The Center for Human Rights and Privacy

In a May 28, 2015, response to a public records request, the Minnesota Department of Public Safety, Bureau of Criminal Apprehension (BCA), released an unredacted non-disclosure agreement with the Federal Bureau of Investigation (FBI). Despite releasing the unredacted NDA, the BCA still claims that portions of the Harris Corporation Terms and Conditions, descriptions of what it purchased and their prices are still exempt from disclosure:

It should be noted that portions of these documents have been redacted pursuant to Minnesota Statute 13.82, subd. 25 as they would reveal deliberative processes or investigative techniques of this agency that would disclose the existence of and the capabilities provided by cellular exploitation equipment to the public. Disclosure of the redacted portions of the documents would reveal sensitive technological capabilities possessed by the law enforcement community and may allow individuals who are the subject of investigation to employ countermeasures to avoid detection by law enforcement.

Credit goes to Rich Neumeister and the Minneapolis Star Tribune for forcing the Minnesota BCA to release a redacted NDA between the BCA and FBI in November 2014.

In this latest release, the BCA included unredacted and redacted versions of the NDA, entitled “Re: Acquisition of Wireless Collection Equipment/Technology and Non-Disclosure Obligations” and dated June 5, 2012.

The BCA also released an email from the FBI, advising it on how to prevent the NDA from being publicly disclosed.  That email from a Supervisory Special Agent at the FBI states,

Hello Andrew,

(U/LES) Thank you for talking with me yesterday about your pending disclosure request. As stated in our conversation, the protection of cell site simulator (CSS) information is a concern for all law enforcement agencies in the U.S. In light of the importance of the lawful usage of the CSS gear, my unit would like to assist you in protecting the data associated with the CSS gear from exposure to counter measures in criminal, terrorism, and foreign intelligence investigations. The first layer of protection for the CSS gear is the Non Disclosure Agreement (NDA), which your agency has signed in order to receive the CSS gear. From our conversation yesterday, my understanding is that you are being asked to disclosure all or part of the NDA. In order to clarify our position, I have attached a letter that the FBI has created for the purpose of articulating the law enforcement and legal support for protecting the NDA. We can send a signed copy of the letter to a government official, if you believe that will assist you in protecting the NDA. Please note that the letter is marked (LES).

(U/LES) In addition, you mentioned that the requestor has claimed that other disseminations of CSS information have appeared in the public view, which classifies them as “public record” pursuant to Minnesota’s laws, and therefore are subject to disclosure by your agency. When possible, would you be willing to send a sample of such information as we may be able to clarify the circumstances of the dissemination? Some disseminations may have been conducted unlawfully and therefore should not be considered “public record” or be subject to further authentication. In addition, we would like to be in a position to assist you in determining the scope and type of your pending response, so if we could set up a meeting with our FBI legal counsel and your office, that would be greatly appreciated.

A comparison of the redacted and unredacted versions of the NDA shows that the information redacted had nothing to do with the technical details or capabilities of the Harris Corporation equipment, but were mostly about preventing disclosure to the public, news media, and judicial system. One heavily redacted paragraphs states that the BCA should seek dismissal of a case in order to prevent disclosure of information about the Harris Corporation equipment. The document also redacted portions of FBI addresses, the name and division of the Assistant Director at the FBI, and the other signatories from the BCA. Here is the remaining text that was redacted in the NDA:

in press releases, in court documents, during judicial hearings, or during other public forums or proceedings

for the sale of the equipment/technology.

met the operator training standards identified by the FBI and’ are certified to conduct operations.

coordinate with the FBI in advance of its use of the wireless collection equipment/technology

the wireless collection equipment/technology or any software, operating manuals, or related technical documentation (including its technical/engineering descriptions) and capabilities)

concerning the wireless collection equipment/technology or any software) operating manuals, or related technical documentation (including its technical/engineering description(s) and capabilities)

wireless collection equipment/technology or any software, manuals, or related technical documentation

in any civil or criminal proceeding, use or provide any information concerning the Harris Corporation wireless collection equipment/technology, its associated software, operating manuals, and any related documentation (including its technical/engineering description(s) and capabilities) beyond the evidentiary results obtained through the use of the equipment/technology including, but not limited to, during pre-trial matters, in search warrants and related affidavits, in discovery, in response to court ordered disclosure, in other affidavits, in grand jury hearings, in the State’s case-in-chief, rebuttal, or on appeal, or in testimony in any phase of civil or criminal trial, without the prior written approval of the FBI. If the Minnesota Bureau of Criminal Apprehension learns that a District Attorney, prosecutor, or a court is considering or intends to use or provide any information concerning the Harris Corporation wireless collection equipment/technology, its associated software, operating manuals, and any related documentation (including its technical/engineering description(s) and capabilities) beyond the evidentiary results obtained through the use of the equipment/technology in a manner that will cause law enforcement sensitive information relating to the technology to be made known to the public, the Minnesota Bureau of Criminal Apprehension will immediately notify the FBI in order to allow sufficient time for the FBI to intervene to protect the equipment/technology and information from disclosure and potential compromise.

at the request of the FBI, seek dismissal of the case in lieu of using or providing, or allowing others to use or provide, any information concerning the Harris Corporation wireless collection equipment/technology, its associated software, operating manuals, and any related documentation (beyond the evidentiary results obtained through the use of the equipment/technology), if using or providing such information would potentially or actually compromise the equipment/technology. This point supposes that the agency has some control or influence over the prosecutorial process. Where such is not the case, or is limited so as to be inconsequential, it is the FBI’s expectation that the law enforcement agency identify the applicable prosecuting agency, or agencies, for inclusion in this agreement.

equipment/technology and any associated software, operating manuals, or related documentation (including its technical/engineering description(s) and capabilities)

in any news or press releases, interviews, or direct or indirect statements to the media.

wireless collection equipment/technology, its associated software, operating manuals, and any related documentation (including its technical/engineering description(s) and capabilities)

UPDATE: June 18, 2015 – It turns out that the Minnesota BCA accidentally released the unredacted NDA. And I thought that someone there had come to their senses.