Feeds

Wiretapping, FISA, and the NSA

I always feel like somebody's watching me..

Internet Security Threat Report 2014

Alas, the court also noted that this opinion applied only to wiretaps of domestic groups unaffiliated with foreign entities. The government later tried to use this "foreign" exception to the restrictions to national security wiretaps to wiretap conversations of a Daniel Ellsberg with his lawyer, because the tap was on the phone of a non-US citizen, even though, according to Justice Douglas, "the intercepted conversations ... had nothing to do with respect to activities of foreign powers or their agents". Again, the government tried to assert additional authority for non-court ordered wiretapping.

Why not FISA for the NSA?

If these taps truly were aimed narrowly at "bad persons talking to bad persons" why couldn't the NSA get a FISA warrant? The President and Attorney General have both opined that it would be impossible to do so because of the "need for speed," despite the fact that FISA allows warrants to be issued after the fact. In addition, the President has stated that FISA was designed for "extended" surveillance - presumably implying that the wiretaps and email surveillances at issue were for a brief period of time. The administration has also asserted that they couldn't ask Congress to amend FISA because that would have alerted our enemies to the fact that we were intercepting communications.

Now anyone who has worked in a bureaucracy knows how hard it is to get anything done. Indeed, to get a FISA tap, the NSA agent monitoring traffic in the field (whether that is in Afghanistan, at an ISP, or in Fort Meade, Maryland) would likely have to get the approval of several levels of supervisors, and then lawyers for the NSA would get involved. Then the NSA would have to involve the Department of Justice's Office of Intelligence Policy and Review, and the Office of the Attorney General to review and analyze the FISA order, establish appropriate minimization procedures, and present the case for review by the FISA court. Finally, the FISA court would be convened and review, modify or approve the request for a wiretap. The wheels of justice grind exceedingly slow.

I can't imagine, however, that the non-FISA "presidential authority" wiretaps would be much faster. NSA agents and supervisors, NSA counsel and the Department of Justice would all have to be involved in approving the wiretaps, and they would then have to be reviewed by the White House, and ultimately approved by the President himself. This may turn out to be a case where the need for "speed" is really a euphemism for the need to assert Presidential authority over the courts.

So what is likely to happen? Already one member of the FISA court has resigned in protest, and Congress is likely to hold hearings not only on the specifics of the NSA wiretaps but also on whether FISA needs to be reformed in light of the government's needs. If the President's authority is, as he asserts, plenary during a time of war, then laws like the USA-PATRIOT Act would be unnecessary, and would in fact limit the President's plenary powers. One thing is certain. The "war on terrorism" is a fundamentally different kind of war than, say the Civil War or World War II, new threats, new laws and new technology make for interesting times.

Copyright © 2006, SecurityFocus

Mark D. Rasch, J.D., is a former head of the Justice Department's computer crime unit, and now serves as Senior Vice President and Chief Security Counsel at Solutionary Inc.

Internet Security Threat Report 2014

More from The Register

next story
Musicians sue UK.gov over 'zero pay' copyright fix
Everyone else in Europe compensates us - why can't you?
I'll be back (and forward): Hollywood's time travel tribulations
Quick, call the Time Cops to sort out this paradox!
Megaupload overlord Kim Dotcom: The US HAS RADICALISED ME!
Now my lawyers have bailed 'cos I'm 'OFFICIALLY' BROKE
MI6 oversight report on Lee Rigby murder: US web giants offer 'safe haven for TERRORISM'
PM urged to 'prioritise issue' after Facebook hindsight find
BT said to have pulled patent-infringing boxes from DSL network
Take your license demand and stick it in your ASSIA
Right to be forgotten should apply to Google.com too: EU
And hey - no need to tell the website you've de-listed. That'll make it easier ...
prev story

Whitepapers

Driving business with continuous operational intelligence
Introducing an innovative approach offered by ExtraHop for producing continuous operational intelligence.
Why CIOs should rethink endpoint data protection in the age of mobility
Assessing trends in data protection, specifically with respect to mobile devices, BYOD, and remote employees.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Protecting against web application threats using SSL
SSL encryption can protect server‐to‐server communications, client devices, cloud resources, and other endpoints in order to help prevent the risk of data loss and losing customer trust.