Skip to main content

PREFACE

Monday's latest National Security Agency document leak story about ICREACH from the folks over at The Intercept is, without question, one of the most important chapters--if not the most important chapter--in the entire, 15-month-long, Snowden-NSA document leaks saga. As you'll read about it herein, even the NSA has referred to its launch of the ICREACH program as: “a landmark moment in the history of classified U.S. government surveillance.”

Above and beyond the many stunning revelations about ICREACH in Monday's report by The Intercept, it--as noted and comprehensively analyzed in separate articles published over the past 24 hours, excerpted and linked below, by both blogger, Netroots Nation seminar leader, journalist and author Marcy Wheeler, and Jennifer Granick, the Director of Civil Liberties for the Center for Internet and Society at Stanford Law School--is a major milestone in the ongoing, fact-based effort by many national security pundits, journalists and bloggers to shed sunlight on the, “It’s only minimized metadata,lie that’s been been propagandized since early June 2013 by both our government and those subservient to it in the blogosphere and the mainstream media.

Parsing Wheeler's and Granick's deeper analysis (see below) of this story in one sentence: It’s straight-up breaking news about taxpayer-funded surveillance technology and infrastructure that provides access to wholesale “sharing” of no less than 850 billion, ”unminimized” surveillance files throughout virtually our country’s entire federal intelligence and law enforcement community.

#            #            #

The ICREACH Story


The Surveillance Engine: How the NSA Built Its Own Secret Google

By Ryan Gallagher
The Intercept
25 Aug 2014, 1:09 PM EDT  

The National Security Agency is secretly providing data to nearly two dozen U.S. government agencies with a “Google-like” search engine built to share more than 850 billion records about phone calls, emails, cellphone locations, and internet chats, according to classified documents obtained by >The Intercept.

The documents provide the first definitive evidence that the NSA has for years made massive amounts of surveillance data directly accessible to domestic law enforcement agencies. Planning documents for ICREACH, as the search engine is called, cite the Federal Bureau of Investigation and the Drug Enforcement Administration as key participants.

ICREACH contains information on the private communications of foreigners and, it appears, millions of records on American citizens who have not been accused of any wrongdoing. Details about its existence are contained in the archive of materials provided to The Intercept by NSA whistleblower Edward Snowden.

ICREACH Network Architecture
(continued below)

(continued from above)

Earlier revelations sourced to the Snowden documents have exposed a multitude of NSA programs for collecting large volumes of communications. The NSA has acknowledged that it shares some of its collected data with domestic agencies like the FBI, but details about the method and scope of its sharing have remained shrouded in secrecy.

ICREACH has been accessible to more than 1,000 analysts at 23 U.S. government agencies that perform intelligence work, according to a 2010 memo. A planning document from 2007 lists the DEA, FBI, Central Intelligence Agency, and the Defense Intelligence Agency as core members. Information shared through ICREACH can be used to track people’s movements, map out their networks of associates, help predict future actions, and potentially reveal religious affiliations or political beliefs.

The creation of ICREACH represented a landmark moment in the history of classified U.S. government surveillance, according to the NSA documents…

It's important to note the distinction highlighted in The Intercept's story which informs readers that ICREACH should not be confused with the "large NSA database "...previously reported by The Guardian, that stores information on millions of ordinary Americans’ phone calls under Section 215 of the Patriot Act. Unlike the 215 database, which is accessible to a small number of NSA employees and can be searched only in terrorism-related investigations, ICREACH grants access to a vast pool of data that can be mined by analysts from across the intelligence community for “foreign intelligence”—a vague term that is far broader than counterterrorism.
Large Scale Expansion of NSA Data-Sharing (through 2007)
I strongly recommend that readers take the time to checkout this stunning report, in its entirety, linked above. There's much more to this story over at The Intercept. And, there’s even more to this story than that which was reported there on Monday, as I note just ahead.

As you’ll read about it in the articles by Wheeler and Granick, excerpted below—with both emphasizing our federal government’s double-speak, whereby it’s been “officially mandated” that content minimization of the domestic communications of U.S.-based persons is to occur only when surveillance records are “disseminated,” not when they’re, simply “accessed” and/or “shared”--and as I’ve reported and fully documented it in many posts at Daily Kos over the past three years, “minimized metadata” is, in fact, direct access to the unminimized content of our private communications. (But, as I also note it farther down, there are many other ways that federal and local law enforcement may--and DO--directly surveil the domestic communications of U.S.-based persons these days.)  

#            #            #


Marcy Wheeler and Jennifer Granick With A Deeper Dive on the ICREACH Story

As I’ve noted this in the past, and as Marcy has also frequently reported upon same, virtually everywhere she mentions our government’s access to/of “metadata,” she is, in fact, talking about the intelligence community's and law enforcement’s direct/indirect access to the content of our communications, because it’s now generally understood that “metadata” is “content.” (And, yes, even the folks over at The Intercept engage in self-censorship when it comes to these, and other, realities.)

More on this per Wheeler

Remember, there are at least five different legal regimes involved in the metadata dragnet:
•    EO 12333 authority for data going back to at least 1998
•    Stellar Wind authority lasting until 2004, 2006, and 2007 for different practices
•    PATRIOT-authorized authorities for Internet (until 2011) and phone records (until RuppRoge or something else passes)
•    SPCMA, which is a subset of EO 12333 authority that conducts potentially problematic contact chaining integrating US person Internet metadata
•    Five Eyes, which is EO 12333, but may involve GCHQ equities or, especially, ownership of the data
Per Marcy, in Tuesday’s post, excerpted and blockquoted below, the SPCMA (i.e.: “Special Procedures Governing Communications Metadata Analysis,” or, as Ms. Wheeler simplifies it for us: "SPCMA: The Other Dragnet Sucking In Americans") program was expanded across the NSA in January 2011. (Take note of Marcy's ongoing "translations" of our government's "weasel words.")

SPCMA and ICREACH

Marcy Wheeler
emptywheel.net
Published August 26, 2014

Within weeks of Michael Mukasey’s confirmation as Attorney General in November 2007, Assistant Attorney General Ken Wainstein started pitching him to weaken protections then in place for US person metadata collected overseas; Mukasey did so, under an authority that would come to be known as SPCMA, on January 3, 2008.

In 2007, Wainstein explained the need to start including US person data in its metadata analysis, in part, because CIA wanted to get to the data — and had been trying to get to it since 2004.

(3) The Central Intelligence Agency’s (CIA) Interest in Conducting Similar Communications Metadata Analysis. On July 20, 2004 [days after CIA had helped NSA get the PRTT dragnet approved], the General Counsel of CIA wrote to the General Counsel ofNSA and to the Counsel for Intelligence Policy asking that CIA receive from NSA United States communications metadata that NSA does not currently provide to CIA. The letter from CIA is attached at Tab C. Although the proposed Supplemental Procedures do not directly address the CIA’s request, they do resolve a significant legal obstacle to the dissemination of this metadata from NSA to CIA. (S//SII/NF)
Wainstein also noted other DOD entities might access the information.

That’s important background to the Intercept’s latest on ICREACH, data sharing middleware that permits other intelligence agencies to access NSA’s metadata directly — and probably goes some way to answer Jennifer Granick’s questions about the story.

As the documents released by the Intercept make clear, ICREACH arose out of an effort to solve a data sharing effort (though I suspect it is partly an effort to return to access available under Bush’s illegal program, in addition to expanding it)... ...starting in 2005, NSA  proposed ICREACH, a middleware platform that would provide access to both other IC Agencies as well as 2nd parties (Five Eyes members). By June 2007, NSA was piloting the program...
...

...Accessing data in a database to do analysis, NSA appears to have argued, was different than disseminating it (which is a really convenient stance when you’re giving access to other agencies and trying to hide the use of such analysis).

Of course, the pitch to Mukasey only nodded to direct access to this data by CIA (and through them and PROTON, the rest of the IC) and other parts of DOD. In what we’ve seen in yesterday’s documents from the Intercept and earlier documents on SPCMA, NSA wasn’t highlighting that CIA would also get direct access to this data under the new SPCMA authority, and therefore the data would be disseminated via analysis outside the NSA. (Note, I don’t think SPCMA data is the only place NSA uses this gimmick, and as I suggested I think it dates back at least to the illegal dragnet.)

In response to yesterday’s Intercept story, Jennifer Granick suggested that by defining this metadata as something other than communication, it allows the NSA to bypass its minimization procedures.

   The same is true of the USSID18 procedures. If the IC excludes unshared stored data and other user information from the definition of communications, no minimization rules at all apply to protect American privacy with regard to metadata NSA collects, either under 12333 or section 702.

    [snip]

    NSA may nevertheless call this “minimized”, in that the minimization rules, which require nothing to be done, have been applied to the data in question. But the data would not be “minimized” in that it would not be redacted, withheld, or deleted.

Nearing her conclusion, Wheeler states...
...the NSA has defined this metadata as something other than communication “selection” — but partly missing one of NSA’s gimmicks — that NSA distinguishes “analysis” from “dissemination.”

And if a bunch of agencies can access this data directly, then it sort of makes the word “dissemination” meaningless...

Here’s Jennifer Granick…

Intercept Reporting Raises Broader Metadata
Minimization Question

By Jennifer Granick
JustSecurity.org
Monday, August 25, 2014 at 4:44 PM

Does the NSA minimize Americans metadata? Today’s reporting by the Intercept calls into question whether the NSA minimizes so-called metadata relating to Americans’ digital communications and telephone calls. This is one of the questions I implored the Privacy and Civil Liberties Oversight Board (PCLOB) to get to the bottom of. It is a question that PCLOB Chairman David Medine thought the Board had a definitive—affirmative–answer to. But today’s story shows doubt still plagues our understanding of how the NSA’s information collection affects American privacy.

The Intercept story describes ICREACH, a search interface that enables NSA to effectively share communications metadata as well as foreigners’ communications with 23 U.S. Intelligence Community agencies, including the FBI and DEA. ICREACH provides access to data collected under the authority of Executive Order 12333, as well as databases generated from other collection techniques. The Intercept describes the data shared via ICREACH as “telephony metadata events”, which includes “more than 30 different kinds of ‘metadata’ on Internet communications, phone calls, faxes, text messages, as well as location information collected from cellphones.

The Intercept reporters conclude that the ICREACH databases contain U.S. persons’ telephony metadata. That’s because a memo written in 2006 by then-NSA chief General Keith Alexander explains that the ICREACH project will make “many millions of…minimized communications metadata records” available. Since only American’s communications are minimized, Alexander appears to be talking Americans’ metadata associated with our communications.

If such data is accessible via ICREACH, it means that U.S. persons’ data can be easily searched on a large scale by agencies like the FBI and DEA for their domestic investigations and expands the capabilities of law enforcement agents using—covertly or openly—information gleaned from covert surveillance...
...

...So, what are the “minimized communications metadata records” that ICREACH appears to include? It sounds like, contrary to the public understanding of IC assurances, ICREACH was designed to include the metadata connected to communications to, from, or about US persons. How could this be?

I have hypothesized that NSA does not limit analysts’ access to communications metadata like telephone numbers, email addresses, device identifiers, and location information. That’s because the thirteen-page minimization procedures for section 702 collection only apply to communications. The same is true of the USSID18 procedures. If the IC excludes unshared stored data and other user information from the definition of communications, no minimization rules at all apply to protect American privacy with regard to metadata NSA collects, either under 12333 or section 702...


#            #            #

Domestic Surveillance Runs Rampant Throughout America Via Federal, State and Local Law Enforcement, As Well As Within Corporate America, With and Without the NSA’s Assistance

First of all, it’s important to understand that it’s now a highly-documented fact—above and beyond directly surveilling the domestic content of communications of U.S. citizens via ICREACH, which I’m assuming is also accessible via your friendly neighborhood Fusion Center—that once the FBI or any other national, state or local law enforcement entity, or (even) corporate security organization acting in conjunction with them, for that matter, has identified parties of interest in any investigation, regardless of whether it’s in the interest of national security or related to the investigation of a common crime, extremely intrusive surveillance may and does occur. This may take various forms: from a pen register/track and trace request, a/k/a “PR/TT” (over a million of these were done by local law enforcement in 2011, alone), to the FBI’s issuance of a National Security Letter (NSL), to the NSA, itself, and virtually everything in-between.

In the case of an NSL, the FBI simply drafts it up, themselves, and presents it to any telco, telecom or local Internet service provider to obtain full access to any U.S.-based person’s communications content.

Here’s how the Electronic Frontier Foundation describes NSL’s

Of all the dangerous government surveillance powers that were expanded by the USA PATRIOT Act the National Security Letter (NSL) power under 18 U.S.C. § 2709 as expanded by PATRIOT Section 505 is one of the most frightening and invasive. These letters served on communications service providers like phone companies and ISPs allow the FBI to secretly demand data about ordinary American citizens' private communications and Internet activity without any meaningful oversight or prior judicial review. Recipients of NSLs are subject to a gag order that forbids them from ever revealing the letters' existence to their coworkers to their friends or even to their family members much less the public.

The FBI's systemic abuse of this power has been documented both by a Department Of Justice investigation and in documents obtained by EFF through a Freedom of Information Act request…

(Bold type is diarist’s emphasis.)

Frequently noted by Marcy Wheeler, as recently as over the past couple of weeks, the FBI’s massive, documented and virtually unsupervised use of National Security Letters is, simply, off the charts. (Many tens of thousands of NSL’s are issued by the FBI every year. Perhaps even more outrageous: the actual number is, essentially, unknown outside of the FBI, itself! Also see: FBI Hides Its Use of NSL’s from Congress.)

Second, if you reference the first hyperlink in the previous paragraph, you’ll learn that the FBI frequently circumvents even that pathetic reality. Wheeler referenced Capitol Hill testimony in 2013 to report upon FBI Director Comey’s position on the matter: “Jim Comey said FBI agents would just use grand jury subpoenas rather than NSLs if the NSLs became too onerous.”

Third, we’re not even mentioning the AT&T Hemisphere Project, which isn’t even directly associated with the NSA. (It may be linked via ICREACH, but that’s just speculation on the part of yours truly.) I’ve reported upon this program in numerous other posts.

Fourth, if all else fails when it comes to surveillance and direct capture of the domestic content of U.S. persons, the NSA simply falls back upon the 2,000-plus NSA employees it has working across the pond at the NSA's British counterpart, General Communications Headquarters (GCHQ), and at the other Five Eyes' installations in Canada, Australia and New Zealand. (As I've noted many times at Daily Kos, and as recently as this past month, this has been a reported reality for more than a decade.)

For the record, the four methodologies noted above concerning how our government spies upon us at home constitute only a partial list of options available to the U.S. intelligence and law enforcement community, today.


#            #            #

Kossack LieparDestin published a post here on this story, earlier on Tuesday (and they've been doing a great job covering the EO12333 [i.e. the authority of Executive Order 12333] angle of this over-arching story, for awhile): NSA Built 'Google-like' Engine To Process BILLIONS OF Records A Day. Used In Rendition & Torture.


#            #            #
EMAIL TO A FRIEND X
Your Email has been sent.
You must add at least one tag to this diary before publishing it.

Add keywords that describe this diary. Separate multiple keywords with commas.
Tagging tips - Search For Tags - Browse For Tags

?

More Tagging tips:

A tag is a way to search for this diary. If someone is searching for "Barack Obama," is this a diary they'd be trying to find?

Use a person's full name, without any title. Senator Obama may become President Obama, and Michelle Obama might run for office.

If your diary covers an election or elected official, use election tags, which are generally the state abbreviation followed by the office. CA-01 is the first district House seat. CA-Sen covers both senate races. NY-GOV covers the New York governor's race.

Tags do not compound: that is, "education reform" is a completely different tag from "education". A tag like "reform" alone is probably not meaningful.

Consider if one or more of these tags fits your diary: Civil Rights, Community, Congress, Culture, Economy, Education, Elections, Energy, Environment, Health Care, International, Labor, Law, Media, Meta, National Security, Science, Transportation, or White House. If your diary is specific to a state, consider adding the state (California, Texas, etc). Keep in mind, though, that there are many wonderful and important diaries that don't fit in any of these tags. Don't worry if yours doesn't.

You can add a private note to this diary when hotlisting it:
Are you sure you want to remove this diary from your hotlist?
Are you sure you want to remove your recommendation? You can only recommend a diary once, so you will not be able to re-recommend it afterwards.
Rescue this diary, and add a note:
Are you sure you want to remove this diary from Rescue?
Choose where to republish this diary. The diary will be added to the queue for that group. Publish it from the queue to make it appear.

You must be a member of a group to use this feature.

Add a quick update to your diary without changing the diary itself:
Are you sure you want to remove this diary?
(The diary will be removed from the site and returned to your drafts for further editing.)
(The diary will be removed.)
Are you sure you want to save these changes to the published diary?

Comment Preferences

Subscribe or Donate to support Daily Kos.

Click here for the mobile view of the site