If you want to read my realtime reactions to the nonsense, there's a fairly long Twitter thread. If you want a short summary, it's this: everyone who spoke is angry about some aspect of these companies but (and this is kind of important) there is no consensus about why and the reasons for their anger is often contradictory. The most obvious example of this played out in regards to discussions that were raised about the decision earlier this week by YouTube and Facebook (and Twitter) to take down an incredibly ridiculous Breitbart video showing a group of "doctors" spewing dangerous nonsense regarding COVID-19 and how to treat it (and how not to treat it). The video went viral, and a whole bunch of people were sharing it, even though one of the main stars apparently believes in Alien DNA and Demon Sperm. Also, when Facebook took down the video, she suggested that God would punish Facebook by crashing its servers.
However, during the hearing, there were multiple Republican lawmakers who were furious at Facebook and YouTube for removing such content, and tried to extract promises that the platforms would no longer "interfere." Amusingly (or, not really), at one point, Jim Sensenbrenner even demanded that Mark Zuckerberg answer why Donald Trump Jr.'s account had been suspended for sharing such a video -- which is kind of embarrassing since it was Twitter, not Facebook, that temporarily suspended Junior's account (and it was for spreading disinfo about COVID, which that video absolutely was). Meanwhile, on the other side of the aisle, Rep. Cicilline was positively livid that 20 million people still saw that video, and couldn't believe that it took Facebook five full hours to decide to delete the video.
So, you had Republicans demanding these companies keep those videos up, and Democrats demanding they take the videos down faster. What exactly are these companies supposed to do?
Similarly, Rep. Jim Jordan made some conspiracy theory claims saying that Google tried to help Hillary Clinton win in 2016 (the fact that she did not might raise questions about how Jordan could then argue they have too much power, but...) and demanded that they promise not to "help Biden." On the other side of the aisle, Rep. Jamie Raskin complained about how Facebook allowed Russians and others to swing the election to Trump, and demanded to know how Facebook would prevent that in the future.
So... basically both sides were saying that if their tools are used to influence elections, bad things might happen. It just depends on which side wins to see which side will want to do the punishing.
Nearly all of the Representatives spent most of their time grandstanding -- rarely about issues related to antitrust -- and frequently demonstrating their own technological incompetence. Rep. Greg Steube whined that his campaign emails were being filtered to spam, and argued that it was Gmail unfairly handicapping conservatives. His "evidence" for this was that it didn't happen before he joined Congress last year, and that he'd never heard of it happening to Democrats (a few Democrats noted later that it does happen to them). Also, he said his own father found his campaign ads in spam, and so clearly it wasn't because his father marked them as spam. Sundar Pichai had to explain to Rep. Steube that (1) they don't spy on emails so they have no way of knowing that emails were between a father and son, and (2) that emails go to spam based on a variety of factors, including how other users rate them. In other words, Steube's own campaign is (1) bad at email and (2) his constituents are probably trashing the emails. It's not anti-conservative bias.
Rep. Ken Buck went on an unhinged rant, claiming that Google was in cahoots with communist China and against the US government.
On that front, Rep. Jim Jordan put on quite a show, repeatedly misrepresenting various content moderation decisions as "proof" of anti-conservative bias. Nearly every one of those examples he misrepresented. And then when a few other Reps. pointed out that he was resorting to fringe conspiracy theories he started shouting and had to be told repeatedly to stop interrupting (and to put on his mask). Later, at the end of the hearing, he went on a bizarre rant about "cancel culture" and demanded each of the four CEOs to state whether or not they thought cancel culture was good or bad. What that has to do with their companies, I do not know. What that has to do with antitrust, I have even less of an idea.
A general pattern, on both sides of the aisle was that a Representative would describe a news story or scenario regarding one of the platforms in a way that misrepresented what actually happened, and painted the companies in the worst possible light, and then would ask a "and have you stopped beating your wife?" type of question. Each of the four CEOs, when put on the spot like that, would say something along the lines of "I must respectfully disagree with the premise..." or "I don't think that's an accurate representation..." at which point (like clockwork) they were cut off by the Representative, with a stern look, and something along the lines of "so you won't answer the question?!?" or "I don't want to hear about that -- I just want a yes or no!"
It was... ridiculous -- in a totally bipartisan manner. Cicilline was just as bad as Jordan in completely misrepresenting things and pretending he'd "caught" these companies in some bad behavior that was not even remotely accurate. This is not to say the companies haven't done questionable things, but neither Cicilline nor Jordan demonstrated any knowledge of what those things were, preferring to push out fringe conspiracy theories. Others pushing fringe wacko theories included Rep. Matt Gaetz on the Republican side (who was all over the map with just wrong things, including demanding that the platforms would support law enforcement) and Rep. Lucy McBath on the Democratic side, who seemed very, very confused about the nature of cookies on the internet. She also completely misrepresented a situation regarding how Apple handled a privacy situation, suggesting that protecting user's privacy by blocking certain apps that had privacy issues was anti-competitive.
There were a few Representatives who weren't totally crazy. On the Republican side, Rep. Kelly Armstrong asked some thoughtful questions about reverse warrants (not an antitrust issue, but an important 4th Amendment one) and about Amazon's use of competitive data (but... he also used the debunked claim that Google tried to "defund" The Federalist, and used the story about bunches of DMCA notices going to Twitch to say that Twitch should be forced to pre-license all music, a la the EU Copyright Directive -- which, of course, would harm competition, since only a few companies could actually afford to do that). On the Democratic side, Rep. Raskin rightly pointed out the hypocrisy of Republicans who support Citizens United, but were mad that companies might politically support candidates they don't like (what that has to do with antitrust is beyond me, but it was a worthwhile point). Rep. Joe Neguse asked some good questions that were actually about competition, but for which there weren't very clear answers.
All in all, some will say it was just another typical Congressional hearing in which Congress displays its technological ignorance. And that may be true. But it is disappointing. What could have been a useful and productive discussion with these four important CEOs was anything but. What could have been an actual exploration of questions around market power and consumer welfare... was not. It was all just a big performance. And that's disappointing on multiple levels. It was a waste of time, and will be used to reinforce various narratives.
But, from this end, the only narrative it reinforced was that Congress is woefully ignorant about technology and how these companies operate. And they showed few signs of actually being curious in understanding the truth.
]]>At least some are now facing backlash over this... and they don't seem to be handling it well. Rep. Jim Sensenbrenner seems to have what may be the worst possible take on this after being asked about it. He told a constituent, to maybe just not use the internet if you don't like it. That linked article only has part of the quote, but here's the video of the question and the response:
.@JimPressOffice tells his constituents not to use the internet if they don't like his vote to sell out their privacy to advertisers. #wi05 pic.twitter.com/lSVVx8OclO
— Brad Bainum (@bradbainum) April 13, 2017
The questioner points out, correctly, that for individual services, like Facebook, people have a choice of how much they actually use them or what info they give, but for your overall ISP that's not true -- and also notes that there aren't competitive options. Sensenbrenner's answer is... maddeningly nonsensical and wrong, and basically ignores everything the questioner just said to him:
"You know, again, nobody's got to use the internet. And the thing is, if you start regulating the internet like a utility, if you did that right at the beginning, we'd have no internet. Internet companies have invested an awful lot of money in having almost universal services, now. And the fact is, you know, I don’t think it’s my job to tell you that you cannot get advertising through your information being sold. My job, I think, is to tell you that you have the opportunity to do it and then you take it upon yourself to make the choice that the government should give you. And that's what the law has been and I think we ought to have more choices, rather than fewer choices, with the government controlling our everyday lives.”
Now, it's a live situation, and perhaps Rep. Sensenbrenner misspoke. But, no, his press office doubled down on this when someone called it out on Twitter. Amusingly, the press office was trying to parse the difference between "don't use the internet" (as a Tweeter claimed Sensenbrenner said) and "you have a choice" which is... well... not a very big difference, despite his press office claiming it's a "big difference."
The idea that people "have a choice" in using the internet today is laughably out of touch. Indeed, so many things that people rely on today pretty much require the internet. Jobs, transportation, housing and more frequently require the internet. And, to put an even stronger "WTF" on Sensenbrenner's misguided statement: a big part of the problem here is the very lack of choice. The vast majority of Americans have no real choice when it comes to getting true broadband access -- as the very questioner stated, and which Sensenbrenner totally ignored. Thanks to bad policies, we have a non-competitive market, where if you want broadband, you basically have to go with one company, and then it gets access to a ton of data about you.
If Sensenbrenner truly meant what he said here, he'd have been against rolling back the rules. As small ISP boss Dane Jasper recently noted on our podcast, without these privacy rules, it actually gives the giant providers that much more power over the smaller upstarts, and makes it harder for the small providers to compete.
Also, Sensenbrenner is simply flat out wrong with his argument about "if the internet was regulated like a utility at the beginning" because it WAS regulated like a utility at the beginning and it resulted in tons of competition and innovation. Indeed, for most of the internet's early rise it was treated as a utility in terms of things like open access and line sharing. And privacy rules. It's only more recently that that went away.
Also, I have no clue what Sensenbrenner is trying to say when he says: "I don't think it's my job to tell you that you cannot get advertising through your information being sold. My job, I think, is to tell you that you have the opportunity to do it and then you take it upon yourself to make the choice that the government should give you." What does that even mean? First of all, it was the FCC's job, and it did so. What Sensenbrenner did here was to roll back what the FCC said. Second, even with the rules, it never said that "you cannot get advertising through your information being sold." All the rules did was say that ISPs had to tell you about it and offer clear options on how you controlled your data. Third, seriously, what is he saying when he says his job is "to tell you that you have the opportunity to do it and then you take it upon yourself to make the choice that the government should give you." I honestly keep reading that sentence and cannot parse it. The privacy rules were what gave individuals choices. It gave them choices in how their data could be used. Rolling back those rules takes away the choice.
For years, we've pointed out that Congress appears totally and completely out of touch when it comes to basic tech policy -- especially related to the internet. Jim Sensenbrenner's vote and statements on this issue have only confirmed that basic fact.
]]>His recent executive orders appear to back this "gloves off" approach to criminal justice. In addition to singling out immigrants as troublemakers, the orders ask law enforcement officials to take a look around and see if they're being constrained by any state or federal laws. Presumably, any recent forfeiture reform legislation would fall under this heading as it prevents law enforcement agencies from acting in the way they've become accustomed: seize first, convict later... if at all.
With Jeff Sessions in place as attorney general, asset forfeiture appears to be headed for the wrong kind of renaissance. Sessions is a firm believer in the general rightness of taking aways citizens' property and due process simultaneously because, as he sees it, the process only affects people who've "done nothing but deal dope their whole lives."
Now, there's this: Rep. Jim Sensenbrenner is offering up another bill with a clumsily reverse-engineered acronym -- one that could further pervert the incentives of asset forfeiture. (via Watchdog.org)
Today, Congressman Jim Sensenbrenner introduced the Build Up Illegal Line Defenses With Assets Lawfully Lifted (BUILD WALL) Act of 2017 in the House of Representatives.
[...]
This legislation would require the U.S. Attorney General to provide a detailed report on the amount of annual profits brought into the United States by Mexican drug cartels, as well as a study of how the Department of Justice can increase assets seized from such cartels.
Additionally, the BUILD WALL Act would use money forfeited from drug traffickers to fund increased border security on the U.S./ Mexican border. This defense could include a wall, another type of physical barrier, and/or a technology-supported solution. The use of this funding would ease the financial burdens on taxpayers and help build stronger relations between the United States and Mexico while fighting back against drug trafficking in both countries.
While Sensenbrenner's statements mention Mexican drug cartels, the reality is that the billions the cartels make from drug sales are safely back in Mexico and (mostly) out of reach of US law enforcement. That leaves everyone on this side of the border, who can now be viewed as unwilling donors to the cause. If Trump's ever going to be able to, uh, BUILD WALL, he's going to need several billion more dollars than was stated in his original estimate. That's where Mr. and Mrs. Interstate Traveler come into play. A few hundred dollars here and there, and eventually it adds up to real wall-building money.
This means the federal government would be looking to take a larger share of any revenue generated from asset forfeiture in partnerships with local law enforcement. This may not make the local boys happy, but considering many of them use these partnerships to route around local forfeiture restrictions, they can't complain too much about the slightly-smaller cut of the proceeds, when the alternative might be nothing at all.
Lawmakers who support DJT's Folly are casting about in hopes of landing a few billion in wall funding. Mexico has only extended a middle finger in response to the Wall Plan, so it's up to us Americans to make a billionaire's dreams come true. If that means having our cash, cars, and houses seized without accompanying criminal allegations, much less convictions, so be it. The security of our nation depends on our unwilling sacrifice. This wall must be built to ensure our nation is only susceptible to the thieves already in our midst.
]]>Having set the stage with a Greek chorus comprised of law enforcement officials chanting "iPhones are for pedophiles," Comey is now making overtures to legislators, targeting an already-suspect law for further rewriting: CALEA, or the Communications Assistance for Law Enforcement Act. As it stands now, the law specifically does NOT require service providers to decrypt data or even provide law enforcement with the means for decryption. Up until this point, the FBI's director seemed to consider Congressional support a foregone conclusion.
Last week, FBI director James Comey suggested that encryption "threatens to lead all of us to a very dark place" and suggested that if Apple and Google don't remove default encryption from iOS and Android then "Congress might have to force this on companies."Now, Congress members are firing back at Comey, reminding him that Congress doesn't have to do shit.
"To FBI Director Comey and the Admin on criticisms of legitimate businesses using encryption: you reap what you sow," California Republican Rep. Darrell Issa tweeted. "The FBI and Justice Department must be more accountable—tough sell for them to now ask the American people for more surveillance power."Rep. Zoe Lofgren estimates Comey's legislative "fix" has a "zero percent" chance of passing. This tepid statement is the warmest response Comey's received so far.
“It's going to be a tough fight for sure,” Rep. James Sensenbrenner (R-Wis.), the Patriot Act’s original author, told The Hill in a statement.Of course, in this anti-surveillance climate, there aren't too many representatives willing to openly support toxic rewrites like the one Comey desires. But give it a few more years and anything's possible. This is the time to start watching upcoming bills closely. It's not completely unheard of for unpopular legislation to be tacked onto other bills whose popularity (or complete mundanity) gives them a higher chance of passing.
Comey also still seems to think that it's simply a matter of wording. He's done all he can to portray the encrypted future as a nightmarish world where child abusers, drug dealers and terrorists run amok while law enforcement fumbles around in the dark. This clumsy propaganda machine has done little to soften up the public or its representatives. Now, he's shifting gears, pretending that it's not a "backdoor" he's seeking, but rather some sort of magical doggie door for law enforcement.
“We want to use the front door with clarity and transparency,” he said.How that word picture converts to real life remains to be seen. Comey doesn't seem to have any idea but believes the answer runs through an amended CALEA. The good news is that no one's in any hurry to help him out. The FBI (and much of law enforcement) is so used to getting what they want (as well as being completely absent when it's time to reap what's been sown) with minimal resistance that this pushback has forced them to think on their feet -- something they're clearly not comfortable doing. Between talk of "golden keys" and the hilarious assumption that Congress would simply do as it's told, the FBI's anti-encryption fit-pitching is looking more ridiculous by the moment. ]]>
As we stated, this amendment only fixes two specific problems. It stops the very questionable use of "backdoor searches" of information collected under the Section 702 program. This is the very questionable setup by which the NSA spies on Americans while insisting that they don't actually spy on Americans. It also blocks the NSA from mandating that any technology companies create backdoors in their software or hardware to enable wiretapping (such as the NSA forcing Skype to no longer be encrypted end-to-end).
In many ways, this is more important as a symbolic gesture than for the specifics -- but it should have a much wider impact as well. This is the first time that Congress has overwhelmingly voted to defund an NSA program. Last year's Amash Amendment came very, very close to defunding a different program (the Section 215 bulk records collection program), but by passing by an overwhelming margin, this vote is a pretty big sign that the House (on both sides of the aisle) is not happy with how the NSA has been spying on Americans. As mentioned above, it's also a big slap in the face to the White House and certain members of the House leadership who conspired to water down the USA Freedom Act a few weeks ago, stripping it of a very similar provision to block backdoor searches.
While this particular Amendment is far from a sure thing (it still needs to make it through a Senate equivalent and then the White House), it is quite important as a sign that the House really is fed up with the NSA's surveillance and how the USA Freedom Act process went. It should serve as a warning to the Senate, which is now considering its own version of the USA Freedom Act, that passing a similarly watered down version is simply not acceptable.
This is one step forward in a big process, but it is a big milestone. For the first time since the Snowden revelations began, the House overwhelmingly voted to defund some NSA practices. Once again, if you're an American, I urge you to look over the list of Aye votes, and send a thank you to those Representatives who took a stand for your privacy and against the NSA last night. ]]>
The amendment has powerful bipartisan backing, sponsored by Reps. James Sensenbrenner, Thomas Massie and Zoe Lofgren, along with co-sponsors Reps. Conyers, Poe, Gabbard, Jordan, O’Rourke, Amash, and Holt. Having Sensenbrenner bring out this amendment is a big deal. This amendment would restore at least one aspect of the USA Freedom Act that was stripped out at the last minute under pressure from the White House. Sensenbrenner sponsoring this bill highlights that he's clearly not satisfied with how his own bill got twisted and watered down from the original, and he's still working to put back in some of the protections that were removed. Conyers is a powerful force on the other side of the aisle, whose support for the USA Freedom Act was seen by some as a signal that the bill was "okay" to vote on. Having both of them support this Amendment suggests that neither were really that satisfied with the bill and felt pressured into supporting it.
While this Amendment doesn't fix everything, it is an important chance for members of Congress to show that they really do support protecting Americans' privacy. But they need to know that. Please contact your Representative today to let them know you want them to support this amendment. The EFF and others have set up a website, ShutTheBackDoor.net, to help you contact your official. Please do so today. ]]>
Rep. Jim Sensenbrenner, who was the original sponsor of the bill admitted that he was disappointed in what his bill eventually turned into -- though he still voted for it:
“Let me be clear: I wish this bill did more,” Sensenbrenner said during floor debate Thursday. “To my colleagues who lament the changes, I agree with you. The privacy groups who are upset about lost provisions, I share your disappointment.”There had been some hope that Rep. John Conyers might flip his vote and vote against it, but he not only voted for it, he falsely claimed that this bill would "end domestic bulk collection across the board." It does nothing of the sort. The folks who really understood this stuff were much more direct in saying what a bad bill this is. Last night, I had a chance to speak to Rep. Zoe Lofgren, who still hoped that there was a chance her colleagues would recognize how the bill had been changed in secret, and how problematic that was -- and she tried to fight the good fight on the floor this morning telling her colleagues (unlike what Conyers claimed) that this "is a bill that will actually not end bulk collection, regrettably." Furthermore, she tried to remind people that this was not the bill that was voted out of committee, to highlight the last minute changes.
Unfortunately, those who aren't paying close attention don't seem to care. They just want to be able to go back to their districts and claim they did something to "reform" the NSA, when they could have done much more. But this bill doesn't do that. As Lofgren noted on the floor: "If we leave any ambiguity at all, we have learned that the intelligence community will drive a truck through that ambiguity." And this bill leaves in a ton of ambiguity. On purpose. That was put in at the last minute, with help from the White House.
Either way, the fight now shifts over to the Senate, who will have to approve their own version. Senator Leahy has a version of the bill, but he will face fierce opposition from Senator Feinstein, and the support for reform in the Senate has always been weaker than in the House anyway. Still, some hope that a strong enough public outcry may pressure the Senate into at least something better than the House version. ]]>
The other major problem is that this new version strips out the attempt to close the loophole that allowed backdoor searches on Americans without a warrant. This is a big deal as the original version would have closed that loophole. The NSA apparently lobbied hard to remove it, and when Rep. Zoe Lofgren tried to amend this new version to bring back the ban, it was rejected quickly. In other words, the NSA (who has pretended this is no big deal) likely uses this "loophole" quite a bit and doesn't want to lose it.
That said, the bill is clearly a step forward, and both EFF and CDT have cautiously praised the House Judiciary Committee for moving forward on the bill, while still asking for more civil liberties protections and greater transparency.
The real question, though, is what will the House Intelligence Committee do with the bill tomorrow. As we noted earlier today, after fighting it for months, Rep. Mike Rogers has now indicated he's more comfortable with the (weakened) bill, and will be doing a dual markup of both his own bill and this new USA Freedom Act, leading many to suspect that some sort of deal has been reached to effectively incorporate parts of his (bad) bill into this USA Freedom Act -- potentially weakening it even further. We'll find out in a few hours. ]]>
In a dramatic change of tone, Rep. Mike Rogers, the chairman of the House Intelligence Committee, praised a bill in the House Judiciary Committee that would sharply curb the National Security Agency's surveillance powers. His remarks suggest that the powerful lawmaker may be more willing to vote for tougher reforms than previously anticipated.As we speak, the House markup on the bill is ongoing. However, in a twist, tomorrow's "competing" markup for the FISA Transparency and Modernization Act -- which is Rogers and Rep. Dutch Ruppersberger's "competing" bill -- has now added a markup of the USA Freedom Act to the agenda. That means that a deal has been made, and if Rogers is willing to add USA Freedom to his committee's schedule, it means that the "deal" is one that favors the NSA and not the public.
Rogers and other national security hawks have spent weeks arguing that the USA Freedom Act, the most aggressive NSA reform bill under consideration in Congress, would remove tools that the government needs to track phone calls by foreign terrorists. Rogers, a staunch NSA supporter, is the sponsor of another bill that would codify many of the surveillance practices opposed by privacy advocates, such as the dragnet collection of records.
That is not to say that the USA Freedom Act does nothing. It actually does a few things to limit the NSA, but really does not tackle the largest problems. There was a lot of good stuff in the earlier version of the bill (which still didn't go far enough on its own) and now it's significantly weaker. So, rather than fixing the overall mess, the new USA Freedom Act makes some small fixes while leaving all sorts of problems. ]]>
Marcy Wheeler has been digging in and highlighting just how badly the bill has been weakened, and has now started calling it the USA Freedumb Act, noting that it's stripped out nearly all of the good stuff, basically wiping out most of the protections for you and me, but making sure that the telcos are well protected from any lawsuits that might emerge over them handing all of our info over to the government. The bill also wipes out the transparency requirements that the tech companies had pushed strongly for.
The problem then, becomes something of a political one. One of these two bills is likely to move forward, and both are pretty bad at this point, though USA Freedom is marginally better. Do you support a marginally better bill in the hopes of blocking a really bad bill? Or do you hope (with little chance of it happening) to block both bills and pray for a magical third solution that actually does something useful? It's a pretty blech situation all around.
One of the tricky parts of bills like these, which adjust the language in existing bills, is that merely reading the bills alone isn't nearly enough, because they're amending existing language, and pointing to various places. You have to put it all together to figure out what's really going on. Wheeler, again serving a tremendously important role, is attempting to do that, showing how Section 215 would look under the manager's amendment under USA Freedom. This suggests that a big problem is the lack of some key definitions -- with "selection term" being one which might actually create a loophole for the NSA to drive a surveillance barge through.
One hopeful idea is that during tomorrow's markup, someone can actually get some amendments through that actually defines these undefined terms in a way that actually limits the NSA's powers (and potentially bringing back some of the transparency requirements). Right now it's not clear if that will happen, though there's typical political horse trading going on in the back rooms. Still, a good definition (and there's a chance that any definition would be bad...) would go a long way towards taking the USA Freedumb Act back to being the USA Freedom Act. ]]>
Of course, within just a few minutes of the Judiciary Committee announcing its plans to move forward with the USA FREEDOM Act, the House Intelligence Committee announced that it would hold its own damn markup on the competing "NSA reform" bill from Reps. Mike Rogers and Dutch Ruppersberger, which is designed to look like a shot at NSA reform, but which really would make it easier for the NSA to collect info on people. That bill, called the FISA Transparency and Modernization Act (almost none of that is true), is basically the NSA's prime choice for pretending to be reform.
This sets up a bit of an upcoming fight -- assuming that both markups lead to bills getting voted out of committee -- to see which bill House Speaker John Boehner is willing to bring to the floor. Basically, Boehner gets to make the final decision on NSA reform at this stage. Will he bring the real reform bill or the fake one? ]]>
So, how's that investigation going? Sensenbrenner is wondering that himself, because he received no response at all from the DOJ, leading him to feel the need to send yet another letter, asking whether the DOJ ever planned to get back to him.
On December 19 of last year, I wrote, along with six of my colleagues, to request that you investigate Director of National Intelligence James Clapper for his "erroneous" testimony before the Senate Select Committee on Intelligence last year. Nearly three-and-a-half months later, we have not received a response or an update on the status of your investigation.It's good to see Sensenbrenner following up, though I highly doubt that the DOJ will do a damn thing about it. ]]>
On March 12, 2013, Senator Ron Wyden asked Director Clapper, "Does the N.S.A. collect any type of data at all on millions or hundreds of millions of Americans?" Director Clapper answered "No, Sir." Wyden pressed, "It does not?" Clapper replied, "There are cases where they could inadvertently perhaps collect, but not wittingly."
Now declassified documents reveal that Director Clapper's testimony was false, and further, that he knew it was false when it was offered. Congress is currently considering proposals regarding intelligence reform. In considering these proposals, we need assurances that we can adequately conduct oversight following new legislation. Congressional oversight, however, depends on truthful testimony. Intelligence officials cannot be permitted to lie with impunity.
I respectfully request an update as soon as possible.
And it's not just Sensenbrenner making those claims. Many others -- across the political spectrum -- made it clear during the hearing that the NSA's actions with regards to Section 215 were unacceptable and Congress is going to make them change things. Yes, nothing has happened yet, and Congressional bluster doesn't always lead to results, but it's becoming increasingly clear that the NSA (and the President's) desire to keep collecting everyone's metadata is not convincing anyone. ]]>
This morning I spent an hour in a closed room with six Members of Congress: Rep. Logfren, Rep. Sensenbrenner, Rep. Scott, Rep. Goodlate, Rep Thompson, and Rep. Amash. No staffers, no public: just them. Lofgren asked me to brief her and a few Representatives on the NSA. She said that the NSA wasn't forthcoming about their activities, and they wanted me -- as someone with access to the Snowden documents -- to explain to them what the NSA was doing. Of course I'm not going to give details on the meeting, except to say that it was candid and interesting. And that it's extremely freaky that Congress has such a difficult time getting information out of the NSA that they have to ask me. I really want oversight to work better in this country.There's really not much more to be said about that, other than it shows what a complete joke it is for anyone to claim that Congress has real oversight over the NSA. It's great that these Reps would reach out to someone with qualifications like Schneier to have this kind of conversation. It's depressing that such a thing was necessary. ]]>
Hopefully that will be changing now.
Back in October, Rep. Jim Sensenbrenner, the author of the PATRIOT Act, argued that Clapper should be fired and prosecuted, but hadn't done anything to move that forward. However, with Monday's ruling now making it pretty clear that the program that Clapper lied about (in response to a question from Senator Ron Wyden), Sensenbrenner, along with six of his colleagues on the House Judiciary Committee have sent a letter to Eric Holder, demanding an investigation into Clapper's lying to Congress. The letter is quite a read. They're pretty direct about calling out Clapper for lying, how this is against the law, how others in government have been prosecuted for the same thing, and even how allowing this to go unpunished contributes to "cynicism" about the government.
Congressional oversight depends on truthful testimony--witnesses cannot be allowed to lie to Congress. Accordingly, we request you to investigate the Director of National Intelligence James Clapper's "erroneous" statements to the Senate Select Committee on Intelligence earlier this year.It seems unlikely that Holder will do anything, but this is the first official move we've seen towards actually punishing Clapper for lying to Congress. It would be nice if others in Congress supported this effort as well. ]]>
[....] 18 U.S.C. § 1001 makes it a crime to "knowingly and willfully" make any "materially false" statement in the course of any "investigation or review, conducted pursuant to the authority of any committee." One of the hallmarks of American democracy is that no one is above the law...
[....] Director Clapper has served his country with distinction, and we have no doubt he believed he was acting in its best interest. Nevertheless, the law is clear. He was asked a question and he was obligated to answer truthfully. He could have declined to answer. He could have offered to answer in a classified setting. He could have corrected himself immediately following the hearing. He did none of these things despite advance warning that the question was coming.
The country's interests are best served when its leaders deal truthfully with its citizens. The mutual sense of good faith it fosters permits compromise and concessions in those cases that warrant it. Director Clapper's willful lie under oath fuels the unhealthy cynicism and distrust that citizens feel toward their government and undermines Congress's ability to perform its Constitutional function.
There are differences of opinion about the propriety of the NSA's data collection programs. There can be no disagreement, however, on the basic premise that congressional witnesses must answer truthfully.
However, the group notes, the bill should be a "floor, not a ceiling." That is, it needs to be a starting point, because there are all sorts of problems it doesn't yet fix.
I know that some people would prefer bills that do in fact cover all of that, and are against the USA FREEDOM Act for not going nearly far enough. There is, also, quite a legitimate fear that there is likely to only be appetite for one bill in Congress, so if the USA FREEDOM Act passes, all of the other missed issues will never get addressed. That's a legitimate fear, but it's going to be difficult enough to get the USA FREEDOM Act approved in the first place, and if people fight against it just because it doesn't include everything, there's a decent chance we'll get nothing at all. ]]>The bill only addresses a small portion of the problems created by NSA spying and overreaching government secrecy. It does not touch problems like NSA programs to sabotage encryption standards, it does not effectively tackle the issue of collecting information on people outside of the United States, and it doesn't address the authority that the government is supposedly using to tap the data links between service provider data centers, such as those owned by Google and Yahoo.
The bill also does not address a key issue that the government uses to inhibit lawsuits contesting the spying: excessive secrecy. For instance, it won't deal with the major over-classification issues or the state secrets privilege, the latter of which is used aggressively to prevent litigation from getting to a court decision on whether the spying is unconstitutional. The bill also leaves out a clause appearing in Sen. Ron Wyden's bill, which provides guidelines to obtain standing in legal cases against the spying.
Lastly, it does not hold public officials accountable for their role in allowing this spying to take place and hiding it from public and Congressional oversight, and it does not create a Congressional committee that could independently investigate the surveillance programs and give the country a full accounting. Remember we are still just learning the full depth of the programs on a piecemeal basis.
Even so, it's perhaps even more incredible to see that Sensenbrenner has now gone over to the EU Parliament to admit that the NSA is out of control and needs to be reined in. While it doesn't sound like he got all the way to a complete apology, he appears to have come pretty close. According to Bridget Johnson's writeup at the PJ Tatler:
Sensenbrenner told the EU parliamentarians that “Congress knew the country needed new tools and broader authorities to combat those who meant to harm us, but we never intended to allow the National Security Agency to peer indiscriminately into the lives of innocent people all over the world.”Sensenbrenner promised more strict oversight from Congress, but also noted (realistically) that Congress's authority is mostly limited to domestic spying -- and that the US government needed to work more closely with foreign governments concerning foreign spying. Given who's saying it, this is a rather startling statement. ]]>
Sensenbrenner noted that he “worked under strict time constraints” to forge the Patriot Act and get it passed.
“I firmly believe the Patriot Act saved lives by strengthening the ability of intelligence agencies to track and stop potential terrorists, but in the past few years, the National Security Agency has weakened, misconstrued and ignored the civil liberty protections we drafted into the law,” he said, adding that the NSA “ignored restrictions painstakingly crafted by lawmakers and assumed a plenary authority we never imagined.”
“Worse, the NSA has cloaked its operations behind such a thick cloud of secrecy that, even if the NSA promised reforms, we would lack the ability to verify them.”
Sensenbrenner said the “constant stream of disclosures about US surveillance since June has surprised and appalled me as much as it has the American public and our international allies.”
The bill appears to do a number of good things, focusing on limiting the NSA's ability to do dragnet collections, rather than specific and targeted data collection, while also significantly increasing transparency of the activities of the NSA as well as the FISA court when it comes to rulings that interpret the law.
- End bulk data collection under Section 215 of the PATRIOT Act. This is the program that collects metadata on every phone call based on a twisted interpretation of the law and a thorough revisionist dictionary for words like "targeted," "relevance," "search" and "surveillance." Sensenbrenner, who crafted much of the original PATRIOT Act insists that when he wrote it, it was intended to already ban this kind of dragnet. The new bill will make that explicit. Similarly, it appears that the bill will require the intelligence community to be much more proactive in filtering out unnecessary information and deleting information collected incidentally.
- Fixing the FISC: As many have recommended, the law would make sure that a public advocate can be present to be an adversarial presence, arguing in favor of protecting Americans' privacy. There will be a special Office of the Special Advocate (OSA) created for this role. Somewhat surprisingly, the OSA will even be allowed to appeal decisions that the FISA court makes if it believes they stray from the law or the Constitution. That could be a very big deal.
Separately, the DOJ will be required to declassify all FISC decisions from the past decade that involve "a significant construction or interpretation of the law." That is, no more secret law-making by the FISC.
- Greater transparency for companies on the receiving end of demands for information. This would make it so companies that get orders to hand over information can reveal numbers of requests, effectively stopping the existing gag orders which prevent us from knowing how often the NSA is demanding info from internet companies.
However, now that he seems to realize what's happening (though, without apologizing for his earlier attacks on those who raised questions about the PATRIOT Act), he's finally getting ready to introduce new legislation, dubbed the USA Freedom Act, to try to clearly restrain the activities of the NSA. According to the Guardian, who has seen a draft of the bill, the bill will do a few things:
It seeks to limit the collection of phone records to known terrorist suspects; to end "secret laws" by making courts disclose surveillance policies; to create a special court advocate to represent privacy interests; and to allow companies to disclose how many requests for users' information they receive from the USA. The bill also tightens up language governing overseas surveillance to remove a loophole which it has been abused to target internet and email activities of Americans.All of these are good things -- and all are items that we've been focusing on for quite some time. Plus, there's this:
Sensenbrenner also called for the prosecution of Obama's director of national intelligence, James Clapper, who admitted misleading the Senate intelligence committee about the extent of bulk collection of telephone records.While it may have taken a bit too long in our opinion, it's good to see Rep. Sensenbrenner taking a strong stand against the Intelligence Communities abuses. Hopefully, the next time civil liberties advocates raise issues like this, he won't be so dismissive. ]]>
"Oversight only works when the agency that oversight is directed at tells the truth, and having Mr Clapper say he gave the least untruthful answer should, in my opinion, have resulted in a firing and a prosecution," said the congressman.
The filing notes that Sensenbrenner originally received a draft of the Patriot Act from the DOJ five days after September 11, 2001, and found that it gave the government way too much power, so he redrafted the legislation specifically to prevent widespread abuses of investigative powers.
The parties can argue over the dictionary and legal definitions of the words “relevance” and “an.” But regardless of how those words are defined, one thing is clear: amicus, and the other Members of Congress who enacted Section 215, did not intend to authorize the program at issue in this lawsuit or any program of a comparable scope.Sensenbrenner's is not the only interesting amicus brief. A diverse group of interested parties have filed their own briefs as well -- including the NRA, Reporters Committee for Freedom of the Press and the PEN American Center. But another really interesting one was filed by former members of the Church Committee, the famous committee set up in 1975 to investigate and rein in the intelligence community after it became clear that they were abusing their powers. In this case, the filing comes from Gary Hart and Walter Mondale, two members of the Church Committee who may also be remembered for later (disastrous) attempts to run for President. This brief also involves a number of well-respected law professors who have spent a lot of time on related issues.
Amicus does not dispute that “relevance” is customarily given a broad meaning, and that he and his colleagues in Congress were aware of this broad meaning when they enacted and reauthorized Section 215. Nor does amicus dispute that Section 215 was intended to create a “sufficiently flexible” standard. See Defs’ Mot. to Dismiss at 24. But there is no suggestion in any legal precedent or in any statements in the legislative history that the relevance standard could justify the ongoing collection of the records of every telephone call made to or by every person on American soil, the vast majority of which Defendants concede will not be related even remotely to any terrorist activities.
To the contrary, amicus understood that “relevance” was commonly construed by the Supreme Court as a limiting factor that specifically prevented the bulk collection of records, even on a much smaller scale, on the belief that investigators might find the information useful at some point in the future.
The full brief is well worth reading, giving the history of the Church Committee, and the FISA law which followed, and how it was designed to restrict the practices of the intelligence community and stop abuses such as widespread spying on the American public.
The government’s interpretation of “relevant” also contradicts Congress’ aim in enacting FISA. As discussed above, Congress designed the statute to be used in specific cases of foreign intelligence gathering. By limiting the targets of electronic surveillance, requiring probable cause, disallowing investigations solely on the basis of otherwise protected first amendment activities, and insisting on minimization procedures, Congress sought to restrict agencies’ ability to violate U.S. citizens’ privacy. The business records provision built on this approach, adopting the same definitions that prevailed in other portions of the statute, and requiring that agencies obtain orders to collect information on individuals believed to be foreign powers or agents of a foreign power. Congress later deliberately inserted “relevant” into the statute to ensure the continued specificity of targeted investigations.When you basically have the people who were responsible for the various laws that the NSA is now relying on arguing in court that the NSA is clearly going beyond the intent of the laws, it seems rather clear that the NSA's case is on very thin ice. ]]>
In addition, Congress empowered the FISC to consider each instance of placing an electronic wiretap. The NSA’s program, in contrast, delegates such oversight to the executive, leaving all further inquiries of the databases to the agency involved. Once the NSA collects the telephony metadata, it is the NSA (and not the FISC) that decides which queries to use, and which individuals to target within the database.
This change means that the FISC is not performing its most basic function: protecting U.S. persons from undue incursions into their privacy. Instead, it leaves the determination of whom to target to the agency’s discretion.
...schedule 7 powers can only be used "for the purpose of determining" whether the detained person is a terrorist. The use of the power to detain and question someone who the examining officer knows is not a terrorist is plainly not for this purpose, so it would neither be within the spirit nor the letter of the law.He also hits back, pretty strongly, against the suggestion by some, including home secretary Theresa May, that the "terrorism" connection was that the content might fall into the hands of terrorists. But Falconer claims that this doesn't make any sense:
There is no suggestion that Miranda is a terrorist, or that his detention and questioning at Heathrow was for any other reason than his involvement in his partner Glenn Greenwald's reporting of the Edward Snowden story. The state has not even hinted there is a justification beyond that involvement.
It is important to understand the ramifications of May's justification. She is not suggesting there is an issue about whether Miranda is a terrorist – the only lawful basis on which his detention and questioning could be justified. Rather, she is suggesting that he was in possession of stolen material which could help terrorism, presumably by publication. There is a world of difference between the two.Using very loose, and obviously ridiculous, definitions to justify deplorable actions just don't seem like a good idea -- and yet the defenders of these programs continue to do so, seemingly forgetting that the people who put this stuff together in the first place, are still around. ]]>
Had schedule 7 been in force when Salman Rushdie was writing Satanic Verses, May's justification would have allowed his detention and questioning and the removal of his manuscript.
The task force staff asked the Congressional Research Service to update the calculation of criminal offenses in the federal code, which was last undertaken in 2008, said task force chairman Representative John Sensenbrenner (R-Wis.)There's clearly something very, very wrong about a criminal code where the governmental agency charged with doing basic research for Congress finds it too big a task to list out all of the crimes listed under federal law. At that point, you no longer have a "rule of law." You have a system of loopholes and gotchas, with enough tricks and traps that anyone can be made into a criminal if the authorities decide that's what they want to do. This isn't to suggest that law enforcement regularly goes after people with trumped up charges -- I don't think they do. However, it does happen sometimes. But, far more common, and equally worrisome, is how this allows law enforcement to pile on additional charges and potential punishment for people accused of relatively minor crimes. ]]>
"CRS's initial response to our request was that they lack the manpower and resources to accomplish this task," Sensenbrenner said Friday. "I think this confirms the point that all of us have been making on this issue and demonstrates the breadth of overcriminalization."
We the undersigned are writing to urge greater transparency around national security-related requests by the US government to Internet, telephone, and web-based service providers for information about their users and subscribers.This follows on a somewhat somewhat similar letter from Reps. Jim Sensenbrenner and Zoe Lofgren to Attorney General Holder and Director of National Intelligence Clapper, urging them "to authorize U.S. companies to release information regarding national security requests for user data."
First, the US government should ensure that those companies who are entrusted with the privacy and security of their users’ data are allowed to regularly report statistics reflecting:Second, the government should also augment the annual reporting that is already required by statute by issuing its own regular “transparency report” providing the same information: the total number of requests under specific authorities for specific types of data, and the number of individuals affected by each.
- The number of government requests for information about their users made under specific legal authorities such as Section 215 of the USA PATRIOT Act, Section 702 of the FISA Amendments Act, the various National Security Letter (NSL) statutes, and others;
- The number of individuals, accounts, or devices for which information was requested under each authority; and
- The number of requests under each authority that sought communications content, basic subscriber information, and/or other information.
As an initial step, we request that the Department of Justice, on behalf of the relevant executive branch agencies, agree that Internet, telephone, and web-based service providers may publish specific numbers regarding government requests authorized under specific national security authorities, including the Foreign Intelligence Surveillance Act (FISA) and the NSL statutes. We further urge Congress to pass legislation requiring comprehensive transparency reporting by the federal government and clearly allowing for transparency reporting by companies without requiring companies to first seek permission from the government or the FISA Court.
Both letters point out that they're just looking for the ability to reveal specific numbers about orders received and user accounts impacted, but obviously not further information that might reveal the details of any investigations. Basically, they're asking for "just the metadata."
You may have spotted the irony, pointed out by Ashkan Soltani: Defenders of many of the government's surveillance programs have repeatedly trotted out the "just metadata" argument for why all of this surveillance is no problem, claiming that mere metadata doesn't reveal anything important. Yet, when it comes to their own metadata about their own surveillance programs, suddenly it will reveal all their secrets? (And I won't even get into the fact that only some of the surveillance programs are "just metadata").
So, which is it, feds? Is "just metadata" nothing too important, or does it reveal everything? ]]>
Section 215 expires at the end of 2015. Unless you realize you've got a problem, that is not going to be renewed. There are not the votes in the House of Representatives to renew Section 215, and then you're gonna lose the business records access.... You have to change how you operate Section 215, otherwise in two and a half years you're not going to have it any more.”The full video of Sensenbrenner questioning Deputy Attorney General James Cole is worth watching:
Sensenbrenner: It appears to me that, according to this letter and the testimony of FBI Director Mueller, that "relevant" [is being interpreted as] an expansion of what could happen rather than a limitation... when relevant was not included in that statute. Doesn't that make a mockery of the legal standard, because you're trying to have it both ways?Once again, when will the administration realize that they've clearly taken all of this way too far? ]]>
Cole: I don't think we're trying to have it both ways...
Sensenbrenner: You sure are! Because you're saying have the court authorized to get the records of all the phone calls that are made to and from phones in the United States including people who have nothing to do with any kind of terrorist investigation. And then what you're saying is that "we'll decide" what to pick out of that mass of maybe a billion phone calls a day, rather than saying that 'this person is a target' why don't you get an authorization for only that person's telephone records?
Cole: Again, going to the analogy of the criminal context, we would never in a grand jury situation or a traditional criminal investigation even go to the court for the framework, or the setting of rules, or have sunsetting every 90 days of the authority, or...
Sensenbrenner: But, Mr. Cole, with all due respect, the letter that I got from the Department that you're the number two person in, says that you get the FISA Court order because there are "reasonable grounds to believe that the data is relevant to an authorized investigation to protect against international terrorism" as Section 215 requires. Even though most of the records in the dataset are not associated with terrorist activity. You gobble up all of those records and then you turn around and say well we'll pick out maybe 300 phone numbers out of the billions of records that you have every day and you store for five years there. All the rest of this stuff is sitting in a warehouse and we found out from the IRS who knows who wants to have any kind of legal or illegal access to it. You are having it both ways.
Vagueness is the core flaw of the CFAA. As written, the CFAA makes it a federal crime to access a computer without authorization or in a way that exceeds authorization. Confused by that? You're not alone. Congress never clearly described what this really means. As a result, prosecutors can take the view that a person who violates a website's terms of service or employer agreement should face jail time.The proposal tries to focus the law back to where it was intended when initially put in place:
So lying about one's age on Facebook, or checking personal email on a work computer, could violate this felony statute. This flaw in the CFAA allows the government to imprison Americans for a violation of a non-negotiable, private agreement that is dictated by a corporation. Millions of Americans — whether they are of a digitally native or dial-up generation — routinely submit to legal terms and agreements every day when they use the Internet. Few have the time or the ability to read and completely understand lengthy legal agreements.
It establishes a clear line that's needed for the law to distinguish the difference between common online activities and harmful attacks.Among those specific lines, it notes that a "mere breach of terms of service, employment agreements, or contracts are not automatic violations of the CFAA." It also makes the penalties more reasonable, so people aren't facing many years in jail for doing something minor. It's well past due that the CFAA get fixed. Hopefully this is a start down that path. ]]>