CIA breaks new ground by publishing guidelines on handling Americans’ data
The directives include how the CIA should handle covertly acquired traditional intelligence, as well as how it should deal with the millions of gigabytes harvested from computer hard drives, hours of videos and thousands of photos containing information on foreign and US citizens.
“The guidelines are designed in a manner that protects the privacy and civil rights of the American people,” CIA General Counsel Caroline Krass briefed reporters at the agency’s headquarters, Langley, Virginia on Wednesday, according to Reuters.
Under the new rules, the CIA has a 5 year cap on holding certain information on Americans that have been reviewed or evaluated. There is a 25 year time limit for when the agency has to purge routine information, such as foreign business records, that have not been reviewed.
Employees will be regulated as to who can access types of information, and a system will create a digital trail of all who search for such data and why. These activities will be subject to audits.
The new regulations also stipulate how the intelligence community, including the CIA, are authorized to conduct domestic covert operations in the US “without disclosing their intelligence affiliation in limited circumstances.” Traditionally, CIA officers generally disclosed their affiliation when engaging with organizations but they can now withhold that information to “maintain its cover.”
The agency is prohibited, however, from joining an organization with “the purpose of influencing the organization without disclosing their affiliation, unless the organization is composed of primarily non-US persons, is reasonably believed to be acting on behalf of a foreign power, and the CIA employee has received approval from the Director of the CIA.”
Civil rights groups however, are not impressed with the new guidelines.
“These rules lack basic privacy protections for Americans. They allow the CIA to collect communications in bulk, to retain that information in CIA databases for years, and to comb through it for the personal data of individual Americans,” Patrick Tommey, an attorney with the American Civil Liberties Union told AP.
"History shows that warrantless surveillance powers can easily be abused, and these procedures do not go nearly far enough."
The CIA is barred from collecting information inside the United States or on US citizens, but a 1981 Presidential Order provided for discrete exceptions approved by the CIA director and the attorney general.
The revised, unclassified guidelines have been in the works for years, according to the General Counsel Krass, and the release two days before president-elect Donald Trump is inaugurated implies officials tried to complete them before the changes could be undone during the new administration.
“This is a significant step for us,” Krass told reporters.
AP reported previous guidelines were released in 2015 in response to a public records request, though sections were blacked out for security reasons. This is the first time the agency has made its guidelines public.
The new directives were approved by Attorney General Loretta Lynch on Tuesday, and previously signed by CIA Director John Brennan on January 10.
The new directives come just a week after the Justice Department gave greater latitude to the NSA over how it shared raw data with domestic intelligence agencies.