Public Policy Implications of the President’s Review Group

Peter Swire

Huang Professor of Law and EthicsScheller College of Business

Georgia Institute of Technology

April 16, 2014

Thank you for the invitation

Delighted to be here today My first year at GT has been unexpectedly busy

with the Review Group I look forward to getting to know Public Policy

much better

Overview of the Talk

Intro to Review Group The central puzzle: how should we govern secret

agencies in an open democracy? History of secrecy and transparency (Watergate) RG recommendations on transparency and oversight We are in a time where policy change is possible

Creation of the Review Group

Snowden leaks of 215 and Prism in June, 2013 August – Review Group named Report due in December 5 members

December 2013: The Situation Room

Our assigned task

Protect national security Advance our foreign policy, including economic

effects Protect privacy and civil liberties Maintain the public trust Reduce the risk of unauthorized disclosure

Our Report

Meetings, briefings, public comments 300+ pages in December 46 recommendations

Section 215 database “not essential” to stopping any attack; recommend government not hold phone records

Pres. Obama speech January Adopt 70% in letter or spirit Additional recommendations under study Organizational changes to NSA not adopted

An Ethical and Legal Challenge

How govern secret intelligence agencies in a democracy?

Thomas Jefferson: “An informed citizenry is the only true repository of the public will.”

Since WWII, enormous growth in IC Cold War War on Terrorism

Special concern if the secret surveillance is directed at the citizens themselves

That could threaten democracy

The Watergate Era and Secret Governance

1960’s + 1970’s: “The Crimes of the U.S. Intelligence Agencies” “Enemies list” in IRS Dirty tricks in political campaigns CIA, NSA, DoD surveillance in U.S. “National security” domestic wiretaps by J. Edgar

Hoover, without judicial review The Watergate break-in itself was to spy on domestic

political opposition, the DNC

Post-Watergate Solutions

Freedom of Information Act expanded Privacy Act: goal of no secret govt. databases Government in the Sunshine Act Foreign Intelligence Surveillance Act 1978

Domestic wiretaps for “foreign intelligence” but not vague “national security” grounds

Article III judges review each wiretap Public report on number of wiretap orders Congressional Intelligence committee oversight

Overall, shift toward transparency & oversight

Secrecy after 9/11

Surveillance of hard-to-find new targets, the terrorists secret surveillance

Sense of urgency & the Patriot Act Wars in Iraq & Afghanistan Warrant-less wiretaps (leaked 2005) Large database of phone records (leaked 2006) Snowden leaks beginning in June 2013

Section 215 domestic telephone meta-data Section 702 surveillance at targets overseas The long list of other stories

Section 215 of the Patriot Act

June 2013: surprising that most/all domestic phone records were being collected under “foreign intelligence” authorities

Unclear what other domestic surveillance was occurring Legislative proposals were pending for greater

“information sharing” from private sector to government for “cybersecurity” purposes Sharing would be permitted “notwithstanding any

other (privacy) law”

Was this hotel room number a coincidence?

RG Findings

RG received thorough briefings Finding: Section 215 had not been essential to

preventing any attack Good news: compliance has improved in NSA since

2008 Good news: no evidence of meddling with domestic

politics

RG Rec 11: Transparency

“We recommend that the decision to keep secret from the American people programs of the magnitude of the section 215 bulk telephony meta-data program should be made only after careful deliberation at high levels of government and only with due consideration of and respect for the strong presumption of transparency that is central to democratic governance. A program of this magnitude should be kept secret from the American people only if (a) the program serves a compelling governmental interest and (b) the efficacy of the program would be substantially impaired if our enemies were to know of its existence.”

RG Recommendations on 215

RG Rec 1 & 5: End current program of government holding the records A “black box” that is hard to monitor from outside Prevent mission creep/slippery slope to many bulk

databases about domestic activities Records already held by telcos for 18 months Go to telcos when have individualized basis for

request, with judicial review President Obama this month proposed legislation, with

all of these provisions

Other RG Transparency Recommendations

RG Rec 2: Similar judicial role for National Security Letters, by FBI Shift toward disclosure far earlier than 50 years Criminal searches often revealed in 6 months

RG Rec 4 & 7: bulk collection programs narrowly tailored, only with senior review, and public whenever possible

RG Rec 6: commission a meta-data study, to bring greater transparency and policy debate on data vs. meta-data

Transparency & the IT Industry Big economic effects on public cloud computing market

Double in size 2012-2016 Studies estimate US business losses from NSA

revelations: tens of billions $/year An opening for non-U.S. providers

Market has been dominated by US companies Deutsche Telecomm and others: “Dont put your data in the

hands of the NSA and US providers” US industry response: more transparency

Boost consumer confidence that the amount of government orders is modest

Moving to More Transparency

RG Rec 9: OK to reveal number of orders, number they have complied with, information produced, and number for each legal authority (215, 702, NSL, etc.), unless compelling national security showing

RG Rec 10: more detailed government reporting of lawful access orders, by type of legal authority

RG Rec 31: US should advocate to ensure transparency for requests by other governments Put more focus on actions of other governments

DOJ agreement with companies in January

Oversight goes with Transparency

Numerous RG recommendations to improve oversight Public advocate in secret FISA court New mechanisms for whistleblowers, to the Privacy & Civil

Liberties Oversight Board An Office of Technology Assessment in PCLOB to examine

new IC technologies for privacy & civil liberties Others These build on existing FISC, Congress, Inspector General

oversight mechanisms Checks and balances against accumulation of power in the

secret agencies

Oversight for the Full National Interest

Major theme of the report is that we face multiple risks, not just national security risks Effects on allies, foreign affairs Risks to privacy & civil liberties Risks to economic growth & business

Historically, intelligence community is heavily walled off, to maintain secrecy Now, convergence of civilian and military/intelligence

communications devices, software & networks Q: How respond to the multiple risks?

Addressing Multiple Risks

RG Recs 16 & 17: New process & WH staff to review sensitive

intelligence collection in advance Senior policymakers from the economic agencies

(NEC, Commerce, USTR) should participate Monitoring to ensure compliance with policy

RG Rec 19: New process for surveillance of foreign leaders Relations with allies, with economic and other

implications, if this surveillance becomes public

Summary on These Recommendations

It is time to renew the transparency initiatives that resulted from Watergate

Fortunately, we don’t have political “enemies lists” this time

But, shouldn’t have powerful, well-budgeted watchers unless they are watched as well: By the citizenry – transparency By oversight and checks & balances

Conclusion

Are pessimists correct that nothing will change? Section 215 program quite possibly will end DOJ agreed to the transparency agreement EU privacy regulation seemed dead, but Snowden-

related sentiments resulted recently in EU Parliament 621-10 in favor

We are in a period where change is possible It is a time where public policy activity is possible