2. Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act, § 215, October 26, 2001 (codified at 50 U.S.C. §1861).
3. 50 U.S.C. §1861(b)(2)(A).
4. Office of the Director of National Intelligence, “DNI Statement on Recent Unauthorized Disclosures of Classified Information,” June 6, 2013, http://www.dni.gov/index.php/newsroom/press-releases/191-press-releases-2013/868-dni-statement-on-recent-unauthorized-disclosures-of-classified-information.
5. Office of the Director of National Intelligence, “Newseum Special Program—NSA Surveillance Leaks: Facts and Fiction,” June 26, 2013 (statement of Robert Litt), http://www.dni.gov/index.php/newsroom/speeches-and-interviews/195-speeches-interviews-2013/887-transcript-newseum-pecial-program-nsa-surveillance-leaks-facts-and-fiction.
6. Privacy and Civil Liberties Oversight Board, “Report on the Telephone Records Program Conducted under Section 215 of the USA PATRIOT Act and on the Operations of the Foreign Intelligence Surveillance Court,” January 23, 2014, 81. See part II.B for the executive summary of this PCLOB report.
7. Ibid., 10.
8. President’s Review Group on Intelligence and Communications Technologies, “Liberty and Security in a Changing World,” December 12, 2013, 17–18. See part II.B for the executive summary of the Review Group’s report.
9. Glenn Kessler, “James Clapper’s ‘Least Untruthful’ Statement to the Senate,” New York Times, June 12, 2013, http://www.washingtonpost.com/blogs/fact-checker/post/james-clappers-least-untruthful-statement-to-the-senate/2013/06/11/e50677a8-d2d8-11e2-a73e-826d299ff459_blog.html.
10. James R. Clapper, interview with Andrea Mitchell, June 8, 2013, http://www.dni.gov/index.php/newsroom/speeches-and-interviews/195-speeches-interviews-2013/874-director-james-r-clapper-interview-with-andrea-mitchell.
11. Andy Greenberg, “NSA Chief Denies Wired’s Domestic Spying Story (Fourteen Times) in Congressional Hearing,” Forbes, March 10, 2012, http://www.forbes.com/sites/andygreenberg/2012/03/20/nsa-chief-denies-wireds-domestic-spying-story-fourteen-times-in-congressional-hearing/2/.
12. “Cybersecurity Threats to the U.S.,” C-SPAN, July 9, 2012, http://www.c-span.org/video/?306956-1/cybersecurity-threats-us.
13. Andrea Shalal-Esa, “Four-Star General in Eye of U.S. Cyber Storm,” Reuters, May 26, 2013, http://www.reuters.com/article/2013/05/26/us-cybersecurity-nsa-alexander-idUSBRE94P06S20130526.
14. James Goodale, “To Reform the NSA, Fire Officials Who Lie,” Guardian, September 25, 2013, http://www.theguardian.com/commentisfree/2013/sep/25/nsa-reform-fire-officials-lied.
15. Foreign Intelligence Surveillance Court, Memorandum Opinion (Judge John D. Bates), October 3, 2011, http://www.lawfareblog.com/wp-content/uploads/2013/08/162016974-FISA-court-opinion-with-exemptions.pdf; Foreign Intelligence Surveillance Court, Order (Judge Reggie B. Walton), March 2, 2009, http://www.dni.gov/files/documents/section/pub_March%202%202009%20Order%20from%20FISC.pdf. See part II.A for the FISC order from Judge Walton.
16. FISC, Order (Judge Reggie B. Walton), 6.
17. Brad Heath, “Justice Dept. Watchdog Never Probed Judges’ NSA Concerns,” USA Today, September 19, 2013, http://www.usatoday.com/story/news/nation/2013/09/19/nsa-surveillance-justice-opr-investigation/2805867/.
18. Going Dark: Lawful Electronic Surveillance in the Face of New Technologies. Testimony Before the Judiciary Committee, Subcommittee on Crime, Terrorism, and Homeland Security, House of Representatives, 112th Cong., 1st Sess. (February 17, 2011) (statement of Valerie Caproni, FBI general counsel), http://www.fbi.gov/news/testimony/going-dark-lawful-electronic-surveillance-in-the-face-of-new-technologies.
19. “Admit Nothing and Deny Everything,” The Economist, June 8, 2013, http://www.economist.com/news/china/21579044-barack-obama-says-he-ready-talk-xi-jinping-about-chinese-cyber-attacks-makes-one.
20. Ellen Nakashima, “Confidential Report Lists U.S. Weapons System Designs Compromised by Chinese Cyberspies,” Washington Post, May 27, 2013, http://www.washingtonpost.com/world/national-security/confidential-report-lists-us-weapons-system-designs-compromised-by-chinese-cyberspies/2013/05/27/a42c3e1c-c2dd-11e2-8c3b-0b5e9247e8ca_story.html.
21. Editorial, “China and Cyberwar,” New York Times, May 7, 2013, http://www.nytimes.com/2013/05/08/opinion/china-and-cyberwar.html?ref=stuxnet&_r=0.
22. Tim Walker, “’Positive’ US-China Summit Stumbles Over Cyber Security,” Independent (London), June 9, 2013, http://www.independent.co.uk/news/world/americas/positive-uschina-summit-stumbles-over-cyber-security-8651256.html.
23. Kelvin Chan, “Leaker Snowden Alleges NSA Hacking on China, World,” South China Morning Post, June 18, 2013, http://www.scmp.com/news/hong-kong/article/1260074/leaker-snowden-alleges-nsa-hacking-china-world.
24. Kurt Eichenwald, “How Edward Snowden Escalated Cyber War with China,” Newsweek, November 1, 2013, http://www.newsweek.com/how-edward-snowden-escalated-cyber-war-1461.
25. David E. Sanger and Nicole Perlroth, “N.S.A. Breached Chinese Servers Seen as Security Threat,” New York Times, March 22, 2014, http://www.nytimes.com/2014/03/23/world/asia/nsa-breached-chinese-servers-seen-as-spy-peril.html?_r=0.
26. David E. Sanger and Thom Shanker, “N.S.A. Devises Radio Pathway into Computers,” New York Times, January 14, 2014, http://www.nytimes.com/2014/01/15/us/nsa-effort-pries-open-computers-not-connected-to-internet.html.
27. “Inside TAO: Documents Reveal Top NSA Hacking Unit,” Der Spiegel, December 29, 2013, http://www.spiegel.de/international/world/the-nsa-uses-powerful-toolbox-in-effort-to-spy-on-global-networks-a-940969.html.
28. Ibid.
29. Michael Riley, “How the U.S. Government Hacks the World,” Businessweek, May 23, 2013, http://www.businessweek.com/articles/2013-05-23/how-the-u-dot-s-dot-government-hacks-the-world.
30. Ryan Gallagher and Glenn Greenwald, “How the NSA Plans to Infect ‘Millions’ of Computers with Malware,” The Intercept, March 12, 2014, https://firstlook.org/theintercept/article/2014/03/12/nsa-plans-infect-millions-computers-malware/. Part II.A contains NSA slides that illustrate use of the TURBINE system.
31. Sanger and Shanker, “N.S.A. Devises Radio Pathway into Computers.”
32. Jack Goldsmith, “The NYT on NSA’s Huawei Penetration (UPDATED),” Lawfare Blog, March 22, 2014, http://www.lawfareblog.com/2014/03/the-nyt-on-nsas-huawei-penetration/.
33. Quoted in Sanger and Shanker, “N.S.A. Devises Radio Pathway into Computers.”
34. Sanger and Perlroth, “N.S.A. Breached Chinese Servers Seen as Security Threat.”
35. Jack Goldsmith, “Why the USG Complaints Against Chinese Economic Cyber-Snooping Are So Weak,” Lawfare Blog, March 25, 2013, http://www.lawfareblog.com/2013/03/why-the-usg-complaints-against-chinese-economic-cyber-snooping-are-so-weak/#.UtZzldJDuSo.
36. Jack Goldsmith, “More Questions About the USG Basis for Complaints about China’s Cyber Exploitations,” Lawfare Blog, May 30, 2013, http://www.lawfareblog.com/2013/05/more-questions-about-the-usg-basis-for-complaints-about-chinas-cyber-exploitations/.
37. Eichenwald, “How Edward Snowden Escalated Cyber War with China.”
38. Quoted in Sanger and Perlroth, “N.S.A. Breached Chinese Servers Seen as Security Threat.”
39. Ibid.
40. Quoted in Eichenwald, “How Edward Snowden Escalated Cyber War with China.”
41. Quoted in ibid.
42. Eric Linton, “NSA Bugged United Nations Headquarters in New York, Der Spiegel Reports,” International Business Times, August 25, 2013, http://www.ibtimes.com/nsa-bugged-united-nations-headquarters-new-york-der-spiegel-reports-1398203.
43. Timothy M. Phelps and Julie Makinen, “U.S. Indicts Five Chinese Military Officials on Cyberspying Charges,” Los Angeles Times, May 19, 2014, http://www.latimes.com/business/la-fi-china-cyberspying-justice-20140520-story.html#page=1. See part II.A for the FBI “Wanted” poster for these individuals.
44. Worldwide Threat Assessment of the US Intelligence Community. Test
imony Before the Senate Select Committee on Intelligence, Washington, D.C. (March 12, 2013) (statement of James R. Clapper, director of national intelligence), http://www.intelligence.senate.gov/130312/clapper.pdf.
45. Anna Mulrine, “Top 3 Threats to the United States: The Good and Bad News,” Christian Science Monitor, March 13, 2013, http://www.csmonitor.com/USA/Military/2013/0313/Top-3-threats-to-the-United-States-the-good-and-bad-news/Cyberwarfare.
46. White House, Improving Critical Infrastructure Cybersecurity (Executive Order), February 12, 2013, §1, http://www.whitehouse.gov/the-press-office/2013/02/12/executive-order-improving-critical-infrastructure-cybersecurity.
47. National Institute of Standards and Technology, “Framework for Improving Critical Infrastructure Cybersecurity (Version 1.0),” February 12, 2014.
48. Executive Order on Improving Critical Infrastructure Cybersecurity, §8.
49. Ibid., §8(c).
50. Ibid., §10.
51. “Secret Documents Reveal N.S.A. Campaign Against Encryption,” New York Times, September 5, 2013 (analyzing NSA 2013 budget request), http://www.nytimes.com/interactive/2013/09/05/us/documents-reveal-nsa-campaign-against-encryption.html?_r=0.
52. David Talbot, “Bruce Schneier: NSA Spying Is Making Us Less Safe,” MIT Technology Review, September 23, 2013, http://www.technologyreview.com/news/519336/bruce-schneier-nsa-spying-is-making-us-less-safe/.
53. United States v. Miller, 425 U.S. 435, 440, 442–443 (1976).
54. Smith v. Maryland, 442 U.S. 735, 743 (1979).
55. United States v. Leon, 468 U.S. 897 (1984); United States v. Calandra, 414 U.S. 338, 354 (1974); Walder v. United States, 347 U.S. 62 (1954).
56. “U.S. Confirms Warrantless Searches of Americans,” USA Today, April 2, 2014, http://www.usatoday.com/story/news/politics/2014/04/01/us-confirms-warrantless-searches-nsa/7176749/; Edward Moyer, “NSA Taps into Google, Yahoo Clouds, Can Collect Data ‘at Will,’ says Post,” CNET, October 30, 2013, http://www.cnet.com/news/nsa-taps-into-google-yahoo-clouds-can-collect-data-at-will-says-post/; James Risen and Laura Poitras, “N.S.A. Gathers Data on Social Connections of U.S. Citizens,” New York Times, September 28, 2013, http://mobile.nytimes.com/2013/09/29/us/nsa-examines-social-networks-of-us-citizens.html; Glenn Greenwald and James Ball, “The Top Secret Rules that Allow NSA to Use US Data without a Warrant,” Guardian, June 20, 2013, http://www.theguardian.com/world/2013/jun/20/fisa-court-nsa-without-warrant.
57. Fred H. Cate, James X. Dempsey, and Ira S. Rubinstein, “Systematic Government Access to Private-Sector Data,” International Data Privacy Law 2, no. 4 (2012): 195–99.
58. U.S. Department of Defense, Technology and Privacy Advisory Committee, “Safeguarding Privacy in the Fight Against Terrorism” (March 2004), 5–6.
59. National Academy of Sciences, Committee on Technical and Privacy Dimensions of Information for Terrorism Prevention and Other National Goals, Protecting Individual Privacy in the Struggle Against Terrorists: A Framework for Program Assessment (Washington, D.C.: National Academies Press, 2008).
60. Riley v. California, 134 S.Ct. 2473 (June 25, 2014).
3
From Passivity to Eternal Vigilance:
NSA Surveillance and Effective Oversight of
Government Power
LEE H. HAMILTON
Like most Americans, I cherish privacy on personal matters, and I do not like it when my privacy is invaded. But the threats against our country and the vulnerabilities of our government are real and need to be taken seriously. Our government has legitimate reasons to monitor cyberspace for national security and foreign policy reasons. Our democracy needs intelligence agencies that operate with a fair amount of secrecy. The disclosures made by Edward Snowden, however, demonstrate we have not had nearly the checks and balances on programs of the National Security Agency that we should have had and will need in the future. NSA surveillance programs should not be abolished; they are a vital national security tool. But they must be reformed and made subject to active, sustained oversight by Congress and the courts in order to ensure that such programs serve our national interests and keep faith with the privacy and civil liberties of the American people.
Extensive Capabilities, Expansive Power
Snowden’s leaks have helped us understand the extent of the surveillance. It is astounding. The capabilities of the intelligence community to learn what we are doing have knocked our socks off! The government gathers an enormous amount of data about you and all Americans. With each leak we learned more about how much the government does and knows. It has for years collected, and can to this day log, metadata on every phone call made by every American. It gains access to e-mail and instant messaging contact lists. In some cases, the government gathers the content of e-mail communications sent by and between citizens of the United States. The government can scan messages Americans send or receive from overseas. Every time we use an electronic device to communicate brings us potentially into the scope of NSA surveillance. Millions of Americans, who have done nothing wrong and have no connection to terrorism or foreign governments, are being watched.
What the NSA has done is flip the traditional way of gathering intelligence. This approach involved collecting information about identified people believed to pose threats to U.S. national security or foreign policy interests. Now the NSA gathers data on large numbers of people in massive amounts and applies the mind-boggling capabilities of the intelligence community to sift through all the data looking for links to terrorism or other threats. But all this metadata and data can reveal a great deal about the personal behavior of people who pose no security problems. These intelligence activities in the world of digital data—a world we are going to be living in for the rest of our lives—require justification because they represent a massive extension of government power without precedent in the modern era.
What does the government say about all of this? The government believes its expansive power to monitor and conduct surveillance is necessary to protect your safety and the security of the country. It claims that collecting all this data is necessary to prevent terrorism. It asserts that the programs have been effective in preventing terrorist acts. It argues that the manner in which it exercises this power must be kept secret because any leaks—even revealing the mere existence of surveillance programs—will benefit our adversaries and cause significant harm to the United States. Government officials say, “Trust us. We can deal with these matters and protect you.”
To some, this approach is comforting. For others, it is worrying. I am worried. The activities, capabilities, and power of the NSA have expanded much faster than its judgment. Its technology has outrun its policy. The operating principle seems to be that if the intelligence community has the technical ability to gather information, it ought to do so. Government officials have argued that the safeguards NSA programs have are quite extensive and adequately protect the public. These checks, however, are currently dominated by the executive branch and have proved inadequate for this kind of government power.
The Government’s Track Record Exercising This Power
We have evidence that reinforces skepticism about executive branch oversight of its secret activities. The amount of misinformation from the government on surveillance programs has simply been astounding and appalling. The director of national intelligence told Congress the government was not collecting data on millions of Americans. I am still waiting for the attorney general to indict him for a clear-cut case of perjury. The Foreign Intelligence Surveillance Court (FISC) found NSA programs to be operating in violation of the law and NSA information to be misleading. The NSA itself uncovered thousands of violations of its rules. Claims about the effectiveness of NSA surveillance programs have proven inaccurate or, given the lack of transparency, impossible to verify or assess.
Until Snowden, all this was unknown to the American people because of the secrecy surrounding these activities. In the wake of the leaks, the Obama administration stated it welcomes public
debate, but it did nothing on its own initiative to enable a debate before Snowden. And, concerning the leaks, time and again the administration refused to be transparent and provided misstatements about the surveillance efforts.
Despite pushing back in some contexts, judicial oversight by the FISC has largely consisted of a deferential, secret, and unchallenged body of law that supported the expansion of government power. Incredibly, the FISC has repeatedly signed off on an expedient stretching of the USA PATRIOT Act, thus permitting collection of metadata on essentially all Americans.
Legislative oversight by Congress has been no better. I am astounded that members of Congress were informed over a period of many years about the NSA programs—and the enormous expansion of staggering government power it entails—and failed to see the urgent need for public debate, especially during a time when skepticism about government has been high in almost all other matters. Members of the House Select Intelligence Committee, on which I once served, even failed to distribute information from the executive branch on NSA activities to other House members. Congress did not enact the Foreign Intelligence Surveillance Act (FISA) and the USA PATRIOT Act to give the government boundless surveillance powers that would sweep up data on millions of innocent Americans.
Congressional passivity shows that members of Congress are too often captivated, captured, and seduced by representatives of the intelligence community they are supposed to be supervising. I know how good, how persuasive, and how patriotic officials in the intelligence community are.
The executive branch’s management of our foreign intelligence activities also deserves criticism. Our aggressive espionage has unnecessarily damaged our relations with friendly and allied nations and put their leaders in politically difficult situations. What appears to be out-of-control snooping on foreign leaders should not happen. The United States must engage in foreign intelligence, sometimes even against our allies. But we cannot proceed on the basis that our spying is necessary or appropriate simply because we can technologically do it. This type of arrogance undercuts the real sources of our power. Our spy network and its activities must be subject to greater scrutiny, heightened sensibility about political context, and limits.
The Snowden Reader Page 8