Dissecting Obama’s proposed NSA reforms

Original commentary by Peter Van Buren from Fire Dog Lake published on March 28, 2014.

NSA-eagle-300x300

So, after nine months of ignoring the Snowden revelations, downplaying the the Snowden revelations, not telling the truth about the Snowden revelations, insulting the Snowden revelations, sending members of his administration to lie to Congress about the Snowden revelations and claiming everything the NSA does is legal, righteous

and necessary to keep the barbarians outside the gates, Obama is coincidentally now proposing some “reforms” without acknowledging the Snowden revelations. Let’s have a look based on what we know right now.
Starting with a Question

Right away we have a question about these proposals. Almost everything (we know) the NSA has been doing to us was imposed either by Executive Orders (Bush and Obama) not subject to Congressional review or approval, or done under wide, almost farcical interpretations of the Patriot Act (Section 215 especially) not subject to judicial review, or blessed in secret by the secret Foreign Intelligence Surveillance Court (FISA) court not subject to any review. So the question of why Obama’s proposed reforms are being sent to Congress for a vote looms large.

Why doesn’t the president just pull back what he and his predecessor rammed forward? Well, of course we know the answer: politics. If Congress approves, then the president can say that the task is done, the Constitution restored, let’s look forward again and not backward. If Congress does not vote for the reforms or changes them, well, anything from there forward is their fault. Neat. You’ll recall Obama played the same trick, albeit in a somewhat kludgy way, trying to throw the decision to bomb Syria into Congress’ fetid lap last September.

We also have a handy delay built into the proposal. The current spy programs technically expire March 28, but Obama is asking that good old Foreign Intelligence Surveillance Court to renew the program as it exists for at least one more 90-day cycle. So while the reforms are needed according to the president, there’s no real hurry and the NSA can keep on spying on us at least into the summer. With some irony, that additional 90 days brings us quite close to the anniversary of Snowden’s revelations last June.

The Reforms Proposed

Reform 1: The NSA, proposes Obama, would end its systematic collection of data about Americans’ calling habits. Well, sort of. First we all just have to trust that what the NSA has been and would have continued to do in secret if Snowden had slept in will just stop. There’s a whopper of a maybe, especially given that these changes come only after the whole evil mess hit the news. Better yet, just because the NSA may not collect data, someone else will, because…

Reform 2: The bulk records would stay in the hands of the phone companies, which would not be required to retain the data for any longer than they normally would. So the data still exists, just reshelved. Most phone companies hold such data anyway for 18 months, plenty of time for some leisurely snooping. And just because the phone companies are not required to hold the data longer, that does not mean some government agency which controls their contracts, licenses, technology and all that will not suggest they hang on to it longer. Hey Verizon, just buy a bigger hard drive, they’re cheap these days. Slap a non-disclosure type order on the phone companies and we’ll never know what they keep for how long. Again, this reform requires trusting organizations that lied to us consistently since 2001 until caught red-handed.

Reform 3: The NSA could only obtain specific records with permission from a judge. I think we all can see through this one like it was as sheer as a Miley Cyrus costume. Likely enter the handy FISA court again, which has a long record of rubber stamping government requests, no doubt in no small part because only the government is allowed to speak to the court (in its entire history, the FISA court denied just 11 of the more than 33,900 surveillance requests put to it.)

In addition, it is unclear what level of detail and introspection the court could apply to what no doubt will be hundreds of thousands of new requests, most of which will no doubt be marked as urgent in response to the endless parade of “imminent threats” only the NSA sees.

Sub-Reform: Obama will ask Congress to convene a panel of public advocates to represent “consumers” before the FISA court. Are Citizens now just “consumers” as far as the government is concerned?

The members of this panel, to be drawn from civil liberties, technology and privacy advocates, will be given security clearances and other benefits. Their job will be to represent Americans, but only when the FISA court faces “novel issues of law.” Left open is who these people will be, who will pay them, who will choose them, and how aggressive the government will be in using the security clearance process to keep true advocates away from the court. Who and how “novel issues of law” will be determined is another question. What rights these advocates will have to see government data is unclear. And of course everything will be secret.

Back to the court orders themselves. These court orders are lined up to be another forward-looking thing: once a phone company starts providing call data on an individual, they would be required, on a continuing basis, to feed the NSA data about any new calls placed or received after the order is received. For how long? Not mentioned in the proposal. Better classify that time period or you’ll alert the terrorists when they can start talking freely again. The court orders would also automatically give the NSA related records for callers up to two phone calls, or “hops,” removed from the number that has come under suspicion. So if they look at your records, they are also allowed to look at the doctor you call and the journalist you call.

Worse yet is the way math works with that two-hop rule. One writer has speculated that if one of those hops includes a popular take-out pizza joint, that hop will automatically link the NSA to a very, very large number of people. Other data suggests a typical two-hops set of links will pull in over 8,000 people. Reconfigure your two-hops to restart with one of those 8,000 and so forth until the set of permissible monitoring grows geometrically.

What’s Missing

The only category of people Obama has specifically exempted from surveillance is allied foreign leaders. He has not extended any exemptions to American citizens.

The reform proposals seem specific only to bulk phone records collected by the NSA under Section 215 of the Patriot Act. They do not appear to apply to any other collections by the NSA (email, Skype, chat, GPS, texts, and so on and on), or any other federal or state agency, or to any programs in place today that we are not aware of or which may be created in the future, perhaps in response to the reforms.

This omission is significant; The Guardian reports the NSA collects each day more than five million missed-call alerts, for use in contact-chaining analysis (working out someone’s social network from who they contact and when), details of 1.6 million border crossings a day, from network roaming alerts, more than 110,000 names, from electronic business cards, which also included the ability to extract and save images and over 800,000 financial transactions, either through text-to-text payments or linking credit cards to phone users. NSA also extracted geolocation data from more than 76,000 text messages a day, including from “requests by people for route info” and “setting up meetings.” Other travel information was obtained from itinerary texts sent by travel companies, even including cancellations and delays to travel plans.

The Obama reforms do not even mention surveillance of Internet communications internationally under Section 702 of the FISA Amendments Act; and surveillance of communications overseas under Executive Order 12333.

The reforms do not mention pulling back the NSA’s ongoing efforts to weaken overall internet security, such a demanding companies provide them with backdoors to bypass encryption.

The reforms leave the door open. Obama’s proposal includes a provision asking Congress to validate that Section 215 of the Patriot Act may in the future be legitimately interpreted as allowing bulk data collection of telephone data.

The reforms leave in place far too many secret court actions and loopholes.

The reforms will be changed in the Congressional process and are likely to be further weakened by frightened representatives terrified of being blamed for the next act of terror (or by fear of losing votes for appearing “weak.”)

The reforms, even if enacted exactly as proposed or even slightly strengthened, only alter the security state in some minor and superficial ways. Our Fourth Amendment rights against unwarranted search and seizure remain jackbooted.

Some might even say the reforms are not reforms at all, but just some pretty words like “Hope” and “Change” that a smart politician might toss off to appear to be listening to his People without doing anything of substance.

Add comment

Log in to post comments