Feeds

Obama administration defends mass call-data slurping

It's either that or the terrorists win, apparently

Top three mobile application threats

A senior White House official has said that the US National Security Agency is perfectly correct to be downloading the mobile metadata every US caller, and politicians on both sides of the political divide have rallied to defend the practice.

The NSA's policy – revealed on Wednesday in a leaked court order that the anonymous (no, not that Anonymous) source declined to confirm was real – was described as "a critical tool in protecting the nation from terrorist threats to the United States."

"It allows counter-terrorism personnel to discover whether known or suspected terrorists have been in contact with other persons who may be engaged in terrorist activities," the source said, "particularly people located inside the United States."

Verizon's general counsel Randy Milch said his company "continually takes steps to safeguard customer privacy," but that it must comply with government regulations. In a blog post he pointed out that the leaked document shows the order forbids it to discuss the issue and safeguards the content of messages.

It's this or terror

In a bipartisan press conference held in Washington on Thursday, politicians were quick to reassure their constituents that this was all a lot of fuss over nothing – this had been going on for years and is all perfectly legal.

The actions of the NSA were "lawful," said Senator Dianne Feinstein (D-CA), chair of the Senate Select Committee on Intelligence, the Washington Post reports. She said the leaked court order appears to be "the exact three-month renewal" of a seven-year operation.

Senators Dianne Feinstein (D-CA) and Saxby Chambliss (R-GA)

Senators Dianne Feinstein and Saxby Chambliss reassure voters that it's all legal and above board.
(credit: Alex Wong/Getty Images)

"There have been approximately 100 plots and also arrests made since 2009 by the FBI," Feinstein said. "I do not know to what extent metadata was used or if it was used, but I do know this: That terrorists will come after us if they can, and the only thing we have to deter this is good intelligence."

The House Intelligence Committee Chairman Mike Rogers (R-MI) said the data slurping was "valuable," and that the NSA had used the information "in the last few years" to foil a terrorist attack on US soil. He is "working on trying to get this declassified in a way that we can provide more information. We're not there yet."

Fellow Republican on the Intelligence Committee Saxby Chambliss (R-GA) said that the data collected has "proved meritorious, because we have gathered significant information on bad guys, but only on bad guys, over the years. This is nothing particularly new. ... Every member of the United States Senate has been advised of this."

However, all concerned at the press conference declined to confirm if this seemingly-popular program was extended to other mobile carriers and ISPs as well. Occam's Razor suggests it must be, otherwise they'd be proclaiming this as a one-off case.

House Speaker John Boehner (R-OH) said that he wasn't familiar with what his Senate colleagues were up to, and declined to criticize the NSA program directly, saying he was confident in the oversight provided by Congress, but called on Obama to explain the policy.

Patriot privileges

The legality of the NSA actions is provided by Section 215 of the Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act (USA PATRIOT Act). The 363-page document was introduced on October 21 2001 and enacted into law three days later.

This allows such monitoring while not allowing the content of communications to be monitored in the same way – that kind of spying currently needs a court order. But this hasn't impressed privacy advocates.

"If the government can get phone numbers of two parties, unique identifiers like IMSI and IMEI, trunk identifiers, and time and duration of call, all listed within the court order, then the Obama administration's justification of 'We don't access content' does not matter," said Mike Rispoli, spokesman for Privacy International.

"When analysed and processes, communications metadata allow for the creation of a profile of an individuals private life," Rispoli said. "This information is just as sensitive, if not more so, as the content of our communications."

A few fellow politicians agree with that viewpoint. Retired VP Al Gore took to Twitter to declare that such blanket surveillance was "obscenely outrageous," and Senator Mark Udall (D-CO), who has frequently warned about the overuse of Section 215, said the president must explain himself.

"I share your concerns and am strongly urging the White House to be transparent with the American people," Udall said. "We need to know more about how the president and his administration interpret their surveillance authorities."

And one of the original authors of the USA PATRIOT Act agrees. Congressman Jim Sensenbrenner (R-WI) issued a public statement saying that he had written to the Attorney General Eric Holder to protest in the strongest possible terms about the current use to which the legislation is being used.

"The Bureau's broad application for phone records was made under the so-called business records provision of the Act," Sensenbrenner said. "I do not believe the broadly drafted FISA order is consistent with the requirements of the Patriot Act. Seizing phone records of millions of innocent people is excessive and un-American." ®

SANS - Survey on application security programs

More from The Register

next story
Did a date calculation bug just cost hard-up Co-op Bank £110m?
And just when Brit banking org needs £400m to stay afloat
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Lavabit loses contempt of court appeal over protecting Snowden, customers
Judges rule complaints about government power are too little, too late
MtGox chief Karpelès refuses to come to US for g-men's grilling
Bitcoin baron says he needs another lawyer for FinCEN chat
Don't let no-hire pact suit witnesses call Steve Jobs a bullyboy, plead Apple and Google
'Irrelevant' character evidence should be excluded – lawyers
EFF: Feds plan to put 52 MILLION FACES into recognition database
System would identify faces as part of biometrics collection
Whoever you vote for, Google gets in
Report uncovers giant octopus squid of lobbying influence
Putin tells Snowden: Russia conducts no US-style mass surveillance
Gov't is too broke for that, Russian prez says
Ex-Tony Blair adviser is new top boss at UK spy-hive GCHQ
Robert Hannigan to replace Sir Iain Lobban in the autumn
Alphadex fires back at British Gas with overcharging allegation
Brit colo outfit says it paid for 347KVA, has been charged for 1940KVA
prev story

Whitepapers

Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.