Surveillance Standoff
Friday, April 04, 2008
In the old days, everyone was linked to a lug nut, and Jim Kallstrom liked it that way.
It was 1985, a simpler time for a cop like Kallstrom, who was in charge of setting telephone wiretaps on suspected drug dealers and mobsters for the FBI's New York City field office. In New York, Kallstrom's cases were often won on the basis of incriminating evidence surreptitiously snatched from the mouths of criminal defendants through their phone lines. With a mere 203,000 Americans using mobile phones, people were still tied to the ground, and that gave Kallstrom's world a certain comforting order.
On any given day, he could stand on a street corner in Manhattan, gaze up at an apartment building with its neat rows and columns of units stacked atop each other, and know that inside each one there was a telephone, tethered by thin copper wire to a single point, sometimes several miles away. In his mind's eye, Kallstrom could have imagined shrinking himself to the size of an electron and traveling over the phone line, down to the bottom of the building, then shooting beneath the streets, until he ended up in the basement of the telephone company's switching station. There, the wire emerged, pegged to a rack by a single copper lug nut. Acres of racks lined the walls, each holding rows and columns of lug nuts and their wires, neatly stacked atop each other -- the city of New York in analog miniature.
With a warrant in hand, Kallstrom could tell the technicians at the phone office, with whom he had become friendly over the years, "Go up on RR326." The tech would walk to the rack, find the wire, and clamp on a listening device. Instantly, Kallstrom became an invisible interloper.
FBI agents and federal prosecutors depended on these legal wiretaps to penetrate drug cartels, incriminate money launderers, and spy on mob families. And they needed to be absolutely certain that the line they were on belonged to the suspected dealer, or launderer, or capo named in the court-approved warrant. Not the guy in the apartment next door. Not someone down the block. This guy. This phone. RR326. Lest the agents violate a judge's order, and perhaps land themselves in jail, this had to be the very same line that snaked back through the subterranean maze of Manhattan, through all those blocks of concrete caverns, back to that certain apartment building, up through the walls and out of the jack and into the phone that was in the hand and next to the mouth of Kallstrom's target. It was, by design and necessity, a neat, specific system.
And then it all went sideways.
Kallstrom's friends in the phone company put him on notice in 1985: Over the next few years, those racks and stacks of wires and lug nuts would be swept into the technological dustbin. The telephone network was going digital. Technicians would no longer stand at a rack; they would sit at a keyboard. In some parts of the country that had already made the change, phone calls were traveling as a stream of 1's and 0's. Thousands of lines commingled in a single computer. When New York went digital, the phone techs told Kallstrom, they would no longer be able to tap him directly into RR326. In fact, they couldn't even tell him for sure where RR326 resided in this new engineering matrix.
At the same time that the phone companies were preparing for the transition to digital, the use of cellphones -- which were inherently harder to tap because they used phone lines differently than analog devices -- mushroomed. From 1985 to '86, the number of registered mobile-phone subscribers in the United States doubled to 500,000. Within two years after that, the number climbed to 1.6 million. By the end of the decade, the cellphone universe had skyrocketed past 4 million.
Organized crime was an early adopter of the mobile phone. In a communications technique presaging that of Islamic terrorists today, members of the Colombian Cali drug cartel operating in New York would briefly use a phone, toss it, and get a new one. To tap a mobile device, technicians had to install listening equipment on the new version of a lug nut -- an "electronic port." But in most switching stations in New York, there were only half a dozen or so ports available at any one time. Federal prosecutors and agents had to stand in line at phone company offices and fight with each other over whose investigation should take priority. Some prosecutors threatened to haul company employees into court on contempt charges so they could explain to a judge why the phone company was unwilling to execute a wiretap order.
Electronic surveillance, once such a dependable, relatively easy craft, was becoming inordinately difficult, Kallstrom thought. The phone companies, whose annual revenues from mobile subscriptions were cresting over $2 billion in the late 1980s, showed little willingness to make the FBI's life easier. As the 1990s approached, with the promise of more digitization and more mobility, Kallstrom called his bosses in Washington: "If we don't do something, we'll be out of the wiretapping business."
A Battle Begins
Kallstrom may have been the first to alert the FBI and the Justice Department to this new reality. The digital revolution generated a constant tension that exists to this day, a push and pull between the federal government in one camp and technology corporations and civil-liberties activists in the other to control the development of the global communications system, and so the balance of power in the Information Age.
This struggle's latest manifestation is the intensely politicized effort to rewrite the Foreign Intelligence Surveillance Act. At issue is nothing less than the government's authority to broadly monitor communications networks to spot terrorists and other national security threats. The Bush administration finds itself across the battle lines from many of the same groups that more than a decade ago argued that the government was already extending its reach too far into personal conversations in the name of pursuing criminals.
While FISA governs wiretapping for intelligence-gathering purposes, as distinct from law enforcement, surveillance in both worlds follows the same essential philosophy -- the best evidence in a court of law or in an intelligence operation is one's own words. Today's dispute is not very different from the one that occurred during the dawn of digitization in the 1990s. Indeed, both are part and parcel of the same long-running debate.
No one should believe that real-time government surveillance of the communications network is an idea born of the 9/11 attacks or that it results solely from the Bush administration's aggrandizing of executive power. The legal arguments that the government has asserted to support increased surveillance of digital space were first put forth in 1994, under a Democratic president, and they had little to do with the threat of Islamic extremism.
Nor should anyone mistake the roots of the vociferous opposition to today's wiretapping from civil libertarians and privacy advocates. Many of these groups and their allies have been battling to restrict the government's use of new, potentially invasive technologies for a generation. The Bush White House is only their latest adversary, albeit the most formidable. These activists and their allies in the business world have been motivated by different but mutually supportive goals: to extend constitutional safeguards to the digital realm, and to keep the government from suffocating technological development with burdensome surveillance laws. Some in those ranks would have liked, and indeed tried, to make the digital network a wiretap-free zone.
But despite the occasionally extreme positions and deeply held convictions of all of these players, the most important laws governing wiretapping, electronic surveillance, and privacy have been the product of negotiation, of people gathering in a room, sitting at a table, and talking -- sometimes screaming -- until they reached a settlement. The current debate, however, is missing that crucial spirit. Whereas before, adversaries trusted each other enough at a basic level to make deals, however temporary, today's opposing sides seem unwilling to compromise to pass new surveillance laws that the nation can live with. It's not entirely clear where or why minds turned so stubborn. But to understand today's political calcification, it helps to recall a simpler time.
The Art Of Compromise
Jerry Berman was a veteran of the privacy wars, seemingly born for the role of liberal, dogmatic activist. In the early 1950s, his father, a labor leader, was investigated by the House Un-American Activities Committee. A native of Hawaii, the younger Berman moved with his family to California, where he enrolled at the University of California (Berkeley). After earning his bachelor's and master's, and, in 1967, his law degree, Berman began lobbying for the American Civil Liberties Union. He became an authority on the intersection of national security and technology, schooled by the exposure of illegal FBI spying operations aimed at political organizations, war protesters, and leftist activists. In 1978, Berman helped to craft the Foreign Intelligence Surveillance Act, which set new restrictions on the government's domestic intelligence-gathering. He was present at the creation of several important pieces of surveillance legislation, and he helped secure individual privacy protections.
In playing his role, Berman didn't adhere to a hard-and-fast position but instead embraced his own brand of "principled pragmatism." By his logic, the interests of privacy and national security were not incompatible. If all sides -- government, industry, civil-liberties activists -- could find ways to "maximize the good and minimize the harm," as he liked to say, they could strike a satisfactory balance and create workable laws. This idea guided his work on FISA and other legislation, sometimes to the consternation of more-ideological activists who employed him to lobby Congress on their behalf.
Perhaps that was because principled pragmatism recognized an unsavory reality: In Washington, those who show up to play the game make the rules. Negotiation requires sacrifice. Sacrifice requires flexibility. Some people would rather break than bend. But compromise is how things get done, and Berman accepted it. As a colleague summarized Berman's general approach to lawmaking, "You can stand on your principle and get your ass handed to you, or you can engage in the process and get a better deal."
In the summer of 1994, the FBI and the Justice Department made a bold play to force the telecom carriers to help them conduct legal wiretaps. They put forth a proposal that would require the companies to build their networks so that law enforcement agents serving a warrant could access them in real time. The legality of wiretapping was not in question. The government wanted legal assurance that it could tap, at any time, and that the industry had an obligation under law to comply with the government's proper authority.
No more computer-related hassles, no more standing in line to plug into mobile-phone ports. Law enforcement agents, federal spymasters, and prosecutors wanted a comprehensive remedy to what they called the "digital telephony" problem. Their chief advocates were Kallstrom and Louis Freeh, the recently appointed FBI director, a former special agent and federal prosecutor who had used wiretaps to secure convictions in some of the most complicated organized-crime investigations in history. Freeh personally pushed for the new law, showing up unannounced in reluctant lawmakers' offices to press them for support and even sitting in on committee markups -- an unprecedented move for an FBI director -- to stare members down.
Clipper Chip
The 1994 proposal was only the latest in a series of government efforts to strengthen its control of the telecommunications network. In the late 1980s, Justice officials had gotten as far as placing language in an anti-crime bill that would have allowed the attorney general to set standards for telecommunications equipment, effectively making that federal official the network's architect-in-chief. (The bill did not pass.)
In 1993, Bill Clinton, in one of his first presidential directives, announced that engineers at the National Security Agency, the intelligence community's electronic surveillance arm, had developed a cutting-edge microcircuit, called the "Clipper" chip, to scramble telephone conversations. The administration intended to promote the installation of the Clipper technology in U.S. telephones, and planned to hold "in escrow" the digital keys to decrypt any conversation. In other words, the federal government would build the lock and keep the key, an idea that inspired a reaction somewhere between outrage and apoplexy among technologists and privacy advocates, who ultimately killed the idea.
In that atmosphere of hostility and skepticism, Berman went to work. Beginning in August 1994, he convened a series of meetings with senior law enforcement officials under the auspices of a privacy and security coalition he had formed with more than four dozen activist groups and technology companies -- including the biggest telecom provider of all, AT&T -- plus the U.S. Telephone Association, IBM, and software makers such as Microsoft. The goal was to resolve differences over the government's proposal to ensure federal access to telecommunications networks. Berman also brought in two powerful Democratic lawmakers and noted civil libertarians, Sen. Patrick Leahy of Vermont and then-Rep. Don Edwards, whose district included California's Silicon Valley. Everyone in the negotiating room had some familiarity with technology issues, and professional experience in law enforcement or Justice Department oversight.
The meetings featured intense, nitty-gritty debates over the technical aspects of the law. The FBI wanted guarantees that the telecom system would never mature beyond the reach of its wiretaps. Some companies saw this as heavy-handed regulation, and a number of telecom officials shared the activists' belief that the government was in fact after a permanent covert backdoor into the phone system. The negotiations helped to somewhat dampen the suspicions, however, and the talks went forward because no one in the room disagreed with the fundamental premise that the government had the right to wiretap.
But outside of the meetings, divisions festered among the interest groups. Berman represented the Electronic Frontier Foundation, which champions the public interest in the digital realm, but its board couldn't decide whether compromise was prudent or perilous. Berman felt he had to persuade his colleagues, in another series of heated meetings, to work in the middle. To him, that meant that the legislative negotiations would follow an inviolate principle: We will only craft solutions to known problems. No writing of laws aimed at encompassing future problems. If the FBI has difficultly accessing the public telephone network, then the law will address only that public telephone network.
In addition to identifying a philosophical guideline, this approach served a more strategic goal -- to keep the FBI's hands off the Internet, which was so new in 1994 as to be practically notional. Internet service providers such as America Online and Prodigy had only a handful of subscribers, and the first Web browser had been released that year, in a beta test version. Still, Berman and others knew that the FBI would never willingly agree to stay off the information superhighway, because Internet-based information held tremendous potential value for law enforcement.
During one meeting, David Johnson, a lawyer who had helped to craft the Electronic Communications Privacy Act in 1986, held up a glass jar full of rocks and asked, "How many of you would say this jar is full?" Most people agreed that it was. Johnson took a fistful of pebbles and dropped them into the jar. They tinkled down through the rocks, finding resting places in the empty spaces. Then he poured sand into the jar. As it cascaded into the empty spaces, Johnson told the onlookers that the sand was like the unseen, seemingly insignificant "transactional data" that traveled on the Internet. Transactional data includes the routing information for a text-based message -- where it comes from, where it goes, and what path it follows -- and the series of digits that make up an Internet address. This information would someday be of enormous value to the government, he said, just as phone call records, as opposed to actual conversations, already were. The transactional data were small but meaningful -- like the tiny grains of sand that kept filling the volume of the jar.
CALEA
Johnson's vivid illustration convinced many of the participants that the new law mustn't extend too far. Again, the issue wasn't whether law enforcement had a right to information but how much power the government should have over the means to get it. Leahy and Edwards, who formally introduced the legislation shortly thereafter, declared that it would apply solely to the public telephone network. The law specifically exempted "information services," which the parties agreed included Internet companies and electronic-messaging technologies.
The Communications Assistance for Law Enforcement Act passed in the closing days of the 103rd Congress, two weeks before Republicans won control of both chambers in November 1994. CALEA (pronounced kuhLEEuh) would let the industry set its own standards to meet the Justice Department's needs. The department could list its surveillance requirements, but the act let companies decide how to build their equipment. Justice won the right to petition the Federal Communications Commission if its officials felt that the companies weren't fulfilling their obligations. But civil-liberties groups also secured the right to challenge the government's requirements in court.
It was a true compromise, hard won but workable. For Berman, principled pragmatism had carried the day. For others, however, the compromise had given away too much.
The board of the Electronic Frontier Foundation had seen the proverbial legislative sausage being made and found it distasteful. Even though the directors had agreed to every aspect of the law, which Berman explained to them, within weeks after its passage he left the EFF and formed his own outfit, the Center for Democracy and Technology, to continue his brand of lobbying. The EFF pulled up stakes in Washington the following year and moved to San Francisco, where it continues to play a leading role in supporting lawsuits against telecommunications companies -- most notably AT&T, its former ally -- for their role in assisting the government with warrantless wiretapping after the 9/11 attacks.
At the time, Berman confided to Kallstrom, whom he thought had always acted in good faith for the FBI, "My work on CALEA got me fired."
Kallstrom was apparently happy to see his more idealistic opponents leave town. "You didn't get fired, Jerry," he replied. "You got promoted."
Making Demands
Had the FBI and the Justice Department stopped there, had the government settled for secure access to phone networks, the history of Internet privacy and civil liberties might have turned out differently. But just weeks after President Clinton signed CALEA in January 1995, conflict erupted between the government and the phone carriers over the kind of network access the law provided. The raft of compromise that had carried the deal sprung a leak.
FBI officials knew in 1994 that they were making a mistake by leaving cyberspace out of CALEA. They understood the Internet's potential as a communications device and an intelligence tool -- that is, after all, why CALEA's authors exempted "information services."
"Did we know that it was idiotic to carve that out?" Kallstrom asks now. "Yes, we did." Criminals have always been among the first to embrace new technology. It was foolish to think that they wouldn't turn to the Internet for any number of nefarious gambits. But, Kallstrom says, government officials opted "to fight another day" over Internet access. Privacy advocates were dragging their feet in the negotiations. Delay would invite more debate, probably more hearings, and possibly a less favorable outcome. The political decision was made: "Let's take what we can get here."
In early 1995, the Justice Department issued its list of requirements for wiretapping, known as the punch list. Not surprisingly, many telecom executives and their attorneys viewed the demands as unreasonable. Al Gidari, a lawyer representing the wireless industry, was among the first to see the FBI's requirements, during the initial meeting to develop standards for CALEA, which was held that spring in Vancouver, British Columbia. The Justice Department's wish list, he said, amounted to "the Cadillac of wiretaps."
"Everything they could ever think of to gold plate and put on the Cadillac was in that document," Gidari recalls. Meeting its expectations represented "an exponential increase in complexity, not a linear increase.... They were very dictatorial ... technical requirements -- the very thing that Congress said it wasn't up to [the FBI] to figure out."
The standards meeting was tense and awkward, and the sides were unevenly matched. Gidari recalls a dozen or more FBI agents, in neat blue suits, all buttoned down and looking ready to roll over anyone who stood in their way. Arrayed on the opposite side of the table was a group of laid-back and casually dressed network engineers from all the major telecom equipment manufacturers and carriers that was tasked with the unenviable job of telling the bureau that the industry planned to build a much less complex system. It wasn't what the FBI agents wanted to hear.
Over the next few years, the Justice Department continued to seek increasingly sophisticated surveillance capabilities, including real-time geographical tracking of mobile phones; the ability to monitor all parties in a conference call regardless of whether they are on hold or participating; and "dialed digit extraction," a record of any numbers that a subject under surveillance punched in during a call, such as a credit card or bank account number. The government got a lot of what it wanted, but not all.
To be sure, criminals' use of new technologies helped drive the law enforcement demands. But telecom carriers worried that the cost of compliance was too high and that the FBI's technical requirements were illegally broad. CALEA, they argued, had forbidden the government from requiring specific system designs or technologies.
The FCC's Turn
Justice, frustrated by its inability to get all the demands on the punch list, finally asked the FCC to step in. In 1997, the Cellular Telecommunications Industry Association, which then represented mobile carriers, and the Center for Democracy and Technology complained to the commission that the negotiations had deadlocked because of "unreasonable demands by law enforcement for more surveillance features than either CALEA or the wiretap laws allow." The FCC, however, sided with the Justice Department on a host of requirements that privacy groups found overly broad. The tussle dragged on for two more years and ended up in the U.S. Court of Appeals for the District of Columbia Circuit, which overruled the FCC. After the commission took up matters again, it granted some of the FBI's requests, and the CALEA standards were amended.
When Justice Department officials reported to Congress on CALEA implementation in January 1998, no manufacturer of telecom equipment said that the FBI's demands were impossible to meet, but they did say that complying would be difficult and very expensive. (Although Congress had set aside $500 million to reimburse companies for retrofitting their networks, the law required the carriers to bear the cost of compliance on any equipment put in place after CALEA was enacted. Several experts believe that the final cost for compliance on telephone networks has been two to eight times the amount originally allotted.)
The level of government surveillance was so low at that time that some questioned why the FBI wanted such multifaceted access at all. In 1994, federal and state authorities were running 1,154 wiretaps nationwide, mostly for drug investigations, at an average cost of $50,000. The government was asking carriers to "design a nuclear rocket ship" for a rarely used tool, Gidari thought. "In [the FBI's] view, there was no limit to the expense the carrier should spare in order to save a life."
CALEA continued to evolve, shaped by the ongoing arguments over the terms of its birth. Activists and carriers thought that the FBI was reneging on its bargain, asking for more than the law allowed. The FBI believed that carriers were stalling when they failed to meet compliance deadlines. As all sides dug in, the meetings on implementation turned bitter. FBI and Justice officials slammed their hands on tables and screamed at carrier representatives, Gidari recalls. "You're unpatriotic! What do you want to do, help the criminals?"
The government asked those same questions after September 11, 2001. And this time, telecommunications carriers responded. Outside the normal FISA warrant process, which covers intelligence-gathering, carriers opened access to their networks, their customer call data, and their valuable transactional information -- the kind that CALEA had intended to exclude. President Bush and his administration believed that the extraordinary nature of the terrorist attacks demanded emergency actions that FISA couldn't accommodate, and the carriers answered the call from law enforcement and intelligence agencies. But government officials also seized on the post-9/11 mentality to change other surveillance laws and procedures, which they believed -- just as their predecessors did in 1994 -- were out of step with technology and reality. About three years after 9/11, officials set their sights on rewriting CALEA.
Claiming The Internet
In August 2004, in response to a petition by the Justice Department, the FBI, and the Drug Enforcement Administration, the FCC expanded CALEA to cover Internet communications, including voice calls and instant messages. The Electronic Frontier Foundation sued, along with industry, civil-liberties, and academic groups. In 2005, the Court of Appeals ruled 2-1 to defer to the FCC's reading of the law.
Many of those who had helped craft CALEA believed that the commission had misread the law and acted on a post-9/11 impulse to give the government more, not less, access to information. But to the FCC, new Internet technologies that operate a lot like telephones blurred the distinction between "information services" and the kinds of technology that CALEA was meant to cover.
After 9/11, law enforcement and intelligence agencies took a variety of measures, apart from wiretaps, to collect and mine potentially valuable information from the Internet. With the cooperation of telecom companies, government accumulated lots of transactional data -- including e-mail header information and lists of websites visited by targeted individuals -- to support counter-terrorism operations. Viewed solely as a reaction to the terrorist attacks of 2001, this kind of collection might seem extraordinary. But through the longer lens of history, the government's steady march into cyberspace is not surprising.
Law enforcement agencies have never suffered for lack of access to the phone network. Kallstrom recalls only a few instances in which agents were unable to execute a wiretap order because of new technology. But as digital, mobile technology has proliferated, the copper lug nuts that Kallstrom remembers from the 1980s have disappeared. Today, state and federal agents spend most of their tap time on mobile devices. In 1994, most wiretaps, by far, targeted private residences. There were few taps on mobile devices. Ten years later, 88 percent of the 1,710 wiretaps were on mobile devices. Only 5 percent were on residential lines. Without CALEA, some experts believe that Kallstrom's initial fears would have come true and the federal government would have been shut out of the wiretapping business.
Jerry Berman never wanted that to happen. Although he cannot accept that the law that was meant to minimize the government's influence over the Internet is now being used to facilitate it, he is willing to negotiate on CALEA again, if that is what's necessary to satisfy all parties.
That willingness to talk extends to FISA, as well, and Berman's Center for Democracy and Technology has been actively involved in the current agitations over the law. But whenever he and his cohorts have extended the hand of compromise to Congress or the administration, he says, they have been disappointed. Any attempt to revamp FISA, or to clarify CALEA, "is impossible in the current climate," Berman says. "There is no sense that you could get the kind of negotiation we got in 1994."
FISA And CALEA
One has to wonder how strong that spirit of compromise really was in 1994, and whether it was already ebbing. If the FBI was willing to take what it could get on CALEA and go on to fight another day, did the government really "settle" at all? Literally weeks after CALEA was signed the Justice Department and the FBI came roaring back with new demands. What killed the penchant for negotiation? Was it the moderates' loss of power in both political parties after the 1994 Republican revolution? Was it the entrenchment of civil-liberties activists? Was it the Bush White House's extravagant interpretation of executive power? Was it 9/11?
Berman spends a lot of time pondering these questions and thinking about next moves. He divides his time between Washington, where he chairs his group's board of directors, and a home he built on the Cacapon River near Berkeley Springs, W.Va. "We just have people in bunkers now," Berman says ruefully.
The FISA debate is currently hung up on whether companies that assisted warrantless surveillance after 9/11 should have retroactive legal immunity for any laws they may have broken. CALEA has something to say about that, too. The law requires that carriers be able to deliver call identification information to the government remotely. According to Beryl Howell, Sen. Leahy's lead CALEA staffer, that provision was meant to keep government agents from sitting in the phone companies' offices to execute their wiretaps.
It is a basic tenet of wiretapping law, whether for intelligence or law enforcement, that the communications companies act as a buffer between their customers and the government, she says, and that telecom carriers must make their own determination whether official requests are, in fact, legal. That the companies would now assert, in defense of their cooperation, that the government determined that post-9/11 requests were legal, strikes Howell as outrageous.
If ever there was a time for the bare-knuckled negotiations of the past, it's now. It's not at all clear, though, who could play the role of Jerry Berman, the one to bring people into the room to scream and yell at each other and emerge feeling better for it -- and possibly even coming to a compromise. As things stand, Congress appears more likely to punt the FISA debate to the new administration, and has shown little interest in revisiting CALEA.
The constant tension that once kept this system in balance has reached a breaking point. There is no push and pull. Maybe the stakes are too high for compromise. But until that spirit returns, Berman says, "there will be no peace."
Published in National Journal
Friday, April 04, 2008
In the old days, everyone was linked to a lug nut, and Jim Kallstrom liked it that way.
It was 1985, a simpler time for a cop like Kallstrom, who was in charge of setting telephone wiretaps on suspected drug dealers and mobsters for the FBI's New York City field office. In New York, Kallstrom's cases were often won on the basis of incriminating evidence surreptitiously snatched from the mouths of criminal defendants through their phone lines. With a mere 203,000 Americans using mobile phones, people were still tied to the ground, and that gave Kallstrom's world a certain comforting order.
On any given day, he could stand on a street corner in Manhattan, gaze up at an apartment building with its neat rows and columns of units stacked atop each other, and know that inside each one there was a telephone, tethered by thin copper wire to a single point, sometimes several miles away. In his mind's eye, Kallstrom could have imagined shrinking himself to the size of an electron and traveling over the phone line, down to the bottom of the building, then shooting beneath the streets, until he ended up in the basement of the telephone company's switching station. There, the wire emerged, pegged to a rack by a single copper lug nut. Acres of racks lined the walls, each holding rows and columns of lug nuts and their wires, neatly stacked atop each other -- the city of New York in analog miniature.
With a warrant in hand, Kallstrom could tell the technicians at the phone office, with whom he had become friendly over the years, "Go up on RR326." The tech would walk to the rack, find the wire, and clamp on a listening device. Instantly, Kallstrom became an invisible interloper.
FBI agents and federal prosecutors depended on these legal wiretaps to penetrate drug cartels, incriminate money launderers, and spy on mob families. And they needed to be absolutely certain that the line they were on belonged to the suspected dealer, or launderer, or capo named in the court-approved warrant. Not the guy in the apartment next door. Not someone down the block. This guy. This phone. RR326. Lest the agents violate a judge's order, and perhaps land themselves in jail, this had to be the very same line that snaked back through the subterranean maze of Manhattan, through all those blocks of concrete caverns, back to that certain apartment building, up through the walls and out of the jack and into the phone that was in the hand and next to the mouth of Kallstrom's target. It was, by design and necessity, a neat, specific system.
And then it all went sideways.
Kallstrom's friends in the phone company put him on notice in 1985: Over the next few years, those racks and stacks of wires and lug nuts would be swept into the technological dustbin. The telephone network was going digital. Technicians would no longer stand at a rack; they would sit at a keyboard. In some parts of the country that had already made the change, phone calls were traveling as a stream of 1's and 0's. Thousands of lines commingled in a single computer. When New York went digital, the phone techs told Kallstrom, they would no longer be able to tap him directly into RR326. In fact, they couldn't even tell him for sure where RR326 resided in this new engineering matrix.
At the same time that the phone companies were preparing for the transition to digital, the use of cellphones -- which were inherently harder to tap because they used phone lines differently than analog devices -- mushroomed. From 1985 to '86, the number of registered mobile-phone subscribers in the United States doubled to 500,000. Within two years after that, the number climbed to 1.6 million. By the end of the decade, the cellphone universe had skyrocketed past 4 million.
Organized crime was an early adopter of the mobile phone. In a communications technique presaging that of Islamic terrorists today, members of the Colombian Cali drug cartel operating in New York would briefly use a phone, toss it, and get a new one. To tap a mobile device, technicians had to install listening equipment on the new version of a lug nut -- an "electronic port." But in most switching stations in New York, there were only half a dozen or so ports available at any one time. Federal prosecutors and agents had to stand in line at phone company offices and fight with each other over whose investigation should take priority. Some prosecutors threatened to haul company employees into court on contempt charges so they could explain to a judge why the phone company was unwilling to execute a wiretap order.
Electronic surveillance, once such a dependable, relatively easy craft, was becoming inordinately difficult, Kallstrom thought. The phone companies, whose annual revenues from mobile subscriptions were cresting over $2 billion in the late 1980s, showed little willingness to make the FBI's life easier. As the 1990s approached, with the promise of more digitization and more mobility, Kallstrom called his bosses in Washington: "If we don't do something, we'll be out of the wiretapping business."
A Battle Begins
Kallstrom may have been the first to alert the FBI and the Justice Department to this new reality. The digital revolution generated a constant tension that exists to this day, a push and pull between the federal government in one camp and technology corporations and civil-liberties activists in the other to control the development of the global communications system, and so the balance of power in the Information Age.
This struggle's latest manifestation is the intensely politicized effort to rewrite the Foreign Intelligence Surveillance Act. At issue is nothing less than the government's authority to broadly monitor communications networks to spot terrorists and other national security threats. The Bush administration finds itself across the battle lines from many of the same groups that more than a decade ago argued that the government was already extending its reach too far into personal conversations in the name of pursuing criminals.
While FISA governs wiretapping for intelligence-gathering purposes, as distinct from law enforcement, surveillance in both worlds follows the same essential philosophy -- the best evidence in a court of law or in an intelligence operation is one's own words. Today's dispute is not very different from the one that occurred during the dawn of digitization in the 1990s. Indeed, both are part and parcel of the same long-running debate.
No one should believe that real-time government surveillance of the communications network is an idea born of the 9/11 attacks or that it results solely from the Bush administration's aggrandizing of executive power. The legal arguments that the government has asserted to support increased surveillance of digital space were first put forth in 1994, under a Democratic president, and they had little to do with the threat of Islamic extremism.
Nor should anyone mistake the roots of the vociferous opposition to today's wiretapping from civil libertarians and privacy advocates. Many of these groups and their allies have been battling to restrict the government's use of new, potentially invasive technologies for a generation. The Bush White House is only their latest adversary, albeit the most formidable. These activists and their allies in the business world have been motivated by different but mutually supportive goals: to extend constitutional safeguards to the digital realm, and to keep the government from suffocating technological development with burdensome surveillance laws. Some in those ranks would have liked, and indeed tried, to make the digital network a wiretap-free zone.
But despite the occasionally extreme positions and deeply held convictions of all of these players, the most important laws governing wiretapping, electronic surveillance, and privacy have been the product of negotiation, of people gathering in a room, sitting at a table, and talking -- sometimes screaming -- until they reached a settlement. The current debate, however, is missing that crucial spirit. Whereas before, adversaries trusted each other enough at a basic level to make deals, however temporary, today's opposing sides seem unwilling to compromise to pass new surveillance laws that the nation can live with. It's not entirely clear where or why minds turned so stubborn. But to understand today's political calcification, it helps to recall a simpler time.
The Art Of Compromise
Jerry Berman was a veteran of the privacy wars, seemingly born for the role of liberal, dogmatic activist. In the early 1950s, his father, a labor leader, was investigated by the House Un-American Activities Committee. A native of Hawaii, the younger Berman moved with his family to California, where he enrolled at the University of California (Berkeley). After earning his bachelor's and master's, and, in 1967, his law degree, Berman began lobbying for the American Civil Liberties Union. He became an authority on the intersection of national security and technology, schooled by the exposure of illegal FBI spying operations aimed at political organizations, war protesters, and leftist activists. In 1978, Berman helped to craft the Foreign Intelligence Surveillance Act, which set new restrictions on the government's domestic intelligence-gathering. He was present at the creation of several important pieces of surveillance legislation, and he helped secure individual privacy protections.
In playing his role, Berman didn't adhere to a hard-and-fast position but instead embraced his own brand of "principled pragmatism." By his logic, the interests of privacy and national security were not incompatible. If all sides -- government, industry, civil-liberties activists -- could find ways to "maximize the good and minimize the harm," as he liked to say, they could strike a satisfactory balance and create workable laws. This idea guided his work on FISA and other legislation, sometimes to the consternation of more-ideological activists who employed him to lobby Congress on their behalf.
Perhaps that was because principled pragmatism recognized an unsavory reality: In Washington, those who show up to play the game make the rules. Negotiation requires sacrifice. Sacrifice requires flexibility. Some people would rather break than bend. But compromise is how things get done, and Berman accepted it. As a colleague summarized Berman's general approach to lawmaking, "You can stand on your principle and get your ass handed to you, or you can engage in the process and get a better deal."
In the summer of 1994, the FBI and the Justice Department made a bold play to force the telecom carriers to help them conduct legal wiretaps. They put forth a proposal that would require the companies to build their networks so that law enforcement agents serving a warrant could access them in real time. The legality of wiretapping was not in question. The government wanted legal assurance that it could tap, at any time, and that the industry had an obligation under law to comply with the government's proper authority.
No more computer-related hassles, no more standing in line to plug into mobile-phone ports. Law enforcement agents, federal spymasters, and prosecutors wanted a comprehensive remedy to what they called the "digital telephony" problem. Their chief advocates were Kallstrom and Louis Freeh, the recently appointed FBI director, a former special agent and federal prosecutor who had used wiretaps to secure convictions in some of the most complicated organized-crime investigations in history. Freeh personally pushed for the new law, showing up unannounced in reluctant lawmakers' offices to press them for support and even sitting in on committee markups -- an unprecedented move for an FBI director -- to stare members down.
Clipper Chip
The 1994 proposal was only the latest in a series of government efforts to strengthen its control of the telecommunications network. In the late 1980s, Justice officials had gotten as far as placing language in an anti-crime bill that would have allowed the attorney general to set standards for telecommunications equipment, effectively making that federal official the network's architect-in-chief. (The bill did not pass.)
In 1993, Bill Clinton, in one of his first presidential directives, announced that engineers at the National Security Agency, the intelligence community's electronic surveillance arm, had developed a cutting-edge microcircuit, called the "Clipper" chip, to scramble telephone conversations. The administration intended to promote the installation of the Clipper technology in U.S. telephones, and planned to hold "in escrow" the digital keys to decrypt any conversation. In other words, the federal government would build the lock and keep the key, an idea that inspired a reaction somewhere between outrage and apoplexy among technologists and privacy advocates, who ultimately killed the idea.
In that atmosphere of hostility and skepticism, Berman went to work. Beginning in August 1994, he convened a series of meetings with senior law enforcement officials under the auspices of a privacy and security coalition he had formed with more than four dozen activist groups and technology companies -- including the biggest telecom provider of all, AT&T -- plus the U.S. Telephone Association, IBM, and software makers such as Microsoft. The goal was to resolve differences over the government's proposal to ensure federal access to telecommunications networks. Berman also brought in two powerful Democratic lawmakers and noted civil libertarians, Sen. Patrick Leahy of Vermont and then-Rep. Don Edwards, whose district included California's Silicon Valley. Everyone in the negotiating room had some familiarity with technology issues, and professional experience in law enforcement or Justice Department oversight.
The meetings featured intense, nitty-gritty debates over the technical aspects of the law. The FBI wanted guarantees that the telecom system would never mature beyond the reach of its wiretaps. Some companies saw this as heavy-handed regulation, and a number of telecom officials shared the activists' belief that the government was in fact after a permanent covert backdoor into the phone system. The negotiations helped to somewhat dampen the suspicions, however, and the talks went forward because no one in the room disagreed with the fundamental premise that the government had the right to wiretap.
But outside of the meetings, divisions festered among the interest groups. Berman represented the Electronic Frontier Foundation, which champions the public interest in the digital realm, but its board couldn't decide whether compromise was prudent or perilous. Berman felt he had to persuade his colleagues, in another series of heated meetings, to work in the middle. To him, that meant that the legislative negotiations would follow an inviolate principle: We will only craft solutions to known problems. No writing of laws aimed at encompassing future problems. If the FBI has difficultly accessing the public telephone network, then the law will address only that public telephone network.
In addition to identifying a philosophical guideline, this approach served a more strategic goal -- to keep the FBI's hands off the Internet, which was so new in 1994 as to be practically notional. Internet service providers such as America Online and Prodigy had only a handful of subscribers, and the first Web browser had been released that year, in a beta test version. Still, Berman and others knew that the FBI would never willingly agree to stay off the information superhighway, because Internet-based information held tremendous potential value for law enforcement.
During one meeting, David Johnson, a lawyer who had helped to craft the Electronic Communications Privacy Act in 1986, held up a glass jar full of rocks and asked, "How many of you would say this jar is full?" Most people agreed that it was. Johnson took a fistful of pebbles and dropped them into the jar. They tinkled down through the rocks, finding resting places in the empty spaces. Then he poured sand into the jar. As it cascaded into the empty spaces, Johnson told the onlookers that the sand was like the unseen, seemingly insignificant "transactional data" that traveled on the Internet. Transactional data includes the routing information for a text-based message -- where it comes from, where it goes, and what path it follows -- and the series of digits that make up an Internet address. This information would someday be of enormous value to the government, he said, just as phone call records, as opposed to actual conversations, already were. The transactional data were small but meaningful -- like the tiny grains of sand that kept filling the volume of the jar.
CALEA
Johnson's vivid illustration convinced many of the participants that the new law mustn't extend too far. Again, the issue wasn't whether law enforcement had a right to information but how much power the government should have over the means to get it. Leahy and Edwards, who formally introduced the legislation shortly thereafter, declared that it would apply solely to the public telephone network. The law specifically exempted "information services," which the parties agreed included Internet companies and electronic-messaging technologies.
The Communications Assistance for Law Enforcement Act passed in the closing days of the 103rd Congress, two weeks before Republicans won control of both chambers in November 1994. CALEA (pronounced kuhLEEuh) would let the industry set its own standards to meet the Justice Department's needs. The department could list its surveillance requirements, but the act let companies decide how to build their equipment. Justice won the right to petition the Federal Communications Commission if its officials felt that the companies weren't fulfilling their obligations. But civil-liberties groups also secured the right to challenge the government's requirements in court.
It was a true compromise, hard won but workable. For Berman, principled pragmatism had carried the day. For others, however, the compromise had given away too much.
The board of the Electronic Frontier Foundation had seen the proverbial legislative sausage being made and found it distasteful. Even though the directors had agreed to every aspect of the law, which Berman explained to them, within weeks after its passage he left the EFF and formed his own outfit, the Center for Democracy and Technology, to continue his brand of lobbying. The EFF pulled up stakes in Washington the following year and moved to San Francisco, where it continues to play a leading role in supporting lawsuits against telecommunications companies -- most notably AT&T, its former ally -- for their role in assisting the government with warrantless wiretapping after the 9/11 attacks.
At the time, Berman confided to Kallstrom, whom he thought had always acted in good faith for the FBI, "My work on CALEA got me fired."
Kallstrom was apparently happy to see his more idealistic opponents leave town. "You didn't get fired, Jerry," he replied. "You got promoted."
Making Demands
Had the FBI and the Justice Department stopped there, had the government settled for secure access to phone networks, the history of Internet privacy and civil liberties might have turned out differently. But just weeks after President Clinton signed CALEA in January 1995, conflict erupted between the government and the phone carriers over the kind of network access the law provided. The raft of compromise that had carried the deal sprung a leak.
FBI officials knew in 1994 that they were making a mistake by leaving cyberspace out of CALEA. They understood the Internet's potential as a communications device and an intelligence tool -- that is, after all, why CALEA's authors exempted "information services."
"Did we know that it was idiotic to carve that out?" Kallstrom asks now. "Yes, we did." Criminals have always been among the first to embrace new technology. It was foolish to think that they wouldn't turn to the Internet for any number of nefarious gambits. But, Kallstrom says, government officials opted "to fight another day" over Internet access. Privacy advocates were dragging their feet in the negotiations. Delay would invite more debate, probably more hearings, and possibly a less favorable outcome. The political decision was made: "Let's take what we can get here."
In early 1995, the Justice Department issued its list of requirements for wiretapping, known as the punch list. Not surprisingly, many telecom executives and their attorneys viewed the demands as unreasonable. Al Gidari, a lawyer representing the wireless industry, was among the first to see the FBI's requirements, during the initial meeting to develop standards for CALEA, which was held that spring in Vancouver, British Columbia. The Justice Department's wish list, he said, amounted to "the Cadillac of wiretaps."
"Everything they could ever think of to gold plate and put on the Cadillac was in that document," Gidari recalls. Meeting its expectations represented "an exponential increase in complexity, not a linear increase.... They were very dictatorial ... technical requirements -- the very thing that Congress said it wasn't up to [the FBI] to figure out."
The standards meeting was tense and awkward, and the sides were unevenly matched. Gidari recalls a dozen or more FBI agents, in neat blue suits, all buttoned down and looking ready to roll over anyone who stood in their way. Arrayed on the opposite side of the table was a group of laid-back and casually dressed network engineers from all the major telecom equipment manufacturers and carriers that was tasked with the unenviable job of telling the bureau that the industry planned to build a much less complex system. It wasn't what the FBI agents wanted to hear.
Over the next few years, the Justice Department continued to seek increasingly sophisticated surveillance capabilities, including real-time geographical tracking of mobile phones; the ability to monitor all parties in a conference call regardless of whether they are on hold or participating; and "dialed digit extraction," a record of any numbers that a subject under surveillance punched in during a call, such as a credit card or bank account number. The government got a lot of what it wanted, but not all.
To be sure, criminals' use of new technologies helped drive the law enforcement demands. But telecom carriers worried that the cost of compliance was too high and that the FBI's technical requirements were illegally broad. CALEA, they argued, had forbidden the government from requiring specific system designs or technologies.
The FCC's Turn
Justice, frustrated by its inability to get all the demands on the punch list, finally asked the FCC to step in. In 1997, the Cellular Telecommunications Industry Association, which then represented mobile carriers, and the Center for Democracy and Technology complained to the commission that the negotiations had deadlocked because of "unreasonable demands by law enforcement for more surveillance features than either CALEA or the wiretap laws allow." The FCC, however, sided with the Justice Department on a host of requirements that privacy groups found overly broad. The tussle dragged on for two more years and ended up in the U.S. Court of Appeals for the District of Columbia Circuit, which overruled the FCC. After the commission took up matters again, it granted some of the FBI's requests, and the CALEA standards were amended.
When Justice Department officials reported to Congress on CALEA implementation in January 1998, no manufacturer of telecom equipment said that the FBI's demands were impossible to meet, but they did say that complying would be difficult and very expensive. (Although Congress had set aside $500 million to reimburse companies for retrofitting their networks, the law required the carriers to bear the cost of compliance on any equipment put in place after CALEA was enacted. Several experts believe that the final cost for compliance on telephone networks has been two to eight times the amount originally allotted.)
The level of government surveillance was so low at that time that some questioned why the FBI wanted such multifaceted access at all. In 1994, federal and state authorities were running 1,154 wiretaps nationwide, mostly for drug investigations, at an average cost of $50,000. The government was asking carriers to "design a nuclear rocket ship" for a rarely used tool, Gidari thought. "In [the FBI's] view, there was no limit to the expense the carrier should spare in order to save a life."
CALEA continued to evolve, shaped by the ongoing arguments over the terms of its birth. Activists and carriers thought that the FBI was reneging on its bargain, asking for more than the law allowed. The FBI believed that carriers were stalling when they failed to meet compliance deadlines. As all sides dug in, the meetings on implementation turned bitter. FBI and Justice officials slammed their hands on tables and screamed at carrier representatives, Gidari recalls. "You're unpatriotic! What do you want to do, help the criminals?"
The government asked those same questions after September 11, 2001. And this time, telecommunications carriers responded. Outside the normal FISA warrant process, which covers intelligence-gathering, carriers opened access to their networks, their customer call data, and their valuable transactional information -- the kind that CALEA had intended to exclude. President Bush and his administration believed that the extraordinary nature of the terrorist attacks demanded emergency actions that FISA couldn't accommodate, and the carriers answered the call from law enforcement and intelligence agencies. But government officials also seized on the post-9/11 mentality to change other surveillance laws and procedures, which they believed -- just as their predecessors did in 1994 -- were out of step with technology and reality. About three years after 9/11, officials set their sights on rewriting CALEA.
Claiming The Internet
In August 2004, in response to a petition by the Justice Department, the FBI, and the Drug Enforcement Administration, the FCC expanded CALEA to cover Internet communications, including voice calls and instant messages. The Electronic Frontier Foundation sued, along with industry, civil-liberties, and academic groups. In 2005, the Court of Appeals ruled 2-1 to defer to the FCC's reading of the law.
Many of those who had helped craft CALEA believed that the commission had misread the law and acted on a post-9/11 impulse to give the government more, not less, access to information. But to the FCC, new Internet technologies that operate a lot like telephones blurred the distinction between "information services" and the kinds of technology that CALEA was meant to cover.
After 9/11, law enforcement and intelligence agencies took a variety of measures, apart from wiretaps, to collect and mine potentially valuable information from the Internet. With the cooperation of telecom companies, government accumulated lots of transactional data -- including e-mail header information and lists of websites visited by targeted individuals -- to support counter-terrorism operations. Viewed solely as a reaction to the terrorist attacks of 2001, this kind of collection might seem extraordinary. But through the longer lens of history, the government's steady march into cyberspace is not surprising.
Law enforcement agencies have never suffered for lack of access to the phone network. Kallstrom recalls only a few instances in which agents were unable to execute a wiretap order because of new technology. But as digital, mobile technology has proliferated, the copper lug nuts that Kallstrom remembers from the 1980s have disappeared. Today, state and federal agents spend most of their tap time on mobile devices. In 1994, most wiretaps, by far, targeted private residences. There were few taps on mobile devices. Ten years later, 88 percent of the 1,710 wiretaps were on mobile devices. Only 5 percent were on residential lines. Without CALEA, some experts believe that Kallstrom's initial fears would have come true and the federal government would have been shut out of the wiretapping business.
Jerry Berman never wanted that to happen. Although he cannot accept that the law that was meant to minimize the government's influence over the Internet is now being used to facilitate it, he is willing to negotiate on CALEA again, if that is what's necessary to satisfy all parties.
That willingness to talk extends to FISA, as well, and Berman's Center for Democracy and Technology has been actively involved in the current agitations over the law. But whenever he and his cohorts have extended the hand of compromise to Congress or the administration, he says, they have been disappointed. Any attempt to revamp FISA, or to clarify CALEA, "is impossible in the current climate," Berman says. "There is no sense that you could get the kind of negotiation we got in 1994."
FISA And CALEA
One has to wonder how strong that spirit of compromise really was in 1994, and whether it was already ebbing. If the FBI was willing to take what it could get on CALEA and go on to fight another day, did the government really "settle" at all? Literally weeks after CALEA was signed the Justice Department and the FBI came roaring back with new demands. What killed the penchant for negotiation? Was it the moderates' loss of power in both political parties after the 1994 Republican revolution? Was it the entrenchment of civil-liberties activists? Was it the Bush White House's extravagant interpretation of executive power? Was it 9/11?
Berman spends a lot of time pondering these questions and thinking about next moves. He divides his time between Washington, where he chairs his group's board of directors, and a home he built on the Cacapon River near Berkeley Springs, W.Va. "We just have people in bunkers now," Berman says ruefully.
The FISA debate is currently hung up on whether companies that assisted warrantless surveillance after 9/11 should have retroactive legal immunity for any laws they may have broken. CALEA has something to say about that, too. The law requires that carriers be able to deliver call identification information to the government remotely. According to Beryl Howell, Sen. Leahy's lead CALEA staffer, that provision was meant to keep government agents from sitting in the phone companies' offices to execute their wiretaps.
It is a basic tenet of wiretapping law, whether for intelligence or law enforcement, that the communications companies act as a buffer between their customers and the government, she says, and that telecom carriers must make their own determination whether official requests are, in fact, legal. That the companies would now assert, in defense of their cooperation, that the government determined that post-9/11 requests were legal, strikes Howell as outrageous.
If ever there was a time for the bare-knuckled negotiations of the past, it's now. It's not at all clear, though, who could play the role of Jerry Berman, the one to bring people into the room to scream and yell at each other and emerge feeling better for it -- and possibly even coming to a compromise. As things stand, Congress appears more likely to punt the FISA debate to the new administration, and has shown little interest in revisiting CALEA.
The constant tension that once kept this system in balance has reached a breaking point. There is no push and pull. Maybe the stakes are too high for compromise. But until that spirit returns, Berman says, "there will be no peace."
Published in National Journal
Labels: Foreign Intelligence Surveillance Act, Intelligence, Law, Politics, Technology, Terrorism
Full Article
Telecoms as Trojan Horses
Friday, December 07, 2007
The debate in Congress about whether to allow Americans to sue companies that participated in the National Security Agency's warrantless surveillance activities has little to do with punishing Big Telecom for its role in domestic spying. Rather, keeping alive an estimated 38 pending civil suits against AT&T, Verizon, and other companies has become congressional Democrats' best chance to hold the White House accountable for the controversial NSA program. The lawsuits also offer the hope of an official ruling on whether the program was ever legal, something that Congress has been unable to determine on its own.
House and Senate lawmakers recently proposed three different bills to amend the Foreign Intelligence Surveillance Act, known as FISA. The proposals set new rules on how the intelligence agencies monitor phone calls, e-mails, and other electronic communications, including those of U.S. citizens. Each of the bills tackles the issue of granting immunity to communications companies that participated in classified programs that were authorized by the president after the 9/11 attacks but were not overseen by a court until this year. The White House has threatened to veto any law that doesn't protect those companies, and granting them immunity would effectively end the lawsuits against them.
The plaintiffs, who are mostly private citizens and civil-liberties activists, have directed much ire and public scorn at the telecom companies for going along with the secret intelligence-gathering, but Democrats in Congress think the real target of litigation ought to be the Bush administration. Senate Judiciary Committee Chairman Patrick Leahy, D-Vt., who has led the most aggressive inquiries into the NSA's warrantless activities, called the suits "perhaps the only avenue that exists for an outside review of the government's program, and an honest assessment of its legal arguments."
Even the most strident opponents of immunity see the lawsuits as a means to a political end. Last month, amid Judiciary Committee negotiations over immunity, Sen. Russell Feingold, D-Wis., declared that shutting down the suits "would likely prevent courts from ruling on the president's illegal warrantless wiretapping program." He emphasized, "This program was one of the worst abuses of executive power in our history, and the courts should be able to rule on it once and for all."
Most Senate Republicans support unconditional immunity -- and even the majority of Democrats are hardly on the opposite side of the issue. Indeed, many Democrats have recently expressed no small amount of sympathy for the companies, which they think acted in good faith, believing that they were responding to urgent, and legal, requests from the president to help prevent another act of terrorism. Civil damages against the companies could conceivably reach into the tens of billions of dollars.
Democratic senators understand that private-sector assistance is an indispensable part of intelligence-gathering, and they don't want to see the telecoms put out of business because of their role in it. But they're also not prepared to let the telecoms off the hook completely.
As a Judiciary Committee staffer told National Journal, Leahy "doesn't support full, retroactive immunity but also doesn't want to see these companies bankrupted due to the administration's actions."
Echoing her colleagues on the Judiciary and Select Intelligence committees, Sen. Dianne Feinstein, D-Calif., has said that the telecommunications companies shouldn't be "held hostage to costly litigation in what is essentially a complaint about administration activities." The chairman of the Intelligence panel, Sen. Jay Rockefeller IV, D-W.Va., has noted, "The assistance of companies is invaluable in carrying out programs that provide for our national security and protect American lives. It is important that this assistance continue and not be extinguished under a deluge of lawsuits."
Thus, immunity has come down to a matter of degree. Last month, the House passed a FISA bill without corporate protections, but House lawmakers have signaled that they are open to compromise with the Senate's version, if the latter chamber can come to some consensus that doesn't allow blanket immunity. Senators are haggling over whether something less than immunity -- "accountability" for the companies, some have called it -- would suffice, offering a way to shield them from potentially devastating money damages and yet still expose the administration's culpability in court.
That the immunity question has become the flash point in the FISA debate took many of the key players by surprise. Leahy said last month that no one thought that the fight over immunity "would carry the day" when it came time to finalizing a FISA renewal.
Lawmakers have been trying to craft some long-term changes to FISA because the Protect America Act that allows the NSA surveillance activities to continue, with judicial oversight, expires in February. When Congress passed the stop-gap law last summer, many observers thought that some lawmakers were keeping immunity as a bargaining chip, a way to pressure the administration to hand over more information about the surveillance activities.
In late October, signs of a quid pro quo emerged when the White House gave a batch of documents to the Senate Intelligence Committee, after members "showed a willingness" to include telecom immunity in their FISA bill, according to White House spokeswoman Dana Perino. "Because they were willing to do that, we were willing to show them some of the documents that they asked to see." The documents included the presidential authorizations for the NSA activities, which were issued every 45 days, as well as legal opinions from the Justice Department approving those authorizations.
A Senate aide told National Journal that Intelligence Committee members were not prepared to include immunity in their bill without some White House movement on the documents front, but disputed the characterization that the senators had offered immunity in exchange. In fact, the staffer said, months earlier the committee had reviewed correspondence between the administration and the telecom companies in which the government asked the carriers to help gather intelligence that could prevent further terrorist attacks. Based on that correspondence, senators concluded that the telecoms had acted in good faith because executives believed that their actions were legal and had the president's blessing.
That conclusion has formed the basis of most committee members' thinking on the immunity question. "There are those who think the companies were clearly in the wrong and should be punished, but very few senators fall into this group," the aide said.
In October, the Intelligence Committee approved a bill that included immunity, and then waited for the Judiciary Committee to take up the measure, knowing that it might finesse the provision. The "extraordinary nature" of the period following the 9/11 attacks, coupled with the administration's assurances that new intelligence activities were designed to "detect and prevent the next terrorist attack," convinced Intelligence panelists that protection from prosecution was warranted, the committee wrote in a report accompanying its bill.
"This immunity provision is not the broad and vague immunity sought by the administration," Rockefeller wrote in additional comments in the report. It "does not provide retrospective immunity for government officials for their actions or to companies outside the specified timeframe. Nor does the bill extend to criminal proceedings." The panel's provision covers only activities undertaken after 9/11 and before January 17, 2007, when the administration placed the NSA surveillance program under judicial review.
"The committee did not endorse the immunity provision lightly," Rockefeller continued. "I believe it is the Bush administration, not the companies, who must be accountable for the mishandling of the warrantless surveillance program."
The Judiciary Committee had its crack at a revised FISA bill last month. It adopted a version with no immunity provision, but not for lack of trying. Committee members were prepared to consider some kind of language to protect the companies, but members did not reach a compromise before time expired on its markup, and Leahy chose to let the issue be settled on the Senate floor.
Both during and before the negotiations, committee members had suggested capping the amount of damages that could be levied against the companies or requiring the government to pay those damages. Just this week, the Judiciary Committee took up a proposal by Arlen Specter, R-Pa., the committee's ranking member, to substitute the government for the companies as the defendant in the civil cases.
At a December 1 press conference, Senate Majority Leader Harry Reid, D-Nev., said that several remedies remain under consideration, including some kind of hybrid, in which "there would still be immunity, but the government would be responsible for whatever damages, if any, were offered." Minority Leader Mitch McConnell, R-Ky., signaled Republicans' opposition to that approach -- "Taxpayers shouldn't have to foot the bill," he said -- which may dampen hopes for a compromise. But rather than being inflexible, Democrats seem as willing to negotiate over immunity as they've ever been in the two years since the NSA program was publicly exposed.
Published in National Journal
Friday, December 07, 2007
The debate in Congress about whether to allow Americans to sue companies that participated in the National Security Agency's warrantless surveillance activities has little to do with punishing Big Telecom for its role in domestic spying. Rather, keeping alive an estimated 38 pending civil suits against AT&T, Verizon, and other companies has become congressional Democrats' best chance to hold the White House accountable for the controversial NSA program. The lawsuits also offer the hope of an official ruling on whether the program was ever legal, something that Congress has been unable to determine on its own.
House and Senate lawmakers recently proposed three different bills to amend the Foreign Intelligence Surveillance Act, known as FISA. The proposals set new rules on how the intelligence agencies monitor phone calls, e-mails, and other electronic communications, including those of U.S. citizens. Each of the bills tackles the issue of granting immunity to communications companies that participated in classified programs that were authorized by the president after the 9/11 attacks but were not overseen by a court until this year. The White House has threatened to veto any law that doesn't protect those companies, and granting them immunity would effectively end the lawsuits against them.
The plaintiffs, who are mostly private citizens and civil-liberties activists, have directed much ire and public scorn at the telecom companies for going along with the secret intelligence-gathering, but Democrats in Congress think the real target of litigation ought to be the Bush administration. Senate Judiciary Committee Chairman Patrick Leahy, D-Vt., who has led the most aggressive inquiries into the NSA's warrantless activities, called the suits "perhaps the only avenue that exists for an outside review of the government's program, and an honest assessment of its legal arguments."
Even the most strident opponents of immunity see the lawsuits as a means to a political end. Last month, amid Judiciary Committee negotiations over immunity, Sen. Russell Feingold, D-Wis., declared that shutting down the suits "would likely prevent courts from ruling on the president's illegal warrantless wiretapping program." He emphasized, "This program was one of the worst abuses of executive power in our history, and the courts should be able to rule on it once and for all."
Most Senate Republicans support unconditional immunity -- and even the majority of Democrats are hardly on the opposite side of the issue. Indeed, many Democrats have recently expressed no small amount of sympathy for the companies, which they think acted in good faith, believing that they were responding to urgent, and legal, requests from the president to help prevent another act of terrorism. Civil damages against the companies could conceivably reach into the tens of billions of dollars.
Democratic senators understand that private-sector assistance is an indispensable part of intelligence-gathering, and they don't want to see the telecoms put out of business because of their role in it. But they're also not prepared to let the telecoms off the hook completely.
As a Judiciary Committee staffer told National Journal, Leahy "doesn't support full, retroactive immunity but also doesn't want to see these companies bankrupted due to the administration's actions."
Echoing her colleagues on the Judiciary and Select Intelligence committees, Sen. Dianne Feinstein, D-Calif., has said that the telecommunications companies shouldn't be "held hostage to costly litigation in what is essentially a complaint about administration activities." The chairman of the Intelligence panel, Sen. Jay Rockefeller IV, D-W.Va., has noted, "The assistance of companies is invaluable in carrying out programs that provide for our national security and protect American lives. It is important that this assistance continue and not be extinguished under a deluge of lawsuits."
Thus, immunity has come down to a matter of degree. Last month, the House passed a FISA bill without corporate protections, but House lawmakers have signaled that they are open to compromise with the Senate's version, if the latter chamber can come to some consensus that doesn't allow blanket immunity. Senators are haggling over whether something less than immunity -- "accountability" for the companies, some have called it -- would suffice, offering a way to shield them from potentially devastating money damages and yet still expose the administration's culpability in court.
That the immunity question has become the flash point in the FISA debate took many of the key players by surprise. Leahy said last month that no one thought that the fight over immunity "would carry the day" when it came time to finalizing a FISA renewal.
Lawmakers have been trying to craft some long-term changes to FISA because the Protect America Act that allows the NSA surveillance activities to continue, with judicial oversight, expires in February. When Congress passed the stop-gap law last summer, many observers thought that some lawmakers were keeping immunity as a bargaining chip, a way to pressure the administration to hand over more information about the surveillance activities.
In late October, signs of a quid pro quo emerged when the White House gave a batch of documents to the Senate Intelligence Committee, after members "showed a willingness" to include telecom immunity in their FISA bill, according to White House spokeswoman Dana Perino. "Because they were willing to do that, we were willing to show them some of the documents that they asked to see." The documents included the presidential authorizations for the NSA activities, which were issued every 45 days, as well as legal opinions from the Justice Department approving those authorizations.
A Senate aide told National Journal that Intelligence Committee members were not prepared to include immunity in their bill without some White House movement on the documents front, but disputed the characterization that the senators had offered immunity in exchange. In fact, the staffer said, months earlier the committee had reviewed correspondence between the administration and the telecom companies in which the government asked the carriers to help gather intelligence that could prevent further terrorist attacks. Based on that correspondence, senators concluded that the telecoms had acted in good faith because executives believed that their actions were legal and had the president's blessing.
That conclusion has formed the basis of most committee members' thinking on the immunity question. "There are those who think the companies were clearly in the wrong and should be punished, but very few senators fall into this group," the aide said.
In October, the Intelligence Committee approved a bill that included immunity, and then waited for the Judiciary Committee to take up the measure, knowing that it might finesse the provision. The "extraordinary nature" of the period following the 9/11 attacks, coupled with the administration's assurances that new intelligence activities were designed to "detect and prevent the next terrorist attack," convinced Intelligence panelists that protection from prosecution was warranted, the committee wrote in a report accompanying its bill.
"This immunity provision is not the broad and vague immunity sought by the administration," Rockefeller wrote in additional comments in the report. It "does not provide retrospective immunity for government officials for their actions or to companies outside the specified timeframe. Nor does the bill extend to criminal proceedings." The panel's provision covers only activities undertaken after 9/11 and before January 17, 2007, when the administration placed the NSA surveillance program under judicial review.
"The committee did not endorse the immunity provision lightly," Rockefeller continued. "I believe it is the Bush administration, not the companies, who must be accountable for the mishandling of the warrantless surveillance program."
The Judiciary Committee had its crack at a revised FISA bill last month. It adopted a version with no immunity provision, but not for lack of trying. Committee members were prepared to consider some kind of language to protect the companies, but members did not reach a compromise before time expired on its markup, and Leahy chose to let the issue be settled on the Senate floor.
Both during and before the negotiations, committee members had suggested capping the amount of damages that could be levied against the companies or requiring the government to pay those damages. Just this week, the Judiciary Committee took up a proposal by Arlen Specter, R-Pa., the committee's ranking member, to substitute the government for the companies as the defendant in the civil cases.
At a December 1 press conference, Senate Majority Leader Harry Reid, D-Nev., said that several remedies remain under consideration, including some kind of hybrid, in which "there would still be immunity, but the government would be responsible for whatever damages, if any, were offered." Minority Leader Mitch McConnell, R-Ky., signaled Republicans' opposition to that approach -- "Taxpayers shouldn't have to foot the bill," he said -- which may dampen hopes for a compromise. But rather than being inflexible, Democrats seem as willing to negotiate over immunity as they've ever been in the two years since the NSA program was publicly exposed.
Published in National Journal
Labels: Foreign Intelligence Surveillance Act, Law, National Security Agency, Politics
Full Article
NSA Sought Data Before 9/11
Friday, November 02, 2007
Beginning in February 2001, almost seven months before the 9/11 terrorist attacks, the government's top electronic eavesdropping organization, the National Security Agency, asked a major U.S. telecommunications carrier for information about its customers and the flow of electronic traffic across its network, according to sources familiar with the request. The carrier, Qwest Communications, refused, believing that the request was illegal unless accompanied by a court order.
After terrorists attacked the United States on September 11, the NSA again asked Qwest, as well as other telecom companies, for similar information to help the agency track suspects with the aim of preventing future attacks, current and former officials have said. The companies responded in various ways, with Qwest being the most reluctant to cooperate. However, in February 2001, the NSA's primary purpose in seeking access to Qwest's network apparently was not to search for terrorists but to watch for computer hackers and foreign-government forces trying to penetrate and compromise U.S. government information systems, particularly within the Defense Department, sources said. Government officials have long feared a "digital Pearl Harbor" if intruders were to seize control of these systems or other key U.S. infrastructures through the Internet.
A former White House official, who at the time was involved in network defense and other intelligence programs, said that the early 2001 NSA proposal to Qwest was, "Can you build a private version of Echelon and tell us what you see?" Echelon refers to a signals intelligence network operated by the NSA and its official counterparts in Australia, Canada, New Zealand, and the United Kingdom.
The NSA realized that it was blind to many of the new online threats and to who was using the privately owned telecom networks, and it thought that Qwest was in a position to help. The agency needed better intelligence in the face of a burgeoning Internet, and Qwest was then building a high-speed network for phone and Internet traffic that had caught the attention of senior intelligence officials. The NSA, in effect, wanted Qwest to be the agency's online eyes and ears.
Another source said that the NSA wanted to analyze the calls, e-mails, and other transmissions crossing Qwest's lines, to detect patterns of suspicious activity. Telecom carriers routinely monitor their networks for fraudulent activity, the former White House official noted, and so the companies "have an enormous amount of intelligence-gathering" capability. They don't have to target individual customers to "look for wacky behavior," or "groups communicating with each other in strange patterns." That information could augment intelligence that the NSA and other agencies were gathering from other sources, the former official said.
Qwest's then-chief executive officer, Joseph Nacchio, rejected the NSA's request. "He didn't want to go along with that," and his refusal was not greeted warmly in the intelligence community, the former White House official said. Another source, a former high-ranking intelligence official, said that other companies, both before and after 9/11, had less of a problem complying with government requests if they were accompanied by a legal order. The ex-official added that some companies were willing to offer data and to assist the government "as necessary" on a voluntary basis, without a court order.
Nacchio has said publicly that the NSA asked Qwest for customer records after the 2001 terrorist attacks. But the nature of the agency's request before 9/11 has not been disclosed previously. Sources familiar with the activities spoke to National Journal on the condition of anonymity, because the work is still classified.
By early 2001, the NSA was aware of the growing threat of terrorism and was monitoring communications among Al Qaeda members overseas. But the agency, the Defense Department, and the White House also feared Internet-based attacks on U.S. government installations, and they believed that other countries were increasingly interested in cyberspace as a battlefield.
At the same time, the NSA was hesitant to conduct any surveillance activities that might violate long-standing prohibitions on domestic intelligence-gathering without court orders. One way to get the information that the agency and others deemed necessary for network defense was from the telecom carriers.
Nacchio, it appears, believed that the NSA's pre-9/11 request for access to Qwest's network was illegal. The former White House official said that the intelligence-gathering was not targeted at Qwest's U.S. customers, but he acknowledged that handing over customer information without a lawful order could violate the Electronic Communications Privacy Act, a 1986 law that extended wiretapping restrictions on phone calls to include electronic information transmitted by and stored in a computer.
After 9/11, that law was amended by the USA PATRIOT Act, and it became easier for the government to obtain certain private communications. When reports surfaced last year that telecom carriers were participating in a post-9/11 NSA program to analyze customer calling patterns for terrorism indicators, Nacchio's attorney stated publicly that Qwest had refused "to make private telephone records of Qwest customers available to the NSA immediately following [enactment of] the Patriot Act." Nacchio had concluded that the NSA's requests violated the privacy requirements of another law, the Telecommunications Act, his attorney said.
The question of Qwest's involvement with the NSA before 9/11 has surfaced in recent weeks because of Nacchio's appeal of his criminal conviction on 19 counts of insider trading. Nacchio was sentenced to six years in prison in July, but he remains free pending his appeal. He contends that the NSA retaliated against Qwest for not complying with its request by denying the company work under a multibillion-dollar program called Groundbreaker, which outsourced the NSA's unclassified information-technology systems. Federal prosecutors deny that allegation, noting that Qwest was a member of the team that ultimately won the Groundbreaker deal in August 2001.
Nacchio wasn't allowed to use his retaliation argument at his trial. But details of Qwest's interactions with the NSA, as well as years of work that the company performed for the Defense Department and the intelligence community, are contained in legal documents filed by his defense team and made public three weeks ago. Although the documents are partially redacted, they reveal that Qwest aggressively pursued business with the NSA while trying to put off officials' entreaties for more access to the company's network, requests that persisted for years.
The documents state that Nacchio and another senior Qwest executive met with NSA officials at their headquarters at Fort Meade, Md., on February 27, 2001. At this meeting, the agency proposed Qwest's participation in certain activities whose details are redacted from the court documents.
"Nacchio said it was a legal issue, and they should not do something their general counsel told them not to do," according to federal investigators who interviewed the former head of Qwest's government business unit, James F.X. Payne. "Nacchio projected that he might do it if they could find a way to do it legally."
Payne told investigators that the NSA requests came up "in meetings after meetings." Investigators quoted Payne as saying, "There was a feeling also that the NSA acted as agents for other government agencies." Payne could not be reached for comment.
Although the NSA's specific request for an Echelon-like program may have worried Qwest's attorneys, it appears that the company was sharing other kinds of proprietary information about its network with the Pentagon in the months before 9/11.
In May 2001, then-Commerce Secretary Donald Evans told the Senate Appropriations Committee that his department had helped to persuade Qwest to "share proprietary information with the Defense Department to evaluate the vulnerability of its network." (The Commerce Department includes an agency that is responsible for telecom policy.) Qwest, Evans noted, was the largest carrier in the Rocky Mountain corridor. That area is home to some of the military's most important command-and-control facilities, including the U.S. Strategic Command, which oversees nuclear weapons.
By the time the NSA asked for Qwest's assistance in February 2001, the company had become a darling of the Internet Age. Founded in 1988 by Philip Anschutz, who owned the Southern Pacific Railroad, Qwest built the first all-digital, fiber-optic network by laying lines alongside railroad tracks, then linking to terminals in key locations to provide high-speed Internet and data connections.
The Defense Department operates its own classified networks, which are more resistant to attack, but Qwest's network was faster, more expansive, and more technologically advanced. Nacchio's legal documents show that from the late 1990s and into the new century, Qwest was chasing at least two lucrative deals to build private, secure networks for defense and intelligence agencies.
Qwest's first high-level contact with the NSA may have occurred as early as 1997. Late that year, according to Nacchio's legal briefs, Qwest was informed that a military "general officer wanted to meet with Mr. Nacchio." Two weeks later, a three-star (lieutenant) general and his aide showed up at Nacchio's Denver office and told him that they had "heard about Qwest's new network." Nacchio described the operation and "talked about his background at AT&T, with which they were already familiar," the documents state. Nacchio had spent more than a quarter-century with AT&T before taking over at Qwest in 1997.
At some point, the general -- whose name and affiliation are omitted from the documents -- asked to speak privately with Dean Wandry, who led Qwest's government business unit at the time. "The general told Mr. Wandry that he ran the largest telecom operation in the world, he had looked at Qwest's network, and he wanted to use it for government purposes," the documents state. By law, the head of the NSA must be at least a three-star general or a vice admiral. In 1997, Lt. Gen. Kenneth Minihan was the director. He was replaced in 1999 by Lt. Gen. Michael Hayden, who is now a four-star general and the director of the CIA. Hayden declined to be interviewed for this story. An assistant to Minihan, who is now a managing director with Paladin Capital Group, a private equity firm in Washington, said he was unavailable for comment.
A number of former intelligence officials said that the description of a three-star general running the "largest telecom operation in the world" seemed to fit the NSA. In 1997, the Defense Information Systems Agency, which manages a large telecom enterprise, was also run by a lieutenant general. But that agency's operations are smaller than the NSA's. Also, Qwest's first contact with DISA occurred after the 1997 meeting with the unnamed military officer, according to Nacchio's legal filings. Qwest has done unclassified work for DISA, and it received a large contract from the agency as recently as last year.
After the Denver meeting, Wandry told Nacchio "that there was a big opportunity here for Qwest," the court filings state. Nacchio received a security clearance "a short time later." Qwest then received a contract from the agency, which Nacchio wanted to announce publicly. He was "refused permission," the briefs state, but he "understood at the time this was the beginning of a relationship which had enormous potential for future work. This proved increasingly true as time went on."
Qwest certainly worked for the NSA beginning at least in 1999. A search of Internet number registration files shows that the company allocated a portion of its network that year to the Maryland Procurement Office at Fort Meade, which is the NSA's contracting unit. An e-mail from employees in Qwest's government business group, sent in December 1999, requested a meeting with senior executives "to discuss the potential opportunity with the Maryland customer." (DISA, it should be noted, is headquartered in Virginia.) By 2001, the company was pursuing the NSA's Groundbreaker contract. And in March of that year, Payne, who by then was running the company's federal business, wrote in an e-mail to colleagues that Qwest was already a "provider" of telecom services to the NSA through existing contracts.
Meanwhile, concern was rising at the NSA that the proliferating global Internet might become a weapon for U.S. adversaries. As early as June 1998, then-NSA Director Minihan testified before the Senate Governmental Affairs Committee about "a wide array of malicious actors -- including hackers, terrorists, and nation-states," all of whom threatened "users of networked information systems."
Minihan singled out Russia and China; the latter, he said, had already incorporated cyber-warfare into its military training. He also pointed to the emergence of "transnational security challenges," including terrorism, drug trafficking, and international organized crime. "These opportunists, enabled by the explosion of technology and the availability of inexpensive, secure means of communication, pose a significant threat to the interests of the United States and its allies," Minihan said.
A former senior NSA official said that the agency also worried that because these groups understood privacy laws so well, they knew how to avoid detection and could predict what the NSA would, and wouldn't, do to track them. "There was such a nuanced understanding of how to tie us in knots and use American law against us, that there were certainly pockets of people saying, 'We've got to be assertive; we've got to be more aggressive on this,' " the former official said.
Hayden, who ran the NSA from 1999 to 2005, was well known for his willingness to push operations to the legal edge. "We're pretty aggressive within the law," Hayden said in public remarks after 9/11. "As a professional, I'm troubled if I'm not using the full authority allowed by law."
Hayden has repeated that refrain since the attacks. But former intelligence officials doubted that he would have authorized any request to Qwest, or other companies, that he believed violated the law. They noted, however, that many in the agency had long thought that monitoring "metadata," such as a phone number, the length of a call, or a series of calls placed from a particular phone, didn't implicate privacy because such information didn't constitute the "content" of a message -- its written or spoken words.
Published in National Journal
Friday, November 02, 2007
Beginning in February 2001, almost seven months before the 9/11 terrorist attacks, the government's top electronic eavesdropping organization, the National Security Agency, asked a major U.S. telecommunications carrier for information about its customers and the flow of electronic traffic across its network, according to sources familiar with the request. The carrier, Qwest Communications, refused, believing that the request was illegal unless accompanied by a court order.
After terrorists attacked the United States on September 11, the NSA again asked Qwest, as well as other telecom companies, for similar information to help the agency track suspects with the aim of preventing future attacks, current and former officials have said. The companies responded in various ways, with Qwest being the most reluctant to cooperate. However, in February 2001, the NSA's primary purpose in seeking access to Qwest's network apparently was not to search for terrorists but to watch for computer hackers and foreign-government forces trying to penetrate and compromise U.S. government information systems, particularly within the Defense Department, sources said. Government officials have long feared a "digital Pearl Harbor" if intruders were to seize control of these systems or other key U.S. infrastructures through the Internet.
A former White House official, who at the time was involved in network defense and other intelligence programs, said that the early 2001 NSA proposal to Qwest was, "Can you build a private version of Echelon and tell us what you see?" Echelon refers to a signals intelligence network operated by the NSA and its official counterparts in Australia, Canada, New Zealand, and the United Kingdom.
The NSA realized that it was blind to many of the new online threats and to who was using the privately owned telecom networks, and it thought that Qwest was in a position to help. The agency needed better intelligence in the face of a burgeoning Internet, and Qwest was then building a high-speed network for phone and Internet traffic that had caught the attention of senior intelligence officials. The NSA, in effect, wanted Qwest to be the agency's online eyes and ears.
Another source said that the NSA wanted to analyze the calls, e-mails, and other transmissions crossing Qwest's lines, to detect patterns of suspicious activity. Telecom carriers routinely monitor their networks for fraudulent activity, the former White House official noted, and so the companies "have an enormous amount of intelligence-gathering" capability. They don't have to target individual customers to "look for wacky behavior," or "groups communicating with each other in strange patterns." That information could augment intelligence that the NSA and other agencies were gathering from other sources, the former official said.
Qwest's then-chief executive officer, Joseph Nacchio, rejected the NSA's request. "He didn't want to go along with that," and his refusal was not greeted warmly in the intelligence community, the former White House official said. Another source, a former high-ranking intelligence official, said that other companies, both before and after 9/11, had less of a problem complying with government requests if they were accompanied by a legal order. The ex-official added that some companies were willing to offer data and to assist the government "as necessary" on a voluntary basis, without a court order.
Nacchio has said publicly that the NSA asked Qwest for customer records after the 2001 terrorist attacks. But the nature of the agency's request before 9/11 has not been disclosed previously. Sources familiar with the activities spoke to National Journal on the condition of anonymity, because the work is still classified.
By early 2001, the NSA was aware of the growing threat of terrorism and was monitoring communications among Al Qaeda members overseas. But the agency, the Defense Department, and the White House also feared Internet-based attacks on U.S. government installations, and they believed that other countries were increasingly interested in cyberspace as a battlefield.
At the same time, the NSA was hesitant to conduct any surveillance activities that might violate long-standing prohibitions on domestic intelligence-gathering without court orders. One way to get the information that the agency and others deemed necessary for network defense was from the telecom carriers.
Nacchio, it appears, believed that the NSA's pre-9/11 request for access to Qwest's network was illegal. The former White House official said that the intelligence-gathering was not targeted at Qwest's U.S. customers, but he acknowledged that handing over customer information without a lawful order could violate the Electronic Communications Privacy Act, a 1986 law that extended wiretapping restrictions on phone calls to include electronic information transmitted by and stored in a computer.
After 9/11, that law was amended by the USA PATRIOT Act, and it became easier for the government to obtain certain private communications. When reports surfaced last year that telecom carriers were participating in a post-9/11 NSA program to analyze customer calling patterns for terrorism indicators, Nacchio's attorney stated publicly that Qwest had refused "to make private telephone records of Qwest customers available to the NSA immediately following [enactment of] the Patriot Act." Nacchio had concluded that the NSA's requests violated the privacy requirements of another law, the Telecommunications Act, his attorney said.
The question of Qwest's involvement with the NSA before 9/11 has surfaced in recent weeks because of Nacchio's appeal of his criminal conviction on 19 counts of insider trading. Nacchio was sentenced to six years in prison in July, but he remains free pending his appeal. He contends that the NSA retaliated against Qwest for not complying with its request by denying the company work under a multibillion-dollar program called Groundbreaker, which outsourced the NSA's unclassified information-technology systems. Federal prosecutors deny that allegation, noting that Qwest was a member of the team that ultimately won the Groundbreaker deal in August 2001.
Nacchio wasn't allowed to use his retaliation argument at his trial. But details of Qwest's interactions with the NSA, as well as years of work that the company performed for the Defense Department and the intelligence community, are contained in legal documents filed by his defense team and made public three weeks ago. Although the documents are partially redacted, they reveal that Qwest aggressively pursued business with the NSA while trying to put off officials' entreaties for more access to the company's network, requests that persisted for years.
The documents state that Nacchio and another senior Qwest executive met with NSA officials at their headquarters at Fort Meade, Md., on February 27, 2001. At this meeting, the agency proposed Qwest's participation in certain activities whose details are redacted from the court documents.
"Nacchio said it was a legal issue, and they should not do something their general counsel told them not to do," according to federal investigators who interviewed the former head of Qwest's government business unit, James F.X. Payne. "Nacchio projected that he might do it if they could find a way to do it legally."
Payne told investigators that the NSA requests came up "in meetings after meetings." Investigators quoted Payne as saying, "There was a feeling also that the NSA acted as agents for other government agencies." Payne could not be reached for comment.
Although the NSA's specific request for an Echelon-like program may have worried Qwest's attorneys, it appears that the company was sharing other kinds of proprietary information about its network with the Pentagon in the months before 9/11.
In May 2001, then-Commerce Secretary Donald Evans told the Senate Appropriations Committee that his department had helped to persuade Qwest to "share proprietary information with the Defense Department to evaluate the vulnerability of its network." (The Commerce Department includes an agency that is responsible for telecom policy.) Qwest, Evans noted, was the largest carrier in the Rocky Mountain corridor. That area is home to some of the military's most important command-and-control facilities, including the U.S. Strategic Command, which oversees nuclear weapons.
By the time the NSA asked for Qwest's assistance in February 2001, the company had become a darling of the Internet Age. Founded in 1988 by Philip Anschutz, who owned the Southern Pacific Railroad, Qwest built the first all-digital, fiber-optic network by laying lines alongside railroad tracks, then linking to terminals in key locations to provide high-speed Internet and data connections.
The Defense Department operates its own classified networks, which are more resistant to attack, but Qwest's network was faster, more expansive, and more technologically advanced. Nacchio's legal documents show that from the late 1990s and into the new century, Qwest was chasing at least two lucrative deals to build private, secure networks for defense and intelligence agencies.
Qwest's first high-level contact with the NSA may have occurred as early as 1997. Late that year, according to Nacchio's legal briefs, Qwest was informed that a military "general officer wanted to meet with Mr. Nacchio." Two weeks later, a three-star (lieutenant) general and his aide showed up at Nacchio's Denver office and told him that they had "heard about Qwest's new network." Nacchio described the operation and "talked about his background at AT&T, with which they were already familiar," the documents state. Nacchio had spent more than a quarter-century with AT&T before taking over at Qwest in 1997.
At some point, the general -- whose name and affiliation are omitted from the documents -- asked to speak privately with Dean Wandry, who led Qwest's government business unit at the time. "The general told Mr. Wandry that he ran the largest telecom operation in the world, he had looked at Qwest's network, and he wanted to use it for government purposes," the documents state. By law, the head of the NSA must be at least a three-star general or a vice admiral. In 1997, Lt. Gen. Kenneth Minihan was the director. He was replaced in 1999 by Lt. Gen. Michael Hayden, who is now a four-star general and the director of the CIA. Hayden declined to be interviewed for this story. An assistant to Minihan, who is now a managing director with Paladin Capital Group, a private equity firm in Washington, said he was unavailable for comment.
A number of former intelligence officials said that the description of a three-star general running the "largest telecom operation in the world" seemed to fit the NSA. In 1997, the Defense Information Systems Agency, which manages a large telecom enterprise, was also run by a lieutenant general. But that agency's operations are smaller than the NSA's. Also, Qwest's first contact with DISA occurred after the 1997 meeting with the unnamed military officer, according to Nacchio's legal filings. Qwest has done unclassified work for DISA, and it received a large contract from the agency as recently as last year.
After the Denver meeting, Wandry told Nacchio "that there was a big opportunity here for Qwest," the court filings state. Nacchio received a security clearance "a short time later." Qwest then received a contract from the agency, which Nacchio wanted to announce publicly. He was "refused permission," the briefs state, but he "understood at the time this was the beginning of a relationship which had enormous potential for future work. This proved increasingly true as time went on."
Qwest certainly worked for the NSA beginning at least in 1999. A search of Internet number registration files shows that the company allocated a portion of its network that year to the Maryland Procurement Office at Fort Meade, which is the NSA's contracting unit. An e-mail from employees in Qwest's government business group, sent in December 1999, requested a meeting with senior executives "to discuss the potential opportunity with the Maryland customer." (DISA, it should be noted, is headquartered in Virginia.) By 2001, the company was pursuing the NSA's Groundbreaker contract. And in March of that year, Payne, who by then was running the company's federal business, wrote in an e-mail to colleagues that Qwest was already a "provider" of telecom services to the NSA through existing contracts.
Meanwhile, concern was rising at the NSA that the proliferating global Internet might become a weapon for U.S. adversaries. As early as June 1998, then-NSA Director Minihan testified before the Senate Governmental Affairs Committee about "a wide array of malicious actors -- including hackers, terrorists, and nation-states," all of whom threatened "users of networked information systems."
Minihan singled out Russia and China; the latter, he said, had already incorporated cyber-warfare into its military training. He also pointed to the emergence of "transnational security challenges," including terrorism, drug trafficking, and international organized crime. "These opportunists, enabled by the explosion of technology and the availability of inexpensive, secure means of communication, pose a significant threat to the interests of the United States and its allies," Minihan said.
A former senior NSA official said that the agency also worried that because these groups understood privacy laws so well, they knew how to avoid detection and could predict what the NSA would, and wouldn't, do to track them. "There was such a nuanced understanding of how to tie us in knots and use American law against us, that there were certainly pockets of people saying, 'We've got to be assertive; we've got to be more aggressive on this,' " the former official said.
Hayden, who ran the NSA from 1999 to 2005, was well known for his willingness to push operations to the legal edge. "We're pretty aggressive within the law," Hayden said in public remarks after 9/11. "As a professional, I'm troubled if I'm not using the full authority allowed by law."
Hayden has repeated that refrain since the attacks. But former intelligence officials doubted that he would have authorized any request to Qwest, or other companies, that he believed violated the law. They noted, however, that many in the agency had long thought that monitoring "metadata," such as a phone number, the length of a call, or a series of calls placed from a particular phone, didn't implicate privacy because such information didn't constitute the "content" of a message -- its written or spoken words.
Published in National Journal
Labels: Cyber War, Law, National Security Agency, Technology, Terrorism
Full Article
The Terrorism Enhancement: An obscure law stretches the definition of terrorism, and metes out severe punishments.
Friday, July 13, 2007
There’s no doubt about it: Daniel McGowan is a criminal. In January 2001, he stood lookout while other members of a radical environmentalist group set fire to the offices of the Superior Lumber Co. in the tiny southwestern Oregon town of Glendale. In statement issued after the fire, McGowan justified the after-hours assault, calling Superior “a typical earth raper contributing to the ecological destruction of the Northwest.” Five months later, in the northern town of Clatskanie, McGowan and others torched a farm that grew hybrid poplar-cottonwood trees, which they denounced in another public message as “an ecological nightmare threatening native biodiversity in the ecosystem.” At the scene, McGowan painted the letters ELF, the acronym of the Earth Liberation Front, an underground band of economic saboteurs responsible for a string of arsons across the Northwest and in Colorado and Wyoming. McGowan, fully committed to ELF’s violent tactics, caused more than $2 million in property damage. He is, by the letter of the law and by his own admission of involvement in the two fires, an arsonist.
But is Daniel McGowan a terrorist? As far as the law is concerned, yes. Last month, a U.S. District Court judge in Eugene, Ore., ruled that McGowan set the fire at the tree farm to intimidate state governments. Specifically, the Clatskanie statement had declared, “Pending legislation in Oregon and Washington further criminalizing direct action in defense of the wild will not stop us and only highlights the fragility of the ecocidal empire.” That one sentence, the judge found, showed that McGowan meant to influence the conduct of government by intimidation or coercion, a particular legal standard that elevated his crime from simple arson to terrorism. Under the law, that gave the judge the authority to increase McGowan’s sentence to life in prison. In the end, however, she gave him seven years for his role in the arsons, partly because McGowan helped to persuade his co-conspirators to plead guilty.
McGowan is one of the latest defendants to come under the so-called terrorism enhancement, an obscure measure that allows judges to dramatically increase a person’s sentence if his or her offense “involved, or was intended to promote, a federal crime of terrorism,” as defined by Congress. Enacted in 1995 after the bombings of the World Trade Center and the Alfred P. Murrah Federal Building in Oklahoma City, the law aimed to stiffen sanctions rather than create new categories of crimes.
There is no comprehensive accounting of how often the enhancement has been used, but in the last eight years, federal prosecutors have successfully applied it against at least 57 individuals, according to the U.S. Sentencing Commission and court records. (There is no way to determine how many times prosecutors might have been unsuccessful.) Some of their crimes fit the traditional concept of terrorism, at least the one that the public has come to know in the wake of the 9/11 attacks: indiscriminant assaults on civilian populations, usually inspired by a fundamentalist religious ideology, that are intended to cause mass casualties.
However, an extensive examination by National Journal of cases where the enhancement was in play suggests that the government more often targets individuals who didn’t commit a religiously motivated act of terrorism, or who consciously avoided human casualties. Some defendants were driven by political outrage, and specifically targeted government facilities. But their crimes, while serious and violent, were covered by well-established definitions and punishments.
“We already have a very solid sentencing structure that punishes people for their crimes. This is beyond that,” says Deborah Buckman, a lawyer and an author for the professional journal American Law Reports Federal, who wrote a lengthy report on terrorism enhancements.
Stretching the Limits
In addition to McGowan, judges have imposed the enhancement on criminals for whom the label “terrorist” strikes some lawyers and judges as dubious. They include two men who set fire to an Internal Revenue Service office to protest tax collection; an anti-abortion activist who concocted a plan to blow up abortion clinics but never carried it out; a mentally ill man who telephoned bomb threats against local government offices and a television station; and a man who threatened a federal judge who had ruled against him in a trademark infringement case. Because of his plea deal, McGowan did not receive a tougher sentence despite the judge’s finding. But in other cases, the enhancement has dramatically increased the defendant’s prison time—sometimes more than threefold.
National Journal reviewed 35 cases that were publicly available through legal databases or court records. Fewer than half—13—involved individuals accused of supporting or conspiring with radical Islamic organizations. Three defendants were found to have actively engaged in formulating plots—one to attack the New York City subway system, the other the foiled attack on Los Angeles International Airport during New Year’s celebrations in 1999. A judge also applied the enhancement to John Walker Lindh’s conviction for supplying services to the Taliban regime, and he received a 20-year sentence.
The remaining defendants in those 13 cases provided “material support” to terrorist groups or engaged in preliminary plotting. In one case, the enhancement was applied to a young man who had backed out of a plan to blow up electrical substations in Florida. The government apparently has not sought the enhancement in some high-profile terrorism cases, including that of Zacarias Moussaoui, who was convicted of conspiracy in connection with the September 11 attacks and sentenced to life imprisonment without invoking the enhancement. However, prosecutors did use the law against the “Lackawanna Six,” a group of U.S. citizens in New York state who pleaded guilty to providing material support to Al Qaeda.
The application of the terrorism enhancement has largely been overlooked by the media, legal scholars, Congress, and terrorism analysts. The Justice Department is tight-lipped about how prosecutors determine when to seek it. Department officials declined National Journal’s request for an interview, and several federal prosecutors were reluctant to speak on the record about what motivates them to use it. Dean Boyd, the spokesman for Justice’s National Security Division, which oversees terrorism matters, said, “The decision by federal prosecutors to seek [the] enhancement depends on the facts and circumstances of each particular case. Ultimately, it is up to a federal judge to determine whether or not to apply the enhancement at sentencing.”
The enhancement has outraged some defense lawyers and judges, who see it as a government shortcut to label criminals as terrorists and to punish them in extraordinary ways. A judge, not a jury, decides whether the enhancement applies, based on a threshold of evidence lower than reasonable doubt. The enhancement automatically elevates a defendant’s criminal history—a key factor used to calculate sentences—to the highest possible level. It directs judges to increase the sentencing range at least “12 levels,” which can add 20 years. A defendant convicted of a relatively minor crime could suddenly find himself serving prison time on par with a hardened offender.
“It’s a very onerous enhancement, so when it applies, it’s really devastating,” says James Felman, a criminal defense lawyer and national authority on sentencing guidelines.
And it’s not just the enhancement’s severity that worries some experts. Courts have ruled that a judge can apply it even if a defendant wasn’t convicted of a terrorism act per se. The government need only convince a judge that the crime in question was aimed at the government and that it “involved, or was intended to promote” a specific act of terrorism—even one that was never carried out.
Congressional Confusion
Congress created the terrorism enhancement, not surprisingly, in response to terrorism. As early as 1991, but particularly after the World Trade Center bombing two years later, lawmakers and the Clinton administration realized that crimes involving terrorism—even if the act itself was already covered by statute—needed to be identified in law as such and accorded stiffer punishment. They wanted to account for the severity of the offenses, particularly the indiscriminant killing of civilians, and to deter future acts.
At the same time, lawmakers wanted to carefully define what qualified as terrorism. They had their work cut out for them. For starters, there was no crime of terrorism on the books. There still isn’t: Congress instead sought tougher sentences for a range of existing crimes when they were motivated by terrorist impulses.
Motive has always been a key to defining terrorism. That is, in fact, how society distinguishes the crime from other violent acts, such as murder or arson. Motivation and intent are also key factors in determining sentences. So, in the mid-1990s, Congress ordered the Sentencing Commission, which promulgates the guidelines, to include an anti-terrorism factor in the sentencing phase that accounted for specific crimes and required a basic motivation to affect, influence, or retaliate against government conduct.
Lawmakers gave explicit instructions that the enhancement had to meet two tests. First, there was the government-focused motive of the crime. That was broad, to be sure, but then Congress narrowed things a bit. The enhancement had to apply to one or more specific offenses enumerated in a section of the U.S. Code covering “acts of terrorism transcending national boundaries.” This was, in effect, a master list that Congress wanted judges to use. Today, it contains more than 55 discrete offenses that qualify as terrorism when the requisite motive is present, including destruction of aircraft; use of biological and chemical weapons; the burning or bombing of government property in a way that risks or causes death; providing material support to terrorists; attacks on energy facilities; and assassinating the president.
In so doing, lawmakers wanted to ensure that judges would not apply the terrorism label too broadly. In its conference report on the anti-terrorism legislation that established the sentencing enhancement, the House Judiciary Committee signaled Congress’s intent: “In order to keep a sentencing judge from assigning a terrorist label to crimes that are truly not terrorist, and to adequately punish the terrorist for his offense, it is appropriate to define the term.”
Something, it seems, got lost in translation. The Sentencing Commission’s final version of the enhancement includes a key phrase that never appears in the congressional record: “ … involved, or is intended to promote, a federal crime of terrorism.” On the basis of those 11 words, judges have applied the enhancement broadly—perhaps more broadly than Congress
intended.
An enhancement for “international terrorism,” which had been on the books less than a year, did contain the phrase “involved or is intended to promote.” But there is no indication that Congress intended it to apply to the subsequent version that more specifically defined a crime of terrorism. Still, based on this arguably broader guideline, judges have consistently ruled that a defendant need not be convicted of one of the enumerated crimes of terrorism for the enhancement to apply, so long as the motivation is there. These judges have exhaustively researched the definitions of “involved” and “intended to promote,” pulling out case law, precedent, and even the dictionary.
A Landmark Case
The U.S. Court of Appeals for the 6th Circuit upheld this reading of the guidelines in a landmark enhancement case, which it decided only a few months after the September 11 attacks. Randy Graham, a Michigan marijuana farmer and member of the North American Militia, had been convicted of conspiracy against the United States, as well as various weapons and drug violations. Graham had plotted to launch a “first strike” on the U.S. government by attacking various communications, transportation, and energy facilities, and killing certain federal officials. A District Court judge applied the enhancement to one of his convictions—for an offense not contained in the list of terrorism crimes—finding that Graham intended to promote an act of terrorism by plotting to attack various federal facilities. (He never carried out the plan.) The underlying offense carried a maximum penalty of five years in prison; the judge boosted Graham’s sentence to 55 years.
In a vigorous dissent, Judge Avern Cohn said that Congress never intended for people not convicted of a crime of terrorism to be subject to the enhancement. Senators, in their final conference report, gave the Sentencing Commission clear instructions: The new provision was “applicable only to those specifically listed federal crimes of terrorism, upon conviction of those crimes with the necessary motivational element.” Cohn said he was at a loss to determine why the Sentencing Commission included “involved, or was intended to promote” in the final version, because Congress never instructed it to do so. As he saw it, the commission had gotten it wrong, and the judge who sentenced Graham had made the same mistake.
Cohn had no sympathy for Graham. He wrote that his disagreement on the enhancement issue “should not be considered in any way a denigration of Graham’s crimes or in any way an attempt to simply ameliorate the severity of his sentence.” But to apply the enhancement “effectively labels Graham a terrorist and his activity as displayed in the record as terroristic activity,” Cohn wrote. And that was “grossly contrary to the language…defining a ‘federal crime of terrorism,’ as well as the congressional intent to keep the definition narrow.”
Even with the shock of the attacks on the World Trade Center and the Pentagon still fresh, Cohn found little comparison with Graham’s conduct. “Graham’s actions depict grossly less offensive, and qualitatively different, conduct than that displayed on September 11, 2001.” Cohn added that Congress’s concern in drafting the enhancement was “much like the concern of the delegates to the Constitutional Convention of 1787 over the definition of ‘treason,’ that ‘terrorism’ being a phrase which carries far-reaching connotations … is not to be used indiscriminately and must be carefully defined.”
Critics of the terrorism enhancement have seized on this issue of congressional intent to argue that the courts have veered into forbidden territory. Whether Congress agrees is hard to gauge. The lawmakers and staff involved in creating the enhancement have either retired or taken new jobs. Several former House Judiciary Committee aides contacted by National Journal couldn’t recall the details of the proceedings. By all accounts, Congress hasn’t examined use of the terrorism enhancement since it created it more than a decade ago.
The Punishment and the Crime
Many lawyers who have argued against the law had never heard of it until their clients were facing long prison terms. Sometimes they won partial victories.
William Mason, a criminal defense lawyer in Columbus, Ga., represented Eddie Garey, who was convicted of making several telephone bomb threats involving buildings in Macon. (The trial was moved to Columbus, 100 miles away, because of extensive publicity.) Garey objected to the government’s recommendation that the terrorism enhancement be applied. It was a first for Mason, his court-appointed attorney. “We don’t get any terrorism cases in Columbus, Georgia,” he says.
A jury convicted Garey, whom Mason describes as “mentally ill,” of 27 counts arising from threats to blow up the Macon City Hall, a shopping mall, and a local television station. According to the indictment, over a nine-day period in September 2003, Garey called the threats in to the local 911 center, altering his voice and making demands for cash. Authorities traced the calls to Garey’s home and caught him in the act. “My client was arrested standing in the hallway of his house buck naked making a 911 call,” Mason says.
Garey’s presentencing report, prepared by a local probation officer, recommended the enhancement because he was convicted of a crime involving the use of a weapon of mass destruction—an enumerated crime of terrorism—and because evidence at trial showed that Garey attempted to influence the conduct of government. The requisite elements were all there. Garey already faced a lengthy sentence based on the seriousness of his crimes, but the enhancement elevated his criminal history to the highest level. The probation report recommended a life sentence.
U.S. District Judge Clay D. Land found that a life sentence technically fit the guidelines. But there was a bigger principle at stake, he said, namely the overarching law that sentences must be based upon “the nature and circumstance of the offense and characteristics of the defendant.” The law directs a judge to impose a sentence that metes out appropriate punishment but not one that is more severe than necessary. In Garey’s case, a life term was excessive, regardless of what the terrorism enhancement dictated, Land ruled.
“In this case, the guidelines increase the defendant’s offense by 12 levels [approximately 20 years] for conduct of which he was not convicted by a jury,” the judge found. Garey was “arguably being held criminally responsible for conduct for which he was not indicted.” Because of the enhancement, Land pointed out, Garey faced a harsher punishment for threatening to blow up a building than would someone who actually followed through on that threat. “A violation for ‘threatening’ to commit an offense of international terrorism … has a maximum sentence of 10 years. Yet, this defendant, who ‘threatened’ to bomb various public facilities, faces life imprisonment.” The judge continued, “It is also troubling that another defendant who carried out a threat to bomb public facilities, injuring and maiming (but not killing) thousands of people, would face the same sentence as this defendant who did not cause physical injury to a single person.”
Land said that elevating Garey’s criminal history to the highest level “ignores the individual ‘history and characteristics’ of the defendant, and instead places too much weight on a questionable interpretation of what constitutes a federal crime of terrorism under the guidelines.”
Land reduced Garey’s criminal history level to the middle range and applied a new sentence—30 years.
Mason, Garey’s attorney, says that there’s no doubt his client’s behavior was “terror-invoking.” But he thinks that the enhancement is not being applied the way that Congress intended. “They want to be able to punish the guy who helped the [9/11 hijackers] sign up for flight school,” Mason says. Garey, by contrast, is an obviously disturbed man who never carried out his threats.
At least one other court has also balked at the dramatic sentencing increases imposed by the enhancement. In July 2004, the U.S. Court of Appeals for the 11th Circuit ruled on the case of Imran Mandhai, an apparently confused would-be jihadist who, over the course of several months, committed to and then backed out of a plot to blow up electrical substations in Florida. Whether Mandhai—who was 18 at the time—really intended to wage war against the government, he never followed through. But in May 2002, the government charged him with conspiring to blow up the stations; Mandhai pleaded guilty in exchange for a reduced sentence.
Federal prosecutors sought the terrorism enhancement, and a judge found that it applied. But he also reduced Mandhai’s sentence because the crime was inchoate. The government appealed to the 11th Circuit, which found that the district judge had acted improperly in the way he reduced Mandhai’s sentence but that he was right to consider the totality of Mandhai’s actions when deciding to deviate from the enhancement’s harsh penalty.
“The terrorism enhancement prevents the penalty from fitting the crime, based on the facts of this record,” the court ruled. “It is easy to forget that the sentencing guidelines are merely that—guidelines. Any attempt to remove all judicial discretion in sentencing would raise serious concerns about the separation of powers.”
The judges remanded Mandhai’s case, and he ultimately received a 14-year prison sentence. Last October, the Supreme Court denied his petition for a hearing. To date, the high court has not heard a single case involving the terrorism enhancement.
A Winning Streak
Taken on their own, the passionate objections and deep concerns surrounding the terrorism enhancement might suggest that the government is having a hard time getting the law to stick. In fact, the opposite is true.
The review of publicly available cases shows that judges uphold the government’s request for an enhancement far more often than they deny it. Prosecutors obtained the enhancement in 27 of the 35 cases that National Journal reviewed—more than 75 percent. To be sure, in a number of those cases the defendants did not object to the enhancement. The Lackawanna Six, for instance, agreed that it would be applied as part of their guilty pleas, and they were spared the 20-years-plus sentences because they cooperated with federal terrorism investigations.
But the government clearly wins on the enhancement more times than it loses, even when defendants object. Despite the skeptical opinions expressed by Cohn, Land, and the judges on the 11th Circuit, most judges appear to have had little problem accepting the guidelines at face value. This isn’t a leap of faith on their part. When it comes to matters of statutory interpretation, judges follow the language of the rule they’re given: They use it for a crime that “involved, or was intended to promote, a
federal crime of terrorism.”
In Daniel McGowan’s case, District Judge Ann Aiken noted that several judges before her—including those in the Graham and Mandhai cases—had offered no contrary statutory interpretation. Aiken applied the enhancement to one of McGowan’s crimes and to others committed by six of his co-defendants. The environmental saboteurs had been rounded up as part of the FBI’s Operation Backfire, a multi-agency investigation of ELF and the Animal Liberation Front.
The enhancement became a central focus of the Backfire cases. Environmental activists accused the government of trying to brand the defendants as “eco-terrorists” to advance the Bush administration’s security agenda. Defense attorneys strenuously objected to the enhancement, which they felt could land their clients in maximum-security penitentiaries with the most hardened criminals.
Echoing the sentiments of other Backfire defendants, the attorney for Kevin Tubbs, who pleaded guilty to multiple counts of arson and conspiracy, noted that the saboteurs took great pains to ensure that no one was harmed in the course of their crimes. (ELF and ALF are fundamentally opposed to taking any life, animal or human, their supporters say.) “A terrorist’s goal is to cause death, because death is the ultimate tool. Death is the ultimate source of fear,” Marc Friedman wrote in a 31-page objection
to the enhancement. “The government, and in particular this administration’s, use of the term ‘eco-terrorism’ and their efforts to tie these actions to domestic terrorism is misplaced. It seeks to place the actions of a loose group of animal rights and environmental activists on par with Timothy McVeigh [who blew up the Murrah Federal Building] and Al Qaeda.”
Friedman cited Judge Cohn’s dissent in the Graham case, arguing that Congress and the Sentencing Commission didn’t envision applying the law to defendants such as Tubbs, “defendants with no long history of association with international terrorist cells.” He portrayed his client as a passionate yet easily persuaded and manipulated man who, for a short period, engaged in “wrongful activities” for which he accepted full responsibility.
Judge Aiken was unmoved by Tubbs’s argument and those of his co-defendants. In sentencing Tubbs to 12 years and seven months’ imprisonment, she said that he had used fear as a tool. “You have created fear, made people fearful in their workplaces and homes,” she said. “Fear and intimidation can play no part in changing hearts and minds in a democracy.” Addressing the larger group of defendants, Aiken lamented, “You all seem to be very smart people. Why couldn’t kindness have been your tool? Stop destroying the Earth to send a message.”
In sentencing the activists under the terrorism enhancement, Aiken insisted that she was not trying to send a message. “The issue the court must decide is not whether the defendants are ‘terrorists’ as the word is commonly used,” she wrote in a lengthy ruling. “Nor is it appropriate for the court to speculate whether the government seeks to promote a particular political agenda or to punish a particular form of activism in requesting the terrorism enhancement.… The debate is about the defendants' criminal conduct—not their political beliefs.”
Prosecutors spent considerable time and energy securing the enhancement. They refused to take it off the table during plea negotiations, says Amanda Lee, McGowan’s attorney. But in the end, none of the defendants received more prison time. In fact, the government recommended reductions equal to the enhancement’s increases. The terrorism label stuck—and McGowan, as part of his plea, agreed not to appeal—but it had no real effect on the sentences.
The government has recommended reduced sentences, usually for cooperative defendants, in a number of other cases where it sought the enhancement. In still others, prosecutors have sought the enhancement only after a defendant reneged on an agreement to cooperate. This has led some analysts to conclude that it’s not always policy and principle that guide the government’s decisions on whom to treat as a terrorist.
Friday, July 13, 2007
There’s no doubt about it: Daniel McGowan is a criminal. In January 2001, he stood lookout while other members of a radical environmentalist group set fire to the offices of the Superior Lumber Co. in the tiny southwestern Oregon town of Glendale. In statement issued after the fire, McGowan justified the after-hours assault, calling Superior “a typical earth raper contributing to the ecological destruction of the Northwest.” Five months later, in the northern town of Clatskanie, McGowan and others torched a farm that grew hybrid poplar-cottonwood trees, which they denounced in another public message as “an ecological nightmare threatening native biodiversity in the ecosystem.” At the scene, McGowan painted the letters ELF, the acronym of the Earth Liberation Front, an underground band of economic saboteurs responsible for a string of arsons across the Northwest and in Colorado and Wyoming. McGowan, fully committed to ELF’s violent tactics, caused more than $2 million in property damage. He is, by the letter of the law and by his own admission of involvement in the two fires, an arsonist.
But is Daniel McGowan a terrorist? As far as the law is concerned, yes. Last month, a U.S. District Court judge in Eugene, Ore., ruled that McGowan set the fire at the tree farm to intimidate state governments. Specifically, the Clatskanie statement had declared, “Pending legislation in Oregon and Washington further criminalizing direct action in defense of the wild will not stop us and only highlights the fragility of the ecocidal empire.” That one sentence, the judge found, showed that McGowan meant to influence the conduct of government by intimidation or coercion, a particular legal standard that elevated his crime from simple arson to terrorism. Under the law, that gave the judge the authority to increase McGowan’s sentence to life in prison. In the end, however, she gave him seven years for his role in the arsons, partly because McGowan helped to persuade his co-conspirators to plead guilty.
McGowan is one of the latest defendants to come under the so-called terrorism enhancement, an obscure measure that allows judges to dramatically increase a person’s sentence if his or her offense “involved, or was intended to promote, a federal crime of terrorism,” as defined by Congress. Enacted in 1995 after the bombings of the World Trade Center and the Alfred P. Murrah Federal Building in Oklahoma City, the law aimed to stiffen sanctions rather than create new categories of crimes.
There is no comprehensive accounting of how often the enhancement has been used, but in the last eight years, federal prosecutors have successfully applied it against at least 57 individuals, according to the U.S. Sentencing Commission and court records. (There is no way to determine how many times prosecutors might have been unsuccessful.) Some of their crimes fit the traditional concept of terrorism, at least the one that the public has come to know in the wake of the 9/11 attacks: indiscriminant assaults on civilian populations, usually inspired by a fundamentalist religious ideology, that are intended to cause mass casualties.
However, an extensive examination by National Journal of cases where the enhancement was in play suggests that the government more often targets individuals who didn’t commit a religiously motivated act of terrorism, or who consciously avoided human casualties. Some defendants were driven by political outrage, and specifically targeted government facilities. But their crimes, while serious and violent, were covered by well-established definitions and punishments.
“We already have a very solid sentencing structure that punishes people for their crimes. This is beyond that,” says Deborah Buckman, a lawyer and an author for the professional journal American Law Reports Federal, who wrote a lengthy report on terrorism enhancements.
Stretching the Limits
In addition to McGowan, judges have imposed the enhancement on criminals for whom the label “terrorist” strikes some lawyers and judges as dubious. They include two men who set fire to an Internal Revenue Service office to protest tax collection; an anti-abortion activist who concocted a plan to blow up abortion clinics but never carried it out; a mentally ill man who telephoned bomb threats against local government offices and a television station; and a man who threatened a federal judge who had ruled against him in a trademark infringement case. Because of his plea deal, McGowan did not receive a tougher sentence despite the judge’s finding. But in other cases, the enhancement has dramatically increased the defendant’s prison time—sometimes more than threefold.
National Journal reviewed 35 cases that were publicly available through legal databases or court records. Fewer than half—13—involved individuals accused of supporting or conspiring with radical Islamic organizations. Three defendants were found to have actively engaged in formulating plots—one to attack the New York City subway system, the other the foiled attack on Los Angeles International Airport during New Year’s celebrations in 1999. A judge also applied the enhancement to John Walker Lindh’s conviction for supplying services to the Taliban regime, and he received a 20-year sentence.
The remaining defendants in those 13 cases provided “material support” to terrorist groups or engaged in preliminary plotting. In one case, the enhancement was applied to a young man who had backed out of a plan to blow up electrical substations in Florida. The government apparently has not sought the enhancement in some high-profile terrorism cases, including that of Zacarias Moussaoui, who was convicted of conspiracy in connection with the September 11 attacks and sentenced to life imprisonment without invoking the enhancement. However, prosecutors did use the law against the “Lackawanna Six,” a group of U.S. citizens in New York state who pleaded guilty to providing material support to Al Qaeda.
The application of the terrorism enhancement has largely been overlooked by the media, legal scholars, Congress, and terrorism analysts. The Justice Department is tight-lipped about how prosecutors determine when to seek it. Department officials declined National Journal’s request for an interview, and several federal prosecutors were reluctant to speak on the record about what motivates them to use it. Dean Boyd, the spokesman for Justice’s National Security Division, which oversees terrorism matters, said, “The decision by federal prosecutors to seek [the] enhancement depends on the facts and circumstances of each particular case. Ultimately, it is up to a federal judge to determine whether or not to apply the enhancement at sentencing.”
The enhancement has outraged some defense lawyers and judges, who see it as a government shortcut to label criminals as terrorists and to punish them in extraordinary ways. A judge, not a jury, decides whether the enhancement applies, based on a threshold of evidence lower than reasonable doubt. The enhancement automatically elevates a defendant’s criminal history—a key factor used to calculate sentences—to the highest possible level. It directs judges to increase the sentencing range at least “12 levels,” which can add 20 years. A defendant convicted of a relatively minor crime could suddenly find himself serving prison time on par with a hardened offender.
“It’s a very onerous enhancement, so when it applies, it’s really devastating,” says James Felman, a criminal defense lawyer and national authority on sentencing guidelines.
And it’s not just the enhancement’s severity that worries some experts. Courts have ruled that a judge can apply it even if a defendant wasn’t convicted of a terrorism act per se. The government need only convince a judge that the crime in question was aimed at the government and that it “involved, or was intended to promote” a specific act of terrorism—even one that was never carried out.
Congressional Confusion
Congress created the terrorism enhancement, not surprisingly, in response to terrorism. As early as 1991, but particularly after the World Trade Center bombing two years later, lawmakers and the Clinton administration realized that crimes involving terrorism—even if the act itself was already covered by statute—needed to be identified in law as such and accorded stiffer punishment. They wanted to account for the severity of the offenses, particularly the indiscriminant killing of civilians, and to deter future acts.
At the same time, lawmakers wanted to carefully define what qualified as terrorism. They had their work cut out for them. For starters, there was no crime of terrorism on the books. There still isn’t: Congress instead sought tougher sentences for a range of existing crimes when they were motivated by terrorist impulses.
Motive has always been a key to defining terrorism. That is, in fact, how society distinguishes the crime from other violent acts, such as murder or arson. Motivation and intent are also key factors in determining sentences. So, in the mid-1990s, Congress ordered the Sentencing Commission, which promulgates the guidelines, to include an anti-terrorism factor in the sentencing phase that accounted for specific crimes and required a basic motivation to affect, influence, or retaliate against government conduct.
Lawmakers gave explicit instructions that the enhancement had to meet two tests. First, there was the government-focused motive of the crime. That was broad, to be sure, but then Congress narrowed things a bit. The enhancement had to apply to one or more specific offenses enumerated in a section of the U.S. Code covering “acts of terrorism transcending national boundaries.” This was, in effect, a master list that Congress wanted judges to use. Today, it contains more than 55 discrete offenses that qualify as terrorism when the requisite motive is present, including destruction of aircraft; use of biological and chemical weapons; the burning or bombing of government property in a way that risks or causes death; providing material support to terrorists; attacks on energy facilities; and assassinating the president.
In so doing, lawmakers wanted to ensure that judges would not apply the terrorism label too broadly. In its conference report on the anti-terrorism legislation that established the sentencing enhancement, the House Judiciary Committee signaled Congress’s intent: “In order to keep a sentencing judge from assigning a terrorist label to crimes that are truly not terrorist, and to adequately punish the terrorist for his offense, it is appropriate to define the term.”
Something, it seems, got lost in translation. The Sentencing Commission’s final version of the enhancement includes a key phrase that never appears in the congressional record: “ … involved, or is intended to promote, a federal crime of terrorism.” On the basis of those 11 words, judges have applied the enhancement broadly—perhaps more broadly than Congress
intended.
An enhancement for “international terrorism,” which had been on the books less than a year, did contain the phrase “involved or is intended to promote.” But there is no indication that Congress intended it to apply to the subsequent version that more specifically defined a crime of terrorism. Still, based on this arguably broader guideline, judges have consistently ruled that a defendant need not be convicted of one of the enumerated crimes of terrorism for the enhancement to apply, so long as the motivation is there. These judges have exhaustively researched the definitions of “involved” and “intended to promote,” pulling out case law, precedent, and even the dictionary.
A Landmark Case
The U.S. Court of Appeals for the 6th Circuit upheld this reading of the guidelines in a landmark enhancement case, which it decided only a few months after the September 11 attacks. Randy Graham, a Michigan marijuana farmer and member of the North American Militia, had been convicted of conspiracy against the United States, as well as various weapons and drug violations. Graham had plotted to launch a “first strike” on the U.S. government by attacking various communications, transportation, and energy facilities, and killing certain federal officials. A District Court judge applied the enhancement to one of his convictions—for an offense not contained in the list of terrorism crimes—finding that Graham intended to promote an act of terrorism by plotting to attack various federal facilities. (He never carried out the plan.) The underlying offense carried a maximum penalty of five years in prison; the judge boosted Graham’s sentence to 55 years.
In a vigorous dissent, Judge Avern Cohn said that Congress never intended for people not convicted of a crime of terrorism to be subject to the enhancement. Senators, in their final conference report, gave the Sentencing Commission clear instructions: The new provision was “applicable only to those specifically listed federal crimes of terrorism, upon conviction of those crimes with the necessary motivational element.” Cohn said he was at a loss to determine why the Sentencing Commission included “involved, or was intended to promote” in the final version, because Congress never instructed it to do so. As he saw it, the commission had gotten it wrong, and the judge who sentenced Graham had made the same mistake.
Cohn had no sympathy for Graham. He wrote that his disagreement on the enhancement issue “should not be considered in any way a denigration of Graham’s crimes or in any way an attempt to simply ameliorate the severity of his sentence.” But to apply the enhancement “effectively labels Graham a terrorist and his activity as displayed in the record as terroristic activity,” Cohn wrote. And that was “grossly contrary to the language…defining a ‘federal crime of terrorism,’ as well as the congressional intent to keep the definition narrow.”
Even with the shock of the attacks on the World Trade Center and the Pentagon still fresh, Cohn found little comparison with Graham’s conduct. “Graham’s actions depict grossly less offensive, and qualitatively different, conduct than that displayed on September 11, 2001.” Cohn added that Congress’s concern in drafting the enhancement was “much like the concern of the delegates to the Constitutional Convention of 1787 over the definition of ‘treason,’ that ‘terrorism’ being a phrase which carries far-reaching connotations … is not to be used indiscriminately and must be carefully defined.”
Critics of the terrorism enhancement have seized on this issue of congressional intent to argue that the courts have veered into forbidden territory. Whether Congress agrees is hard to gauge. The lawmakers and staff involved in creating the enhancement have either retired or taken new jobs. Several former House Judiciary Committee aides contacted by National Journal couldn’t recall the details of the proceedings. By all accounts, Congress hasn’t examined use of the terrorism enhancement since it created it more than a decade ago.
The Punishment and the Crime
Many lawyers who have argued against the law had never heard of it until their clients were facing long prison terms. Sometimes they won partial victories.
William Mason, a criminal defense lawyer in Columbus, Ga., represented Eddie Garey, who was convicted of making several telephone bomb threats involving buildings in Macon. (The trial was moved to Columbus, 100 miles away, because of extensive publicity.) Garey objected to the government’s recommendation that the terrorism enhancement be applied. It was a first for Mason, his court-appointed attorney. “We don’t get any terrorism cases in Columbus, Georgia,” he says.
A jury convicted Garey, whom Mason describes as “mentally ill,” of 27 counts arising from threats to blow up the Macon City Hall, a shopping mall, and a local television station. According to the indictment, over a nine-day period in September 2003, Garey called the threats in to the local 911 center, altering his voice and making demands for cash. Authorities traced the calls to Garey’s home and caught him in the act. “My client was arrested standing in the hallway of his house buck naked making a 911 call,” Mason says.
Garey’s presentencing report, prepared by a local probation officer, recommended the enhancement because he was convicted of a crime involving the use of a weapon of mass destruction—an enumerated crime of terrorism—and because evidence at trial showed that Garey attempted to influence the conduct of government. The requisite elements were all there. Garey already faced a lengthy sentence based on the seriousness of his crimes, but the enhancement elevated his criminal history to the highest level. The probation report recommended a life sentence.
U.S. District Judge Clay D. Land found that a life sentence technically fit the guidelines. But there was a bigger principle at stake, he said, namely the overarching law that sentences must be based upon “the nature and circumstance of the offense and characteristics of the defendant.” The law directs a judge to impose a sentence that metes out appropriate punishment but not one that is more severe than necessary. In Garey’s case, a life term was excessive, regardless of what the terrorism enhancement dictated, Land ruled.
“In this case, the guidelines increase the defendant’s offense by 12 levels [approximately 20 years] for conduct of which he was not convicted by a jury,” the judge found. Garey was “arguably being held criminally responsible for conduct for which he was not indicted.” Because of the enhancement, Land pointed out, Garey faced a harsher punishment for threatening to blow up a building than would someone who actually followed through on that threat. “A violation for ‘threatening’ to commit an offense of international terrorism … has a maximum sentence of 10 years. Yet, this defendant, who ‘threatened’ to bomb various public facilities, faces life imprisonment.” The judge continued, “It is also troubling that another defendant who carried out a threat to bomb public facilities, injuring and maiming (but not killing) thousands of people, would face the same sentence as this defendant who did not cause physical injury to a single person.”
Land said that elevating Garey’s criminal history to the highest level “ignores the individual ‘history and characteristics’ of the defendant, and instead places too much weight on a questionable interpretation of what constitutes a federal crime of terrorism under the guidelines.”
Land reduced Garey’s criminal history level to the middle range and applied a new sentence—30 years.
Mason, Garey’s attorney, says that there’s no doubt his client’s behavior was “terror-invoking.” But he thinks that the enhancement is not being applied the way that Congress intended. “They want to be able to punish the guy who helped the [9/11 hijackers] sign up for flight school,” Mason says. Garey, by contrast, is an obviously disturbed man who never carried out his threats.
At least one other court has also balked at the dramatic sentencing increases imposed by the enhancement. In July 2004, the U.S. Court of Appeals for the 11th Circuit ruled on the case of Imran Mandhai, an apparently confused would-be jihadist who, over the course of several months, committed to and then backed out of a plot to blow up electrical substations in Florida. Whether Mandhai—who was 18 at the time—really intended to wage war against the government, he never followed through. But in May 2002, the government charged him with conspiring to blow up the stations; Mandhai pleaded guilty in exchange for a reduced sentence.
Federal prosecutors sought the terrorism enhancement, and a judge found that it applied. But he also reduced Mandhai’s sentence because the crime was inchoate. The government appealed to the 11th Circuit, which found that the district judge had acted improperly in the way he reduced Mandhai’s sentence but that he was right to consider the totality of Mandhai’s actions when deciding to deviate from the enhancement’s harsh penalty.
“The terrorism enhancement prevents the penalty from fitting the crime, based on the facts of this record,” the court ruled. “It is easy to forget that the sentencing guidelines are merely that—guidelines. Any attempt to remove all judicial discretion in sentencing would raise serious concerns about the separation of powers.”
The judges remanded Mandhai’s case, and he ultimately received a 14-year prison sentence. Last October, the Supreme Court denied his petition for a hearing. To date, the high court has not heard a single case involving the terrorism enhancement.
A Winning Streak
Taken on their own, the passionate objections and deep concerns surrounding the terrorism enhancement might suggest that the government is having a hard time getting the law to stick. In fact, the opposite is true.
The review of publicly available cases shows that judges uphold the government’s request for an enhancement far more often than they deny it. Prosecutors obtained the enhancement in 27 of the 35 cases that National Journal reviewed—more than 75 percent. To be sure, in a number of those cases the defendants did not object to the enhancement. The Lackawanna Six, for instance, agreed that it would be applied as part of their guilty pleas, and they were spared the 20-years-plus sentences because they cooperated with federal terrorism investigations.
But the government clearly wins on the enhancement more times than it loses, even when defendants object. Despite the skeptical opinions expressed by Cohn, Land, and the judges on the 11th Circuit, most judges appear to have had little problem accepting the guidelines at face value. This isn’t a leap of faith on their part. When it comes to matters of statutory interpretation, judges follow the language of the rule they’re given: They use it for a crime that “involved, or was intended to promote, a
federal crime of terrorism.”
In Daniel McGowan’s case, District Judge Ann Aiken noted that several judges before her—including those in the Graham and Mandhai cases—had offered no contrary statutory interpretation. Aiken applied the enhancement to one of McGowan’s crimes and to others committed by six of his co-defendants. The environmental saboteurs had been rounded up as part of the FBI’s Operation Backfire, a multi-agency investigation of ELF and the Animal Liberation Front.
The enhancement became a central focus of the Backfire cases. Environmental activists accused the government of trying to brand the defendants as “eco-terrorists” to advance the Bush administration’s security agenda. Defense attorneys strenuously objected to the enhancement, which they felt could land their clients in maximum-security penitentiaries with the most hardened criminals.
Echoing the sentiments of other Backfire defendants, the attorney for Kevin Tubbs, who pleaded guilty to multiple counts of arson and conspiracy, noted that the saboteurs took great pains to ensure that no one was harmed in the course of their crimes. (ELF and ALF are fundamentally opposed to taking any life, animal or human, their supporters say.) “A terrorist’s goal is to cause death, because death is the ultimate tool. Death is the ultimate source of fear,” Marc Friedman wrote in a 31-page objection
to the enhancement. “The government, and in particular this administration’s, use of the term ‘eco-terrorism’ and their efforts to tie these actions to domestic terrorism is misplaced. It seeks to place the actions of a loose group of animal rights and environmental activists on par with Timothy McVeigh [who blew up the Murrah Federal Building] and Al Qaeda.”
Friedman cited Judge Cohn’s dissent in the Graham case, arguing that Congress and the Sentencing Commission didn’t envision applying the law to defendants such as Tubbs, “defendants with no long history of association with international terrorist cells.” He portrayed his client as a passionate yet easily persuaded and manipulated man who, for a short period, engaged in “wrongful activities” for which he accepted full responsibility.
Judge Aiken was unmoved by Tubbs’s argument and those of his co-defendants. In sentencing Tubbs to 12 years and seven months’ imprisonment, she said that he had used fear as a tool. “You have created fear, made people fearful in their workplaces and homes,” she said. “Fear and intimidation can play no part in changing hearts and minds in a democracy.” Addressing the larger group of defendants, Aiken lamented, “You all seem to be very smart people. Why couldn’t kindness have been your tool? Stop destroying the Earth to send a message.”
In sentencing the activists under the terrorism enhancement, Aiken insisted that she was not trying to send a message. “The issue the court must decide is not whether the defendants are ‘terrorists’ as the word is commonly used,” she wrote in a lengthy ruling. “Nor is it appropriate for the court to speculate whether the government seeks to promote a particular political agenda or to punish a particular form of activism in requesting the terrorism enhancement.… The debate is about the defendants' criminal conduct—not their political beliefs.”
Prosecutors spent considerable time and energy securing the enhancement. They refused to take it off the table during plea negotiations, says Amanda Lee, McGowan’s attorney. But in the end, none of the defendants received more prison time. In fact, the government recommended reductions equal to the enhancement’s increases. The terrorism label stuck—and McGowan, as part of his plea, agreed not to appeal—but it had no real effect on the sentences.
The government has recommended reduced sentences, usually for cooperative defendants, in a number of other cases where it sought the enhancement. In still others, prosecutors have sought the enhancement only after a defendant reneged on an agreement to cooperate. This has led some analysts to conclude that it’s not always policy and principle that guide the government’s decisions on whom to treat as a terrorist.
The Bargaining Chip
Deborah Buckman, the lawyer who studied the use of enhancements, says she always suspected that the government had some motivation other than punishing terrorism.
“I felt, all the way through, that there’s got to be some game going on here,” she says. “It’s so outrageous that you can take someone who would get five to 10 years and sentence them for the rest of their lives.”
Buckman says she sees a pattern in the government’s often inconsistent application of the enhancement. “In the end, it really is just a bargaining chip,” she says. The threat of 20 years or more in prison is enough to compel almost any defendant to cooperate. Indeed, in the cases in which prosecutors sought the enhancement, but also offered sentence reductions, the defendants usually pleaded guilty and agreed to provide the government with information about their crimes or conspiracies.
When defendants renege on their agreements, case history suggests that the government punishes them by applying the enhancement stringently. Randy Graham, for example, initially agreed to cooperate with investigators and plead guilty to one count of conspiracy against the United States, which carries a five-year penalty. Graham’s co-conspirator, Ken Carter, who was the commanding officer of their North American Militia, pleaded guilty to the same charge in exchange for total cooperation with the government. In outlining the sentencing guidelines for Carter and Graham, prosecutors never mentioned the terrorism enhancement. It surfaced in Graham’s case only after he withdrew his plea and went to trial.
The first reference appeared in the government’s presentencing report after a jury found Graham guilty. Prosecutors—apparently without written justification—recommended that the enhancement be applied to not one but four of Graham’s offenses, three of which were not enumerated crimes of terrorism. The judge applied the enhancement to one of the unlisted crimes; Graham appealed, and the 6th Circuit Court’s ruling against him became a national precedent.
But what about Carter’s case? Likewise, the government never mentioned the terrorism enhancement until it submitted a presentencing report. But when the court used those recommendations to determine Carter’s punishment, it departed from the guideline range—that potentially 20-year increase—“because the count of conviction carries a five-year maximum statutory penalty.” Carter got a lesser sentence than Graham, even though he was the militia leader and their conspiracy crimes were the same. The court also recommended to the Bureau of Prisons “that [Carter] be placed in a less-secure facility than may be indicated by criminal history category VI,” the highest level, which the enhancement requires. “In fact, his true criminal history is I.”
Assessing the disparity in sentences between Graham and Carter, Judge Cohn questioned whether the government really thought either man was a terrorist. “Approving a plea agreement which limited [Carter’s] sentence to 60 months was a recognition of the fact that the district court did not believe that Carter committed a ‘federal act of terrorism,’ ” Cohn wrote. “The government also did not consider Carter a terrorist, as evidenced by his plea agreement. Likewise, the government did not view Graham as committing a ‘federal crime of terrorism’ until after it received the [presentencing report].”
Constitutional Stakes
The terrorism enhancement could open a veritable Pandora’s box of constitutional concerns, in light of recent Supreme Court rulings that judges need only consult the sentencing guidelines—they are no longer mandatory. Terrorism enhancement is applied at the judge’s discretion, says Bobby Chesney, an associate professor of law at Wake Forest University Law School, who specializes in national security issues. Because judges can choose when to use the enhancement, Congress’s intent when it crafted the law is less important, Chesney says.
Some experts say that a bigger question is whether a jury should decide when to apply the enhancement. In the landmark case U.S. v. Booker, the Supreme Court ruled that under the Sixth Amendment a jury must determine any facts that increase a criminal defendant’s sentence beyond the customary range for his or her particular crime—which is what the terrorism enhancement does. The standard of evidence is the same as at trial: beyond a reasonable doubt. However, the Court stopped short of requiring juries to review sentencing enhancements. Instead, the sentencing guidelines are now only advisory—judges still have to consult them, but they are no longer required to sentence defendants according to the ranges that the guidelines recommend. So far, judges have ruled that the terrorism enhancement requires a lower evidentiary threshold than reasonable doubt, and no jury has been involved in an enhancement decision. This uneasiness over judges, rather than juries, applying the sentencing law goes to the heart of the Supreme Court’s decision to hear Booker, as well as Washington v. Blakely, which concerned state sentencing guidelines. There, the Court ruled that judges couldn’t
enhance sentences based on facts that a jury didn’t decide.
Felman, the sentencing expert, notes that those rulings didn’t require juries to decide enhancements. Instead, they required sentencing judges to use discretion, and to keep in mind the nature of the crime. “They should not consider themselves bound to sentence within a range determined by the guidelines where it results in a sentence greater than what is necessary to achieve the purposes of punishment,” he says.
Looking to the future of the terrorism enhancement, Felman and other experts ponder the possibilities. In the wake of an event on the scale of 9/11, might prosecutors use the enhancement to label more people as terrorists, or to punish a wider variety of offenses that they believe were “intended to promote” violence against the government?
“Absolutely,” Felman says. “There aren’t too many examples in our history of prosecutors not using power given to them.
“A line prosecutor doesn’t need to get anyone’s permission to go ask for an enhancement. They just do it,” Felman says. That’s problematic, he thinks, when grappling with a concept as amorphous as terrorism. “The word terrorism is kind of a dangerous one,” Felman says. “It’s just inherently going to result in some unfair applications. Any time you have an adjustment that is that large, the potential for abuse is great.”
Reporting Interns Alexander Burns and Candace Mitchell contributed to
this article.
Published in National Journal.
Labels: Homeland Security, Law, Terrorism
Full Article
More than Meets the Ear
Friday, March 17, 2006
The National Security Agency's warantless surveillance program is broader than officials have described.
The Bush administration has assiduously avoided any talk about the actual workings of its program to intercept the phone calls and e-mails of people in the United States who are suspected of having links to terrorists abroad. Officials' unwavering script goes like this: Present the legal justifications for the president to authorize domestic electronic surveillance without warrants, but say nothing about how the National Security Agency actually does it -- or about what else the agency might be doing.
But when Attorney General Alberto Gonzales appeared before the Senate Judiciary Committee on February 6 to answer questions about the program, what he didn't say pulled back the curtain on how the NSA decides which calls and e-mails to monitor. The agency bases those decisions on a broad and less focused surveillance than officials have publicly described, a surveillance that may, or may not, be legal.
In a hearing that lasted more than eight hours, Gonzales, who didn't testify under oath, dutifully batted away senators' inquiries about "operational details" and stayed silent, under determined questioning by some Democrats, about other warrantless programs that the president might have secretly authorized. When the hearing finally ended, so did Gonzales's comments on the program.
Until 22 days later. On February 28, Gonzales sent committee Chairman Arlen Specter, R-Pa., a six-page letter, partly to respond to questions he was unprepared to answer at the hearing, but also "to clarify certain of my responses" in the earlier testimony. In the letter, Gonzales took pains to correct any "misimpressions" that he might have created about whether the Justice Department had assessed the legality of intercepting purely domestic communications, for example, as opposed to those covered by the NSA program, in which one party is outside the United States. The attorney general didn't say that Justice had contemplated the legality of purely domestic eavesdropping without a warrant, but he also didn't say it hadn't.
Gonzales's letter was intriguing for what else it didn't say, especially on one point: With exacting language, he narrowed the scope of his comments to address only "questions relating to the specific NSA activities that have been publicly confirmed by the president." Then, as if to avoid any confusion, Gonzales added, "Those activities involve the interception by the NSA of the contents of communications" involving suspected terrorists and people in the United States.
Slightly, and with a single word, Gonzales was tipping his hand. The content of electronic communications is usually considered to be the spoken words of a phone call or the written words in an electronic message. The term does not include the wealth of so-called transactional data that accompany every communication: a phone number, and what calls were placed to and from that number; the time a call was placed; whether the call was answered and how long it lasted, down to the second; the time and date that an e-mail message was sent, as well as its unique address and routing path, which reveals the location of the computer that sent it and, presumably, the author.
Considering that terrorists often talk and write in code, the transactional data of a communication, properly exploited, could yield more valuable intelligence than the content itself. "You will get a very full picture of a person's associations and their patterns of activity," said Jim Dempsey, the policy director of the Center for Democracy and Technology, an electronic-privacy advocacy group. "You'll know who they're talking to, when they're talking, how long, how frequently.... It's a lot [of information]. I mean, a lot."
According to sources who are familiar with the details of what the White House calls the "terrorist surveillance program," and who asked to remain anonymous because the program is still classified, analyzing transactional data is one of the first and most important steps the agency takes in deciding which phone calls to listen to and which electronic messages to read. Far from the limited or targeted surveillance that Gonzales, President Bush, and intelligence officials have described, this traffic analysis examines thousands, perhaps hundreds of thousands, of individuals, because nearly every phone number and nearly every e-mail address is connected to a person.
Patterns in the Sea
Analysis of telephone traffic patterns helps analysts and investigators spot relationships among people that aren't always obvious. For instance, imagine that a man in Portland, Ore., receives a call from someone at a pay phone in Brooklyn, N.Y., every Tuesday at 9 a.m. Also every Tuesday, but minutes earlier, the pay phone caller rings up a man in Miami. An investigator might look at that pattern and suspect that the men in Portland and Miami are communicating through the Brooklyn caller, who's acting as a kind of courier, to mask their relationship. Patterns like this have led criminal investigators into the inner workings of drug cartels and have proved vital in breaking these cartels up.
Terrorists employ similar masking techniques. They use go-betweens to circuitously route calls, and they change cellphones often to avoid detection. Transactional data, however, capture those behaviors. If NSA analysts -- or their computers -- can find these patterns or signatures, then they might find the terrorists, or at least know which ones they should monitor.
Just after 9/11, according to knowledgeable sources, the NSA began intercepting the communications of specific foreign persons and groups named on a list. The sources didn't specify whether persons inside the United States were monitored as part of that list. But a former government official who is knowledgeable about NSA activities and the warrantless surveillance program said that this original list of people and groups, or others like it, could have formed the base of the NSA's surveillance of transactional data, the parts of a communication that aren't considered content.
If the agency started with a list of phone numbers, it could find all the numbers dialed from those phones. The NSA could then learn what numbers were called from that second list of numbers, and what calls that list received, and so on, "pushing out" the lists until the agency had identified a vast network of callers and their transactional data, the former official said. The agency might eavesdrop on only a few conversations or e-mails. But starting with even an initial target list of, say, 10 phone numbers quickly yields a web of hundreds of thousands of communications, because the volume increases exponentially with every new layer of callers.
To find meaningful patterns in transactional data, analysts need a lot of it. They must set baselines about what constitutes "normal" behavior versus "suspicious" activity. Administration officials have said that the NSA doesn't intercept the contents of a communication unless officials have a "reasonable" basis to conclude that at least one party is linked to a terrorist organization. To make any reasonable determination like that, the agency needs hundreds of thousands, or even millions, of call records, preferably as soon as they are created, said a senior person in the defense industry who is familiar with the NSA program and is an expert in the analytical tools used to find patterns and connections. Asked if this means that the NSA program is much broader and less targeted than administration officials have described, the expert replied, "I think that's correct."
In theory, finding reasonable connections in data is a straightforward and largely automated process. Analysts use computer programs based on algorithms -- mathematical procedures for solving a particular problem -- much the same way that meteorologists use data models to forecast the weather. Counter-terrorism algorithms look for the transactional indicators that match what analysts recognize as signs of a plot.
Of course, those algorithms must be sophisticated enough to spot many not-so-obvious patterns in a mass of data that are mostly uninteresting, and they work best when the data come from many sources. Algorithms have proven useful for detecting frequent criminal activity, such as credit card fraud. "Historical data clearly indicate that if a credit card turns up in two cities on two continents on the same day, that's a useful pattern," says Jeff Jonas, a computer scientist who invented a technology to connect known scam artists who are on casinos' watch lists with new potential grifters, and is now the chief scientist of IBM Entity Analytics. "The challenge of predicting terrorism is that unlike fraud, we don't have the same volume of historical data to learn from," Jonas said. "Compounding this is the fact that terrorists are constantly changing their methods and do their best to avoid leaving any digital footprints in the first place."
The obvious solution would be to write an algorithm that is flexible and fast enough to weigh millions of pieces of evidence, including exculpatory ones, against each other. But according to technology experts, and even the NSA's own stated research accomplishments, that technology has not been perfected.
The Bleeding Edge
The NSA began soon after the 9/11 terrorist attacks to collect transactional data from telecommunications companies. Several telecom executives said in press accounts that their companies gave the NSA access to their switches, the terminals that handle most of the country's electronic traffic. One executive told National Journal that NSA officials urged him to hand over his company's call logs. When he resisted, the officials implied that most of his competitors had acceded to the agency's request.
Not long after the surveillance program started, in October 2001, the NSA began looking for new tools to mine the telecom data. The agency, the industry expert said, considered some that the Defense Department's Total Information Awareness program was developing. TIA was an ambitious and controversial experiment to find patterns of terrorist activity in a much broader range of transactions than just telephone data. But NSA officials rejected the TIA tools because they were "too brittle," the expert said, meaning that they failed to manage the torrent of data that the NSA wanted to analyze. He noted the irony of rejecting the TIA technologies -- which privacy advocates had characterized as huge, all-seeing, digital dragnets -- because they couldn't handle the size of the NSA's load.
In the fall of 2002, a federal research-and-development agency that builds technologies primarily for the NSA launched another search for pattern-detection solutions. The Advanced Research and Development Activity, ARDA, issued $64 million in contracts for the Novel Intelligence for Massive Data, or NIMD, program. Its goal was "to help analysts deal with information overload, detect early indicators of strategic surprise, and avoid analytic errors," according to ARDA's public call for proposals released last year. In essence, NIMD is an early-warning system, which is how the administration has described the terrorist surveillance program. In 2003, ARDA also took over research of the tools being developed under TIA.
While the NSA was searching for the next generation of data-sifters, it continued to rely on less sophisticated tools. For an example, the former government official who spoke to NJ cited applications that organize data into broad categories, allowing analysts to see some relationships but obscuring some of the nuance in the underlying information. The results of this kind of category analysis can be displayed on a graph. But the graph might reveal only how many times a particular word appears in a conversation, not necessarily the significance of the word or how it relates to other words. Technologists sarcastically call these diagrams BAGs -- big-ass graphs.
Such was the state of affairs when the NSA started looking for terrorist patterns in a telephonic ocean. So, instead of looking for a tool that could cull through the data, the agency decided to "reverse" the process, starting with the data set and working backward, looking for algorithms that could work with it.
The NSA has made some breakthroughs, the industry expert said, but its solution relies in part on a technological "trick," which he wouldn't disclose. Another data-mining expert, who also asked not to be identified because the NSA's work is classified, said that computer engineers probably started with the telecom companies' call data, looked for patterns, and then wrote algorithms to detect them as they went along, tweaking the algorithms as needed.
Such an ad hoc approach is brittle in its own right. For starters, if analysts are working with algorithms designed to detect only certain patterns, they could be missing others, the technology expert said. At the same time, the more dependent the algorithms are on identifying very specific patterns of behavior, the more vulnerable the NSA's monitoring is to being foiled if terrorists discover what the agency is watching for, or if they change their behavior. A more complex algorithm that considers thousands, or even millions, of patterns is harder to defeat.
The industry expert added that NSA officials have worried that "if you knew what the technical trick was they were doing [to make the surveillance program function], you wouldn't have to know what specific algorithms" the agency was using. This reliance on a "trick" makes the program very vulnerable to defeat and helps explain why the Bush administration is so keen on cloaking its inner workings."
It's pretty bleeding-edge," the expert said, referring to a technology that's unperfected and therefore prone to instability. "We're talking about dumping hundreds of thousands or millions of records" into a system. In an unsophisticated system, connections among people can emerge that look suspicious but are actually meaningless. A book agent who represents a journalist who once interviewed Osama bin Laden, for example, doesn't herself necessarily know bin Laden. But she might turn up in an NSA search of transactional data. "False positives will happen," the expert said.
Gonzales and former NSA Director Michael V. Hayden have said that career agency employees decide to eavesdrop only if they have a "reasonable" basis to believe one party to a communication is a terrorist or connected to a terrorist organization. But what determines reasonableness? In a January speech at the National Press Club, Hayden drew a distinction between the Fourth Amendment's requirement that "no warrants shall issue, but upon probable cause," and its protection against "unreasonable searches and seizures."
When a journalist in the crowd questioned his logic, Hayden heatedly replied, "If there's any amendment to the Constitution that employees of the National Security Agency are familiar with, it's the Fourth. And it is a reasonableness standard in the Fourth Amendment.... I am convinced that we are lawful, because what it is we're doing [intercepting content] is reasonable." He said that the terrorist attacks fundamentally altered the NSA's thinking. "The standard of what [information] was relevant and valuable, and therefore, what was reasonable, would understandably change, I think, as smoke billowed from two American cities and a Pennsylvania farm field. And we acted accordingly."
Aside from the question of whether NSA employees, rather than federal judges, are qualified to determine what constitutes a reasonable search, that determination provides much of the basis for deciding whose communications will be intercepted without a warrant. If the technology the NSA is using to determine what constitutes a reasonable search is unsophisticated, the industry expert said, "you're talking about tapping a phone based on a statistical correlation."
A New Legal Battle?
Gonzales's narrowly tailored letter to Sen. Specter raised more questions than it answered. Democrats were outraged by what they saw as the attorney general's attempt to alter his testimony and to obstruct senators' attempts to fully assess the program's legal basis. "Much of your letter is devoted to not providing answers to the questions of a number of us regarding legal justifications for activities beyond those narrowly conceded by you to have already been confirmed by the president," Sen. Patrick Leahy of Vermont, the Judiciary Committee's ranking Democrat, wrote to the attorney general in a follow-up letter.
Leahy also raised the question of what else Gonzales hadn't told lawmakers. The attorney general's letter contained "disturbing suggestions ... that there are other secret programs," Leahy wrote. In Gonzales's letter to Specter, the attorney general had referred to "other intelligence activities" and to his inability to discuss them; he left open the possibility that the president may not have authorized these activities. Gonzales wrote, "When I testified in response to questions from Sen. Leahy, 'Sir, I have tried to outline ... what the president has authorized, and that is all that he has authorized,' I was confining my remarks to the Terrorist Surveillance Program as described by the president."
Gonzales's testimony was meant to defend the program's legality. But as more about the NSA's operations become known, new legal questions arise, including one that goes to the heart of how officials reasonably identify suspected terrorists.
Under normal criminal law, content is defined as "any information concerning the substance, purport, or meaning of [a] communication," but the definition of content under the law that governs electronic eavesdropping on U.S. persons for intelligence purposes is different and is potentially in conflict with normal jurisprudence. That law, the Foreign Intelligence Surveillance Act, states that content "includes any information concerning the identity of the parties ... or the existence, substance, purport, or meaning of [their] communication."
A phone number can be used to identify a person, said Dempsey of the Center for Democracy and Technology, who for nine years was assistant counsel to the House Judiciary Subcommittee on Civil and Constitutional Rights. Does that mean that a phone number is "content" under the law? FISA, enacted in 1978, didn't envision today's technology, when anyone with an Internet connection can use a phone number to find someone's name, address, and even an aerial photograph of his house, Dempsey said.
"I just cannot read [FISA] and figure out what it means in the context of analysis of [transactional] data," he added. "Presumably somebody in the administration thinks they understand it.... Whether that's providing any clear guidance" to the people working on the NSA program, "that's not clear."
Friday, March 17, 2006
The National Security Agency's warantless surveillance program is broader than officials have described.
The Bush administration has assiduously avoided any talk about the actual workings of its program to intercept the phone calls and e-mails of people in the United States who are suspected of having links to terrorists abroad. Officials' unwavering script goes like this: Present the legal justifications for the president to authorize domestic electronic surveillance without warrants, but say nothing about how the National Security Agency actually does it -- or about what else the agency might be doing.
But when Attorney General Alberto Gonzales appeared before the Senate Judiciary Committee on February 6 to answer questions about the program, what he didn't say pulled back the curtain on how the NSA decides which calls and e-mails to monitor. The agency bases those decisions on a broad and less focused surveillance than officials have publicly described, a surveillance that may, or may not, be legal.
In a hearing that lasted more than eight hours, Gonzales, who didn't testify under oath, dutifully batted away senators' inquiries about "operational details" and stayed silent, under determined questioning by some Democrats, about other warrantless programs that the president might have secretly authorized. When the hearing finally ended, so did Gonzales's comments on the program.
Until 22 days later. On February 28, Gonzales sent committee Chairman Arlen Specter, R-Pa., a six-page letter, partly to respond to questions he was unprepared to answer at the hearing, but also "to clarify certain of my responses" in the earlier testimony. In the letter, Gonzales took pains to correct any "misimpressions" that he might have created about whether the Justice Department had assessed the legality of intercepting purely domestic communications, for example, as opposed to those covered by the NSA program, in which one party is outside the United States. The attorney general didn't say that Justice had contemplated the legality of purely domestic eavesdropping without a warrant, but he also didn't say it hadn't.
Gonzales's letter was intriguing for what else it didn't say, especially on one point: With exacting language, he narrowed the scope of his comments to address only "questions relating to the specific NSA activities that have been publicly confirmed by the president." Then, as if to avoid any confusion, Gonzales added, "Those activities involve the interception by the NSA of the contents of communications" involving suspected terrorists and people in the United States.
Slightly, and with a single word, Gonzales was tipping his hand. The content of electronic communications is usually considered to be the spoken words of a phone call or the written words in an electronic message. The term does not include the wealth of so-called transactional data that accompany every communication: a phone number, and what calls were placed to and from that number; the time a call was placed; whether the call was answered and how long it lasted, down to the second; the time and date that an e-mail message was sent, as well as its unique address and routing path, which reveals the location of the computer that sent it and, presumably, the author.
Considering that terrorists often talk and write in code, the transactional data of a communication, properly exploited, could yield more valuable intelligence than the content itself. "You will get a very full picture of a person's associations and their patterns of activity," said Jim Dempsey, the policy director of the Center for Democracy and Technology, an electronic-privacy advocacy group. "You'll know who they're talking to, when they're talking, how long, how frequently.... It's a lot [of information]. I mean, a lot."
According to sources who are familiar with the details of what the White House calls the "terrorist surveillance program," and who asked to remain anonymous because the program is still classified, analyzing transactional data is one of the first and most important steps the agency takes in deciding which phone calls to listen to and which electronic messages to read. Far from the limited or targeted surveillance that Gonzales, President Bush, and intelligence officials have described, this traffic analysis examines thousands, perhaps hundreds of thousands, of individuals, because nearly every phone number and nearly every e-mail address is connected to a person.
Patterns in the Sea
Analysis of telephone traffic patterns helps analysts and investigators spot relationships among people that aren't always obvious. For instance, imagine that a man in Portland, Ore., receives a call from someone at a pay phone in Brooklyn, N.Y., every Tuesday at 9 a.m. Also every Tuesday, but minutes earlier, the pay phone caller rings up a man in Miami. An investigator might look at that pattern and suspect that the men in Portland and Miami are communicating through the Brooklyn caller, who's acting as a kind of courier, to mask their relationship. Patterns like this have led criminal investigators into the inner workings of drug cartels and have proved vital in breaking these cartels up.
Terrorists employ similar masking techniques. They use go-betweens to circuitously route calls, and they change cellphones often to avoid detection. Transactional data, however, capture those behaviors. If NSA analysts -- or their computers -- can find these patterns or signatures, then they might find the terrorists, or at least know which ones they should monitor.
Just after 9/11, according to knowledgeable sources, the NSA began intercepting the communications of specific foreign persons and groups named on a list. The sources didn't specify whether persons inside the United States were monitored as part of that list. But a former government official who is knowledgeable about NSA activities and the warrantless surveillance program said that this original list of people and groups, or others like it, could have formed the base of the NSA's surveillance of transactional data, the parts of a communication that aren't considered content.
If the agency started with a list of phone numbers, it could find all the numbers dialed from those phones. The NSA could then learn what numbers were called from that second list of numbers, and what calls that list received, and so on, "pushing out" the lists until the agency had identified a vast network of callers and their transactional data, the former official said. The agency might eavesdrop on only a few conversations or e-mails. But starting with even an initial target list of, say, 10 phone numbers quickly yields a web of hundreds of thousands of communications, because the volume increases exponentially with every new layer of callers.
To find meaningful patterns in transactional data, analysts need a lot of it. They must set baselines about what constitutes "normal" behavior versus "suspicious" activity. Administration officials have said that the NSA doesn't intercept the contents of a communication unless officials have a "reasonable" basis to conclude that at least one party is linked to a terrorist organization. To make any reasonable determination like that, the agency needs hundreds of thousands, or even millions, of call records, preferably as soon as they are created, said a senior person in the defense industry who is familiar with the NSA program and is an expert in the analytical tools used to find patterns and connections. Asked if this means that the NSA program is much broader and less targeted than administration officials have described, the expert replied, "I think that's correct."
In theory, finding reasonable connections in data is a straightforward and largely automated process. Analysts use computer programs based on algorithms -- mathematical procedures for solving a particular problem -- much the same way that meteorologists use data models to forecast the weather. Counter-terrorism algorithms look for the transactional indicators that match what analysts recognize as signs of a plot.
Of course, those algorithms must be sophisticated enough to spot many not-so-obvious patterns in a mass of data that are mostly uninteresting, and they work best when the data come from many sources. Algorithms have proven useful for detecting frequent criminal activity, such as credit card fraud. "Historical data clearly indicate that if a credit card turns up in two cities on two continents on the same day, that's a useful pattern," says Jeff Jonas, a computer scientist who invented a technology to connect known scam artists who are on casinos' watch lists with new potential grifters, and is now the chief scientist of IBM Entity Analytics. "The challenge of predicting terrorism is that unlike fraud, we don't have the same volume of historical data to learn from," Jonas said. "Compounding this is the fact that terrorists are constantly changing their methods and do their best to avoid leaving any digital footprints in the first place."
The obvious solution would be to write an algorithm that is flexible and fast enough to weigh millions of pieces of evidence, including exculpatory ones, against each other. But according to technology experts, and even the NSA's own stated research accomplishments, that technology has not been perfected.
The Bleeding Edge
The NSA began soon after the 9/11 terrorist attacks to collect transactional data from telecommunications companies. Several telecom executives said in press accounts that their companies gave the NSA access to their switches, the terminals that handle most of the country's electronic traffic. One executive told National Journal that NSA officials urged him to hand over his company's call logs. When he resisted, the officials implied that most of his competitors had acceded to the agency's request.
Not long after the surveillance program started, in October 2001, the NSA began looking for new tools to mine the telecom data. The agency, the industry expert said, considered some that the Defense Department's Total Information Awareness program was developing. TIA was an ambitious and controversial experiment to find patterns of terrorist activity in a much broader range of transactions than just telephone data. But NSA officials rejected the TIA tools because they were "too brittle," the expert said, meaning that they failed to manage the torrent of data that the NSA wanted to analyze. He noted the irony of rejecting the TIA technologies -- which privacy advocates had characterized as huge, all-seeing, digital dragnets -- because they couldn't handle the size of the NSA's load.
In the fall of 2002, a federal research-and-development agency that builds technologies primarily for the NSA launched another search for pattern-detection solutions. The Advanced Research and Development Activity, ARDA, issued $64 million in contracts for the Novel Intelligence for Massive Data, or NIMD, program. Its goal was "to help analysts deal with information overload, detect early indicators of strategic surprise, and avoid analytic errors," according to ARDA's public call for proposals released last year. In essence, NIMD is an early-warning system, which is how the administration has described the terrorist surveillance program. In 2003, ARDA also took over research of the tools being developed under TIA.
While the NSA was searching for the next generation of data-sifters, it continued to rely on less sophisticated tools. For an example, the former government official who spoke to NJ cited applications that organize data into broad categories, allowing analysts to see some relationships but obscuring some of the nuance in the underlying information. The results of this kind of category analysis can be displayed on a graph. But the graph might reveal only how many times a particular word appears in a conversation, not necessarily the significance of the word or how it relates to other words. Technologists sarcastically call these diagrams BAGs -- big-ass graphs.
Such was the state of affairs when the NSA started looking for terrorist patterns in a telephonic ocean. So, instead of looking for a tool that could cull through the data, the agency decided to "reverse" the process, starting with the data set and working backward, looking for algorithms that could work with it.
The NSA has made some breakthroughs, the industry expert said, but its solution relies in part on a technological "trick," which he wouldn't disclose. Another data-mining expert, who also asked not to be identified because the NSA's work is classified, said that computer engineers probably started with the telecom companies' call data, looked for patterns, and then wrote algorithms to detect them as they went along, tweaking the algorithms as needed.
Such an ad hoc approach is brittle in its own right. For starters, if analysts are working with algorithms designed to detect only certain patterns, they could be missing others, the technology expert said. At the same time, the more dependent the algorithms are on identifying very specific patterns of behavior, the more vulnerable the NSA's monitoring is to being foiled if terrorists discover what the agency is watching for, or if they change their behavior. A more complex algorithm that considers thousands, or even millions, of patterns is harder to defeat.
The industry expert added that NSA officials have worried that "if you knew what the technical trick was they were doing [to make the surveillance program function], you wouldn't have to know what specific algorithms" the agency was using. This reliance on a "trick" makes the program very vulnerable to defeat and helps explain why the Bush administration is so keen on cloaking its inner workings."
It's pretty bleeding-edge," the expert said, referring to a technology that's unperfected and therefore prone to instability. "We're talking about dumping hundreds of thousands or millions of records" into a system. In an unsophisticated system, connections among people can emerge that look suspicious but are actually meaningless. A book agent who represents a journalist who once interviewed Osama bin Laden, for example, doesn't herself necessarily know bin Laden. But she might turn up in an NSA search of transactional data. "False positives will happen," the expert said.
Gonzales and former NSA Director Michael V. Hayden have said that career agency employees decide to eavesdrop only if they have a "reasonable" basis to believe one party to a communication is a terrorist or connected to a terrorist organization. But what determines reasonableness? In a January speech at the National Press Club, Hayden drew a distinction between the Fourth Amendment's requirement that "no warrants shall issue, but upon probable cause," and its protection against "unreasonable searches and seizures."
When a journalist in the crowd questioned his logic, Hayden heatedly replied, "If there's any amendment to the Constitution that employees of the National Security Agency are familiar with, it's the Fourth. And it is a reasonableness standard in the Fourth Amendment.... I am convinced that we are lawful, because what it is we're doing [intercepting content] is reasonable." He said that the terrorist attacks fundamentally altered the NSA's thinking. "The standard of what [information] was relevant and valuable, and therefore, what was reasonable, would understandably change, I think, as smoke billowed from two American cities and a Pennsylvania farm field. And we acted accordingly."
Aside from the question of whether NSA employees, rather than federal judges, are qualified to determine what constitutes a reasonable search, that determination provides much of the basis for deciding whose communications will be intercepted without a warrant. If the technology the NSA is using to determine what constitutes a reasonable search is unsophisticated, the industry expert said, "you're talking about tapping a phone based on a statistical correlation."
A New Legal Battle?
Gonzales's narrowly tailored letter to Sen. Specter raised more questions than it answered. Democrats were outraged by what they saw as the attorney general's attempt to alter his testimony and to obstruct senators' attempts to fully assess the program's legal basis. "Much of your letter is devoted to not providing answers to the questions of a number of us regarding legal justifications for activities beyond those narrowly conceded by you to have already been confirmed by the president," Sen. Patrick Leahy of Vermont, the Judiciary Committee's ranking Democrat, wrote to the attorney general in a follow-up letter.
Leahy also raised the question of what else Gonzales hadn't told lawmakers. The attorney general's letter contained "disturbing suggestions ... that there are other secret programs," Leahy wrote. In Gonzales's letter to Specter, the attorney general had referred to "other intelligence activities" and to his inability to discuss them; he left open the possibility that the president may not have authorized these activities. Gonzales wrote, "When I testified in response to questions from Sen. Leahy, 'Sir, I have tried to outline ... what the president has authorized, and that is all that he has authorized,' I was confining my remarks to the Terrorist Surveillance Program as described by the president."
Gonzales's testimony was meant to defend the program's legality. But as more about the NSA's operations become known, new legal questions arise, including one that goes to the heart of how officials reasonably identify suspected terrorists.
Under normal criminal law, content is defined as "any information concerning the substance, purport, or meaning of [a] communication," but the definition of content under the law that governs electronic eavesdropping on U.S. persons for intelligence purposes is different and is potentially in conflict with normal jurisprudence. That law, the Foreign Intelligence Surveillance Act, states that content "includes any information concerning the identity of the parties ... or the existence, substance, purport, or meaning of [their] communication."
A phone number can be used to identify a person, said Dempsey of the Center for Democracy and Technology, who for nine years was assistant counsel to the House Judiciary Subcommittee on Civil and Constitutional Rights. Does that mean that a phone number is "content" under the law? FISA, enacted in 1978, didn't envision today's technology, when anyone with an Internet connection can use a phone number to find someone's name, address, and even an aerial photograph of his house, Dempsey said.
"I just cannot read [FISA] and figure out what it means in the context of analysis of [transactional] data," he added. "Presumably somebody in the administration thinks they understand it.... Whether that's providing any clear guidance" to the people working on the NSA program, "that's not clear."
Labels: Intelligence, Law, National Security Agency, Technology, Terrorism
Full Article
The Private Spy Among Us
Thursday, November 10, 2005
To help the government track suspected terrorists and spies who may be visiting or residing in this country, the FBI and the Defense Department for the past three years have been paying a Georgia-based company for access to its vast databases that contain billions of personal records about nearly every person -- citizens and noncitizens alike -- in the United States.
According to federal documents obtained by National Journal and Government Executive, among the services that ChoicePoint provides to the government is access to a previously undisclosed, and vaguely described, "exclusive" data-searching system. This system in effect gives law enforcement and intelligence agents the ability to use the private data broker to do something that they legally can't -- keep tabs on nearly every American citizen and foreigner in the United States.
ChoicePoint is famous for being the largest and most sophisticated aggregator of public records on U.S. citizens and residents. The company has built an enormous electronic cache of more than 19 billion records -- all of which are legally obtained -- that it mines to locate criminals and suspects, their family members and known associates, and their hidden financial assets.
Most of ChoicePoint's customers are other companies -- insurance providers trying to spot potential scam artists applying for policies, for instance. But the company's work for the government is significant and growing. Using its DNA analysis lab, ChoicePoint helped identify victims of the September 11 attacks. And the following year, the company helped locate the Washington-area snipers by leading investigators to the blue Chevrolet Caprice that the two killers used in their spree. (ChoicePoint compiles hundreds of millions of motor vehicle registrations.)
Although it has generally been known that the FBI and intelligence agencies use ChoicePoint's people-tracking skills, federal and company officials have refused to discuss the particulars of their arrangements. ChoicePoint declined a request for an interview about its work for the FBI and the Defense Department. But a set of contract documents, obtained under the Freedom of Information Act, and which the government sought to withhold for almost two years, reveals details not previously reported about ChoicePoint's work for the FBI's Foreign Terrorist Tracking Task Force, called FTTTF or "F tre F." This task force was set up soon after the 9/11 attacks to assist law enforcement and intelligence agencies in locating foreign terrorists and their supporters in the United States. Because the task force can't maintain records on U.S. persons without opening an official investigation, it relies on ChoicePoint to augment the intelligence that the government collects through legal channels.
The documents show that ChoicePoint has provided
Thursday, November 10, 2005
To help the government track suspected terrorists and spies who may be visiting or residing in this country, the FBI and the Defense Department for the past three years have been paying a Georgia-based company for access to its vast databases that contain billions of personal records about nearly every person -- citizens and noncitizens alike -- in the United States.
According to federal documents obtained by National Journal and Government Executive, among the services that ChoicePoint provides to the government is access to a previously undisclosed, and vaguely described, "exclusive" data-searching system. This system in effect gives law enforcement and intelligence agents the ability to use the private data broker to do something that they legally can't -- keep tabs on nearly every American citizen and foreigner in the United States.
ChoicePoint is famous for being the largest and most sophisticated aggregator of public records on U.S. citizens and residents. The company has built an enormous electronic cache of more than 19 billion records -- all of which are legally obtained -- that it mines to locate criminals and suspects, their family members and known associates, and their hidden financial assets.
Most of ChoicePoint's customers are other companies -- insurance providers trying to spot potential scam artists applying for policies, for instance. But the company's work for the government is significant and growing. Using its DNA analysis lab, ChoicePoint helped identify victims of the September 11 attacks. And the following year, the company helped locate the Washington-area snipers by leading investigators to the blue Chevrolet Caprice that the two killers used in their spree. (ChoicePoint compiles hundreds of millions of motor vehicle registrations.)
Although it has generally been known that the FBI and intelligence agencies use ChoicePoint's people-tracking skills, federal and company officials have refused to discuss the particulars of their arrangements. ChoicePoint declined a request for an interview about its work for the FBI and the Defense Department. But a set of contract documents, obtained under the Freedom of Information Act, and which the government sought to withhold for almost two years, reveals details not previously reported about ChoicePoint's work for the FBI's Foreign Terrorist Tracking Task Force, called FTTTF or "F tre F." This task force was set up soon after the 9/11 attacks to assist law enforcement and intelligence agencies in locating foreign terrorists and their supporters in the United States. Because the task force can't maintain records on U.S. persons without opening an official investigation, it relies on ChoicePoint to augment the intelligence that the government collects through legal channels.
The documents show that ChoicePoint has provided