Data Collection Reforms Needed to Balance Privacy, Security Interests, Say PCLOB Panelists
The U.S. government needs to re-evaluate how it conducts its surveillance activities, tech industry officials and privacy advocates told the Privacy and Civil Liberties Oversight Board at a PCLOB hearing Wednesday. The panelists said total anonymity isn’t possible, but surveillance programs should be targeted and consumers should have a right to know how the federal government and tech companies collect data. As consumer awareness of such surveillance grows, so will industry’s investment in encryption technologies, they said.
Sign up for a free preview to unlock the rest of this article
Timely, relevant coverage of court proceedings and agency rulings involving tariffs, classification, valuation, origin and antidumping and countervailing duties. Each day, Trade Law Daily subscribers receive a daily headline email, in-depth PDF edition and access to all relevant documents via our trade law source document library and website.
Privacy is an “essential value” to Microsoft and its customers, said Michael Hintze, its chief privacy counsel. “Bulk data collection programs” should be dissolved and should instead be focused on “specific targets,” he said. Microsoft supports “reforms” on how the Foreign Intelligence Surveillance Act (FISA) Court operates, he said. Hintze urged Congress to act on FISA reform.
The NSA is working to get ahead of potentially harmful surveillance activities, said Rebecca Richards, the agency's civil liberties and privacy officer. The NSA has always checked with its general counsel to determine the legality of surveillance activities, but now it’s addressing surveillance questions on a more comprehensive level, she said.
Privacy isn’t a just an individual interest, but a “societal” interest, said Daniel Solove, George Washington University law professor. Personal data collection via surveillance can cause “significant problems,” including “chilling” of expression, he said. Government surveillance raises a myriad of questions about the relationship between the state and the citizen, said Solove. Balancing privacy and security interests will be possible through a “reasonable amount of accountability, he said. While there shouldn’t be “absolute transparency” for governments, citizens should be able to “evaluate government surveillance,” he said. Current laws don’t provide “adequate oversight and accountability” for government surveillance, he said. Solove said a “bottom up” perspective would allow policymakers to determine the harms caused by government surveillance activities.
The “benefits” of government surveillance programs should also be examined, said Paul Rosenzweig, Red Branch Consulting founder and senior adviser to the Chertoff Group. Modern “error correction mechanisms” need to be instituted within surveillance programs to reduce mistakes, he said. Rosenzweig analogized the risks of arming police officers to the risks inherent in government surveillance: Because police officers sometimes misuse their weapons, the key is to reduce those risks through training and other means, he said. Privacy “enables democracy” and “personal morality,” but the “idea that democracies can’t have secrets is untenable,” said Rosenzweig.
Companies don’t have the “ability or the motive” to persecute individuals for their political beliefs, said Liza Goitein, New York University co-director of the Liberty and National Security Program at the Brennan Center for Justice. But the “line” between major corporations and the U.S. government is getting “thinner and thinner,” she said. The “firewall” between government and industry for data collection needs to be reconstructed, said Alvaro Bedoya, Georgetown University Law Center's Center on Privacy and Technology executive director. The surveillance model of collecting as much data as possible needs to be “limited,” particularly on the government side, he said.
PCLOB member James Dempsey noted a “growing trend” between tech devices, including wearables, and data collection. Some companies and consumers concerned about data collection have responded with stronger encryption methods, he said. The “expanded” use of encryption is being “driven” by “customer demand,” said Microsoft's Hintze. Consumers aren’t just worried about data security, but data collection by governments, he said. Although tech companies will continue to invest in encryption, that doesn’t mean there won’t be any data available, said Hintze. There’s always a “point in the communication chain” where data is accessible, he said.