FBI General Counsel Questioned on EFF NSL Report

At a hearing of the House Judiciary Committee today, FBI General Counsel Valerie Caproni faced tough questions about the EFF Report on the abuse of a National Security Letter (NSL) to North Carolina State University at Raleigh.

In her testimony, Caproni speculated that this misuse of the NSL might have been the result of a "miscommunication." According to a 2007 report by Caproni's Office of the General Counsel, however, the FBI Charlotte Division "acted upon the advice and direction of FBIHQ [and] Charlotte personnel sought legal advice prior to the service of the NSL." FBI documents show that the NSL at issue was reviewed by the Senior Supervisory Special Agent for the Raleigh office, and then reviewed by the Special Agent in Charge of the Atlanta Division before being signed.

The Raleigh office also reported that "We had our CDC [Chief Division Counsel] and FBIHQ involved in in this throughout the process."

Later documents show that the field agents contacted FBI attorneys for "guidance concerning the matter and the questioned legality of the NSL," including the Acting Chief Division Counsel and legal counsel with the Office of General Counsel.

That's a whole lot of miscommunication.

Update
Rep. Nadler Questioning Caproni on NSLs:

Privacy info. This embed will serve content from youtube.com.

[Permalink]

EFF Issues Report on Abuse of National Security Letter

Today, EFF published a report on the misuse of a National Security Letter to seek educational records from North Carolina State University at Raleigh in 2005. The NSL authority does not allow the government to seek educational records.

The detailed report stems from EFF's Freedom of Information Act request for records about NSL abuse. FBI documents show that, over the span of three days in July 2005, the Charlotte Division of the FBI first obtained educational records pursuant to a grand jury subpoena, and then -- at the direction of FBIHQ -- returned the records and sought them again pursuant to an improper NSL.

The improper NSL was refused by the university, but the FBI finally obtained the records pursuant to a second grand jury subpoena. Later in July 2005, FBI Director Robert Mueller used the delay in obtaining these particular records as an example of why the FBI needed administrative subpoena power instead of NSLs in testimony.

The misuse of the NSL was not formally reported until February 2007, a short time before Inspector General Glenn Fine’s report on the abuse of NSLs was due before Congress. While the Inspector General's report identified dozens of instances in which National Security Letters may have violated laws and agency regulations and were not reported, this is the first time documents have shown that top FBI executives were aware of a misuse before it was officially reported. It took almost two years before the incident was formally reported.

Tomorrow the House Judiciary Committee is holding a hearing on the misuse of the National Security Letter power (including testimony by FBI General Counsel Valerie Caproni and Inspector General Glenn Fine), and the Senate Judiciary Committee will hold a hearing on Wednesday.

[Permalink]

FOIA Document Shows Improper FBI Access to Entire Domain's Email

According to a document obtained by the Electronic Frontier Foundation through the Freedom of Information Act, an "apparent miscommunication" resulted in unauthorized FBI access to an entire domain's email, rather than the single email account the Bureau had permission to monitor. As Eric Lichtblau of the New York Times reports:

A technical glitch gave the F.B.I. access to the e-mail messages from an entire computer network — perhaps hundreds of accounts or more — instead of simply the lone e-mail address that was approved by a secret intelligence court as part of a national security investigation, according to an internal report of the 2006 episode.

F.B.I. officials blamed an “apparent miscommunication” with the unnamed Internet provider, which mistakenly turned over all the e-mail from a small e-mail domain for which it served as host. The records were ultimately destroyed, officials said.

Bureau officials noticed a “surge” in the e-mail activity they were monitoring and realized that the provider had mistakenly set its filtering equipment to trap far more data than a judge had actually authorized.

The episode is an unusual example of what has become a regular if little-noticed occurrence, as American officials have expanded their technological tools: government officials, or the private companies they rely on for surveillance operations, sometimes foul up their instructions about what they can and cannot collect.

The problem has received no discussion as part of the fierce debate in Congress about whether to expand the government’s wiretapping authorities and give legal immunity to private telecommunications companies that have helped in those operations.

But an intelligence official, who spoke on condition of anonymity because surveillance operations are classified, said: “It’s inevitable that these things will happen. It’s not weekly, but it’s common.”

The document was released through an EFF lawsuit against the Department of Justice for records about the FBI's misuse of National Security Letters. To learn more about EFF's open government work and FOIA litigation, click here.

[Permalink]

President Tries to Scrap New Open Government Office

Just weeks after signing legislation that significantly updated the Freedom of Information Act (FOIA) for the first time in more than a decade, the President is attempting to single-handedly strike a major part of the new law.

Among other improvements to the FOIA, the OPEN Government Act created an ombudsman to settle problems between FOIA requesters and federal agencies, as well as keep tabs on how well the FOIA works in practice. Rather than put the new office in the Department of Justice, which has been in charge of the government's FOIA policy for more than 30 years and represents the government in FOIA lawsuits filed by requesters, Congress decided that it should be part of the National Archives and Records Administration to help maintain its independence.

It seemed that President Bush was behind this idea when he signed the OPEN Government Act into law on December 31. His proposed budget for 2009, however, includes a provision that would "repeal" the ombudsman's office and shift its funding to the Justice Department.

If the President's attempt to get rid the ombudsman is successful, it would be tremendously unfortunate for both the public and the government. This new office is meant to give requesters a way to resolve FOIA disputes without having to resort to litigation, which would be cheaper and less burdensome for people who have trouble getting documents from the government, and might reduce the number of FOIA lawsuits that the government has to defend against. The creation of the ombudsman's office is a good idea for improving the FOIA process, which doesn't work as well as it should. The President should see if it makes things better before deciding it's not worth the money.

EFF has joined a coalition of more than 40 organizations asking Congress to provide funds for the ombudsmen to work out of the National Archives as Congress intended. You can read our objections to the budget proposal here.

To learn more about EFF's Freedom of Information Act litigation, click here.

[Permalink]

Key Open Government Reform Legislation Becomes Law

In one of his last official acts of 2007, President Bush signed into law the first major overhaul of the Freedom of Information Act (FOIA) in more than a decade. The Open Government Act of 2007 makes much-needed changes to the FOIA process that will give Americans better access to information about their government at work, such as:

• Ensuring that freelance and alternative journalists are considered representatives of the media, making it less expensive for them to get information from the government.
• Providing for attorney fees when a requester's lawsuit prompts an agency to change its position on a request, even if a court doesn't order it.
• Creating a tracking system to help make sure that FOIA requests don't become hopelessly tangled in red tape.
• Establishing the Office of Government Information Services, which will be tasked with helping to resolve conflicts between agencies and requesters.
• Penalizing agencies that don't process FOIA requests on time.
• Making it clear that requesters can get government records maintained by private contractors, not just the agencies themselves.
• Imposing greater reporting requirements to let Congress and the public know more about how agencies handle requests.

The changes made by the OPEN Government Act are a hard-fought victory that will help EFF and other requesters make better use of the FOIA and keep the government accountable to the people.

In the past few months, EFF's FOIA requests have uncovered illegal government demands for phone customers' "communities of interest" and revealed details about the FBI's misuse of National Security Letters. Our work was also cited in a congressional call for an investigation of former Attorney General Alberto Gonzales. To learn more about EFF's FOIA efforts, visit our FOIA Litigation for Accountable Government (FLAG) Project page.

[Permalink]

Who's in Your Five? EFF Documents Show the FBI Sought Details About "Communities of Interest"

Documents [PDF] obtained by the Electronic Frontier Foundation show that the FBI asked telecommunications companies to turn over information about people in contact with individuals the FBI was investigating, though a degree removed from any suspicious activity and presumably innocent. As Eric Lichtblau reported in the New York Times this morning:

The F.B.I. cast a much wider net in its terrorism investigations than it has previously acknowledged by relying on telecommunications companies to analyze phone-call patterns of the associates of Americans who had come under suspicion, according to newly obtained bureau records.

The documents indicate that the Federal Bureau of Investigation used secret demands for records to obtain data not only on individuals it saw as targets but also details on their "community of interest" ? the network of people that the target was in contact with. The bureau stopped the practice early this year in part because of broader questions raised about its aggressive use of the records demands, which are known as national security letters, officials said.

The letters are part of the second set of FBI documents released in response to a Freedom of Information Act (FOIA) lawsuit seeking information about the FBI's misuse of National Security Letters (NSLs). In June, a federal judge ordered [PDF] the Bureau to disclose additional information responsive to EFF's request every month. We anticipate that this material will continue to reveal details about the Bureau's use ? and abuse ? of NSL authority. For more information about EFF's FOIA work, visit our FOIA Litigation for Accountable Government (FLAG) Project page.

Update, 9/11: We've added more analysis in a follow-up post here.

[Permalink]

EFF Documents Shed Light on FBI Electronic Surveillance Technology

The Electronic Frontier Foundation (EFF) has obtained documents through the Freedom of Information Act that reveal the inner workings of the FBI's Digital Collection System Network (DCSNet), a software suite that allows the Bureau to conduct surveillance on a wide variety of digital devices.

As Ryan Singel writes in his extensive report for Wired News:

Many of the details of the system and its full capabilities were redacted from the documents acquired by the Electronic Frontier Foundation, but they show that DCSNet includes at least three collection components, each running on Windows-based computers.

The $10 million DCS-3000 client, also known as Red Hook, handles pen-registers and trap-and-traces, a type of surveillance that collects signaling information -- primarily the numbers dialed from a telephone -- but no communications content. (Pen registers record outgoing calls; trap-and-traces record incoming calls.)

DCS-6000, known as Digital Storm, captures and collects the content of phone calls and text messages for full wiretap orders.

A third, classified system, called DCS-5000, is used for wiretaps targeting spies or terrorists.

You can read more commentary from Ryan on Threat Level. Professors Matt Blaze and Steve Bellovin have also weighed in on the security implications of the system.

EFF obtained these documents through a FOIA lawsuit filed against the FBI last year. A federal judge has ordered [PDF] the Bureau to turn over new documents every month, so check back often the learn more about DCSNet.

As with all our FOIA documents, EFF encourages you to go through these files yourself and let the world know what you find. We ask only that you please mention EFF if you use these documents in any way. We're a nonprofit organization, and our funding for the FOIA Litigation for Accountable Government (FLAG) Project depends on showing that our work is important and relevant.

For more information about these documents or EFF's FLAG Project, please contact EFF Staff Attorney Marcia Hofmann at marcia(at)eff.org.

[Permalink]

Senator Cites EFF FOIA Work in Call for Investigation of Attorney General

EFF's Freedom of Information Act (FOIA) work has helped to prompt the head of the Senate Judiciary Committee to ask for an investigation into whether the attorney general has lied to Congress.

In a letter to the Justice Department Office of the Inspector General, Senator Patrick Leahy asked the agency watchdog to probe "potentially false or misleading testimony given by Attorney General Alberto Gonzales during his appearances before various congressional committees."

The evidence cited by Leahy includes documents that EFF obtained through a FOIA lawsuit against the Justice Department for records related to the FBI's misuse of National Security Letters. As the letter notes:

Attorney General Gonzales said in April 27, 2005, testimony before the Senate Select Committee on Intelligence with regard to National Security Letters (NSLs) and other information-gathering techniques that statutory civil liberties safeguards had been effective and that ?[t]here has not been one verified case of civil liberties abuse.? Similarly, his responses to written questions following his April 19, 2007, Senate Judiciary Committee hearing indicated that he had not learned of problems with NSLs prior to your March 2007 report on the issue. Documents obtained in a Freedom of Information Act lawsuit indicated that the Attorney General had in fact received numerous reports in 2005 and 2006 of violations in connection with NSLs and other surveillance tools. The Attorney General in his July 24 testimony suggested that his prior testimony and answers were premised on the fact that he was not aware of any ?intentional? violations. The Washington Post has reported that at least one intentional violation was reported in the relevant time period.

Leahy's request shows why the FOIA is an important tool for making sure that government works the way it should. Through its FOIA Litigation for Accountable Government (FLAG) project, EFF files FOIA requests and lawsuits for documents about the government's use of investigative power, among other things. Our goal is to pry information out of government filing cabinets and make it available for all to see, which helps to ensure that public officials are held accountable for their actions.

[Permalink]

EFF FOIA Docs: Soldiers Rarely Blog Information That Threatens Military Operations

According to documents released to the Electronic Frontier Foundation (EFF) by the Army and Defense Department, soldier journalists post far less information that could harm military operations than official .mil websites do. These documents call into question the need for new restrictions on soldiers' online speech, which some critics say will cause military bloggers to cut back on their posts or shut down their sites altogether.

The documents, which EFF obtained through a Freedom of Information Act (FOIA) lawsuit, shed light on the work of the Army Web Risk Assessment Cell (AWRAC) [PDF], a unit that monitors official and unofficial military websites "for information and trends of data that could be used to breach security or pose a threat to defensive and offensive operations and military personnel."

According to statistics [PDF] obtained from the Army, the AWRAC spotted no more than 28 content violations on 594 military blogs (or "milblogs") between January 2006 and January 2007. In contrast, the unit found at least 1,813 content violations on 878 official military websites during the same period.

(The numbers cited in the Army's own documents vary widely, but we've drawn our conclusion on the figures we found that are most favorable to the military. However, the documents show that the number of content violations discovered may have been as as low as 14 on milblogs, and as high as 4,052 on official military sites.)

More after the jump.

[Read the entire post]

Just Before Recess, Senate Approves FOIA Reform Bill

The day before adjourning for August recess, the Senate unanimously approved S.849, the OPEN Government Act, a bipartisan bill that is the first significant update to the Freedom of Information Act (FOIA) in more than a decade. When Congress is back in session, a conference will reconcile the differences between this bill and similar legislation passed by the House of Representatives in March.

Among other things, the legislation will strike a blow to government secrecy by:

Revelations about the FBI's misuse of a key PATRIOT Act power and other privacy-invasive initiatives clearly demonstrate the importance of government transparency. This law will make it easier for EFF's FOIA Litigation for Accountable Government (FLAG) project and other FOIA requesters to keep the government accountable to the people.

[Permalink]