In an exclusive interview with The Daily Beast, Clapper said the problems facing the U.S. intelligence community over its collection of phone records could have been avoided. “I probably shouldn’t say this, but I will. Had we been transparent about this from the outset right after 9/11—which is the genesis of the 215 program—and said both to the American people and to their elected representatives, we need to cover this gap, we need to make sure this never happens to us again, so here is what we are going to set up, here is how it’s going to work, and why we have to do it, and here are the safeguards… We wouldn’t have had the problem we had,” Clapper said.

“What did us in here, what worked against us was this shocking revelation,” he said, referring to the first disclosures from Snowden. If the program had been publicly introduced in the wake of the 9/11 attacks, most Americans would probably have supported it. “I don’t think it would be of any greater concern to most Americans than fingerprints. Well people kind of accept that because they know about it. But had we been transparent about it and say here’s one more thing we have to do as citizens for the common good, just like we have to go to airports two hours early and take our shoes off, all the other things we do for the common good, this is one more thing.”

This is the right conclusion - the mass meta-data surveillance program should not have been kept secret from the American people - but its the wrong reason to reach that conclusion. Clapper seems to reach this conclusion due to pragmatic, tactical reasons - that it would be easier to address the security problems that Snowden has created if the government wasn't simultaneously trying to defend the fact that they were operating a secret mass domestic surveillance program. That observations is certainly correct. The greatest threat Snowden presents to the institution of the military is the possibility that he might inspire others to do the same thing. Thats a moral argument, and the government is having trouble winning that moral argument because they were caught red handed - preventing a legitimate political and legal dialog about the program they were running. There are a few other nuggets in the Snowden revelations that have also caused concerns, such as the revelation that the NSA undermined public encryption standards, but none of it is as significant as the revelation about meta-data. If not for that revelation, perhaps, few would have sympathy for him.

However, the right reason to reach the conclusion that the government shouldn't have operated a secret mass domestic surveillance program isn't to avoid the consequences of getting caught doing that. The right reason is because the dialog about the policy and the Constitution that this program inspires is an important one and its valuable to have it. If the American people decided that they don't want this prog... [ Read More (0.2k in body) ]

Spy Chief: We Should’ve Told You We Track Your Calls - The Daily Beast

It's no secret that one of the effects of the Edward Snowden revelations has been a slowdown in the effort to pass new cyber security legislation that facilitates information sharing between the government and the private sector. However, the need for cyber threat intelligence sharing is still vital, and with Congress sidelined, it's going to take leadership from the nation's corporate executives to make progress on this issue within the framework of our current laws.

Closing the cyber security threat intelligence gap - SC Magazine

This Techdirt article on Walton's implementation of Obama's NSA reforms is worth a read.

Walton seems resistant to turning the court into an oversight entity, which it really isn't. That's supposed to be the legislative branch's role, but that has been undermined by cheerleaders masquerading as overseers who have withheld information from their fellow legislators. Walton also may not trust the agency enough at this point to feel comfortable approving RAS requests.

FISC Judge Reggie Walton Hesitantly Amends Latest Section 215 Order To Conform With Presidential Directive | Techdirt

We learned last week that the court—and to my eye quite unsurprisingly—had granted the Department of Justice’s request to tweak minimization procedures applicable to the 215 program, among other things by having the FISC pre-approve the NSA’s determinations of “reasonable and articulable suspicion” (“RAS”).  

This reform is probably the most important result of the meta-data debate.

Lawfare › Latest Batch of Declassified 215 Orders from the FISC

If the corporations are storing the data already—for some business purpose—then the answer is easy: Only they should store it. If the corporations are not already storing the data, then—on balance—it's safer for the NSA to store the data. And in many cases, the right answer is for no one to store the data. It should be deleted because keeping it makes us all less secure.

Bruce Schneier's analysis of whether or not the NSA should store collected meta-data is correct and worth reading.

NSA surveillance metadata: The government, not private companies, should store it.

Jameel Jaffer, an A.C.L.U. attorney who argued against Mr. Verrilli in the Supreme Court, contended that the representatives of the Justice Department were “tying themselves up in knots in order to gloss over what was plainly a misrepresentation.”

He added: “The government told the Supreme Court that it was complying with the notice requirement, but it neglected to mention that it was construing the notice requirement so narrowly that defendants who were entitled to notice weren’t receiving it.”

Justice Dept. Defends Its Conduct on Evidence - NYTimes.com

A federal court in Ohio has ruled that individuals whose data was stolen by criminals in a data breach have no standing to sue the company that lost control of their data unless they can prove that the criminals actually used the data maliciously. The court reached this conclusion by relying on a Supreme Court ruling over NSA surveillance. The ruling brings into focus the potential unintended consequences of the government's legal strategy on NSA surveillance.

Its no secret that many of the NSA's surveillance programs were started long before their current legal justifications were created. In attempting to defend the legality of these programs, the NSA's defenders have articulated interpretations of the law that draw broad circles around this kind of activity, and the judiciary has upheld these broad interpretations rather that rule against the NSA.

One of the ways that the judiciary has sought to shield the NSA from legal challenges is by arguing that individual citizens do not have standing to challenge the legality of NSA programs unless they can prove that their personal data was accessed inappropriately. This court in Ohio applied that same logic to a different set of circumstances - where the data wasn't held by the NSA, but by a criminal organization. What makes sense in one context ought to apply in other contexts.

This sort of follow on consequence may occur in other ways as well. With respect to the domestic meta-data surveillance program, the NSA's defenders have argued that there are no Fourth Amendment or First Amendment implications, and that the surveillance was authorized by Section 215 of the Patriot Act. If this interpretation is true, than Section 215 of the Patriot Act also authorizes the mass collection of any other kind of business record. Furthermore, if there are absolutely no constitutional implications, than the government can authorize by statute the mass collection of business records for other purposes as well, such as everyday law enforcement. Also, state and local governments can follow suit and operate their own local mass surveillance programs that target their citizens.

The judiciary needs to pay closer attention to these issues in handing down rulings that authorize far more than they intend. For more about the Ohio ruling, click this link:

Unintended consequences of the NSA's legal strategy

Rob Graham posted some insightful thoughts on his blog regarding why he is opposed to meta-data surveillance by the NSA. I mostly agree with his sentiment, but I had to challenge him on one point. He wrote:

The issue that is important to me is the same sort of issue that provoked the Boston Tea Party of 1773. Britain had repealed the onerous taxes, all except the insignificant tax on tea. The reason the colonists rebelled was not because of the amount of money, which was tiny, but because "taxation without representation" was an intolerable philosophical idea. It meant that the colonists were "subjects" to be exploited by Britain, and not "free citizens" of the realm.

The same thing is true here with the Section 215 collection of phone records. In truth, the impact on citizens is insignificant and there are extensive safeguards to prevent this from being abused. None of that matters to me, as it's still surveillance of innocent citizens suspecedt of no crime. It subjugates us, and is an intolerable infringement on a free person's rights.

Is the impact on citizens really insignificant?

First, I'm not sure that the claim that there are "extensive safeguards" is credible. For years we've been told that they weren't collecting meta-data at all. Now we're being told that meta-data is being collected, but there are extensive safeguards. If the first claim was false, why does the second claim have credibility? By whose standards are the safeguards considered "extensive?"

Second, I'm not sure that the claim that they're only collecting meta-data is credible. The Wall Street Journal reported that the content of all email and text messages sent in the Salt Lake City area during the 2002 Winter Olympic Games was monitored. That is not meta-data and none of the legal arguments about meta-data apply to it. Are they still collecting content now? If they denied doing so, would those denials be credible?

Third, I'm not sure that meta-data collection has an insignificant impact on citizens. Everytime you call someone, the government has a record. That record is kept. They claim that they only keep it for five years, but that could be a lie, or the record retention time could change at any point during that five year period into a longer retention time, and that change could occur without any public announcement. If, for any reason in the future, the person you are contacting comes under suspicion, either by this government, or by a future government that is more aggressive than this one, you are better off not making that call. If the person you are contacting is either a political activist or a criminal of any sort, your association with them could lead to assumptions being made about you by the authorities. Maybe the current restrictions make it unlikely that this association would be observed by the authorities, but if the rules for accessing the data change in the future, you won't get the opportunity to go back and delete the record. Therefore, reasonable people may choose to limit the exercise of their right to freedom of association as a consequence of meta-data retention.

Concluding that the impact on associational liberty is insignificant understates the importance of a fundamental Constitutional right.

Is the impact of meta-data surveillance on citizens really insignificant?

...

▶ Frontline Assembly - They're Going To Kill Us - YouTube

I am writing to tell you that as a constituent, I will not be voting for any candidate who supports mass surveillance of Americans. This country's leadership has lost all credibility on this issue. The telecom companies issued dishonest statements to the public in 2006 about meta-data collection. The President of the United States ostensibly ran for office on a platform that included curtailing warrantless surveillance but has allowed these programs to continue in secret. The Director of National Intelligence lied under oath about the issue in an open Senate hearing and nothing has been done. The Wall Street Journal reported that the content of all email and text messages sent in the Salt Lake City area during the 2002 Winter Olympic Games was collected and monitored. Is this sort of domestic content monitoring still going on? Its impossible to say. Even if the country's leadership denied it, denials could not be taken seriously under these circumstances. Your responsibility is to the American people, not to the intelligence community.

The Day We Fight Back - February 11th 2014