Several members of the Senate Intelligence Committee wrote to the Foreign Intelligence Surveillance Court this month to ask the Court to prepare summaries of classified opinions that represent significant interpretations of the Foreign Intelligence Surveillance Act in order to facilitate their declassification and public release.

Meanwhile, the U.S. Supreme Court ruled that plaintiffs challenging the constitutionality of the FISA Amendments Act lacked the requisite legal standing to pursue their case, effectively foreclosing public oversight of intelligence surveillance through the courts.

The Senate letter, the text of which was not released, stems from an amendment to the FISA Amendments Act that was introduced by Sen. Jeff Merkley in December to promote declassification of significant Surveillance Court opinons.  The Merkley amendment was not adopted — none of the legislative proposals to increase accountability were approved — but Senate Intelligence Committee chair Sen. Dianne Feinstein promised to work with Sen. Merkley to advance the declassification of FISC opinions.

“An open and democratic society such as ours should not be governed by secret laws, and judicial interpretations are as much a part of the law as the words that make up our statute,” said Sen. Merkley at that time. “The opinions of the FISA Court are controlling. They do matter. When a law is kept secret, public debate, legislative intent, and finding the right balance between security and privacy all suffer.”

“I wish to address, if I could, what Senator Merkley said in his comments,” said Sen. Feinstein during the December 27 floor debate. “I listened carefully. What he is saying is opinions of the Foreign Intelligence Surveillance Court should, in some way, shape or form, be made public, just as opinions of the Supreme Court or any court are made available to the public. To a great extent, I find myself in agreement with that. They should be.”

“I have offered to Senator Merkley to write a letter requesting declassification of more FISA Court opinions,” Sen. Feinstein continued. “[…] When possible, the opinions of the Foreign Intelligence Surveillance Court should be made available to the public in declassified form. It can be done, and I think it should be done more often. If the opinion cannot be made public, hopefully a summary of the opinion can. And I have agreed with Senator Merkley to work together on this issue.”

That letter, signed by Senators Feinstein, Merkley, Ron Wyden and Mark Udall, has now been sent to the FISA Court, where it awaits an official response.

Though the letter itself is a modest step, the willingness of congressional overseers to assert themselves on behalf of public accountability takes on new importance in light of yesterday’s Supreme Court decision (by a 5-4 vote) to block a constitutional challenge to the FISA Amendments Act. That decision all but closes the door to public oversight of the law’s implementation through the courts.

The Court majority insisted that judicial review of government surveillance activities is alive and well, contrary to the plaintiffs’ assertion.  It is “both legally and factually incorrect” to assert that surveillance is insulated from judicial review, stated the majority opinion written by Justice Samuel A. Alito, Jr., who cited the role of the Foreign Intelligence Surveillance Court in authorizing surveillance activities.

But ACLU attorney Jameel Jaffer said that view “seems to be based on the theory that the FISA Court may one day, in some as-yet unimagined case, subject the law to constitutional review, but that day may never come. And if it does, the proceeding will take place in a court that meets in secret, doesn’t ordinarily publish its decisions, and has limited authority to consider constitutional arguments. This theory is foreign to the Constitution and inconsistent with fundamental democratic values,” Jaffer said.

On Monday, Sen. Feinstein paid tribute to L. Christine Healey, a professional staff member of the Senate Intelligence Committee who is retiring this week.  For three decades, Ms. Healey has played an influential role in intelligence oversight as a staffer on the House and Senate intelligence committees, as well as on the 9/11 Commission.  “She has been as responsible as anyone for the passage of a string of four annual intelligence authorization bills, including the fiscal year 2013 act that was completed in December,” said Sen. Feinstein.

Ms. Healey was also credited by Sen. Feinstein as “the principal drafter of the FISA Amendments Act of 2008.”

The across-the-board budget cuts known as sequestration that are expected to take effect on March 1 could impede the government’s ability to respond to WikiLeaks and to rectify the flaws in information security that it exposed, a Pentagon official told Congress recently.

Zachary J. Lemnios, the assistant secretary of defense for research and engineering, was asked by Sen. Rob Portman (R-Ohio) to describe the “most significant” impacts on cybersecurity that could follow from the anticipated cuts to the Pentagon’s budget.

Mr. Lemnios replied that “cuts under sequestration could hurt efforts to fight cyber threats, including […] improving the security of our classified Federal networks and addressing WikiLeaks.”

The sequester could also interfere with the Comprehensive National Cybersecurity Initiative that began under President Bush, he said, and could hold up plans to “initiat[e] continuous monitoring of unclassified networks at all Federal agencies.”

Mr. Lemnios’ response to Sen. Portman’s question for the record (which had not specifically mentioned WikiLeaks) followed a March 2012 Senate Armed Services Committee hearing on Emerging Threats and Capabilities that was published in December 2012 (at page 42).

Generally speaking, computer security within the military is a daunting problem, Mr. Lemnios told the Committee, particularly since “The Department operates over 15,000 networks and 7 million computing devices across hundreds of installations in dozens of countries around the globe.”

The challenge of cybersecurity cannot be fully described in public, said Dr. Kaigham J. Gabriel of DARPA. “The complete picture requires a discussion at the special access level.”  But he told the Committee last year that several basic points can be openly acknowledged:

“Attackers can penetrate our networks:  In just 3 days and at a cost of only $18,000, the Host-Based Security System” — the Pentagon’s baseline computer security system — “was penetrated.”

“User authentication is a weak link: 53,000 passwords were provided to teams at Defcon; within 48 hours, 38,000 were cracked.”

“The Defense supply chain is at risk: More than two-thirds of electronics in U.S. advanced fighter aircraft are fabricated in off-shore foundries.”

“Physical systems are at risk: A smartphone hundreds of miles away took control of a car’s drive system through an exploit in a wireless interface.”

“The United States continues to spend on cybersecurity with limited increase in security: The Federal Government expended billions of dollars in 2010, but the number of malicious cyber intrusions has increased.”

Though it was presumably not intentional, the WikiLeaks project galvanized government information security programs and accelerated efforts to devise “insider threat” detection mechanisms, along with intensified surveillance of classified and unclassified government computer networks.

“New classes of anomaly detection methods have been developed and are based on aggregating events across time and multiple sources to identify network and host-based behavior that might be malicious,” James S. Peery of Sandia National Laboratories told the Senate Armed Services Committee at last year’s hearing.  “These approaches and behavioral-based methods have been successful in finding previously undiscovered malware.”

“One drawback of this technology, though, is that it has a very high false positive rate,” he said.

Government-sponsored scientific research published in expensive journals should become more readily accessible to the public under an initiative announced by the White House Office of Science and Technology Policy on Friday.

Federal agencies that fund at least $100 million per year in scientific research were directed by White House science advisor John Holdren to develop plans to make the results of such research publicly available free of charge within a year of original publication.

“The logic behind enhanced public access is plain,” Dr. Holdren wrote in response to a public petition on the White House web site. “We know that scientific research supported by the Federal Government spurs scientific breakthroughs and economic advances when research results are made available to innovators. Policies that mobilize these intellectual assets for re-use through broader access can accelerate scientific breakthroughs, increase innovation, and promote economic growth.”

But the benefits of open access are not the sole consideration in the new policy.  “The Administration also recognizes that publishers provide valuable services, including the coordination of peer review, that are essential for ensuring the high quality and integrity of many scholarly publications. It is critical that these services continue to be made available.”

“We wanted to strike the balance between the extraordinary public benefit of increasing public access to the results of federally-funded scientific research and the need to ensure that the valuable contributions that the scientific publishing industry provides are not lost,” Dr. Holdren wrote.

The resulting policy mandating free public access within 12 months of publication is the result of an attempt to balance those competing interests, and it too is subject to future modification “based on experience and evidence.” (WaPo, NYT)

Members of the public are invited to comment on the feasibility and desirability of various forms of institutional oversight at federally-funded institutions that perform research involving certain pathogens or toxins.

“Certain types of research that are conducted for legitimate purposes may also be utilized for harmful purposes. Such research is called ‘dual use research’,” said a Notice filed in the Federal Register Friday by the Office of Science and Technology Policy.

“Dual use research of concern (DURC) is a smaller subset of dual use research defined as life sciences research that, based on current understanding, can be reasonably anticipated to provide knowledge, information, products, or technologies that could be directly misapplied to pose a significant threat with broad potential consequences to public health and safety, agricultural crops and other plants, animals, the environment, materiel, or national security,” the OSTP Notice explained.

The term “dual use research of concern” should not be taken in a pejorative sense, OSTP said.

“Research that meets the definition of DURC often increases our understanding of the biology of pathogens and makes critical contributions to the development of new treatments and diagnostics, improvements in public health surveillance, and the enhancement of emergency preparedness and response efforts. Thus, designating research as DURC should not be seen as a negative categorization, but simply an indication that the research may warrant additional oversight in order to reduce the risks that the knowledge, information, products, or technologies generated could be used in a manner that results in harm. As a general matter, designation of research as DURC does not mean that the research should not be conducted or communicated.”

In the February 22 Federal Register Notice, OSTP posed a series of questions concerning potential oversight arrangements for dual use research of concern and solicited feedback from interested members of the public.

Judge Claire V. Eagan of the Northern District of Oklahoma was appointed this month to the U.S. Foreign Intelligence Surveillance Court by the Chief Justice of the United States.

Her term on the FIS Court began on February 13, 2013 and will extend until May 18, 2019.  She replaces Judge Jennifer B. Coffman, who retired on January 8 before the end of her term.  Another appointment, to replace outgoing Judge John D. Bates, whose term ends tomorrow, is imminent, said Sheldon Snook, spokesman for the Court.

The FIS Court authorizes electronic surveillance and physical searches for intelligence and counterterrorism purposes. The current membership of the Court is listed here.

Judge Eagan was appointed to the federal bench by President George W. Bush in 2001.

The FIS Court has been discussed lately as a potential model for some form of judicial review of the use of drones in lethal strikes against suspected terrorists. Speaking at the February 7 confirmation hearing of John Brennan to be CIA Director, Senate Intelligence Committee chair Sen. Dianne Feinstein said her Committee would examine “the proposal to create an analogue of the Foreign Intelligence Surveillance Court to review the conduct of such strikes.”

But the application of the FISA model for authorizing intelligence surveillance to the substantially different issue of lethal targeting would not be straightforward, and may not be appropriate at all.

The notion “that federal judges ought to be assigned the task of monitoring, mediating and approving the killer instincts of our government […] is a very bad idea,” wrote Judge James Robertson, a former FIS Court member, in the Washington Post (“Judges shouldn’t decide about drone strikes,” February 15).

There are significant barriers to the Army’s use of unmanned aerial systems within the United States, according to a new Army manual, but they are not prohibitive or categorical.

“Legal restrictions on the use of unmanned aircraft systems in domestic operations are numerous,” the manual states.  The question arises particularly in the context of Defense Support of Civil Authorities (DSCA), refering to military assistance to government agencies in disaster response and other domestic emergencies.

“Use of DOD intelligence capabilities for DSCA missions–such as incident awareness and assessment, damage assessment, and search and rescue–requires prior Secretary of Defense approval, together with approval of both the mission and use of the exact DOD intelligence community capabilities. Certain missions require not only approval of the Secretary of Defense, but also coordination, certification, and possibly, prior approval by the Attorney General of the United States.”

As a general rule, “military forces cannot use military systems for surveillance and pursuit of individuals.”  This is precluded by the Posse Comitatus Act, as reflected in DoD Directive 5525.5.

But there is a possibility that exceptions may arise, the manual indicates.  “[Unmanned aircraft] operators cannot conduct surveillance on specifically identified U.S. persons, unless expressly approved by the Secretary of Defense, consistent with U.S. laws and regulations.”  See U.S. Army Field Manual FM 3-52, Airspace Control, February 2013 (especially Appendix G).

“Commanders decide to employ unmanned aircraft systems judiciously. Use of unmanned aircraft systems requires approval at high levels within the DOD and the FAA prior to employment in DSCA,” the manual states.

“Certain unmanned aircraft systems such as Global Hawk can operate far above normal commercial traffic while providing situation assessment to ground commanders. Intermediate systems such as the Predator have supported recent disaster operations, dramatically increasing situational awareness at the joint field office level. If available and authorized, these systems can provide near-real-time surveillance to command posts for extended periods. The approval process is not automatic.”

The Army manual asserts that the perceived risks of drone failure or accident are out of proportion to the actual documented risks.

“For example, from 2003 to 2010, small, unmanned aircraft systems flew approximately 250,000 hours with only one incident of a collision with another airspace user. However, the perception of the risk posed by small, unmanned aircraft systems was much greater.” (page A-1).

The Obama Administration issued policy statements this week on critical infrastructure protection and cyber security, including measures to encourage information sharing with the private sector and other steps to improve policy coordination.  Curiously, the Administration issued both an Executive order and a Presidential directive devoted to these topics.

Executive Order 13636 focuses on “Improving Critical Infrastructure Cybersecurity” while Presidential Policy Directive 21 deals more broadly with “Critical Infrastructure Security and Resilience.”

But the simultaneous release of the two types of Presidential instruction on overlapping themes raises the question:  What is the difference between an Executive Order and a Presidential Directive?

“There are probably two significant differences between an EO and a PD, at least to my understanding,” said Harold Relyea, who served for decades as a Specialist in American National Government at the Congressional Research Service.

“First, in almost all cases, for an EO to have legal effect, it must be published in the Federal Register.  This is a statutory requirement.  A PD does not have to meet this publication requirement, which means it can more readily be ‘born classified’.”

“Second,” he added, “is the matter of circulation and accountability.  EOs are circulated to general counsels or similar agency attorneys, which can be readily accomplished by FR publication.  Again, a PD may be more selectively circulated, and this is done through developed routing procedures.  Ultimately, EOs are captured not only in the FR, but also in annual volumes (Title 3) of the CFR [Code of Federal Regulations].  PDs are maintained in the files of the NSC staff and, God knows, if anywhere else!  I might also add that a form for EOs has been prescribed (in an EO); no form has been prescribed (as far as I know) for PDs.”

A CRS overview of the various types of “Presidential Directives” authored by Dr. Relyea in 2008 is available here.

The Justice Department Office of Legal Counsel wrote in a 2000 opinion that executive orders and directives are equivalent in their force and impact.  “As this Office has consistently advised, it is our opinion that there is no substantive difference in the legal effectiveness of an executive order and a presidential directive that is not styled as an executive order.”

For reasons that are not immediately clear, President Obama has issued presidential directives much less frequently than his predecessors.  The latest directive, PDD-21, is only the 21st such Obama directive.  By comparison, President George W. Bush had issued 42 directives by the first January of his second term.  President Clinton had issued 53 directives by the beginning of his second term.

The unauthorized disclosure last week of a Justice Department White Paper on the legality of targeted killing of senior al Qaida operatives who are Americans had the collateral effect of strengthening congressional oversight of intelligence.

The leak not only fulfilled a stalemated congressional effort to provide information to the public, but it also catalyzed the long-sought disclosure of classified documents to the intelligence committees themselves.

Although the intelligence committees received the White Paper in June 2012, they proved powerless on their own to gain its broader public release, or to acquire their own copies of the underlying legal memoranda.

“I have been calling for the public release of the administration’s legal analysis on the use of lethal force–particularly against U.S. citizens–for more than a year,” said Sen. Dianne Feinstein, the chair of the Senate Intelligence Committee in a February 5 statement. “That analysis is now public….”

In other words, what the chairman of the Senate Intelligence Committee was unable to accomplish for over a year was achieved by a resourceful reporter (Michael Isikoff of NBC) along with a cooperative source.  That is a peculiar fact that ought to prompt some soul-searching on the part of the Committee, which has been relentlessly critical of intelligence-related leaks.

But the disclosure did more than just make the White Paper available to the public and launch a substantial public debate on its contents.  It also enhanced the ability of the intelligence committees themselves to gain access to additional classified records on which oversight depends.

Specifically, it was the leak of the White Paper that enabled the belated disclosure of two classified Office of Legal Counsel memoranda to the intelligence committees last week.

The causal relationship between the leak and the release of the OLC memos was made explicit by White House press secretary Jay Carney at a February 7 press gaggle.

“I mean, there has always been some interest, obviously, but there has been heightened interest.  I think that what you’ve seen in the — because of the public disclosure of the white paper, is that that interest reached higher levels than in the past, and therefore this decision was made to make this extraordinary accommodation to provide classified Office of Legal Counsel advice,” Mr. Carney said.

This statement neatly illustrates the synergy that can exist among robust national security reporting, public awareness and effective intelligence oversight.

Yet the Senate Intelligence Committee in particular seems to have lost sight of the benefits for its own work of press attention and public engagement. The February 7 hearing on the nomination of John Brennan to be Director of CIA marked the end of a period of more than one year — dating from January 31, 2012 — without a public hearing. This may be an unprecedented hiatus in the history of the Senate Committee.  (The House Intelligence Committee has held public hearings more frequently.)  In light of last week’s events, the nearly exclusive emphasis on closed hearings should perhaps be reconsidered.

Updated below

Late Friday afternoon, the Department of Justice released an official copy of its White Paper on lethal targeting of Americans to Freedom of Information Act requesters, including FAS and Truthout.org, several days after it had been leaked to the press.

The official version appears to be identical to the document posted by NBC News, except that it contains a notation on the first page stating “Draft November 8, 2011.” (It also lacks the heavy-handed NBC watermark.)

“The Department has determined that the document responsive to your request is appropriate for release as a matter of agency discretion,” wrote Melanie Ann Pustay, director of the Office of Information Policy at the Department of Justice.

This is a surprising statement, because as recently as two or three weeks earlier, the Department had said exactly the opposite.

“The document is protected by the deliberative process privilege, and is not appropriate for discretionary release at this time,” wrote Paul Colborn of the DoJ Office of Legal Counsel in a January 23, 2013 denial letter to the New York Times.

What changed in the interim?  Obviously, the fact that the document leaked — and had already been read by most people who cared to do so — altered DoJ’s calculation.  The decision to cease withholding the document in light of its public availability displays some minimal capacity for reality-testing.  To continue to insist that the document was protected and exempt from release would have been too absurd.

But the Freedom of Information Act process is supposed to meet a higher standard than “not absurd,” and in this case it failed to do so.

According to a FOIA policy statement issued by Attorney General Eric Holder in 2009, “an agency should not withhold information simply because it may do so legally.  I strongly encourage agencies to make discretionary disclosures of information. An agency should not withhold records merely because it can demonstrate, as a technical matter, that the records fall within the scope of a FOIA exemption.”

The Attorney General’s policy cited President Obama’s own statement on FOIA which declared that “The Government should not keep information confidential merely because public officials might be embarrassed by disclosure, because errors and failures might be revealed, or because of speculative or abstract fears.”

The pre-leak withholding of the White Paper on targeted killing appears to have been inconsistent with both policy statements.  It is now clear that only “speculative or abstract fears” were at issue, not actual hazards.

Was the release of the memo “a threat to national security”?  A reporter asked that question at the White House press briefing on February 5. “No. No,” said Press Secretary Jay Carney.  “It wasn’t designed for public release, but it’s an unclassified document.”

“And since it is out there,” he added, “you should read it.”

Last week, Reps. Darrell Issa and Elijah Cummings of the House Committee on Oversight and Government Reform asked the Department of Justice to explain several apparent inconsistencies between FOIA policy and actual practice.

“The Committee seeks information about a number of issues including what many term as outdated FOIA regulations, exorbitant and possibly illegal fee assessments, FOIA backlogs, the excessive use and abuse of exemptions, and dispute resolution services,” they wrote in a February 4 letter.

Update: The belated release of the White Paper may have been dictated by tactical considerations intended to evade an ACLU FOIA lawsuit for related records, suggests Marcy Wheeler at Emptywheel.

The procedures for establishing, managing and overseeing special access programs (SAPs) in the Department of Defense are spelled out in an updated DoD Instruction that was issued yesterday.  See “Management, Administration, and Oversight of DoD Special Access Programs,” DoD Instruction 5205.11, February 6, 2013.

A special access program is a classified program that employs security measures above and beyond those that would normally be used to protect ordinary (or “collateral”) classified information. Such measures may include special eligibility reviews, polygraph testing, cover, and other controls on information.  Within DoD, SAPs fall into three broad topical categories: intelligence, acquisition, and operations and support.

DoD SAPs have been a focus of controversy in the past, because their intensive secrecy seemed to foster mismanagement.  There were massive, multi-billion dollar failures (e.g., the aborted A-12 naval aircraft program) as well as the occasional eccentricity (e.g., the Timber Wind nuclear powered rocket for anti-ballistic missile missions), both of which triggered Inspector General audits.

Because of those kinds of missteps, “The special access classification system… is now adversely affecting the national security it is intended to support,” the House Armed Services Committee concluded in 1991 (H.Rept. 102-60, p. 101).

But such concerns are expressed less frequently today. This is partly because of changes in Congress, but also because the administration of special access programs at the Pentagon has become less improvisational and freewheeling, and more standardized. (Whether they are also more successful is impossible to say.)

The newly updated DoD Instruction defines the SAP “governance structure,” which consists of a multi-level SAP Oversight Committee (SAPOC), the Senior Review Group (SRG), and the SAP Senior Working Group (SSWG).

The Instruction also sheds light on the hierarchical structure of some SAPs, which are in effect SAPs within SAPs: “DoD SAPs may include subordinate activities identified as, in descending order, compartments, sub-compartments, and projects.”

There is also another SAP hierarchy along an axis of sensitivity. “Acknowledged SAPs,” whose existence may be admitted and made known to others, are the least sensitive.  “Unacknowledged SAPs” (such as Timber Wind once was) are more sensitive and cannot be referenced. Their very existence is a classified fact.  But both of those categories must be reported to Congress.  “Waived SAPs” are the most sensitive of special access programs, and they are exempted by statute (10 USC 119e) from normal congressional notification requirements.  In such cases, only eight senior members of the congressional defense committees may be advised of the program.

DoD’s SAPs are not to be confused with the intelligence community’s Controlled Access Programs (CAPs), which serve a similar function.  An official within the Office of the Under Secretary of Defense (Intelligence) is responsible for “deconflict[ing] the names and abbreviations for DoD’s SAPs and DNI’s CAPs.”

It is noteworthy that the new DoD Instruction on SAP management is a public document.  It rescinds and replaces a 1997 Instruction that was considered too sensitive for public release.

Among the questions submitted to DCIA-nominee John Brennan by the Senate Intelligence Committee in advance of his much-anticipated confirmation hearing this afternoon was one about classification policy.

A recent report to the President from the Public Interest Declassification Board termed the national security classification system “outdated,” the Committee noted.  Does Mr. Brennan agree?

“I would say that the classification system is perhaps outdated in some respects and the recommendations from the PIDB report warrant further consideration,” he replied (Question 30). “If confirmed as Director, I would review the PIDB’s conclusions and would be glad to get back to the Committee with my views.”

In other words, he seemed to say, one of the cornerstones of intelligence as practiced today may be obsolete, at least “in some respects.” But I have nothing to say about that right now. Let’s talk about it after I am confirmed.

Chief Justice of the United States John Roberts has appointed Judge Reggie B. Walton of the D.C. District Court to serve as Presiding Judge of the Foreign Intelligence Surveillance Court, effective February 22, 2013.

Judge Walton, who has been a member of the FIS Court since May 2007, will replace Presiding Judge John D. Bates, whose term expires on February 21.  Judge Walton’s own term on the Court extends through May 18, 2014.  His appointment as Presiding Judge was confirmed by Sheldon Snook, spokesman for the Court.

The Foreign Intelligence Surveillance Court reviews and authorizes applications for electronic surveillance and physical search under the Foreign Intelligence Surveillance Act.  A roster of the current court membership is here.

The Court’s operation under the recently renewed FISA Amendments Act was discussed in Reauthorization of the FISA Amendments Act, Congressional Research Service, January 2, 2013.

In his regular capacity as district court judge, Judge Walton has presided over a number of celebrated cases including U.S. v. Libby, U.S. v. Roger Clemens, and Hatfill v. John Ashcroft.  Less famously, he also heard Aftergood v. National Reconnaissance Office, a 2005 Freedom of Information Act case in which he ruled in favor of the plaintiff, myself.  That case inaugurated the now-routine public release of unclassified intelligence agency budget justification records.