A number of people have expressed appreciation for this analysis: if you find this useful, please consider donating to support my work.
I’m going to do a series of more finished posts on the “compromised” version of Jim Sensenbrenner’s USA Freedom Act, which I hereby dub the USA Freedumb Act (thanks to Fake John Schindler for the suggestion), because so many of the reforms have been gutted. Here’s the initially proposed bill. Here’s my working thread on USA Freedumb.
You will hear a great many respectable people making positive comments about this bill, comments they normally would not make. That’s because of the carefully crafted timing.
As you recall, Mike Rogers originally got the House Parliamentarian to rule that the bill could go through the House Intelligence Committee. And his bill, which I affectionately call “RuppRoge” after Rogers and Dutch Ruppersberger and Scooby Doo’s “Rut Roh” phase, is genuinely shitty. Not only does it put the NSA onsite at providers and extend call records collection beyond terrorism applications, but it also extends such collection beyond call records generally. It is likely an attempt to get the US back into the Internet dragnet business. Shitty bill.
That said, in key ways RuppRoge is very similar to USA Freedumb. Both “limit” bulk collection by limiting collection to selectors (Freedumb does so across the board, including for NSLs, whereas RuppRoge does so for sensitive Business Records, call records, and Internet metadata). Both propose a similarly (IMO) flimsy FISC advocate. Both propose laughably weak FISC transparency measures. Both will include compensation and immunity for providers they don’t currently have.
Aside from three areas where RuppRoge is better — it forces agencies to update their EO 12333 proposals, doesn’t extend the PATRIOT Act, and provides a (not very useful) way to challenge certificates, all the way up to SCOTUS — and three where it is far worse — it develops more Insider Threat measures, it applies for uses beyond terrorism and beyond call records, and doesn’t include new (but now circumscribed) IG reporting – they’re not all that different. [Correction: USA Freedumb ALSO applies beyond terrorism.]
They’re differently shitty, but both are pretty shitty.
The reason why otherwise respectable people are welcoming the shitty Freedumb bill, however, is that it gives House Judiciary Committee — with a number of real reformers on it — first pass on this bill. It’s a jurisdictional issue. It puts the jurisdiction for surveillance bills back where it belongs, at the Judiciary Committee.
Oh, by the way, one of the more extensive (in terms of text) real changes in Freedumb is it finally includes the House Judiciary Committee, along with the House and Senate Intelligence Committees and Senate Judiciary Committee, among the committees that get certain kinds of reporting. Jurisdiction. (No, I can’t explain to you why it wasn’t included in the first place in 2008, and no, I can’t explain why that detail is not better known.) It gives everyone on HJC a tiny reason to support the bill, because they’ll finally get the reporting they should have gotten in 2008.
The House Intelligence Committee will consider RuppRoge the day after HJC considers Freedumb, Thursday. Which has elicited hasty (overly hasty, IMO) statements of support for Freedumb, as a way to head off the shitty RuppRoge.
Effectively, the National Security State has managed to put two differently shitty bills before Congress and forced reformers to choose. Freedumb is the better (as in less horrible) bill, and it might get better in Committee. But it’s not a runaway call. And the haste has prevented anyone from really figuring out what a central change to both programs means, which limits collection to selectors, which could be defined in very broad terms (and about which — you’ll have to take my word for now — the NSA has lied in public comments).
One more timing issue that I suspect explains the sudden activity surrounding “reform.” The Privacy and Civil Liberties Oversight Board is due to release a report on Section 702 in the next month or so (its comment period for the report closed on April 11). Given the comments of David Medine, James Dempsey, and Patricia Wald at hearings, I strongly suspect PCLOB will recommend reforms — at least — to back door searches, and possibly to upstream collection. Both are items which were gutted as USA Freedom became Freedumb. (In addition, two aspects that would have expanded PCLOB’s authorities — giving it a role in picking the FISC advocate and giving it subpoena power — have been removed.) So in the same way that President Obama rushed to reaffirm NSA’s unified structure, in which the Information Assurance Division and Cybercommand functions are unified with the more general NSA spying function, before his handpicked Review Group recommended they be split, this seems to be a rush to pre-empt any recommendations PCLOB makes.
Ultimately, these two shitty bills are destined to be merged in conference anyway, and reformers seem to have given up 75% of the field before we get started.
Which means just about the only “reform” we’ll get are actually tactical fixes to help the Security State deal with legal and technical issues they’ve been struggling with.
The USA Freedumb Act has become — with DiFi’s Fake FISA Fix and RuppRoge before it — the third fake reform since Edward Snowden’s leaks first got published. Wearing down the reformers seems to be working.