Shutterstock

US Congress has voted to pass a legal amendment that will cut off funding to the NSA and CIA's "backdoor" programme and prevent the spy agency from snooping on its citizens' internet communications.

Members of Congress backing the ‪#‎ShutTheBackDoor campaign, which aims to prevent the NSA from intercepting US-made hardware to install malicious spyware, rejoiced late 19 June when the amendment to the Department of Defense Appropriations Act 2015 was passed in the House of Representatives, by a vote of 293-123.


In May this year, the Guardian reported how spy tools were being implanted in US routers then sold internationally and Der Spiegel revealed that computers, hard drives and more, made by the likes of Cisco, Dell, Samsung, and Huawei, were being tampered with.

By no means does this vote mean the work will not continue. Last year Der Spiegel reported of the existence of a spy tool catalogue, which included gadgets costing up to $250,000 (£146,000) ready to be installed in systems. However, some of the tools were free, or cost as little as $30 (£17.60). Hackers are already attempting to reverse engineer those tools though, which should make it easier to start defending against them. The new amendment to the Defense Act, initially proposed by Republican Thomas Massie and Democrat Zoe Lofgren in a rare show of unity between the two parties, should make it harder for the NSA to develop new tools, though.

Read next Why the NHS Covid-19 contact tracing app failed Why the NHS Covid-19 contact tracing app failed

The second part of the amendment relates to a loophole that allows the government to spy on its own citizens. It will prevent the NSA from using government funds to collect and search the communications of citizens without a warrant, under section 702 of the Foreign Intelligence Surveillance Act. The NSA has been using this law to conduct warrantless searches of mass data, despite it being designed for intercepting foreign communications -- in much the same way GCHQ uses legal loopholes to spy on any "external". Because of this the UK agency says it has free reign to trawl through its citizens data, with one restriction -- it cannot search for individual names and addresses of UK citizens in that data. In the US though, the NSA has been carrying out such searches without a warrant.

Again, the amendment doesn't exactly outlaw doing these things.

It is outlawing the use of funds under the Defense budget to be redirected for these uses.


A group including Google and a host of civil liberties groups penned an open letter to the House of Representative before the vote, urging: "Both of these measures would make appreciable changes that would advance government surveillance reform and help rebuild lost trust among internet users and businesses, while also preserving national security and intelligence authorities."

This week's amendment comes off the back of a number of promising moves in the US. Earlier in the week the Eleventh Circuit Court of Appeals found that tracking a person's movements using data from their smartphone, collected without a warrant, was unconstitutional. And in May, the House of Representatives passed a surveillance reform bill by a massive 303 votes to 121 that stands to outlaw the bulk collection of US telephone metadata.

Of course, most of these moves are designed to protect US citizens from unjustified and warrantless government probing. But the knock-on effect may be that close partner GCHQ is forced to concede similar changes in wake of the news. After all, both agencies' policies appear to mirror image the others' when it comes to unlawful surveillance of their own citizens, supported by loopholes and some very special interpretations of the law. Preventing the manipulation of US-made computer hardware shipped abroad, however, will of course directly benefit the rest of us already.