A U.S. government privacy oversight board has found that the National Security Agency and other agencies have not misused the provisions of the country's overseas surveillance program, but cautioned that certain aspects of the program, such as the incidental collection of communications of U.S. persons, raises privacy concerns.
The Privacy and Civil Liberties Oversight Board said late Tuesday in a pre-release version of its report that it has seen no trace of illegitimate activity around information collected by the government under Section 702 of the Foreign Intelligence Surveillance Act, or any attempt to intentionally circumvent legal limits.
But it said that the scope of the incidental collection of U.S. persons' communications and the use of queries to search the information collected under the program for the communications of specific U.S. persons pushed the program "close to the line of constitutional reasonableness."
"Such aspects include the unknown and potentially large scope of the incidental collection of U.S. persons' communications, the use of 'about' collection to acquire Internet communications that are neither to nor from the target of surveillance, and the use of queries to search for the communications of specific U.S. persons within the information that has been collected," the report said.
The PCLOB, however, fell short of the expectations of civil rights groups and some lawmakers who have recommended curbs on backdoor snooping on people in the U.S.
The U.S. House of Representatives last month approved a proposal to limit the surveillance programs of the NSA by requiring it to get a court-ordered warrant to search U.S records in its possession.( Under current rules, the NSA is not prohibited from querying U.S. communications inadvertently collected under the foreign surveillance program.
The PCLOB instead made ten recommendations aimed at arriving at a better balance between privacy, civil liberties and national security in the working of the Section 702 program. They include changes in the targeting procedure, the procedure for queries using U.S. person identifiers, and the role of the Foreign Intelligence Surveillance Court in the certification process.
Disclosures of U.S. overseas surveillance, including of spying on the German Chancellor Angela Merkel and Brazil's President Dilma Rousseff, have created controversy abroad. Some U.S. companies like Microsoft and Cisco Systems have said that the surveillance could lead to customers turning away from U.S. vendors of products and cloud services for fear of being spied on. The German government last week dropped Verizon Communications as a service provider over concerns about U.S. spying.
The PCLOB did not address the implications abroad of NSA surveillance, concluding that the core of the Section 702 program, consisting of acquiring the communications of specifically targeted foreign persons located outside the U.S., was reasonable under the Fourth Amendment to the U.S. Constitution. The board described foreign operations under Section 702 as having "proven valuable in the government's efforts to combat terrorism as well as in other areas of foreign intelligence."
Reviewing the government's programs for the bulk collection of phone records of U.S. persons, the PCLOB earlier this year said that the NSA lacked the legal authority for such collection, and recommended in a 3-2 vote that the government wind down the program. Former NSA contractor Edward Snowden disclosed in June last year details of the bulk collection of phone records from Verizon by the NSA.
"If the last PCLOB report was a bombshell, this one is a dud," wrote Kevin Bankston, policy director of the New America Foundation's Open Technology Institute, in a Twitter message.
The board will be voting on the current report on Wednesday.
Join the CIO New Zealand group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.