The Atlanta Journal-Constitution
NSA has more power to share intercepted data
More agencies will be able to look at information.
In its final days, the Obama administration has expanded the power of the National Security Agency to share globally intercepted personal communications with the government’s 16 other intelligence agencies before applying privacy protections.
The new rules significantly relax longstanding limits on what the NSA may do with the information gathered by its most powerful surveillance operations, which are largely unregulated by U.S. wiretapping laws. These include collecting satellite transmissions, phone calls and emails that cross network switches abroad, and messages between people abroad that cross domestic network switches.
The change means that far more officials will be searching through raw data. Essentially, the government is reducing the risk that the NSA will fail to recognize that a piece of information would be valuable to another agency, but increasing the risk that officials will see private information about innocent people.
Attorney General Loretta E. Lynch signed the new rules, permitting the NSA to disseminate “raw signals intelligence information,” on Jan. 3, after the director of national intelligence, James R. Clapper Jr., signed them on Dec. 15, according to a 23-page, largely declassified copy of the procedures.
Previously, the NSA filtered information before sharing intercepted communications with another agency, like the CIA or the intelligence branches of the FBI and the Drug Enforcement Administration. The NSA’s analysts passed on only information they deemed pertinent, screening out the identities of innocent people and irrelevant personal information.
Now, other intelligence agencies will be able to search directly through raw repositories of communications intercepted by the NSA and then apply such rules for “minimizing” privacy intrusions.
“This is not expanding the substantive ability of law enforcement to get access to signals intelligence,” said Robert S. Litt, the general counsel to Clapper. “It is simply widening the aperture for a larger number of analysts, who will be bound by the existing rules.”
But Patrick Toomey, a lawyer for the American Civil Liberties Union, called the move an erosion of rules intended to protect the privacy of Americans when their messages are caught by the NSA’s powerful global collection methods. He noted that domestic internet data was often routed or stored abroad, where it may get vacuumed up without court oversight.
“Rather than dramatically expanding government access to so much personal data, we need much stronger rules to protect the privacy of Americans,” Toomey said. “Seventeen different government agencies shouldn’t be rooting through Americans’ emails with family members, friends and colleagues, all without ever obtaining a warrant.”
The NSA has been required to apply similar privacy protections to foreigners’ information since early 2014, an unprecedented step that President Barack Obama took after the disclosures of NSA documents by the former intelligence contractor Edward J. Snowden. The other intelligence agencies will now have to follow those rules, too.
Under the new system, agencies will ask the NSA for access to specific surveillance feeds, making the case that they contain information relevant and useful to their missions. The NSA will grant requests it deems reasonable after considering factors like whether large amounts of Americans’ private information might be included and, if so, how damaging or embarrassing it would be if that information were “improperly used or disclosed.”
The move is part of a broader trend of tearing down bureaucratic barriers to sharing intelligence between agencies that dates back to the aftermath of the terrorist attacks of Sept. 11, 2001. In 2002, the Foreign Intelligence Surveillance Court secretly began permitting the NSA, the FBI and the CIA to share raw intercepts gathered domestically under the Foreign Intelligence Surveillance Act.
After Congress enacted the FISA Amendments Act — which legalized warrantless surveillance on domestic soil so long as the target is a foreigner abroad, even when the target is communicating with an American — the court permitted raw sharing of emails acquired under that program, too.
In July 2008, the same month Congress passed the FISA Amendments Act, President George W. Bush modified Executive Order 12333, which sets rules for surveillance that domestic wiretapping statutes do not address, including techniques that vacuum up vast amounts of content without targeting anybody.
After the revision, Executive Order 12333 said the NSA could share the raw fruits of such surveillance after the director of national intelligence and the attorney general, coordinating with the defense secretary, agreed on procedures. It took another eight years to develop those rules.
The Times first reported the existence of those deliberations in 2014 and later filed a Freedom of Information Act lawsuit for documents about them. It ended that case last February, and Litt discussed the efforts in an interview at that time, but declined to divulge certain important details because the rules were not yet final or public.
Among the most important questions left unanswered in February was when analysts would be permitted to use Americans’ names, email addresses or other identifying information to search a 12333 database and pull up any messages to, from or about them that had been collected without a warrant.
There is a parallel debate about the FISA Amendments Act’s warrantless surveillance program.
National security analysts sometimes search that act’s repository for Americans’ information, as do FBI agents working on ordinary criminal cases. Critics call this the “backdoor search loophole,” and some lawmakers want to require a warrant for such searches.