James Clapper's Report On Progress Towards President's Surveillance Reforms Mainly Explores Executive Branch Loopholes
from the not-so-much-what-it-can-do,-but-what-it-can-get-away-with dept
James Clapper, the Director of National Intelligence, has issued an interim report on the intelligence community's minimal progress towards minimal compliance with the minimal reforms ordered by the administration last year in response to the Snowden leaks. Presidential Policy Directive 28 (PPD-28) was issued in January and Jame Clapper's office is proud to announce that it's still in the process of thinking about complying with the stuff the President asked them to do so many months ago.
As we work to meet the January 2015 deadline, PPD-28 called on the Director of National Intelligence to prepare an interim report on the status of our efforts and to evaluate, in coordination with the Department of Justice and the rest of the Intelligence Community, additional retention and dissemination safeguards.
The DNI's interim report is now being made available to the public in line with our pledge to share as much information about sensitive intelligence activities as is possible, consistent with our national security.We're blown away with all the openness, Mr. Clapper. This must be the same transparency that has seen Clapper's office dump documents without referencing the federal lawsuits prompting this "largesse." Or the same transparency that tossed out the above-mentioned presidential directive -- one month after it went public -- with a self-congratulatory Tumblr post. (Yes. That is the world we live in now. The Director of National Intelligence speaks to the public through Tumblr, a venue more known for its porn gifs and faint odor of Yahoo! desperation. Thanks,
At this point, the interim effort is mostly talk. There's little that indicates any movement has been made towards the goals of the directive. In fact, any detectable movement is limited to shrugs of deference towards the Executive Branch, as the EFF points out.
Here are a few choice sections from our initial read of today's report:Repeatedly, the interim report addresses the new ideals… and then immediately appends, "unless EO 12333 says we can do otherwise." Admittedly, this flaw traces back to the administration's directive, which contains much of the "unless EO 12333" language referred to in the report.
"To that end, PPD-28 states that personal information of non-U.S. persons shall be retained and disseminated only if the retention and dissemination 'of comparable information concerning U.S. persons would be permitted under section 2.3 of Executive Order 12333.'"
We are disheartened to see ODNI pinning its privacy protections to Executive Order 12333. EO 12333 is a poorly-understood Reagan-era authority; one former State Department chief said:
"…Section 215 permits the bulk collection only of U.S. telephone metadata — lists of incoming and outgoing phone numbers — but not audio of the calls.
Executive Order 12333 contains no such protections for U.S. persons if the collection occurs outside U.S. borders. Issued by President Ronald Reagan in 1981 to authorize foreign intelligence investigations, 12333 is not a statute and has never been subject to meaningful oversight from Congress or any court…"
Somewhat surprisingly, the ODNI's report calls out the overly-broad language contained in EO 12333.
Executive Order 12333 defines this term as "information relating to the capabilities, intentions, or activities of foreign governments or elements thereof, foreign organizations, foreign persons, or international terrorists." This definition ensures that the Intelligence Community is able to retain and disseminate information necessary for the United States to advance its national security and foreign policy interests. Nonetheless, the definition's reference to "information relating to . . . activities of. . . foreign persons,' if read literally, could permit an element to permanently retain or to disseminate any information about any activity of any foreign person. Intelligence Community elements should permanently retain or disseminate such personal information only if the personal information relates to an authorized intelligence requirement, is reasonably believed to be evidence of a crime, or meets one of the other standards for retention or dissemination identified in section 2.3 of Executive Order 12333 for U.S. person information, and not solely because of the person's non-U.S. person status.The EFF asks if the NSA has ever used this reading to its own advantage. Certainly no answer is expected, but the agency has long been a fan of fluid terms and malleable definitions. Which brings us to the ultimate show of executive branch deference, albeit one that implies the administration will help the agency do the things it really wants to, Presidential Policy Directive or no.
It is important that elements have the ability to deviate from their procedures when national security requires doing so, but only with approval at a senior level within the Intelligence Community element and notice to the DNI and the Attorney General.Even the most modest of reforms still apparently needs ample breathing room and the ODNI carves out plenty with this single paragraph -- all without even bothering to address the mass surveillance programs that prompted the reforms in the first place.