What American citizens and Internet users around the world needed to hear from President Obama at his speech on surveillance last week was that they wouldn't be surveilled without reason and information would not be misused. Unfortunately, they didn't get that -- though the president showed great empathy and understanding of the scope of the problem.
I attended the speech and was hoping to hear the U.S. would halt its massive collection and analysis of bulk metadata. My tech trade association would have liked President Obama to have at least followed the lead of his appointed review group in certain key areas such as NSA's subversion of encryption standards.
The president's reforms would change the way bulk metadata data is stored -- with a third party rather than the government -- but such a scheme is fraught with new problems and fails to tighten the legal standards for access. President Obama would limit the searches to two "hops" away from a suspect rather than three and require the NSA to get a judge to sign off on the searches. It's my opinion, as well as that of a number of judges, that such large collections of metadata give rise to a search under the Fourth Amendment. More to the point, even the President's review group concluded the metadata program did not play a measurable role in stopping attacks.
In addition, a report this week from an independent federal privacy watchdog group said the bulk collection is illegal and must end. That report from the Privacy and Civil Liberties Oversight Board was issued less than a week after the president's speech. This latest report will add to the growing debate after a federal judge and the president's review group also expressed serious misgivings about bulk data collection and other surveillance practices.
While the board may not have been unanimous in all of their findings, such as the legality of the bulk metadata program, they all agreed there have been no instances where this program has actually prevented a national security threat.
We in the tech world understand that governments and intelligence agencies around the world are going to want to access to all the data they might possibly ever need. Technology creates and helps cumulate data, and we need to be active in ensuring such data is not misused. Government desire for metadata from phones and Internet records is only a part of what is really being sought. Americans must be a leader in setting high standards for accessing data. I believe we need to honor and advocate for such standards which are exemplified in our First, Fourth and Fifth Amendments, when properly applied.
If we too readily make those values take a backseat to the increasing demand for more information from the national security community, it will create an even worse model in other countries that lack a tradition of citizen privacy protections and standards.
We have no doubt those assigned to protect U.S. security want more information to do their job better, but that insatiable zeal for more information is where we get into trouble. We are assured that they don't seek to access this data except in very limited situations, but what many of us don't fully grasp is that access to information gathered is just the second part of the equation.
The basic gathering of data and its inherent value is intrusive, erodes our sense of privacy, and creates information power and provides an enduring temptation to use or misuse it. Having this accumulation of data sitting around makes it available for misuse -- not just for the U.S. government, but for anyone.
There are some who excuse our activities by arguing other countries do more and with fewer checks and balances. The fact that others behave worse than than the U.S. does not justify our lowering our standards, but should reinforce the need for us to lead by example, rebuild trust, and use renewed credibility to shape the future in a positive way. A world that evolves in the direction of freedom from excessive government power and control is a world in which we are all safer.
The U.S.'s reputation as the world's freest country, leader on Internet freedom, and its ability to grow economically is at stake if we don't take concrete steps to rein in surveillance.
Everyone agrees there are real enemies and the U.S. cannot be secure without the capacity to unravel terrorist plots. Many, including our tech trade association, recognize this reality enough to support Section 215 of the Foreign Intelligence Surveillance Act when used responsibly and with specificity. Where we see problems is when it is interpreted too broadly, opening the floodgate for a wide collection of data and expanding the likelihood of abuse.
We certainly appreciate that President Obama's speech showed that he has listened to foreign parties, privacy advocates and industry experts. The President showed an understanding of the problems created by surveillance and offered a thoughtful, empathetic attempt to deal with the issue. But bolder leadership and strong action are required. The reforms announces were insufficient to change the trajectory of surveillance and curtail the potential for abuse.
We now look to Congress as the renewal of the legal authority to conduct surveillance comes up for discussion in March. Lawmakers need to at least consider reforms like those recommended by the White House's surveillance review group before they reauthorize any surveillance legislation.
The American public and our international allies need to demand more robust reforms for themselves and global Internet users. If they do, we hope Congress will respond with courage and vision.