The U.S. Congress needs to help restore global trust in the nation's technology vendors by reining in surveillance programs at the National Security Agency, an industry representative told lawmakers Tuesday.
Recent revelations about NSA surveillance programs have created a "misimpression" about the U.S. technology industry and are eroding trust in those companies, said Dean Garfield, president and CEO of the Information Technology Industry Council (ITI). The furor over the NSA surveillance programs could lead to lost income in the tens of billions of dollars for U.S. cloud providers, and many U.S. tech vendors are already hearing complaints, he said.
The U.S. needs a "public policy course correction" on NSA surveillance, Garfield told the U.S. House of Representatives Judiciary Committee.
"Made in the U.S.A. is no longer a badge of honor, but a basis for questioning the integrity and the independence of U.S.-made technology," Garfield said. "Many countries are using the NSA's disclosures as a basis for accelerating their policies around forced localization and protectionism."
To stop a "protectionist downward spiral," Congress needs to ensure greater transparency over NSA surveillance and provide stronger oversight, including a civil liberties advocate at the U.S. Foreign Intelligence Surveillance Court. Congress also needs to find ways to restore trust in the encryption standards process at the U.S. National Institute of Standards and Technology (NIST), he said, after revelations by former NSA contractor Edward Snowden that the NSA worked to compromise the process.
Some witnesses and lawmakers seemed to call for larger changes to NSA surveillance programs, with several calling for President Barack Obama's administration to scrap the NSA's bulk collection of U.S. telephone records.
Representatives of Obama's Review Group on Intelligence and Communications Technology, which recently recommended major changes to the phone records program, and the U.S. Privacy and Civil Liberties Oversight Board, which called the program illegal, testified at the hearing.
Several lawmakers, both Republicans and Democrats, questioned the legality of the phone records program. Representative Ted Poe, a Texas Republican, questioned how many criminal cases federal investigators have filed using information from the phone records program.
There "may be one," said James Cole, deputy attorney general in the U.S. Department of Justice.
"One criminal case?" Poe said. "[The program] is an invasion of personal privacy, and it's justified on the idea that we're going to capture these terrorists. The evidence that you've told is all this collection has resulted in one bad guy having criminal charges filed on him."
Cole defended the phone records program, saying the information it provides helps with large investigations. "The point of the statute is not to do criminal investigations," he said. "The point of the statute is to do foreign intelligence investigations."
Officials with the Obama administration haven't accurately described the NSA programs to Congress, said Representative Trent Franks, an Arizona Republican. "We feel that we have been blatantly deceived on what some of these programs have done," he said.
Congress should pass the USA Freedom Act, an NSA reform bill that has several Judiciary Committee sponsors, said David Cole, a constitutional law professor at the Georgetown University Law School. The bill would allow the DOJ and NSA to collect U.S. phone records only when they are connected to a suspected terrorist.
"That is how the administration sold what they were asking Congress to do" when it asked for new authority in the Patriot Act to collect information relevant to a terrorism investigation, he said. "I don't think a single member of Congress thought, 'what we mean by that is there are no limits on the business records that you can get.'"
But Steven Bradbury, a former DOJ official, defended the phone records program. Some NSA reform proposals "would expose the nation to vulnerability by substantially weakening or even destroying outright the effectiveness" of the phone records program, he said.
Proposals to add a civil liberties lawyer at the surveillance court would slow down the collection-approval process there, and "would, I fear, prove dangerously unworkable in the event of the next catastrophic attack on the United States," he added.
Grant Gross covers technology and telecom policy in the U.S. government for The IDG News Service. Follow Grant on Twitter at GrantGross. Grant's email address is email@example.com.
Join the CIO New Zealand group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.