sides of the debate -- not surprisingly, often following party lines. When an issue becomes so politicized, as this one has, how is it to be resolved? At what point does it lose relevance, when no demonstrable and continuing adverse action has resulted from the controversial behavior?
My larger issue is with the belief that "security" and "liberty" are part of a single sliding scale, wherein an increase in one automatically results in a commensurate sacrifice of the other. The key to a secure nation and society under our system of rule of law is understanding how we can keep a safe and stable nation, both in a domestic sense and with respect to the world stage -- which is increasingly populated with non-state actors -- while balancing those considerations with the freedoms and liberties that our system of government also espouses. It's always been about balance, and I think it's a bit disingenuous to make it out to be exclusively political.
And you know that Obama will continue Bush's programs how? Every pick of his for DoJ is 180 degrees away from the Bush DoJ regarding these issues. Though really, if Obama obeys the current law, then that means he absolutely won't be continuing the same intelligence activity Bush did, because the current law says you can't tap U.S. Persons without a warrant, and Bush did. So again, how exactly would this vindicate Bush and suggest it wasn't a political issue?
The intelligence activity you're referring to must be TSP, which hasn't existed since January 2007. So, if not TSP, I'm not sure to what you're referring.
To be more clear: the Obama administration is likely going to continue collection under the provisions of the FISA Amendments Act of 2008, which is exactly how collection has been happening for the last two years.
Wrong! 50 USC 1801 (i) defines "United States Person" in a non-geographic sense, saying simply "citizen of the United States" (and then of course other definitions for non-citizens and types of organizations). It's essentially exactly the same definition you're claiming is "new". But it isn't. The original FISA protected U.S. citizens anywhere in the world.
(j) even says that the definition of "United States" only applies to the term "United States when used in a geographic sense". Interpreting the words "United States" in the phrase "citizen of the United States" in a geographic sense makes no sense, and could equally non-sensically be applied to the "new" definition of U.S. Person which is really the old one.
I know what paragraphs (i) and (j) say. What I said was that the old application of FISA considered BOTH for purposes of collection. In practice, what this meant was that intelligence agencies did not consider (i) for foreign intelligence collection outside the US -- they considered (j). And that was because that was the inverse of the accepted metric required for foreign collection inside of the US -- namely, that all collection inside of the region defined by (j) required a warrant, even when (i) wasn't met.
In other words, it was just as imperfect as the system we have now, albeit less explicitly defined.
So sad that you take one of the few unfortunate and isolated examples of abuse, misbehavior, and disobedience of established policy and law -- no matter who was involved -- and assume that it is systemic, routine, condoned, and even encouraged, with no regard for any other considerations.
There was a "controversy" over TSP...and it was whether the powers granted the president allow for such considerations. That legal issue was never resolved, and the FISA Amendments act of 2008 explicitly disallows the invocation of war powers to allow such application of intelligence collection.
What does Obama taking office soon have to do with the Bush administration's opinion on whether his program was legal, and for that matter why the hell should I care what the NSA legal counsel and the Bush DoJ think? "Oh yeah it's totally illegal, but we advised the President to do it anyway"? That's ridiculous. This is the same DoJ that gave its opinion that the President could essentially ignore any law he wanted.
The only groups you mentioned who I have any reason to think are actually aware of what was implemented and how would be FISC and the Intelligence Committee, and I know Bush pulled executive privilege on the committee has tried to do the same in every non-FISA court so I'm not even so sure about that.
Chris, what it means, in the political context, is that when President Obama's administrations continues intelligence activity under the current law, that means it wasn't the exclusively political issue people made it out to be. It means that it perhaps was an opportune time to update foreign intelligence policy with respect to the digital era, and the initial rounds of this necessary exercise were executed imperfectly.
If you give any credence whatever to FISC, then the most important decision is the one that is the subject of this very article, FISA Amendments Act of 2008 aside.
Bullshit. The original definition of U.S. Person was a U.S citizen (no provision for location), or anyone on U.S. soil legally. That's been the case since the original passage of FISA. Unless the new definition includes non-citizens outside U.S. jurisdiction -- which makes no sense -- then no, they didn't improve that. And the original law required a warrant any time a U.S. Person was known to be a party, it was quite explicit. It was only in the case where there was incidental recording of a U.S. Person's communication while surveiling a non-U.S. Person where redaction was allowed.
That's not accurate: the application of the law, previously, understood the warrant requirements to be a combination of 50 USC 1801 (i) and (j), which define a "United States person", and "United States", in a geographic sense. Even that interpretation was imperfect, but the application ended up being that whenever foreign intelligence surveillance powers were used under Title 50, section (j) -- the definition of "United States" as a geographic area -- determined where a warrant was required, regardless of an individual's status. This meant that persons under section (i) -- the definition of a "United States person" -- did not have the specific protections -- namely, protection anywhere they might be, globally -- granted under the current law. The current law changes the current law from a question of geospatial consideration to one of consideration of legal status.
Slashdot Mirror
AT&T now allowing iPhone VoIP calls over 3G
AT&T Greenlights VoIP For the iPhone
Devastating...
No. For example, Smith v. Maryland, 442 US 735 (1979) supports the notion of a "pen register", which, under subsequent case law, supports the collection of other types of communications metadata without a warrant. This includes items such as IP addresses, To: and From: information on email messages, and other "wrapper" information that does not constitute the substance or content of the communication.
Additionally, the entirety of the communications traffic of non-US Persons may be collected at any time, without a warrant, even when that collection occurs physically inside of the the US. This is the legal landscape that was extremely murky from 2001 to 2007. What was clear was that the existing law left the Intelligence Community completely hamstrung with increasing amounts of traffic that touched the US.
However, this gap in the law has been closed, and the stopgap (and now-sunset) Protect America Act of 2007 (and the 2008 FISC ruling which supported it), and the law in force after the FISA Amendments Act of 2008 make this abundantly clear. Note that that a US Person may be an incidental party to these communications; when/if they are, they are subject to clear protections under the Constitution and the law. Also, communications traffic metadata must be examined to support targeting: how do you know whether foobar@yahoo.co.uk is sending a message if you're not able to examine the message traffic? That's the whole point, and is what the current law firmly and clearly supports.
So, as I said, and which you completely and utterly missed and misunderstood, it is incorrect to say "warrantless wiretaps are illegal", because there are any number of ways that this statement is demonstrably (and legally) false. What it is accurate to say is that "warrantless wiretaps which deliberately and knowingly target the substantive content of the communications of US Persons" is illegal. That was and is always true. What was and is also always true is that the communications traffic of non-US Persons outside of the US is fair game without any kind of warrant whatever.
The difficulty arose when an increasing amount of traffic of non-US Persons outside of the US (and some inside of the US, but with no legal status in the US) began traveling through communications channels and equipment physically located within the US: suddenly the path traffic takes restricts intelligence agencies from performing legitimate collection. The new law clearly supports collection on non-US Persons, regardless of where that collection occurs. Conversely, a warrant is required for collection on US Persons, regardless of where that person is on the globe. The result is the elimination of ridiculous restrictions on collection, and stronger protections for US Persons than existed previously.
Whether you would admit it or not, the current law, supported by a supermajority of both houses of Congress, and both the previous and current presidential administrations, supports "warrantless wiretapping" in a number of lawful scenarios, including examination of traffic that may belong to US Persons in order to support lawful collection on non-US Persons. The problem is that so many people don't clearly define terms, and equate "warrantless wiretapping" to "the government is illegally listening to the whole of conversations of innocent Americans without warrants", which is utterly false.
But by all means, keep turning a blind eye to the complexity of the situation, and the policy, technical, and legal frameworks surrounding and supporting it.
...and that goes to the core of this issue.
Warrantless wiretaps are not illegal.
Warrantless wiretaps where a US Person is a deliberate target are illegal.
There are any number of ways to legally perform wiretaps without a warrant. There are even ways that it can be done where a US Person is one member of a conversation, as long as they aren't a target and proper protective measures are undertaken. There are ways to perform surveillance without a warrant to collect communications metadata (incoming/outgoing phone numbers, to/from information) in order to support collection against non-US Persons.
The FISA Amendments Act of 2008, passed by a supermajority of both houses of Congress and signed into law, and the August 2008 FISC ruling affirm that collection within the US is legal when the target is not a US Person. Conversely, a warrant is now required to target a US Person anywhere in the world -- this is stricter than previous law. In order to support collection targeting, the metadata of traffic may legally be examined. (Also, the law was anything but clear from 2001-2007. The only thing that was clear is we needed to find new ways to collect on persons plotting against the United States, whose conversations were now traveling through a glass pipe in San Francisco instead of over the air via walkie-talkies on the streets of Yemen.)
Two important takeaways in this discussion:
1. The intelligence gap that exists as more information enters the digital realm from the old analog realms is being closed, and
2. Intelligence and national security interests transcend presidential administrations and politics.
his is getting absurd. Mexico's response has been so disorganized they have no CLUE who "patient zero" is. But it sure is a good opportunity to rail on "factory farms". US-owned, no less! I suppose US owned factory farms also caused the other flu pandemics since the 1500s...
And if you can't "afford" conduit, make your own. Garden hose (which rats don't eat through), PVC, etc.
FISC needs to approve surveillance requiring a warrant within 72 hours under FISA's emergency authorization provisions.
The FISC affirmation I am referring to is the August 2008 court decision affirming that the surveillance conducted under the guise of the temporary Protect America Act, and thus the current law as amended by the FISA Amendments Act of 2008, is legal -- and that includes warrantless monitoring of identified foreign intelligence targets, and the technical mechanisms via which their communications can be located, targeted, and extracted from data streams.
The main issue between 2001 and 2007 was whether the same collection -- both collection that is explicitly legal now, and collection on US Persons identified to be communicating with terrorist targets -- was allowable under the administration's Article II and AUMF claims. That is a question that is not legally clear cut, and may never be answered by the courts. Then again, one of the ongoing court cases relating to the surveillance may end up getting that question answered-- and if it is, is it productive to go back and prosecute individuals who acted in the interests of protecting the United States from attack for activity that has subsequently been made explicitly legal by a supermajority of Congress and affirmed by the relevant court? Moreover, if the current law stays the same under President Obama the current political composition of Congress, was it really the exclusively political issue it was made out to be, or was that just political opportunism?
Having an issue with what you believe or infer to be the technical implementation that supports this collection is different from whether or not foreign intelligence should be able to be collected on US soil. The hallmark of the FISA amendments are judiciously protecting US persons, while removing restrictions on where and how foreign intelligence on non-US Persons can be collected simply because it's traveling through a glass pipe in San Francisco instead of over the air on the streets of Yemen. When the Legislative, Judicial, and Executive branches all agree with the new principles relating to foreign collection, the discussion doesn't distill down to the minutiae of what exact parts and techniques are being used to actually enable practical collection.
A technical surveillance mechanism can always be abused. It is our system of laws, courts, and other oversight that prevent it, not technical implementations or controls. The key is oversight and accountability, not the ability to publicly examine every piece of equipment and line of code. And in the context of foreign intelligence collection, that happens via the intelligence oversight committees in both houses of Congress and their staffs, the legal counsel and Inspector Generals' offices of Intelligence Community components, the Justice Department, and the Foreign Intelligence Surveillance Court -- among these are technical experts familiar with exactly how the implementations are deployed and used.
The analogy falls apart when all the packets are copied from the optical splitter, and not just the IP headers showing the needed routing information, doesn't it?
No, it does not.
Even if a technical implementation diverts all traffic to the mechanisms which then perform the examination and collection, it does not imply that all of the content is stored. You are operating under the assumption that there MUST be technical controls that do not allow the government access in any form to the entirety of the traffic. And that assumption itself rests on the basis of grossly incomplete information. You see a "secret room" and a parts list, and assume that the government MUST be storing ALL traffic. Wrong. The technical implementation of the collection is utterly irrelevant to its lawful usage.
And considering FISC affirmed exactly the activity that is occurring at the telecoms as legal and Constitutional, the case is closed. You can make arguments about how you think the surveillance should be conducted, but, not to sound obnoxious, you have zero idea about how the surveillance is implemented -- even with claims from people like Klein and Tice. You're seeing a vanishingly small segment of the complete picture, itself based on their own assumptions (and, unfortunately, political motivations and in some cases ego). If you can't take Congress, FISC, and Justice all agreeing that the stated collection activity -- and its associated technical implementation -- is legal, then I don't think there is much more to say.
No, I am not. But I see you're still lying. Here are comments from Sen. Dianne Feinstein on the FISA Amendments Act of 2008. I know you think DNI McConnell lied to Harvard, lied on Charlie Rose, and that I'm lying; do you also think Sen. Feinstein is lying?
This bill, in some respects, improves even on the base bill, the 1978 Foreign Intelligence Surveillance Act. [b]It provides clear protections for U.S. persons both at home and abroad. It ensures that the Government cannot conduct electronic surveillance on an American anywhere in the world without a warrant. No legislation has done that up to this point.[/b]
Care to comment?
"Pen register" is the legal construct which supports the metadata collection. In this discussion, it has nothing to do with actual pen registers, which is why it is in quotes. But since that is the legal framework under which warrantless metadata collection is understood, I include the term. The collection mechanism that is occurring for digital data enables collection of the CONTENT of communications which may be lawfully monitored without a warrant after examination of the metadata confirming it as such, tied with other identifying information that confirms the target as not representing a US Person.
I don't see where the FISA law makes a distinction between metadata and actual data, but, even if one assumes that other laws make the collection of metadata legal for US persons, the article suggests that collection of the contents of emails, not just metadata, was done for US organizations and people (US based or US citizens)-- which would clearly be illegal under FISA.
Metadata monitoring is allowable under Smith v Maryland (1979), and subsequent case law. NSA has long understood that monitoring the "envelope" of communications for foreign intelligence purposes, but not the content, is allowable without a warrant.
The article -- this and many others -- "suggests" that all traffic was collected...but Tice himself doesn't say that. Any traffic's metadata may be monitored to see if it represents a target whose communications content can be lawfully collected. This means that all traffic may be funneled through a mechanism that supports this task. Tice says this specifically, and repeatedly alludes to it throughout the interview: "even for the NSA it's impossible to literally collect all communications. ... What was done was sort of an ability to look at the metadata ... and ferret that information to determine what communications would ultimately be collected." [...] "we looked at organizations, just supposedly so that we would not target them." Etc.
You're misunderstanding the situation. The law allows the collection of the content of communications of non-US Persons outside of the US, even when the collection happens within the US. In order to support this collection, the metadata, NOT the content of arbitrary traffic -- even including the traffic of US Persons inside of the US -- may be lawfully monitored.
In order to find out whether traffic is coming from a US person, more than just the source and destination IP has to be collected and analyzed - that's the entire problem of sigint. For you to blithely assume that sigint can magically distinguish between a US citizen and a foreign citizen when sniffing traffic coming to and from Internet cafes is.... astounding. As in, pie-in-the-sky, Puff-the-magic-dragon and magic-mushroom astounding.
NeutronCowboy,
The procedures for targeting are carefully established and reviewed by the Justice Department and FISC. The fact that there is a new burden on determining the legal status of individuals (e.g., whether someone is a US Person) is necessary to ensure that the rights of US Persons are protected.
The paradigm has been shifted from something (a collection point, a person) being physically within the US to the legal status of the person or entity itself. This is a higher standard, but it is one that enables foreign intelligence services do do their jobs, particularly with regard to SIGINT.
So, the larger question is, do we want to subject the entirety of foreign SIGINT to direct judicial review and a warrant process, or can we establish a system of oversight and checks that allows foreign SIGINT to continue unimpeded in a digital world, while protecting the privacy and rights of US Persons under the law and the Constitution?
The Wikipedia page you cited does not support that claim (or, I can't find anything that supports your claim on the WP page).
Of course, the real question is whether any such provision will survive an appeal to the supreme court. So far, the governement has been stalling this by attemtpting to prevent people from showing that they have standing.
The Wikipedia page is just a reference. The fact that collection on non-US Persons can occur within the US is one of the hallmarks of this revision, and one of the main reasons this Act, and the whole debate, even exists. The full bill text is here.
See:
Title I, Sec. 101. Additional procedures regarding certain persons outside the United States
Specifically, the amendments to Title VII, Secs. 701-704.
So you're saying the only real issue is that the President of the United States broke the law from 2001 to 2007.
No, I'm saying the question of whether any of that activity was illegal isn't answered, and may never be. These were simply interpretations of US law that might or might not have withstood the scrutiny of the courts.
But thank you for ignoring the meat of my post, which is that the exact activity that Tice is trying to get everyone up-in-arms about is explicitly legal at present, and will likely remain so under President Obama.
And, under the current law and the August 2008 Foreign Intelligence Surveillance Court of Review ruling, it is explicitly legal.
The FISA Amendments Act of 2008, passed by a two-thirds majority in both houses of Congress, allows for foreign intelligence collection on non-US Persons without a warrant, no matter where the collection occurs. The longstanding Smith v. Maryland, 442 US 735 (1979), allows for the collection of communications metadata, i.e., "to" and "from" information, without a warrant. The FISC ruling explicitly finds legal such collection under the now-sunset Protect America Act and, thus, the current FISA Amendments Act of 2008.
In order to determine which traffic content may be collected for foreign intelligence purposes, the traffic metadata must be examined. Even when a target in question is a specific non-US Person of foreign intelligence interest, traffic metadata must first be examined in order to target that person! Because examining traffic metadata was found explicitly legal and Constitutional three decades ago by the United States Supreme Court, doing so in order to target legitimate foreign intelligence collection is allowable under the law.
The major issues for foreign SIGINT were twofold:
- A lot of traffic is now digital versus analog, and cannot be targeted by aiming a directional antenna at a particular geographic locale. It is now traveling largely via things like fiber optic cables, intermixed with all manner of other communications. In order to target the collection, it is no longer a case of sitting on a Navy vessel offshore from some area of interest between individuals talking on two-way radios; it's finding that traffic in a sea of global digital communications.
- Foreign communications of non-US Persons physically outside of the US was increasingly traveling through the US. Previously fair game for foreign intelligence collection throughout the history of such collection in the United States, it suddenly became off-limits without a warrant because it was incidentally routed through locations in the United States. Foreign intelligence collection on non-US Persons outside of the US does not require a warrant, and fundamentally still shouldn't simply because their traffic happens to enter the US.
This was a case of changing technology necessitating an update to a law. A supermajority of both houses of Congress agreed.
Unfortunately, this discussion is so mired in politics, personal grinding of axes, confusion about early NSA programs (like the so-called Terrorist Surveillance Program, or TSP, which was not renewed after January 2007), and isolated examples of legitimate abuse or misconduct, that not many seem interested in having any real discussion about how foreign intelligence can be reasonably conducted in the digital age. Instead it is a sea of frantic arm-waving and breathless blogging about how the Constitution is being shredded, when the mechanisms of law and judicial oversight have explicitly established the activities as legal.
Ironically, Tice's interview is spot-on. He says, "What was done was sort of an ability to look at the metadata ... and ferret that information to determine what communications would ultimately be collected," and adds, "we looked at organizations, just supposedly so that we would not target them."
"Supposedly?"
That's the whole point. So here's an example of someone explaining more or less what is happening, namely, that traffic metadata is examined to determine whether or not it constitutes a foreign intelligence target, and that measures were undertaken to not intercept the content of communications of entities which are not legitima
The main reason for the President himself to not to have something like a personal BlackBerry or other personal communications devices -- ones which is he is publicly known to have, anyway -- is simply the high-profile nature and symbolism of the target. It doesn't matter that other federal agencies and the military use them for one purpose or another.
This is the case even with all the compelling "finger on the pulse of [insert subject du jour here]" and Information Age tempo arguments. The fact is that the President will have an army of aides who can all have their fingers directly on the multitude of things that the President cares about and needs to know about.
And in the event that a case is made, internal to the administration, that the President -- now or in the future -- really needs to have his own personal communications device(s), that fact in itself -- not to mention the specific equipment and carriers -- doesn't need to be, and, frankly, shouldn't be, publicly disclosed.
Also, from the article:
This is for a variety of reasons, but security is not necessarily one of them. For example, an IM service offered by the DNI's Intelligence Community Enterprise Solutions group does provide instant messaging services using the open Jabber protocol up to the TOP SECRET/SCI level.
IM has the same applications and benefits, such as presence notification and real-time textual interaction, in an enterprise environment as it does elsewhere.
And why does the internet need blogs? Are there some blogs from some individuals or organizations that have greater insight, more useful information, more applicability to your work or interests, and that you follow more regularly? Why are blogs a valuable way for information sharing and communication on the internet at large?
Okay:
MediaWiki ...
WordPress
Jabber
Zimbra
Get it?
This is about using open source software for internal, noncommercial, nonprofit purposes.
I would say that depending on where you are, there's certainly no question that there is a lot of Windows on the desktop. There are many reasons for this.
The main place where open source shines is in central service delivery...the client is irrelevant. The client piece is more complicated: sure, you can argue cost benefits for running Linux on the desktop, but even on the unclass side, there are still practical benefits to using a commodity OS. Some of it is management, some of it is tools. A lot of it comes back to familiarity of the user...in that setting who doesn't know Windows and Microsoft Office?
I don't think open source on the desktop is the place to start. The place that open source software can make the most impact and positively affect the most people, at present, is on the server and service end of things.
In just the Intelligence Community alone, there is great support for open source software and open standards and protocols.
As part of Community-wide tools and services, the Intelligence Community takes advantage of:
- MediaWiki for Intellipedia
- WordPress for blogs
- Jabber (XMPP) for instant messaging
- Zimbra for enterprise email
- Linux, Apache, MySQL, and PHP to support and provide many of these services
- LDAP backends for single signon and other authentication tasks
- RSS for blogs, social bookmarking, news feeds, realtime information, etc
- Open APIs and standards whenever possible
All of these services and tools are available via a suite called Intelink, and are available to all 16 Intelligence Community components, the military, federal government, and law enforcement and homeland security partners at the state and local levels. They are accredited for use for information anywhere from UNCLASSIFIED to TOP SECRET/SCI, and everything in between.
For the last few years, the Intelligence Community has not only "looked at" open source, but has embraced it with open arms. In fact, the information sharing supported by these tools was listed as one of the major achievements during the tenure of DNI Mike McConnell.
Open source works, and has allowed the Intelligence Community to rapidly provide a secure and robust suite of tools to its personnel, easily respond to changing requirements and requests, and all for far less money and far more flexibly than many commercial solutions. And the Intelligence Community isn't alone.
No, no such admission has been made. That someone may make light of, e.g., a new technology that could be used to support sniper operations, does not make that person a sociopath. You are simply and patently incorrect.
Chris, the fact that TSP was authorized by the President and reviewed by Congress is not something I take legal issue with. There are other, isolated, examples of abuses that I do take issue with. And even then, the public is not privy to all of the details. We have an issue of the conflation of multiple different situations: TSP, monitoring of US Persons in military theaters, monitoring of US Persons as part of terrorism investigations, incidental collection on US Persons under FISA, accidental collection on US Persons, and cases of arguable violation of the law, with the last of these being the smallest part of the equation.
Because of the current state of affairs in which illegal behavior is not only suspected but assumed, there has not been an honest, dispassionate debate about the powers Bush adopted for TSP. There have been legal scholars on both sides of the debate -- not surprisingly, often following party lines. When an issue becomes so politicized, as this one has, how is it to be resolved? At what point does it lose relevance, when no demonstrable and continuing adverse action has resulted from the controversial behavior?
My larger issue is with the belief that "security" and "liberty" are part of a single sliding scale, wherein an increase in one automatically results in a commensurate sacrifice of the other. The key to a secure nation and society under our system of rule of law is understanding how we can keep a safe and stable nation, both in a domestic sense and with respect to the world stage -- which is increasingly populated with non-state actors -- while balancing those considerations with the freedoms and liberties that our system of government also espouses. It's always been about balance, and I think it's a bit disingenuous to make it out to be exclusively political.
And you know that Obama will continue Bush's programs how? Every pick of his for DoJ is 180 degrees away from the Bush DoJ regarding these issues. Though really, if Obama obeys the current law, then that means he absolutely won't be continuing the same intelligence activity Bush did, because the current law says you can't tap U.S. Persons without a warrant, and Bush did. So again, how exactly would this vindicate Bush and suggest it wasn't a political issue?
The intelligence activity you're referring to must be TSP, which hasn't existed since January 2007. So, if not TSP, I'm not sure to what you're referring.
To be more clear: the Obama administration is likely going to continue collection under the provisions of the FISA Amendments Act of 2008, which is exactly how collection has been happening for the last two years.
Wrong! 50 USC 1801 (i) defines "United States Person" in a non-geographic sense, saying simply "citizen of the United States" (and then of course other definitions for non-citizens and types of organizations). It's essentially exactly the same definition you're claiming is "new". But it isn't. The original FISA protected U.S. citizens anywhere in the world.
(j) even says that the definition of "United States" only applies to the term "United States when used in a geographic sense". Interpreting the words "United States" in the phrase "citizen of the United States" in a geographic sense makes no sense, and could equally non-sensically be applied to the "new" definition of U.S. Person which is really the old one.
I know what paragraphs (i) and (j) say. What I said was that the old application of FISA considered BOTH for purposes of collection. In practice, what this meant was that intelligence agencies did not consider (i) for foreign intelligence collection outside the US -- they considered (j). And that was because that was the inverse of the accepted metric required for foreign collection inside of the US -- namely, that all collection inside of the region defined by (j) required a warrant, even when (i) wasn't met.
In other words, it was just as imperfect as the system we have now, albeit less explicitly defined.
So sad that you take one of the few unfortunate and isolated examples of abuse, misbehavior, and disobedience of established policy and law -- no matter who was involved -- and assume that it is systemic, routine, condoned, and even encouraged, with no regard for any other considerations.
There was a "controversy" over TSP...and it was whether the powers granted the president allow for such considerations. That legal issue was never resolved, and the FISA Amendments act of 2008 explicitly disallows the invocation of war powers to allow such application of intelligence collection.
What does Obama taking office soon have to do with the Bush administration's opinion on whether his program was legal, and for that matter why the hell should I care what the NSA legal counsel and the Bush DoJ think? "Oh yeah it's totally illegal, but we advised the President to do it anyway"? That's ridiculous. This is the same DoJ that gave its opinion that the President could essentially ignore any law he wanted.
The only groups you mentioned who I have any reason to think are actually aware of what was implemented and how would be FISC and the Intelligence Committee, and I know Bush pulled executive privilege on the committee has tried to do the same in every non-FISA court so I'm not even so sure about that.
Chris, what it means, in the political context, is that when President Obama's administrations continues intelligence activity under the current law, that means it wasn't the exclusively political issue people made it out to be. It means that it perhaps was an opportune time to update foreign intelligence policy with respect to the digital era, and the initial rounds of this necessary exercise were executed imperfectly.
If you give any credence whatever to FISC, then the most important decision is the one that is the subject of this very article, FISA Amendments Act of 2008 aside.
Bullshit. The original definition of U.S. Person was a U.S citizen (no provision for location), or anyone on U.S. soil legally. That's been the case since the original passage of FISA. Unless the new definition includes non-citizens outside U.S. jurisdiction -- which makes no sense -- then no, they didn't improve that. And the original law required a warrant any time a U.S. Person was known to be a party, it was quite explicit. It was only in the case where there was incidental recording of a U.S. Person's communication while surveiling a non-U.S. Person where redaction was allowed.
That's not accurate: the application of the law, previously, understood the warrant requirements to be a combination of 50 USC 1801 (i) and (j), which define a "United States person", and "United States", in a geographic sense. Even that interpretation was imperfect, but the application ended up being that whenever foreign intelligence surveillance powers were used under Title 50, section (j) -- the definition of "United States" as a geographic area -- determined where a warrant was required, regardless of an individual's status. This meant that persons under section (i) -- the definition of a "United States person" -- did not have the specific protections -- namely, protection anywhere they might be, globally -- granted under the current law. The current law changes the current law from a question of geospatial consideration to one of consideration of legal status.