Feeds

US govt watchdog slams NSA snooping as illegal, useless against terrorism

But panel split on its findings, fears public will hate spies if another 9/11 happens

Secure remote control for conventional and virtual desktops

The Privacy and Civil Liberties Oversight Board, a federal panel set up to advise the US government on policy, has published report concluding that the bulk collection of data on US citizens by the NSA is illegal and ineffective at stopping terrorism.

"Based on the information provided to the board, including classified briefings and documentation, we have not identified a single instance involving a threat to the United States in which the program made a concrete difference in the outcome of a counterterrorism investigation," the report [PDF] stated.

The 238-page study found that the NSA's policy of collecting vast amounts of metadata using Section 215 of the Patriot Act was illegal, and raised serious concerns with regard to breaking the First and Fourth Amendments – covering freedom of speech and unlawful search and seizure of evidence.

The dossier states that this particular bulk data collection program started in 2001 shortly after the September 11 attacks, and was cleared by the Bush administration in 2006 under the terms of the Patriot Act. The authors conclude Section 215 data collection was a "subversion" of the law and was used to "shoehorn a pre-existing surveillance program into the text of a statute," noting that it also violated the Electronic Communications Privacy Act.

As a result the board recommends the practice should be stopped immediately, a view not shared by President Obama based on his speech on the matter last Friday, and that any data stored by the NSA should be deleted after three years, not five.

Other recommendations in the board's report do dovetail very nicely with Obama's own plans, such as having public representation in the Foreign Intelligence Surveillance Court – the NSA's secret oversight court. The panel also backed the President's promise to reduce the scope of surveillance dragnets on targets: rather than snoop on up to three "hops" of the target's contacts, as is the case today, two hops should be monitored instead. As an example, if you're on the NSA watch list and you email your brother, who calls his girlfriend, who texts her mother – the mother is the third hop.

The report's authors were split on their views, however. Rachel Brand, who served as assistant attorney general for legal policy at the US Department of Justice (DoJ) between 2005 and 2007, said wrote in a dissenting opinion that the bulk data collections were legal and warned that if there was another major terrorist attack "the public will engage in recriminations against the intelligence community for failure to prevent it."

Co-author Elisebeth Collins Cook also disagreed with some of the report's conclusions on the legality of Section 215 data sweeps, saying that the terms of use should be modified, but that collection should continue. Collins Cook, who served as assistant attorney general for legal policy at the DoJ from 2008 to 2012, also questioned [PDF] the conclusions on the data slurping's effectiveness against terrorism.

The five-person Privacy and Civil Liberties Oversight Board was set up in 2006 on the recommendation of the 9/11 Commission Report to provide advice on the use of surveillance in anti-terrorism investigations. It has limited legal weight, but the conclusions have already drawn political comment.

Representative Mike Rogers (R-MI), who as chairman of the House Intelligence Committee is supposed to oversee the activities of the NSA, was sharply critical of the report's findings. In a statement to Fox News Rogers said the legality of the Section 215 interpretation had been confirmed multiple times in federal courts.

"I am disappointed that three members of the board decided to step well beyond their policy and oversight role and conducted a legal review of a program that has been thoroughly reviewed," he said.

Ex-NSA techie turned whistleblower Edward Snowden may have some views of his own to express when he holds a Q&A at 1200 PT, 2000 UTC, 1500 EST today. ®

Beginner's guide to SSL certificates

More from The Register

next story
Facebook pays INFINITELY MORE UK corp tax than in 2012
Thanks for the £3k, Zuck. Doh! you're IN CREDIT. Guess not
Facebook, Apple: LADIES! Why not FREEZE your EGGS? It's on the company!
No biological clockwatching when you work in Silicon Valley
Happiness economics is bollocks. Oh, UK.gov just adopted it? Er ...
Opportunity doesn't knock; it costs us instead
Sysadmin with EBOLA? Gartner's issued advice to debug your biz
Start hoarding cleaning supplies, analyst firm says, and assume your team will scatter
YARR! Pirates walk the plank: DMCA magnets sink in Google results
Spaffing copyrighted stuff over the web? No search ranking for you
Microsoft EU warns: If you have ties to the US, Feds can get your data
European corps can't afford to get complacent while American Big Biz battles Uncle Sam
Don't bother telling people if you lose their data, say Euro bods
You read that right – with the proviso that it's encrypted
prev story

Whitepapers

Cloud and hybrid-cloud data protection for VMware
Learn how quick and easy it is to configure backups and perform restores for VMware environments.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Three 1TB solid state scorchers up for grabs
Big SSDs can be expensive but think big and think free because you could be the lucky winner of one of three 1TB Samsung SSD 840 EVO drives that we’re giving away worth over £300 apiece.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.