The president’s panel found no official malfeasance but recommends overhauling surveillance programs anyway.
Grope through the Styrofoam pellets of rhetoric that surround the 46 recommendations in the report issued last week by the president’s Review Group on Intelligence and Communications Technologies, and you will discover that the authors “have not uncovered any official efforts to suppress dissent or any intent to intrude into people’s private lives without legal justification.” The panel’s investigation of the National Security Agency found—as the Foreign Intelligence Surveillance Court found before them—that the occasional unintentional violations of guidelines were stopped once they were detected.
Yet in a Dec. 20 White House news conference, President Obama vowed that next month he will make a “pretty definitive statement” about surveillance reform based on the panel’s recommendations. The five-member group, including University of Chicago law professor Geoffrey Stone and Harvard Law School professor Cass Sunstein, was appointed by the president in August amid the continuing fallout from the theft of national-security secrets by former government contractor Edward Snowden.
If the presidential Review Group found no official malfeasance, what has generated the 46 recommendations for reform? The answer seems to lie more in the mind-set of those commissioned to examine the intelligence programs than in the programs themselves.
The panel scrutinized principally an NSA program that gathers telephone metadata (which show the calling and called numbers, the date and the length of the call), and one that monitors the communications non-U.S. persons abroad.
Telephone metadata collection allows investigators to run the known number of a foreign terrorist, say, or of a safe house, against a database of U.S. calls to determine whether that number has called or been called by any domestic number. If so, investigators could then focus on that telephone and, if further evidence were sufficient, obtain a warrant to tap the content of conversations.
The constitutionality of the procedure has been upheld repeatedly. And as the panel noted, the “NSA believes that on at least a few occasions, information derived from the . . . metadata program has contributed to its efforts to prevent possible terrorist attacks either in the United States or somewhere else in the world.”
The Review Group’s report couldn’t point to an actual invasion of privacy from NSA’s collection of telephone metadata. Yet, astoundingly, the panel recommends that the program be terminated with a transition “as soon as reasonably possible to a system in which such meta-data is held instead either by private providers or by a private third party.”
In other words, if investigators want to check a telephone number they should be required to scurry around to each individual provider— AT&T, T +1.14% Verizon, etc.—to run the check, possibly against data bases that are inconsistently arranged, with consequent loss of time and efficiency. What if this arrangement “seriously undermines the effectiveness of the program,” as well as national security? The panel suggests that “the government might authorize a specially designated private organization to collect and store the bulk telephony metadata” (emphasis added).
The panel, in short, is recommending an experiment: If there is serious damage to the program—measured, say, by a successful terrorist attack—well, then we can have the data placed in the hands of a private party, and we know nothing can go wrong with that.
The president’s Review Group offers two reasons why the NSA must not gather this telephone metadata. One is that the government might use the business-records rationale for gathering metadata to cull other sensitive personal information in medical records and the like. Of course, no evidence suggests that any such thing has been tried or even contemplated by anyone in authority.
The second reason offered for terminating the NSA program is that telephone metadata can be mined to construct a profile of a particular person—who that person has called and who has called that person—and the possibility of that occurring would unsettle many people if they thought it was being done to them. No evidence suggests that any such thing has been proposed or done, and indeed the 22 people at NSA who have access to the data are forbidden to use metadata in any fashion other than to run it against suspect telephone numbers.
Nonetheless, the panel finds that mere public awareness of potential abuse “can significantly undermine public trust, which is exceedingly important to the well-being of a free and open society.” To be sure, the panel recommends that the government “commission a study of the legal and policy options for assessing the distinction between metadata and other types of information.” But in the meantime, the NSA would cease to collect telephone metadata.
What about gathering electronic intelligence abroad? The panel reasons that although the law authorizing that activity “has clearly served an important function in helping the United States to uncover and prevent terrorist attacks both in the United States and around the world (and thus helps protect our allies), the question remains whether it achieves that goal in a way that unnecessarily sacrifices individual privacy and damages foreign relations.
Here too the panel finds the NSA wanting—for failure to uphold Article 12 of the Universal Declaration of Human Rights and Article 17 of the International Covenant on Civil and Political Rights, which “proclaim that ‘No one shall be subjected to arbitrary or unlawful interference with his privacy.’ Although that declaration provides little guidance about what is meant by ‘arbitrary or unlawful interference,’ the aspiration is clear. The United States should be a leader in championing . . . the right of privacy, which is central to human dignity.” Based on that “clear” aspiration, the Review Group recommends that protections of the Privacy Act of 1974 be extended even by intelligence-gathering agencies to non-U.S. persons so as to permit them, for example, to discover the personally identifiable information in their intelligence file, “unless the agencies provide specific and persuasive reasons not to do so.”
Oh, sure—it’s hard to imagine what “specific and persuasive” reason there might be not to allow a foreign terrorist to check on whether the U.S. government has a file on him and what may be in it.
Another recommendation: The U.S. should declare that surveillance abroad “must not target any non-United States person located outside of the United States based solely on that person’s political views or religious convictions.” So, for example, if a previously unknown group declares it a religious obligation to kill Americans, we must promise not to target that group or its leaders for surveillance to determine whether they have the operational capability to put their “political views or religious convictions” into practice. Makes sense.
And what about the National Security Agency itself? The president wisely has already rejected the panel’s idea that the director of NSA no longer head the U.S. Cyber Command. But the panel also advocates separating the NSA from Cyber Command, and detaching the NSA’s information-assurance (code-making) function from its foreign-intelligence (code breaking) function. Why? Because after the 9/11 terror attacks, many in government advocated new national-security measures, and “if a similar or worse incident . . . were to occur in the future, many Americans, in the fear and heat of the moment, might support new restrictions on civil liberties and privacy. The powerful existing and potential capabilities of our intelligence and law enforcement agencies might be unleashed without adequate controls.” Better to break up a successful team than risk that.
No doubt such airy reasoning, not to mention arrogant mistrust of this country’s citizens and its institutions, is the small change of daily discourse in faculty lounges. But to find this infiltrating the Situation Room of the White House—President Obama met with the Review Group there before leaving on his Hawaiian vacation—is truly alarming.
*Mr. Mukasey served as U.S. attorney general (2007-09) and as a U.S. district judge for the Southern District of New York (1988-2006). He is also a member of the Board of Directors of the American Center for Democracy.
Originally published in the Wall Street Journal on Dec. 23, 2013