Judge Orders Halt to Warrantless Surveillance

August 18, 2006

From AOL News:

Noting “there are no hereditary Kings in America and no powers not created by the Constitution,” a federal judge ruled Thursday that President Bush had exceeded his authority when he allowed the National Security Agency to eavesdrop on Americans without a warrant.

U.S. District Judge Anna Diggs Taylor in Detroit said the surveillance by the NSA violates the rights to free speech and privacy, as well as the separation of powers enshrined in the Constitution.  

The Bush administration said the program is a vital tool in the fight against terrorism and said it would seek a reversal by the 6th U.S. Circuit Court of Appeals in Cincinnati.  

White House press secretary Tony Snow said the Bush administration “couldn’t disagree more with this ruling.” He said the program carefully targets communications of suspected terrorists and “has helped stop terrorist attacks and saved American lives.”  

Taylor ordered an immediate halt to the program, but the government said it would ask for a stay of that order pending appeal. The American Civil Liberties Union, which brought the suit, said it would oppose a stay but agreed to delay enforcement of the injunction until Taylor hears arguments Sept. 7.  

The ACLU filed the lawsuit in January on behalf of journalists, scholars and lawyers who say the program has made it difficult for them to do their jobs. They believe many of their overseas contacts are likely targets of the program, which monitors phone calls and e-mails between people in the U.S. and people in other countries when a link to terrorism is suspected.  

The ACLU says the 1978 Foreign Intelligence Surveillance Act, which set up a secret court to grant warrants for such surveillance, gave the government enough tools to monitor suspected terrorists.  

The government argued that the program is well within the president’s authority but said proving that would require revealing state secrets.  

The ACLU said the state-secrets argument was irrelevant because the Bush administration already had publicly revealed enough information about the program for Taylor to rule.  

Taylor agreed, writing in her 43-page opinion that “Plaintiffs need no additional facts” to establish their claims.  

Taylor, a Carter appointee, said the government appeared to argue that the president has the “inherent power” to violate laws of Congress and the First and Fourth amendments to the Constitution.  

“We must first note that the Office of the Chief Executive has itself been created, with its powers, by the Constitution,” Taylor wrote. “There are no hereditary Kings in America and no powers not created by the Constitution. So all ‘inherent powers’ must derive from that Constitution.”  

The Justice Department said the program “is lawful and protects civil liberties.”  

ACLU executive director Anthony Romero called Taylor’s opinion “another nail in the coffin in the Bush administration’s legal strategy in the war on terror.”  

“At its core, today’s ruling addresses the abuse of presidential power and reaffirms the system of checks and balances that’s necessary to our democracy,” he told reporters.  

One of the plaintiffs in the case, Detroit immigration lawyer Noel Saleh, said the NSA program had made it difficult to represent his clients, some of whom the government accuses of terrorist connections.  

Many of those cases require him to speak to witnesses overseas. “There’s no way I or my clients would feel secure” about the privacy of those phone conversations, Saleh said.  

Saleh, a leader in Michigan’s large Arab-American community, said the program affected not only lawyers, scholars and journalists whose professional activities require them to communicate overseas, but anyone with relatives abroad.  

For example, Saleh said there were “constant phone calls between the United States and Lebanon” in recent weeks, as people here sought news of their families amid the violence in the Middle East. The NSA was likely listening in on many of those calls, he said.  

“People have the right to be concerned about their family, to check on the welfare of their family and not be spied on by the government,” he said.  

In Washington, Republicans expressed hope that the decision would be overturned, while many Democrats praised the ruling.  

“It is disappointing that a judge would take it upon herself to disarm America during a time of war,” Rep. Pete Hoekstra, R-Mich., chairman of the House Intelligence Committee, said in a statement.  

West Virginia Sen. Jay Rockefeller, the top Democrat on the Senate Intelligence Committee, said the decision shows the executive branch needs more external reviews.  

“The administration is wrongly convinced that it can run the country without Congress or oversight. This is their tragic failure, and the courts understand it,” Rockefeller said. “The nation’s security is serious business – and particularly during such a dangerous time – it requires constant oversight, input and understanding from the Congress, the courts, and the American people.”  

Both Hoekstra and Rockefeller have been briefed extensively on the program’s details.  

Sen. Arlen Specter, R-Pa., the Senate Judiciary Committee chairman, is championing a compromise that would allow Bush to submit the surveillance program to the Foreign Intelligence Surveillance Court for a one-time test of its constitutionality. Civil liberties groups say such a review would be a sham.  

Attorney General Alberto Gonzales said the administration believes such legislation is not necessary to make the program legal but has committed to working with Specter on it. He said it may address some of the concerns raised in the judge’s ruling.  

But Taylor’s opinion was so sweeping that congressional approval of the program would not address her concerns, said Richard Pildes, a professor at New York University School of Law.  

“The debate about this program has overwhelmingly been about whether Congress has to authorize it for it to be constitutional. But beyond holding that Congress does have to do so, this judge has suggested it would violate the Constitution even if Congress authorized it,” Pildes said.  

“Until Congress actually addresses these questions, I would expect most appellate courts to be extremely reluctant to address many of the questions this judge was willing to weigh in on.”  

Taylor dismissed one claim in the ACLU’s lawsuit that dealt with data-mining of phone records. The lawsuit alleged that the NSA “uses artificial intelligence aids to search for keywords and analyze patterns in millions of communications at any given time.”  

Taylor said not enough had been publicly revealed about that program to support the claim and further litigation would jeopardize state secrets.  

Multiple lawsuits have been filed related to data-mining against phone companies, accusing them of improperly turning over records to the NSA.  


Bush Administration Now Spying On Banking, Without A Warrant

June 23, 2006

From The New York Times:

Under a secret Bush administration program initiated weeks after the Sept. 11 attacks, counterterrorism officials have gained access to financial records from a vast international database and examined banking transactions involving thousands of Americans and others in the United States, according to government and industry officials.

The program is limited, government officials say, to tracing transactions of people suspected of ties to Al Qaeda by reviewing records from the nerve center of the global banking industry, a Belgian cooperative that routes about $6 trillion daily between banks, brokerages, stock exchanges and other institutions. The records mostly involve wire transfers and other methods of moving money overseas or into and out of the United States. Most routine financial transactions confined to this country are not in the database.

Viewed by the Bush administration as a vital tool, the program has played a hidden role in domestic and foreign terrorism investigations since 2001 and helped in the capture of the most wanted Qaeda figure in Southeast Asia, the officials said. The program, run out of the Central Intelligence Agency and overseen by the Treasury Department, “has provided us with a unique and powerful window into the operations of terrorist networks and is, without doubt, a legal and proper use of our authorities,” Stuart Levey, an undersecretary at the Treasury Department, said in an interview Thursday. The program is grounded in part on the president’s emergency economic powers, Mr. Levey said, and multiple safeguards have been imposed to protect against any unwarranted searches of Americans’ records.

The program, however, is a significant departure from typical practice in how the government acquires Americans’ financial records. Treasury officials did not seek individual court-approved warrants or subpoenas to examine specific transactions, instead relying on broad administrative subpoenas for millions of records from the cooperative, known as Swift.

That access to large amounts of sensitive data was highly unusual, several officials said, and stirred concerns inside the administration about legal and privacy issues.

“The capability here is awesome or, depending on where you’re sitting, troubling,” said one former senior counterterrorism official who considers the program valuable. While tight controls are in place, the official added, “The potential for abuse is enormous.”

The program is separate from the National Security Agency’s efforts to eavesdrop without warrants and collect domestic phone records, operations that have provoked fierce public debate and spurred lawsuits against the government and telecommunications companies. But all the programs grew out of the Bush administration’s desire to exploit technological tools to prevent another terrorist strike, and all reflect attempts to break down longstanding legal or institutional barriers to the government’s access to private information about Americans and others inside the United States.

Officials described the Swift program as the biggest and most far-reaching of several secret efforts to trace terrorist financing. Much more limited agreements with other companies have provided access to A.T.M. transactions, credit card purchases and Western Union wire payments, the officials said.

Nearly 20 current and former government officials and industry executives discussed aspects of the Swift operation with The New York Times on condition of anonymity because the program remains classified. Some of those officials expressed reservations about the program, saying that what they viewed as an urgent, temporary measure had become permanent nearly five years later without specific Congressional approval or formal authorization.

Data from the Brussels-based banking consortium, formally known as the Society for Worldwide Interbank Financial Telecommunication, has allowed officials from the C.I.A., the Federal Bureau of Investigation and other agencies to examine “tens of thousands” of financial transactions, Mr. Levey said.

While many of those transactions have occurred entirely on foreign soil, officials have also been keenly interested in international transfers of money by individuals, businesses, charities and other organizations under suspicion inside the United States, officials said. A small fraction of Swift’s records involve transactions entirely within this country, but Treasury officials said they were uncertain whether any had been examined.

Swift executives have been uneasy at times about their secret role, the government and industry officials said. By 2003, the executives told American officials they were considering pulling out of the arrangement, which began as an emergency response to the Sept. 11 attacks, the officials said. Worried about potential legal liability, the Swift executives agreed to continue providing the data only after top officials, including Alan Greenspan, then chairman of the Federal Reserve, intervened. At the same time, new controls were introduced.

Among the program’s safeguards, government officials said, is an outside auditing firm that verifies that the data searches are based on a link to terrorism intelligence. Swift and Treasury officials said they were aware of no abuses. But Mr. Levey, the Treasury official, said one person had been removed from the operation for conducting a search considered inappropriate.

“We are not on a fishing expedition,” Mr. Levey said. “We’re not just turning on a vacuum cleaner and sucking in all the information that we can.”

Treasury officials said Swift was exempt from American laws restricting government access to private financial records because the cooperative was considered a messaging service, not a bank or financial institution.

But at the outset of the operation, Treasury and Justice Department lawyers debated whether the program had to comply with such laws before concluding that it did not, people with knowledge of the debate said. Several outside banking experts, however, say that financial privacy laws are murky and sometimes contradictory and that the program raises difficult legal and public policy questions.

The Bush administration has made no secret of its campaign to disrupt terrorist financing, and President Bush, Treasury officials and others have spoken publicly about those efforts. Administration officials, however, asked The New York Times not to publish this article, saying that disclosure of the Swift program could jeopardize its effectiveness. They also enlisted several current and former officials, both Democrat and Republican, to vouch for its value.

Bill Keller, the newspaper’s executive editor, said: “We have listened closely to the administration’s arguments for withholding this information, and given them the most serious and respectful consideration. We remain convinced that the administration’s extraordinary access to this vast repository of international financial data, however carefully targeted use of it may be, is a matter of public interest.”

Swift declined to discuss details of the program but defended its role in written responses to questions. “Swift has fully complied with all applicable laws,” the consortium said. The organization said it insisted that the data be used only for terrorism investigations and had narrowed the scope of the information provided to American officials over time.

A Crucial Gatekeeper

Swift’s database provides a rich hunting ground for government investigators. Swift is a crucial gatekeeper, providing electronic instructions on how to transfer money between 7,800 financial institutions worldwide. The cooperative is owned by more than 2,200 organizations, and virtually every major commercial bank, as well as brokerage houses, fund managers and stock exchanges, uses its services. Swift routes more than 11 million transactions each day, most of them across borders.

The cooperative’s message traffic allows investigators, for example, to track money from the Saudi bank account of a suspected terrorist to a mosque in New York. Using intelligence tips about specific targets, agents search the database in what one official described as a “24-7” operation. Customers’ names, bank account numbers and other identifying information, can be retrieved, the officials said.

The data does not allow the government to track routine financial activity, like A.T.M. withdrawals, confined to this country, or to see bank balances, Treasury officials said. And the information is not provided in real time – Swift generally turns it over several weeks later. Because of privacy concerns and the potential for abuse, the government sought the data only for terrorism investigations and prohibited its use for tax fraud, drug trafficking or other inquiries, the officials said.

The Treasury Department was charged by President Bush, in a September 2001 executive order, with taking the lead role in efforts to disrupt terrorist financing. Mr. Bush has been briefed on the program and Vice President Dick Cheney has attended C.I.A. demonstrations, the officials said. The National Security Agency has provided some technical assistance.

While the banking program is a closely held secret, administration officials have conducted classified briefings to some members of Congress and the Sept. 11 Commission, the officials said. More lawmakers were briefed in recent weeks, after the administration learned The Times was making inquiries for this article. Swift’s 25-member board of directors, made up of representatives from financial institutions around the world, was previously told of the program, but it is not clear if other participants know that American intelligence officials can examine their message traffic.

Because Swift is based overseas and has offices in the United States, it is governed both by European and American laws. Several international regulations and policies impose privacy restrictions on companies that are generally regarded as more stringent than those in this country. United States law establishes some protections for the privacy of Americans’ financial data, but they are not ironclad. A 1978 measure, the Right to Financial Privacy Act, has a limited scope and a number of exceptions, and its role in national security cases remains largely untested.

Several people familiar with the Swift program said they believed they were exploiting a “gray area” in the law and that a case could be made for restricting the government’s access to the records on Fourth Amendment and statutory grounds. They also worried about the impact on Swift if the program were disclosed.

“There was always concern about this program,” a former official said.

One person involved in the Swift program estimated that analysts have reviewed international transfers involving “many thousands” of people or groups in the United States. Two other officials also placed the figure in the thousands. Mr. Levey said he could not estimate the number.

The Swift data has provided clues to terror money trails and ties between possible terrorists and organizations financing them, the officials said. In some instances, they said, the program has pointed them to new suspects, while in others it has buttressed cases already under investigation.

Among the successes was the capture of a Qaeda operative, Riduan Isamuddin, better known as Hambali, believed to be the mastermind of the 2002 bombing of a Bali resort, several officials said. The Swift data identified a previously unknown figure in Southeast Asia who had financial dealings with a person suspected of being a member of Al Qaeda; that link helped locate Hambali in Thailand in 2003, they said.

In the United States, the program has provided financial data in investigations into possible domestic terrorist cells as well as inquiries of Islamic charities with suspected of having links to extremists, the officials said.

The data also helped identify a Brooklyn man who was convicted on terrorism-related charges last year, the officials said. The man, Uzair Paracha, who worked at a New York import business, aided a Qaeda operative in Pakistan by agreeing to launder $200,000 through a Karachi bank, prosecutors said.

In terrorism prosecutions, intelligence officials have been careful to “sanitize,” or hide the origins of evidence collected through the program to keep it secret, officials said.

The Bush administration has pursued steps that may provide some enhanced legal standing for the Swift program. In late 2004, Congress authorized the Treasury Department to develop regulations requiring American banks to turn over records of international wire transfers. Officials say a preliminary version of those rules may be ready soon. One official described the regulations as an attempt to “formalize” access to the kind of information secretly provided by Swift, though other officials said the initiative was unrelated to the program.

The Scramble for New Tools

Like other counterterrorism measures carried out by the Bush administration, the Swift program began in the hectic days after the Sept. 11 attacks, as officials scrambled to identify new tools to head off further strikes.

One priority was to cut off the flow of money to Al Qaeda. The Sept. 11 hijackers had helped finance their plot by moving money through banks. Nine of the hijackers, for instance, funneled money from Europe and the Middle East to SunTrust bank accounts in Florida. Some of the $130,000 they received was wired by people overseas with known links to Al Qaeda.

Financial company executives, many of whom had lost friends at the World Trade Center, were eager to help federal officials trace terrorist money. “They saw 9/11 not just as an attack on the United States, but on the financial industry as a whole,” said one former government official.

Quietly, counterterrorism officials sought to expand the information they were getting from financial institutions. Treasury officials, for instance, spoke with credit card companies about devising an alert if someone tried to buy fertilizer and timing devices that could be used for a bomb, but they were told the idea was not logistically possible, a lawyer in the discussions said.

The F.B.I. began acquiring financial records from Western Union and its parent company, First Data Corporation. The programs were alluded to in Congressional testimony by the F.B.I. in 2003 and described in more detail in a book released this week, “The One Percent Doctrine,” by Ron Suskind. Using what officials described as individual, narrowly framed subpoenas and warrants, the F.B.I. has obtained records from First Data, which processes credit and debit card transactions, to track financial activity and try to locate suspects.

Similar subpoenas for the Western Union data allowed the F.B.I. to trace wire transfers, mainly outside the United States, and to help Israel trace the financing of about a half-dozen possible terrorist plots there, an official said.

The idea for the Swift program, several officials recalled, grew out of a suggestion by a Wall Street executive, who told a senior Bush administration official about Swift’s database. Few government officials knew much about the consortium, which is led by a Brooklyn native, Leonard H. Schrank, but they quickly discovered it offered unparalleled access to international transactions.

Swift, a former government official said, was “the mother lode, the Rosetta stone” for financial data.

Intelligence officials were so eager to exploit the Swift data that they discussed having the C.I.A. covertly gain access to the system, several officials involved in the talks said. But Treasury officials resisted, the officials said, and favored going to Swift directly.

At the same time, lawyers in the Treasury Department and the Justice Department were considering possible legal obstacles to the arrangement, the officials said.

In 1976, the Supreme Court ruled that Americans had no constitutional right to privacy for their records held by banks or other financial institutions. In response, Congress passed the Right to Financial Privacy Act two years later, restricting government access to Americans’ banking records. In considering the Swift program, some government lawyers were particularly concerned about whether the law prohibited officials from gaining access to records without a warrant or subpoena based on some level of suspicion about each target.

For many years, law enforcement officials have relied on grand-jury subpoenas or court-approved warrants for such financial data. Since the Sept. 11 attacks, the F.B.I. has turned more frequently to an administrative subpoena, known as a national security letter, to demand such records.

After an initial debate, Treasury Department lawyers, consulting with the Justice Department, concluded that the privacy laws applied to banks, not to a banking cooperative like Swift. They also said the law protected individual customers and small companies, not the major institutions that route money through Swift on behalf of their customers.

Other state, federal and international regulations place different and sometimes conflicting restrictions on the government’s access to financial records. Some put greater burdens on the company disclosing the information than on the government officials demanding it.

Among their considerations, American officials saw Swift as a willing partner in the operation. But Swift said its participation was never voluntary. “Swift has made clear that it could provide data only in response to a valid subpoena,” according to its written statement.

Indeed, the cooperative’s executives voiced early concerns about legal and corporate liability, officials said, and the Treasury Department’s Office of Foreign Asset Control began issuing broad subpoenas for the cooperative’s records related to terrorism. One official said the subpoenas were intended to give Swift some legal protection.

Underlying the government’s legal analysis was the International Emergency Economic Powers Act, which Mr. Bush invoked after the Sept. 11 attacks. The law gives the president what legal experts say is broad authority to “investigate, regulate or prohibit” foreign transactions in responding to “an unusual and extraordinary threat.”

But L. Richard Fischer, a Washington lawyer who wrote a book on banking privacy and is regarded as a leading expert in the field, said he was troubled that the Treasury Department would use broad subpoenas to demand large volumes of financial records for analysis. Such a program, he said, appears to do an end run around bank-privacy laws that generally require the government to show that the records of a particular person or group are relevant to an investigation.

“There has to be some due process,” Mr. Fischer said. “At an absolute minimum, it strikes me as inappropriate.”

Several former officials said they had lingering concerns about the legal underpinnings of the Swift operation. The program “arguably complies with the letter of the law, if not the spirit,” one official said.

Another official said: “This was creative stuff. Nothing was clear cut, because we had never gone after information this way before.”

Treasury officials would not say whether a formal legal opinion was prepared in authorizing the program, but they said they considered the government’s authority to subpoena the Swift records to be clear. “People do not have a privacy interest in their international wire transactions,” Mr. Levey, the Treasury under secretary, said.

Tighter Controls Sought

Within weeks of the Sept. 11 attacks, Swift began turning over records that allowed American analysts to look for evidence of terrorist financing. Initially, there appear to have been few formal limits on the searches.

“At first, they got everything – the entire Swift database,” one person close to the operation said.

Intelligence officials paid particular attention to transfers to or from Saudi Arabia and the United Arab Emirates because most of the Sept. 11 hijackers were from those countries.

The volume of data, particularly at the outset, was often overwhelming, officials said. “We were turning on every spigot we could find and seeing what water would come out,” one former administration official said. “Sometimes there were hits, but a lot of times there weren’t.”

Officials realized the potential for abuse, and soon narrowed the program’s targets and put in more safeguards. Among them were the auditing firm, an electronic record of every search and a form documenting the intelligence that justified each data search. Mr. Levey said the program was used only to search the records of individuals or entities, not for broader data searches.

Despite the controls, Swift executives became increasingly worried about their secret involvement with the American government, the officials said. By 2003, the cooperative’s officials were discussing pulling out because of their concerns about legal and financial risks if the program were revealed, one government official said.

“How long can this go on?” a Swift executive asked, according to the official.

Even some American officials began to question the open-ended arrangement. “I thought there was a limited shelf life and that this was going to go away,” the former senior official said.

In 2003, administration officials asked Swift executives and some board members to come to Washington. They met with Mr. Greenspan, Robert S. Mueller III, the F.B.I. director, and Treasury officials, among others, in what one official described as “a full-court press.”

The executives agreed to continue supplying records after the Americans pledged to impose tighter controls. Swift representatives would be stationed alongside intelligence officials and could block any searches considered inappropriate, several officials said. The procedural change provoked some opposition at the C.I.A. because “the agency was chomping at the bit to have unfettered access to the information,” a senior counterterrorism official said. But the Treasury Department saw it as a necessary compromise, the official said, to “save the program.”


Bush Administration Spent $30 Million Last Year On Illegally Obtained Personal Data

June 21, 2006

From the AP, Via Yahoo! News:

Federal and local police across the country — as well as some of the nation's best-known companies — have been gathering Americans' phone records from private data brokers without subpoenas or warrants.

These brokers, many of whom market aggressively across the Internet, have broken into customer accounts online, tricked phone companies into revealing information and sometimes acknowledged that their practices violate laws, according to documents obtained by The Associated Press.

Legal experts and privacy advocates said police reliance on private vendors who commit such acts raises civil liberties questions.

Those using data brokers include agencies of the Homeland Security and Justice departments — including the FBI and U.S. Marshal's Service — and municipal police departments in California, Florida, Georgia and Utah. Experts believe hundreds of other departments frequently use such services.

"We are requesting any and all information you have regarding the above cell phone account and the account holder … including account activity and the account holder's address," Ana Bueno, a police investigator in Redwood City, Calif., wrote in October to PDJ Investigations of Granbury, Texas.

An agent in Denver for U.S. Immigration and Customs Enforcement, Anna Wells, sent a similar request on March 31 on Homeland Security stationery: "I am looking for all available subscriber information for the following phone number," Wells wrote to a corporate alias used by PDJ.

Congressional investigators estimated the U.S. government spent $30 million last year buying personal data from private brokers. But that number likely understates the breadth of transactions, since brokers said they rarely charge law enforcement agencies.

A lawmaker who has investigated the industry said Monday he was concerned about data brokers.

"There's a good chance there are some laws being broken, but it's not really clear precisely which laws, said Rep. Ed Whitfield, R-Ky., head of the House Energy and Commerce investigations subcommittee that plans to begin hearings Wednesday.

Documents gathered by Whitfield's committee show data brokers use trickery, impersonation and even technology to try to gather Americans' phone records. "They can basically obtain any information about anybody on any subject," Whitfield said.

James Bearden, a Texas lawyer who represents four such data brokers, likened the companies' activities to the National Security Agency, which reportedly compiles the phone records of ordinary Americans.

"The government is doing exactly what these people are accused of doing," Bearden said. "These people are being demonized. These are people who are partners with law enforcement on a regular basis."

Many of the executives summoned to testify before Congress this week plan to refuse to answer questions, invoking their Fifth Amendment right against self incrimination.

Larry Slade, PDJ's lawyer, said no one at the company violated laws, but he acknowledged, "I'm not sure that every law enforcement agency in the country would agree with that analysis."

PDJ always provided help to police for free. "Agencies from all across the country took advantage of it," Slade said.

The police agencies told AP they used the data brokers because it was quicker and easier than subpoenas, and their lawyers believe their actions did not violate the Fourth Amendment's guarantee against unlawful search and seizure.

Some agencies, such as Immigrations and Customs Enforcement, instructed agents to stop the practice after congressional inquiries. Police in Orem, Utah, likewise plan to end the practice because of concerns about "questionable methods" used by the data brokers, Lt. Doug Edwards said.

The records also list some of America's most famous corporate names — from automakers to insurers to banks — as purchasing information on private citizens from data brokers, which often help companies track down delinquent customers.

For instance, a 2003 customer list for data broker Universal Communications Company listed Ford Motor Credit Co., the automaker's lending arm, as the single largest purchaser of phone toll records, paying $17,435 to buy such data that year. In all, Ford's lending arm spent more than $50,000 with that data broker that year. Ford also paid $9,000 to another such company, Global Information Group, in 2004, the records state.

Also on UCC's or Global Information's paying client list was the insurer State Farm's banking arm, Chrysler's consumer lending arm, Enterprise Rent-A-Car and banking giants Wells Fargo and Wachovia Financial Services.

At least 50 departments of Wachovia made data requests in 2004, accumulating thousands of dollars in charges. Most of the companies could not provide an immediate explanation when called for comment Tuesday.

Ford Motor Credit spokeswoman Meredith Libby said Tuesday her company used the vendors in the past to help locate customers who weren't paying and had disappeared but the companies "are no longer on our approved vendor lists."

Asked why Ford would need phone toll records, Libby said her company "did not necessarily say (to the vendor), `Give us this specific piece of data, but rather help us to find this person,'" and the charges for phone records were part of the process.

None of the police agencies interviewed by AP said they researched their data brokers to determine how they gather sensitive information like names associated with unlisted numbers, records of phone calls, e-mail aliases — even tracing a person's location using their cellular phone signal.

"If it's on the Internet and it's been commended to us, we wouldn't do a full-scale investigation," Marshal's Service spokesman David Turner said. "We don't knowingly go into any source that would be illegal. We were not aware, I'm fairly certain, what technique was used by these subscriber services."

At Immigration and Customs Enforcement, spokesman Dean Boyd said agents did not pay for phone records and sought approval from U.S. prosecutors before making requests. Their goal was "to more quickly identify and filter out phone numbers that were unrelated to their investigations," Boyd said.

Targets of the police interest include alleged marijuana smugglers, car thieves, armed thugs and others.

The data services also are enormously popular among collection agencies, bails bondsmen, private detectives and suspicious spouses. Customers included:

– A U.S. Labor Department employee who used her government e-mail address and phone number to buy two months of personal cellular phone records of a woman in New Jersey.

– A buyer who received credit card information about the father of murder victim Jon Benet Ramsey.

– A buyer who obtained 20 printed pages of phone calls by pro basketball player Damon Jones of the Cleveland Cavaliers.

"I'm very disappointed," Jones told AP on Tuesday. "I paid for a service and that service is being violated. I've been an upstanding guy, never been in any trouble or anything like that. I was shocked, and I really want to get to the bottom of this."

Privacy advocates bristled over data brokers gathering records for police without subpoenas.

"This is pernicious, an end run around the Fourth Amendment," said Marc Rotenberg, head of the Washington-based Electronic Privacy Information Center which advocates tougher federal regulation of data brokers. "The government is encouraging unlawful conduct; it's not smart on the law enforcement side to be making use of information obtained improperly."

Legal experts said law enforcement agencies would be permitted to use illegally obtained information from private parties without violating the Fourth Amendment as long as police did not encourage crimes to be committed.

"If law enforcement is encouraging people in the private sector to commit a crime in getting these records, that would be problematic," said Mark Levin, a former top Justice Department official under President Reagan. "If, on the other hand, they are asking data brokers if they have any public information on any given phone numbers, that should be fine."

Levin said he nonetheless would have advised federal agents to use the practice only when it was a matter of urgency or national security and otherwise to stick to a legally bulletproof method like subpoenas for everyday cases.

Congress subpoenaed thousands of documents from data brokers describing how they collected telephone records by impersonating customers.

"I was shot down four times," data broker employee Michele Yontef complained in an e-mail in July 2005 to a colleague. Yontef was among those ordered to appear at this week's hearing.

Another company years ago even acknowledged breaking the law.

"We must break various rules of law in acquiring all the information we achieve for you," Touch Tone Information Inc. of Denver wrote to a law firm in 1998 that was seeking records of calls made on a calling card.


Bush Administration Invoking State Secrets More and More

June 4, 2006

From The NY Times:

Facing a wave of litigation challenging its eavesdropping at home and its handling of terror suspects abroad, the Bush administration is increasingly turning to a legal tactic that swiftly torpedoes most lawsuits: the state secrets privilege.

In recent weeks alone, officials have used the privilege to win the dismissal of a lawsuit filed by a German man who was abducted and held in Afghanistan for five months and to ask the courts to throw out three legal challenges to the National Security Agency's domestic surveillance program.

But civil liberties groups and some scholars say the privilege claim, in which the government says any discussion of a lawsuit's accusations would endanger national security, has short-circuited judicial scrutiny and public debate of some central controversies of the post-9/11 era.

The privilege has been asserted by the Justice Department more frequently under President Bush than under any of his predecessors — in 19 cases, the same number as during the entire eight-year presidency of Ronald Reagan, the previous record holder, according to a count by William G. Weaver, a political scientist at the University of Texas at El Paso.

While the privilege, defined by a 1953 Supreme Court ruling, was once used to shield sensitive documents or witnesses from disclosure, it is now often used to try to snuff out lawsuits at their inception, Mr. Weaver and other legal specialists say.

"This is a very powerful weapon for the executive branch," said Mr. Weaver, who has a law degree and is a co-author of one of the few scholarly articles examining the privilege. "Once it's asserted, in almost every instance it stops the case cold."

Robert M. Chesney, a law professor at Wake Forest University who is studying the recent use of the privilege, said the administration's legal strategy "raises profound legal and policy questions that will be the subject of intense debate for the foreseeable future."

Some members of Congress also have doubts about the way the privilege has been used. A bill approved by the House Government Reform Committee would limit its use in blocking whistle-blowers' lawsuits.

"If the very people you're suing are the ones who get to use the state secrets privilege, it's a stacked deck," said Representative Christopher Shays, Republican of Connecticut, who proposed the measure and has campaigned against excessive government secrecy.

Yet courts have almost always deferred to the secrecy claims; Mr. Weaver said he believed that the last unsuccessful assertion of the privilege was in 1993. Steven Aftergood, an expert on government secrecy at the Federation of American Scientists, said, "It's a sign of how potent the national security mantra has become."

Under Mr. Bush, the secrets privilege has been used to block a lawsuit by a translator at the Federal Bureau of Investigation, Sibel Edmonds, who was fired after accusing colleagues of security breaches; to stop a discrimination lawsuit filed by Jeffrey Sterling, a Farsi-speaking, African-American officer at the Central Intelligence Agency; and to derail a patent claim involving a coupler for fiber-optic cable, evidently to guard technical details of government eavesdropping.

Such cases can make for oddities. Mark S. Zaid, who has represented Ms. Edmonds, Mr. Sterling and other clients in privilege cases, said he had seen his legal briefs classified by the government and had been barred from contacting a client because his phone line was not secure.

"In most state secrets cases, the plaintiffs' lawyers don't know what the alleged secrets are," Mr. Zaid said.

More recently the privilege has been wielded against lawsuits challenging broader policies, including the three lawsuits attacking the National Security Agency's eavesdropping program — one against AT&T by the Electronic Frontier Foundation in San Francisco and two against the federal government by the American Civil Liberties Union in Michigan and the Center for Constitutional Rights in New York.

In a filing in the New York case, John D. Negroponte, the director of national intelligence, wrote that allowing the case to proceed would "cause exceptionally grave damage to the national security of the United States" because it "would enable adversaries of the United States to avoid detection." Mr. Negroponte said he was providing more detail in classified filings.

Those cases are still pending. Two lawsuits challenging the government's practice of rendition, in which terror suspects are seized and delivered to detention centers overseas, were dismissed after the government raised the secrets privilege.

One plaintiff, Maher Arar, a Syrian-born Canadian, was detained while changing planes in New York and was taken to Syria, where he has said he was held in a tiny cell and beaten with electrical cables. The other, Khaled el-Masri, a German of Kuwaiti origin, was seized in Macedonia and taken to Afghanistan, where he has said he was beaten and injected with drugs before being released in Albania.

The United States never made public any evidence linking either man to terrorism, and both cases are widely viewed as mistakes. Mr. Arar's lawsuit was dismissed in February on separate but similar grounds from the secrets privilege, a decision he is appealing. A federal judge in Virginia dismissed Mr. Masri's lawsuit on May 18, accepting the government's secrets claim.

One frustration of the plaintiffs in such cases is that so much information about the ostensible state secrets is already public. Mr. Arar's case has been examined in months of public hearings by a Canadian government commission, and Mr. Masri's story has been confirmed by American and German officials and blamed on a mix-up of similar names. The N.S.A. program has been described and defended in numerous public statements by Mr. Bush and other top officials and in a 42-page Justice Department legal analysis.

In the A.C.L.U. lawsuit charging that the security agency's eavesdropping is illegal, Ann Beeson, the group's associate legal director, acknowledged that some facts might need to remain secret. "But you don't need those facts to hear this case," she said. "All the facts needed to try this case are already public."

Brian Roehrkasse, a Justice Department spokesman, said he could not discuss any specific case. But he said the state secrets privilege "is well-established in federal law and has been asserted many times in our nation's history to protect our nation's secrets."

Other defenders of the administration's increasing use of the privilege say it merely reflects proliferating lawsuits.

In all of the N.S.A. cases, for instance, "it's the same secret they're trying to protect," said H. Bryan Cunningham, a Denver lawyer who served as a legal adviser to the National Security Council under Mr. Bush. Mr. Cunningham said that under well-established precedent, judges must defer to the executive branch in deciding what secrets must be protected.

But critics of the use of the privilege point out that officials sometimes exaggerate the sensitivities at risk. In fact, documents from the 1953 case that defined the modern privilege, United States v. Reynolds, have been declassified in recent years and suggest that Air Force officials misled the court.

An accident report on a B-29 bomber crash in 1948 was withheld because the Air Force said it included technical details about sensitive intelligence equipment and missions, but it turned out to contain no such information, said Wilson M. Brown III, a lawyer in Philadelphia who represented survivors of those who died in the crash in recent litigation.

"The facts the Supreme Court was relying on in Reynolds were false," Mr. Brown said in an interview. "It shows that if the government is not truthful, plaintiffs will lose and there's very little chance to straighten it out."


FCC Won’t Investigate NSA

May 24, 2006

FCC Chariman Kevin Martin announced today that the FCC was incapable of investigating the telecommunications companies who gave their customer's records to the NSA.  Congressman Markey, who is the ranking member of the Subcommittee on Telecommunications and the Internet had requested Martin open an investigation.

 Martin writes to Mackey: 

"In this case, however, the classified nature of the NSA's activities makes us unable to investigate the alleged violations discussed in your letter at this time," writes Martin. "The representations of [Director of National Intelligence John] Negroponte and [National Security Agency Director] General Alexander make clear that it would not be possible for us to investigate the activities described in your letter without examining highly sensitive classified information."

"The Commission has no power to order the production of classified information."

In his response, Markey chastised the FCC for "refus[ing] to demand answers."

"We can't have a situation where the FCC, charged with enforcing the law, won't even begin an investigation of apparent violations of the law because it predicts the Administration will roadblock any investigations citing national security," Markey remarked. "If the FCC initiates an investigation and gets blocked by the White House, then the White House is stonewalling. But if the FCC refuses to even demand answers, then the White House never has to block the enforcement agency from getting to the bottom of this. The American people deserve answers." 

Official notification is posted here.


AT&T Whistle-Blower’s Evidence

May 19, 2006

From Wired News:

Former AT&T technician Mark Klein is the key witness in the Electronic Frontier Foundation's class-action lawsuit against the company, which alleges that AT&T illegally cooperated in an illegal National Security Agency domestic-surveillance program.

In this recently surfaced statement, Klein details his discovery of an alleged surveillance operation in an AT&T office in San Francisco, and offers his interpretation of company documents that he believes support his case.
For its part, AT&T is asking a federal judge to keep those documents out of court, and to order the EFF to return them to the company. Here Wired News presents Klein's statement in its entirety, along with select pages from the AT&T documents.

AT&T's Implementation of NSA Spying on American Citizens

31 December 2005

I wrote the following document in 2004 when it became clear to me that AT&T, at the behest of the National Security Agency, had illegally installed secret computer gear designed to spy on internet traffic. At the time I thought this was an outgrowth of the notorious Total Information Awareness program which was attacked by defenders of civil liberties. But now it's been revealed by The New York Times that the spying program is vastly bigger and was directly authorized by President Bush, as he himself has now admitted, in flagrant violation of specific statutes and constitutional protections for civil liberties. I am presenting this information to facilitate the dismantling of this dangerous Orwellian project.
AT&T Deploys Government Spy Gear on WorldNet Network

— 16 January, 2004

In 2003 AT&T built "secret rooms" hidden deep in the bowels of its central offices in various cities, housing computer gear for a government spy operation which taps into the company's popular WorldNet service and the entire internet. These installations enable the government to look at every individual message on the internet and analyze exactly what people are doing. Documents showing the hardwire installation in San Francisco suggest that there are similar locations being installed in numerous other cities.

The physical arrangement, the timing of its construction, the government-imposed secrecy surrounding it, and other factors all strongly suggest that its origins are rooted in the Defense Department's Total Information Awareness (TIA) program which brought forth vigorous protests from defenders of constitutionally protected civil liberties last year:

"As the director of the effort, Vice Adm. John M. Poindexter, has described the system in Pentagon documents and in speeches, it will provide intelligence analysts and law enforcement officials with instant access to information from internet mail and calling records to credit card and banking transactions and travel documents, without a search warrant." The New York Times, 9 November 2002

To mollify critics, the Defense Advanced Research Projects Agency (Darpa) spokesmen have repeatedly asserted that they are only conducting "research" using "artificial synthetic data" or information from "normal DOD intelligence channels" and hence there are "no U.S. citizen privacy implications" (Department of Defense, Office of the Inspector General report on TIA, December 12, 2003). They also changed the name of the program to "Terrorism Information Awareness" to make it more politically palatable. But feeling the heat, Congress made a big show of allegedly cutting off funding for TIA in late 2003, and the political fallout resulted in Adm. Poindexter's abrupt resignation last August. However, the fine print reveals that Congress eliminated funding only for "the majority of the TIA components," allowing several "components" to continue (DOD, ibid). The essential hardware elements of a TIA-type spy program are being surreptitiously slipped into "real world" telecommunications offices.

In San Francisco the "secret room" is Room 641A at 611 Folsom Street, the site of a large SBC phone building, three floors of which are occupied by AT&T. High-speed fiber-optic circuits come in on the 8th floor and run down to the 7th floor where they connect to routers for AT&T's WorldNet service, part of the latter's vital "Common Backbone." In order to snoop on these circuits, a special cabinet was installed and cabled to the "secret room" on the 6th floor to monitor the information going through the circuits. (The location code of the cabinet is 070177.04, which denotes the 7th floor, aisle 177 and bay 04.) The "secret room" itself is roughly 24-by-48 feet, containing perhaps a dozen cabinets including such equipment as Sun servers and two Juniper routers, plus an industrial-size air conditioner.

The normal work force of unionized technicians in the office are forbidden to enter the "secret room," which has a special combination lock on the main door. The telltale sign of an illicit government spy operation is the fact that only people with security clearance from the National Security Agency can enter this room. In practice this has meant that only one management-level technician works in there. Ironically, the one who set up the room was laid off in late 2003 in one of the company's endless "downsizings," but he was quickly replaced by another.

Plans for the "secret room" were fully drawn up by December 2002, curiously only four months after Darpa started awarding contracts for TIA. One 60-page document, identified as coming from "AT&T Labs Connectivity & Net Services" and authored by the labs' consultant Mathew F. Casamassima, is titled Study Group 3, LGX/Splitter Wiring, San Francisco and dated 12/10/02. (See sample PDF 1-4.) This document addresses the special problem of trying to spy on fiber-optic circuits. Unlike copper wire circuits which emit electromagnetic fields that can be tapped into without disturbing the circuits, fiber-optic circuits do not "leak" their light signals. In order to monitor such communications, one has to physically cut into the fiber somehow and divert a portion of the light signal to see the information.

This problem is solved with "splitters" which literally split off a percentage of the light signal so it can be examined. This is the purpose of the special cabinet referred to above: Circuits are connected into it, the light signal is split into two signals, one of which is diverted to the "secret room." The cabinet is totally unnecessary for the circuit to perform — in fact it introduces problems since the signal level is reduced by the splitter — its only purpose is to enable a third party to examine the data flowing between sender and recipient on the internet.

The above-referenced document includes a diagram (PDF 3) showing the splitting of the light signal, a portion of which is diverted to "SG3 Secure Room," i.e., the so-called "Study Group" spy room. Another page headlined "Cabinet Naming" (PDF 2) lists not only the "splitter" cabinet but also the equipment installed in the "SG3" room, including various Sun devices, and Juniper M40e and M160 "backbone" routers. PDF file 4 shows one of many tables detailing the connections between the "splitter" cabinet on the 7th floor (location 070177.04) and a cabinet in the "secret room" on the 6th floor (location 060903.01). Since the San Francisco "secret room" is numbered 3, the implication is that there are at least several more in other cities (Seattle, San Jose, Los Angeles and San Diego are some of the rumored locations), which likely are spread across the United States.

One of the devices in the "Cabinet Naming" list is particularly revealing as to the purpose of the "secret room": a Narus STA 6400. Narus is a 7-year-old company which, because of its particular niche, appeals not only to businessmen (it is backed by AT&T, JP Morgan and Intel, among others) but also to police, military and intelligence officials. Last November 13-14, for instance, Narus was the "Lead Sponsor" for a technical conference held in McLean, Virginia, titled "Intelligence Support Systems for Lawful Interception and Internet Surveillance." Police officials, FBI and DEA agents, and major telecommunications companies eager to cash in on the "war on terror" had gathered in the hometown of the CIA to discuss their special problems. Among the attendees were AT&T, BellSouth, MCI, Sprint and Verizon. Narus founder, Dr. Ori Cohen, gave a keynote speech. So what does the Narus STA 6400 do?

"The (Narus) STA Platform consists of stand-alone traffic analyzers that collect network and customer usage information in real time directly from the message…. These analyzers sit on the message pipe into the ISP (internet service provider) cloud rather than tap into each router or ISP device" (Telecommunications magazine, April 2000). A Narus press release (1 Dec., 1999) also boasts that its Semantic Traffic Analysis (STA) technology "captures comprehensive customer usage data … and transforms it into actionable information…. (It) is the only technology that provides complete visibility for all internet applications."

To implement this scheme, WorldNet's high-speed data circuits already in service had to be rerouted to go through the special "splitter" cabinet. This was addressed in another document of 44 pages from AT&T Labs, titled "SIMS, Splitter Cut-In and Test Procedure," dated 01/13/03 (PDF 5-6). "SIMS" is an unexplained reference to the secret room. Part of this reads as follows:

"A WMS (work) Ticket will be issued by the AT&T Bridgeton Network Operation Center (NOC) to charge time for performing the work described in this procedure document….
"This procedure covers the steps required to insert optical splitters into select live Common Backbone (CBB) OC3, OC12 and OC48 optical circuits."

The NOC referred to is in Bridgeton, Missouri, and controls WorldNet operations. (As a sign that government spying goes hand-in-hand with union-busting, the entire (Communication Workers of America) Local 6377 which had jurisdiction over the Bridgeton NOC was wiped out in early 2002 when AT&T fired the union work force and later rehired them as nonunion "management" employees.) The cut-in work was performed in 2003, and since then new circuits are connected through the "splitter" cabinet.

Another "Cut-In and Test Procedure" document dated January 24, 2003, provides diagrams of how AT&T Core Network circuits were to be run through the "splitter" cabinet (PDF 7). One page lists the circuit IDs of key Peering Links which were "cut-in" in February 2003 (PDF 8), including ConXion, Verio, XO, Genuity, Qwest, PAIX, Allegiance, AboveNet, Global Crossing, C&W, UUNET, Level 3, Sprint, Telia, PSINet and Mae West. By the way, Mae West is one of two key internet nodal points in the United States (the other, Mae East, is in Vienna, Virginia). It's not just WorldNet customers who are being spied on — it's the entire internet.

The next logical question is, what central command is collecting the data sent by the various "secret rooms"? One can only make educated guesses, but perhaps the answer was inadvertently given in the DOD Inspector General's report (cited above):

"For testing TIA capabilities, Darpa and the U.S. Army Intelligence and Security Command (INSCOM) created an operational research and development environment that uses real-time feedback. The main node of TIA is located at INSCOM (in Fort Belvoir, Virginia)…."

Among the agencies participating or planning to participate in the INSCOM "testing" are the "National Security Agency, the Defense Intelligence Agency, the Central Intelligence Agency, the DOD Counterintelligence Field Activity, the U.S. Strategic Command, the Special Operations Command, the Joint Forces Command and the Joint Warfare Analysis Center." There are also "discussions" going on to bring in "non-DOD federal agencies" such as the FBI.

This is the infrastructure for an Orwellian police state. It must be shut down!


More On Narsus

May 18, 2006

From Wired News:

The equipment that technician Mark Klein learned was installed in the National Security Agency's "secret room" inside AT&T's San Francisco switching office isn't some sinister Big Brother box designed solely to help governments eavesdrop on citizens' internet communications.

Rather, it's a powerful commercial network-analysis product with all sorts of valuable uses for network operators. It just happens to be capable of doing things that make it one of the best internet spy tools around.

"Anything that comes through (an internet protocol network), we can record," says Steve Bannerman, marketing vice president of Narus, a Mountain View, California, company. "We can reconstruct all of their e-mails along with attachments, see what web pages they clicked on, we can reconstruct their (voice over internet protocol) calls."

Narus' product, the Semantic Traffic Analyzer, is a software application that runs on standard IBM or Dell servers using the Linux operating system. It's renowned within certain circles for its ability to inspect traffic in real time on high-bandwidth pipes, identifying packets of interest as they race by at up to 10 Gbps.

Internet companies can install the analyzers at every entrance and exit point of their networks, at their "cores" or centers, or both. The analyzers communicate with centralized "logic servers" running specialized applications. The combination can keep track of, analyze and record nearly every form of internet communication, whether e-mail, instant message, video streams or VOIP phone calls that cross the network.

Brasil Telecom and several other Brazilian phone companies are using Narus products to charge each other for VOIP calls they send over one another's IP networks. Internet companies in China and the Middle East use them to block VOIP calls altogether.

But even before the product's alleged role in the NSA's operations emerged, its potential as a surveillance tool was not lost on corporate America.

In December, VeriSign, also of Mountain View, chose Narus' product as the backbone of its lawful-intercept-outsourcing service, which helps network operators comply with court-authorized surveillance orders from law enforcement agencies. A special Narus lawful-intercept application does this spying with ease, sorting through torrents of IP traffic to pick out specific messages based on a targeted e-mail address, IP address or, in the case of VOIP, phone number.

"We needed their fast packet-detection and inspection capability," says VeriSign Vice President Raj Puri. "They do it with specialized software that can isolate packets for a specific target."

Narus has little control over how its products are used after they're sold. For example, although its lawful-intercept application has a sophisticated system for making sure the surveillance complies with the terms of a warrant, it's up to the operator whether to type those terms into the system, says Bannerman.

That legal eavesdropping application was launched in February 2005, well after whistle-blower Klein allegedly learned that AT&T was installing Narus boxes in secure, NSA-controlled rooms in switching centers around the country. But that doesn't mean the government couldn't write its own code to do the dirty work. Narus even offers software-development kits to customers.

"Our product is designed to comply (with) all of the laws in all of the countries we ship to," says Bannerman. "Many of our customers have built their own applications. We have no idea what they do."