US science panel: no alternative to bulk collection
WASHINGTON (AP) — A committee of U.S. scientific experts has concluded that there is no viable technological alternative to bulk collection of data by the National Security Agency that allows analysts access to communications whose significance only becomes clear years later.
An 85-page report by the National Research Council, commissioned last year in the wake of surveillance revelations by former NSA contractor Edward Snowden, did not take a position on the merits of bulk collection of telephone or other records. But asked to look for effective software alternatives to bulk collection, it concluded there weren’t any, in cases when, for example, the NSA wants to examine the past communications of new terror suspects.
“Restricting bulk collection will make intelligence less effective, and technology cannot do anything about this,” the report says. ’Whether the gain in privacy is worth the loss is a policy question that the committee does not address.”
If a particular set of communications becomes significant, the report says, “because of new circumstances such as identifying a new target, a non-nuclear nation that is now pursuing the development of nuclear weapons, an individual that is found to be a terrorist, or new intelligence-gathering priorities_historical events and the data they provide will be available for analysis only if they were previously collected.”
The report does suggest ways to mitigate the privacy impact of bulk collection by restricting use of the data, something NSA says it does.
“Although no software can fully replace bulk with targeted information collection, software can be developed to more effectively target collection and to control the usage of collected data,” the report says.
It recommends the use of automatic controls on bulk data, with audits that can be publicly shared.
The study was conducted by a committee of the National Academies, which advises the government on scientific matters. The committee was chaired by Robert Sproull, a former Oracle executive and computer scientist now at the University of Massachusetts.
The committee included a variety of experts, including Michael Leiter, former director of the National Counter Terrorism Center.
It sent drafts of the study to a variety of reviewers, including Fred Cate, a law professor and privacy expert at Indiana University, who criticized its approach in an email to The Associated Press.
“The study seemed set up to fail,” Cate said. “It imposes an impossibly high standard— to find a technological tool that is even better than having access to bulk collection. It seemed clear from the outset that the answer is no.”
But that’s not the right question, Cate said, because the so-called 215 Program scrutinized has not been shown to be necessary or effective in stopping terror plots.
Arguably the most controversial example of bulk data collection is the NSA’s gathering and storing of American calling records, a program kept secret for years and disclosed by Snowden.
President Barack Obama has proposed ending government storage of those records and requiring the NSA to gather them as needed from the telecommunications companies, but Congress has not adopted the proposal, so the collection continues.
The program, conducted under Section 215 of the Patriot Act, collects the “to and from” information of most domestic landline calls, but not the content of the communications. It does not gather most cell phone calls for logistical and other reasons, officials have said.
Officials say the records are searched against known terrorist phone numbers a limited number of times per year, based on a judicial finding of reasonable suspicion, to probe possible links between terror suspects. Only a few dozen people in the government have access to the database. If not used in a terrorism investigation, the data is supposed to be destroyed after five years.