More like this

Business

Arrow

Government

NSA lays out its reforms post-Snowden (they can fit on back of a stamp)

Meanwhile, agency private chief describes her job as 'crazy'

The NSA has published its first "report" on signals intelligence "reform" in the US. If you were hoping for sweeping changes in the wake of Ed Snowden's whistleblowing, you're in for disappointment.

The factsheet, covering the year to date, was written up after some prodding and tutting by President Obama in January 2014.

It shows some minor tweaks in how Uncle Sam's agencies collect and processes information on people's everyday lives. We're told mass surveillance is still allowed:

  1. To counter espionage and other threats and activities of foreign powers or intelligence services against the US and its interests;
  2. To counterterrorism;
  3. For counter-proliferation;
  4. For cybersecurity;
  5. To detect and counter threats to US or allied armed forces or other US or allied personnel;
  6. And to combat transnational criminal threats, including illicit finance and sanctions evasion.

Information obtained en masse from emails, phone calls, internet snooping, and so on, by spies using Section 702 of the Foreign Intelligence Surveillance Act (FISA) will now be more closely scrutinized rather than slung into a bottomless bit well: any material deemed to not be of national importance will be deleted as soon as it is found, it's claimed.

Data which could be useful will be kept for five years before deletion, unless it's stuff the NSA really wants to keep for national security purposes – in which case, it's indefinite.

The rules on whistleblowing have also been amended to allow staff to report illegal activity by their peers without fear of professional sanction. If, like Edward Snowden, you're a contractor, there are still no legal protections for whistleblowing, and you can expect to be prosecuted if you speak out.

The use of secret National Security Letters by the FBI and others has been changed, the NSA notes. These letters allow investigators to trawl through corporate databases but deny the businesses concerned the right to tell anyone about it. These gagging orders will now expire after three years.

The NSA report states:

In his January 17, 2014 remarks, the President directed the Attorney General “to amend how we use National Security Letters so that [their] secrecy will not be indefinite, and will terminate within a fixed time unless the government demonstrates a real need for further secrecy.”

In response to the President’s new direction, the FBI will now presumptively terminate National Security Letter nondisclosure orders at the earlier of three years after the opening of a fully predicated investigation or the investigation’s close.

The NSA also committed itself to being more open about what it does, and will issue annual transparency reports from now on. ®

Bootnote

On Tuesday Rebecca Richards, NSA’s director of privacy and civil liberties, appeared on the Cyberlaw podcast to describe her "crazy job."

She said that her first year on the job had been an unusual one, although adding that NSA eavesdroppers are aware of the concept of privacy – there's even a mission statement in the NSA HQ foyer reminding analysts how important privacy is.

When pressed, she said her agency was trying to ensure there are "no secret legal interpretations," and how the agency shouldn't rely on "cute legal interpretations" to extend its reach over the planet's inhabitants. ®

Sponsored: 2016 Cyberthreat defense report