|
 But recent reports that the National Security Agency secretly broke
into communications on Yahoo and Google overseas have technology
companies, privacy advocates and even national security proponents
calling for a re-examination of Reagan's order and other
intelligence laws.
Experts suggest a legislative update is long overdue to clear up
what Electronic Frontier Foundation legal director Cindy Cohn calls
"lots of big gray areas."
With the cooperation of foreign allies, the NSA is potentially
gaining access to every email sent or received abroad, or between
people abroad, from Google and Yahoo's email services, as well as
anything in Google Docs, Maps or Voice, according to a series of
articles in the Washington Post. It's impossible to know how many of
Google and Yahoo's collective 1.8 billion accounts are affected, but
in a single 30-day period last year, field collectors processed and
warehoused more than 180 million new records — ranging from
"metadata," which would indicate who sent or received emails and
when, to content such as text, audio and video, the Post reported.
The NSA and its British counterpart, the U.K. Government
Communications Headquarters, have intercepted and tapped into data
funneled by Google and Yahoo through fiber optic cables, routing
information in an NSA operation called Muscular, the Post reported.
The information was provided to the newspaper by former NSA contract
employee Edward Snowden, who is being sought by the U.S. for leaking
classified information.
"Had the NSA done the same warrantless tapping at Google's Mountain
View, California, headquarters, there's no doubt they would be
violating the law," said Cohn, whose San Francisco-based non-profit
fights for digital freedoms. "They're doing this abroad because they
want that fig leaf of legality."
The NSA, in an online statement, says its collection operations
comply with federal laws and orders.
Reagan's 1981 Executive Order 12333 for the first time in a public,
written record allowed foreign covert action to be conducted from
inside the U.S. The measure, amended several times after 9/11,
outlines key rules for more than a dozen intelligence agencies. It
spells out when spies are allowed to peek into mail, homes and
electronics, identifies who has to approve of specific searches, and
details how to carry out clandestine collection of foreign
intelligence.
"What NSA does is collect the communications of targets of foreign
intelligence value, irrespective of the provider that carries them,"
the agency said, likening the data channels at private firms to
super highways.
In other words, the NSA is not targeting information about Google
and Yahoo as such, but is conducting surveillance on foreigners
using the services these companies provide, said University of
Indiana law professor David Fidler. But Fidler says this explanation
ignores the fact that the NSA is directly targeting the facilities
of U.S. companies, "even if the information ostensibly sought
concerned foreign persons."
Even Google's chairman Eric Schmidt, outraged by the invasion, says
he's not sure it is illegal, telling CNN the operation is "perhaps a
violation of law but certainly a violation of mission."
It is unclear exactly how the intrusions were carried out, but
Daniel Castro, senior analyst at the Washington nonprofit
Information Technology and Innovation Foundation, suspects the
surveillance required a computer savvy person either working for the
NSA, another government, or a contractor, to physically get inside a
network provider's facilities to tap into the fiber optic network
and route a copy of the online traffic into their own network. The
set up could be similar to a secret NSA room built into an AT&T
building in San Francisco in 2002 and made public by a retired AT&T
staffer in 2007.
The Post reported that the NSA isn't breaking into accounts as they
sit, stored in data centers, but is able to gather the emails and
other communications as they move between them.
The NSA says that if they accidentally scoop up extra, non-criminal
related information from Americans, there are strict limits about
how it can be used. But there's no guarantee those limits apply if
British intelligence agents are doing the rerouting and then turning
information over to the NSA, and the Obama administration will not
talk about their methods.
Thus the immediate pushback from advocates is a loud call for new
laws.
[to top of second column] |
"It's a relatively new phenomenon that the government is sweeping
through American communications outside the U.S., so there haven't
been a lot of legal decisions," said American Civil Liberty Union's
national security project attorney Patrick Toomey. "We think that
these revelations show the ways in which the surveillance laws are
in desperate need of reform. The location in which surveillance and
collection occurs no longer matters."
Those reforms are already underway, spearheaded by the USA FREEDOM
Act introduced by Senate Judiciary Committee Chairman Patrick Leahy
(D-Vt.) and Congressman Jim Sensenbrenner (R-Wisc.), chairman of the
Crime and Terrorism Subcommittee in the House; the proposed
legislation, which is widely supported by the tech industry
including Google, seeks to limit the NSA's surveillance powers both
here and abroad. The bill appears to have bipartisan support.
But it might not go far enough for Kel McClanahan, executive
director of National Security Counselors, which represents clients
involved in security or privacy law-related proceedings. McClanahan
says in addition to the broad privacy questions, there's a problem
with the NSA actions when it comes to attorney-client privilege.
Working with an attorney in the United Kingdom, McClanahan is
currently fighting a legal Freedom of Information Act battle with
the NSA, seeking documents related to Sharif Mobley, a U.S. citizen
charged with terrorism in Yemen. Under current law, says McClanahan,
the NSA could ostensibly tap into the private communications between
himself and the British attorney he is working with, and read the
litigation strategies as he and the British attorney plan them.
"From what I can tell, what they're doing is technically legal
because of the lack of any law prohibiting it," he said.
The NSA says it has "minimization procedures" that limit how deeply
it can examine communications of U.S. citizens while they're in the
U.S., but it's unclear whether they extend to foreign attorneys.
Earlier reports based on Snowden's documents revealed the existence
of other NSA programs, including the PRISM data-gathering program,
which forces major tech firms to turn over the detailed contents of
Internet communications, although those required court orders.
The difference this time is that the NSA is "tapping into the data
centers as a backdoor activity, which made the tech firms extremely
unhappy," said attorney Pat Fowler, who handles data privacy and
security cases from his Phoenix, Arizona office.
Indeed, several Google engineers who spend their days fighting
hackers fired back with furious online responses to their systems
being targeted.
And it's quite possible Yahoo and Google weren't the only ones, said
Fowler, noting that Microsoft's Hotmail, which with Google's Gmail
and Yahoo's email dominate the email market.
"It wouldn't be a stretch to think they might try to get that data
from the other entities," said Fowler.
Attorney Steven Bradbury, who headed of the Justice Department's
office of legal counsel until 2009, used to advise the president and
executives on constitutional questions of privacy and security.
Today he says public concerns about invasions of privacy are off
base because the NSA is not allowed to target U.S. data abroad, and
when it gets it, there are tight limits.
"Communications that travel over wires overseas are susceptible to
interception by all kinds of foreign governments that are active in
collecting and doing surveillance," he said. "The difference is that
the NSA and U.S. intelligence agencies are subject to strict rules
and oversight. There's much more protection for U.S. persons than
for foreign citizens."
[Associated
Press MARTHA MENDOZA, AP National Writer]
Follow Martha Mendoza at
https://twitter.com/mendozamartha.
Copyright 2013 The Associated
Press. All rights reserved. This material may not be published,
broadcast, rewritten or redistributed.
 |
