The NSA maintains its reformed telephone surveillance programme meets new legal standards
The US National Security Agency (NSA) has released a transparency report assessing its compliance with legal changes brought in with the USA Freedom Act last year, as part of a shift intended to adapt to public concern over its activities since former government contractor Edward Snowden began releasing details of the agency’s bulk data collection activities in 2012.
The Freedom Act, which was signed into law in June and took effect on 29 November, restricted the NSA from indiscriminately collecting telephone metadata, instead requiring the agency to demand records from telecommunications companies on a case-by-case basis. Communications firms are, in turn, required to store the records for possible scrutiny by the NSA.
While the report is intended to provide information to the public on the NSA’s activities and how they comply with the law, the agency stated its surveillance programmes remain in essence unchanged.
“NSA’s goal under the USA Freedom Act remains the same as that under its professor programme: to collect, analyse and disseminate foreign intelligence information and international terrorist threats,” the NSA stated in the report, adding that the legal changes have “strengthened privacy safeguards”.
The report, prepared by the NSA’s own Civil Liberties and Privacy Office (CLPO), formed in 2014 in response to public criticism of the agency’s activities, analyses its reformed telephone metadata collection programme on the basis of “Fair Information Practice Principles” (FIPP) laid out by the US Federal Trade Commission (FTC) as guidelines for programmes that affect individuals’ privacy.
The principles include the ideas of transparency, individual participation, data quality and integrity, accountability and auditing, and that the programme collects only data needed for a particular purpose.
The report finds that the data-collection programme satisfies most of these principles, with the exception of “individual participation”, which the NSA concludes is “appropriate” in this case.
“Although it is unlikely that an individual target will be notified that the NSA used the USA Freedom Act to acquire telephone metadata about them, CLPO concludes that this is appropriate under the circumstances,” the report states.
The telephone metadata collection programme, and others like it disclosed by Snowden, caused widespread controversy in the US as well as in Europe, and contributed to last year’s cancellation of the “Safe Harbour” programme that had allowed US companies to store the data of European citizens in their home country.
The programme was introduced with the Patriot Act in the wake of the 11 September, 2001 attacks in New York City.
The Freedom Act is the biggest reduction in US spying capabilities since the Patriot Act, according to the Obama administration. It requires the government to provide annual records disclosing the number of data requests it makes.
Some US lawmakers have argued the Freedom Act doesn’t do enough to limit the NSA’s activities.
The bulk collection programme didn’t lead to a single clear counter-terrorism breakthrough, according to a presidential review committee.
Are you a security pro? Try our quiz!