FBI, CIA Use Backdoor Searches To Warrentlessly Spy On Americans' Communications30/06/2014 23:49
Source: Tech Dirt
The other shoe just dropped when it comes to how the federal government illegally spies on Americans. Last summer, the details of the NSA's "backdoor searches" were revealed. This involved big collections of content and metadata (so, no, not "just metadata" as meaningless as that phrase is) that were collected under Section 702 of the FISA Amendments Act (FAA). This is part of the program that the infamous PRISM effort operates under, and which allows the NSA to collect all sorts of content, including communications to, from or about a "target" -- where a "target" can be incredibly loosely defined (i.e., it can include groups or machines or just about anything). The "backdoor searches" were a special loophole added in 2011 allowing the NSA to make use of "US person names and identifiers as query terms." In the past, it had been limited (as per the NSA's mandate) to only non-US persons.
This morning, James Clapper finally responded to a request from Senator Ron Wyden concerning the number of such backdoor searches using US identifiers that were done by various government agencies. And, surprisingly, it's redaction free. The big reveal is... that it's not just the NSA doing these searches, but the CIA and FBI as well. This is especially concerning with regards to the FBI. This means that the FBI, who does surveillance on Americans, is spying on Americans communications that were collected by the NSA andthat they're doing so without anything resembling a warrant. Oh, and let's make this even worse: the FBI isn't even tracking how often it does this. It's just doing it willy nilly:
The FBI does not track how many queries it conducts using U.S. person identifiers. The FBI is responsible for identifying and countering threats to the homeland, such as terrorism pilots and espionage, inside the U.S. Unlike other IC agencies, because of its domestic mission, the FBI routinely deals with information about US persons and is expected to look for domestic connections to threats emanating from abroad, including threats involving Section 702 non-US. person targets. To fulfill its mission and avoid missing connections within the information lawfully in its possession, the FBI does not distinguish between U.S. and non- U.S. persons for purposes of querying Section 702 collection. It should be noted that the FBI does not receive all of Section 702 collection; rather, the FBI only requests and receives a small percentage of total Section 702 collection and only for those selectors in which the FBI has an investigative interest.
Moreover, because the FBI stores Section 702 collection in the same database as its "traditional" FISA collection, a query of "traditional" FISA collection will also query Section 702 collection. In addition, the FBI routinely conducts queries across its databases in an effort to locate relevant information that is already in its possession when it opens new national security investigations and assessments. Therefore, the FBI believes the number of queries is substantial. However, only FBI personnel trained in the Section 702 minimization procedures are able to View any Section 702 collection that is responsive to any query.
Got that? Basically, the FBI often asks the NSA for a big chunk of data that the NSA probably shouldn't have in the first place -- including tons of Americans' communications, and the FBI gets to dump it into the same database that it is free to query. And the FBI tracks none of this, other than to say that it believes that there are a "substantial" number of such queries. This would seem to be a pretty blatant attempt to end run around the 4th Amendment, giving the FBI broad access to searching through the communications of Americans with what appears to be almost no oversight.
Oh, and it's not just the NSA, but the CIA as well. Remember, the CIA is not supposed to be doing anysurveillance on US persons (like the NSA), but that's not what's happening at all. At least the CIA tracks some (but not all) of its abuse of backdoor searches:
In calendar year 2013, CIA conducted fewer than 1900 queries of Section 702-acquired communications using specific U.S. person identifiers as query terms or other more general query terms if they are intended to return information about a particular U.S. person. Of that total number approximately 40% were conducted as a result of requests for counterterrorism-related information from other U.S. intelligence agencies. Approximately 27% of the total number are duplicative or recurring queries conducted at different times using the same identifiers but that CIA nonetheless counts as separate queries. CIA also uses U.S. person identifiers to conduct metadata-only queries against metadata derived from the FISA Section 702 collection. However, the CIA does not track the number of metadata-only queries using U.S. person identifiers.
So, the CIA is doing these kinds of warrantless fishing expeditions into the communications of Americans as well, but at least the CIA tracks how often it's doing so. Of course, when it comes to metadata searches, the CIA doesn't bother. It's also a bit bizarre that the CIA is apparently carrying out a bunch of those searches for "other U.S. intelligence agencies," when the CIA should be especially limited in its ability to do these searches in the first place.
Senator Wyden has responded to these revelations by pointing out how "flawed" the oversight system is that these have been allowed:
When the FBI says it conducts a substantial number of searches and it has no idea of what the number is, it shows how flawed this system is and the consequences of inadequate oversight. This huge gap in oversight is a problem now, and will only grow as global communications systems become more interconnected. The findings transmitted to me raise questions about whether the FBI is exercising any internal controls over the use of backdoor searches including who and how many government employees can access the personal data of individual Americans. I intend to follow this up until it is fixed.
Hopefully, now you are starting to recognize what a big deal it was last week when the House of Representatives recently voted to defund the ability to do these kinds of backdoor searches. Still, much more needs to be done.
Oh, and in case you're wondering why Clapper finally 'fessed up to the FBI and CIA making use of these data to warrantlessly spy on Americans, it's worth noting that the Privacy and Civil Liberties Oversight Board (PCLOB) is expected to come out with its report on the Section 702 surveillance program on July 2nd (7/02, get it?). It seems likely that the report will discuss these backdoor searches on Americans and how other agencies besides the NSA has been involved in the practice.