Obama task force's NSA proposals go 'much further than anyone expected'

A panel convened by President Obama to look into NSA surveillance practices has made 46 recommendations, pleasing some civil libertarians. One cyber expert calls it a 'mixture.'

The National Security Agency should stop collecting Americans’ telephone call “metadata,” instead letting phone companies keep the data describing trillions of calls, which the NSA could then search only with a court order, a panel advising President Obama recommends.

The recommendation was among the most significant made by the five-member Review Group on Intelligence and Communications Technologies, appointed by the president to respond to international and domestic anger over the NSA’s mass surveillance. Its conclusions, which include 46 recommendations, were released Wednesday a month ahead of schedule

The 308-page report was received favorably by some civil libertarians. “The committee went much further than anyone expected in increasing oversight of NSA surveillance activities,” says Elizabeth Goitein, co-director of the Brennan Center for Justice’s Liberty and National Security program.

One cybersecurity expert saw the broad array of recommendations as a mixed bag. “It’s a mixture of good ideas and pet rocks,” says James Lewis of the Center for Strategic and International Security in Washington. “There are a lot of things in there we absolutely should do. But there are some things that don’t make much sense, things that require legislative change and that might be hard to get.”

For example, the report calls on Congress to allow telephone, Internet, and other providers to publicly disclose general information about orders they get from the government. In addition, the government should regularly publicly disclose general data about orders it has issued in unclassified programs, it concluded.

The report recommends key organizational changes in the way the NSA collects intelligence globally, including:

• The President should create a new process to approve sensitive intelligence activities.
• Congress should create a new position to represent the interests of privacy and civil liberties before the Foreign Intelligence Surveillance Court (FISC), which issues court orders on government surveillance requests.
• FISC decisions should be more transparent, and the process by which judges are appointed should be changed.
• An independent oversight board should be created with authority to review government activity relating to foreign intelligence.
• The National Security Agency director should be a Senate-confirmed position and should be open to civilians.
• The Defense Department’s US Cyber Command should be separated from the NSA, as should the Information Assurance Directorate (IAD).

For his part, cybersecurity expert Dr. Lewis suggests that increased transparency is needed, but the idea of having a group of lawyers arguing within the FISC against data collection is bad.

Meanwhile, Ms. Goitein of the Brennan Center worries that the report would not do much to limit the amount of information the NSA collects by accident on Americans. But it would “stop the government in most instances from searching for that info and exploiting that. That’s an important step,” she says.

The report follows a decision Monday by US District Judge Richard Leon to issue a temporary restraining order blocking the NSA’s telephone metadata collection program, saying it almost surely violates Fourth Amendment privacy protections.

The Obama administration has been on the defensive over the NSA since June, when information about the NSA’s surveillance programs, leaked by former NSA contractor Edward Snowden, began to surface.

Among other things, the revelations chronicled a mass roundup of cellphone data across Europe as well as the surveillance of European leaders, straining US ties with its allies in Europe. To address those concerns, the report recommends formalizing protections for “non-US persons.”

Any order to conduct surveillance against non-US persons should be required to satisfy six separate hurdles, which include having proper authorization and being tailored exclusively to protect national security interests.

The recommendations come as some members of Congress are ramping up pressure on the administration. Rep. Jim Sensenbrenner (R) of Wisconsin and Sen. Patrick Leahy (D) of Vermont, who helped write and pass the Patriot Act after 9/11, have introduced legislation that would block the collection of Americans' telephone metadata. Metadata includes information about a phone call – such as the location and duration of the call – but not the actual conversation.

Some of the strongest pressure is reported coming from large Internet companies. Officials from Yahoo, Microsoft, Facebook, and others met with Mr. Obama Tuesday and reportedly urged him to throttle back surveillance programs. One NSA program revealed by Mr. Snowden, code-named PRISM, required high-tech companies to share data with the agency. That sharing has hurt some US companies’ ability to do business in Europe and elsewhere.

The NSA has defended its actions, arguing on CBS’s “60 Minutes” Sunday that it had thwarted cyberattacks that could have turned computers in the US financial sector “into bricks.”

At a congressional hearing earlier this month, NSA director Gen. Keith Alexander said the telephone metadata program is a vital tool to tracking terrorists.

“There is no other way that we know of to connect the dots,” he said. “Taking the program off the table from my perspective is absolutely not the right thing to do.”

The five-person presidential advisory panel didn’t do that, but taking the database out from under the NSA’s roof would be a big change.    

“The Review Group is hopeful that the recommendations made here might prove helpful in striking the right balance,” the group wrote in a blog post. “Free nations must protect themselves, and nations that protect themselves must remain free.”