1 - Is describing activity that happened half a century ago before a whole number of legislative actions to change the way the NSA does business
2 - Is essentially a summary of an Intercept article where Glenn Greenwald shows FBI surveillance of 5 US citizens, not NSA
3 - Talks about trying to break Tor; doesn't describe who is being targeted
4 - Talks about journalists scared about surveillance; no evidence of NSA targeting them
5 - Talks about Glenn Greenwald's husband being held up and searched by UK border control for ferrying classified information
To respond to the GP's question: I've seen a lot of claims that it's obvious that every one of us is being monitored. I've yet to see any evidence backing it up.
TLDR: The leak was a copy of the secret FISA court order allowing the NSA to vacuum up pretty much every American's phone records, including local phone calls, "on an ongoing daily basis." I suspect that most people would view that as monitoring.
That's not counting the separate questions of bulk fiber taps (collect it all) and the Obama administration's secret AG opinion blessing warrantless bulk collection of encrypted communications (decrypt it later), which I wrote about here:
http://www.cnet.com/news/nsa-can-eavesdrop-on-americans-phon...
"Another loophole is... "enciphered" data. Communications that contain "enciphered" data, which would likely include PGP but also could mean encrypted Web connections using SSL, may be kept indefinitely."
With regards to the first Snowden leak, there was no context behind it. We've had two independent reports (the Presidential Review Group's[1] and the Privacy and Civil Liberties Oversight Board's[2]) since then detailing exactly what is being done with phone records and what the NSA is allowed to do with them. I wouldn't call the 215 program monitoring at all, unless you're referring to the "seed selectors" that are approved by the FISC. Based on what we know now, the entire premise of the program, which was lacking in the initial reporting, is determining if any numbers on a list of foreign phones belonging to suspected terrorists have called or received calls from US numbers; if so, which numbers were they in contact with. You can call it massive over-collection to achieve those ends and you can say the potential for abuse is frightening, but none of the Snowden documents have actually shown any abuse, datamining or, dare I say, monitoring of regular people.
With your second article, it almost feels like your article and the source documents are talking about two separate things. You start off claiming that the documents are at odds with Obama's claim that the NSA can't listen to American's phone calls or target their e-mails, then go and cite a pair of documents that detail how to avoid collecting American's communications and what to do if they are inadvertently collected? You continue on by saying 'Analysts are expected to exercise "reasonable judgment" in determining which data to use, according to the documents, and "inadvertently acquired communications of or concerning a United States person may be retained no longer than five years."', but omit rest of the paragraph that it comes from:
Personnel will exercise reasonable judgment in determining whether information acquired must be minimized and will destroy inadvertently acquired communications of or concerning a United States person at the earliest practicable point in the processing cycle at which such communication can be identified either: as clearly not relevant to the authorized purpose of the acquisition (e.g., the communication does not contain foreign intelligence information); or, as not containing evidence of a crime which may be disseminated under these procedures. Such inadvertently acquired communications of or concerning a United States person may be retained no longer than five years in any event. The communications that may be retained include electronic communications acquired because of limitations on NSA's ability to filter communications.
Why is the beginning and end of that paragraph important but not the fact that NSA analysts are required to destroy any US person communications that couldn't be automatically filtered out and contain no intelligence value or evidence of a crime? It doesn't say anything about a requirement to destroy American's inadvertently collected communications anywhere in the article. You continue by saying 'The documents also refer to "content repositories" that contain records of devices' "previous Internet activity," and say the NSA keeps records of Americans' "electronic communications accounts/addresses/identifiers" in an apparent effort to avoid targeting them in future eavesdropping efforts.' What's the problem with noting that an e-mail address belongs to an American if the stated purpose is to mark it as unsuitable for collection?
You go to quote Jameel Jaffer at the ACLU as saying that "the NSA claims the authority to collect and disseminate attorney-client communications -- and even, in some circumstances, to turn them over to Justice Department prosecutors.", but the actual source document says this:
As soon as it becomes apparent that a communication is between a person who is known to be under criminal indictment in the United States and an attorney who represents that individual in the matter under indictment (or someone acting on behalf of the attorney), monitoring of that communication will cease and the communication will be identified as an attorney-client communication in a log maintained for that purpose. The relevant portion of the communication containing that conversation will be segregated and the National Security Division of the Department of Justice will be notified so that appropriate procedures may be established to protect such communications from review or use in any criminal prosecution, while preserving foreign intelligence information contained therein. Additionally, all proposed disseminations of information constituting United States person attorney-client privileged communications must be review by the NSA Office of General Counsel prior to dissemination.
I look at these things and I have to wonder why the article is written like this. It seems downright misleading to me. Is it an editorial decision, or is that how you actually interpret those documents?
EDIT: I'm re-reading this a few minutes later and I'm worried I'm coming off as offensive, which wasn't my intention. I'm honestly curious about this - I read those same source documents and interpret them completely different than how you wrote them up.
> We've had two independent reports (the Presidential Review Group's[1] and the Privacy and Civil Liberties Oversight Board's[2]) since then detailing exactly what is being done with phone records and what the NSA is allowed to do with them.
And in those documents it was confirmed that the NSA was in charge of maintaining a database with all phone records of all Americans and that the limitations on the storage of these records are five years - that limitations on querying them are enforced only at a policy level.
The issue is not about whether there has been abuse. The issue is about the fundamental principles of freedom in our country against suspicion-less search and seizure. An infringement on this is and of itself is an abuse.
It's like saying: "Yeah they have slaves, but there's no evidence that they mistreat them." You're not engaging with the substance of the argument. Unless it is that you depart from the founding principles of freedom established to protect the United States of America, its citizens, and to promote well-being and liberty for all? Do you disagree with these principles, so long as those who govern don't abuse the power so far as the public knows?
> Why is the beginning and end of that paragraph important but not the fact that NSA analysts are required to destroy any US person communications that couldn't be automatically filtered out and contain no intelligence value or evidence of a crime?
First, it seems you agree with the parent? You don't dispute him, just add an addendum about minimization. In response to your addendum: it's clear that the collection is made and then by policy alone it is 'minimized'. The issue is that the collection is done in the first place without a person being suspected of a crime. Their content can be collected, then it can be decided if they are suspect of a crime or not, and then it may possibly be released. This is principally different than how law enforcement is supposed to work in the United States.
Another thing we learned from the Obama Administration oversight panel is that anything within three hops of a target is considered relevant for collection (and the hops are counted across Facebook, Twitter, AIM, Snapchat, LinkedIn, Gmail, phone, geolocation, etc). But we also know that on Twitter alone the average number of hops between any two people has been measured to be 3.43 [1]; and on Facebook it is 4.74 [2]. When every one of these networks is combined, it is almost assuredly close to if not below 3.0, and the number of targets is quite large. Because of this every person's contents are 'relevant to the an authorized purpose of acquisition' because all persons are likely to be within three hops of a request.
> You go to quote Jameel Jaffer at the ACLU as saying that...
I would agree that details are missed in his summary (this is the nature of summaries) but I would also classify his statement as accurate (not misleading). The NSA will collect client-attorney communications. If and when it is recognized as 'protected communication' the NSA will stop but keep the communications it has collected. It can disseminate them (there are processes for it, but it can). Protecting the communications from review and use in criminal prosecution while preserving the intelligence almost reads like... parallel construction...
> that limitations on querying them are enforced only at a policy level.
I love it when people throw this out. Virtually every crime is enforced only at a policy level. There are no technical limitations preventing a cop from going from door to door and using his issued weapon to kill everyone inside, but you don't see people crying out to disarm cops to prevent it.
> The issue is not about whether there has been abuse. The issue is about the fundamental principles of freedom in our country against suspicion-less search and seizure.
It's not suspicion-less - it's done to answer specific questions: are any phone numbers on a given list of foreign terrorist numbers in contact with other phone numbers inside the US? If so, which numbers are they in contact with? It was implemented to address a specific fault found by the 9/11 Commission. I'm personally comfortable with the information collected being used for exactly that purpose, and nothing else (although I'm guessing you're going to come back and say you're not). That's why in evaluating the program, it's critical to look at whether the NSA has deviated from guidelines set down by the courts. Neither of the two review groups recommended shutting down the program, they recommended keeping the phone records at the phone companies instead.
> First, it seems you agree with the parent? You don't dispute him, just add an addendum about minimization.
I'm taking issue with cherry picking quotes to make a point.
> The issue is that the collection is done in the first place without a person being suspected of a crime. Their content can be collected, then it can be decided if they are suspect of a crime or not, and then it may possibly be released. This is principally different than how law enforcement is supposed to work in the United States.
This isn't law enforcement, it's foreign intelligence. The document in question pertains to Section 702 collection, which is targeted against specific e-mail addresses/accounts/identifiers used by foreigners. There already has to be a stated foreign intelligence purpose to collect against that specific address to begin with. The document further goes on to direct analysts to destroy any collected information that pertains to US persons is not of foreign intelligence value.
> Another thing we learned from the Obama Administration oversight panel is that anything within three hops of a target is considered relevant for collection (and the hops are counted across Facebook, Twitter, AIM, Snapchat, LinkedIn, Gmail, phone, geolocation, etc).
There's nothing in the PCLOB report that says that. The report makes it pretty clear that the whole three hop process pertains to phone records.
> but I would also classify his statement as accurate
It's inaccurate because he states that the NSA can hand attorney-client communications over to federal prosecutors, when the document he's citing says the exact opposite.
> almost reads like... parallel construction...
How could it be parallel construction if the person is already indicted? The entire point of that section is to protect client-attorney communications - if the purpose was to feed intelligence to US law enforcement by circumventing client-attorney privilege, why would they put in those additional restrictions?
There wasn't much public evidence of what J. Edgar Hoover was doing until well after the fact.
Personally, I feel the burden of proof falls on the near-omniscient spy agency that brazenly lies and reinterprets basic diction to sterilize all methods of oversight. Again, silly me.
Some will say that it’s necessary to balance privacy against security, and that it’s important to find the right compromise between the two. Even if you believe that, a good negotiator doesn’t begin a conversation with someone whose position is at the exact opposite extreme by leading with concessions.
And that’s exactly what we’re dealing with. Not a balance of forces which are looking for the perfect compromise between security and privacy, but an enormous steam roller built out of careers and billions in revenue from surveillance contracts and technology. To negotiate with that, we can’t lead with concessions, but rather with all the opposition we can muster.
Is there any evidence that they actually target terrorists?
Collectively, we all need to keep beating this drum. Fundamentally, there are very very few terrorists. Very very few, if any, are in America. What's the bulk collection failure rate? 99.999999% ? And at what cost? It's astronomically expensive and out of all the leaks, what evidence is there that we've stopped a terrorist in America or any of her close allies' teritory where they are effectively spying on innocent tax paying civilians?
The most important thing in all of politics is to get to decide which words are used. The moment you use terrorism in the same sentence as data collection, you help spread the propaganda.
Bulk data collection has been done since the advance of fiber optics. They started doing it because they could, and because they had the economic means to. That's it.
The plots that have been thwarted by it are those orchestrated by US agencies to get mentally unstable people to join in, to quickly whisk them away to Siberia^WGuantanamo.
It's not about terrorism. Never was. That's just how the deep state sells it to voters.
If you look at the Snowden documents (and leaks by others) you'll see essentially nothing other than the international nature of the programs. For example, you'll remember from the Snowden leaks that the NSA hacked the Brazilian oil company PETROBRAS to help American oil companies win offshore oil drilling locations. The hacking of Merkle's cell phone was a big deal because it revealed that the US had information from Germany _during the Eurozone crisis_! Stuxnet was used to destroy Iran's nuclear program.
The US also faces the same sort of pressure from other countries. This year alone the DoD was hacked, Wall Street, NASDAQ and JP Morgan were hacked and hundreds of defense contractors were hacked - all with foreign attribution. Israel's Iron Dome designs were hacked by China.
Take a look at the NSA program HACIENTA, which "is used to port scan entire countries" and which uses other compromised (civilian) computers to disguise attribution.
Look at The Intercept reporting (where Glenn Greenwald is right now). He speaks at length about how the US uses NSA operations to benefit the global bargaining posture and competitiveness of US companies. https://firstlook.org/theintercept/2014/09/05/us-governments...
And take the Inspector General's report from the Boston Bombings - a great example of how and when the NSA domestic programs would be used if they were about terrorism. The NSA is hardly mentioned. The Inspector General investigates the failings of the FBI. (http://info.publicintelligence.net/IC-IG-BostonBombingReport...)
"We focused our review on the entities that were the most likely to have had information about Tamerlan Tsarnaev prior to the bombings – the FBI, the CIA, DHS, and NCTC, which maintains the U.S. government’s database of classified identifying and substantive derogatory information on known or suspected terrorists. We also requested other federal agencies to identify relevant information they may have had prior to the bombings. These agencies included the Department of Defense (including the National Security Agency (NSA)), Department of State, Department of the Treasury, Department of Energy, and the Drug Enforcement Administration."
The report on the failures to anticipate/stop the Boston Bombers barely mention the NSA. This is because the Federal Bureau of Investigation and the National Counterterrorism Center are in charge of counterterrorism, not the National Security Agency.
"The National Security Agency/Central Security Service (NSA/CSS) leads the U.S. Government in cryptology that encompasses both Signals Intelligence (SIGINT) and Information Assurance (IA) products and services, and enables Computer Network Operations (CNO) in order to gain a decision advantage for the Nation and our allies under all circumstances."
(Nothing to do with terrorism.)
Lots of news recently has called out Executive Order 12333's role in defining the goal and the means of intelligence capabilities. EO 12333 was passed in 1981. The Five Eyes, the key partnership of the NSA, has its origins in the 40's and ECHELON and other leaked programs (eg CARNIVORE/PREDATOR) predate 9/11 by decades.
The Snowden leaks disclose a list with over thirty countries with competing digital intelligence programs.
The NSA is not about terrorism. Never was. Never will be. The NSA and CSS are the intelligence arm of the United States. New Zealand's programs are similarly not about terrorism (what terrorists are attacking New Zealand?). Digital communications play a huge role in global communications and corporate and international power.
Given the highly sourced nature of this comment, I would expect a well reasoned argument accompanying a downvote. In case this person missed what they should be replying to:
* Programs for internet surveillance existed before 9/11
* Partnerships with other intelligence services existed before 9/11
* The programs are used for international espionage and sabotage often
* Most of the capabilities of the NSA are not counter-terrorist capabilities
* EO 12333 and the "Foreign Intelligence Surveillance Court" were established in the early 80s
* The inspector general's report on the Boston Bombings excluded the NSA almost wholey from its report
* The NSA's own mission statement and website content focuses almost exclusively on foreign intelligence
There is a domestic nature to NSA programs. But the 'reason for the NSA and it's programs' is not CT.
- http://rt.com/usa/evidence-nsa-illegally-monitored-senators-...
- http://www.huffingtonpost.com/2014/07/09/nsa-glenn-greenwald...
- http://www.theguardian.com/world/2013/oct/04/nsa-gchq-attack...
- http://www.theguardian.com/uk-news/2014/jul/14/gchq-tools-ma...
- https://www.aclu.org/human-rights-national-security/report-f...
- http://www.theguardian.com/world/2013/aug/18/glenn-greenwald...