Transcript: Sen. Al Franken’s Q&A with Robert Litt and Brad Wiegmann on the Surveillance Transparency Act – Nov. 13, 2013

Partial transcript of Sen. Al Franken’s (D-Minnesota) Q&A with Robert Litt, General Counsel at the Office of the Director of National Intelligence, and Brad Wiegmann, Deputy Assistant Attorney General, National Security Division, on the Surveillance Transparency Act of 2013. The Senate Judiciary Subcommittee on Privacy, Technology and the Law hearing was held on Nov. 13, 2013:

Sen. Al Franken (D-Minnesota):
…I will say about the disclosures. As I’ve said, these have been, I think, in good faith. It’s just that there’s nothing in the law about them so there’s nothing permanent about what you’re doing. What we’re trying to do is create a framework where people have some little bit more confidence or understanding or can decide for themselves whether they should have confidence.

Mr. Litt, you indicated that ODNI may lack the technical ability to estimate the number of U.S. citizens and permanent residents whose information has been collected under the different surveillance authorities. I find this kind of troubling. Here’s why: We give the intelligence community broad legal power to conduct surveillance precisely because that surveillance is supposed to be targeted at foreign adversaries, not at Americans.

Many of the broadest laws we’ve written like Section 702 of FISA explicitly say that you can only use this law only to target foreign people. You cannot use it to target U.S. persons. Mr. Litt, isn’t it a bad thing that NSA doesn’t even have a rough sense of how many Americans have had their information collected under a law – Section 702 – that explicitly prohibits targeting Americans?

Robert Litt, General Counsel at the Office of the Director of National Intelligence:
So I have to preface everything here by emphasizing that I’m a lawyer, not an engineer or a computer scientist, and so everything I say here gets filtered through that prism…

But I think it’s important to differentiate here the concept of who is targeted for collection and whose collections are incidentally collected.

NSA – because of the legal requirement, for example, under Section 702, NSA only target non-U.S. persons, NSA does the research necessary when they have a target to determine whether that person is or is not a U.S. person. They need to be able to make that determination. That’s a very, very different process from saying, we’re going to look at all the communications that are collected and we’re going to evaluate every single party to every one of those communications to determine whether or not that’s a U.S. person. So they do have the ability to try to make the determination as to whether somebody is or is not a U.S. person for the purpose of targeting that person. But that’s a different proposition.

Sen. Al Franken (D-Minnesota):
Okay, well, I think an estimate, though, could be made through statistical sampling – a method that has been used in comparable circumstances before the FISA court. I’d like to add to the record two pieces of testimonies that to me suggest that the NSA could be able to estimate how many Americans have been – have had their information collected under foreign intelligence authorities. The first is from Gen. [Keith] Alexander – he testified in September that the NSA employs over 1,000 mathematicians, more than any employer in the United States, more than every university in Minnesota, more than MIT or CalTech. The second testimony is from Ed Felten, a Princeton professor and a former technologist for the Federal Trade Commission. He said that “Yes, the government has the ability to give a rough estimate of the number of American citizens and permanent residents whose metadata and content have been collected.”

Let’s move on to the disclosure by the companies. Mr. Litt, in your testimony you warned that “more detailed company by company disclosure threatens harm to national security by providing a roadmap for our adversaries on the government surveillance capabilities”.

This concern makes sense, but I have difficulty reconciling your testimony with the government’s actions with respect to major companies like Google. The government lets Google publish the number of national security letters it receives each year and the number of users affected. And two months ago, Michael Hayden, the former Director of NSA and of CIA, gave a speech in which he said “GMail is the preferred Internet service provider of terrorists worldwide.” That’s a verbatim quote according to the Washington Post.

Mr. Litt, it seems to me that if the former head of the CIA and the NSA doesn’t think it’s a problem to let everyone know that terrorists just love GMail, then why do you think that a company by company disclosure threatens national security? He evidently doesn’t.

Robert Litt, General Counsel at the Office of the Director of National Intelligence:
A couple of thoughts on that. To my knowledge, Gen. Hayden didn’t talk to us before making those statements. I don’t know that we would have authorized that statement to be made. I just don’t know what was done there. The point is that if we allow the companies on an annual basis to publish these statistics, it’s going to simply provide additional information out there as new companies come online and pop up. You may have a company that, for example, for a period of years shows no orders and then all of a sudden starts showing orders and that conveys a message that says, “Oh, we’ve got the capability to collect this now.” The more details we provide out there and the more we break this down by authorities and companies, the more easy it becomes for our adversaries to know where to talk and where not to talk.

What we have agreed to allow the companies to do is to report the aggregate number of times in which they provide information about their customers to the government. And that, it seems to me, is an adequate way of providing the public the information they need to know about the minuscule proportion of times in which that actually happens. And breaking it down further in our view crosses the line between the appropriate balance between transparency and national security.

Sen. Al Franken (D-Minnesota):
We’re going to have some testimony from some privacy people and from Google talk about that aggregation. I don’t think that aggregation is all that helpful because you really are not giving people an idea of how much it is – you’re mixing apples and oranges. So you’re having how many wiretaps are on mobsters with – I mean, to me it doesn’t create the kind of transparency that creates the kind of knowledge the American people – that gives the American people the way to judge the program.

Let me ask Mr. Wiegmann something…I understand that you think my bill would require too much detail and government report. I’m going to weigh that feedback very carefully. But I do want to point out that when I drafted the government reporting requirements in the bill, I modeled them after the wiretap report that the Department of Justice releases every year.

If you look at last year’s report, it breaks down the number of wiretaps not just nationally but by specific jurisdiction and then breaks down those numbers by the nature of the wiretaps – by mobile phone or home phone or business phone. Last year’s wiretap report shows that federal prosecutors in Manhattan secured wiretap orders for mobile phones 48 times in 2012 while their colleagues in Brooklyn only did this 5 times in the same period. The wiretap report contains a wealth of information and yet nobody’s arguing that criminals in Manhattan are reading the reading wiretap report and fleeing to Brooklyn because, you know, they’re less likely to get their phones tapped there. My bill wouldn’t even require anything near this level of reporting. It would require the government to report national statistics and anytime a number of Americans affected was lower than 500, the report would just say “fewer than 500”.

Mr. Wiegmann, why would the reporting requirements in my bill raise national security concerns if the far more detailed reporting requirements in DOJ’s wiretap reports don’t raise public safety concerns?

Brad Wiegmann, Deputy Assistant Attorney General, National Security Division:
So, that’s a good question. The regular wiretaps in the wiretap act don’t involve classified techniques. So there are platforms that we use in the intelligence context that it’s unknown to the outsiders or anyone outside the executive branch as to whether we can collect on a particular communications technology…

Sen. Al Franken (D-Minnesota):
The disclosures wouldn’t be talking about a technology other than it’s on the Internet or the phone. All those are technologies.

Brad Wiegmann, Deputy Assistant Attorney General, National Security Division:
Right. We think that our adversaries can surmise – let’s say for example in year 1, we know that there’s a company that has a particular number of surveillance requests and that number is published. They then introduce a new capability – a new service that they provide – and then all of a sudden that number goes up dramatically in the following year. That’s something that our adversaries could glean information from that and surmise as to whether we have the capability to collect on new technology. So that’s the type of thing that I’m talking about that’s different than in the wiretap context where everyone knows that a basic phone tap is something you can do. So that’s the difference there.

I’d also like to address briefly your question – your last question to Mr. Litt about NSLs. The reason why NSLs are different than other collection methods is that’s just collecting business records; it’s not an interception capability, it’s not – you’re not intercepting communications in real time. You’re just collecting business records that the companies have, and so that’s the distinction there that we don’t have the same concerns about revealing those numbers in aggregate that we would with intercept capabilities.

###

Learn More:

9 Comments on “Transcript: Sen. Al Franken’s Q&A with Robert Litt and Brad Wiegmann on the Surveillance Transparency Act – Nov. 13, 2013

  1. Pingback: U.S. Internet giants sign open letter urging reform of U.S. government surveillance | What The Folly?!

  2. Pingback: Transcript: ODNI General Counsel Robert Litt's testimony on the Surveillance Transparency Act - Nov. 13, 2013 | What The Folly?!

  3. Pingback: Transcript: Center for Democracy and Technology Free Expression Project Director Kevin Bankston's testimony on the Surveillance Transparency Act - Nov. 13, 2013 | What The Folly?!

  4. Pingback: Transcript: Sen. Richard Blumenthal's Q&A with Robert Litt and Brad Wiegmann on the Surveillance Transparency Act - Nov. 13, 2013 | What The Folly?!

  5. Pingback: Transcript: Sen. Jeff Flake's Q&A with Robert Litt and Brad Wiegmann on the Surveillance Transparency Act - Nov. 13, 2013 | What The Folly?!

  6. Pingback: Transcript: Consultant Paul Rosenzweig's testimony on the Surveillance Transparency Act - Nov. 13, 2013 | What The Folly?!

  7. Pingback: Transcript: Deputy Assistant Attorney General Brad Wiegmann’s testimony on the Surveillance Transparency Act – Nov. 13, 2013 | What The Folly?!

  8. Pingback: Transcript: Sen. Al Franken’s Q&A with Kevin Bankston, Richard Salgado and Paul Rosenzweig on the Surveillance Transparency Act – Nov. 13, 2013 | What The Folly?!

  9. Pingback: Transcript: Sen. Richard Blumenthal’s Q&A with Kevin Bankston, Richard Salgado and Paul Rosenzweig on the Surveillance Transparency Act – Nov. 13, 2013 | What The Folly?!

Leave a Reply

Your email address will not be published.