U.S. SIGINT "Reforms" 2015

8/9/2019 U.S. SIGINT "Reforms" 2015

1/12

SIGN LS

INTELLIGENCE

REFORM

2015

NNIVERS RY

REPORT

OVERVIEW

OVERVIEW

SEEKING INDEPENDENT ADVICE

STRENGTHENING PRIVACY CIVIL LIBERTIES

LIMITING SIGINT COLLECTION USE

ENHANCING TRANSPARENCY

PROTECTING WHISTLEBLOWERS

MOVING FORWARD

FACTSHEET

Over the course o the past eighteen months, the United States has undertaken a comprehensive effort to

examine and enhance the privacy and civil liberty protections we embed in our signals intelligence

(SIGINT) collection activities.

As part o h is process, we have sought - and benefited from - a broad cross section o views, ideas,

and recommendations from oversight bodies , advocacy organizations, private companies, and the general

public. This effort has resulted in strengthened privacy and civil liberty protections; new limits on signals

intelligence collection and use ; and increased transparency.

On January 17, 2014, President Obama signed Pres idential Policy Directive-28, Signals Intelligence

Activities (PPD-28) and delivered an address at the Department o Justice on the steps we are taking to

reform certa in intelligence activities. As we mark the one-year anniversary of these events it is a good

time to report on the status of a range of ongoing reform efforts.

• SEEKING INDEPENDENT DVICE

• STRENGTHENING PRIV CY CIVIL LIBERTIES PROTECTIONS

• LIMITING SIGINT COLLECTION ND USE

• ENH NCING TR NSP RENCY

• PROTECTING WHISTLEBLOWERS

• MOVING FORW RD

As this report shows, the Intelligence Community has made significant progress implementing many

reforms. However, our work is not done. To that end , the Office o the Director o National Intelligence will

issue another public report in 2016 about the Intelligence Community's on-going progress to implement

these reforms.


2/12


3/12

SIGNALS

INTELLIGENCE

REFORM

2015

ANNIVERSARY

REPORT

OVERVIEW


STRENGTHENING PRIVACY & CIVIL LIBERTIES

LIMITING SIGINT COLLECTION & USE



MOVING FORWARD

FACTSHEET

STRENGTHENING PRIVACY CIVIL LIBERTIES PROTECTIONS

As the President said in his speech on January 17, 2014, Uhe challenges posed by threats like terrorism

and proliferation and cyber-attacks are not going away any time soon .. . and for our intelligence

community to be effective over the long haul, we must maintain the trust o the American people , and

people around the world. As a part of that effort, the President made clear that ou r signals intelligence

activities must take into account that all persons should be treated with dignity and respect, regardless of

their nationality or wherever they might reside .. ..

This commitment is reflected in the direction the President issued that same day in Section 4 o

Presidential Policy Directive-28, Signals Intelligence Activities (PPD-28), requiring all elements o the

Intelligence Community to establish policy and procedures for safeguarding personal information collected

from signals intelligence (SIGINT) activities. In addition, we are also seeking to provide new legislative

remedies for potential privacy violations.

• INTELLIGENCE COMMUNITY S IMPLEMENTATION OF SECTION 4 OF PPD-28

• JUDICIAL REDRESS OF CITIZENS OF CERTAIN COUNTRIES

In addition, in response to the President's direction and to the recommendations from both the President's

Review Group on Intelligence and Communications Technology and the Privacy and Civil Liberties

Overs ight Board , the Intelligence Community is strengthening privacy protections in our collection activities

under Section 702 of Foreign Jntelligence Surveillance Act and the Section 215 bulk telephony metadata

program. Moreover, as directed by the President, the FBI will amend its non-disclosure policy for National

Security Letters.

• NEW PRIVACY PROTECTIONS FOR INFORMATION COLLECTED UNDER SECTION 215

• NEW PRIVACY PROTECTIONS FOR INFORMATION COLLECTED UNDER SECTION 702

• NATIONAL SECURITY LETTERS

INTELLIGENCE COMMUNITY S IMPLEMENTATION OF SECTION 4 OF

PRESIDENTIAL POLICY DIRECTIVE PPD-28, SIGNALS INTELLIGENCE

ACTIVITIES

On January 17, 2014, the President issued Pres idential Po licy Directive-28, Signals Intelligence Activities

(PPD-28), which articulates principles to guide why, whether, when , and how the United States conducts

signals intelligence activities for authorized foreign intelligence and counterintelligence purposes.

In a speech that same day, the President made clear that the United States is committed to protecting the

personal information of all people regardless o nationality and directed the Intelligence Community to take

a number of steps to strengthen the privacy and civil liberty protections afforded to all people.

PPD-28 reinforces current practices, establishes new principles, and strengthens oversight, to ensure that

in conducting signals intelligence (SIGINT) activities, the United States takes into account not only the

security needs

o

our nation and our allies, but also the privacy

o

people around the world.

Section 4 of PPD-28 calls on each Intelligence Community element to update existing or issue new

policies and procedures to implement principles for safeguarding all personal information collected through

SIGINT, consistent with technical capabilities and operational needs.

Over the past year, the Intelligence Community has been working to implement this requ irement within the

framework of existing processes, resources , and capabilities, wh ile ensuring that mission needs continue

to be met.

In July 2014, the Director of National Intelligence provided the President an interim report on the status o

our efforts that also evaluated, in coordination with the Department of Justice and the rest o the

Intelligence Community, certain additional retention and dissemination safeguards that all Intelligence

Community elements should follow as they adopt policies and procedures under PPD-28.

The Director of National Intelligence is pleased to report that, as requ ired by PPD-28 , all Intelligence

Community elements have reviewed and updated their existing policies and procedures, or have issued

new pol icies or procedures, to provide safeguards for personal information collected through SIGINT,

regardless o nationality and consistent with national security, our technical capabilities, and operational

needs.

Although similar in many respects, agency procedures are not identical. The differences reflect that not all

agencies conduct SIGINT collection and that agencies have different mission requirements. Links to

agency policies and procedures can be found below.

https://leaksource.files.wordpress.com/2015/02/presidential-policy-directive-ppd-28-signals-intelligence-activities.pdfhttps://leaksource.files.wordpress.com/2015/02/presidential-policy-directive-ppd-28-signals-intelligence-activities.pdfhttps://leaksource.files.wordpress.com/2015/02/presidential-policy-directive-ppd-28-signals-intelligence-activities.pdfhttps://leaksource.files.wordpress.com/2015/02/presidential-policy-directive-ppd-28-signals-intelligence-activities.pdfhttps://leaksource.files.wordpress.com/2015/02/presidential-policy-directive-ppd-28-signals-intelligence-activities.pdfhttps://leaksource.files.wordpress.com/2015/02/presidential-policy-directive-ppd-28-signals-intelligence-activities.pdfhttps://leaksource.files.wordpress.com/2015/02/presidential-policy-directive-ppd-28-signals-intelligence-activities.pdfhttps://leaksource.files.wordpress.com/2015/02/presidential-policy-directive-ppd-28-signals-intelligence-activities.pdfhttp://leaksource.info/2014/01/17/obama-announces-nsa-reforms-w-presidential-directive-greenwald-assange-responses/http://leaksource.info/2014/01/17/obama-announces-nsa-reforms-w-presidential-directive-greenwald-assange-responses/http://leaksource.info/2014/01/17/obama-announces-nsa-reforms-w-presidential-directive-greenwald-assange-responses/http://leaksource.info/2014/01/17/obama-announces-nsa-reforms-w-presidential-directive-greenwald-assange-responses/http://leaksource.info/2014/01/17/obama-announces-nsa-reforms-w-presidential-directive-greenwald-assange-responses/http://leaksource.info/2014/01/17/obama-announces-nsa-reforms-w-presidential-directive-greenwald-assange-responses/http://tmblr.co/ZZQjsq1TMnJ3Hhttp://tmblr.co/ZZQjsq1TMnJ3Hhttp://tmblr.co/ZZQjsq1TMnJ3Hhttp://tmblr.co/ZZQjsq1TMnJ3Hhttp://tmblr.co/ZZQjsq1TMnJ3Hhttp://tmblr.co/ZZQjsq1TMnJ3Hhttp://tmblr.co/ZZQjsq1TMnJ3Hhttp://tmblr.co/ZZQjsq1TMnJ3Hhttp://tmblr.co/ZZQjsq1TMnJ3Hhttp://leaksource.info/2014/01/17/obama-announces-nsa-reforms-w-presidential-directive-greenwald-assange-responses/https://leaksource.files.wordpress.com/2015/02/presidential-policy-directive-ppd-28-signals-intelligence-activities.pdf


4/12

U.S. Intelligence Community Policies & Procedures to Safeguard Personal

Information Collected Through SIGINT

• Office of the Director of National Intelligence

• Central Intelligence Agency

• National Security Agency

• National Reconnaissance Office

• Federal Bureau of Investigation

• Department of Homeland Security

• Drug Enforcement Administration

• State Department

• Treasury Department

• Department of Energy

• U.S. Coast Guard

• Other IC Elements in the Department of Defense

What has PPD-28 changed?

The agency policies and procedures implementing Section 4 of PPD-28 include significant changes that

strengthen privacy and civil liberty protections for all people. It is worthwhile to highlight a few of the most

significant changes:

• Limits on retention: We have imposed new limitations on the retention of personal information about

non-U.S. persons. Before PPD-28, Intelligence Community elements had disparate restrictions on how

long information about non-U.S. persons could be retained. PPD-28 changes these retention practices

in significant ways to afford strengthen privacy protections. Now Intelligence Community elements

must delete non-U.S. person information collected through SIGINT five years after collection unless the

information has been determined to be relevant to, among other things, an authorized foreign

intelligence requirement, or if the Director of National Intelligence determines, after considering the

views of the Office of the Director of National Intelligence Civil Liberties Protection Officer and agency

privacy and civil liberties officials, that continued retention is in the interest of national security. This

new retention requirement is similar to the requirements applicable to information about U.S. persons.

Thus these new retention rules will more uniformly limit the retention of any personal information by the

Intelligence Community.

• Dissemination Restrictions: Intelligence Community elements have always disseminated intelligence

information because it is relevant to foreign intelligence requirements. All agency policies implementing

PPD-28 now explicitly require that information about a person may not be disseminated solely because

he or she is a non-U.S. person and the Office of the Director of National Intelligence has issued a

revised directive to all Intelligence Community elements to reflect this requirement. Intelligence

Community personnel are now specifically required to consider the privacy interests of non-U.S.

persons when drafting and disseminating intelligence reports.

• Oversight, Training & Compliance Requirements: Intelligence Community elements have always

had strong training, oversight, and compliance programs to ensure we were protecting the privacy and

civil liberties of U.S. persons. In response to PPD-28, Intelligence Community elements have added

new training, oversight, and compliance requirements. They are developing mandatory training

programs to ensure that intelligence officers know and understand their responsibility to protect the

personal information of all people, regardless of nationality. We are also adding new oversight and

compliance programs to ensure that these new rules are being followed properly. The oversight

program includes a new requirement to report any significant compliance incident involving personal

information, regardless of the person's nationality, to the Director of National Intelligence.

JUDICI L REDRESS FOR CITIZENS OF CERTAIN COUNTRIES

In furtherance of its commitment to protecting privacy in the law enforcement context, the Administration is

working with Members of Congress on legislation to give citizens of designated countries the right to seek

judicial redress for intentional or willful disclosures of protected information, and for refusal to grant access

or to rectify any errors in that information.

NEW PRIVACY PROTECTIONS FOR BULK TELEPHONY METADATA

COLLECTED UNDER SECTION 215

Section 215 of the USA PATRIOT Act authorizes the Government to make requests to the Foreign

Intelligence Surveillance Court (FISC) for orders requiring production of documents or other tangible things

books, records, papers, documents, and other items) when they are relevant to an authorized national

security investigation such as an investigation to protect against international terrorism or clandestine

intelligence activities. The vast majority of orders issued under Section 215 do not seek information

collected in bulk; rather, these orders require the production of a discrete and limited amount of

information.

This authority is also used to require certain telephone communications providers to produce in bulk

telephony metadata, such as telephone numbers dialed and length of calls. This program was developed

to fill an important intelligence gap identified by the report on the 9/11 attacks by allowing the Government

to detect communications between terrorists who are operating outside the U.S. and potential operatives

inside the U.S. This program does not permit the government to obtain or listen to the content of anyone's

telephone calls. Nor is the Government allowed to sift indiscriminately through the telephony metadata

obtained under this program. Rather, since its inception, this program has been subject to strict controls

and oversight, including:

• Requiring the metadata to be stored in secure databases accessible to only a limited number of trained

analysts.

• Limiting the access to, and use of, the metadata only for counterterrorism purposes.

• Prohibiting querying the databases unless there is a reasonable, articulable suspicion that a particular

target identifier (the seed number) is associated with particular foreign terrorist organizations.

• Limiting the access to and use of this metadata only for identifying the telephone identifiers that are in

contact, directly or indirectly, with the seed number.

• Destroying the information after five years.

https://leaksource.files.wordpress.com/2015/02/odni-ppd-28.pdfhttps://leaksource.files.wordpress.com/2015/02/odni-ppd-28.pdfhttps://leaksource.files.wordpress.com/2015/02/odni-ppd-28.pdfhttps://leaksource.files.wordpress.com/2015/02/odni-ppd-28.pdfhttps://leaksource.files.wordpress.com/2015/02/odni-ppd-28.pdfhttps://leaksource.files.wordpress.com/2015/02/cia-ppd-28.pdfhttps://leaksource.files.wordpress.com/2015/02/cia-ppd-28.pdfhttps://leaksource.files.wordpress.com/2015/02/nro-ppd-28.pdfhttps://leaksource.files.wordpress.com/2015/02/fbi-ppd-28.pdfhttps://leaksource.files.wordpress.com/2015/02/fbi-ppd-28.pdfhttps://leaksource.files.wordpress.com/2015/02/fbi-ppd-28.pdfhttps://leaksource.files.wordpress.com/2015/02/dhs-ppd-28.pdfhttps://leaksource.files.wordpress.com/2015/02/dhs-ppd-28.pdfhttps://leaksource.files.wordpress.com/2015/02/dhs-ppd-28.pdfhttps://leaksource.files.wordpress.com/2015/02/dea-ppd-28.pdfhttps://leaksource.files.wordpress.com/2015/02/state-ppd-28.pdfhttp://www.treasury.gov/resource-center/terrorist-illicit-finance/Pages/PPD-28-Procedures.aspxhttps://leaksource.files.wordpress.com/2015/02/doe-ppd-28.pdfhttps://leaksource.files.wordpress.com/2015/02/doe-ppd-28.pdfhttps://leaksource.files.wordpress.com/2015/02/doe-ppd-28.pdfhttps://leaksource.files.wordpress.com/2015/02/coast-guard-ppd-28.pdfhttps://leaksource.files.wordpress.com/2015/02/dod-ppd-28.pdfhttps://leaksource.files.wordpress.com/2015/02/dod-ppd-28.pdfhttps://leaksource.files.wordpress.com/2015/02/dod-ppd-28.pdfhttps://leaksource.files.wordpress.com/2015/02/dod-ppd-28.pdfhttps://leaksource.files.wordpress.com/2015/02/dod-ppd-28.pdfhttps://leaksource.files.wordpress.com/2015/02/dod-ppd-28.pdfhttps://leaksource.files.wordpress.com/2015/02/dod-ppd-28.pdfhttps://leaksource.files.wordpress.com/2015/02/ics-107-1.pdfhttps://leaksource.files.wordpress.com/2015/02/ics-107-1.pdfhttps://leaksource.files.wordpress.com/2015/02/ics-107-1.pdfhttps://leaksource.files.wordpress.com/2015/02/ics-107-1.pdfhttps://leaksource.files.wordpress.com/2015/02/ics-107-1.pdfhttps://leaksource.files.wordpress.com/2015/02/ics-107-1.pdfhttps://leaksource.files.wordpress.com/2015/02/icd-203-analytic-standards.pdfhttps://leaksource.files.wordpress.com/2015/02/icd-203-analytic-standards.pdfhttps://leaksource.files.wordpress.com/2015/02/icd-203-analytic-standards.pdfhttps://leaksource.files.wordpress.com/2015/02/icd-203-analytic-standards.pdfhttps://leaksource.files.wordpress.com/2015/02/icd-203-analytic-standards.pdfhttps://leaksource.files.wordpress.com/2015/02/icd-203-analytic-standards.pdfhttps://leaksource.files.wordpress.com/2015/02/icd-203-analytic-standards.pdfhttps://leaksource.files.wordpress.com/2015/02/icd-203-analytic-standards.pdfhttps://leaksource.files.wordpress.com/2015/02/icd-203-analytic-standards.pdfhttps://leaksource.files.wordpress.com/2015/02/icd-203-analytic-standards.pdfhttps://leaksource.files.wordpress.com/2015/02/ics-107-1.pdfhttps://leaksource.files.wordpress.com/2015/02/dod-ppd-28.pdfhttps://leaksource.files.wordpress.com/2015/02/coast-guard-ppd-28.pdfhttps://leaksource.files.wordpress.com/2015/02/doe-ppd-28.pdfhttp://www.treasury.gov/resource-center/terrorist-illicit-finance/Pages/PPD-28-Procedures.aspxhttps://leaksource.files.wordpress.com/2015/02/state-ppd-28.pdfhttps://leaksource.files.wordpress.com/2015/02/dea-ppd-28.pdfhttps://leaksource.files.wordpress.com/2015/02/dhs-ppd-28.pdfhttps://leaksource.files.wordpress.com/2015/02/fbi-ppd-28.pdfhttps://leaksource.files.wordpress.com/2015/02/nro-ppd-28.pdfhttps://leaksource.files.wordpress.com/2015/02/cia-ppd-28.pdfhttps://leaksource.files.wordpress.com/2015/02/cia-ppd-28.pdfhttps://leaksource.files.wordpress.com/2015/02/odni-ppd-28.pdf


5/12

New Protections for the Current Program

In response to the President's direction in January 2014, this program was modified by incorporating into

the FISC orders authorizing the bulk collection two forms o enhanced privacy protection:

• Previously, the bas is for the reasonable, articulable suspicion find ing had to be documented in writing

and approved by specifically authorized NSA officials. The Department

o

Justice conducted routine

oversighto these decisions to ensure the standard was met. Today, except in emergency

circumstances, reasonable, articulable suspicion findings must also be approved in advance by the

FISC. Thus, except in emergency circumstances, only court-approved identifiers may be used to query

the database.

• Previously, NSA was permitted to query the information out to three hops , or links. Today, queries are

limited to two hops. This means NSA is permitted to develop contact chains by starting with a target

identifier (seed number) and , using telephony metadata records, see what identifiers communicated

with that target (first hop) and which identifiers, in tum, communicated with the first-hop identifiers

(second hop) . The limitation to two hops reduces the numbero potential results from each query.

In June 2014 , the Office o the Director o National Intelligence released its first annual statistical

transparency report on the use o national security authorities covering the year 2013. Later th is year, the

Director of National Intelligence will issue its second report covering the use o national security authorities

in 2014 . In advance of that report, it is appropriate to note that in 2014 there were 161 target identifiers

approved by the FISC to be queried under NSA s bulk telephony metadata program.

ew Protections to be Established by Legislation

In his January 17, 2014 speech, the President directed the Department of Justice and the Intelligence

Community to develop options for a new approach that would match the capabilities and fill the gaps that

Section 215 was designed to address without the government holding the metadata itself. The Department

o Justice and the Intelligence Community explored a number of options, including having the metadata

held by a thi rd party or leaving the metadata at the provider.

Based on recommendations from the Department of Justice and the Intelligence Community, the President

proposed that the government end bulk collection o telephony metadata under Section 215 o the USA

PATRIOT Act, while ensuri

ng

that the government has access to the information it needs to meet its

national security requirements. The Intelligence Community and the Department o Justice have since

been working closely with Congress to develop legislation that would implement the President's proposal

by leaving the metadata at the prov ider.

To that end , the Administration supported the USA FREEDOM Act, which, if enacted, would have

prohibited bulk collection using (i) Section 215, (ii) the Pen Registers and Trap and Trace provisions o the

Foreign Intelligence Surveillance Act, and (iii) National Security Letters while ma intaining critical authorities

to conduct more targeted collection.

The Attorney General and the Director of National Intelligence stated that, based on communications

providers' existing data retention practices, the bill would retain the essential operational capabilities of the

existing bulk telephone metadata program while el iminating bulk collection by the government under these

legal authorities. The bill would also expressly authorize an independent voice in significant cases before

the FISC.

The Administration was disappointed that the 113th Congress ended without enacting th is legislation. This

legislation not only satisfies the President's requirements, but also responds to the recommendations from

the Privacy and Civil Liberties Oversight Board and the President's Review Group on Intelligence and

Communications Technology to end the bu lk collection o telephony metadata records under Section 215

o

USA PATRIOT Act as it currently exists.

The Intelligence Community encourages Congress to quickly take up and pass legislation that would allow

the government to end bulk collection o telephony metadata records under Section 215, while ensuring

that the government has access to the information it needs to meet its national security requirements.

NEW PRIVACY PROTECTIONS FOR INFORMATION COLLECTED

UNDER SECTION 7 2

Section 702 of the Foreign Intelligence Surveillance Act (FISA), wh ich was added by the FISA

Amendments Act o 2008, authorizes the acquisition of foreign intelligence information concerning

non-U.S. persons reasonably believed to be located outside the United States.

Under Section 702, the government cannot target anyone for collection unless it has a significant purpose

to acquire foreign intelligence information , the foreign target is reasonably believed to be outs ide the

United States, and the Government abides by FISC-approved targeting and minimization procedures.

Section

702

cannot

be

used

to

intentionally target any

U.S.

citizen or

any

other U.

S.

person,

to

intentionally target any person known to be in the United States, or to target a person outside the United

States if the purpose is to target a person inside the United States.

Collection under Section 702 does not require individual judicial orders authorizing collection against each

target. Instead, Section 702 requires that the FISC approve procedures to (i) ensure that only non-U.S.

persons reasonably bel ieved to be outside the U.S. are targeted, and (ii) minimize the acquisition,

retention, and dissemination of incidentally acquired information about

U.S.

persons.

Activities authorized by Section 702 are subject to oversight by the Judicial Branch through the Foreign

Intelligence Surveillance Court, by the Executive Branch through the Department of Justice and the Office

o the Director o National Intelligence, and by the Legislative Branch through the Intelligence and Judiciary

Committees of Congress. Directives requ iring the production o information to the Government can be

challenged in the FISC by the recipients.

In his January 17, 2014 address, the President asked the Department of Justice and the Intelligence

Community to institute reforms with respect to the government's ability to retain , search, and use in

criminal cases communications between Americans and foreign citizens incidentally collected under

Section 702.

Subsequently, in July 2014, the Privacy and Civil Liberties Oversight Board issued a report on Section 702,

concluding that the Section 702 program is lawful and valuable, and that at its core, the program is sound

and mak ing ten recommendations to help the program strike a better balance between privacy, civil rights,

and national security.

https://leaksource.files.wordpress.com/2015/02/2014-09-02-dni-and-ag-ltr-to-sjc-chairman-leahy-ref-usa-freedom-s-2685.pdfhttps://leaksource.files.wordpress.com/2015/02/2014-09-02-dni-and-ag-ltr-to-sjc-chairman-leahy-ref-usa-freedom-s-2685.pdfhttps://leaksource.files.wordpress.com/2015/02/2014-09-02-dni-and-ag-ltr-to-sjc-chairman-leahy-ref-usa-freedom-s-2685.pdfhttps://leaksource.files.wordpress.com/2015/02/2014-09-02-dni-and-ag-ltr-to-sjc-chairman-leahy-ref-usa-freedom-s-2685.pdfhttps://leaksource.files.wordpress.com/2015/02/2014-09-02-dni-and-ag-ltr-to-sjc-chairman-leahy-ref-usa-freedom-s-2685.pdfhttps://leaksource.files.wordpress.com/2015/02/2014-09-02-dni-and-ag-ltr-to-sjc-chairman-leahy-ref-usa-freedom-s-2685.pdfhttp://leaksource.info/2014/08/01/privacy-civil-liberties-oversight-board-section-702-surveillance-report/http://leaksource.info/2014/08/01/privacy-civil-liberties-oversight-board-section-702-surveillance-report/http://leaksource.info/2014/08/01/privacy-civil-liberties-oversight-board-section-702-surveillance-report/http://leaksource.info/2014/08/01/privacy-civil-liberties-oversight-board-section-702-surveillance-report/http://leaksource.info/2014/08/01/privacy-civil-liberties-oversight-board-section-702-surveillance-report/http://leaksource.info/2014/08/01/privacy-civil-liberties-oversight-board-section-702-surveillance-report/http://leaksource.info/2014/08/01/privacy-civil-liberties-oversight-board-section-702-surveillance-report/http://leaksource.info/2014/08/01/privacy-civil-liberties-oversight-board-section-702-surveillance-report/http://leaksource.info/2014/08/01/privacy-civil-liberties-oversight-board-section-702-surveillance-report/http://leaksource.info/2014/08/01/privacy-civil-liberties-oversight-board-section-702-surveillance-report/http://leaksource.info/2014/08/01/privacy-civil-liberties-oversight-board-section-702-surveillance-report/http://leaksource.info/2014/08/01/privacy-civil-liberties-oversight-board-section-702-surveillance-report/http://leaksource.info/2014/08/01/privacy-civil-liberties-oversight-board-section-702-surveillance-report/http://leaksource.info/2014/08/01/privacy-civil-liberties-oversight-board-section-702-surveillance-report/http://leaksource.info/2014/08/01/privacy-civil-liberties-oversight-board-section-702-surveillance-report/http://leaksource.info/2014/08/01/privacy-civil-liberties-oversight-board-section-702-surveillance-report/http://leaksource.info/2014/08/01/privacy-civil-liberties-oversight-board-section-702-surveillance-report/https://leaksource.files.wordpress.com/2015/02/2014-09-02-dni-and-ag-ltr-to-sjc-chairman-leahy-ref-usa-freedom-s-2685.pdf


6/12

As noted above, in response to the President s direction and recommendations from the Privacy and Civil

Liberties Oversight Board, the Attorney General and Director of National Intelligence are placing additional

restrictions on the government s ability to retain, query, and use in evidence in criminal proceedings

communications between Americans and foreign citizens incidentally collected under Section 702.

• First,

FBI, CIA, and NSA each are instituting new requirements for using a

U.S. person identifier to

query information acquired under Section 702. As recommended by the Privacy and Civil Liberties

Oversight Board, NSA's minimization procedures will require a written statement of facts showing that a

query is reasonably likely to return foreign intelligence information. CIA s minimization procedures will

be similarly amended to require a statement o facts for queries o content. In addition, FBl s

minimization procedures will be updated to more clearly reflect the FBl s standard for conducting U.S.

person queries and to require additional supervisory approval to access query results in certain

circumstances.

• Second, the new policy re-affirms requirements that the government must delete communications to,

from, or about U.S. persons acquired under Section 702 that have been determined to lack foreign

intelligence value. In addition, the policy requires the Department of Justice and the Office of the

Director o National Intelligence to conduct oversight over these retention decisions. This change will

help ensure that the Intelligence Community preserves only that information that might help advance

its national security mission.

• Third, consistent with the recommendation of the Privacy and Civil Liberties Oversight Board,

information acquired under Section 702 about a U.S. person will not be introduced as evidence against

that person in any criminal proceeding except (1) with the approval o the Attorney General, and (2) in

criminal cases with national security implications or certain other serious crimes. This change will

ensure that, i the Department of Justice decides to use information acquired under Section 702 about

a U.S. person in a criminal case, it will do so only for national security purposes or in prosecuting the

most serious crimes.

The Intelligence Community has also agreed to address the Privacy and Civil Liberties Oversight Board s

other recommendations, including:

• Revising targeting procedures to require additional documentation of the foreign intelligence value of

each target;

• Making available to the FISC additional information to help the Court evaluate the annual certifications

in support of collection under Section 702;

• Initiating studies to ensure that the Intelligence Community is using the best filtering technology and

techniques to prevent inadvertent collection;

• Publicly releasing the minimization procedures of the CIA, NSA, and the FBI ;

• Evaluating whether NSA can track and publicly release additional statistics on its collection and use of

information obtained pursuant to Section 702;

• Supporting the Privacy and Civil Liberties Oversight Board s ongoing effort examine efforts across the

Intelligence Community to assess the efficacy and relative value o counterterrorism programs.

N TION L SECURITY LETTERS

A National Security Letter is an investigative tool, similar to a subpoena, which is used by the FBI in a

national security-related investigation to obtain limited types of information from companies, such as

telephone records and subscriber information.

When the FBI issues a National Security Letter, by law a senior official, such as the Special Agent in

Charge of a field office, may require that the recipient company not disclose the existence of the letter, i

one or more statutory standards are met - that is, when disclosure may (i) endanger the national security

o the United States, (ii) interfere with a criminal, counterterrorism or counterintelligence investigation, (iii)

interfere with diplomatic relations,

or

(iv) endanger the life or physical safety

o

any person.

In his January 17, 2014 remarks, the President directed the Attorney General to amend how we use

National Security Letters so that (their] secrecy will not be indefinite, and will terminate within a fixed time

unless the government demonstrates a real need for further secrecy.

In response to the President s new direction, the

FBI

will now presumptively terminate National Security

Letter nondisclosure orders at the earlier o three years after the opening o a fully predicated investigation

or the investigation s close.

Continued nondisclosures orders beyond this period are permitted only if a Special Agent in Charge or a

Deputy Assistant Director determines that the statutory standards for nondisclosure continue to be

satisfied and that the case agent has justified, in writing, why continued nondisclosure is appropriate.

https://leaksource.files.wordpress.com/2015/02/2014-cia-702-minimization-procedures.pdfhttps://leaksource.files.wordpress.com/2015/02/2014-cia-702-minimization-procedures.pdfhttps://leaksource.files.wordpress.com/2015/02/2014-nsa-702-minimization-procedures.pdfhttps://leaksource.files.wordpress.com/2015/02/2014-fbi-702-minimization-procedures.pdfhttps://leaksource.files.wordpress.com/2015/02/2014-fbi-702-minimization-procedures.pdfhttps://leaksource.files.wordpress.com/2015/02/2014-nsa-702-minimization-procedures.pdfhttps://leaksource.files.wordpress.com/2015/02/2014-cia-702-minimization-procedures.pdf


7/12


8/12

SIGN LS

INTELLIGENCE

REFORM

2 15

NNIVERS RY

REPORT

OVERVIEW






MOVING FORWARD

FACTSHEET

ENH NCING TR NSP RENCY

Transparency has been a significant focus for the Intelligence Community. We have declassified and made

publicly available a substantial amount o information over the past 18 months, particularly regarding the

government's use of Foreign Intelligence Surveillance Act (FJSA) authorities. This effort has included:

• Developing IC on the Record;

• Releasing documents about the government's intelligence activities, including compliance and

oversight assessments;

• Releasing opinions and orders from the Foreign Intelligence Surveillance Court;

• Publishing the first annual Intelligence Community transparency report disclosing statistics on the

government's use of National Security Letters and Foreign Intelligence Surveillance Act authorities;

• Declassifying aggregate FISA data so that communications providers can make public additional

information about FISA orders they receive;

• Releasing unclassified reports on NSA s implementation of Section 702 of the Foreign Intelligence

Surveillance Act and its Civil Liberties and Privacy Protections for Targeted SIGINT Activities under

Executive Order 12333;

• Establishing Principles of Intelligence Transparency for the Intelligence Community to solidify these

practices; and

• Making numerous speeches and appearances by Intelligence Community leadership to explain our

activities to the public

Since the launch of IC on the Record on August 20, 2013, the Intelligence Community has posted more

than 250 declassified documents (comprising more than 4,500 pages) about Intelligence Community

activities. The majority of the declassified documents relate to NSA s bulk telephony metadata program

under Section 215 of the USA PATRIOT Act (Section 501 of FISA); Section 702 of FISA); and NSA s

now-discontinued bulk internet metadata collection program under Section 401 o FISA (i.e., the Pen

Register/Trap and Trace program).

Many of the documents posted about these programs relate to proceedings before the Foreign Intelligence

Surveillance Court, including applications by the government to authorize or reauthorize programs and

significant court opinions. Other documents that have been posted include NSA training slides for

personnel with access to bulk telephone metadata and U.S. District Court documents relating to legal

challenges to the bulk telephony metadata collection program.

The Intelligence Community has also released documents associated with the Foreign Intelligence

Surveillance Court of Review's opinion upholding the constitutionality o the now-discontinued surveillance

program under the Protect America Act and a number of documents about the activities conducted under

the previous Administration's Terrorist Surveillance Program.

In addition to releasing documents, the Intelligence Community has posted to IC on the Record other

information to give context to those documents. These include videos, audio recordings, and text

transcripts

o

public engagements and Congressional testimony by senior Intelligence Community officials;

fact sheets; and, recently, a live, online question-and-answer session between a senior Intelligence

Community official and members of the public.

The release o this information has facilitated public debate about Intelligence Community policies and

practices, and has established a precedent for transparency going forward. In particular, the Director of

National Intelligence has issued principles to guide our transparency efforts and has established a senior

working group to continue these transparency efforts and proactively identify new ones.

The Intelligence Community recognizes that continued public support for our activities to protect our nation

and our partners requires the public trust that can only be achieved with greater transparency.

http://icontherecord.tumblr.com/http://icontherecord.tumblr.com/http://icontherecord.tumblr.com/http://icontherecord.tumblr.com/http://icontherecord.tumblr.com/http://icontherecord.tumblr.com/transparency/odni_transparencyreport_cy2013http://icontherecord.tumblr.com/transparency/odni_transparencyreport_cy2013https://leaksource.files.wordpress.com/2015/02/nsa_report_on_section_702_program.pdfhttps://leaksource.files.wordpress.com/2015/02/nsa_report_on_section_702_program.pdfhttps://leaksource.files.wordpress.com/2015/02/nsa_report_on_section_702_program.pdfhttps://www.nsa.gov/civil_liberties/_files/nsa_report_on_section_702_program.pdfhttps://leaksource.files.wordpress.com/2015/02/nsa_clpo_report_targeted_eo12333.pdfhttps://leaksource.files.wordpress.com/2015/02/nsa_clpo_report_targeted_eo12333.pdfhttps://leaksource.files.wordpress.com/2015/02/nsa_clpo_report_targeted_eo12333.pdfhttps://leaksource.files.wordpress.com/2015/02/nsa_clpo_report_targeted_eo12333.pdfhttps://leaksource.files.wordpress.com/2015/02/nsa_clpo_report_targeted_eo12333.pdfhttps://leaksource.files.wordpress.com/2015/02/nsa_clpo_report_targeted_eo12333.pdfhttps://leaksource.files.wordpress.com/2015/02/final-transparency_poster-v1.pdfhttps://leaksource.files.wordpress.com/2015/02/final-transparency_poster-v1.pdfhttps://leaksource.files.wordpress.com/2015/02/final-transparency_poster-v1.pdfhttp://icontherecord.tumblr.com/tagged/speeches-and-interviewshttp://icontherecord.tumblr.com/tagged/speeches-and-interviewshttps://leaksource.files.wordpress.com/2015/02/final-transparency_poster-v1.pdfhttps://leaksource.files.wordpress.com/2015/02/nsa_clpo_report_targeted_eo12333.pdfhttps://leaksource.files.wordpress.com/2015/02/nsa_clpo_report_targeted_eo12333.pdfhttps://www.nsa.gov/civil_liberties/_files/nsa_report_on_section_702_program.pdfhttps://leaksource.files.wordpress.com/2015/02/nsa_report_on_section_702_program.pdfhttp://icontherecord.tumblr.com/transparency/odni_transparencyreport_cy2013http://icontherecord.tumblr.com/


9/12

SIGN LS

INTELLIGENCE

REFORM

2 15

NNIVERS RY

REPORT

OVERVIEW






MOVING FORWARD

FACTSHEET


In parallel to our efforts to implement PPD-28, we have continued to work to ensure that Intelligence

Community employees have appropriate avenues to report, without fear o reprisal, allegations of

violations of law; waste, fraud or abuse; or a substantial and specific danger to public health or safety.

All U.S. Government employees, including employees in the Intelligence Community, have the right to safe

and effective methods of reporting concerns about wrongdoing without fear o retaliation. The Intelligence

Community handles classified information, the unauthorized disclosure

o

which is prohibited by law and

can cause grave harm to national security. Accordingly, there are special rules and processes, codified

decades ago in the laws of the United States, to afford Intelligence Community employees, including

contractors, safe channels to report concerns about wrongdoing while protecting national security.

In October 2012 , the President issued Presidential Policy Directive -19, Protecting Whistleblowers with

Access to Classified Information. To implement PPD-19, in May 2014, the Director o National Intelligence

issued Intelligence Community Directive 120 . In addition, Congress recently enacted whistleblower

provisions applicable to the Intelligence Community in Title VI of the Intelligence Authorization Act for

Fiscal Year 2014.

Together with existing laws and regulations, these policies afford substantial protections to Intelligence

Community employees. In general, Intelligence Community employees are permitted to report allegations

o violations o aw; waste, fraud or abuse; or a substantial and specific danger to public health or safety, to

their supervisors (or others within their management chain), the head o their agency, Inspectors General,

and Members o Congress consistent with the Intelligence Community Whistleblower Protection Act.

Disclosures made through these specific channels are commonly known as protected disclosures. Once

a protected disclosure is made, an Intelligence Community employee is protected from reprisal by law and

regulation. Moreover, the employee's supervisors are prohibited from taking an adverse employment

action e.g., termination, failure to promote, demotion) or

an adverse security clearance determination

based on the protected disclosure.

Intelligence Community contractors are also afforded protections against reprisals for making protected

disclosures; however, the protections necessarily apply differently to contractors because they are not

employees of the United States government.

If Intelligence Community employees believe that they were retaliated against based on a protected

disclosure, they can seek a review of the personnel action under agency internal review procedures, which

must include an independent review by their agency's Inspector General.

After exhausting remedies under the agency process, they may seek review o the personnel action by an

independent External Review Panel - a panel of three Inspectors General chaired by the Inspector

General of the Intelligence Community. If reprisal is found , the External Review Board may recommend

corrective actions.

https://leaksource.files.wordpress.com/2015/02/ppd-19.pdfhttps://leaksource.files.wordpress.com/2015/02/ppd-19.pdfhttps://leaksource.files.wordpress.com/2015/02/ppd-19.pdfhttps://leaksource.files.wordpress.com/2015/02/icd-120.pdfhttps://leaksource.files.wordpress.com/2015/02/icd-120.pdfhttps://leaksource.files.wordpress.com/2015/02/icd-120.pdfhttp://www.archives.gov/declassification/pidb/legislation/pdfs/public-law-113-126.pdf#page=25http://www.archives.gov/declassification/pidb/legislation/pdfs/public-law-113-126.pdf#page=25http://www.archives.gov/declassification/pidb/legislation/pdfs/public-law-113-126.pdf#page=25http://www.archives.gov/declassification/pidb/legislation/pdfs/public-law-113-126.pdf#page=25http://www.archives.gov/declassification/pidb/legislation/pdfs/public-law-113-126.pdf#page=25http://www.archives.gov/declassification/pidb/legislation/pdfs/public-law-113-126.pdf#page=25http://www.archives.gov/declassification/pidb/legislation/pdfs/public-law-113-126.pdf#page=25http://www.archives.gov/declassification/pidb/legislation/pdfs/public-law-113-126.pdf#page=25http://www.archives.gov/declassification/pidb/legislation/pdfs/public-law-113-126.pdf#page=25http://www.archives.gov/declassification/pidb/legislation/pdfs/public-law-113-126.pdf#page=25https://leaksource.files.wordpress.com/2015/02/icd-120.pdfhttps://leaksource.files.wordpress.com/2015/02/ppd-19.pdf


10/12

SIGNALS

INTELLIGENCE

REFORM

2 15

ANNIVERSARY

REPORT

MOVING FORWARD

OVERVIEW






MOVING FORWARD

FACTSHEET

As this report shows the Intelligence Community has made significant progress implementing many

reforms in response to among other things, the requirements in PPD-28 and the recommendations from

many independent review groups. As we continue to implement these and other reforms we will also

carefully review progress to identify any additional protections that might be needed. Over the next year

we expect to focus on:

Privacy Protections:

Over the next year the Intelligence Community elements will continue to

implement their PPD-28 policies and procedures. In addition, the Intelligence Community will continue to

work to update agency guidelines under Executive Order 12333 to protect the privacy and civil liberties o

U.S. persons.

Section 2 5 of the US PATRIOT Act Capability: We will continue to work

with Congress to enact legislation preserving essential capabilities of the bulk telephony metadata

collection program without the need for the government to hold the data in bulk before Section 215 of the

USA PATRIOT Act sunsets in June 2015.

Transparency: We have established a senior working group to continue to identify ways the

Intelligence Community can increase transparency without harming national security. Expect to hear more

from us on this effort.

Annual Report: In January of 2016 we will provide our next annual report on our progress

implementing SIGINT reforms.


11/12

SIGN LS

INTELLIGENCE

REFORM

2 15

NNIVERS RY

REPORT

F CTSHEET

OVERVIEW






MOVING FORWARD

FACTSHEET

Over the past eighteen months, the United States has undertaken a comprehensive effort to examine and

enhance the privacy and civil liberty protections embedded in our signals intelligence (SIGINT) collection

activities.

As part o th is process, we have sought - and benefited from - a broad cross section o views, ideas,

and recommendations from oversight bodies , advocacy organizations, private companies, and the general

public. This effort has resulted in strengthened privacy and civil liberty protections, new limits on the

collection and use o signals intelligence, and increased transparency.

On January 17, 2014, President Obama signed Presidential Policy Directive-28, Signals Intelligence

ctivities (PPD-28) and delivered an address at the Department o Justice on the steps we are taking to

reform certa in signals intelligence activities.

To mark the one-year anniversary of these events, we have prepared an online report to update the public

on our reform efforts, including the implementation o PPD-28 and other actions taken based upon

recommendations from several independent review groups. Th is report is posted on IC on the Record.

• PPD-28 states, our signals intelligence activities must take into account that all persons should be

treated with dignity and respect, regardless o their nationality or wherever they might reside. This

commitment reiterates long-standing SIGINT collection principles; limits Intelligence Community

elements' ability to use signals intelligence collected in bulk to six specific purposes; requires an

annual Cabinet-level review of SIGINT priorities and requirements in light o potential risks to national

security interests and re lationships abroad; and requires each Intelligence Community element to

update or issue new policies and procedures that implement safeguards for all personal information

collected through SIGINT, regardless o nationality, consistent with technical capabilities and

operational needs.

• All Intelligence Community elements have completed new policies or revisions to existing policies to

implement the requirements o PPD-28. You can read each agency's policies on IC on the Record . The

protections in these policies and procedures include new limits on the retention and dissemination of

personal information for persons o all nationalities, as well as additional oversight, training, and

compliance requirements.

• In addition, the Intelligence Community, in partnership with the National Security Council, has elevated

the process by which SIGINT requirements and priorities are identified, so that the heads of the

relevant departments and agencies can better evaluate SIGINT collection in light o its potential risks to

national interests and our law enforcement, intelligence, and diplomatic relationships abroad. The

process o reviewing signals intelligence collection covered almost seven dozen countries and

organizations and resulted in restrictions on the current signals intelligence collection posture.

• In his remarks on January 17, 2014, the President ordered a transition that would end Section 215 bulk

metadata program as it currently exists.

• To begin this transition, the Intelligence Community in February 2014 began operating the

telephony metadata collection program under new constraints directed by the President to

provide enhanced privacy protections, including seeking advance approval from the Foreign

Intelligence Surveillance Court for each query term (except in an emergency) and limiting the

results

o

queries to two hops (or steps removed from a phone number associated with a

terrorist organization) instead o three, limiting the number of potential results from each query.

• Then , based on recommendations from the Department of Justice and the Intelligence

Community, the President proposed that the government end the bulk collection o telephony

metadata records under Section 215 of USA PATRIOT Act, while ensuring that the government

has access to the information it needs to meet its national security requirements. The

Administration supported the USA FREEDOM Act as a means of enacting this proposal, and we

continue to call on Congress to reform Section 215 in a manner consistent with the President's

proposal.

• In addition to the reforms announced in the President's January 17 address, the Privacy and Civil

Liberties Oversight Board PCLOB) conducted a comprehensive review o the Intelligence

Community's activities under Section 215 and made 12 recommendations. The Intelligence Community

is working to address the majority of these recommendations.

http://www.icontherecord.tumblr.com/http://www.icontherecord.tumblr.com/http://www.icontherecord.tumblr.com/http://www.icontherecord.tumblr.com/http://www.icontherecord.tumblr.com/http://www.icontherecord.tumblr.com/http://www.icontherecord.tumblr.com/http://www.icontherecord.tumblr.com/http://www.icontherecord.tumblr.com/


12/12

• As noted above PPD-28 imposes limitations on the use of SIGINT collected in bulk.

• Moreover over the past several months a committee of independent experts from top technology firms

and academia assessed the technical feasibility of creating software-based alternatives as substitutes

for bulk collection. The committee just released its report, which concluded that there is no

software-based alternative which will provide a complete substitute for bulk collection in the detection

of some national security threats, but the report suggested other steps to reduce risks to privacy and

civil liberties, as well as to improve oversight of bulk collection activities. We are currently reviewing

how to address these important findings.

• Section 702 allows the government to acquire foreign intelligence information concerning non-U.S.

persons reasonably believed to be located outside the United States. As announced by the President

in his January 17 address we will provide additional privacy protections for U.S. persons whose

communications are incidentally collected under Section 702. This new executive branch policy limits

the ability to retain query and use in criminal cases this type of information.

• In addition, in 2014, the PCLOB conducted an in-depth review of the Intelligence Community s

activities under Section 702. The PCLOB found them to be lawful and important to national security

and offered ten recommendations to enhance privacy and civil liberties protections for both U.S. and

non-U.S. persons. The Intelligence Community has agreed to make changes to address all o these

recommendations. The Intelligence Community has agreed to address all of these recommendations.

• We have declassified and publicly released an unprecedented amount of information about current

programs, much

o

which relates to the government s use of FISA authorities.

We have published the

first IC Annual Transparency Report, disclosing statistics on the government s use o National Security

Letters and FISA authorities.

• We have also declassified certain aggregate FISA data so that communications providers can disclose

to the public additional information about how they respond to requests they receive from the

government. In addition, providers can now also make public additional information about the number

of National Security Letters they receive.

• We recently issued the Principles o Intelligence Transparency which we will implement this coming

year to further enhance transparency while protecting intelligence sources and methods.

• National Security Letters The FBI will amend its use o National Security Letters to ensure that the

non-disclosure requirement placed on recipients will terminate within a fixed time period, absent a

demonstrated need for further secrecy.

• Judicial Redress for Citizens o Certain Countries In furtherance o its commitment to protecting

privacy in the law enforcement context, the Administration is working with Members o Congress on

legislation to give citizens o designated countries the right to seek judicial redress for intentional or

willful disclosures o protected information, and for refusal to grant access or to rectify any errors in that

information.

• Whistleblower Protections As we have strengthened the security of our systems we have also

reaffirmed the process by which Intelligence Community personnel can report suspected violations of

law or other ethical and legal concerns without fear o retaliation. Within each agency there are multiple

officials designated to receive ethical, legal or other concerns from intelligence employees. In addition,

intelligence personnel may leverage the Inspector General for the IntelligenceCommunity the Civil

Liberties and Privacy Officer in the Office of the Director of National Intelligence, or consistent with the

Intelligence Community Whistleblower Protection Act speak to Members

o

Congress.

As we continue to implement these and other reforms, we will also carefully review progress to identify any

additional protections that might be needed. In particular, we expect to focus on:

• Privacy Protections: Over the next year Intelligence Community elements will continue to implement

the requirements their PPD-28 policies and procedures. In addition, the Intelligence Community will

continue to work to update agency guidelines under Executive Order 12333 to protect the privacy and

civil liberties o U.S. persons.

• Section 215 o he USA PATRIOT Act Capability: We will continue to work with Congress to enact

legislation preserving essential capabilities of the bulk telephony metadata collection program without

the need for the government to hold the data in bulk before Section 215 of the USA PATRIOT Act

sunsets in June 2015.

• Transparency: We have established a senior working group to continue to identify ways the Intelligence

Community can increase transparency without harming national security. Expect to hear more from us

on this effort.

• Annual Reports: In January o 2016 we will provide our next annual report on our progress

implementing SIGINT reforms.
http://icontherecord.tumblr.com/transparency/odni_transparencyreport_cy2013http://icontherecord.tumblr.com/transparency/odni_transparencyreport_cy2013http://icontherecord.tumblr.com/transparency/odni_transparencyreport_cy2013http://icontherecord.tumblr.com/transparency/odni_transparencyreport_cy2013http://icontherecord.tumblr.com/transparency/odni_transparencyreport_cy2013http://icontherecord.tumblr.com/transparency/odni_transparencyreport_cy2013http://icontherecord.tumblr.com/transparency/odni_transparencyreport_cy2013

U.S. SIGINT "Reforms" 2015

Documents

Transcript of U.S. SIGINT "Reforms" 2015