Obama to Call for End to N.S.A.’s Bulk Data Collection (opens in new tab)

(nytimes.com)

147 pointssamdk12y ago85 comments

85 comments

76 comments · 25 top-level

sinak12y ago· 12 in thread

So according to the report, Obama is going to propose legislation that:

- Would end the NSA's authorization to collect bulk call records from telephony providers under §215.

- Would require the NSA to require court approval prior to every §215 call record request. Up to 2 hops worth of call records would be included.

- Won't require that telecoms maintain anything more than the 18 months of call records that they are already obliged to hold.

The devil's in the details, but it sounds like a big change from the existing call records program. If Congress passes something along these lines, it'd be a major win.

But the §215 call records program is just a very small component of the objectionable surveillance programs. Here's just a sampling of the others:

"Upstream" collection: The sort of thing that happens in AT&T's Room 641A - fiber optic cables intercepted, data captured (under program names Fairview, Blarney, Stormbrew, Oakstar). Auth'd under Executive Order 12333 and the various FISA laws [1]. Searched using the XKEYSCORE frontend. GCHQ has similar program called Tempora which the NSA has access to.

MUSCULAR: Jointly run by GCHQ and NSA, collects data as it passes between the backend servers of services like Yahoo and Google. [2]

PRISM: Auth'd under §702, allows NSA to request data from tech companies about anyone who might be "reasonably believed" to be outside the US.

BULLRUN: Various efforts to break encryption, including attempts to insert vulnerabilities into encryption standards. Snowden's security clearance wasn't high enough to get any real details on exactly what the NSA has achieved as part of BULLRUN [4].

I think the scariest of those is Bullrun. We don't (and likely won't) know to what degree the NSA has managed to break or circumvent encryption [5].

[1] http://en.wikipedia.org/wiki/Upstream_collection

[2] http://www.washingtonpost.com/world/national-security/nsa-in...

[3] http://www.theguardian.com/uk/2013/jun/21/gchq-cables-secret...

[4] http://www.eweek.com/blogs/security-watch/nsa-bullrun-911-an...

[5] https://twitter.com/nicoleperlroth/status/376481848760606720

devconsole12y ago

Perhaps the scariest thing is their plan to collect and store all data on all of your activities, then retroactively mine it. That is, from the moment you use the internet for the first time as a 9 year old until the day you die as an 89 year old, every text message you send, every email you write, every website you visit, and (if you're thinking of becoming a politician) every nude picture you send can potentially be used against you.

The reason this is scary isn't just because of the present social climate. The current social climate is actually pretty decent. The reason it's scary is because social climates can change quickly. A couple decades from now, what you did legally today may be illegal. If you're pursued and prosecuted, it's possible someone may dig through this vast trove of collected data and use it against you.

Clapper (the head of the NSA) has taken the stance that it's okay to collect everything, and that a "search" hasn't taken place until some human actually tries to look through that data. He frequently uses the analogy of a library: it's okay for the NSA to have all the books (everyone's data, everywhere) because a search hasn't taken place until they take one of the books off the shelf and look through it.

The temptation to use that library for purposes other than curbing terrorism must be pretty strong.

I'm going to speculate for the sake of example. It was often cited that one of the reasons for the 9/11 attacks was that the agencies weren't cooperating. As such, there has been a lot of pressure for the agencies to work together since then. I'm going to guess that if the FBI hadn't eventually tracked down DPR on their own, they may have tried to turn to the NSA for help. While it's not clear that the NSA has those kinds of capabilities, they're certainly more capable than the FBI at breaching the Tor network. There are slides out there which say something along the lines of "... we're able to deanonymize individual targets, not everybody at once."

That example is a little bit unrelated to "collecting all data about everybody and then mining it," but remember that if the agencies begin cooperating in that fashion, sharing that trove of data may be the next logical step.

I apologize for speculating, and my speculation should be treated as such. But please realize that just because they're not doing that to Americans yet doesn't mean they're not doing it to citizens of other countries with impunity today.

Here's another ancillary point. It should be no surprise that the NSA could probably find out the identity of Satoshi Nakamoto pretty easily. But my point in bringing that up is this: if Satoshi himself cannot stay anonymous, then what hope do any of us have? Anonymity may be dead at this point. It's pretty clear that humans will continue to live even if that's the case, but a world without privacy is going to be a very strange one.

By the way, I should also mention that the GCHQ may be even more capable than the NSA. There are signs that the NSA are better at pulling off attacks (Stuxnet, Tailored Access Operations) but that GCHQ are better at collecting data (bypassed Google's encryption). It has also been hinted that whenever the NSA runs into roadblocks against investigating Americans, they enlist the help of the GCHQ since it's legal for them to do so (and vice-versa). So even if the NSA is reformed, there is still this spectre of this worldwide data collection and governmental collaboration hovering over society.

001sky12y ago

Perhaps the scariest thing is their plan to collect and store all data on all of your activities, then retroactively mine it

This is the biggest grey area/ major issue. The issue is not just 4th amendment stuff (reasonable expectations of privacy), but selective disclosure and prosecution (ie, equal protection). The use of this for blackmail would be come ~irresistable to those seeking to cling to power. And this kind of stuff is why the bill of rights exists.

nickff12y ago

The problem is that the selective disclosure and prosecution are very easy to abuse without violating the text of the constitution; especially when the average American commits three imprison-able offences per day, because of the number of criminal laws, and their breadth.[1]

[1] http://online.wsj.com/news/articles/SB1000142405274870447150...

cb1812y ago

| the stance that it's okay to collect everything, and that a "search" hasn't taken place

Anytime this argument is made, it must be held in contempt, and along with its wanton disregard for logic, be not allowed to stand.

Scenario 1: If Alice sends a letter to Bob unintercepted and Bob reads the letter then burns it, his privacy has not been violated and he has not been searched.

Scenario 2: If Alice sends Bob a letter and before delivery the postman opens the letter, photographs the contents in such a way as to not see the contents of the letter at the time, then sticks the photo in his pocket for a rainy day, then delivers the letter, Bob has been searched.

For any of a number of definitions for searched.

One of which being Bob no longer has control over his personal effects(information), cannot choose the manner in which they are presented to others, or if they are presented at all.

If your option of not being searched has been taken away, you've been searched.

In Scenario 2 Bob's option of not being searched has been taken away, so therefore he has been searched.

It's pretty obvious these bulk collection practices are 'seizure' as well as 'search,' though I've not heard anyone with the audacity to argue that it is somehow not seizure.

dingaling12y ago

> and that a "search" hasn't taken place until some human actually tries to look through that data.

It's actually scarier than that; the term used was 'acquisition' rather than 'search'.

So they collect all the raw data, but don't 'acquire' intelligence until they search for specific information.

Since the legislation pertains to acquisition they are not, by their interpretation, bound by that legislation during collection.

ekianjo12y ago

> Perhaps the scariest thing is their plan to collect and store all data on all of your activities, then retroactively mine it

I would even go to say that the NSA already has files on all major politicians in the US and therefore can threaten anyone (including the president) to release something the public would not like (extra-marital affairs, pretty common among politicians, but could be many other things too) and therefore easily coerce the politicians to avoid any significant reform of their mandate.

toddmatthews12y ago

>what you did legally today may be illegal

In the United States, the Congress is prohibited from passing ex post facto laws by clause 3 of Article I, Section 9 of the United States Constitution.

line-zero12y ago

  *In the United States, the Congress is prohibited from passing ex post facto laws by clause 3 of Article I, Section 9 of the United States Constitution.*

I don't know if you've noticed, but folks in Washington don't give a fuck about the Constitution any longer.

1 more reply

bandushrew12y ago

The problem is that laws and clauses of the constitution only provide protection if there is political will to allow it to do so.

The second that the people in power have no actual political will to follow them, the fact that laws exist provides no protection.

1 more reply

aurumpotest12y ago

> PRISM: Auth'd under §702, allows NSA to request data from tech companies about anyone who might be "reasonably believed" to be outside the US.

What exactly does that mean? Is it literally just anybody they "believe" to be physically outside the US? Or non-US citizens?

nl12y ago

I believe this is likely to use the NSA's definition of a "US Person"

According to the National Security Agency web site, Federal law and executive order define a United States person as any of the following:

a citizen of the United States

an alien lawfully admitted for permanent residence

an unincorporated association with a substantial number of members who are citizens of the U.S. or are aliens lawfully admitted for permanent residence

a corporation that is incorporated in the U.S.

[1]

[1] http://en.wikipedia.org/wiki/United_States_person

higherpurpose12y ago

Only for phone records...nothing even mentioned about the Internet collection, which I'm much more worried about.

aryastark12y ago· 10 in thread

call records? Are you shitting me? The White House is acting like Grandpa trying to wrap his mind around the concept of the Internet. "overhaul", "new kind of court order". Yeah, okay.

Here's the broom, Obama. Need a little help sweeping it all under the rug?

ganeumann12y ago

Agree. I might have been placated by this last Summer. At this point it's too little too late. Unless he does something more substantial to open up the intelligence services to scrutiny, he's not the Executive, he's just another puppet of the police state.

pekk12y ago

Because the major consideration for any kind of policy is whether it feels subjectively fast enough for ganeumann, not whether it is good policy.

ganeumann12y ago

It has nothing to do with speed. It has to do with ability to get it done.

When faced with clear wrongdoing and public disapproval, nothing happened. It took almost a full year of constant news, almost universal disapproval from people whose opinions matter, and the changing opinion of Congressional leaders before any concessions at all were proposed.

What that says to me is that there is a very unlikely conjunction of things that needs to happen before the infosec agencies can be held to account. That unlikely conjunction is probably so unlikely that it will not happen again for decades. Now may be the only chance we (meaning you, me, Congress, and the Executive) have to change practices for a long time. Given that the infosec agencies, no matter how much we roll their power back, will struggle to regain that power and more, we better roll them back at least a few decades worth while we have the chance.

001sky12y ago

Has nothing to do with "policy", has everything to do with lack of character.

moskie12y ago

Such a bill as this one wouldn't solve all the problems. It would merely solve one of them. You should support it, hope it passes, and then demand more.

The alternative situation, where this bill does not become law, is worse. Why be against something that progresses things in the right direction? Do you demand everything be solved all at once?

wfunction12y ago

I would agree with you, but if it passes, it becomes a distraction that will take people's mind off the real issue.

moskie12y ago

There are many "real issues." This bill would address one of them.

I just think it's silly to be against this type of legislation because it doesn't solve all problems, or doesn't bigger problems. I solves a problem. That's a good thing. Maybe it will get the ball rolling towards more legislation.

If this bill passes and gets support from the public, it sets precedent that proposing and passing legislation that strips power away from the NSA isn't political suicide.

gone3512y ago

This. I've noticed how the government and most established/traditional media outlets keep referring to the NSA phone metadata stuff as if that were the only disclosed program worthy of review. But what about Prism, etc?

alexqgb12y ago

Etc.? More like etc. etc. etc. etc. And as the folks working with Greenwald have noted, there's plenty more to come. The easier to digest stuff is what's appeared to date. The more complex programs - i.e. the ones that take more time to fully grasp - are what they're still working through.

lern_too_spel12y ago

What about Prism? That's the most harmless program Snowden leaked by a country mile. It simply allows the NSA to search data that was collected by the FBI's internet communication wiretap system for users that the government presented a court order for.

Pxtl12y ago· 8 in thread

You ever notice how President Obama acts like he's nt in charge of the government? The whole "outsider" schtick doesn't really work 6 years into your Presidency.

beedogs12y ago

That's probably because he isn't really in charge of it. But he makes a better figurehead than the last bozo I guess.

mantrax312y ago

We need leaders, not figureheads.

jbooth12y ago

Sounds great, you should run for the job. I'm sure if we just elected someone who was leader-y enough, they'd be able to turn that ship on a dime.

1 more reply

pekk12y ago

Do you need them in the presidency? How do you plan to get them?

1 more reply

sd8f9iu12y ago

Can you explain your comment more, in the context of this article?

gum_ina_package12y ago

I think he's saying that after six years of leading the country, the President needs to step up and take responsibility for what his administration has done. He won his first election by running against George Bush, but that act has gotten really old really fast.

kzrdude12y ago

A whole lot of politicians need to look at themselves and ask what responsibility they take for governing. Many seem to think that it's a game where you should abuse the ruleset and beat your opponent at any cost. A country can't be run with so many bad faith actors that refuse to cooperate.

late2part12y ago

Here here!

oceanstone12y ago· 6 in thread

Cool! What about the content [1] of emails, text messages, Skype conferences, etc...

[1] http://en.wikipedia.org/wiki/Room_641A

toomuchtodo12y ago

Is it sad I knew exactly what that room was before clicking the link?

dllthomas12y ago

Not any sadder than demanded by the implied existence of the room. It's the only Room #### that's been talked about in this context.

lern_too_spel12y ago

According to documents Snowden leaked, this was used in a program to collect email headers, not their content, until Obama shut it down in 2011.

oceanstone12y ago

I've not encountered any documents which suggest that. Would be interested though, if there was a news article you wanted to link to?

danjayh12y ago

I knew it. Netflix isn't to blame when my Internets keep getting stuck in the tubes, they're just taking a wrong turn through that beam-splitter thingamajig. Somebody should explain it to Ted Stevens and he'll get right on it.

dllthomas12y ago

"Somebody should explain it to Ted Stevens and he'll get right on it."

I don't know if this is made better or worse by the fact that he's been dead for three and a half years.

dmfdmf12y ago· 4 in thread

We don't need a law. These programs are a violation of the constitution. What Obama and his cronies are trying to establish is the govt's unlimited power of surveillance. If this passes then it implicitly accepts the premise that their policies could be legalized at anytime by a future president under future "national interest" circumstances. This is how dictators are established.

sitkack12y ago

NSA is executive, he doesn't need a law, he can turn it off RIGHT NOW. Sure get a law in place, but dont pretend you have to go through congress to do it.

dmfdmf12y ago

> Sure get a law in place,

No, you don't get it. Getting that law in place is exactly what they want because it avoids the Constitutional challenge. Obama and company must sense that there is a lot of opposition to the spying, so this is merely a delay tactic awaiting another WTC bombing or equivalent to change the law back.

The advocates of freedom need to reject this tactic and push this issue to the Supreme court where it belongs. It is not an Executive or Legislative branch issue it is a Constitutional issue and it needs to be stopped on Constitutional grounds not as a matter of legislative action.

whatevsbro12y ago

> The advocates of freedom need to reject this tactic and push this issue to the Supreme court where it belongs.

You see what's going on, but reason a bit further. The Supreme Court is part of the same government that's in the process of establishing a full police state / tyranny. Do you think they're not part of the problem?

Can a police state's Supreme Court be independent, objective, and intent on preserving freedom? -I wouldn't bet on it.

Get out while you can?

1 more reply

pekk12y ago

and then we're right back to the status quo at the first GOP President, which is likely the next one.

fleitz12y ago· 4 in thread

It's interesting that a program which the NSA's director claimed to congress didn't even exist, which was created by the executive branch requires the legislative branch to terminate it.

I'm pretty sure this could be solved by executive order, and/or the DOJ filing with the petitioning the SCOTUS to rule it unconstitutional.

eck12y ago

> It's interesting that a program which the NSA's director claimed to congress didn't even exist, which was created by the executive branch requires the legislative branch to terminate it.

IIRC, the Guantanamo terrorist prison program was also created without congressional action, yet its closure was successfully prevented by Congress -- or at least, congressional opposition to closing it was sufficient for Obama to escape blame for failing to close it as he had promised during the election.

So, this could just be a plan to transfer blame for the NSA onto Congress. If he proposes a bill to reign in the NSA that he knows Congress will not pass, it maintains the status quo but he can say that he wanted to end it.

sitkack12y ago

Yes. The solution to pollution is dilution. He needs to spread "the blame" across all of congress. Just like gitmo.

He sends legislation to congress to "fix" the problem and it never gets through. The whole thing is a smoke screen.

ZanyProgrammer12y ago

The NSA is part of the Department of Defense, and Obama is the Commander in Chief. So, ideally why would he need legislative oversight?

dragonwriter12y ago

Because he wants to create a new procedure for what collection they remain allowed to do, and the President can't just create new legal processes.

late2part12y ago· 3 in thread

Watch this very carefully. I predict that this purported effort to curb bad behavior will in fact attempt to legitimize the very bad behavior most of us find contemptable. Having shined the spotlight on the really bad behavior, I predict this administration will then find an only half-bad solution to tout as a compromise.

http://www.al-ruh.org/hegelian.html

sitkack12y ago

I know, I almost thought that the whole Snowden thing was their way to bring it out in the open to make it permanent. There is a collective, "meh", and the programs (include the drone assassinations) are made law.

JHSheridan12y ago

Wow... I just spent an hour reading and rereading that small bit of text you linked to. I was never even aware of such a thing.

What a powerful idea. Thanks for pointing out the possible connection here.

nl12y ago

dsr_12y ago· 3 in thread

President Obama can't issue an executive order in the meantime?

mpyne12y ago

He's not going to put out an E.O. gutting the program any further (he's already made the "hops" changes, for instance) until the replacement is in place, which requires telecom action. And telecom action won't occur by E.O., which means it requires Congressional action.

catwithattitude12y ago

He can issue an order to wiretap, but not to retract.

jnbiche12y ago

Assuming it was an executive order (and I can't imagine it was anything but, although facts are slim pickings), of course he can "retract" it, using yet another executive order.

"EOs are published in the Federal Register, and they may be revoked by the President at any time."[1]

1.https://it.ojp.gov/default.aspx?page=1261

line-zero12y ago· 1 in thread

It's not enough.

Don't "curb" the program. Don't "reform" it. We're not interested in a fucking "debate." Or striking a "balance."

END IT. END IT NOW!

GIVE US BACK OUR GOD-DAMNED RIGHTS!!

deciplex12y ago

If you're asking for your rights back, then you seem to acknowledge that you have none (I agree), in which case what is the point in asking for them back? (Or, demanding, verbally, as the case may be?)

intslack12y ago

Note that there are two proposals here, much like good cop (Obama Administration) and bad cop (House Intelligence Committee[1]), but both leave broader §215 authority intact i.e. business records not to mention §702 and Upstream collection.

Both also seem to be attempting to reinstate the full Telephony Activity Detection Process which they haven't been able to do legally since 2009[2][3] due to alert abuses[4].

[1] http://online.wsj.com/news/articles/SB1000142405270230394970...

[2] http://arstechnica.com/information-technology/2013/12/the-na...

[3] http://www.emptywheel.net/2014/03/24/nsa-bids-to-expand-spyi...

[4] http://www.emptywheel.net/2014/01/23/how-nsa-spies-on-first-...

aaronharnly12y ago

I think this proposal is a real and considerable improvement in the national security apparatus. For which we have Snowden's revelations sparking of a national conversation to thank.

Recall Snowden's original statement [1]:

"these things need to be determined by the public and not by somebody who was simply hired by the government."

The information changed public opinion[2]:

"[In January 2014], 40% approve of the government’s collection of telephone and internet data as part of anti-terrorism efforts, while 53% disapprove. In July [2013], more Americans approved (50%) than disapproved (44%) of the program."

[1] http://www.policymic.com/articles/47355/edward-snowden-inter...

[2] http://www.people-press.org/2014/01/20/obamas-nsa-speech-has...

bertil12y ago

A lot of reactions to Obama’s decisions seem to remember that he was the guy on the Hope posters, but not that he was the guy who told PolSci majors how politics was heart-wrangling, soul-blackening compromises, all the time -- and that you needed to keep the eye on the bigger prize, because you’d have to sacrifice everything just under it.

Obama promised to save tens of thousands how American lives (and ten times as many Middle-Eastern) and the budget by scaling down physical operations. To do that, he had to grant the intelligence and military personnel everything else, if only to avoid a coup. I hate the compromise, but I can’t imagine making a different choice.

Yes, that appears to be extremely disappointing, but more than actual deescalation of the surveillance apparatus, what he is working on is to make the Intelligence community realise that they went too far, and that the fact that Snowden could get so much information was a problem in itself. You don’t tear things away from people when you want them to contrite, not significantly: that comes later. Right now, most people in that community want to drop a Hellfire on the guy: saying he was right to do what he did, and to follow his recommendation would be akin, for the US operatives, to have the US adopt Sharia law on Christmas 2001 because Ben Laden asked for it.

Give them time.

Show a guy who is articulate, considerate and criticise his actions ‘but his ideals where not far off…’; show how targeted collection help keeping focus, show how judicially-sound investigations help avoiding mistakes… The NSA will feel confident to take off the side-wheels (still ‘protect the Homeland’ without the all-access) but that’s later, alas.

drawkbox12y ago

Try all we want, we can't get back from this one. Once freedoms are gone, they are gone until revolution. That is why freedom/privacy issues you need to be overly cautious about and side with non-authority always to keep it in check.

tn1312y ago

There is not need to be happy unless you read the real details of the legislation. I have a feeling that this is going to be mostly a carrot and stick like policy.

exabrial12y ago

Obama is a two faced back stabbing bus tosser. He had full knowledge of the program from the beginning. Stop falling for this crap, he is the one that commissioned the original program, and he is sending his own men to slaughter to protect his own hindquarters. He is the worst kind of sleezebag that exists...

Stop accepting these excuses from the leader of 'the most powerful nation on earth' and HOLD OBAMA ACCOUNTABLE.

HashThis12y ago

Obama can ask to curb or limit the NSA. But the NSA will tell him 'no'.

blisterpeanuts12y ago

This feels like a diversionary tactic to me, a way to lull the general public while allowing the real bulk data collection to continue unhindered.

The only truly meaningful action the President can take would be to suspend all operations of the NSA for an indefinite time and furlough the staff, while a thorough review is conducted and a public debate is held as to how much intrusion should be tolerated.

Sae5waip12y ago

And only for domestic spying.

People that aren't US citizens still get no protection at all.

dantheman12y ago

"In a speech in January, President Obama said he wanted to get the N.S.A. out of the business of collecting call records in bulk while preserving the program’s abilities. He acknowledged, however, that there was no easy way to do so, and had instructed Justice Department and intelligence officials to come up with a plan by March 28 — Friday — when the current court order authorizing the program expires."

I don't see how you can maintain the programs abilities without giving it massive amounts of data - seems like someone is lying.

patkai12y ago

Remember what Churchill said about the USA? Something like "The USA invariable does the right thing, after having exhausted any other alternative".

michaelwww12y ago

Too little too late. When are the Democrats going to realize -- and I am a Democratic leaning Independent -- that their custodial control of the most extensive surveillance mechanism in the history of the planet is objectionable to the people like me who would normally support them.

shmerl12y ago

What about Internet traffic?

morbius12y ago

Unfortunately, I was paywalled.

ruttiger12y ago

Everyone prepared for disappointment?

ryguytilidie12y ago

I'm glad he was careful to clarify that he would only try to end one of their many unconstitutional programs. Bravo for the man we all hoped would "change" things. More of the fucking same.

j / k navigate · click thread line to collapse