Activists Create Website to Record NSA & FBI Information Requests

A Freedom of Information Act request filed last year by New York Times journalist-Charlie Savage prompted the Federal Bureau of Investigation (FBI) to release a redacted version of an inspector general report from September 2012 in which the Department of Justice’s internal watchdog weighed in on the bureau’s use of a federal provision that permits the collection of foreign communications.

Documents provided by the Federal Bureau of Investigation suggest that the FBI has played a part in the National Security Agency’s (NSA) surveillance operations to a much greater extent than previously acknowledged.

According to Savage, the FBI “has gradually become a significant player” with regards to administering the sweeping-up of signals intelligence, as indicated by the DOJ’S Inspector General report published by the Times on Monday. It’s no secret the NSA relies greatly on the rule called Section 702, which comes from the amendments tacked on to the US Foreign Intelligence Surveillance Act in 2008, to collect internet and phone data from non-Americans reasonably believed to be located outside of the country.

The 231-page report, Savage noted, contains a single, underacted reference to “Prism,” the internet surveillance program used by the NSA to gather intelligence from major web firms, including Facebook, Yahoo and Skype, which was revealed publicly for the first time in June 2013 by former government contractor Edward Snowden. It also contains details confirming the US spy agency has for more than five years shared its signals intelligence with law enforcement investigators within the FBI.

Although much of the report has been blacked-out ahead of being sent to the newspaper, it provides a thorough account nonetheless of the FBI’s part in SIGINT collection that had previously been kept from public review. Savage wrote this week that the DOJ’s Office of the Inspector General released only a two-paragraph statement in 2012 acknowledging that a report “On Activities Under Section 702” exists and had been delivered to Congress but, “because the report is classified, its contents cannot be disclosed to the public.”

Within the report are comments from the DOJ’s Inspector General in which the FBI’s “702 Team” is hailed for its “commendable deliberation, thoroughness and professionalism,” and elsewhere its content indicates that the bureau began back in October 2009 to receive “raw 702-acquired data” that had been “dual rooted” during the NSA’s collection, “so that it could retain this data for analysis and dissemination in intelligence reports. ” And by April 2012, the report reveals, the FBI began “nominating” selectors, or certain search terms, queried within the NSA-collected database to aid with its own intelligence reporting. ” That month, Savage explained, “the FBI started retaining copies of unprocessed communications gathered without a warrant to analyze for its own purposes.

Previously, leaked documents provided by Snowden to The Guardian newspaper revealed that, although the NSA and other American agencies are barred from collecting intelligence on US citizens, the spy agency has since 2011 been authorized to search SIGINT data for details on specific individuals, American citizens included, once those records are whittled down from data unearthed during queries concerning non-US persons of interest. US President Barack Obama said in 2013 that a panel put together by the White House would review the intelligence community’s surveillance programs, and the committee’s subsequent report determined that particular aspects push the programs “close to the line of constitutional reasonableness.

Although US persons may not be targeted under Section 702, communications of or concerning US persons may be acquired in a variety of ways,” a portion of the report reads. “An example is when a US person communicates with a non-US person who has been targeted, resulting in what is termed ‘incidental’ collection. Another example is when two non-US persons discuss a US person. Communications of or concerning US persons that are acquired in these ways may be retained and used by the government, subject to applicable rules and requirements. The communications of US persons may also be collected by mistake, as when a US person is erroneously targeted or in the event of a technological malfunction, resulting in ‘inadvertent’ collection. In such cases, however, the applicable rules generally require the communications to be destroyed.”

“The board skips over the essential privacy problem with the 702 upstream program: that the government has access to or is acquiring nearly all communications that travel over the internet,” she wrote. “The government’s collection and search of Americans’ communications without a warrant or individually approved court order is barred by the Constitution and must be stopped.”

According to Savage, the Times’ legal team may choose to challenge the 2012 inspector general report in court in the hope of having some of the redaction reversed before its release is reconsidered.

Privacy advocates and digital rights proponents have raised concerns about the program nevertheless, however, with Cindy Cohn, the legal director of the Electronic Frontier Foundation, writing last year that the review group’s recommendations for the White House still fell short of what could be accomplished to ensure proper protections are put in place for the communications by Americans.

A recently launched website that tracks and lists transparency reports from across the web has already received over 20 submissions since its launch on Monday, co-founder Nadia Kayyali told the Sputnik international news service.

Kayyali, who is also an activist at the Electronic Frontier Foundation (EFF), said that EFF became involved in the project simply because they thought it was important to provide information to people about what companies have so-called ‘canaries. ’.

Its disappearance normally means they’ve received secret orders from an intelligence or law enforcement agency, usually the NSA or the FBI. A ‘canary’ is a published statement or warrant that ISPs and telecom providers put out to say they haven’t received any security data requests from Federal government.

This loophole allows Canary Watch to monitor postings on social networks such as Reddit, Pinterest and Tumblr that like to be perceived as transparent, and they are now able to show they are. In many cases data requests from the government agencies come together with gagging orders that prohibit the companies to disclose receiving the information request. But they are not legally prohibited from saying that they haven’t received them. To date, no US court has challenged their right to keep silent on the issue.

“Since Canary Watch launched on Monday, we’ve been sent over twenty new canaries, which we are adding to the site. The speed with which we’re getting submissions shows what kind of interest there is in canaries as a tool, and we’re really pleased to see it,” Kayyali told Sputnik on Thursday.

The EFF has teamed up with New York University’s Technology Law & Policy Clinic, the Berkman Center for Internet and Society and the Calyx Institute to create CanaryWatch. But not all ISPs use warrant canaries and even with the ones that do it’s hard to keep track of them.

“If you’re not paying attention to a specific canary, you may never know when it changes. Plenty of providers don’t have warrant canaries. Those that do may not make them obvious. And when warrant canaries do change, it’s not always immediately obvious what that change means,” Kayyali wrote in an EFF blog.

Canaries come in different forms and sizes so the site has an FAQ (PUT A LINK) that describes what they are and their legal implications.

Some are just simple, short statements such as “Provider X has received 0 national security requests.” Sometimes they may be slightly more revealing such as this one from Apple in November 2013.

“Apple has never received an order under Section 215 of the USA Patriot Act. We would expect to challenge such an order if served on us.”

Sources:

(“Canary Watch: Activists Create Website to Track & Reveal NSA, FBI Info Requests.” – RT USA. N.p., n.d. Web. 09 Feb. 2015.)

(“New Document Reveals FBI’s Role in NSA Surveillance Program.” – RT USA. N.p., n.d. Web. 09 Feb. 2015.)

(“Tech Heavyweights Facebook, Google, Apple Support Bill Limiting NSA Spying.” – RT USA. N.p., n.d. Web. 09 Feb. 2015.)