NSA – Mass Surveillance Reforms
2013 Edward Snowden revealed NSA together with FiveEyes country alliance had engaged in global surveillance operation. With help of select journalists he had published files to prove a mass phone surveillance of US Citizens was taking place.
May 2015 The US Court of Appeals ruled, that phone surveillance was unlawful.
Section 215 of the Patriot Act could have reauthorised the Patriot Act Mass Surveillance provision. Sen. Rand Paul sent a strong message to other senators with a 10 hour filibuster – signalling that any attempt to extend re-authorisation of the Patriot Act ‘as is’ would be met with strong opposition.
June 1st, 2015 Patriot Act provision that had warranted phone surveillance expired, including section 215
June 2nd, 2015 USA Freedom Act passed. The House bill overhauls the contentious bulk-data collection program, shifting storage of the phone records from the government to phone companies. Making Metadata retention an official law.
- USA Freedom Act has been authorised a 6 month transition period for the NSA to wind down bulk data collection. However, secret Foreign Intelligence Surveillance court was asked to ‘restart’ the program during the transition period. The group FreedomWorks has asked the FISA court to reject the surveillance request as a violation of the fourth amendment.
- NSA can now submit secret surveillance data quires to FISA court (which approved almost every warrant since its inception and is closed off from public audit) and obtain information from telcos and corporations. Some argue making it easier for NSA: achieving the same result, with someone else collecting & managing info.
- NSA will likely continue to take advantage of PRISM Data Collection Program by asking corporations like Facebook, Skype, Yahoo, etc. to reveal personal data about users.
More laws considered:
Encryption Policy Proposals: Security experts continuously urge US government to decentralise and encrypt online communications as effective cybersecurity measures. Several proposals and bill amendments to that effect have been rejected. Discussion going so far, as insisting encryption programs would be considered only if backdoor access was granted to US intelligence/ security services ( incl. NSA). Of course, the issue with someone having a key at all is a threat of it being stolen or mishandled, defeating the intent of a cybersecurity program.
CISA – aka ‘info- sharing legislation’. As proposed, it would allow to eradicate any legal process from accessing information from giant tech companies like Google and Facebook. Instead, making it a law to simply hand over private data to NSA. Also corporations would be entitled to hide information from public view as part of the legislation. Another issue is Public or private entities that would analyze and share cybersecurity information.