(Washington, DC) – The report of the five-member group appointed by President Barack Obama to review US surveillance practices cast doubt on the claimed necessity for some US government surveillance programs, and underscored the need for urgent change. With their report released on December 18, 2013, the panel joined a growing chorus of policymakers, rights organizations, and security experts calling for critical reforms to US government surveillance programs.
The panel recommended an end to government bulk metadata collection, more robust judicial review of government surveillance requests, and increased transparency. While the review group went farther than any other US government entity in urging greater privacy protections for foreigners abroad, its recommendations still leave the door open to continued surveillance of people with no genuine connection to terrorism or wrongdoing.
“Both the President and Congress can use the report’s recommendations in crafting new policies and laws, but it’s only a starting point for change,” said Cynthia Wong, senior Internet researcher at Human Rights Watch. “Until President Obama takes tangible steps to protect the rights of everyone, no matter where they are, he’ll have a hard time restoring global trust in US support for Internet freedom.”
President Obama is expected to make a statement about his plans to respond to the review group’s report in early January 2014. The following are important aspects of the panel’s findings:
Unnecessary bulk phone metadata collection: One of the panel’s more striking findings was that the metadata collection program being conducted under section 215 of the USA PATRIOT Act had not been essential to preventing any terrorist attacks. The panel concluded that information derived from that program could have readily been obtained in a timely manner through other means. The panel found “no sufficient justification for allowing the government itself to collect and store bulk telephony metadata” and recommended terminating the program “as soon as reasonably practicable.”
Foreigners’ privacy rights: The panel recognized that the right to privacy is a basic human right, “central to human dignity,” enshrined in international treaties to which the US is party. The panel proposed limiting surveillance to what is “directed exclusively at the national security of the United States or [its] allies” and said it shouldn’t be used for illegitimate ends such as commercial gain. However, the panel ultimately endorsed an unnecessary, two-tiered approach, with much weaker safeguards against surveillance for foreigners and unclear recourse against overbroad collection of their data overseas.
National Security Letter reform: The panel recommended critical changes to the use of National Security Letters (NSLs). Federal authorities have used NSLs to force companies to disclose user information, but without judicial intervention and under weak standards and strict gag orders. The review group effectively called for an end to that practice, saying NSLs should be subject to judicial authorization.
Increased transparency: The review group embraced transparency measures that human rights organizations and companies have asked for, including proposing legislation to require greater reporting to Congress and the public about use of intelligence gathering powers, and allowing technology companies to report on the number of orders they receive for user data.
Strengthening judicial review: The panel supported creating an institutional advocate at the Foreign Intelligence Surveillance Court to represent the public’s privacy interests.
Oversight and whistleblower protections: The panel made a number of suggestions for strengthening the Privacy and Civil Liberties Oversight Board (PCLOB), an independent oversight agency. It also suggested empowering the board to receive whistleblower complaints, which would improve existing reporting mechanisms for national security whistleblowers. It would not adequately address the need for whistleblower reform that Human Rights Watch has previously identified, however.
Encryption and online security: Finally, the panel said that the US should not undermine efforts to create strong encryption standards or weaken the security of generally available software and online services by asking companies to make it technologically easier to spy on users. While the panel did not directly address media reports that the NSA had deliberately weakened encryption technology and asked companies to build in secret “back doors” into their products, this recommendation was clearly aimed at addressing these allegations.