There's a Trojan Horse Hidden in Proposed NSA Reform

The surveillance-reforming USA Freedom Act made its much anticipated passage out of the House Judiciary Committee, but darkness is now afoot. As it heads to a House floor vote, it does so with some very curious language, a veritable surveillance trojan horse that essentially castrates the reform effort. And it all begins with the bill's "specific selection term" language.

Electronic Frontier Foundation's Mark Jaycox calls the term "incredibly broad," and one that's been expanded to become almost meaningless. Originally, the bill defined "specific selection term," which would govern what data can be collected by the government, as a "term used to uniquely describe a person, entity, or account." Now it has been expanded to include legally flexible words like "address" and "device," which could greatly expand surveillance powers instead of curtail them.

"Congress has been clear that it wishes to end bulk collection," Jaycox told me. "But, given the government's history of twisted legal interpretations, this language can't be relied on to protect our freedoms."

Jaycox didn't know who negotiated the expanded definition of "specific selection term," but noted that it looks very similar to language preferred by the Office of the Director of National Security. He also said that this language has been alluded to in classified FISA court orders, both highlighted in an Emptywheel post.

"The process of translating between the specific selection terms—'al Qaeda' and others—to specific identifiers involves the potential for using far broader terms than just an account identifier," wrote Emptywheel in an analyis of the "specific selection term" language. "[O]nce you include 'entity' in the definition, it makes the value of 'specific selection term' pretty limited as a way to prevent bulk collection, because it invites the translation of that 'entity' into something that is not an individual account but rather something far broader."

In an EFF post, Jaycox noted that the bill also doesn't "sufficiently address" Section 702 of the Foreign Intelligence Surveillance Amendments Act, which the NSA uses to justify mass data mining of phone calls and emails directly from telecoms.

"We are specifically concerned that the new language references 'about' searches, which collect and review messages of users who do not even communicate with surveillance targets," he wrote. "Congress must include reforming Section 702 in any NSA reform. This includes stopping the NSA from searching illegally collected Americans' communications, stopping the suspicionless 'about' surveillance, and ensuring companies can report on the exact number of orders they receive and the number of users affected."

Jaycox told me that the USA Freedom Act's new language "eviscerates the intention of this bill: to stop the mass spying of innocent Americans' calling records." The hope is that someone like Senator Patrick Leahy, who has a history of pushing back against the NSA, digs into this fishy language this summer, and eviscerates it right back. But, as we've learned time and again on surveillance issues, with the US government there are no guarantees, and a lot of broken promises.