President Obama Surpasses Exceptionally Low Expectations On NSA Reforms, But Reforms Are Still Very Weak

from the you're-no-paul-revere dept

As expected, President Obama this morning gave his speech concerning his plans to "reform" the NSA. Similar to the original task force report, for which the White House first leaked claims that the recommended changes would be "cosmetic"... and then presented something a little more powerful, to try to win people over by beating low expectations. The same is true here. Earlier this week, the White House leaked out reports of cosmetic changes with little in the way of real reforms. Then, this morning, the President announced more significant reforms than expected. He did, in fact, propose a few major changes. You can read the full speech here. Among the things he announced:
  • A judge will have to approve each query for data on the metadata collection from Section 215 of the PATRIOT Act.
  • The "three hop" dragnet will be reduced down to two hops. That does, in fact, limit how far the NSA can search by quite a bit. That last hop is quite big.
  • The NSA should no longer hold all of the data, meaning that the telcos will be expected to hold onto it (though, he leaves it up to Congress and the DOJ to figure out how to do this). He calls this a "transition" away from the Section 215 program, but that's hardly clear.
  • National Security Letters (NSLs) will no longer have an unlimited gag order on them. The Attorney General will need to set up guidelines for a time in which gag orders expire, with the possibility of extending them for investigations that are still ongoing.
  • Companies will be given slightly more freedom to reveal data on the NSLs they get (though I don't think he indicated the same thing for Section 702 orders.... which is a big concern).
  • The Attorney General and the Director of National Intelligence will review annually FISC rulings to figure out what can be declassified.
  • He promises to "work with Congress" to look at changes to the FISA court
  • He is adding some very limited restrictions on spying on people overseas. It should only be used for actual counterterrorism/crime/military/real national security efforts.
  • A State Department official will be in charge of handling "diplomacy issues" related to these changes on foreign spying.
  • An effort will be started with technologists and privacy experts over how to handle "big data and privacy" in both the public and private sectors.
That is... he is ordering changes that go slightly beyond the expectations his own staffers leaked earlier this week... but stopping way short of actually fixing the problems. And, even with his changes, he leaves many of the details to Congress and the DOJ to sort out for themselves, which is not particularly encouraging, considering how both have acted for decades when it comes to surveillance.

Bulk data collection will still continue in some form, despite the fact that it appears that bulk data collection is rarely useful, compared to targeted surveillance. There will be slightly more oversight, despite the fact that oversight in the past has failed. There will be no effort to stop trying to compromise the technology of American (and foreign) companies leading to serious questions about our tech industry's ability to do business overseas (and at home).

Yes, this is better than it could have been, but only by a tiny degree. The President claims that he is open to further changes, but the fact that he is clearly resisting the major overhauls that are clearly needed does not provide any confidence that he's actually moving towards fixing the overreaching surveillance state. The speech sounded lofty, and talked about American ideals and the necessity of protecting civil liberties, but only moved the ball a very slight way towards getting there. Further, it leaves open plenty of ways for the intelligence community to claw back whatever he's making them "give up" through other means.

Update: Embedded the Presidential Directive that he signed today to put all of what he discussed into effect. You can read it below.
Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: barack obama, nsa, reforms, section 215, surveillance


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • identicon
    Anonymous Coward, 17 Jan 2014 @ 9:14am

    Really?

    "He is adding some very limited restrictions on spying on people overseas. It should only be used for actual counterterrorism/crime efforts."

    Really? So no more spying on, for example, foreign military? I somehow doubt it.

    link to this | view in chronology ]

    • icon
      Mike Masnick (profile), 17 Jan 2014 @ 9:21am

      Re: Really?

      Really? So no more spying on, for example, foreign military? I somehow doubt it.


      Yeah, that should have been in there as well. I edited that sentence. Had meant to add a bit more to it, but forgot to finish it off when he moved on to the next thing.

      link to this | view in chronology ]

      • icon
        Skeptical Cynic (profile), 17 Jan 2014 @ 10:25am

        Re: Re: Really?

        Mike are you lying to us? I am not sure I seen you miss something like that ever or miss including something that should have been. Are you pulling an Obama on us trying to CYA (cover your assets)and then blame it on someone else?

        link to this | view in chronology ]

  • identicon
    Anonymous Coward, 17 Jan 2014 @ 9:29am

    But lets not focus on any of the /other/ programs, just the telephone metadata restrictions...

    link to this | view in chronology ]

  • identicon
    alecco, 17 Jan 2014 @ 9:37am

    Foreigners, screw you

    We, the foreign users of US services and products will sure remember this bit:

    Third, the legal safeguards that restrict surveillance against U.S. persons without a warrant do not apply to foreign persons overseas. This is not unique to America; few, if any, spy agencies around the world constrain their activities beyond their own borders. And the whole point of intelligence is to obtain information that is not publicly available. But America’s capabilities are unique. And the power of new technologies means that there are fewer and fewer technical constraints on what we can do. That places a special obligation on us to ask tough questions about what we should do.


    At least they are clear the US government doesn't care about our rights to privacy.

    link to this | view in chronology ]

    • identicon
      Anonymous Coward, 17 Jan 2014 @ 9:54am

      Re: Foreigners, screw you

      Honestly, as a tech person here in the US even if it means my job, start up a boycott of US services. Money moves mountains. If another "ACTA" type protest of Google, FaceBook, Yahoo, Apple, Amazon et al was started, you would not only benefit local commerce by using local providers, but the US would have to about face very quickly on loss of revenue.

      Examples:
      DropBox - OwnCloud
      Amazon WebService - VirtMin
      RackSpace - VPS.net, Tata's instacompute.com

      Almost everything you use probably has an OpenSource or non-US alternative.

      link to this | view in chronology ]

    • icon
      Skeptical Cynic (profile), 17 Jan 2014 @ 10:29am

      Re: Foreigners, screw you

      What that means is if you are not "US" (both meanings)then your info will be gotten. And FU!!!!! You have been PWNED and your info OWNED!

      link to this | view in chronology ]

    • identicon
      Anonymous Coward, 17 Jan 2014 @ 10:45am

      Re: Foreigners, screw you

      Simple fix (not so simple)elect officials in your country that will make it illegal for any other country to collect its citizens data.

      link to this | view in chronology ]

      • identicon
        @b, 20 Jan 2014 @ 6:28pm

        Team America: World Police

        Okay so then after the US Gov is deemed to be in breach of Fijian privacy law. Now what happens.

        link to this | view in chronology ]

    • identicon
      Anonymous Coward, 17 Jan 2014 @ 2:00pm

      Re: Foreigners, screw you

      In all fairness, there are CLEARLY ESTABLISHED LAWS (ie. the Fourth Amendment) that have been violated for domestic surveillance. With regards to foreign surveillance, not so much. Much of the outrage in the US is that not only has our privacy been violated blatantly by our own government but it has happened as the result of a systematic, willful disregard for the law. We understand the outrage abroad and here he is clearly saying that we need to look at the appropriateness of what our government does abroad as well and adjust those policies accordingly. Whether he actually means that is another story altogether. But I really can't take exception to that statement so much.

      link to this | view in chronology ]

  • icon
    Internet Zen Master (profile), 17 Jan 2014 @ 9:41am

    I smell bullshit from Obama

    It's a start I guess... Not much of a start, but he did surpassed low expectations.

    ...Which tells me that the staff who leaked the intended reforms earlier this week did so intentionally in order to lower everyone's expectations so that Obama would get praise and avoid more stinging criticism when he discussed his reforms today.

    In other words, keep raising hell and pressuring him until he actually makes significant changes and doesn't leave reforms up to the incompetents in Congress or the shady "making-things-up-as-we-go" types at the DOJ.

    The NSA is under the Executive Branch, so the head of the Executive Branch should be the one to put the organization's feet to the fire, not Congress.

    Just my two cents.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 17 Jan 2014 @ 9:49am

    these are 'pissing up my back and telling me it's raining' changes. basically, nothing changing but with alternatives in place to cover what is stopping. done mostly to try to keep the people quiet, not to curb the spying at all! i am anticipating more restrictions imposed by other nations, particularly with using US services and technology. nothing less than what is deserved!

    link to this | view in chronology ]

  • icon
    DannyB (profile), 17 Jan 2014 @ 10:23am

    Only two hops from suspected terrorists?

    I'm so relieved. I wonder if they'll change the definition of 'suspected'?

    link to this | view in chronology ]

    • identicon
      Anonymous Coward, 17 Jan 2014 @ 10:46am

      Re: Only two hops from suspected terrorists?

      or make it a very long hop.

      link to this | view in chronology ]

      • icon
        JWW (profile), 17 Jan 2014 @ 12:52pm

        Re: Re: Only two hops from suspected terrorists?

        Probably not that. All they have to do is find a number from the 2nd hop and do two more hops from that one.

        link to this | view in chronology ]

  • icon
    Watchit (profile), 17 Jan 2014 @ 10:34am

    Which court will approve the data query though? If it's the FISA court then I don't see it as much of an improvement considering they're a glorified rubber stamp.

    link to this | view in chronology ]

  • icon
    krolork (profile), 17 Jan 2014 @ 10:43am

    We need a revolution.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 17 Jan 2014 @ 10:47am

    If you like your privacy, you can keep it !

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 17 Jan 2014 @ 10:49am

    This was classic smoke and mirrors for those not educated in the workings of the internet and mobile devices. i call bs

    link to this | view in chronology ]

    • identicon
      Anonymous Coward, 17 Jan 2014 @ 11:10am

      Re:

      I second that. How do the people go about initiating impeachment?

      link to this | view in chronology ]

      • icon
        weneedhelp (profile), 17 Jan 2014 @ 12:00pm

        Re: Re:

        Get Monica to blow Barry. That will do it.

        link to this | view in chronology ]

      • identicon
        Pragmatic, 20 Jan 2014 @ 9:34am

        Re: Re:

        http://en.wikipedia.org/wiki/Impeachment#Process

        The House of Representatives must first pass, by a simple majority of those present and voting, articles of impeachment, which constitute the formal allegation or allegations. Upon passage, the defendant has been "impeached". Next, the Senate tries the accused. In the case of the impeachment of a president, the Chief Justice of the United States presides over the proceedings. For the impeachment of any other official, the Constitution is silent on who shall preside, suggesting that this role falls to the Senate's usual presiding officer. This may include the impeachment of the vice president, although legal theories suggest that allowing a defendant to be the judge in his own case would be a blatant conflict of interest. If the Vice President did not preside over an impeachment (of anyone besides the President), the duties would fall to the President pro tempore of the Senate.

        Short version:

        1. Get Congress to agree to impeach him
        2. Get the Senate to try him
        3. Get ready for President Biden
        4. Stop laughing for a moment and say the words with me: President. Biden.

        That's not the reason he's not being impeached; Congress has its filthy fingers deep in the MIC pie. Many of them own businesses that profit from the surveillance state and that'd all come out in the wash. Since they're not obeying the law now, holding impeachment proceedings would simply bring down a spotlight on the conflicts of interest on both sides of the aisle.

        As long as surveillance is considered to be a government thing rather than a private industry + FUD-driven thing, they can continue the charade.

        Basically, if Obama goes down, most of the Intelligence Committee will go down with him and Joe Biden will be president.

        link to this | view in chronology ]

  • identicon
    Anonymous Coward, 17 Jan 2014 @ 10:55am

    Still worthless!!!!

    How about punishment for breaching rules? Which head rolls when breaches happen? Looks like more splash and flash to me.

    Will believe something has changed when the hammer drops or the heads start rolling. It is the only way... its just human nature to break the rules and push the limits.

    link to this | view in chronology ]

  • identicon
    Me, 17 Jan 2014 @ 11:04am

    Scumbag President

    There is no "reform" here.

    It's the same old, same old. The only "change" is the bone thrown to big business by letting them bid on housing data, which they already do!

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 17 Jan 2014 @ 11:12am

    Fuck reform, I want to see them obey the constitution they are sworn to uphold and I want to see arrests and trials for those who have violated their oath. When is the President going to give a speech about that?

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 17 Jan 2014 @ 11:44am

    Bottom of page 2

    This can be a big loophole:

    this directive shall apply to signals intelligence activities conducted in order to collect communications or information about communications, except that it shall not apply to signals intelligence activities undertaken to test or develop signals intelligence capabilities.

    It's all done to 'test or develop intelligence capabilities'. The NSA can just call there tools 'beta' forever and they may continue as they like.

    link to this | view in chronology ]

    • icon
      Rapnel (profile), 17 Jan 2014 @ 12:48pm

      Re: Bottom of page 2

      Indeed.

      "We regret to inform you that your privacy died on a training mission. Take this flag in appreciation and recognition for your privacy's service."

      link to this | view in chronology ]

  • identicon
    Anonymous Coward, 17 Jan 2014 @ 12:08pm

    Just wondering, but is there an NSA exception to the Computer Fraud and Abuse Act?

    If not, these folks are definitely breaking that law...

    link to this | view in chronology ]

  • icon
    MadAsASnake (profile), 17 Jan 2014 @ 12:12pm

    Room full of Monkeys

    To have impressed me, he would have had to stop the metadata collection. Consider:
    - it has not stopped a terrorist attack
    - it has not contributed to stopping activity
    - everything used to date could have been obtained at least as well with targeted surveillance
    - at best, it may provide useful data in the future.

    Now, you could fill a room with monkeys and let them type for 10 years. It is highly likely that the output from Monkey typing would have provided precisely the same benefits - no more, no less. Whenever this is true, it is clear that whatever you are doing is pointless.

    Unfortunately, this pointless activity which has massive financial and social costs, has not been stopped... why on earth not?

    link to this | view in chronology ]

    • identicon
      Anonymous Coward, 17 Jan 2014 @ 12:52pm

      Re: Room full of Monkeys

      For me to be impressed it would have to start with having the Attorney General announce the indictment of and arrest warrants for Hayden, Clapper, and Alexander.

      link to this | view in chronology ]

      • identicon
        Anonymous Coward, 18 Jan 2014 @ 5:56pm

        Re: Re: Room full of Monkeys

        Holder expects you to obey the law instead.

        Holder himself is a criminal (Fast and Furious gun walking).

        The whole thing is not going to end right for everybody.

        link to this | view in chronology ]

  • icon
    Tehrm (profile), 17 Jan 2014 @ 1:23pm

    Two-Degrees of Suspicion

    The two degree targeting requirement instead of three is still troubling. In order to be qualified for targeting, a single, intermediary relationship is all that is required between me and an named 'terrorist' organization. If I've been targeted in this way, does the targeting reach now extend two degrees away from me?

    If I follow an account associated with a known hacker collective, which then follows and is followed by known hacker activists- is the requirement met to target my activity?

    What about restaurants on social networks? If Bob's Bacon-Wrapped Bacon and an internally recognized terrorist follow each other, then has the requirement for targeting been met for everyone who follows Bob's Bacon-Wrapped Bacon?

    link to this | view in chronology ]

  • identicon
    FM Hilton, 17 Jan 2014 @ 6:20pm

    The actual speech

    My husband listened/watched the entire thing, and all he could say was:

    "He talked for an hour. Didn't say anything, but kept talking anyway."

    That's the gist of it all.

    You wanted reform? With the wolves in Washington? No thank you very much! Not gonna happen in that town, that's for sure!

    He's one person, in charge of the entire country. If he can't get the balls to shut down the NSA, we're fucked. All it would take would be an Executive Order, and the NSA is done.

    Notice that he didn't do that. Sure, he did a small one to address some small piece of business, but that's window dressing for all of us who want something, anything done.

    Now run along like good citizens. Remember this:

    "If you have nothing to hide, you have nothing to fear!"

    link to this | view in chronology ]

  • icon
    That One Guy (profile), 17 Jan 2014 @ 6:33pm

    Dodging the main point

    The NSA should no longer hold all of the data, meaning that the telcos will be expected to hold onto it (though, he leaves it up to Congress and the DOJ to figure out how to do this). He calls this a "transition" away from the Section 215 program, but that's hardly clear.

    Such wording avoids the core issue about all the data-gathering, and shifts it away from 'they shouldn't be doing it at all', to 'well now someone else holds onto the data'.

    Basically it's 'redefining' the problem, in the hopes that people will focus on who has the data, and ignore the fact that the data is being gathered in the first place.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 18 Jan 2014 @ 1:57am

    Which "judge", and in which "court", will the approval for searching 215 metadata come from? A secret rubber-stamp court judge? Bwahahah! Not a damn thing's changed.

    It's still unconstitutional, and still violates the 4th amendment of constitution. Judicial "approval" falls far short of the "probable cause" enshrined in the 4th amendment in the Bill of Rights.

    Make no mistake. We're still on the road towards totalitarianism. We the taxpayers are also funding the construction of this new road.

    link to this | view in chronology ]

  • identicon
    techie, 18 Jan 2014 @ 5:43pm

    First hint is timing: Friday afternoon. Nice try.

    Slo-Mo weekend. In the world of TMI, most should move on to next stories by Monday, instead of looking at details.

    Second: prerequisite to change is to put in prison known criminals, such as Alexander and Clapper.

    link to this | view in chronology ]

  • icon
    M. Alan Thomas II (profile), 18 Jan 2014 @ 9:20pm

    Smith v. Maryland heavily relies on an older case involving mandatory record-keeping by a third party with special access provisions for the government, provisions that were expanded in the Patriot Act. Those were about financial records, but still; I think that moving the data storage to a mandatory retention model gives them greater legal coverage without necessarily hamstringing them.

    Side note: I'd love to see if any of the lawyers around here agree with me that teleco immunity doesn't appear to apply to disclosures not authorized by law (a.k.a. abuse); if they've suddenly got to protect themselves from liability by pushing back on sketchy requests, that would be nice. Of course, they might reasonably believe that any such case would never be legally disclosed, so no-one would ever have standing to sue them.

    link to this | view in chronology ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.