20 January 2014

Obama outlines NSA reforms: Data hoarding to be subject to presidential review

When President Obama announced a series of reforms to our nation’s intelligence gathering today, he was quick to claim that he had always intended to look at making changes — harkening back to a speech he gave last May. But it is impossible to believe that changes would have come as quickly, extensively, or perhaps at all without the massive leak of intelligence documents by Edward Snowden.

 Clearly the White House and the intelligence community are hoping that this is the end of the story, and that the changes they have reluctantly agreed to will stop the public uproar. That doesn’t seem likely as civil libertarians in Congress on both the right and the left have already gone on record that the reforms don’t go nearly far enough. In the meantime we can look at the new policies announced by the President.

Outline of today’s policy changes

The biggest substantive change is that intelligence agencies will need to get court permission before querying any of the metadata collected by the various bulk data collection programs. There will also be some type of non-governmental advocate as part of the FISA Court process to help represent privacy interests — this is definitely not a lawyer for the suspect, as typically they have no idea they are even targeted — it is a general advocate for making sure privacy considerations are taken into account. The bulk collection process will also be subject to annual review — reporting back to the President according to the Presidential Policy Directive (PPD-28), but to both the President and Congress according to what Obama said in his speech.

Most of the rest of the new Policy Directive reads like commonsense mixed with motherhood and apple pie. My first reaction after reading it, was “if this is reform, what were we doing before today?” In fact, I suspect most of the document reflects exactly what our policies already are — like only using covert sources when we can’t get the data from public sources, not using the data we get from spying to help our corporations get competitive advantage, etc.

There is one other substantive change, though. The personal information of foreign nationals is, for the first time, given similar protection to information about Americans. Clearly the White House has been stung by international disgust at the breadth of NSA data collection around the world. Obama definitely didn’t apologize for overseas spying and data collection, or make any claims that the US would make any major changes to how it is done, only pointing out that safeguards on use of the data are equally important.

First healthcare.gov and now they want another contractor?

While Obama has refused to summarily end bulk metadata collection, he is putting in place a plan to keep the data out of the government’s hands until specific pieces of it are needed and access is approved by a court. Until that time, has has trimmed the sails of the collection efforts a bit, by limiting the collection to “two hops” from a known subject instead of three, and requiring court involvement before the information is accessed.

Unfortunately, the data itself is quite a hot potato. If the government can’t be trusted with it, and ISPs are reluctant to play stooge by storing it on their behalf, talk has turned to keeping it somewhere else. With the healthcare.gov debacle fresh in our minds, it is a little astonishing to hear that one of the proposed solutions to keeping the government’s hands out of the bulk-data cookie jar is to store it with a “third party.” Now, if that organization is the telcos and ISPs, and they have the data anyway, then that seems pretty sane. But there has been mention of some other group or organization holding the data. I can only imagine how that contracting process would work and how we would then insure the security of the data and prevent that organization from abusing it.

Unfortunately, as with most of the reforms Obama listed, the bulk data collection reform was short on specifics — since no one actually knows how to safely and securely collect that much data without the potential for abuse. Obama refused to consider walking back the entire idea of bulk metadata collection, despite his own review panel’s skepticism that it is worth the effort.

What was left out

Critics quickly pointed out what was missing from Obama’s speech.

There was no discussion of strengthening the protection for whistleblowers. Whether Snowden would have received any protection, as a contractor, under current whistleblower statues has been very controversial. It also was ominously silent about the issue of most interest to many of us in the software community — back doors placed in computer hardware and software by intelligence agencies and cooperative vendors.

Obama also didn’t back down from the policy of using bulk metadata collection as an intelligence tool, despite his own advisory panel recommending it be stopped. So stay-tuned for some battles in Congress over legislation imposing additional safeguards and some very amusing-to-watch Congressional hearings with a bunch of non-technical congresspeople quizzing security gurus and intelligence bureaucrats over the best way to store all that metadata safely.

etremetech.com 17 Jan 2014

The policy of surveillance of every single person on the planet has no expiry date.

The United States has been caught out, in unlawful activity by the NSA, to which now the remedy is to operate more covertly and not getting exposed again.

Many government policies have two sides one official and the other a clandestine operation. 

This operation also holds true to Australian government politics.

There is and will be data / privacy breaches with no repercussions of criminal convictions by governments, yet governments will pursue claims of 'piracy' and claims of financial loss by the Hollywood producers, who are untouched by the Internal Revenue Service.

The masses do not and never will have any protection from the corruption of governments, as the policy and law makers make sure of this, simultaneously giving the masses the illusion that laws protect them.


Politics akin to Nazi Germany occupied concentration camps.

No comments: