Obama Announces Changes to NSA Data Harvesting, So You Think It’s OK He’s Got Your Phone Records

The President gave a history lesson today, after which he announced a transition for the NSA bulk data collection program, away from its current form and toward something that looks more like its current form would look like if it could be designed to look like something else. If you are confused by that, then you obviously are a paranoiac technophobe, a terrorist sympathizer, or both.

Skipping over the history lesson, the President said, “I maintained a healthy skepticism of our surveillance programs after I became President.” Then he said some more stuff.

Speaking about the NSA, he said,

They’re not abusing authorities in order to listen to your private phone calls or read your emails.

While it’s some comfort that they’re not bugging my phone, that’s not the only concern. I don’t want them to have the data about who I call and when, or with whom I exchange email. If they don’t have the data, I don’t have to worry about what they’re doing with it. He continued,

When mistakes are made, which is inevitable in any large and complicated human enterprise — they correct those mistakes. Laboring in obscurity, often unable to discuss their work even with family and friends, the men and women of the NSA know that if another 9/11 or massive cyber attack occurs, they will be asked by Congress and the media why they failed to connect the dots.

If they don’t have the data, I can’t accuse them of that, now, can I? In any case, their worries that someone will criticize their effectiveness doesn’t give them license to collect data they don’t need.

Later on, the President said,

We cannot unilaterally disarm our intelligence gathering capabilities. 

No one is talking about unilateral disarmament (except Obama, as regards our nuclear arsenal). Rather, I want them to collect data on foreign agents, people in other countries, and how much rice is in China. I just don’t want them to collect data on me.

The President said companies collect data on us all the time, and use it to target ads, etc. He then threw us a bone:

But all of us understand that the standards for government surveillance must be higher. Given the unique power of the state, it is not enough for leader to say, “Trust us, we won’t abuse the data we collect,” for history has too many examples where that trust has been breached. Our system of government is built on the premise that our liberty cannot depend on the good intentions of those in power. It depends on the law to constrain those in power.

That last sentence, however, voids the entire paragraph. Because while the law should constrain those in power, but government systems should be designed to limit the power they have in the first place. The NSA program is a problem of system design, not just whether checks can be placed on individuals.

The President outlined the steps he wants to take.

  1. Change the oversight of the intelligence gathering by the Executive branch.
  2. Provider greater transparency in areas related to the FISA court. Calls on Congress to create an independent advocate panel for FISA court
  3. Additional protection for Section 702 activity
  4. Sunset for National Security letters
  5. Change bulk collection under 215 into something Eric Holder likes

The President added,

Let me repeat what I said when this story first broke. This program does not involve the content of phone calls, or the names of people making calls. Instead, it provides a record of phone numbers and the times and length of calls. Metadata, that can be queried if and when we have a reasonable suspicion that a particular number is linked to a terrorist organization.

And this capability could also prove vital in a crisis. For example, if a bomb goes off in one of our cities and law enforcement is racing to determine if a network is poised to conduct additional attacks, time is of the essence. Being able to quickly review phone connections to assess whether a network exists is critical to that effort.

It’s unclear at all how having the phone call data would allow the NSA to construct a terrorist tree in real time after a bomb has just gone off.

In sum, the program does not involve the NSA examining the phone records of ordinary Americans, rather it consolidates these records into a database that the government can query if it has a specific lead. A consolidation of phone records that the companies already retain for business purposes. The review group turned up no indication that this database has been intentionally abused, and I believe it is important that the capability this program is designed to meet is preserved.

While the NSA is not “examining” our phone records, they are collecting those records. And if the need should arise, a quick determination could be made that there are no ordinary Americans.

Having said that, I believe critics are right to point out that without proper safeguards, this type of program could be used to yield more information about our private lives and open the door to more intrusive bulk collection programs in the future.

For all of these reasons, I believe we need a new approach. I am therefor ordering a transition, that will end the Section 215 bulk metadata program as it currently exists, and establish a mechanism that preserves the capabilities we need without the government holding this bulk metadata.

If the model is to be data collection into a database, followed by later query, no system can fix the threat to liberty. Collecting the data is the problem. The courts may say it’s constitutional, on the figleaf that the data collected doesn’t belong to the citizen, but to their service provider. Even so, the government doesn’t need that information and should not have it to abuse.

The review group recommended that our current approach be replaced by one in which the providers or a third party maintain the records, with government accessing information as needed. Both of these options pose difficult problems. Relying solely on the records of multiple providers, for example, could require companies to alter their procedures in ways that raise new privacy concerns. On the other hand any third party maintaining a single, consolidated database would be carrying on what is essentially a government function, but with more expense, more legal ambiguity, potentially less accountability, all of which would have a doubtful impact that increasing public confidence that their privacy is being protected.

As I said, no such system will be found.

During the review process, some suggested that we may also be able to preserve the capabilities that we need through a combination of existing authorities, better information sharing, and recent technological advances. But more work needs to be done to determine exactly how this system might work. Because of the challenges involved, I’ve ordered the transition away from the existing program will proceed in two steps.

  1. Effective immediately, we will only pursue phone calls that are two steps removed from a number associated with a terrorist organization, instead of the current three, and I have directed the Attorney General to work with the FISC so that during this period, the database can be queried only after a judicial finding or in the case of a true emergency.
  2. Next, I have instructed the intelligence community and the Attorney General to use this transition period to develop options for a new approach that can match the capabilities and fill the gaps that the section 215 program was designed to address without the government holding this metadata itself. They will report back to me with options for alternative approaches before the program comes up for reauthorization on March 28th. During this period I will consult with the relevant committees in Congress to seek their views, and then seek Congressional authorization for the new program as needed.

Oh, good. Attorney General Eric Holder is going to do it. Now we’re cool.