A BETTER EXAMPLE OF ARTICLE III FISA OVERSIGHT: REAZ QADIR KHAN

As debate over reauthorization of Section 702 heats up, both those in favor of reform and those asking for straight reauthorization are making their cases. As part of that, I wrote a summary of the most persistent NSA (and FBI) violations of FISA for Demand Progress, called “Institutional Lack of Candor.” I did a piece for Motherboard based off the report, which also looks at how Rosermary Collyer did not use the leverage of FISA’s exclusivity clause to force NSA to purge improperly accessed data this year.

Meanwhile, NSA’s General Counsel, Glenn Gerstell, just did a speech at University of Texas laying out what he claimed is the judicial oversight over Section 702. There’s one line I find particularly interesting:

Among other things, Section 702 also enables collection of information on foreign weapons proliferators and informs our cybersecurity efforts.

Here, Gerstell appears to be laying out the three known certificates (counterterrorism, counterproliferation, and foreign government). But I wonder whether the “among other things” points to a new certificate, or to the more amorphous uses of the foreign government cert.

As for Gerstell’s argument that there’s sufficient judicial oversight, I find it laughable in several key points.

For example, here’s how Gerstell describes the amicus provision included with USA Freedom Act.

The FISC is entitled to call upon the assistance of amici when evaluating a novel or significant interpretation of the law or when it requires outside technical expertise. This amicus provision, which was added to FISA as part of the USA FREEDOM Act amendments in 2015, enables the court to draw upon additional expertise and outside perspectives when evaluating a proposed surveillance activity, thus ensuring that the FISC’s oversight remains both robust and knowledgeable. The court has designated a pool of experts in national security to serve as amicus curiae at the court’s request. Amici are specifically instructed to provide to the court “legal arguments that advance the protection of individual privacy and civil liberties,” “information related to intelligence collection or communications technology,” or any other legal arguments relevant to the issue before the court.

The FISC’s amicus provisions are more than a mere statutory wink and nod to strong judicial oversight. The court has in fact called upon its amici to assist in evaluating Section 702 activities. In 2015, the FISC appointed an amicus to analyze what the court felt were two novel or significant interpretations of law that arose as part of its review of the government’s annual application for 702 certifications. The first issue involved whether queries of 702 collection that are designed to return information concerning U.S. persons are consistent with statutory and constitutional requirements. The second question involved whether there were any statutory or constitutional concerns about preserving information collected under Section 702 for litigation purposes that would otherwise be subject to destruction under the government’s minimization procedures. On both issues, the FISC carefully considered the views of the amicus, ultimately concluding that both of the proposed procedures were reasonably tailored to protect the privacy of U.S. persons and thus permissible under both the FISA statute and the constitution. [my emphasis]

Gerstell speaks of the amicus provision as newly permitting — “entitled,” “enabled” — the FISC to consult with others. Yet the FISC always had the ability to call amici (in fact it did ask for outside help in the In Re Sealed Case provision and in a few issues in the wake of the Snowden leaks). What was new with the USAF amicus is an affirmative requirement to either use an amicus or explain why it chose not to in any matters that present a “novel or significant interpretation of the law.”

Authorization.–A court established under subsection (a) or (b), consistent with the requirement of subsection (c) and any other statutory requirement that the court act expeditiously or within a stated time–

(A) shall appoint an individual who has been designated under paragraph (1) to serve as amicus curiae to assist such court in the consideration of any application for an order or review that, in the opinion of the court, presents a novel or significant interpretation of the law, unless the court issues a finding that such appointment is not appropriate; and

(B) may appoint an individual or organization to serve as amicus curiae, including to provide technical expertise, in any instance as such court deems appropriate or, upon motion, permit an individual or organization leave to file an amicus curiae brief.

It’s true that USAF permits the FISC to decide what counts as new, but in those cases, the law does require one or another action, not simply permit it.

Which is why it’s so funny that Gerstell harps on the inclusion of Amy Jeffress in the 2015 recertification process. Note his silence on the 2016 process, which addressed an issue that (as both my reports above make clear) is far more problematic than the ones Jeffress weighed in on? Collyer simply blew off the USAF requirement, and didn’t get the technical help she apparently badly needed. As I noted, she sort of threw up her hands and claimed there were simply no people with the technical expertise and clearance available to help.

I suspect the Intelligence Community — and possibly even the law enforcement community — will live to regret Collyer’s obstinance about asking for help, if for no other reason than we’re likely to see legal challenges because of the way she authorized back door searches on content she knows to include domestic communications.

Gerstell then goes on to hail Mohamed Mohamud’s challenge to 702 as an example of worthwhile Title III court oversight of the program.

In certain circumstances, challenges to surveillance programs can be brought in other federal courts across the country. One recent court case is particularly illustrative of the review of Section 702 outside of the FISC, and here is how it commenced:

A few years ago, a young man named Mohamed Mohamud was studying engineering at Oregon State University. He had emigrated to the U.S. from Somalia with his family when he was only three, and he later became a naturalized U.S. citizen. He grew up around Portland, Oregon, enjoying many typical American pursuits like music and the Los Angeles Lakers. In 2008, however, he was involved in an incident at Heathrow Airport in London during which he believed he was racially profiled by airport security. This incident set Mohamud on a path toward radicalization. He began reading jihadist literature and corresponding with other Al-Qaeda supporters. In 2010, he was arrested and indicted for his involvement in a plot to bomb the Christmas Tree Lighting Ceremony in Portland, which was scheduled to take place the day after Thanksgiving. He was eventually found guilty of attempted use of a weapon of mass destruction.

After the verdict but before his sentencing, the government provided Mohamud with a supplemental notice that it had offered into evidence or otherwise used or disclosed during the proceedings information derived from Section 702 collection. After receiving this notice, Mohamud petitioned the court for a new trial, arguing that any 702-derived information should be suppressed because, among other reasons, he claimed that Section 702 violated the Fourth Amendment. The federal district court considered Mohamud’s claims before ultimately holding that 702 was constitutional. In so holding, the court found that 702 surveillance does not trigger the Fourth Amendment’s warrant requirement because any collection of U.S. person information occurring as a result of constitutionally permissible 702 acquisitions occurs only incidentally and, even if it did trigger the warrant requirement, a foreign intelligence exception applies. The court also found that “the government’s compelling interest in protecting national security outweighed the intrusion of Section 702 surveillance on an individual’s privacy,” so the 702 collection at issue in that case was reasonable under the Fourth Amendment. Mohamud appealed the district court’s ruling to the Ninth Circuit, where the Circuit Court again looked at the constitutionality of the 702 collection at issue, with particular scrutiny on incidental collection. The Ninth Circuit concluded that the government’s surveillance in this case was consistent with constitutional and statutory requirements; even if Mohamud had a Fourth Amendment right to privacy in any incidentally-collected communications, the government’s searches were held to be reasonable. [my emphasis]

Look carefully at what Gerstell has argued: he uses a case where DOJ introduced evidence derived from 702, but gave the legally required notice only after the entire trial was over! That is, he’s pointing to a case where DOJ broke the law as proof of how well judicial oversight works.

And that’s important because DOJ has stopped giving 702 notice again (and has never given notice in a non-terrorism case, even though it surely has used derivative information in those cases as well). Without that notice, no defendant will be able to challenge 702 in the designated manner.

Which is why I would point to a different case for what criminal court oversight of SIGINT should look like: that of Reaz Qadir Khan (whose own case was closely linked to that of Mohamud).

At first, Khan tried to force the judge in his case, Michael Mosman, to recuse because he was serving as a FISA judge at the time. Mosman stayed.

Khan then asked for notice from the government for every piece of evidence obtained by the defense, laying out the possible authorities. Things started getting squirrelly at that point, as I summarized here. Last year, I described the effort by the Reaz Qadir Khan’s lawyers to make the government list all the surveillance it had used to catch him (which, significantly, would either be targeted off a dead man or go back to the period during with the government used Stellar Wind). In October the government wrote a letter dodging most notice. Earlier this year, Judge Michael Mosman (who happens to also be a FISA judge) deferred the notice issues until late in the CIPA process. Earlier this month, Khan plead guilty to accessory to material support for terrorism after the fact.

What I suspect happened is that Mosman, who knows more about FISA than almost all District judges because he was (and still is) serving on the court, recognized that the government had surveillance that deserved some kind of judicial scrutiny (in this case, it probably involved Stellar Wind collection, but also likely included other authorities). So he agreed to deal with it in CIPA.

And just weeks later, Khan got a plea deal.

That’s the way it should work: for a judge to be able to look at surveillance and figure out if something isn’t exactly right or, for exotic interpretations of the law that don’t pass a smell test, and in those cases provide some means for review. Here, the government appears to have gotten uninterested in subjecting its evidence for review and, as is built into CIPA, ended up making a deal instead.

Of course, that rare exception points to one of the problems with FISC.

Gerstell claims that a court that until the Snowden leaks had no Democratic appointees on it boasts a “diversity of backgrounds.”

Recognizing the importance of judicial accountability for foreign intelligence surveillance under FISA, Congress designed a specialized court authorized to operate in secret – the FISC – to encourage rigorous oversight of activities conducted under FISA. Even its structure is deliberately assembled to serve that purpose. FISC judges are selected by the Chief Justice to serve for up to seven years, on staggered terms, which guarantees continuity and subject matter expertise on critical issues. In addition, the FISC is required by statute to be composed of judges drawn from at least seven of the U.S. judicial circuits. This statutory makeup ensures that the FISC includes judges from a diversity of backgrounds and geographic regions, rather than a court that might tend toward unanimity of thought or particular judicial sympathies.

That’s poppycock. The judges tend to be conservative. Importantly, the presiding judges are always from the DC district, not even just the DC neighborhood, such as MD or EDVA.

And remarkably, almost none of the judges on the FISC have presided over terrorism cases (Mosman is from OR, which because of a mosque that the FBI has basically lived in since 9/11, has had more than its share of terrorism cases). Which means the men and women sitting in Prettyman overseeing FISA often have little to no experience on how that data might affect an American’s right to a fair trial two years down the road.

I, like Gerstell, contest the claim that the FISC is generally a rubber stamp. But I do believe it should include more of the judges who actually oversee the trials that may result, because that experience would vastly improve understanding of the import of the review. At the very least, it should include the judges from EDVA who oversee the cases that go through the CIA-Pentagon District, which also includes a great many of the country’s espionage cases. And most of all, the practice of having one judge, always from DC, review programmatic spying programs by herself should stop. While it is absolutely the case that judges have often shown great diligence, when a judge doesn’t show adequate diligence — as I believe Collyer did not this year — it may create problems that will persist for years.

The FISC is not a rubber stamp. But neither is the judicial oversight of 702 the consistently diligent oversight Gerstell claims.

THE DOMESTIC COMMUNICATIONS NSA WON’T REVEAL ARE ALMOST CERTAINLY OBSCURED LOCATION COMMUNICATIONS

The other day, I laid out the continuing fight between Director of National Intelligence Dan Coats and Senator Ron Wyden over the former’s unwillingness to explain why he can’t answer the question, “Can the government use FISA Act Section 702 to collect communications it knows are entirely domestic?” in unclassified form. As I noted, Coats is parsing the difference between “intentionally acquir[ing] any communication as to which the sender and all intended recipients are known at the time of acquisition to be located in the United States,” which Section 702 prohibits, and “collect[ing] communications [the government] knows are entirely domestic,” which this exchange and Wyden’s long history of calling out such things clearly indicates the government does.

As I noted, the earlier iteration of this debate took place in early June. Since then, we’ve gotten two sets of documents that all but prove that the entirely domestic communication the NSA refuses to tell us about involves communications that obscure their location, probably via Tor or VPNs.

Most Entirely Domestic Communications Collected Via Upstream Surveillance in 2011 Obscured Their Location

The first set of documents are those on the 2011 discussion about upstream collection liberated just recently by Charlie Savage. They show that in the September 7, 2011 hearing, John Bates told the government that he believed the collection of discrete communications the government had not examined in their sampling might also contain “about” communications that were entirely domestic. (PDF 113)

We also have this other category, in your random sampling, again, that is 9/10ths of the random sampling that was set aside as being discrete communications — 45,000 out of the 50,0000 — as to which our questioning has indicataed we have a concern that some of the about communications may actually have wholly domestic communications.

And I don’t think that you’ve really assessed that, either theoretically or by any actual examination of those particular transactions or communications. And I’m not indicating to you what I expect you to do, but I do have this concern that there are a fair number of wholly domestic communications in that category, and there’s nothing–you really haven’t had an opportunity to address that, but there’s nothing that has been said to date that would dissuade me from that conclusion. So I’m looking there for some convincing, if you will, assessment of why there are not wholly domestic communications with that body which is 9/10s of the random sample.

In a filing submitted two days later, the government tried to explain away the possibility this would include (many) domestic communications. (The discussion responding to this question starts at PDF 120.) First, the NSA used technical means to determine that 41,272 of the 45,359 communications in the sample were not entirely domestic. That left 4,087 communications, which the NSA was able to analyze in just 48 hours. Of those, the NSA found just 25 that were not to or from a tasked selector (meaning they were “abouts” or correlated identities, described as “potentially alternate accounts/addresses/identifiers for current NSA targets” in footnote 7, which may be the first public confirmation that NSA collects on correlated identifiers). NSA then did the same kind of analysis it does on the communications that it does as part of its pre- tasking determination that a target is located outside the US. This focused entirely on location data.

Notably, none of the reviewed transactions featured an account/address/identifier that resolved to the United States. Further, each of the 25 communications contained location information for at least one account/address/identifier such that NSA’s analysts were able assess [sic] that at least one communicant for each of these 25 communications was located outside of the United States. (PDF 121)

Note that the government here (finally) drops the charade that these are simply emails, discussing three kinds of collection: accounts (which could be both email and messenger accounts), addresses (which having excluded accounts would significantly include IP addresses), and identifiers. And they say that having identified an overseas location for the communication, NSA treats it as an overseas communication.

The next paragraph is even more remarkable. Rather than doing more analysis on those just 25 communications it effectively argues that because latency is bad, it’s safe to assume that any service that is available entirely within the US will be delivered to an American entirely within the US, and so those 25 communications must not be American.

Given the United States’ status as the “world’s premier electronic communications hub,” and further based on NSA’s knowledge of Internet routing patterns, the Government has already asserted that “the vast majority of communications between persons located in the United States are not routed through servers outside the United Staes.” See the Government’s June 1, 2011 Submission at 11. As a practical matter, it is a common business practice for Internet and web service providers alike to attempt to deliver their customers the best user experience possible by reducing latency and increasing capacity. Latency is determined in part by the geographical distance between the user and the server, thus, providers frequently host their services on servers close to their users, and users are frequently directed to the servers closest to them. While such practices are not absolute in any respect and are wholly contingent on potentially dynamic practices of particular service providers and users,9 if all parties to a communication are located in the United States and the required services are available in the United States, in most instances those communications will be routed by service providers through infrastructure wholly within the United States.

Amid a bunch of redactions (including footnote 9, which is around 16 lines long and entirely redacted), the government then claims that its IP filters would ensure that it wouldn’t pick up any of the entirely domestic exceptions to what I’ll call its “avoidance of latency” assumption and so these 25 communications are no biggie, from a Fourth Amendment perspective.

Of course, the entirety of this unredacted discussion presumes that all consumers will be working with providers whose goal is to avoid latency. None of the unredacted discussion admits that some consumers choose to accept some latency in order to obscure their location by routing it through one (VPN) or multiple (Tor) servers distant from their location, including servers located overseas.

For what it’s worth, I think the estimate Bates did on his own to come up with a number of these SCTs was high, in 2011. He guessed there would be 46,000 entirely domestic communications collected each year; by my admittedly rusty math, it appears it would be closer to 12,000 (25 / 50,000 comms in the sample = .05% of the total; .05% of the 11,925,000 upstream transactions in that 6 month period = 5,962, times 2 = roughly 12,000 a year). Still, it was a bigger part of the entirely domestic upstream collection than those collected as MCTs, and all those entirely domestic communications have been improperly back door searched in the interim.

Collyer claims to have ended “about” collection but admits upstream will still collect entirely domestic communications

Now, if that analysis done in 2011 were applicable to today’s collection, there shouldn’t be a way for the NSA to collect entirely domestic communications today. That’s because all of those 25 potentially domestic comms were described as “about” collection. Rosemary Collyer has, according to her IMO apparently imperfect understanding of upstream collection, shut down “about” collection. So that should have eliminated the possibility for entirely domestic collection via upstream, right?

Nope.

As she admits in her opinion, it will still be possible for the NSA to “acquire an MCT” (that is, bundled collection) “that contains a domestic communication.”

So there must be something that has changed since 2011 that would lead NSA to collect entirely domestic communications even if that communication didn’t include an “about” selector. In 2014 Collyer enforced a practice that would expose Americans to 702 collection

Which brings me back to the practice approved in 2014 in which, according to providers newly targeted under the practice, “the communications of U.S. person will be collected as part of such surveillance.”

As I laid out in this post, in 2014 Thomas Hogan approved a change in the targeting procedures. Previously, all users of a targeted facility had to be foreign for it to qualify as a foreign target. But for some “limited” exception, Hogan for the first time permitted the NSA to collect on a facility even if Americans used that facility as well, along with the foreign targets.

The first revision to the NSA Targeting Procedures concerns who will be regarded as a “target” of acquisition or a “user” of a tasked facility for purposes of those procedures. As a general rule, and without exception under the NSA targeting procedures now in effect, any user of a tasked facility is regarded as a person targeted for acquisition. This approach has sometimes resulted in NSA’ s becoming obligated to detask a selector when it learns that [redacted]

The relevant revision would permit continued acquisition for such a facility.

It appears that Hogan agreed it would be adequate to weed out American communications after collection in post-task analysis.

Some months after this change, some providers got some directives (apparently spanning all three known certificates), and challenged them, though of course Collyer didn’t permit them to read the Hogan opinion approving the change.

Here’s some of what Collyer’s opinion enforcing the directives revealed about the practice.

Collyer’s opinion includes more of the provider’s arguments than the Reply did. It describes the Directives as involving “surveillance conducted on the servers of a U.S.-based provider” in which “the communications of U.S. person will be collected as part of such surveillance.” (29) It says [in Collyer’s words] that the provider “believes that the government will unreasonably intrude on the privacy interests of United States persons and persons in the United States [redacted] because the government will regularly acquire, store, and use their private communications and related information without a foreign intelligence or law enforcement justification.” (32-3) It notes that the provider argued there would be “a heightened risk of error” in tasking its customers. (12) The provider argued something about the targeting and minimization procedures “render[ed] the directives invalid as applied to its service.” (16) The provider also raised concerns that because the NSA “minimization procedures [] do not require the government to immediately delete such information[, they] do not adequately protect United States person.” (26)

[snip]

Collyer, too, says a few interesting things about the proposed surveillance. For example, she refers to a selector as an “electronic communications account” as distinct from an email — a rare public admission from the FISC that 702 targets things beyond just emails. And she treats these Directives as an “expansion of 702 acquisitions” to some new provider or technology.

Now, there’s no reason to believe this provider was involved in upstream collection. Clearly, they’re being asked to provide data from their own servers, not from the telecom backbone (in fact, I wonder whether this new practice is why NSA has renamed “PRISM” “downstream” collection).

But we know two things. First: the discrete domestic communications that got sucked up in upstream collection in 2011 appear to have obscured their location. And, there is now a means of collecting bundles of communications via upstream collection (assuming Collyer’s use of MCT here is correct, which it might not be) such that even communications involving no “about” collection would be swept up.

Again, the evidence is still circumstantial, but there is increasing evidence that in 2014 the NSA got approval to collect on servers that obscure location, and that that is the remaining kind of collection (which might exist under both upstream and downstream collection) that will knowingly be swept up under Section 702. That’s the collection, it seems likely, that Coats doesn’t want to admit.

The problems with permitting collection on location-obscured Americans

If I’m right about this, then there are three really big problems with this practice.

First, in 2011, location-obscuring servers would not themselves be targeted. Communications using such servers would only be collected (if the NSA’s response to Bates is to be believed) if they included an “about’ selector.

But it appears there is now some collection that specifically targets those location-obscuring servers, and knowingly collects US person communications along with whatever else the government is after. If that’s right, then it will affect far more than just 12,000 people a year.

That’s especially true given that a lot more people are using location-obscuring servers now than on October 3, 2011, when Bates issued his opinion. Tor usage in the US has gone from around 150,000 mean users a day to around 430,000 users.

And that’s just Tor. While fewer VPN users will consistently use overseas servers, sometimes it will happen for efficacy reasons and sometimes it will happen to access content that is unavailable in the US (like decent Olympics coverage).

In neither of Collyer’s opinions did she ask for the kind of numerical counts of people affected that Bates asked for in 2011. If 430,000 Americans a day are being exposed to this collection under the 2014 change, it represents a far bigger problem than the one Bates called a Fourth Amendment violation in 2011.

Finally, and perhaps most importantly, Collyer newly permitted back door searches on upstream collection, even though she knew that (for some reason) it would still collect US person communications. So not only could the NSA collect and hold location obscured US person communications, but those communications might be accessed (if they’re not encrypted) via back door searches that (with Attorney General approval) don’t require a FISA order (though Americans back door searched by NSA are often covered by FISA orders).

In other words, if I’m right about this, the NSA can use 702 to collect on Americans. And the NSA will be permitted to keep what they find (on a communication by communication basis) if they fall under four exceptions to the destruction requirement.

The government is, once again, fighting Congressional efforts to provide a count of how many Americans are getting sucked up in 702 (even though the documents liberated by Savage reveal that such a count wouldn’t take as long as the government keeps claiming). If any of this speculation is correct, it would explain the reluctance. Because once the NSA admits how much US person data it is collecting, it becomes illegal under John Bates’ 2010 PRTT order.

USA FREEDOM ACT BOOSTER MISSES OPPORTUNITY TO NOTE FISC BLEW OFF USAF

The Brennan’s Center Liza Goitein is the privacy community’s go-to witness for Section 702 hearings. She’s a decent choice: she’s unflappable, she has worked in Congress (which nevertheless doesn’t prevent members from routinely butchering her name), and she’s superb at invoking case law to support her points. She has a fine understanding of how the program is implemented.

But she did, in my opinion, affirmative damage in today’s hearing on Section 702.

The most ardent supporter for a special advocate in the FISA Court, Richard Blumenthal, asked the panel if the provision could be improved. All witnesses supported a FISA amicus, with both Goitein and CNAS’ Adam Klein supporting some strengthening of the provision.

But Goitein misstated how the current provision for an amicus — passed as law as part of USA Freedom Act — has been implemented. After calling the provision “a really important contribution of the USA Freedom Act,” Goitein claimed “for the most part the Court has” appointed an amicus for a novel or significant legal issue. [my transcription]

Goitein: I think that was a really important contribution of the USA Freedom Act. I think it’s very clear from the act that Congress intended for the FISA Court to make use of amici in really any case in which there was a novel or significant legal issue unless there were some extraordinary circumstances. I think for the most part the Court has done that. There have been a couple of occasions in which the court has found participation inappropriate based on the rationale that the Court just didn’t need help. I don’t think that’s really consistent with what was intended. But that’s been rare. That’s something I think this committee should keep an eye on. I do think it makes sense to have participation in the annual certification process be mandatory, and the one other thing I would suggest is that there’s currently no provision for amici to appeal rulings of the FISA Court if the amici’s arguments were rejected. And sometimes that’s important. I think we saw in the FISA Court’s decision on back door searches — there were a number of, to say the least, very novel legal issues that would have benefitted from review.

Except the Court hasn’t always appointed, much less considered, appointing an amicus.

Just two months ago, Rosemary Collyer permitted the back door searches of collection that she explicitly admitted can include entirely domestic communications. The decision goes well beyond what John Bates authorized in 2011 when he permitted back door searches, because Bates specifically excluded the upstream collection he knew to include entirely domestic communications.

Collyer approved that practice on top of all the other issues she ruled on, such as the sharing of raw data with NCTC (which will permit it to do back door searches for designations without the due process FBI provides) and letting NSA keep reports it developed using legally prohibited queries. Moreover, it came in an opinion where Collyer appeared to be unclear on the technical aspects of the question in front of her, resulting in an opinion that leaves little clarity on whether ending “about” collection (which was never defined in technical terms) will actually end the collection of unrelated American targets.

And not only didn’t Collyer appoint an amicus to deal with this difficult technical and legal issue. She didn’t even consider it, as mandated by USA Freedom Act.

A court established under subsection (a) or (b), consistent with the requirement of subsection (c) and any other statutory requirement that the court act expeditiously or within a stated time–

(A) shall appoint an individual who has been designated under paragraph (1) to serve as amicus curiae to assist such court in the consideration of any application for an order or review that, in the opinion of the court, presents a novel or significant interpretation of the law, unless the court issues a finding that such appointment is not appropriate;

I have asked some people on the Hill whether they consider this decision an significant opinion or not, and had mixed responses (meaning at least some of the privacy focused congressional figures I spoke with would have been okay with Collyer finding that she didn’t need an amicus or even are okay that she didn’t consider it).

But this question was an opportunity for the privacy community to point out to the amicus’ chief booster — and three other witnesses who generally support the amicus provision — how the FISC can and did in a hugely significant ruling sidestep necessary input. At the very least, it was an opportunity to point out that permitting the judges to decide what constitutes a significant legal issue permits too much discretion, because it allows the FISC to avoid justifying not appointing an amicus.

Instead of making those points, Goitein instead answered in a way that suggested she believes the first time approval of back door searches on content that includes entirely domestic collection is not a significant legal issue. PRIVACY COMMUNITY LETS DAN COATS OFF EASY IN LETTER ACCUSING HIM OF RENEGING ON HIS PROMISE

This post may make me some enemies in DC.

But the privacy community appears to be missing some critical points in this letter accusing Dan Coats of reneging on his promise to provide an estimate of how many Americans have been sucked up in Section 702 surveillance. The letter rehearses what it claims is the history of NSA counting or not counting how many Americans get collected under Section 702, going back to 2011.

This debate began in 2011 when Senator Wyden first asked Director Clapper to provide an estimate.2 In 2012, the Inspector General of the Intelligence Community claimed that such an estimate would not be possible because the process of establishing the estimate would violate the privacy of U.S. persons, and require too many resources.3

Yet in the same letter, it claims that NSA managed to do a count of Americans implicated in upstream surveillance in 2011.

First, the NSA previously undertook an effort to provide the Foreign Intelligence Surveillance Court (FISC) with a similar estimate, and “there is no evidence that this undertaking impeded any NSA operations.”5 There, in order to address the FISC’s concerns about the number of wholly domestic communications that were being collected under Section 702, the NSA “conducted a manual review of a random sample consisting of 50,440 Internet transactions taken from the more than 13.25 million Internet transactions acquired through the NSA’s upstream collection during a six month period.”6

It is absolutely true that NSA “undertook an effort” to provide the number of Americans implicated in upstream surveillance. But it was not “a similar estimate.” On the contrary, NSA only obtained an estimate of entirely domestic communications collected as part of multiple communication transactions, MCTs. It did not — not even after Bates asked — come up with an estimate of how many entirely domestic communications NSA collected via upstream collection as single communication transactions, much less an estimate of all the Americans collected.

Here’s how John Bates described it in the opinion cited in footnote 6.

NSA’s manual review focused on examining the MCTs acquired through NSA’s upstream collection in order to assess whether any contained wholly domestic communications. Sept. 7, 2011 Hearing Tr. at 13-14. As a result, once NSA determined that a transaction contained a single, discrete communication, no further analysis of that transaction was done. See August 16 Submission at 3. After the Court expressed concern that this category of transactions might also contain wholly domestic communications, NSA conducted a further review. See Sept. 9 Submission at 4. NSA ultimately did not provide the Court with an estimate of the number of wholly domestic “about” SCTs that may be acquired through its upstream collection. Instead, NSA has concluded that “the probability of encountering wholly domestic communications in transactions that feature only a single, discrete communication should be smaller — and certainly no greater — than potentially encountering wholly domestic communications within MCTs.” Sept. 13 Submission at 2.

The Court understands this to mean that the percentage of wholly domestic communications within the universe of SCTs acquired through NSA’s upstream collection should not exceed the percentage of MCTs within its statistical sample. Since NSA found 10 MCTs with wholly domestic communications within the 5,081 MCTs reviewed, the relevant percentage is .197% (10/5,081). Aug. 16 Submission at 5.

NSA’s manual review found that approximately 90% of the 50,440 transactions in the same were SCTs. Id. at 3. Ninety percent of the approximately 13.25 million total Internet transactions acquired by NSA through its upstream collection during the six-month period, works out to be approximately 11,925,000 transactions. Those 11,925,000 transactions would constitute the universe of SCTs acquired during the six-month period, and .197% of that universe would be approximately 23,000 wholly domestic SCTs. Thus, NSA may be acquiring as many as 46,000 wholly domestic “about” SCTs each year, in addition to the 2,000-10,000 MCTs referenced above.

Now, ODNI might raise this detail and say that the 2011 review was not as intensive as the one the privacy community wants to conduct. They’d be right, not least because the upstream review should be easier to conduct than the PRISM review, even though there should be less upstream collection under the new rules (under 702, anyway — much of it would have just gone to EO 12333 collection). But the other critical point is that, having done the sampling, NSA wasn’t even willing to give Bates the information he requested t0 explain the scope of illegal collection under Section 702.

NSA’s refusal to count all the entirely domestic communications collected in their own right is particularly important given another point that would be worth mentioning here.

It’s not so much that this debate started when Ron Wyden made his request. Rather, Ron Wyden, with Mark Udall, made a written request for such a count on the very same day, July 14, 2011, that DOJ obtained an extension to conduct the count for John Bates.

In April 2011, Wyden and Mark Udall asked for the number.

In April of 2011, our former colleague, Senator Mark Udall, and I then asked the Director of National Intelligence, James Clapper, for an estimate.

According to Clapper’s response, they sent a written letter with the request on July 14, 2011. The timing of this request is critically important because it means Wyden and Udall made the request during the period when NSA and FISA Judge John Bates were discussing the upstream violations (see this post for a timeline). As part of that long discussion Bates had NSA do analysis of how often it collected US person communications that were completely unrelated to a targeted one (MCTs). Once Bates understood the scope of the problem, he asked how many US person communications it collected that were a positive hit on the target that were the only communication collected (SCTs).

But the timing demands even closer scrutiny. On July 8, John Bates went to DOJ to express “serious concerns” — basically, warning them he might not be able to reauthorize upstream surveillance. On July 14 — the same day Wyden and Udall asked Clapper for this information — DOJ asked Bates for another extension to respond to his questions, promising more information. Clapper blew off Wyden and Udall’s request in what must be record time — on July 26. On August 16, DOJ provided their promised additional information to Bates. That ended up being a count of how many Americans were affected in MCTs.

So this debate started when Wyden, simultaneously with the FISC, asked for numbers on how many Americans were affected. But the NSA proceeded to do a count that was only partially responsive to Bates’ concerns and barely responsive to Wyden’s.

NSA did a count in 2011. But even though they had requests for a number from both other co- equal branches of government, they refused to do a responsive count, even as they were already committing the resources to doing the count.

The claim about resources made in 2011 rings hollow, because the resources were expended but the scope was narrowly drawn.

Which brings me to the last critical point here: the most likely motive for drawing the scope so narrowly even as both other co-equal branches of government were requesting the number.

In July 2010, John Bates wrote another opinion. On its face, it addressed the NSA’s collection of prohibited categories under the PR/TT Internet dragnet. But in reality, that collection was just upstream collection with some filtering to try to get down to the part of the packets that constituted metadata under rules set in 2004. Effectively, then, it was also an opinion about the deliberate collection of domestic content via upstream collection. And in that opinion, he weighed the government’s request to let it keep data it had collected that might contain entirely domestic content. Ultimately, Bates said that if the government knew it had obtained domestic content, it had to delete the data, but if it didn’t know, it could keep it.

When it is not known, and there is no reason to know, that a piece of information was acquired through electronic surveillance that was not authorized by the Court’s prior orders, the information is not subject to the criminal prohibition in Section 1809(a)(2). Of course, government officials may not avoid the strictures of Section 1809(a)(2) by cultivating a state of deliberate ignorance when reasonable inquiry would likely establish that information was indeed obtained through unauthorized electronic surveillance.

[snip]

In light of the government’s assertions of need, and in heavy reliance on the assurances of the responsible officials, the Court is prepared — albeit reluctantly — to grant the government’s request with respect to information that is not subject to Section 18099a)(2)’s prohibition. Hence, the government may access, use, and disseminate such information subject to the restrictions and procedures described above that will apply to future collection.

From that point forward, it was a precedent in the FISC that the government could obtain entirely domestic communications, provided that they didn’t know they were collecting it. But they couldn’t cultivate deliberate ignorance of what they were doing. (They still violated the precedent, but quickly destroyed all the data before they got caught in 2011.)

If the NSA knows they’re intentionally collecting entirely domestic communications, it is illegal. If the NSA doesn’t know they’re intentionally collecting entirely domestic collections, it’s not illegal.

You can see how, even with Bates’ stern warning not to deliberately cultivate ignorance, this provided a huge incentive to deliberately cultivate ignorance.

Of course, Dan Coats performed just that deliberate ignorance the other day, when Wyden made it clear Coats had signed the reauthorization certification for 702 even though the accompanying memo made it clear that the NSA would still be collection entirely domestic communications. Coats claimed they wouldn’t collect Americans’ communications even in spite of the fact that the memo accompanying his certification said it would do just that.

This is a concept the privacy community really needs to learn, quickly. Because Ron Wyden is laying all the ground work to make it clear that this is about deliberate ignorance, of just the sort that Bates said was improper, not actually a concern about resources.

I CON THE RECORD TRANSPARENCY BINGO (1): ONLY ONE POSITIVE HIT ON A CRIMINAL SEARCH

As we speak, a bunch of privacy experts are on Twitter trying to make sense of I Con the Record’s transparency report, which is a testament to the fact that the Transparency Report obfuscates as much as makes transparent (and the degree to which you need to have read a great deal of other public reports to understand these things).

So I’m going to deal with the obvious errors I’m seeing made as I see them, then will do a more comprehensive working thread.

The first confusion I’m seeing pertains to this factoid showing how many US person queries designed to return criminal information returned a positive hit.

First, it is not the case that this number, 1, means the FBI affirmatively searched a dedicated FISA 702 database for criminal data and only found data once. The FISA 702 data, the traditional FISA data, and other data are all mixed in together. What this means is when the FBI searched databases including that FISA 702 data and other stuff looking for information on a criminal case, on just one occasion did they get a positive hit showing evidence of a non- national security crime that landed in the database via Section 702 and no other authority (some amount of this information will come into the database via multiple authorities), then obtain that information (whether via their own 702 clearance or by asking a buddy cleared into 702), and review it.

So right off the bat, there are some things this number doesn’t include: positive hits on criminal queries that a person receives but doesn’t receive and review. One reason they might get a positive hit they don’t review is if a non-cleared person doesn’t go through the effort to get a FISA-cleared person to access it. But as I pointed out when the opinion ordering this count got released, there are other possibilities.

FBI’s querying system can be set such that, even if someone has access to 702 data, they can run a query that will flag a hit in 702 data but won’t actually show the data underlying that positive return. This provides one way for 702-cleared people to learn that such information is in such a collection and — if they want the data without having to report it — may be able to obtain it another way. It is distinctly possible that once NSA shares EO 12333 data directly with FBI, for example, the same data will be redundantly available from that in such a way that would not need to be reported to FISC. (NSA used this arbitrage method after the 2009 problems with PATRIOT-authorized database collections.)

Furthermore, this will only count a positive hit if the Agent is making an exclusively criminal search. Hogan’s opinion and (we now know from some recently liberated documents) the underlying discussion didn’t deal with the full scope of queries done for assessment reasons in the name of national security, such as profiling various ethnic communities or more generally searching on leads identified via national security mapping. Those queries would count as national security queries, but a big point of doing them would be to find derogatory information, including evidence of criminal behavior, to use to recruit informants.

Finally, consider how the Attorney General Guidelines defines Foreign Intelligence information.

Plus, such reporting depends on the meaning of foreign intelligence information as defined under the Attorney General Guidelines. FOREIGN INTELLIGENCE: information relating to the capabilities, intentions, or activities of foreign governments or elements thereof, foreign organizations or foreign persons, or international terrorists.

It would be relatively easy for FBI to decide that any conversation with a foreign person constituted foreign intelligence, and in so doing count even queries on US persons to identify criminal evidence as foreign intelligence information and therefore exempt from the reporting guidance. Certainly, the kinds of queries that might lead the FBI to profile St. Paul’s Somali community could be considered a measure of Somali activities in that community. Similarly, FBI might claim the search for informants who know those in a mosque with close ties overseas could be treated as the pursuit of information on foreign activities in US mosques.

As I understand it, the reporting to Congress on this has been a bit more circumspect than members might have liked. That means the other details FISC judge Thomas Hogan required about this one positive hit — what query resulted in a positive hit, what kind of investigative action it led to, and why FBI believes it to fall under minimization procedures — aren’t as sexy as this number, 1.

Prior to this positive hit, the FBI had always assured oversight authorities that the possibility that Section 702 data would result in criminal information was “theoretical.”

Even as a factoid of limited meaning, it does mean the possibility is no longer theoretical. WHEN A WHITE REPUBLICAN GETS SPIED ON, PRIVACY SUDDENLY MATTERS

As expected, much of today’s hearing on the Russian hack consisted of members of Congress — from both parties — posturing for the camera.

At first, it seemed that the Republican line of posturing — complaining about the leak that exposed Mike Flynn’s conversations with Ambassador Sergey Kislyak — tracked Donald Trump’s preferred approach, to turn this into a witch hunt for the leakers.

But it was actually more subtle than that. It appears Republicans believe the leaks about Flynn have (finally) made Congress skittish about incidental collection of US person communications as part of FISA collection. And so both Tom Rooney and Trey Gowdy spent much of their early hearing slots discussing how much more difficult the leak of Flynn’s name will make Section 702 reauthorization later this year. In the process, they should have created new fears about how painfully ignorant the people supposedly overseeing FISA are.

Rooney, who heads the subcommittee with oversight over NSA, started by quizzing Mike Rogers about the process by which a masked US person identity can be disclosed. Along the way, it became clear Rooney was talking about Section 702 reauthorization even while he was talking traditional FISA collection, which doesn’t lapse this year.

Rooney: If what we’re talking about is a serious crime, as has been alleged, in your opinion would leaking of a US person who has been unmasked and disseminated by intelligence community officials, would that leaking hurt or help our ability to conduct national security.

Rogers: Hurt.

Rooney: Ok, if it hurts, this leak, which through the 702 tool, which we all agree is vital–or you and I at least agree to that–do you think that that leak actually threatens our national security. If it’s a crime, and if it unmasks a US person, and this tool is so important it could potentially jeopardize this tool when we have to try to reauthorize it in a few months, if this is used against our ability to reauthorize this tool, and we can’t get it done because whoever did this leak, or these nine people that did this leak, create such a stir, whether it be in our legislative process or whatever, that they don’t feel confident a US person, under the 702 program, can be masked, successfully, and not leaked to the press, doesn’t that hurt–that leak–hurt our national security.

Eventually Admiral Rogers broke in to explain to his congressional overseer very basic facts about surveillance, including that Flynn was not and could not have been surveilled under Section 702.

Rogers: FISA collection on targets in the United States has nothing to do with 702, I just want to make sure we’re not confusing the two things here. 702 is collection overseas against non US persons.

Rooney: Right. And what we’re talking about here is incidentally, if a US person is talking to a foreign person that we’re listening to whether or not that person is unmasked.

Nevertheless, Rooney made it very clear he’s very concerned about how much harder the Flynn leak will make it for people like him to convince colleagues to reauthorize Section 702, which is even more of a privacy concern than traditional FISA.

Rooney: But it’s really going to hurt the people on this committee and you in the intelligence community when we try to retain this tool this year and try to convince some of our colleagues that this is really important for national security when somebody in the intelligence community says, you know what the hell with it, I’m gonna release this person’s name, because I’m gonna get something out of it. We’re all gonna be hurt by that. If we can’t reauthorize this tool. Do you agree with that?

A little later, Trey Gowdy got his second chance to complain about the leak. Referencing Rogers’ earlier explanation that only 20 people at NSA can unmask a US person identity, Gowdy tried to figure out how many at FBI could, arguing (this is stunning idiocy here) that by finding a finite number of FBI officials who could unmask US person identities might help assuage concerns about potential leaks of US persons caught in FISA surveillance.

Comey: I don’t know for sure as I sit here. Surely more, given the nature of the FBI’s work. We come into contact with US persons a whole lot more than the NSA does because we may be conducting — we only conduct our operations in the United States to collect electronic surveillance. I can find out the exact number. I don’t know it as I sit here.

Gowdy: I think Director Comey given the fact that you and I agree that this is critical, vital, indispensable. A similar program is coming up for reauthorization this fall with a pretty strong head wind right now, it would be nice to know the universe of people who have the power to unmask a US citizen’s name. Cause that might provide something of a road map to investigate who might have actually disseminated a masked US citizen’s name.

Here’s why this line of questioning from Gowdy is unbelievably idiotic. Both for traditional FISA, like the intercept targeting Kislyak that caught Flynn, and for Section 702, masking and unmasking identities at FBI is not the concern. That’s because the content from both authorities rests in FBI’s databases, and anyone cleared for FISA can access the raw data. And those FBI Agents not cleared for FISA can and are encouraged just to ask a buddy who is cleared to do it.

In other words, every Agent at FBI has relatively easy way to access the content on Flynn, so long as she can invent a foreign intelligence or criminal purpose reason to do so.

Which is probably why Comey tried to pitch something he called “culture” as adequate protection, rather than the very large number of FBI Agents who are cleared into FISA.

Comey: The number is … relevant. What I hope the US–the American people will realize is the number’s important but the culture behind it is in fact more important. The training, the rigor, the discipline. We are obsessive about FISA in the FBI for reasons I hope make sense to this committee. But we are, everything that’s FISA has to be labeled in such a way to warn people this is FISA, we treat this in a special way. So we can get you the number but I want to assure you the culture in the FBI and the NSA around how we treat US person information is obsessive, and I mean that in a good way.

So then Gowdy asks Comey something he really has a responsibility to know: what other agencies have Standard Minimization Procedures. (The answer, at least as the public record stands, is NSA, CIA, FBI, and NCTC have standard minimization procedures, with Main Justice using FBI’s SMPs.)

Gowdy: Director Comey I am not arguing with you and I agree the culture is important, but if there are 100 people who have the ability to unmask and the knowledge of a previously masked name, then that’s 100 different potential sources of investigation. And the smaller the number is, the easier your investigation is. So the number is relevant. I can see the culture is relevant. NSA, FBI, what other US government agencies have the authority to unmask a US citizen’s name?

Comey: Well I think all agencies that collect information pursuant to FISA have what are called standard minimization procedures which are approved by the FISA court that govern how they will treat US person information. So I know the NSA does, I know the CIA does, obviously the FBI does, I don’t know for sure beyond that.

Gowdy: How about Main Justice?

Comey: Main Justice I think does have standard minimization procedures.

Gowdy: Alright, so that’s four. NSA, FBI, CIA, Main Justice. Does the White House has the authority to unmask a US citizen’s name?

Comey: I think other elements of the government that are consumers of our can ask the collectors to unmask. The unmasking resides with those who collected the information. And so if Mike Rogers’ folks collected something, and they send it to me in a report and it says it’s US person #1 and it’s important for the FBI to know who that is, our request will go back to them. The White House can make similar requests of the FBI or NSA but they don’t on their own collect, so they can’t on their own unmask.

That series of answers didn’t satisfy Gowdy, because from his perspective, if Comey isn’t able to investigate and find a head for the leak of Flynn’s conversation with Kislyak — well, I don’t know what he thinks but he’s sure an investigation, possibly even the prosecution of journalists, is the answer.

Gowdy: I guess what I’m getting at Director Comey, you say it’s vital, you say it’s critical, you say that it’s indispensable, we both know it’s a threat to the reauthorization of 702 later on this fall and oh by the way it’s also a felony punishable by up to 10 years. So how would you begin your investigation, assuming for the sake of argument that a US citizen’s name appeared in the Washington Post and the NY Times unlawfully. Where would you begin that investigation?

This whole series of questions frankly mystifies me. I mean, these two men who ostensibly provide oversight of FISA clearly didn’t understand what the biggest risk to privacy is –back door searches of US person content — which at the FBI doesn’t even require any evidence of wrong- doing. That is the biggest impediment to reauthorizing FISA.

And testimony about the intricacies of unmasking a US person identity — particularly when a discussion of traditional FISA serves as stand- in for Section 702 — does nothing more than expose that the men who supposedly oversee FISA closely have no fucking clue — and I mean really, not a single fucking clue — how it works. Devin Nunes, too, has already expressed confusion on how access to incidentally collected US person content works.

Does anyone in the House Intelligence Committee understand how FISA works? Bueller?

In retrospect, I’m really puzzled by what is so damning about the Flynn leak to them. I mean, don’t get me wrong, I’m very sympathetic to the complaint that the contents of the intercepts did get leaked. If you’re not, you should be. Imagine how you’d feel if a Muslim kid got branded as a terrorist because he had a non- criminal discussion with someone like Anwar al- Awlaki? (Of course, in actual fact what happened is the Muslim kids who had non-criminal discussions with Awlaki had FBI informants thrown at them until they pressed a button and got busted for terrorism, but whatever.)

But Rooney and Gowdy and maybe even Nunes seemed worried that their colleagues in the House have seen someone like them — not a young Muslim, but instead a conservative white man — caught up in FISA, which has suddenly made them realize that they too have conversations all the time that likely get caught up in FISA?

Or are they worried that the public discussion of FISA will expose them for what they are, utterly negligent overseers, who don’t understand how invasive of privacy FISA currently is? If it’s the latter, their efforts to assuage concerns should only serve to heighten those concerns. These men know so little about FISA they don’t even understand what questions to ask.

In any case, after today’s hearing I am beginning to suspect the IC doesn’t like to have public hearings not because someone like me will learn something, but because we’ll see how painfully little most of the so-called overseers have learned in all the private briefings the IC has given them. If these men don’t understand the full implications of incidental collection, two months after details of Flynn’s conversations have been leaked, then it seems likely they’ve been intentionally mis or underinformed.

Or perhaps they’re just not so bright.

PCLOB: THE ESSENTIAL OVERSIGHT LINK DESIGNED TO BE INADEQUATE

Last year, there were a couple of measures that purported to respond to the problems with the Carter Page FISA application but which would not have helped him at all. In February, House Judiciary Committee rolled out a bill to replace the now-lapsed Section 215 of FISA that included a Privacy and Civil Liberties Oversight Board review of the impact that tradition FISA had on First Amendment Activities.

SEC. 303. REPORT ON USE OF FISA AUTHORITIES REGARDING PROTECTED ACTIVITIES AND PROTECTED CLASSES.

(a) REPORT.—Not later than one year after the date of the enactment of this Act, the Privacy and Civil Liberties Oversight Board shall make publicly available, to the extent practicable, a report on—

(1) the extent to which the activities and protected classes described in subsection (b) are used to support targeting decisions in the use of authorities pursuant to the Foreign Intelligence Surveillance Act of 1978 (50 U.S.C. 1801 et seq.); and

(2) the impact of the use of such authorities on such activities and protected classes.

As I noted at the time, because PCLOB’s mandate is limited to counterterrorism, it would not be able to look at counterintelligence targeting. This is not the first time that PCLOB’s mandate made its work less useful than it could be. Because its Section 702 report was necessarily limited to the counterterrorism uses of the law, PCLOB’s report did not address problems with the cybersecurity and counterproliferation uses of Section 702, both of which have far more unexpected impact on US person’s privacy than the counterterrorism use.

Then, in May, PCLOB’s Chair, Adam Klein, announced PCLOB was going to review traditional FISAs.

Adam I. Klein, the chairman of the privacy board, said that the issues Horowitz surfaced were precisely those that the board was established to examine.

“This is at the heartland of our jurisdiction,” said Klein, a lawyer and prominent researcher of FISA and other national security laws. “The IG found systemic compliance problems. At a minimum, we have a duty to inform ourselves.” I again noted that PCLOB’s mandate would limit the value of such a review, and indeed, would prevent PCLOB from even reviewing the precipitating application, Page’s counterintelligence application.

Last week, Klein released the results of that review, billed and released not as a PCLOB report, but as a Chairperson’s White Paper (Klein has said he’d step down once Joe Biden replaced him). He makes clear,

I provide several observations and recommendations based on this review. These views are provided in my individual capacity as Chairman and should not be attributed to the Board as a whole or to other members of the Board.

Its recommendations are not obviously supported by the described scope of the review. His White Paper generally argues for more efficiency, a recommendation that conflicts with virtually all other conclusions that came out of the Carter Page review (though some of his recommendations to achieve efficiency, such as making the authorization period for non-US person FISA applications one year, make sense). He makes two recommendations (that the Woods file not require repeated documentation for repeated facts and that DOJ distinguish between information known at the time and information learned subsequent to an initial application) that would undercut some of the results of the DOJ IG Report on Carter Page.

Klein’s White Paper does recommend that a summary memo submitted with the application which highlights novel privacy, legal, or technological issues. If the FBI Director or his delegate were required to sign off on that summary as well as the current certification (that doesn’t address the probable cause content of the application in the least), it might provide a level of accountability that (Congress doesn’t yet understand) FISA currently lacks. Other than that, Klein’s White Paper reads as much like a valedictory trying to guide future PCLOB plans as it does a report to improve FISA. Almost two pages of the 26-page report constitutes a recommendation to reauthorize Section 215 of FISA.

But, as predicted, the review did not consider anything remotely pertinent to what happened to Carter Page.

To conduct its review of applications themselves, PCLOB asked for and received the subset of the 29 FISA files that DOJ IG is conducting a review of that pertain to counterterrorism as well as the backup exchange between FBI and DOJ regarding those applications. That included:

19 total applications (out of 29 reviewed by DOJ IG) All counterterrorism targets Most located in United States at time of targeting

These details help us understand the two reports DOJ IG wrote about the full set of 29 files, which I wrote about here. Of the 29, ten must be counterintelligence files like Carter Page’s.

Because PCLOB did not review the counterintelligence applications, it only reviewed one of the two for which DOJ IG found a material error. The second was a CI application that showed a worse error rate than the Carter Page file (which was measured using a different methodology than the Carter Page one).

It also didn’t review any Sensitive Investigative Matters — applications which, like Carter Page’s, involve someone who is a political, journalistic, or religious figure whose targeting should get extra scrutiny. That seems to suggest that DOJ IG did not include any counterterrorism applications targeting SIMs in its review (it would seem SIMs would be more likely to be targeted on the counterintelligence side, but we know of religious and political figures targeted under counterterrorism FISA applications). These would be the applications that pose the greatest privacy and civil liberties concern.

In lieu of that, FBI Office of General Counsel provided PCLOB with,

The number of “sensitive investigative matters” pertaining to U.S. persons in which FBI sought a FISA probable cause order in each year between 2015 and 2019, a summary of each matter (including the type of investigation and the features resulting in its classification as a “sensitive investigative matter”), and whether each request was granted.

That’s presumably how PCLOB learned that there aren’t all that many SIMs targeted under FISA.

[I]nformation received by the Board indicates that relatively few FISA applications are obtained each year in SIMs.

Still, this is the core of what you’d need to review to serve the function of PCLOB. Klein even appears not to have reviewed Page’s significantly declassified public applications, which would have been simple to do, would have provided him something to compare the counterterrorism applications he reviewed with, but which would have been outside the scope of PCLOB’s mandate.

This matters because PCLOB has been reasonably effective. Indeed, in a book published in April in recognition of the 50th Anniversary of the Pentagon Papers, Lisa Monaco (in a contribution submitted before she became Deputy Attorney General) pointed to PCLOB’s contributions after the Snowden releases as an important way forward to balance security and secrecy in the age of mass leaks. Monaco even recommended that PCLOB consult with the Director of National Intelligence prior to the implementation of certain policies. (Director of National Intelligence Avril Haines also contributed a chapter to the book, which was far more intriguing that Monaco’s.)

Another would be to institute a practice of DNI consultation with the PCLOB before the adoption of certain collection programs. The PCLOB served an important function after disclosures precisely because it is charged with considering privacy and civil liberties implications as well as the national security implications of counter- terrorism programs.82 It could be a valuable addition to the consideration and review of some intelligence programs for a standing body with the infrastructure to handle classified information to work with privacy officers in each agency to assess privacy concerns and conduct privacy impact assessments that are reported to the DNI.

But as noted above, even PCLOB’s Section 702 review suffered because it couldn’t look at several of the applications of 702, applications implicated by the Snowden releases.

Last year, I was told that efforts to expand the jurisdiction of PCLOB would be a poison pill to any bill to which they were attached. I can only assume that means the Executive doesn’t want to expose to scrutiny they kinds of practices that were central to the Carter Page application.

But if Lisa Monaco believes PCLOB has a role to play in balancing national security and secrecy, she should ensure its mandate is sufficiently broad to do that job. “TARGET:” A VOCABULARY LESSON FOR ADAM SCHIFF

Most of the people in top DOJ positions under Trump have issued statements claiming they did not know of any subpoena “targeting” Adam Schiff.

Billy Barr told Politico that “while he was Attorney General,” he was not aware of any congressperson’s records, “being sought” “in a leak case.”

Barr said that while he was attorney general, he was “not aware of any congressman’s records being sought in a leak case.” He added that Trump never encouraged him to zero in on the Democratic lawmakers who reportedly became targets of the former president’s push to unmask leakers of classified information.

Trump “was not aware of who we were looking at in any of the cases,” Barr said. “I never discussed the leak cases with Trump. He didn’t really ask me any of the specifics.”

That in no way serves as a denial that he’s aware of the previously collected congressperson’s records being used in an investigation, possibly one not defined as a leak case. Given that the records in question were collected over a year before he became Attorney General, it is, frankly, not a denial in the least.

WaPo includes purported denials from all three potential Attorneys General. In February 2018, Jeff Sessions was attorney general, though a person familiar with the matter said he has told people he did not recall approving a subpoena for lawmakers’ data in a leak case. Sessions was recused from many Russia-related matters, including special counsel Robert S. Mueller III’s investigation of the Kremlin’s interference in the 2016 election. A person close to Rod J. Rosenstein, Sessions’s deputy attorney general, said he, too, has told people he did not recall hearing about the subpoena until news of it broke publicly.

Two other people said William P. Barr — Trump’s second attorney general — also has told people he did not remember being informed of any subpoenas for lawmakers’ data during his time leading the department.

Barr says he does not remember being informed of “subpoenas for lawmakers’ data.” Jeff Sessions, who may have been recused from the investigation in question (though I’m virtually certain the recusal is not as broad as it is being treated), says “he did not recall approving a subpoena for lawmakers’ leak data.” And Rod Rosenstein, the leak hawk who served as Attorney General for Russia related investigations, says “he did not recall hearing about the subpoena” until it was just revealed.

Every single one of these denials is premised on this being a subpoena for Members of Congress. These denials are denials about targeting Members of Congress.

But Apple’s description of what happened makes it virtually certain none of these denials are relevant to the subpoena in question.

On Feb. 6, 2018, Apple received a grand jury subpoena for the names and phone records connected to 109 email addresses and phone numbers. It was one of the more than 250 data requests that the company received on average from U.S. law enforcement each week at the time. An Apple paralegal complied and provided the information.

[snip]

Without knowing it, Apple said, it had handed over the data of congressional staff members, their families and at least two members of Congress, including Representative Adam B. Schiff of California, then the House Intelligence Committee’s top Democrat and now its chairman. It turned out the subpoena was part of a wide-ranging investigation by the Trump administration into leaks of classified information.

Apple was asked for the names and toll records connected with 109 accounts. That means that investigators didn’t know — or could claim not to know — whose records they were collecting, and didn’t discover until they got the subpoena returns that Adam Schiff, Eric Swalwell, and a child with no conceivable access to classified information had been included. Chances are good that none of these people were the target. Chances are good that a staffer was the target — perhaps the one for whose records Microsoft was subpoenaed in 2017. This sounds like a Community of Interest subpoena — something that gets the calling circle of a target. It was a key part of Stellar Wind and the phone dragnet that Adam Schiff championed over and over again, a request that shows (in this case) two hops removed from a target to figure out whom he called and whom those people called.

The danger of using such requests in leak investigations has been known since a 2010 IG Report revealed that a journalist’s records had been collected as part of a community of interest grand jury subpoena. One plausible explanation for what happened in that instance is that the government targeted a known source for Stellar Wind — perhaps Thomas Tamm — knowing full well that one of the journalists on the story had been in contact with him. By getting two hops of records, though, the known contact with the journalist would (and did) return all the journalists’ contacts as well. The journalist in that case wasn’t the “target” but he may as well have been.

Still, as the phone dragnet championed by Adam Schiff reveals, the government never gave up their interest in such two-hop subpoenas.

All of the descriptions of what happened are consistent with this explanation. It would explain why:

Apple didn’t know the identity of the account holders but returned both the identity and the call records in response to the subpoena Apple is now limiting the number of records they’ll return with one subpoena Sessions, Rosenstein, and Barr are all denying knowing that Members of Congress were “targeted”

What it doesn’t explain — though no one has been asked to explain — whether investigators on this case alerted their superiors that they had ended up subpoenaing Adam Schiff’s records, whether or not they [claim they] intended to. Oops, boss, I just subpoenaed the Ranking Member of HPSCI, what do I do now?

In the case of the journalist whose records were seized in a community of interest subpoena in 2006, after it was discovered the FBI sealed the records and they were purged from at least some of the FBI’s investigative databases. That’s what should have happened after a prosecutor discovered they had obtained a Member of Congress’ call records unintentionally: the records should have been sealed.

But by description, that didn’t happen here. Barr never denied having focused on Members of Congress when he resuscitated his investigation in 2020 (nor has he said for sure that it remained a “leak” investigation rather than a “why does this person hate Trump” investigation, like so many others of his investigations. Barr denied telling Trump about it. But he didn’t deny that Members of Congress were investigated in 2020.

That’s why Adam Schiff’s reassurances that Section 702 of FISA doesn’t “target” Americans have always been meaningless. Because once FBI ingests the records, they can go back to those records years later, in an entirely different investigation. And no one has denied such a thing happened here.

Update: Fixed the description of Barr’s denial to WaPo.

INSURANCE FILE: GLENN GREENWALD’S ANGER IS OF MORE USE TO VLADIMIR PUTIN THAN EDWARD SNOWDEN’S FREEDOM

Glenn Greenwald risks making his own anger more valuable to Vladimir Putin than Edward Snowden’s freedom. When WikiLeaks helped Snowden flee Hong Kong eight years ago, both WikiLeaks and Snowden had the explicit goal of using Snowden’s successful flight from prosecution to entice more leakers.

In his book, Snowden described that Sarah Harrison and Julian Assange’s goal in helping him flee Hong Kong was to provide a counterexample to the draconian sentence of Chelsea Manning.

People have long ascribed selfish motives to Assange’s desire to give me aid, but I believe he was genuinely invested in one thing above all—helping me evade capture. That doing so involved tweaking the US government was just a bonus for him, an ancillary benefit, not the goal. It’s true that Assange can be self-interested and vain, moody, and even bullying—after a sharp disagreement just a month after our first, text-based conversation, I never communicated with him again—but he also sincerely conceives of himself as a fighter in a historic battle for the public’s right to know, a battle he will do anything to win. It’s for this reason that I regard it as too reductive to interpret his assistance as merely an instance of scheming or self-promotion. More important to him, I believe, was the opportunity to establish a counterexample to the case of the organization’s most famous source, US Army Private Chelsea Manning, whose thirty-five-year prison sentence was historically unprecedented and a monstrous deterrent to whistleblowers everywhere. Though I never was, and never would be, a source for Assange, my situation gave him a chance to right a wrong. There was nothing he could have done to save Manning, but he seemed, through Sarah, determined to do everything he could to save me. That said, I was initially wary of Sarah’s involvement. But Laura told me that she was serious, competent, and, most important, independent: one of the few at WikiLeaks who dared to openly disagree with Assange. Despite my caution, I was in a difficult position, and as Hemingway once wrote, the way to make people trustworthy is to trust them.

[snip]

It was only once we’d entered Chinese airspace that I realized I wouldn’t be able to get any rest until I asked Sarah this question explicitly: “Why are you helping me?”

She flattened out her voice, as if trying to tamp down her passions, and told me that she wanted me to have a better outcome. She never said better than what outcome or whose, and I could only take that answer as a sign of her discretion and respect.

It’s not just Snowden’s impression, though, that WikiLeaks intended to make an example of him. The superseding indictment against Assange cites several times when Assange invoked WikiLeaks’ role in Snowden’s successful escape to encourage others (including CIA Systems Administrators like Joshua Schulte, who had a ticket to Mexico when the FBI first interviewed him and seized his passports) to go do what Snowden did. British Judge Vanessa Baraitser even included one of those speeches in paragraphs distinguishing what Assange is accused of from legal journalism. And as early as 2017, public reporting said that WikiLeaks’ assistance to Snowden was what changed how DOJ understood WikiLeaks and why it began to consider prosecuting Assange. It wasn’t Trump that led DOJ to stop treating Assange as a journalist, it was Snowden.

According to Snowden’s own words, he shared WikiLeaks’ goal of setting an example to inspire others. In an email that Snowden must have sent Bart Gellman weeks before the exchange between him and Harrison above, Snowden described steps he took to give other leakers (this may be Gellman’s paraphrase), “hope for a happy ending.”

In the Saturday night email, Snowden spelled it out. He had chosen to risk his freedom, he wrote, but he was not resigned to life in prison or worse. He preferred to set an example for “an entire class of potential whistleblowers” who might follow his lead. Ordinary citizens would not take impossible risks. They had to have some hope for a happy ending.

To effect this, I intend to apply for asylum (preferably somewhere with strong internet and press freedoms, e.g. Iceland, though the strength of the reaction will determine how choosy I can be). Given how tightly the U.S. surveils diplomatic outposts (I should know, I used to work in our U.N. spying shop), I cannot risk this until you have already gone to press, as it would immediately tip our hand. It would also be futile without proof of my claims—they’d have me committed—and I have no desire to provide raw source material to a foreign government. Post publication, the source document and cryptographic signature will allow me to immediately substantiate both the truth of my claim and the danger I am in without having to give anything up. . . . Give me the bottom line: when do you expect to go to print?

Citizenfour also quotes Snowden describing how he hoped that proof that his “methods work[]” would encourage others to leak.

If all ends well, perhaps the demonstration that our methods worked will embolden more to come forward.

Snowden’s “methods” don’t work — they certainly haven’t for Daniel Hale, Reality Winner, or Joshua Schulte. But for each, Snowden played at least some role (there is ambiguity about how Schulte really felt about Snowden) in inspiring them to ruin their lives with magical thinking and inadequate operational security.

One of Snowden’s “methods” appears to entail quitting an existing job and then picking another at an Intelligence Community contractor with the intent of obtaining documents to leak. Snowden did this at Booz Allen Hamilton, and his book at least suggests the possibility he did that with his earlier job in Hawaii.

The government justified the draconian sentence that it had negotiated with Winner’s lawyers, in part, by claiming that she premeditated her leak.

Around the same time the defendant took a job with Pluribus requiring a security clearance in February 2017, she was expressing contempt for the United States, mocking compromises of our national security, and making preparations to leak intelligence information

Along with evidence Winner researched The Intercept’s SecureDrop before starting at her new job, the government supported this claim by pointing to three references Winner made to Snowden as or shortly after she started at Pluribus, including texts in which Winner told her sister she was on Assange and Snowden’s side the day the Vault 7 leak was revealed. That was still two months before she took the files she would send to The Intercept. Had Hale gone to trial, the government would have shown that Hale discussed serving as a source for Jeremy Scahill by May 30, 2013, the day before he left NSA, and discussed Snowden — and hanging out with the journalists reporting on him — the day Snowden came forward on June 9. Then, on July 25, Hale sent Scahill a resume showing he was looking for counterterrorism or counterintelligence jobs. In December, Hale started the the job at Leidos where he would print out the files he sent to The Intercept.

You can think these leaks were valuable and ethical without thinking it a good idea to leave a months-long trail of evidence showing premeditation on unencrypted texts and social media.

Similarly, one of Snowden’s “methods” was to claim he had expressed concerns internally, but was ignored, a wannabe whistleblower stymied by America’s admittedly failed support for whistleblowers, especially those at contractors.

In the weeks before Snowden left NSA, he made a stink about some legal issues and NSA’s training programs (about how FISA Section 702 interacted with EO 12333) that he subsequently pointed to as his basis for claiming to be a whistleblower. The complaint was legit, and one NSA department actually did take notice, but it was not a formal complaint; indeed, it was more a complaint about US law. But his complaint had nothing to do with the vast majority of the documents that have been published based off his files, to say nothing of the far greater set of documents he took. And he made the complaint long after having prepared for months to steal vast amounts of files.

Similarly, Joshua Schulte wrote two emails documenting purported concerns about CIA security, one to a colleague less than a month before he left, which he didn’t send, and then, on his final day, one to CIA’s Inspector General that he falsely claimed was unclassified, a copy of which he was seen taking with him when he packed up. In the first search warrant for Schulte’s house obtained on March 13, 2017, less than a week after the initial Vault 7 release, the FBI had already found those emails and deemed Schulte’s treatment of them as suspect. And when they found a copy of the classified letter to the IG stashed in his headboard, it gave them cause to seize Schulte’s passports on threat of arrest. Snowden’s “methods” didn’t deliver Schulte a “happy ending;” they made Schulte’s apprehension easier.

To the extent Schulte could be shown to be following Snowden’s “methods” (again, that question was not resolved at his first trial) it would be a fairly damning indictment of those methods, since this effort to create a paper trail as a whistleblower was such an obvious attempt to retroactively invent cover for leaks for which there was abundant evidence Schulte’s motivation was spite and revenge. Maybe that’s why someone close to Assange explicitly asked me to stop covering Schulte’s case.

Had Daniel Hale gone to trial, the government undoubtedly would have used the exhibits showing that Hale had never made any whistleblower claims in any of the series of government jobs where he had clearance as a way to push back on his claim of being a whistleblower, though Hale was outspoken about his criticisms of the drone program before he took most of the files he shared with The Intercept. Indeed, given the success of Hale’s earlier anti-drone activism, his case raises real questions about whether leaking was more effective than Hale’s frank, overt witness to the problems of the drone program. Worse still, Snowden’s boasts about his “methods” appear to have made prosecutions more likely. An early, mostly-sealed filing in Hale’s case, reveals that the government set out to investigate whether Hale was The Intercept’s source because they were trying to figure out whom Snowden had “inspired” to leak.

Specifically, the FBI repeatedly characterized its investigation in this case as an attempt to identify leakers who had been “inspired” by a specific individual – one whose activity was designed to criticize the government by shedding light on perceived illegalities on the part of the Intelligence Community.

That explains why the government required Hale to allocute to being the author of an essay in a collection of Hale’s leaked documents involving Snowden: by doing so, they obtained sworn proof that Hale is the person Snowden and Glenn Greenwald were discussing, while the two were sitting in Moscow, in the closing sequence of Citizenfour. In the scene, Glenn flamboyantly wrote for Snowden how this new leaker and The Intercept’s journalist were communicating, what appears to be J-A-B-B-E-R. That stunt for the camera would have tipped the government off, in cinema release just two months after they had raided Hale’s home, to look for and reconstruct Hale’s Jabber communications with Jeremy Scahill, which they partly succeeded in doing.

Rather than being means to a “happy ending,” then, prosecutors have found Snowden’s “methods” useful to pursuing increasingly draconian prosecutions of people inspired by him.

And now, after Snowden and Greenwald failed to persuade Trump to pardon Snowden, Assange — and in a secondary effort — The Intercept’s sources (perhaps, like Assange, they find the association with Schulte counterproductive, because they didn’t even try to get him pardoned, even though Trump himself almost bolloxed that prosecution), Snowden is left demanding pardons on Twitter for the people he set out to convince leaking could have a “happy ending.”

By associating these leaks with someone being protected by Russia so that — in Snowden’s own words — he could encourage more leaks, Snowden only puts a target on these people’s back, making a justifiable commutation of Winner’s sentence less likely (Winner is due to get out on November 23, two days before the most likely time for Joe Biden to even consider commuting her sentence).

I’m grateful for Snowden’s sacrifices to release the NSA files, but his efforts to lead others to believe that leaking would be easy was bound to, and has, ended badly.

If Vladimir Putin agreed to protect Snowden in hopes that he would inspire more leakers to release files that help Russia evade US spying (as Schulte’s leak did, at a time when the US was trying to understand the full scope of what Russia had done in 2016), the US prosecutorial focus on Snowden-related leakers undermines his value to Putin, probably by design. As that happens, Snowden might reach the moment that observers of his case have long been dreading, the moment when Putin’s utilitarian protection of Snowden will give way to some other equally utilitarian goal.

This is all happening as Putin adjusts to dealing with Joe Biden rather than someone he could manipulate by (at the very least) feeding his narcissism, Donald Trump. It is happening in the wake of new sanctions on Russia, in response to which Putin put US Ambassador John Sullivan on a plane to deliver some message, in person, to Biden. It is happening as Biden’s response to the Colonial Pipeline attack, in which ransomware criminals harbored by Putin shut down US critical infrastructure for fun and profit, includes noting that he and Putin will meet in person soon, followed by the unexplained disabling of the perpetrators in the wake of the attack.

Meanwhile, even as Snowden is of less and less use to Putin, Glenn Greenwald’s utility continues to grow. Snowden, for example, continues to speak out about topics inconvenient to Putin, like privacy. The presence in Russia of someone like Snowden with his own platform and international credibility may become increasingly risky for Putin given the success of protests around Alexei Navalny.

Greenwald, by contrast, seems to have dropped all interest in surveillance and has instead turned many of his grievances — even his complaint that former NSA lawyer Susan Hennessey will get a job in DOJ’s National Security Division, against whom one can make a strong case on privacy grounds — into a defense of Russia. Greenwald spends most of his time arguing that a caricature that he labels “liberals” and another caricature that he labels “the [American] Deep State,” followed closely by another caricature he calls “the [non-right wing propaganda] Media,” are the most malignant forces in American life. In his rush to attack “liberals,” “the Deep State,” and “the Media,” Greenwald has coddled the political forces that Putin has found useful, including outright racists and other right wing extremists. By the end of the Trump presidency, Greenwald was excusing virtually everything Trump did, up to and including his attempted coup based on the utter denigration of democratic processes. In short, Greenwald has become a loud and important voice in support of the illiberalism Putin favors, to say nothing of Greenwald’s use of a rhetoric unbound by facts. That Greenwald spends most of his days deliberately inciting Twitter mobs is just an added benefit, to those who want to weaken America, to Greenwald’s defense of fascists.

Most of us who used to know Greenwald attribute his Russian denialism and his apologies for Trump at least partly to his desire to free Snowden from exile. Yet Greenwald’s tantrums, because of their value to Putin, may have the opposite effect.

Stoking Greenwald’s irrational furor over what he calls “liberals” and “the Deep State” and “the Media” would actually be a huge incentive for Putin to deal Snowden to the US, in maximally symbolic fashion. There is nothing that could light up Greenwald’s fury like Putin bringing Snowden to a summit with Biden, wrapped up like a present, to send back on Air Force One. (That’s an exaggerated scenario, but you get my point.)

Plus, if Putin played it right, such a ceremonial delivery of Snowden might just achieve the completion of the Snowden operation, the public release of all of the files Snowden stole, not just those that one or another journalist found to have news value.

The Intelligence Community has, over the years, said a bunch of things about Snowden that were outright bullshit or, at least, for which they did not yet have evidence. But one true thing they’ve said is that Snowden took a great many files that had no imaginable privacy value. Even from a brief period working in the full archive aiming to answer three very discrete questions about FISA, I believe that to be true. While some (including Assange) pressured Snowden and others to release all these files, Snowden instead ensured that journalists would serve a vetting role, and after some initial fumbling, The Intercept did a laudable job of keeping those files safe. So up to now, the fact that Snowden took far more files than any privacy concern — even privacy concerns divorced from all question of nationality — could justify may not have mattered.

But as far as I know there are still full copies out there and Russia would love to spin up Glenn Greenwald’s fury so much he would attempt to burn down his caricature of “The Deep State” in retaliation — much like Schulte succeeded in badly damaging the CIA — by releasing his set.

I believe Russia has been trying to do this since at least 2016.

To be very clear, I’m not claiming that Greenwald is taking money from or is any way controlled by Russia. I am very much not claiming that, in part because it wouldn’t be necessary. Why pay Greenwald for what you can get him to do for free?

And while I assume Greenwald would respect Snowden’s stated wishes and protect the files, like Trump, Greenwald’s narcissism and resentment are very, very easy buttons to push. Greenwald has been heading in this direction without pushing. It would be child’s play to have people friendly to Russia’s illiberal goals (people like Steve Bannon or Tucker Carlson) exacerbate Greenwald’s anger at “the Deep State” to turn it into the frenzy it has become.

Meanwhile, custody of Edward Snowden would be a very enticing dangle for Putin to offer Biden as a way to reset Russia’s relationship with the US. One cannot negotiate with Putin, one can only adjust the points of leverage over each other and hope to come to some stable place, and Snowden has always been at risk of becoming a bargaining chip in such a relationship. By turning Snowden over to the US to be martyred in a high profile trial, Putin might wring the last bit of value out of Snowden. All the better, from Putin’s standpoint, if Greenwald were to respond by releasing the full Snowden set.

For the past four years, Greenwald seems to have believed that if he sucked up to Putin and Trump, he’d win Snowden’s freedom, as if either man would ever deal in good faith. Instead, I think, that process has had the effect of making Greenwald more useful to Russia than Snowden is anymore. And at this point, Greenwald seems to have lost sight of the likelihood that his belligerent rants may well make Snowden less safe, not more.

Update: According to the government sentencing memo for Hale, they didn’t write up the statement of offense, Hale did.

Hale pled guilty without any plea agreement, and submitted his own Statement of Facts. Def.’s Statement of Facts, Dkt. 197 (“SOF”).

FORMER PRESIDING FISA JUDGE JOHN BATES’ CURIOUS TREATMENT OF WHITE PERSON TERRORISM

By chance of logistics, the men and women who have presided over a two decade war on Islamic terrorism are now presiding over the trials of those charged in January 6.

To deal with the flood of defendants, the Senior Judges in the DC District have agreed to pick up some cases. And because FISA mandates that at least three of the eleven FISA judges presiding at any given time come from the DC area, and because the presiding judge has traditionally been from among those three, it means a disproportionate number of DC’s Senior Judges have served on the FISA Court, often on terms as presiding judge or at the very least ruling over programmatic decisions that have subjected millions of Americans to collection in the name of the war on terror. Between those and several other still-active DC judges, over 60 January 6 cases will be adjudicated by a current or former FISA judge.

Current and former FISA judges have taken a range of cases with a range of complexity and notoriety:

Royce Lamberth served as FISC’s presiding judge from 1995 until 2002 and failed in his effort to limit the effect of the elimination of the wall between intelligence and criminal collection passed in the PATRIOT Act. And during a stint as DC’s Chief Judge he dealt with the aftermath of the Boumediene decision and fought to make the hard won detention reviews won by Gitmo detainees more than a rubber stamp. Lamberth is presiding over 10 cases with 14 defendants. A number of those are high profile cases, like that of Jacob Chansley (the Q Shaman), Zip Tie Guy Eric Munchel and his mother, bullhorn lady and mask refusenikRachel Powell, and Proud Boy assault defendant Christopher Worrell. Colleen Kollar-Kotelly is still an active DC District judge, but she served as FISC presiding judge starting way back in 2002, inheriting the difficulties created by Stellar Wind from Lamberth. She’s the one who redefined “relevant to” in an effort to bring the Internet dragnet back under court review. She is presiding over ten January 6 cases with 12 defendants. That includesLonnie Coffman, who showed up to the insurrection with a truck full of Molotov cocktails, as well as some other assault cases. John Bates took over as presiding judge of FISC on May 19, 2009. In 2010, he redefined “metadata” so as to permit the government to continue to use the Internet dragnet; the government ultimately failed to make that program work but FISC has retained that twisted definition of “metadata” nevertheless. In 2011, he authorized the use of “back door searches” on content collected under FISA’s Section 702. In 2013, Bates appears to have ruled that for Islamic terrorists, the FBI can get around restrictions prohibiting surveillance solely for First Amendment reasons by pointing to the conduct of an American citizen suspect’s associates, rather than his or her own. And while not a FISA case, Bates also dismissed Anwar al- Awlaki’s effort to require the government to give him some due process before executing him by drone strike; at the time, the government had presented no public evidence that Awlaki had done more than incite violence. Bates has eight January 6 cases with nine defendants (as well as some unrelated cases), but he is presiding over several high profile ones, including the other Zip Tie Guy, Larry Brock, the scion of a right wing activist family, Leo Bozell IV, and former State Department official Freddie Klein. Reggie Walton, who took over as presiding judge in 2013 but who, even before that, oversaw key programmatic decisions starting in 2008, showed a willingness both on FISC and overseeing the Scooter Libby trial to stand up to the Executive. That includes his extended effort to clean up the phone and Internet dragnet after Bush left in 2009, during which he even shut down part or all of the two dragnets temporarily. Walton is presiding over six cases with eight defendants, most for MAGA tourism. Thomas Hogan was DC District’s head judge in the 2000s. In that role, he presided over the initial Gitmo detainees’ challenges to their detention (though many of the key precedential decisions on those cases were made by other judges who have since retired). Hogan then joined FISC and ultimately took over the presiding role in 2014 and in that role, affirmatively authorized the use of Section 702 back door searches for FBI assessments. Hogan is presiding over 13 cases with 18 defendants, a number of cases involving multiple defendants (including another set of mother-son defendants, the Sandovals). The most important is the case against alleged Brian Sicknick assailants, Julian Khater and George Tanios. James Boasberg, who took over the presiding position on FISC on January 1, 2020 but had started making initial efforts to rein in back door searches even before that, is presiding over about eight cases with ten defendants, the most interesting of which is the case of Aaron Mostofsky, who is himself the son of a judge. Rudolph Contreras, who like Kollar-Kotelly and Boasberg is not a senior judge, is currently a FISC judge. He has six January 6 cases with seven defendants, most MAGA tourists accused of trespassing. There’s a decent chance he’ll take over as presiding judge when Boasberg’s term on FISC expires next month.

Of the most important FISA judges since 9/11, then, just Rosemary Collyer is not presiding over any January 6 cases.

Mind you, it’s not a bad thing that FISA judges will preside over January 6 cases. These are highly experienced judges with a long established history of presiding over other cases, ranging the gamut and including other politically charged high profile cases, as DC District judges do.

That said, in their role as FISA judges — particularly when reviewing programmatic applications — most of these judges have been placed in a fairly unique role on two fronts. First, most of these judges have been forced to weigh fairly dramatic legal questions, in secret, in a context in which the Executive Branch routinely threatens to move entire programs under EO 12333, thereby shielding those programs from any oversight by a judge. These judges responded to such situations with a range of deference, with Royce Lamberth and Reggie Walton raising real stinks and — the latter case — hand-holding on oversight over the course of most of a year, to John Bates and to a lesser degree Thomas Hogan, who often complained at length about abuses before expanding the same programs being abused. Several — perhaps most notably Kollar-Kotelly when she was asked to bring parts of Stellar Wind under FISA — have likewise had to fight to affirm the authority of the entire Article III branch, all in secret.

Ruling on these programmatic FISA applications also involved hearing expansive government claims about the threat of terrorism, the difficulty and necessity of identifying potential terrorists before they attack, and the efficacy of the secret programs devised to do that (the judges who also presided over Gitmo challenges, which includes several on this list, also fielded similar secret claims about the risk of terrorism). Some of those claims — most notably, about the efficacy of the Section 215 phone dragnet — were wildly overblown. In other words, to a degree unmatched by most other judges, these men and women were asked to balance the rights of Americans against secret government claims about the risks of terrorism.

Now these same judges are part of a group being asked to weigh similar questions, but about a huge number of predominantly white, sometimes extremist Christian, defendants, but to do so in public, with defense attorneys challenging their every decision. Here, the balance between extremist affiliation and First Amendment rights will play out in public, but against the background of a two decade war on terror where similar affiliation was criminalized, often in secret.

Generally, the District judges in these cases have not done much on the cases yet, as either Magistrates (on initial pre-indictment appearances) or Chief Judge Beryl Howell (on initial detention disputes) have handled some of the more controversial issues, and in a few cases, Ketanji Brown Jackson presided over arraignments before she started handing off cases in anticipation of her Circuit confirmation process.

But several of the judges have written key opinions on detention, opinions that embody how differently the conduct of January 6 defendants looks to different people.

Lamberth, for example, authored the original detention order for “Zip Tie Guy” Eric Munchel and his mom, Lisa Eisenhart. Even while admitting that Munchel made efforts to limit any vandalization during the riot, Lamberth nevertheless deemed Munchel’s actions a threat to our constitutional government.

The grand jury charged Munchel with grave offenses. In charging Munchel with “forcibly enter[ing] and remain[ing] in the Capitol to stop, delay, and hinder Congress’s certification of the Electoral College vote,” Indictment 1, ECF No. 21, the grand jury alleged that Munchel used force to subvert a democratic election and arrest the peaceful transfer of power. Such conduct threatens the republic itself. See George Washington, Farewell Address (Sept. 19, 1796) (“The very idea of the power and the right of the people to establish government presupposes the duty of every individual to obey the established government. All obstructions to the execution of the laws, all combinations and associations, under whatever plausible character, with the real design to direct, control, counteract, or awe the regular deliberation and action of the constituted authorities, are destructive of this fundamental principle, and of fatal tendency.”). Indeed, few offenses are more threatening to our way of life.

Munchel ‘s alleged conduct demonstrates a flagrant disregard for the rule of law. Munchel is alleged to have taken part in a mob, which displaced the elected legislature in an effort to subvert our constitutional government and the will of more than 81 million voters. Munchel’ s alleged conduct indicates that he is willing to use force to promote his political ends. Such conduct poses a clear risk to the community.

Defense counsel’s portrayal of the alleged offenses as mere trespassing or civil disobedience is both unpersuasive and detached from reality. First, Munchel’s alleged conduct carried great potential for violence. Munchel went into the Capitol armed with a taser. He carried plastic handcuffs. He threatened to “break” anyone who vandalized the Capitol.3 These were not peaceful acts. Second, Munchel ‘s alleged conduct occurred while Congress was finalizing the results of a Presidential election. Storming the Capitol to disrupt the counting of electoral votes is not the akin to a peaceful sit-in.

For those reasons, the nature and circumstances of the charged offenses strongly support a finding that no conditions of release would protect the community.

[snip]

Munchel gleefully entered the Capitol in the midst of a riot. He did so, the grand jury alleges, to stop or delay the peaceful transfer of power. And he did so carrying a dangerous weapon. Munchel took these actions in front of hundreds of police officers, indicating that he cannot be deterred easily.

Moreover, after the riots, Munchel indicated that he was willing to undertake such actions again. He compared himself-and the other insurrectionists-to the revolutionaries of 1776, indicating that he believes that violent revolt is appropriate. See Pullman, supra. And he said “[t]he point of getting inside the building is to show them that we can, and we will.” Id. That statement, particularly its final clause, connotes a willingness to engage in such behavior again.

By word and deed, Munchel has supported the violent overthrow of the United States government. He poses a clear danger to our republic.

This is the opinion that the DC Circuit remanded, finding that Lamberth had not sufficiently considered whether Munchel and his mother would pose a grave future threat absent the specific circumstances present on January 6. They contrasted the mother and son with those who engaged in violence or planned in advance.

[W]e conclude that the District Court did not demonstrate that it adequately considered, in light of all the record evidence, whether Munchel and Eisenhart present an identified and articulable threat to the community. Accordingly, we remand for further factfinding. Cf. Nwokoro, 651 F.3d at 111–12.

[snip]

Here, the District Court did not adequately demonstrate that it considered whether Munchel and Eisenhart posed an articulable threat to the community in view of their conduct on January 6, and the particular circumstances of January 6. The District Court based its dangerousness determination on a finding that “Munchel’s alleged conduct indicates that he is willing to use force to promote his political ends,” and that “[s]uch conduct poses a clear risk to the community.” Munchel, 2021 WL 620236, at *6. In making this determination, however, the Court did not explain how it reached that conclusion notwithstanding the countervailing finding that “the record contains no evidence indicating that, while inside the Capitol, Munchel or Eisenhart vandalized any property or physically harmed any person,” id. at *3, and the absence of any record evidence that either Munchel or Eisenhart committed any violence on January 6. That Munchel and Eisenhart assaulted no one on January 6; that they did not enter the Capitol by force; and that they vandalized no property are all factors that weigh against a finding that either pose a threat of “using force to promote [their] political ends,” and that the District Court should consider on remand. If, in light of the lack of evidence that Munchel or Eisenhart committed violence on January 6, the District Court finds that they do not in fact pose a threat of committing violence in the future, the District Court should consider this finding in making its dangerousness determination. In our view, those who actually assaulted police officers and broke through windows, doors, and barricades, and those who aided, conspired with, planned, or coordinated such actions, are in a different category of dangerousness than those who cheered on the violence or entered the Capitol after others cleared the way. See Simpkins, 826 F.2d at 96 (“[W]here the future misconduct that is anticipated concerns violent criminal activity, no issue arises concerning the outer limits of the meaning of ‘danger to the community,’ an issue that would otherwise require a legal interpretation of the applicable standard.” (internal quotation and alteration omitted)). And while the District Court stated that it was not satisfied that either appellant would comply with release conditions, that finding, as noted above, does not obviate a proper dangerousness determination to justify detention.

The District Court also failed to demonstrate that it considered the specific circumstances that made it possible, on January 6, for Munchel and Eisenhart to threaten the peaceful transfer of power. The appellants had a unique opportunity to obstruct democracy on January 6 because of the electoral college vote tally taking place that day, and the concurrently scheduled rallies and protests. Thus, Munchel and Eisenhart were able to attempt to obstruct the electoral college vote by entering the Capitol together with a large group of people who had gathered at the Capitol in protest that day. Because Munchel and Eisenhart did not vandalize any property or commit violence, the presence of the group was critical to their ability to obstruct the vote and to cause danger to the community. Without it, Munchel and Eisenhart—two individuals who did not engage in any violence and who were not involved in planning or coordinating the activities— seemingly would have posed little threat. The District Court found that appellants were a danger to “act against Congress” in the future, but there was no explanation of how the appellants would be capable of doing so now that the specific circumstances of January 6 have passed. This, too, is a factor that the District Court should consider on remand. [my emphasis]

The DC Circuit opinion (joined by Judith Rogers, who ruled for Gitmo detainees in Bahlul and a Boumediene dissent) was absolutely a fair decision. But it is also arguably inconsistent with the way that the federal government treated Islamic terrorism, in which every time the government identified someone who might engage in terrorism (often using one of the secret programs approved by this handful of FISA judges, and often based off far less than waltzing into the Senate hoping to prevent the certification of an election while wielding zip ties and a taser), the FBI would continue to pursue those people as intolerably dangerous threats. Again, that’s not the way it’s supposed to work, but that is how it did work, in significant part with the approval of FISA judges.

That is, with Islamic terrorism, the government treated potential threats as threats, whereas here CADC required Lamberth to look more closely at what could make an individual predisposed to an assault on our government — a potential threat — as dangerous going forward. Again, particularly given the numbers involved, that’s a better application of due process than what has been used for the last twenty years, but it’s not what happened during the War on Terror (and in weeks ahead, this will be relitigated with consideration of whether Trump’s continued incitement makes these defendants an ongoing threat).

Now compare Lamberth’s order to an order John Bates issued in the wake of and specifically citing the CADC ruling, releasing former State Department official Freddie Klein from pretrial detention. Klein is accused of fighting with cops in the Lower West Terrace over the course of half an hour. Bates found that Klein, in using a stolen riot shield to push against cops in an attempt to breach the Capitol, was eligible for pre-trial detention, though he expressed skepticism of the government’s argument that Klein had wielded the shield as a dangerous weapon).

The Court finds that Klein is eligible for pretrial detention based on Count 3. Under the BRA, a “crime of violence” includes “an offense that has as an element of the offense the use, attempted use, or threatened use of physical force against the person or property of another.” 18 U.S.C. § 3156(a)(4)(A). The Supreme Court in Johnson v. United States defined “physical force” as “force capable of causing physical pain or injury to another person.” 559 U.S. 133, 140 (2010); see also Def.’s Br. at 9.

[snip]

6 The Court has some doubts about whether Klein “used” the stolen riot shield as a dangerous weapon. The BRA does not define the term, but at least for purposes of § 111(b), courts have held that a dangerous weapon is any “object that is either inherently dangerous or is used in a way that is likely to endanger life or inflict great bodily harm.” See United States v. Chansley, 2021 WL 861079, at *7 (D.D.C. Mar. 8, 2021) (Lamberth, J.) (collecting cases). A plastic riot shield is not an “inherently dangerous” weapon, and therefore the question is whether Klein used it in a way “that is likely to endanger life or inflict great bodily harm.” The standard riot shield “is approximately forty-eight inches tall and twenty-four inches wide,” see Gov’t’s Br. at 13, and the Court disagrees with defense counsel’s suggestion that a riot shield might never qualify as a dangerous weapon, even if swung at an officer’s head, Hr’g Tr. 18:18–25, 19:1–11. See, e.g., United States v. Johnson, 324 F.2d 264, 266 (4th Cir. 1963) (finding that metal and plastic chair qualified as a dangerous weapon when “wielded from an upright (overhead) position and brought down upon the victim’s head”). But it is a close call whether Klein’s efforts to press the shield against officers’ bodies and shields were “likely to endanger life or inflict great bodily harm.” See Chansley, 2021 WL 861079, at *7.

But Bates ruled that there were certain things about the case against Klein — that he didn’t come prepared for combat, that he didn’t bring a weapon with him and instead just made use of what he found there, that any coordination he did involved ad hoc cooperation with other rioters rather than leadership throughout the event — that distinguished him from other defendants who (he suggested) should be detained, thereby limiting the guidelines laid out by CDC.

Bates’ decision on those points is absolutely fair. He has distinguished Klein from other January 6 defendants who, he judges, contributed more to the violence.

But there are two aspects of Bates’ decision I find shocking, especially from the guy who consistently deferred to Executive Authority on matters of national security and who sacrificed all of our communicative privacy in the service of finding hidden terrorist threats to the country. First, Bates dismissed the import of Klein’s sustained fight against cops because — he judged — Klein was only using force to advance the position of the mob, not trying to injure anyone.

The government’s contention that Klein engaged in “what can only be described as hand-to-hand combat” for “approximately thirty minutes” also overstates what occurred. See Gov’t’s Br. at 6. Klein consistently positioned himself face-to-face with multiple officers and also repeatedly pressed a stolen riot shield against their bodies and shields. His objective, as far as the Court can tell, however, appeared to be to advance, or at times maintain, the mob’s position in the tunnel, and not to inflict injury. He is not charged with injuring anyone and, unlike with other defendants, the government does not submit that Klein intended to injure officers. Compare Hr’g Tr. 57:12–18 (government conceding that the evidence does not establish Klein intended to injure anyone, only that “there was a disregard of care whether he would injure anyone or not” in his attempt to enter the Capitol), with Gov’t’s Opp’n to Def.’s Mot. to Reopen Detention Hearing & For Release on Conditions, ECF No. 30 (“Gov’t’s Opp’n to McCaughey’s Release”), United States v. McCaughey, III, 21-CR-040-1, at 11 (D.D.C. Apr. 7, 2021) (government emphasizing defendant’s “intent to injure” an officer who he had pinned against a door using a stolen riot shield as grounds for pretrial detention). And during the time period before Klein obtained the riot shield, he made no attempts to “battle” or “fight” the officers with his bare hands or other objects, such as the flagpole he retrieved. That does not mean that Klein could not have caused serious injury— particularly given the chaotic and cramped atmosphere inside the tunnel. But his actions are distinguishable from other detained defendants charged under § 111(b) who clearly sought to incapacitate and injure members of law enforcement by striking them with fists, batons, baseball bats, poles, or other dangerous weapons.

[snip]

Klein’s conduct was forceful, relentless, and defiant, but his confrontations with law enforcement were considerably less violent than many others that day, and the record does not establish that he intended to injure others. [my emphasis]

Bates describes that Klein wanted to use force in the service of occupying the building, not harming individual cops.

Of course, using force to occupy a building in service of halting the vote count is terrorism, but Bates doesn’t treat it as such.

Even more alarmingly, Bates flips how Magistrate Zia Faruqui viewed a government employee like Klein turning on his own government. The government had argued — and Faruqui agreed — that when a federal employee with Top Secret clearance attacks his own government, it is not just a crime but a violation of the Constitutional oath he swore to protect the country against enemies foreign and domestic.

Bates — after simply dismissing the import of Klein’s admittedly limited criminal history that under any other Administration might have disqualified him from retaining clearance — describes what Klein did as a “deeply concerning breach of trust.”

The government also argues that “Klein abdicated his responsibilities to the country and the Constitution” on January 6 by violating his oath of office as a federal employee to “support and defend the Constitution of the United States against all enemies, foreign and domestic.” Id. at 24–25 (quoting 5 U.S.C. § 3331). The fact that, as a federal employee, Klein actively participated in an assault on our democracy to thwart the peaceful transfer of power constitutes a substantial and deeply concerning breach of trust. More so, too, because he had been entrusted by this country to handle “top secret” classified information to protect the United States’ most sensitive interests. In light of his background, Klein had, as Magistrate Judge Faruqui put it, every “reason to know the acts he committed” on January 6 “were wrong,” and yet he took them anyway. Order of Detention Pending Trial at 4. Klein’s position as a federal employee thus may render him highly culpable for his conduct on January 6. But it is less clear that his now-former employment at the State Department heightens his “prospective” threat to the community. See Munchel, 2021 WL 1149196, at *4. Klein no longer works for or is affiliated with the federal government, and there is no suggestion that he might misuse previously obtained classified information to the detriment of the United States. Nor, importantly, is he alleged to have any contacts—past or present—with individuals who might wish to take action against this country. [my emphasis]

Bates then argues that Klein’s ability to obtain clearance proves not that he violates oaths he takes (the government argument adopted by Faruqui), but that he has the potential to live a law-abiding life.

Ultimately, Klein’s history—including his ability to obtain a top-level security clearance—shows his potential to live a law-abiding life. His actions on January 6, of course, stand in direct conflict with that narrative. Klein has not—unlike some other defendants who have been released pending trial for conduct in connection with the events of January 6—exhibited remorse for his actions. See, e.g., United States v. Cua, 2021 WL 918255, at *7–8 (D.D.C. Mar. 10, 2021) (Moss, J.) (weighing defendant’s deep remorse and regret in favor of pretrial release). But nor has he made any public statements celebrating his misconduct or suggesting that he would participate in similar actions again. And it is Klein’s constitutional right to challenge the allegations against him and hold the government to its burden of proof without incriminating himself at this stage of the proceedings. See United States v. Lawrence, 662 F.3d 551, 562 (D.C. Cir. 2011) (“[A] district court may not pressure a defendant into expressing remorse such that the failure to express remorse is met with punishment.”). Hence, despite his very troubling conduct on January 6, the Court finds on balance that Klein’s history and characteristics point slightly toward release.

In short, Bates takes the fact that Klein turned on the government he had sworn to protect and finds that that act weighs in favor of release.

Bates judges that this man, whom he described as having committed violence to advance the goal of undermining an election, nevertheless finds that — having already done that — Klein does not pose an unmanageable prospective threat.

Therefore, although it is a close call, the Court ultimately does not find that Klein poses a substantial prospective threat to the community or any other person. He does not pose no continuing danger, as he contends, given his demonstrated willingness to use force to advance his personal beliefs over legitimate government objectives. But what future risk he does present can be mitigated with supervision and other strict conditions on his release.

Again, it’s not the decision itself that is troubling. It’s the thought process Bates used, both for the way Bates flips Klein’s betrayal of his oath on its head, and for the way that Bates views the threat posed by a man who already used force in an attempt to coerce a political end. And it’s all the more troubling knowing how Bates has deferred to the Executive’s claims about the nascent threat posed even by people who have not, yet, engaged in violence to coerce a political end.

Bates similarly showed no deference to the government’s argument that Larry Brock, a retired Lieutenant Colonel who also brought zip ties into the Senate chamber, should have no access to the Internet given really inflammatory statements on social media, including a call for “fire and blood” as early as November. Bates decided on his own that Probation could sufficiently monitor Brock’s Internet use, comparing Brock to (in my opinion) two unlike defendants to justify the decision. Again, the decision itself is absolutely reasonable, but for the guy who decided the government could monitor significant swaths of transnational Internet traffic out of a necessity to identify potential terrorists, for a guy who okayed the access of US person’s content with no warrant, it’s fairly remarkable that he hasn’t deferred to the government about the danger Brock poses on the Internet (to say nothing of Brock’s likely sophistication at evading surveillance).

Again, I’m not complaining about any of these opinions. The outcomes are all reasonable. It is genuinely difficult to fit the events of January 6 into our existing framework (and perhaps that’s a good thing). Plus, there is such a range of fact patterns that even in the Munchel opinion give force to the mob even while trying to adjudicate individuals’ actions.

But either because these discussions are public, or because we simply think about white person terrorism differently, less foreign, perhaps, than we do Islamic terrorism, the very same judges who’ve grappled with these questions for the past two decades don’t necessarily have the ready answers they had in the past.

FISA Judges January 6 cases

Lamberth:

Jacob Chansley (resistance, obstruction, trespassing) Craig Bingert, Isaac Sturgeon, Taylor Johnatakis (obstruction, resisting, trespassing) Eric Munchel and Lisa Eisenhart obstruction,( abetting, and trespassing with weapon) Scott Fairlamb (obstruction, resisting/assault, trespassing with weapon) Chance and James Uptmore (trespassing) Anna Morgan-Lloyd (trespassing) Rachel Marie Powell (obstruction, destruction of government property, trespassing) Joseph Barnes (obstruction, trespassing) Frank Scavo (trespassing) Christopher Worrell (resisting, assault, trespassing with deadly weapon)

Kollar-Kotelly:

Lonnie Coffman (17 weapons charges) William Vogel (trespassing) Jesus Rivera (trespassing) Tommy Allen misdemeanor( theft and trespassing) Christopher and Jenny Spencer (obstruction and trespassing) Barton Shively (resisting/assault and trespassing) Daniel Caldwell (resisting/assault using dangerous weapon and trespassing) Jerry Ryals and Anthony Griffith (obstruction and trespassing) Michael Orangias (trespassing) Clifford Mackrell (resistance/assault and trespassing)

Bates:

Stephanie Hazelton (obstruction, resisting, and trespassing) Thomas Fee (trespassing) Larry Brock (trespassing) Stephen Ayres and Matthew Perna (obstruction and trespassing) Alexander Sheppard (obstruction and trespassing) Jose Padilla (assault/resisting, obstruction, and trespassing with dangerous weapon) Leo Brent Bozell IV (obstruction, destruction of government property, trespassing) Freddie Klein (assault/resisting, obstruction, trespassing)

Walton:

Anthony Mariotto (trespassing) Mark Aungst and Tammy Bronsburg (trespassing) Daniel Goodwyn (obstruction and trespassing) Dustin Thompson and Robert Lyon obstruction,( misdemeanor theft, and trespassing) Alex Smith (trespassing) Mariposa Castro (trespassing)

Hogan:

Josiah Colt (obstruction and trespassing) Andrew Hatley (trespassing) Ryan Nichols and Alex Harkrider obstruction,( resisting and assault, felony theft, and trespassing) Brian Gunderson (obstruction and trespassing) Doug Rahm (obstruction and trespassing) Robert Reeder (trespassing) Deborah and Salvador Sandoval obstruction,( resisting and assault, trespassing) Annie Howell obstruction( and trespassing) Julian Khater and George Tanios (conspiracy, assault, resisting, and trespassing) Joshua and Jessica Bustle (trespassing) Bradley Weeks and Danny Carlton (obstruction and trespassing) Troy Sargent (resisting and assault, trespassing) Stephen Baker (trespassing)

Boasberg:

Thomas Baranyi (trespassing) Aaron Mostofsky (obstruction, resisting/assault, felony theft, trespassing) Derek Jancart (trespassing) Ryan Zink (obstruction and trespassing) Andrew Bennett (trespassing) Grayson Sherrill, Elliot Bishai, Elias Irizarry (trespassing) Damon Beckley (obstruction and trespassing) Sara Carpenter (trespassing)

Contreras:

John Andries (trespassing) Michael Stepakoff (trespassing) William and Michael Pope (obstruction, resistance, and trespassing) Felipe Marquez (obstruction and trespassing) Benjamin Torre (trespassing) Jeremy Vorous (obstruction and trespassing)