Initial Thoughts on Obama’s Dragnet Fix

/12 Comments/in /by

The White House has rolled out the bare sketch of its proposal to fix the dragnet. The sketch says,

  • the government will not collect these telephone records in bulk; rather, the records would remain at the telephone companies for the length of time they currently do today;
  • absent an emergency situation, the government would obtain the records only pursuant to individual orders from the FISC approving the use of specific numbers for such queries, if a judge agrees based on national security concerns;
  • the records provided to the government in response to queries would only be within two hops of the selection term being used, and the government’s handling of any records it acquires will be governed by minimization procedures approved by the FISC;
  • the court-approved numbers could be used to query the data over a limited period of time without returning to the FISC for approval, and the production of records would be ongoing and prospective; and
  • the companies would be compelled by court order to provide technical assistance to ensure that the records can be queried and that results are transmitted to the government in a usable format and in a timely manner.

The most important question asked in a conference call on this is what the standard for querying would be. Congress would decide that, but it Reasonable Articulable Suspicion would be the starting point.

That sketch doesn’t really answer a lot of questions about the program, including:

  • Will this program be used for “national security concerns” beyond counterterrorism? Never once did the conference call say it was limited to CT, and several comments suggested it could be used more broadly.
  • What kind of protections will the data (the overwhelming number of which would be innocent people) get once it lands at NSA (see the minimization procedures noted above)? Will it resemble the corporate store of forever datamining that currently exists?
  • Who will do the data integrity that currently requires access to the raw data, which has a dramatic influence on how much data would be responsive to a 2-hop query? The required “technical assistance” might include some of it (it definitely includes formatting the data such that NSA can legally accept it, which has caused a problem with cell data). But does Verizon or NSA or Booz go through the raw data and pull out the high volume numbers?
  • For how long will these orders be granted? (It sounds like the White House will use this to entice congressional support.)
  • Will the NSA have access to location data (I’m guessing the answer is no but would like assurances)?

All that said, this is an improvement over the status quo and over RuppRoge in several ways, not least that it applies only to phone data, and that they’re using the same vocabulary we’ve just spent 10 months agreeing on common definitions for.

Update: One observation. One thing both this reform and RuppRoge include is the ability to dictate what the government gets from providers. That’s a testament to how poorly suited the Section 215 program has always been, because it could only ask for existing business records, and most telecoms (the likely exception is AT&T) could and almost certainly did simply provide their SS7 telecom records, which would include everything, including cell location data that apparently became problematic, probably since 2010, when Congress learned NSA was actually going to start using that data. Those problems likely grew more intense after the Jones decision made it clear SCOTUS had problems with the government tracking location persistently without a warrant.

In other words, these “reforms” seem to arise as much from the fact that the outrage against this dragnet provides the government with an opportunity to build a system more appropriate to the task at hand rather than what they could jerry-rig together in secret.

image_print
12 replies
  1. chronicle says:

    quote”That sketch doesn’t really answer a lot of questions about the program, including:”unquote

    Last but not least.. IF, the USG is truthful, when can I expect the Bluffdale Utah data center to be shuttered and closed?

  3. P J Evans says:

    only pursuant to individual orders from the FISC approving the use of specific numbers for such queries, if a judge agrees based on national security concerns

    Isn’t that how it’s supposed to be working now? But isn’t?

    • orionATL says:

      yes.

      and then there’s that big barn door that can easily be swung wide open, “absent and emergency situation”.

      let’s see, how long were we in “condition orange” (or red) during our flyboy hero’s reign?

  4. jerryy says:

    This may seem like shaking one’s fist at the clouds and yelling ‘get off my lawn’, but nothing in the proposal really changes anything. The wording of the proposals makes that certain.
    .
    Unless the NSA representatives are going to be showing up at oh say AT&T’s office(s) with a pencil, a legal pad and short list of names / phone numbers, then read and jot down notes from the restricted results presented by the suspicious customer service representative (which I really, really doubt will happen) then only the trappings have changed.
    .
    When you query a database, you get back a data subset which is itself a database. An automated search can strip the original data set like a pack of hyenas clean a zebra carcass (just as you see on tv). Only faster.

    • orionATL says:

      agreed.

      for one thing, this government is NEVER going to give up the great benefit to prosecutors of the many secret domestic and international policing functions of electronic spying. that is why the spying programs have proven so resistant to eradication.

      counter-terrorism and cyber security are only the public cover for politicians.

      this white house/ congress abatement scheme is just a public show to ally criticism.

      the multiple spying programs thimbles are still in place for gov to hide the pea under.

    • orionATL says:

      we can always use the minimalist sensenbrenner-leighy as a standard to test these solutions by.

      what really needs to happen is for congress,with presidential support, to cancel the patriot act, the fisa-fuccup-fix act, and the reagan EO.

      that would be real bi-partisanship.

      now we’re likely to be left sitting thru a season of corporate media babbling about a bi-partisan solution to the dragnet problem that was only quarter-assed, at best.

      • jerryy says:

        Rescinding those would be a start. The resulting vacuum would tip the hands of the security theatre players though, I think the current media babble would change to crescendo levels.

        But really, attitudes toward drug-based violations resulting in jail sentencing are changing, Russia is ‘a regional power’ albeit with nukes, the Taliban have shown no interest in leaving their home areas, AQ is no longer AQ, so maybe some groups such as the Red Army will have to make a resurgence.

  5. steve says:

    Does anyone else thinks the requirement to provide records in the Gov’t desired format reads like an request-for-price proposal line item?

    “We need you to provide the following database table fields. Please quote time & cost for response.”

    • P J Evans says:

      It is an interesting little item. Possibly the government has a proprietary format for its databases, and doesn’t want to convert the incoming stuff on the taxpayer’s dime (not that this has ever bothered them before).

Comments are closed.