avril haines – Techdirt (original) (raw)
Well, That’s Everyone: Senator Wyden Letter Confirms The NSA Is Buying US Persons’ Data From Data Brokers
from the you'd-think-the-NSA-would-have-a-better-data-plug dept
Buying domestic data from data brokers is just something the government does all the time. Bypassing restraints enacted by the Supreme Court, federal agencies (along with local law enforcement agencies) are hoovering up whatever domestic data they can from private companies all too happy to be part of the problem.
Sure, the government can pretend the Third Party Doctrine applies here. But chances are that most of this data being collected by phone apps and other services isn’t being collected with the full knowledge of device users. This is the sort of thing that’s hidden in the deep end of Terms of Use boilerplate, suckering people out of all kinds of data because they made the mistake of assuming a seemingly-innocuous match-3 game wouldn’t attempt to ping their phone’s location and tie it to specific device IDs.
So, this latest news — as revealed by Senator Ron Wyden — is only surprising in terms of which agency is involved.
U.S. Senator Ron Wyden, D-Ore., released documents confirming the National Security Agency buys Americans’ internet records, which can reveal which websites they visit and what apps they use. In response to the revelation, today Wyden called on the administration to ensure intelligence agencies stop buying personal data from Americans that has been obtained illegally by data brokers. A recent FTC order held that data brokers must obtain Americans’ informed consent before selling their data.
“The U.S. government should not be funding and legitimizing a shady industry whose flagrant violations of Americans’ privacy are not just unethical, but illegal,” Wyden wrote in a letter to Director of National Intelligence (DNI) Avril Haines today. “To that end, I request that you adopt a policy that, going forward, IC elements may only purchase data about Americans that meets the standard for legal data sales established by the FTC.”
You’d think the NSA would be able to obtain this data without having to buy it from sketchy third-party vendors. I mean, it has erected one of the most pervasive surveillance apparatuses in the world. It’s completely capable of engaging in domestic surveillance. And, indeed, it often does! So why would it need to purchase something it can obtain (more legitimately[?]) from its own dragnets and risk having part of its collection techniques exposed?
There’s no clear answer to that question, other than it’s pretty easy to spend government money when you’ve got plenty of it. Wyden’s letter [PDF] goes into a bit more detail, but (for obvious reason) it’s not the equivalent of sneaking damning documents out of an NSA data center and handing them over to journalists after exiting the country.
That being said, it took Wyden holding a top NSA position hostage for the government to admit it was buying data from brokers to engage in domestic surveillance.
The secrecy around data purchases was amplified because intelligence agencies have sought to keep the American people in the dark. It took me nearly three years to clear the public release of information revealing the NSA’s purchase of domestic internet metadata. DoD first provided me with that information in March, 2021, in response to a request from my office for information identifying the DoD components buying Americans’ personal data. DoD subsequently refused a request I made in May, 2021, to clear the unclassified information for public release. It was only after I placed a hold on the nominee to be the NSA director that this information was cleared for release.
Wyden asks each “IC [Intelligence Community] element” to open an investigation into the purchase of data from data brokers, as well as an FTC investigation into the business practices of the data brokers themselves. Each IC component is also asked to provide “an inventory of personal data purchased” from data brokers.
Wyden’s letter deals with all data purchased from brokers, but specifically exposes the NSA’s acquisition of internet browser records, which show which sites users visit and which apps they use. The NSA’s denial — delivered to Wyden late last year — claims the NSA isn’t doing something else entirely.
[N]SA does not buy and use location data collected from phones known to be used in the United States either with or without a court order.
That’s the only firm denial in the letter and it only says things about location data, which isn’t what Wyden is expressing his concern about.
However, the NSA — in the same 2023 letter — admitted to doing exactly what Wyden accused it of:
NSA does buy and use commercially available netflow (i.e., non-content) data related wholly to domestic internet communications and internet communications where one side of the communication is a U.S. Internet Protocol address and the other is located abroad.
The NSA is admitting to domestic surveillance. Not the best look for an agency still hoping to resuscitate its reputation following several years of damning leaks, investigations, and inadvertent exposures. We already know the NSA is fully capable of “inadvertently” sweeping up US persons’ data and communications with its Section 702 collection. That’s the thing the FBI constantly abuses to engage in domestic surveillance. It should never need to buy this data from brokers because it has always been able to obtain it otherwise.
This appears to be the NSA collecting even more just because the situation presented itself, rather than for any demonstrated national security need. And that’s the sort of thing no American should be willing to treat as government business as usual.
Filed Under: 4th amendment, avril haines, data brokers, doj, domestic surveillance, internet records, location data, nsa, privacy, ron wyden, surveillance, third party doctrine
Senator Ron Wyden Secures Promise To Overhaul Classification System From Biden, Director Of National Intelligence
from the a-bit-more-transparency-on-the-horizon dept
The Freedom of Information Act was enacted 55 years ago. To its credit, it has resulted in an unprecedented amount of access to documents and communications created by federal agencies.
But there has been a lot of resistance. Government agencies continue to abuse FOIA exemptions to withhold documents that shouldn’t be withheld. These efforts far too often force FOIA requesters to spend their time and money suing the government to obtain information that never should have been withheld.
That’s the backend opacity efforts the government deploys. On the front end, the government routinely classifies documents it would rather not release, whether or not the info contained is too sensitive to be handed over to the general public.
Many agencies — especially those that rub elbows with national security concerns — consider classification the default option. Once a document is classified, not even litigation will pry it loose. Documents can remain classified for decades, far exceeding the time period where the contained info might pose operational issues if made public.
But over-classification doesn’t work as well as certain government agencies and officials think it will. Sweeping massive stacks of innocuous paperwork under the classification rug may make FOIA request denials more routine, but it also encourages whistleblowers to leak documents containing information they believe the public should be made aware of. The government hides while FOIA requesters seek, but the more it hides, the more likely it is the wrongfully hidden documents will be leaked to journalists.
Even intelligence agencies have begun to recognize the downside of being too secretive. But that realization hasn’t stopped the over-classification of documents. And, despite admitting over-classification can often be counterproductive, agencies continue to resist presidential and congressional directives meant to limit abuse of document classification powers. According to a report from the DOJ Inspector General, executive branch agencies engaged in 95 million classification decisions in 2012 alone, most of those presumably finding in favor of opacity.
Fortunately, there are a couple of new sheriffs in town. President Joe Biden is sitting on top of the executive food chain with the power to change the way document classification is handled. To this end, Senators Ron Wyden and Jerry Moran have asked [PDF] the new president to update Executive Order 13526 — issued by Barack Obama in 2009 — to expedite the declassification of documents. This order created the National Declassification Center, something meant to address the declassification backlog, something created by decades of over-classification by agencies far more interested in secrecy than serving the public’s interests.
The other new sheriff in town is Director of National Intelligence Avril Haines. Unlike far too many of her predecessors, Haines agrees that over-classification and its attendant opacity is a problem. Because of Wyden and Moran’s willingness to press this issues, the Biden Administration and the new DNI will be overhauling the current — and currently broken — classification process.
In response to the joint Wyden-Moran letter, Director Haines announced a White House-led process to update the Executive Order, noting the Intelligence Community’s full support for the process and committing to including the views of Congress, advocacy organizations and academic partners. Additionally, Haines shared efforts currently underway within the Intelligence Community (IC) to improve the declassification process.
The changes are detailed (and somewhat redacted) in DNI Haines’ response to Wyden’s questions. The NSA will be working to automate some of the declassification process, utilizing software to make recommendations for potential declassification based on NSA rule sets. Once recommended by the software, documents will be reviewed and stripped of personally identifiable information before being made available to the public.
The CIA will engage in the same process, although it appears its implementation of automation will lag behind the NSA’s implementation. In both cases, the DNI expects improvements to start being shown sometime next year, with full rollout by the NSA expected later in 2023. The CIA’s program is expected to trail the NSA implementation, but the letter does not specify how far behind that implementation will be.
This is good news, especially if the projects remain on target. Unfortunately, it trails years of intelligence agencies recognizing the problems of over-classification but deciding it was a net gain for opacity to continue to over-classify documents. Large leaks of classified info by whistleblowers was apparently considered an acceptable tradeoff for increased opacity. Reversing years of standard opacity procedure is a big ask, but this appears to be a step in the right direction — one with at least a couple of power executive branch supporters.
Filed Under: avril haines, classification, declassification, foia, odni, over classification, ron wyden, transparency
Even Officials In The Intelligence Community Are Recognizing The Dangers Of Over-Classification
from the apparently-we-can't-trust-the-people-that-have-granted-the-government-this-p dept
The federal government has a problem with secrecy. Well, actually it doesn’t have a problem with secrecy, per se. That’s often considered a feature, not a bug. But federal law says the government shouldn’t have so much secrecy, what with the FOIA being in operation. And yet, the government feels compelled to keep secrets from its biggest employer: the US taxpayers.
Over-classification remains a problem. It has been a problem ever since long before a government contractor went rogue with a massive stash of NSA documents, showing that many of the government’s secrets should have been shared or, at the very least, more widely discussed as the government turned 9/11 into a constitutional bypass on the information superhighway.
Since then, efforts have been made to dial back the government’s proclivity for classifying documents that pose no threat to government operations and/or government security. In fact, the argument has been made (rather convincingly) that over-classification is counterproductive. It’s more likely to result in the exposure of so-called secrets rather than secure the blanket-exemption-formality that keeps secrets from the general public.
Efforts have been made to counteract this overwhelming desire to keep the public locked out of discussions about government activities. These efforts have mostly failed. And that has mainly been due to vague and frequent invocations of national security concerns, which allow legislators and federal judges to shut off their brains and hammer the [REDACT] button repeatedly.
But ignoring the problem hasn’t made the problem go away, no matter how many billions the federal government refuses to throw at the problem. Over-classification still stands between the public and information it should have access to. And it stands between federal agencies and efficient use of tax dollars. The federal government generates petabytes of data every month. And far too often, the agencies generating the data decide it’s no one’s business but their own.
It’s not just legislators noting the widening gap between the government’s massive stockpiles of data and the public’s ability to access them. It’s also those generating the most massive stashes of bits and bytes, as the Washington Post points out, using the words of an Intelligence Community official.
The U.S. government is drowning in its own secrets. Avril Haines, the director of national intelligence, recently wrote to Sens. Ron Wyden (D-Ore.) and Jerry Moran (R-Kan.) that “deficiencies in the current classification system undermine our national security, as well as critical democratic objectives, by impeding our ability to share information in a timely manner.” The same conclusions have been drawn by the senators and many others for a long time.
As this letter hints at, over-classification doesn’t just affect the great unwashed whose power is generally considered to be far too limited to change things. It also affects agencies and the entities that oversee the agencies — the latter of which are asked to engage in oversight while being locked out of the information they need to perform this task.
If there’s any good news here, it’s that the Intelligence Community recognizes it’s part of the problem. But this is just one person in the IC. It’s unlikely every official feels this way.
The government is working towards a solution, but its work is being performed at the speed of government — something further hampered by the back-and-forth of periodic regime changes and their alternating ideas about how much transparency the government owes to its patrons.
The IC letter writer almost sees a silver lining in the nearly opaque cloud enveloping agencies involved in national security efforts.
So far, Ms. Haines said, current priorities and resources for fixing the classification systems “are simply not sufficient.” The National Security Council is working on a revised presidential executive order governing classified information, and we hope the White House will come up with an ambitious blueprint for modernization.
The silver lining is “so far,” and the efforts being made elsewhere to change things. The rest of the non-lining is far less silver: the resources aren’t sufficient and the National Security Council is grinding bureaucratic gears by working with the administration to change things. If it doesn’t happen soon, changes will be at the discretion of the next administration. And the next administration may no longer feel streamlining declassification is a priority, putting projects that have been in the on-again, off-again works since Snowden’s exposes on the back burner yet again.
Our government will never likely feel Americans can be trusted with information about the programs their tax dollars pay for. But perhaps a little more momentum — this time propelled by something within the Intelligence Community — will prompt some incremental changes that may eventually snowball into actual transparency and accountability.
Filed Under: avril haines, classification, foia, jerry moran, over classification, ron wyden, secrecy, transparency