With calls for greater transparency of the rules governing Section 702 of the NSA's Prism program, the FBI has made classified changes, The Guardian confirmed.

Michelle Maisto, Freelance Writer

March 9, 2016

4 Min Read
<p align="left">(Image: <a href="https://pixabay.com/en/users/beppek-262111/"target="_blank">Beppe Karlsson</a> via <a href="https://pixabay.com/en/nsa-graffiti-stockholm-gullmarsplan-401020/"target="_blank">Pixabay</a>)</p>

 Siri, Cortana Are Listening: How 5 Digital Assistants Use Your Data

Siri, Cortana Are Listening: How 5 Digital Assistants Use Your Data

Siri, Cortana Are Listening: How 5 Digital Assistants Use Your Data (Click image for larger view and slideshow.)

In a move that has implications for businesses and individuals alike, the FBI quietly revised its privacy rules regarding the searching of data collected by the National Security Agency (NSA).

The new rules apply to what's referred to as Section 702 of the NSA's Prism program, which falls under the Foreign Intelligence Surveillance Act (FISA) and is set to expire in 2017.

The new rules were reported by The Guardian March 8, citing confirmation from US officials.

In October 2015, the American Civil Liberties Union joined with more than 30 other privacy and civil rights groups in urging the US director of National Intelligence to release more information about Section 702.

Meanwhile, the Privacy and Civil Liberties Oversight Board (PCLOB), a Washington-based watchdog group, said in a Feb. 5 statement that it had issued reports on Section 215 and Section 702 of the government's surveillance programs. The PCLOB reports made a total of 22 recommendations to ensure the programs "appropriately balance national security with privacy and civil liberties."

According to the March 8 report in The Guardian, the new rules address some of the concerns put forward by the PCLOB.

"Changes have been implemented based on PCLOB recommendations, but we cannot comment further due to classification," Christopher Allen, a spokesman for the FBI, told The Guardian, which added that some of the revisions addressed the PCLOB's concerns about the number of FBI agents using the NSA-collected data.

Gain insight into the latest threats and emerging best practices for managing them. Attend the Security Track at Interop Las Vegas, May 2-6. Register now!

According to The Guardian, FBI officials routinely use Americans' identifying information to search through the "massive collections of international emails, texts and phone calls." The data is collected from international communications that are reportedly focused on non-Americans, though Americans are often on one end of the correspondence.

As of 2014, The Guardian report added, the FBI wasn't required to make note of when it searched the metadata of an email (the "to" and "from" categories). Neither did it record how many of its searches included Americans' identifying information. Privacy advocates have described the FBI's easy access to the data as a "backdoor" around obtaining warrants, according to The Guardian.

Timothy Barrett, a spokesperson for the office of the director of national intelligence, confirmed the FBI's rule changes to The Guardian and said that, as it did with 2014 "minimization" changes to Section 702, the FBI is considering releasing the 2015 changes.

According to the PCLOB, 13 of the organization's 22 recommendations have been implemented in full and "nine are still in the process of being implemented or have been partially implemented."

Those still "in the process" include recommendations to:

  • Publicly release past Foreign Intelligence Surveillance Court (FISC) and Foreign Intelligence Surveillance Court of Review (FISCR) decisions that involve Novel, Legal, Technical, or Compliance questions

  • Inform the PCLOB of FISA activities and provide relevant congressional reports and FISC decisions

  • Disclose the scope of surveillance authorities affecting Americans

  • Require NSA and CIA personnel to provide a statement of facts explaining their foreign intelligence purpose before querying Section 702 data using US person identifiers, and develop written guidance on applying this standard

  • Adopt measures to document and publicly release information showing how frequently the NSA acquires and uses communications of US persons and people located in the US

Meanwhile, the October 2015 letter from the ACLU and other groups asked for an estimate of:

  • The number of communications involving Americans that were subject to Section 702 surveillance each year

  • The number of times each year that the FBI uses a US identifier to query Section 702 data

  • For policies regarding "agencies' notification of individuals that they intend to use information 'derived from' Section 702 surveillance in judicial or administrative proceedings."

In their letter the groups said that knowing the impact of the law on Americans "is not only important to an informed public debate, it is essential."

About the Author(s)

Michelle Maisto

Freelance Writer

Michelle Maisto is a writer, a reader, a plotter, a cook, and a thinker whose career has revolved around food and technology. She has been, among other things, the editor-in-chief of Mobile Enterprise Magazine, a reporter on consumer mobile products and wireless networks for eWEEK.com, and the head writer at a big data startup focused on data networks and shared data. She has contributed to Gourmet, Saveur, and Yahoo Food. Her memoir, The Gastronomy of Marriage, was published on three continents. She's currently learning Mandarin at an excruciating pace.

Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.

You May Also Like

More Insights