[Note: This is version 4 of the Timeline we’ve been working on for some time. We will continue to revise it as long as circumstances warrant and we can find someone willing to do the work.]

[This is Fred again. On Friday, August 9 the NSA released a “previously secret” white paper on its program to track and identify terrorists and any Americans they might know.[1] While clearly intended to persuade us that everything is fine in counterspy-land, NSA’s paper is useful to anyone interested in the subject. Why? Well, because it identifies the legal authorities in play in the NSA’s operation, and pretty much tells us how the NSA interprets them. To my knowledge, it’s the first public document from the intelligence community to do that. On the other hand, it’s pretty light in its discussion of actual programs or operational details. I guess we’ll have to rely on Edward Snowden for those.

Nevertheless, armed with this new information it seemed finally I had the tools to understand the NSA controversy. Surely I could reduce it to one or two simple issues and analyze them in a way that we could all understand. Alas! I couldn’t do it. Every time I settled on an approach – a hypothesis, if you will – a new cluster of stories would pop up and lead me in a different direction! Believe it or not, even the Supreme Court was involved earlier this year! Talk about confusing!

So, properly humbled I called Larry and asked him how he would approach my problem. It’s simple, he said. When the situation is confusing, use an old lawyer’s trick. Make a timeline. Once you get the key events down on paper, the underlying patterns and relationships will begin to emerge. Don’t prejudge. Just start by recording events and see where they take you.

Now that’s a great idea, but it is a little out of my line. I like to prejudge things; it makes the research go faster. So I asked Larry if he could take over the project. I’m too close to it, I said, and it needs someone with legal training and an analytic turn of mind to do it right.]

And of course I accepted. Flattery works. But before we get into charting events, I think we should talk about the backdrop.  We’re going to talk about federal programs and statutes, and how people view them in light of (i) current events and (ii) the U.S. Constitution[2]. It doesn’t appear that state law is relevant to any of this[3].  And, if there is a conflict between federal statutes and the Constitution, the Constitution trumps the statutes.[4]

So what Constitutional rights might one assert in a suit to stop NSA surveillance? That’s difficult to say for sure; each situation will depend on its own facts. Nevertheless, there are some obvious possibilities. The 4th Amendment is supposed to protect the people from unreasonable searches and seizures by their Government.[5] The 1st Amendment protects the freedom of our press, and our right to speak out on political matters.[6] And, of course, the 5th Amendment protects our rights after we are caught up in some criminal proceeding.[7] No doubt there’s litigation in our future and, at a guess, any of these, or a combination of them, might figure in it.

With that said, let’s move on to the timeline.

CY 2013 Timeline: NSA Surveillance Program

  • February 26, 2013. The Supreme Court decides Clapper v. Amnesty International, USA[8].

[The case involved the Foreign Intelligence Surveillance Act (FISA) of 1978. FISA was amended in 2008 to authorize the Government to scrutinize non-U.S. Persons in certain cases, usually with the prior approval of a secret FISA court. Plaintiffs, who were attorneys, human rights, organizations etc., immediately filed suit to have the FISA Amendments declared “facially unconstitutional.” Plaintiffs said they were U.S. citizens, and their confidential communications with non-U.S. personas would be compromised by FISA surveillance, with no showing of probable cause. Surveillance like that was unreasonable, and would violate the 4th Amendment. The Court didn’t reach the merits of the dispute. It said only that plaintiffs had not shown the program injured them in any concrete way. In fact, they “have no actual knowledge of the Government’s … targeting practices,”[9]and therefore lacked standing to bring the suit.]

The ACLU, one of the parties on the side of Amnesty International, is not pleased with the result.[10]

  • May 20, 2013. Edward Snowden, a contract employee of Booz, Allen and/or the NSA, boards a flight from Hawaii to Hong Kong, China[11] carrying more than one laptop computer. He doesn’t return.
  • June 5, 2013. The Guardian publishes an initial interview with Snowden.[12] The article leads off with an attention-grabber, i.e., that NSA collects telephone records “of millions of US customers of Verizon … under a top secret court order issued in April.”[13] A copy of the order is included with the article.
  • June 6, 2013. The Guardian follows up with a second piece about telephony[14], and deals separately with how other digital information is acquired by NSA’s Prism program[15]. Again, documents marked “Top Secret” are reproduced.
  • June 6, 2013. The Director of National Intelligence issues a statement about the first round of disclosures. Among other things, he defends the NSA’s inclusive approach to data collection:
    • The collection is broad in scope because more narrow collection would limit our ability to screen for and identify terrorism-related communications. Acquiring this information allows us to make connections related to terrorist activities over time. The FISA Court specifically approved this method of collection as lawful, subject to stringent restrictions[;]
    • The information acquired has been part of an overall strategy to protect the nation from terrorist threats to the United States, as it may assist counterterrorism personnel to discover whether known or suspected terrorists have been in contact with other persons who may be engaged in terrorist activities[; and]
    • There is a robust legal regime in place governing all activities conducted pursuant to the Foreign Intelligence Surveillance Act, which ensures that those activities comply with the Constitution and laws and appropriately protect privacy and civil liberties …[16]
  • June 6, 2013. Senior politicians rally round the NSA. It’s bipartisan. Diane Feinstein says, “It’s [i.e., NSA’s actions are] called protecting America.”[17] Saxby Chambliss says “To my knowledge, there has not been any citizen who has registered a complaint…”[18] Lindsey Graham is “glad the NSA is doing that kind of work.[19] But not everyone agrees. Some say that factions and the political parties may split over the surveillance issue. [20]
  • June 10, 2013. Edward Snowden reveals he is the “source” for The Guardian’s articles.[21]
  • June 11, 2013. Presidential Policy Directive # 20 is disclosed by the Washington Free Beacon.[22] (Actually, PPD-20 was published a few days earlier by The Guardian, but nobody in D.C. seemed to notice. Most likely it came from Edward Snowden). It’s classified “Top Secret,” and sets out “updated principles and processes” for an “overarching national cyber policy framework.” Notwithstanding the classification, today copies are available from The Guardian[23] and the American Federation of Scientists.[24]
  • June 27, 2013. The Guardian publishes a follow-on piece. The Obama Administration said the program outlined in The Guardian’s June 6 disclosures was cancelled in 2011 “for operational and resource reasons.” Nevertheless, said The Guardian, NSA’s Special Source Operations directorate is “still harvesting” massive amounts of data from the telephone companies. Also, the SSO was expanding its capabilities. It had deployed Evil Olive, a program to broaden the scope of what it was able to collect. [25] In a separate article, The Guardian reported that the U.S. had collected bulk email records for more than two years in the Obama Administration.[26] In both articles the newspaper based its conclusions on a review of documents in its possession marked Top Secret.
  • July 6, 2013. The Guardian shifts its reporting from domestic, U.S. spying to what it calls NSA’s “worldwide, ubiquitous electronic surveillance apparatus.” How does the NSA create that? Well, first it “partners” with a large, domestic, U.S. telecommunications company; that company in turn partners with telecoms in foreign countries. Once the U.S. company has access to another country’s telecommunications systems, it’s in a position to “direct traffic to the NSA’s repositories.” According to The Guardian, that’s happened in Germany, Brazil and in many more nations that are not adversaries to the U.S.  NSA calls it the FAIRVIEW program. [27]
  • July 10, 2013. One of the key lawyers who helped justify the Bush Administration’s early torture [err, enhanced interrogation] program announces that he also set legal policy on surveillance matters, and his policy is what’s being followed today by the NSA.[28]
  • July 16, 2013. Numerous plaintiffs file a consolidated suit in the Northern District of California, challenging what they call NSA’s “Associational Tracking Program,” which they describe as “dragnet electronic surveillance,” focused on “bulk acquisition, collection, storage, retention and searching of telephone communications information…”[29]
  • July 31, 2013. The Guardian does a piece on XKeyscore[30]  That’s a data base that an NSA analyst can mine by typing search parameters into a series of windows, then authorizing the search. It’s part of what the NSA calls Digital Network Intelligence (DNI), and covers “nearly everything a typical user does on the internet,”[31] including phone conversations, emails and other internet activity. So much data is retrieved that it can be stored by XKeyscore for only a limited period. But “interesting” data can be offloaded to other data bases, and kept for much longer. What’s interesting? Well, whatever NSA says.

 NSA’s training materials caution that warrants are required to access emails, etc. of U.S. citizens communicating within the U.S.; but XKeyscore doesn’t require proof of a warrant to do a search. It simply asks the operator to type in a “justification” that can be reviewed later.

The NSA’s basic position is that none of their people would just “make up” that kind of information, but if anyone did, NSA would catch it in subsequent reviews. Recently they caught a few, but not enough to be alarming.[32] To them, that is.

  • August 9, 2013. NSA publishes a legal opinion/ white paper outlining the various authorities it has to institute surveillance.[33] Some programs require prior clearance with the FISA Court before action is taken; others do not. The distinction seems to be that, (i) if an action is conducted under the authority of FISA, then court approval may be required; but (ii) if the action is authorized by a different law or regulation, or even a Presidential Executive Order[34], then the court need not be consulted. No mention is made of any separate restrictions the Constitution might impose on the NSA, or how they might be resolved.
  • August 15, 2013. The Washington Post publishes a front-page article about errors in NSA surveillance operations. It says that, from April 2011 through March 2012 NSA analysts violated the surveillance rules applicable to their projects on 2,776 occasions. The figures were taken from an internal NSA audit that was made available to The Post, you guessed it, by Edward Snowden. There was also some evidence that the NSA cooks its data from time to time. Analysts are instructed to leave the detail out of some reports intended for use outside the agency; and on occasion the agency omits reports of accidental surveillance. [35]
  • August 15, 2013.The Post follows these revelations with an article about the secret FISA Court. In a written statement, the Chief Judge of the court says that, in most cases, the court has to believe what the NSA tells it when NSA applies for a warrant. “The FISC does not have the capacity to investigate issues of noncompliance, and in that respect the FISC is in the same position as any other court when it comes to enforcing [government] compliance with its orders.” [36]
  • August 21, 2013. Citing unnamed “current and former officials,” the Wall Street Journal announces that NSA Surveillance can reach 75% of U.S.A. Internet traffic, including emails. [37] No new documents are referenced, but there is a nice chart.
  • August 21, 2013. The DNI declassifies three opinions by the secret court that deal with NSA’s collection procedures. The Washington Post follows with an article, stating that the agency “may have been collecting as many as 56,000 wholly domestic communications each year.” The secret court struck down the program in 2011, stating that the government had made a “pattern of misleading statements” about its activities and hinting that the “NSA possibly violated a criminal law against spying on Americans.” [38] A Post columnist opines that NSA has changed its story so many times it is “losing the benefit of the doubt” with the public.”[39]

The court opinions can be gotten from various subscription services, but today they’re also available for free directly from the DNI. Just go to the new Tumblr website maintained for official releases.[40] That should be the best source for now. The Court’s objections were effectively summarized in Note 14 to its opinion of October 23 2011. Note 14 said:

The Court is troubled that the Government’s revelations regarding NSA’s acquisition of Internet transactions mark the third instance in less than three years in which the government has disclosed a substantial misrepresentation regarding the scope of a major collection program. …

In March, 2009, the Court concluded that it’s authorization of NSA’s bulk acquisition of telephone call detail records from [deleted] in the so-called ‘big business records’ matter ‘ha[d] been premised on a flawed depiction of how the NSA uses [the acquired] Metadata’ and that ‘[t]his misrepresentation by the FISC existed from the inception of its authorized collection in  May 2006, buttressed by repeated inaccurate statements made in the government’s submissions, and despite a government –devised and Court-mandated oversight regime.’ Docket [deleted]. Contrary to the government’s repeated assurances, NSA has been routinely running queries of the metadata using querying terms that did not meet the required standard for querying. The Court concluded that this requirement had been ‘so frequently and systematically violated that it can fairly be said that this critical element of the overall … regime has never functioned effectively.’ Id. [41]

Nevertheless, the Court reinstated the program the next year based on additional submissions and some revisions.  The reasons are not totally clear, because much critical text in the later opinions is redacted.[42]

  • August 24, 2013. The Associated Press reports that the NSA’s efforts to determine what documents Edward Snowden took have been frustrated by the “sophisticated” techniques he used to cover his digital trail. The AP report relies on unnamed sources, i.e., on “government officials” who weren’t authorized “to discuss the sensitive developments publicly.”[43]
  • August 29, 2013. The Washington Post releases details of the FY 2013 budget request for U.S. Intelligence operations.[44] (This is also known as the “black budget,” because it’s highly classified.) The evidence, apparently a 178 page Executive Summary[45], came from – you guessed it – Edward Snowden. The Post’s revelations appear first as a series of articles on its website, combined with a bewildering set of “interactive[46]” tables and graphs. These are followed up by the print edition on August 30. The total budget request for intelligence operations in FY 2013 was $52.6 billion. Of this total, $14.7 billion was allocated to the CIA[47], $10.3 billion to the NRO[48], and $10.8 billion to the NSA[49]; the balance was split with a number of smaller organizations. Significant new investments proposed for FY 2013 included:

Counterintelligence To safeguard classified networks, the budget proposed “to strengthen insider threat detection capabilities” across the Intelligence Community. (Were they going to look for Edward Snowden? Remember, this budget dates from 2012. Snowden’s disclosures started in 2013.)

In addition, the budget proposed investments in target surveillance and offensive counterintelligence “against key targets.” And what were the targets? Why, “China, Russia, Iran, Israel, Pakistan, and Cuba.[50]

Signals Intelligence The budget proposed (i)“bolstering our support for clandestine SIGINT capabilities to collect against high priority targets, including foreign leadership targets;” and (ii) investing in ”groundbreaking cryptanalytic capabilities to defeat adversarial cryptography and exploit internet traffic.”[51] Translated, I think it means NSA would focus on decrypting encrypted messages and sucking up more internet traffic.

Cybersecurity. According to the budget, “the cyber threat continues to grow.” The budget proposed to continue with “the Comprehensive National Cybersecurity Initiative” and construct “a second High Performance Computing Center at Fort Meade, Maryland to keep pace with cyber processing demands.”[52]

  • August 29, 2013. The Hill.com considers why Israel might be a counterintelligence target for the U.S. It interviews an expert who says (i) Israeli spying remains a major threat and (ii) while much information is gotten from “traditional political contacts,” he has no doubt that the Israelis supplement it “by whatever means they can use …” But you won’t hear that from any politicians, because “politically it is hazardous for any American politician … to underscore … the divergence of U.S. and Israeli interests. [53] ” There’s a video that goes with the article.
  • August 29, 2013. The Washington Post reports that, in some cases, NSA has paid U.S. companies for “access to communications networks.”[54] The payments, says the Post, are aggregated in the budget documents under the headings of BLARNEY ($65.96 million), FAIRVIEW ($94.74 million), STORMVIEW ($46.04 million) and OAKSTAR ($9.04 million). These numbers are not supported the Budget documents released by the Post.[55] Nor can you find them attached to an earlier article published by The Guardian.[56]

It’s not clear what the payments were for. Were they standard service charges, similar to what might be charged to other Government entities? Were they cost reimbursements, intended to cover incremental costs incurred by the companies to comply with Government demands? And if so, did they include a profit component? And if that’s the case, did the profits induce the companies not to challenge Government requests that might exceed permissible limits? Were they bribes? There are many questions, but no answers.

If you recall, FAIRVIEW was previously identified by The Guardian as a program directed at spying on foreign citizens in their own countries. See the entry under July 6, 2013.

  • August 30, 2013. The Washington Post does a follow-up on the FY 2013 Intelligence budget. The Post says that in 2011, the U.S. attacked foreign computer networks 231 times, and spent $652 million on a project to install malware, etc. on tens of thousands of machines. Also, the Government plans to expand the number of infected machines into the millions. [57] What’s the authority for all of that? Well, take a look at PPD 20, discussed under June 11, 2013. It’s classified, but you can get copies of that Directive from The Guardian or the Federation of American Scientists.
  • September 1 -3, 2013.The Washington Post writes a series of articles about the Intelligence Community. On September 1, it says that four thousand employees of said community are under suspicion of “anomalous behavior” and will be probed[58] On September 2, 2013, it says our Government no longer trusts Pakistan.[59] The Post produces no new documents to substantiate either of these allegations. Instead it relies on [unpublished] documents in its possession and other confidential sources.
  • September 5, 2013. The Guardian[60], the New York Times[61] and Pro Publica[62] write about the NSA’s ability to decrypt confidential communications. A small but important document release, again from Edward Snowden, accompanies these articles.[63] The Guardian says NSA and its British equivalent have made astonishing progress in breaking the encryption used by “hundreds of millions” of people to protect their online privacy. They’ve done this by (i) covertly participating in setting international encryption standards; (ii) collaborating directly with tech. companies and ISPs; and (iii) using super computers to break encryption with “brute force.”

Encryption Standards. What a surprise! The Guardian has a document that says NSA, etc. modifies when possible the standards, etc. for commercial software, security devices or systems in order to make them “exploitable.” For the most part it does this covertly, through stooges. Some of the Government’s activities are well known, and public. Others are super Top Secret and unmentionable[64]. The latter include: attempts by NSA to change cryptographic standards, security devices, etc. to make them exploitable; whether NSA “successfully exploits” any such weaknesses; and the fact that NSA gets its information “through industry relationships.” [65]

Collaboration with Industry. How do the authors show this? Well, you see they also had access to Volume 1 of the Proposed Intelligence Budget for FY 2013 and, more specifically, to pp. 115 – 117 of it.[66] The funding for collaboration with industry is spelled out there. The goal of the program is to engage “US and foreign IT industries to covertly influence and overtly leverage their commercial products’ designs” so that the Government has access to the users’ data, while to “the consumer and other adversaries” everything seems to be secure.

Brute Force.  In 2000 NSA began a full-scale effort to buy super-computers, etc. to preserve its access to the internet. Under Moore’s Law, data processing capabilities tend to double every two years or so.[67] That being the case, a 13 year old super-computer would not be very super today; so we can safely assume that the NSA has and continues to enhance these capabilities each year. And indeed, that’s what the available documents tend to show. ”In recent years there has been an aggressive effort, lead [sic, led] by NSA, to make major improvements in defeating network security and privacy involving multiple sources and methods …. These include: … investment in high-performance computers; and development of advanced mathematical techniques.” [68]

[1] See Electronic Frontier Foundation, Cohn, Obama Administration Releases Previously Secret Legal Opinion on NSA’s Associational Tracking Program (August 9, 2013) at https://www.eff.org/deeplinks/2013/08/administration-white-paper-associational-tracking-program The EFF calls the document a “legal opinion,” and certainly it’s stuffed with citations to authority. But we think it’s more like a “white paper,” i.e. a document crafted to persuade the public. We’ll stick with that for the time being. Currently the document is available directly from the NSA: Just go to http://www.nsa.gov/public_info/_files/speeches_testimonies/2013_08_09_the_nsa_story.pdf

[2] For the version of the Constitution we use, go to Transcript of Constitution of the United States (1787), Art. II, Sec. 4 at http://www.ourdocuments.gov/doc.php?doc=9&page=transcript You can download a copy from the Government Printing Office; just go to http://www.gpo.gov/fdsys/search/pagedetails.action?granuleId=CDOC-110hdoc50&packageId=CDOC-110hdoc50

[3] See U.S. Constitution, Article VI: “This Constitution, and the Laws of the United States which shall be made in Pursuance thereof; and all Treaties made, or which shall be made, under the Authority of the United States, shall be the supreme Law of the Land; and the Judges in every State shall be bound thereby, any Thing in the Constitution or Laws of any State to the Contrary notwithstanding.”

[4] See Marbury v. Madison, 5 U.S. 137 (1803). For an introductory discussion of the case, go to the Wikipedia entry at http://en.wikipedia.org/wiki/Marbury_v._Madison See also U.S. Constitution, Article III, Sec. 1: “The judicial Power of the United States shall be vested in one supreme Court, and in such inferior Courts as the Congress may from time to time ordain and establish.”

[5] See U.S. Constitution, Amendment 4: “The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.”

[6] See U.S. Constitution, Amendment 1: “Congress shall make no law respecting an establishment of religion, or prohibiting the free exercise thereof; or abridging the freedom of speech, or of the press; of the right of the people peaceably to assemble, and to petition the Government for a redress of grievances.”

[7] See U.S. Constitution, Amendment 5: “No person shall be held to answer for a capital, or otherwise infamous crime, unless on a presentment or indictment of a Grand Jury, except in cases arising in the land or naval forces, or in the Militia, when in actual service in time of War or public danger; nor shall any person be subject for the same offence to be twice put in jeopardy of life or limb; nor shall be compelled in any criminal case to be a witness against himself, nor be deprived of life, liberty, or property, without due process of law; nor shall private property be taken for public use, without just compensation.”

[8] Clapper v. Amnesty International, USA, 568 U.S. ___ (2013). The decision currently is available from the Court as a slip opinion. If you want a copy, go to http://www.supremecourt.gov/ and search “Recent Decisions” on the right side of the page. Henceforth, the case will be cited to the slip opinion as follows: Clapper v. Amnesty International, slip opinion at ___.

[9] See: Clapper v. Amnesty International, slip opinion at 12 (majority opinion). The decision was split 5/4, along traditional Conservative/Liberal lines.

[10] See ACLU, Supreme Court Dismisses ACLU’s Challenge to NSA Warrantless Wiretapping Law (February 26, 2013) at http://www.aclu.org/national-security/supreme-court-dismisses-aclus-challenge-nsa-warrantless-wiretapping-law

[11] See the guardian, Gidda, Edward Snowden and the NSA files – timeline (25 July 2013) at http://www.theguardian.com/world/2013/jun/23/edward-snowden-nsa-files-timeline This is a good earlier timeline, emphasizing just the dates. The Guardian, of course, is in the thick of the Snowden disclosures.

[12] For more on The Guardian’s role, see The Atlantic, Woolf, How The Guardian Broke the Snowden Story (July 5, 2013) at http://www.theatlantic.com/national/archive/2013/07/how-i-the-guardian-i-broke-the-snowden-story/277486/

[13] See the guardian, Greenwald, NSA collecting phone records of millions of Verizon customers daily (June 5, 2013) at http://www.theguardian.com/world/2013/jun/06/nsa-phone-records-verizon-court-order

[14] See the guardian, Greenwald, et al., The National Security Agency: surveillance giant with eyes on America (June 6, 2013) at http://www.theguardian.com/world/2013/jun/06/national-security-agency-surveillance

[15] See the guardian, Greenwald, et al., NSA Prism program taps in to user data of Apple, Google and others (June 6, 2013), at http://www.theguardian.com/world/2013/jun/06/us-tech-giants-nsa-data

[16] See Office of the Director of National Intelligence, Clapper, DNI statement on Recent Unauthorized Disclosures of Classified Information (June 6, 2013), available as a pdf. from the Office of the DNI: go to http://www.dni.gov/index.php/newsroom/press-releases/191-press-releases-2013/868-dni-statement-on-recent-unauthorized-disclosures-of-classified-information?tmpl=component&format=pdf

[17] See Politico Pro, Mak et al., Dianne Feinstein on NSA: ‘It’s called protecting America’ (June 6, 2013) at http://www.politico.com/story/2013/06/dianne-feinstein-on-nsa-its-called-protecting-america-92340.html

[18] See the article cited in note 17.

[19] See The Huffington Post, Dunkley, Lindsey Graham Is ‘Glad’ NSA Collects Verizon Phone Records (VIDEO) (June 6, 2013), at http://www.huffingtonpost.com/2013/06/06/lindsey-graham-nsa_n_3396223.html :”I don’t think you’re talking to the terrorists. I know you’re not. I know I’m not, so we don’t have anything to worry about,” he said. “I am glad that NSA is trying to find out what terrorists are up to overseas and inside the country.”

[20] See The Huffington Post, Shapiro, Bill O’Reilly: NSA Bombshell Has Caused ‘Ideological Chaos’ Among Pundits And Politicians (VIDEO) (June 11, 2013) at  http://www.huffingtonpost.com/2013/06/11/bill-oreilly-nsa-ideological-chaos-pundits-politicians_n_3421819.html

[21] See the guardian, MacAskill, Edward Snowden, NSA files source: ‘If they want to get you, in time they will’ (June 10, 2013) at http://www.theguardian.com/world/2013/jun/09/nsa-whistleblower-edward-snowden-why

[22] See Washington Free Beacon, Gertz, Cyber War Details Revealed (June 11, 2013) at http://freebeacon.com/cyber-war-details-revealed/

[23] See the guardian, full document text, Obama tells intelligence chiefs to draw up cyber target list (7 June 2013) at http://www.theguardian.com/world/interactive/2013/jun/07/obama-cyber-directive-full-text

[24] The version here seems to be the same as the one published by The Guardian. To find it, go Federation of American Scientists, http://www.fas.org/ at http://www.fas.org/irp/offdocs/ppd/ppd-20.pdf

[25] See the guardian, Greenwald, How the NSA is still harvesting your online data (June 27, 2013) at http://www.theguardian.com/world/2013/jun/27/nsa-online-metadata-collection

[26] See the guardian, Greenwald et al., NSA collected US email records in bulk for more than two years under Obama (June 27, 2013)at http://www.theguardian.com/world/2013/jun/27/nsa-data-mining-authorised-obama

[27] See the guardian, Greenwald, The NSA’s mass and indiscriminate spying on Brazilians (July 6, 2013) at http://www.theguardian.com/commentisfree/2013/jul/07/nsa-brazilians-globo-spying There’s a video with the article that’s interesting, if you can get it to open.

[28] See San Francisco Bay Guardian, Bowe, Torture lawyer John Yoo drafted legal rationale for NSA spying, protesters targeting his talk in SF tonight (07/10/13) at http://www.sfbg.com/politics/2013/07/10/torture-lawyer-john-yoo-drafted-legal-rationale-nsa-spying-protesters-targeting- See also PBS Newshour, Suarez, Transcript of Suarez/Gellman Interview, at http://www.pbs.org/newshour/bb/nation/jan-june13/snowden2_06-28.html

[29] See GamePolitics.com, EFF Files Lawsuit Against NSA Over Associational Tracking Program (July 16, 2013) http://gamepolitics.com/2013/07/16/eff-files-lawsuit-against-nsa-over-associational-tracking-program#.UhBXuJJJ60o We’ve quoted the Complaint in part; you can access the whole thing at this site.

[30] See the guardian, Greenwald, XKeyscore: NSA tool collects ‘nearly everything a user does on the internet’ at http://www.theguardian.com/world/2013/jul/31/nsa-top-secret-program-online-data

[31] This is a quote from the article cited in note 27. My machine doesn’t show page numbers, so I can’t give you one.

[32] This is also from the article in note 27.

[33] See note 1 and references cited therein.

[34] The memo specifically mentions Executive Order 12333, the “foundational authority for [NSA’s] surveillance activities.” It was published in 1981, in the Reagan Administration. You can get it online from the Federal Register at http://www.archives.gov/federal-register/codification/executive-order/12333.html

[35] See, e.g., The Washington Post, National Security, Gellman, NSA broke privacy rules thousands of times per year, audit finds (August 15, 2013) available at http://www.washingtonpost.com/world/national-security/nsa-broke-privacy-rules-thousands-of-times-per-year-audit-finds/2013/08/15/3310e554-05ca-11e3-a07f-49ddc7417125_story.html?wpisrc=al_comboPN_p

[36] See, e.g., The Washington Post, National Security, Leonnig, Court: Ability to police U.S. spying program limited (August 15, 2013): “The leader of the secret court that is supposed to provide critical oversight of the government’s vast spying programs said that its ability to do so is limited and that it must trust the government to report when it improperly spies on Americans.” The article is available at http://www.washingtonpost.com/politics/court-ability-to-police-us-spying-program-limited/2013/08/15/4a8c8c44-05cd-11e3-a07f-49ddc7417125_story.html

[37] See The Wall Street Journal, Gorman & DeVries, NSA’s Reach into U.S. Net Is Deep, Wide (Wednesday, August 21, 2013) at A1, A8. If you subscribe to the WSJ, you can get the article online at http://online.wsj.com/article/SB10001424127887324108204579022874091732470.html#articleTabs%3Darticle  Also, you can get a précis of the article from Reuters, at http://www.reuters.com/article/2013/08/21/us-usa-security-nsa-idUSBRE97K02V20130821

[38] See The Washington Post, National Security, Nakashima, NSA gathered thousands of Americans’ e-mails before court struck down program (August 21, 2013) at http://www.washingtonpost.com/world/national-security/nsa-gathered-thousands-of-americans-e-mails-before-court-struck-down-program/2013/08/21/146ba4b6-0a90-11e3-b87c-476db8ac34cd_story.html?wpisrc=al_comboPN

[39] See The Washington Post, Opinions, Marcus, The NSA is losing the benefit of the doubt (August 22, 2013) at http://www.washingtonpost.com/opinions/ruth-marcus-the-nsa-is-losing-the-benefit-of-the-doubt/2013/08/22/16e5a740-0b4f-11e3-b87c-476db8ac34cd_story.html?wpisrc=nl_politics

[40] See Office of the DNI, IC on the Record, at http://icontherecord.tumblr.com/

[41] See Foreign Intelligence Surveillance Court Memorandum Opinion and Order (October 3, 2011)(J. Bates) at Part II, http://www.dni.gov/files/documents/October%202011%20Bates%20Opinion%20and%20Order%20Part%202.pd f

[42] For a summary, see Foreign Intelligence Surveillance Court Memorandum Opinion and Order (September 25, 2012) (J. Bates) at http://www.dni.gov/files/documents/September%202012%20Bates%20Opinion%20and%20Order.pdf

[43] See Associated Press, Goldman & Dozier, Snowden Suspected of Bypassing Electronic Logs (August 24, 2013) at e.g., http://www.news-journalonline.com/article/20130824/APW/1308240577?template=printpicart

[44] See, e.g., The Washington Post, National Security, Gellman & Miller, U.S. spy network’s successes, failures and objectives detailed in ‘black budget’ summary (August 29, 2013) at http://www.washingtonpost.com/world/national-security/black-budget-summary-details-us-spy-networks-successes-failures-and-objectives/2013/08/29/7e57bb78-10ab-11e3-8cdd-bcdc09410972_story.html?wpisrc=al_national

[45] It’s the first volume of a multi-volume budget submission. Its official title is “Volume 1, National Intelligence Program Summary,” and it’s dated February, 2012. Specific pages will be cited as Summary at p. __.

[46] It wasn’t clear, at least in the early stages, exactly with whom the charts/ graphs were ‘interacting.’ Certainly they didn’t respond well to my efforts to communicate. And in any case, the reader would be better served if The Post had simply reproduced the original documents, or the portions it wanted to publish, rather than turning a bunch of techies loose to massage and manipulate the information. You can get better copies of the documents from the Federation of American Scientists, at http://www.fas.org/irp/budget/index.html

[47] The CIA;s website is https://www.cia.gov/index.html

[48] The NRO’s website is http://www.nro.gov/

[49] The NSA’s website is http://www.nsa.gov/

[50] See Summary at p. 3. (The WP calls this p. 5, but the document numbers itself as p. 3.)

[51] See Summary at p. 2 (The WP calls this p. 4, but the document numbers itself as p. 2)

[52] See Summary at p. 2

[53] See The Hill, Global Affairs, Pecquet, Leaked documents reveal US sees Israel as a spying threat (08/29/2013) at http://thehill.com/blogs/global-affairs/middle-east-north-africa/319513-leaked-documents-reveal-us-sees-israel-as-a-major-spying-threat

[54] See The Washington Post, National Security, Timberg & Gellman, NSA paying U.S. companies for access to communications networks (August 29, 2013), at http://www.washingtonpost.com/world/national-security/nsa-paying-us-companies-for-access-to-communications-networks/2013/08/29/5641a4b6-10c2-11e3-bdf6-e4fc677d94a1_story.html?wpisrc=nl_tech_b

[55] Don’t believe me? Go to the budget pages released by the Post, and see if you can find these programs. The pages actually released are at http://apps.washingtonpost.com/g/page/national/inside-the-2013-us-intelligence-black-budget/420/

[56] See the guardian, MacAskill, NSA paid millions to cover Prism compliance costs for tech companies (22 August 2013) at http://www.theguardian.com/world/2013/aug/23/nsa-prism-costs-tech-companies-paid

[57] See The Washington Post, National Security, Gellman & Nakashima, U.S. spy agencies mounted 231 offensive cyber operations in 2011, documents show (August 30, 2011) at http://www.washingtonpost.com/world/national-security/us-spy-agencies-mounted-231-offensive-cyber-operations-in-2011-documents-show/2013/08/30/d090a6ae-119e-11e3-b4cb-fd7ce041d814_story.html?wpisrc=al_national

[58] See WP Politics ,Leonnig, Tate & Gellman, U.S. intelligence agencies spend millions to hunt for insider threats, document shows (September 1, 2013) at http://www.washingtonpost.com/politics/us-intelligence-agencies-spend-millions-to-hunt-for-insider-threats-document-shows/2013/09/01/c6ab6c74-0ffe-11e3-85b6-d27422650fd5_story.html  See also techdirt, Moody, Would You Trust Any Organization That Doesn’t Trust 4,000 Of Its Employees? What If It’s The NSA? (Sept. 6, 2013) at http://www.techdirt.com/articles/20130905/11444824415/would-you-trust-any-organization-that-doesnt-trust-4000-its-employees-what-if-its-nsa.shtml

[59] See The Washington Post, National Security, Miller, Whitlock & Gellman, Top-secret U.S. intelligence files show new levels of distrust of Pakistan (September 2, 2013) at http://www.washingtonpost.com/world/national-security/top-secret-us-intelligence-files-show-new-levels-of-distrust-of-pakistan/2013/09/02/e19d03c2-11bf-11e3-b630-36617ca6640f_story.html?wpisrc=nl_politics  But, the article says, “after years of diplomatic conflict,” tensions between the U.S. and Pakistan “have begun to subside.” You can find this in the print edition of the article, at p. A14 of the Tuesday, September 3 newspaper, just under the heading Anxiety over nuclear program.

[60] The basic article is the guardian, Ball, Borger & Greenwald, Revealed: how US and UK spy agencies defeat internet privacy and security (5 September 2013) at http://www.theguardian.com/world/2013/sep/05/nsa-gchq-encryption-codes-security .

[61] See The New York Times, Perlroth et al., N.S.A. Able to Foil Basic Safeguards of Privacy on Web (September 5, 2013) at http://www.nytimes.com/2013/09/06/us/nsa-foils-much-internet-encryption.html?_r=0

[62] See Pro Publica, Larson et al., The NSA’s Secret Campaign to Crack, Undermine Internet Security (September 5, 2013) at http://www.propublica.org/article/the-nsas-secret-campaign-to-crack-undermine-internet-encryption

[63] The New York Times seems to be available only to people who subscribe. You can get The Guardian’s article for free, so as a courtesy to our readers, we will work from that. For convenience, we’ll cite it as Revealed at p. __.. Page citations are to the pages that print out on this machine. They might not be the same as what you get on yours. See Revealed at p. 1-2.

[64] Strictly speaking, Top Secret is the highest level of classification. But some things are so sensitive, that only people with a Top Secret clearance and special access privileges are allowed to know them.

[65] See items 5, 9 & 10 of the Classification Guide for NSA’s decryption program (3 pages), at http://www.theguardian.com/world/interactive/2013/sep/05/nsa-classification-guide-cryptanalysis

[66] See Computer Network Operations, SIGINT Enabling (3 pages), at http://www.theguardian.com/world/interactive/2013/sep/05/sigint-nsa-collaborates-technology-companies

[67] I’m slightly misquoting it. but so do other people. See the article in Wikipedia, at http://en.wikipedia.org/wiki/Moore%27s_law

[68] See the Bullrun briefing sheet (6 pages), apparently submitted in conjunction with the FY 2013 Budget Proposal,  at http://www.theguardian.com/world/interactive/2013/sep/05/nsa-project-bullrun-classification-guide Actually, the version provided by the New York Times is somewhat more useful (because of its annotations) and is accessible at http://www.nytimes.com/interactive/2013/09/05/us/documents-reveal-nsa-campaign-against-encryption.html?ref=us