The phone records program doesn’t work, invades Americans’ privacy, and threatens our freedoms.
The Review Group was unable to find a single example where the NSA’s mass phone record surveillance program provided crucial information in a terrorism investigation. It found that the government’s view of Americans’ privacy rights—based in the 1970s—is horribly out of date and does not reflect the sensitivity of modern data that is required to live a normal life and to participate in our democracy. Government requests for this data should be for “specific information relating to specific individuals or specific terrorist threats.” (Italics theirs) While the report floated the idea of companies retaining data longer so that it will be available for the far more limited programs it proposed, such retention has been opposed by civil libertarians and the corporations.
National Security Letter (NSL) authorities should effectively be revoked.
NSLs are administrative subpoenas for communication, financial, and credit records. The FBI issues up to 50,000 of these a year in terrorism investigations, even for the records of people who are suspected of no wrongdoing. The Review Group says that not only should the standard for issuance be heightened, but also NSLs should all eventually be approved by a judge, thereby ending the FBI’s overbroad access to personal records.
US Person information collected through Section 702 programs, such as PRISM, should be deleted or protected by a warrant.
Recent disclosures confirm that the FISA Amendments Act—the 2008 warrantless wiretapping law—has resulted in massive surveillance of international communications, even those where an American is on one end of the call. The Group recommended that US person information be deleted upon recognition unless it is actually necessary for foreign intelligence programs. It also said the government should not be searching through these vast databases looking for Americans without a warrant except in an emergency situation, and that the communications intercepted under these programs should not be used in criminal cases.
Non-US persons have privacy rights that should be respected.
The Review Group recognized that privacy is a human right protected by international treaties. While its recommendations for strengthening that protection come in the context of the NSA’s current activities, it recommended two good starts. First, non-US persons should receive the same protections as Americans under the Privacy Act. Second, broad surveillance programs under Section 702 (such as PRISM) should only be used for our national defense – not for the amorphous category of “foreign intelligence,” a change that would increase protections for both Americans and people abroad.
The government should fully support secure communications, not subvert them.
The report rebukes efforts to undermine strong encryption standards. It also recommends that the NSA stop amassing and exploiting security flaws that threaten broader security imperatives.
The government should be more transparent.
The Review Group concludes that there should be more publicly available information about the NSA’s sweeping surveillance programs. More effort should be made to declassify court opinions, and legislation should require the government to proactively explain how many people its surveillance affects. The report also concludes that nondisclosure orders currently attached to surveillance directives sent to companies are over broad. The Group recommends that judges review all such gag orders and construe them narrowly. There should be a presumption that companies be permitted to describe publicly the types and numbers of orders they receive.
The secretive FISA court needs to hear from the other side.
The secret court that issues the NSA’s surveillance orders now hears only from the government. The Review Group recommends creating a public interest advocate to defend Americans’ privacy interests before the FISA Court, and allowing judges to call on independent technologists for their expertise on the technical implications of surveillance methods.
The NSA itself should be reformed.
The Review Group recommends that the NSA be “clearly designated as a foreign intelligence organization” and that it be stripped of any other duties. Its military mission as part of Cyber Command should be severed from the rest of the NSA that works on foreign intelligence issues. It also recommends that civilians be eligible to direct the NSA, and that the position of Director be confirmed by the Senate.
The Privacy and Civil Liberties Oversight Board should be expanded.
The report recommends that the PCLOB have a broader mandate so that it can oversee all foreign intelligence programs, not just those that are targeted at counterterrorism. It also suggests that the PCLOB be authorized to receive whistleblower complaints and serve an auditing function. The Board should also have an office dedicated to assessing technology and whether initiatives are sufficiently privacy protective.