How Congress Secretly Just Legitimized Questionable NSA Mass Surveillance Tool

from the just-slipped-it-right-in dept

Backers of the section argue it would actually limit to five years the amount of time communications data could be kept at intelligence agencies, certain exceptions permitting. But it is generally acknowledged that such data is already rarely kept beyond five years, which Amash characterized as a trade-off that "provides a novel statutory basis for the executive branch's capture and use of Americans' private communications."



"The provisions in the intel authorization appear to be an attempt by Congress to place statutory restrictions on the retention of information collected under Executive Order 12333, which is not subject to court oversight, has not been authorized by Congress, and raises serious privacy concerns," said Neema Guliani, legislative counsel with the American Civil Liberties Union. "However, these restrictions are far from adequate, contain enormous loopholes, and notably completely exclude the information of non-U.S. persons."

"If this hadn't been snuck in, I doubt it would have passed," said Rep. Zoe Lofgren, a California Democrat who voted against the bill. "A lot of members were not even aware that this new provision had been inserted last-minute. Had we been given an additional day, we may have stopped it."

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community. Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis. While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

We recently noted that, despite it passing overwhelmingly , Congress quietly deleted a key bit of NSA reform that would have blocked the agency from using backdoors for surveillance. But this week something even more nefarious happened, and it likely would have gone almost entirely unnoticed if Rep. Justin Amash's staffers hadn't caught the details of a new provision quietly slipped into the Intelligence Authorization Act , which effectively "legitimized" the way the NSA conducts most of its mass surveillance.For a while now, we've discussed executive order 12333 , signed by President Ronald Reagan, which more or less gives the NSA unchecked authority to tap into any computer system not in the US. Over the summer, a former State Department official, John Napier Tye, basically blew the whistle on 12333 by noting that everyone focused on other NSA programs were missing the point. The NSA's surveillance is almost entirely done under this authority , which has no Congressional oversight. All those other programs we've been arguing about -- Section 215 of the Patriot Act or Section 702 of the FISA Amendments Act -- are really nothing more than ways to backfill the data the NSA has been unable to access under 12333. In other words, these other programs are the distraction. 12333 is the ballgame, and it has no Congressional oversight at all. It's just a Presidential executive order.Yet, what Amash and his staffers found is that a last minute change by the Senate Intelligence Committee to the bill effectively incorporated key parts of EO 12333 into law , allowing for "the acquisition, retention, and dissemination" of "nonpublic communications." Here's where those who slipped this bit into the law got sneaky. Recognizing that they might be called on it, they put it in with language noting that such information could only be held on to for five years -- and then claimed what they were really doing wason data already collected:This seems particularly nefarious. In trying to claim that they're putting a limit on this activity (that's already happening) they can claim that they're not really expanding the power of the NSA and the surveillance state. But, by putting it, rather than just having it in an executive order, they're effectively legitimatizing the practice, and making itto roll back.And they did it all quietly without any debate.That's massively troubling. Inserting such a major powerat the very least deserves (and should require) a full and fairdebate about the issue and whether or not it is truly needed. Doing it in secret, at the last minute, with no public acknowledgement or discussion, and then pretending it's about "limits" rather than legitimizing what's in EO 12333 is really, really nefarious.Unfortunately, even with Rep. Amash raising the alarm about it, the bill easily passed 325 to 100, without most in Congress probably having any idea about this issue and what it meant. Rep. Zoe Lofgren claimed that if Congress fully understood the provision, it almost certainly wouldn't have passed:This is the kind of crap that the intelligence community, and it's why there's so much that's troubling in the way they play the legislative game. Not only do they write the legislative language in sneaky ways that they can carefully interpret themselves -- they then get "friends" in Congress to quietly insert the language when no one's looking. By putting it in bills that have to pass, these things get put into the law and aren't at all easy to remove.

Filed Under: 12333, congress, eo 12333, executive order 12333, intelligence authorization act, justin amash, nsa, surveillance, zoe lofgren