The Complex

Justice Department Launches Fresh Probe Into FBI Spying


President Obama's decision to put his intelligence director in charge of setting up a review of NSA spying didn't exactly inspire confidence that a thorough and independent report is forthcoming.

But that doesn't mean that some key components of the U.S. surveillance programs won't get closer scrutiny. The Department of Justice Inspector General, which has issued several critical reports over the years about FBI surveillance, is again looking into the bureau's use of powerful and secretive orders for information about Americans.

A new review is examining "any improper or illegal uses" of the FBI's surveillance authorities under Section 215 of the Patriot Act. That's the portion of the law that allows the government to collect Americans' phone records en masse. And in what appears to be a first review of its kind, the IG will also look at the FBI's use of pen register and trap-and-trace authority under the Foreign Intelligence Surveillance Act. These are the authorities that allow the bureau to track the metadata of communications made to and from phone numbers and email accounts.

It was also the pen register and trap-and-trace portions of FISA that, in 2004, let the National Security Agency collect Internet metadata as part of the so-called Terrorist Surveillance Program authorized by President George W. Bush. That program was reportedly canceled in 2011 because it wasn't providing enough useful information.

The FBI is a partner with the NSA in domestic surveillance--the bureau conducts terrorism investigations on U.S. soil--so it's conceivable that the IG's review could unearth some new information about what the government has done with Americans' Internet metadata, in addition to their phone records. The review covers a two-year period, from 2007 to 2009.

Civil liberties and privacy groups had been expecting a round of fresh surveillance audits from the IG. But the forthcoming report will likely be read with heightened interest and closer scrutiny in light of the unfolding controversy around U.S. surveillance programs. An official with the IG's office would not comment on when the report would be released because the office does not discuss pending inquiries.

In 2007, the IG found "widespread and serious misuse" of national security letters, which allow the FBI to demand a variety of records from individuals, companies, and organizations. Recipients of the orders are forbidden from disclosing them. The report found the FBI had violated its own internal policies on using national security letters in many instances and that the bureau lacked guidance, controls, and training on its authority, which was expanded under the Patriot Act. A subsequent report found the FBI had made progress correcting those problems. The new IG report will again look at the FBI's use of national security letters.

"The IG has actually had a decent track record calling attention to abuses and misconduct by the FBI," said Julian Sanchez, a research fellow who studies surveillance law and technology at the Cato Institute.

By comparison, the review board that Obama ordered yesterday doesn't have a clear mandate to look at whether surveillance activities have violated American's privacy or violated the law. The words "privacy" and "civil liberties" don't appear in the order.

The White House on Monday pushed back against the notion that the review of NSA spying would be run by the Director of National Intelligence, James Clapper, to whom the President addressed his order. Clapper has acknowledged not providing Congress with a truthful answer about whether the NSA was collecting data on Americans.

White House and administration officials said that Clapper would not be heading up the review. "The White House is selecting the members of the Review Group, consulting appropriately with the Intelligence Community," a National Security Council spokesperson told The Hill.

Surveillance isn't the only item on the IG's agenda. There's also an ongoing review of civil liberties and civil rights complaints received by the Justice Department. In the first half of 2013, the IG processed 515 new complaints. Most of them fell outside the department's jurisdiction and were not pursued. (Complaints about airport security screening, for instance, would have been forwarded to the Homeland Security Department.) The IG identified seven complaints that warranted further investigation, most of which included allegations of abuse and mistreatment by federal prisoners. None of those allegations accused the Justice Department of abusing its authorities under the Patriot Act.

The IG is also conducting a review of material witness warrants as well as the Justice Department's use of drone aircraft inside the United States, including "policies, guidelines, controls, or restrictions" that relate to privacy rights and civil liberties.

The Complex

Irony Alert: Pentagon Now Sees Big Data as 'National Security Threat'

The data divers at the Defense Department know better than most how to track down someone just by looking at his phone records. Now they want to know if America's enemies could cause a fiscal meltdown or a massive cyber attack by combing through Netflix queues, Uber accounts, and Twitter feeds.

The doomsday thinkers over at DARPA are looking for researchers to "investigate the national security threat posed by public data available either for purchase or through open sources." The question is, could a determined data miner use only publicly available information -- culled from Web pages and social media or from a consumer data broker -- to cause "nation-state type effects." Forget identify theft. DARPA appears to be talking about outing undercover intelligence officers; revealing military war plans; giving hackers a playbook for taking down a bank; or creating maps of sensitive government facilities.

The irony is delicious. At the time government officials are assuring Americans they have nothing to fear from the National Security Agency poring through their personal records, the military is worried that Russia or al Qaeda is going to wreak nationwide havoc after combing through people's personal records.

As timely as this new DARPA project is, it wasn't NSA snooping that piqued the agency's interest. It was Brokeback Mountain. In 2009, Netflix sponsored a contest to improve its movie recommendation algorithm. Things went off the rails when a pair of researchers used supposedly anonymous information provided by the company to identify Netflix customers, by comparing their film reviews with reviews posted on the Internet Movie Database. A closeted lesbian who had watched the award-winning gay cowboy flick sued Netflix, alleging her privacy was violated because the company had made it possible for her to be outed.

DARPA's requests for research proposals points to the Netflix debacle, and the lawsuit, as a cautionary tale. Part of the research is aimed at identifying which potentially dangerous databases and computing tools are out there.

And in a second bit of irony, DARPA suggests a few, including "low-cost big data analytic capabilities" like Amazon's cloud service. That's the service that the CIA wants to use to build a $600-million cloud for the intelligence community. Could a tool meant to serve the spies' computing needs end up being used against them? Researchers who think they have the answer may submit their proposals starting Aug. 26.