TITLE: Congress Sneakily Working to Renew Program Allowing Widespread Spying on Americans
https://www.themarysue.com/section-702-controversial-government-spying-program-explained/
EXCERPT: These are two types of surveillance that can be used to essentially spy on us while technically obeying the law. Upstream surveillance refers to communications that travel across the internet. PRISM surveillance refers to receiving communications from bigger companies such as Google or Facebook.
Congress is supposed to renew Section 702 every couple of years, and it is set to expire at the end of 2023. The last time it was renewed was in 2018. Critics are particularly concerned about something called “about collection” which was ended by NSA in 2017 because it was so heavily criticized by the Foreign Intelligence Surveillance Court. “That term refers to the NSA’s searching through the Internet traffic to collect not only communications to or from an intelligence target but also those that simply mention an identifier used by a target,” writes the Electronic Frontier Foundation.
The organization explains:
The agency wasn’t just checking to see if the selector, like an email address, was in the “to” or “from” fields. It was searching the complete communication to see if a communication mentioned the selector at all. That’s like reading not just the address and return address on the outside of an envelope, but actually opening the envelope to read the contents of the letter inside.
Civil liberties advocates have always been extremely troubled by this “about” collection because it expanded the scope of NSA’s warrantless surveillance. But the NSA defended the practice, saying that it had no way, technologically speaking, to get its hands on the communications it was allowed to search without reading through the content of all the communications it collects.
Not everyone sees the big problem with 702. Most Americans may not even be impacted by the renewal of this program, as we do not have any contact ever with someone living overseas. Also, there are real dangers to our national security that the government has an interest in trying to intercept. However, our government has never been shy about privacy invasions. And regulation of the internet and other technological advancements is also always so far behind the actual technology itself. A lot of this feels like letting the government write itself a blank check.
We will have to wait and see if 702 is renewed, but one way politicians could sneak it through is to attach it to the National Defense Authorization Act, and WIRED’s sources say some members of Congress are planning to do just that. This act is a critical vote for Congress as it sets the annual funding for the Pentagon. No one wants to stall this important piece of legislation. Attaching 702 would require a straightforward up-or-down vote without a lot of debate, which is wild for something as complex and contentious as spying and intelligence gathering. At the end of the day, section 702 just highlights the continuing fine line we draw between privacy and protection.
TITLE: Is the CIA Still Secretly Capturing Americans’ Communications
https://www.cato.org/commentary/cia-still-secretly-capturing-americans-communications
EXCERPT: If the FISA Section 702 authority does lapse–either temporarily or permanently–the collection activity could potentially be resumed under Executive Order 12333, the daily operating guidance for executive branch spy components. We know this to be the case because years prior to the 9/11 attacks, the Central Intelligence Agency (CIA) was apparently conducting exactly the kind of internet “backbone” surveillance now carried out under FISA Section 702…with absolutely no judicial oversight.
The executive branch component that should have brought this fact to the public’s attention, the Privacy and Civil Liberties Oversight Board (PCLOB), had to be sued by the Cato Institute under the Freedom of Information Act (FOIA) in order to discover this critical fact.
The evidence for the program’s existence is contained in a CIA Inspector General (IG) audit dated August 7, 2002. The audit itself covered the period 1995–2000. Key facts about the program – who authorized it, when it began, whether it was terminated or is still running – may be contained in the many redacted sections of the IG report.
What is clear is that the program both captured U.S. Person data (definitely overseas but possibly domestically) and, in terms of CIA personnel compliance with EO 12333 and CIA regulations, was a total mess. The program captured and retained U.S. Person data seemingly indefinitely, and retention was not necessarily tied to any actual terrorist threat or espionage investigation.
Even worse, despite the fact that literally millions of Americans live, work, and travel overseas, the CIA presumed a target was foreign when starting collection, only allegedly ending collection when it discovered the target was in fact an American. On page five of the report, the CIA IG team admitted that it “was unable to review every regulated activity,” leaving open the possibility that the abuses may have occurred in other CIA intelligence collection activities that may have ensnared the communications of other Americans.
The fact that so many pages in this audit remain wholly redacted or even withheld in full, including specific issues involving program compliance with applicable law, executive orders, and regulations, only raises still more troubling questions about exactly how bad the abuses of this program were, and perhaps still are if it remains operational.
This CIA program is a reminder about how much we don’t know about the scope and duration of U.S. government surveillance efforts that implicate or indeed violate the constitutional rights of U.S. citizens in the post‑9/11 era.
We don’t know how many other classified federal surveillance programs have been or are operating and the extent to which they may, or already have, violated the First or Fourth Amendment rights of Americans. But just what we know about programs that have been publicized – including, among others, the Drug Enforcement Agency – should cause all Americans to demand renewed, probing, and broad Congressional oversight of such activities.
TITLE: Ron Wyden Wants To Know Why The DEA Still Has On-Demand Access To Trillions Of Phone Records
https://www.techdirt.com/2023/11/29/ron-wyden-wants-to-know-why-the-dea-still-has-on-demand-access-to-trillions-of-phone-records/
EXCERPT: For decades, the government has used the Third Party Doctrine to obtain massive amounts of phone records without a warrant.
Even prior to the creation of the Third Party Doctrine by the Supreme Court in 1979, government agencies were obtaining phone records using pen register requests that provided them with info on numbers called and the length of the calls. This method, however, required the government to supply some information of its own: specifically, a targeted source phone number phone companies could use to search for call metadata.
Then the NSA got involved. Leveraging the doctrine erected decades earlier, the NSA used its foreign surveillance authority to force Verizon to hand over every single phone record generated by users of its business services. No targeting necessary.
This mass collection was exposed by the initial Snowden leak. The FISA court order published by multiple news outlets showed the government was able to engage in bulk surveillance via a single FISA request. This one targeted Verizon’s business services, but nothing about what was published suggested this was the only cell service provider responding to these blanket orders.
At the same time Snowden was airing the government’s dirty surveillance laundry, the DEA was inadvertently exposing its delicates. A particularly spectacular unforced error by the DEA saw it handing over information on its secret “Hemisphere” program in response to records requests seeking something else entirely. The information contained in this accidentally exposed presentation not only showed AT&T had employees “embedded” in the DEA to provide more instantaneous responses to phone records requests, but also that DEA agents and experts were being instructed to engage in parallel construction to hide the origin of phones records obtained with this program that were being used as evidence in court.
The DEA’s ability to obtain phone records in bulk was confirmed several months later by none other than the DEA, which released another set of Hemisphere documents to records requesters. Perhaps figuring there was no longer any reason to pretend this program didn’t exist, the DEA was more forthcoming the second time around.
These revelations soon were buried by months of steady NSA leaks from Snowden and others. The Hemisphere program, however, never went away. Although it did receive attention from legislators and privacy advocates once it was exposed, the feds never officially ended this collection. AT&T was the only private company named in the documents, but there was never any official denial from other cell service providers that they, too, weren’t working with the DEA to provide real-time and bulk access to phone records.
Hemisphere is dead in name only. That’s only one of the revelations in this recent report from Dell Cameron and Dhruv Mehrota for Wired.
A little-known surveillance program tracks more than a trillion domestic phone records within the United States each year, according to a letter WIRED obtained that was sent by US senator Ron Wyden to the Department of Justice (DOJ) on Sunday, challenging the program’s legality.
According to the letter, a surveillance program now known as Data Analytical Services (DAS) has for more than a decade allowed federal, state, and local law enforcement agencies to mine the details of Americans’ calls, analyzing the phone records of countless people who are not suspected of any crime, including victims. Using a technique known as chain analysis, the program targets not only those in direct phone contact with a criminal suspect but anyone with whom those individuals have been in contact as well.
DAS is nothing more than a rebrand of Hemisphere — a program that underwent periodic suspensions by various presidential administrations following its exposure by journalists and public records requesters. As Cameron and Mehrota note, the first suspension followed its first exposure, delivered by Barrack Obama in 2013. Since then, the leaders of the free world have been flipping the on-off switch randomly.
[W]hile discretionary funding was withheld over the following three years, a White House memo obtained by WIRED shows that individual law enforcement organizations across the US were permitted to continue contracting with AT&T directly in order to maintain access to its data-mining service. Funding resumed under former president Donald Trump but was halted again in 2021, according to the White House memo. Last year, under president Joe Biden, the funding resumed once more, the memo says.
If there’s anything that reaches across the massive partisan divide, it’s the willingness to allow domestic law enforcement agencies to engage in domestic surveillance with minimal oversight.