Risk
8/7/2013
05:08 PM
Connect Directly
RSS
E-Mail
50%
50%

DEA, NSA Teamwork: 6 Privacy Worries

Government agents investigating criminal cases reportedly are tapping into NSA-furnished intelligence. Legal experts cry foul.

3. Scope Creep: Welcome To The Surveillance State.

Privacy and civil rights groups have responded to the revelations over the DEA's SOD unit by asking what protections are in place to review whether that information sharing is appropriate or legal.

"Last month, I wrote about the potential for mass surveillance mission creep: the tendency for the vast NSA surveillance apparatus to be used for other, lesser, crimes," said Schneier, who joined the board of directors of privacy rights group Electronic Frontier Foundation in the wake of details about Prism and other NSA surveillance programs being made public. "My essay was theoretical, but it turns out to be already happening."

4. Lack Of Surveillance Oversight: Secrets Within Secrets.

Of course, intelligence programs are often justified as being a necessary evil, and their workings guarded from public scrutiny, lest the information help foreign intelligence agents avoid counterespionage efforts. But what happens when the fruits of a country's intelligence programs are directed at its own citizenry, and government agents then lie about how they obtained the information?

"I have never heard of anything like this at all," Nancy Gertner, a Harvard Law School professor who served as a federal judge from 1994 to 2011, told Reuters. "It is one thing to create special rules for national security," she said. "Ordinary crime is entirely different. It sounds like they are phonying up investigations."

5. DEA Agents Told To Stay Quiet.

"Remember that the utilization of SOD cannot be revealed or discussed in any investigative function," said a DEA document obtained by Reuters. Accordingly, the document instructed agents to pursue "parallel construction," which involves working backward to justify the need for an investigation using other means. Or, in the parlance of the DEA document, agents are advised to use "normal investigative techniques to recreate the information provided by SOD."

According to numerous legal experts, using parallel construction might be legal for demonstrating probable cause; for example, to obtain a warrant. But not disclosing where the evidence was originally obtained might violate pretrial rules designed to ensure that defendants are granted access to all evidence that might be used against them in court -- and which might help them prove their innocence.

"The DEA is violating our fundamental right to a fair trial," said Ezekiel Edwards, director of the ACLU's criminal law reform project, in a statement. "When someone is accused of a crime, the Constitution guarantees the right to examine the government's evidence, including its sources, and confront the witnesses against them. Our due process rights are at risk when our federal government hides and distorts the sources of evidence used as the basis for arrests and prosecutions."

6. NSA Programs Still On Shaky Legal Grounds.

The DEA's use and distribution of evidence gleaned from intelligence dragnets -- and then disguising its origins -- has legal experts further up in arms precisely because the legality of the dragnets themselves remains an open question. Although White House officials have said that the programs fully comply with the Patriot Act, as well as the Foreign Intelligence Surveillance Act (FISA), which is overseen by the Foreign Intelligence Surveillance Court (FISC), legislators aren't so sure.

"I am extremely disturbed by what appears to be an overbroad interpretation of the Act," said Rep. James Sensenbrenner (R-Wis.), the author of the Patriot Act, in a letter he sent to Attorney General Eric Holder in June. Holder, of course, leads the Department of Justice, which is now investigating the DEA's use of that intelligence. According to documents leaked by Snowden, Holder also signed a secret 2009 memorandum laying out the minimization procedures that NSA analysts needed to use to help them avoid spying on American citizens.

Previous
2 of 2
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Cara Latham
50%
50%
Cara Latham,
User Rank: Apprentice
8/8/2013 | 5:30:28 PM
re: DEA, NSA Teamwork: 6 Privacy Worries
If the DEA is reverse-engineering the evidence trail for its own causes, then what is to stop other governmental and law enforcement agencies from tapping NSA data to do the same? These legal/privacy issues really need to be addressed.
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-1544
Published: 2014-07-23
Use-after-free vulnerability in the CERT_DestroyCertificate function in libnss3.so in Mozilla Network Security Services (NSS) 3.x, as used in Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7, allows remote attackers to execute arbitrary code via vectors that trigger cer...

CVE-2014-1547
Published: 2014-07-23
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVE-2014-1548
Published: 2014-07-23
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 31.0 and Thunderbird before 31.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVE-2014-1549
Published: 2014-07-23
The mozilla::dom::AudioBufferSourceNodeEngine::CopyFromInputBuffer function in Mozilla Firefox before 31.0 and Thunderbird before 31.0 does not properly allocate Web Audio buffer memory, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and applica...

CVE-2014-1550
Published: 2014-07-23
Use-after-free vulnerability in the MediaInputPort class in Mozilla Firefox before 31.0 and Thunderbird before 31.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) by leveraging incorrect Web Audio control-message ordering.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Sara Peters hosts a conversation on Botnets and those who fight them.