It’s already clear that the Cybersecurity Information Sharing Act (CISA) isn’t really needed, and may actually make the nation’s cyber-security worse. So why then, has the Senate Intelligence Committee along with Senator Thune and the Republican leadership been pushing so hard to pass this seemingly bad legislation? I think the answer may lay in its true purpose, domestic surveillance.
This article provides a good summary of just how CISA could be used for domestic surveillance, and how the information collected could be used by the government for purposes beyond cyber-security.
On June 11th, Congress passed the Massie-Lofgren admendment to the 2016 Defense Appropriations bill. From Rep. Massie’s press-release:
Under Section 702 of the FISA Amendments Act, Americans’ private data and communications – including emails, photos, and text messages – can be collected by intelligence agencies, provided that data or communication at some point crosses the border of the United States. Given the current fluid nature of electronic communications and data storage, in which corporate and private server farms store Americans’ data all over the world, this loophole could allow intelligence agencies access to a vast swath of communications and data without warrant protection. Intelligence officials have confirmed to Congress that law enforcement agencies actively search the content of this intercepted data without probable cause, and have used evidence gathered to assist in criminal prosecutions. Government agencies have also reportedly coerced individuals and organizations to build encryption “backdoors” into products or services for surveillance purposes, despite industry and cryptologist claims that this process is not technologically feasible without putting the data security of every individual using these services at risk. The Massie-Lofgren Amendment would prohibit funding for activities that exploit these “backdoors.”
A coalition of 25 various organizations led by the Electronic Frontier Foundation (EFF) recently graded elected officials in Washington, D.C. on the extent to which they are pushing for real surveillance reform. From the coalition’s website:
We are calling on the United States government to:
- Pass strong legislative reform to outlaw mass surveillance, including phone record surveillance and Internet surveillance. This must include a recognition of the privacy rights of non-US citizens.
- Reform the FISA court, the secret court that signs off on the NSA’s secret surveillance. FISA court reform includes transparency into any significant or new legal interpretations made by court and ensuring a well-resourced public advocate is in place to argue for privacy rights within the court and seek further review.
- Prohibit the NSA from undermining international encryption technologies and standards and hacking into technology companies.
- Promote transparency, publish transparency reports, and also give companies rights to publish granular accounts about how companies cooperate with bulk surveillance efforts and the number of user accounts that are affected.
Congress hasn’t acted on all of these issues recently, so I’d think of it as more of a mid-term report card. The methodology for the report card can be seen at the coalition’s web site. The Senate hasn’t voted on any related measures, so neither Sen. Thune and Sen. Johnson were graded.
The Amash-Conyers amendment to the 2014 Defense Appropriations Bill is the first legislative attempt to reign in the NSA’s bulk surveillance of Americans since the surveillance was first revealed in June. According to Wikipedia, the amendment:
- “sought to bar the NSA and other agencies from using Section 215 of the Patriot Act to collect records”, thereby ending the mass surveillance of Americans. Instead, it permitted “the FISA court under Sec. 215 to order the production of records that pertain only to a person under investigation”.
- would have permitted the continued use of business records and other “tangible things” if the data were “actually related to an authorized counter-terrorism investigation”.
- would have required judicial oversight with “a substantive, statutory standard to apply to make sure the NSA does not violate Americans’ civil liberties”.
The amendment lost by a vote of 217 to 205 with each party split on the issue. I wrote to Rep. Noem regarding her vote, and in her response she stated that “while I believe the Amash amendment went too far, I am in full support of further safeguarding our right to privacy and clearly drawing the line for federal agencies at the doorstep of the Fourth Amendment to the Constitution.”
A Blog about Technology and South Dakota Politics