Tech giants call for privacy protections in surveillance reform

26 May, 2017 21:28 / Updated 7 years ago

Technology firms, including Facebook and Google, have suggested five "changes" for Congress to consider while reforming foreign surveillance programs that gather vast amounts of personal data which can be accessed by authorities without a warrant.

In a letter to the chairman of the House Judiciary Committee, US Representative Bob Goodlatte (R-Virginia), 31 tech companies advocated for reforms to Section 702 of the Foreign Intelligence Surveillance Act (FISA). The tech firms said they support reforms to Section 702 "that would maintain its utility to the US intelligence community while increasing the program’s privacy protections and transparency."

Section 702 of FISA authorizes warrantless data collection of electronic communications stored by US internet service providers or that move across the internet "backbone" located in the US via telecom providers such AT&T.

The statute, while explicitly aimed at non-US persons overseas, allows the collection of Americans' data as long such information is bundled with a single communication involving or related to a target.

Section 702, which gives legal cover to the National Security Agency (NSA) spying programs PRISM and Upstream, which were revealed by Edward Snowden in 2013, also does not require for communications collection that an individual be a suspected terrorist, spy or foreign agent, nor does it demand judicial approval to target someone.

Information gleaned by such data collection can be kept for years and be used for purposes that do not have to be related to national security.

In the letter, the tech firms called on Goodlatte and fellow lawmakers to codify into law the recent end to the NSA surveillance practice of collecting, without a warrant, emails and texts sent to recipients overseas that mention a foreign surveillance target.

The "about the target" collection at issue collects all Americans' emails and texts sent not only to foreign surveillance targets but also such communications that include information linked to those targets, such as an email address.

This reform would "correct deficiencies that implicate the constitutional rights of U.S. citizens," the firms wrote.

The companies – including Microsoft, Twitter, Amazon, LinkedIn, Dropbox and Yahoo, but not Apple – also called for judicial oversight of government searches of Americans' data collected under Section 702 authority. The group also asked for a more specific definition of "'foreign intelligence information' under FISA to reduce the likelihood of collecting information about non-US persons who are not suspected of wrongdoing."

The coalition also asked for increased oversight and transparency of Section 702 data collection, including the legal allowance of companies to disclose how often authorities make data requests of them.

"Finally, there should be greater transparency around how the communications of US persons  that are incidentally collected under Section 702 are searched and used, including how often 702 databases are queried using identifiers that a re tied to US persons," the group wrote.

The authorization of Section 702 of FISA is set to expire on December 31. Members of Congress are currently working on legislation that would renew the statute's authorization.

Disclosures by former US intelligence employee Edward Snowden showed that, through the program PRISM, the NSA uses Section 702 as a legal basis for collecting both content and metadata stored by several major internet companies that pertain to specific selectors, such as an email address.

Through the program Upstream, also revealed by Snowden and justified by Section 702, the NSA intercepts telephone and internet traffic that is pulled from internet data routes that travel through the US.

Section 702 "is used to collect the communications of tens of thousands of people for broad purposes that go well beyond fighting terrorism," says the Center for Democracy & Technology.