The NSA Should Start Following These Simple Legal Rules

Summarized from an extensive article put together from the EFF.  You can read it here.

While we still believe that the best first step is a modern Church Committee, an independent, public investigation and accounting of the government’s surveillance programs that affect Americans, members of Congress seem determined to try to enact fixes now.

…In short, there’s much Congress can and should do here, but we also need to be on the lookout for phony measures dressed as reform that either don’t fix things or take us backwards.

…At all times, a specific person or specific identifier (like a phone number or email address) or a reasonable, small and well-cabined category (like a group on the terrorist list or member of a foreign spy service) must be specified in the context of an investigation.

…Clarification that if one identified person is under investigation, the NSA does not have the authority to run analysis of call records on persons “two hops” or “three hops” away from that person without a separate court authorization.

…Congress should also state firmly that the fact of third party involvement should be irrelevant to a person’s “reasonable expectation of privacy,” as this may assist the courts when considering Fourth Amendment implications.

…Confirm the NSA must obtain a specific, probable cause warrant to seize or search Americans’ communications when they are picked up via a FISA court order or otherwise even if the American is not the “target” of the order.

…Ensure that the protections of American law, including standing to sue to challenge violations of law, apply to all data accessed by the NSA in the United States, even if the data is about a non-U.S. person.

…The NSA has claimed at various times that the legal protections do not start until a human reviews the information or when it is “processed” or otherwise prepared for human review, thus excluding any legal protections against collection, storing and even apparently many kinds of analysis done by computers.

…The government has tried to use the state secrets privilege to dismiss EFF’s multiple lawsuits challenging the NSA, as well as those of many others, despite the fact there are hundreds of pages of public evidence documenting unconstitutional actions.

…A “compromise” has recently been floated by several members of Congress that instead of the NSA holding onto phone records for five years, the phone companies should do it themselves, without limiting NSA access capabilities.

…This has not yet been floated, as far as we know, but any effort to reform the law in light of the NSA surveillance must not itself require that communications companies increase the surveillance capabilities of their systems. The FBI has been secretly lobbying for years for an update to Communications Assistance for Law Enforcement Act (CALEA), which would essentially force large internet companies to build a backdoor into their systems so the feds could more easily get real-time access to communications. Given the level of distrust users have had with Internet companies after their involvement in the PRISM program with the NSA, this bill should be permanently shelved, instead of being part of any sort of compromise reform bill relating to the NSA.