Tag: national security agency

Second Circuit Declares NSA’s Telephone Dragnet Unlawful

In a ruling certain to profoundly shape the ongoing debate over surveillance reform in Congress, the U.S. Court of Appeals for the Second Circuit today held that the National Security Agency’s indiscriminate collection of Americans’ telephone calling records exceeds the legal authority granted by the Patriot Act’s controversial section 215, which is set to expire at the end of this month.  Legislation to reform and constrain that authority, the USA Freedom Act, has drawn broad bipartisan support, but Senate Majority Leader Mitch McConnell has stubbornly pressed ahead with a bill to reauthorize §215 without any changes.  But the Second Circuit ruling gives even defenders of the NSA program powerful reasons to support reform.

McConnell and other reform opponents have consistently insisted, in defiance of overwhelming evidence, that the NSA program is an essential tool in the fight against terrorism, and that any reform would hinder efforts to keep Americans safe—a claim rejected even by the leaders of the intelligence community. (Talk about being more Catholic than the Pope!)  Now, however, a federal appellate court has clearly said that no amount of contortion can stretch the language of §215 into a justification for NSA’s massive database—which means it’s no longer clear that a simple reauthorization would preserve the program. Ironically, if McConnell is determined to salvage some version of this ineffective program, his best hope may now be… the USA Freedom Act!

The Freedom Act would, in line with the Second Circuit opinion, bar the use of §215 and related authorities to indiscriminately collect records in bulk, requiring that a “specific selection term,” like a phone number, be used to identify the records sought by the government.  It also, however, creates a separate streamlined process that would allow call records databases already retained by telephone companies to be rapidly searched and cross-referenced, allowing NSA to more quickly obtain the specific information it seeks about terror suspects and their associates without placing everyone’s phone records in the government’s hands.  If the Second Circuit’s ruling is upheld, NSA will likely have to cease bulk collection even if Congress does reauthorize §215.  That makes passage of the Freedom Act the best way to guarantee preservation of the rapid search capability McConnell seems to think is so important—though, of course, the government will retain the ability to obtain specific phone records (albeit less quickly) under either scenario.  With this ruling, in short, the arguments against reform have gone from feeble to completely unsustainable.

Mass Surveillance: From the War on Drugs to the War on Terror

At first glance, the USA Today headline seemed like many others in the nearly two years since Edward Snowden’s explosive revelations: U.S. secretly tracked billions of calls for decades. And while the program essentials were the same—the secret collection of the telephone metadata of every American– there were two key differences between this story and the hundreds before it on this topic. The offending government entity was the Drug Enforcement Administration, and the warrantless surveillance program was launched during the first Bush administration.

Justice Department officials told Reuters that, “All of the information has been deleted.”  “The agency is no longer collecting bulk telephony metadata from U.S. service providers.” However, DoJ provided no actual proof of the alleged data destruction, and the DoJ Inspector General only recently began an inquiry into the program. While it now seems fairly clear that the DEA’s “USTO” metadata collection program served as a model for the NSA telephony metadata program conducted under Sec. 215 of the PATRIOT Act, what is also clear is that Americans are now confronting a government surveillance apparatus that is truly vast. As Ryan Gallagher of The Intercept noted, this particular DEA mass surveillance program is just one of several undertaken by the agency over the past three decades.

How many other such programs exist at other federal agencies, whether inside or outside of the U.S. intelligence community? And how far back do such programs go? How many members of Congress knew, and for how long? Was this DEA program concealed from the agency’s inspector general for two decades, or did the IG simply fail to investigate the program year after year out of apathy or indifference?

If the past is any guide at all—and the surveillance scandals of the 1960s and 1970s are a very good guide—we are once again confronting a level of government over-reach that calls for a comprehensive, public accounting.

In is new book, Democracy in the Dark, former Church Committee chief counsel Fritz Schwartz notes that “…too much is kept secret not to protect America but to keep illegal or embarrassing conduct from Americans…the Church Committee also found that every president from Franklin Roosevelt to Richard Nixon had secretly abused their powers.” For the paperback edition of his book, Schwartz is going to have to add more American chief executives to his list.

June’s Cato Unbound: The Snowden Files, One Year Later

This month at Cato Unbound, we’re discussing Edward Snowden’s NSA revelations.

We mostly know the story, but it bears repeating: One year ago this week, Glenn Greenwald wrote a news story that would change the world forever. In it, we learned that the National Security Agency had been secretly collecting enormous amounts of telephone metadata on what were presumably ordinary American citizens. The agency had done so without a warrant and without suspicion of any indiviudal person. The revelation changed forever how Americans think about national security, privacy, and civil liberties in the digital age.

More revelations soon followed. Among many others, these included NSA surveillance of web activitymobile phone location data, and the content of email and text messages. The NSA also conducted many highly embarrassing acts of surveillance against allied or benign world leaders, including German Chancellor Angela Merkel and the conclave that recently elected Pope FrancisIt had subverted commonly used encryption systems. It had co-opted numerous tech companies in its plans. Its leaders had repeatedly lied to, or at the very least misled, the U.S. Congress

How far should surveillance go? What has been the value of the information gained? What have we given up in the process? What are the risks, should malign actors ever get their hands on the controls of the system?

We are able to ask these questions today because of one individual: Edward Snowden, a systems administrator for the NSA who chose to make public the information to which he had access. We have no choice now but to debate it. That’s simply what democracies do whenever such momentous information becomes public.

Joining us at Cato Unbound this month are four individuals with extensive knowledge in the fields of national security and civil liberties: Cato Senior Fellow Julian Sanchez, Brookings Institution Senior Fellow Benjamin Wittes, Georgetown University Professor Carrie F. Cordero, and independent journalist Marcy Wheeler. Each brings a somewhat different perspective on the matters at hand, and we welcome them all to what is sure to be a vigorous debate.

It’s Time to Break up the NSA

says security guru Bruce Schneier on CNN.com.

His brief, readable piece articulates the three distinct – and conflicting – missions the NSA now has, and how they should be handled. It’s no hit piece: Schneier calls NSA’s Tailored Access Operations group “the best of the NSA and … exactly what we want it to do.”

The generals who have built NSA into a fiefdom will fight tooth and nail against true reforms like these, of course, but they’re the kind of reforms we need. The most prominent measures under discussion are mere nibbles around the edges of the problem, or worse.

Good First Steps, But Real Surveillance Reform Will Require More

The president’s speech on surveillance today proposed some welcome first steps toward appropriately limiting an expanding surveillance state — notably, an end to the NSA’s bulk phone metadata program in its current form, and a recognition that judges, not NSA analysts, must determine whose records will be scrutinized.

The details are important, however. Obama’s speech left open the possibility that bulk collection might continue with some third party — which would in effect be an arm of government — as a custodian. If records are left with phone carriers, on the other hand, it’s important to resist any new legal mandate that would require longer or more extensive retention of private data than ordinary business purposes require.

It was disappointing, however, to see that many of the recommendations offered by Obama’s own Surveillance Review Group were either neglected or specifically rejected. While the unconstitutional permanent gag orders attached to National Security Letters will be time-limited, they will continue to be issued by FBI agents, not judges, for sensitive financial and communications records.

Nor did the president address NSA’s myopic efforts to degrade the security of the Internet by compromising the encryption systems relied on by millions of innocent users. And it is also important to realize that changing one controversial program doesn’t alter the broader section 215 authority, which can still be used to collect other types of records in bulk—and for all we know, may already be used for that purpose.

Most fundamentally, Congress must now act to cement these reforms in legislation — and to extend them —to ensure safeguards implemented by one president cannot be secretly undone by another.

How’s That Oversight Coming Along?

One of the claims made by defenders of NSA spying is that it’s overseen and approved by all three branches of the federal government.

Computer security expert Bruce Schneier provides some insight into how well congressional oversight is working in a short blog post entitled: “Today I Briefed Congress on the NSA.”

This morning I spent an hour in a closed room with six Members of Congress: Rep. Logfren, Rep. Sensenbrenner, Rep. Scott, Rep. Goodlate, Rep Thompson, and Rep. Amash. No staffers, no public: just them. Lofgren asked me to brief her and a few Representatives on the NSA. She said that the NSA wasn’t forthcoming about their activities, and they wanted me – as someone with access to the Snowden documents – to explain to them what the NSA was doing.

Many members of Congress have been derelict for years in not overseeing the National Security Agency. Now some members of Congress are asking questions, and they’re being stonewalled.

It’s the government so…

I suggested that we hold this meeting in a SCIF, because they wanted me to talk about top secret documents that had not been made public. The problem is that I, as someone without a clearance, would not be allowed into the SCIF.

Randy Barnett and I made the case last fall that the panels of judges who approve domestic spying under the Foreign Intelligence Surveillance Act should not be regarded as legitimate courts. Their use to dispose of Americans’ rights violates due process.

And the executive branch? Here’s President Obama: “I mean, part of the problem here is we get these through the press and then I’ve got to go back and find out what’s going on…”

How’s that tri-partite oversight coming along?

Ratifying NSA Spying, a Court Calls FISA ‘Courts’ Into Question

Two weeks ago, when D.C. District judge Richard Leon ruled that mass government surveillance of Americans’ telephone calling was likely unconstitutional, there was some well-poisoning about his opinion being “passionate.” The implication, of course, was that he was not being suitably judicial. The same could be said of this week’s ruling by Judge Pauley of the U.S. District Court in New York. When the first sentence intones: “The September 11th terrorist attacks revealed, in the starkest terms, just how dangerous and interconnected the world is,” and when the first citation is a “See generally” to the 9/11 Commission report, these are not signs that you’re about to get dispassionate application of law to facts.

Judge Pauley’s use of the 9/11 Commission report to argue that NSA data collection could have foiled the 9/11 plot is belied by the report’s clear statement with respect to Khalid Al-Mihdhar: “No one was looking for him.” (page 269) In our paper, “Effective Counterterrorism and the Limited Role of Predictive Data Mining,” Jeff Jonas and I detailed ways many of the 9/11 terrorists could have been found had anyone been looking. The argument that NSA spying would have prevented 9/11 is not a strong one.

But passions pitted against one another is just one of the symmetries between the two rulings. Judge Leon distinguished Smith v. Maryland. He believes that the Supreme Court case allowing the use of phone call information to convict a suspected burglar and obscene phone caller does not ratify the collection of phone calling information about every innocent American. Judge Pauley treated Smith v. Maryland as controlling. If one burglar in Baltimore doesn’t have a Fourth Amendment interest in his phone calling data, 200 million Americans don’t either. We have appeals to sort these things out, and Judge Pauley’s ruling makes it more likely that such an appeal will reach the Supreme Court, which is good.

The interesting thing in Judge Pauley’s ruling is ammunition he offers to critics of the panels of judges created by the Foreign Intelligence Surveillance Act. People often refer to them as the “Foreign Intelligence Surveillance Court” or “FISC.”

While the FISC is composed of Article III judges, it operates unlike any other Article III court. Proceedings in Article III courts are public. And the public enjoys a “general right to inspect and copy public records and documents, including judicial records and documents.” (citation omitted) “The presumption of access is based on the need for federal courts, although independent—indeed, particularly because they are independent—to have a measure of accountability and for the public to have confidence in the administration of justice.” (citation omitted)

Later, he writes:

The two declassified FISC decisions authorizing bulk metadata collection do not discuss several of the ACLU’s arugments. They were issued on the basis of ex parte applications by the government without the benefit of the excellent briefing submitted to this Court by the Governent, the ACLU, and amici curiae. There is no question that judges operate best in an adversarial system. “The value of a judicial proceeding … is substantially diluted where the process is ex parte, because the Court does not have available the fundamental instrument for judicial judgment: an adversary proceeding in which both parties may participate.” (citation omitted) … As FISA has evolved and Congress has loosened its individual suspicion requirements, the FISC has been tasked with delineating the limits of the Government’s surveillance power, issuing secret decision [sic] without the benefit of adversarial process. Its ex parte procedures are necessary to retain secrecy but are not ideal for interpreting statutes.

This echoes an argument Randy Barnett and I offered in our brief to the Supreme Court about NSA spying. These so-called ‘courts’ that administer NSA spy programs lack many of the hallmarks of a true court, and their use to dispose of rights that protect our privacy is a violation of due process.

There will be much more to come in the judicial path of the NSA spying debate. The legitimacy of FISA panels should be a part of that discussion.