Efforts To Balance Privacy, National Security Criticized
Leakers, technologists, scholars and privacy experts sought meaningful U.S. government surveillance reform and legislation to protect privacy at the federal and state levels, at a privacy conference in Alexandria, Virginia, sponsored by the American Civil Liberties Union, Free Press, Google, Microsoft and others. Former NSA contractor Edward Snowden appeared via video Tuesday and shared that when he began working for the CIA as a contractor in 2005, he was among a group of younger employees who didn’t understand why reforms had been made to the intelligence community and why they were necessary. The motto was “mission first,” Snowden said, explaining activities like mass surveillance were easily justified. It’s worrying when an institution has so much power and its resources are never questioned, he said. Members of the intelligence community should be able to speak with reporters, he said.
Sign up for a free preview to unlock the rest of this article
Timely, relevant coverage of court proceedings and agency rulings involving tariffs, classification, valuation, origin and antidumping and countervailing duties. Each day, Trade Law Daily subscribers receive a daily headline email, in-depth PDF edition and access to all relevant documents via our trade law source document library and website.
“Spies don’t talk to the press,” said Brennan Center for Justice Fellow Mike German, who blew the whistle regarding mismanagement in a terrorism case in 2002. “Our adversaries” are largely aware of U.S. intelligence programs, more so than U.S. courts, but the adversaries don’t reveal that they know, Snowden said. It’s been documented the intelligence community is afraid to declassify these programs because this would inflame the public, not because it would cost lives or lead to ineffective intelligence programs, Snowden said.
Snowden said reforming some surveillance programs like the Foreign Intelligence Surveillance Act Amendments Act Section 702, which facilitates the acquisition of foreign intelligence information concerning non-U.S. persons located outside the U.S., would be pointless if the Justice Department continued to use planes to collect metadata from cities across the U.S. He added that FBI Director James Comey’s decision to denounce encryption is concerning because in most cases encrypting communications is more beneficial than harmful.
ACLU Senior Technologist Chris Soghoian said he personally doesn’t think hacking is ever OK. Wiretaps are the most intrusive form of surveillance and are regulated by courts, Soghoian said. Hacking a cellphone or computer is just as sensitive as a wiretap, but it’s not being treated as such, Soghoian said.
Council on Foreign Relations Cyber Policy Senior Fellow Robert Knake disagreed and said “lawful hacking may be the best bad idea” the government has had when it comes to dealing with certain law enforcement problems. Back doors for encryption are dangerous, but hacking may be a way to preserve privacy and civil liberties while dealing with the threats that confront this nation, Knake said. Soghoian questioned if Knake was proposing all federal, state and local law enforcement be given the ability to hack a device and asked Knake if he seriously was proposing defense contractors be the “checks and balances” when it comes to government use of hacking and surveillance.
Like the ACLU, the New America Foundation's Open Technology Institute hasn’t come out with an official position regarding hacking, Senior Policy Counsel Ross Schulman said, but he said he thinks allowing hacking may end the government’s quest for encryption back doors. Schulman recommended at minimum the wiretap standard be applied before law enforcement can hack into a device. Soghoian disagreed that the government would back off pushing for encryption back doors if greenlighted to hack into devices. Soghoian also expressed concern that the government wouldn’t be transparent, noting that the Justice Department wasn’t transparent regarding its use of Stingray devices -- a tracking mechanism that acts like a cell tower -- for about 20 years.
Americans want privacy protections from companies and government, Free Press CEO Craig Aaron said. Third-party or corporate surveillance often overlaps with state surveillance quite a bit, investigative journalist Will Potter said.
One of the most profound problems for privacy in the digital age is the third-party doctrine, said Brennan Center for Justice Liberty & National Security Program Counsel Michael Price. The third-party doctrine is a legal theory that those who voluntarily share information with a third party like phone companies, Internet service providers and email servers have "no reasonable expectation of privacy." Price noted that every email, phone call, search and click on the Internet creates a record, which usually includes geolocation. The Brennan Center is attempting to alert the Supreme Court to third-party doctrine issues and convince the court to overturn it, Price said. Communications data is the modern equivalent of paper documents that are protected by the Fourth Amendment, he said.
Center for Democracy & Technology Freedom, Security and Technology Project Director Greg Nojeim said electronic communications that are saved the longest are the least protected communications under federal law, noting the warrant exception to obtain content older than 180 days. While there is bipartisan support for the Electronic Communications Privacy Act (ECPA) Amendments Act (S-356/HR-283), which would reform the warrant exception, a few issues with the bill were raised during a recent hearing, Nojeim said.
New York Civil Liberties Union Senior Staff Attorney Mariko Hirose said state privacy legislation is important because it helps determine what is a reasonable expectation of privacy. Nojeim noted that the recently signed into law (see 1510090041) in California state version of ECPA raises the ante for what kind of legislation is acceptable at the federal level. CalECPA requires a warrant for content, location and metadata, while the federal ECPA bill includes only content and location. It’s harder to sell Congress on why it’s important to protect sensitive information like geolocation and content, Nojeim said, noting there has been little progress on bills that deal with geolocation.