Group items tagged

The 29-year-old former NSA contractor and source of the Guardian's NSA files coverage will – with the help of Glenn Greenwald – take your questions today on why he revealed the NSA's top-secret surveillance of US citizens, the international storm that has ensued, and the uncertain future he now faces. Ask him anything.

I did not reveal any US operations against legitimate military targets. I pointed out where the NSA has hacked civilian infrastructure such as universities, hospitals, and private businesses because it is dangerous. These nakedly, aggressively criminal acts are wrong no matter the target. Not only that, when NSA makes a technical mistake during an exploitation operation, critical systems crash. Congress hasn't declared war on the countries - the majority of them are our allies - but without asking for public permission, NSA is running network operations against them that affect millions of innocent people. And for what? So we can have secret access to a computer in a country we're not even fighting? So we can potentially reveal a potential terrorist with the potential to kill fewer Americans than our own Police? No, the public needs to know the kinds of things a government does in its name, or the "consent of the governed" is meaningless.

I was debriefed by Glenn and his peers over a number of days, and not all of those conversations were recorded. The statement I made about earnings was that $200,000 was my "career high" salary. I had to take pay cuts in the course of pursuing specific work. Booz was not the most I've been paid.

"U.S. Magistrate Judge Stephen Smith estimates in a new paper (PDF) that 30,000 secret surveillance orders are approved each year in U.S. courts. 'Though such orders have judicial oversight, few emerge from any sort of adversarial proceeding and many are never unsealed at all.' Smith writes, 'To put this figure in context, magistrate judges in one year generated a volume of secret electronic surveillance cases more than thirty times the annual number of FISA cases; in fact, this volume of ECPA cases is greater than the combined yearly total of all antitrust, employment discrimination, environmental, copyright, patent, trademark, and securities cases filed in federal court.' He also adds a warning: 'Lack of transparency in judicial proceedings has long been recognized as a threat to the rule of law and roundly condemned in ringing phrases by many Supreme Court opinions.'"

A House Democrat said information revealed about the National Security Agency's secret surveillance programs are "the tip of the iceberg," Daniel Strauss of The Hill reports. "I think it's just broader than most people even realize, and I think that's, in one way, what astounded most of us, too," Rep. Loretta Sanchez (D-Calif.) told C-SPAN's "Washington Journal" after a classified briefing with national security officials. Rep. Joe Barton (R-Texas), who also attended the meeting, said that the NSA "violated the spirit of the law when it started collecting data from everyone in the country just because technology now makes that possible.” Barton added that "in America ... You don’t target everyone and violate their 4th Amendment rights just because of a handful of threats. But that is exactly what is happening at the NSA ... it is wrong and it needs to stop now.” More from Sanchez: "I don't know if there are other leaks, if there's more information somewhere, if somebody else is going to step up, but I will tell you that I believe it's the tip of the iceberg."

A House Democrat said information revealed about the National Security Agency's secret surveillance programs are "the tip of the iceberg," Daniel Strauss of The Hill reports. "I think it's just broader than most people even realize, and I think that's, in one way, what astounded most of us, too," Rep. Loretta Sanchez (D-Calif.) told C-SPAN's "Washington Journal" after a classified briefing with national security officials. Rep. Joe Barton (R-Texas), who also attended the meeting, said that the NSA "violated the spirit of the law when it started collecting data from everyone in the country just because technology now makes that possible.” Barton added that "in America ... You don’t target everyone and violate their 4th Amendment rights just because of a handful of threats. But that is exactly what is happening at the NSA ... it is wrong and it needs to stop now.”

Glenn Greenwald of the Guardian, who has served as a conduit for Snowden's leaks, recently said that there will me many more "significant revelations that have not yet been heard." Greenwald told The New York Times that he received “thousands” of classified documents — “dozens” of which are newsworthy — from the the 29-year-old ex-Booz Allen employee who was contracted by the NSA. Sanchez said that what lawmakers learned "is significantly more than what is out in the media today," which is interesting when considering previous reports by journalists and whistleblowers.

The Director of National Intelligence yesterday declassified and released hundreds of pages of records concerning collection under the Foreign Intelligence Surveillance Act, illuminating the origins of bulk collection of email metadata, as well as interactions with the FISA Court and Congress.

By themselves, the latest disclosures (provided in response to FOIA litigation brought by ACLU and EFF) are unlikely to resolve ongoing disputes about NSA intelligence gathering. The legitimacy of bulk collection of email and telephone metadata may ultimately be more of a value judgment rather than a factual or legal one. At a minimum, perhaps the new documents will provide a more substantial basis for informed debate. But there is disagreement even about that. “Some would like to believe these disclosures have started a debate about the propriety and efficacy of NSA surveillance programs but, in fact, to a substantial degree, recent unauthorized disclosures have ended the debate because, once disclosed, the programs at issue become substantially less effective,” according to a November 12 report from the Senate Intelligence Committee. “The nation will suffer as a result.”

The Public Interest Declassification Board will hold an open meeting at the National Archives on Thursday, November 21. The Board proposes to focus on prioritizing topics and events for declassification. The intended emphasis is on declassification of historical records, but it need not be limited to that. Although willful abuse of classification authority is not unheard of, there seems to be no case in which it has ever been penalized. “I am extremely concerned that the integrity of the classification system continues to be severely undermined by the complete absence of accountability in instances such as this clear abuse of classification authority,” wrote J. William Leonard, the former director of the Information Security Oversight Office, in an October 18 letter. He was responding to the controversial classification of evidence concerning the defilement of human remains in Afghanistan.  See Marine Corps fight escalates over handling of case involving troops urinating on corpses, Washington Post, November 15;  and Marine Corps Commandant Accused of Improper Classification, Secrecy News, July 30.

A new study published by the Center for Internet and Society (CIS) at Stanford Law School suggests that the methods the NSA uses to determine reasonable and articulable suspicion (RAS) of terrorist activity may authorize the agency to examine the call records of more American citizens than previously believed.

Defenders of the NSA's program always point to two things: it's all legal and it's all subject to oversight. Part of the "oversight" is the FISA "thumbs up" system that has approved every request for two years in a row. The other part of the "oversight" is Congress itself. Unfortunately, members of Congress have been lied to directly about the extent of the collections occurring under Section 215 (and 702), so that's one strike against the "oversight." Now, it appears that members of Congress are being selectively provided with information about the programs.

President Barack Obama has conceded that mass collection of private data by the US government may be unnecessary and said there were different ways of “skinning the cat”, which could allow intelligence agencies to keep the country safe without compromising privacy. In an apparent endorsement of a recommendation by a review panel to shift responsibility for the bulk collection of telephone records away from the National Security Agency and on to the phone companies, the president said change was necessary to restore public confidence. “In light of the disclosures, it is clear that whatever benefits the configuration of this particular programme may have, may be outweighed by the concerns that people have on its potential abuse,” Obama told an end-of-year White House press conference. “If it that’s the case, there may be a better way of skinning the cat.”

Though insisting he will not make a final decision until January, this is the furthest the president has gone in backing calls to dismantle the programme to collect telephone data, a practice the NSA claims has legal foundation under section 215 of the Patriot Act. This week, a federal judge said the program “very likely” violates the US constitution. “There are ways we can do this potentially that give people greater assurance that there are checks and balances, sufficient oversight and transparency,” Obama added. “Programmes like 215 could be redesigned in ways that give you the same information when you need it without creating these potentials for abuse. That’s exactly what we should be doing: to evaluate things in a very clear specific way and moving forward on changes. And that’s what I intend to do.”

The president would not comment on a suggestion last weekend by Richard Ledgett, the NSA official investigating the Snowden leaks, that an amnesty might be appropriate in exchange for the return of the data Snowden took from the agency. Obama said he could not comment specifically because Snowden was “under indictment”, something not previously disclosed. While the Justice Department filed a criminal complaint against Snowden on espionage-related charges in June, there has been no public subsequent indictment, although it is possible one exists under gag order. The Justice Department referred comment on a Snowden indictment to the White House. Caitlin Hayden, the chief spokeswoman for the White House National Security Council, clarified that Obama was referring to the criminal complaint against Snowden. It remains unclear if there is an indictment under seal. 

The National Security Agency created a "secret backdoor" so its massive databases could be searched for the contents of U.S. citizens' confidential phone calls and e-mail messages without a warrant, according to the latest classified documents leaked by Edward Snowden. A report in the Guardian on Friday quoted Sen. Ron Wyden, an Oregon Democrat who serves on the Senate Intelligence Committee, as saying the secret rule offers a loophole allowing "warrantless searches for the phone calls or emails of law-abiding Americans." That appears to confirm what Rep. Jerrold Nadler, a New York Democrat, said in June after receiving a classified briefing from administration officials a few days earlier on the extent of the NSA's domestic surveillance operations. If the NSA wants "to listen to the phone," an analyst's decision is sufficient, without any other legal authorization required, Nadler said he had been told during the briefing. "I was rather startled," said Nadler, an attorney who serves on the House Judiciary Committee.

FBI Director Robert Mueller responded by assuring Nadler, according to a transcript of the hearing, that to "listen to the phone," the government would need "a particularized order" from the Foreign Intelligence Surveillance Court -- a claim that is contradicted by today's Guardian report and other documents. Mueller has been succeeded by James Comey, who was confirmed last month by the Senate. In response to a CNET article at the time, Director of National Intelligence James Clapper released a statement saying: "The statement that a single analyst can eavesdrop on domestic communications without proper legal authorization is incorrect and was not briefed to Congress." Clapper never elaborated, however, on what "proper" authorization would be. Today's top-secret document leaked by Snowden reveals that "procedures approved on 3 October 2011 now allow for use of certain United States person names and identifiers as query terms when reviewing collected FAA 702 data."

FAA 702 is a reference to section 702 of a 2008 law that amended the Foreign Intelligence Surveillance Act. Those amendments created a warrantless surveillance process that could be employed by NSA analysts, but Congress never intended it to be used domestically against American citizens: A congressional report accompanying the law claimed it allows electronic surveillance only of "persons located outside the United States in order to acquire foreign intelligence information." In reality, though, the Obama Justice Department has devised secret interpretations of FAA 702 carving out loopholes in what were intended to be strict privacy safeguards. One loophole revealed in June shows that NSA, CIA, and FBI analysts are granted broad access to data vacuumed up by the world's most powerful intelligence agency -- but are supposed to follow certain "targeting" and "minimization" procedures to limit the number of Americans who become individual targets of warrantless surveillance.

The United Nations’ top official for counter-terrorism and human rights (known as the “Special Rapporteur”) issued a formal report to the U.N. General Assembly today that condemns mass electronic surveillance as a clear violation of core privacy rights guaranteed by multiple treaties and conventions. “The hard truth is that the use of mass surveillance technology effectively does away with the right to privacy of communications on the Internet altogether,” the report concluded. Central to the Rapporteur’s findings is the distinction between “targeted surveillance” — which “depend[s] upon the existence of prior suspicion of the targeted individual or organization” — and “mass surveillance,” whereby “states with high levels of Internet penetration can [] gain access to the telephone and e-mail content of an effectively unlimited number of users and maintain an overview of Internet activity associated with particular websites.” In a system of “mass surveillance,” the report explained, “all of this is possible without any prior suspicion related to a specific individual or organization. The communications of literally every Internet user are potentially open for inspection by intelligence and law enforcement agencies in the States concerned.”

Mass surveillance thus “amounts to a systematic interference with the right to respect for the privacy of communications,” it declared. As a result, “it is incompatible with existing concepts of privacy for States to collect all communications or metadata all the time indiscriminately.” In concluding that mass surveillance impinges core privacy rights, the report was primarily focused on the International Covenant on Civil and Political Rights, a treaty enacted by the General Assembly in 1966, to which all of the members of the “Five Eyes” alliance are signatories. The U.S. ratified the treaty in 1992, albeit with various reservations that allowed for the continuation of the death penalty and which rendered its domestic law supreme. With the exception of the U.S.’s Persian Gulf allies (Saudi Arabia, UAE and Qatar), virtually every major country has signed the treaty. Article 17 of the Covenant guarantees the right of privacy, the defining protection of which, the report explained, is “that individuals have the right to share information and ideas with one another without interference by the State, secure in the knowledge that their communication will reach and be read by the intended recipients alone.”

The report’s key conclusion is that this core right is impinged by mass surveillance programs: “Bulk access technology is indiscriminately corrosive of online privacy and impinges on the very essence of the right guaranteed by article 17. In the absence of a formal derogation from States’ obligations under the Covenant, these programs pose a direct and ongoing challenge to an established norm of international law.” The report recognized that protecting citizens from terrorism attacks is a vital duty of every state, and that the right of privacy is not absolute, as it can be compromised when doing so is “necessary” to serve “compelling” purposes. It noted: “There may be a compelling counter-terrorism justification for the radical re-evaluation of Internet privacy rights that these practices necessitate. ” But the report was adamant that no such justifications have ever been demonstrated by any member state using mass surveillance: “The States engaging in mass surveillance have so far failed to provide a detailed and evidence-based public justification for its necessity, and almost no States have enacted explicit domestic legislation to authorize its use.”

U. S. Senators Ron Wyden (D-Ore.) and Mark Udall (D-Colo.), both members of the Senate Intelligence Committee, released the following statement regarding the recent disclosure by intelligence officials that the NSA operated a bulk email records collection program under the authority of the Patriot Act until 2011.  This program is distinct from the internet-related collection carried out under section 702 of the FISA Amendments Act (which involves the PRISM computer system).   “We are quite familiar with the bulk email records collection program that operated under the USA Patriot Act and has now been confirmed by senior intelligence officials.  We were very concerned about this program’s impact on Americans’ civil liberties and privacy rights, and we spent a significant portion of 2011 pressing intelligence officials to provide evidence of its effectiveness.  They were unable to do so, and the program was shut down that year.  

“As we have noted, the Patriot Act’s surveillance authorities are not limited to phone records.  In fact, section 215 of the Patriot Act can be used to collect any type of records whatsoever.  The fact that Patriot Act authorities were used for the bulk collection of email records as well as phone records underscores our concern that this authority could be used to collect other types of records in bulk as well, including information on credit card purchases, medical records, library records, firearm sales records, financial information and a range of other sensitive subjects.  These other types of collection could clearly have a significant impact on Americans’ constitutional rights.   “Intelligence officials have noted that the bulk email records program was discussed with both Congress and the Foreign Intelligence Surveillance Court.  In our judgment it is also important to note that intelligence agencies made statements to both Congress and the Court that significantly exaggerated this program’s effectiveness.  This experience demonstrates to us that intelligence agencies’ assessments of the usefulness of particular collection programs – even significant ones – are not always accurate.  This experience has also led us to be skeptical of claims about the value of the bulk phone records collection program in particular.  

“We believe that the broader lesson here is that even though intelligence officials may be well-intentioned, assertions from intelligence agencies about the value and effectiveness of particular programs should not simply be accepted at face value by policymakers or oversight bodies any more than statements about the usefulness of other government programs should be taken at face value when they are made by other government officials.  It is up to Congress, the courts and the public to ask the tough questions and press even experienced intelligence officials to back their assertions up with actual evidence, rather than simply deferring to these officials’ conclusions without challenging them.   “We look forward to continuing the debate about the effectiveness of the ongoing Patriot Act phone records collection program in the days and weeks ahead.”

Last month, at the request of the Department of Justice, the Courts approved changes to the obscure Rule 41 of the Federal Rules of Criminal Procedure, which governs search and seizure. By the nature of this obscure bureaucratic process, these rules become law unless Congress rejects the changes before December 1, 2016.Today I, along with my colleagues Senators Paul from Kentucky, Baldwin from Wisconsin, and Daines and Tester from Montana, am introducing the Stopping Mass Hacking (SMH) Act (bill, summary), a bill to protect millions of law-abiding Americans from a massive expansion of government hacking and surveillance. Join the conversation with #SMHact.

For law enforcement to conduct a remote electronic search, they generally need to plant malware in — i.e. hack — a device. These rule changes will allow the government to search millions of computers with the warrant of a single judge. To me, that’s clearly a policy change that’s outside the scope of an “administrative change,” and it is something that Congress should consider. An agency with the record of the Justice Department shouldn’t be able to wave its arms and grant itself entirely new powers.

These changes say that if law enforcement doesn’t know where an electronic device is located, a magistrate judge will now have the the authority to issue a warrant to remotely search the device, anywhere in the world. While it may be appropriate to address the issue of allowing a remote electronic search for a device at an unknown location, Congress needs to consider what protections must be in place to protect Americans’ digital security and privacy. This is a new and uncertain area of law, so there needs to be full and careful debate. The ACLU has a thorough discussion of the Fourth Amendment ramifications and the technological questions at issue with these kinds of searches.The second part of the change to Rule 41 would give a magistrate judge the authority to issue a single warrant that would authorize the search of an unlimited number — potentially thousands or millions — of devices, located anywhere in the world. These changes would dramatically expand the government’s hacking and surveillance authority. The American public should understand that these changes won’t just affect criminals: computer security experts and civil liberties advocates say the amendments would also dramatically expand the government’s ability to hack the electronic devices of law-abiding Americans if their devices were affected by a computer attack. Devices will be subject to search if their owners were victims of a botnet attack — so the government will be treating victims of hacking the same way they treat the perpetrators.

The list of those caught up in the global surveillance net cast by the National Security Agency and its overseas partners, from social media users to foreign heads of state, now includes another entry: American lawyers. A top-secret document, obtained by the former N.S.A. contractor Edward J. Snowden, shows that an American law firm was monitored while representing a foreign government in trade disputes with the United States. The disclosure offers a rare glimpse of a specific instance in which Americans were ensnared by the eavesdroppers, and is of particular interest because lawyers in the United States with clients overseas have expressed growing concern that their confidential communications could be compromised by such surveillance. Related Coverage Text: Document Describes Eavesdropping on American Law FirmFEB. 15, 2014 The government of Indonesia had retained the law firm for help in trade talks, according to the February 2013 document. It reports that the N.S.A.’s Australian counterpart, the Australian Signals Directorate, notified the agency that it was conducting surveillance of the talks, including communications between Indonesian officials and the American law firm, and offered to share the information.

The Australians told officials at an N.S.A. liaison office in Canberra, Australia, that “information covered by attorney-client privilege may be included” in the intelligence gathering, according to the document, a monthly bulletin from the Canberra office. The law firm was not identified, but Mayer Brown, a Chicago-based firm with a global practice, was then advising the Indonesian government on trade issues. On behalf of the Australians, the liaison officials asked the N.S.A. general counsel’s office for guidance about the spying. The bulletin notes only that the counsel’s office “provided clear guidance” and that the Australian agency “has been able to continue to cover the talks, providing highly useful intelligence for interested US customers.” The N.S.A. declined to answer questions about the reported surveillance, including whether information involving the American law firm was shared with United States trade officials or negotiators.

Most attorney-client conversations do not get special protections under American law from N.S.A. eavesdropping. Amid growing concerns about surveillance and hacking, the American Bar Association in 2012 revised its ethics rules to explicitly require lawyers to “make reasonable efforts” to protect confidential information from unauthorized disclosure to outsiders.Last year, the Supreme Court, in a 5-to-4 decision, rebuffed a legal challenge to a 2008 law allowing warrantless wiretapping that was brought in part by lawyers with foreign clients they believed were likely targets of N.S.A. monitoring. The lawyers contended that the law raised risks that required them to take costly measures, like traveling overseas to meet clients, to protect sensitive communications. But the Supreme Court dismissed their fears as “speculative.”The N.S.A. is prohibited from targeting Americans, including businesses, law firms and other organizations based in the United States, for surveillance without warrants, and intelligence officials have repeatedly said the N.S.A. does not use the spy services of its partners in the so-called Five Eyes alliance — Australia, Britain, Canada and New Zealand — to skirt the law.

A federal judge ruled in 2007 that the U.S.A. Patriot Act empowered the National Security Agency to collect foreigners’ emails and phone calls from domestic networks without prior judicial approval, newly declassified documents show.The documents — two rulings of the Foreign Intelligence Surveillance Court — fill in a chapter in the history of the N.S.A.’s warrantless surveillance program. They show the agency’s secret moves in the months before Congress authorized the spying by enacting the Protect America Act in August 2007.The disclosure also brought into public view a previously unknown example of how the surveillance court, which hears arguments only from the government before issuing secret rulings, sometimes accepts novel interpretations of the law to bless government requests for spying powers.

The ACLU has filed a lawsuit challenging the constitutionality of the NSA’s mass interception and searching of Americans’ international communications. At issue is the NSA's “upstream” surveillance, through which the U.S. government monitors almost all international – and many domestic – text-based communications. The ACLU’s lawsuit, filed in March 2015 in the U.S. District Court for the District of Maryland, is brought on behalf of nearly a dozen educational, legal, human rights, and media organizations that collectively engage in hundreds of billions of sensitive Internet communications and have been harmed by NSA surveillance.

The plaintiffs in the lawsuit are: Wikimedia Foundation, The National Association of Criminal Defense Lawyers, Human Rights Watch, Amnesty International USA, PEN American Center, Global Fund for Women, The Nation Magazine, The Rutherford Institute, and The Washington Office on Latin America. These plaintiffs’ sensitive communications have been copied, searched, and likely retained by the NSA. Upstream surveillance hinders the plaintiffs’ ability to ensure the basic confidentiality of their communications with crucial contacts abroad – among them journalists, colleagues, clients, victims of human rights abuses, and the tens of millions of people who read and edit Wikipedia pages. Read the complaint » Upstream surveillance, which the government claims is authorized by the FISA Amendments Act of 2008, is designed to ensnare all of Americans’ international communications, including emails, web-browsing content, and search engine queries. It is facilitated by devices installed, with the help of companies like Verizon and AT&T, directly on the internet “backbone” – the network of high-capacity cables, switches, and routers across which Internet traffic travels.

The NSA intercepts and copies private communications in bulk while they are in transit, and then searches their contents using tens of thousands of keywords associated with NSA targets. These targets, chosen by intelligence analysts, are never approved by any court, and the limitations that do exist are weak and riddled with exceptions. Under the FAA, the NSA may target any foreigner outside the United States believed likely to communicate “foreign intelligence information” – a pool of potential targets so broad that it encompasses journalists, academic researchers, corporations, aid workers, business persons, and others who are not suspected of any wrongdoing.

According to another top official also involved with the program, the NSA made an enormous breakthrough several years ago in its ability to cryptanalyze, or break, unfathomably complex encryption systems employed by not only governments around the world but also many average computer users in the US. The upshot, according to this official: “Everybody’s a target; everybody with communication is a target.

In the process—and for the first time since Watergate and the other scandals of the Nixon administration—the NSA has turned its surveillance apparatus on the US and its citizens. It has established listening posts throughout the nation to collect and sift through billions of email messages and phone calls, whether they originate within the country or overseas. It has created a supercomputer of almost unimaginable speed to look for patterns and unscramble codes. Finally, the agency has begun building a place to store all the trillions of words and thoughts and whispers captured in its electronic net. And, of course, it’s all being done in secret.

For the first time since Edward Snowden revealed some of the National Security Agency’s (NSA’s) surveillance programs last June, a congressional committee has voted to send legislation intended to curb the government’s spying power on for a full vote. On Wednesday, the House Judiciary Committee passed a version of the USA Freedom Act, considered by civil liberties advocates to be among the strongest of several competing reform bills. But what lawmakers voted unanimously to approve is a trimmed down version that is narrower in significant ways. The revision is the result of an agreement crafted by members of the Judiciary Committee— including Republican chairman Bob Goodlatte, who voted previously against an attempt to limit the NSA’s reach—in a bid to win wider support. In its compromised form the bill is more specifically focused on the phone records program and the statute that authorizes it, Section 215 of the Patriot Act. Under the amended version of the bill, the government itself would no longer be allowed to hold a database of people’s calling records, and would have to seek a judge’s order before collecting data held by the telecom companies—a change that President Obama has said he would support. The bill would also increase transparency by allowing phone companies to inform the public about the requests for data they receive.

Cut out of the amended version is a ban on unauthorized “back door” searches, the practice of mining a database of foreigners’ communications for the emails and phone calls of American citizens. Such searches are made under a different authority, Section 702 of the Foreign Intelligence Surveillance Act (FISA), which lawmakers left untouched during Wednesday’s markup. The amendment also softened reforms to the secret court that authorizes the NSA’s surveillance activities, and preserved the requirement that the government need only prove “reasonable articulable suspicion” that records sought are relevant to an open investigation—the NSA’s preferred relevancy standard.

there’s valid concern that the phone records program will turn out to be a sacrificial lamb for the administration, something given up in the hopes that Congress will wash its hands of the rest. The dragnet is not disappearing under the USA Freedom Act; metadata will still be available to the government, if not quite so freely; and a single court order will allow officials to explore phone records two “hops” away from the initial target—potentially millions of records. It’s unclear whether the bill explicitly bars intelligence agencies from collecting the contents of communications under Section 215, a provision that originally distinguished the USA Freedom Act from Rogers’s bill. Though the ban was absent in the version that passed the committee, Lofgren speculated that the omission was due to a clerical error. What’s for sure is that Congress’s ability to truly reform—and oversee— the intelligence community remains unclear.

Intelligence community whistleblowers would have been able to submit their complaints to the Privacy and Civil Liberties Oversight Board (PCLOB) under a proposed amendment to the intelligence authorization act that was offered last week by Rep. Tulsi Gabbard (D-HI). This could have been an elegant solution to the whistleblowing conundrum posed by Edward Snowden. It made little sense for Snowden to bring his concerns about bulk collection of American phone records to the congressional intelligence committees, considering that they had already secretly embraced the practice. The PCLOB, by contrast, has staked out a position as an independent critical voice on intelligence policy. (And it has an unblemished record for protecting classified information.) The Board’s January 2014 report argued cogently and at length that the Section 215 bulk collection program was likely unlawful as well as ineffective. In short, the PCLOB seemed like a perfect fit for any potential whistleblower who might have concerns about the legality or propriety of current intelligence programs from a privacy or civil liberties perspective.

But when Rep. Gabbard offered her amendment to the intelligence authorization act last week, it was not voted down– it was blocked. The House Rules Committee declared that the amendment was “out of order” and could not be brought to a vote on the House floor. Several other amendments on transparency issues met a similar fate. These included a measure proposed by Rep. Adam Schiff to require reporting on casualties resulting from targeted killing operations, a proposal to disclose intelligence spending at the individual agency level, and another to require disclosure of the number of U.S. persons whose communications had been collected under FISA, among others. In dismay at this outcome, Rep. Rush Holt (D-NJ) and I lamented the “staggering failure of oversight” in a May 30 op-ed. See The House Committee on Intelligence Needs Oversight of Its Own, MSNBC.

The House did approve an amendment offered by Rep. John Carney (D-DE) to require the Director of National Intelligence “to issue a report to Congress on how to improve the declassification process across the intelligence community.” While the DNI’s views on the subject may indeed be of interest, the amendment failed to specify the problem it intended to address (erroneous classification standards? excessive backlogs? something else?), and so it is unclear exactly what is to be improved.

The Senate passed the USA Freedom Act today by 67-32, marking the first time in over thirty years that both houses of Congress have approved a bill placing real restrictions and oversight on the National Security Agency’s surveillance powers. The weakening amendments to the legislation proposed by NSA defender Senate Majority Mitch McConnell were defeated, and we have every reason to believe that President Obama will sign USA Freedom into law. Technology users everywhere should celebrate, knowing that the NSA will be a little more hampered in its surveillance overreach, and both the NSA and the FISA court will be more transparent and accountable than it was before the USA Freedom Act. It’s no secret that we wanted more. In the wake of the damning evidence of surveillance abuses disclosed by Edward Snowden, Congress had an opportunity to champion comprehensive surveillance reform and undertake a thorough investigation, like it did with the Church Committee. Congress could have tried to completely end mass surveillance and taken numerous other steps to rein in the NSA and FBI. This bill was the result of compromise and strong leadership by Sens. Patrick Leahy and Mike Lee and Reps. Robert Goodlatte, Jim Sensenbrenner, and John Conyers. It’s not the bill EFF would have written, and in light of the Second Circuit's thoughtful opinion, we withdrew our support from the bill in an effort to spur Congress to strengthen some of its privacy protections and out of concern about language added to the bill at the behest of the intelligence community. Even so, we’re celebrating. We’re celebrating because, however small, this bill marks a day that some said could never happen—a day when the NSA saw its surveillance power reduced by Congress. And we’re hoping that this could be a turning point in the fight to rein in the NSA.

Buried amid details of “rectal rehydration” and waterboarding that dominated the headlines over last week’s Senate Intelligence Committee findings was an alarming detail: Both the committee’s summary report and its rebuttal by the CIA admit that a source whose claims were central to the July 2004 resumption of the torture program  — and, almost certainly, to authorizing the Internet dragnet collecting massive amounts of Americans’ email metadata — fabricated claims about an election year plot. Both the torture program and President Bush's warrantless wiretap program, Stellar Wind, were partly halted from March through June of 2004. That March, Assistant Attorney General Jack Goldsmith prepared to withdraw Pentagon authorization for torture, amid growing concern following the publication of pictures of detainee abuse at Iraq's Abu Ghraib, and a May 2004 CIA inspector general report criticizing a number of aspects of the Agency's interrogation program. On June 4, 2004, CIA Director George Tenet suspended the use of torture techniques.

During the same period, the DOJ lawyers who pushed to stop torture were also persuading President George W. Bush to halt aspects of Stellar Wind, a program that conducted warrantless wiretapping of Americans’ communications inside the U.S., on top of the Internet metadata. After a dramatic confrontation in the hospital room of Attorney General John Ashcroft on March 10, 2004, acting Attorney General Jim Comey and Goldsmith informed Bush there was no legal basis for parts of the program. Ultimately, Bush agreed to modify aspects of it, in part by halting the collection of Internet metadata. But even as Bush officials suspended that part of the program on March 26, they quickly set about finding legal cover for its resumption. One way they did so was by pointing to imminent threats — such as a planned election-season attack — in the United States.

The CIA in March 2004 received reporting from a source the torture report calls "Asset Y,” who said a known Al-Qaeda associate in Pakistan, Janat Gul — whom CIA at the time believed was a key facilitator — had set up a meeting between Asset Y and Al-Qaeda's finance chief, and was helping plan attacks inside the United States timed to coincide with the November 2004 elections. According to the report, CIA officers immediately expressed doubts about the veracity of the information they’d been given by Asset Y. A senior CIA officer called the report "vague" and "worthless in terms of actionable intelligence." He noted that Al Qaeda had already issued a statement “emphasizing a lack of desire to strike before the U.S. election” and suggested that since Al-Qaeda was aware that “threat reporting causes panic in Washington” and inevitably results in leaks, planting a false claim of an election season attack would be a good way for the network to test whether Asset Y was working for its enemies. Another officer, assigned to the group hunting Osama bin Laden, also expressed doubts. In its rebuttal to the Senate report, the CIA argues the agency was right to take seriously Asset Y’s reporting , in spite of those initial doubts. The CIA wrote numerous reports about the claim “even as we worked to resolve the inconsistencies.” Reports from detainee Hassan Ghul, who was captured in January 2004, supported the possibility that a cell of Al-Qaeda members in Pakistan’s tribal areas might be planning a plot of which he was unaware. And the CIA corroborated other parts of Asset Y's reporting.

On Sept. 11, 2007, the National Security Agency signed up Microsoft as its first partner for PRISM, a massive domestic surveillance program whose existence was reported by the Washington Post today. That’s barely a month after Congress passed, and President George W. Bush signed, the Protect America Act.

The Bush Administration portrayed the PAA as a technical fix designed to close a gap in America’s surveillance capabilities that had been opened by a then-recent ruling of the secretive Foreign Intelligence Surveillance Court (FISC). It proved to be much more than that. While the details are still classified, reports suggested that the FISC had ruled that it was illegal for the government to intercept communications between two foreign endpoints if the communications happened to pass through the United States. Warning that the U.S. would suddenly lose the ability to continue its surveillance of terrorists, the administration pushed the PAA through Congress in a matter of days.

In reality, the PAA represented a sweeping change to American surveillance law. Before conducting surveillance, the PAA only required executive branch officials to “certify” that there were “reasonable procedures” in place for ensuring that surveillance “concerns” persons located outside the United States and that the foreign intelligence is a “significant purpose” of the program. A single certification could cover a broad program intercepting the communications of numerous individuals. And there was no requirement for judicial review of individual surveillance targets within a “certified” program.