The “Oversight” over NCTC’s Not-Terrorist-Terrorist Database

Back when John Negroponte appointed him to be the Director of National Intelligence’s Civil Liberties Protection Officer, Alexander Joel admitted he had no problem with Cheney’s illegal domestic wiretap program.

When the NSA wiretapping program began, Mr. Joel wasn’t working for the intelligence office, but he says he has reviewed it and finds no problems. The classified nature of the agency’s surveillance work makes it difficult to discuss, but he suggests that fears about what the government might be doing are overblown.

“Although you might have concerns about what might potentially be going on, those potentials are not actually being realized and if you could see what was going on, you would be reassured just like everyone else,” he says.

That should trouble you, because he’s the cornerstone of oversight over the National Counterterrorism Center’s expanded ability to obtain and do pattern analysis on US person data.

The Guidelines describe such oversight to include the following:

  • Periodic spot checks overseen by CLPO to make sure database use complies with Terms and Conditions
  • Periodic reviews to determine whether ongoing use of US person data “remains appropriate”
  • Reporting (the Guidelines don’t say by whom) of any “significant failure” to comply with guidelines; such reports go to the Director of NCTC, the ODNI General Counsel, the CLPO, DOJ (it doesn’t say whom at DOJ), and the IC Inspector General; note, the Guidelines don’t require reporting to the Intelligence Oversight Board, which should get notice of significant failures
  • Annual reports from the Director of NCTC on an (admittedly worthwhile) range of metrics on performance to the Guidelines; this report goes to the CLPO, ODNI General Counsel, the IC IG, and–if she requests it–the Assistant Attorney General for National Security

There are a few reasons to be skeptical of this. First, rather than replicate the audits recently mandated under the PATRIOT Act–in which the DOJ Inspector General develops the metrics, these Guidelines have NCTC develop the metrics themselves. And they’re designed to go to the CLPO, who officially reports to the NCTC head, rather than an IG with some independence.

That is, to a large extent, this oversight consists of NCTC reporting to itself.

Also, note who doesn’t get these reports? Congress. Not even the Intelligence Committees.

One of the only mentions of Congressional Committees comes when describing permissible dissemination of US person data. NCTC can, the Guidelines say, share US person data with “a Congressional Committee to perform its lawful oversight functions, after approval by the ODNI Office of General Counsel.” If Congress has lawful oversight functions, shouldn’t they be heeded whether or not ODNI GC approves?

Then there’s the rather curious treatment of the Privacy and Civil Liberties Oversight Board–what is supposed to be an independent congressionally-approved board representing citizens’ interest in the face of government security claims.  The Guidelines say that if there’s a dispute between agencies over whether NCTC should get a database, the head of the agency objecting may appeal to the DNI, then the NSC and AG, and they, in turn, can consult the PCLOB. The Guidelines also say PCLOB “shall have access to all relevant NCTC records … that it deems relevant to its oversight of NCTC activities.”

And all that might provide an independent check on the mother-of-all-databases. Except that Obama took almost 3 years before he got around to appointing a quorum of people to PCLOB. And in the 3 months since then, the Senate Judiciary Committee hasn’t gotten around to dealing with those nominations. Thus, like the Cybersecurity plans working their way through Congress, the NCTC’s mother-of-all-databases also acknowledges that PCLOB has a legally definable oversight role (really, PCLOB’s role would have been most valuable in the last 18 months when NCTC was putting these Guidelines together). But PCLOB–and therefore its oversight function–doesn’t exist.

There are a lot of reasons this proposal, as implemented, is a bad idea: it doesn’t solve the problem it was implemented to solve (and indeed may well drown the analysts in even more data), it creates a one-stop shop for the theft of US person data.

But just as problematic is the geniuses who designed this in secret didn’t even try to build in any truly independent oversight over this massive intrusion into US person privacy.

Alexander Joel thought that if only people could see what the government was doing with its illegal wiretap program, they wouldn’t mind so much. But this vast new power grab was designed to make sure no one independent will see it, either.

Self-oversight like NCTC has designed here amounts to little more than navel gazing. And how likely will thorough navel gazing be, given that NCTC will be scrutinizing all of our belly-buttons at the same time?

Tweet about this on Twitter22Share on Reddit0Share on Facebook2Google+0Email to someone

20 Responses to The “Oversight” over NCTC’s Not-Terrorist-Terrorist Database

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20

Emptywheel Twitterverse
emptywheel RT @peterwsinger: NJ man shot drone flying over his house, charged with unlawful *firearm use* https://t.co/WWA8py9D1I HT @burritojustice
15mreplyretweetfavorite
emptywheel Think I'll write a short story abt a govt that times its security agreements to the life expectancy of men it has in indefinite detention.
16mreplyretweetfavorite
JimWhiteGNV After this bit of hand-made yumminess, the bread machine is headed for the donation pile. No turning back now. http://t.co/2qFnxCRWYv
26mreplyretweetfavorite
emptywheel Once in a blue moon you really do need to find lipstick, but then all you see are batteries that need recharged.
27mreplyretweetfavorite
JimWhiteGNV RT @DaveJonesUFbeat: Last time #Vols beat #Gators was 30-28 in Knoxville in 2004 ... Ron Zook was fired a little over a month later. Ahem. …
2hreplyretweetfavorite
JimWhiteGNV Tide finally turning? Jordan Davis' murderer convicted! In Florida, no less.
2hreplyretweetfavorite
JimWhiteGNV RT @AP: BREAKING: Florida man convicted of 1st-degree murder for killing teenager after argument over loud music.
2hreplyretweetfavorite
emptywheel RT @alexisgoldstein: Shorter Eric Holder: "if only someone with power would do something about these oversized, unaccountable banks!" https…
2hreplyretweetfavorite
emptywheel @JimWhiteGNV To be fair, that kind of arrangement (cough, Bandar) is prolly one reason our intel on Syria is so bad.
2hreplyretweetfavorite
emptywheel @pwnallthethings Yep. But their number one rec was ... to do what Apple is now defaulting to. And Apples about half of stolen phones.
2hreplyretweetfavorite
JimWhiteGNV I understand that Louie Gohmert plans to hire the Khorasan Group as consultants to search for new head of SS.
3hreplyretweetfavorite
JimWhiteGNV RT @GreggJLevine: Ask not if sexism played a role in 30-year Secret Service vet Pierson's promotion; ask if it contributed to her ouster.
3hreplyretweetfavorite