How the FBI loosened limits on warrantless surveillance “backdoor searches” in 2011

At Just Security, Jake Laperruque writes about the recently declassified Foreign Intelligence Surveillance Court opinion re-upping the FISA Amendments Act warrantless surveillance program for another year. That is the ruling in which Judge Hogan, after hearing constitutional concerns about backdoor searches by FBI agents working on ordinary criminal cases, reaffirmed that such searches are constitutional.

Jake is digging into other parts of the opinion and notes that Judge Hogan wrote that FBI agents may perform such a query even before opening an “assessment” — the bureau’s lowest level of criminal or national-security investigation. On Twitter, Jake and Marcy Wheeler were talking about this and I jumped in; Marcy says [update to emphasize: link is to a lengthy analysis she wrote about the same opinion on April 22; it also flagged the pre-assessment usage option] she is particularly concerned about language that says F.B.I. agents may do this not just to identify foreign intelligence or criminal information for their investigations or to decide whether to open an assessment, but for other, unspecified purposes (“are not limited to”).

I think something is knowable here that I want to explore in a greater than 140 characters. It doesn’t seem like “news,” but maybe will be interesting to specialists.

(Preliminary: Under the FISA Amendments Act, the government may collect, on domestic soil and without a warrant, messages of targeted non-citizens abroad – including when they communicate with Americans. A “backdoor search” is when government officials query the database of messages previously collected in that fashion using an American’s name or e-mail address as the search term. Some lawmakers want to require the government to get a warrant before using an American’s identifier as search term.)

Anyway, back in 2011, Valerie Caproni, then the FBI’s general counsel and now a Federal District Court judge in the Southern District of New York, revised the bureau’s Domestic Investigations and Operations Guide (basically, its manual of rules — agents call it the “DIOG”) in several ways that relaxed limits on agents’ powers. One was giving agents more leeway to search existing law enforcement databases without having to open an assessment first. From an article in June of that year about the forthcoming changes:

Some of the most notable changes apply to the lowest category of investigations, called an “assessment.” The category, created in December 2008, allows agents to look into people and organizations “proactively” and without firm evidence for suspecting criminal or terrorist activity.

Under current rules, agents must open such an inquiry before they can search for information about a person in a commercial or law enforcement database. Under the new rules, agents will be allowed to search such databases without making a record about their decision.

Mr. German said the change would make it harder to detect and deter inappropriate use of databases for personal purposes. But Ms. Caproni said it was too cumbersome to require agents to open formal inquiries before running quick checks. She also said agents could not put information uncovered from such searches into F.B.I. files unless they later opened an assessment.

I haven’t thought about that article for a long time, but this Twitter exchange reminded me of it. The FBI completed the new manual in October 2011 and later released a redacted version of it, so we can see what this change regarding searches of databases looked like. In post-Snowden hindsight, relaxing limits on queries of FISA Amendments Act data was clearly a part of it. Specifically, the manual had a new section for “Activities Authorized Prior to Opening An Assessment,” which indeed includes permitting searches of law enforcement “records or information.”


5-1-1

If we turn to Section 18.5.2, we see what “records or information” means in greater detail. It means performing a probably federated query across all law enforcement databases, explicitly including “raw FISA collections.”


18.5.2

The discussion about restricted access to certain records may at first glance seem like agents do not get to query raw FISA collections, but “access” is is instead about needing permission to read any “hits” returned from a query. An endnote in Power Wars explains how this works ** :

FBI FISA search

So. We know the FBI first gained access to its own repository of the raw fruits of FISA Amendments Act surveillance in October 2009, when the intelligence court permitted it to begin keeping its own copy of certain Prism system data to process for its own ends, rather than just serving as a conduit for it to flow from webmail companies to the NSA.* (The NSA doesn’t share with the bureau raw access to the other two types of FISA Amendments Act data – upstream Internet and international phone calls.) At that point, agents could perform “backdoor” queries for open assessments and preliminary and full investigations.

Now we can see more clearly that in October 2011, the FBI granted agents greater leeway to search through that information — even when they were not actively investigating anything, but rather whenever they are “initially processing a complaint, observation, or information.” Whatever that means.

On the other hand, Judge Hogan’s opinion also highlighted this section of the PCLOB report on the FISA Amendments Act (from two GOP members of the Privacy and Civil Liberties Oversight Board’s separate statement). It suggests that in practice, this may all be much ado about nothing when it comes to backdoor searches for criminal-case purposes, as opposed to national-security investigations:

muchado

Judge Hogan ordered the Justice Department to begin reporting to the Foreign Intelligence Surveillance Court every time agents working on non-security investigations read Americans’ private messages following a backdoor search. Perhaps the Office of the Director of National Intelligence will be kind enough to declassify redacted versions of any such filings or a future court opinion summarizing them, so the rest of us can know, too.

* As Judge Hogan pointed out, the FBI doesn’t get all raw Prism data, just collection from tasked selectors that are deemed relevant to one of its open investigations. That would presumably include anything related to terrorism, since it has open-ended “enterprise” investigations into groups like Al Qaeda, but perhaps not intelligence collection related to more run-of-the-mill diplomatic espionage.

** [EDIT TO ADD THIS]

It’s worth including that Judge Hogan discusses this process in his ruling. The context is that the FBI included new language in the minimization rules this round saying that queries that do not return direct access to FISA Amendments Act intercepts will not count as a “query,” even if they do return a notification of a “hit.” Judge Hogan was fine with that, and styled this description as a clarification rather than a change:

The government has added language to the querying provisions of the FBI Minimization Procedures to clarify that a search of an FBI storage system containing acquired information does not constitute a “query” within the meaning of the procedures if the user conducting the search does not receive access to unminimized Section 702-acquired information in response to the search. In such cases, the query results include a notification that the queried dataset contains Section 702-acquired information responsive to the query.

The new language also clarifies what actions an agent or analyst without appropriate training and access to Section 702 information may take upon receiving a positive “hit” indicating the existence of (but not access to) responsive information. Such a user may request that FBI personnel with Section 702 access rerun the query if it otherwise would be authorized by the FBI Minimization Procedures and if the request is approved by both the user’s supervisor and by a national security supervisor. Generally speaking, the user without access to FISA-acquired information can be provided with access to information contained in the query results only if such information reasonably appears (based on the review of FBI personnel with authorized access to Section 702-acquired information) to be foreign intelligence information, to be necessary to understand foreign intelligence information, or to be evidence of a crime. If it is “unclear,” however, whether one of these standards is met, “the user, who does not otherwise have authorized access may review the query result solely in order to assist in the determination of whether information contained within the results meets those standards.” According to the government, such situations are “very rare.”

(From pages 28-29; citations and footnotes omitted.)