Letter to President Obama Urging Surveillance Reforms
Re: Surveillance Reforms
Dear President Obama:
As you consider reforms to US electronic surveillance practices, you have an opportunity to demonstrate that safeguarding national security does not have to come through the sacrifice of American ideals or universal rights. This is a moment when your moral leadership is urgently needed to rein in a security apparatus that has clearly given inadequate weight to the public’s privacy rights. We strongly urge you to adopt a number of essential reforms to the way the US conducts electronic surveillance both within and outside the country–many also endorsed in the recent report of your Review Group on US Intelligence and Communications Technologies.
In particular, we wish to draw your attention to the harm that National Security Agency (NSA) surveillance has inflicted not only on the rights of US persons, through bulk metadata collection, but also on the rights of millions of other people outside the US. Inside the US there has been limited debate about this issue. However, as an international organization we are keenly aware that broad, unfocused surveillance of non-US persons with few restraints has chilled the exercise of basic rights and undermined an important US foreign policy objective: promoting global Internet freedom. A potentially damaging backlash is gathering force against US leadership in this area, with important implications for a free and open Internet in the years ahead. We are already seeing countries moving to erect walls against NSA surveillance, proposing far-reaching restrictions on Internet data that, over time, could lead to a “Balkanized” Internet. If the US does not rein in mass surveillance programs, moreover, it gives a green light to other governments to emulate its approach, with grave consequences to privacy online.
The US government should make clear in words and in practice its commitment to respecting the privacy rights of all people, in the US and beyond. Congressional action is needed to fully address concerns over existing programs, but there are many important reforms that you could adopt directly. In particular, we urge you to implement the following four recommendations immediately:
End Bulk Metadata Collection
Under Section 215 of the USA PATRIOT Act, the NSA has been collecting the telephone metadata records of nearly every person in the US for years. It has been authorized to maintain this data for five years, in some cases longer. The program sweeps up vast amounts of information from people accused of no wrongdoing that can reveal the most intimate details of their lives. Concern over the collection and querying of this data also risks chilling speech and association— shaping how people in this country communicate by phone and email, and ultimately harming the quality of debate and democratic governance in this country.
Although the stated purpose of this sweeping data collection is to protect the nation from terrorism, the program has not been shown necessary to preventing terrorist attacks. As the review group found, after having reviewed all relevant classified materials, any contributions to terrorist investigations “could readily have been obtained in a timely manner using more conventional 215 orders.”
Your administration can use existing authority to simply stop collecting such information under this program. We urge you to do so as soon as possible and to lend your support to legislative efforts that would formally end the program.
The review group alternatively suggested that the data be “voluntarily” maintained by the telecommunications companies or a private third party for a period of no more than two years or that retention be mandated if a voluntary program proves infeasible. However, we do not believe that either approach addresses the indiscriminate nature of mass data collection or adequately regulates government access.
While intelligence and law enforcement agencies will always want to have more information at their disposal in the hope it may someday prove useful, forcing companies to retain data for longer than they otherwise would for ordinary business reasons renders the collected troves of highly revealing metadata vulnerable to breach, theft, or misuse for unclear gain. If the NSA’s maintenance of metadata records for five years has not been particularly valuable in thwarting terrorist attacks, requiring companies to hold such data for two years will be no more productive.
Protect the Privacy Rights of Non-US Persons
In today’s world, where 150 billion emails crisscross the globe daily, and commerce and the flow of information depend on a borderless Internet, affording persons outside the US lesser rights only erodes confidence in the US as a voice in Internet governance and a proponent of online freedom. The US dominates digital communications, with most of the world’s Internet traffic moving through its territory or companies. With this extraordinary power comes heightened responsibility for upholding human rights. A new approach is probably also necessary if the United States does not want to see the significance of its Internet role diminished.
Section 702 of the Foreign Intelligence Surveillance Act (FISA) authorizes the warrantless surveillance of non-US persons reasonably believed to be outside the US. Executive Order 12333 also governs US surveillance practices abroad; more needs to be disclosed about its scope, interpretation, and application.
To protect the privacy rights of non-US persons, we urge you to:
Further, there is no convincing evidence so far that a more targeted approach requiring a warrant and probable cause would not have produced the same sort of intelligence. According to media reports, the key information acquired in the main case officials repeatedly cite in support of Section 702 – that of Najibullah Zazi – could have been obtained through a warrant and probable cause. Zazi was convicted in 2010 on charges related to plans to attack the New York City subway system.
Protect Encryption and Online Security
The US has spent millions of dollars to improve digital security for human rights defenders. US technology companies also enjoy dominant market share in many places around the world. Yet recent media reports suggest that the NSA has deliberately weakened encryption standards and may be asking companies to disclose encryption keys or otherwise undermine the security of their products. Trust that online communications are secure is essential to the functioning of many businesses and institutions, including those in the financial and heath sectors, as well as to those in the creative and artistic fields. Actively weakening encryption standards would undermine this trust and damage the reputation of US technology companies. Such actions also badly damage the reputation of the United States as a supporter of Internet freedom, as well as its economic interests. We agree with the review group that the US should not undermine security standards or weaken the security of generally available software and online services. If the US hopes to restore trust, it must signal its commitment to preserving strongly protected online encryption mechanisms as soon as possible. We urge you to end programs aimed at reducing security of commercial hardware and software and actively oppose any future legislative efforts to mandate back doors into US technology.
Increase the Transparency of Surveillance Programs
Vast changes to US law on surveillance have happened in secret without adequate oversight. The lack of public information has prevented debate about issues of great importance to the democratic process and individual rights. In addition, the companies and organizations that have participated in US surveillance programs have been prevented from disclosing basic data about the information that the government has been demanding of them.
You have in the past stated that you welcome a debate about these matters, and your decision to establish the review group to recommend possible reforms implicitly recognizes the importance of this discussion. Yet it is impossible to have a healthy and open democratic debate about these matters when the public – and most of the US Congress – is kept in the dark about the scope of the programs and their implementation. There are legitimate reasons to classify certain types of information – for example, to protect the identities of vulnerable individuals or to protect the public from harm. But classification can too easily become a tool to prevent embarrassment or exposure of wrongdoing, or to conceal information about the functioning of public institutions. Protecting national security does not have to come at the expense of public accountability. For example, there was no legitimate reason why the extent of the government collection of metadata should have been kept from the general public.
We urge you to disclose much more about the scope of terms of surveillance occurring under Section 702 and Executive Order 12333, which could have enormous implications for the rights of foreigners abroad. US persons have the same interest as those abroad in knowing when their privacy rights are protected, and that can be revealed without disclosing information that would threaten national security. We also encourage you to support legislative reforms suggested by the review group, including transparency measures to require greater reporting to Congress and the public about use of intelligence gathering powers, and to permit technology companies to report on the number of orders they receive for user data. They also recommended a strong presumption of transparency in decisions about whether to keep programs of the magnitude of the 215 bulk telephony metadata program secret. These measures will not only assist democratic debate today, but guard against abuse of power in the future.
The review group also made a number of other specific recommendations with which we agree, and which we hope you adopt and encourage Congress to act on. These include:
Obama recognizes global rights to privacy, still falls far short on safeguards ( by AMNESTY INTERNATIONAL) :In response to President Obama’s speech today on surveillance, Steven W. Hawkins, executive director of Amnesty International USA, issued the following statement:
“The big picture takeaway from today's speech is that the right to privacy remains under grave threat both here at home and around the world. President Obama’s recognition of the need to safeguard the privacy of people around the world is significant, but insufficient to end serious global concern over mass surveillance, which by its very nature constitutes abuse.
“President Obama took welcome steps to increase transparency, institute additional safeguards for citizens and non-citizens alike, and restrain his administration’s bulk collection of some types of information. However, he failed to acknowledge the abusive nature of mass surveillance or put international human rights standards at the center of U.S. policy.
“President Obama’s surveillance adjustments will be remembered as music on the Titanic unless his administration adopts deeper reforms.
“The President’s recognition of the need to restrain surveillance of people around the world, while welcome, falls short of what’s needed to protect the right to privacy and prevent targeting of people based on their beliefs or background. Furthermore, executive Order 12333 – which may permit a President to authorize additional surveillance programs without judicial review -- remains a potential blank check for abuse.
“Shifting the storage of information does not address the fundamental problem: the collection of mass personal data in the first place. Even if additional checks are put in place, ordinary people remain at risk of secret rulings by a secret court, and national security letters still evade judicial review.
“Regardless of citizenship or location, all people have the right to privacy under international law, and government surveillance must comport with human rights principles, including necessity, proportionality, and due process. Furthermore, people have the right to blow the whistle on evidence of abuse.
“To protect privacy and ensure security, the Obama administration and Congress should put human rights principles at the center of surveillance reform. Human rights safeguards allow for lawful, effective surveillance while protecting against unchecked executive power.