Intelligence Community Lawyers Argue That Curbing Metadata Collections Will Damage Americans' Privacy

from the fox-claims-removal-of-henhouse-guardianship-will-result-in-'increased'-h dept

The NSA’s bulk record collections is facing plenty of legislative opposition as a result of Snowden’s leaks. Its own carelessness and abuse nearly cost the agency its metadata collections back in 2009 and it’s apparently unwilling to consider any limitations being placed on this program going forward. Dianne Feinstein has pitched in with an attempt to codify the collection into law, something that will make it a bit more politically unassailable, but in the meantime, multiple pieces of legislation have been introduced to control the NSA’s metadata dragnet.

This has prompted a variety of defensive tactics, from Feinstein op-eds to repeated assertions that the collection could have prevented the 9/11 attacks to cringe-inducing public relations videos featuring a slightly-unbuttoned General Alexander. The ODNI’s General Counsel, Robert Litt, offered his own defense of the program while speaking to the PCLOB (Privacy and Civil Liberties Oversight Board). According to Litt, the suggested reforms would harm the very people they’re intended to protect.

The NSA has previously argued that it was allowed by section 215 of the Patriot Act to store millions of phone records of Americans in order to find potential terrorists and their connections inside the United States. A court found that NSA could hold onto the data on the grounds that it was relevant to terrorism inquiries. In theory, storing the data with the companies, instead of at the NSA, would allow the telcos to serve as a kind of privacy watchdog. They’d be in a position to examine the government’s requests for information about their customers and possibly to object to them in court.

But the intelligence lawyers warned that Americans’ would be subject to even greater privacy incursions if their personal information were stripped from NSA’s control.

You heard the man. Allowing telcos to store the collections onsite would cause greater harm to Americans’ privacy than allowing the NSA to store them in its databases where it can peruse them at its leisure. Putting telcos in control would mean additional legwork for the NSA, mainly because it would be limited to obtaining data actually relevant to its investigations, rather than just grabbing it all and hoping everything collected becomes “relevant” at an undetermined point in the future.

This would seem to give Americans a bit more privacy protection, but the ODNI doesn’t see it that way. The FBI’s general counsel backed up Litt’s theory with some speculation of his own.

Patrick Kelley, the acting general counsel of the FBI, said the phone company data could be made available to “other levels of law enforcement enforcement from local, state and federal who want it for whatever law enforcement purposes they’re authorized to obtain it.” He also raised a frightening prospect: “Civil litigation could also seek to obtain it for such things as relatively mundane as divorce actions,” he said. “Who’s calling who with your spouse … So if the data is kept only by the companies than I think the privacy considerations certainly warrants scrutiny.”

If Kelley believes this sort of scary “data sharing” would only be a possibility if telcos control the databases, then he’s obviously been ignoring the developments of the last few months. Not only does the NSA share data with agencies like the DEA, but it also encourages them to falsify how they acquired the information. So, this privacy “concern” of Kelley’s is already a reality — and all the more reason to limit access to collected metadata. And that doesn’t even touch the amount of data sharing it does with foreign countries, often in unminimized form. Furthermore, law enforcement can already access phone records as they’re covered by the Third Party Doctrine, the same doctrine both the NSA and the FBI have been taking advantage of for years.

Second, even if it would increase the amount of civil litigation, that still would offer greater overall protection for Americans’ phone data. How? Very simply. Litigation is targeted and data requests would be limited to those authorized by discovery. As it stands now, the NSA gets everything and is only limited by controls the NSA itself implements — and those internal checks on abuse are only as strong as the NSA’s statements to the FISA court claim they are.

And this fear of unfaithful partners’ phone records being “outed” by litigants is easily mitigated, as FP’s John Hudson points out.

Any act of Congress modifying the phone records database could include provisions prohibiting the use of telephone metadata for purposes not related to national security. And if lawmakers wanted to keep the information out of the hands of local police or civil attorneys, they could write a provision preserving its exclusive use by the NSA and the intelligence agencies.

This faux concern for the privacy of Americans is just another intelligence community dodge. Protecting privacy is only a concern when it’s politically advantageous or can be twisted into a defense of embattled collection programs. Litt and Kelley’s arguments are completely weightless. Worse, they both seem entirely unaware of the fact that recent revelations completely undercut their arguments. And yet, they approach an oversight board presumably familiar with these facts and make the arguments anyway.

This is just more evidence that the intelligence community is insular and self-absorbed, the result of many, many years of operating in complete secrecy. Its spokesmen and legal reps seem to be aware of nothing more recent than the latest talking points. These agencies are ultimately disinterested in protecting the privacy of Americans if it means scaling back their existing programs. Since they can’t have it both ways (protect privacy, keep programs intact), they will always opt for the latter.

Filed Under: , , , , , ,

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Intelligence Community Lawyers Argue That Curbing Metadata Collections Will Damage Americans' Privacy”

Subscribe: RSS Leave a comment
kenichi tanaka (profile) says:

Does the government even listen to how ridiculous their argument sounds? How did we ever survive for more than 250 years as a nation because we sure as hell have never spied on every American, not until recently.

Curbing metadata collection will violate our privacy? Does the government realize how ridiculous that comment sounds? It’s the collection of that metadata that actually violates our privacy, not the reverse.

How did these boobs ever come into control of our country … they are all morons if they expect us to believe that argument.

Anonymous Coward says:

Re: Re:

How did these boobs ever come into control of our country … they are all morons

YOU, or at least your neighbors ?your fellow citizens? voted for the politicians who appointed them. You voted for the politicians who created the policies.

In California, you voted for Feinsten, in Michigan’s 8th district you voted for Rogers, and all across the country you voted for Obama.

This is what people wanted.

John Fenderson (profile) says:

Re: Re: Re:

This is what people wanted.

Evidence, please. Who people voted for doesn’t count as evidence, for a bunch of reasons including that politicians on the campaign trail lie, there is a lack of any real alternatives, and most people don’t vote based on a politicians stance on a single issue.

Because someone voted for Joe Politician in no way means that people supports or agrees with everything Joe Politician does.

John Fenderson (profile) says:

Re: Re: Re:2 Re:

I see you have a problem with logic, so I’ll clarify for you. The electoral system we have in the US is corrupt and broken, and as a result elections mean less than they should.

It’s not that I don’t believe in elections, it’s that I don’t think that the people who get elected don’t do a very good job of representing the people who elected them.

Pragmatic says:

Re: Re: Re:3 Re:

What John Fenderson means to say is, Americans usually vote for the least worst choice because they’re afraid that the most worst choice will get in.

Media saturation by the Big Two parties means that most people are unaware of the other candidates running; even when they are, splitting the vote with a popular third candidate risks the other guy getting in, a result of First-past-the-post and bipartisan gerrymandering. Kapeesh?

Anonymous Coward says:

Re: Re: Re:2 Re:

Come on now! What is wrong with not being an entrenched partisan soldier?

Independents and “agnostics” are not necessarily voting for their saviour either. They are voting for the lesser of two evils – if voting at all, which, btw., further weakens the “win vote and all you said is utopia for the voters…”.

The gerrymandering is making the evils gradually worse each time the lines change (it encourages “ideological purity” for candidates with no realistic other party competition. For anybody without that specific ideology that is an undeniable character flaw!).

Anonymous Coward says:

Re: Re: Re:2 Re:

You were complaining about the people responsible for current legislation. In this case the president sitting right after 9/11 is a primary reason for it.
Sure, Obama has only made it worse, but the start of the race to the buttom is arguably either started by Watergate or 9/11 which implicates presidents from both parties and spans decades.
Secret dealings between politicians and those they approve or reject laws for is extensively problematic in this field, given how you cannot hold an informed debate on security law with the current level of legal secrecy, making it almost impossible for people to see through the politicians on this area (Rogers and Feinstein are both literally in bed with people benefitting and/or having benefitted from technological US military/secret service purchases.).

Anonymous Coward says:

Black is white and white is black. This is no different than all the other stuff we’ve been hearing about why breaking the 4th amendment is ok.

The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.

Lies, misdirection, redefining what words mean in the English language to make it ok, but not a word on legality.

Again we are not hearing anything about we screwed up and over reached our directives. We are hearing all the made up reasons why it should be ok to continue. The NSA’s precious is threatened.

Even the legality part has been stretched beyond recognition. So much so that they had to set up a secret court to prevent challenges to it. Of course the selling point was confidentiality of secret documents in a twisted method to achieve it.

Meaningful oversight does not exist except in the same realm of Santa Claus and the Tooth Fairy. Legality exists in the same realm for all this spying. Any court that gets and takes the case could over rule this as unconstitutional, invalidating the whole mess, which is the main real reason for the FISA court. A court without adversarial process. Nearly unique for law standards along with the ability to make secret laws no one can know about but can be held accountable for violating.

That’s not what a democracy is.

jilocasin (profile) says:

Simple: Don't let _anyone_ keep it.

I’ve said it before, and I think it’s important enough to bear repeating;

If you really want to increase peoples privacy (and you know honor the 4th amendment) the simplest thing to do is not let anyone intercept or store any data.

Step 1: Companies are prohibited to keep any data any longer than necessary to support the purpose it was generated for.

For phone records that would mean:

Unlimited plans – never, disappears as soon as you hang up.
Per minute plans – number, time/date and duration of calls for 30 days after the most recent billing cycle (to give the customer time to contest a bill and the company something to defend it with).

That’s it. Simple, easy, privacy enhancing. No location data, no call content, metadata only exits for two billing cycles and only for people on per minute plans.

Sure the NSA(or FBI, or CIA, etc.) could go to a judge and get a warrant to request the telecommunications company to retain data going forward for a particular person, for a limited period of time, in support of a probable cause showing. You know that whole fourth amendment/due process thing.

While we’re at it we could expand that to all of the data that other companies glean about us. ISPs/Banks/Grocery stores all of them.

Step 2: Take the third party doctrine out back and put a single bullet through it’s head (make that two).

That doctrine barely made sense when it was created and makes no sense now. Just because you’ve asked someone else to store your data, doesn’t mean you have no privacy interest in it. You doctor always held lots of very private data about you. That doesn’t mean you have no expectation that she’ll keep that data private. You rent and apartment or a storage locker, that doesn’t mean you’ve consented to letting the local police department rummage about it without a warrant. If we ever expect people to be safe with cell phones and cloud providers their privacy interests most definitely need to be respected.

The surveillance state may be good for the state, but it is terrible for the citizens of that state.

Remember in a free society, it’s supposed to be tough for the police to do their jobs. Otherwise you are living in a police state.

Brazenly Anonymous says:

Re: Simple: Don't let _anyone_ keep it.

Speaking as a systems administrator, for the purposes of diagnostics, all data should be allowed to be maintained for at least two weeks. There are plenty of automated methods for disposal after that or a shorter time-period and they could and should be invoked. It is worth noting that many businesses currently retain all info perpetually through tape backups that include rolling logs.

An appropriately targeted warrant could be used to initiate a collection for specific identifiers (aka, selectors) described by the warrant. This process should function similarly to the legal hold process currently in place for carrying out discovery on email accounts.

John Fenderson (profile) says:

Re: Telco's already have your data

How is not giving it to the NSA accept with a warrant going to change this?

In three ways. First, it will increase the amount of oversight the NSA is subjected to. Second, the records won’t be kept for as long, and won’t be as comprehensive. Third, it will prevent the NSA from engaging in domestic surveillance on such a massive scale. There are other benefits as well, such as reducing the ease of engaging in fishing expeditions, but those are the big three.

Anonymous Coward says:

Re: Telco's already have your data

It’s not just that they have your data, it’s that they keep it forever if they can.

I call your attention to this article indicating that DEA had people working at AT&T using phone records that exist as far back as 26 years. They have been having this access for at least 6 years.

Don’t you think holding that data 26 years a whole bit over the top?

Anonymous Coward says:

Wasn’t it reported that NSA employees sit side-by-side next to AT&T employees in office chairs?

I guess all the data being stored at telcos is a “modest” improvement. What we really need is legislation, limiting how long telcos can store our personal data.

3 years should be the maximum. Of course who’s to say the telcos will keep their word. AT&T stores over 20 years worth of everyone’s data, currently.

We need more technologies like Dark Mail, which encrypts the metadata. Bypassing telco phone logs.

To summarize. We need both technology and legislation, in order for modern day humans to regain their fundamental human right to privacy.

kenichi tanaka (profile) says:

The Patriot Act, the NDAA, Secret Courts … the people didn’t want this, it was the Democrats and the Republicans who wanted these laws so they could stop anybody from speaking out against them or their re-election campaigns.

Have you noticed that FISA warrants have been consistently used to target journalists, whistleblowers and anyone who proves to be a threat to their precious intelligence programs.

I find it odd that people who aren’t very intelligent are in charge of the very same intelligence programs that intrude on our private lives. Guess there really is no intelligence in the intelligence agencies.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...