President Barack Obama once again fell short of taking any meaningful action on reining in the NSA surveillance programs or assuring that American’s right to privacy under the Fourth Amendment be protected. He made one of his predictable speeches that attempted to placate both critics and defenders, failing to actually do anything significant, all the while lecturing the public on history and expressing his offense that anyone would think that he had done an inadequate job or had enabled surveillance state policies. FDL’s Kevin Gosztola contrasted today’s speech with NSA director Gen. Keith Alexander’s statements to Congress and his inaugural address last year:
The narrative that Obama promoted in the part of his speech building up to announcement of reforms was starkly similar to what NSA director Gen. Keith Alexander has said when addressing members of Congress at hearings held in the aftermath of Snowden’s first disclosures. The narrative he used should make Americans even more skeptical of how substantive the changes to surveillance will be. [..]
One might remember that just about one year ago Obama gave an inaugural speech after his re-election where he said a “decade of war is now ending” and later described how Americans believe there is no need for “perpetual war.” But the very premise of Obama’s speech involved a demand to recognize the value of militarized surveillance and this militarization keeps the US on a permanent war footing putting civil liberties of Americans at risk so long as this footing is maintained.
Since there were such low expectations, Mike Masnick at Techdirt thought the announced reforms were more significant than expected but stopped short of fixing the actual problems:
- A judge will have to approve each query for data on the metadata collection from Section 215 of the PATRIOT Act.
- The “three hop” dragnet will be reduced down to two hops. That does, in fact, limit how far the NSA can search by quite a bit. That last hop is quite big.
- The NSA should no longer hold all of the data, meaning that the telcos will be expected to hold onto it (though, he leaves it up to Congress and the DOJ to figure out how to do this). He calls this a “transition” away from the Section 215 program, but that’s hardly clear.
- National Security Letters (NSLs) will no longer have an unlimited gag order on them. The Attorney General will need to set up guidelines for a time in which gag orders expire, with the possibility of extending them for investigations that are still ongoing.
- Companies will be given slightly more freedom to reveal data on the NSLs they get (though I don’t think he indicated the same thing for Section 702 orders…. which is a big concern).
- The Attorney General and the Director of National Intelligence will review annually FISC rulings to figure out what can be declassified.
- He promises to “work with Congress” to look at changes to the FISA court
- He is adding some very limited restrictions on spying on people overseas. It should only be used for actual counterterrorism/crime/military/real national security efforts.
- A State Department official will be in charge of handling “diplomacy issues” related to these changes on foreign spying.
- An effort will be started with technologists and privacy experts over how to handle “big data and privacy” in both the public and private sectors.
Marcy Wheeler at emptywheel addressed what the president does not consider abuse:
- The NSA spied on the porn and phone sex habits of ideological opponents, including those with no significant ties to extremists, and including a US person.
- According to the NSA in 2009, it had a program similar to Project Minaret – the tracking of anti-war opponents in the 1970s – in which it spied on people in the US in the guise of counterterrorism without approval. We still don’t have details of this abuse.
- When the NSA got FISC approval for the Internet (2004) and phone (2006) dragnets, NSA did not turn off features of Bush’s illegal program that did not comply with the FISC authorization. These abuses continued until 2009 (one of them, the collection of Internet metadata that qualified as content, continued even after 2004 identification of those abuses).
- Even after the FISC spent 9 months reining in some of this abuse, the NSA continued to ignore limits on disseminating US person data. Similarly, the NSA and FBI never complied with PATRIOT Act requirements to develop minimization procedures for the Section 215 program (in part, probably, because NSA’s role in the phone dragnet would violate any compliant minimization procedures).
- The NSA has twice – in 2009 and 2011 – admitted to collecting US person content in the United States in bulk after having done so for years. It tried to claim (and still claims publicly in spite of legal rulings to the contrary) this US person content did not count as intentionally-collected US person content (FISC disagreed both times), and has succeeded in continuing some of it by refusing to count it, so it can claim it doesn’t know it is happening.
- As recently as spring 2012, 9% of the NSA’s violations involved analysts breaking standard operating procedures they know. NSA doesn’t report these as willful violations, however, because they’ve deemed any rule-breaking in pursuit of “the mission” not to be willful violations.
- In 2008, Congress passed a law allowing bulk collection of foreign-targeted content in the US, Section 702, to end the NSA’s practice of stealing Internet company data from telecom cables. Yet in spite of having a legal way to acquire such data, the NSA (through GCHQ) continues to steal data from some of the same companies, this time overseas, from their own cables. Arguably this is a violation of Section 702 of FISA.
- NSA may intentionally collect US person content (including Internet metadata that legally qualifies as content) overseas (it won’t count this data, so we don’t know how systematic it is). If it does, it may be a violation of Section 703 of FISA.
No, Mr. President, this is not enough.