In a speech today, President Obama announced he will “end the Section 215 bulk metadata program as it currently exists,” among other executive actions and proposals for Congress. Starting immediately, NSA analysts will only be able investigate individuals two degrees of separation, or “hops,” from its targets, rather than the previous three hops; the Attorney General will work with the Foreign Intelligence Surveillance Court (FISC) to ensure no queries are made without prior judicial approval. The President will direct the Attorney General and Director of National Intelligence to review many items, including storing metadata with telecom companies or a third party, and make recommendations before Congress considers reauthorizing the program in March.
The following statement may be attributed to TechFreedom President Berin Szoka:
The reforms announced today will certainly help address some of the greatest privacy concerns raised by U.S. surveillance. But the speech will probably be remembered most for the much-needed reforms it didn’t announce.
First, outsourcing the retention of call records to private companies is a fig leaf that conceals the real issue: the legal standard for access. The President would let the NSA access meta-data if it can establish “reasonable suspicion that a particular number is linked to a terrorist organization.” This standard is too low to protect the privacy of the innocent. In general, the Fourth Amendment requires a “probable cause” showing before a court may issue a warrant. The courts are struggling to address this issue based on a confusing series of 1970s cases about wiretapping. They seem to be moving, cautiously, to restoring the Founders’ understanding: there is one Fourth Amendment for all technologies, just as there is one First Amendment for all media. Until they do that, it’s up to Congress and the President to fix the problem.
Second, while the President made much about narrowing the purposes of U.S. surveillance of non-citizens, he didn’t actually promise any real changes about how that surveillance is conducted. This should trouble everyone everywhere, especially those who rely on American Internet companies. It’s bad news for those companies, who need the trust of their global user base. Failing to address international concerns will only help those trying to shut off cross-border data flows to U.S. companies. That would would spell the end of the Internet as an open, global platform and, ironically, facilitate surveillance by foreign governments with far fewer scruples.
Third, the President focused entirely on surveillance by national security agencies, saying nothing at all about the need for greater protections against law enforcement, from the IRS and DOJ to local prosecutors. That’s especially disappointing because, just last month, a Whitehouse.gov petition demanding a warrant requirement to protect cloud email services got well over 100,000 signatures. The White House has promised to respond to any petition that crossed that threshold. Today’s speech would have been the perfect opportunity to say, once and for all, that we need a consistent warrant requirement, an idea now supported by 169 Members of the House.
Szoka is available for comment at firstname.lastname@example.org. TechFreedom is a plaintiff in First Unitarian Church of Los Angeles v. NSA, a lawsuit challenging the phone collection program’s constitutionality. In 2011, TechFreedom opposed a bill to require ISPs to store user metadata, calling it a “digital dragnet.” TechFreedom has worked extensively to fight against government mass surveillance, while also explaining the need for Congress to reform the outdated 1986 Electronic Privacy Communications Act governing law enforcement access to private data.