FBI Changes How It Uses NSA Data: Report - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
IT Leadership // Security & Risk Strategy

FBI Changes How It Uses NSA Data: Report

With calls for greater transparency in the rules governing Section 702 of the NSA's Prism program, the FBI has made classified changes, The Guardian confirmed. The program has implications for businesses and individuals alike.

 Siri, Cortana Are Listening: How 5 Digital Assistants Use Your Data
Siri, Cortana Are Listening: How 5 Digital Assistants Use Your Data
(Click image for larger view and slideshow.)

In a move that has implications for businesses and individuals alike, the FBI quietly revised its privacy rules regarding the searching of data collected by the National Security Agency (NSA).

The new rules apply to what's referred to as Section 702 of the NSA's Prism program, which falls under the Foreign Intelligence Surveillance Act (FISA) and is set to expire in 2017.

The new rules were reported by The Guardian March 8, citing confirmation from US officials.

In October 2015, the American Civil Liberties Union joined with more than 30 other privacy and civil rights groups in urging the US director of National Intelligence to release more information about Section 702.

Meanwhile, the Privacy and Civil Liberties Oversight Board (PCLOB), a Washington-based watchdog group, said in a Feb. 5 statement that it had issued reports on Section 215 and Section 702 of the government's surveillance programs. The PCLOB reports made a total of 22 recommendations to ensure the programs "appropriately balance national security with privacy and civil liberties."

According to the March 8 report in The Guardian, the new rules address some of the concerns put forward by the PCLOB.

"Changes have been implemented based on PCLOB recommendations, but we cannot comment further due to classification," Christopher Allen, a spokesman for the FBI, told The Guardian, which added that some of the revisions addressed the PCLOB's concerns about the number of FBI agents using the NSA-collected data.

Gain insight into the latest threats and emerging best practices for managing them. Attend the Security Track at Interop Las Vegas, May 2-6. Register now!

According to The Guardian, FBI officials routinely use Americans' identifying information to search through the "massive collections of international emails, texts and phone calls." The data is collected from international communications that are reportedly focused on non-Americans, though Americans are often on one end of the correspondence.

As of 2014, The Guardian report added, the FBI wasn't required to make note of when it searched the metadata of an email (the "to" and "from" categories). Neither did it record how many of its searches included Americans' identifying information. Privacy advocates have described the FBI's easy access to the data as a "backdoor" around obtaining warrants, according to The Guardian.

Timothy Barrett, a spokesperson for the office of the director of national intelligence, confirmed the FBI's rule changes to The Guardian and said that, as it did with 2014 "minimization" changes to Section 702, the FBI is considering releasing the 2015 changes.

(Image: Beppe Karlsson via Pixabay)

(Image: Beppe Karlsson via Pixabay)

According to the PCLOB, 13 of the organization's 22 recommendations have been implemented in full and "nine are still in the process of being implemented or have been partially implemented."

Those still "in the process" include recommendations to:

  • Publicly release past Foreign Intelligence Surveillance Court (FISC) and Foreign Intelligence Surveillance Court of Review (FISCR) decisions that involve Novel, Legal, Technical, or Compliance questions
  • Inform the PCLOB of FISA activities and provide relevant congressional reports and FISC decisions
  • Disclose the scope of surveillance authorities affecting Americans
  • Require NSA and CIA personnel to provide a statement of facts explaining their foreign intelligence purpose before querying Section 702 data using US person identifiers, and develop written guidance on applying this standard
  • Adopt measures to document and publicly release information showing how frequently the NSA acquires and uses communications of US persons and people located in the US

Meanwhile, the October 2015 letter from the ACLU and other groups asked for an estimate of:

  • The number of communications involving Americans that were subject to Section 702 surveillance each year
  • The number of times each year that the FBI uses a US identifier to query Section 702 data
  • For policies regarding "agencies' notification of individuals that they intend to use information 'derived from' Section 702 surveillance in judicial or administrative proceedings."

In their letter the groups said that knowing the impact of the law on Americans "is not only important to an informed public debate, it is essential."

Michelle Maisto is a writer, a reader, a plotter, a cook, and a thinker whose career has revolved around food and technology. She has been, among other things, the editor-in-chief of Mobile Enterprise Magazine, a reporter on consumer mobile products and wireless networks for ... View Full Bio

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Slideshows
9 Steps Toward Ethical AI
Cynthia Harvey, Freelance Journalist, InformationWeek,  5/15/2019
Commentary
How to Assess Digital Transformation Efforts
Lisa Morgan, Freelance Writer,  5/14/2019
Commentary
Is AutoML the Answer to the Data Science Skills Shortage?
Guest Commentary, Guest Commentary,  5/10/2019
White Papers
Register for InformationWeek Newsletters
Video
Current Issue
A New World of IT Management in 2019
This IT Trend Report highlights how several years of developments in technology and business strategies have led to a subsequent wave of changes in the role of an IT organization, how CIOs and other IT leaders approach management, in addition to the jobs of many IT professionals up and down the org chart.
Slideshows
Flash Poll