Commentary

The Snowden Effect, Six Years On

Six years ago, the world was introduced to a previously unknown government contractor who revealed the National Security Agency (NSA) was conducting an unparalleled level of warrantless electronic surveillance. Edward Snowden’s explosive revelations about NSA’s telephone metadata collection program triggered an uproar at home and abroad, culminating in the 2015 passage of the USA Freedom Act—legislation that supporters claimed would “end” the kind of mass surveillance Snowden had exposed to the world.

During the debate over Snowden’s revelations, federal officials (including President Barack Obama) asserted the surveillance program had saved lives—going so far as to claim, without any evidence, that the program had foiled dozens of terrorist plots against the United States. And even after Obama’s own hand-picked review group found the telephone metadata program not worth it (as did the Privacy and Civil Liberties Oversight Board (PCLOB) in their report), Congress renewed the program in 2015 via the USA Freedom Act.

Supporters claimed the new legislation would effectively end the NSA bulk telephone metadata program. Others, including myself, felt the bill was somewhere between terrible and disastrous, because its reforms didn’t go far enough. Last year, critics who predicted that USA Freedom Act would not end NSA’s telephone bulk collection were, ironically, vindicated by the Office of the Director of National Intelligence, which admitted that in fact three times as much American telephone data was being collected than before the law’s enactment.

The USA Freedom Act expiration deadline is an opportunity to holistically address the wide range of these abuses, as well emerging technologies that further threaten the constitutional rights and privacy of all of us.

Amazingly, earlier this year NSA recommended to President Donald Trump that the telephone metadata program be terminated, claiming the program was too cumbersome to continue to execute and not worth the effort—a tacit admission that critics were right all along.

As it stands, the USA Freedom Act is set to expire on December 15 of this year. So, why not just let it die and move on? Because even if the USA Freedom Act expires, other vast—and in my view, unconstitutional—domestic surveillance powers and technologies will remain untouched and, in at least one case, completely unexamined publicly.

Executive Order 12333

Executive Order 12333, issued by President Ronald Reagan in 1981 and reissued by every administration since, is the governing federal regulation for overseas intelligence collection for the NSA and each of the other 16 agencies that comprise the U.S. Intelligence Community (IC). Until the establishment of the PCLOB in 2004, no element of the federal government had ever conducted a comprehensive examination of IC activities carried out under EO 12333.

But now, the PCLOB has conducted an investigation of the IC activities carried out under EO 12333, which is good news. However, the bad news is that the PCLOB is refusing to release the results of their investigation.

In a May 21 response to my Freedom of Information Act (FOIA) request, the PCLOB said that it had “determined that it is appropriate to withhold in full the Board’s completed Executive Order 12333 deep dive report pursuant to Exemption 1 of the FOIA, 5 U.S.C. § 552(b)(1). Exemption 1 protects from disclosure information that has been deemed classified ‘under criteria established by an executive order to be kept secret in the interest of national defense or foreign policy.’” (I am appealing the denial of my FOIA request.)

This lack of transparency is at odds with the PCLOB’s approach to its own NSA telephone metadata program report as well as its report on the controversial (and in my view, unconstitutional) Foreign Intelligence Surveillance Amendment Act (FAA) Section 702 program.

Interestingly, the PCLOB has agreed in principle to provide me correspondence in any form to or from the Board regarding alleged or actual violations of laws, regulations, or executive orders by any federal department or agency under the purview of the Board. Whether such violations involve activities carried out under EO 12333 is just one reason why the PCLOB report should be released. One thing we do know: NSA employees have in the very recent past violated EO 12333 to spy on innocent people.

Thanks to Sen. Chuck Grassley (R-Iowa), we know that between 2003 and 2013, NSA employees violated EO 12333, as well as federal statutes, by using NSA collection systems to spy on their current or former romantic partners, as well as other individuals—foreign nationals and American citizens.

According to a September 2013 NSA Inspector General letter to Grassley, two military members who committed violations were fined, reduced in rank, or received other administrative punishments under the Uniform Code of Military Justice. Most of the civilian employees implicated in other episodes were allowed to resign, including caseswhere criminal referrals were made to the Justice Department. To date, Grassley’s revelations about NSA employee abuses of power and technology granted them remain the only substantive, published insights available to the public on abuses committed under EO 12333.

EO 12333 covers overseas intelligence collection, but what’s often overlooked is that it’s not limited to non-Americans. In 2016, the State Department’s Bureau of Consular Affairs estimated that some 9 million Americans live overseas. Those expatriate Americans communicate with family, friends, business associates, and government agencies on a daily basis. In light of what Grassley uncovered and what Snowden exposed, it’s absolutely fair to ask—and imperative to determine publicly—the scope of potential compromises of the communications of American citizens by NSA or any other federal department or agency under EO 12333.

Disturbingly, the PCLOB is also withholding in full “responsive documents regarding refusal by a federal department or agency to provide information requested by the PCLOB pursuant to its oversight mission…” (I am appealing this denial as well.)

The PCLOB’s credibility as an oversight body rests in large part on its ability to get documents from NSA, FBI, CIA and any other IC element regarding activities that might infringe on the constitutional rights of Americans. If it is encountering resistance to its oversight efforts, the public should know who the culprits are and Congress should bring the offenders to heel by any available means.

To date, House Intelligence Committee Chairman Rep. Adam Schiff (D-Calif.), and his GOP counterpart Rep. Devin Nunes (R-Calif.) have shown far more interest in either attacking or defending Trump over the “Russiagate” affair than conducting serious oversight of the IC agencies. And while their Senate Intelligence Committee counterparts have feuded less publicly over Russian interference in the 2016 elections, they remain just as obsessed—and thus distracted—by the issue, at the expense of ongoing federal domestic surveillance excesses.

The USA Freedom Act expiration deadline is an opportunity to holistically address the wide range of these abuses, as well emerging technologies that further threaten the constitutional rights and privacy of all of us. Whether Congress has the will to do so is an open question.

Patrick Eddington is a research fellow at the Cato Institute, a former CIA analyst, and an ex-House senior staffer.