Today, the United States faces a more diverse, more complex array of national security threats than ever before. With ever more human activity taking place on electronic networks, surveillance is an essential tool for protecting the nation from these threats. The American people are fortunate to have a world-leading intelligence community, with a mission-oriented workforce operating under a robust legal and oversight regime. At the same time, the intelligence community’s immense capabilities and necessary secrecy raise inevitable and important questions for individual privacy, the rule of law, and public accountability. In late 2014, the Center for a New American Security began a two-year initiative aimed at developing a new approach to surveillance policy for the next administration. As part of this project, CNAS has held 14 expert workshops and roundtables and conducted more than 80 private conversations and interviews with leaders in the national security, privacy, and technology communities. These experts’ participation was invaluable in informing this report; the views expressed here, however, are our own. While the leaks by former National Security Agency contractor Edward Snowden violated the law and harmed ongoing intelligence-gathering efforts, they also represented a watershed moment in the debate over government surveillance in the digital age. The leaks revealed that the scale of government data collection – even lawful, court-approved data collection – was orders of magnitude greater than most Americans had believed. And the leaks created the impression around the world (fostered in some cases by imprecise media reports) that the United States was indiscriminately collecting the personal data of ordinary people. Three years after the leaks, their effects continue to reverberate across the policy landscape. The post-Snowden backlash has impeded law enforcement and intelligence gathering, harmed the U.S. technology industry’s competitiveness in international markets, and created diplomatic friction with important allies. Most importantly, many Americans remain skeptical that their government respects their digital privacy. Since 2013, the executive branch and Congress have attempted to repair the damage by making important reforms to surveillance practices and legal authorities. These include: President Obama’s Review Group on Intelligence and Communications Technologies, many of whose recommendations have become law or policy, and whose balanced, thoughtful report remains an important touchstone for surveillance policy.

Presidential Policy Directive 28 (PPD-28), which, most notably, required U.S. signals-intelligence (SIGINT) practices to consider the privacy interests of non-Americans overseas – a commitment still unequaled by any other country.

The USA Freedom Act, which ended the NSA’s bulk collection of Americans’ telephone call records and adopted a number of important, but underappreciated, measures to enhance transparency in government surveillance.

The intelligence community’s unprecedented efforts to explain its work, and the robust legal and compliance regime under which it operates, directly to the American people.

The emergence of the Privacy and Civil Liberties Oversight Board (PCLOB) as a visible, energetic, public-facing, and credible independent evaluator of key surveillance programs. While these changes are a strong beginning, they cannot be the end, for several reasons. They are not widely known overseas; indeed, given the technical and bureaucratic nature of many of the changes, they are unknown even to most Americans. The post-Snowden focus on collection of Americans’ personal data, while understandable, overshadowed other important issues, such as outreach to foreign publics and the challenges facing the U.S. technology sector. Finally, these successes are fragile. New leaks could rekindle latent skepticism and mistrust. Some changes, such as PPD-28 and the intelligence community’s transparency efforts, could be rolled back by a new president or altered by new legislation. For these reasons, surveillance reform should be seen as a work in progress rather than a finished product. The agenda we propose would take the next step toward rebuilding trust with the American people, the technology industry, and partners and publics abroad. It would enable the new administration to speak with one voice in support of a pragmatic, privacy-enhancing agenda. It would make clear to foreign populations that their countries and the United States share basic values on data privacy and surveillance. It would safeguard the United States’ enviable position as the world leader in information technology. It would help inoculate the new administration against the risk of future unauthorized disclosures. And it would further these goals while preserving needed national security capabilities.

Six Principles for Pragmatic Surveillance Policy Six basic premises underlie our pragmatic approach to surveillance policy: The next president and Congress should take meaningful steps both to enhance Americans’ digital privacy and to reassure the American people that government surveillance is consistent with American values and the rule of law. Protection from unwarranted government intrusion into personal privacy is a bedrock element of American liberty. But greater transparency about surveillance practices is also needed to shore up public faith in government institutions. When the public learns that government surveillance practices dramatically outstrip what laws and the statements of government officials would lead a reasonable observer to believe, it erodes faith in governing institutions, with corrosive and dangerous long-term effects for U.S. democracy. A thriving, world-leading American technology industry is in the United States’ economic interest. It also benefits U.S. intelligence and counterterrorism efforts. Millions of American jobs rely on the information-technology industry, and tech is a vital and growing export sector. But the benefits of technological pre-eminence are not economic alone: U.S. law enforcement, counterterrorism, and intelligence efforts also benefit from the fact that much of the world’s data is stored on U.S. soil and much of the world’s internet traffic passes through the United States. Unfortunately, in the wake of the Snowden revelations, other governments have begun taking regulatory steps to align the storage and transfer of their citizens’ data with physical borders. Below, we recommend various steps to help slow or reverse this trend. Signals-intelligence collection and analysis are vital national security tools. The United States will and should continue to maintain world-leading SIGINT capabilities. Dramatically curtailing the government’s electronic surveillance capabilities is neither prudent from a national security perspective nor politically realistic. No president could responsibly surrender vital, lawful national security capabilities at a time of serious threat to the nation. Improving public and foreign trust on surveillance and digital-privacy issues is an important goal, but no reform agenda can dispel completely the aftereffects of the Snowden leaks. The heightened skepticism and expectation of transparency that the Snowden leaks created will not simply disappear. Rather, they are features of the new landscape, and policymakers and the intelligence community will have to acknowledge and adapt to them. The oft-employed metaphor of “balance” between civil liberties and security is a poor guide for optimizing surveillance policy. In a time of diverse national security threats, Americans will demand robust counterterrorism, law enforcement, and intelligence capabilities to secure the homeland. They will also insist on safeguards for personal privacy and fidelity to the rule of law. The answer is not to choose between security or liberty but to work toward both. A focus on zero-sum tradeoffs between privacy and security deters security officials from embracing a privacy-enhancing reform agenda and assumes incorrectly that surrendering some amount of one value automatically yields a concomitant benefit for the other. Signals intelligence and the powers of the NSA are not neatly severable from other issues affecting domestic and international data privacy. In practice, issues that experts would consider only loosely related to signals intelligence – such as debates over iPhone encryption and whether the government needs a warrant to read Americans’ email – powerfully influence Americans’ willingness to entrust the government with collecting, monitoring, and analyzing communications and user data. A pragmatic surveillance-policy agenda must not artificially exclude other data-privacy issues that are highly salient to the public and where constructive reform is possible. The Case for Pragmatic Surveillance Reform The next administration has an opportunity to refresh the narrative surrounding the U.S. government’s approach to surveillance and digital privacy – if it acts proactively. But this opportunity is perishable. As the new president’s term unfolds, other controversies and crises will inevitably arise, making it far harder for the administration to dictate the policy agenda. And reforms undertaken reactively after a crisis tend to garner less public goodwill than those enacted before a crisis occurs. Some might argue in favor of a bold, controversial surveillance-policy agenda – whether reformist (such as allowing the FISA Amendments Act to sunset) or security-driven (such as pushing aggressively for decryption legislation). Yet either course would be both impracticable and inadvisable for a new administration. The new president’s first actions, if divisive, will consume the president’s political capital and harden political opposition. In addition, the public will hold the new administration responsible for any terrorist attacks that occur on its watch. By contrast, the agenda we outline below would expand the new president’s political capital, earn public support and bipartisan credibility, and to some extent inoculate the president against a backlash should there be future unauthorized disclosures. A new administration would be best served by announcing the measures recommended in this report as a unitary reform agenda rather than simply farming them out to various parts of the government for quiet implementation. The reforms will be more effective as a restorative tonic for past breaches of trust if they are widely known. And a major initiative, publicly promoted by the White House, will more effectively define the new administration in the public mind as serious about Americans’ digital privacy than a series of atomized technical changes quietly implemented by the bureaucracy.

By doing so, the next president can seize the near-term – and possibly unique –opportunity to repair the various deficits in trust that have emerged in the wake of the NSA disclosures. In so doing, the government can ensure respect for critical civil liberties, protect national security, and bolster the strength of the American economy. The window for action will not remain open indefinitely; the time to act is now.

Introduction In January 2014, President Obama delivered a landmark speech on signals intelligence at the Department of Justice. “Throughout American history,” he noted, “intelligence has helped secure our country and our freedoms.” Today, intelligence community personnel work to protect the American people and U.S. allies from a range of threats – from terrorism to military aggression, from the theft of American trade secrets to the subversion of democratic institutions. In the digital age, electronic surveillance is a necessary component of these efforts. Led by the National Security Agency (NSA), the intelligence community collects and analyzes signals intelligence subject to a system of “oversight, review, and checks-and-balances,” which “reduce[s] the risk that elements of the Intelligence Community would operate outside of the law.” Yet even with these safeguards in place, these agencies’ powerful capabilities and unavoidable secrecy pose serious challenges for individual privacy, public accountability, and democratic control. The Snowden leaks broke the law and harmed ongoing intelligence operations, yet they produced a watershed moment in the public debate over government surveillance. Importantly, the leaked documents and the subsequent inquiry by the Review Group on Intelligence and Communications Technologies uncovered “no evidence of illegality or other abuse of authority [by the U.S. government] for the purpose of targeting domestic political activity.” At the same time, the leaks demonstrated that the scale of government data collection – even lawful, court-approved data collection – was much greater than most Americans would have believed given the available public information. They also created the impression around the world (fostered in some cases by inaccurate media reports) that the United States was indiscriminately collecting the personal data of ordinary people. Three years after the Snowden disclosures, their effects continue to reverberate across the policy landscape and the U.S. technology industry. Many Americans remain skeptical of their own government’s commitment to their digital privacy. Internationally, the widespread misperception that the NSA indiscriminately reads ordinary people’s email and wiretaps their phone calls continues to harm American interests. This belief has triggered harmful policy responses abroad, endangering the cross-border data flows that are vital to the global business models of American technology companies. European consumers, companies, and governments continue to question the trustworthiness of American companies’ products and services, undermining their competitive standing in foreign markets. The disclosures have damaged U.S. diplomatic ties, including with key allies. And they have undermined efforts by the U.S. government to promote global internet freedom and preserve the free flow of information online. This status quo is harmful to U.S. diplomatic and economic interests overseas and corrodes faith in government institutions here at home. Despite the significant changes made to policy and messaging since the Snowden disclosures, the U.S. government has yet to adequately mitigate the negative fallout. Fortunately, the authors believe that the next administration can materially improve upon the status quo on all three fronts – domestic, economic, and diplomatic – while preserving key national security capabilities. This report outlines how the next administration can do this and why doing so is both urgent and politically feasible.

Three years after the Snowden disclosures, their effects continue to reverberate across the policy landscape and the U.S. technology industry.

Beginning in late 2014, the Center for a New American Security (CNAS) began a two-year initiative aimed at developing a new approach to surveillance policy for the next administration. As part of this project, CNAS has held 14 expert workshops and roundtables and more than 80 private meetings and interviews with leaders in national security, privacy, and technology. These consultations contributed directly to the analysis and recommendations we present below. They also persuaded us of six basic premises that underlie the pragmatic approach to surveillance policy that follows. 1. The next president and Congress should take meaningful steps to enhance Americans’ digital privacy and reassure the public that government surveillance is consistent with American values and the rule of law. Protection from unwarranted government intrusion into personal privacy is a bedrock element of American liberty. That principle is given effect by the Constitution’s Fourth Amendment, which protects the “right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures.” The American legal order presupposes that privacy is inherently valuable. Personal privacy, however, is not the only important value at stake; greater transparency and improved oversight of government surveillance are also needed to strengthen the public’s trust in government institutions. Or, as the post-Snowden Review Group on Intelligence and Communications Technologies put it, surveillance policy should foster, not erode, “a general sense … that the nation’s practices and decisions are worthy of trust.” When the public learns that government surveillance practices dramatically outstrip what public laws and the statements of government officials would lead a reasonable observer to believe, it erodes faith in governing institutions, with corrosive and dangerous long-term effects for democracy. 2. A thriving, world-leading American technology industry is in the United States’ economic interest, but it also benefits U.S. intelligence and counterterrorism capabilities. Technology has always been a key determinant of national power. But as digitization becomes ubiquitous in both commerce and national security, predominance in information technology (IT) will increasingly define which countries are seen as the world’s economic and political leaders. Millions of American jobs already rely on the information-technology industry, and tech is a vital and growing export sector. It is also an immense source of economic and cultural influence for the United States. Lest there be any doubt about this industry’s importance to modern economies, many other countries and foreign cities are desperately imitating Silicon Valley in the hopes of igniting their own startup booms..7

Protection from unwarranted government intrusion into personal privacy is a bedrock element of American liberty.

The ability to purchase the products and services of world-leading, homegrown, trusted technology providers is an enormous advantage for the U.S. national security apparatus over the nation’s competitors. But this advantage will only persist as long as companies are able to reconcile doing business with the intelligence community with their (far larger) private-sector customer base. As Peter Swire, a member of the Review Group on Intelligence and Communications Technologies, noted earlier this year: “Post-Snowden, American-based information technology companies don’t want to be seen as an arm of the U.S. intelligence community.” To take one small example of how this can affect the government’s ability to acquire cutting-edge technology: In May, Twitter barred Dataminr, a startup that analyzes Twitter’s entire real-time stream of public tweets to derive insights about unfolding events, from selling to the intelligence community. Twitter was reportedly concerned about “seeming too close to American intelligence services.” Of course, this tendency is only one competing factor in companies’ decisionmaking and is often not decisive, as AWS’s contract with the CIA shows. But if there are future Snowden-like revelations and near-peer competitors emerge to challenge U.S. technology companies, it could become significantly more damaging. 3. Signals-intelligence collection and analysis are vital national security tools. The United States will and should continue to maintain world-leading SIGINT capabilities. Some previous surveillance-reform efforts have recommended that the United States restore the balance between civil liberties and national security by dramatically curtailing the government’s electronic surveillance capabilities – for example, by allowing Section 702 of the FISA Amendments Act to lapse or requiring judicial review of all surveillance activities conducted overseas under Executive Order 12333. Whatever the merits of such an approach as a matter of abstract first principles, it is neither prudent from a national security perspective nor politically realistic. Senior intelligence community leaders reported earlier this year that the Islamic State (ISIS) is “likely” to attempt attacks in the United States in 2016 and that the United States faces the most diverse global threat environment in 50 years. Recent attacks in Europe and the United States have shown that ISIS-directed and ISIS-inspired terrorists intend and are able to kill civilians in the West. Nor is terrorism the only relevant threat. Signals intelligence is also a vital tool for monitoring Iran’s adherence to last year’s nuclear accord, China’s intentions and actions in the South China Sea, Russia’s activities in Ukraine and apparent attempts to interfere in the presidential election, and the many other pressing geopolitical challenges facing the United States. No president could responsibly surrender vital, lawful national security capabilities at a time of serious threat to the nation. But even if it were desirable as an abstract matter to substantially reduce government data collection and analysis, a mass-casualty terrorist attack on U.S. soil could trigger a public clamor for measures even more vigorous than those in use today, as well as a political backlash against the administration that had reduced its counterterrorism capabilities in the face of an obvious threat. This report recommends reforms that the authors believe are both responsible and politically realistic given the diverse array of grave threats facing the U.S. homeland and American interests worldwide. 4. Improving public and foreign trust on surveillance and digital privacy is an important goal, but no reform agenda can dispel completely the aftereffects of the Snowden leaks. This report recommends many ways in which the next administration can improve public faith in the government’s approach to digital privacy and can reduce or mitigate international skepticism of American surveillance practices. Yet these trust deficits cannot realistically be eliminated altogether; not even the most forward-leaning surveillance-reform agenda would restore pre-Snowden levels of public agnosticism about electronic surveillance practices. The heightened skepticism and expectation of transparency that the Snowden leaks created are not going away. Rather, they are features of the new landscape – features policymakers and the intelligence community will have to acknowledge and adapt to. This is not entirely a bad thing. Digital-age technologies would pose immense dangers if misused by the state, so heightened vigilance is appropriate. This climate of persistent skepticism has important implications for policymakers and for the recommendations in this report. Going forward, surveillance policy will have to account not merely for national security needs but also respond to the public’s demand for rigorous oversight and transparency – as well as the risk of “involuntary transparency” wrought by disgruntled employees or cyber-penetrations from abroad. This means that surveillance decisions will have to account for the risk of future disclosures. This report recommends several ways in which existing policies and practices can be adjusted to account for these features of the post-Snowden world. 5. The metaphor of finding a “balance” between civil liberties and security is a poor guide for optimizing surveillance policy. It is artificially limiting to see the universe of policy options as a set of zero-sum choices between these two essential values. A zero-sum framework is a poor guide for intelligent policymaking in this area, for several reasons. Most fundamentally, in a time of grave and diverse national security threats, Americans will demand robust, effective counterterrorism, law enforcement, and intelligence agencies to secure the homeland from external threats. To be sure, policymakers should seek to foster resiliency and avoid overreaction when attacks occur. But while greater resiliency can reduce the risk of overcorrection, the natural human impulse to seek safety in perilous times will persist. If the United States is to safeguard personal privacy and the rule of law – and it must – that means reconciling a strong and capable national security apparatus with the fundamental liberties that define the American way of life. Second, the notion that by surrendering a certain amount of security capability one automatically receives a concomitant benefit for civil liberties and public trust is incorrect. Put simply, reducing one of these values does not necessarily produce more of the other. Some surveillance authorities, for instance, are too esoteric to be particularly salient to most Americans. Others are not widely viewed as problematic from a privacy perspective. In either case, eliminating the program might inflict substantial harm to national security but produce relatively little public benefit. Conversely, reform opportunities exist that would strengthen digital privacy and public trust without materially degrading counterterrorism or other national security capabilities.

If the United States is to safeguard personal privacy and the rule of law – and it must – that means reconciling a strong and capable national security apparatus with the fundamental liberties that define the American way of life.

Finally, a focus on zero-sum tradeoffs between privacy and security deters risk-averse policymakers from seeking out and embracing a privacy-enhancing reform agenda. Leaders whose primary mission is preventing terrorist attacks are understandably reluctant to take any measures that might undermine their ability to carry out that mission – especially given that there is little to no public tolerance for failure. If reform is cast as shifting a zero-sum “balance” between privacy and security, it is not hard to see why it might be unwelcome to those who, rightly or wrongly, see their primary mission as security.

6. Signals intelligence and the powers of the NSA are not neatly severable from other issues affecting domestic and international data privacy. This project began with a relatively tight focus on issues related to the intelligence community’s signals-intelligence practices and the legal and institutional mechanisms for overseeing them. The authors quickly realized, however, that this was an artificial and ill-advised limitation. Complex issues like the details of Section 702 or the minimization procedures approved by the FISA Court, while important, are not well understood by the public. The debates over iPhone encryption and whether the government needs a warrant to read Americans’ email, by contrast, are far more visible and comprehensible to average Americans. Over the course of a year-long series of conversations and interviews, it became clear that issues that experts would consider only loosely related to signals intelligence can directly influence Americans’ willingness to entrust the government with powerful capabilities to collect, monitor, and analyze communications and user data. As one expert noted, the public does not draw a bright line between signals intelligence and other issues affecting data privacy. This has two important implications for policymaking on surveillance and data-privacy issues. First, policymakers must account for how a decision they take in one area will reverberate in other areas. Second, a pragmatic agenda for surveillance policy should not artificially exclude other data-privacy issues that are highly salient to the public and where constructive reform is possible. The next section describes several trust deficits opened by the Snowden revelations and the real-world problems they have created or exacerbated. Part III discusses the significant reforms already undertaken by the Obama administration and Congress since 2013. Finally, Part IV sets forth a pragmatic surveillance-reform agenda for the next administration.