recommended reading

Government Privacy Board Endorses NSA's Internet Spying

Gil C/

The National Security Agency's Internet surveillance programs are legal and effective, according to the Privacy and Civil Liberties Oversight Board, an independent watchdog agency.

In a draft report, the panel expresses concern with certain elements of the NSA's massive collection of Internet data within the United States, and outlines several reforms it says would bolster privacy protections and improve transparency.

But the report, set for formal release Wednesday, is sure to disappoint privacy advocates, who had hoped the board would make a broad call for reform in its review of spying under Section 702 of the Foreign Intelligence Surveillance Act.

The provision gives intelligence agencies the authority to spy on the communications of foreigners located outside the United States. The NSA has used the power for its "PRISM" program, in which it issues demands to companies such as Facebook, Google, and Microsoft for their users' communications. The NSA has also been using the authority to tap into the Internet backbone to suck up international communications.

The Privacy and Civil Liberties Oversight Board, a bipartisan five-member group that was formed to promote privacy after the Sept. 11 attacks, said certain aspects of the surveillance push the programs "close to the line of constitutional reasonableness." For example, the NSA not only spies on the communications to and from certain targets, but also scans through vast amounts of Internet data looking for any communications about the targets. The government also "incidentally" collects a large amount of information from Americans, and sometimes searches through its databases specifically looking for American data.

The House approved legislation last month that would require the government to obtain a warrant for such searches of Americans' communications. But the board's report doesn't endorse legislation to close so-called backdoor domestic searches. The panel notes that the program only intentionally collects communications of foreigners, who aren't covered by the Fourth Amendment.

The report recommends that the NSA tighten its targeting procedures and provide more justification to the Foreign Intelligence Surveillance Court when it searches for Americans' information. The FBI should face tougher limits on its ability to use the information for criminal investigations, and the government should make more information about its spying public, the board said.

None of the recommendations require legislative action. 

Two of the board members, Chairman David Medine and Patricia Wald, issued a separate statement saying the recommendations don't go "nearly far enough to protect U.S. persons' privacy rights." The members said they would have called for more judicial oversight of the searches of U.S. information.

Privacy groups say the report falls far short of addressing the programs' serious privacy violations of Americans and foreigners.

"The PCLOB's proposed reforms for Section 702 are an anemic set of recommendations that will do little to stop excessive surveillance," Cindy Cohn, the legal director of the Electronic Frontier Foundation, wrote in a blog post. "The government's collection and search of Americans' communications without a warrant or individually approved court order is barred by the Constitution and must be stopped."

The report's modest recommendations contrast with the sweeping call for reform in the board's review of spying under Section 215 of the USA Patriot Act earlier this year. The NSA uses that provision, which has received more attention in the wake of Edward Snowden's leaks, to collect records such as phone numbers and call times on millions of U.S. phone calls.

Although Section 702 is aimed more at spying on foreigners, it allows the NSA to read the actual contents of emails and other communications.

Dustin Volz contributed to this article

(Image via Gil C /

Threatwatch Alert

Thousands of cyber attacks occur each day

See the latest threats


Close [ x ] More from Nextgov

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

  • PIV- I And Multifactor Authentication: The Best Defense for Federal Government Contractors

    This white paper explores NIST SP 800-171 and why compliance is critical to federal government contractors, especially those that work with the Department of Defense, as well as how leveraging PIV-I credentialing with multifactor authentication can be used as a defense against cyberattacks

  • Toward A More Innovative Government

    This research study aims to understand how state and local leaders regard their agency’s innovation efforts and what they are doing to overcome the challenges they face in successfully implementing these efforts.

  • From Volume to Value: UK’s NHS Digital Provides U.S. Healthcare Agencies A Roadmap For Value-Based Payment Models

    The U.S. healthcare industry is rapidly moving away from traditional fee-for-service models and towards value-based purchasing that reimburses physicians for quality of care in place of frequency of care.

  • GBC Flash Poll: Is Your Agency Safe?

    Federal leaders weigh in on the state of information security

  • Data-Centric Security vs. Database-Level Security

    Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.


When you download a report, your information may be shared with the underwriters of that document.