The balancing act between national security and personal privacy interests was recently in the spotlight during President Obama’s January 17th speech and accompanying Presidential Policy Directive 28 (“PPD-28”). The President’s plan outlined the results of the administration’s signals intelligence review, including many broad policy pronouncements and intended changes for handling telephony metadata.
The President’s speech and PPD-28 came in response to public concern over the potential abuse of information that is collected by the National Security Agency (“NSA”). For purposes of this post, I will focus on Obama’s comments and proposals for the storage of information collected and held under Section 215 of the U.S.A. Patriot Act (Section 501 of the Foreign Intelligence Surveillance Act). The Administration has interpreted Section 215 as authorizing the collection of bulk telephony metadata; this includes the numbers dialed, as well as the time, date, and duration of the calls, but not the content of the calls. The purpose of these collections is to have a database that the government can query if it has a specific lead that a particular number is linked to a terrorist organization. For a discussion on the constitutionality of the NSA’s program for bulk telephony metadata program, see fellow Forum Blogger Dustin Segovia’s recent post.
Currently, the NSA holds onto the telephony metadata it receives from telecommunication companies. However, during his speech, the President ordered an end to the “Section 215 bulk metadata program as it currently exists,” and said his administration is establishing “a mechanism that preserves the capabilities we need without the government holding this bulk meta-data.” To carry out this charge, the President gave the Attorney General and Director of National Intelligence 60 days, until March 28th, to come up with a proposal for ending the government’s role in holding onto the telephony metadata.
This proposed change in storage procedures is in line with the recommendations the President received from his Review Group on Intelligence and Communications Technologies, the group he formed in August 2013 to review U.S. signals intelligence policies. The Review Group’s report was released on December 12th and recommended that telecommunications providers or a third party be responsible for retaining the bulk data, instead of the federal government. In the proposed system, the government could query the information as needed without actually holding onto the metadata.
New privacy concerns arise with adding a third party to the mix. If the policy purpose for all the changes to collection of the metadata were to increase protection of personal privacy, then it would seem counterproductive to increase the number of individuals who could have access to the information. Moreover, as the President said in January, a change from government to third party information holding would likely lead to “more expense, more legal ambiguity, and a doubtful impact on public confidence that [the public’s] privacy is being protected.”
Any complex storage scheme change in the next year seems unlikely. Logistics and legal issues aside, in June 2015 the bulk data collection is set to expire unless Congress reauthorizes the program. So far it remains unclear whether Congress will be willing to do this. As information regarding NSA’s bulk telephony metadata collection practices became public in 2013, many members of Congress expressed great animosity toward the program, but so far proposed legislative changes to reign in the program have failed. The lack of action seems to be rooted in the desire to not restrict counterterrorism tools as opposed to the usual partisan standstill.
The most recent leak about the bulk metadata program indicates that the NSA is only collecting less than 30 percent of all Americans’ call records. The effectiveness of the program as a counterterrorism tool is seriously drawn into question by this leak. The NSA is given a false sense of security that potential terrorist activities are being thwarted with so many calls slipping through the cracks. With questionable effectiveness and legality, plus a host of data storage issues, the Administration should discontinue the program until technology is developed to resolve many of the currently existing problems. Any major change to bulk metadata storage would likely follow the March 28th recommendations or come during the reauthorization process leading up to June 2015.
Posted Feb. 20, 2014