Many thanks to one of our readers, Btfire, who contributed this article.
We should all be familiar with the lack of privacy in digital communications by now, but for those who cling to any hope that law might thwart the efforts of the NSA or CIA get ready to be let down. The House of Representatives, by a 325-100 margin, passed the Intelligence Authorization Act for Fiscal Year 2015 (approving changes from the Senate) on 10 December 2014.
The bill had bipartisan support and the “nays” were 45 Republicans and 55 Democrats. This bill actually codifies into law the collection and retention of communications that, until now, have only been borderline legal via executive actions. In particular, it discusses the use of encryption as triggering a provision for unlimited retention time.
This bill was not always written this way and during the summer a version was passed with language to require the NSA to obtain a warrant prior to any data collection (Volz, 2014). The bill was sent to the House from the Senate and a vote was rammed through with “almost nobody in the room (Amash, 2014).”
Representative Justin Amash (R-MI) sent this to his colleagues in Congress, “Last night, the Senate passed an amended version of the intelligence reauthorization bill with a new Sec. 309—one the House never has considered. Sec. 309 authorizes “the acquisition, retention, and dissemination” of nonpublic communications, including those to and from U.S. persons. The section contemplates that those private communications of Americans, obtained without a court order, may be transferred to domestic law enforcement for criminal investigations (2014).”
But nobody really cares either inside or out of Congress. “Fully 45 percent of all Americans say the government should be able to go further than it is, saying that it should be able to monitor everyone’s online activity if doing so would prevent terrorist attacks (Cohen, 2013).” This comment is the core of our problem in FreeFor: Not enough people care.
The same poll cited by Cohen reveals trends that show partisan support is tied directly to who the Chief Executive is. “Sixty-nine percent of Democrats say terrorism investigations, not privacy, should be the government’s main concern, an 18-percentage-point jump from early January 2006, when the NSA activity under the George W. Bush administration was first reported. Compared with that time, Republicans’ focus on privacy has increased 22 points (Cohen, 2013).” Wrong is wrong regardless of which team in partisan politics commits the crime, but our society is a myopic one.
We have known about domestic spying prior to the revelations by Edward Snowden (back when it was only a conspiracy theory) and privacy organizations such as the Electronic Freedom Foundation have attempted to warn us and offer tips and tricks to keep us slightly secure.
The current spying began shortly after the attacks of September 11, 2001 by executive order by President George W. Bush. Both President Bush and President Barrack H. Obama have used the first paragraph of Section 2 of the Authorization of the Use of Military Force to justify domestic collection of data.
The text reads, “That the President is authorized to use all necessary and appropriate force against those nations, organizations, or persons he determines planned, authorized, committed, or aided the terrorist attacks that occurred on September 11, 2001, or harbored such organizations or persons, in order to prevent any future acts of international terrorism against the United States by such nations, organizations or persons (Government Printing Office, 2001).”
That the Fourth Amendment is never given credit is not a mistake. Many of these laws have restrictions against data collection of “U.S. persons” but with “statutory interpretation” nothing ever is removed from the table.
The current Intelligence Authorization Act adds a seemingly innocuous section under the heading of Section 309: Procedures for the Retention of Incidentally Acquired Communications. This is the section that takes executive authority under the Patriot Act, Authorization for the Use of Military Force, and the Foreign Intelligence Surveillance Act and makes everything perfectly legal.
Section 309: “The term ‘covered communication’ means any nonpublic telephone or electronic communication acquired without the consent of a person who is a party to the communication, including communications in electronic storage. (Government Printing Office, 2014).”
These were the collections of metadata and other forms of communication in which we all engage. It never mattered whether you were suspected of a crime, your data was collected. However, retention was never really discussed until this bill. “A covered communication shall not be retained in excess of 5 years, unless— (Government Printing Office, 2014)” it is considered criminal in nature or related to terrorism. But what is criminal in nature? According to this bill encryption or an attempt to conceal the meaning is enough to retain the data forever.
Here at Information Operations we have stressed the importance of using encryption for all communications. Guess what, you are now a suspect. What is your crime? Mala Prohibita – Nothing, not in any rational sense of the word.
You are not trying to steal from anyone or cause physical/financial harm to people. You are not sending bombs in the mail and you are not trying to overthrow the government of the United States of America. You are not in any organization engaged in violence with the forces who are anti-freedom. You are, however, the same as a terrorist in their eyes.
Spying has and will continue. I fully support the ability to find and prosecute criminals who have caused harm. I do not, however, support the widespread collection of data on anyone without a properly formatted warrant. I have believed, quite naively I suppose, that one day we could get executive actions that were against privacy overturned, but now it is law.
My desire to maintain privacy has been trumped by the government’s desire to monitor my every action. My communications will be held for a long time because I frequently use PGP or other forms of encryption in emails, text messaging, and even voice calls.
I will not change these actions to stay off of a list, rather I will encourage more people to join me on a list. Come on, we will have a list party. Below is the full text of Section 309 and here is a link to the entire bill as it was sent to the President.
|(a) DEFINITIONS.—In this section:(1) COVERED COMMUNICATION.—The term ‘‘covered communication’’ means any nonpublic telephone or electronic communication acquired without the consent of a person who is a party to the communication, including communications in electronic storage.(2) HEAD OF AN ELEMENT OF THE INTELLIGENCE COMMUNITY.—The term ‘‘head of an element of the intelligence community’’ means, as appropriate—
(A) the head of an element of the intelligence community; or
(B) the head of the department or agency containing such element.
(3) UNITED STATES PERSON
.—The term ‘‘United States person’’ has the meaning given that term in section 101 of the
Foreign Intelligence Surveillance Act of 1978 (50 U.S.C. 1801).
(b) PROCEDURES FOR COVERED COMMUNICATIONS
(1) REQUIREMENT TO ADOPT
.—Not later than 2 years after the date of the enactment of this Act each head of an element of the intelligence community shall adopt procedures approved by the Attorney General for such element that ensure compli- ance with the requirements of paragraph (3).
(2) COORDINATION AND APPROVAL
required by paragraph (1) shall be—
(A) prepared in coordination with the Director of National Intelligence; and
(B) approved by the Attorney General prior to issuance.
.—The procedures required by para- graph (1) shall apply to any intelligence collection activity not otherwise authorized by court order (including an order or certification issued by a court established under subsection (a) or (b) of section 103 of the Foreign Intelligence Surveillance Act of 1978 (50 U.S.C. 1803)), subpoena, or similar legal process that is reasonably anticipated to result in the acquisition of a covered communication to or from a United States person and shall permit the acquisition, retention, and dissemination of covered communications subject to the limitation in subparagraph (B).
(B) LIMITATION ON RETENTION
.—A covered communication shall not be retained in excess of 5 years, unless—
(i) the communication has been affirmatively determined, in whole or in part, to constitute foreign intelligence or counterintelligence or is necessary to understand or assess foreign intelligence or counterintelligence;
(ii) the communication is reasonably believed to constitute evidence of a crime and is retained by a law enforcement agency;
(iii) the communication is enciphered or reasonably believed to have a secret meaning;
(iv) all parties to the communication are reasonably believed to be non-United States persons;
(v) retention is necessary to protect against an imminent threat to human life, in which case both the nature of the threat and the information to be retained shall be reported to the congressional intelligence committees not later than 30 days after the date such retention is extended under this clause;
(vi) retention is necessary for technical assurance or compliance purposes, including a court order or discovery obligation, in which case access to information retained for technical assurance or compliance purposes shall be reported to the congressional intelligence committees on an annual basis; or
(vii) retention for a period in excess of 5 years is approved by the head of the element of the intelligence community responsible for such retention, based on a determination that retention is necessary to protect the national security of the United States, in which case the head of such element shall provide to the congressional intelligence committees a written certification describing—
(I) the reasons extended retention is necessary to protect the national security of the United States;
(II) the duration for which the head of the element is authorizing retention;
(III) the particular information to be retained;
(IV) the measures the element of the intel- ligence community is taking to protect the privacy interests of United States persons or persons located inside the United States.
Amash, J. (2014, December 9). Retrieved from Facebook: https://www.facebook.com/repjustinamash/posts/812569822115759
Cohen, J. (2013, June 10). Most Americans back NSA tracking phone records, prioritize probes over privacy. p. 1.
Government Printing Office. (2001, September 18). GPO. Retrieved from GPO.gov: http://www.gpo.gov/fdsys/pkg/PLAW-107publ40/pdf/PLAW-107publ40.pdf
Government Printing Office. (2014, December 10). GPO. Retrieved from GPO.gov: http://www.gpo.gov/fdsys/pkg/BILLS-113hr4681enr/pdf/BILLS-113hr4681enr.pdf
Pew Research Center. (2013, June 10). Washington Post-Pew Research Center poll: NSA terrorism tracking, sexual assault in the military. Retrieved from The Washington Post: http://apps.washingtonpost.com/g/page/politics/washington-post-pew-research-center-poll-nsa-terrorism-tracking/218/
Volz, D. (2014, December 11). Congress Quietly Bolsters NSA Spying in Intelligence Bill. National Journal, p. 1.