A group convened by the Center for Strategic and International Studies has issued a Statement of Principles for rebuilding trust in intelligence activities. It is signed by the following people:

• Charles Blanchard, Former General Counsel and Chief Ethics Officer, U.S. Air Force
• Steven Bucci, Professor of Terrorism and Cyber Policy Studies, Homeland Security Management
• Institute, Long Island University
• James Carafano, Former Department of Homeland Security Advisory Council
• Michael Chertoff, Former Secretary of Homeland Security
• Charles Croom, Former Director, Defense Information Systems Agency
• Joan Dempsey, Former Deputy Director of Central Intelligence for Community Management
• Jamie Gorelick, Former Deputy Attorney General
• John Hamre, Former Deputy Secretary of Defense and President, CEO, and Pritzker Chair, CSIS
• Michael Hayden, Former Director of the Central Intelligence Agency
• Jon Kyl, Former Senator, Arizona, and Senate Minority Whip
• Ronald D. Lee, Former Associate Deputy Attorney General
• James A. Lewis, Senior Fellow and Director, Strategic Technologies Program, CSIS
• Joseph Lieberman, Former Senator, Connecticut, and Chairman of the Senate Homeland Security
• Committee
• Michael McConnell, Former Director of National Intelligence
• John McLaughlin, Distinguished Practitioner-in-Residence, Johns Hopkins School of Advanced
• International Studies, and Former Deputy Director, Central Intelligence Agency
• John Poindexter, Ret. Rear Admiral, U.S. Navy, and Former Assistant to the President for National
• Security Affairs
• Jeffrey Smith, Former General Counsel, Central Intelligence Agency, and Former General Counsel,
• Senate Armed Services Committee
• Mary Sturtevant, Former Senior Director, National Security Staff
• Lou Von Thaer, President, National Security Sector, Leidos

The document opens:

Since Edward Snowden fled to Russia, leaking sensitive information to selected press outlets, we have watched an uneven debate within the United States and in foreign countries about America’s intelligence programs. Snowden’s leaks undermine the safety of Americans and our allies. The perception that communications surveillance programs have not helped prevent terrorist attacks is wrong and reflects a profound misunderstanding of how intelligence is gathered and used.

Intelligence does not work as it is portrayed in films—a single agent does not make a startling discovery that leads to dramatic, last-minute success. Success is the product of the efforts of teams of dedicated individuals from many agencies, using many tools and techniques, and working together to assemble fragments of data from many sources into a coherent picture. This kind of analysis is not a retrospective investigation, nor can it be limited to “known terrorists” as some have suggested. The intent of intelligence is to illuminate the unknown and prevent surprise. Assertions that a collection program contributes nothing because it has not singlehandedly prevented an attack show a lack of understanding as to how the United States conducts intelligence activities and analysis to prevent harmful acts or attacks against the America and its allies.

The individuals below strongly believe that intelligence, guided by rule of law, plays an irreplaceable role in America’s security. While not all intelligence actions can be made public, all must be fully subject to oversight by Congress and, where appropriate, the courts, and the goals, principles, and responsibilities of the intelligence community should be debated publicly. This is essential for democracy and for maintaining the trust of the American people. To provide a meaningful framework for public debate on domestic surveillance and foreign intelligence, we offer the following principles, not to end discussion, but to structure a more thoughtful one.

David A. Simon, special counsel to the General Counsel, Department of Defense, has posted a new article to SSRN, “Ending Perpetual War? Constitutional War Termination Powers and the Conflict Against Al Qaeda” (41 Pepperdine Law Review 685 (2014)).  It’s an excellent article, and I heartily recommend it to those wanting a careful, nuanced walk through the domestic constitutional issues of the end of the conflict against Al Qaeda and associated forces.  Abstract:

This Article presents a framework for interpreting the constitutional war termination powers of Congress and the President and applies this framework to questions involving how and when the war against Al Qaeda and associated forces could end. Although constitutional theory and practice suggest the validity of congressional actions to initiate war, the issue of Congress’s constitutional role in ending war has received little attention in scholarly debates. Theoretically, this Article contends that terminating war without meaningful cooperation between the President and Congress generates tension with the principle of the separation of powers underpinning the U.S. constitutional system, with the Framers’ division of the treaty-making authority, and with the values they enshrine. Practically, this Article suggests that although the participation of both Congress and the President in the war termination process may make it more difficult to end a war, such cooperative political branch action ensures greater transparency and accountability in this constitutional process.  This Article also examines normative questions about the role of the President and Congress in exercising their respective war termination powers, and argues that the treaty-making process represents an approach to war termination that best reflects the constitutional values of the interdependence of the political branches, while checking interbranch rivalry and preserving the constitutional and foreign relations prerogatives of Congress and the President.

The “end of the war” is a topic that provokes anticipation and longing (from progressives), skepticism and dismissiveness (from realists), and worry and trepidation (from it’s-a-war-fight-it-like-one realists, but also from progressives fearing … ‘Meet the New Drone, Same as the Old Drone’).   Interest in the question ramped up at the end of 2012 with a speech by then-DOD General Counsel Jeh Johnson at the Oxford Union and the President’s speech at National Defense University in May 2013.  Politically, it’s not exactly a secret that the Obama administration would certainly like (or at least would have liked, given that current events have somewhat taken the froth off the cappuccino) to have been able to retire the AUMF by the end of the second term.  Or if not retire it, at least modify it in a way that could allow the administration to say plausibly that the armed conflict with AQ/AssForces [hmm ... ed.] had been won. Or, if not “won,” then at least “over,” to a sufficient extent that, whatever further engagements using the tools of hostilities the US undertook, those engagements would transition to some other legal authority, under new limitations law and policy.  This might still happen by the end of the term, but I doubt it. Read more »

In breaking news, the Department of Justice has announced charges against several Chinese Army personnel, accusing them of economic espionage—as Bobby noted earlier. The individuals are accused of stealing trade secrets from American companies including Westinghouse Electric, U.S. Steel, and Alcoa. The New York Times reports, as does the Washington Post.

Boko Haram still dominates the national security headlines. Adam Nossiter of the Times has a fascinating article describing the radicalization of Abubakar Shekau, the leader of the group.

Nigerian President Goodluck Jonathan isn’t having a lot of good luck these days—and he isn’t winning any PR battles either. Newspapers apparently erroneously reported that he was planning a visit to the town of Chibok, where most of the kidnapped schoolgirls hailed from. Mr. Jonathan was actually on his way to Paris to discuss the best way to find the girls and combat the Boko Haram threat with regional leaders. French President François Hollande organized the meeting, at which promises were made to “share intelligence and strengthen military cooperation.” There’s something we haven’t heard before.

Western powers are close to submitting a resolution to the United Nations Security Council to designate Boko Haram a terrorist group.

In other news, the Libyan government has ordered Islamist militias to take back control in Tripoli after forces loyal to a former Libyan general took over the legislature’s building, says the Associated Press. Former colonel Khalifa Haftar has been a strident critic of Libya’s current government and his attempt at a power grab could put the country on the brink of civil war. The Post has more details on the infighting between the militias. The BBC reports that a no-fly zone has been imposed over Benghazi.

The Wall Street Journal has the latest on the Pakistani government’s negotiations with the Pakistani Taliban. Which is to say, the latest on why it has stalled.

One Joseph E. Schmitz, former Pentagon inspector general, organized a private plan to arm moderate Syrian rebels. A Saudi prince even agreed to fund the weapons transfer, but the plan fell through when the CIA got wind of it.

As Wells noted on Friday evening, Judge Gladys Kessler has ordered the U.S. military to stop force feeding Syrian detainee Mujstafa Dhiab until after his hearing on Wednesday. Carol Rosenberg has what you need to know.

Amos Toh of NYU’s Brennan Center and David Barkey of the Anti Defamation League have an op-ed in the Post on Florida’s foreign law ban, recently signed into law by Gov. Rick Scott. They argue that blanket bans that forbid the use of foreign law in state courts “create a series of legal and practical problems for Americans from all walks of life,” and are “unnecessary.”

The Congressional Research Service has a new report this month on the different proposals to select FISA judges. These are “S. 1460, the FISA Judge Selection Reform Act, which would effectively shift authority to the chief judges of the circuit courts; H.R. 2761, the Presidential Appointment of FISA Court Judges Act, which would authorize the President to choose FISA judges with the advice and consent of the Senate; and H.R. 2586, the FISA Court Accountability Act, which would permit Members of Congress to select FISA judges.”

With James Comey now at the reins of the FBI, Michael S. Schmidt of the Times describes the Director’s, and the Bureau’s priorities—which some had hoped would signal more of a departure from his predecessor’s.

Ex-NSA Director Gen. Keith Alexander spoke to the New Yorker’s Mattathias Schwartz about a whole host of topics. Check out the excerpts from the interview.

Russian President Vladimir Putin has ordered his troops near the Ukraine border to return home. Again. NATO has said it hasn’t seen evidence of such a pullback. Again.

And again, you should email the Roundup Team noteworthy law and security-related articles to include, and follow us on Twitter and Facebook for additional commentary on these issues. Sign up to receive Lawfare in your inbox. Visit our Events Calendar to learn about upcoming national security events, and check out relevant job openings on our Job Board.

A remarkable development out of a grand jury in the Western District of Pennsylvania: five named members of the Chinese military have been indicted for economic cyberespionage.  Details from the DOJ press release follow:

WASHINGTON—A grand jury in the Western District of Pennsylvania (WDPA) indicted five Chinese military hackers for computer hacking, economic espionage and other offenses directed at six American victims in the U.S. nuclear power, metals and solar products industries.

The indictment alleges that the defendants conspired to hack into American entities, to maintain unauthorized access to their computers and to steal information from those entities that would be useful to their competitors in China, including state-owned enterprises (SOEs).  In some cases, it alleges, the conspirators stole trade secrets that would have been particularly beneficial to Chinese companies at the time they were stolen.  In other cases, it alleges, the conspirators also stole sensitive, internal communications that would provide a competitor, or an adversary in litigation, with insight into the strategy and vulnerabilities of the American entity.

…

Summary of the Indictment

Defendants:  Wang Dong, Sun Kailiang, Wen Xinyu, Huang Zhenyu, and Gu Chunhui, who were officers in Unit 61398 of the Third Department of the Chinese People’s Liberation Army (PLA).  The indictment alleges that Wang, Sun, and Wen, among others known and unknown to the grand jury, hacked or attempted to hack into U.S. entities named in the indictment, while Huang and Gu supported their conspiracy by, among other things, managing infrastructure (e.g., domain accounts) used for hacking.

Victims: Westinghouse Electric Co. (Westinghouse), U.S. subsidiaries of SolarWorld AG (SolarWorld), United States Steel Corp. (U.S. Steel), Allegheny Technologies Inc. (ATI), the United Steel, Paper and Forestry, Rubber, Manufacturing, Energy, Allied Industrial and Service Workers International Union (USW) and Alcoa Inc.

Time period: 2006-2014.

Crimes: Thirty-one counts as follows (all defendants are charged in all counts).

Count(s)	Charge	Statute	Maximum Penalty
1	Conspiring to commit computer fraud and abuse	18 U.S.C. § 1030(b).	10 years.
2-9	Accessing (or attempting to access) a protected computer without authorization to obtain information for the purpose of commercial advantage and private financial gain.	18 U.S.C. §§ 1030(a)(2)(C), 1030(c)(2)(B)(i)-(iii), and 2.	5 years (each count).
10-23	Transmitting a program, information, code, or command with the intent to cause damage to protected computers.	18 U.S.C. §§ 1030(a)(5)(A), 1030(c)(4)(B), and 2.	10 years (each count).
24-29	Aggravated identity theft.	18 U.S.C. §§ 1028A(a)(1), (b), (c)(4), and 2	2 years (mandatory consecutive).
30	Economic espionage.	18 U.S.C. §§  1831(a)(2), (a)(4), and 2.	15 years.
31	Trade secret theft.	18 U.S.C. §§ 1832(a)(2), (a)(4), and 2.	10 years.

 

Summary of Defendants’ Conduct Alleged in the Indictment

 

Defendant	Victim	Criminal Conduct
Sun	Westinghouse	In 2010, while Westinghouse was building four AP1000 power plants in China and negotiating other terms of the construction with a Chinese SOE (SOE-1), including technology transfers, Sun stole confidential and proprietary technical and design specifications for pipes, pipe supports, and pipe routing within the AP1000 plant buildings.Additionally, in 2010 and 2011, while Westinghouse was exploring other business ventures with SOE-1, Sun stole sensitive, non-public, and deliberative e-mails belonging to senior decision-makers responsible for Westinghouse’s business relationship with SOE-1.
Wen	SolarWorld	In 2012, at about the same time the Commerce Department found that Chinese solar product manufacturers had “dumped” products into U.S. markets at prices below fair value, Wen and at least one other, unidentified co-conspirator stole thousands of files including information about SolarWorld’s cash flow, manufacturing metrics, production line information, costs, and privileged attorney-client communications relating to ongoing trade litigation, among other things.  Such information would have enabled a Chinese competitor to target SolarWorld’s business operations aggressively from a variety of angles.
Wang and Sun	U.S. Steel	In 2010, U.S. Steel was participating in trade cases with Chinese steel companies, including one particular state-owned enterprise (SOE-2).  Shortly before the scheduled release of a preliminary determination in one such litigation, Sun sent spearphishing e-mails to U.S. Steel employees, some of whom were in a division associated with the litigation.  Some of these e-mails resulted in the installation of malware on U.S. Steel computers.  Three days later, Wang stole hostnames and descriptions of U.S. Steel computers (including those that controlled physical access to company facilities and mobile device access to company networks).  Wang thereafter took steps to identify and exploit vulnerable servers on that list.
Wen	ATI	In 2012, ATI was engaged in a joint venture with SOE-2, competed with SOE-2, and was involved in a trade dispute with SOE-2.  In April of that year, Wen gained access to ATI’s network and stole network credentials for virtually every ATI employee.
Wen	USW	In 2012, USW was involved in public disputes over Chinese trade practices in at least two industries.  At or about the time USW issued public statements regarding those trade disputes and related legislative proposals, Wen stole e-mails from senior USW employees containing sensitive, non-public, and deliberative information about USW strategies, including strategies related to pending trade disputes.  USW’s computers continued to beacon to the conspiracy’s infrastructure until at least early 2013.
Sun	Alcoa	About three weeks after Alcoa announced a partnership with a Chinese state-owned enterprise (SOE-3) in February 2008, Sun sent a spearphishing e-mail to Alcoa.  Thereafter, in or about June 2008, unidentified individuals stole thousands of e-mail messages and attachments from Alcoa’s computers, including internal discussions concerning that transaction.
Huang	Huang facilitated hacking activities by registering and managing domain accounts that his co-conspirators used to hack into U.S. entities.  Additionally, between 2006 and at least 2009, Unit 61398 assigned Huang to perform programming work for SOE-2, including the creation of a “secret” database designed to hold corporate “intelligence” about the iron and steel industries, including information about American companies.
Gu	Gu managed domain accounts used to facilitate hacking activities against American entities and also tested spearphishing e-mails in furtherance of the conspiracy.

We have discussed the manifold challenges of zero day vulnerabilities quite a lot on this blog – why they are central to the cybersecurity challenge, how their discovery is vital to both offensive and defensive postures in cybersecurity, optimal USG policy on stockpiling v. publishing and patching vulnerabilities, and the like.  One little discussed but important question in this vein is what policies the United States should pursue in regulating the global market in zero days.  This is an enormously complex question that combines all of the difficulties of clamping down on zero days with all of the difficulties of global governance.

Michele Golabek-Goldman of the Yale Law School and the Harvard Kennedy School has written what I believe is by far the best analysis of this question.  (Disclosure: I advised Michele on this paper.)  From her Executive Summary:

This report provides recommendations for mitigating the cybersecurity threat emanating from this global, unregulated market. It acknowledges the immense challenge of regulation and proceeds from the premise that eliminating dangerous Øday sales is virtually impossible. Such transactions are “intangible” and often anonymous, and determined buyers and sellers could frequently circumvent regulations. The threat of dangerous Øday sales to buyers seeking to deploy them for malicious purposes is also one of the most global threats that exist today. Øday discoverers, exploiters, purchasers, brokers, perpetrators, software vendors, and victims reside in nations throughout the world and therefore no single country can mitigate the threat acting alone. Due to the dual-use nature of Ødays, regulatory proposals should also be carefully circumscribed to encourage good-willed researchers who sell their discoveries to software vendors to continue to operate in order to augment global security. While acknowledging these challenges, this report proposes initial measures that would begin to mitigate the current threat, rendering it more difficult and costly to sell Ødays to those who seek us harm.

I formulated this report’s policy recommendations based on extensive secondary research and discussions with experts. The four key criteria that shaped this report’s recommendations are impact on national security and the economy, timeframe and political feasibility, low costs of compliance for industry, and balancing the vital need to safeguard U.S. national security with the need to garner international support for curbing indiscriminate Øday sales.

Michele makes these seven policy recommendations (which are explained and defended in detail in the paper, and some of which build on a previous essay with Paul Stockton):

• Use the carrots of the Support Anti-Terrorism by Fostering Effective Technologies Act of 2002 (“SAFETY Act”) to incentivize software developers to invest in stronger security.

• In order to raise the penalties and risks associated with indiscriminately selling dangerous Ødays, the international community should establish uniform export controls of these sales through the Wassenaar Arrangement on Export Controls for Conventional Arms and Dual-Use Goods and .

• The United States should collaborate with international partners to establish a cybersecurity task force on Øday sales modeled after the highly successful Financial Action Task Force on Money Laundering (“FATF”).

• Congress should amend the Computer Fraud and Abuse Act (“CFAA”) to criminalize indiscriminate sales of Ødays in conformity with the task force’s recommendations.

• Although the intangible nature of Øday transactions and anonymous characteristics of the market would make detection of prohibited sales on the underground market difficult, intelligence and law enforcement agents could overcome this challenge through global sting operations.

• In order to stem illicit Øday sales on the underground market, software vendors should offer more competitive prices for Ødays through competitive white hat bounty programs.

• The U.S. government should establish an independent panel, comprised of representatives from the software industry, cyber insurance industry, critical infrastructure industries, export control specialists, law enforcement, and other key stakeholders to review these recommendations before implementation.

Event Announcements (More details on the Events Calendar)

• Thurs, May 22 at 9:00 am: Bruce Riedel of the Brookings Institution hosts historian Kai Bird to talk about his new book The Good Spy: The Life and Death of Robert Ames. The talk will “examine the life and death of Robert Ames, how relations between the Arab world and West might have been different had he lived, and the lessons that can be learned from Ames’ personable, human approach toward intelligence and enduring foreign policy challenges.”

• Tues, May 22 at 2:00 pm: The Brookings Institution hosts John Carlin, recently-confirmed Assistant Attorney General for National Security at the Department of Justice, to give an address entitled “Tackling Emerging National Security Threats through Law Enforcement.” Mr. Carlin will describe how the DOJ is addressing and responding to the different types of emergent threats, such as those in the cyber arena, using law enforcement. Ben will lead and moderate the discussion.

Employment Announcements (More details on the Job Board)

• The Department of Justice’s National Security Division is looking for a Counterintelligence, Export Control, and Economic Espionage Chief. The application deadline is Tuesday, May 27, 2014.

• The International Committee of the Red Cross is looking for a Legal Intern in the International Humanitarian Law Department for the fall semester. The position is paid, and applications are due August 1st, 2014.

Recent flare-ups in the South China Sea, including provocative moves by China to put a huge oil rig in waters also claimed by Vietnam and the Philippines’ challenge to China over its maritime claims, have produced a lot of reporting on law of the sea, territorial legal disputes, and how disputed territorial claims in Asia could escalate. A few months back, so too did the U.S. dispute with China over military activities in its Exclusive Economic Zone.  Sunday’s New York Times now discusses how Russia’s annexation of Crimea could, by way of large corresponding zones in the Black Sea, give Russia claim to vast undersea resources, including fossil fuels. That latter possibility is especially interesting because it would come at the expense of Ukraine’s potential to become more energy independent of Russia and could offset over the long-term some of the economic cost to Russia of its aggressive moves.

Together, these various strands weave a larger one about international law (including law of the sea) and how states wage global resource competition, and they raise – but don’t yet answer – questions about how law can prevent this competition from turning into hot wars.

Keith Johnson has an online essay at Foreign Policy on the historical development of the law of the sea, relating current maritime claims in the South China Sea to British-Dutch imperial rivalries of the 1600s – and the influential legal writings that came out of them. He reminds readers that international law of the sea has, for centuries, been interpreted and used strategically by states to advance claims either for free navigation or for exclusive sovereignty, depending on their economic and security needs of the time.

On the current maritime disputes between China and its neighbors, my colleagues at the Council on Foreign Relations produced this very helpful set of backgrounders. The Wall Street Journal published an informative piece a couple of weeks ago comparing the disputes between China and the Philippines and Vietnam, and discussing Chinese political tactics in advancing its legal claims. A companion piece in the Journal discussed how the dangers of escalation between China and Vietnam are increased by rising nationalism in both countries and a failure to develop bilateral crisis-management protocols. Read more »

Editor’s Note: The conflict in Syria has attracted an unprecedented number of foreign fighters, with Muslims streaming in from the Arab world and Europe to take up arms against the regime of Bashar al-Asad. Mindful of the Afghanistan experience, where foreign fighters returning home from the anti-Soviet struggle often formed the nuclei of terrorist groups, governments are preparing for grim times ahead. Aaron Y. Zelin and Jonathan Prohov, researchers at the Washington Institute for Near East Policy, describe the many steps taken by governments around the world to guard against this potential danger and assess the implications for the United States.

***

Fears that foreign fighters traveling to Syria might return home once the conflict is over and engage in terrorism have prompted an unprecedented level of proactive measures by countries around the world. In the past, many countries only changed their laws after an attack occurred, but this time around many states are trying to get ahead of the issue.

Compared to the number of foreigners who fought against the United States in Iraq or the Soviets in Afghanistan, the number of foreigners fighting in Syria has exceeded both of those cases—and in less than half the time. Around 9,000 individuals from more than 80 countries have joined the fight against the Asad regime, with the majority coming from the Arab world and Western Europe. U.S. intelligence officials told the Los Angeles Times in February that at least 50 Americans had joined the fight in Syria, and FBI director James Comey recently stated that the number of Americans who had either traveled to Syria or tried to do so had grown by a few dozen since the beginning of 2014.

The United States was one of the first to designate Jabhat al-Nusra, Al Qaeda’s branch in Syria, as a terrorist organization. Some European Union (EU) countries, as well as Canada, Australia, and Britain, have followed suit. The United States has also used sting operations to stop individuals from joining the fight. Australia has used laws already on the books that allow it to revoke individuals’ passports to prevent its citizens from going to fight in Syria in the first place and to prevent those who have already gone from getting back into the country. In the EU, the Netherlands has banned certain individuals from returning home, used ankle bracelets to track those who have returned from Syria, and ruled that preparing to travel to Syria to participate in jihad is a crime. In Germany, three different Salafist organizations have been banned for providing recruitment networks for groups fighting in Syria, and one German official has proposed setting up a network of telephone hotlines and counseling centers to enable friends and relatives to report radicalized young men as a sort of early warning system. Some EU countries have also discussed cutting off individuals’ access to government benefits such as healthcare and other social services if they’ve participated in the jihad in Syria.

One way Britain has tried to combat the recruitment of its citizens is by removing recruitment material from the Internet. Between January and March 2014, Britain had 8,000 “takedowns” of online content—a sudden and dramatic increase, considering there were only 21,000 takedowns conducted over the previous four years combined. The Foreign and Commonwealth Office has also been putting money into a social media program aimed at deterring British citizens from traveling to Syria to fight. In addition, the British police recently announced that they will be partnering with charitable organizations in a campaign to prevent young people from going to Syria. As reported by The New York Times, “Officers plan to hand out leaflets at British ports warning of the risks of traveling to Syria, and officers plan to advise people who want to support humanitarian efforts in Syria to avoid traveling there and to donate to nonprofit organizations instead.” Just last week, the House of Commons Home Affairs Committee issued a detailed report recommending a number of new policy initiatives aimed at dealing with the returnee threat; these included revoking the passports of British citizens fighting in Syria, sending “spotters” to countries that border Syria to identify British citizens at risk of crossing the border to fight (a program currently used to track soccer hooligans in foreign countries), and coordinating with mental health practitioners to help returning fighters cope with the violence they’ve experienced. And according to The New York Times, the House of Lords on Monday “passed legislation that allows the government to strip terrorism suspects of their citizenship even if it renders them stateless.”

Britain’s counterparts in France launched a new counter-radicalization program in October 2013, and they recently announced an expansion of the program with 20 additional measures, including a plan to stop minors from leaving France without parental consent; increased surveillance of Islamist websites that recruit fighters; and, similar to the program proposed in Germany, a system to encourage parents to identify and report suspicious behavior in their children. Read more »

“At the Nexus of Public Policy and Cybersecurity: Some Basic Concepts and Issues.”

That’s the title of a new report co-edited by Herb Lin, chief scientist at National Research Council’s Computer Science and Telecommunications Board.  This week, Lin sat down with our own Ben Wittes.  Their engaging discussion, together with the report itself, offers an excellent primer on the day’s most pressing cyber concerns—and strongly suggests that policymakers haven’t yet begun to address them with sufficient urgency.  Enjoy.

Let’s start this week’s recap with posts related to targeting. Ashley talked about the role of consent in targeting non-Al Qaeda members in Yemen in the wake of new reports that the DOD might provide more military assistance to the Yemeni government. She advocates a more robust and transparent discussion about the role of consent to the use of force—particularly because Yemen is not shy about cooperating with the U.S. government on counterterrorism issues.

David Barron’s nomination to the First Circuit Court of Appeals has gotten in trouble because of targeting issues. Sen. Rand Paul is filibustering it. Ben was irritated about Sen. Paul’s “wrongheaded” op-ed on the matter.

Jack wrote a piece arguing that the reasons to transfer drone strikes from the CIA to DOD are incorrectly formulated, and that we need to be asking different questions.

Bobby pointed out that the responsibility for drone strikes has not been transferred from CIA to JSOC because of differences between the two organizations regarding quality control for the strikes.

Quality control is indeed important; apparently a drone almost collided with a commercial airliner, said Ben.

It was a light week for NSA news. I posted the latest tranche of FISC filings and 215 orders declassified by the ODNI. Glenn Greenwald’s new book No Place to Hide came out this week. Jack noted David Cole’s review of it. Paul also had an ironic tidbit about the relationship between the founder of eBay and Greenwald.

FISA reform enthusiasts: Be sure to check out Orin’s new draft article, forthcoming in the Virginia Law Review.

The ODNI released a memo clarifying the Obama administration’s new pre-publication review policy. Jack flagged it.

And Ben was at the Hoover Institution in California for a conference on “Intelligence Challenges” on Thursday. He wrote in and described one of the themes that has resurfaced repeatedly at the discussions, which he called “the intelligence legitimacy paradox.”

Remember Section 1039 of last year’s NDAA, which mandated that the Obama administration report to Congress on the legal rights of Guantanamo Bay detainees upon transfer to the United States? Well, the report has been delivered, and we now know what those rights would be, said Wells.

From Guantanamo also come two government filings in the Al Nashiri case, Wells announced.

Chief Justice Roberts might very well become the most important author of foreign relations opinions in the history of the Supreme Court, explained Ingrid. She also wrote that under his leadership, the Court has not deferred to the executive branch much in interpreting ambiguous treaties and statutes in foreign relations cases.

Philip Heymann responded to Michael German’s critique of his initial post on the FBI’s investigation of Tamerlan Tsarnaev.

John commented on the Samantar case before the Supreme Court. He believes “the Supreme Court should grant cert and reverse (or vacate and remand).”

Paul kept us more than abreast of the latest cyber news: He discussed the Washington Post story about the FBI looking to change outdated rules on obtaining a warrant when a computer’s physical location is unknown. He also directed readers to a new paper on cell phone surveillance, and the latest cyber and tech stories in “Bits and Bytes.”

Sama’a Al-Hamdani wrote this week’s Foreign Policy Essay about the vexing U.S.-Yemen relationship, and offered some thoughts on what the Yemeni government could do to better combat terrorism in its borders.

This week’s Lawfare Podcast featured Michael O’Hanlon and Jim Steinberg’s book launch at Brookings. The volume, Strategic Reassurance and Resolve: U.S.-China Relations in the Twenty-First Century, provides an overview of the  major military and security issues in the bilateral relationship, and outlines policy recommendations for both sides to adopt.

This week’s Steptoe Cyberlaw Podcast featured an interview with Chris Painter, the State Department’s Coordinator for Cyber Issues.

And that was the week that was.

That’s perhaps the most eye-catching feature of this just-issued preservation order from U.S. District Judge Gladys Kessler. It reads, in pertinent part:

On April 18, 2014, Petitioner Mohammed Abu Wa’el (Jihad) Dhiab filed an Application for Preliminary Injunction and an Immediate Order for Disclosure of Protocols Forthwith [Dkt. No. 203]. On May 2, 2014, the Court set a Motion Hearing on Petitioner’s Application for Preliminary Injunction for May 21, 2014. That Motion became fully briefed on May 12, 2014.

On May 13, 2014, Petitioner filed an Emergency Motion For Order Compelling Preservation of Evidence and Limited Discovery, by May 18, 2014, of Medical Records and Videotapes of Force-Feedings and Forcible Cell Extractions [Dkt. No. 217]. On May 15, 2014, the Government filed an Opposition to Petitioner’s Emergency Motion [Dkt. No. 219], and on May 16, 2014, Petitioner filed a Reply [Dkt. No. 220].

With the filing of Petitioner’s Emergency Motion, it has become apparent that his Application for Preliminary Injunction, despite being fully briefed, is simply not in a posture to be heard at the May 21, 2014, hearing set by the Court. Consequently, it is hereby

ORDERED, that the Motion Hearing set for May 21, 2014, shall be converted to a Status Conference at which the Government shall inform the Court when Petitioner’s medical records from April 9, 2013, to May 13, 2014, can be produced;and it is further

ORDERED, that the Government shall inform the Court at the May 21, 2014, status conference when all videotapes of Petitioner’s Forcible Cell Extractions for purposes of enteral feeding and all videotapes of Petitioner’s enteral feedings between April 9, 2013, and February 19, 2014, can be produced; and it is further

ORDERED, that Respondents shall preserve and maintain all relevant videotapes of Petitioner’s Forcible Cell Extractions for purposes of enteral feeding and all videotapes of Petitioner’s enteral feedings between April 9, 2013, and February 19, 2014; and it is further

ORDERED, that Respondents are TEMPORARILY RESTRAINED from any Forcible Cell Extractions of Petitioner for purposes of enteral feeding and any enteral feeding of Petitioner until May 21, 2014.

There are two: a cross-motion to hold Al-Nashiri’s habeas case in abeyance, pending resolution of his military commission trial at Guantanamo; and a legal memorandum setting forth the government’s arguments, both in support of its motion and in opposition to Al-Nashiri’s bid to have the habeas court preliminarily enjoin the commission.   You’ll find both here, along with other key pleadings we noted earlier.

From the legal memorandum’s opening:

Twice before Petitioner has brought—unsuccessfully—arguments virtually indistinguishable from those raised here, both in military commission proceedings, see AE 104F, Order ¶ 4 (Jan. 15, 2013) (Mem. in Supp. of Pet’r’s Mot. for Prelim. Inj., Attach. C), and in  federal court, al-Nashiri v. MacDonald, No. 3:11 cv-5907, 2012 WL 1642306 (W.D. Wash. May 10, 2012), affirmed, 741 F.3d 1002 (9th Cir. 2013). Notably, consistent with those previous results, every federal court that has been asked to enjoin ongoing prosecutions before a military commission convened pursuant to the Military Commission Acts of 2006 and 2009 has declined to short circuit the congressionally mandated process. Rather, each court has held that defendants appearing before these military commissions receive procedural protections and independent appellate review sufficient to protect their rights and, so, face no irreparable injury warranting enjoining an ongoing prosecution. Accordingly, each has abstained under the principles of Schlesinger v. Councilman, 420 U.S. 738 (1975). There is no reason for this Court to do otherwise.

Petitioner Abd Al-Rahim Hussein Muhammed Abdu Al-Nashiri is currently facing trial before a military commission on numerous charges, including murder in violation of the law of war, for his role in several al Qaida terrorist attacks, among them the 2000 bombing of the U.S.S. Cole in which 17 American sailors died. As part of that trial, he is entitled to argue—as he does here that his alleged offenses are not triable by military commission because they did not occur in the context of, or associated with, hostilities. If accepted by the commission—or, on appeal, by either the United States Court of Military Commission Review (“USCMCR”) or the Court of Appeals for the D.C. Circuit—Petitioner’s claims would require that the commission charges against him be dismissed. Consequently, this case falls squarely within the set of cases as to which Councilman instructs that the Court refrain from exercising its equitable jurisdiction. First, as with the military courts-martial system at issue in Councilman, Congress designed the military commission system to ensure the vindication of Petitioner’s rights through procedural protections that guarantee the fundamental fairness of the proceedings. Moreover, unlike the military defendant in Councilman, Petitioner is assured appellate review in an Article III court, the D.C. Circuit, if convicted. Second, the injury Petitioner faces—the burden of defending himself in a forum the jurisdiction of which he contests—is no different or greater than the rigors of trial faced by any criminal defendant, and is insufficient as a matter of law to justify a federal court’s intervention in an ongoing criminal prosecution. Finally, the issue that Petitioner asks this Court to resolve—whether the offenses with which he is charged occurred in the context of, or associated with, a conflict subject to the laws of war—concerns matters on which the military commissions—as the congressionally designated trial forum— possess expertise that can inform any subsequent appellate review in the D.C. Circuit. Congress intended that the military commissions resolve these issues in the first instance, a legislative allocation of responsibility that a federal court is bound in equity to respect. Abstention under Councilman, therefore, is required, and Petitioner’s Motion for Preliminary Injunction should be denied.

Further, because the issues raised in the proposed Supplemental Petition are identical to
those raised in Petitioner’s Motion for Preliminary Injunction, Petitioner’s prayer for relief in the Supplemental Petition would be futile. Therefore, Petitioner’s Motion to Supplement should be denied.

Finally, the same considerations that counsel this Court to abstain from exercising equitable jurisdiction to enjoin the military commission proceedings also counsel that it avoid  other proceedings that require resolution of issues that substantially overlap with issues central to (and thus that could potentially interfere with) Petitioner’s ongoing military commission proceedings. Respondents therefore respectfully move this Court to hold the habeas petition in abeyance, and stay all proceedings in this action, pending completion of the ongoing military commission proceedings against Petitioner and, should he be convicted, any subsequent appeals, as three other judges on this Court have done in similar circumstances.

A report from the cyber underground where most of my Lawfare colleagues don’t normally follow:  File this one as a delicious irony (or, if you prefer, a delightful irrationality).  Many will recall that back in 2010 when WikiLeaks first started releasing classified materials many of the financial intermediaries (Visa, Mastercard, Western Union and PayPal) started blocking donations to WikiLeaks.  In retaliation, hackers affiliated with Anonymous initiated DDoS attacks on those web sites.

Fourteen Anons were subsequently arrested for their actions, charged criminally, and pled guilty.  They are known in the blogosphere as the PayPal14.  Among other terms of sentence, they owe PayPal $80,000 in restitution.

PayPayl is owned by Pierre Omidyar, the founder of e-Bay.  Omidyar is also one of the funders of Firstlook.org, a new internet journalism organization that employs, among others, Glenn Greenwald.  So the irony, of course, is that the PayPal14 owe Omidyar money, yet he profits (they say) from the disclosures that WikiLeaks enabled.  As Raw Story reports, Anonymous is protesting the “profit” being made by Greenwald through his new book and Greenwald’s association with Omidyar who has not waived the restitution claim.  According to Raw Story, Greenwald could not be reached for comment.

And, in a further (unrelated) irony, Greenwald’s book is available for illegal download on Pirate Bay.  NOTE:  It probably is a copyright violation in the US, so don’t do it! :-)

HT: My Norwegian colleague …

I don’t always agree with Chris Soghoian, but he always has something interesting to say, and his new paper (co-authored with Stephanie Pell) touching on surveillance and national security is worth looking at.  The title gives you a good sense of it: Your Secret Stingray’s No Secret Anymore: The Vanishing Government Monopoly Over Cell Phone Surveillance and its Impact on National Security and Consumer Privacy.  Here’s the abstract:

In the early 1990s, off-the-shelf radio scanners allowed any snoop or criminal to eavesdrop on the calls of nearby cell phone users. These radio scanners could intercept calls due to a significant security vulnerability inherent in then widely used analog cellular phone networks: calls were not encrypted as they traveled over the air. In response to this problem, Congress, rather than exploring options for improving the security of cellular networks, merely outlawed the sale of new radio scanners capable of intercepting cellular signals, which did nothing to prevent the potential use of millions of existing interception-capable radio scanners. Now, nearly two decades after Congress passed legislation intended to protect analog phones from interception by radio scanners, we are rapidly approaching a future with a widespread interception threat to cellular communications very reminiscent of the one scanner posed in the 1990s, but with a much larger range of public and private actors with access to a much more powerful cellular interception technology that exploits security vulnerabilities in our digital cellular networks.

This Article illustrates how cellular interception capabilities and technology have become, for better or worse, globalized and democratized, placing Americans’ cellular communications at risk of interception from foreign governments, criminals, the tabloid press and virtually anyone else with sufficient motive to capture cellular content in transmission. Notwithstanding this risk, US government agencies continue to treat practically everything about this cellular interception technology, as a closely guarded, necessarily secret “source and method,” shrouding the technical capabilities and limitations of the equipment from public discussion, even keeping its very name from public disclosure. This “source and method” argument, although questionable in its efficacy, is invoked to protect law enforcement agencies’ own use of this technology while allegedly preventing criminal suspects from learning how to evade surveillance.

This Article argues that current policy makers should not follow the worn path of attempting to outlaw technology while ignoring, and thus perpetuating, the significant vulnerabilities in cellular communications networks on which it depends. Moreover, lawmakers must resist the reflexive temptation to elevate the sustainability of a particular surveillance technology over the need to curtail the general threat that technology poses to the security of cellular networks. Instead, with regard to this destabilizing, unmediated technology and its increasing general availability at decreasing prices, Congress and appropriate regulators should address these network vulnerabilities directly and thoroughly as part of the larger cyber security policy debates and solutions now under consideration. This Article concludes by offering the beginnings of a way forward for legislators to address digital cellular network vulnerabilities with a new sense of urgency appropriate to the current communications security environment.

Despite pressure from the international community to go away already, Syrian President Bashar al-Assad is calling for a June 3 presidential “election,” an idea UK Foreign Secretary William Hague blasted yesterday as a “parody of democracy.” So says BBC.

Eric Posner and Cass Sunstein argue in an article from 2007 that U.S. foreign relations law should be “Chevronized,” meaning that courts should defer to the executive branch in interpreting ambiguous treaties and statutes when international comity concerns are implicated. Curt Bradley had already argued in a 2000 article that Chevron deference should apply in foreign relations cases if a delegation of law-making power by Congress could be presumed or inferred. By contrast, Posner & Sunstein argue for deference even absent any inference of delegation.

Under the leadership of Chief Justice Roberts, the Court has undercut much of the Posner & Sunstein argument. In Kiobel v. Royal Dutch Petroleum and Morrison v. National Australia Bank, the Court did not defer to the views of the Executive Branch in determining whether to apply the presumption against extraterritoriality.   In Medellin, the government maintained that the treaty in question should be read as authorizing domestic implementation by the President, or at least that Congress had acquiesced to such implementation.   The Court not only disagreed with this argument, but held that by ratifying the treaty as implicitly non-self-executing, the Senate had also implicitly prohibited the President from making the treaty binding on domestic courts. On this weak basis, the Court went on to hold that the President’s actions belonged in category three of the Youngstown framework.

To be sure, the Roberts Court has at times explicitly relied on the Executive Branch’s fact finding, as in Munaf v. Geren, and its interpretation of treaties, as in Sanchez-Llamas, Abbott v. Abbott, and other parts of the Medellin opinion. Most recently in BG Group v. Republic of Argentina (involving a treaty to which the U.S. is not a party), however, the Court purportedly gave the Solicitor General’s interpretation of the treaty “respect” – and then ruled the other way.   The Chief Justice, dissenting, did not even mention the government’s views. And Medellin was a particularly significant blow for the Posner & Sunstein argument because it rejected the President’s claim of constitutional law-making power – reversing course from Garamendi – in tension with their claim that highly relevant “considerations of constitutional structure argue strongly in favor of deference to the executive.” Similarly, the Court’s decision in Zivitofsky v. Clinton scaled back the political question doctrine, application of which often favors the executive, as Posner & Sunstein note in support of their argument.

More fundamentally, Chief Justice’s dissenting opinion in FCC v. City of Arlington suggests that he is skeptical of broad deference to the Executive Branch, at least when the statutory basis for its authority is not clear.  Acknowledging that “Chevron importantly guards against the Judiciary arrogating to itself policymaking properly left, under the separation of powers, to the Executive,” he nonetheless emphasized the constitutional obligation of the court to “police the boundary between the Legislative and Executive” – an obligation potentially at odds with broad deference to the Executive Branch in interpreting congressional delegations to the President such as the AUMF, again counter to Posner & Sunstein.

All of this provides another reason to eagerly await the Court’s decision in Bond v. United States. If the government loses, which certainly seems possible based on the oral argument, it will cap off a terrible decade for the Executive Branch in foreign relations cases before the Supreme Court. It lost important Commander-in-Chief Clause and habeas cases (Boumediene v. Bush and Hamdan v. Rumsfeld (in which C.J. Roberts did not participate)).  It lost an Executive Branch law-making case in Medellin that looked like an easy win based on Garamendi.     The protections of the political question doctrine are at least partly gone, thanks to the Chief Justice’s Zivitofsky opinion, effectively gutting Baker v. Carr.  The Executive Branch’s unique abilities and needs – for speed, dispatch, deference, control of foreign policy – are all in apparent decline before the Court, especially in cases raising separation of powers issues.

How very unpleasant: Rand Paul announces, only semi-coherently, that he is filibustering David Barron’s First Circuit nomination. The statement reads:

“I’ve read David Barron’s memos concerning the legal justification for killing an American citizen overseas without a trial or legal representation, and I am not satisfied. While the President forbids me from discussing what is in the memos, I can tell you what is not in the memos.

There is no valid legal precedent to justify the killing of an American citizen not engaged in combat. In fact, one can surmise as much because the legal question at hand has never been adjudicated. Therefore, I shall not only oppose the nomination of David Barron, but will filibuster,” Sen. Paul said.

I have spent the day, which is not over yet in Palo Alto, at a conference at the Hoover Institution on “Intelligence Challenges.” The rules of the workshop, unfortunately, prohibit me from disclosing who is saying what—or even naming the individuals who are present, though the participants include significant intelligence community figures, civil libertarians, legislative leaders, military officers, and more than one senior diplomatic official. It’s a truly remarkable group.

And from the beginning of the day, one theme has arisen repeatedly: call it the “intelligence legitimacy paradox.”

The paradox, about which more than one speakers has wrung his or her hands, is that the threat environment America faces is growing ever more complicated and multifaceted, and the ability to meet it is growing ever-more-deeply dependent on first-rate intelligence. Yet at precisely the same time, the public has grown deeply anxious about our intelligence authorities and our intelligence community is facing a profound crisis of legitimacy over its basic authorities to collect.

The explanation for the paradox, I think, is simple: technology. The core reason the American threat environment is so complicated is the spread of technology. It’s what gives rise to global terrorist groups, to cyber threats, and it’s what allows relatively weak nations to play in the big leagues of international power politics. But at the same time, technological change is also the fundamental reason for the intelligence legitimacy crisis. The more ubiquitously communications technology spreads and the more integrated it all becomes globally, after all, the more that surveillance of the bad guys—in all their complexity—requires the intelligence community to surveil systems that we all use every day too. In other words, the same technologies that are making the threat picture more complicated, more diverse, and more bewildering are also bringing the intelligence process into closer day-to-day contact with people living their daily lives. These technologies also require intelligence agencies, to be effective, to touch giant volumes of material, most of which is utterly anodyne. The more the community does these things, as it must, the more people it offends and the more legitimacy problems it creates for itself.

Technology, in other words, is a coin with two sides—or maybe a die with many sides. It empowers the bad guys, multiplying threats. It also empowers the intelligence community to collect against the bad guys. But to do so, it requires that the intelligence community interact with a huge range of innocent communications too. And in the course of doing that, the community necessarily engages with technological infrastructure—and the individuals who use it—on bases that make people really uncomfortable and thus erodes the community’s legitimacy.

The paradox seems to me irresolvable unless we are maturely willing to live with either heightened risk or with robust intelligence authorities. Sometimes we do respond to new technologies by shrugging off risk; for example, we choose to live with ubiquitous guns despite the risks to innocents of a pervasively armed society—and we have for a long time. It may well be that we have to accept both more risk and more surveillance in the current environment. But we also should not expect legitimacy to come easily in this technological environment. The more deeply the community surveils infrastructure with which the public engages intimately, the more it will have to establish legitimacy in an ongoing and iterative fashion.

The other day both Bobby here and Ryan Goodman at Just Security here picked up on news reports that DOD may be willing to provide additional military cooperation (including logistics and direct fire capabilities) to the Yemeni government.

Ryan then takes the opportunity to ask: what type of force is the U.S. government undertaking in Yemen already? Is it only attempting to capture or kill “two dozen of al Qaeda’s most dangerous operatives, who are focused on attacking America and its interests,” as the NY Times reports? Or, as Ryan (and Long Wars Journal) suggest, is the USG already targeting (or directly helping Yemen target) low level fighters and commanders that pose serious security threats to the Yemenis?

It is troubling that we don’t – this many years down the road – have clear answers to those questions. But what also has been little discussed is the international legal basis for the United States to help Yemen target its own local enemies: consent to the use of force by the Yemeni Government.

I previously have written here about the role of consent to the use of force as an independent international legal basis for conducting lethal operations abroad. Though many recite consent as a sufficient international ground for one state to assist another state militarily, difficult and basically unresolved questions remain. What, exactly, can the host government consent to? How well (if at all) must the assisting state understand the host partner’s legal framework? What law of war or international human rights rules must the assisting state follow in working directly with the host state to engage in lethal force against the host’s enemies (as in a civil war)? Read more »

Back in February, I noted a provision tucked away in last year’s National Defense Authorization Act: Section 1039, which obligated the Administration to study and report back to the House and Senate Judiciary Committees on “the legal rights, if any, for which an individual detained at Guantanamo … if transferred to the United States, may become eligible, by reason of such transfer.”  In particular, the provision instructed the executive branch to examine the extent to which a transferred detainee might become eligible for: relief from removal pursuant to the Convention Against Torture; release from immigration detention, including pursuant to the Supreme Court’s Zadvydas v. Davis ruling; asylum or withholding of removal; or “any additional constitutional right.”

Today we learn, courtesy of this story by the New York Times’s Charlie Savage, that the Administration has submitted its answers to congressional overseers.  From the opening to the Administration’s report:

As required under section 1039, this report considers whether a Guantanamo detainee relocated to the United States could be eligible for certain forms of relief from removal or release from immigration detention or could have related constitutional rights.’ The analysis provided below demonstrates that existing statutory safeguards and executive and congressional authorities provide robust protection of the national security.

Historically, the courts have treated detainees held under the laws of war who are brought to the United States as outside the reach of the immigration laws. In addition to the relevant case law, Congress separately has the authority to expressly provide by statute that the immigration laws generally, or the particular forms of relief identified in section 1039(b)(1 )(A)-(C), are inapplicable to any Guantanamo detainees held in the United States pursuant to the Authorization for Use of Military Force (“AUMF”) as informed by the laws of war. The AUMF provides authority to detain these individuals within the United States and transfer them out of the United States. Assuming that detainees are held in the United States by the Department of Defense pursuant to the AUMF, and that the immigration laws do not apply to their detention or subsequent transfer abroad, Guantanamo detainees relocated to the United States would not have a right to obtain the relief described in section 1039(b)(1)(A)-(C).

Even in a scenario where a relocated Guantanamo detainee were in removal proceedings under the Immigration and Nationality Act (“INA”), there are numerous bars to the relief identified in section l039(b)(1)(A)-(C). As described in greater detail below, the INA and federal regulations include various bars to obtaining relief on national security and other grounds, and provide legal authority to hold a detainee in immigration detention pending removal. We are not aware of any case law, statute, or constitutional provision that would require the United States to grant any Guantanamo detainee the right to remain permanently in the United States, and Congress could, moreover, enact legislation explicitly providing that no such statutory right exists.