Wednesday, August 15, 2018

The Uncovering – Mike Rogers’ Investigation, Section 702 FISA Abuse & the FBI April 5, 2018 by Jeff Carlson, CFA

John Carlin was an Assistant Attorney General – and Head of the Department of Justice’s National Security Division (NSD).
On September 27, 2016, Carlin announced his resignation. He formally left the NSD on October 15, 2016. Carlin had been named Acting Assistant Attorney General in March 2013 and was confirmed in the spring of 2014.
Carlin had previously served as chief of staff to then-FBI Director Robert S. Mueller.
Carlin was replaced with Mary McCord – who would later accompany Acting Attorney General Sally Yates to see White House Counsel Don McGahn regarding General Michael Flynn.
Carlin announced his resignation exactly one day after he filed the Government’s proposed 2016 Section 702 certifications. His signature can be found on page 31.
Section 702 is part of the broader FISA Act and permits the government to target for surveillance foreign persons located outside the United States for the purpose of acquiring foreign intelligence information.
Instead of issuing individual court orders, Section 702 requires the Attorney General and the Director of National Intelligence (DNI) to provide the Foreign Intelligence Surveillance Court (FISC) with annual certifications that specify categories of foreign intelligence information the government is authorized to acquire pursuant to Section 702.
The Attorney General and the Director of National Intelligence must also certify that Intelligence Community elements will follow targeting procedures and minimization procedures that are approved by the FISC as part of the annual certification.
The National Security Division and Office of the Director of National Intelligence (ODNI) are jointly required to routinely review all Intelligence Agency U.S. person queries of content to ensure the Section 702 queries satisfy the legal standard.
The NSD – with notice to the ODNI – is required to report any incidents of Agency noncompliance or misconduct to the FISA Court.
For a more complete discussion see, FISA Surveillance – Title I & III and Section 702.
At the time Carlin’s sudden resignation went mostly unnoticed.
But there was more to the story.
Here is the official explanation as provided by the Office of the Director of National Intelligence:
After submitting its 2016 Certifications in September 2016, the Department of Justice and ODNI learned, in October 2016, about additional information related to previously reported compliance incidents and reported that additional information to the FISC. The NSA also self-reported the information to oversight bodies, as required by law. These compliance incidents related to the NSA’s inadvertent use of U.S. person identifiers to query NSA’s “upstream” Internet collection acquired pursuant to Section 702.
The FISA Court was more direct in a 99-page April 26, 2017 unsealed FISA Court Ruling.
On October 24, 2016, the government orally apprised the Court of significant non-compliance with the NSA’s minimization procedures involving queries of data acquired under Section 702 using U.S. person identifiers. The full scope of non-compliant querying practices had not been previously disclosed to the Court. Two days later, on the day the Court otherwise would have had to complete its review of the certifications and procedures, the government made a written submission regarding those compliance problems…and the Court held a hearing to address them.
The government reported that it was working to ascertain the cause(s) of those compliance problems and develop a remedial plan to address them. Without further information about the compliance problems and the government’s remedial efforts, the Court was not in a position to assess whether the minimization procedures would comply with the statutory standards and were consistent with the requirements of the Fourth Amendment.
But that still doesn’t begin to describe the breadth and scope of what occurred.
It wasn’t the Obama Administration that self-disclosed before the FISA Court on October 24 and 26, 2016.
It was National Security Agency Director Admiral Mike Rogers. And he deserves a medal for his efforts.
Here’s what actually happened:
On January 7, 2016, the NSA Inspector General, George Ellard, released a report on NSA Controls & FISA compliance. Starting on page ii:
Agency controls for monitoring query compliance have not been completely developed.
The Agency has no process to reliably identify queries performed using selectors associated with 704 and 705(b) targets.
The rest of the highlights are fully redacted. But more information lay within the report (pages 6-7):
We identified another [redacted] queries that were performed outside the targeting authorization periods in E.O. 12333 data, which is prohibited by the E.O. 12333 minimization procedures. We also identified queries performed using USP selectors in FAA §702 upstream data, which is prohibited by the FAA §702 minimization procedures.
Downstream collection involves the government acquiring data from the companies providing service to the user – like Google or Facebook.
However, some Section 702 collection is obtained via “upstream” collection.
In simple parlance, upstream collection means the NSA accesses the high capacity fiber optic cables that carry Internet traffic and copies all the data flowing through those cables.
The agency is then supposed to filter out any “wholly domestic” communications that are between Americans located in the U.S.
Data collected “incidentally” on U.S. Citizens is generally not destroyed. It is minimized. As we will see later, this became a problem.
Intelligence Agencies can then search the data using “To”, “From” or “About” queries on a target of Section 702 collection.
“About” queries are particularly worrisome.
They occur when the target is neither the sender nor the recipient of the collected communication – but the target’s selector, such as an email address, is being passed between two other communicants.
“About” queries were abruptly halted by NSA Director Mike Rogers on October 20, 2016. This was formally announced by the NSA on April 28, 2017.
The events leading to this decision are described in this post.
Which brings us to a table from the Inspector General’s Report.
Table 3 (page 7) shows four types of violations. The most frequent violation – 5.2% of the total – came from Section 702 upstream “About” queries.

The Inspector General’s Report is heavily redacted – but even a casual reading indicates there were significant compliance and control issues within the NSA regarding the use of Section 702 data.
It’s unclear if NSA Director Rogers discovered the 702 violations and reported them in early 2015, or if it was the Inspector General who found them. Either way, Rogers became aware of Section 702 violations sometime in 2015.
Following NSA Inspector General Ellard’s report, Rogers implemented a tightening of internal rules at the NSA.
However, the NSA Inspector General’s report and Roger’s tightening of internal rules did not halt the Query Compliance Problems.
Outside Agencies – specifically the DOJ’s National Security Division and the FBI’s Counterintelligence Division – were still routinely violating Section 702 procedures.
In 2015, DOJ Inspector General Michael Horowitz (not to be confused with NSA IG Ellard) specifically requested oversight of the National Security Division. Deputy Attorney General Sally Yates responded with a 58 page Memorandum, that effectively told the Inspector General to go pound sand.
As noted earlier, John Carlin was the Head of the DOJ’s National Security Division and was responsible for filing the Government’s proposed 2016 Section 702 certifications.
This filing would be subject to intense criticism from the FISA Court following disclosures made by NSA Director Rogers. Significant changes to the handling of raw FISA data would result.
Bill Priestap remains the Head of the FBI’s Counterintelligence Division – appointed by FBI Director Comey in December 2015. See: FBI Counterintelligence Head Bill Priestap – A Cooperating Witness.
Here is a summary of events taken from the FISA Court Ruling and Senate Testimony.
In March of 2016, NSA Director Rogers became aware of improper access to raw FISA data (Page 83 of Court Ruling).
In April of 2016, Rogers directed the NSA’s Office of Compliance to conduct a “fundamental baseline review of compliance associated with 702” (Senate testimony & Page 83-84 of Court Ruling).
On April 18, 2016, Rogers shut down all outside contractor access to raw FISA information – specifically outside contractors working for the FBI. The discovery that outside contractors were accessing raw FISA data is probably the event that precipitated Rogers ordering a full compliance review (Page 84 of Court Ruling).
On April 18, 2016, both the FBI and DOJ’s NSD become aware of Rogers’ compliance review. They may have known earlier but they were certainly aware after outside contractor access was halted.
On September 26, 2016, National Security Division Head John Carlin filed the Government’s proposed 2016 Section 702 certifications. Carlin knew the general status of Rogers’ compliance review. The NSD was part of the review.
On September 27, 2016, Carlin announced his resignation effective on October 15, 2016.
On October 4, 2016, a standard follow-up hearing on the 2016 Section 702 Certification was held. Carlin was present at the hearing.
On October 15, 2016, Carlin formally left the NSD.
On October 20 2016, Rogers was briefed by the NSA compliance officer on findings from the 702 NSA compliance audit. The audit had uncovered numerous “About” Query violations (Senate testimony).
On October 21, 2016, Rogers shut down all “About Query” activity. He reported his findings to the DOJ (Senate testimony & inferences from Court Ruling).
On October 21 2016, the DOJ & FBI seek and receive a Title I FISA probable cause order authorizing electronic surveillance on Carter Page from the FISA Court. At this point, the FISA Court is unaware of the Section 702 violations.
On October 24, 2016, Rogers verbally informed the FISA Court of his findings (Page 4 of Court Ruling).
On October 26, 2016, Rogers appeared formally before the FISA Court and presented the findings of his audit (Page 4, 14 & 19 of Court Ruling & Senate testimony).
On November 17, 2016, Rogers traveled to meet President-Elect Trump in Trump Tower, New York. Director Rogers did not inform his boss – Director of National Intelligence, James Clapper.
On November 17, 2016, the Trump Transition Team announced they were moving all transition activity to Trump National Golf Club in Bedminster, New Jersey.
On November 19, 2016, the Washington Post reported the following:
The heads of the Pentagon and the nation’s intelligence community have recommended to President Obama that the director of the National Security Agency, Adm. Michael S. Rogers, be removed.
The recommendation, delivered to the White House last month, was made by Defense Secretary Ashton B. Carter and Director of National Intelligence James R. Clapper.
The story was reported on November 19, 2016, meaning the move to fire Rogers – which failed – originated sometime in mid-October 2016. Exactly when Director Rogers was preparing to present his findings to the FISA Court.
The April 26, 2017 unsealed FISA Court Ruling, combined with a June 7, 2017 Senate Intelligence Committee Hearing on FISA Legislation, reveal more fully what occurred.
On October 24, 2016, the government orally apprised the Court of significant non-compliance with the NSA’s minimization procedures involving queries of data acquired under Section 702 using U.S. person identifiers. The full scope of non-compliant querying practices had not been previously disclosed to the Court. Two days later, on the day the Court otherwise would have had to complete its review of the certifications and procedures, the government made a written submission regarding those compliance problems…and the Court held a hearing to address them.
Director Rogers verbally informed the FISA Court on October 24, 2016 of the findings from his compliance audit.
He formally notified the FISA Court in writing on October 26, 2016. Rogers’ Senate testimony provides proof of this.
“The full scope of non-compliant querying practices had not been previously disclosed to the Court…”
As noted by the Court above – and more fully on page 14 (below) – the National Security Division specifically hid the findings of the January 7, 2016 Inspector General Report – along with knowledge of other violations – from the FISA Court.
Note the timing contained in the FISA Court’s Statement:
On October 24, 2016, the government orally apprised the Court of significant non-compliance…Two days later, on the day the Court otherwise would have had to complete its review of the certifications and procedures…
Carlin submitted the Government’s proposed 2016 Section 702 certifications on September 26, 2016. Carlin submitted his resignation the following day.
On October 4, 2016, a standard follow-up hearing was held (see below – re: page 19). Carlin was present at this hearing. He left the NSD on October 15, 2016.
The FISA Court was scheduled to formalize the 2016 Section 702 Certification on October 26, 2016.
Director Rogers did not receive the initial compliance findings until October 20, 2016.
The government knew Rogers was conducting his own compliance review. Rogers knew the government was finalizing its 2016 Certification.
The government was attempting to obtain Court Certification before Rogers could present his findings. The government was aware its 2016 Certification lacked material and legally required disclosure. The Court would specifically note this in their ruling (more later).
Meanwhile, Director of National Intelligence James Clapper submitted a recommendation that Director Rogers be removed as NSA Head sometime in October 2016.
Recall from earlier:
The Attorney General and the Director of National Intelligence are required to provide the FISA Court with annual certifications that Intelligence Community elements will follow targeting procedures and minimization procedures approved by the Court.
The NSD and Office of the Director of National Intelligence are required to review the Intelligence Agencies’ U.S. person queries to ensure legal compliance.
Any Section 702 violations must be immediately reported to the FISA Court.
Rogers was forced to verbally notify the FISA Court on October 24, 2016 – before he had finalized his written notification – specifically to halt the FISA Court’s pending Certification on October 26, 2016.
On October 26, 2016, Rogers submitted his written notification to the FISA Court on exactly the same day the FISA Court was scheduled to complete its review:
The government reported that it was working to ascertain the cause(s) of those compliance problems and develop a remedial plan to address them. Without further information about the compliance problems and the government’s remedial efforts, the Court was not in a position to assess whether the minimization procedures would comply with the statutory standards and were consistent with the requirements of the Fourth Amendment.
The process of review – which entailed significant Section 702  procedural changes – would prove lengthy. The FISA Court would not sign off on the 2016 Section 702 Certifications until April 26, 2017.
The October 26, 2016 Notice disclosed that an NSA Inspector General (IG) review and report and NSA Office of Compliance for Operations (OCO) verification activitiesindicated that, with greater frequency than previously disclosed to the Court, NSA analysts had used U.S.-person identifiers to query the results of Internet “upstream” collection, even though NSA’s Section 702 minimization procedures prohibited such queries.
Again, the October 26, 2016 Notice is Director Rogers’ formal written presentation of his findings to the FISA Court.
The DOJ’s National Security Division never disclosed the January 7, 2016 Inspector General Report to the FISA Court. The FISA Court was unaware of the Query violations until they were presented to the Court by NSA Director Rogers on October 26, 2016.
The NSD and ODNI perform the ongoing reviews of Intelligence Agency Section 702 use. It is simply not possible they were unaware of the Inspector General’s Report.
The October 26, 2016 Notice informed the Court that NSA analysts had been conducting such queries in violation of that prohibition, with much greater frequency than had previously been disclosed to the Court.
The Notice described the results of an NSA IG Report which analyzed queries using a set of known U.S.-person identifiers…in a subset of particular NSA systems that contain the results of Internet upstream collection.
That relatively narrow inquiry found that [Redacted] analysts had made [Redacted] separate queries using [Redacted] U.S.-person identifiers that improperly ran against upstream Internet data.
The government reported that the NSA IG and OCO were conducting other reviews covering different time periods, with preliminary results suggesting that the problem was widespread during all periods under review.
The NSA IG Report was released internally on January 7, 2016 and covered March 2015 through August 2015. The OCO Review was initiated by Director Rogers in April 2016.
“The problem was widespread during all periods under review.”
The FISA Court had been completely unaware of these violations prior to Rogers’ disclosure.
At the October 26, 2016 hearing, the Court ascribed the government’s failure to disclose those IG and OCO reviews at the October 4, 2016 hearing to an institutional “lack of candor” on NSA’s part and emphasized that “this is a very serious Fourth Amendment issue.”
An institutional lack of candor…
Don’t be misled by the Court’s reference to the NSA as ascribing any blame to Director Rogers.
The October 4, 2016 hearing was a standard follow-up hearing resulting from Carlin’s September 26, 2016 submission. Carlin would have been present at this hearing.
The results of the IG’s Report should have been immediately reported to the FISA Court by the NSD in January 2016.
The full IG Report – along with notification of Rogers’ ongoing review – should have been included in the September 26, 2016 proposed Certification.
The NSD and ODNI intentionally refused to disclose anything.
The issues disclosed by Director Rogers initiated a system-wide review of procedures across multiple Agencies which resulted in the discovery of further violations.
The January 3, 2017 Notice stated that “human error was the primary factor” in these incidents, but also suggested that system design issues contributed.
It also appeared that NSA had not yet fully assessed the scope of the problem: the IG and OCO reviews “did not include systems through which queries are conducted of upstream data but that do not interface with NSA’s query audit system.”
Although NSD and ODNI undertook to work with NSA to identify other tools and systems in which NSA analysts were able to query upstream data, it was clear to the Court that the issue was not yet fully scoped out.
Consider what is being said by the Court. “Systems through which queries are conducted of upstream data…that do not interface with NSA’s audit system.”
Outside query systems.
The NSA was unable to ascertain all the various avenues by which raw FISA data was accessed.
I suspect this may be referring to the FBI’s counter-terrorism database or certain NSD systems.
On January 27, 2017, the government provided further information on the technical and training measures NSA was taking and proposed to take to address this issue.
NSA was implementing its technical measures only on systems with respect to the system thought to be used most frequently to query Section 702 data. The government still had not ascertained the full range of systems that might have been used to conduct improper U.S.-person queries.
The government still didn’t know or understand the full range of access to raw FISA data.
On March 17, 2017, the government reported that NSA was still attempting to identify all systems that store upstream data and all tools used to query such data, though that effort was nearly complete.
Nearly five months after Director Rogers notified the Court, the government was still struggling to understand all points of raw FISA data access.
As embodied in the March 30, 2017 Submission, the government has chosen a new course: [Redacted]; sequestering and then destroying raw upstream Internet data previously collected; and substantially narrowing the scope of upstream collection .
Most significantly, the government will eliminate “abouts” collection altogether, which will have the effect of eliminating acquisition of the more problematic types of MCTs. These changes should substantially reduce the acquisition of non-pertinent information concerning U.S. persons pursuant to Section 702.
Apparently, the problem was so widespread the most efficient solution was to simply destroy the information and formally eliminate all “About” queries for the time being. Meanwhile, points of access were still not fully identified.
Revisions to the NSA Minimization Procedures now state that all Internet transactions acquired on or before that date and existing in NSA’s institutionally managed repositories will be sequestered pending destruction such that “NSA personnel will not be able to access the[m] for analytical purposes.”
NSA will destroy such sequestered Internet transactions as soon as practicable through an accelerated age-off process.
The age-off process was estimated to take one year.
Much of the remaining Court ruling relates to back and forth between the Court and the government regarding new rules, safeguards and procedures to be put in place.
There is also a review of procedural compliance with the Fourth Amendment (primarily pages 59-68).
Starting on Page 82, some new issues are raised.
NSA examined all queries using identifiers for “U.S. persons targeted using the [Redacted] tool in [Redacted] from November 1, 2015 to May 1, 2016.
Based on that examination, “NSA estimates that approximately eighty-five percent of those queries, representing [Redacted] queries conducted by approximately [Redacted] targeted offices, were not compliant with the applicable minimization procedures.”
Eighty-five percent of examined queries using U.S. person identifiers in conjunction with an unknown search/query tool were not compliant with minimization procedures.
FISA abuses were ongoing from at least November 1, 2015 through May 1, 2016. They almost certainly started earlier.
A non-compliance rate of 85% raises substantial questions about the propriety of using [Redacted] to query FISA data. While the government reports that it is unable to provide a reliable estimate of the number of non-compliant queries since 2012, there is no apparent reason to believe the November 2015-April 2016 period coincided with an unusually high error rate.
There is no apparent reason to believe the November 2015-April 2016 period coincided with an unusually high rate.
The problem was endemic, system-wide and across multiple Agencies.
The government reports that NSA “is unable to identify any reporting or other disseminations that may have been based on information returned by [these] non-compliant queries” because “NSA’s disseminations are sourced to specific objects,” not to the queries that may have presented those objects to the analyst.
The government cannot say how, when or where the non-compliant information was used. Once an individual had access to the information, it could no longer be traced or tracked.
The import of this revelation is about to be made more significant.
Going forward, note the Court’s nearly exclusive focus on the FBI.
On March 9, 2016, DOJ oversight personnel conducting a minimization review at the FBI’s [Redacted] learned that the FBI had disclosed raw FISA information, including but not limited to Section 702-acquired information, to a [Redacted] Compliance Report at 92. [Redacted] is part of the [Redacted] and “is largely staffed by private contractors”[Redacted] certain [Redacted] contractors had access to raw FISA information on FBI storage systems [Redacted].
Private contractors, employed by the FBI, were given full access to raw FISA data. FISA data that, once in their possession, could not be traced.
This March 9, 2016 discovery initiated the entire chain of events –  starting with Rogers ordering a “fundamental baseline review of compliance associated with 702” in April 2016.
The identities of the private contractors remains unknown. There has been some speculation that Fusion GPS may have been one of the contractors.
The apparent purpose for the FBI’s granting such access was to receive analytical assistance from [Redacted]. Nonetheless, the [Redacted] contractors had access to raw FISA information that went well beyond what was necessary to respond to the FBI’s requests; [Redacted]. The FBI discontinued the above-described access to raw FISA information as of April 18, 2016.
The [Redacted] contractors had access to raw FISA information that went well beyond what was necessary to respond to the FBI’s requests.
Note: The FBI didn’t suddenly discontinue the use of private contractors through their own volition. They were forced to do so by Director Rogers after the discovery of their use.
Personnel working for another federal agency such as [Redacted] may receive raw information acquired under Section 702 in order to provide technical or linguistic assistance to the FBI, but only if certain restrictions are followed.
No restrictions were in place.
Those restrictions were not in place with regard to the [Redacted] contractors: their access was not limited to raw information for which the FBI sought assistance and access continued even after they had completed work in response to an FBI request.
Their [contractors] access was not limited to raw information for which the FBI sought assistance – and access continued even after they had completed work in response to an FBI request.
Again, private contractors had full and unfettered access to raw FISA data. And no one could track what they did with that data.
At the October 4, 2016 Hearing, the government represented that it was investigating whether there have been similar cases in which the FBI improperly afforded non-FBI personnel access to raw FISA-acquired information on FBI systems.
The government was unable to determine how many times non-FBI personnel had full access to raw FISA data.
Note: This discovery was made known to the FISA Court earlier through the March 9, 2016 minimization review. However, the government had clearly played down the magnitude and ramifications.
The level of access to raw FISA data, lack of tracking ability and lack of oversight was notknown to the FISA Court previously.
In a separate violation of its minimization procedures, the FBI delivered raw Section 702-acquired information to a [Redacted] contractor called [Redacted].
Apparently, some contractor violations continued. Much is redacted here so the date is unknown.
[Redacted] however, is not a federal agency and the [Redacted] personnel who worked with the information were “not directly supervised by or otherwise under the direction and control of [Redacted] Compliance Report at 132. For these reasons, the government concluded that the FBI had given the information to the private entity, not to an assisting federal agency.
These contractors were “not directly supervised by or otherwise under the direction and control of” – presumably anyone.
The government has not explained why giving [Redacted] personnel access to the raw information during installation of the tool would not involve a separate violation of the FBI Minimization Procedures. Accordingly, the Court is ordering the government to provide additional information regarding this second grant of access to raw Section 702 information.
No further information is given.
The improper access previously afforded the contractors has been discontinued. The Court is nonetheless concerned about the FBI’s apparent disregard of minimization rules and whether the FBI may be engaging in similar disclosures of raw Section 702 information that have not been reported.
The FBI may be engaging in similar disclosures of raw Section 702 information that have not been reported.
This concern from the Court applies specifically to the FBI – not the NSA.
The FISA Court’s lack of trust in the FBI is apparent.
The improper access granted to the [Redacted] contractors was apparently in place [Redacted] and seems to have been the result of deliberate decisionmaking. [Redacted] Compliance Report at 92-93 ([Redacted] access to FBI systems was the subject of an interagency memorandum of understanding entered into [Redacted]). Despite the existence of an interagency memorandum of understanding (presumably prepared or reviewed by FBI lawyers), no notice of this practice was given to the FISC until 2016.Of course, such a memorandum of understanding could not override the restrictions of Section 702 minimization procedures.
This footnote is important.
The FBI systematically enabled outside contractors to access raw FISA data – using the FBI’s systems as access points – across multiple Agencies.
The FBI intentionally hid the implementation of this practice – and the practice itself – from the FISA Court until it was discovered in March 2016.
None of this was an accident.
There was an actual memorandum of understanding – prepared by FBI lawyers – directing outside contractor access to raw FISA data using FBI systems.
Despite the redactions, the Court’s language suggest this illegal policy had been in place for some time.
Recent disclosures regarding [Redacted] systems maintained by the FBI suggest that raw FISA information, including Section 702 information, may be retained on those systems in violation of applicable minimization requirements. [Heavy Redaction follows]
The FBI was not only ignoring minimization procedures – they were keeping data on U.S. citizens fully available.
Nearly four months ago, the government undertook to address this indefinite retention of information on the above-described systems in a subsequent filing, see December 29, 2016 Report at 10-11, but has not done so. Accordingly, the Court is directing the government to provide pertinent information.
Failures of the FBI to comply with this “review team” requirement for particular targets have been a focus of the FISC’s concern since 2014.
The FBI was not only ignoring minimization procedures. they were ignoring the FISA Court.
Again, note the Court’s specific focus on the FBI.
According to the government, the [FBI] review teams have completed examination of communications acquired prior to [Redacted].
Two and a half pages of nearly solid redactions follow. Nowhere else in the Court Ruling does this occur.
The redaction portion ends with this rather ominous statement on page 92:
FBI examination of the erroneously-excluded communications is ongoing and, so far, has not identified any attorney-client privileged communications concerning a charged matter.
The problems also extended to the CIA.
In the course of investigating a separate compliance incident that occurred in December 2016, the CIA discovered several problems with its purge practices. Further investigation of the December 2016 incident revealed similar problems with scripts used to purge metadata from [Redacted] CIA repositories.
In late March 2017, also in the course of investigating the December 2016 incident, CIA discovered another form of purging error affecting [Redacted].
The government has not advised the Court for how long these various purge-related problems persisted before CIA discovered them in the course of investigating the separate incident.
In the course of investigating one compliance incident, the CIA discovered multiple similar issues. It remains unknown how long these problems existed.
Pages 96-99 contain ten requirements. Most of them are fairly generic:
The government shall take steps…
The government shall submit a written report…
But I found the surprisingly specific tenth requirement on Page 99 of interest:
10. The government shall promptly submit in writing a report concerning each instance in which FBI personnel receive and review Section 702-acquired information that the FBI identifies as concerning a United States person in response to a query that is not designed to find and extract foreign intelligence information. The report should include a detailed description of the information at issue and the manner in which it has been or will be used for analytical, investigative or evidentiary purposes. It shall also identify the query terms used to elicit the information and provide the FBI’s basis for concluding that the query was consistent with applicable minimization procedures.
It becomes clear in the Court Ruling that the FBI – not the NSA – was the primary culprit in misusing raw FISA data and violating procedures supposedly safeguarding that data.
Time and again, the Court Ruling singles out the FBI for targeted reprimand.
The Court is nonetheless concerned about the FBI’s apparent disregard of minimization rules and whether the FBI may be engaging in similar disclosures of raw Section 702 information that have not been reported.
We finally come to the June 7, 2017 Senate Intelligence testimony of Director Rogers. You may find the transcript here. The final verification of dates fall into place:
LANKFORD: Admiral Rogers, this spring the NSA decided to stop doing “about” queries. That was a long conversation that’s happened there. It’s now come out into public about that conversation, that that was identified as a problem. The court agreed with that and that has been stopped. What I need to ask you is who first identified that as a problem?
ROGERS: The National Security Agency did. [It was Rogers – see below]
LANKFORD: Okay. So how did you report that? Reported that to who? How did that conversation go once you identified, “we’re uncomfortable with this type”?
ROGERS: So in 2016, I had directed our Office of Compliance, let’s do a fundamental baseline review of compliance associated with 702. We completed that effort, and my memory is I was briefed on something like October the 20th. That led me to believe the technical solution that we put in place is not working with the reliability that’s necessary here.
I then, from memory, went to the Department of Justice and then on to the FISA Courtat the end of October – I think it was something like the 26th of October – and we informed the court: we have a compliance issue here and we’re concerned that there’s an underlying issue with the technical solution we put in place.
We told the court we were going to need some period of time to work our way through that. The court granted us that time. In return, the court also said: We will allow you to continue 702 under the (16) authorizations, but we will not–will not reauthorize (17) until you show us that you have addressed this.
We then went through an internal process, interacted with the Department of Justice as well as the court, and by March we had come to a solution that the FISA Court was comfortable with. The court then authorized us to execute that solution and also then granted us authority for the (17) 702 effort.
LANKFORD: So you reported initially to the court, this is an issue, or the court initially came to you and said, we have an issue?
ROGERS: I went to the court and said, we have an issue.
LANKFORD: And the court said, we agree, we have a problem as well?
ROGERS: Check.
LANKFORD: And then it got held up, went through the process of review, and then the court has now signed off on the other (16)?
ROGERS: That is correct.
LANKFORD: So how does this harm your collection capabilities, to be able to not do the “about” collections?
ROGERS: So I acknowledged that in doing this we were going to lose some intelligence value. But my concern was I just felt it was important; we needed to be able to show that we are fully compliant with the law. And the technical solution we had put in place I just didn’t think was generating the level of reliability. And as a result of that, I said we need to make the change.
I will say this, and the FISA Court’s opinion also says the same thing. I also told the court at the time, if we can work that technical solution in a way it generates greater reliability, I would potentially come back to the Department of Justice and the court to recommend that we reinstitute it. And in fact the court acknowledged that in their certification.
LANKFORD: When you say greater reliability, tell me what you mean by that?
ROGERS: Because it was generating errors. Our Office of Compliance highlighted the specific number of cases in 2016. And I thought to myself, clearly it’s not working as we think it is. We were doing queries unknowingly to the operator in a handful of situations against U.S. persons. And I just said, hey, that is not in accordance with the intent of the law.
LANKFORD: Yes. Clearly it’s not only the intent; it’s the actual statute itself that – that we protect U.S. persons.
ROGERS: Yes, sir.
Rogers’ characteristically understated testimony provides us with verification of those dates missing from the Court Ruling:
In 2016, I directed our Office of Compliance [to] do a fundamental baseline review of compliance associated with 702.
We completed that effort and I was briefed on something like October the 20th.
I then went to the Department of Justice and then on to the FISA Court at the end of October – I think it was something like the 26th of October.
We informed the court: we have a compliance issue here and we’re concerned that there’s an underlying issue.
Here’s the Rogers timeline:
  • November 2015-April 2016 – The FBI and DOJ’s National Security Division (NSD) uses private contractors to access raw FISA information using “To” and “From” FISA-702(16) & “About” FISA-702(17) queries.
  • March 2016 – NSA Director Rogers becomes aware of improper access to raw FISA data.
  • April 2016 – Rogers orders the NSA compliance officer to run a full audit on 702 NSA compliance.
  • April 18 2016 – Rogers shuts down FBI/NSD contractor access to the FISA Search System.
  • September 26 2016 – DOJ’s NSD Head John Carlin files the Government’s proposed 2016 Section 702 certifications. Carlin has been aware of Rogers’ compliance review.
  • September 27 2016 – Carlin announces he is resigning. Mary McCord will later assume his position.
  • October 15, 2016 – Carlin formally leaves the NSD.
  • Mid-October 2016 – DNI Clapper submits a recommendation to the White House that Director Rogers be removed from the NSA.
  • October 20 2016 – Rogers is briefed by the NSA compliance officer on the Section 702 NSA compliance audit and “About” query violations.
  • October 21 2016 – Rogers shuts down all “About Query” activity. Rogers reports the activity to DOJ and prepares to go before the FISA Court.
  • October 21 2016 – DOJ & FBI seek and receive a Title I FISA probable cause order authorizing electronic surveillance on Carter Page from the FISC. At this point, the FISA Court is unaware of the Section 702 violations.
  • October 24 2016 – Rogers verbally informs the FISA Court of Section 702(17) violations.
  • October 26 2016 – Rogers formally informs the FISA Court of 702(17) violations in writing.
  • November 17 2016 (morning) – Rogers travels to meet President-Elect Trump and his Transition Team in Trump Tower. Rogers does not inform DNI James Clapper.
  • November 17 2016 (evening) – Trump Transition Team announces they are moving all transition activity to Trump National Golf Club in New Jersey.
The DOJ & FBI were fully aware that Rogers initiated a compliance review in April 2016. They were aware of the review’s relative status.
The DOJ & FBI were both aware of Carlin’s fraudulent September 26, 2016 submission of the Government’s proposed 2016 Section 702 certifications. They knew it contained material omissions.
The DOJ & FBI appear to have rushed the Carter Page FISA application – knowing Rogers was preparing to go before the FISA Court.
The DOJ & FBI apply for – and receive – a Title I FISA warrant on Carter Page the same dayRogers apprises both Agencies of ongoing FISA violations.
Neither the DOJ or FBI inform the FISA Court of Rogers’ notification when they make their FISA Application on Page.
Which begs the question – why wasn’t Page’s FISA application revisited when Rogers verbally notified the FISA Court on October 24, 2016 or went before the FISA Court on October 26, 2016.
Why didn’t the FISA judge who issued the FISA Warrant on October 21, 2016 revisit the issue after hearing the litany of abuses laid out by Rogers on October 26, 2016.
And who, exactly, was that FISA judge.
Judge Rudolph Contreras is a likely candidate. More here.
Update: We now know Contreras did not sign FISA per Schiff Democrat Memo which specifies that Page FISA Application and renewals were approved by four different Federal (FISA) Judges and appointed by following: One by Reagan. One by G.H.W. Bush (elder). Two by G.W. Bush (younger).
Contreras was appointed by Obama.
Anne Conway signed a Page FISA Application or Renewal.
Either Raymond Drearie or Martin Feldman (FISA Court 5-19-10 to 5-18-17) signed FISA Application or Renewal.
Two of the following signed FISA Application or renewal: Collyer, Egan, Kugler, Mosman, Saylor.
House Intelligence Chairman Nunes and House Judiciary Chairman Goodlatte recently sent letters to Presiding FISA Judge Rosemary Collyer requesting FISA Court records relating to the FBI’s FISA warrant application on Carter Page.
Judge Collyer is the same FISA Judge who wrote the 99-page FISA Court Ruling we have been examining.
The Court is considering the requests…
I first wrote about this Court Ruling in January but realized I failed to adequately tell the larger story.
It’s difficult to fully convey or appreciate Director Mike Rogers’ actions. He quietly stood against a deeply embedded Intelligence apparatus and risked his reputation and career.
He also performed a delicate balancing act. His actions would be of no merit if he was not in a position to see his disclosures through.
Although it may take some time, it is my hope that his role will be more fully appreciated.
It’s entirely possible there would have been no FISA disclosure without the 2016 actions of Rogers.
There might have been no investigation by Inspector General Horowitz.
James Clapper was the architect of the Russia Report – Assessing Russian Activities and Intentions in Recent U.S. Elections. It was used to push the entire Russia Narrative (see here).
The report was technically created by a joint effort between the CIA (former Director John Brennan), FBI (former Director James Comey) and the NSA (current Director Mike Rogers) – and assembled by the DNI (former Director James Clapper).
The joint report contains one significant caveat:
CIA and FBI have high confidence in this judgment; NSA has only moderate confidence.
Rogers stated in Senate hearing testimony that his confidence did not reach even this threshold:
I wouldn’t call it a discrepancy, I’d call it an honest difference of opinion between three different organizations and in the end I made that call.…It didn’t have the same level of sourcing and the same level of multiple sources.
Admiral Mike Rogers quietly announced his retirement in early January 2018, thus bringing an end to a nearly four-year tenure as head of the NSA. He will formally retire this Spring.
Which is somewhat remarkable given the Obama Administration tried to fire him well over a year ago.
In a following post I will be examining some significant events and circumstances that may have resulted from the Section 702 FISA abuses discussed in this post.

No comments:

Post a Comment