Patriot Act Used By The FBI To Collect Internet Browsing Data, Contradicting Claims Made To Oversight
from the oh-no-this-must-be-the-first-time-the-IC-has-lied-to-its-oversight-[faints] dept
The NSA shut down its bulk phone records collection — authorized under Section 215 — after it became apparent it wasn’t worth the effort. Reforms put in place by the USA Freedom Act prevented the agency from collecting it all and sorting it out later. Instead, it had to approach telcos with actual targeted requests and only haul away responsive records. The NSA somehow still managed to overcollect records, putting it in violation of the law. The NSA hinted the program had outlived its usefulness anyway, suggesting it had far better collections available under other authorities that it would rather not subject to greater scrutiny.
But this didn’t end the government’s bulk records collections. It just ended the phone metadata program. The NSA still collects other records in bulk, including banking records and, oddly, books checked out by library patrons. The broad authority of Section 215 could be read to allow the government collect other records, like email metadata and internet activity. Reasoning that people voluntarily create records of their internet use by using third-party services to surf the web, the government hinted it could sweep these up just as easily as it had swept up call records.
The government’s attempt to collect internet history under this authority ran into some friction earlier this year when the Senate voted to block this collection. Senator Ron Wyden directly asked the director of national intelligence (DNI) to inform the Senate whether or not agencies under its purview had gathered internet use records under this authority. He received this answer.
In a Nov. 6 letter to Mr. Wyden, John Ratcliffe, the intelligence director, wrote that Section 215 was not used to gather internet search terms, and that none of the 61 orders issued last year under that law by the Foreign Intelligence Surveillance Court involved collection of “web browsing” records.
Wyden took this response to mean that implementing a ban on collection of internet history records could be put into place without negatively affecting any intelligence gathering activities. But when the New York Times pressed DNI John Ratcliffe on specifics, a new party inserted itself into the conversation: the DOJ. According to its response, the FBI had already done the thing the DNI had just told Sen. Wyden it hadn’t.
In fact, “one of those 61 orders resulted in the production of information that could be characterized as information regarding browsing,” Mr. Ratcliffe wrote in the second letter. Specifically, one order had approved collection of logs revealing which computers “in a specified foreign country” had visited “a single, identified U.S. web page.”
So, the FBI was collecting internet browsing records, albeit with an order that only targeted foreign users visiting one US web page. Still, this wasn’t what the DNI originally said to Sen. Wyden. This set Wyden off. Again. The supposedly honest answer he received in response to his questions wasn’t actually all that honest. As he pointed out in his statement, the belated admission raised questions about domestic surveillance and potential abuse of Section 215 authority to collect something the DNI said no one was collecting. And, if nothing changed, there was no guarantee the Intelligence Community wouldn’t talk itself into believing a collection of internet browsing data would be cool and legal.
“More generally,” Mr. Wyden continued, “the D.N.I. has provided no guarantee that the government wouldn’t use the Patriot Act to intentionally collect Americans’ web browsing information in the future, which is why Congress must pass the warrant requirement that has already received support from a bipartisan majority in the Senate.”
Previous attempts to erect a warrant requirement for the collection of internet data or search histories have failed to reach the president’s desk. This latest admission has refueled the fire to protect Americans (or visitors to American websites) from government overreach. Even if such a collection targets only foreign internet users, there’s no guarantee it won’t sweep up US citizens — like pretty much every other bulk collection has.
At this point, everything is up in the air. There’s a new president headed into office who might be more receptive to reform efforts, but he’s also the man who served the Obama Administration — one that wasn’t all that concerned about domestic surveillance until it became impossible to ignore the documents leaked by Ed Snowden. Even then, its response was tepid at best and it still allowed IC surveillance business to continue pretty much uninterrupted — something it used to justify extrajudicial killings based on little more than metadata. This needs to be fixed, but surveillance reform advocates still lack majority support. And the guy headed to the White House has never seemed all that concerned about surveillance abuses.