At 11 am today, Barack Obama will roll out the reforms of the NSA promised after the scandal and embarrassment of the Edward Snowden affair. The White House leaks this morning promise “major” reform, and news outlets report that Obama will end the phone metadata collection program “as we know it.” But at least at first, nothing much will change at all:
President Barack Obama will announce on Friday a major overhaul of a controversial National Security Agency program that collects vast amounts of basic telephone call data on foreigners and Americans, a senior Obama administration official said.
In an 11 a.m. (1600 GMT) speech at the Justice Department, Obama will say he is ordering a transition that will significantly change the handling of what is known as the telephone “metadata” program from the way the NSA currently handles it. …
In a nod to privacy advocates, Obama will say he has decided that the government should not hold the bulk telephone metadata, a decision that could frustrate some intelligence officials.
In addition, he will order that effectively immediately, “we will take steps to modify the program so that a judicial finding is required before we query the database,” said the senior official, who revealed details of the speech on condition of anonymity.
While a presidential advisory panel had recommended that the bulk data be controlled by a third party such as the telephone companies, Obama will not offer a specific proposal for who should store the data in the future.
And here we come to the point of confusion. At least so far, there have been a couple of options for keeping the metadata, and only a couple. Either the government requires telecoms to retain the data for a long period of time and leave them open to subpoena, or the government keeps them. The first option doesn’t really work if the intention is to perform datamining on an extremely large scale, but it would help for specific searches based on probable cause. The second option allows for datamining, but would be so large as to make retention by any other agency except for the one who needs it impractical.
This morning’s reports might suggest that the government will outsource the storage to a third party. That, however, doesn’t sound much better. Instead of the NSA holding the data, some other private-sector firm (maybe a TRW/Northrop or similar high-security contractor), and the NSA will still get access to it. That’s not really a “reform” as much as it is a complication, is it?
So, which will it be? We don’t know yet, because …
Obama has asked Attorney General Eric Holder and the intelligence community to report back to him before the program comes up for reauthorization on March 28 on how to preserve the necessary capabilities of the program, without the government holding the metadata.
That prompted this quip from Ron Fournier:
— Ron Fournier (@ron_fournier) January 17, 2014
In other words, nothing will change on metadata collection for the next couple of months. The NSA will continue to collect and retain the data while Holder and the administration mull it over a while longer:
The presidential Review Group on Intelligence concluded in December that data collection should remain but that the government must do a better job of protecting civil liberties in the context of national security.
According to the official, the president will recommend that the collection of Americans’ phone records remain at the NSA temporarily as he seeks input from Congress and the U.S. intelligence community on where to store the data permanently.
Effective immediately, the administration will take steps to modify the program so that a “judicial finding is required” before the NSA queries the database, the official said.
The “judicial finding” requirement sounds good, but in practice, that won’t be much of a change, either. The FISA court has been highly cooperative with NSA requests, even after the court determined that the agency violated court orders. Very few requests get denied by the FISA court. Assuming that doesn’t change, the only reform this will impose will be a slightly slower process to do pretty much what the NSA has been doing all along. Adding a privacy advocate might make that process a little more adversarial, depending on who the “advocate” is, but unless the courts take the advocates as more credible than the national-security organs demanding the access, I’m going to guess that the approval rates won’t deviate significantly from what we’ve already seen.
The bottom line appears to be that the metadata collection will continue, the NSA will continue to get access to it, and that the only change will be an extra lawyer in the request process and a change of address for the data. For a program that hasn’t done much to discover terrorist plots, the leaks so far don’t seem to add up to major reform.
Update: The parsing around collection prompted this from Chuck Todd:
If there's a third party housing the bulk phone/internet data, rather than NSA, would you consider that gov't collection or not? Serious Q
— Chuck Todd (@chucktodd) January 17, 2014
Yes. Next question?