The Snowden Reader
Page 40
The bill was criticized by many in Congress and by civil liberties groups for not going far enough. In the Senate, Senator Patrick Leahy sponsored a version of the bill that contained stronger privacy protections, but, in November 2014, the Senate failed to bring this bill to a vote. In June 2014, the House approved an amendment to the defense appropriations bill for fiscal year 2015 prohibiting use of appropriated funds for two much-criticized NSA activities—so-called “backdoor” searches of information on a U.S. person gathered incidentally under Section 702 of FISA and U.S. government mandates that telecommunications companies alter their products and services to permit electronic surveillance. These House amendments were not included in the national defense appropriations act for fiscal 2015 passed by the House and Senate in December 2014. Failure of the USA FREEDOM Act in the Senate and removal of the House amendments from the final defense appropriations bill meant that, as of this writing, legislative reform of NSA surveillance activities has not occurred.
TITLE I—FISA BUSINESS RECORD REFORMS
Sec. 101—Additional requirements for call detail records. On March 27, 2014, President Obama announced the need for legislation to reform the NSA’s telephone metadata program. To that end, the Act preserves traditional operational capabilities exercised by the government to collect foreign intelligence information under Section 501 of FISA [i.e., Section 215 of the USA PATRIOT Act]. In addition, the Act prohibits the bulk collection of any business records under Section 501. The Act also creates a new, narrowly-tailored mechanism that prevents bulk collection of telephone metadata by the government but also preserves the government’s ability to search telephone metadata for possible connections between foreign powers or agents of foreign powers and others, as part of an authorized investigation to protect against international terrorism and with the additional safeguards proposed by the President.
Under the Act, if the government can demonstrate a reasonable, articulable suspicion that a specific selection term is associated with a foreign power or an agent of a foreign power, the FISA court may issue an order for the production of call detail records created on or after the request for production and held by telephone companies in the normal course of business. The government may require the production of up to two “hops”—i.e., the call detail records associated with the initial seed and the call detail records associated with the records returned in the initial “hop.” The prospective collection of call detail records (i.e., those created “after” the request for production) is limited to 180 days.
The Act defines “call detail record” to include “session identifying information (including originating or terminating telephone number, International Mobile Subscriber Identity number, or International Mobile Station Equipment Identity number), a telephone calling card number, or the time or duration of a call.” The Act explicitly excludes from that term the contents of any communication; the name, address, or financial information of a subscriber or customer; and cell site location information.
The Act requires the entities involved in the production of call detail records to provide the government with technical assistance. The Act also requires the destruction of call detail records within 5 years of production, except for records that remain relevant to an ongoing counterterrorism investigation.
The Act does not require any private entity to retain any record or information other than in the ordinary course of business. However, nothing in current law or this Act prohibits the government and telecommunications providers from agreeing voluntarily to retain records for periods longer than required for their business purposes.
This new authority—designed to allow the government to search telephone metadata for possible connections to international terrorism—does not preclude the government’s use of “traditional” business record orders under Section 501 to compel the production of business records, including call detail records.
Sec. 102—Emergency authority. This section creates a new emergency authority in Section 215. The Attorney General may authorize the emergency production of tangible things, provided that such an application is presented to the court within 7 days. If the court subsequently denies an emergency application, the government may not use any of the information obtained under the emergency authority except in instances of a threat of death or serious bodily harm.
Sec. 103. Prohibition on Bulk Collection of Tangible Things. The Act requires that each application for the production of tangible things include “a specific selection term to be used as the basis for the production.” In so doing, the Act makes clear that the government may not engage in bulk collection under Section 501 of FISA.
The Act defines “specific selection term” to mean “a term used to uniquely describe a person, entity, or account.”
This goes further than the President’s plan in that it prohibits the bulk collection of all tangible things and not just telephone records. Section 501(b)(2)(A) of FISA will continue to require the government to make “a statement of facts showing that there are reasonable grounds to believe that the tangible things sought are relevant to an authorized investigation. . . .” The USA Freedom Act requires the government to provide a specific selection term as the basis for the production of the tangible things sought, thus ensuring that the government cannot collect tangible things based on the assertion that the requested collection “is thus relevant, because the success of [an] investigative tool depends on bulk collection.” These changes restore meaningful limits to the “relevance” requirement of Section 501.
Although this Act eliminates bulk collection, the Act does not limit the government’s use of Section 501 as it was designed, as a mechanism for intelligence agencies to obtain information, based on a statement of facts showing that there are reasonable grounds to believe that the tangible things sought are relevant to a national security investigation.
Sec. 104—Judicial review of minimization procedures for the production of tangible things. This section provides that the court may evaluate the adequacy of minimization procedures under Section 215. Under current law, the court is only empowered to determine whether or not the government has minimization procedures in place.
Sec. 105—Liability protection. This section provides liability protections to third parties who provide information, facilities, or technical assistance to the government in compliance with an order issued under Section 215. This provision mirrors the liability provisions in Titles I and VII of FISA.
Sec. 106—Compensation for assistance. This section explicitly permits the government to compensate third parties for producing tangible things or providing information, facilities, or assistance in accordance with an order issue[d] under Section 215. It is customary for the Government to enter into contractual agreements with third parties in order to compensate them for products and services provided to the Government.
Sec. 107—Definitions. This section provides definitions for “call detail records” and “specific selection term.”
Sec. 108—Inspector general reports on business records orders. This section requires the Inspector General of the Department of Justice to conduct a comprehensive review of the use of Section 215 with respect to calendar years 2012 to 2014. It also requires the Inspector General of the Intelligence Community to assess the value and use of intelligence obtained under Section 215 over the same period.
Sec. 109—Effective date. This section provides that the new telephone metadata program, the new Section 215 emergency authority, and the prohibition on bulk collection of tangible things under Section 215 take effect 180 days after enactment.
TITLE II—FISA PEN REGISTER AND TRAP AND
TRACE DEVICE REFORM
Sec. 201—Prohibition on bulk collection. This section provides that the pen register and trap and trace device authority may not be used without a specific selection term as the basis for selecting the telephone line or other facility to which the pen register or trap and trace device is to be attached or applied.
&
nbsp; Sec. 202—Minimization procedures. This section requires that the government adopt procedures that are reasonably designed to minimize the retention and prohibit the dissemination of nonpublic information about United States persons. It also explicitly authorizes the court to assess compliance with these procedures while a pen register or trap and trace device is in use.
TITLE III—FISA ACQUISITIONS TARGETING PERSONS
OUTSIDE THE UNITED STATES REFORMS
Sec. 301—Restatement of Prohibition on Reverse Targeting. Section 702(b)(2) of FISA provides that the government “may not intentionally target a person reasonably believed to be located outside the United States if the purpose of such acquisition is to target a particular, known person reasonably believed to be within the United States.” The Act clarifies this prohibition to state that the government “may not intentionally target a person reasonably believed to be located outside the United States if a purpose of such acquisition is to target a particular, known person reasonably believed to be within the United States.”
This change is meant to simply clarify and restate Congress’ original intent in enacting Section 702 of the FISA Amendments Act that this authority cannot be used as a pretext to target U.S. persons inside the United States.
Sec. 302—Minimization Procedures. The Act codifies procedures already adopted by the government for the minimization of domestic communications. Specifically, the Act requires that the government minimize the acquisition, and prohibit the retention and dissemination, of any wholly domestic communication acquired by the government under Section 702. The Act also prohibits the government from using communications to or from a United States person or a person who appears to be located in the United States, except where the communication relates to a target under Section 702 or to protect against an immediate threat to human life.
Sec. 303—Limits on use of unlawfully obtained information. This section provides that the government may not use information acquired outside the scope of court-approved targeting and minimization procedures.
TITLE IV—FOREIGN INTELLIGENCE
SURVEILLANCE COURT REFORMS
Sec. 401—Appointment of amicus curiae. This section provides that both the FISA court and the FISA Court of Review shall, if deemed appropriate, appoint an individual to serve as amicus curiae in a case involving a novel or significant interpretation of law. In addition, this section permits the court to appoint amicus curiae in any case.
The presiding judges of the courts will designate five individuals who are eligible to serve as amicus curiae. These individuals shall possess expertise in privacy and civil liberties, intelligence collection, telecommunications, or any other area of law that may lend legal or technical expertise to the courts, and shall possess appropriate security clearances.
Sec. 402—Declassification of decisions, orders, and opinions. This section requires the Attorney General to conduct a declassification review of each decision, order, or opinion of the FISA court that includes a significant construction or interpretation of law. In the interest of national security, the Attorney General may provide a summary of the decision rather than a declassified copy.
TITLE V—NATIONAL SECURITY LETTER REFORM
Sec. 501—Prohibition on bulk collection. This section prohibits the use of various national security letter authorities without the use of a specific selection term as the basis for the national security letter request.
TITLE VI—FISA TRANSPARENCY AND
REPORTING REQUIREMENTS
Sec. 601—Additional reporting on orders requiring production of business records. In addition to existing annual reporting requirements, this section requires the government to report on the number of requests made for call detail records under the new telephone metadata program.
Sec. 602—Business records compliance reports to Congress. This section requires the government to provide to Congress any compliance reports related to the use of Section 215.
Sec. 603—Annual report by the Director of the Administrative Office of the United States Courts on orders Entered. This section requires the Director of the Administrative Office of the United States Court to make an annual report on the number of orders issued under sections 105, 304, 402, 501, 702, 703, and 704 of FISA, as well as the number of appointments of individuals to serve as amicus curiae to the FISA court.
Sec. 604—Reporting requirements for decisions of the Foreign Intelligence Surveillance Court. This section requires the Attorney General to provide to the relevant committees, within 45 days of each decision, order, or opinion that includes a significant construction or interpretation, a copy of each such decision and a brief statement of the relevant background.
Sec. 605—Submission of reports under FISA. This section includes the House Judiciary Committee in several existing reporting requirements.
TITLE VII—SUNSETS
Sec. 701—USA PATRIOT Improvement and Reauthorization Act of 2005. This section aligns the sunset of the three sun-setting provisions of the USA PATRIOT Act with the sunset of the FISA Amendment Act on December 31, 2017.
U.S. House of Representatives, Committee on the Judiciary’s Section-by-Section Analysis of the USA FREEDOM Act, passed by the House, May 22, 2014 (footnotes omitted).
Source: House of Representatives, Committee on the Judiciary Report on the USA FREEDOM Act, Report 113–452, 24–29, May 15, 2014, https://beta.congress.gov/113/crpt/hrpt452/CRPT-113hrpt452-pt1.pdf.
38
Edward Snowden, One Year Later
On June 4, 2014, one year after the Guardian published the first of his disclosures, Edward Snowden released this statement in an e-mail to supporters of the American Civil Liberties Union. This book has attempted to convey important events and issues generated by Snowden’s revelations about the surveillance activities of the United States and other governments. It is appropriate to end with Snowden’s own reflections on a year of unprecedented events.
It’s been one year.
Technology has been a liberating force in our lives. It allows us to create and share the experiences that make us human, effortlessly. But in secret, our very own government—one bound by the Constitution and its Bill of Rights—has reverse-engineered something beautiful into a tool of mass surveillance and oppression. The government right now can easily monitor whom you call, whom you associate with, what you read, what you buy, and where you go online and offline, and they do it to all of us, all the time.
Today, our most intimate private records are being indiscriminately seized in secret, without regard for whether we are actually suspected of wrongdoing. When these capabilities fall into the wrong hands, they can destroy the very freedoms that technology should be nurturing, not extinguishing. Surveillance, without regard to the rule of law or our basic human dignity, creates societies that fear free expression and dissent, the very values that make America strong.
In the long, dark shadow cast by the security state, a free society cannot thrive.
That’s why one year ago I brought evidence of these irresponsible activities to the public—to spark the very discussion the U.S. government didn’t want the American people to have. With every revelation, more and more light coursed through a National Security Agency that had grown too comfortable operating in the dark and without public consent. Soon incredible things began occurring that would have been unimaginable years ago. A federal judge in open court called an NSA mass surveillance program likely unconstitutional and “almost Orwellian.” Congress and President Obama have called for an end to the dragnet collection of the intimate details of our lives. Today legislation to begin rolling back the surveillance state is moving in Congress after more than a decade of impasse.
I am humbled by our collective successes so far. When the Guardian and the Washington Post began reporting on the NSA’s project to make privacy a thing of the past, I worried the risks I took to get the public the information it deserved would be met with collective indifference.
One year later, I real
ize that my fears were unwarranted.
Americans, like you, still believe the Constitution is the highest law of the land, which cannot be violated in secret in the name of a false security. Some say I’m a man without a country, but that’s not true. America has always been an ideal, and though I’m far away, I’ve never felt as connected to it as I do now, watching the necessary debate unfold as I hoped it would. America, after all, is always at our fingertips; that is the power of the Internet.
But now it’s time to keep the momentum for serious reform going so the conversation does not die prematurely.
Only then will we get the legislative reform that truly reins in the NSA and puts the government back in its constitutional place. Only then will we get the secure technologies we need to communicate without fear that silently in the background, our very own government is collecting, collating, and crunching the data that allows unelected bureaucrats to intrude into our most private spaces, analyzing our hopes and fears. Until then, every American who jealously guards their rights must do their best to engage in digital self-defense and proactively protect their electronic devices and communications. Every step we can take to secure ourselves from a government that no longer respects our privacy is a patriotic act.
We’ve come a long way, but there’s more to be done.
—Edward J. Snowden, American