Late last night, the NY Times broke a very troubling story. Rather than finally putting an end to Executive Order 12333, it appears that President Obama is going to expand the power of it in dangerous ways. We’ve written about EO 12333 a bunch of times, but for those of you unfamiliar with it, it’s an executive order signed by President Reagan that basically gave the NSA pretty free rein to collect signals intelligence outside of the US. Because it’s not (technically) about domestic surveillance, what the NSA does under EO 12333 is not subject to Congressional oversight. That is, Congress is mostly as much in the dark as everyone else is on what the NSA is doing overseas. And, as former State Department official John Napier Tye revealed a couple of years ago, for all the talk of domestic surveillance programs revealed by Ed Snowden, the NSA’s real power comes almost entirely from 12333.
And it has no limitations. Napier noted that the other programs — things like Section 215 (now morphed into whatever the USA FREEDOM Act allows) and Section 702 — were merely used to “fill in the gaps” not covered by 12333.
And it almost certainly involves both foreign and domestic intelligence. Basically, if any of your data goes outside of US boundaries, the NSA is free to capture it under 12333. Remember those stories of the NSA hacking into datacenters of companies like Google, Yahoo and Microsoft? Those datacenters were in Singapore. And the reason the target was Singapore rather than the US, was because of 12333.
Meanwhile, the NSA likes to insist that it respects the privacy of Americans thanks to its vast minimization program that is supposed to dump inappropriate data on Americans, or in stripping out private information when sharing data with other agencies.
But apparently that’s going away. Instead, the White House has plans to let the NSA share data collected under 12333 with other government agencies without any minimization. Basically, whatever the NSA collects overseas might now be freely available to the FBI or Homeland Security or the IRS or the DEA. Doesn’t that seem at least somewhat problematic? From the NY Times:
The Obama administration is on the verge of permitting the National Security Agency to share more of the private communications it intercepts with other American intelligence agencies without first applying any privacy protections to them, according to officials familiar with the deliberations.
The change would relax longstanding restrictions on access to the contents of the phone calls and email the security agency vacuums up around the world, including bulk collection of satellite transmissions, communications between foreigners as they cross network switches in the United States, and messages acquired overseas or provided by allies.
The idea is to let more experts across American intelligence gain direct access to unprocessed information, increasing the chances that they will recognize any possible nuggets of value. That also means more officials will be looking at private messages — not only foreigners’ phone calls and emails that have not yet had irrelevant personal information screened out, but also communications to, from, or about Americans that the N.S.A.’s foreign intelligence programs swept in incidentally.
This is crazy. For all the talk of the NSA having access to all of this information, and even a fair number of reports of NSA staff “abuse” of their access to data, in general, the NSA certainly has a reputation for being serious about not allowing any abuse of the data. Other agencies? Not so much. The FBI, CIA, DEA and ATF, for example, have long and colorful histories of abusing data to harass and intimidate people. Giving them much wider access to whatever the NSA slurps up overseas, and then trusting those agencies to handle “minimization” (as is the apparent plan) is downright frightening.
And despite this massive change, the public won’t get to weigh in. Instead:
Intelligence officials began working in 2009 on how the technical system and rules would work, Mr. Litt said, eventually consulting the Defense and Justice Departments. This month, the administration briefed the Privacy and Civil Liberties Oversight Board, an independent five-member watchdog panel, seeking input. Before they go into effect, they must be approved by James R. Clapper, the intelligence director; Loretta E. Lynch, the attorney general; and Ashton B. Carter, the defense secretary.
Oh sure. They just need approval from the folks who will benefit most from all of this, and no real discussion with the public who will be impacted by it. What a surprise…