FBI changes rules on accessing NSA data on Americans, but won’t say how

National Security Agency (NSA) in the Washington suburb of Fort Meade © Paul J. Richards
The FBI has changed its privacy rules regarding how freely agents can gain access to and search data collected by the National Security Agency that involves the communications of Americans. It just won’t say what the changes are.

Additionally, there’s no word on when the changes were actually made, since that information is classified as well.

The revisions concern Section 702 of the Foreign Intelligence Surveillance Act, which permitted the FBI to access data obtained by the NSA via the “PRISM” program. That data included emails, texts and phone calls made by foreigners. However, if any of the communications involved Americans, then that data could be accessed and retrieved as well.

According to a new report by The Guardian, the FBI confirmed that privacy changes were made based on recommendations made in 2014 by the Privacy and Civil Liberties Oversight Board (PCLOB) watchdog group. However, Bureau spokesman Christopher Allen said “we cannot comment further due to classification.”

A spokesperson for PCLOB added that the new “minimization” rules “do apply additional limits,” but could not reveal when the limits went into effect. Minimization refers to the procedures used by the government to limit the amount of personal information retained via surveillance.

Back in 2014, the PCLOB revealed that the minimization procedures for the NSA, CIA and FBI all allowed the agencies to search data that “may include terms that identify specific US persons and can be used to retrieve the already acquired communications of specific US persons.”

It also stated that, while these rules do feature limits on data retention and discuss when information needs to be deleted, the communications of Americans “are not typically purged or eliminated for agency databases, even when they do not contain foreign intelligence information, until the data is aged off in accordance with retention limits.”

The PCLOB didn’t report abuse in the system, but listed a number of recommendations to protect civil liberties, based on the massive amount of data on Americans that could be swept up.

This past February, the group stated that the FBI had implemented updates to its minimization procedures. Additionally, it said that all of its 22 surveillance program recommendations “have been implemented in full or in part, or the relevant government agency has taken significant steps toward adoption and implementation.”

The Guardian noted that the FBI didn’t have to record when it searched the available NSA data or how many times it went through information belonging to Americans. It’s unclear whether that has changed with the new rules.

The Office of the Director of National Intelligence said that, eventually, the adjustments might be revealed to the public.

“As we have done with the 2014 702 minimization procedures, we are considering releasing the 2015 procedures,” spokesman Timothy Barrett told the Guardian. “Due to other ongoing reviews, we do not have a set date that review will be completed.”