Advantage answers
Privacy
1nc – privacy advantage
Overwhelming corporate and government tracking is inevitable – the aff is a
meaningless half-measure
Schneier, 15 - fellow at the Berkman Center for Internet and Society at Harvard Law School, a program
fellow at the New America Foundation's Open Technology Institute, a board member of the Electronic
Frontier Foundation, an Advisory Board Member of the Electronic Privacy Information Center, and the
Chief Technology Officer at Resilient Systems, Inc (Bruce, Data and Goliath: the Hidden Battles to Collect
Your Data and Control Your World, Introduction)//AK
There’s a whole industry devoted to tracking you in real time. Companies use your phone to track you in
stores to learn how you shop, track you on the road to determine how close you might be to a particular
store, and deliver advertising to your phone based on where you are right now.
Your location data is so valuable that cell phone companies are now selling it to data brokers, who in
turn resell it to anyone willing to pay for it. Companies like Sense Networks specialize in using this data
to build personal profiles of each of us.
Phone companies are not the only source of cell phone data. The US company Verint sells cell phone
tracking systems to both corporations and governments worldwide . The company’s website says that
it’s “a global leader in Actionable Intelligence solutions for customer engagement optimization, security
intelligence, and fraud, risk and compliance,” with clients in “more than 10,000 organizations in over
180 countries.” The UK company Cobham sells a system that allows someone to send a “blind” call to a
phone—one that doesn’t ring, and isn’t detectable. The blind call forces the phone to transmit on a
certain frequency, allowing the sender to track that phone to within one meter. The company boasts
government customers in Algeria, Brunei, Ghana, Pakistan, Saudi Arabia, Singapore, and the United
States. Defentek, a company mysteriously registered in Panama, sells a system that can “locate and
track any phone number in the world … undetected and unknown by the network, carrier, or the
target.” It’s not an idle boast; telecommunications researcher Tobias Engel demonstrated the same
thing at a hacker conference in 2008. Criminals do the same today.
All this location tracking is based on the cellular system. There’s another entirely different and more
accurate location system built into your smartphone: GPS. This is what provides location data to the
various apps running on your phone. Some apps use location data to deliver service: Google Maps, Uber,
Yelp. Others, like Angry Birds, just want to be able to collect and sell it.
You can do this, too. HelloSpy is an app that you can surreptitiously install on someone else’s
smartphone to track her. Perfect for an anxious mom wanting to spy on her teenager—or an abusive
man wanting to spy on his wife or girlfriend. Employers have used apps like this to spy on their
employees.
The US National Security Agency (NSA) and its UK counterpart, Government Communications
Headquarters (GCHQ), use location data to track people. The NSA collects cell phone location data from
a variety of sources: the cell towers that phones connect to, the location of Wi-Fi networks that phones
log on to, and GPS location data from Internet apps. Two of the NSA’s internal databases, code-named
HAPPYFOOT and FASCIA, contain comprehensive location information of devices worldwide. The NSA
uses the databases to track people’s movements, identify people who associate with people of interest,
and target drone strikes.
The NSA can allegedly track cell phones even when they are turned off. I’ve just been talking about
location information from one source—your cell phone— but the issue is far larger than this. The
computers you interact with are constantly producing intimate personal data about you. It includes
what you read, watch, and listen to. It includes whom you talk to and what you say. Ultimately, it covers
what you’re thinking about, at least to the extent that your thoughts lead you to the Internet and search
engines. We are living in the golden age of surveillance .
Sun Microsystems’ CEO Scott McNealy said it plainly way back in 1999: “You have zero privacy anyway.
Get over it.” He’s wrong about how we should react to surveillance, of course, but he’s right that it’s
becoming harder and harder to avoid surveillance and maintain privacy.
Surveillance is a politically and emotionally loaded term, but I use it deliberately. The US military defines
surveillance as “systematic observation.” As I’ll explain, modern-day electronic surveillance is exactly
that. We’re all open books to both governments and corporations; their ability to peer into our
collective personal lives is greater than it has ever been before.
The bargain you make, again and again, with various companies is surveillance in exchange for free
service. Google’s chairman Eric Schmidt and its director of ideas Jared Cohen laid it out in their 2013
book, The New Digital Age. Here I’m paraphrasing their message: if you let us have all your data, we will
show you advertisements you want to see and we’ll throw in free web search, e-mail, and all sorts of
other services. It’s convenience, basically. We are social animals, and there’s nothing more powerful or
rewarding than communicating with other people. Digital means have become the easiest and quickest
way to communicate. And why do we allow governments access? Because we fear the terrorists, fear
the strangers abducting our children, fear the drug dealers, fear whatever bad guy is in vogue at the
moment. That’s the NSA’s justification for its mass surveillance programs; if you let us have all of your
data, we’ll relieve your fear.
No privacy intrusion – legal restraints prevent data collection of non-targets
De 14 - General Counsel, National Security Agency (Rajesh, “The NSA and Accountability in an Era of Big
Data”, JOURNAL OF NATIONAL SECURITY LAW & POLICY, 2014, p.6-8//DM)
False Myth: #2: NSA is spying on Americans at home and abroad with questionable or no legal basis.
This false myth reflects both deep philosophical distrust of the secretive NSA by some, and the reality
that signals intelligence activities, unlike some other intelligence activities, inevitably implicate the
privacy rights of U.S. persons. It also reflects more recent controversy over so-called “warrantless
wiretapping” under the President’s Terrorist Surveillance Program (TSP). Without getting into details
about the TSP (the authorization for which ended in 2007, but much of which is still classified and the
subject of litigation) or FISA (an intricate statutory scheme), I would like to make a few general points
about our current operations to help dispel this myth.
First, without an individualized determination of probable cause by a federal judge, NSA does not target
the communications of any unconsenting U.S. person anywhere in the world when there is a reasonable
expectation of privacy and a warrant would be required for law enforcement purposes in the United
States (note that pursuant to statute and regulation, under certain emergency scenarios the Attorney
General can make an initial finding of probable cause, but if within the purview of FISA, the Foreign
Intelligence Surveillance Court must subsequently make that determination). One point worth
highlighting in particular is that, amidst the controversy over the recent amendments made to FISA in
2008 and reauthorized in 2012, an important change was made: targeting a U.S. person abroad now
requires a probable cause finding by a federal judge, whereas previously it could be approved by the
Attorney General alone under Executive Order 12333.
Second, under even one of the more controversial provisions of the recent FISA amendments, Section
702, where no individualized probable cause finding is required, express limits were enacted:
● Section 702 may only be used to target non-U.S. persons reasonably believed to be located outside
the United States.
● Section 702 may not be used to intentionally target any person in the United States or a U.S. person
outside the United States.
● Section 702 may not be used to conduct “reverse targeting” – i.e., targeting of a person outside the
United States if the purpose is to target a particular, known person inside the United States.
● Section 702 may not be used to intentionally acquire a “wholly-domestic communication” – i.e., a
communication where all communicants are inside the United States.
● Section 702 must be implemented in a manner consistent with the Fourth Amendment.
2nc – corporate surveillance inevitable
Corporate surveillance is inevitable and they’ll willingly provide data to the
government
Schneier, 15 - fellow at the Berkman Center for Internet and Society at Harvard Law School, a program
fellow at the New America Foundation's Open Technology Institute, a board member of the Electronic
Frontier Foundation, an Advisory Board Member of the Electronic Privacy Information Center, and the
Chief Technology Officer at Resilient Systems, Inc (Bruce, Data and Goliath: the Hidden Battles to Collect
Your Data and Control Your World, Introduction)//AK
Corporate surveillance and government surveillance aren’t separate. They’re intertwined; the two
support each other. It’s a public-private surveillance partnership that spans the world. This isn’t a
formal agreement; it’s more an alliance of interests. Although it isn’t absolute, it’s become a de facto
reality, with many powerful stakeholders supporting its perpetuation. And though Snowden’s
revelations about NSA surveillance have caused rifts in the partnership—we’ll talk about those in
Chapter 14—it’s still strong. The Snowden documents made it clear how much the NSA relies on US
corporations to eavesdrop on the Internet. The NSA didn’t build a massive Internet eavesdropping
system from scratch. It noticed that the corporate world was already building one, and tapped into it.
Through programs like PRISM, the NSA legally compels Internet companies like Microsoft, Google,
Apple, and Yahoo to provide data on several thousand individuals of interest. Through other programs,
the NSA gets direct access to the Internet backbone to conduct mass surveillance on everyone.
Sometimes those corporations work with the NSA willingly . Sometimes they’re forced by the courts to
hand over data, largely in secret. At other times, the NSA has hacked into those corporations’
infrastructure without their permission.
This is happening all over the world. Many countries use corporate surveillance capabilities to monitor
their own citizens. Through programs such as TEMPORA, the UK’s GCHQ pays telcos like BT and
Vodafone to give it access to bulk communications all over the world. Vodafone gives Albania, Egypt,
Hungary, Ireland, and Qatar—possibly 29 countries in total—direct access to Internet traffic flowing
inside their countries. We don’t know to what extent these countries are paying for access, as the UK
does, or just demanding it. The French government eavesdrops on France Télécom and Orange. We’ve
already talked about China and Russia in Chapter 5. About a dozen countries have data retention laws—
declared unconstitutional in the EU in 2014—requiring ISPs to keep surveillance data on their customers
for some months in case the government wants access to it. Internet cafes in Iran, Vietnam, India, and
elsewhere must collect and retain identity information of their customers.
Similar things are happening off the Internet. Immediately after 9/11, the US government bought data
from data brokers, including air passenger data from Torch Concepts and a database of Mexican voters
from ChoicePoint. US law requires financial institutions to report cash transactions of $10,000 or larger
to the government; for currency exchangers, the threshold is $1,000. Many governments require hotels
to report which foreigners are sleeping there that night, and many more make copies of guests’ ID cards
and passports. CCTV cameras, license plate capture systems, and cell phone location data are being used
by numerous governments.
By the same token, corporations obtain government data for their own purposes. States like Illinois,
Ohio, Texas, and Florida sell driver’s license data, including photos, to private buyers. Some states sell
voter registration data. The UK government proposed the sale of taxpayer data in 2014, but public
outcry has halted that, at least temporarily. The UK National Health Service also plans to sell patient
health data to drug and insurance firms. There’s a feedback loop: corporations argue for more
government data collection, then argue that the data should be released under open government laws,
and then repackage the data and sell it back to the government.
The net result is that a lot of surveillance data moves back and forth between government and
corporations. One consequence of this is that it’s hard to get effective laws passed to curb corporate
surveillance—governments don’t really want to limit their own access to data by crippling the
corporate hand that feeds them .
The government can just ask for or buy the data – surveillance unnecessary
Turner, 15 - Brad Turner is a graduate of Duke Law School and a practicing attorney in Ohio. (“When Big
Data Meets Big Brother: Why Courts Should Apply United States v. Jones to Protect People's Data” 16
N.C. J.L. & Tech. 377, January, lexis)
The government can obtain second-hand data from private parties in a variety of ways. First, the
government can simply ask for it. According to Google, nearly 1% of requests for its user data from law
enforcement are emergency requests. n185 A bill that has been proposed in Congress, called the Cyber
Intelligence Sharing and Protection Act ("CISPA"), might dramatically increase this percentage. CISPA
would make it legal for the government to ask companies for data about their customers and then
protect those companies from lawsuits related to the handing over of that data, "notwithstanding any
other provision of law." n186
Second, the government can demand the data with a subpoena. A subpoena need not be reviewed or
pre-approved by a court to be valid and enforceable. n187 Google says that 68% of its data requests
from the government are in the form of a subpoena. n188 Subpoenas can request any information or
documents that are at all relevant to an investigation. Relevance is defined very broadly and includes
any information or documents that "might have the potential to lead to relevant information." n189 So
long as a subpoena meets this very lenient standard, a court will deem the subpoena valid to the extent
that the subpoena's demands are not overbroad or unduly burdensome. n190
Third, the government can demand the information with a court order, which, by definition, does
require prior approval by a [*411] court. n191 Google says that 22% of its requests for data by the
government are from warrants, and another 6% are from court orders. n192 The NSA collects much of
its data by using secret FISA court orders, collecting huge sums of data from U.S. telephone companies,
including AT&T, Verizon, and Sprint, and Internet service-providers like Facebook, Apple, Google,
Microsoft, Yahoo, and AOL. n193 Statutes regulate these data-collection efforts. n194
Fourth, the government can purchase the information . Big Data is valuable and companies are willing
to sell. n195 For the right price, [*412] government can access the same rich data-troves held by
private organizations. For example, the federal government recently started buying access to a private
database maintained by the credit bureau Equifax, called "The Work Numbers." n196 The database
contains 54 million active salary and employment records and more than 175 million historical records
from approximately 2,500 U.S. employers. n197 Equifax also sells this same data to credit card issuers,
property managers, and auto lenders. n198
Can’t solve privacy – private sector and foreign government collection
Lewis 5/28 – Director and Senior Fellow, Strategic Technologies Program (James Lewis, “What
Happens on June 1?”, CSIS Strategic Technologies Program,
http://www.csistech.org/blog/2015/5/28/what-happens-on-june-1, 5/28/2015)//MBB
Privacy itself will not increase. The privacy battle was lost years ago when extracting your personal data
became the business model of the internet. Americans have far less privacy than they did in 1995 and
NSA has nothing to do with this. There are several ironies in this situation, not the least being that NSA
collection operated under far more rules than private sector or foreign government collection, and
many of the immense private sector databases are likely accessible to foreign governments (if they
decide they can use them).
Economic incentives for corporate surveillance overwhelm the plan on a massive scale
Schneier, 15 - fellow at the Berkman Center for Internet and Society at Harvard Law School, a program
fellow at the New America Foundation's Open Technology Institute, a board member of the Electronic
Frontier Foundation, an Advisory Board Member of the Electronic Privacy Information Center, and the
Chief Technology Officer at Resilient Systems, Inc (Bruce, Data and Goliath: the Hidden Battles to Collect
Your Data and Control Your World, Introduction)//AK
Historically, surveillance was difficult and expensive. We did it only when it was important: when the
police needed to tail a suspect, or a business required a detailed purchasing history for billing purposes.
There were exceptions, and they were extreme and expensive. The exceptionally paranoid East German
government had 102,000 Stasi surveilling a population of 17 million: that’s one spy for every 166
citizens, or one for every 66 if you include civilian informants.
Corporate surveillance has grown from collecting as little data as necessary to collecting as much as
possible. Corporations always collected information on their customers, but in the past they didn’t
collect very much of it and held it only as long as necessary. Credit card companies collected only the
information about their customers’ transactions that they needed for billing. Stores hardly ever
collected information about their customers, and mail-order companies only collected names and
addresses, and maybe some purchasing history so they knew when to remove someone from their
mailing list. Even Google, back in the beginning, collected far less information about its users than it
does today. When surveillance information was expensive to collect and store, corporations made do
with as little as possible.
The cost of computing technology has declined rapidly in recent decades. This has been a profoundly
good thing. It has become cheaper and easier for people to communicate, to publish their thoughts, to
access information, and so on. But that same decline in price has also brought down the price of
surveillance. As computer technologies improved, corporations were able to collect more information
on everyone they did business with. As the cost of data storage became cheaper, they were able to save
more data and for a longer time. As big data analysis tools became more powerful, it became profitable
to save more information. This led to the surveillance-based business models I’ll talk about in Chapter 4.
Government surveillance has gone from collecting data on as few people as necessary to collecting it on
as many as possible. When surveillance was manual and expensive, it could only be justified in extreme
cases. The warrant process limited police surveillance, and resource constraints and the risk of discovery
limited national intelligence surveillance. Specific individuals were targeted for surveillance, and
maximal information was collected on them alone. There were also strict minimization rules about not
collecting information on other people. If the FBI was listening in on a mobster’s phone, for example,
the listener was supposed to hang up and stop recording if the mobster’s wife or children got on the
line.
As technology improved and prices dropped, governments broadened their surveillance. The NSA could
surveil large groups—the Soviet government, the Chinese diplomatic corps, leftist political organizations
and activists—not just individuals. Roving wiretaps meant that the FBI could eavesdrop on people
regardless of the device they used to communicate with. Eventually, US agencies could spy on entire
populations and save the data for years. This dovetailed with a changing threat, and they continued
espionage against specific governments, while expanding mass surveillance of broad populations to look
for potentially dangerous individuals. I’ll talk about this in Chapter 5.
The result is that corporate and government surveillance interests have converged. Both now want to
know everything about everyone. The motivations are different, but the methodologies are the same.
That is the primary reason for the strong public-private security partnership that I’ll talk about in
Chapter 6.
All personal information is freely available – the aff is a meaningless gesture
Schneier, 15 - fellow at the Berkman Center for Internet and Society at Harvard Law School, a program
fellow at the New America Foundation's Open Technology Institute, a board member of the Electronic
Frontier Foundation, an Advisory Board Member of the Electronic Privacy Information Center, and the
Chief Technology Officer at Resilient Systems, Inc (Bruce, Data and Goliath: the Hidden Battles to Collect
Your Data and Control Your World, Introduction)//AK
The result of this declining cost of surveillance technology is not just a difference in price; it’s a
difference in kind. Organizations end up doing more surveillance—a lot more. For example, in 2012,
after a Supreme Court ruling, the FBI was required to either obtain warrants for or turn off 3,000 GPS
surveillance devices installed in cars. It would simply be impossible for the FBI to follow 3,000 cars
without automation; the agency just doesn’t have the manpower. And now the prevalence of cell
phones means that everyone can be followed, all of the time.
Another example is license plate scanners, which are becoming more common. Several companies
maintain databases of vehicle license plates whose owners have defaulted on their auto loans. Spotter
cars and tow trucks mount cameras on their roofs that continually scan license plates and send the data
back to the companies, looking for a hit. There’s big money to be made in the repossession business, so
lots of individuals participate—all of them feeding data into the companies’ centralized databases. One
scanning company, Vigilant Solutions of Livermore, California, claims to have 2.5 billion records and
collects 70 million scans in the US per month, along with date, time, and GPS location information.
In addition to repossession businesses, scanning companies also sell their data to divorce lawyers,
private investigators, and others. They sometimes relay it, in real time, to police departments, which
combine it with scans they get from interstate highway onramps, toll plazas, border crossings, and
airport parking lots. They’re looking for stolen vehicles and drivers with outstanding warrants and
unpaid tickets. Already, the states’ driver’s license databases are being used by the FBI to identify
people, and the US Department of Homeland Security wants all this data in a single national database. In
the UK, a similar government-run system based on fixed cameras is deployed throughout the country. It
enforces London’s automobile congestion charge system, and searches for vehicles that are behind on
their mandatory inspections.
Expect the same thing to happen with automatic face recognition. Initially, the data from private
cameras will most likely be used by bounty hunters tracking down bail jumpers. Eventually, though, it
will be sold for other uses and given to the government. Already the FBI has a database of 52 million
faces, and facial recognition software that’s pretty good. The Dubai police are integrating custom facial
recognition software with Google Glass to automatically identify suspects. With enough cameras in a
city, police officers will be able to follow cars and people around without ever leaving their desks. This is
mass surveillance, impossible without computers, networks, and automation. It’s not “follow that car”;
it’s “follow every car.” Police could always tail a suspect, but with an urban mesh of cameras, license
plate scanners, and facial recognition software, they can tail everyone—suspect or not.
Similarly, putting a device called a pen register on a suspect’s land line to record the phone numbers he
calls used to be both time-consuming and expensive. But now that the FBI can demand that data from
the phone companies’ databases, it can acquire that information about everybody in the US. And it has.
In 2008, the company Waze (acquired by Google in 2013) introduced a new navigation system for
smartphones. The idea was that by tracking the movements of cars that used Waze, the company could
infer real-time traffic data and route people to the fastest roads. We’d all like to avoid traffic jams. In
fact, all of society, not just Waze’s customers, benefits when people are steered away from traffic jams
so they don’t add to them. But are we aware of how much data we’re giving away?
For the first time in history, governments and corporations have the ability to conduct mass surveillance
on entire populations. They can do it with our Internet use, our communications, our financial
transactions, our movements … everything. Even the East Germans couldn’t follow everybody all of the
time. Now it’s easy.
Internet freedom
1nc – NSA overreach
Existing oversight checks NSA overreach
Cordero, 14 - Carrie F. Cordero is the Director of National Security Studies at Georgetown University Law
Center (“Fear vs. Facts: Exploring the Rules the NSA Operates Under” 6/13, http://www.catounbound.org/2014/06/13/carrie-f-cordero/fear-vs-facts-exploring-rules-nsa-operates-under
There is no doubt the Snowden disclosures have launched a debate that raises significant issues
regarding the extent of U.S. government national security surveillance authorities and activities. And
Julian Sanchez’s essay Snowden: Year One raises a number of these issues, including whether the
surveillance is too broad, with too few limits and too little oversight. But an overarching theme of
Sanchez’s essay is fear – and fear of what might be overshadows what actually is, or is even likely.
Indeed, he suggests that by just “tweaking a few lines of code” the NSA’s significant capabilities could be
misdirected from targeting valid counterterrorism suspects to Americans involved in the Tea Party or
Occupy movements.
So really, what would it take to turn NSA’s capabilities inward, to the dark corner of monitoring political
activity and dissent? It turns out, quite a lot. So much, in fact, that after a considered review of the
checks and balances in place, it may turn out to be not worth fearing much at all.
First, a little history. Prior to 1978, NSA conducted surveillance activities for foreign intelligence
purposes under Executive authority alone. In 1978, Congress passed the Foreign Intelligence
Surveillance Act (FISA), which distinguished between surveillance that occurred here at home and that
which occurred overseas. FISA requires that when electronic surveillance is conducted inside the United
States, the government seek an order from the Foreign Intelligence Surveillance Court (FISC or the
Court) based on probable cause. So, if the government wants to conduct surveillance targeting a foreign
agent or foreign power here in the United States, it must obtain FISC approval to do so. By law, the
Court may not issue an order targeting an American based solely on activities protected by the First
Amendment to the Constitution. The Attorney General is required to report on the full range of
activities that take place under FISA to four congressional committees: both the intelligence and
judiciary committees in Congress. The law requires that the committees be “fully informed” twice each
year.
There have been a number of amendments to FISA over the years. In 1994, the statute was amended to
require that physical searches for national security purposes conducted inside the United States also
happen by an order from the FISC. The USA-PATRIOT Act of 2001 amended several provisions of FISA,
one of which enabled better sharing of information between terrorism and criminal investigators. And in
2008, FISA was amended to provide a statutory framework for certain approvals by the Attorney
General, Director of National Intelligence, and FISC regarding the targeting of non-U.S. persons
reasonably believed to be outside the United States for foreign intelligence purposes, when the
cooperation of a U.S. communications service provider is needed.
So how do we know that this system of approvals is followed? Is the oversight over NSA’s activities
meaningful, or “decorative,” as Sanchez suggests?
It is worth exploring. Here is how oversight of the Section 702 surveillance works, as one example, since
it has been the subject of a significant part of the debate of the past year. Section 702 was added to FISA
by the FISA Amendments Act of 2008. It authorizes the NSA to acquire the communications, for foreign
intelligence purposes, of non-U.S. persons reasonably believed to be outside the United States. These
are persons with no Constitutional protections, and yet, because the acquisition requires the assistance
of a U.S. electronic communications provider, there is an extensive approval and oversight process.
There is a statutory framework. Specifically, the Attorney General and Director of National Intelligence
jointly approve certifications. According to declassified documents, the certifications are topical,
meaning, the way the statute is being implemented, the certifications are not so specific that they
identify individual targets; but they are not so broad that they cover any and everything that might be
foreign intelligence information. The certifications are filed with the FISC, along with targeting and
minimization procedures. Targeting procedures are the rules by which NSA selects valid foreign
intelligence targets for collection. Minimization procedures are rules by which NSA handles information
concerning U.S. persons. The FISC has to approve these procedures. If it does not approve them, the
government has to fix them. The Court reviews these procedures and processes annually. The Court can
request a hearing with government witnesses (like senior intelligence officials, even the NSA Director, if
the judge wanted or needed to hear from him personally) or additional information in order to aid in its
decisionmaking process. Information about the 702 certifications is reported to the Congressional
intelligence committees.
Once the certifications are in effect, attorneys from the Department of Justice’s (DOJ) National Security
Division and attorneys and civil liberties officials from the Office of the Director of National Intelligence
(ODNI) review the NSA’s targeting decisions and compliance with the rules. They conduct reviews at
least every 90 days. During that 90-day period, oversight personnel are in contact with NSA operational
and compliance personnel. Compliance incidents can be discovered in one of at least two ways: the NSA
can self-report them, which it does; or the DOJ and ODNI oversight personnel may discover them on
their own. Sometimes the NSA does not report a compliance incident in the required timeframe. Then
the time lag in reporting may become an additional compliance incident. The DOJ and ODNI compliance
teams write up semi-annual reports describing the results of their reviews. The reports are approved by
the Attorney General and Director of National Intelligence and provided to the FISC and to Congress.
According to the one report that has been declassified so far, in August 2013, for a six-month period in
2012, the rate of error for the NSA’s compliance under Section 702 collection was .49% - less than half of
one percent. If we subtract the compliance incidents that were actually delays in reporting, then the
noncompliance rate falls to between .15-.25% - less than one quarter of one percent . Hardly an agency
run amok.
PPD-28 means the US already has the strongest global surveillance protection
Edgar, 15 - Timothy H. Edgar is a visiting scholar at the Brown University’s Watson Institute for
International Studies and has also taught at the Georgetown University Law Center and Boston
University (“Why Should We Buy Into The Notion That The United States Doesn’t Care About Privacy?”
Lawfare, 2/23, http://www.lawfareblog.com/why-should-we-buy-notion-united-states-doesnt-careabout-privacy
Here, the record is clear: the United States wins, hands down. A comprehensive analysis of worldwide
surveillance laws undertaken by the Center for Democracy and Technology shows just how little is
required in most countries around the world, including in Europe, for undertaking national security
surveillance. For example, under the UK’s Regulation of Investigatory Powers Act (RIPA), such
surveillance can be obtained with the approval of a Secretary of State. Germany authorizes such
surveillance through a parliamentary committee. These safeguards, structurally inferior to the court
orders required by FISA, have been determined by European courts to satisfy the fundamental liberties
required by the European Convention on Human Rights.
What about external surveillance? New rules issued by the Obama administration under Presidential
Policy Directive 28 (PPD-28) provide practical protection for the privacy of foreigners in NSA collection.
These may make only modest changes to surveillance practices in the short run, but it is a mistake to see
them as mere “tweaks” in surveillance policy. They are a major paradigm shift . When I served as a
privacy official in the intelligence community, I had no law, executive order, or directive that told me
that the privacy rights of foreigners matter. The new rules change that. The mechanisms of intelligence
oversight---privacy officials and boards, inspectors general, and lawyers---now must pay attention to
everyone’s privacy. No other nation has publicly committed its external intelligence services to specific
rules designed to respect everyone’s privacy. Germany and many other European nations have
protested NSA spying. Will their intelligence services issue oversight rules protecting the privacy not just
of their own citizens, but of all of us?
On transparency, the United States wins again. While the United States continues to declassify more and
more details of its intelligence operations in the wake of the Snowden revelations, European countries
play catch up. Last month, a UK court that oversees UK intelligence services---the Investigatory Powers
Tribunal---found in a case brought by civil liberties groups that, although its information sharing with the
NSA was consistent with European human rights law, it needed to be much more transparent about the
rules under which it operates.
I’m looking forward to the launch of “GCHQ on the record.”
The United States should not be shy in talking about its record on intelligence oversight, nor should it
accept the premise that Europeans care more about privacy than Americans. The United States leads
the world when it comes to privacy protection in intelligence activities – if only because the rest of the
world’s rules are so weak. We should start talking about it.
AT: Nonbinding
Obama policy statement minimizes data abuse risks and is binding US policy
Margulies, 14 - Professor of Law, Roger Williams University School of Law (“CITIZENSHIP, IMMIGRATION,
AND NATIONAL SECURITY AFTER 9/11: THE NSA IN GLOBAL PERSPECTIVE: SURVEILLANCE, HUMAN
RIGHTS, AND INTERNATIONAL COUNTERTERRORISM” 82 Fordham L. Rev. 2137, April, lexis)
Edward Snowden's disclosures have thus far centered on two NSA programs. One is domestic - the socalled metadata program, operated pursuant to section 215 of the USA PATRIOT Act, n13 and entailing
the bulk collection of call record information, including phone numbers and times of calls. n14 The other
is foreign - the PRISM program, operated pursuant to section 702 of the Foreign Intelligence Surveillance
Act (FISA). n15 Under section 702, the government may conduct surveillance targeting the contents of
communications of non-U.S. persons reasonably believed to be located abroad when the surveillance
will result in acquiring foreign intelligence information. n16 The FISC must approve any government
request for surveillance under section 702, although these requests can [*2141] describe broad types
of communications without identifying particular individuals. n17
Under section 702, "foreign intelligence information" that the government may acquire includes a
number of grounds related to national security, such as information relating to an "actual or potential
attack" or "other grave hostile acts of a foreign power or an agent of a foreign power." n18 It also
includes information relating to possible sabotage n19 and clandestine foreign "intelligence activities."
n20 Another prong of the definition appears to sweep more broadly, including information relating to
"the conduct of the foreign affairs of the United States." n21 Despite the greater breadth of this
provision, President Obama informed a domestic and global audience that U.S. intelligence agencies
seek a narrow range of information centering on the national security and foreign intelligence concerns
described above. n22 While the U.S. intelligence agencies acquire a substantial amount of data that
does not fit under these rubrics, the president's speech confirmed that U.S. analysts do not rummage
through such data randomly or for invidious purposes. n23 A scatter-shot approach of this kind would
be unethical, illegal, and ineffective. Instead, NSA officials query communications using specific
"identifiers" such as phone numbers and email addresses that officials reasonably believe are used by
non-U.S. persons abroad to communicate foreign intelligence information. n24 The government must
also have in place minimization procedures to limit the acquisition, retention, and dissemination of
nonpublic information about U.S. persons. n25 The NSA deletes all irrelevant content, including content
from non-U.S. persons, after five years. n26
In acknowledging the "legitimate privacy interests" of both U.S. and non-U.S. persons, President Obama
affirmed the U.S. commitment to core principles in January 2014. n27 First, he narrowed the operating
definition of [*2142] foreign intelligence information, limiting it to "information relating to the
capabilities, intentions, or activities of foreign governments or elements thereof, foreign organizations,
foreign persons, or international terrorists." n28 In addition, he asserted that the NSA would engage in
bulk collection of communications for purposes of "detecting and countering" terrorism, espionage,
nuclear proliferation, threats to U.S. forces, and financial crimes, including evasion of duly enacted
sanctions. n29 Addressing anticipated concerns that these limits still left the NSA with too much
discretion, President Obama declared what the United States would not do. First, it would not collect
communications content "for the purpose of suppressing or burdening criticism or dissent, or for
disadvantaging persons based on their ethnicity, race, gender, sexual orientation, or religion." n30
Second, it would disseminate and store information regarding any person based on criteria in section 2.3
of Executive Order 12,333 n31: cases involving "foreign intelligence or counterintelligence," public
safety, or ascertainment of a potential intelligence source's credibility. n32
Of course, President Obama's speech did not quell the complaints of NSA critics. One could argue that
even the description the president provided has legal flaws under domestic and/or international law.
One can also argue that the president's policy directive, statutory provisions, and case law cannot wholly
eliminate the possibility of systemic or individual abuse of NSA authority. That said, there are compelling
reasons for treating the president's speech and directive as an authoritative and binding statement of
U.S. policy. The most compelling reason may be the simplest: no American president has ever been so
forthright on the subject of intelligence collection, and few heads of state around the globe have
ventured down the path that President Obama chose. n33 That alone counsels treating President
Obama's guidance as more than "cheap talk."
AT: Wheeler
Wheeler is wrong – Obama reforms restored trust
Cordero, 14 – Director of National Security Studies, Georgetown University Law Center, Adjunct
Professor of Law (Carrie, “Correcting some Inaccuracies about NSA Surveillance” 6/20,
http://www.cato-unbound.org/2014/06/20/carrie-f-cordero/correcting-some-inaccuracies-about-nsasurveillance
In her response essay, Marcy Wheeler keys on an important, and serious, consequence of the
unauthorized disclosures and their aftermath: the developing adversarial relationship between the
government and the private sector. Now past the first year of the disclosures, it is clear that companies
on the receiving end of orders or directives issued under the Foreign Intelligence Surveillance Act (FISA)
may be more likely to challenge them in the future. At least one company has already increased its
challenges to requests for data from the government issued under National Security Letters or the
Electronic Communications Privacy Act (ECPA). But Wheeler is wrong to suggest that – whatever it is the
government may have done to effect the collection of foreign intelligence information overseas (which
has happened for decades and continues to occur under Executive Order 12333) – somehow
“violated…the deal” that was reached through the FISA Amendments Act of 2008 (FAA). Instead, the
information that has been released and declassified over the last year has demonstrated that the FAA
has been implemented consistently with how it was described in the public record of legislative text and
Congressional hearings that took place up to its passage in 2008.
It is also not accurate to describe the steps the Obama Administration has taken as “refus[ing] to do
anything” to limit NSA surveillance. Indeed, the President has already implemented significant reforms
to the telephone metadata program, including requiring advance approval from the Foreign Intelligence
Surveillance Court (FISC) before querying the data, and limiting the extent of analysis of that data. His
Presidential Policy Directive-28 (PPD-28), issued in January 2014, limits the categories of bulk collection
the NSA may collect. He has adopted the Surveillance Review Group’s principle of “risk management,” to
more formally involve foreign policy implications, for example, in making collection decisions. And he
has directed that procedures and rules be changed in order to add privacy protections for foreigners in
how the NSA handles information it has acquired. Although it is too soon to assess how the details of
some of these and other changes will be implemented, their significance should not be underestimated.
AT: XO12333
XO12333 has the same minimization procedures as FISA – no abuse
Joel, 14 - Alexander W. Joel is the civil liberties protection officer for the Office of the Director of
National Intelligence and reports directly to Director of National Intelligence James R. Clapper (“The
Truth About Executive Order 12333” Politico, 8/18,
http://www.politico.com/magazine/story/2014/08/the-truth-about-executive-order-12333110121.html#.VYomBfl4pyg
Under EO 12333, intelligence agencies may collect, retain, and disseminate information about
Americans “only in accordance with procedures … approved by the Attorney General … after
consultation with the Director [of National Intelligence].” Tye noted that he is not familiar with the
details of these procedures, but nonetheless said that Americans should be troubled by “the collection
and storage of their communications” under the executive order.
As the civil liberties protection officer for the director of national intelligence (DNI), I work with
intelligence agencies on these procedures, and would like to describe how they safeguard privacy and
civil liberties.
But first I want to commend Tye for raising his concerns through the processes established for that
purpose. Using those processes, he has been able to review his concerns with intelligence oversight
bodies as well as with the public, all while continuing to protect classified information.
At the outset, remember that FISA, with very limited exceptions, requires the government to seek an
individualized court order before it can intentionally target a United States person anywhere in the
world to collect the content of his or her communications. The FISA court must be satisfied, based on a
probable cause standard, that the United States person target is an agent of a foreign power, or, as
appropriate, an officer or employee of a foreign power.
But even when the government targets foreign nationals overseas in response to valid foreign
intelligence requirements, it will inevitably collect some communications about Americans. As the
Privacy and Civil Liberties Oversight Board noted in its examination of Section 702 of FISA, “[t]he
collection of communications to and from a target inevitably returns communications in which nontargets are on the other end, some of whom will be U.S. persons.” Indeed, when Congress first enacted
FISA in 1978, it required the government to follow what are called “minimization procedures.” These
procedures, which must be approved by the FISA court, restrict what the government can do with
collected information about U.S. persons (such as for how long that information may be retained, and
under what circumstances it may be shared).
Similarly, EO 12333 requires procedures to minimize how an agency collects, retains or disseminates
U.S. person information. These procedures must be approved by the attorney general, providing an
important additional check. The National Security Agency’s procedures are reflected in documents such
as United States Signals Intelligence Directive SP0018 (USSID 18), issued in 1993 and updated in 2011.
These procedures generally provide that communications may not be retained for more than five years.
In addition, NSA personnel may not use U.S. person “selection terms” (such as names, phone numbers
or email addresses) to retrieve communications from its collection under EO 12333 without a finding by
the attorney general that the U.S. person is an agent of a foreign power (or in other similarly narrow
circumstances). And even if the NSA determines that information about an American constitutes foreign
intelligence, it routinely uses a generic label like “U.S. Person 1” in intelligence reporting to safeguard
the person’s identity. The underlying identity may be provided only in a very limited set of
circumstances, such as if it’s necessary to understand the particular foreign intelligence being conveyed.
Oversight is extensive and multi-layered. Executive branch oversight is provided internally at the NSA
and by both the Department of Defense and the Office of the DNI by agency inspectors general, general
counsels, compliance officers and privacy officers (including my office and the NSA’s new Civil Liberties
and Privacy Office). The Department of Justice also provides oversight, as do the Privacy and Civil
Liberties Oversight Board and the president’s Intelligence Oversight Board. In addition, Congress has the
power to oversee, authorize and fund these activities.
2nc – squo oversight solves
Squo Congressional oversight prevents abuse and oversight reform is better than
scaling back
Cordero, 14 - Carrie F. Cordero is the Director of National Security Studies at Georgetown University Law
Center (“Fear vs. Facts: Exploring the Rules the NSA Operates Under” 6/13, http://www.catounbound.org/2014/06/13/carrie-f-cordero/fear-vs-facts-exploring-rules-nsa-operates-under
Generally, however, Congressional committees charged with oversight of the Intelligence Community do
their job. The Intelligence Committees of Congress have professional staff, often with deep experience
in national security matters. The Committees conduct substantive hearings, although, due to the
sensitive and operational nature of the topics discussed, often in classified session. Congressional staff
also receive briefings. During the debate surrounding the passage of the FISA Amendments Act of 2008,
many members of Congress and their staffs visited the NSA and received dozens of briefings regarding
its details and subsequent implementation.
Decorative? Returning to the question implicitly posed by Sanchez’s argument: what would it take to
turn this system inside out? Most likely, it would take either a conspiracy of the highest order, or the
complete incompetence of everyone involved in the process – from operators to leadership inside the
Intelligence Community, from lawyers to senior officials at the Justice Department, from legal advisors
to judges of the FISC, from staff to members of Congress.
Here’s what happens in the real world: people make mistakes; technological implementation goes awry;
bureaucracy gets in the way of getting down to the bottom line. The adequacy and rigor of
Congressional oversight waxes and wanes based, at times, on the quality of the leadership of the various
committees at any time. Government employees also sometimes do the wrong thing, such as the twelve
cases in ten years that the NSA has explained to Congress, and then they are held accountable.
Oversight and compliance systems sometimes fail, too, such as the delay in recognizing the problems in
the technical implementation of the phone metadata program that was subsequently brought to the
Court’s attention. These are all valid reasons to work on improving auditing, compliance, oversight and
accountability mechanisms. They are not valid reasons for adopting reforms that would dramatically
scale back important national security capabilities that keep the nation safe.
The NSA collects a miniscule amount of info
Dickerson, 15 - Julie Dickerson is currently a 3L at Harvard Law School, and previously served as Senior
Editor for the Harvard National Security Journal (“Meaningful Transparency: The Missing Numbers the
NSA and FISC Should Reveal” Harvard National Security Journal,
http://harvardnsj.org/2015/02/meaningful-transparency-the-missing-numbers-the-nsa-and-fisc-shouldreveal/
Under § 702 of the USA-PATRIOT Act, the NSA uses information from U.S. electronic communication
service providers to target non-Americans outside the United States for documented foreign intelligence
purposes. The NSA collects more than 250 million internet communications under this power each year.
While a large absolute number, it is unclear what percent of total internet communications these § 702
communications constitute. The NSA has revealed that the internet carries 1,826 Petabytes of
information per day, the NSA touches 1.6% of that data in its foreign intelligence mission, and the NSA
only selects 0.025% of that data for review. The net result is that NSA analysts look at a mere 0.00004%
of the world’s traffic. These percentages of total data traffic, though indicative that the percent of § 702
communications collected is likely miniscule , do not map perfectly onto percentages of total
communications.
No NSA overreach – it’s subject to external security from multiple entities
De 14 - General Counsel, National Security Agency (Rajesh, “The NSA and Accountability in an Era of Big
Data”, JOURNAL OF NATIONAL SECURITY LAW & POLICY, 2014, p.8-10//DM)
False Myth #3: NSA operates in the shadows free from external scrutiny or any true accountability.
This false myth is obviously a product of the necessarily secretive nature of NSA’s day-to-day operations.
There is no doubt that in a democracy like ours, an important form of accountability is public
transparency. However, it is absolutely essential not to assume that the legitimacy afforded by public
transparency is the only way to achieve accountability, which may – in fact, must, with respect to NSA –
primarily be achieved through alternate means. There is no perfect substitute for public transparency in
a democracy; but when there is also no way to provide information to those whom you seek to protect
without also providing it to those from whom you seek to protect them, we must largely rely on such
alternate means of accountability.
It is evident to me that I am the General Counsel for one of the most highly regulated entities in the
world. It is a reality that most audiences cannot appreciate given the classified nature of intelligence
work. Given NSA’s unique mission, however, it makes perfect sense. NSA is part of the Department of
Defense as well as the Intelligence Community. This means that NSA is subject to the relevant rules and
regulations for DOD as well as to those applicable to other members of the IC. More broadly, NSA is
subject to a spectrum of detailed scrutiny from across all three branches of government as a matter of
law, policy, and practice. First, within the executive branch alone, NSA is responsible to multiple
stakeholders, including:
● internal oversight officials, including an Inspector General to whom Congress recently provided
independent statutory authority under the 2010 Intelligence Authorization Act;
● the Department of Defense, which pursuant to presidential directive and statute exercises supervisory
authority over NSA, to include offi- cials such as the Assistant to the Secretary for Intelligence Oversight,
the Under Secretary of Defense for Intelligence, the General Counsel, and the DOD Inspector General;
● the Office of the Director of National Intelligence, which pursuant to presidential directive and statute
is responsible for coordination of the Intelligence Community, and has an oversight role with respect to
certain FISA activities, to include its own General Counsel, Inspector General, and Civil Liberties
Protection Officer;
● the Department of Justice, which by statute also has an oversight role with respect to certain FISA
activities, and to which NSA like other intelligence agencies is obligated by statute and Executive Order
12333 to report violations of federal law;
● the White House, to include the National Security Council, the President’s Intelligence Advisory Board,
and the Intelligence Oversight Board, to whom NSA like other intelligence agencies is required to report
“any intelligence activities... that they have reason to believe may be unlawful or contrary to executive
order or presidential directive”; and
● independent entities such as the Privacy and Civil Liberties Oversight Board.
Second, apart from the multiple layers of accountability within the executive branch, NSA is by law
accountable to the legislative branch. As a member of the Intelligence Community, NSA is required by
law to keep the intelligence oversight committees of the Senate and House of Representatives “fully and
currently informed” with respect to the Agency’s activities. Given the unique role of NSA and the range
of its activities, however, oversight is exercised as well by a host of additional committees as diverse as
the armed services, judiciary, and homeland security committees of both chambers of Congress. NSA,
for example, is required by statute to provide both the intelligence and judiciary committees a copy of
any decision, order, or opinion of the FISC that includes “significant construction or interpretation” of
any provision of FISA. NSA also keeps Congress apprised of its activities routinely via testimony at open
and closed hearings; formal notifications; other written submissions; informal briefings, visits; and other
means. In other words, we interact with our Congressional overseers virtually every day.
Third, NSA is directly accountable to the Foreign Intelligence Surveillance Court for those activities
conducted pursuant to FISA. The Court is comprised of eleven federal district judges appointed by the
Chief Justice of the U.S. Supreme Court. The FISC not only authorizes certain activities pursuant to FISA,
but it plays an active and constructive role in ensuring those activities are carried out appropriately. As I
noted earlier, it is evident that the manner in which NSA operates is just as important as the authority
under which it operates. The rules of the FISC, for example, reflect this commitment in that “[i]f the
government discovers that any authority or approval granted by the Court has been implemented in a
manner that did not comply with the Court’s authorization or approval or with applicable law,” the
government must “immediately” notify the Court. This obligation is one that NSA, together with our
partners at the Department of Justice, take seriously every single day.
2nc – PPD-28 solves
PPD-28 solves international criticism without constraining the US
Wittes 14 *senior fellow in Governance Studies at The Brookings Institution (Benjamin, “Obama's NSA
Speech Wasn't an Apology. It Was a Clever Defense”, New Republic 01/21/14,
http://www.newrepublic.com/article/116284/obamas-nsa-speech-wasnt-apology-it-was-cleverdefense)//GK
Before turning to the substance of the speech and the PPD, we should pause a moment and consider the very fact that the
President of
the United States has issued, in public, a policy directive on signals intelligence at all. For, indeed, the first notable
thing about the PDD is that it exists. My Brookings colleague Bruce Riedel, a longtime CIA veteran, focused on this—quite rightly, in my
view—in our event on Friday, saying that the document “is in my judgment unprecedented. In two hours, I couldn’t really check, but I don’t
think we’ve ever had a document like this that lays out the protocols and principles for American signals
intelligence collection.” Nor, I might add, do many other countries have public documents that lay out principles and doctrines of
surveillance permission and restraint. In other words, the mere fact of this document puts the United States in a very forward-leaning place
with respect to surveillance transparency—a place it was already coming to occupy with the big declassifications following the Snowden
disclosures. How
many of the countries that have been so quick to criticize US surveillance practices will
follow suit and issue their own formal documents spelling out what they do and what they do not do both with regard to their own citizens
and those of other countries? Obama begins the speech by situating his discussion of the NSA controversies against the activities of the Sons of
Liberty and Paul Revere in Boston in revolutionary times. “Throughout American history, intelligence has helped secure our country and our
freedoms,” he says. It is against this highly-favorable background—one in which intelligence is central to liberty, not in tension or at odds with
it—that Obama mentions the birth of NSA. Indeed, the entire first portion of the speech offers a strong defense of NSA and its intelligence
programs. While Obama acknowledges that intelligence gathering can be abused and has been abused, and while he reiterates that aspects of
the post-9/11 response “contradicted our values,” that is not the frame he uses for NSA’s current activities. To the contrary, when he came into
office, he reports, he had a “healthy skepticism towards our surveillance programs” and ordered that they be reviewed. But the biggest
problems had already been corrected “through a combination of action by the courts, increased congressional oversight, and adjustments by
the previous Administration.” So while in some cases, there were changes, “What I did not do is stop these programs wholesale—not only
because I felt that they made us more secure; but also because nothing in that initial review, and nothing that I have learned since, indicated
that our intelligence community has sought to violate the law or is cavalier about the civil liberties of their fellow citizens.” In what will surely be
one of the more important passages in the speech for many people in the intelligence community, Obama then says: To the contrary, in an
extraordinarily difficult job, one in which actions are second-guessed, success is unreported, and failure can be catastrophic, the men and
women of the intelligence community, including the NSA, consistently follow protocols designed to protect the privacy of ordinary people. They
are not abusing authorities in order to listen to your private phone calls, or read your emails. When mistakes are made—which is inevitable in
any large and complicated human enterprise—they correct those mistakes. Laboring in obscurity, often unable to discuss their work even with
family and friends, they know that if another 9/11 or massive cyber-attack occurs, they will be asked, by Congress and the media, why they
failed to connect the dots. With this statement, Obama squarely aligns himself with the intelligence community’s own central narrative of
recent events: Its activities are essential, the president says; its activities are lawful and non-abusive (mistakes notwithstanding); and the
community’s critics will hold it accountable for failures to connect the dots just as breezily as they now hold it accountable for the use of
available tools to connect those dots. That said, Obama goes on, we need changes. But Obama
is careful to describe the reasons
we need changes. It’s not to rein in an out of control intelligence community. It’s because “for our intelligence community to
be effective over the long haul, we must maintain the trust of the American people, and people around the
world.” These are confidence-building steps for an apparatus that is essentially law-abiding. And that brings
us to the changes that Obama announces—beginning with those in the PPD. The PPD is an exceedingly-clever document, one that
conveys and writes into policy a great deal of values without constraining a great deal of practice. It does this by, in
essence, using values-based statements as justifications for policies that already exist, at least de facto, for purely functional reasons. PPD-28
is long on rhetoric about how “all persons should be treated with dignity and respect, regardless of their
nationality or wherever they might reside, and [how] all persons have legitimate privacy interests in the
handling of their personal information.” It comes back to this theme over and over again. And the theme is genuinely important.
The United States is now on record as a formal matter of presidential policy announcing that it respects the
privacy of non-citizens abroad and takes that into account when it conducts espionage; it doesn’t just disseminate and retain
information about people willy nilly with no regard for the information’s importance relative to that material’s value to foreign intelligence.
That’s an amazing statement. But it actually does not require a revolution—or even much change—in intelligence affairs to
implement.
PPD 28 proves that surveillance has been curbed and overreach has been solved in the
squo
Litt, 15 [Robert S., second General Counsel of the Office of the Director of National Intelligence, U.S.
Intelligence Community Surveillance One Year After President Obama’s Address,
file:///C:/Users/Jonah/Downloads/3_NatlSecLJ_210-231_Litt.pdf] Schloss1
I began by noting the huge amount of private information that we all expose today, through social
media, e-commerce, and so on. But I acknowledged that government access to the same information
worries us more—with good reason—because of what the government could do with that information.
So I suggested we should address that problem directly. And in fact, I said, we can and do protect both
privacy and national security by a regime that not only puts limits on collection but also restricts access
to, and use of, the data we collect based on factors such as the sensitivity of the data, the volume of the
collection, how it was collected, and the reason for which it was collected, and that backs up those
restrictions with technological and human controls and auditing. This approach has largely been
effective. The information that has come out since my speech, both licitly and illicitly, has validated my
statement then: while there have been technological challenges and human error in our current signals
intelligence activities, there has been no systematic abuse or misuse akin to the very real illegalities and
abuses of the 1960s and 1970s.
Well, you may have noticed that my speech did not entirely put the public concerns to rest.
Questions have continued to be asked, and we’ve continued to address them. In particular, just over a year ago, President Obama gave
a speech about surveillance reform, and issued Presidential Policy Directive 28 (“PPD-28”). The President reaffirmed
the critical importance of signals intelligence activity to protect our national security and that of our
allies against terrorism and other threats. But he took note of the concerns that had been raised and
directed a number of reforms to “give the American people greater confidence that their rights are
being protected, even as our intelligence and law enforcement agencies maintain the tools they need to
keep us safe,” as well as to provide “ordinary citizens in other countries . . . confidence that the United States respects
their privacy, too.”2
The Intelligence Community has spent the year since the President’s speech implementing the reforms he set out, as
well as many of the recommendations of the Privacy and Civil Liberties Oversight Board (“PCLOB”) and the President’s Review
Group on Intelligence and Communications Technologies. And I’d note in passing that the PCLOB last week issued a report
finding that we have made substantial progress towards implementing the great majority of its
recommendations. We’ve consulted with privacy groups, industry, Congress, and foreign partners. In particular, we have a robust
ongoing dialogue with our European allies and partners about privacy and data protection. We’ve participated in a
wide variety of public events at which reform proposals have been discussed and debated. And yesterday, the Office of the Director of National
concrete steps we have taken so far, along with the actual agency
policies that implement some of those reforms.3 What I want to do today is drill down on what we have done in the last year,
Intelligence (“ODNI”) released a report detailing the
and in particular explain how we have responded to some of the concerns that have been raised in the last year and a half.
PPD 28 solves the perception of abuse caused by XO 12333
Litt, 15 [Robert S., second General Counsel of the Office of the Director of National Intelligence, U.S.
Intelligence Community Surveillance One Year After President Obama’s Address,
file:///C:/Users/Jonah/Downloads/3_NatlSecLJ_210-231_Litt.pdf] Schloss1
One persistent but mistaken charge in the wake of the leaks has been that our signals intelligence activity is
overly broad, that it is not adequately overseen and is subject to abuse—in short, that NSA “collects whatever it
wants.” This is and always has been a myth, but in addition to greater transparency we have taken a number of
concrete steps to reassure the public that we conduct signals intelligence activity only within the scope
of our legal authorities and applicable policy limits.
To begin with, in PPD-28, the President set out a number of important general principles that govern our
signals intelligence activity:
§ The collection of signals intelligence must be authorized by statute or Presidential authorization, and must be conducted
in accordance with the Constitution and law.
2015] U.S. Intelligence Community Surveillance 217
§ Privacy and civil liberties must be integral considerations in planning signals intelligence activities.
§ Signals intelligence will be collected only when there is a valid foreign intelligence or counterintelligence purpose.
§ We will not conduct signals intelligence activities for the purpose of suppressing criticism or dissent.
§ We will not use signals intelligence to disadvantage people based on their ethnicity, race, gender, sexual orientation or religion.
§ We will not use signals intelligence to afford a competitive commercial advantage to U.S. companies and business sectors.
§ Our signals intelligence activity must always be as tailored as feasible, taking into account the availability of other sources of information.
The President also directed that we set up processes to ensure that we adhere to these restrictions, and that we have
appropriate policy review of our signals intelligence collection. I
want to spend a little time now talking about what these processes are—how we try to ensure that signals intelligence is only collected in
appropriate circumstances. And you’ll forgive me if I get a bit down into the weeds on this, but I think this is important for people to
understand. To begin with, neither NSA nor any other intelligence agency decides on its own what to collect. Each year, the President sets the
nation’s highest priorities for foreign intelligence collection after an extensive, formal interagency process. Moreover, as
a result of PPD28, the rest of our intelligence priorities are now also reviewed and approved through a high-level
interagency policy process. Overall, this process ensures that all of our intelligence priorities are set by senior policymakers who are in
the best position to identify our foreign intelligence requirements, and that those policymakers take into account not only the potential
value of the intelligence collection but also the risks of that collection, including the risks to privacy, national economic
interests, and foreign relations.
The DNI then translates these priorities into the National Intelligence Priorities Framework, or “NIPF.” Our Intelligence Community Directive
(“ICD”) about the NIPF, ICD 204, which in corporates the requirements of PPD-28, is publicly available on ourwebsite.7 And while the NIPF itself
is classified, much of it is reflected annually in the DNI’s unclassified Worldwide Threat Assessment.
But the priorities in the NIPF are at a fairly high level of generality. They include topics such as the pursuit of nuclear and ballistic missile
capabilities by particular foreign adversaries, the effects of drug cartel corruption in Mexico, and human rights abuses in specific countries. And
they apply not just to signals intelligence, but to all intelligence activities. So how do the priorities in the NIPF get translated into actual signals
intelligence collection?
The organization that is responsible for doing this is called the National Signals Intelligence Committee, or “SIGCOM.” (We have acronyms
for everything.) It operates under the auspices of the Director of the NSA, who is designated
by Executive Order 12333 as what
we call the functional manager for signals intelligence, responsible for overseeing and coordinating
signals intelligence across the Intelligence Community under the oversight of the Secretary of Defense
and the DNI. The SIGCOM has representatives from all elements of the community and, as we fully implementPPD-28, also will have full
representation from other departments and agencies with a policy interest in signals intelligence.
All departments and agencies that are consumers of intelligence submit their requests for collection to the SIGCOM. The SIGCOM
reviews
those requests, ensures that they are consistent with the NIPF, and assigns them priorities using criteria
such as:
§ Can SIGINT provide useful information in this case?
Perhaps imagery or human sources are better or more cost effective sources of information to address the requirement.
§ How critical is this information need? If it is a high priority in the NIPF, it will most often be a high SIGINT priority.
§ What type of SIGINT could be used? NSA collects three types of signals intelligence: collection against foreign weapons systems (known as
“FISINT”), foreign communications (known as “COMINT”), and other foreign electronic signals such as radar (known as “ELINT”).
§ Is the collection as tailored as feasible? Should there be time, focus, or other limitations?
And our signals intelligence requirements process also requires explicit consideration of other factors, namely:
§ Is the target of the collection, or the methodology used to collect, particularly sensitive? If so, it will require review by senior policy makers.
§ Will the collection present an unwarranted risk to privacy and civil liberties, regardless of nationality? And . . .
§ Are additional dissemination and retention safeguards necessary to protect privacy or national security interests?
Finally, at the end of the process, a limited number of trained
NSA personnel take the priorities validated by the SIGCOM and research and identify specific selection terms, such as telephone numbers or
email addresses, that are expected to collect foreign intelligence responsive to these priorities. Any selector must be reviewed and approved by
two persons before it is entered into
NSA’s collection systems. Even then, however, whether and when actual collection takes place will depend in part on additional considerations
such as the availability of appropriate collection resources. And, of course, when collection is conducted pursuant to the Foreign Intelligence
Surveillance Act, NSA and other agencies must follow additional restrictions approved by the court.
So that’s how we ensure that signals intelligence collection targets reflect valid and important foreign intelligence needs. But, as is typically the
case with our signals intelligence activities, we don’t just set rules and processes at the front end; we also have mechanisms to ensure that we
are complying with those rules and processes.
Cabinet officials are required to validate their SIGINT requirements each year NSA checks signals intelligence
targets throughout the collection process to determine if they are actually providing valuable foreign intelligence
responsive to the priorities, and will stop collection against targets that are not. In addition, all selection terms are reviewed
by supervisors annually.
Based on a recommendation from the President’s Review Group, the DNI has established a new
mechanism to monitor the collection and dissemination of signals intelligence that is particularly
sensitive because of the nature of the target or the means of collection, to ensure that it is consistent
with the determinations of policymakers.
Finally, ODNI annually reviews the Intelligence Community’s allocation of resources against the NIPF priorities and the intelligence mission as a
whole. This review includes assessment so the value of all types of intelligence collection, including SIGINT, and looks both backward—how
successful have we been in achieving our goals?—and forward—what will we need in the future?—and helps ensure that our SIGINT resources
are applied to the most important national priorities.
The point I want to make with this perhaps excessively detailed description is that the Intelligence
Community does not 2015] U.S.
Intelligence Community Surveillance 221decide on its own which conversations to listen to, nor does it try to collect everything. Its
activities are focused on priorities set by policymakers, through a process that involves input from across the government, and that is overseen
both within NSA and by the ODNI and Department of Defense. The processes
put in place by PPD-28,which are described in the
report we issued yesterday,8 have further strengthened this oversight to ensure that our signals intelligence
activities are conducted for appropriate foreign intelligence purposes and with full consideration of the
risks of collection as well as the benefits.
AT: PRISM overreach
The NSA already implemented technical reforms to PRISM that prevent overreach
Sales, 14 - Associate Professor of Law, Syracuse University College of Law (Nathan, I/S: A Journal of Law
and Policy for the Information Society, “Domesticating Programmatic Surveillance: Some Thoughts on
the NSA Controversy” 10 ISJLP 523, Summer, lexis)
The second program--known as PRISM or section 702--uses court orders issued under section 702 of
FISA n18 to collect the content of certain international communications. In particular, the NSA targets
specific non-Americans who are reasonably believed to be located outside the country, and also engages
in bulk collection of some foreign-to-foreign communications that happen to be passing through
telecommunications infrastructure in the United States. n19 The FISA [*527] court does not approve
individual surveillance applications each time the NSA wishes to intercept these communications;
instead, it issues once-a-year blanket authorizations. n20 As detailed below, in 2011 the FISA court
struck down the program on constitutional and statutory grounds after the government disclosed that it
was inadvertently intercepting a significant number of communications involving Americans; n21 the
court later upheld the program when the NSA devised a technical solution that prevented such overcollection. n22
Zero incentive exists to expand PRISM – practicality prevents abuse
Lempert, 13 - Richard O. Lempert is a Visiting Fellow in Governance Studies at the Brookings Foundation
and the University of Michigan’s Eric Stein Distinguished University Professor of Law and Sociology
emeritus (“PRISM and Boundless Informant: Is NSA Surveillance a Threat?” 6/13,
http://www.brookings.edu/blogs/up-front/posts/2013/06/13-prism-boundless-informant-nsasurveillance-lempert
The protection most of us enjoy under PRISM may be more practical than legal. The amount of data that
can be collected limits the reach of the program. Not only is capturing too much information from
innocent Americans a waste of resources, but also suspicious communications can be lost in a forest of
irrelevant data. The NSA thus has powerful reasons to limit impermissible observations, at least where
there is no good reason to suspect Americans of terrorist involvements. Still we lack two bits of
information important in assessing this program. One is the fate of information pertaining to Americans
who should not have been observed in the first place. If this information is purged from all databases
except perhaps when the person is dangerous, erroneous capture is less of a concern than it otherwise
would be. Second, we don’t know how monitoring targets are determined or the number of targets
selected. To the extent that individuals, organizations and sites are targeted based on target-specific
concerns about the threats they pose, the net cast is likely to be narrow, and even if the reasons for
targeting do not rise to the level of legally cognizable probable cause, they tend in this direction. But if
targets are selected based on the impersonal outputs of other data mining efforts like the telephone
records that feed Boundless Informant, all bets are off. Depending on the algorithms used and the
degree to which they have been empirically validated, the net could be wide or narrow, and the
likelihood that a target would be involved in terrorism or that citizens would be swept into the net may
be great or small. Congress in overseeing PRISM should demand this information if it is not already
provided.
It is easy to be cynical about government and the respect that agencies show for the laws under which
they operate. Cynicism is fed by occasional scandals and by the more frequent pseudo-scandals which
make it appear that within the Beltway things are out of control. Having spent four years as a Division
Director at the National Science Foundation and three years as Chief Scientist in the Human Factors/
Behavioral Science Division of DHS’s Science and Technology Directorate, I am not cynical. Time and
again I have seen government employees seek to follow the law even when it seems silly and interferes
with their mission. When I joined DHS I was most surprised by the fierceness of efforts to comply with
the U.S. Privacy Act. At times interpretations of what the Act protected were so broad as to border on
the ridiculous, and costs were real: research projects with national security implications were delayed,
redesigned or even precluded because privacy officers, sometimes with little basis in the statute, felt
there was a risk that personally identifiable information (PII) would be impermissibly collected. The
absence of any reason to fear revelation or misuse made no difference. The strict scrutiny applied to
research that might involve PII is, to be sure, relaxed in front line operational settings like PRISM and
legal restrictions may differ, but my experience in two agencies as well as conversations with people in
the intelligence community (IC) lead me to believe that it is a mistake to regard as a sham the legal
restrictions on PRISM or other IC data mining and surveillance activities.
Through its PRISM and Boundless Informant efforts, NSA is working to protect the nation, apparently
with some success. The 99.9% of us who pose no threat of terrorism and do not inadvertently consort
with possible terrorists should not worry that the government will track our phone or internet
exchanges or that our privacy will be otherwise infringed.
1nc – Internet freedom
Corporate surveillance wrecks internet freedom
Schneier, 15, fellow at the Berkman Center for Internet and Society at Harvard Law School, a program
fellow at the New America Foundation's Open Technology Institute, a board member of the Electronic
Frontier Foundation, an Advisory Board Member of the Electronic Privacy Information Center, and the
Chief Technology Officer at Resilient Systems, Inc (Bruce, Data and Goliath: the Hidden Battles to Collect
Your Data and Control Your World, Ch. 6)//AK
Most of the big US defense contractors, such as Raytheon, Northrop Grumman, and Harris Corporation,
build cyberweapons for the US military. And many big IT companies help build surveillance centers
around the world. The French company Bull SA helped the Libyan government build its surveillance
center. Nigeria used the Israeli firm Elbit Systems. Syria used the German company Siemens, the Italian
company Area SpA, and others. The Gadhafi regime in Libya purchased telephone surveillance
technology from China’s ZTE and South Africa’s VASTech. We don’t know who built the Internet
surveillance systems used in Azerbaijan and Uzbekistan, but almost certainly some Western companies
helped them. There are few laws prohibiting this kind of technology transfer, and the ones that exist are
easily bypassed.
These are not only specially designed government eavesdropping systems; much government
surveillance infrastructure is built for corporate use. US-based Blue Coat sells monitoring and content
filtering systems for corporate networks, which are also used for government surveillance in countries
like Burma, China, Egypt, Indonesia, Nigeria, Qatar, Saudi Arabia, Turkey, and Venezuela. Netsweeper is
a Canadian corporate filtering product used for censorship by governments in Qatar, Yemen, the UAE,
Somalia, and Pakistan. Filtering software from the US company Fortinet is used to censor the Internet in
Burma; SmartFilter, from the US company McAfee and normally used in schools, helps the governments
of Tunisia and Iran censor the Internet in their countries. Commercial security equipment from the UK
company Sophos has been used by Syria and other oppressive regimes to surveil and arrest their
citizens.
Technology is value neutral. You can use your phone to call 911 or to plan a bank robbery. There’s no
technical difference between a government’s using a tool to identify criminals or using it to identify
dissidents. There’s no technical difference between corporate and government uses. Legitimate
corporate tools for blocking employees from e-mailing confidential data can be used by repressive
governments for surveillance and censorship. Conversely, the same anti-censorship tools that Saudi and
Iranian dissidents use to evade their governments can be used by criminals to distribute child porn.
Encryption allows the good guys to communicate without being eavesdropped on by the bad guys, and
also allows the bad guys to communicate without being eavesdropped on by the good guys. And the
same facial recognition technology that Disney uses in its theme parks to pick out photos its patrons
might want to buy as souvenirs can identify political protesters in China, and Occupy Wall Street
protesters in New York.
The OPM hack outweighs NSA’s effect on internet freedom
Wittes, 15 - editor in chief of Lawfare and a Senior Fellow in Governance Studies at the Brookings
Institution (Benjamin, “Turns Out Privacy Groups are Outraged About the OPM Hack—At Me” 6/18,
http://tinyurl.com/oz4kkog
Conversely, if you're a privacy group devoted to protecting the privacy of Americans, the OPM hack
should be unthinkable to ignore. It is, after all, a far bigger threat to the interests you are pledged to
protect than is any activity by your own government. You may have an argument for leaving Chinese
domestic collection to Chinese civil libertarians to restrain, but to the extent you don't speak up against
the bulk collection of the health records of kids of U.S. federal employees, you are tolerating an absurd
double standard in which anyone can ride roughshod over Americans' privacy except the United States
government.
Recall, moreover, that the whole theory of international outrage at NSA's behavior was that global
collection implicates some kind of international social contract, not just the relationship between
individuals and their own governments. Remember all that talk about the international right to privacy,
that idea—now embraced by the U.S. government—that U.S. collection must take into account the
privacy interests of foreigners overseas? U.S. privacy groups have had no trouble invoking the ICCPR to
restrain U.S. surveillance practices. Surely, surely, surely they are not more concerned about using the
ICCPR to "hold the US to account for its [surveillance] abuses"—as CDT recently put it—than they are in
that dcoument's restraining Chinese abuses against U.S. nationals.
To put it simply, whether you're a privacy group focused narrowly on the privacy interests of Americans
or a citizen of the world who believes that espionage must be conducted in general with a solicitude for
the privacy of all, the sort of collection reflected in this hack ought to be far more upsetting than NSA
collection under Section 702 or Executive Order 12333.
Violence is innate – the internet solves nothing
Elias, 12 – doctor in Sydney (Phillip, “Will humanity perish without the internet?” 1/19,
http://www.mercatornet.com/articles/view/will_humanity_perish_without_the_internet
The Wikipedian view of the past is the 21st century’s ‘Whig interpretation of history’: everything has
been building towards a world in which there is open, secure and free internet. Without this resource is
it any wonder that societies of the past were (relatively) despotic and cruel? It is easy to forget that
Wikipedians didn’t invent sharing, or honesty, or even freedom. Facebook didn’t invent friends. We
inherited all of these from the Dark Ages before the iPod was even a glint in Apple’s eye.
The new Encyclopaedists make the opposite mistake about the future. Inherent in their worldview is the
idea that setting up a system where information can be shared quickly, widely, and freely will somehow
eliminate corruption, greed and violence from the world. It is almost as though human foibles were
glitches in the software of society. But human vices can never be reduced to social viruses. They come
from deep within us and can find their way into the most scientific settings.
Do Wikipedians think themselves immune from the temptation to wield their power towards their own
ends?
Free access to information for everyone could be said to be the Wikipedian creed. It encapsulates the
Enlightenment values of liberty and equality. But, like the French terror of the 1790s, it neglects that
other ideal needed to give them gumption -- a genuine concern for other human beings.
But fraternité is not achieved by giving everyone more information, more freedom and more equality.
And it is what is so often lacking on the internet, on blogs, and in other forms of web communication.
Online interaction is so often vitriolic it is unreadable, and it is at its worst when the tech-savvy confront
each other. I have seen very few geeks who try to love their enemies.
Fraternité comes from empathising with others. This is difficult to learn online. But without it, how can
we understand the point of view of those who have different concepts of freedom or equality, or of
troglodytes who don’t blog, or of nematodes who don’t have access to the internet. Believe it or not,
there is a life offline and wisdom is wider than the web.
2nc - OPM hack
Chinese hacking is a greater threat than the NSA
Wittes, 15 - editor in chief of Lawfare and a Senior Fellow in Governance Studies at the Brookings
Institution (Benjamin, “Is the Privacy Community Focused on the Wrong Government?” Lawfare, 6/15,
http://www.lawfareblog.com/privacy-community-focused-wrong-government
A giant government surveillance program has scooped up sensitive personal information on literally
millions of Americans. The spying almost certainly includes the creation of digital dossiers on people. It is
apparently conducted without minimization requirements, without court orders, or legislative
oversight—indeed, without any publicly known rules. The dossiers include mental health information,
individuals' alcohol and drug histories, and people's past criminal histories; they include intimate
contacts, family networks and friends. They include social security numbers. It's everything civil
libertarians and privacy activists have been warning about for years.
Yet the privacy community is virtually silent. Look on the websites of the major privacy groups and you'll
see almost nothing about this program. Don't look for breathless coverage of it on the The Intercept
either.
The reason? This giant surveillance program isn't being run by the United States government. It's being
run against the U.S. government—by the Chinese government. And for some reason, even the grossest
of privacy violations—in this case the pilfering of millions of background investigations and personnel
records—just doesn't seem so bad when someone other than the United States is doing it.
For the record, I have no problem with the Chinese going after this kind of data. Espionage is a rough
business and the Chinese owe as little to the privacy rights of our citizens as our intelligence services do
to the employees of the Chinese government. It's our government's job to protect this material,
knowing it could be used to compromise, threaten, or injure its people—not the job of the People's
Liberation Army to forebear collection of material that may have real utility.
Yet I would have thought that privacy groups that take such strong views of the need to put limits on
American collection, even American collection overseas against non-U.S. persons, would look a little
askance at a foreign intelligence operation consisting of the bulk collection of the most highly-personal
information—an operation involving not only government employees but also those close to them.
You'd think this would raise someone's privacy hackles, if not mine.
Yet take a look at CDT's website. It's busy triumphing over the passage of the USA FREEDOM Act and,
ironically enough, worrying about the privacy implications of pending cybersecurity legislation. The
ACLU also responds to the news of the OPM breaches by criticizing cybersecurity legislation. EFF? Nope.
That group doesn't seem to mention the OPM hacks at all. The Intercept has one good story, but you'd
certainly never know how badly these hacks outmatch the NSA's most aggressive programs as threats to
Americans' privacy from reading the publication founded to pick the Snowden scab.
Why the difference? I'm really not sure how to explain it. One possibility is simply that privacy advocates
expect the Chinese to run roughshod over people's privacy, so they're not that outraged when the
Chinese go and do it. Another possibility is that they have such totally inflated expectations of the moral
purity of our own country's foreign intelligence activities that they become outraged when those
agencies behave like, well, intelligence agencies. Still another possibility, I suppose, is that they would
contend that this material, consisting of government records, is fair game. I could actually accept that
argument, except that I don't believe the same privacy groups would sit still for the bulk collection by
our own intelligence services of, say, all personnel records of the Chinese government.
To put the matter simply, there's a huge double-standard at play here. In the wake of this spate of
revelations, I'd like to hear some privacy advocate explain why I should continue to regard the world's
great threat to privacy as NSA.
2nc – internet solves nothing
Reject their ahistorical idealism – the internet accelerates the worst parts of humanity
Morozov, 2012– Contributing editor at The New Republic and author of two books ; has written for The
New York Times, The Economist, The Wall Street Journal, Financial Times, London Review of Books,
Times Literary Supplement (Evgeny, The Net Delusion: The Dark Side of Internet Freedom, p. 256)//TT
Even worse, the supposed lawlessness and networked anarchy enabled by the Internet have resulted in
greater social pressure to tame the Web. In a sense, the more important the Internet becomes, the
greater the onus to rein in its externalities. Promoting the freedom to connect will be a tricky proposal
to sell to voters, many of whom actually want the government to promote the freedom to disconnect—
at least for particular political and social groups. If the last decade is anything to judge by, the pressure
to regulate the Web is as likely to come from concerned parents, environmental groups, or various
ethnic and social minorities as it is from authoritarian governments. The truth is that many of the
opportunities created by a free-for-all anonymous Internet culture have been creatively exploited by
people and networks that undermine democracy. For instance, it’s almost certain that a Russian white
supremacist group that calls itself the Northern Brotherhood would have never existed in the preInternet era. It has managed to set up an online game in which participants—many of them leading a
comfortable middleclass existence—are asked to videotape their violent attacks on migrant guest
workers, share them on YouTube, and compete for cash awards.
Crime gangs in Mexico have also become big fans of the Internet. Not only do they use YouTube to
disseminate violent videos and promote a climate of fear, but they are also reportedly going through
social networking sites hunting for personal details of people to kidnap. It doesn’t help that the offspring
of Mexico’s upper classes are all interconnected on Facebook. Ghaleb Krame, a security expert at Alliant
International University in Mexico City, points out that “criminals can find out who are the family
members of someone who has a high rank in the police. Perhaps they don’t have an account on Twitter
or Facebook, but their children and close family probably do.” It’s hard to imagine Mexican police
officers becoming braver as a result. And social networking can also help to spread fear: In April 2010, a
series of Facebook messages warning of impending gang wars paralyzed life in Cuernavaca, a popular
resort, with only a few brave people daring to step outside (it proved to be a false alarm).
The leaders of al-Shabab (“The Lads”), Somalia’s most prominent Islamist insurgency group, use text
messaging to communicate with their subordinates, avoiding any face-to-face communication and the
risks it entails. It’s not a particularly contentious conclusion that they have become more effective—and
thus more of a menace—as a result.
Plenty of other less notorious (and less violent) cases of networked harm barely receive any global
attention. According to a 2010 report from the Convention on International Trade in Endangered
Species, an international intergovernmental organization, the Internet has created a new market for
trade in extinct species, allowing buyers and sellers to find each other more easily and trade more
effectively. Kaiser’s spotted newt, found only in Iran, may be the first real victim of the Twitter
Revolution. According to reports in the Independent, more than ten companies are selling wild-caught
specimens over the Internet. Not surprisingly, the newt’s population was reduced 80 percent between
2001 and 2005 alone.
Another informal market the Internet has boosted is organ trading. Desperate individuals in the
developing world are bypassing any intermediaries and are offering their organs directly to those who
are willing to pay up. Indonesians, for example, use a website called iklanoke.com, a local alternative to
Craigslist, where their postings usually go unmonitored by police. A typical ad from Iklanoke reads, “16year-old male selling a kidney for 350 million rupiah or in exchange for a Toyota Camry.”
Text messaging has been used to spread hate in Africa, most recently in Muslim-Christian squabbles that
erupted in the central Nigerian city of Jos in early 2010 that took the lives of more than three hundred
people. Human rights activists working in Jos identified at least 145 such messages. Some instructed the
recipients how to kill, dispose of, and burn bodies (“kill before they kill you. Dump them in a pit before
they dump you”); others spread rumors that triggered even more violence. According to Agence FrancePresse, one such message urged Christians to avoid food sold by Muslim hawkers, as it could have been
poisoned; another message claimed political leaders were planning to cut water supplies to dehydrate
members of one faith.
Two years earlier Kenya lived through an eerily similar tumultuous period. The political crisis that
followed Kenya’s disputed election that took place on December 27, 2007, showed that the networks
fostered by mobile technology, far from being “net goods,” could easily escalate into uncontrollable
violence. “If your neighbor is kykuyu, throw him out of his house. No one will hold you responsible,” said
a typical message sent at the peak of the violence; another one, also targeting Kykuyus, said, “Let’s wipe
out the Mt. Kenya mafia,” adding, “Kill 2, get 1 free.” But there was also a more disturbing effort by
some Kykuyus to use text messaging to first collect sensitive information about members of particular
ethnic groups and then distribute that information to attack and intimidate them. “The blood of
innocent Kykuyus will cease to flow! We will massacre them right here in the capital. In the name of
justice put down the names of all the Luos and Kaleos you know from work, your property, anywhere in
Nairobi, not forgetting where and how their children go to school. We will give you a number on where
to text these messages,” said one such message. At one point, the Kenyan authorities were considering
shutting down mobile networks to avoid any further escalation of violence (between 800 and 1,500
people died, and up to 250,000 were displaced).
Even though text messaging also proved instrumental in setting up a system that helped to track how
violence spread around Kenya—a success story that gained far more attention in the media—one can’t
just disregard the fact that text messaging also helped to mobilize hate. In fact, text messages full of
hatred and highly intimidating death threats kept haunting witnesses who agreed to testify to the highlevel Waki Commission set up to investigate the violence two years after the clashes. (“You are still a
young man and you are not supposed to die, but you betrayed our leader, so what we shall do to you is
just to kill you” was the text of a message received by one such witness.)
The bloody Uighur-Han clashes that took place in China’s Xinjiang Province in the summer of 2009 and
resulted in a ten-month ban on Internet communications appear to have been triggered by a
provocative article posted to the Internet forum www.sg169.com. Written by an angry twenty-threeyear-old who had been laid off by the Xuri Toy Factory in China’s Guangdong Province, 3,000 miles from
Xinjiang, the article asserted that “six Xinjiang boys raped two innocent girls at the Xuri Toy Factory.”
(China’s official media stated that the rape accusations were fake, and foreign journalists could not find
any evidence to substantiate such claims either.) Ten days later, the Uighur workers at the toy factory
were attacked by a group of angry Han people (two Uighurs were killed, and over a hundred were
injured). That confrontation, in turn, triggered even more rumors, many of which overstated the
number of people who had been killed, and the situation got further out of control soon thereafter, with
text messaging and phone calls helping to mobilize both sides (the authorities eventually turned off all
phone communications soon thereafter). A gruesome video that showed several Uighur workers being
beaten by a mob armed with metal pipes quickly went viral as well, only adding to the tensions.
Even countries with a long democratic tradition have not been sparred some of the SMS-terror. In 2005,
many Australians received text messages urging attacks on their fellow citizens of Lebanese descent
(“This Sunday every Fucking Aussie in the shire, get down to North Cronulla to help support Leb and wog
bashing day. . . . Bring your mates down and let’s show them this is our beach and they’re never
welcome back”), sparking major ethnic fights in an otherwise peaceful country. Ethnic Lebanese got
similar messages, only calling for attacks on non-Lebanese Australians. More recently, right-wing
extremists in the Czech Republic have been aggressively using text messaging to threaten local Roma
communities. Of course, even if text messaging had never been invented, neo-Nazis would still hate the
Roma with as much passion; to blame their racism on mobile phones would be yet another
manifestation of focusing on technology at the expense of political and social factors. But the ease,
scale, and speed of communications afforded by text messaging makes the brief and previously locally
contained outbursts of neo-Nazi anger resonate in ways that they could have never resonated in an era
marked by less connectedness.
Perhaps, the freedom to connect, at least in its current somewhat abstract interpretation, would be a
great policy priority in a democratic paradise, where citizens have long forgotten about hate, culture
wars, and ethnic prejudice. But such an oasis of tolerance simply does not exist. Even in Switzerland,
commonly held up as a paragon of decentralized democratic decision making and mutual respect, the
freedom to connect means that a rather small and marginalized fraction of the country’s population
managed to tap the power of the Internet to mobilize their fellow citizens to ban building new minarets
in the country. The movement was spearheaded by right-wing blogs and various groups on social
networking sites (many of them featuring extremely graphic posters—or “political Molotov cocktails,” as
Michael Kimmelman of the New York Times described them—suggesting Muslims are threatening
Switzerland, including one that showed minarets rising from the Swiss flag like missiles), and even
peace-loving Swiss voters could not resist succumbing to the populist networked discourse. Never
underestimate the power of Twitter and Photoshop in the hands of people mobilized by prejudice.
The internet is a global cesspool that reflects the worst of everyone
Barnhizer 13 - Professor Emeritus, Cleveland-Marshall College of Law (David, “Through a PRISM Darkly: Surveillance and Speech
Suppression in the “Post-Democracy Electronic State””, working paper, September 2013, p.27//DM)
Much of what is occurring has to do with the incredible expansion of our communications linkages and
technologies over the past twenty years. As the capabilities of the Internet have expanded and
penetrated our society the volume of “instant accusations” and criticisms has exploded. But the
Internet is not simply a communications and information acquisition system. The Internet has been
converted into a weapon for psychological warfare and propaganda (not to mention actual criminal
activity).64
The Internet-as-weapon has been refined into a tool for surveillance, persuasion and intimidation by
government, private business and political interests.65Everything anyone says electronically is now
captured and permanently stored--ready to be dredged up years later when it provides useful
ammunition against an opponent.66With blogs, e-mails, “tweets”, Facebook postings and the like
anything can suddenly “go viral” and be distributed to millions of people with no controls over truth,
accuracy, context or fairness. Such messages take on a permanent life and prove the classic observation
that you “can’t put the genie back in the bottle” (or toothpaste into the tube). Deliberate distortions,
lies and half-truths have become important elements of political strategy used by people for whom the
ends do justify the means, including many of our top political leaders.
Internet freedom inhibits rational policymaking
Morozov, 2012– Contributing editor at The New Republic and author of two books ; has written for The
New York Times, The Economist, The Wall Street Journal, Financial Times, London Review of Books,
Times Literary Supplement (Evgeny, The Net Delusion: The Dark Side of Internet Freedom, p. 266)//TT
As the Internet mediates more and more of our foreign policy, we are poised to surrender more and
more control over it. Of course, the era when diplomats could take the time to formulate deep and
extremely careful responses to events was already over with the arrival of the telegraph, which all but
killed the autonomy of the foreign corps. As far as thoughtful foreign policy is concerned, it’s all been
downhill from there. It’s hardly surprising that John Herz, the noted theorist of international relations,
observed in 1976 that “where formerly more leisurely but also cooler and more thoroughly thought-out
action was possible, one now must act or react immediately.”
The age of Internet politics deprives the diplomats of more than just autonomy. It’s also the end of
rational policymaking, as policymakers are bombarded with information they cannot process, while a
digitally mobilized global public demands an immediate response. Let’s not kid ourselves: Policymakers
cannot craft effective policies under the influence of blood-curling videos of Iranian protesters dying on
the pavement.
By 1992 George Kennan, the don of American diplomacy and author of the famous “Long Telegram”
from Moscow, which shaped much of American thinking during the Cold War and helped to articulate
the policy of containment, had come to believe that the media killed America’s ability to develop
rational foreign policy. Back then viral political videos were still the bread and butter of network
television. After he watched the gruesome footage of several dead U.S. Army rangers being dragged
through the streets of Mogadishu on CNN, Kennan made the following bitter note in his diary, soon
republished as an op-ed in the New York Times: “If American policy from here on out . . . is to be
controlled by popular emotional impulses, and particularly ones invoked by the commercial television
industry, then there is no place—not only for myself but for what have traditionally been regarded as
the responsible deliberative organs of our government, in both executive and legislative branches.”
Kennan’s words were soon seconded by Thomas Keenan, the director of the Human Rights Project at
Bard College, who believes that “the rational consideration of information, with a view to grounding
what one does in what one knows, now seems overtaken and displaced by emotion, and responses are
now somehow controlled or, better, remote-controlled by television images.”
Now that television images have been superseded by YouTube videos and angry tweets, the threshold
of intervention has dropped even lower. All it took to get the U.S. State Department to ask Twitter to
put off their maintenance was a high number of tweets of highly dubious provenance. When the whole
world expects us to react immediately—and the tweets are piling up in the diplomats’ in-boxes—we are
not likely to rely on history, or even our own experiences and earlier mistakes, but instead decide that
tweets + young Iranians holding mobile phones = a Twitter Revolution.
William Scheuerman, a political theorist who studies the role of speed in international affairs, is right to
worry that “the historical amnesia engendered by a speed-obsessed society invites propagandistic and
fictional retellings of the past, where political history is simply recounted to the direct advantage of
presently dominant political and economic groups.” Apparently, it’s also fictional retellings of the most
recent present that a speed-obsessed society should be concerned about. When facts no longer shape
their reactions, policymakers are likely to produce wrong responses.
The viral aspect of today’s Internet culture is hardly exerting a positive influence on diplomats’ ability to
think clearly. Back in the 1990s, many pundits and policymakers liked to denigrate (and a select few
worship) the so-called “CNN effect,” referring to the power of modern media to exert pressure on
decision makers by streaming images from the scene of a conflict, eventually forcing them to make
decisions they may not have otherwise made. CNN’s supposed—but mostly unproven—influence on
foreign policy in the 1990s could at least be justified by the fact that it was speaking on behalf of some
idealistic and even humanistic position; we knew who was behind CNN, and we knew what their (mostly
liberal) biases were.
The humanism of a bunch of Facebook groups is harder to verify. Who are these people, and what do
they want? Why are they urging us to interfere or withdraw from a given conflict? Where the optimists
see democratization of access, the realists may see the ultimate victory of special interests over agenda
setting. Governments, of course, are not stupid. They are also taking advantage of this tremendous new
opportunity to cover their own attempts to influence global public opinion in the cloth of vox populi,
either directly or through the work of proxies. Take Megaphone, a technology developed by a private
Israeli firm. It keeps track of various online polls and surveys, usually run by international newspapers
and magazines, that ask their readers questions about the future of the Middle East, Palestine, the
legitimacy of Israeli policies, etc. Whenever a new poll is found, the tool pings its users, urging them to
head to a given URL and cast a pro-Israel vote. Similarly, the tool also offers to help mass-email articles
favorable to Israel, with the objective of pushing such articles to the “most emailed” lists that are
available on many newspaper websites.
But it’s not only nimble guerilla-like Web experiments like Megaphone that are influencing global public
opinion. The truth is that Russia and China have created their own CNNs, which aim to project their own
take on the world news. Both have vibrant websites. As American and British news media are
experimenting with paywalls to remain afloat, it’s government-owned English-language media from
Russia and China that stand to benefit the most. They would even pay people to read them!
For all intents and purposes, navigating the new “democratized” public spaces created by the Internet is
extremely difficult. But it’s even more difficult to judge whether the segments that we happen to see are
representative of the entire population. It’s never been easier to mistake a few extremely
unrepresentative parts for the whole. This in part ex plains why our expectations about the
transformative power of the Internet in authoritarian states are so inflated and skewed toward
optimism: The people we usually hear from are those who are already on the frontlines of using new
media to push for democratic change in authoritarian societies. Somehow, the Chinese bloggers who
cover fashion, music, or pornography—even though those subjects are much more popular in the
Chinese blogosphere than human rights or rule of law—never make it to congressional hearings in
Washington.
The media is not helping either. Assuming they speak good English, those blogging for the Muslim
Brotherhood in Egypt may simply have no intention of helping BBC or CNN to produce yet another
report about the power of the blogosphere. That’s why the only power Western media cover is usually
secular, liberal, or pro-Western. Not surprisingly, they tell us what we wanted to hear all along: Bloggers
are fighting for secularism, liberalism, and Western-style democracy. This is why so many Western
politicians fall under the wrong impression that bloggers are natural allies, even harbingers, of
democracy. “If it’s true that there are more bloggers per head of population in Iran than any other
country in the world, that makes me optimistic about the future of Iran,” said then UK’s foreign minister,
David Miliband, while visiting Google’s headquarters. Why this should be the case—given that Iran’s
conservative bloggers, who are often more hard-line than the government and are anything but a force
for democracy, equality, and justice, are a formidable and rapidly expanding force in the Iranian
blogosphere—is unclear. Chances are that Miliband’s advisors simply never ventured beyond a handful
of pro-Western Iranian blogs that dominate much of the media coverage of the country. It’s hard to say
what Miliband would make of certain groups of Chinese nationalists who, when they’re not making antiWestern or anti-CNN videos, are busy translating books by Western philosophers like Leibniz and
Husserl.
Things get worse when Western policymakers start listening to bloggers in exile. Such bloggers often
have a grudge against their home country and are thus conditioned to portray all domestic politics as an
extension of their own struggle. Their livelihoods and careers often depend on important power brokers
in Washington, London, and Brussels making certain assumptions about the Internet. Many of them
have joined various new media NGOs or even created a few of their own; should the mainstream
assumptions about the power of blogging shift, many of these newly created NGOs are likely to go
under.
Not surprisingly, people who get grants to harness the power of the Internet to fight dictators are not
going to tell us that they are not succeeding. It’s as if we’ve produced a few million clones of Ahmed
Chala - bi, that notoriously misinformed Iraqi exile who gave a highly inaccurate picture of Iraq to those
who were willing to listen, and hired them to tell us how to fix their countries. Of course, the influence
of exiles on foreign policy is a problem that most governments have had to deal with in the past, but
bloggers, perhaps thanks to the inevitable comparisons to Soviet dissidents and the era of samizdat, are
often not subjected to the level of scrutiny they deserve.
1nc Internet freedom – at: democracy
Internet centrism and cyber-utopianism wrecks global democracy
Morozov, 2012– Contributing editor at The New Republic and author of two books ; has written for The
New York Times, The Economist, The Wall Street Journal, Financial Times, London Review of Books,
Times Literary Supplement (Evgeny, The Net Delusion: The Dark Side of Internet Freedom,
Introduction)//TT
To be truly effective, the West needs to do more than just cleanse itself of cyber-utopian bias and adopt
a more realist posture. When it comes to concrete steps to promote democracy, cyber-utopian
convictions often give rise to an equally flawed approach that I dub “Internetcentrism.” Unlike cyberutopianism, Internet-centrism is not a set of beliefs; rather, it’s a philosophy of action that informs how
decisions, including those that deal with democracy promotion, are made and how long-term strategies
are crafted. While cyber-utopianism stipulates what has to be done, Internet-centrism stipulates how it
should be done. Internet-centrists like to answer every question about democratic change by first
reframing it in terms of the Internet rather than the context in which that change is to occur. They are
often completely oblivious to the highly political nature of technology, especially the Internet, and like
to come up with strategies that assume that the logic of the Internet, which, in most cases, they are the
only ones to perceive, will shape every environment than it penetrates rather than vice versa.
While most utopians are Internet-centrists, the latter are not necessarily utopians. In fact, many of them
like to think of themselves as pragmatic individuals who have abandoned grand theorizing about utopia
in the name of achieving tangible results. Sometimes, they are even eager to acknowledge that it takes
more than bytes to foster, install, and consolidate a healthy democratic regime.
Their realistic convictions, however, rarely make up for their flawed methodology, which prioritizes the
tool over the environment, and, as such, is deaf to the social, cultural, and political subtleties and
indeterminacies. Internet-centrism is a highly disorienting drug; it ignores context and entraps
policymakers into believing that they have a useful and powerful ally on their side. Pushed to its
extreme, it leads to hubris, arrogance, and a false sense of confidence, all bolstered by the dangerous
illusion of having established effective command of the Internet. All too often, its practitioners fashion
themselves as possessing full mastery of their favorite tool, treating it as a stable and finalized
technology, oblivious to the numerous forces that are constantly reshaping the Internet— not all of
them for the better. Treating the Internet as a constant, they fail to see their own responsibility in
preserving its freedom and reining in the ever-powerful intermediaries, companies like Google and
Facebook.
As the Internet takes on an even greater role in the politics of both authoritarian and democratic states,
the pressure to forget the context and start with what the Internet allows will only grow. All by itself,
however, the Internet provides nothing certain. In fact, as has become obvious in too many contexts, it
empowers the strong and disempowers the weak. It is impossible to place the Internet at the heart of
the enterprise of democracy promotion without risking the success of that very enterprise.
The premise of this book is thus very simple: To salvage the Internet’s promise to aid the fight against
authoritarianism, those of us in the West who still care about the future of democracy will need to ditch
both cyber-utopianism and Internet-centrism. Currently, we start with a flawed set of assumptions
(cyber-utopianism) and act on them using a flawed, even crippled, methodology (Internet-centrism). The
result is what I call the Net Delusion. Pushed to the extreme, such logic is poised to have significant
global consequences that may risk undermining the very project of promoting democracy . It’s a folly
that the West could do without.
Instead, we’ll need to opt for policies informed by a realistic assessment of the risks and dangers posed
by the Internet, matched by a highly scrupulous and unbiased assessment of its promises, and a theory
of action that is highly sensitive to the local context, that is cognizant of the complex connections
between the Internet and the rest of foreign policymaking, and that originates not in what technology
allows but in what a certain geopolitical environment requires.
In a sense, giving in to cyber-utopianism and Internet-centrism is akin to agreeing to box blindfolded.
Sure, every now and then we may still strike some powerful blows against our authoritarian adversaries,
but in general this is a poor strategy if we want to win. The struggle against authoritarianism is too
important of a battle to fight with a voluntary intellectual handicap, even if that handicap allows us to
play with the latest fancy gadgets.
2nc – Internet freedom hurts democracy
Internet freedom wrecks democracy – information overload prevents stable
transitions
Morozov, 2012– Contributing editor at The New Republic and author of two books ; has written for The
New York Times, The Economist, The Wall Street Journal, Financial Times, London Review of Books,
Times Literary Supplement (Evgeny, The Net Delusion: The Dark Side of Internet Freedom, p. 271)//TT
It may be that what we gain in the ability to network and communicate, we lose in the inevitable
empowerment of angry online mobs, who are well-trained to throw “data grenades” at their victims.
This may be an acceptable consequence of promoting Internet freedom, but we’d better plan ahead and
think of ways in which we can protect the victims. It’s irresponsible to put people’s lives on the line
while hoping we can deal at some later point with the consequences of opening up all the networks and
databases.
That the excess of data can pose a danger to freedom and democracy as significant as (if not more
significant than) the lack of data has mostly been lost on those cheerleading for Internet freedom . This
is hardly surprising, for this may not be such an acute problem in liberal democracies, where the
dominant pluralist ideology, growing multiculturalism, and a strong rule of law mitigate the
consequences of the data deluge.
But most authoritarian or even transitional states do not have that luxury. Hoping that simply opening
up all the networks and uploading all the documents would make a transition to democracy easier or
more likely is just an illusion. If the sad experience of the 1990s has taught us anything, it’s that
successful transitions require a strong state and a relatively orderly public life. The Internet , so far, has
posed a major threat to both.
Internet freedom empowers anti-democratic forces more quickly
Morozov, 2012– Contributing editor at The New Republic and author of two books ; has written for The
New York Times, The Economist, The Wall Street Journal, Financial Times, London Review of Books,
Times Literary Supplement (Evgeny, The Net Delusion: The Dark Side of Internet Freedom, p. 261)//TT
All the recent chatter about how the Internet is breaking down institutions, barriers, and intermediaries
can make us oblivious to the fact that strong and well-functioning institutions, especially governments,
are essential to the preservation of freedom. Even if we assume that the Internet may facilitate the
toppling of authoritarian regimes, it does not necessarily follow that it would also facilitate the
consolidation of democracy. If anything, the fact that various antidemocratic forces— including
extremists, nationalists, and former elites—have suddenly gained a new platform to mobilize and spread
their gospel suggests that the consolidation of democracy may become harder rather than easier.
Concerns that the information revolution will weaken the nation state are not new. Arthur Schlesinger
Jr., the Pulitzer-winning historian who advised John F. Kennedy, foresaw where increasing
computerization might lead, if left unchecked, when he wrote in 1997: “The computer turns the
untrammeled market into a global juggernaut crashing across frontiers, enfeebling national powers of
taxation and regulation, undercutting national management of interest rates and exchanges rates,
widening disparities of wealth within and between nations, dragging down labor standards, degrading
the environment, denying nations the shaping of their own economic destiny, accountable to no one,
creating a world economy without a world polity.” Fortunately, things haven’t proved as dramatic as he
expected, but Schlesinger’s prophecy does point to the importance of thinking through what it is we
value about state institutions in the context of democratization and ensuring that the Internet does not
fully erode those qualities. While it’s tempting to use the Internet to cut off all the heads of the
authoritarian hydra, no one has yet succeeded in building a successful democracy with that dead hydra
(the state apparatus) still lying there. It’s then hardly surprising that those living in democracies may not
appreciate the fact that without a strong state any kind of journalism—regardless of whether it’s
performed by mainstream media or bloggers—is impossible.
As Silvio Waisbord, a scholar of press freedom at the George Washington University, points out: “‘the
state’ means functional mechanisms to institutionalize the rule of law, observe legislation to promote
access to information, facilitate viable and diversified economies to support mixed media systems,
ensure functional and independent tribunals that support ‘the public’s right to know,’ control corruption
inside and outside newsrooms, and stop violence against reporters, sources, and citizens.” If the cyberutopians believe their own rhetoric about crumbling institutions, they’ve got a major problem on their
hands, and yet they repeatedly refuse to engage with it.
Nowhere is this more evident than in countries like Afghanistan, where an already weak government is
made even weaker by various political, military, and social forces. We can continue celebrating the
potential role of the mobile phone in empowering Afghan women, but the Taliban has terrorized many
of the mobile networks into shutting down their services between certain hours of the day (avoiding
compliance with the Taliban’s demands is not an option; when some carriers tried that, the Taliban
responded by attacking cellphone towers and murdering their staff ). The Taliban doesn’t want to shut
the system down entirely—for they also use cellphones to communicate—but they still manage to show
who is in control and to dictate how technology should be used. Without a strong Afghan government,
the numerous empowerment opportunities associated with the mobile phone will never be realized.
Stephen Holmes, a professor of law at New York University, makes this point in an essay titled “How
Weak States Threaten Freedom” published in the American Prospect in 1997. Commenting on how
Russia was slowly disintegrating under the pressures of gangsterism and corrupt oligarchy, Holmes
explains what many Westerners have overlooked: “Russia’s politically disorganized society reminds us of
liberalism’s deep dependence on efficacious government. The idea that autonomous individuals can
enjoy their private liberties if they are simply left unpestered by the public power dissolves before the
disturbing realities of the new Russia.”
Internet enthusiasts often forget that if a government, even an authoritarian one, loses the ability to
exercise control over its population or territory, democracy is not necessarily inevitable. As tempting as
it is to imagine all authoritarian states as soulless Stalinist wastelands, where every single thing the
government does aims at restricting the freedom of the individual, this is a simplistic conception of
politics. Were the Russian or Chinese state bureaucracies to collapse tomorrow, it would not be pure
democracy that would replace them. It would probably be anarchy and possibly even ethnic strife. This
does not mean that either country is unreformable, but reforms can’t start by blowing up the state
apparatus first.
This is yet another one of those instances in which the peaceful transition to democracy in
postcommunist Eastern Europe was interpreted by the West as the ultimate proof that once a
government run by authoritarian crooks is out, something inherently democratic would inevitably
emerge in its place. The peaceful transition did happen, but it was the result of economic, cultural, and
political forces that were rather unique both to the region and to that particular moment in history. The
manner in which the transition took place was not predefined by some general law of nature, positing
that people always want democracy and, once all barriers are removed, it will necessarily triumph over
every single challenge. The utopian vision inherent in such views was on full display in 2003, when, after
the statue of Saddam Hussein was toppled in Baghdad, nothing even remotely resembling Eastern
European postcommunist democracy ever came to replace it. (Holmes, in another essay, vividly summed
up such reductionist views as “remove the lid and out leaps democracy.”)
The only thing worse than an authoritarian state is a failed one. The fact that the Internet empowers
and amplifies so many forces that impinge on citizen’s rights and hurt various minorities is likely to result
in more aggressive public demands for a stronger state to protect citizens from the lawlessness of
cyberspace. As child pornographers, criminal gangs, nationalists, and terrorists use the Internet to cause
more and more harm, the public’s patience will sooner or later run out. When Chinese netizens find
themselves targets of attacks by “human flesh search engines,” they are not waiting for Robin Hood to
come and protect them. They expect their otherwise authoritarian government to draft adequate
privacy laws and enforce them. Similarly, when corrupt Russian police officers leak databases containing
the personal details of many citizens, including their passport details and cell phone numbers, and these
databases resurface on commercial Internet sites, it hardly makes Russians celebrate the virtues of
limited government. Multiply the power of the Internet by the incompetence of a weakened state, and
what you get is a lot of anarchy and injustice. The reason why so many otherwise astute observers see
democracy where there is none is that they confuse the democratization of access to tools with the
democratization of society. But one does not necessarily lead to the other, especially in environments
where governments are too weak, too distracted, or too unwilling to mitigate the consequences of the
democratization of tool access. More and cheaper tools in the wrong hands can result in less, not more,
democracy.
It’s much like the perpetual debate about blogging versus journalism. Today anyone can blog because
the tools for producing and disseminating information are cheap. Yet giving everyone a blog will not by
itself increase the health of modern-day Western democracy; in fact, the possible side effects—the
disappearance of watchdogs, the end of serendipitous news discovery, the further polarization of
society—may not be the price worth paying for the still unclear virtues of the blogging revolution. (This
does not mean, of course, that a set of smart policies— implemented by the government or private
actors—won’t help to address those problems.) Why should it be different with the Internet and
politics? For all we know, many social ills may have become considerably worse since the dawn of social
media. We need to start looking at the totality of side effects, not just at the fact that the costs of being
a political activist have fallen so dramatically.
In debunking the “more access to technology = more democracy” fallacy, Gerald Doppelt, a professor of
philosophy at the University of California at San Diego, suggests some further issues we need to ponder.
“In order to evaluate the impact of any particular case of technical politics on the democratization of
technology and society,” writes Doppelt, “we need to ask who is this group of users challenging
technology, where do they stand in society, what have they been denied, and what is the ethical
significance of the technical change they seek for democratic ideals?” Without asking those questions,
even the sharpest observers of technology will keep circling around the paradoxical conclusion that the
blogging Al-Qaeda is good for democracy, because blogs have opened up new and cheap vistas for
public participation. Any theory of democracy that doesn’t go beyond the cost of mobilization as its only
criteria of democratization is a theory that policymakers would be well-advised to avoid, even more so
in the digital age, when many costs are plummeting across the board.
Not asking those questions would also prevent us from identifying the political consequences of such
democratization of access to technology. Only irresponsible pundits would advocate democratizing
access to guns in failed states. But the Internet, of course, has so many positive uses—some of which
promote freedom of expression—that the gun analogy is rarely invoked by anyone. The good uses,
however, do not always cancel out all the bad ones; if guns could also be used as megaphones, they
would still make good targets for regulation. The danger is that the colorful banner of Internet freedom
may further conceal the fact that the Internet is much more than the megaphone for democratic
speech, that its other uses can be extremely antidemocratic in nature, and that without addressing
those uses the very project of democracy promotion might be in great danger. The first prerequisite to
getting Internet freedom policy right is convincing its greatest advocates that the Internet is more
important and disruptive than they have previously theorized.
Internet freedom gives unlimited power to democratic enemies
Morozov, 2012– Contributing editor at The New Republic and author of two books ; has written for The
New York Times, The Economist, The Wall Street Journal, Financial Times, London Review of Books,
Times Literary Supplement (Evgeny, The Net Delusion: The Dark Side of Internet Freedom, p. 253)//TT
The problem is that the West began its quest for Internet freedom based on the mostly untested cyberutopian assumption that more connections and more networks necessarily lead to more freedom or
more democracy. In her Internet freedom address, Hillary Clinton spoke of the importance of promoting
what she dubbed a “freedom to connect,” saying that it’s “like the freedom of assembly, only in
cyberspace. It allows individuals to get online, come together, and hopefully cooperate. Once you’re on
the internet, you don’t need to be a tycoon or a rock star to have a huge impact on society.” The U.S.
State Department’s Alec Ross, one of the chief architects of Clinton’s Internet freedom policy, said that
“the very existence of social networks is a net good.”
But are social networks really goods to be treasured in themselves? After all, the mafia, prostitution and
gambling rings, and youth gangs are social networks, too, but no one would claim that their existence in
the physical world is a net good or that it shouldn’t be regulated. Ever since Mitch Kapor, one of the
founding fathers of cyber-utopianism, proclaimed that “life in cyberspace seems to be shaping up
exactly like Thomas Jefferson would have wanted: founded on the primacy of individual liberty and a
commitment to pluralism, diversity, and community” in 1993, many policymakers have been under the
impression that the only networks to find homes online would be those promoting peace and
prosperity. But Kapor hasn’t read his Jefferson closely enough, for the latter was well aware of the
antidemocratic spirit of many civil associations, writing that “the mobs of the great cities add just so
much to the support of pure government as sores do to the strength of the human body.” Jefferson,
apparently, was not persuaded by the absolute goodness of the “smart mobs,” a fancy term to describe
social groups that have been organized spontaneously, usually with the help of technology.
As Luke Allnut, an editor with Radio Free Europe, points out, “where the techno-utopianists are limited
in their vision is that in this great mass of Internet users all capable of great things in the name of
democracy, they see only a mirror image of themselves: progressive, philanthropic, cosmopolitan. They
don’t see the neo-Nazis, pedophiles, or genocidal maniacs who have networked, grown, and prospered
on the Internet.” The problem of treating all networks as good in themselves is that it allows
policymakers to ignore their political and social effects, delaying effective response to their otherwise
harmful activities. “Cooperation,” which seems to be the ultimate objective of Clinton’s network
building, is too ambiguous of a term to build meaningful policy around.
A brief look at history—for example, at the politics of Weimar Germany, where increased civic
engagement helped to delegitimize parliamentary democracy—would reveal that an increase in civic
activity does not necessarily deepen democracy. American history in the post Tocqueville era offers
plenty of similar cues as well. The Ku Klux Klan was also a social network, after all. As Ariel Armony, a
political scientist at Colby College in Maine, puts it, “civic involvement may. . . be linked to undemocratic
outcomes in state and society, the presence of a ‘vital society’ may fail to prevent outcomes inimical to
democracy, or it may contribute to such results.” It’s political and economic factors, rather than the ease
of forming associations, that primarily set the tone and the vector in which social networks contribute to
democratization; one would be naïve to believe that such factors would always favor democracy. For
example, if online social networking tools end up over empowering various nationalist elements within
China, it is quite obvious that the latter’s influence on the direction of China’s foreign policy will increase
as well. Given the rather peculiar relationship between nationalism, foreign policy, and government
legitimacy in China, such developments may not necessarily be particularly conducive to
democratization, especially if they lead to more confrontations with Taiwan or Japan.
Even Manuel Castells, a prominent Spanish sociologist and one of the most enthusiastic promoters of
the information society, has not been sold on the idea of just “letting a thousand networks bloom.” “The
Internet is indeed a technology of freedom,” writes Castells, “but it can make the powerful free to
oppress the uninformed” and “lead to the exclusion of the devalued by the conquerors of value.” Robert
Putnam, the famed American political theorist who lamented the sad state of social capital in America in
his best-selling Bowling Alone, also cautioned against the “kumbaja interpretation of social capital.”
“Networks and associated norms of reciprocity are generally good for those inside the network,” he
wrote, “but the external effects of social capital are by no means always positive.” From the perspective
of American foreign policy, social networks may, indeed, be net goods, but only as long as they don’t
include anyone hiding in the caves of Waziristan. When senator after senator deplores the fact that
YouTube has become a second home to Islamic terrorists, they hardly sound like absolute believers in
the inherent democratic nature of the networked world.
One can’t just limit the freedom to connect to the pro-Western nodes of the Web, and everyone—
including plenty of anti-Western nodes— stands to profit from the complex nature of the Internet.
When it comes to democracy promotion, one major problem with a networked society is that it has also
suddenly over empowered those who oppose the very process of democratization, be they the church,
former communists, or fringe political movements. As a result, it has become difficult to focus on getting
things done, for it’s not immediately obvious if the new, networked threats to democracy are more
ominous than the ones the West originally thought to fight. Have the nonstate enemies of democracy
been empowered to a greater degree than the previous enemy (i.e., the monolith authoritarian state)
has been disempowered? It certainly seems like a plausible scenario, at least in some cases; to assume
anything otherwise is to cling to an outdated conception of power that is incompatible with the
networked nature of the modern world. “People routinely praise the Internet for its decentralizing
tendencies. Decentralization and diffusion of power, however, is not the same thing as less power
exercised over human beings. Nor is it the same thing as democracy. . . . The fact that no one is in charge
does not mean that everyone is free,” writes Jack Balkin of Yale Law School. The authoritarian lion may
be dead, but now there are hundreds of hungry hyenas swirling around the body.
Internet freedom increases the risk of nationalistic groups
Morozov, 2012– Contributing editor at The New Republic and author of two books ; has written for The
New York Times, The Economist, The Wall Street Journal, Financial Times, London Review of Books,
Times Literary Supplement (Evgeny, The Net Delusion: The Dark Side of Internet Freedom, p. 247)//TT
The good news is that we are not rushing toward a globalized nirvana where everyone eats at
MacDonald’s and watches the same Hollywood films, as feared by some early critics of globalization.
The bad news is that, under the pressure of religious, nationalist, and cultural forces reignited by the
Internet, global politics is poised to become even more complex, contentious, and fragmented. While
many in the West view the Internet as offering an excellent opportunity to revive the least credible bits
of modernization theory—the once popular belief that, with some assistance, all developing societies
can reach a take-off point where they put their history, culture, and religion on hold and simply follow in
the policy steps of more developed nations—such ideas don’t have much basis in reality.
Egypt’s Muslim Brotherhood certainly does not perceive the Internet to be a tool of hypermodernization, because they reject the very project of hyper-modernization, at least as it is being
marketed by the neoliberal institutions that are propping up the Mubarak regime they oppose. And
although others have doubts about their vision for the future of Egypt and the Middle East in general,
the Brothers have nothing against using modern tools like the Internet to achieve it. After all, modern
technologies abet all revolutions, not just those that are decidedly pro-Western in character. Even such
a devout conservative as Ayatollah Khomeini did not shy away from using audiotapes to distribute his
sermons in the shah’s Iran. “We are struggling against autocracy, for democracy, by means of
xeroxracy,” was one of the numerous technology worshiping slogans adopted by the anti-shah
intelligentsia in the late 1970s. Had Twitter been around at the time, the anti-shah demonstrators would
surely be celebrating Twitterocracy. And even though the Islamic Republic did embrace many elements
of modernity—cloning, a vibrant legal market in organ donations, string theory, to name just a few areas
where contemporary Iran is far ahead of its peers in the Middle East—its politics and public life are still
shaped by religious discourse. It’s quite likely that a large chunk of both the West’s funds and its
attention will need to go toward mitigating the inevitable negative effects that Internet-powered
religion will have on world affairs. This is not a moral evaluation of religion: It has proved to be good for
democracy and freedom at some points in history, but history has also shown how pernicious its
influence can be.
A commitment to Internet freedom—or a combination of its various elements—may be the right and
inevitable moral choice the West needs to make (albeit with a thousand footnotes), but the West must
also understand that a freer Internet, by its very nature, may significantly change the rest of the agenda,
creating new problems and entrenching old ones. This doesn’t mean that the West should embark on an
ambitious global censorship campaign against the Internet. Rather, different countries require a
different combination of policies, some of them aimed at countering and mitigating the influence of
religion and other cultural forces and some of them amplifying their influence.
Smallpox Strikes Back
Nationalism, too, is going through a major revival on the Web. Members of displaced nations can find
each other online, and existing nationalist movements can delve into the freshly digitized national
archives to produce their own version of history. New Internet services often open up new venues for
contesting history. Nations are now arguing about whether Google Earth renders their borders in
accordance with their wishes. Syria and Israel continue battling about how the contested Golan Heights
territory should be listed in Facebook’s dropdown menus. Indian and Pakistan bloggers have been
competing to mark parts of the contested territory of Kashmir as belonging to either of the two
countries on Google Maps. The site had also been under attack for listing some Indian villages in the
Arunachal Pradesh province, on the Indian-Chinese border, under Chinese names and as belonging to
China. Cambodians, too, have been outraged by Google Earth’s decision to mark eleventh-century Preah
Vihear temple, ownership of which was awarded to Cambodia in a 1962 court ruling, as part of Thailand.
But such fights over the proper marking of digital assets aside, has the Internet reduced our prejudices
against other nations? Was Nicholas Negroponte, one of the intellectual fathers of cyber-utopianism,
correct when he predicted in 1995 that “[on the Internet] there will be no more room for nationalism
than there is for smallpox”? The evidence for such sweeping claims is thin. In fact, quite the opposite
may have happened. Now that South Koreans can observe their old enemies from Japan through a 24/7
digital panopticon, they are waging cyber-wars over such petty disputes as figure skating. Many of the
deeply rooted national prejudices cannot be cured by increased transparency alone; if anything, greater
exposure may only heighten them. Ask Nigerians how they feel about the entire world believing them to
be a nation of scammers who only use the Internet to inform us that a Nigerian chieftain was kind
enough to include us in his will. Perversely, it’s Nigerians themselves who—often quite willingly—use
the Internet to create and perpetuate stereotypes about their nation. Had Facebook and Twitter been
around in the early 1990s, when Yugoslavia was rapidly descending into madness, cyber-utopians like
Negroponte would have been surprised to see Facebook groups calling for Serbs, Croats, and Bosnians
to be exterminated popping up all over the Web.
Perhaps, nationalism and the Internet are something of natural allies. Anyone eager to satisfy their
nostalgia for the mighty Soviet, Eastern German, or Yugoslavian past can do so easily on YouTube and
eBay, basking in a plethora of historical memorabilia. But it’s not just memorabilia; historical facts, too,
can now be easily compiled and twisted to suit one’s own interpretation of history. Fringe literature
dealing with revisionist or outright racist interpretations of history used to be hard to find. Major
publishers would never touch such contentious material, and the independent publishers that took the
risk usually published only a handful of copies. That world of scarcity is no more: Even the most obscure
nationalistic texts, which previously could only be found in select public libraries, have been digitized by
their zealous fans and widely disseminated online. Thus, extreme Russian nationalists who believe that
the Great Ukrainian Hunger of 1933 was a myth or, at any rate, does not deserve to be called a
genocide, can now link to a number of always-available scanned texts, residing somewhere in the cloud,
that look extremely persuasive, even if historically incorrect.
And it’s not just myth-making based on frivolous interpretations of history that thrives online. The
Internet also abets many national groups in formulating legitimate claims against the titular nation. Take
the case of the Circassians, a once great nation scattered all over the Northern Caucasus. History was
not kind to them: The Circassian nattion was broken into numerous ethnic pieces that were eventually
crammed into Russia’s vast possessions in the Caucasus. Today, the Circassians make up titular nations
of three Russian federal subjects (Adygeya, Karachay-Cherkessia, and Kabardino-Balkaria) and, according
to the 2002 Russian population census, number 720,000 people. During the Soviet era, the Kremlin’s
strategy was to suppress Circassian nationalism at all costs; thus most Circassians were separated into
subgroups, depending on their dialect and place of residence, becoming Adygeys, Adygs, Cherkess,
Kabards, and Shapsugs. For much of the twentieth century, Circassian nationalism lay dormant, in part
because the Soviets banned any competing interpretations of what happened in the Russian-Circassian
war in the nineteenth century. Today, however, most of the scholarly and journalistic materials related
to the war have been scanned and uploaded to several Circassian websites, so that anyone can access
them. Not surprisingly, Circassian nationalism has been quite assertive of late. In 2010 a dedicated
website was set up to call on residents of the five nations to list themselves simply as “Circassians” in
Russia’s 2010 census, and an aggressive online campaign followed. “The internet seems to offer a lifeline
to Circassian activists in terms of rejuvenating their mass appeal,” notes Zeynel Abidin Besleney, an
expert on Circassian nationalism at the School of Oriental and African Studies at the University of
London.
Russia, with its eighty-nine federal subjects, has certainly more than one Circassian problem on its plate.
Tatars, the largest national minority in Russia, for a long time had to suffer under the policy of
Russification imposed by Moscow. Now their youngsters are turning to popular social networking sites
to set up online groups that focus on the issue of national Tatar revival. Not only do they use such
groups to watch new videos and share links to news and music, but they are also exposed to
information, often missing from Russia’s own media, about Tatar history and culture and the internal
politics of Tatarstan.
As the Circassian and the Tatar cases illustrate, thanks to the Internet many of the Soviet (and even
Tsarist) myths that seemed to tie the nation together no longer sound tenable, with many previously
captive nations beginning to rediscover their national identities. How Russia will keep its territorial
integrity in the long run—especially if more nations try to secede or at least to overcome artificial ethnic
divisions of the Soviet era—is anyone’s guess. Not surprisingly, the Kremlin’s ideologists like Konstantin
Rykov have begun emphasizing the need to use the Internet to tie the Russian nation together. At this
point, it’s impossible to tell what such increased contentiousness means for the future of democracy in
Russia, but it would take a giant dose of optimism to assume that, somehow, modern-state Russia would
simply choose to disintegrate as peacefully as the Soviet Union did and, more, that democracy would
prevail in all of its new parts. Developing an opinion about the long-term impact of the Internet on
Russian democracy would inevitably require asking—if not answering—tough questions about
nationalism, separatism, center-periphery relations, and so forth. (And not just in Russia: Similar
problems are also present in China and, to a lesser degree, Iran, which have sizable minorities of their
own.)
The influence of the diasporas—many of whom are not always composed of progressive and
democracy-loving individuals—is also poised to rise in an age when Skype facilitates so much of the
cultural traffic. Will some of that influence be positive and conducive to democratization? Perhaps, but
there will also surely be those who will try to stir things up or promote outdated norms and practices.
Thomas Hylland Eriksen, an anthropologist at the University of Oslo, notes that “sometimes, the elitesin-waiting use the Net to coordinate their takeover plans; sometimes diasporas actively support militant
and sometimes violent groups ‘at home,’ knowing that they themselves do not need to pay the price for
an increase in violence, remaining as they do comfortably in the peaceful diaspora.”
The problem with Internet freedom as a foundation for foreign policy is that in its simplification of
complex forces, it may actually make policymakers overlook their own interests. To assume that it’s in
the American, German, or British interest to simply let all ethnic minorities use the Internet to carve out
as much space as they can from the dominant nation, whether it is in Russia, China, or Iran (not to
mention much more complicated cases like Georgia), would simply be to badly misread their current
policies and objectives. One might argue that these are cunning policies, and it’s an argument worth
having. The first rather ambiguous articulation of Internet freedom policy by Hillary Clinton simply
preferred to gloss over the issue altogether, as if, once armed with one of the most powerful tools on
Earth, all nations would realize that, compared to YouTube, all those bloody wars they’ve been fighting
for centuries have been a gigantic waste of time. Finding a way to grapple with the effects of new,
digitally empowered nationalism is a formidable task for foreign policy professionals; one can only hope
that they won’t stop working on it even if the imperative to promote Internet freedom would divert
their time and attention elsewhere.
Internet Freedom – AT: human rights
The plan is discrimination against non-US persons under IHRL
Greene and Rodriguez 14 – David Greene is an EFF Senior Staff Attorney, and Katitza Rodriguez is an EEF
International Rights Director (David and Katitza, “NSA Mass Surveillance Programs - Unnecessary and
Disproportionate”, Electronic Frontier Foundation, May 29, 2014//DM)
US surveillance law violates the Principle of Illegitimacy because it involves unjustified discrimination
against non-US persons —providing less favorable standards to them than its own citizens . Human
rights law must protect “everyone,” meaning all human beings. As the Universal Declaration of Human
Rights has stated, ““All human beings are born free and equal in dignity and rights.” Indeed, everyone
must be entitled to equal protection under the law and the Constitution.
The domestic-only limit violates international human rights law
Greene and Rodriguez 14 – David Greene is an EFF Senior Staff Attorney, and Katitza Rodriguez is an EEF
International Rights Director (David and Katitza, “NSA Mass Surveillance Programs - Unnecessary and
Disproportionate”, Electronic Frontier Foundation, May 29, 2014//DM)
The US contends that its human rights treaty obligations under the ICCPR do not apply to its actions
abroad, a view that defeats the object and purpose of the treaty . The Human Rights Committee
rejected the United States' position and reiterated that the United States has an extraterritorial duty to
protect human rights—including the right to privacy —to its actions abroad regardless of the nationality
or location of the individuals.40 The United States asserts control over any data held by companies
based in the United States regardless of where the data may be physically stored. Thus, the US controls
data located outside the US, even as it argues that it is not responsible for any interference with privacy
that results.41
Given the extraordinary capabilities and programs of the US to monitor global communications, it is
essential that the protection of privacy applies extraterritorially to innocent persons whose
communications the NSA scans or collects. Without such protections, the object and purpose of the
United States' international human rights obligations—with regard to the right of privacy in borderless
global communications— would be defeated.42
1nc - Data Localization
Surveillance is a proxy for larger disputes with US internet hegemony – and the alt
causes matter more
Hill 14* Technology policy consultant at Monitor 360, fellow of the Global Governance Futures 2025
program at the Brookings Institution (Jonah, “THE GROWTH OF DATA LOCALIZATION POST-SNOWDEN:
ANALYSIS AND RECOMMENDATIONS FOR U.S. POLICYMAKERS AND BUSINESS LEADERS” p.19-20)//GK
Upon first glance, the preceding case studies present a consistent narrative: for the nations now
considering localization for data, the Snowden revelations exposed an NSA that had overstepped the
boundaries of acceptable surveillance, violated citizen privacy, and catalyzed public and government
opinion in favor of forceful action in response. For policymakers, data localization offers a seemingly
simple and effective solution. Under closer examination, however, a more complicated picture emerges. The
localization movement is in fact a complex and multilayered phenomenon, with the objective not only—or
even primarily—of protecting privacy. Depending on the country in which it is being advanced, localization also serves
to protect domestic businesses from foreign competition, to support domestic intelligence and law enforcement
ambitions, to suppress dissent and to stir up populist enthusiasms for narrow political ends. Direct evidence of
these other objectives for which privacy seems to be a pretext is by its nature difficult to uncover: rarely to policy-makers admit to seeking
protectionist goals, to spying on their populations, to suppressing dissent or to exploiting populist emotions. Yet, by viewing the localization
movement in the context of other state and corporate interests and activities, it is possible to uncover these other, less exalted ends. Powerful
business interests undoubtedly see data localization as an effective and convenient strategy for gaining a
competitive advantage in domestic IT markets long dominated by U.S. tech firms. To localization proponents of
this stripe, the NSA programs serve as a powerful and politically expedient excuse to pursue policies
protective of domestic businesses. As an illustration, data localization in Germany presents clear economic
benefits for a most powerful industry advocate for localization, Deutsche Telekom (DT). Whether by way
of its “email made in Germany” system or the Schengen area routing arrangement, DT looks poised to
gain from efforts to reduce the prominence of American tech firms in Europe. It is no wonder that the
company has been spearheading many of the localization proposals in that country. As
telecommunications law expert Susan Crawford has noted, DT has been seeking to expand its cloud
computing services for years, but has found its efforts to appeal to German consumers stifled by
competition from Google and other American firms. 79 T-Systems International GmbH, DT’s 29,000employee distribution arm for information-technology solutions, has been steadily losing money as a
result.80 Moreover, Crawford suggests that DT would not be content with gaining a greater share of the
German market; she points out that through a Schengen routing scheme, “Deutsche Telekom
undoubtedly thinks that it will be able to collect fees from network operators in other countries that
want their customers’ data to reach Deutsche Telekom’s customers.”81 Similarly, companies and their
allies in government in Brazil and India look to profit from data localization proposals. Indeed, the
governments of both nations have for years sought to cultivate their own domestic information
technology sectors, at times by protecting homegrown industries with import tariffs and preferential
taxation. Brazilian President Rousseff has on numerous occasions stated that her government intends to
make Brazil a regional technology and innovation leader; in recent years the government has proposed
measures to increase domestic Internet bandwidth production, expand international Internet
connectivity, encourage domestic content production, and promote the use of domestically produced
network equipment.82 India, more controversially, has at times required foreign corporations to enter
into joint ventures to sell e- commerce products, and has compelled foreign companies to transfer
proprietary technology to domestic firms after a predetermined amount of time.83 Brazil and India are,
of course, not alone in this respect. Indonesian firms are constructing domestic cloud service facilities with the help of
government grants, 84 while Korea is offering similar support to its own firms. For the governments and corporations of these
nations, long frustrated by their inability to develop a domestic IT industry that can compete on an even playing
field with the U.S. technology giants, data localization is one means to confront, and perhaps overcome, the
American Internet hegemony. 85
2nc – alt causes matter more
Localization is driven by the desire for surveillance and freedom from American
dependence
Hill 14* Technology policy consultant at Monitor 360, fellow of the Global Governance Futures 2025
program at the Brookings Institution (Jonah, “THE GROWTH OF DATA LOCALIZATION POST-SNOWDEN:
ANALYSIS AND RECOMMENDATIONS FOR U.S. POLICYMAKERS AND BUSINESS LEADERS” p.21-22)//GK
If a government already has a sophisticated communications surveillance capacity, it would not be surprising that that
it would want to enhance that capacity – certainly, that is what the United States has done. It would seem naïve to suppose that
other governments would act differently. Data localization in both German and India and elsewhere, would offer just such
enhancement, through two important intelligence functions. First, it allows domestic intelligence agencies to better
monitor domestic data by either forcing data to be stored in local servers (indeed, India has previously required two
international firms, Research in Motion and Nokia, to locate servers and data domestically91 for intelligence collection purposes), or by
requiring that data to be held by local firms over which domestic intelligence and law enforcement agencies may
have greater coercive power. Second, in light of the often-overlooked fact that many intelligence services, such as the
BND, cooperate with the NSA in a variety of information sharing programs,92 governments may view
localization as a tactic to gain additional bargaining power with the NSA in negotiations over how much
information the American spy agency will share.93 Moreover, domestic law enforcement agencies (to the extent
that, in most democratic countries, law enforcement is administratively and actually separate from intelligence services) surely have
reason to view data localization as a potentially valuable evidence gathering tool, useful in identifying and then
prosecuting conventional criminal activities. In connection with investigations and prosecutions, foreign law enforcement often complain that
the process by which they request data from U.S. firms (the rules of which are generally negotiated between the United
States and foreign governments and then ratified in a Mutual Legal Assistance Treaty) is slow and cumbersome, and that American
firms and the U.S. Justice Department are too often uncooperative. The President’s Review Group on Intelligence and
Communication Technologies estimated that the average time from request to delivery is 10 months, and sometimes years
pass before a response arrives.94 There is uncertainty about when data can be shared, with whom, and on what terms;
and it all happens with very little transparency.95 This process presents annoying and seemingly unjustified
interference to foreign law enforcement officials who want to apprehend criminals. The Brazilian government, for example,
has requested information from Google for several pending cases in the Brazilian Supreme Court, but has yet to receive it.96 Similarly, India has
often asked the U.S. to serve summonses upon Google, as well as on Facebook, Twitter, and others, for failing to prevent the dissemination of
speech prohibited under Indian Law, but has been rejected due to U.S. civil liberties sensibilities.97 Data
localization, for frustrated and
impatient law enforcement agencies and their political allies, looks like a straightforward mechanism to free themselves
from some of this bothersome dependence on Americans.
Data localization is motivated by external factors – surveillance is only a public excuse
Hill 14 - technology and international affairs consultant, formerly worked in the Office of the
Cybersecurity Coordinator on the National Security Staff at the White House (Jonah, “The Growth of
Data Localization Post-Snowden: Analysis and Recommendations for U.S. Policymakers and Business
Leaders”, Conference on the Future of Cyber Governance, 5/1/14)//DBI
The problem for U.S. tech companies is that there are actually a wide variety of forces and interest
groups driving the data localization movement, and many of these forces and groups have objectives
beyond the professed goals of data protection and counter-NSA surveillance. One can easily discern in
foreign governments’ interest in data localization a combination of anti-American populism , a desire
for greater ease of foreign (and domestic) surveillance , and a sense among policymakers and business
that the Snowden backlash presents an opportunity to cultivate domestic cloud and other tech services
industries, industries that have long been outcompeted by American tech companies in their home
markets— old-fashioned protectionism tailored for the digital age.
Technological leadership
1nc – tech leadership
Chinese technological leadership inevitable – not possible for the US to reclaim
Sharif 15 – Associate Professor in the Division of Social Science at the Hong Kong University of Science
and Technology (Naubahar, Global Technology Leadership: The Case of China, Hong Kong University of
Science and Technology Institute for Emerging Market Studies, February, http://iems.ust.hk/wpcontent/uploads/2015/02/IEMSWP2015-11.pdf)//JJ
However, such skepticism overlooks several important factors that have positioned China to compete
for global technological leadership . We see three distinct sources of competitive advantage that we
believe China will leverage in developing its capacity for technological innovation. One of these factors
— a large and rapidly growing domestic market — is no secret, while the other two — a firm
government hand in industrial policy and globalization — complement the first factor, market size, in
providing China with a path to global technological leadership. China’s rapidly growing domestic market
— now the second largest in the world — will continue to grow and is likely to surpass the US market
around 2020 . As market size is an important determinant of innovation activities, burgeoning demand
will drive Chinese companies to continuously advance their technological capabilities to profit from
successful innovation, providing a global advantage such as no other economy enjoys. In spite of China’s
openness to market forces, however, Beijing’s autocratic system of governance largely persists,
providing ample room for the Chinese government to enact and implement industrial and innovation
policy to enhance the technological capabilities of Chinese companies to an extent that mature Western
market - oriented economies and democratic governments cannot match . This represents the second
advantage we discuss here. Able to enact policy facing little or no opposition, Beijing can steer economic
development as it sees fit. Benefiting from 7 China’s so - called ‘indigenous innovation’ strategy, Chinese
companies enjoy government support of R&D, enabling them to develop technologies independently
and to own intellectual property rights. Large - scale government grants and low - interest loans from
state - owned banks under the framework of the indigenous innovation strategy provide Chinese firms
with strong incentives to become global technological leaders. Finally, intensified globalization will
continue to benefit Chinese companies in the coming decades, providing a third advantage in its drive to
become a worldwide force in technology . On the one hand, Chinese firms need not develop every
advanced technology on their own in a globalized world. Backed by the government’s ‘goglobal’
strategy, they can acquire such technologies through mergers and acquisitions abroad. On the other
hand, as the economy grows and indigenous companies move up the technological ladder, foreign
multinational corporations will be increasingly tempted, or perhaps feel compelled, to bring their
advanced products to China, eventually even patenting their cutting - edge techno ogies there. This will
in turn generate demonstration, labor mobility, and competition effects — or ‘spillovers’ — to benefit
local firms. With all these opportunities looming on the horizon, Chinese companies are sparing no
effort to seize them in an effort to possibly assume global leadership in technology and innovation.
After tracing the trajectory of global technological leadership as indicated in the economics and
innovation literature , we subsequently consider each of the three factors we have identified as
competitive advantages for China — market size, governmental power, and globalization — in greater
depth.
2nc – China alt cause
Alt cause to leadership – Chinese market share
Sharif 15 – Associate Professor in the Division of Social Science at the Hong Kong University of Science
and Technology (Naubahar, Global Technology Leadership: The Case of China, Hong Kong University of
Science and Technology Institute for Emerging Market Studies, February, http://iems.ust.hk/wpcontent/uploads/2015/02/IEMSWP2015-11.pdf)//JJ
Thus, China’s emergence as a rapidly growing major market offers it a unique advantage , one the likes
of which no nation other than the United States has hitherto enjoyed. As Chinese consumers’
expectations regarding price, quality, and features differ markedly from those of consumers in
developed economies, it is local Chinese firms (as opposed to foreign firms) who are best situated to
satisfy the singular tastes of the Chinese market. Chinese companies seeking global market share have
therefore accumulated both significant cash flow and considerable business experience (from their
efforts in the domestic Chinese market) that adds to their competitiveness. Additionally, the size and
speed of China’s market expansion allows local companies to move rapidly along the learning curve.
Many Chinese firms take advantage of the larger size of the Chinese market and increased opportunities
to interact with users expediting the speed with which new products are introduced to the market and
improved thereafter. Just as American firms achieved leadership in the production of nearly all major
raw materials by the end of the nineteenth century, so Chinese manufacturers today are leading
producers in seven of the twenty - two two - digit manufacturing sectors. Indeed, China leads the
world in producing the most steel , cement , automobiles , fertilizer , and more than 200 other
products .
Alt. cause to technological leadership – China
Sharif 15 – Associate Professor in the Division of Social Science at the Hong Kong University of Science
and Technology (Naubahar, Global Technology Leadership: The Case of China, Hong Kong University of
Science and Technology Institute for Emerging Market Studies, February, http://iems.ust.hk/wpcontent/uploads/2015/02/IEMSWP2015-11.pdf)//JJ
The United States and much of Western Europe have, however, been mired in economic turmoil and, in
some cases, political chaos since the Recession, although signs of steady improvement have begun to
emerge, especially in the United States. Still, investment by Western powers in education, research and
technology are either stagnating or on the decline. Meanwhile, China continues to strengthen its
innovation system ; the rate of spending on research and development (R&D) in China outpaces overall
economic growth. In terms of R&D intensity, in 201 3 China spent US$ 191 billion (current prices) or 2.08
per cent of its rapidly increasing GDP on R&D, placing it second only to the United States (in terms of
absolute amount of annual expenditure on R&D) ( Ministry of Science and Technology, 2014 ) .
Moreover, there were over 3.2 million R&D personnel in China in 2013. The rapid expansion of degree
production in China in science and engineering fields is particularly noteworthy as it is more than
double US levels . In 2010, science and engineering degrees represented 40 per cent of all new
university degrees awarded in China (compared with just 15 per cent in the United States). The yawning
gap is most evident in engineering, which represents nearly 30 per cent of all new university degrees
awarded in China, compared with just 6 per cent in the United States. In absolute terms, China’s science
and engineering doctorate production has gr own by an average of 18 per cent per year since 1998 (
thanks in part to a lower base level ) . By 2012, China’s S&E doctorate production had surpassed US
levels (National Science Foundation [NSF] 2014). 1 According to Thomson Reuters’ Science Citation
Index, for the period covering 2001 – 2011, China ranked second in the world in research output as
measured by number of papers published in research journals (Thomson Reuters 2011) . China also
ranked fifth in number of citations in 2013 and fourth in number of highly cited papers published in 2003
– 2013, which rank in the top 1 per cent by citations for field and year indexed in the Web of Science (
Institute of Scientific and Technical Information of China, 2013 ). In 201 3 , China trailed only the United
States and Japan in patent filings under the Patent Cooperation Treaty (PCT) administered by the World
Intellectual Property Office (World Intellectual Property Organization 201 4 ). Furthermore, in 201 3 ,
two large Chinese telecommunications equipment manufacturers, ZTE and Huawei Technologies, filed
2,309 and 2,094 patents, respectively, which ranked them second and third in the worldwide ranking of
top PCT patent applicants. At the US Patent and Trademark Office, the number of patent applications
originating in China grew 14 per cent from 2012 to 2013 alone, a rate that is higher than those of the
other top countries and regions (the United States, Japan, Germany, South Korea and Taiwan) (US
Patent and Trademark Office 2014 ).
1nc – cloud computing
NSA surveillance doesn’t undermine cloud computing
Henderson, 4/9/15 (Nicole, “Impact of NSA Surveillance on US Cloud Providers Not as Bad as We
Thought: Forrester” 4/9, http://www.thewhir.com/web-hosting-news/impact-nsa-surveillance-us-cloudproviders-not-bad-thought-forrester
It’s been two years since Edward Snowden leaked details of the NSA’s PRISM surveillance program, and
although analysts predicted an exodus from US-based cloud and hosting services in response to the
revelations, it hasn’t exactly worked out that way, a new report finds.
Forrester released a new report last week that suggests concerns around international customers
severing ties with US-based hosting and cloud companies “were overblown.”
“Lost revenue from spending on cloud services and platforms comes to just over $500 million between
2014 and 2016. While significant, these impacts are far less than speculated, as more companies
reported taking control of security and encryption instead of walking away from US providers,”
Forrester’s principal analyst serving security and risk professionals Edward Ferrara said in a blog post.
Snowden recently told a crowd of cloud and hosting providers that use of encryption is growing, and
encrypted traffic has doubled since 2013.
In 2013, Forrester predicted that US cloud providers cloud lose up to $180 billion in business by 2016
due to concerns around the scope of NSA’s PRISM program.
According to NextGov, Forrester finds that 26 percent of enterprises based in Asia Pacific, Canada,
Europe and Latin America have stopped or reduced their spending with US-based firms for Internetbased services. Thirty-four percent said these concerns were related to fears of US surveillance, while
others said they want to support businesses in their own country, or data sovereignty rules prevent
them from storing data abroad.
Forrester surveyed more than 3,000 businesses between June and July 2014.
More than half of respondents said that they did not trust US-based outsourcers to handle sensitive
information, with only 8 percent reporting to trust their company’s intellectual property with a USbased outsourced company.
Ninety-percent of decision-makers have taken steps to encrypt their data, according to the report.
Cloud computing not feasible – security hurdles
Xiao and Chen 15 – *professor at the Department of Software Engineering at Hainan Software
Profession Institute AND **Assistant Professor in Operations Management at New York University, PhD
(Ziqian and Jingyou, Cloud Computing Security Issues and Countermeasures, Proceedings of the 4th
International Conference on Computer Engineering and Networks p. 731-737, 2015,
http://link.springer.com/chapter/10.1007/978-3-319-11104-9_85)//JJ
Cloud Computing Security Challenges
New Risks Brought by Virtual Technologies
Virtualization brings new risks mainly in the virtual machine being abused , the virtual machine escape ,
and multi-tenant isolation between the failures of security policy migration of virtual machines.
Shared Data Security Environment
Under the cloud service model, users are very worried about whether the data stored in the service
provider will be compromised , tampered , or lost . Man-made threats facing the user data mainly come
from service providers , hackers , malicious neighboring tenants , and subsequent tenants.
Cloud Platform Application Security
There are some application security problems existing in Cloud Computing Services, no matter Saas,
Paas or Iaas, mainly including three categories. The first one is the malicious program review . The
second one is the application interface security . The third one is code and test safety .
Authentication and Access Control in the Cloud Service Model
Under the cloud service model, user authentication and access control face new challenges, for
example, the authentication and authorization of massive users, the rational division of access rights,
and the management of accounts, passwords, and keys. In dealing with massive users’ changeable
business and their identification, the cloud service providers need to fully automate users’
authentication and access management.
Cloud computing improvements now – new tech and legal measures
Rubinstein and Hoboken 14 – *Senior Fellow at the Information Law Institute (ILI) and NYU School of
Law, AND **Microsoft Research Fellow in the Information Law Institute at New York University, PhD
from the University of Amsterdam (Ira and Joris Van, PRIVACY AND SECURITY IN THE CLOUD: SOME
REALISM ABOUT TECHNICAL SOLUTIONS TO TRANSNATIONAL SURVEILLANCE IN THE POST- SNOWDEN
ERA, 66 Maine L. Rev. 488, September 2014, http://ssrn.com/abstract=2443604)//JJ
High-security demanding customers such as government agencies and corporate and organizational
users with particularly strict demands for information security are likely to drive these market
responses.214 Customers will insist upon better guarantees of security and confidentiality and may
refuse to do business with popular, U.S.-based cloud services subject to far-reaching government
surveillance powers. Indeed, they may be barred from doing so under new proposals in Europe and
elsewhere requiring their citizens to rely on local cloud services.215 In the market for individual users of
cloud resources, there may generally be an increasing demand for better security and privacy safeguards
as a result of the widely discussed examples of mass surveillance of online interactions and
communication. In addition, law and regulation may increasingly require that certain types of
disproportionate lawful access to cloud data be excluded if cloud providers want unrestricted access to
the market.
Are these measures likely to be effective against intelligence agencies with the skills and resources of
NSA or GCHQ? The answer depends on a variety of factors, which will be discussed further in this
Section. One thing is clear: the range of technical solutions described in Part III is not binary, and recent
announcements of ‘NSA-proof’ services seem highly oversimplified.
A better way of framing this topic is to ask a series of more nuanced questions as follows: First, can
technological and organizational design of services help to protect against backdoor access of data in the
cloud? Second, and related, can the cloud industry help to prevent bulk and dragnet access to the data
of their customers? Third, to what extent can the technical and organizational design of cloud services
help to shape lawful access dynamics, such as where and how lawful access takes place (i.e., which
entity and in which geographical location)? And, finally, to what extent can government agencies armed
with surveillance orders counter the design choices of industry players when new technologies
undermine lawful access to data in the cloud the government is seeking?
Based on the analysis outlined herein, the first question should be answered positively. As cloud services
roll out new security and encryption measures with the goal of preventing bulk data collection by
surreptitious means, this will undoubtedly interfere with large scale intelligence gathering, such as the
interception of client-server and server-server data streams . Firms like Google, Microsoft, Yahoo, and
Facebook have already begun to implement well-established techniques such as TLS/SSL and perfect
forward secrecy, just as various security organizations have begun to review how they develop
cryptographic standards.216 At the end of the day, the protection against backdoor access is also a
matter of resources, however. Certain technological solutions may prevent effective bulk collection
through specific intelligence programs, but intelligence agencies could in turn deploy targeted
intelligence operations to undo some of these protections implemented by cloud services.
The second question, which concerns the possibility of cloud firms preventing dragnet surveillance,
cannot generally be answered affirmatively. Technological design may have some impact on front-door
collection but where surveillance regimes like Section 702 of the FAA authorize large scale transnational
surveillance directed at cloud services, industry has limited options. It may oppose orders in court, or it
may take a public stance to the effect that certain types of lawful access should not be legally
permissible under current statutes and strive for legal reforms that would enhance the privacy interests
of cloud customers.218
The third question must be answered positively also, at least in theory. Technological and organizational
design of services can help to shape lawful access dynamics and could be used precisely to do so. While
few cloud services have actively implemented privacy-preserving encryption protocols, there is reason
to believe that this is changing . As discussed in the previous section, both the cloud industry and the
Internet security engineering community have taken the first steps towards implementing technical
and organizational measures to shape the lawful access dynamics induced by the use of their services
and further innovations may be anticipated. The extent to which local jurisdictions may force
multinational cloud service providers to comply with domestic laws notwithstanding these new security
measures remains a particularly hotly debated issue.
2nc – surveillance not hurt cloud
No significant impact on cloud computing
Weise, 4/7/15 (Elizabeth, “PRISM revelations didn't hit U.S. cloud computing as hard as expected” 4/7,
http://americasmarkets.usatoday.com/2015/04/07/prism-revelations-didnt-hit-u-s-cloud-computing-ashard-as-expected/
When Edward Snowden revealed the extent of the U.S. National Security Agency’s PRISM spying
program, there were concerns that American cloud, hosting and outsourcing businesses would lose
customers running to non-U.S.-based companies safe from NSA’s prying eyes.
“The assertion was that this would be a death blow to U.S. firms trying to operating in Europe and Asia,”
said Forrester Research analyst Ed Ferrara.
But two recent reports from Forrester find it was less catastrophic than expected.
That’s good news for companies like Box (BOX), DropBox and others that make their money by selling
U.S.-based data storage.
Forrester had originally predicted U.S. companies could lose as much as $180 billion in sales.
Instead, just 29% of technology decision-makers in Asia, Canada, Europe and Latin America halted or
reduced spending with U.S.-based firms offering Internet-based services due to the PRISM scandal,
Forrester’s Business Technographics Global Infrastructure Survey for 2014 found
“It’s a relatively small amount of data,” Ferrara said.
That’s because most of the companies didn’t need to move all their data, much of which was stored inhouse. Instead, only 33% of the data held by that 29% of companies was at a third-party data center or
in a cloud system.
Forrester believes the overall loss to U.S. cloud providers for 2015 will be about $15 billion and in 2016,
$12 billion, a far cry from projections that were ten times that a year ago.
Forrester also found that companies are looking at other ways to protect the integrity of their data, not
just from the NSA but also from surveillance by other nations.
Chief among them was encryption. Eighty-four percent of the companies said they’re using various
encryption methods to protect sensitive material.
The survey’s definition of cloud providers is broad, and includes both platform as a service,
infrastructure as a service and software as a service companies, said Ferrara.
2nc - cloud not feasible
Tons of alt. causes to cloud computing –
Castro and McQuinn 15 – * Vice President of the Information Technology and Innovation Foundation
and Director of the Center for Data Innovation, B.S. in Foreign Service from Georgetown University and
an M.S. in Information Security Technology and Management from Carnegie Mellon University, AND **
Research Assistant with the Information Technology and Innovation Foundation, B.S. in Public Relations
and Political Communications from the University of Texas (Daniel and Alan, Beyond the USA Freedom
Act: How U.S. Surveillance Still Subverts U.S. Competitiveness, Information Technology and Innovation
Foundation, June 2015, http://www2.itif.org/2015-beyond-usa-freedomact.pdf?_ga=1.33178294.940386433.1435342104)//JJ
In the short term, U.S. companies lose out on contracts, and over the long term, other countries create
protectionist policies that lock U.S. businesses out of foreign markets. This not only hurt s U.S.
technology companies, but costs American jobs and weakens the U.S. trade balance. To reverse this
b
opposing any government efforts to
Strengthen U.S. mutual legal assistance
treaties
establish international legal standards
Complete trade agreements like the Trans Pacific Partnership that ban digital protectionism, and
pressure nations that seek to erect protectionist barriers to abandon those efforts .
Cloud computing not feasible – security hurdles
Xiao and Chen 15 – *professor at the Department of Software Engineering at Hainan Software
Profession Institute AND **Assistant Professor in Operations Management at New York University, PhD
(Ziqian and Jingyou, Cloud Computing Security Issues and Countermeasures, Proceedings of the 4th
International Conference on Computer Engineering and Networks p. 731-737, 2015,
http://link.springer.com/chapter/10.1007/978-3-319-11104-9_85)//JJ
Cloud Computing Security Challenges
New Risks Brought by Virtual Technologies
Virtualization brings new risks mainly in the virtual machine being abused , the virtual machine escape ,
and multi-tenant isolation between the failures of security policy migration of virtual machines.
Shared Data Security Environment
Under the cloud service model, users are very worried about whether the data stored in the service
provider will be compromised , tampered , or lost . Man-made threats facing the user data mainly come
from service providers , hackers , malicious neighboring tenants , and subsequent tenants.
Cloud Platform Application Security
There are some application security problems existing in Cloud Computing Services, no matter Saas,
Paas or Iaas, mainly including three categories. The first one is the malicious program review . The
second one is the application interface security . The third one is code and test safety .
Authentication and Access Control in the Cloud Service Model
Under the cloud service model, user authentication and access control face new challenges, for
example, the authentication and authorization of massive users, the rational division of access rights,
and the management of accounts, passwords, and keys. In dealing with massive users’ changeable
business and their identification, the cloud service providers need to fully automate users’
authentication and access management.
2nc – Squo solves
New protection standards and tech solve
Rubinstein and Hoboken 14 – *Senior Fellow at the Information Law Institute (ILI) and NYU School of
Law, AND **Microsoft Research Fellow in the Information Law Institute at New York University, PhD
from the University of Amsterdam (Ira and Joris Van, PRIVACY AND SECURITY IN THE CLOUD: SOME
REALISM ABOUT TECHNICAL SOLUTIONS TO TRANSNATIONAL SURVEILLANCE IN THE POST- SNOWDEN
ERA, 66 Maine L. Rev. 488, September 2014, http://ssrn.com/abstract=2443604)//JJ
V. CONCLUSION
This Article describes and places in a legal perspective the cloud industry’s technological responses to
the revelations about ongoing transnational surveillance. By focusing on industry responses and
exploring the ways in which the technological design of cloud services could further address surveillance
concerns, we provide insights into the prospects of these services shaping lawful government access to
the cloud. This intersection of service design, on the one hand, and government demands for access to
data, on the other hand, signals a dynamic new chapter in the ongoing debate between industry and
governments about the possibility and conditions of secure and privacy-friendly information and
communications technologies (ICTs) for global markets.
In particular, we have shown that it is helpful to distinguish between front-door and backdoor access to
data in the cloud. Our analysis of industry responses has shown the cloud industry is moving quickly to
address interception of their customers’ data without their knowledge or involvement by adopting
technological solutions that limit lawful access (as far as possible) to legal processes directed at the
cloud service itself and/or its customers. Many of these measures could have been implemented much
earlier on. They are now becoming industry norms . Industry standards like SSL/TLS and HTTPS, together
with a new generation of PETs offering “end-to-end” protection, can be effective tools in preventing
bulk acquisition through the targeting of the worldwide communications infrastructure.
In short, technologies can help the industry shape lawful access even though they do not change the
legal framework, nor do they overcome the lack of progress in reforming existing legal authorities
( such as Section 702 of the FAA ) to confine lawful access to the front-door of service providers. We
expect that this lack of progress—with respect to transnational legal guarantees of privacy and
information security, not only in the U.S. but also elsewhere—will be a strong driver for the wider
adoption of more robust and comprehensive privacy technologies in the cloud service context. And we
argue that under current conditions, the U.S. cloud industry will increasingly rely on technologies to
‘regulate’ government data access in an effort to enhance the privacy and information security
protections of their foreign customers.
This raises the pertinent question of how the U.S. government may respond to increased resilience of
cloud services against lawful surveillance. While FISA and ECPA allow government agencies to obtain
orders that ensure the cooperation of providers notwithstanding strong technological protections,
existing law does not allow for unlimited bargaining room. Most of the services in question are not
subject to CALEA obligations and an extension of CALEA seems neither warranted nor politically feasible
under present conditions. Moreover, most of these services have responded to the Snowden revelations
by implementing stronger privacy protections (and even some advanced cryptographic protocols). No
doubt they await the outcome of the ongoing litigation in the Lavabit case, which may clarify the
government’s power to compel a service to break its security model in response to a valid surveillance
order. However, the Lavabit case does not yet present a scenario in which a service’s use of advanced
cryptography makes it impossible to comply with a surveillance order by furnishing unencrypted data.
2014] PRIVACY AND SECURITY IN THE CLOUD 533 A U.S. government win in the Lavabit case may
therefore be little more than a pyrrhic victory, for it could simply further incentivize industry to adopt
even stronger technological solutions against surveillance, including both actively implemented and
client-side encryption protocols preserving privacy in the cloud .
Encryption solves – major companies prove
Rubinstein and Hoboken 14 – *Senior Fellow at the Information Law Institute (ILI) and NYU School of
Law, AND **Microsoft Research Fellow in the Information Law Institute at New York University, PhD
from the University of Amsterdam (Ira and Joris Van, PRIVACY AND SECURITY IN THE CLOUD: SOME
REALISM ABOUT TECHNICAL SOLUTIONS TO TRANSNATIONAL SURVEILLANCE IN THE POST- SNOWDEN
ERA, 66 Maine L. Rev. 488, September 2014, http://ssrn.com/abstract=2443604)//JJ
It is hardly surprising, then, that cloud firms like Microsoft have started taking steps to ensure that
governments use legal process rather than “technological brute force to access customer data.”
engineering effort to strengthen the encryption of customer data across [its] networks and services.”159
This matches similar activity of Google, which had started to encrypt data more comprehensively even
before the specific revelations about the MUSCULAR program.160 As a Google security engineer
explained shortly after these revelations, “the traffic shown in the [MUSCULAR] slides below is now all
encrypted and the work the NSA/GCHQ (U.K. Government Communications Headquarters) staff did on
understanding it, ruined .”161 Finally, Yahoo has announced it will “[e]ncrypt all information that moves
between [its] data centers by the end of Q1 2014.” The encryption measures discussed above could
help the cloud industry to counteract programs like MUSCULAR and UPSTREAM, which rely on the bulk
collection of data by targeting communication links and the telecommunications infrastructure. Of
course, this assumes that the NSA does not seek to undermine these protections by relying on security
weaknesses in the implementation or use of SSL or the underlying encryption 158 Microsoft recently
announced “a comprehensive algorithms.
2nc – at: https encryption
HTTPS encryption protocols fail –
Rubinstein and Hoboken 14 – *Senior Fellow at the Information Law Institute (ILI) and
NYU School of Law, AND **Microsoft Research Fellow in the Information Law Institute
at New York University, PhD from the University of Amsterdam (Ira and Joris Van,
PRIVACY AND SECURITY IN THE CLOUD: SOME REALISM ABOUT TECHNICAL SOLUTIONS
TO TRANSNATIONAL SURVEILLANCE IN THE POST- SNOWDEN ERA, 66 Maine L. Rev. 488,
September 2014, http://ssrn.com/abstract=2443604)//JJ
In terms of securing web-based communications, however, the HTTPS system is no panacea against
government surveillance. First, the protocol must be properly implemented .147 Second, there are
known attacks on the use of encrypted web communications through SSL.148 Third, intelligence
agencies may work around the protections and attempt to secretly install software on the computers
of targeted users, thereby allowing them to capture their communications before they are transmitted
across an encrypted connection.149 Finally, and most importantly, HTTPS is not designed to protect
data at rest . Even if a cloud provider properly implements this protocol, this does nothing to prevent a
government agency from obtaining the data it seeks by means of a compulsory order requiring the
service provider to furnish this data. Indeed, as Professor Peter Swire argues, the trend towards
encrypting data in transit between users and cloud services may well result in governments shifting their
attention from attacking the communication infrastructure to demanding that cloud service providers
hand over stored data after it has been securely transmitted.150 The Snowden revelations already
provide some evidence of this shift and the measures detailed in this Section could accelerate this trend.
To counter this trend, governments confronted with encrypted communication channels could try to
compel cloud providers to hand over their encryption keys, enabling the continued effective
interception over telecommunications infrastructure (an option discussed further in Part IV).
2nc – at: pets
PETs fail – not technologically or economically feasible
Rubinstein and Hoboken 14 – *Senior Fellow at the Information Law Institute (ILI) and NYU School of
Law, AND **Microsoft Research Fellow in the Information Law Institute at New York University, PhD
from the University of Amsterdam (Ira and Joris Van, PRIVACY AND SECURITY IN THE CLOUD: SOME
REALISM ABOUT TECHNICAL SOLUTIONS TO TRANSNATIONAL SURVEILLANCE IN THE POST- SNOWDEN
ERA, 66 Maine L. Rev. 488, September 2014, http://ssrn.com/abstract=2443604)//JJ
It is important to emphasize that adoption of the solutions discussed remains low even though some of
them are ready for use. There are a number of reasons for this. First, some of these solutions, such as
FHE, are at the very early stages of development.188 If service provision is limited to the mere storage
of data in the cloud, it may be technically feasible for the service provider to anticipate and organize for
encryption under the control of cloud users. However, if the cloud provider also has to perform
processing operations on the encrypted data stored by its customers, the implementation of privacypreserving PETs in the cloud context is far more challenging and may even be impossible for complex
operations. 189
Second, many cloud providers lack the incentive to adopt and further develop PETs based on advanced
cryptographic solutions that would prevent them from having access to user data. The reasons are
obvious: many business models in the cloud industry depend on generating revenue based on access to
customers’ data (e.g., profiling users for purposes of serving them targeted ads).190 Thus, for many
cloud service providers, the costs of implementing these PETs (loss of profits) outweigh the potential
benefits (improved security and privacy guarantees for their customers).191 Arguably, the new
emphasis on security and privacy in the cloud in response to the Snowden revelations might incentivize
industry to consider developing and adopting similar measures. Notwithstanding the current lack of
adoption, the point this Article seeks to emphasize is that if service providers were to deploy such
measures, it would interfere with lawful access requests to cloud providers in some obvious ways. For
example, a provider might simply be unable to share unencrypted customer data with law enforcement
or intelligence agencies notwithstanding a lawful request for such access.192
Too many hurdles to client-side PETs – their ev. is theoretical
Rubinstein and Hoboken 14 – *Senior Fellow at the Information Law Institute (ILI) and NYU School of
Law, AND **Microsoft Research Fellow in the Information Law Institute at New York University, PhD
from the University of Amsterdam (Ira and Joris Van, PRIVACY AND SECURITY IN THE CLOUD: SOME
REALISM ABOUT TECHNICAL SOLUTIONS TO TRANSNATIONAL SURVEILLANCE IN THE POST- SNOWDEN
ERA, 66 Maine L. Rev. 488, September 2014, http://ssrn.com/abstract=2443604)//JJ
What happens if the government serves a lawful request for the content of communications on a service
provider whose customers utilize a client-side PET for encrypted email or chat? At best, the service
providers may hand over encrypted data but these PETs prevent it from furnishing unencrypted data.
On the other hand, the provider may fully comply with requests for traffic data unless the user combines
a client-side PET with a collaborative PET like Tor.197
Cloud providers’ attitudes to these client-side PETs are likely to remain ambivalent. On the one hand,
they may decide to block their use because they interfere with their business model and desired uses
of the service ;198 on the other hand, they may embrace PETs as proof of their good faith efforts to
ensure customer privacy in the cloud. By pointing out the possibility to adopt end-to-end encryption
solutions, companies could reassure users who are rightly worried about the surveillance of their
communications.199
Although the availability of encryption solutions may seem attractive for users, they come with some
well-documented downsides in terms of usability .200 As a result, only dedicated or expert users tend
to take advantage of them. In fact this is another oft-cited reason for industry to shy away from
promoting client-side encryption solutions. In addition, the client-side approach to security tends to
rely on the free or open source software model, in which developers release their source code, thereby
allowing the security community to review the code and determine that the software is indeed secure.
From an ordinary user’s perspective, this substitutes trust in a group of security experts in lieu of
trusting the third-party services. Finally, it is true that the implementation of end-to-end encryption
may help to protect against third party access to raw data through the service provider. From the
perspective of managing information security more generally, however, many organizations and
individuals may prefer trusting a dedicated service provider over having to rely on their own expertise.
Of course, the Snowden revelations may boost the adoption of end-to-end encryption as a way of
limiting the widely publicized systematic monitoring of global Internet communications. Certainly, the
NSA’s targeting of major cloud service providers through programs like PRISM has spiked interest in endto-end encryption solutions, at least according to all the hoopla in the popular press .201 For the
moment, however, there seems to be only a small niche market for services that cater to the demand
for properly implemented end-to-end security, as evidenced by services such as Lavabit,202
Hushmail,203 Silent Circle,204 and Heml.is.205
2nc – at: hushmail/lavabit
Our ev accounts for Hushmail and Lavabit – s-quo progression of corporate encryption
solves
Rubinstein and Hoboken 14 – *Senior Fellow at the Information Law Institute (ILI) and NYU School of
Law, AND **Microsoft Research Fellow in the Information Law Institute at New York University, PhD
from the University of Amsterdam (Ira and Joris Van, PRIVACY AND SECURITY IN THE CLOUD: SOME
REALISM ABOUT TECHNICAL SOLUTIONS TO TRANSNATIONAL SURVEILLANCE IN THE POST- SNOWDEN
ERA, 66 Maine L. Rev. 488, September 2014, http://ssrn.com/abstract=2443604)//JJ
This may (or may not) be an accurate description of what happened in the Hushmail case.273 Hushmail
secure email service offers its customers two options: a high-security option, which requires that users
install and run a Java-based encryption applet and encrypts and decrypts email only on the customer’s
computer; and a low-security (non-Java) option, which is more convenient but less secure because it
handles encryption and decryption on Hushmail’s web server.274 As a result, Hushmail retains the
ability to decrypt user’s emails when they select the low-security option (via an “insider attack” like that
against Lavabit) but no ability to do so when the customer selects the high-security option.275 Of
course, Hushmail’s design does not prevent the company from modifying the Java applet so that it
captures the user’s passphrase and sends it to Hushmail, thereby enabling the company to decrypt the
email and share it with a third-party including the government. But it seems unlikely that the company
would destroy its own business by subverting its software in this way and subject itself to a likely
deceptive practice enforcement action under Section 5 of the FTC Act.276 Unlike Lavabit, none of the
sealed documents in the Hushmail case have been leaked, so less information is available. Also, it is not
clear whether the 2007 court order pertained to a high-security or a low-security user; or if Hushmail
modified its Java encryption engine; or if, in the interests of full disclosure, it merely pointed out the
possibility of doing so.277 In short, the Hushmail case exemplifies the dilemmas that the government
may begin to face if service providers take the next logical step of adding government agencies to their
threat models and designing systems that protect against valid court orders. And while the government
has prevailed in its efforts to force niche players like Lavabit and Hushmail to capitulate, it may face a
much greater challenge if major Internet firms like Microsoft, Google, and Facebook go down this path
in response to the Snowden revelations.
AT: Space debris impact
Status quo solves space debris- NASA and NOAA prove
Haar and Leslie 14, Audrey Haar works at NASA's Goddard Space Flight Center and John Lesilie works
at the NOAA Office of Communications and External Affairs, (10/22/14, NASA-NOAA Suomi NPP Satellite
Team Ward Off Recent Space Debris Threat, https://www.nasa.gov/content/goddard/nasa-noaa-suominpp-satellite-team-ward-off-recent-space-debris-threat)//AK
While space debris was the uncontrolled adversary in the award-winning space thriller film "Gravity,"
space debris, also known as "space junk," is an ongoing real-life concern for teams managing satellites
orbiting Earth, including NOAA-NASA's Suomi National Polar-orbiting Partnership, or Suomi NPP,
satellite. It is not unusual for satellites that have the capability of maneuvering to be repositioned to
avoid debris or to maintain the proper orbit.
On an otherwise quiet Sunday on September 28, the Suomi NPP mission team was monitoring a
possible close approach of a debris object. By early evening, the risk was assessed to be high enough to
start planning a spacecraft maneuver to put the satellite into a safer zone, out of the path of the object
classified in a size range of 4 inches up to 3.3 feet.
It was determined that the object (travelling at almost 17,000 mph) was approaching at a nearly "head
on" angle, and could potentially only miss the Suomi NPP satellite by approximately 300 feet on
Tuesday, September 30, if no action was taken. With that knowledge, the decision was made at 1:30
p.m. on Monday, September 29, for NOAA's Satellite Operations Facility, or NSOF, in Suitland, Maryland,
to reposition Suomi NPP. Operational control as well as planning and execution of all Suomi NPP
maneuvers take place at NSOF.
"Because Suomi NPP moves at a similar speed as the debris object, if there had been an impact, it would
have occurred at a combined speed of nearly 35,000 mph. This would have been catastrophic not only
to the satellite, but would result in thousands of pieces of new debris," said Harry Solomon, Mission
Manager for Suomi NPP at NASA's Goddard Space Flight Center.
Space around Earth is littered with numerous man-made objects that could potentially collide with
operating spacecraft and each other (creating more debris). There are more than 20,000 objects being
monitored by the U.S. Department of Defense for satellite managers around the world.
Only about 1,000 of those 20,000 objects are operating spacecraft. The rest of the monitored space
debris ranges in size from the size of a softball, to massive rocket bodies, all orbiting uncontrolled at
relative speeds averaging about 22,300 mph in low-Earth orbit, where the majority of the objects reside.
Yet it is the unknown, often smaller, untracked objects that pose the biggest threat. "If a spacecraft is
lost due to being hit by debris, the odds are the satellite will be hit by something the trackers can't see,"
said Nicholas Johnson, NASA chief scientist (retired) for orbital debris at Johnson Space Center in
Houston.
That is exactly the scenario Solomon and his counterpart, Martin England, mission operations
engineering lead at NSOF hope will never happen.
Risk Team Monitors Unmanned Missions Threats for NOAA and NASA
While NASA's Johnson Space Center manages monitored debris threats for spacecraft related to U.S.
manned missions such as the International Space Station, the responsibility for unmanned missions
managed by NASA falls to the Conjunction Assessment Risk Analysis, or CARA, team operating out of
NASA Goddard.
About seven days before a potential threat, information from the Department of Defense is analyzed by
the CARA team to evaluate predicted close approaches. CARA monitors and provides updated
information about potential threats to satellite mission managers who then make a decision about the
need to reposition their satellites in a procedure known as a Risk Mitigation Maneuver.
Since Suomi NPP's launch in October 2011, this recent reposition was the fourth Risk Mitigation
Maneuver to avoid space debris. In this case, the object was a section of a Thorad-Agena launch vehicle
used between 1966 and1972 primarily for Corona U.S. reconnaisssance satellites.
A previous Suomi NPP risk mitigation maneuver in January 2014 avoided a discarded booster from a
Delta 1 launch vehicle, a type of rocket made in the United States for a variety of space missions from
1960 to 1990. There is also a significant amount of debris in Suomi NPP's orbit from the Chinese
Fengyun-1C, a meteorological satellite China destroyed in January 2007 in a test of an anti-satellite
missile. Another threat near Suomi NPP's orbit is the debris resulting from a 2009 collision of a
functioning commercial communications satellite and a defunct Russian satellite.
Suomi NPP's job is to collect environmental observations of atmosphere, ocean and land for both
NOAA's weather and oceanography operational missions and NASA's research mission to continue the
long-term climate record to better understand the Earth's climate and long-term trends.
To accomplish those goals, the satellite maintains a position on orbit such that the desired path across
the ground does not vary by more than 20 km (12 miles) on each side. This orbit is adjusted with regular
planned maneuvers to maintain the proper orbit and angles for best information collection. But if a Risk
Mitigation Maneuver to avoid space debris were to necessitate moving out of that desired collection
zone, then yet another maneuver would be necessary to return to the optimum orbit position. These
unplanned maneuvers tap into the finite amount of fuel on satellites and could potentially shorten
mission life of a spacecraft if fuel is used more quickly than anticipated.
The amount of space debris is not constant. It generally increases every year, sometimes generated
from debris collisions, which can potentially create additional debris fragments. But there are also debris
reductions. One tracked object generally falls back to Earth daily, sometimes burning up to nothing upon
re-entry, or falling into water or the large areas of low population density.
In addition, there are also natural events that help control debris. The sun is currently going through a
period known as solar maximum, the term for a high period of solar activity. The increased number of
sunspots and solar storms during solar maximum takes place approximately every 11 years. During this
period, the extent of Earth's atmosphere increases due to solar heat generated by the increased amount
of solar activity. As the atmosphere extends to higher altitudes, debris at these altitudes are then
subjected to increased friction, known as drag, and as a result, space debris typically fall to Earth at a
higher rate during solar maximum.
The Suomi NPP mission is a bridge between NOAA and NASA legacy Earth observing missions and
NOAA's next-generation Joint Polar Satellite System, or JPSS. The next satellite, JPSS-1, is targeted for
launch in early 2017.
Status quo mechanisms being strengthened now to solves space debris threats
Bonard 14, expert on the ISS and a space analyst, (Michael, 11/10/14, Commentary |
Space Debris Mitigation: A New Hope for a Realistic Solution?,
http://spacenews.com/42511space-debris-mitigation-a-new-hope-for-a-realisticsolution/)//AK
On Jan. 11, 2007, a Chinese antisatellite missile test completely fragmented a Chinese target satellite
into millions of pieces of debris — nearly 800 debris fragments 10 centimeters or larger, nearly 40,000
debris fragments between 1 and 10 centimeters, and some 2 million fragments of 1 millimeter or larger.
On Feb. 10, 2009, the operational Iridium 33 and decommissioned Kosmos-2251 satellites collided at a
speed of 42,120 kilometers per hour, destroying both satellites. In July 2011, more than 2,000 large
debris fragments resulting from this collision were detected.
The international space station is routinely dodging debris that are tracked by ground-based radars.
Space debris constitutes a continuously growing threat to satellites and manned spacecraft. Very small
debris creates potentially nonthreatening damage. Large debris can be detected by ground-based radars
and avoided by spacecraft maneuvers. However, small- to medium-sized debris in low or medium Earth
orbits constitutes the biggest threat. These orbits have the largest density of debris and the highest
relative speeds, while the atmospheric drag is small enough that it may take centuries to have the debris
re-enter the atmosphere.
In 1978, NASA scientist Donald J. Kessler showed that if the density of space debris in low Earth orbit is
high enough, each collision generating space debris would increase the likelihood of further collisions.
One serious implication is that the multiplication of debris in orbit will render space exploration, and
even the use of satellites, increasingly dangerous and costly for many generations.
Multiple solutions to remove space debris have been explored and published.
One of these solutions involves physical contact between debris and the spacecraft:
Shielding of in-orbit spacecraft has been considered. However, the satellite community has recognized
that the sheer weight of any reasonably efficient shielding would make launch not economically viable.
Furthermore, the speeds involved in physical contacts would generate a cloud of additional debris.
“Catcher” spacecraft have also been proposed. Conceptually, highly mobile and agile spacecraft
equipped with a “catching device” like a net or a robotic arm could be launched from Earth to intercept
and catch debris. However, unless the catcher spacecraft are able to precisely match the speed and
direction of the debris, any high-speed physical contact between a component of the catcher spacecraft
and space debris will result in a collision, multiplying the debris. The cost of designing, developing,
testing and launching such a spacecraft, with sufficient fuel onboard to repeatedly intercept multiple
debris fragments at different speeds, orbits and altitudes, does not seem to be economically viable.
Other solutions would use high-power lasers that could vaporize the surface of the debris in space,
deflecting it and possibly changing its orbit to intersect the atmosphere. These solutions have the
advantage of not requiring physical contact with the debris.
Space-based laser systems require designing, building, launching and operating a spacecraft equipped
with a very high-power laser system. Such a design is utterly complex and expensive and very likely will
not be economically viable.
Airborne laser systems are facing the same obstacles: The Boeing YAL-1 Airborne Laser Test Bed
program, which was designed as a missile defense system to destroy tactical ballistic missiles, was
terminated because of cost.
Ground-based laser systems are handicapped by the very long propagation distance, atmospheric
absorption and distortion of the laser beam. Such parameters make this solution also not economically
viable. Furthermore, being located in a single country, a ground-based laser system would raise serious
political issues within the international community because of its implied antisatellite capability.
In summary, the cost/benefit ratio of the above solutions appears to be the main reason none has been
implemented to date to proactively mitigate the most dangerous debris.
A more affordable approach for cleaning low and medium Earth orbits of small- to medium-sized orbital
debris may be achievable. This approach would use the principle of deflecting an electrically charged,
moving object in a magnetic field. The old television tube is probably the most common example of this
principle, where electrical charges (electrons) are deflected by the magnetic fields generated by the
tube deflection coils.
The application of this principle would use a space-based electron gun to generate an electron beam
directed at the orbital debris. The beam would remotely impart an electric charge to the debris. Earth’s
magnetic field would exert a force on the electric charge of such debris crossing the magnetic field at
high speed, modifying its orbit. Over time, the orbit would become highly elliptical and would intersect
the upper atmosphere, where the debris would vaporize or fall to Earth. Preliminary calculations have
shown that this concept is sound. The benefits include:
Cost: Lower cost is the major advantage of electromagnetic deflection.
Feasibility: There is no new or speculative technology to develop. Used in particle accelerators and in
millions of old-style television tubes, the electron gun technology is very mature. The energy used to
generate the electron beam is orders of magnitude lower than high-power lasers.
Risk: It would reduce the probability of creating additional debris by avoiding any physical contact.
The electron gun device could be integrated in an add-on module to the international space station.
The ISS is already in space, and there would be no new spacecraft to develop and launch.
The ISS has a large power-generation capability, while the electron gun would require only intermittent
and modest amounts of energy to operate.
This solution would be more easily adopted by the international space community, since it does not
have the capability to damage or destroy a spacecraft. This feature would be expected to encourage
support and funding of the project by all the nations involved in space operations. The electromagnetic
deflection concept would best be implemented as an international program, managed and coordinated
by the space agencies of several countries.
As with any new technology development, there are still open questions associated with the
deployment of this concept. A formal study would have to be conducted by space specialists to validate
and test the concept and determine the optimum design parameters.
Areas that should be explored include:
The ability to precisely direct the electron beam at the debris. Although electrons can be sent at nearlight speed, they are also deflected by the very magnetic field that will act on the debris, requiring
precise aiming of the electron gun.
The ability of the target to store the electrons.
The retention of the charge by the target. Due to the constant bombardment of the target by the solar
wind that comprises ionized particles, it is expected that the charge of the target will dissipate over
time.
The dynamic response of the target trajectory under the influence of the deflecting force.
In conclusion, civil and government satellites as well as manned missions are currently exposed to the
growing risk of collisions with debris, which may result in costly incidents, or accidents that could take
human lives. It is essential to have a solution implemented as soon as possible. As of today, the
electromagnetic deflection approach seems to be one of the most cost effective, most realistically
achievable and least risky. It deserves to be further evaluated and pursued.
Space debris not a threat to humans
Chun 11, space debris analyst and contributor at People’s Daily, (Yao, 9/28/11, Experts: No need to
worry about falling space debris, http://en.people.cn/202936/7606918.html) //AK
As more and more satellites are being launched into the space, will the debris of the failed satellites
bring disaster to earth? The experts from the Center for Space Science and Applied Research (CSSAR)
under the Chinese Academy of Sciences say: "Don't panic, space junk will not fall on your head."
"Recently some reports may have caused certain panic in the public, who are worried that space debris
will threaten people's survival. But, in fact we can rest assured that space debris will not hit people
because the probability is minimal," said Gong Jiancun, deputy director of CSSAR.
Space debris will not pose a threat to humans, he said. However, the real reason why scientists are
concerned about space debris is because of its potential to harm or hinder spacecraft.
Since 1957, when the first artificial satellite was launched into space, the amount of space debris has
increased year by year. As of this week, there are more than 16,000 pieces of debris with a diameter of
more than 10 centimeters in space, according to observation data from the United States.
This debris is distributed in different earth orbits: low orbit, hundreds of kilometers away from the
earth; moderate-altitude orbit, thousands of kilometers away, and high orbit, tens of thousands of
kilometers away. Because of this, the debris is not concentrated in a dense region of space.
Generally speaking, space debris is divided in three categories: large space debris, with a diameter of
more than 10 centimeters; small space debris, with a diameter of less than 1 millimeter, and dangerous
debris, with a diameter between large and small debris.
"If the debris falls to the earth, most of it will be burned away by the high temperature of thousands of
degrees produced by the high-speed friction with the atmosphere. Even if a large chunk of space debris
penetrated the atmosphere and posed a threat to the earth, mankind should be capable of defending
against it," Gong said.
First, we can roughly estimate its orbit. With the estimation of its orbit, we can intercept it. Gong said
that the U.S. has successfully intercepted a failed satellite using a missile. That satellite contained highly
toxic substances. In order to prevent it from falling into the sea, the U.S. destroyed the satellite by a
missile launched from a warship. China also has similar technologies and can disintegrate it in the space
before it causes harm."
"Scientists also have come up with many other methods to clear the space debris. For example, we can
leave some fuel in satellites and control the satellite to fly out of the original track," Gong said. "Some
countries have developed passive technologies, such as launching a spacecraft to catch space debris and
take it away. Other countries are developing satellites with mechanical arms, which not only can repair
satellites but also can pull the failed satellites out of the orbit."
However, these technologies are not very mature. It is still uncertain when they will come into use, he
said.
China turn
Chinese and U.S. tech industries are zero-sum – surveillance crowds out the U.S.
market
Castro and McQuinn 15 – * Vice President of the Information Technology and Innovation Foundation
and Director of the Center for Data Innovation, B.S. in Foreign Service from Georgetown University and
an M.S. in Information Security Technology and Management from Carnegie Mellon University, AND **
Research Assistant with the Information Technology and Innovation Foundation, B.S. in Public Relations
and Political Communications from the University of Texas (Daniel and Alan, Beyond the USA Freedom
Act: How U.S. Surveillance Still Subverts U.S. Competitiveness, Information Technology and Innovation
Foundation, June 2015, http://www2.itif.org/2015-beyond-usa-freedomact.pdf?_ga=1.33178294.940386433.1435342104)//JJ
Protectionist policies in China have further strained the U.S. tech industry . In January 2015, the Chinese
government adopted new regulations that forced companies that sold equipment to Chinese banks to
turn over secret source code, submit to aggressive audits, and build en cryption keys into their products.
38 While ostensibly an attempt to strengthen cybersecurity in critical Chinese industries, many western
tech companies saw these policies as a shot across the bow trying to force them out of China’s
markets . After all, the Chinese government ha d already launched a “de - IOE” movement — IOE stands
for IBM, Oracle and EMC — to convince its state - owned banks to stop buying from these U.S. tech
giants . 39 To be sure, the Chinese government recently halted this policy under U.S. pressur e. 40
However, the halted policy can be seen as a part of a larger clash between China and the United States
over trade and cybersecurity. Indeed, these proposed barriers were in part a quid pro quo from China ,
after the United States barred Huawei, a major Chinese computer maker, from selling its products in the
United States due to the fear that this equipment had “back doors” for the Chinese government. 41
Since the Snowden revelations essentially gave them cover, Chinese lawmakers have openly called for
the use of domestic tech products over foreign goods both to boost the Chinese economy and in
response to U.S. surveillance tactics. This system of retaliation has not only led to a degradation of
business interests for U.S. tech companies in China, but also disrupted the dialogue between the U.S.
government and China on cybersecurity issues. 4
Cybersecurity
1nc – no impact
No impact to cyberattacks – empirics – their ev is fear-mongering
Valeriano and Maness 5/13/15 – co-authors of Cyber War versus Cyber Realities, AND *Senior Lecturer
in Social and Political Sciences at the University of Glasgow, AND **Visiting Fellow of Security and
Resilience Studies at Northeastern University (Brandon and Ryan C., The Coming Cyberpeace: The
Normative Argument Against Cyberwarfare, Foreign Affairs,
https://www.foreignaffairs.com/articles/2015-05-13/coming-cyberpeace)//JJ
The era of cyberconflict is upon us; at least, experts seem to accept that cyberattacks are the new
normal. In fact, however, evidence suggests that cyberconflict is not as prevalent as many believe.
Likewise, the severity of individual cyber events is not increasing, even if the frequency of overall attacks
has risen. And an emerging norm against the use of severe state-based cybertactics contradicts fearmongering news reports about a coming cyberapocalypse. The few isolated incidents of successful statebased cyberattacks do not a trend make. Rather, what we are seeing is cyberespionage and probes, not
cyberwarfare. Meanwhile, the international consensus has stabilized around a number of limited
acceptable uses of cybertechnology—one that prohibits any dangerous use of force.
Despite fears of a boom in cyberwarfare , there have been no major or dangerous hacks between
countries. The closest any states have come to such events occurred when Russia attacked Georgian
news outlets and websites in 2008; when Russian forces shut down banking, government, and news
websites in Estonia in 2007; when Iran attacked the Saudi Arabian oil firm Saudi Aramco with the
Shamoon virus in 2012; and when the United States attempted to sabotage Iran’s nuclear power
systems from 2007 to 2011 through the Stuxnet worm. The attack on Sony from North Korea is just the
latest overhyped cyberattack to date, as the corporate giant has recovered its lost revenues from the
attack and its networks are arguably more resilient as a result. Even these are more probes into
vulnerabilities than full attacks. Russia’s aggressions show that Moscow is willing to use cyberwarfare
for disruption and propaganda, but not to inflict injuries or lasting infrastructural damage. The Shamoon
incident allowed Iran to punish Saudi Arabia for its alliance with the United States as Tehran faced
increased sanctions; the attack destroyed files on Saudi Aramco’s computer network but failed to do
any lasting damage . The Stuxnet incident also failed to create any lasting damage, as Tehran put more
centrifuges online to compensate for virus-based losses and strengthened holes in their system. Further,
these supposedly successful cases of cyberattacks are balanced by many more examples of
unsuccessful ones . If the future of cyberconflict looks like today, the international community must
reassess the severity of the threat.
Cyberattacks have demonstrated themselves to be more smoke than fire . This is not to suggest that
incidents are on the decline, however. Distributed denial-of-service attacks and infiltrations increase by
the minute—every major organization is probed constantly, but only for weaknesses or new infiltration
methods for potential use in the future. Probes and pokes do not destabilize states or change trends
within international politics. Even common cyber actions have little effect on levels of cooperation and
conflict between states.
Cyberattacks won’t result in nuclear war - airgapping solves
Green 2 – editor of The Washington Monthly (Joshua, “The Myth of Cyberterrorism”, Washington
Monthly, http://www.washingtonmonthly.com/features/2001/0211.green.html//DM)
There's just one problem: There is no such thing as cyberterrorism--no instance of anyone ever having
been killed by a terrorist (or anyone else) using a computer. Nor is there compelling evidence that al
Qaeda or any other terrorist organization has resorted to computers for any sort of serious destructive
activity. What's more, outside of a Tom Clancy novel, computer security specialists believe it is virtually
impossible to use the Internet to inflict death on a large scale, and many scoff at the notion that
terrorists would bother trying. "I don't lie awake at night worrying about cyberattacks ruining my life,"
says Dorothy Denning, a computer science professor at Georgetown University and one of the country's
foremost cybersecurity experts. "Not only does [cyberterrorism] not rank alongside chemical, biological,
or nuclear weapons, but it is not anywhere near as serious as other potential physical threats like car
bombs or suicide bombers."
Which is not to say that cybersecurity isn't a serious problem--it's just not one that involves terrorists.
Interviews with terrorism and computer security experts, and current and former government and
military officials, yielded near unanimous agreement that the real danger is from the criminals and other
hackers who did $15 billion in damage to the global economy last year using viruses, worms, and other
readily available tools. That figure is sure to balloon if more isn't done to protect vulnerable computer
systems, the vast majority of which are in the private sector. Yet when it comes to imposing the tough
measures on business necessary to protect against the real cyberthreats, the Bush administration has
balked.
Crushing BlackBerrys
When ordinary people imagine cyberterrorism, they tend to think along Hollywood plot lines, doomsday
scenarios in which terrorists hijack nuclear weapons, airliners, or military computers from halfway
around the world. Given the colorful history of federal boondoggles--billion-dollar weapons systems that
misfire, $600 toilet seats--that's an understandable concern. But, with few exceptions, it's not one that
applies to preparedness for a cyberattack. "The government is miles ahead of the private sector when it
comes to cybersecurity," says Michael Cheek, director of intelligence for iDefense, a Virginia-based
computer security company with government and private-sector clients. "Particularly the most sensitive
military systems."
Serious effort and plain good fortune have combined to bring this about. Take nuclear weapons. The
biggest fallacy about their vulnerability, promoted in action thrillers like WarGames, is that they're
designed for remote operation. "[The movie] is premised on the assumption that there's a modem bank
hanging on the side of the computer that controls the missiles," says Martin Libicki, a defense analyst at
the RAND Corporation. "I assure you, there isn't." Rather, nuclear weapons and other sensitive military
systems enjoy the most basic form of Internet security: they're "air-gapped," meaning that they're not
physically connected to the Internet and are therefore inaccessible to outside hackers. (Nuclear
weapons also contain "permissive action links," mechanisms to prevent weapons from being armed
without inputting codes carried by the president.) A retired military official was somewhat indignant at
the mere suggestion: "As a general principle, we've been looking at this thing for 20 years. What cave
have you been living in if you haven't considered this [threat]?"
When it comes to cyberthreats, the Defense Department has been particularly vigilant to protect key
systems by isolating them from the Net and even from the Pentagon's internal network. All new
software must be submitted to the National Security Agency for security testing. "Terrorists could not
gain control of our spacecraft, nuclear weapons, or any other type of high-consequence asset," says Air
Force Chief Information Officer John Gilligan. For more than a year, Pentagon CIO John Stenbit has
enforced a moratorium on new wireless networks, which are often easy to hack into, as well as common
wireless devices such as PDAs, BlackBerrys, and even wireless or infrared copiers and faxes.
The September 11 hijackings led to an outcry that airliners are particularly susceptible to cyberterrorism.
Earlier this year, for instance, Sen. Charles Schumer (D-N.Y.) described "the absolute havoc and
devastation that would result if cyberterrorists suddenly shut down our air traffic control system, with
thousands of planes in mid-flight." In fact, cybersecurity experts give some of their highest marks to the
FAA, which reasonably separates its administrative and air traffic control systems and strictly air-gaps
the latter. And there's a reason the 9/11 hijackers used box-cutters instead of keyboards: It's impossible
to hijack a plane remotely, which eliminates the possibility of a high-tech 9/11 scenario in which planes
are used as weapons.
Another source of concern is terrorist infiltration of our intelligence agencies. But here, too, the risk is
slim. The CIA's classified computers are also air-gapped, as is the FBI's entire computer system. "They've
been paranoid about this forever," says Libicki, adding that paranoia is a sound governing principle when
it comes to cybersecurity. Such concerns are manifesting themselves in broader policy terms as well.
One notable characteristic of last year's Quadrennial Defense Review was how strongly it focused on
protecting information systems.
2nc – no impact
No escalation – restraint and third-party allies
Valeriano and Maness 5/13/15 – co-authors of Cyber War versus Cyber Realities, AND *Senior Lecturer
in Social and Political Sciences at the University of Glasgow, AND **Visiting Fellow of Security and
Resilience Studies at Northeastern University (Brandon and Ryan C., The Coming Cyberpeace: The
Normative Argument Against Cyberwarfare, Foreign Affairs,
https://www.foreignaffairs.com/articles/2015-05-13/coming-cyberpeace)//JJ
NORMCORE IS HERE TO STAY
A protocol of restraint has emerged as the volume of cyberattacks has increased. State-based
cyberattacks are expected, and in some cases tolerated, as long as they do not rise to the level of total
offensive operations—direct and malicious incidents that could destroy infrastructure or critical
facilities. These options are apparently off the table for states, since they would lead to physical
confrontation, collateral damage, and economic retaliation.
The reproducibility of cyberattacks has also led states to exercise restraint. Enemies can replicate
successful cyberweapons easily if source code and programs find their way into the wild or are reverseengineered. Cyberweapons are not simple to design, either, which makes their use limited: Stuxnet took
years of work by U.S. intelligence (with help from Israel) and cost hundreds of millions of dollars—and it
still failed. The risk of creating collateral damage is high , since cyberweaponry cannot provide surgical
precision and can spread into other networks of possible allies of the attackers. For example, the
Stuxnet worm, intended for Iran’s nuclear program’s network, showed up in Azerbaijan, India,
Indonesia, and Pakistan, among other countries. As witnessed in the Russian attack on Georgia, the
potential for conflict diffusion is high, as third-party allies can enter conflicts easily . Estonia sent its
Computer Emergency Readiness Team experts to Georgia to keep the country’s crucial networks up and
running. Poland freed up bandwidth for servers in its territory to keep Georgian government websites
up and its people informed. Finally, the risk of retaliation is high, as it is in any war, especially as
attribution of perpetrators is getting easier to trace with better forensic techniques. The only drawback
is that exposing attribution capabilities often exposes ongoing infiltration methods.
Attacks severity is nil
Valeriano and Maness 5/13/15 – co-authors of Cyber War versus Cyber Realities, AND *Senior Lecturer
in Social and Political Sciences at the University of Glasgow, AND **Visiting Fellow of Security and
Resilience Studies at Northeastern University (Brandon and Ryan C., The Coming Cyberpeace: The
Normative Argument Against Cyberwarfare, Foreign Affairs,
https://www.foreignaffairs.com/articles/2015-05-13/coming-cyberpeace)//JJ
All of these considerations have meant that, so far, cyberconflict has adhered to existing international
conflict norms. That there have been no major operations resulting in death or the destruction of
physical equipment (outside of the Saudi Aramco incident and Stuxnet) suggests trends toward stability
and safety. Cyberoperations are increasing, but only in terms of small-scale actions that have limited
utility or damage potential. The truly dangerous cyberactions that many warn against have not occurred,
even in situations where observers would think them most likely: within the Ukrainian conflict or during
NATO’s 2011 operations in Libya. The only demonstrable cyberactivity in the Ukraine crisis has been
espionage-level attacks. There is no propaganda, denial of service, or worm or virus activity, as there
was in past conflicts involving Russia and post-Soviet states.
The overall trend in cyberwarfare indicates that the international community is enjoying a period of
stability. The chart below demonstrates that although cybertactics are increasingly popular, the
severity of these attacks remains low . On a scale of one to five, where one is a nuisance attack (a
website being defaced, for example) and five is a cyber-related death, few attacks register above a two.
The risk of harmful cyberattacks is exaggerated
Tucker 14 – Patrick Tucker is technology editor for Defense One. He’s also the author of The Naked
Future: What Happens in a World That Anticipates Your Every Move? (Current, 2014). Previously, Tucker
was deputy editor for The Futurist for nine years. Tucker has written about emerging technology in
Slate, The Sun, MIT Technology Review, Wilson Quarterly, The American Legion Magazine, BBC News
Magazine, Utne Reader, and elsewhere. (Patrick, “Major Cyber Attack Will Cause Significant Loss of Life
By 2025, Experts Predict”, Defense One, October 29, 2014,
http://www.defenseone.com/threats/2014/10/cyber-attack-will-cause-significant-loss-life-2025experts-predict/97688//DM)
Other experts told Pew that military contractors, facing declining business for missiles and tanks, have
purposefully overblown the threats posed by cyber attacks to scare up an enemy for the nation to arm
against.
“…This concern seems exaggerated by the political and commercial interests that benefit from us
directing massive resources to those who offer themselves as our protectors. It is also exaggerated by
the media because it is a dramatic story,” said Joseph Guardin, a principal researcher at Microsoft
Research. “It is clear our leaders are powerless to rein in the military-industrial-intelligence complex,
whose interests are served by having us fearful of cyber attacks. Obviously there will be some theft and
perhaps someone can exaggerate it to claim tens of billions in losses, but I don’t expect anything
dramatic and certainly don’t want to live in fear of it.”
Guardin, (remember, he does work for Microsoft) is joined by other experts who agree that future
cyber attacks will resemble those of today: big headlines to little real effect. Data and intellectual
property theft will happen, possibly causing inconvenience for consumers and revenue loss for
corporations, but the digital apocalypse is not nigh.
“There will have been major cyber attacks, but they are less likely to have caused widespread harm.
They will be stealth attacks to extract information and exploit it for commercial and political gain. Harm
to an enemy is only a desire of less sophisticated individuals. Anyone who amasses the ability to mount
a major cyber attack, better than their opponent, also doesn’t want to lose their position of advantage.
They are likely to shift to strategies of gain for their own position, rather than explicit harm to their
victim, which would alert their victim and close off their channels of attack, and set back their
advantageous position,” said Bob Briscoe, chief researcher in networking and infrastructure for British
Telecom.
Cyberattacks lower violence – they don’t put people in danger
Rid 13 - THOMAS RID is a Reader in War Studies at King’s College London. His most recent book is Cyber
War Will Not Take Place (Oxford University Press, 2013), from which this essay is adapted. (Thomas,
“Cyberwar and Peace: Hacking can reduce real world violence”, Foreign Affairs, December 2013,
https://www.foreignaffairs.com/articles/2013-10-15/cyberwar-and-peace//DM)
Cyberwar Is Coming!” declared the title of a seminal 1993 article by the RAND Corporation analysts John
Arquilla and David Ronfeldt, who argued that the nascent Internet would fundamentally transform
warfare. The idea seemed fanciful at the time, and it took more than a decade for members of the U.S.
national security establishment to catch on. But once they did, a chorus of voices resounded in the mass
media, proclaiming the dawn of the era of cyberwar and warning of its terrifying potential. In February
2011, then CIA Director Leon Panetta warned Congress that “the next Pearl Harbor could very well be a
cyberattack.” And in late 2012, Mike McConnell, who had served as director of national intelligence
under President George W. Bush, warned darkly that the United States could not “wait for the cyber
equivalent of the collapse of the World Trade Centers.”
Yet the hype about everything “cyber” has obscured three basic truths: cyberwar has never happened in
the past, it is not occurring in the present, and it is highly unlikely that it will disturb the future. Indeed,
rather than heralding a new era of violent conflict, so far the cyber-era has been defined by the opposite
trend: a computer-enabled assault on political violence. Cyberattacks diminish rather than accentuate
political violence by making it easier for states, groups, and individuals to engage in two kinds of
aggression that do not rise to the level of war: sabotage and espionage. Weaponized computer code and
computer-based sabotage operations make it possible to carry out highly targeted attacks on an
adversary’s technical systems without directly and physically harming human operators and managers.
Computer-assisted attacks make it possible to steal data without placing operatives in dangerous
environments, thus reducing the level of personal and political risk.
Cyber conflicts are nonviolent - empirics
Rid 13 - THOMAS RID is a Reader in War Studies at King’s College London. His most recent book is Cyber
War Will Not Take Place (Oxford University Press, 2013), from which this essay is adapted. (Thomas,
“Cyberwar and Peace: Hacking can reduce real world violence”, Foreign Affairs, December 2013,
https://www.foreignaffairs.com/articles/2013-10-15/cyberwar-and-peace//DM)
THE THIN CASE FOR CYBERWAR
One reason discussions about cyberwar have become disconnected from reality is that many
commentators fail to grapple with a basic question: What counts as warfare? Carl von Clausewitz, the
nineteenth-century Prussian military theorist, still offers the most concise answer to that question.
Clausewitz identified three main criteria that any aggressive or defensive action must meet in order to
qualify as an act of war. First, and most simply, all acts of war are violent or potentially violent. Second,
an act of war is always instrumental: physical violence or the threat of force is a means to compel the
enemy to accept the attacker’s will. Finally, to qualify as an act of war, an attack must have some kind of
political goal or intention. For that reason, acts of war must be attributable to one side at some point
during a confrontation.
No known cyberattack has met all three of those criteria; indeed, very few have met even one. Consider
three incidents that today’s Cassandras frequently point to as evidence that warfare has entered a new
era. The first of these, a massive pipeline explosion in the Soviet Union in June 1982, would count as the
most violent cyberattack to date -- if it actually happened. According to a 2004 book by Thomas Reed,
who was serving as a staffer on the U.S. National Security Council at the time of the alleged incident, a
covert U.S. operation used rigged software to engineer a massive explosion in the Urengoy-SurgutChelyabinsk pipeline, which connected Siberian natural gas fields to Europe. Reed claims that the CIA
managed to insert malicious code into the software that controlled the pipeline’s pumps and valves. The
rigged valves supposedly resulted in an explosion that, according to Reed, the U.S. Air Force rated at
three kilotons, equivalent to the force of a small nuclear device.
But aside from Reed’s account, there is hardly any evidence to prove that any such thing happened, and
plenty of reasons to doubt that it did. After Reed published his book, Vasily Pchelintsev, who was
reportedly the KGB head of the region when the explosion was supposed to have taken place, denied
the story. He surmised that Reed might have been referring to a harmless explosion that happened not
in June but on a warm April day that year, caused by pipes shifting in the thawing ground of the tundra.
Moreover, no Soviet media reports from 1982 confirm that Reed’s explosion took place, although the
Soviet media regularly reported on accidents and pipeline explosions at the time. What’s more, given
the technologies available to the United States at that time, it would have been very difficult to hide
malicious software of the kind Reed describes from its Soviet users.
Another incident often related by promoters of the concept of cyberwar occurred in Estonia in 2007.
After Estonian authorities decided to move a Soviet-era memorial to Russian soldiers who died in World
War II from the center of Tallinn to the city’s outskirts, outraged Russian-speaking Estonians launched
violent riots that threatened to paralyze the city. The riots were accompanied by cyber-assaults, which
began as crude disruptions but became more sophisticated after a few days, culminating in a “denial of
service” attack. Hackers hijacked up to 85,000 computers and used them to overwhelm 58 Estonian
websites, including that of the country’s largest bank, which the attacks rendered useless for a few
hours.
Estonia’s defense minister and the country’s top diplomat pointed their fingers at the Kremlin, but they
were unable to muster any evidence. For its part, the Russian government denied any involvement. In
the wake of the incident, Estonia’s prime minister, Andrus Ansip, likened the attack to an act of war.
“What’s the difference between a blockade of harbors or airports of sovereign states and the blockade
of government institutions and newspaper websites?” he asked. It was a rhetorical question, but the
answer is important: unlike a naval blockade, the disruption of websites is not violent -- indeed, not
even potentially violent. The choice of targets also seemed unconnected to the presumed tactical
objective of forcing the government to reverse its decision on the memorial. And unlike a naval
blockade, the attacks remained anonymous, without political backing, and thus unattributable.
A year later, a third major event entered the cyber-Cassandras’ repertoire. In August 2008, the Georgian
army attacked separatists in the province of South Ossetia. Russia backed the separatists and responded
militarily. The prior month, in what might have been the first time that an independent cyberattack was
launched in coordination with a conventional military operation, unknown attackers had begun a
campaign of cyber-sabotage, defacing prominent Georgian websites, including those of the country’s
national bank and the Ministry of Foreign Affairs, and launching denial-of-service attacks against the
websites of Georgia’s parliament, its largest commercial bank, and Georgian news outlets. The Georgian
government blamed the Kremlin, just as the Estonians had done. But Russia again denied sponsoring the
attacks, and a NATO investigation later found “no conclusive proof” of who had carried them out.
The attack set off increasingly familiar alarm bells within American media and the U.S. national security
establishment. “The July attack may have been a dress rehearsal for an all-out cyberwar,” an article in
The New York Times declared. Richard Clarke, a former White House cybersecurity czar, warned that the
worst was yet to come: the Georgian attack did not “begin to reveal what the Russian military and
intelligence agencies could do if they were truly on the attack in cyberspace.” Yet the actual effects of
these nonviolent events were quite mild. The main damage they caused was to the Georgian
government’s ability to communicate internationally, thus preventing it from getting out its message at
a critical moment. But even if the attackers intended this effect, it proved short-lived: within four days
after military confrontations had begun in earnest, the Georgian Foreign Ministry had set up an account
on Google’s blog-hosting service. This move helped the government keep open a channel to the public
and the news media. What the Internet took away, the Internet returned.
Cyberweapons can’t do damage directly and can’t inflict fear
Rid 13 - THOMAS RID is a Reader in War Studies at King’s College London. His most recent book is Cyber
War Will Not Take Place (Oxford University Press, 2013), from which this essay is adapted. (Thomas,
“Cyberwar and Peace: Hacking can reduce real world violence”, Foreign Affairs, December 2013,
https://www.foreignaffairs.com/articles/2013-10-15/cyberwar-and-peace//DM)
Yet even cyberattacks that cause damage do so only indirectly. As an agent of violence, computer code
faces a very basic limit: it does not have its own force or energy. Instead, any cyberattack with the goal
of material destruction or harming human life must utilize the force or energy embedded in its target:
for example, shutting down an air traffic control system and causing trains or planes to crash or
disrupting a power plant and sparking an explosion. Yet besides Stuxnet, there is no proof that anyone
has ever successfully launched a major attack of this sort. Lethal cyberattacks, while certainly possible,
remain the stuff of fiction: none has ever killed or even injured a single human being. Thanks to its lack
of direct physical impact, code-induced violence also has less emotional impact. It would be difficult for
a cyberattack to produce the level of fear that coordinated campaigns of terrorism or conventional
military operations produce.
Owing to their invisibility, cyberweapons also lack the symbolic power of traditional ones. Displays of
weaponry, such as the elaborate military parades put on by China and North Korea, sometimes
represent nothing more than nationalist pageantry. But revealing one’s arsenal can also serve tactical
and strategic ends, as when countries deploy aircraft carriers to demonstrate their readiness to use
force or carry out operations designed to intimidate the enemy, such as using military aircraft to
conduct deliberately low flyovers. Indeed, displaying weapons systems and threatening to use them can
prove more cost-efficient than their actual use. But cyberweapons are hard to brandish.
AT: China impact
Chinese cyberattack threats are exaggerated – the US maintains significant
competitive advantages
Lindsay 15 - Jon R. Lindsay is an assistant research scientist at the University of California, San Diego. In
the summer of 2015, he will become Assistant Professor of Digital Media and Global Affairs at the
University of Toronto Munk School of Global Affairs. (Jon, "Exaggerating the Chinese Cyber Threat",
Belfer Center for Science and International Affairs,
http://belfercenter.ksg.harvard.edu/publication/25321/exaggerating_the_chinese_cyber_threat.html//
DM)
Policymakers in the United States often portray China as posing a serious cybersecurity threat. In 2013
U.S. National Security Adviser Tom Donilon stated that Chinese cyber intrusions not only endanger
national security but also threaten U.S. firms with the loss of competitive advantage. One U.S. member
of Congress has asserted that China has "laced the U.S. infrastructure with logic bombs." Chinese critics,
meanwhile, denounce Western allegations of Chinese espionage and decry National Security Agency
(NSA) activities revealed by Edward Snowden. The People's Daily newspaper has described the United
States as "a thief crying 'stop thief.'" Chinese commentators increasingly call for the exclusion of U.S.
internet firms from the Chinese market, citing concerns about collusion with the NSA, and argue that the
institutions of internet governance give the United States an unfair advantage.
The rhetorical spiral of mistrust in the Sino-American relationship threatens to undermine the mutual
benefits of the information revolution. Fears about the paralysis of the United States' digital
infrastructure or the hemorrhage of its competitive advantage are exaggerated. Chinese cyber operators
face underappreciated organizational challenges, including information overload and bureaucratic
compartmentalization, which hinder the weaponization of cyberspace or absorption of stolen
intellectual property. More important, both the United States and China have strong incentives to
moderate the intensity of their cyber exploitation to preserve profitable interconnections and avoid
costly punishment. The policy backlash against U.S. firms and liberal internet governance by China and
others is ultimately more worrisome for U.S. competitiveness than espionage; ironically, it is also
counterproductive for Chinese growth.
The United States is unlikely to experience either a so-called digital Pearl Harbor through cyber warfare
or death by a thousand cuts through industrial espionage. There is, however, some danger of crisis
miscalculation when states field cyberweapons. The secrecy of cyberweapons' capabilities and the
uncertainties about their effects and collateral damage are as likely to confuse friendly militaries as they
are to muddy signals to an adversary. Unsuccessful preemptive cyberattacks could reveal hostile intent
and thereby encourage retaliation with more traditional (and reliable) weapons. Conversely,
preemptive escalation spurred by fears of cyberattack could encourage the target to use its
cyberweapons before it loses the opportunity to do so. Bilateral dialogue is essential for reducing the
risks of misperception between the United States and China in the event of a crisis.
THE U.S. ADVANTAGE
The secrecy regarding the cyber capabilities and activities of the United States and China creates
difficulty in estimating the relative balance of cyber power across the Pacific. Nevertheless, the United
States appears to be gaining an increasing advantage. For every type of purported Chinese cyber threat,
there are also serious Chinese vulnerabilities and growing Western strengths.
Much of the international cyber insecurity that China generates reflects internal security concerns. China
exploits foreign media and digital infrastructure to target political dissidents and minority populations.
The use of national censorship architecture (the Great Firewall of China) to redirect inbound internet
traffic to attack sites such as GreatFire.org and GitHub in March 2015 is just the latest example of this
worrisome trend. Yet prioritizing political information control over technical cyber defense also damages
China's own cybersecurity. Lax law enforcement and poor cyber defenses leave the country vulnerable
to both cybercriminals and foreign spies. The fragmented and notoriously competitive nature of the
Communist Party state further complicates coordination across military, police, and regulatory entities.
There is strong evidence that China continues to engage in aggressive cyber espionage campaigns
against Western interests. Yet it struggles to convert even legitimately obtained foreign data into
competitive advantage, let alone make sense of petabytes of stolen data. Absorption is especially
challenging at the most sophisticated end of the value chain (e.g., advanced fighter aircraft), which is
dominated by the United States. At the same time, the United States conducts its own cyber espionage
against China , as the Edward Snowden leaks dramatized, which can indirectly aid U.S. firms (e.g., in
government trade negotiations). China's uneven industrial development, fragmented cyber defenses,
erratic cyber tradecraft, and the market dominance of U.S. technology firms provide considerable
advantages to the United States.
Despite high levels of Chinese political harassment and espionage, there is little evidence of skill or
subtlety in China's military cyber operations. Although Chinese strategists describe cyberspace as a
highly asymmetric and decisive domain of warfare, China's military cyber capacity does not live up to its
doctrinal aspirations. A disruptive attack on physical infrastructure requires careful testing, painstaking
planning, and sophisticated intelligence. Even experienced U.S. cyber operators struggle with these
challenges. By contrast, the Chinese military is rigidly hierarchical and has no wartime experience with
complex information systems. Further, China's pursuit of military "informatization" (i.e., emulation of
the U.S. network-centric style of operations) increases its dependence on vulnerable networks and
exposure to foreign cyberattack.
To be sure, China engages in aggressive cyber campaigns, especially against nongovernmental
organizations and firms less equipped to defend themselves than government entities. These activities,
however, do not constitute major military threats against the United States, and they do nothing to
defend China from the considerable intelligence and military advantages of the United States.
No Chinese cyberattack – China is exercising restraint
Kyodo News Service 15 – Japan’s leading news network. (“China urges caution after N. Korean hacking
sanctions”, Kyodo News Service, proquest, January 5, 2015//DM)
China called for restraint Monday on actions that could lead to increased tension on the Korean
Peninsula after the United States sanctioned North Korea over recent provocations, including alleged
cyber attacks.
"Relevant parties should act with caution, avoid taking actions that might further escalate tension and
jointly safeguard the peace and stability of the peninsula," Chinese Foreign Ministry spokeswoman Hua
Chunying said at a regular press briefing.
The U.S. Treasury Department announced a package of sanctions Friday aimed at three North Korean
entities and 10 individuals, some of which have links to China.
The announcement came after a U.S. Federal Bureau of Investigations report named Pyongyang as the
perpetrator of a major hacking attack on Sony Pictures Entertainment Inc. thought to be motivated by
anger over a film depicting the assassination of North Korean leader Kim Jong Un.
While criticizing the release of the film, Pyongyang has denied involvement in the cyberattack.
Although Hua did not mention any country by name, she said China "opposes cyber attacks of all
forms" and "does not allow any country or individual to launch cyber attacks and illegal activities using
China's infrastructure or doing so inside China."
1nc – solvency
Alt cause to cybersecurity threat – lack of cybersecurity professionals
Sarkar 14 – writer for Fierce Government. (Dibya, “Shortage of cybersecurity pros in government,
business potentially undermines national cybersecurity, finds RAND”, Fierce Government IT,
http://www.fiercegovernmentit.com/story/shortage-cybersecurity-pros-government-businesspotentially-undermines-nati/2014-06-20//DM)
Is there a shortage of cybersecurity professionals in the federal government and private sector that's
leaving the U.S. vulnerable to cyber attacks?
In a new report, (pdf) RAND researchers sought to answer this question by thoroughly reviewing studies
on the subject, interviewing experts and examining what's been written about the labor market for this
field.
The short answer is yes.
RAND researchers found that several "excellent" reports from Booz Allen Hamilton and the Department
of Homeland Security, among others, have said that indeed there's a shortage, potentially
undermining the nation's cybersecurity.
Alt cause to poor cybersecurity – lax governmental policies
Castro 15 – Contributing writer at The Hill (Daniel, “Government apathy is the barrier to better
cybersecurity”, The Hill, June 17th, 2015, http://thehill.com/blogs/pundits-blog/technology/245262government-apathy-is-the-barrier-to-better-cybersecurity//DM)
When the federal government announced earlier this month that Chinese hackers had stolen sensitive
personnel records of 4.2 million current and former government employees (myself included), the
biggest surprise was that it had taken so long for this kind of breach to occur. The truth is that it was less
an indicator of the Chinese government's technical prowess than it was proof of the U.S. federal
government's lackadaisical approach to securing its computer systems.
Many of the security vulnerabilities that likely contributed to the data breach had already been
uncovered by government auditors. Obviously, this was to no avail. But rather than pointing fingers
merely to score political points, policymakers should use this unprecedented breach to catalyze
substantive change to the federal government's approach to information security by creating a zerotolerance policy that drives real change.
The most frustrating part of this whole affair is that it might have been prevented if the target of the
breach, the Office of Personnel Management (OPM), had followed the federal rules for information
security. The Federal Information Security Management Act outlines steps an agency must take to
secure its systems. In 2014, the inspector general for OPM found many areas where it did not follow
these baseline security practices. For example, it failed to routinely scan its servers for vulnerabilities,
implement multi-factor authentication for remote access or maintain a comprehensive inventory of
systems. Findings this substantial should have sent shockwaves through the government, but they
instead elicited a collective shrug from officials who have grown accustomed to subpar security
practices.
While OPM's problems were more severe than other agencies, it is certainly not alone. For example, not
counting the Department of Defense, only 41 percent of federal agencies have implemented the
minimum authentication requirements for accessing federal networks . Federal agencies are routinely
targets for cyberattacks, so ignoring these vulnerabilities comes at great risk. The long-term solution to
this problem is to build a culture in federal agencies that does not tolerate such poor performance.
Achieving this will require strong leadership from within agencies and vigorous oversight from Congress.
When agencies fall short in meeting baseline standards, agency leaders should be held responsible.
Agencies that fail to address these problems should face budget cuts and agency heads should be
replaced. The purpose of these accountability measures is not to assign blame, but to drive structural
change by creating a sense of urgency for improving federal information security practices.
In the short-term, President Obama should issue an executive order to address one of the primary
reasons this most recent attack was possible: improperly secured data. The president should require
agencies to submit to Congress within 90 days a confidential, comprehensive and prioritized inventory
of every system that stores sensitive information in an unencrypted format. In addition, federal chief
information officers (CIOs) should be required to submit plans to secure these systems, including any
additional funding they might need. Congress can then decide if these agencies are deficient due to a
lack of resources or their own inadequacies, and if the former, they should provide immediate funding
to address the shortcomings. CIOs should provide Congress with an update every six months until the
job is accomplished.
Given the scope and sensitivity of the personal information that the U.S. government collects, doing a
job that is "good enough for government" is no longer acceptable when it comes to information
security. Attacks on the government's information systems are not going to stop. The question is
whether or not we will be prepared.
2nc – personnel alt cause
Alt cause - lack of cybersecurity professionals is undermining US cyberdefenses
Libicki, Senty, and Pollak 14 – Martin C. Libicki has a Ph.D. in economics, University of California,
Berkeley; M.A. in city and regional planning, University of California, Berkeley; S.B. in mathematics,
Massachusetts Institute of Technology. Maj. Gen. David N. Senty is Chief of Staff, U.S. Cyber Command,
Fort George G. Meade, Md. The command plans, coordinates, integrates, synchronizes and conducts
activities to direct the operations and defense of specified Department of Defense information networks
and is prepared to, and when directed, conduct full-spectrum military cyberspace operations in order to
enable actions in all domains, ensure U.S./allied freedom of action in cyberspace and deny the same to
adversaries. Julia Pollak is an assistant policy analyst, B.A., Harvard University. (Martin, David, and Julia,
“H4CKER5 WANTED: An Examination of the Cybersecurity Labor Market, RAND National Security
Research Division, 2014,
http://www.rand.org/content/dam/rand/pubs/research_reports/RR400/RR430/RAND_RR430.pdf//DM)
Within the last five years there has been a widespread drumbeat of concern about the perceived
difficulty of finding qualified people to defend the nation’s networks, currently under assault by
terrorists, spies, and criminals.
According to a 2010 story on NPR, “There may be no country on the planet more vulnerable to a
massive cyberattack than the United States, where financial, transportation, telecommunications and
even military operations are now deeply dependent on data networking. U.S. industry, government and
military operations are all at risk of an attack on complex computer systems, analysts warn. What’s
worse: U.S. security officials say the country’s cyberdefenses are not up to the challenge. In part, it’s
due to having too few computer security specialists and engineers with the skills and knowledge
necessary to do battle against would-be adversaries. The protection of U.S. computer systems
essentially requires an army of cyberwarriors, but the recruitment of that force is suffering” (Gjelten,
2010).
As bad as matters are for well-heeled employers, the problem may be more severe for the federal
government, said to lack the people to defend the networks that help defend the nation. In 2009,
Washington Post reported, “The federal government is struggling to fill a growing demand for skilled
computer-security workers, from technicians to policymakers, at a time when network attacks are rising
in frequency and sophistication. Demand is so intense that it has sparked a bidding war among agencies
and contractors for a small pool of ‘special’ talent: skilled technicians with security clearances. Their
scarcity is driving up salaries, depriving agencies of skills, and in some cases affecting project quality,
industry officials said.” It further cited an employee who won a 45 percent raise by jumping from the
NSA to a major contractor, and a further raise by jumping to a small employer who observed, “The pay
difference is so dramatic now, you can’t ignore it.” Another Post source, a military officer with 20 years’
cybersecurity experience and a coveted security clearance, was overwhelmed: “It’s mind-roasting. . . .
I’ve had people call my house, recruiters for defense contractors . . . probably 20 calls” (Nakashima and
Krebs, 2009).
Last May, Bloomberg News quoted Diane Miller, Northrop’s program director for the CyberPatriot
contest, who said “We just have a shortage of people applying” for 700 currently open positions. This
observation was echoed by Ryan Walters, who founded mobile data security company TerraWi Inc. in
2009: “I cannot hire enough cybersecurity professionals, I can’t find them, they’re not qualified.” His 12-
person firm was planning to expand to 20; the article went on to note, “Listings for cybersecurity
positions rose 73 percent in the five years through 2012, 3.5 times faster than postings for computer
jobs as a whole, according to Boston-based Burning Glass, a labor market analytics firm that collects
data from more than 22,000 online jobs sites.” Alan Paller, CEO of SANS, a cybersecurity-education
organization, told Bloomberg “We have a huge number of frequent flyers and a tiny number of fighter
pilots.” Finally, the story cited a letter written by JPMorgan Chase’s CEO saying that the bank “spends
approximately $200 million to protect ourselves from cyberwarfare and to make sure our data are safe
and secure [with 600 people dedicated to the task]. . . . This number will grow dramatically over the next
three years” (Rastello and Smialek 2013).
Those who are qualified are spoiled for choices: “Pretty much everyone here at the conference could
quit their jobs and have another job by the end of the day,” said Gunter Ollmann, vice president of
research at Damballa, an Atlanta-based security firm focused on cyberthreats and other remotely
controlled criminal threats. “The number of security companies is growing” (Brannigan, 2012).
In mid-2012, Jeff Moss, a prominent hacking expert who sits on the Department of Homeland Security
Advisory Council, told a Reuters conference, “ None of the projections look positive. . . . The numbers
I’ve seen look like shortages in the 20,000s to 40,000s for years to come .” A study earlier this year by
the industry group (ISC)2 found that 83 percent of federal hiring managers surveyed said it was
extremely difficult to find and hire qualified candidates for cybersecurity jobs (Lord and Stokes, 2012).
These are serious statements of concern . But is what is commonly referred to as a shortage of
cybersecurity professionals a long-term crisis or a short-term problem? Is it pervasive throughout the
sector or in certain segments within the sector? What potential policy options exist for addressing these
concerns? Our report addresses these questions.
AT: outsourcing solves worker shortages
Outsourcing doesn’t solve worker shortages
Libicki, Senty, and Pollak 14 – Martin C. Libicki has a Ph.D. in economics, University of California,
Berkeley; M.A. in city and regional planning, University of California, Berkeley; S.B. in mathematics,
Massachusetts Institute of Technology. Maj. Gen. David N. Senty is Chief of Staff, U.S. Cyber Command,
Fort George G. Meade, Md. The command plans, coordinates, integrates, synchronizes and conducts
activities to direct the operations and defense of specified Department of Defense information networks
and is prepared to, and when directed, conduct full-spectrum military cyberspace operations in order to
enable actions in all domains, ensure U.S./allied freedom of action in cyberspace and deny the same to
adversaries. Julia Pollak is an assistant policy analyst, B.A., Harvard University. (Martin, David, and Julia,
“H4CKER5 WANTED: An Examination of the Cybersecurity Labor Market, RAND National Security
Research Division, 2014,
http://www.rand.org/content/dam/rand/pubs/research_reports/RR400/RR430/RAND_RR430.pdf//DM)
Over the last 20 or more years, the government has finessed the problem of recruiting really skilled
individuals by outsourcing the work they would have done to private contractors. The outsourcers can
then pay market prices to deliver from qualified individuals services otherwise unavailable from direct
employees.
But outsourcing does not solve all problems. First, many military and some civilian tasks cannot be
performed by private contractors. Some of the reasons involve the hazards of being deployed in war
zones or on warfare platforms (although these have loosened considerably over the last quarter
century). More dominant are the legal issues associated with who can do what, many associated with
the chain of military command. Second, it takes federal employees to oversee the contracting process—
at very least to establish requirements, evaluate proposals, and select contractors. Oversight is
important. It takes talent to write a good specification for contracted work, particularly if rapid changes
in the environment suggest a corresponding requirement for rapid changes in what contractors are
asked to do. If federal employees lack the skills to write such specifications (and particularly if the
contractors understand as much), they are likely to be spending federal money inefficiently; hence, they
cannot be supplanted. Third, outsourcing creates a vicious circle. If the “cool jobs” are given to
contractors (Homeland Security Advisory Council, 2012), then extant and even prospective federal
employees will have that much less motivation to stay or to join the federal government to work on
cyber problems. This then reduces the quality of the federal labor pool, which then reinforces the initial
tendency to assign the “cool jobs” to contractors.
Solvency
FAA exclusivity
1nc – FAA exclusivity
Plan doesn’t restore trust – too small, NSA hacking, and metadata exemptions
Wheeler, 14 – PhD, independent journalist specializing in national security and civil liberties; former
senior policy analyst at The Intercept (Marcy, “A Radical Proposal of Following the Law” 11/24,
https://www.emptywheel.net/2014/11/24/a-radical-proposal-of-following-the-law/
Mieke Eoyang, the Director of Third Way’s National Security Program, has what Ben Wittes bills as a
“disruptive” idea: to make US law the exclusive means to conduct all surveillance involving US
companies.
But reforming these programs doesn’t address another range of problems—those that relate to
allegations of overseas collection from US companies without their cooperation.
Beyond 215 and FAA, media reports have suggested that there have been collection programs
that occur outside of the companies’ knowledge. American technology companies have been
outraged about media stories of US government intrusions onto their networks overseas, and
the spoofing of their web pages or products, all unbeknownst to the companies. These stories
suggest that the government is creating and sneaking through a back door to take the data. As
one tech employee said to me, “the back door makes a mockery of the front door.”
As a result of these allegations, companies are moving to encrypt their data against their own
government; they are limiting their cooperation with NSA; and they are pushing for reform.
Negative international reactions to media reports of certain kinds of intelligence collection
abroad have resulted in a backlash against American technology companies, spurring data
localization requirements, rejection or cancellation of American contracts, and raising the
specter of major losses in the cloud computing industry. These allegations could dim one of the
few bright spots in the American economic recovery: tech.
[snip]
How about making the FAA the exclusive means for conducting electronic surveillance when the
information being collected is in the custody of an American company? This could clarify that
the executive branch could not play authority shell-games and claim that Executive Order 12333
allows it to obtain information on overseas non-US person targets that is in the custody of
American companies, unbeknownst to those companies.
As a policy matter, it seems to me that if the information to be acquired is in the custody of an
American company, the intelligence community should ask for it, rather than take it without
asking. American companies should be entitled to a higher degree of forthrightness from their
government than foreign companies, even when they are acting overseas.
Now, I have nothing against this proposal. It seems necessary but wholly inadequate to restoring trust
between the government and (some) Internet companies. Indeed, it represents what should have been
the practice in any case.
Let me first take a detour and mention a few difficulties with this. First, while I suspect this might be
workable for content collection, remember that the government was not just collecting content from
Google and Yahoo overseas — they were also using their software to hack people. NSA is going to still
want the authority to hack people using weaknesses in such software, such as it exists (and other
software companies probably still are amenable to sharing those weaknesses). That points to the
necessity to start talking about a legal regime for hacking as much as anything else — one that parallels
what is going on with the FBI domestically.
Also, this idea would not cover the metadata collection from telecoms which are domestically covered
by Section 215, which will surely increasingly involve cloud data that more closely parallels the data
provided by FAA providers but that would be treated as EO 12333 overseas (because thus far metadata
is still treated under the Third Party doctrine here). This extends to the Google and Yahoo metadata
taken off switches overseas. So, such a solution would be either limited or (if and when courts
domestically embrace a mosaic theory approach to data, including for national security applications)
temporary, because some of the most revealing data is being handed over willingly by telecoms
overseas.
And before we institute this, we ought to know why the government was stealing overseas anyway. Was
it to get around already broadly defined FISA Amendments Act certifications, including a Foreign
Government one that can and apparently has been used for other purposes? Was it to collect on
Americans who otherwise couldn’t be picked up via a legitimate target? I’ve been told the government
was stealing algorithms, as much as content. That raises real questions about whether it is proper for
the government to demand that kind of proprietary analysis done by Internet companies, one that
would also need to be resolved in any such law.
Finally, one other problem with this is the criminal counterpart, the fact that DOJ is demanding
Microsoft respond to domestic warrants for content stored in Ireland. What will restore other countries’
trust — and therefore the international viability of these companies — is sovereignty, which is
something the government has been assiduously chipping away at even in the criminal context. Thus,
while a lot of intelligence people poo poo the notion of sovereignty in spying, until you solve that on the
overt stuff, you’re still going to be killing your tech base. So again, this only solves part of the problem,
and even since the Snowden leaks started, DOJ seems intent only to double down.
Moreover, I don’t think this is the sphere in which the response to NSA’s theft overseas will play out, it
will be the technological sphere, at least in the near term. What no one within the National Security
establishment wants to admit is how badly NSA already shat the bed by stealing Google’s data overseas.
Google is a worthy technical adversary to NSA (which is not to say it’s not a voracious spy in its own
right, serving its own needs). And it will take a lot — far more than simply agreeing to what should have
been the practice in any case — to get Google to not treat the government as an technical adversary, at
least insofar as protecting its own networks generally. That’s as it should be, frankly. If NSA can steal
from Google, so can, in the medium term, China.
Google, Apple, and Facebook have the heft and resources that a lot of the countries reacting to the NSA
disclosures don’t have. They also have an urgent market need to respond, or at least create a credible
illusion of responding. Few in DC seem to get that yet. That the proposed solutions to the damage NSA
did to Google are so modest (effectively throwing table scraps to a wounded lion) is, in my mind,
evidence that the NatSec world doesn’t yet grasp how badly NSA’s hubris has already hurt the Agency.
The perception of illegality under international law prevents solvency
Rubinstein and Hoboken 14 – *Senior Fellow at the Information Law Institute (ILI) and NYU School of
Law, AND **Microsoft Research Fellow in the Information Law Institute at New York University, PhD
from the University of Amsterdam (Ira and Joris Van, PRIVACY AND SECURITY IN THE CLOUD: SOME
REALISM ABOUT TECHNICAL SOLUTIONS TO TRANSNATIONAL SURVEILLANCE IN THE POST- SNOWDEN
ERA, 66 Maine L. Rev. 488, September 2014, http://ssrn.com/abstract=2443604)//JJ
If anything, the Snowden leaks clearly illustrate that global cloud service providers are facing a new class
of threats from intelligence agencies across the world. The revelations are many and diverse in nature.
This Article proposes that, from the perspective of the cloud industry, the threats can be generally
distinguished in terms of front-door versus backdoor access to data and communications handled by
cloud providers. Revelations of front-door access in the U.S. context include PRISM and the widely
discussed telephone metadata program.13 The PRISM program is conducted on the basis of Section 702
of the FISA Amendments Act 2008 (FAA), under which the U.S. intelligence community has successfully
gained access to data from U.S. cloud services related to non-U.S. persons reasonably believed to be
outside the U.S.14 Under this program, the NSA gains access by demanding cloud and communication
service providers hand over customer information and content, requiring annual certification, and with
targeting and minimization procedures reviewed by the Foreign Intelligence Surveillance Court.15 What
is most striking about these programs is the structural basis and scale on which access takes place. In
addition, many have raised doubts about the statutory and constitutional basis of these programs
under U.S., international, as well as foreign law. 16 Observers and stakeholders from outside of the
United States are especially troubled by the fact that Section 702 would clearly violate the Fourth
Amendment if it were designed to intercept the communications of U.S. persons.17
2nc – 702 fails
702 won’t solve perception – the problem is the programs 702 authorized
Donohue 15 – Professor of Law, Georgetown Law and Director, Center on National Security and the
Law, Georgetown Law (Lauren, HIGH TECHNOLOGY, CONSUMER PRIVACY, AND U.S. NATIONAL
SECURITY, Symposium Articles, 4 Am. U. Bus. L. Rev. 11 p.37, 2015, Hein Online)//JJ
As a matter of Section 702 and the interception of international content, PRISM and Upstream collection
present global concerns. Neither program has yet to be addressed through any legislative change. The
existence of these programs , while perhaps statutorily consistent with the FISA Amendments Act , as
well as constitutionally sufficient with regard to the interception of non-U.S. persons communications,
where the individual is reasonably believed to be located outside the United States, goes some way
towards undermining international confidence in U.S. companies.
Section 702 limit doesn’t resolve perception problems – the primary fear is what 702
authorizes
Granick, 13 – civil liberties director for the Center for Internet and Society at Stanford Law School
(Jennifer, “REFORMING FISA: A CRITICAL LOOK AT THE WYDEN/UDALL PROPOSAL AND FOREIGN
SURVEILLANCE” 9/30, http://cyberlaw.stanford.edu/publications/reforming-fisa-critical-lookwydenudall-proposal-and-foreign-surveillance
Rather than focus on section 215, I want to focus in this post on the bill’s proposed reforms to section
702 of the FISA Amendments Act, or FAA. This is the provision underlying the PRISM program—and its
use to obtain the content of phone calls and Internet messages, which Glenn Greenwald revealed based
on Edward Snowden’s documentation. There’s been less discussion of the problems with section 702
than of those with section 215, even as we’ve learned some worrisome things about the way the NSA
uses this legal authority. The new bill would address some, but by no means all, of these problems. In
my opinion, it needs to be broader.
I. Bacgkround
First, some legal and technological background is in order. Traditional FISA required the government to
show probable cause that the target of the underlying foreign intelligence surveillance was an agent of a
foreign power and would use the facilities at which the government planned to direct surveillance
before conducting electronic surveillance. This probable cause requirement had the practical effect of
limiting surveillance to communications to or from individuals who are reasonably believed to be
working for another government or a terrorist group.
In addition to the expansions created in 2001 by the USA PATRIOT Act (including section 215), section
702 of the FAA created a new source of authority for conducting warrantless electronic surveillance. If
the Attorney General and the Director of National Intelligence certify that the purpose of the monitoring
is to collect foreign intelligence information about any non-American individual or entity not known to
be in the United States, the Foreign Intelligence Surveillance Court (FISC) can require companies to
provide access to Americans’ international communications. The court does not approve the target or
the facilities to be monitored, nor does it assess whether the government is doing enough to minimize
the intrusion, correct for collection mistakes, and protect privacy. Once the court approves the
certification, the government can issue top-secret directives to Internet companies like Google and
Facebook to turn over calls, e-mails, video and voice chats, photos, voice-over IP calls (like Skype), and
social networking information.
Enter, PRISM. PRISM surveillance is technologically complicated, involving both the aforementioned
directives demanding that companies turn over the contents of user Internet messages, as well as
upstream surveillance conducted directly on the fiber optic cables carrying telecommunications and
Internet traffic. Pulling the right stuff off the cables as it travels is a technological challenge. Reports
suggest that one way the NSA has accomplished this surveillance is via the XKeyScore tool, which
appears to copy and temporarily store almost everything that flows over the network, filter that traffic
based on various selection criteria, and store the subset in different databases for longer periods of
time. No one has yet identified the legal authority under which the NSA justifies XKeyScore. It cannot be
the FAA because that law does not authorize copying everything, even for a short period of time.
Leaving that question aside for now, I want to highlight several pernicious results of the FISA
Amendments Act or FAA.
Americans’ communications with targets overseas are subject to warrantless interception. Once those
communications are collected, current rules allow the NSA to search the trove for U.S. person
identifiers, which Wyden has referred to as the “back door searches loophole”.
The non-U.S. targets include regular people, not just those who are agents of foreign powers. While
analysts provide their foreign intelligence purpose when selecting the target, the rationale is just one
short sentence.
By untethering surveillance from facilities that the target uses, the FAA greatly increased the
opportunity for the NSA to collect information about rather than just to or from the target. As an
example, if I monitor a network for “Jennifer Granick” and Jennifer Granick uses that network, I’ll get her
communications, and maybe some messages about her. If I can monitor any facility for “Jennifer
Granick”, I’m going to pull only messages about, but not to or from her.
II. The Wyden/Udall Proposal
Enter the new bill. The fact sheet says the Intelligence Oversight and Surveillance Reform Act would
reform section 702 to:
Close the “back door searches” loophole;
Prohibit the government from collecting communications that are “about the target”, in non-terrorism
contexts;
Strengthen the prohibition against “reverse targeting,” or targeting a foreigner in order to warrantlessly
acquire the communications of an American who is known to be communicating with that foreigner;
and
Place stronger statutory limits on the use of unlawfully collected information.
These are critical reforms. I would like to see the bill further include a higher standard of care with
regards to ensuring that people inside the U.S. are not targeted. As Professor Christopher Sprigman and
I argued in the New York Times, PRISM is designed to produce at least 51 percent confidence in a
target’s “foreignness” — as John Oliver of “The Daily Show” put it, “a coin flip plus 1 percent.” In other
words, 49 percent of the time the NSA may be acquiring information it is not allowed to have, even
under the terrifyingly broad auspices of the FAA.
More fundamentally, though, the Wyden/Udall bill does not fully address a fundamental problem with
the FAA, which is that it authorizes surveillance of average citizens of other countries for reasons that
are not necessarily related to the security of the United States. Senator Udall acknowledged in the press
conference announcing the bill (at 30:17) that the NSA’s unfettered spying has had and will continue to
have an adverse economic effect on U.S.-based businesses, and that this is one of the motivations
behind the bill.
Prohibiting “about the target” collection is one giant step forward. That would mean that non-targets
outside the U.S. could not be subject to surveillance under this law just because they talk about a target,
unless their conversation is related to terrorism. Depending on the details of the targeting and
minimization procedures, if my British friend in London and I email about our dismay over the Kenya
attacks, that would be fair game, but our conversation about the policies of Brazilian President Dilma
Roussef would be off limits.
However, targets still need not be agents of foreign powers so long as a significant purpose of the
collection is foreign intelligence. Foreign intelligence is broad, and includes any information that “relates
to” the conduct of U.S. foreign affairs. For example, DNI James Clapper affirmed that the U.S. collects
information about economic and financial matters to “provide the United States and our allies early
warning of international financial crises which could negatively impact the global economy … or to
provide insight into other countries’ economic policy or behavior which could affect global markets.”
Monitoring economic and financial matters is in the United States’ national interest. However, routine
eavesdropping upon common foreigners to discover information about these matters is a bad idea. First,
foreigners have privacy rights, too. Freedom from arbitrary interference with one’s privacy is part of the
Universal Declaration of Human Rights.
Next, this monitoring is detrimental to U.S. companies and to the United States’ long-term interests in
promoting democratic ideals. As Sprigman and I argue, although it may be legal, unfettered U.S. spying
on foreigners will cause serious collateral damage to America’s technology companies, to our Internetfueled economy, and to human rights and democracy the world over. Since our Atlantic article on June
28th, and the disclosure that the NSA targeted both Petrobras and President Dilma Roussef, Brazil has
announced that it will look into requiring Internet companies to store its citizens’ data locally, and take
other steps that threaten to balkanize the global Internet. When Brazil takes these steps, it gives
comfort and cover to authoritarian countries who will do the same, so that they can better censor, spy
on, and control Internet access within their own borders.
Front-door access also hurts cloud computing
Rubinstein and Hoboken 14 – *Senior Fellow at the Information Law Institute (ILI) and NYU School of
Law, AND **Microsoft Research Fellow in the Information Law Institute at New York University, PhD
from the University of Amsterdam (Ira and Joris Van, PRIVACY AND SECURITY IN THE CLOUD: SOME
REALISM ABOUT TECHNICAL SOLUTIONS TO TRANSNATIONAL SURVEILLANCE IN THE POST- SNOWDEN
ERA, 66 Maine L. Rev. 488, September 2014, http://ssrn.com/abstract=2443604)//JJ
3. Front-Door Access and Its Limitations
If the measures described in the preceding Section are effective, they may help to push the intelligence
community to seek access through the front door. In the next Section, we will analyze to what extent
the U.S. government may compel web services to assist law enforcement and intelligence agencies in
gaining access to secure communications and what this implies about the efficacy of technical
countermeasures such as encryption. More generally, it is important to note that there are multiple
ways to gain lawful access to information in the cloud and no clear legal rules with respect to which
entity should be targeted (the clouds service, the cloud customer, or the communications infrastructure
that is used to connect users and servers). In the absence of such rules, cloud services may rely on
technical and organizational measures to dissuade government agencies from targeting the
communications infrastructure in favor of a more direct approach to the cloud service or the cloud
customer. There are two clear reasons for industry to have a strong preference against access through
infrastructure not under its control. First, it negatively affects the relationship with their customers if
third parties can gain access to data without the service provider’s knowledge and makes it hard to give
guarantees about potential access to data by third parties. Second, it would mean that sensitive or
valuable business data is accessible to others in the value chain, who could try to use such access for
competitive reasons.
But while backdoor access is problematic from the industry’s perspective, even front-door access is not
wholly satisfactory in terms of addressing the concerns of foreign customers of U.S. cloud services .
Most importantly, Section 702 of the FAA authorizes front-door access to cloud computing services
under rules that offer reduced privacy protections to non-U.S. persons. Once a so-called selector for the
acquisition of foreign intelligence information has been internally approved within NSA, “service
providers are legally compelled to assist the government by providing the relevant
communications.”163 The differences in the safeguards applicable to U.S. persons and non-U.S. persons
under the Section 702 program have been well-documented.164 Crucially, the Fourth Amendment does
not apply to non-U.S. persons outside the U.S., which is clearly reflected in the language of Section 702
itself.165
It follows that foreign cloud customers, even after being reassured about enhanced security against
backdoor access to data, may still not find the shift to cloud computing very attractive, given that they
do not have access to optimal protection due to current market conditions and offerings. It seems
likely that as a result of the transition to cloud computing, the storage and processing of digital
information will end up being handled by a relatively small number of players. Eventually, it is this
market concentration that could make cloud providers a particularly attractive avenue for government
surveillance. But when data of a U.S. or non-U.S. cloud customer is sought from a cloud provider under
Section 702 or similar programs, it raises the possibility that foreign intelligence agencies may gain
access to the data of foreigners without their knowledge. This represents a significant change in the
status quo that organizational customers of cloud services may be unwilling to accept. As mentioned,
Microsoft recently asserted itself in this debate. Specifically, it has stated the principle that lawful access
should not take place through the targeting of cloud providers but through the targeting of the
organizations themselves. According to Microsoft, government agencies should “go directly to business
customers or government customers for information or data about one of their employees—just as they
did before these customers moved to the cloud—without undermining their investigation or national
security.”166
Eoyang concedes 702 is a weak limit
Eoyang and Bishai, 15 - *Mieke Eoyang is the Director of the National Security Program at Third Way, a
center-left think tank. She previously served as Defense Policy Advisor to Senator Edward M. Kennedy,
and a subcommittee staff director on the House Permanent Select Committee on Intelligence, as well as
as Chief of Staff to Rep. Anna Eshoo (D-Palo Alto); **Chrissy Bishai is a Fellow at Third Way (“Restoring
Trust between U.S. Companies and Their Government on Surveillance Issues” 3/19,
http://www.thirdway.org/report/restoring-trust-between-us-companies-and-their-government-onsurveillance-issues
Of course, FAA Exclusivity wouldn’t solve every problem. It would not prevent foreign governments from
collecting information themselves and then providing it to U.S. intelligence agencies, as U.S. law cannot
bind a foreign government. And some may argue that FAA provides inadequate civil liberties protections
for Americans. This proposal says nothing about the adequacy of that statute in this respect. What it
says is that for data held by an American company about a target that is not a U.S. person, the checks
within FAA are stronger than those solely under E.O. 12333.
Empirically – NSA over-collection is because of the FISC
Sommer, 14 - The author is with ZwillGen PLLC in Washington, D.C.; a law firm that represented a
telecomm provider against a FISA order (Jacob, “FISA Authority and Blanket Surveillance: A Gatekeeper
Without Opposition” Litigation, Spring, Vol. 40 No. 3
http://www.americanbar.org/publications/litigation_journal/201314/spring/fisa_authority_and_blanket_surveillance_gatekeeper_without_opposition.html
The window left open in Keith seems to be closed. Similarly, the FISC has approved of the NSA’s “collect
now, restrict searching later” approach to minimization. See In re Application of the F.B.I. for an Order
Requiring the Production of Tangible Things from [Redacted], No. BR 13-109, LEXIS 134786 (FISA Ct.
Sept. 13, 2013). In other words, the FISC has found no constitutional or statutory impediment to the
government “over collecting” data—so long as it does not intentionally collect wholly domestic
communications and it has minimization procedures to restrict access. There is no indication that the
government has used its surveillance powers improperly (except in a limited number of circumstances
attributable to NSA employee misconduct), but the FISC has not taken a robust view of the Fourth
Amendment.
PPD-28
1nc – PPD-28 fails
PPD-28 privacy protections aren’t credible internationally
Rainey 15 *director of the activism team at the Electronic Frontier Foundation, Chief Operating Officer
and co-founder of the Freedom of the Press Foundation (Rainey,“Obama Announces New Privacy Rules
for the World. World Not Impressed.”, Electronic Frontier Foundation, 02/10/15,
https://www.eff.org/deeplinks/2015/02/obama-announces-new-privacy-rules-world-world-notimpressed)//GK
President Obama recently announced slight changes to NSA data collection practices. The recent tweaks mean two new privacy
protections for those that U.S. law considers foreigners (in this case, people who are outside of the United States borders
who are neither U.S. citizens nor legal U.S. residents). Perhaps you’re thinking Obama is using his executive authority to stop the mass
surveillance of all Internet traffic of people worldwide? Nope, not quite. The new protections are: If the U.S. government collects information
about a foreigner, it will consider the privacy ramifications before disseminating that information, such as to other governments;1 and If the
U.S. government collects information on innocent foreigners not connected to any crime or investigation and the information has no national
security value, it will dispose of that information after five years.2 That’s right, the world's
personal information will only be
retained for five short years. And that's if the U.S. government decides you're not under suspicion. David
Medine, the chairman of the Privacy and Civil Liberties Oversight Board, has said that "There’s no country on the planet that has gone this far to
improve the treatment of non-citizens in government surveillance." That’s certainly laudable. However, a critic might also note that there’s no
country on earth extending such enormous resources into surveilling all the people on the planet, so the United States has more room for
"improvement" than most countries. (That's certainly what President Obama implied when he spoke of his country's "unique" capabilities in his
speech defending the new rules.) We wondered if people worldwide would be excited about these new privacy protections, and so we reached
out to a few of our global partners to solicit their feedback. Here’s what they thought of Obama’s protections for the privacy rights on non-US
citizens: "This
decision is not only a confirmation of the disregard the United States has for its international
human rights obligations, but given the fact that the US is treating our privacy worse than our own governments, it sends a
terrible message for human rights defenders fighting against unchecked surveillance in our own country," said
Luis Fernando García, a lawyer at Network for Digital Rights in Mexico. "Deleting is no comfort at all because it can never be
confirmed," said Professor K.S. Park of Korea University Law School, "Korea also allows warrantless wiretapping of overseas people for
national security purposes. The United States should not set a bad precedent for the whole world to follow." And
Carolina Botero, a Colombian researcher and blogger with Fundacion Karisma, said, "Mass surveillance is unacceptable in democratic societies
because of the threat it poses to human rights. Obama's
reforms to NSA practices fail to address this situation for his
citizens and continue the obnoxious violation of the privacy rights of foreigners. A data retention period of 5 years is
a clear example of an illegal measure that can be seen abroad as justification for similar laws in other countries."
PPD – 28 doesn’t solve for the breadth of Executive Order 12333 circumvention
Schlanger 15* Henry M. Butzel Professor of Law at the University of Michigan (Margo, “Guest Post: US
Intelligence Reforms Still Allow Plenty of Suspicionless Spying on Americans”, Just Security, 02/13/15,
http://justsecurity.org/20033/guest-post-intelligence-reforms-plenty-suspicionless-surveillanceamericans/)//GK
Last week, the Obama Administration released a report and documents cataloging progress toward signals intelligence (SIGINT) reform goals
set a year ago by the President in a document known as PPD-28. PPD-28
promises foreigners some of the same privacy
protections given to US citizens and residents. But it turns out that those protections, even for citizens, are fairly
meager, in ways that have not yet fully entered the public conversation about surveillance. US citizens and residents have been —
and remain — exposed to suspicionless electronic surveillance. Implementation of PPD-28 will do little to
change that. To my mind, the surveillance I’m about to describe, which proceeds under Executive Order 12333, rather
than FISA, is far more worrisome than the programs under Section 215 of the Patriot Act and Section 702 of the FISA
Amendments Act that have received so much recent attention. (For example, here and here for Section 215, here and here for Section 702, and
here and here for more general info.) This
is content surveillance that applies to both wholly and partially domestic
communications of US citizens and residents. The access and analysis rules are very, very loose. There is no judicial
supervision of any kind, and Congress does almost no 12333 oversight. (See here for more on how FISA and 12333
differ). Let’s start with what we know, and then dive into how we know it. What do we know? Non-selective “vacuum cleaner” SIGINT collection
— mass collection of communications unlimited by particular communicants or subjects — is outside FISA’s ambit, so long as the collection is
either done abroad (for wire communications like those carried on landlines or cables) or involves at least one foreign communicant (for
wireless communications). This kind of collection can and does include wholly and partially domestic communications of US citizens and
residents. Once collected, analysis of these communications is also outside FISA’s ambit. Instead, the use of SIGINT that was collected vacuumcleaner-style is limited by PPD-28 to six topics: detecting and countering espionage, terrorism, weapons of mass destruction, cybersecurity
threats, threats to the armed services, and transnational crime. This kind of entirely unlimited SIGINT collection is not favored, however:
According to its new policies implementing PPD-28, when “practicable,” the NSA
searches for communications
containing specific terms that narrow its collection to topics like “nuclear proliferation, oil sales, [and] economics.” Economics!
Again, so long as the collection is either done abroad (for wire communications) or involves at least one foreign communicant
(for wireless communications), FISA does not regulate term searching based on subject matter, rather than the identity
of a communicant. And because this approach uses a “discriminant,” it is not deemed “bulk” collection for
purposes of PPD-28. It may thereafter be searched by the NSA for any and all foreign intelligence
purposes, not just the six topics identified above. When the NSA uses subject matter searching — whether to acquire data
or to search raw SIGINT acquired in bulk or otherwise — there is a mild tailoring requirement. Specifically, policy requires use of
only selection terms that are reasonably likely to flag communications that include foreign intelligence topics (like oil sales). Policy also requires
the NSA to try to develop selection techniques that “defeat, to the greatest extent practicable under the circumstances” interception of nonforeign intelligence communications. While we don’t know what “practicable” means in this context, term searching is very familiar; just think
of using Google or Westlaw. It seems inevitable that this
approach exposes an extraordinary amount of innocent
Americans’ communications to the eyes of intelligence analysts. So, when the President says that foreigners will get the
same protections against surveillance as US citizens and residents, keep in mind that those protections leave a lot out.
2nc – PPD-28 fails
PPD-28 doesn’t cover collection that uses term searching – it creates an enormous
loophole
Schlanger 15* Henry M. Butzel Professor of Law at the University of Michigan (Margo, “Guest Post: US
Intelligence Reforms Still Allow Plenty of Suspicionless Spying on Americans”, Just Security, 02/13/15,
http://justsecurity.org/20033/guest-post-intelligence-reforms-plenty-suspicionless-surveillanceamericans/)//GK
PPD-28 adds the smallest bit of extra protection. It limits what it describes as “bulk” collection to six
specified purposes (detecting and countering espionage, terrorism, weapons of mass destruction, cybersecurity threats, threats to the armed
services, and transnational crime). These are considerably narrower than “foreign intelligence. But
the narrower purpose rules of
PPD-28 don’t cover collection that uses term searching, no matter how wide-open these terms are, or how much data is
acquired under them. Quite the contrary; such collection is excluded by definition. PPD-28 states: “References to signals
intelligence collected in ‘bulk’ mean the authorized collection of large quantities of signals intelligence data which, due to technical or
operational considerations, is acquired without the use of discriminants (e.g., specific identifiers, selection terms, etc.).” (Emphasis added).
Moreover, the
Directive specifically states that its limits on “bulk” collection “do not apply to signals intelligence
acquired to facilitate targeted collection.” This carve-out is revealing: there would be no reason for
it unless the NSA does, in fact, “temporarily acquire” data and then subject it to various searches that
facilitate “targeted” collection for purposes not authorized for bulk collection. (Note that PPD-28 does not define “targeted;” I infer
data that is temporarily
that “targeted” here covers use of topical selection terms as well as communicant targeting, but I may be incorrect in this inference.) And
finally, the
NSA procedures released last week, which now govern SIGINT procedures for non-US persons,
constrain the agency the tiniest bit more, stating a preference for collecting data on specific subjects instead of collecting
everything: Whenever practicable, collection will occur through the use of one or more SELECTION TERMS in
order to focus the collection on specific foreign intelligence targets (e.g., a specific, known international terrorist or terrorist group) or specific
foreign intelligence topics (e.g., the proliferation of weapons of mass destruction by a foreign power or its agents). Note, though, that
notwithstanding the parenthetical examples, subject matter searching can be for any foreign intelligence topic (oil sales, economics, etc.), not
just counterterrorism or counterproliferation. to your domestic communications. Lots of unanswered questions remain: what about FBI and
CIA? How much unfiltered content communication data does the IC actually collect? How much does it retain? And so on. We’d need much
more transparency to answer those questions and dozens more that deserve answers.
PPD-28 can’t solve – too limited
Nojeim 14 – Senior Counsel and Director of the Freedom, Security, and Technology Project at the Center
for Democracy & Technology, B.A. University of Rochester, J.D. University of Virginia (Gregory, WRITTEN
STATEMENT REGARDING SHORT AND LONG TERM AGENDA OF THE PRIVACY AND CIVIL LIBERTIES
OVERSIGHT BOARD, Center for Democracy and Technology, 8/29/14,
https://d1ovv0c9tw0h0c.cloudfront.net/files/2014/09/pclob-written-statement-82914.pdf)//JJ
Rights of Non-U.S. Persons
PCLOB’s agenda should also include a searching examination of the impact of U.S. surveillance activities
under all intelligence authorities, including Executive Order 12333 and FISA Section 702, on the rights of
non-U.S. persons to privacy, free expression and redress for violation of rights. PCLOB has already
committed to examining the rights of non-U.S. persons in the context of the input it plans to offer on
implementation of PPD-28. This is insufficient because PPD-28 is so limited . In particular, while PPD-28
does call for subjecting information about non- U.S. persons to the same retention and dissemination
restrictions that pertain to information collected about U.S. persons, it does not subject collection
activities to such restrictions. When assessing the impact of surveillance on the rights of non-U.S.
persons, we urge you to assess collection activities as well.
PCLOB’s assessment of the rights of non-U.S. persons ought to start with internationally accepted
human rights. Indeed, PPD-28 states that non-U.S. persons have such rights, but does little to spell
them out . Last year, CDT released a report that includes a normative framework based on human rights
standards that can be used for assessing surveillance This year, the United Nations High Commissioner
for Human Rights issued a report 8 activities. that also provides an excellent framework for analyzing
U.S. surveillance activities under international law. CDT, have endorsed the “Necessary and
Proportionate Principles,10 which could also serve as a starting point for PCLOB’s assessment. In making
its assessment, we urge the PCLOB to focus in particular on the internationally recognized rights to
privacy, free, expression, and the right to a remedy for violations of these rights.
PPD-28 fails --- too many loopholes
Rotenberg, EPIC President and Executive Director, 6-16-15 [Electronic privacy information
center, non-profit research and educational organization established in 1994 to focus
public attention on emerging privacy and civil liberties issues.12 We work with a distinguished panel of
advisors in the fields of law, technology and public policy., COMMENTS OF THE ELECTRONIC PRIVACY
INFORMATION CENTER, file:///C:/Users/Jonah/Downloads/EPIC-12333-PCLOB-Comments-FINAL.pdf]
Schloss2
The updated signals intelligence principles stated in Presidential Policy Directive 28 (“PPD-28”) are not
sufficient to promote transparency about collection practices. PPD-28 requires the intelligence
community to “safeguard[] personal information collected from signals intelligence activities.”90 The
focus of PPD-28 was to protect information already collected (i.e. through dissemination and retention
procedures) rather than to minimize the amount of information collected in the first place. The ongoing
collection of innocent and irrelevant USP information and communications is a violation of the basic
principles underlying the Privacy Act and EO 12333 itself, regardless of how the data is subsequently
used. The Director of National Intelligence should require agencies to update and publicly release their
data collection policies, especially as it applies to incidental collection of USP information.
In response to the PPD-28, the intelligence community members prepared reports that did not
sufficiently inform the public about their data collection policies. Some agencies did not disclose
collection policies at all. The FBI and Coast Guard wrote that it would “collect (including through
clandestine means), analyze, produce, and disseminate foreign intelligence and counterintelligence.”91
This phrase is vague and does not reveal whether collection includes, for example, the use of specific
identifiers or terms to narrow collection. Other agency reports imply that some collection guidelines are
still hidden. The NSA wrote that “collection will be handled in accordance with these procedures and
USSID SP0018, including its Annexes.”92 However, the Annexes are not released, though they may
provide more detail as to how the NSA handles collection. A DoD document stated that the CSA, DIA,
NGA, NRO, and NSA must update “their existing policies and procedures” to comply with PPD-28, but
very little of these internal policies and procedures have been published.93 The documents should be
published, or more details given, to provide for more transparency and oversight about collection.
Some agency reports are also inconsistent in their definitions of collection, which detracts from
transparency and oversight. It is unclear whether each agency simply has a different definition of
“collection” or whether the uniform definition of collection simply is not public. Some agencies use
selectors in the definition of collection while others do not. The CIA reported that “SIGINT collected in
bulk - means the authorized collection of large quantities of signals intelligence data . . . acquired
without the use of discriminants (e.g., specific identifiers, selection terms, etc.).”94 On the other hand,
the NSA stated that “[w]henever practicable, collection will occur through the use of one or more
selection terms.”95 It is still unclear whether the definition of collection includes the use of selectors. In
addition, the Coast Guard defines collection as not including processing, through the rule of surplusage
(i.e. “collection” and “processing” in a list means that their definitions are not redundant and
repetitive).96 However, the DHS states that “[c]ollection means the gathering or receipt of information .
. . coupled with an affirmative act
demonstrating intent to use or retain that information for intelligence purposes.”97 The DHS definition
of collection appears to require an additional step beyond the NSA definition of collection. These
policies should be made public and updated to provide for clarity and better oversight.
No modeling
1nc – no modeling
Modeling is empirically false
Edgar, 4/13/15 - visiting fellow at the Institute and adjunct professor of law at the Georgetown
University Law Center (Timothy, “The Good News About Spying”
https://www.foreignaffairs.com/articles/united-states/2015-04-13/good-news-about-spying
Despite high hopes for a fresh start on civil liberties, during his first term in office, Obama ratified and
even expanded the surveillance programs that began under former President George W. Bush. After
NSA contractor Edward Snowden began revealing the agency’s spying programs to The Guardian in
2013, however, Obama responded with a clear change of direction. Without great fanfare, his
administration has made changes that open up the practices of the United States intelligence
community and protect privacy in the United States and beyond. The last year and a half has been the
most significant period of reform for national security surveillance since Senator Frank Church led the
charge against domestic spying in the late 1970s.
In 2013, at Obama’s direction, the Office of the Director of National Intelligence (ODNI) established a
website for the intelligence community, IC on the Record, where previously secret documents are
posted for all to see. These are not decades-old files about Cold War spying, but recent slides used at
recent NSA training sessions, accounts of illegal wiretapping after the 9/11 attacks, and what had been
highly classified opinions issued by the Foreign Intelligence Surveillance Court about ongoing
surveillance programs.
Although many assume that all public knowledge of NSA spying programs came from Snowden’s leaks,
many of the revelations in fact came from IC on the Record, including mistakes that led to the
unconstitutional collection of U.S. citizens’ emails. Documents released though this portal total more
than 4,500 pages—surpassing even the 3,710 pages collected and leaked by Snowden. The Obama
administration has instituted other mechanisms, such as an annual surveillance transparency report,
that will continue to provide fodder for journalists, privacy activists, and researchers.
The transparency reforms may seem trivial to some. From the perspective of an intelligence community
steeped in the need to protect sources and methods, however, they are deeply unsettling. At a Brown
University forum, ODNI Civil Liberties Protection Officer Alexander Joel said, “The intelligence
community is not designed and built for transparency. Our culture is around finding our adversaries’
secrets and keeping our own secrets secret.” Accordingly, until only a few years ago, the intelligence
community resisted making even the most basic information public. The number of FISA court opinions
released to the public between 1978 and 2013 can be counted on one hand.
Beyond more transparency, Obama has also changed the rules for surveillance of foreigners. Until last
year, privacy rules applied only to “U.S. persons.” But in January 2014, Obama issued Presidential Policy
Directive 28 (PPD-28), ordering intelligence agencies to write detailed rules assuring that privacy
protections would apply regardless of nationality. These rules, which came out in January 2015, mark
the first set of guidelines for intelligence agencies ordered by a U.S. president—or any world leader —
that explicitly protect foreign citizens’ personal information in the course of intelligence operations.
Under the directive, the NSA can keep personal information in its databases for no more than five years.
It must delete personal information from the intelligence reports it provides its customers unless that
person’s identity is necessary to understand foreign intelligence—a basic rule once reserved only for
Americans.
The new rules also include restrictions on bulk collection of signals intelligence worldwide—the practice
critics call “mass surveillance.” The NSA’s bulk collection programs may no longer be used for
uncovering all types of diplomatic secrets, but will now be limited to six specific categories of serious
national security threats. Finally, agencies are no longer allowed simply to “collect it all.” Under PPD-28,
the NSA and other agencies may collect signals intelligence only after weighing the benefits against the
risks to privacy or civil liberties, and they must now consider the privacy of everyone, not just U.S.
citizens. This is the first time any U.S. government official will be able to cite a written presidential
directive to object to an intelligence program on the basis that the intelligence it produces is not worth
the costs to privacy of innocent foreign citizens.
THOSE IN GLASS HOUSES
Obama’s reforms make great strides toward transparency and protecting civil liberties, but they have
been neither celebrated nor matched abroad . When Chancellor Angela Merkel of Germany found out
she had been the target of American eavesdropping, her reaction was swift. “This is not done,” she said,
as if scolding a naughty child. Many Germans cheered. They and other Europeans believe that their laws
protect privacy better than U.S. laws. But that is only partly true: Although Europe has stronger
regulations limiting what private companies (such as Google and Facebook) can do with personal data,
citizens are granted comparatively little protection against surveillance by government agencies.
European human rights law requires no court approval for intelligence surveillance of domestic targets,
as U.S. law has since 1978. Similarly, European governments do not observe limits on electronic
surveillance of non-citizens outside of their own territories, as the United States now does under
Obama’s presidential policy directive.
By blaming only the NSA for mass surveillance, the public and foreign leaders let other intelligence
services off the hook. No wonder that some human rights organizations, including Privacy International
and Big Brother Watch UK, have filed legal challenges against mass surveillance by the NSA’s British
counterpart, the Government Communications Headquarters (GCHQ). But foreign leaders have taken
few steps to limit government surveillance, and none have done anything remotely comparable to
what Obama did in last year’s directive.
2nc – no modeling
No modeling over legal rules – enabling tech makes international surveillance
inevitable
Schneier, 15, fellow at the Berkman Center for Internet and Society at Harvard Law School, a program
fellow at the New America Foundation's Open Technology Institute, a board member of the Electronic
Frontier Foundation, an Advisory Board Member of the Electronic Privacy Information Center, and the
Chief Technology Officer at Resilient Systems, Inc (Bruce, Data and Goliath: the Hidden Battles to Collect
Your Data and Control Your World, Ch. 12)//AK
Much of the current surveillance debate in the US is over the NSA’s authority, and whether limiting the
NSA somehow empowers others. That’s the wrong debate. We don’t get to choose a world in which the
Chinese, Russians, and Israelis will stop spying if the NSA does. What we have to decide is whether we
want to develop an information infrastructure that is vulnerable to all attackers, or one that is secure for
all users. Since its formation in 1952, the NSA has been entrusted with dual missions. First, signals
intelligence, or SIGINT, involved intercepting the communications of America’s enemies. Second,
communications security, or COMSEC, involved protecting American military—and some government—
communications from interception. It made sense to combine these two missions, because knowledge
about how to eavesdrop is necessary to protect yourself from eavesdropping, and vice versa.
The two missions were complementary because different countries used different communications
systems, and military personnel and civilians used different ones as well. But as I described in Chapter 5,
that world is gone. Today, the NSA’s two missions are in conflict.
Laws might determine what methods of surveillance are legal, but technologies determine which are
possible. When we consider what security technologies we should implement, we can’t just look at our
own countries. We have to look at the world. We cannot simultaneously weaken the enemy’s networks
while still protecting our own. The same vulnerabilities used by intelligence agencies to spy on each
other are used by criminals to steal your financial passwords. Because we all use the same products,
technologies, protocols, and standards, we either make it easier for everyone to spy on everyone, or
harder for anyone to spy on anyone. It’s liberty versus control, and we all rise and fall together. Jack
Goldsmith, a Harvard law professor and former assistant attorney general under George W. Bush, wrote,
“every offensive weapon is a (potential) chink in our defense—and vice versa.”
For example, the US CALEA law requires telephone switches to enable eavesdropping. We might be okay
with giving police in the US that capability, because we generally trust the judicial warrant process and
assume that the police won’t abuse their authority. But those telephone switches are sold worldwide—
remember the story about cell phone wiretapping in Greece in Chapter 11—with that same technical
eavesdropping capability. It’s our choice: either everyone gets that capability, or no one does.
It’s the same with IMSI-catchers that intercept cell phone calls and metadata. StingRay might have been
the FBI’s secret, but the technology isn’t secret anymore. There are dozens of these devices scattered
around Washington, DC, and the rest of the country run by who-knows-what government or
organization. Criminal uses are next. By ensuring that the cell phone network is vulnerable to these
devices so we can use them to solve crimes, we necessarily allow foreign governments and criminals to
use them against us. I gave more examples in Chapter 11. In general, we get to decide how we’re going
to build our communications infrastructure: for security or not, for surveillance or not, for privacy or
not, for resilience or not. And then everyone gets to use that infrastructure.
Existing US restrictions prove no modeling occurs
Schneier, 15 - fellow at the Berkman Center for Internet and Society at Harvard Law School, a program
fellow at the New America Foundation's Open Technology Institute, a board member of the Electronic
Frontier Foundation, an Advisory Board Member of the Electronic Privacy Information Center, and the
Chief Technology Officer at Resilient Systems, Inc (Bruce, Data and Goliath: the Hidden Battles to Collect
Your Data and Control Your World, Introduction)//AK
We know much less about government surveillance in other countries; but don’t assume that they
aren’t doing these same things just because whistleblowers there haven’t brought those stories to light.
Other governments are doing much the same thing to as much of the Internet as they can get their
hands on, often with fewer legal restrictions on their activities.
Russia collects, stores, and analyzes data from phone calls, e-mail, Internet use, social networking, credit
card transactions, and more. Russia’s System for Operative Investigative Measures, or SORM, is built
right into its Internet. We saw a glimpse of how extensive this system is during the 2014 Sochi Olympics,
where the Russian authorities monitored pretty much everything that happened online. Crime and
terrorism provide justifications for surveillance, but this data is also used against Russian journalists,
human rights activists, and political opponents.
China, too, attempts to monitor everything its citizens do on—and, increasingly, off— the Internet.
China also uses location information from mobile phones to track people en masse. It turns mobile
phones on remotely to eavesdrop on people, and it monitors physical spaces with its 20 to 30 million
surveillance cameras. As in Russia, crime is the ostensible excuse for all this snooping, but dissent is a
major reason as well. TOM-Skype is a Chinese video and texting service, a joint venture between
Microsoft and the Chinese company TOM Online. Messages containing words like “Tiananmen,”
“Amnesty International,” and “Human Rights Watch,” as well as references to drugs and pornography,
are copied and saved. More than 30,000 Internet police conduct the monitoring.
We got additional glimpses of global Internet monitoring a few years ago, when India, Russia, Saudi
Arabia, the UAE, and Indonesia all threatened to ban BlackBerry if the company didn’t allow them access
to user communications. BlackBerry data is generally encrypted, which prevents eavesdropping.
BlackBerry cut a deal with India whereby corporate users were allowed to keep their data secure, but
the government would be able to track individual users’ e-mails, chats, and website visits. We don’t
know about the deals it may have struck with the other countries, but we can assume that they’re
similar. Smaller countries often turn to larger ones to help them with their surveillance infrastructure.
China helped Iran build surveillance into its own Internet infrastructure. I’ll say more in Chapter 6 about
Western companies helping repressive governments build surveillance systems.
The actions of these and other countries—I could fill a whole book with examples— are often far more
oppressive and totalitarian than anything the US or any of its allies do. And the US has far more legal
controls and restrictions on government collection than any other country on the planet, including
European countries. In countries like Thailand, India, and Malaysia, arresting people on the basis of their
Internet conversations and activities is the norm. I’ll talk about risks and harms in Chapter 7; right now, I
want to stick to capabilities.
Circumvention
1nc - NSA circumvention
Redundant capabilities from other agencies circumvent
Schneier, 15 - fellow at the Berkman Center for Internet and Society at Harvard Law School, a program
fellow at the New America Foundation's Open Technology Institute, a board member of the Electronic
Frontier Foundation, an Advisory Board Member of the Electronic Privacy Information Center, and the
Chief Technology Officer at Resilient Systems, Inc (Bruce, Data and Goliath: the Hidden Battles to Collect
Your Data and Control Your World, Introduction)//AK
The NSA might get the headlines, but the US intelligence community is actually composed of 17 different
agencies. There’s the CIA, of course. You might have heard of the NRO—the National Reconnaissance
Office—it’s in charge of the country’s spy satellites. Then there are the intelligence agencies associated
with all four branches of the military. The Departments of Justice (both FBI and DEA), State, Energy, the
Treasury, and Homeland Security all conduct surveillance, as do a few other agencies. And there may be
a still-secret 18th agency. (It’s unlikely, but possible. The details of the NSA’s mission remained largely
secret until the 1970s, over 20 years after its formation.)
After the NSA, the FBI appears to be the most prolific government surveillance agency. It is tightly
connected with the NSA, and the two share data, technologies, and legislative authorities. It’s easy to
forget that the first Snowden document published by the Guardian—the order requiring Verizon to turn
over the calling metadata for all of its customers—was an order by the FBI to turn the data over to the
NSA. We know there is considerable sharing amongst the NSA, CIA, DEA, DIA, and DHS. An NSA program
code-named ICREACH provides surveillance information to over 23 government agencies, including
information about Americans.
Domestic constraints cause a foreign shift – turns the case
Chandler and Le, 15 - * Director, California International Law Center, Professor of Law and Martin Luther
King, Jr. Hall Research Scholar, University of California, Davis; A.B., Harvard College; J.D., Yale Law School
AND **Free Speech and Technology Fellow, California International Law Center; A.B., Yale College; J.D.,
University of California, Davis School of Law (Anupam and Uyen, “DATA NATIONALISM” 64 Emory L.J.
677, lexis)
First, the United States, like many countries, concentrates much of its surveillance efforts abroad.
Indeed, the Foreign Intelligence Surveillance Act is focused on gathering information overseas, limiting
data gathering largely only when it implicates U.S. persons. n174 The recent NSA surveillance disclosures
have revealed extensive foreign operations. n175 Indeed, constraints on domestic operations may well
have spurred the NSA to expand operations abroad . As the Washington Post reports, "Intercepting
communications overseas has clear advantages for the NSA, with looser restrictions and less oversight."
n176 Deterred by a 2011 ruling by the Foreign Intelligence Surveillance Court barring certain broad
domestic surveillance of Internet and telephone traffic, n177 the NSA may have increasingly turned its
attention overseas.
Allied cooperation circumvents domestic restrictions
Brenner, 15 - Senior Fellow, the Center for Transatlantic Relations; Professor of International Affairs,
University of Pittsburgh (Michael, Huffington Post, “The NSA's Second Coming” 6/8,
http://www.huffingtonpost.com/michael-brenner/the-nsas-second-coming_b_7535058.html
7.
The NSA coordinates its spying closely with Intelligence agencies of the four other Englishspeaking countries that participate in "Five Finger" alliance: the UK, Canada, Australia and New Zealand.
Their data sharing does not stop at that acquired by legal means. They do each other favors by relying
on a partner to circumvent domestic restrictions in any one of them. There are credible reports that
NSA has assisted Britain's GCHQ in this respect. Both have assisted the German NBD in spying on
German targets- as has been revealed within the past few weeks. Therefore, the significance of last
week legislation is undercut by this close collaboration.
Creative lawyering guarantees circumvention
Redmond, 14 – J.D. Candidate, 2015, Fordham University School of Law (Valerie, “I Spy with My Not So
Little Eye: A Comparison of Surveillance Law in the United States and New Zealand” FORDHAM
INTERNATIONAL LAW JOURNAL [Vol. 37:733
In the United States, the current state of surveillance law is a product of FISA, its amendments, and its
strictures. An evaluation of US surveillance law proves that inherent loopholes undercut FISA’s
protections, which allows the US Government to circumvent privacy protections.182 The main problems
are the insufficient definition of surveillance , the ability to spy on agents of foreign powers, the lack of
protection against third party surveillance, and the ability to collect incidental information.183
First, a significant loophole arises in the interpretation of the term “surveillance.”184 In order for
information collection to be regulated by FISA, it must fall under FISA’s definition of surveillance.185
This definition does not apply to certain National Security Letters , which are secret authorizations for
the Federal Bureau of Investigation (“FBI”) to obtain records from telephone companies, credit agencies,
and other organizations if they merely certify that the information is relevant to an international
terrorism investigation.186 National Security Letters are regularly used to circumvent FISA’s warrant
procedures.187
Additionally, FISA’s definition of surveillance is antiquated because it distinguishes between data
acquired inside of the United States and outside of the United States.188 This distinction allows the NSA
to process surveillance that is received from other countries irrespective of whether the target is a US
citizen.189 Therefore, the NSA is unrestrained when a communication is not physically intercepted
within the United States.190
Second, an issue arises when US citizens are construed to be agents of foreign powers under FISA
because a warrant can be issued to engage in surveillance against them.191 According to FISA’s
procedures, the only way to spy on a US citizen is when they can be considered to be an agent of a
foreign power, or engaged in information gathering, aiding, or abetting a foreign power.192 However,
this limitation does not result in total privacy protection because it only requires probable cause that a
person is an agent of a foreign power, not that a crime is being committed.193 The effect of this ability
is that the US Government can conduct surveillance on a US citizen with no ties to terrorism such as a
suburban mother telling her friend that her son “bombed” a school play.194
2nc – top level NSA circumvention
Err neg - the NSA has broken the law thousands of times
Barnhizer 13 - Professor Emeritus, Cleveland-Marshall College of Law (David, “Through a PRISM Darkly: Surveillance and Speech
Suppression in the “Post-Democracy Electronic State””, working paper, September 2013, p.25-26//DM)
The momentum of technology is irresistible. The problem is that technology creates its own imperatives
and will come to be used in whatever ways possible. The same can be said for the creation of
government regulatory policies impacting in virtually any sphere of activity. After all, who can quarrel
with the idea that governmental actors—legislators, bureaucrats, executive branch leaders, judges,
police, security personnel, military leaders etc.—should possess the most accurate, comprehensive and
detailed data possible related to their areas of activity? This is only logical, right? The problem is that
the logic of obtaining perfect or near perfect data for decision and action has no internal limits.60It will
expand into the universe of possibility unless there are strong and clearly understood principles by
which limits are set and consequences imposed if those limits are exceeded.
At the moment we are attempting to deal with what appears to be a prime example of a secretive part
of government operating according to the imperative of gaining total knowledge through technological
innovations while doing so under the driving force of national security and detecting terroristic
activities. Over the past few months we have been witness to the profoundly intrusive behavior of the
NSA, the revelations of Edward Snowden, the apparent “rubber stamping” of any surveillance request
put to it by the judges of the clandestine FISA Court, the NSA’s ultimate admission that it violated the
rules on thousands of occasions including following the activities of NSA employees’ “love interests”,
and admitted lying to Congress by James Clapper the head of the US national intelligence system.61Yet
the NSA’s all-encompassing PRISM program is simply the latest manifestation of the inevitable use of
surveillance technology and the absolute inability of government to “Just Say No” to its own inevitable
abuse of whatever power it possesses. 62
2nc – redundant capabilities
Redundant means and justifications make circumvention easy
Brenner, 15 - Senior Fellow, the Center for Transatlantic Relations; Professor of International Affairs,
University of Pittsburgh (Michael, Huffington Post, “The NSA's Second Coming” 6/8,
http://www.huffingtonpost.com/michael-brenner/the-nsas-second-coming_b_7535058.html
11.
United States Intelligence agencies have multiple, redundant methods for acquiring bulk data
or specific data. They also have multiple legal justifications , however contrived they might be; those
justifications are extremely difficult to challenge in the federal courts who have pretty much neutered
themselves on these types of security issues. Where top officials, including the President, feel it
necessary, they have few qualms about skirting the law .
State and local governments will give data to the federal government – circumvents
more restrictive federal rules
Schneier, 15 - fellow at the Berkman Center for Internet and Society at Harvard Law School, a program
fellow at the New America Foundation's Open Technology Institute, a board member of the Electronic
Frontier Foundation, an Advisory Board Member of the Electronic Privacy Information Center, and the
Chief Technology Officer at Resilient Systems, Inc (Bruce, Data and Goliath: the Hidden Battles to Collect
Your Data and Control Your World, Introduction)//AK
Outside of the federal government, a lot more surveillance and analysis of surveillance data is going on.
Since 9/11, the US has set up “fusion centers” around the country. These institutions are generally run
by state and local law enforcement, and are meant to serve as an information bridge between those
groups and national agencies like the FBI and DHS.
They give local police access to previously unavailable surveillance capabilities and data. They were
initially supposed to focus on terrorism, but increasingly they’re used in broader law enforcement. And
because they’re run locally, different fusion centers have different rules—and different levels of
adherence to those rules. There’s minimal oversight, probably illegal military involvement, and excessive
secrecy. For example, fusion centers are known to have spied on political protesters.
Joint Terrorism Task Forces are also locally run, nebulously defined, and shrouded in extreme secrecy.
They’ve been caught investigating political activists, spreading anti- Islamic propaganda, and harassing
innocent civilians.
They’ll just use National Security Letters
Schneier, 15 - fellow at the Berkman Center for Internet and Society at Harvard Law School, a program
fellow at the New America Foundation's Open Technology Institute, a board member of the Electronic
Frontier Foundation, an Advisory Board Member of the Electronic Privacy Information Center, and the
Chief Technology Officer at Resilient Systems, Inc (Bruce, Data and Goliath: the Hidden Battles to Collect
Your Data and Control Your World, Introduction)//AK
That said, unlike NSA surveillance, FBI surveillance is traditionally conducted with judicial oversight,
through the warrant process. Under the Fourth Amendment to the US Constitution, the government
must demonstrate to a judge that a search might reasonably reveal evidence of a crime. However, the
FBI has the authority to collect, without a warrant, all sorts of personal information, either targeted or in
bulk through the use of National Security Letters (NSLs). These are basically administrative subpoenas,
issued by the FBI with no judicial oversight. They were greatly expanded in scope in 2001 under the USA
PATRIOT Act (Section 505), although the initial legal basis for these letters originated in 1978. Today,
NSLs are generally used to obtain data from third parties: email from Google, banking records from
financial institutions, files from Dropbox.
2nc – domestic only limit
The domestic-only limit prevents solvency
Kehl, 14 – Policy Analyst at New America’s Open Technology Institute (Danielle, “Surveillance Costs: The
NSA’s Impact on the Economy, Internet Freedom & Cybersecurity” July,
https://www.newamerica.org/oti/surveillance-costs-the-nsas-impact-on-the-economy-internetfreedom-cybersecurity/
It appears that little consideration was given over the past decade to the potential economic
repercussions if the NSA’s secret programs were revealed.38 This failure was acutely demonstrated by
the Obama Administration’s initial focus on reassuring the public that its programs primarily affect nonAmericans, even though non-Americans are also heavy users of American companies’ products.
Facebook CEO Mark Zuckerberg put a fine point on the issue, saying that the government “blew it” in its
response to the scandal. He noted sarcastically: “The government response was, ‘Oh don’t worry, we’re
not spying on any Americans.’ Oh, wonderful: that’s really helpful to companies [like Facebook] trying to
serve people around the world, and that’s really going to inspire confidence in American internet
companies.”39 As Zuckerberg’s comments reflect, certain parts of the American technology industry are
particularly vulnerable to international backlash since growth is heavily dependent on foreign markets .
For example, the U.S. cloud computing industry has grown from an estimated $46 billion in 2008 to $150
billion in 2014, with nearly 50 percent of worldwide cloud-computing revenues coming from the U.S.40
R Street Institute’s January 2014 policy study concluded that in the next few years, new products and
services that rely on cloud computing will become increasingly pervasive. “Cloud computing is also the
root of development for the emerging generation of Web-based applications—home security,
outpatient care, mobile payment, distance learning, efficient energy use and driverless cars,” writes R
Street’s Steven Titch in the study. “And it is a research area where the United States is an undisputed
leader.”41 This trajectory may be dramatically altered, however, as a consequence of the NSA’s
surveillance programs.
The domestic-only limit wrecks solvency
Kehl, 14 – Policy Analyst at New America’s Open Technology Institute (Danielle, “Surveillance Costs: The
NSA’s Impact on the Economy, Internet Freedom & Cybersecurity” July,
https://www.newamerica.org/oti/surveillance-costs-the-nsas-impact-on-the-economy-internetfreedom-cybersecurity/
The U.S. government has already taken some limited steps to mitigate this damage and begin the slow,
difficult process of rebuilding trust in the United States as a responsible steward of the Internet. But the
reform efforts to date have been relatively narrow, focusing primarily on the surveillance programs’
impact on the rights of U.S. citizens . Based on our findings, we recommend that the U.S. government
take the following steps to address the broader concern that the NSA’s programs are impacting our
economy, our foreign relations, and our cybersecurity:
1. Strengthen privacy protections for both Americans and non-Americans , within the United States and
extraterritorially .
2. Provide for increased transparency around government surveillance, both from the government and
companies.
3. Recommit to the Internet Freedom agenda in a way that directly addresses issues raised by NSA
surveillance, including moving toward international human-rights based standards on surveillance .
4. Begin the process of restoring trust in cryptography standards through the National Institute of
Standards and Technology.
5. Ensure that the U.S. government does not undermine cybersecurity by inserting surveillance
backdoors into hardware or software products.
6. Help to eliminate security vulnerabilities in software, rather than stockpile them.
7. Develop clear policies about whether, when, and under what legal standards it is permissible for the
government to secretly install malware on a computer or in a network.
8. Separate the offensive and defensive functions of the NSA in order to minimize conflicts of interest.
The NSA doesn’t comply with foreignness designation requirements
Gellman, 14 – staff writer for the Washington Post; won 3 Pullitzer Prizes (Barton, Washington Post, “In
NSA-intercepted data, those not targeted far outnumber the foreigners who are” 7/5,
http://www.washingtonpost.com/world/national-security/in-nsa-intercepted-data-those-not-targetedfar-outnumber-the-foreigners-who-are/2014/07/05/8139adf8-045a-11e4-85724b1b969b6322_story.html
When NSA and allied analysts really want to target an account, their concern for U.S. privacy diminishes.
The rationales they use to judge foreignness sometimes stretch legal rules or well-known technical facts
to the breaking point.
In their classified internal communications, colleagues and supervisors often remind the analysts that
PRISM and Upstream collection have a “lower threshold for foreignness ‘standard of proof’ ” than a
traditional surveillance warrant from a FISA judge, requiring only a “reasonable belief” and not probable
cause.
One analyst rests her claim that a target is foreign on the fact that his e-mails are written in a foreign
language, a quality shared by tens of millions of Americans. Others are allowed to presume that anyone
on the chat “buddy list” of a known foreign national is also foreign.
In many other cases, analysts seek and obtain approval to treat an account as “foreign” if someone
connects to it from a computer address that seems to be overseas. “The best foreignness explanations
have the selector being accessed via a foreign IP address,” an NSA supervisor instructs an allied analyst
in Australia.
Apart from the fact that tens of millions of Americans live and travel overseas, additional millions use
simple tools called proxies to redirect their data traffic around the world, for business or pleasure.
World Cup fans this month have been using a browser extension called Hola to watch live-streamed
games that are unavailable from their own countries. The same trick is routinely used by Americans who
want to watch BBC video. The NSA also relies routinely on locations embedded in Yahoo tracking
cookies, which are widely regarded by online advertisers as unreliable.
2nc – allied intel sharing
Allied info sharing makes circumvention inevitable
Donohue, 15 - Professor of Law, Georgetown University Law Center (Laura, “SECTION 702 AND THE
COLLECTION OF INTERNATIONAL TELEPHONE AND INTERNET CONTENT” 38 Harv. J.L. & Pub. Pol'y 117,
Winter, lexis)
With GCHQ in mind, it is worth noting an additional exception to both FISA and Executive Order 12,333:
to the extent that it is not the United States engaged in the collection of information, but, rather, one of
our allies, rules that otherwise limit the U.S. intelligence community may not apply. From the
language of the order, it appears that the United States may receive or benefit from other countries'
collection of information on U.S. citizens, where it does not actively participate in the collection or
specifically request other countries to carry out the collection at its behest. n142 In turn, the United
States can provide information about foreign citizens to their governments that their intelligence
agencies, under their domestic laws, might otherwise be unable to collect. To the extent that the
programs underway are extended to the closely allied "Five Eyes" (Australia, Canada, the United
Kingdom, the United States, and New Zealand), structural demarcations offer a way around the legal
restrictions otherwise enacted to protect citizen rights in each region.
Information sharing is a loophole they can’t fiat out of – it doesn’t constitute ‘its’
surveillance but the government will get the info anyway
Redmond, 14 – J.D. Candidate, 2015, Fordham University School of Law (Valerie, “I Spy with My Not So
Little Eye: A Comparison of Surveillance Law in the United States and New Zealand” FORDHAM
INTERNATIONAL LAW JOURNAL [Vol. 37:733
Furthermore, FISA is limited to protecting against surveillance by the US Government; it does not create
a reasonable expectation of privacy for individuals from surveillance by a third party.195 This rule is
exploited by the United States’ participation in Echelon.196 Because US law generally does not regulate
information sharing, the United States essentially violates the privacy rights of US citizens by accepting
information from foreign intelligence agencies about potential threats involving US citizens.197 Thus,
the lack of privacy rights when US citizens are spied on by agencies outside of the United States creates
a loophole for spying on US citizens without the government restrictions created by existing law.198
Lastly, US law allows for the collection of incidental information.199 It is predicted that Echelon collects
nearly all communications, many of which can be considered incidental.200 Therefore, the fact that FISA
allows for the collection of incidental information suggests that privacy rights can be violated by its
involvement in Echelon.201
Allied surveillance inevitable and information sharing is routine
Chandler and Le, 15 - * Director, California International Law Center, Professor of Law and Martin Luther
King, Jr. Hall Research Scholar, University of California, Davis; A.B., Harvard College; J.D., Yale Law School
AND **Free Speech and Technology Fellow, California International Law Center; A.B., Yale College; J.D.,
University of California, Davis School of Law (Anupam and Uyen, “DATA NATIONALISM” 64 Emory L.J.
677, lexis)
Third, while governments denounce foreign surveillance on behalf of their citizens, governments
routinely share clandestinely intercepted information with each other. n182 The Guardian reports that
Australia's intelligence agency collects and shares bulk data of Australian nationals with its partners - the
United States, Britain, Canada, and New Zealand (collectively known as the "5-Eyes"). n183 Even while
the German government has been a forceful critic of NSA surveillance, the German intelligence service
has been described as a "prolific partner" of the NSA. n184 Der Spiegel reports that the German foreign
intelligence agency Bundesnachrichtendienst (BND) has been collaborating with the NSA, passing about
500 million pieces of metadata in the month of December 2012 alone. n185 The NSA has collaborated
with the effort led by the British intelligence agency Government Communications Headquarters
(GCHQ) to hack into Yahoo!'s webchat service to access unencrypted webcam images of millions of
users. n186 A German computer expert observes, "We know now that data was intercepted here on a
large scale. So limiting traffic to Germany and Europe doesn't look as promising as the government and
[Deutsche Telekom] would like you to believe." n187
2nc – circumvention turns the case
Circumvention turns their perception arguments
Seamon 8 – Professor, University of Idaho College of Law (Richard, “Domestic Surveillance for
International Terrorists: Presidential Power and Fourth Amendment Limits”, Hastings Constitutional Law
Quarterly, Spring 2008, http://www.hastingsconlawquarterly.org/archives/V35/I3/seamon.pdf)//DBI
Conversely, allowing the President to ignore statutory restrictions on surveillance encourages executive
lawlessness. Courts should discourage such behavior by preferring Fourth Amendment interpretations
that encourage the executive branch to collaborate with the legislature to frame such rules, rather than
defy them. After all, how is the public to feel when an Act of Congress supposedly provides the
"exclusive" authority for a specified type of surveillance, yet it learns that a program exists "outside"
that authority and has been going on for years? 20 8 Such a situation is likely to undermine public
confidence that the nation's leaders obey the rule of law. It undermines faith in the legislative branch's
willingness and ability to check executive abuse, and in the President's willingness to abide by legislative
restrictions.20 9
Circumvention – US servers
Limiting the plan to US-based servers means the NSA will shift to foreign-based
servers
Arnbak and Goldberg 14- cybersecurity and information law research at the Institute for
Information Law, LL.M degree from Leiden University, A Competitive Strategy and Game Theory degree
from London School of Economics University of Amsterdam; Associate professor in the Computer
Science Department at Boston University, phD from Princeton University, B.A.S.c from University of
Toronto (Axel and Sharon, “Loopholes for Circumventing the Constitution: Warrantless Bulk Surveillance
on Americans by Collecting the Network Traffic Abroad”, Working Paper, June 27, 2014)//TT
Technical Loopholes. At first blush, one might suppose that a surveillance operation conducted abroad
should have no impact on the privacy of Americans. However, in Section 3 we discuss why the technical
realities of the Internet mean that American’s network traffic can easily be routed or stored abroad,
where it can then be collected under the permissive legal regime of EO 12333. Indeed, we already know
of surveillance programs that have exploited this legal loophole . The revealed MUSCULAR/TURMOIL
program, for example, illustrates how the N.S.A. presumed authority under EO 12333 to acquire traffic
between Google and Yahoo! servers located on foreign territory; this program allegedly collected up to
180 million user records per month abroad, including those of Americans [17].
We also discuss other technical means an intelligence agency can exploit the legal loopholes under EO
12333. Instead of eavesdropping on intradomain traffic (i.e., data sent within a network belonging to a
single organization, as in the MUSCULAR/TURMOIL program), these loopholes can be exploited in the
interdomain setting, where traffic traverses networks belonging to different organizations. We explain
why interdomain routing with BGP can naturally cause traffic originating in a U.S. network to be routed
abroad, even when it is destined for an endpoint located on U.S. soil. We also discuss why core Internet
protocols – BGP and DNS – can be deliberately manipulated to force traffic originating in American
networks to be routed abroad . We discuss why these deliberate manipulations fall within the
permissive EO 12333 regime, and how they can be used to collect, in bulk, all Internet traffic (including
metadata and content) sent between a pair of networks; even if both networks are located on U.S. soil
(e.g., from Harvard University to Boston University).
Circumvention – FBI specific
The FBI will empirically circumvent the plan
Schneier, 15 - fellow at the Berkman Center for Internet and Society at Harvard Law School, a program
fellow at the New America Foundation's Open Technology Institute, a board member of the Electronic
Frontier Foundation, an Advisory Board Member of the Electronic Privacy Information Center, and the
Chief Technology Officer at Resilient Systems, Inc (Bruce, Data and Goliath: the Hidden Battles to Collect
Your Data and Control Your World, Introduction)//AK
Technology has greatly enhanced the FBI’s ability to conduct surveillance without a warrant. For
example, the FBI (and also local police) uses a tool called an IMSI-catcher, which is basically a fake cell
phone tower. If you’ve heard about it, you’ve heard the code name StingRay, which is actually a
particular type of IMSI-catcher sold by Harris Corporation. By putting up the tower, it tricks nearby cell
phones into connecting to it. Once that happens, IMSI-catchers can collect identification and location
information of the phones and, in some cases, eavesdrop on phone conversations, text messages, and
web browsing. The FBI is so scared of explaining this capability in public that the agency makes local
police sign nondisclosure agreements before using the technique, and instructs them to lie about their
use of it in court . When it seemed possible that local police in Sarasota, Florida, might release
documents about StingRay cell phone interception equipment to plaintiffs in civil rights litigation against
them, federal marshals seized the documents.
Circumvention – XO12333 loophole
The NSA double dips – they’ll just get the same info under XO 12333 and call it foreign
intelligence
Wheeler, 14 - PhD, independent journalist specializing in national security and civil liberties; former
senior policy analyst at The Intercept (Marcy, “The Single Branch Theory of Oversight” 6/23,
http://www.cato-unbound.org/2014/06/23/marcy-wheeler/single-branch-theory-oversight
Carrie Cordero made a fairly astonishing claim in her response to my focus on the SA’s theft from Google
and Yahoo fiber overseas. She claims that that and other documents showing how the NSA double dips
from PRISM producers, collecting content domestically under Section 702 and collecting it
internationally under Executive Order 12333, shows “the [FISA Amendments Act] has been implemented
consistently with how it was described in the public record of legislative text and Congressional hearings
that took place up to its passage in 2008.” Cordero would have you believe that the Administration
made it clear it intended to continue to steal data from American providers even after having been given
Congressionally authorized access to it.
She is right on one count, though she doesn’t spell out how in her reply. From the very first debates over
amendments to FISA in 2007, members of Congress – especially Senator Dianne Feinstein and then
Senator Russ Feingold – raised concerns that the Executive Branch would simply bypass the law if it
wanted to. And while then Director of National Intelligence (and now Booz Allen Hamilton Vice
Chairman) Mike McConnell assured the Senators “the effort to modernize would prevent an operational
necessity to do it a different way” (seemingly providing assurances the Intelligence Community would
not bypass the FISA process as they have), McConnell and others, including Keith Alexander, kept
repeating that “Article II is Article II.”
That is, throughout the FISA amendment process, the intelligence community was quite honest that it
did not believe itself to be bound by the laws passed by Congress ; they explicitly reserved the
authority to simply go overseas to bypass limits and oversight imposed by Congress.
That’s why the 800 words Cordero used to describe the oversight exercised by the FISA Court and
Congress as part of the FISA process really describe something that is – as Julian Sanchez argued –
decorative . So long as the intelligence community does bypass those authorities to carry out the same
collection overseas (they definitely do that with content, and appear to do that with metadata), the
oversight of other branches is a mere indulgence from the Executive, made all the weaker because both
branches are aware that the Executive will bypass their oversight if the oversight is deemed overly strict.
XO 12333 abuses are the worst thing the NSA does – the plan’s a band-aid
Vladeck 15 - professor of law at American University Washington College of Law (Steven “Forget the
Patriot Act – Here Are the Privacy Violations You Should Be Worried About”, Foreign Policy, 06/01/15,
http://foreignpolicy.com/2015/06/01/section-215-patriot-act-expires-surveillance-continues-fisa-courtmetadata/)//GK
More alarmingly, with regard to collection under Executive Order 12333, there isn’t any similar judicial review
(or meaningful congressional oversight), which means that it has entirely been up to the government to
police itself. As State Department whistleblower John Napier Tye explained last summer, there is every reason to doubt that such internal
accountability has provided a sufficient check. In his words, “Executive Order 12333 contains nothing to prevent the NSA from collecting and
storing all … communications … provided that such collection occurs outside the United States in the course of a lawful foreign intelligence
investigation.” To put the matter bluntly, whereas the Section 215 debate has addressed whether the government can collect our phone
records, Executive
Order 12333 and the 2008 FISA Amendments Act allow the government to collect a lot
of what we’re actually saying, whether on the phone, in our emails, or even to our search engines. There is no question
that, from a privacy perspective, these programs are far more pernicious than what’s been pegged to Section
215. There is also no question that such collection raises even graver constitutional questions than the phone records
program. Whereas there is an open debate over our expectation of privacy in the metadata we voluntarily provide to our phone companies,
there’s no doubt that we have an expectation of privacy in the content of our private communications. Why, then, has all the fuss been around
Section 215 and the phone records program, while the far more troubling surveillance authorities provided by Executive Order 12333 and the
2008 FISA Amendments Act have flown under the radar? Part of it may be because of the complexities described above. After all, it’s easy for
people on the street to understand what it means when the government is collecting our phone records; it’s not nearly as obvious why we
should be bothered by violations of minimization requirements. Part of it may also have to do with the government’s perceived intent. Maybe it
seems more troubling when the government is intentionally collecting our phone records, as opposed to “incidentally” (albeit knowingly)
collecting the contents of our communications. And technology may play a role, too; how many senders of emails know where the server is
located on which the message is ultimately stored? If we don’t realize how easily our communications might get bundled with those of noncitizens outside the United States, we might not be worried about surveillance targeted at them. But whatever the reason for our myopic focus
on Section 215, it has not only obscured the larger privacy concerns raised by these other authorities, but also the deeper lessons we should
have taken away from Snowden’s revelations. However much we might tolerate, or even embrace, the need for secret government surveillance
programs, it is all-but-inevitable that those programs will be stretched to — and beyond — their legal limits.
That’s why it’s important not only to place substantive limits upon the government’s surveillance authorities, but also to ensure that they are
subject to meaningful external oversight and accountability as well. And that’s why the denouement of Section 215 debate has been so
disappointing. This should have been a conversation not just about the full range of government surveillance powers, including Executive Order
12333 and the 2008 FISA Amendments Act, but also about the role of the FISA Court and of congressional oversight in supervising those
authorities. Instead, it devolved into an over-heated debate over an over-emphasized program. Congress
has tended to a paper
cut, while it ignored the internal bleeding . Not only does the expiration of Section 215 have no effect on the substance of
other surveillance authorities, it also has no effect on their oversight and accountability. Reaching some degree of closure with regard to the
phone records program may leave many with the impression that America has concluded a meaningful and productive national debate over
surveillance reform. We haven’t. And although the 2008 FISA Amendments Act is also set to expire — on December 31, 2017 — the debate over
Section 215 leaves little reason to believe that we’ll have it then, either.
Curtailment of Executive Order 12333 is critical to effective NSA reform
Edgar 15*scholar at the Brown University’s Watson Institute for International Studies (Timothy,
“Surveillance Reform: Privacy Board Turns to E.O. 12,333”, Lawfare, 3/13/15,
http://www.lawfareblog.com/surveillance-reform-privacy-board-turns-eo-12333)//GK
The job of lawyers and privacy officials is the intelligence community is to administer the two basic systems of oversight first established by the
Church Committee reforms of the 1970s: the Foreign Intelligence Surveillance Act and E.O. 12,333. In my experience, E.O. 12,333 is the more
important of the two, although it receives much less attention. E.O.
12,333 governs activities that are not regulated by
statute and do not require a court order. As a result, those activities are less well documented, as a practical
matter less transparent – even by the standards of classified programs, and are therefore subject to less rigorous oversight.
They involve at most two branches of government – the Executive and Congress. Realistically, they usually involve only the Executive. As a
lawyer inside the Executive Branch providing advice on intelligence activities, I found myself turning to E.O. 12,333, and the AG guidelines for
each agency required by that order, far more often than I did to FISA or other statutes. For us, E.O. 12,333 and the AG guidelines provided the
only real source of legal guidance for most of what intelligence agencies do. Since the Snowden revelations began in 2013, there has been
debate here and abroad about surveillance reform. While much of the debate in this country about surveillance reform has focused on bulk
collection of telephone records and other FISA activities, in the rest of the
world the attention has been on continuing
revelations of a variety of NSA activities conducted overseas under E.O. 12,333. These include reports of
very intrusive activities, like collection of massive quantities of communications – the practice the government calls bulk collection,
and critics call mass surveillance – and alleged activities that undermine encryption or security of
communications systems. President Obama has addressed some of these concerns in Presidential Policy Directive 28 (PPD-28), issued
last year and implemented this year. PPD-28 limits bulk collection to six specified national security threats, including international terrorism,
and for the first time requires intelligence agencies to have guidelines that protect the privacy of foreign citizens. I discuss PPD-28, and make
recommendations for further reforms, in my recent Foreign Affairs article, “The Good News About Spying.”
Significant 702 reform and curtailing XO1233 are critical to the fight for privacy
Esguerra 15 – EFF activist (Richard, “Fighting for Privacy, Two Years After Snowden”, The Electronic
Frontier Foundation, 06/08/15, http://www.juancole.com/2015/06/fighting-privacy-snowden.html)//GK
With the passage of USA Freedom law behind us, we’re setting our sights on Section 702 of the FISA Amendments Act, a deeply
troubling authority used by the NSA to justify mass collection of phone calls and emails by collecting huge
quantities of data directly from the physical infrastructure of communications providers. Here too, we are
pulling at ominous threads of the government’s surveillance apparatus first identified by whistleblowers like Mark Klein, Thomas Drake, William
Binney, J. Kirk Wiebe, and Edward Snowden. Mr. Snowden’s disclosures helped us understand that Section 702 was what the government was
using to justify its tapping into fiber optic cables: something we’ve been suing over since 2006 and which we are currently presenting to the
Ninth Circuit in Jewel v. NSA. It was a hard-fought loss in 2008 when the FISA Amendments Act passed, unconstitutionally granting retroactive
immunity to telecommunications companies that participated in warrantless mass surveillance and ultimately killing our first case, Hepting v.
AT&T. But the passage of USA Freedom—even as a first step—demonstrates the strengthening of resources, communities, networks, and
strategies that can now be brought to bear in the fight for reform in Congress and in the courts. Another
objective: address
Executive Order 12333, which the NSA relies on for most of its digital surveillance of people worldwide.
On the roster of legal authorities underpinning the government’s mass surveillance activities, EO 12333 is the most thickly
shrouded while also appearing to be one of the most powerful: the Washington Post revealed in 2014 that the order
alone—without any court oversight—was used to justify the recording of “ 100 percent of a foreign
country’s telephone calls.” There are many objectives to achieve around 12333: greater public awareness; meaningful transparency
from those with the power and responsibility to investigate and disclose details being hidden from the public; and direct pressure on President
Obama, who can issue a new executive order to better protect people around the world before he leaves office.
Circumvention – section 702
Section 702 fails to limit domestic surveillance—legal loopholes and circumventions
Arnbak and Goldberg 14- cybersecurity and information law research at the Institute for
Information Law, LL.M degree from Leiden University, A Competitive Strategy and Game Theory degree
from London School of Economics University of Amsterdam; Associate professor in the Computer
Science Department at Boston University, phD from Princeton University, B.A.S.c from University of
Toronto (Axel and Sharon, “Loopholes for Circumventing the Constitution: Warrantless Bulk Surveillance
on Americans by Collecting the Network Traffic Abroad”, Working Paper, June 27, 2014)//TT
For years, FISA and especially its s. 702 have been criticized for providing legal loopholes for warrantless
political and economic surveillance on U.S. lawyers, NGOs, journalists and corporations communicating
internationally through U.S. Internet companies [33]; the media reports in December 2005, around
warrant-less wiretapping in bulk from the Internet backbone at an AT&T switch [28],have highlighted
some of this tension. Nonetheless, U.S. Congress passed FAA after the AT&T revelations and extended
the validity of the FAA for another five years on 31 December 2012, one day before the sunset deadline.
Two months later, on 26 February 2013 in the case `Clapper v. Amnesty International', the U.S. Supreme
Court denied several U.S. organizations a right to claim that the privacy of their international
communications was violated by s. 702 on procedural grounds. In what appeared to be the final ruling
on the constitutionality of s. 702 for the foreseeable future, a 5-4 majority argued that these
organizations were merely `speculating', and could not prove that their communications had actually
been intercepted [6]. Justice Breyer, on behalf of the minority, noted in his dissent that s. 702 prohibits
the same applicants to actually gain knowledge of the surveillance itself because of national security
secrecy, and that the broad authorities probably existed for a reason.
The political debate and the issue of legal standing have shifted considerably since June 2013, when it
became clear that s. 702 indeed serves as the legal basis for many operations, among them ‘UPSTREAM’
and ‘PRISM’ [13]. Moreover, several of the classified targeting and minimization procedures under s. 702
have been leaked or declassified [2, 3]. Both revelations have spurred the N.S.A. to confirm that a
principle use of s. 702 is compelling assistance from U.S. Internet companies for warrantless surveillance
[5, p. 4].
This new dynamic enables a unique insight into classified and generous interpretations of the legal
provisions in FISA made by the intelligence community and the FISA Court [13]. Before we dive into the
details of FISA, we mention that FISA also contains s. 703 and s. 704, that regulate surveillance
intentionally targeting U.S. persons located abroad. These sections are outside the scope of this paper,
since our focus is on surveillance operations on Americans located in the U.S., with surveillance
conducted on foreign soil. As an aside, Donohue has observed that the warrant requirements in these
sections have been circumvented by applying s. 702 criteria to the collection phase, and then seeing
whether collected data is of use for further processing after the fact [13, p.26].
2.2.2 Scope of the Second Regulatory Regime under FISA: The 1978 ‘Electronic Surveillance’ Definition
All communications surveillance operations that constitute ‘electronic surveillance’, as defined s. 1801(f)
of FISA, fall within the scope of FISA (cf. 18 U.S.C. s.2511(2)(f); 50 U.S.C. s.1812(a)). The definition has
largely remained intact since 1978. To acquire the content of ‘wired communications’, surveillance only
falls within the FISA definition when authorities ‘intentionally target a U.S. person’ (s. 1801(f)(1)), or
when the acquisition is conducted on U.S. soil (s. 1801(f)(2)). Importantly, when authorities conduct
targeted surveillance from abroad, even if they know that both ‘sender and all intended recipients are
located in the U.S.’, then only ‘radio’ (i.e., wireless) communications fall within the FISA definition of
‘electronic surveillance’ (s. 1801(f)(3)). The FISA defi- nition only mentions communications ‘content’,
but not ‘metadata’ (location, time, duration, identity of communicants, etc.), which in itself gives rise to
privacy concerns that we will not further discuss here. Relevant for our purposes, is the observation that
operations on ‘wired communications’, when conducted abroad, only fall within the scope of FISA if they
‘intentionally target a U.S. person’.
Intentionally Targeting U.S. Persons. ‘Intentionally targeting a U.S. person’ constitutes ‘electronic
surveillance’ under FISA (s. 1801(f)(1)). However, ‘intention’ and ‘targeting’ are not defined in FISA,
leaving the concepts open to generous interpretation by authorities in classified ‘targeting’ and
‘minimization’ procedures. Apart from providing clarity that bulk surveillance is not regarded as
intentional targeting (we discuss this further when we look at legal protections from U.S. persons under
FISA), the disclosure of these procedures has revealed two important new facts related to surveillance
operations conducted abroad. Firstly, conducting the surveillance abroad creates the presumption that
the surveillance targets a non-U.S. person [2, p. 3-4]. Secondly, the ‘targeting procedures’ do not provide
any due diligence requirement or duty of care to establish the identity of parties on either side of a
communication [2, p.3-4] [3]. This implies that unless a communicant is known to be a U.S. person, the
procedures consider the communicant to be a non-U.S. person. In other words, authorities have a
strong incentive to conduct surveillance abroad: legal protections offered to U.S. persons under FISA can
be circumvented, and a more generous legal regime applies to the data collection itself.
702 fails—serious loopholes exist to circumvent protections
Arnbak and Goldberg 14- cybersecurity and information law research at the Institute for
Information Law, LL.M degree from Leiden University, A Competitive Strategy and Game Theory degree
from London School of Economics University of Amsterdam; Associate professor in the Computer
Science Department at Boston University, phD from Princeton University, B.A.S.c from University of
Toronto (Axel and Sharon, “Loopholes for Circumventing the Constitution: Warrantless Bulk Surveillance
on Americans by Collecting the Network Traffic Abroad”, Working Paper, June 27, 2014)//TT
Applicability of FISA to a surveillance operation is relevant for Americans, be- cause the statue contains
some important legal protections for U.S. persons intentionally targeted. For instance, the statute
explicitly states that the 4th Amendment applies to surveillance operations under FISA (cf. s.1881(b)(5))
and a narrow set of four surveillance operations is explicitly prohibited. As discussed, surveillance under
s. 702 may not intentionally target a U.S. person; for those operations s. 703 exists. Another example is
the ‘reverse-targeting’ prohibition of s.1881(b)(2), which holds that authorities may not intentionally
target a non-U.S. person under a s. 702 if the actual purpose of the operation is to target a U.S. person.
By contrast, the third legal regime under EO 12333 explicitly allows for intentional targeting of U.S.
persons, when certain conditions discussed in the next section are met.
Nonetheless, serious loopholes exist for surveillance conducted within the bounds of FISA. One of the
most-discussed loopholes is when U.S. persons have not been ‘intentionally targeted’ but instead
affected by a surveillance operation, e.g., a bulk intercepts on the Internet backbone on U.S. soil under
the ‘UPSTREAM’ program. Instead of promptly destroying such data, generous ex- emptions exist to
nonetheless use the ‘incidentally’ or ‘inadvertantly’ collected information of the affected U.S. person,
including when a ‘foreign intelligence’ interest is created in the data sometime after its collection, or
when the information could be relevant for cybersecurity (incl. cyber-offense) purposes [3].
More generally, the targeting and minimization procedures seem to have introduced a new category of
surveillance specifically aimed acquiring information about persons. (For example, two communicants
that chat about a subject, like Angela Merkel, which is part of an N.S.A. ‘selector’.) Such surveillance is
not considered to intentionally target specific communicating parties, and hardly enjoys protection even
if it affects U.S persons. The information collected through such operations may be further analyzed and
disseminated to other agencies as long as the identity of U.S. persons implicated are redacted in a way
‘that the information cannot be reasonably connected with an identifiable U.S. person’ [3, s.6]).3 A more
complete analysis of the targeting and minimization procedures can be found in [13], along with a
critical assessment of the role of the FISA Court.
Circumvention – bulk collection
The government will restart other bulk collection programs in response to the plan
Toomey 15 [Patrick, Patrick Toomey is a Staff Attorney in the ACLU’s National Security Project, where
he works on issues related to electronic surveillance, national security prosecutions, whistle-blowing,
and racial profiling. Mr. Toomey is a graduate of Harvard College and Yale Law School. , Has the CIA
Asked the FISC to Restart Its Bulk Collection Program?, http://justsecurity.org/24216/cia-asked-fiscrestart-bulk-collection-program/] Schloss BR 15-76 is a proposal to renew interception and storage of
data in regards to businesses
And now it appears, the government may be seeking to restart another one of the very bulk collection
programs that many people understood the USA Freedom Act was meant to prohibit.
There are a few reasons to think the missing application relates to one of these still-secret bulk
collection programs and is not just another targeted request. First, in issuing the opinion related to BR
15-77 and BR 15-78, the FISC made a deliberate decision to split off the questions it considered nobrainers from the more difficult statutory and constitutional questions raised by the government’s
application to renew its bulk call records program in BR 15-75. The legal authority for that program has
been deeply undermined by the Second Circuit’s decision in ACLU v. Clapper, and at least based on the
public record today, the FISC still has not resolved those questions. But in the meantime, as Judge
Saylor’s opinion makes clear, the FISC chose to skip ahead to several subsequent applications that
presented only “relatively simple” questions. The FISC’s decision to leave BR 15-76 out of Judge Saylor’s
opinion suggests that it involves more complicated questions on par with the bulk call records
application — i.e., that it involves a different bulk collection program, one the government wants to
restart but the FISC must now analyze more closely.
Second, it’s very unlikely that BR 15-76 is a targeted application that the FISC simply went ahead and
silently granted. That’s because the FISC would have had to address the same questions raised by BR 1577 and BR 15-78 in order to grant virtually any application under Section 215 — namely, which version
of Section 215 is currently in effect. The temporary expiration of Section 215 on June 1 left it unclear, at
least as a technical matter, what remained of the law when Congress decided to amend it. If the missing
application were also a targeted one, why didn’t the FISC resolve this question and announce its
decision in the context of that earlier application? The better conclusion is that BR 15-76 isn’t a targeted
application at all, but concerns a bulk collection program the government continues to hide from the
public.
They’ll reinstate CIA bulk collection in response to the plan
Toomey 15 [Patrick, Patrick Toomey is a Staff Attorney in the ACLU’s National Security Project, where
he works on issues related to electronic surveillance, national security prosecutions, whistle-blowing,
and racial profiling. Mr. Toomey is a graduate of Harvard College and Yale Law School. , Has the CIA
Asked the FISC to Restart Its Bulk Collection Program?, http://justsecurity.org/24216/cia-asked-fiscrestart-bulk-collection-program/] Schloss
The more likely scenario is that the government has asked the FISC to reinstate the CIA’s bulk collection
program or one of its still-secret brethren. If that’s right, the public should know about this program.
The government’s application goes directly to one of the key questions in the USA Freedom Act debate:
whether the legislation would prove effective in halting the bulk collection of Americans’ sensitive
information. Perhaps the government is simply seeking to “transition” this program over the coming 180
days, as it has said of its effort to restart the NSA call records program — but of course we don’t know.
So long as the government continues to keep the public in the dark about its efforts to collect their data
en masse, we can’t judge whether the USA Freedom Act really put an end to bulk collection under
Section 215.
AT: Fiat solves
Fiat is a form of intelligence legalism – they can fiat compliance with the LETTER of the
plan – but that’s a token gesture that legitimizes surveillance abuses
Schlanger 15 [Margo, Professor of Law at the University of Michigan Law School, and the founder and
director of the Civil Rights Litigation Clearinghouse., Intelligence Legalism and the National Security
Agency’s Civil Liberties Gap,
file:///C:/Users/Jonah/Downloads/Intelligence%20Legalism%20and%20the%20National%20Security%20
Agency-s%20Civil%20Li%20(2).pdf] Schloss3
And as I pointed out in this article’s introduction, the “no’s” Comey praises may make remarkably little
difference, in the end. The hospital-bed confrontation leading to the brief shut-down of part of the
“President’s Surveillance Program”—the modern ur-episode of intelligence legalism—is a perfect case in
point. Lawyers, it seems to me, are far more likely to move an organization towards this kind of nearly
symbolic compliance than to effect any more significant constraint on executive activity, particularly
with respect to a program important to the President. Indeed, lawyers are attractive to intelligence
organizations because they are simultaneously able to give agency operations an imprimatur of
lawfulness and to maintain their agency affiliation/loyalty.316 Their occasional “no’s,” which like as not
have formal rather than major substantive effects, are a price worth paying for those traits.
C. The Costs of Intelligence Legalism
Theorists and observers in a variety of fields have developed the broad critique that law and its
concomitant rights orientation may have the counterintuitive impact of decreasing the welfare of the
purported rights holders—or, in a more modest version of the point, may ameliorate some prevalent set
of harms but undermine more ambitious efforts. Focusing particularly on litigation, they argue that it is
inherently a timid enterprise, and yet it crowds out other more muscular approaches.317 Even with
respect to out-of-court rights orientation, or “legalization,” scholars have offered the insight that
formalizing/legalistic approaches can come with real costs to their intended beneficiaries, depending on
the context. 318 The issue is whether, in a particular institutional setting, these possibilities have
materialized. In this Section, I examine two pathways by which intelligence legalism tends to impair the
prospects of a softer civil-liberties protective policy.
1. Intelligence Legalism Crowds Out Interest Balancing
This Article demonstrates the high salience of rights in this realm. Several related mechanisms convert
that high salience into a devaluation of interests:
First, rights occupy the “liberty” field because of the practical issue of attention bandwidth, which
potentially applies both to agencies and advocates. After all, even large organizations have limited
capacity.319 NSA compliance is such an enormous task that little room remains for more conceptual
weighing of interests and options. Recall that of the dozen-plus offices I described in Part II, just two—
the Civil Liberties and Privacy Office at the NSA, and the Privacy and Civil Liberties Oversight Board—are
currently playing a policy rather than strictly a compliance role. They are also, not coincidentally, the
two newest and two smallest of the offices listed.
I think, though, that this bandwidth issue is driven by a more conceptual, less practical, factor: that
rights talk hides the necessity of policy judgments and, by its purity, diverts attention from that messier
field. Morton Horwitz explains the point:
A . . . troubling aspect of rights discourse is that its focus on fundamental, inherent, inalienable or
natural rights is a way of obscuring or distorting the reality of the social construction of rights and
duties. It shifts discussion away from the always disputable issue of what is or is not socially desirable.
Rights discourse . . . wishes us to believe instead that the recognition of rights is not a question of social
choice at all, as if in the normative and constitutional realm rights have the same force as the law of
gravity.320
Mary Dudziak makes a similar claim in her recent discussion of law and drone warfare, “In this context,
law . . . does not aid judgment, but diverts our attention from morality, diplomacy, humanity, and
responsibility in the use of force, and especially from the bloody mess left on the ground.”321
Even in Fourth Amendment jurisprudence, an area of constitutional doctrine explicitly imbued with
policy considerations, we talk about rights as if they are somehow scientific, to be deduced rather than
debated. The discussion that must accompany policy claims pales in prestige and importance by
comparison. And from the perspective of their beneficiaries, judicially enforceable rights, with their
promise of supremacy over competing interests, are shiny and magnetic. This is why the assertion of
rights can be such a powerful organizing tool322— even if those rights don’t turn out to change much
on the ground . As Rich Ford has written, “Rights are a secular religion for many Americans.”323 Or to
quote Alan Freeman’s classic article about civil rights, “Rights consciousness can offer sustenance to a
political movement, however alienated, indeterminate or reified rights may be.”324
It is the purity, the apparent apolitical nature, of rights that makes them nearly the only coin available.
By comparison with judicially enforceable rights, other methods of advancing individual liberty look
feeble, contingent, jury-rigged. An accusation of illegality becomes the required first bid for any policy
discussion, and a refutation of that accusation ends play . This dynamic is very much in evidence in the
response to the PCLOB’s 702 report, described above. Rights discourse stunts needed policy
discourse.325
2. Intelligence Legalism and Legitimation
In addition , judicial review legitimates the American surveillance system ; that is why reference to
court supervision is surveillance proponents’ first recourse when they want to suggest that everything
is fine . It is, for example, a rare speech by a government official that fails to make reference to the FISA
Court and its ratification of the government’s surveillance programs. Below are passages, chosen
essentially at random, from a speech by President Obama on the topic of signals intelligence reform326:
• “I ordered that our programs be reviewed by my national security team and our lawyers . . . . We
increased oversight and auditing, including new structures aimed at compliance. Improved rules were
proposed by the government and approved by the Foreign Intelligence Surveillance Court.”
• “[T]he Foreign Intelligence Surveillance Court . . . provides judicial review of some of our most
sensitive intelligence activities.”
In language like the above, court involvement is offered as evidence of both legality and
appropriateness; indeed, the two are conceptually merged.
My point is not that FISA Court legitimation is phony. In fact, judicial review has real effects on the
system—we know from the recently declassified documents that FISA Court review disciplines the
surveillance system, holding it at least to the government’s own representations.327 Yet the oversight
gain carries with it a legitimation cost; the existence of judicial review makes political change more
difficult. Scholars, particularly critical legal studies scholars, have made this point in a large number of
other contexts. For example, Alan Freeman argued that civil rights law—and law more generally—exists
“largely to legitimize the existing social structure.”328 The polity at large is soothed, and the effect is felt
even by rights beneficiaries, who frame and tame their aspirations to suit the inherently limited scope of
potential judicial interventions. Freeman described his view that American civil rights litigation has
amounted to a “process of containing and stabilizing the aspirations of the oppressed through
tokenism and formal gestures which actually enhance the material lives of few.”329 He wrote:
Rights are granted to, or bestowed upon, the powerless by the powerful. They are ultimately within the
control of those with authority to interpret or rewrite the sacred texts from which they derive. To enjoy
them, one must respect the forms and norms laid down by those in power. One must especially avoid
excesses in behavior or demands.330
The point is not, for Freeman (and the plentiful literature he adduced), that law accomplishes nothing
for its purported beneficiaries. If that were true, it could not legitimate: “[I]f law is to serve its
legitimation function, [the] ultimate constraints [that come from politics] must yield up just enough
autonomy to the legal system to make its operations credible for those whose allegiance it seeks as well
as those whose self-interest it rationalizes.”331 But gains from rights may—and in the surveillance
situation clearly do—make gains from politics less available.
To sum up this Part, neither the Constitution nor FISA aims to optimally balance security and liberty—
and frequently analyzed difficulties in congressional intelligence oversight mean that new statutes are
unlikely to fill that gap. Likewise the existing foundational Executive Order, 12,333, is at the very least
out-of-date. Accordingly intelligence legalism, and its compliance mindset, cannot achieve optimal
policy. Its concomitant empowerment of lawyers is real and important, but does not deputize a procivil
liberties force. Indeed, legalism actually both crowds out the consideration of policy and interests (as
opposed to law and rights), and legitimates the surveillance state , making it less susceptible to policy
reform. Are there, then, non-legalistic reforms that could play a productive part? I turn next to this
issue.
NSA lawyering will meet the letter of the plan but they’ll still find loopholes
Schlanger 15 [Margo, Professor of Law at the University of Michigan Law School, and the founder and
director of the Civil Rights Litigation Clearinghouse., Intelligence Legalism and the National Security
Agency’s Civil Liberties Gap,
file:///C:/Users/Jonah/Downloads/Intelligence%20Legalism%20and%20the%20National%20Security%20
Agency-s%20Civil%20Li%20(2).pdf] Schloss3
One key question about all this legal advice is whether it is ever constraining—whether the lawyers ever
tell their clients no. NSA’s lawyers do sometimes advise their clients/colleagues not to do specific things.
One released training document, for example, advises analysts not to use certain search techniques,
cautioning: “Do Not: Wildcard domains. Wildcard user names. Wildcard across domains.”149 One would
expect agency counsel to say no with relative ease where the rules are clear and when those rules
govern how and not whether a particular activity can occur. It is crucial to remember, however, that
agency lawyer advice-giving is not adjudication and agency lawyers are not judges. The judicial ideal of
even-handedness is not, even theoretically, applicable. Rather, the goal of legal advice for lawyers
within the Intelligence Community, as with any organization’s lawyers, is to assist the client. To quote
the same senior IC lawyer, “you’re hoping to get done what your client wants to get done, so there’s a
tendency to try to find the most room to get that done.”150 Or, in the less careful words of a former
NSA chief analyst, “Look, NSA has platoons of lawyers and their entire job is figuring out how to stay
within the law and maximize collection by exploiting every loophole .” 151 Unsurprisingly, then, some
training slides that say no also include work-arounds—methods for achieving various searching or
analytic goals that are not covered by the stricter FISA rules.152
Fiating compliance makes it more difficult to reign in the NSA in every other area
Schlanger 15 [Margo, Professor of Law at the University of Michigan Law School, and the founder and
director of the Civil Rights Litigation Clearinghouse., Intelligence Legalism and the National Security
Agency’s Civil Liberties Gap,
file:///C:/Users/Jonah/Downloads/Intelligence%20Legalism%20and%20the%20National%20Security%20
Agency-s%20Civil%20Li%20(2).pdf] Schloss3
I suggest in Section A, below, that the law alone is not enough; it is implausible that constitutional,
statutory, and binding executive rules will be sufficiently robust to produce the best policy outcomes.
There will always be liberty gaps—and these will increase with the passage of time from the last public
outcry and resulting intervention. In Section B, I examine and reject a different argument that
intelligence legalism sufficiently furthers liberty: that lawyers, empowered by legalism, turn out to be
excellent good civil liberties guardians. Finally, in Section C, I argue that the compliance focus, and the
prevalence of rights and law talk, actually dampens the prospects of civil liberties policymaking, both by
crowding it out and by rendering surveillance more politically acceptable and therefore making political
or policy-based claims for reform less likely to succeed, whether inside the Intelligence Community or in
the polity as a whole. In sum, intelligence legalism may further individual liberty to some extent, but
compliance matters are apt to receive so much attention and even prestige that law functions as a
ceiling rather than a floor. To add policy considerations on top of law thus requires focused intervention,
discussed in Part IV.
AT: FISC checks
The FISC allows the NSA to make the reasonable suspicion determination – means the
NSA circumvents
Donohue ’14 – Professor of Law at Georgetown University (Laura K. Donohue, “Bulk Metadata
Collection: Statutory and Constitutional Considerations”, Georgetown University Law Center, 2014,
http://scholarship.law.georgetown.edu/cgi/viewcontent.cgi?article=2360&context=facpub)//MBB
To the contrary, FISC’s primary order authorizing the collection of telephony metadata required that
designated NSA officials make a finding that there is “reasonable, articulable suspicion” (RAS) that a
seed identifier proposed for query is associated with a particular foreign terrorist organization prior to
its use. It is thus left to the executive branch to determine whether the executive branch has sufficient
evidence to place individuals or entities under surveillance.
The dangers associated with the court removing itself from the process are clear. Documents recently
released under court orders in a related FOIA case establish that for nearly three years, the NSA did not
follow these procedures 223 —even though numerous NSA officials were aware of the violation.224
Noncompliance incidents have continued. Collectively, these incidents raise serious question as to
whether FISC is performing the functions for which it was designed.
Legitimacy of FISC undermined by continuous noncompliance
Donohue ’14 – Professor of Law at Georgetown University (Laura K. Donohue, “Bulk Metadata
Collection: Statutory and Constitutional Considerations”, Georgetown University Law Center, 2014,
http://scholarship.law.georgetown.edu/cgi/viewcontent.cgi?article=2360&context=facpub)//MBB
In at least three important ways, FISC no longer serves the purpose for which it was designed. First,
Congress created the court to determine whether the executive branch had met its burden of
demonstrating that there was sufficient evidence to target individuals within the United States, prior to
collection of such information. The telephony metadata program demonstrates that FISC has abdicated
this responsibility to the executive branch generally, and to the NSA in particular. Continued
noncompliance underscores concern about relying on the intelligence community to protect the Fourth
Amendment rights of U.S. persons.
Second, Congress did not envision a lawmaking role for FISC. Its decisions were not to serve as
precedent, and FISC was not to offer lengthy legal analyses, crafting in the process, for instance,
exceptions to the Fourth Amendment warrant requirement or defenses of wholesale surveillance
programs.
Third, questions have recently been raised about the extent to which FISC can fulfill the role of being a
neutral, disinterested magistrate. Congress went to great lengths, for instance, to try to ensure diversity
on the court. To the extent that the appointments process implies an ideological predilection, at a
minimum, it is worth noting that almost all of the judges who serve on FISC and FISCR are Republican
appointees. The rate of applications being granted, in conjunction with the in cam-era and ex parte
nature of the proceedings, also raises questions about the extent to which FISC serves as an effective
check on the executive branch. The lack of technical expertise of those on the court further introduces
questions about the judges’ ability to understand how the authorities they are extending to the NSA are
being used.
Close to no FISC applications ever get denied
Donohue ’14 – Professor of Law at Georgetown University (Laura K. Donohue, “Bulk Metadata
Collection: Statutory and Constitutional Considerations”, Georgetown University Law Center, 2014,
http://scholarship.law.georgetown.edu/cgi/viewcontent.cgi?article=2360&context=facpub)//MBB
Augmenting concerns prompted by the lack of diversity in terms of appointments to FISC and FISCR is
the rather notable success rate the government enjoys in its applications to the court. Scholars have
noted that the success rate is “unparalleled in any other American court.”308 Over the first two and a
half decades, for instance, FISC approved nearly every single appli- cation without any modification.309
Between 1979 and 2003, FISC denied only three out of 16,450 applications.310
Since 2003, FISC has ruled on 18,473 applications for electronic surveillance and physical search (2003–
2008), and electronic sur- veillance (2009–2012).311 Court supporters note that a significant number of
these applications are either modified or withdrawn by the government prior to FISC ruling. But even
here, the num- bers are quite low: 493 modifications still only comes to 2.6% of the total number of
applications. Simultaneously, the govern- ment has only withdrawn twenty-six applications prior to FISC
ruling.312 These numbers speak to the presence of informal pro- cesses, whereby FISC appears to be
influencing the contours of applications. Without more information about the types of mod- ifications
that are being required, however, it is impossible to gauge either the level of oversight or the extent to
which FISC is altering the applications.
Critics also point to the risk of capture presented by in camera, ex parte proceedings, and note that out
of 18,473 rulings, FISC has only denied eight in whole and three in part. Whatever the substantive effect
might be, the presentational impact is of note.
Setting modifications aside for the moment, the deference that appears to exist regarding outright
denials or granting of orders seems to extend to FISC rulings with regard to business records. Almost no
attention, however, has been paid to this area. It appears that FISC has never denied an application for
an order under this section. That is, of 751 applications since 2005, all 751 have been granted, as the
following figure shows.
FISA allows incidental collection of data from US persons
Rinehart, 14 – Editor in Chief of the Maryland Law Review (Liz Clark Rinehart, “Clapper v. Amnesty
International USA: Allowing the FISA Amendments Act of 2008 to Turn "Incidentally" into "Certainly"”,
Maryland Law Review, 5/1/2014,
http://digitalcommons.law.umaryland.edu/cgi/viewcontent.cgi?article=3638&context=mlr)//MBB
The Court found it notable that the plaintiffs were not in a class of people targeted by the statute,196
but the text of Section 1881a indicates Congress considered the statute would possibly affect U.S.
persons.197 If, as it seems likely, the plaintiffs are individuals who are directly affected by the statute,
they should have been permitted to assert standing without showing that the “choices [of independent
third parties] have been or will be made in such manner as to produce causation and permit
redressability of injury.”198
The text of Section 1881a undoubtedly indicates that the overall focus of the statute is surveillance of
“certain persons outside the United States,”199 but there is also language that implies, if not directly
states, that U.S. persons like the plaintiffs were thought to be affected, although not targeted, by the
law. The limitations provision of Section 1881a specifies that authorizations may not “intentionally
target” U.S. persons living in the United States or abroad.200 Based on the term “intentionally,” this
provision appears to permit the acquisition of such communications if the acquisition occurs incidentally
or accidentally. The targeting provision also requires that the government “prevent the intentional
acquisition of any communication as to which the sender and all intended recipients are known at the
time of the acquisition to be located in the United States.”201 This language does not mean, however,
that the targeting must prevent the intentional acquisition of communications between individuals
located outside the United States and individuals located in the United States. This was the exact
scenario facing the plaintiffs in Amnesty International.202
AT: Relevance standard
Relevance standard will be construed expansively to allow all circumvention
Donohue ’14 – Professor of Law at Georgetown University (Laura K. Donohue, “Bulk Metadata
Collection: Statutory and Constitutional Considerations”, Georgetown University Law Center, 2014,
http://scholarship.law.georgetown.edu/cgi/viewcontent.cgi?article=2360&context=facpub)//MBB
Four legal arguments undermine the government’s claim that there are “reasonable grounds” to believe
that hundreds of millions of daily telephone records are “relevant” to an author- ized investigation. First,
the NSA’s interpretation of “relevant” collapses the statutory distinction between relevant and irrelevant records, thus obviating the government’s obligation to discriminate between the two. Second, this
reading renders meaningless the qualifying phrases in the statute, such as “rea- sonable grounds.” Third,
the government’s interpretation es- tablishes a concerning legal precedent. Fourth, the broad read- ing
of “relevant” contravenes congressional intent.
First, in ordinary usage, something is understood as relevant to another thing when a demonstrably
close connection be- tween the two objects can be established.351 This is also the way in which courts
have consistently applied the term to the col- lection of information—as with grand-jury subpoenas,
where the information collected must bear some actual connection to a particular investigation.352
In contrast, almost none of the information the government obtained under the bulk metadata
collection program is de- monstrably linked to an authorized investigation. The govern- ment itself has
admitted this. Writing to Representative James Sensenbrenner, Peter Kadzik, the Principal Deputy
Assistant Attorney General, acknowledged, “most of the records in the dataset are not associated with
terrorist activity.”353 FISC Judge Reggie Walton drew the point more strongly:
The government’s applications have all acknowledged that, of the [REDACTED] of call detail records NSA
receives per day (currently over [REDACTED] per day), the vast majority of individual records that are
being sought pertain neither to [REDACTED] . . . In other words, nearly all of the call detail records
collected pertain to communications of non-U.S. persons who are not the subject of an FBI investigation
to ob- tain foreign intelligence information, [and] are communica- tions of U.S. persons who are not the
subject of an FBI inves- tigation to protect against international terrorism or clandestine intelligence
activities.354
In other words, most of the information being collected does not relate to any individuals suspected of
any wrongdoing.
In defense of its broad interpretation, the government argues that it must collect irrelevant information
to ascertain what is relevant. This means that the NSA, in direct contravention of the statutory language,
is collapsing the distinction between relevant and irrelevant records—a distinction that Congress
required be made before collection. Because of this collapse, the NSA is gaining an extraordinary
amount of information. The records the government sought under the telephony metadata program
detail the daily interactions of millions of Americans who are not themselves connected in any way to
foreign pow-ers or agents thereof. They include private and public interac- tions between senators,
between members of the House of Rep- resentatives, and between judges and their chambers, as well
as information about state and local officials. They include par- ents communicating with their children’s
teachers, and zookeepers arranging for the care of animals. Metadata infor- mation from calls to rape
hotlines, abortion clinics, and political party headquarters are likewise not exempt from collection— the
NSA is collecting all telephony metadata.
Second, in addition to collapsing the distinction between rel- evant and irrelevant records, reading FISA
to allow this type of collection would neuter the qualifying phrases contained in 50 U.S.C. §
1861(b)(2)(A). The statute requires, for instance, that there be “reasonable grounds” to believe that the
records being sought are relevant.355 Although FISA does not define “reason- able grounds,” the
Supreme Court has treated this phrase as the equivalent of “reasonable suspicion.”356 This standard requires a showing of “specific and articulable facts which, taken together with rational inferences from
those facts, reasonably warrant” an intrusion on an individual’s right to privacy.357
The FISC order requires that Verizon disclose all domestic tel- ephone records—including those of a
purely local nature.358 Ac- cording to Verizon Communications News Center, as of last year the
company had 107.7 million wireless customers, connect- ing an average of 1 billion calls per day.359 It is
impossible that the government provided specific and articulable facts showing reasonable grounds for
the relevance of each one of those cus-tomers or calls. Interpreting all records as relevant effectively
renders the “reasonable grounds” requirement obsolete.
The statute does not explain precisely what makes a tangible item relevant to an authorized
investigation. Nevertheless, the act suggests that tangible things are “presumptively relevant” when
they:
[P]ertain to—(i) a foreign power or an agent of a foreign power; (ii) the activities of a suspected agent of
a foreign power who is the subject of such authorized investigation; or (iii) an individual in contact with,
or known to, a suspect- ed agent of a foreign power who is the subject of such au- thorized
investigation.360
This section appears not to apply to the telephony metadata program. It would be impossible to
establish that all customer and subscriber records pertain to a foreign power or an agent thereof, or to a
particular, suspected agent of the same, who is the subject of an authorized investigation. Perhaps five
or ten customers may fall into this category, but to include millions simply pushes the bounds of
common sense. Accordingly, the telephony metadata are neither relevant nor presumptively relevant.
Third, the breadth of the government’s interpretation estab- lishes a troubling precedent. If all
telephony metadata are rele- vant to foreign intelligence investigations, then so are all e-mail metadata,
all GPS metadata, all financial information, all bank- ing records, all social network participation, and all
Internet use. Both the DOJ and FISC have suggested that there may be other programs in existence that
operate in a similar fashion.361 Some media reports appear to support this. On September 28, 2013, for
instance, the New York Times reported that the NSA “began allowing the analysis of phone call and
email logs in November 2010 to begin examining Americans’ networks of associations.”362 If all
telephony metadata are relevant, then so are all other data—which means that very little would, in fact,
be irrelevant to such investigations. If this is the case, then such an interpretation radically undermines
not just the limiting language in the statute, but the very purpose for which Con- gress introduced FISA
in the first place.
Fourth, the government’s interpretation directly contradicts Congress’s intent in adopting Section 215.
At the introduction of the measure, Senator Arlen Specter explained that the lan- guage was meant to
create an incentive for the government to use the authority only when it could demonstrate a
connection to a particular suspected terrorist or spy.363 During a House Ju- diciary Committee meeting
on July 17, 2013, Representative James Sensenbrenner (R-WI) reiterated that Congress inserted
“relevant” into the statute to ensure that only information di- rectly related to national security probes
would be included— not to authorize the ongoing collection of all phone calls placed and received by
millions of Americans not suspected of any wrongdoing.364 Soon afterwards, he wrote:
This expansive characterization of relevance makes a mock- ery of the legal standard. According to the
administration, everything is relevant provided something is relevant. Con- gress intended the standard
to mean what it says: The rec- ords requested must be reasonably believed to be associated with
international terrorism or spying. To argue otherwise renders the standard meaningless.365
Other members of Congress have made similar claims.366
Counterplans
Replace section 702
1nc – replace section 702
The United States federal government should repeal section 702 of the FISA
Amendments Act and replace it with a requirement requiring an individualized court
order for the interception of communications involving United States persons,
allowing an exception solely if the primary purpose of federal surveillance is foreign
intelligence gathering. This requirement should govern all federal surveillance.
It competes – the plan makes section 702 exclusive – the CP makes an individualized
court order the exclusive precondition of surveillance
Patel and Goitein, 15 – *co-director of the Liberty and National Security Program at the Brennan Center
for Justice AND ** co-directs the Brennan Center for Justice’s Liberty and National Security Program
(Faiza and Liza, “Fixing the FISA Court by Fixing FISA: A Response to Carrie Cordero” 4/8, Lawfare,
http://www.lawfareblog.com/fixing-fisa-court-fixing-fisa-response-carrie-cordero
That’s why our report states that, “[w]ith the exception of e-mails stored in the United States, the new
law had no impact on the government’s ability to collect the communications of foreigners with other
foreigners.” Carrie is, of course, correct that Section 702 allows the government to obtain other types of
foreign-to-foreign communications without a court order… but so did 1978 FISA, so Section 702 made
no change there. The most significant change Section 702 made was to permit the acquisition of
communications between foreign targets and U.S. persons without a court order. Carrie does not
explain why this was necessary to allow the government to collect the communications of Terrorist A in
Afghanistan with Terrorist B in Iraq.
Carrie also appears to interpret our recommendations as requiring a probable cause order whenever the
government seeks to collect on a foreigner overseas. This isn’t what we’re proposing. Our
recommendation is to repeal Section 702 “and replace it with a regime requiring an individualized court
order for the interception of communications involving U.S. persons.”
We’re aware that differentiating between U.S. persons and foreigners is currently more difficult for
stored e-mails than for communications obtained in transit, where relevant information may be gleaned
from packet headers. That may support a more nuanced and creative solution for that category of
surveillance. But there’s no conceivable reason why the solution should be programmatic acquisition of
any type of communication sent by a foreign target.
That’s the only viable mechanism to solve the case – they don’t solve perception, the
CP does
Nojeim, 14 - Director, Project on Freedom, Security & Technology at the Center for Democracy &
Technology (Greg, “COMMENTS TO THE PRIVACY AND CIVIL LIBERTIES OVERSIGHT BOARD REGARDING
REFORMS TO SURVEILLANCE CONDUCTED PURSUANT TO SECTION 702 OF FISA” 4/11)
The FISA provisions that govern intelligence surveillance of targets in the U.S. permit the government to
engage in electronic surveillance to collect “foreign intelligence information.” For purposes of
surveillance that targets a non-U.S. person, it is defined broadly as: (1) information that relates to the
ability of the U.S. to protect against a hostile attack, espionage, sabotage or international terrorism or
proliferation of weapons of mass destruction; or (2) information with respect to a foreign territory or
foreign power (a foreign government, political party, or entity controlled by a foreign government, or a
foreign terrorist organization) that relates to the security of the U.S. or to the conduct of U.S. foreign
affairs.4 When the government applies to the Foreign Intelligence Surveillance Court (FISC) for
permission to conduct surveillance of targets in the U.S., it must certify that a significant purpose of the
surveillance it will conduct is to collect foreign intelligence information.5
Because “foreign intelligence information” is defined so broadly, and because the FISC never actually
rules on whether the significant purpose test is met, the purpose limitation that governs FISA
surveillance of targets in the U.S. is easily met. FISA surveillance in the U.S. is instead effectively
constrained by an additional requirement: the requirement that the government prove to the FISC that
there is probable cause to believe the target of surveillance is a terrorist, spy, or other agent of a foreign
power. Thus, Congress effectively constrained FISA surveillance of targets in the U.S. by permitting that
surveillance to target only a narrow class of persons and entities.
For surveillance of people reasonably believed to be outside the U.S., Section 702 adopts the broad
purpose requirement, but couples it with a broad class of surveillance targets. Section 702 is not
constrained by the requirement that the target be an agent of a foreign power. Instead, the target need
only be a non-U.S. person reasonably believed to be abroad. Effectively, Congress borrowed the broad
purpose for FISA intelligence surveillance (collect “foreign intelligence information”) and applied it to
surveillance abroad without limiting the class of potential targets to “agents of a foreign power.”
This has prompted concern globally that surveillance under Section 702 is broadly directed at individuals
not suspected of wrongdoing, and could include targeting based at least in part on political activities. A
peaceful protest at a U.S. base in Germany or a demonstration against rising food prices in India “relate
to” U.S. foreign policy; non-U.S. persons involved in those protests could be monitored under Section
702. A 2012 cloud computing report to the European Parliament included a finding that under Section
702, it is lawful in the U.S. to conduct purely political surveillance on non-U.S. persons’ data stored by
U.S. cloud companies.6 Such actions raise serious human rights concerns. Further, fear of the mere
possibly that this overbroad surveillance is occurring has significantly damaged the U.S. tech industry
abroad .
2nc – solvency net benefit
The CP’s a hard limit on the NSA – anything short of it creates easily exploitable
loopholes
Goitein and Patel 15 - Elizabeth (Liza) Goitein co-directs the Brennan Center for Justice’s Liberty and National Security Program. Served
as counsel to Sen. Russell Feingold with a particular focus on government secrecy and privacy rights. Was a trial attorney in the Federal
Programs Branch of the Civil Division of the Department of Justice. Graduated from the Yale Law School and clerked for the Honorable Michael
Daly Hawkins on the U.S. Court of Appeals for the Ninth Circuit. Faiza Patel serves as co-director of the Brennan Center for Justice’s Liberty and
National Security Program. Clerked for Judge Sidhwa at the International Criminal Tribunal for the former Yugoslavia. Ms. Patel is a graduate of
Harvard College and the NYU School of Law. (Elizabeth and Faiza, “What went wrong with the FISA court”, Brennan Center for Justice at New
York University School of Law, 2015 //DM)
A. End Programmatic Surveillance
The most effective reform would be for Congress to end programmatic surveillance . This would entail
expressly prohibiting bulk collection under Section 215 and similar provisions, as well as repealing
Section 702 and replacing it with a regime requiring an individualized court order for the interception
of communications involving U.S. persons , regardless of whether they are the identified target of the
surveillance.
Ending programmatic surveillance would return the FISA Court to its traditional role of applying the law
to the facts of a particular case.271 This would mitigate many of the Article III concerns relating to the
absence of a case or controversy. If the standard for issuing a surveillance order were sufficiently strict
(discussed below), ending programmatic surveillance could address Fourth Amendment objections as
well.
But these changes would not fully cement the constitutional status of the FISA Court’s activities. FISA
orders will never look entirely like criminal warrants because they rarely culminate in criminal
prosecutions, thus removing the primary vehicle for challenging their legitimacy. Concerns about the
lack of adversarial process thus would remain even if programmatic surveillance were replaced with an
individualized regime. To address them, the reforms listed in the next section would be needed.
B. Enact Additional Article III-Related Reforms
1. Introduce Adversarial Processes
Several existing reform proposals would address the lack of a party opposing the government in FISA
Court proceedings by establishing a permanent public interest advocate (or slate of advocates) to
represent the interests of people affected by government surveillance.272 President Obama and two
former judges of the court publicly support the appointment of such an attorney, commonly referred to
as the “Special Advocate.”273 An alternative approach would allow the FISA Court to hear from certain
individuals or interest groups as amici curiae.274 The court could call upon these outside
representatives to weigh in on potential privacy and civil liberties concerns raised by a government
application.275
The latter approach would not resolve the Article III problem, particularly if participation were left to the
court to decide. The FISA Court already has discretion to solicit or permit amicus participation, and with
few exceptions, has preferred to rely on the government’s submissions alone.276 Article III would be
best served by strengthening the special advocate concept to the greatest extent possible, including by
ensuring that special advocates are notified of cases pending before the court, have the right to
intervene in cases of their choosing, and are given access to all materials relevant to the controversy in
which they are intervening.
In addition, there must be a mechanism for appeal in cases where the court rules against the special
advocate. Legitimate questions arise as to whether a special advocate would have standing to bring an
appeal, given the advocate’s lack of a personal stake in the outcome.277 Various solutions to this
problem have been proposed: for example, the special advocate could serve as a guardian ad litem for
third parties affected by the surveillance (such as those incidentally in communication with the target),
or the court could be required to certify particular types of decisions to the FISA Appeals Court for
review.278 The standing problem, while real, is not insurmountable.
2. Increase Transparency and Facilitate Collateral Challenges
A defining feature of the FISA Court is that nearly all of its decisions are classified. This hampers
democratic self-government and sound policymaking. It also has Article III implications: secret decisions
cannot be challenged, and the opportunity to challenge a FISA Court order in collateral proceedings is
critical to the legitimacy of the process. A number of existing proposals would introduce some
transparency by requiring the executive branch to release full copies, redacted versions, or summaries
of FISA Court opinions containing significant legal opinions.279 For both constitutional and policy
reasons, Congress should establish a non-waiveable requirement that the government issue public
versions of FISA Court opinions or summaries containing certain minimum information — including the
legal questions addressed, as well as the construction or interpretation given to any legal authority on
which the decision relies.
Transparency alone cannot address the Article III defects in the FISA Court. Congress also must facilitate
collateral challenges. One key step would be to prohibit the practice of “parallel construction,” in which
the government builds a criminal case based on FISA-derived evidence but then reconstructs the
evidence using other means. This allows the government to avoid notifying defendants of the FISA
surveillance and thus makes it impossible for them to challenge it. Any time the government uses the
tools of FISA as part of an investigation, the subject of any resulting legal proceedings should be notified,
and should be entitled to challenge any evidence that resulted either directly or indirectly from that
surveillance.
The special procedures governing a defendant’s access to FISA application materials, under which a
defendant is almost never given any hint of their contents, should be jettisoned. Instead, the process
under the Classified Information Procedures Act (CIPA)280 — which has been used successfully in the
most sensitive national security and espionage cases, and which allows the government to use
summaries or admissions of fact in place of classified information — should apply.281
Finally, the government’s attempt to shut down every civil lawsuit that has been brought to challenge
the constitutionality of foreign intelligence surveillance must end. Even where plaintiffs have had
reasonable grounds to fear that they were being surveilled282 — indeed, even where they have had
irrefutable proof283 — the government has tried to have the lawsuit dismissed, arguing that the
plaintiffs lacked evidence or that the evidence contained state secrets. Today, after Snowden’s
disclosures, many secret programs are public knowledge and dismissing plaintiffs’ fears of surveillance
as “speculative” is increasingly disingenuous. Moreover, warrantless surveillance is no longer a secret, it
is the law — and, given the broad scope of collection, acknowledging that a plaintiff has standing to
challenge FISA surveillance does not reveal the identity of any investigation’s target. If ever the
government’s jurisdictional and national security defenses had merit, they no longer do.
C. Enact Additional Fourth Amendment-Related Reforms
Restoring the requirement that the government obtain individualized court orders before conducting
surveillance does not end the Fourth Amendment analysis. The question of what standards the court
should apply in issuing these orders remains. Even if the Supreme Court were to hold that acquiring
foreign intelligence is a special need and that the government need not demonstrate probable cause of
criminal activity, longstanding precedent suggests that the collection of foreign intelligence must adhere
to the following standards and procedures.
1. Restore the “Foreign Power/Agent of a Foreign Power” Requirement
The government should be permitted to conduct surveillance in the United States only when it can show
probable cause that the target is a foreign power or its agent. This would reinstate the standard
contained in original FISA. It also would track the holding of Truong and other courts that sought to limit
the universe of individuals whose communications may be captured under the foreign intelligence
exception. The terms “foreign power” and “agent of a foreign power” are quite broadly defined,
including terrorist groups and other non-state actors. They are thus expansive enough to accommodate
the government’s legitimate security interests, while enhancing protection for U.S. persons (and the
foreigners with whom they communicate).
2. Narrow the Definition of “Foreign Intelligence Information”
The definition of “foreign intelligence information” in FISA should be narrowed. The courts of appeal
have admonished that the foreign intelligence exception must be narrowly construed and reserved for
matters in which the executive branch’s interests are of the most compelling nature. Yet, in addition to
information necessary to protect against foreign attack, terrorism, or espionage, the current definition
includes information relevant to (or, in the case of a U.S. person, necessary to) “the security of the
United States” and “the conduct of the foreign affairs of the United States.” A general interest in
obtaining any information that “relates to” these vague areas cannot justify the massive intrusion on
privacy and First Amendment rights implicated by the warrantless acquisition of Americans’
international communications. The definition of “foreign intelligence information” could usefully be
narrowed to information relating to external threats — including “actual or potential attacks or other
grave hostile acts,” “sabotage,” “international terrorism,” “the international proliferation of weapons of
mass destruction,” and “clandestine intelligence activities.” 284 These are the specific threats currently
listed in FISA’s statutory definition, minus the overbroad catch-all language regarding security and
foreign affairs.
Another option is to rely on the restrictions that President Obama recently placed on the permissible
uses of signals intelligence information collected abroad in bulk. Presidential Policy Directive 28, issued
on January 17, 2014, states that such information shall be used
only for the purposes of detecting and countering: (1) espionage and other threats and activities
directed by foreign powers or their intelligence services against the United States and its interests; (2)
threats to the United States and its interests from terrorism; (3) threats to the United States and its
interests from the development, possession, proliferation, or use of weapons of mass destruction; (4)
cybersecurity threats; (5) threats to U.S. or allied Armed Forces or other U.S or allied personnel; and (6)
transnational criminal threats, including illicit finance and sanctions evasion related to the other
purposes named in this section.285
The surveillance activities governed by this Directive are subject to fewer domestic legal constraints than
any other type of communications surveillance. The fact that the above restrictions are considered
appropriate in a context where the president has maximum discretion strongly suggests that imposing
the same limits in the context of Section 702 collection would not unduly restrict the government’s
intelligence gathering. More fundamentally, defining “foreign intelligence information” as information
relating to the above-listed threats would honor the principle that any foreign intelligence exception
should be limited to instances in which the government’s interests are paramount.286
3. Restore the “Primary Purpose” Test
Congress should amend FISA to require that obtaining foreign intelligence information be the primary
purpose of surveillance. Other than the FISA Appeals Court, the courts that have recognized a foreign
intelligence exception have generally imposed such a “primary purpose” requirement. As these courts
have recognized, surveillance that is primarily for law enforcement purposes must take place pursuant
to a regular criminal warrant, lest the foreign intelligence exception drive a massive hole through the
protections of the Fourth Amendment.
The FISA Court also must be empowered to review whether there are truly foreign intelligence
considerations at stake, and whether acquiring foreign intelligence is the primary purpose of
surveillance. Courts of appeal have emphasized the need for close scrutiny on this point, noting that
“judges must microscopically examine the wiretaps in order to determine whether they had their origin
in foreign intelligence,” and that warrantless wiretaps should be upheld only when “the foreign and
sensitive nature of the government surveillance is crystal clear.”287
Congress should accordingly strengthen the certification requirement. It should direct the executive
branch to certify, not merely that its primary purpose is to acquire foreign intelligence information, but
that the requested surveillance is reasonably likely to produce such information. It also should authorize
the court to review this certification not only for proper form (as is currently the case), but for its
substance as well. And it should prohibit the practice of “back door searches,” which gives the
government an easy end-run around the foreign intelligence purpose requirement as well as the
requirement of targeting foreigners overseas.
Section 702 is overbroad – can’t solve reputational costs without curtailing
surveillance
Nojeim, 14 - Director, Project on Freedom, Security & Technology at the Center for Democracy &
Technology (Greg, “COMMENTS TO THE PRIVACY AND CIVIL LIBERTIES OVERSIGHT BOARD REGARDING
REFORMS TO SURVEILLANCE CONDUCTED PURSUANT TO SECTION 702 OF FISA” 4/11)
Section 702 permits the government to compel communications service providers to assist with
intelligence surveillance that targets non-U.S. persons (persons other than U.S. citizens and lawful
permanent residents) reasonably believed to be abroad. Though it is defended as a necessary
counterterrorism and national security power, Section 702 broadly authorizes collection, retention, and
use of communications content unnecessary for national security and unrelated to counterterrorism.
The overbroad use of Section 702 infringes upon the privacy rights of both U.S. persons, and of non-U.S.
persons abroad, has already caused some damage to the American tech industry globally, and could
cause much more.3
There’s no functional difference between the FAA and XO12333 – both allow bulk
collection and sweep up volumes of US person data
Vladeck 15 - professor of law at American University Washington College of Law (Steven “Forget the
Patriot Act – Here Are the Privacy Violations You Should Be Worried About”, Foreign Policy, 06/01/15,
http://foreignpolicy.com/2015/06/01/section-215-patriot-act-expires-surveillance-continues-fisa-courtmetadata/)//GK
But whatever the merits of the competing sides in this debate, the larger problem is that this
conversation has missed the forest for a very small — and largely irrelevant — tree. In fact, from the
perspective of individual privacy rights, the phone records program is much less problematic than the
government’s other authorities to conduct mass surveillance under Executive Order 12333 and the 2008
FISA Amendments Act. And so, in focusing on how to “fix” Section 215, we’ve given short shrift to the far
more significant problems raised by these other authorities — and, just as importantly, the broader
lessons we should be taking away from the surveillance reform conversation that Snowden started. To
understand the significance of these other authorities, it’ll help to describe their aims: Executive Order
12333, issued in 1981, is directed at the overseas interception of communications — both metadata and
content — of non-citizens outside the United States, who, under a 1990 Supreme Court decision,
categorically lack Fourth Amendment rights. The 2008 FISA Amendments Act was enacted to close a
loophole that new technology had helped to create, where non-citizens outside the United States were
nevertheless communicating through servers or other telecommunications infrastructure located
stateside, which the government could not surveil under the executive order. Ordinarily, the
government needs a warrant before collecting the content of domestic communications, one based
upon a judge’s determination that there’s good reason to believe a particular individual either is
engaged in the commission of a crime or is an agent of a foreign power. But Executive Order 12333 and
the 2008 FISA statute, by focusing on individuals who fall outside the Fourth Amendment, capitalize on
the lack of constitutionally required individualized assessments and instead allow the government to
engage in bulk collection of such information — as if it were using an industrial vacuum cleaner to pick
up individual particles of dirt.
The lack of an adversarial process means FISC is an echo chamber reflecting
government surveillance priorities
Goitein and Patel 15 - Elizabeth (Liza) Goitein co-directs the Brennan Center for Justice’s Liberty and National Security Program. Served
as counsel to Sen. Russell Feingold with a particular focus on government secrecy and privacy rights. Was a trial attorney in the Federal
Programs Branch of the Civil Division of the Department of Justice. Graduated from the Yale Law School and clerked for the Honorable Michael
Daly Hawkins on the U.S. Court of Appeals for the Ninth Circuit. Faiza Patel serves as co-director of the Brennan Center for Justice’s Liberty and
National Security Program. Clerked for Judge Sidhwa at the International Criminal Tribunal for the former Yugoslavia. Ms. Patel is a graduate of
Harvard College and the NYU School of Law. (Elizabeth and Faiza, “What went wrong with the FISA court”, Brennan Center for Justice at New
York University School of Law, 2015, p.30//DM)
Today, under Section 702 of the FAA, the court is no longer tasked with assessing the sufficiency of the
government’s factual showing in individual cases that arise within a limited pool. Instead, it reviews
broad targeting and minimization procedures that the government will apply to tens of thousands of
cases involving hundreds of millions of communications, if not more, each year.178 The court then
approves or rejects the procedures based on a facial analysis of whether they comport with the statute
and the Fourth Amendment. Similarly, under Section 215, the FISA Court has endorsed a form of
“programmatic surveillance” in which it may approve procedures for obtaining and searching telephone
records without reviewing individual searches (although it currently reviews these searches pursuant to
the administration’s request).179
These developments, compounded by the secrecy and lack of adversarial process that mark the court’s
proceedings, have critical implications for the constitutional legitimacy of the court. Lack of adversary
process in a proceeding that bears no relationship to a traditional warrant application is inconsistent
with Article III. Moreover, the court’s facial review of agency procedures cannot shed light on their
constitutionality in specific cases.
1. Lack of Adversarial Process
Article III of the Constitution generally requires the presence in court of opposing parties, because its
“case or controversy” requirement “confines the business of federal courts to questions presented in an
adversary context.”180 Warrant proceedings are an exception to this rule. The FISA Court’s shift from
issuing individualized, warrant-like orders to approving programmatic surveillance renders the lack of an
opposing party in its proceedings, which was a “difficult question” for the Department of Justice even
under the original 1978 FISA procedure,181 impossible to defend — and highly problematic. As
discussed, at the time FISA was passed, the Justice Department sought to address concerns about the
lack of an opposing party in FISA Court proceedings. Even though the procedure for obtaining a
surveillance order did not involve adverse parties, the Justice Department argued that there was
“adversity in fact” because “the interests of the United States and the target will inevitably be adverse
to each other. The United States’ interest is to institute electronic surveillance of a particular target. The
interest of the target would, presumably, be that the surveillance not be conducted.”182 The
Department emphasized the similarity of these features to traditional warrant proceedings, and
concluded: “It is obvious . . . that we rely heavily on the analogy to warrant proceedings to uphold the
validity of the [FISA] proceeding.”183
Under Section 702, that analogy disappears. There is no such thing as a criminal warrant proceeding in
which a law enforcement agency seeks blanket authorization to conduct an unlimited number of
searches over the coming year, on the basis of written procedures setting forth generic rules for how
such searches will be conducted. While ex parte proceedings are a standard feature in warrant
applications, they are not standard when courts review rules and procedures that affect millions of
people. As stated by Judge James Robertson, who served on the FISA Court from 2002 to 2005, the FISA
Court’s role in programmatic surveillance “is not adjudication, it is approval.”184 The approval process,
he noted, “works just fine when [the court] deals with individual applications for surveillance warrants,”
but when courts are asked to review policy determinations for compliance with the law, “they do so in
the context . . . of adversary process.”185 By requiring the FISA Court to review and approve entire
surveillance programs ex parte, the FAA “turned the FISA Court into something like an administrative
agency which makes and approves rules for others to follow.”186
Section 215, at first blush, appears much closer to the kind of warrant proceeding that has traditionally
taken place with only one party present because it seems to preserve individualized review in which
particular opposing interests are identifiable. But this apparent similarity is negated by the FISA Court’s
decision that the government may collect essentially all phone records to search for relevant records
buried within them.187 This program, too, now involves judicial approval, without any adversarial
process, of the broad contours of a program affecting much of the American population — a situation
that cannot be squared with the requirements of Article III.188
In addition to being constitutionally suspect, secret, non-adversarial proceedings are a bad way to make
law. The shortcomings are starkly illustrated by the FISA Court’s approval of bulk collection. The
question the court considered in 2006 — whether collecting the phone records of millions of admittedly
innocent Americans comports with the Constitution and the Patriot Act — was one of first impression
and overriding legal importance. Yet all of the evidence and all of the briefs were submitted by one
party: the government. Despite the gravity of the issue, the FISA Court did not exercise its authority to
solicit participation by amici curiae — knowledgeable outside parties who serve as “friends of the
court.” Instead, it granted the government’s request without even a written opinion (although one was
produced after Edward Snowden’s disclosures in 2013).189
The adversarial system does more than assure the due process rights of the parties. It ensures that all
relevant facts and legal arguments are aired, which in turn enables the tribunal to reach an accurate
decision. FISA Court judges are more likely to misinterpret the law if they hear only one side of the case.
As the Supreme Court stated in a different context:
[T]he need for adversary inquiry is increased by the complexity of the issues presented for adjudication.
. . . Adversary proceedings will not magically eliminate all error, but they will substantially reduce its
incidence by guarding against the possibility that the trial judge, through lack of time or unfamiliarity
with the information contained in and suggested by the materials, will be unable to provide the scrutiny
which the Fourth Amendment exclusionary rule demands.190
Of course, it is well understood that judges make mistakes; that is why the federal judicial system has
two levels of appeal. Indeed, the Supreme Court often waits for multiple lower courts to address an
issue before taking it up. This process of assessing, comparing, and honing decisions across jurisdictions
and levels of review make it more likely that the judicial system as a whole will get to the “right” result.
In the FISA context, however, there is no opportunity to appeal an erroneous grant of an application,
because the government is generally the only party.
Operating in their own echo chamber , and hearing from only one party, the chances that FISA Court
judges will misinterpret the law — and perpetuate that misinterpretation in subsequent decisions — is
high. When such misinterpretations involve fundamental questions of constitutional law that affect all
Americans, the error is anything but harmless.
The FAA’s primary purpose was to facilitate the capture of communications about
Americans
Goitein and Patel 15 - Elizabeth (Liza) Goitein co-directs the Brennan Center for Justice’s Liberty and National Security Program. Served
as counsel to Sen. Russell Feingold with a particular focus on government secrecy and privacy rights. Was a trial attorney in the Federal
Programs Branch of the Civil Division of the Department of Justice. Graduated from the Yale Law School and clerked for the Honorable Michael
Daly Hawkins on the U.S. Court of Appeals for the Ninth Circuit. Faiza Patel serves as co-director of the Brennan Center for Justice’s Liberty and
National Security Program. Clerked for Judge Sidhwa at the International Criminal Tribunal for the former Yugoslavia. Ms. Patel is a graduate of
Harvard College and the NYU School of Law. (Elizabeth and Faiza, “What went wrong with the FISA court”, Brennan Center for Justice at New
York University School of Law, 2015, //DM)
The FAA, which is still in place today, eliminated the requirement of an individual court order for
acquisition, within the United States, of communications to which U.S. persons are a party. Instead,
under a new section of FISA (Section 702) created by the FAA, the government may conduct a program
to collect any communications “targeting” a person or entity reasonably believed to be a non-U.S.
person overseas — including that person or entity’s communications with Americans in the United
States.162 In other words, the government no longer needs an individualized court order to acquire
Americans’ international calls and e-mails, as long as the American is not the “target” of the surveillance.
There are three primary limitations on this authority. First, the government must certify that obtaining
foreign intelligence information is a “significant purpose” of the collection. It need not be the only
purpose or even the main purpose, as discussed above;163 moreover, the certification of purpose
applies to the program as a whole, not to each target of surveillance under the program. Second, the
government must have in place targeting and minimization procedures that are approved by the FISA
Court. The targeting procedures must ensure that the program’s targets are indeed “reasonably
believed” to be foreigners overseas, while the minimization procedures must be “reasonably designed”
to minimize the collection and retention — and prohibit the sharing — of Americans’ information,
“consistent with the need of the United States to obtain, produce, and disseminate foreign intelligence
information.”164 Third, the law prohibits the government from engaging in “reverse targeting” — i.e.,
collecting the international communications of a foreigner abroad when the government’s true motive is
to target “a particular, known person reasonably believed to be in the United States.”165
The existence of targeting and minimization requirements, as well as a reverse targeting prohibition, has
enabled the government to portray Section 702 as a program designed to capture the communications
of non-U.S. persons abroad. Any collection of calls to or from Americans is described as “incidental.”166
This characterization is highly questionable. With the exception of e-mails stored in the United States,
the new law had no impact on the government’s ability to collect the communications of foreigners with
other foreigners. The sea change that the statute brought about was the elimination of a court order
requirement for the domestic capture of foreigners’ communications with Americans. The legislative
history makes clear that facilitating the capture of communications to, from, or about U.S. persons was
a primary purpose, if not the primary purpose, of the FAA .167
Moreover, the new law dramatically widened the pool of foreigners the government can target. Instead
of being limited to targeting foreign powers or agents of a foreign power, the government is permitted
to target any non-U.S. person overseas, as long as one of its goals is the acquisition of foreign
intelligence. As noted above, the statute’s definition of “foreign intelligence information” is exceedingly
broad when a foreign person is the target, encompassing any information that “relates to” the conduct
of foreign affairs or the country’s security.173 Programmatic surveillance under the FAA thus could
include the international communications (including communications with Americans) of almost any
non-U.S. person overseas. Of course, the greater the number of foreigners who can be targeted, the
greater the number of Americans whose international communications are likely to be caught up in
surveillance operations.
The court’s own role in approving government surveillance changed even more fundamentally.
Previously, the court determined, on a case-by-case basis, whether the government had probable cause
to believe that (1) the proposed target of surveillance was a foreign power or agent of a foreign power,
and (2) each of the specified facilities or places for surveillance were being used, or were about to be
used, by a foreign power or an agent of a foreign power. The court also approved minimization
requirements based on their sufficiency in the particular case before it. If the target was a U.S. person,
the court reviewed the government’s certifications — including the certification of a significant foreign
intelligence purpose — to ensure that they were not “clearly erroneous.”
Under Section 702, by contrast, the court has no role in approving individual intrusions at all. Rather, its
substantive role is limited to determining whether generic sets of targeting and minimization
procedures comply with the statute (which gives little direction as to what is required) and with the
Fourth Amendment.174 The court is not even informed of the specific targets of surveillance or the
facilities to be surveilled, let alone asked to approve them. And the court may not review the substance
of the government’s certifications, including its certification of a significant foreign intelligence purpose,
even for “clear error.”175
Lack of notice, standing requirements and parallel construction prevent challenging
FISA rulings
Goitein and Patel 15 - Elizabeth (Liza) Goitein co-directs the Brennan Center for Justice’s Liberty and National Security Program. Served
as counsel to Sen. Russell Feingold with a particular focus on government secrecy and privacy rights. Was a trial attorney in the Federal
Programs Branch of the Civil Division of the Department of Justice. Graduated from the Yale Law School and clerked for the Honorable Michael
Daly Hawkins on the U.S. Court of Appeals for the Ninth Circuit. Faiza Patel serves as co-director of the Brennan Center for Justice’s Liberty and
National Security Program. Clerked for Judge Sidhwa at the International Criminal Tribunal for the former Yugoslavia. Ms. Patel is a graduate of
Harvard College and the NYU School of Law. (Elizabeth and Faiza, “What went wrong with the FISA court”, Brennan Center for Justice at New
York University School of Law, 2015, p.34//DM)
In theory, there are three ways in which surveillance of particular targets may be challenged in an
adversary setting: targets may file civil claims; they may contest the surveillance in the course of legal
proceedings; and communications service providers who receive FISA orders may petition the FISA Court
to set them aside. In practice, however, none of these options provides a meaningful opportunity to
challenge surveillance.
The lack of notice to targets of FISA surveillance effectively negates any civil remedies, including FISA’s
provision allowing “aggrieved person[s] . . . who [have] been subjected to an electronic surveillance” to
sue for damages if the law has been violated.202 Plaintiffs who have attempted to file civil suits have
been rebuffed by courts on the ground that they cannot establish standing without proving that they
were targets of surveillance.203
If FISA-derived evidence is used in a criminal prosecution or other legal proceeding against a subject of
surveillance, the law requires the government to notify that person of this fact and allows him to file a
motion to suppress the evidence.204 However, the vast majority of foreign intelligence collected under
FISA will never find its way into a legal proceeding.205 Moreover, in recent years the government has
honored the notification requirement in the breach,206 sometimes using “parallel construction” — that
is, developing the same evidence through different means to avoid notification.207
Even when notification is provided, the subject of surveillance has never been permitted to view the
materials comprising the surveillance application, which renders any challenge an exercise in shadowboxing.208 Without the informed participation of counsel, judicial review in these proceedings is in
many ways a mere repetition of the ex parte review conducted by the FISA Court when it issued the
surveillance order — even though the initiation of legal proceedings often means the consequences of
error have become far greater, particularly in criminal cases where the defendant’s liberty is at stake.
In 2006 and 2008, Congress amended FISA to allow telecommunications companies that are the
recipients of certain FISA orders to challenge them.209 But these companies have no obligation to act in
the interest of those directly affected by the surveillance, namely, the targets. The insufficiency of this
mechanism is underscored by the fact that no company has ever challenged a court order to produce
phone records under the NSA’s bulk collection program,210 and only one company challenged
programmatic surveillance under the predecessor to the FAA.211
702 shoehorns in billions of domestic communications for surveillance
Goitein and Patel 15 - Elizabeth (Liza) Goitein co-directs the Brennan Center for Justice’s Liberty and National Security Program. Served
as counsel to Sen. Russell Feingold with a particular focus on government secrecy and privacy rights. Was a trial attorney in the Federal
Programs Branch of the Civil Division of the Department of Justice. Graduated from the Yale Law School and clerked for the Honorable Michael
Daly Hawkins on the U.S. Court of Appeals for the Ninth Circuit. Faiza Patel serves as co-director of the Brennan Center for Justice’s Liberty and
National Security Program. Clerked for Judge Sidhwa at the International Criminal Tribunal for the former Yugoslavia. Ms. Patel is a graduate of
Harvard College and the NYU School of Law. (Elizabeth and Faiza, “What went wrong with the FISA court”, Brennan Center for Justice at New
York University School of Law, 2015, p.41-42//DM)
As enacted in 1978, FISA required the government to show probable cause that the target of
surveillance was a foreign power or an agent of a foreign power. The FAA eliminated this requirement
for programmatic surveillance. The target of surveillance may be any non-U.S. person or entity located
overseas, and the FISA Court has interpreted the law to allow the government to obtain any
communications to, from, or about the target.258 The only limitation is a requirement that the
government certify that a significant purpose is the collection of “foreign intelligence.”
Consider how these changes could operate in practice. As noted in Part II.C.2, “foreign intelligence
information,” where non-U.S. persons are concerned, is broadly defined to include information “that
relates to . . . (A) the national defense or the security of the United States; or (B) the conduct of the
foreign affairs of the United States.”259 This elastic concept is unlikely to impose any meaningful
restraint — particularly since the FISA Court is not allowed to probe the government’s foreign
intelligence certification.260 The only real limitation on surveillance, then, is the target’s nationality and
location.
Given the prevalence of international communication today, the government could shoehorn literally
billions of communications (including communications with Americans) into a warrantless foreign
intelligence collection framework, as long as there is a chance that the net will pull in some information
relating to security or foreign affairs. This is plainly inconsistent with the admonition of most courts that
warrantless foreign intelligence surveillance must be “carefully limited” to “those situations in which the
interests of the executive are paramount.”261
In a 2008 opinion approving Section 702 targeting and minimization procedures, the FISA Court held
that limiting the foreign intelligence exception to foreign powers or their agents is unnecessary when
the target is a non-citizen overseas.262 This ruling ignores the fact that Section 702 is designed to
capture communications involving U.S. persons, and expressly contemplates that U.S. person
information may be kept and shared where minimization would be inconsistent with “the need of the
United States to obtain, produce, and disseminate foreign intelligence information.”263 Regardless of
who is labeled the “target,” Section 702 involves the acquisition and use of Americans’ information for
foreign intelligence purposes, in volumes that likely far exceed the collection in Truong and similar cases.
The need to construe the exception narrowly is thus at least as important in the Section 702 context.
702 is the justification for widespread squo domestic surveillance
Goitein and Patel 15 - Elizabeth (Liza) Goitein co-directs the Brennan Center for Justice’s Liberty and National Security Program. Served
as counsel to Sen. Russell Feingold with a particular focus on government secrecy and privacy rights. Was a trial attorney in the Federal
Programs Branch of the Civil Division of the Department of Justice. Graduated from the Yale Law School and clerked for the Honorable Michael
Daly Hawkins on the U.S. Court of Appeals for the Ninth Circuit. Faiza Patel serves as co-director of the Brennan Center for Justice’s Liberty and
National Security Program. Clerked for Judge Sidhwa at the International Criminal Tribunal for the former Yugoslavia. Ms. Patel is a graduate of
Harvard College and the NYU School of Law. (Elizabeth and Faiza, “What went wrong with the FISA court”, Brennan Center for Justice at New
York University School of Law, 2015, //DM)
It is no exaggeration to say that the world of electronic surveillance looks entirely different today than it
did in 1978 when the FISA Court was established to oversee foreign intelligence surveillance.
Communications technology and the legal framework have fundamentally changed, vastly increasing the
nature and quantity of information the government may collect — and decreasing the court’s role in
supervising these operations.
Although the Supreme Court in Keith attempted to distinguish between surveillance of domestic
organizations and surveillance of foreign powers, the demarcation was never clean and has become
ever more strained. Advances in technology mean that the exercise of authorities aimed at foreigners
abroad inevitably picks up swaths of information about Americans who should enjoy constitutional
protections. But rather than develop additional safeguards for this information, the law has developed
in the opposite direction: the government’s authority to collect communications pursuant to its foreign
intelligence-gathering authorities has expanded significantly. At the same time, the safeguard of judicial
review — already limited when FISA was first enacted in 1978 — has eroded to near-nothingness .
Indeed, in some cases, the role played by the FISA Court is so different from the normal function of a
court that it likely violates the Constitution’s separation of powers among the legislative, executive, and
judicial branches.
A. A Revolution in Communications Technology
The impact of advances in communications technology over the last decades cannot be overstated. In
1978, most domestic telephone calls were carried over copper wires,102 while most international calls
took place via satellite.103 To listen to a domestic call, the government had to identify the wire that
geographically connected the two ends of a communication and manually tap into it.104 Capturing a
satellite communication to or from a particular source required sophisticated equipment; resulting
databases were subject to practical limitations on storage and analytical capability.105 Cellular phones
were not commercially available,106 and the Internet existed only as a Department of Defense
prototype.107 Surveillance generally had to occur in real time, as electronic communications were
ephemeral and unlike later forms of communication (like e-mail) were not usually stored.
Today, a large proportion of communications — including e-mails and international phone calls — are
transmitted by breaking down information into digital packets and sending them via a worldwide
network of fiber-optic cables and interconnected computers.108 The government can access these
communications by tapping directly into the cables or into the stations where packets of data are
sorted.109 Digital information often is stored for long periods of time on servers that are owned by
private third parties, giving the government another way to obtain information, as well as access to a
trove of historical data. Most cell phone calls, along with other forms of wireless communication, travel
by radio signals that are easily intercepted.
These changes have weakened the relationship between the place where communications are
intercepted and the location (and nationality) of the communicants. For communications that travel
wholly or in part via packets, each packet may follow a different route, and the route may be unrelated
to the locations of the sender or recipient. An e-mail from a mother located in San Diego to her
daughter in New York could travel through Paris, and the contents might be stored by an online service
provider in Japan. But FISA, as enacted in 1978, is keyed to the location and nationality of the target and
the location of acquisition. As discussed further in Part II.B.3.a, the globalization of the communications
infrastructure has changed the way the law plays out in practice.110
Technological changes also have expanded the amount of information about Americans the government
can acquire under FISA. For one thing, globalization and advances in communications technology have
vastly increased the volume — and changed the nature — of international communications. The cost
and technological difficulties associated with placing international calls during the era of FISA’s passage
meant that such calls were relatively rare. In 1980, the average American spent less than 13 minutes a
year on international calls.111 Today, the number is closer to four and a half hours per person — a
thirty-fold increase.112 That number does not include the many hours of Skype, FaceTime, and other
Internet-based voice and video communications logged by Americans communicating with family,
friends, or business associates overseas. And, of course, the advent of e-mail has removed any barriers
to international communication that may have remained in the telephone context, such as multi-hour
time differences. Worldwide e-mail traffic has reached staggering levels: in 2013, more than 182.9
billion e-mails were sent or received daily.113 As international communication has become easier and
less costly, the content of communications is much more likely to encompass — and, in combination, to
create a wide-ranging picture of — the intimate details of communicants’ day-to-day lives.
Technology and globalization also have led to much greater mobility, which in turn has generated a
greater need to communicate internationally. Foreign-born individuals comprised around 6 percent of
the U.S. population when FISA was enacted but account for more than 13 percent today.114 Immigrants
often have family members and friends in their countries of origin with whom they continue to
communicate. Similarly, there has been a sharp increase in Americans living, working, or traveling
abroad, creating professional or personal ties that generate ongoing communication with non-citizens
overseas. The number of Americans who live abroad is nearly four times higher than it was in 1978 and
the number of Americans who travel abroad annually is nearly three times higher.115 The number of
American students who study abroad each year has more than tripled in the past two decades alone.116
These trends show no signs of abating, suggesting that the volume of international communications will
only continue to expand.
In addition, technological changes have made it likely that government attempts to acquire international
communications will pull in significant numbers of wholly domestic communications for which Congress
intended the government to obtain a regular warrant rather than proceeding under FISA. For instance, a
recently declassified FISA Court decision shows that when the NSA taps into fiberoptic cables, it pulls in
some bundles of data that include multiple communications — including communications that may not
involve the target of surveillance. The NSA claims that it is “generally incapable” of identifying and
filtering out such data bundles.117 The result is that the agency routinely collects large numbers of
communications — including “tens of thousands of wholly domestic communications ” between U.S.
persons — that are neither to, from, or about the actual “target.”118
For all of these reasons, the collection of foreign intelligence surveillance today involves Americans’
communications at a volume and sensitivity level Congress never imagined when it enacted FISA. If the
government wished to acquire the communications of a non-citizen overseas in 1978, any collection of
exchanges involving Americans could plausibly be described as “incidental.” Today, with international
communication being a daily fact of life for large numbers of Americans, the collection of their calls and
e-mails in vast numbers is an inevitable consequence of surveillance directed at a non-citizen overseas.
The volume of information collected on U.S. persons makes it difficult to characterize existing foreign
intelligence programs as focused solely on foreigners and thus exempt from ordinary Fourth
Amendment constraints.
Section 702 violates the 4th amendment – causes systematic domestic surveillance and
creates a back door around the warrant requirement
Goitein and Patel 15 - Elizabeth (Liza) Goitein co-directs the Brennan Center for Justice’s Liberty and National Security Program. Served
as counsel to Sen. Russell Feingold with a particular focus on government secrecy and privacy rights. Was a trial attorney in the Federal
Programs Branch of the Civil Division of the Department of Justice. Graduated from the Yale Law School and clerked for the Honorable Michael
Daly Hawkins on the U.S. Court of Appeals for the Ninth Circuit. Faiza Patel serves as co-director of the Brennan Center for Justice’s Liberty and
National Security Program. Clerked for Judge Sidhwa at the International Criminal Tribunal for the former Yugoslavia. Ms. Patel is a graduate of
Harvard College and the NYU School of Law. (Elizabeth and Faiza, “What went wrong with the FISA court”, Brennan Center for Justice at New
York University School of Law, 2015, p.38-39//DM)
Even if the collection of foreign intelligence is recognized as a “special need” that justifies surveillance
without a traditional warrant, the government still must meet the second prong of the Fourth
Amendment: the particular surveillance scheme must be “reasonable.”
In Camara, the Supreme Court recognized fire safety as a special need, but it did not simply give the
government free rein to search buildings at will. Instead, it required inspectors to obtain court orders
based on factors relevant to fire safety, such as the age and nature of the building and the condition of
the general area. Individualized orders still had to be obtained before the search, but the standards
were altered to match the special need.235 A similar arrangement may be required for foreign
intelligence. As Fourth Amendment expert Professor Orin Kerr has noted: “[T]here is a plausible case to
be made that foreign intelligence is a special need, but that [individualized] FISA warrants are still
required to conduct foreign intelligence surveillance.”236
Limits on the discretion vested in government officials are key to establishing the reasonableness of a
special needs scheme. For example, even though the Court on several occasions has authorized
checkpoints to assess motorists’ sobriety or examine their license and car registration, it has refused to
allow roving stops because they allow too much discretion on the part of government officials.237 The
Court has emphasized that meeting the reasonableness standard of the Fourth Amendment requires “at
a minimum, that the facts upon which an intrusion is based be capable of measurement against ‘an
objective standard,’ whether this be probable cause or a less stringent test.”238 This focus stems from
the Court’s concern about the potential for abuse of discretion; limiting this potential is a fundamental
purpose of requiring a warrant under the Fourth Amendment.
As explored in the text box on page 33, the Section 702 program contains few limits on the discretion of
analysts in deciding whether an individual is a non-U.S. person located overseas and therefore a valid
target for programmatic surveillance. The NSA’s targeting procedures set forth several considerations
that officials may consider, but ultimately allow the NSA to reach a conclusion based on “the totality of
the circumstances.” The government has even more discretion in deciding what information is fair
game: the statutory definition of foreign intelligence information is open-ended, and, under Section 702,
the court cannot review the substance of the government’s certification of a foreign intelligence
purpose. It is difficult to square these features of programmatic surveillance with the type of “objective
standards” that the Supreme Court has insisted on in the special needs context.
Moreover, even if the NSA’s targeting and collection met the reasonableness test, the entire program
cannot be deemed reasonable unless the government adequately “minimizes” the retention and use of
information about U.S. persons that gets pulled in along with information about the foreign target. The
FISA Court explicitly recognized this point when it found that the NSA violated the Fourth Amendment
by failing to mark and delete wholly domestic e-mails acquired incidentally.239 Although the NSA
remedied this violation to the court’s satisfaction, its minimization regime remains notably lax. U.S.
person information may be retained for 5 years, and there are multiple loopholes allowing for
longerterm retention — including a provision for the indefinite retention of encrypted
communications.240 As weak as the minimization rules are, reports suggest that they nonetheless are
honored in the breach, with analysts claiming that they must retain seemingly irrelevant information
about U.S. persons because the information may prove relevant in the future.241
A particularly stark affront to the principle of minimization is the practice known as “back-door
searches.” To obtain an order from the FISA Court authorizing programmatic collection, the government
must certify that its interest lies in foreigners overseas and not any U.S. persons with whom they may be
in contact. The law prohibits “reverse targeting,” in which the government targets a foreigner as a
pretext to gain information about a particular, known U.S. person.242 Consistent with these directives,
the minimization procedures governing programmatic surveillance originally barred the government
from using U.S. person identifiers to search the pool of communications obtained under Section 702.243
In 2011, the FISA Court granted the government’s request to lift this bar.244 Today, officials routinely
search through Section 702 data for information about the very U.S. persons the government certified it
was not targeting.245
This practice allows the government to dispense with the much stricter substantive and procedural
requirements that Congress put in place for obtaining foreign intelligence on an American target.246 It
also allows the FBI to shrug off the Fourth Amendment when conducting domestic criminal
investigations. The FBI performs searches of databases containing Section 702 data whenever it opens
an investigation or an “assessment”247 — a type of investigation in which agents do not have a factual
predicate to suspect criminal activity, let alone probable cause.248 Although the FISA Court has blessed
back-door searches, it is difficult to see how a program that allows domestic law enforcement officers to
listen to Americans’ calls and read their e-mails without any fact-based suspicion of wrongdoing can be
squared with the constitutional test of “reasonableness.”
AT: Minimization requirements solve
702 minimization requirements still allow the government to conduct unwarranted
surveillance of U.S. persons
Rotenberg, EPIC President and Executive Director, 6-16-15 [Electronic privacy information
center, non-profit research and educational organization established in 1994 to focus
public attention on emerging privacy and civil liberties issues.12 We work with a distinguished panel of
advisors in the fields of law, technology and public policy., COMMENTS OF THE ELECTRONIC PRIVACY
INFORMATION CENTER, file:///C:/Users/Jonah/Downloads/EPIC-12333-PCLOB-Comments-FINAL.pdf]
Schloss2
Use of USP data inadvertently collected under EO 12333 in criminal matters and without a warrant
violates American’s constitutional rights. EPIC Advisory Board member and national security law expert Laura Donohue
analogously describes how under Section 702, “NSA’s minimization procedures place a duty on the NSA to
turn over any information regarding the commission of a crime to law enforcement agencies,” and “used
against them in a court of law, without law enforcement ever satisfying Title III requirements.”161 Professor
Donohue cautions that, “query of databases using U.S. person identifiers may further implicate U.S. persons in
criminal activity—even acts unrelated to national security. But no individualized judicial process is required.”162 The
broad dissemination procedure under EO 12333 similarly “falls outside of constitutional boundaries.”163
As the Chief Justice recently explained, “the Fourth
Amendment was the founding generation’s response to
the reviled ‘general warrants’ and ‘writs of assistance’ of the colonial era, which allowed British officers
to rummage through homes in an unrestrained search of evidence of criminal activity.”164 Broad
dissemination procedures that fail to follow strict rules violates American’s constitutional rights, and broad
goals set out by Congress in the Privacy Act.
AT: CP links to terrorism – top level
702 not key to terror – other claims lack data
Bergen et al, 14 – a Professor of Practice at Arizona State University and a fellow at Fordham
University's Center on National Security (Peter Bergen, David Sterman, Emily Schneider, and Bailey
Cahall, “Do NSA's Bulk Surveillance Programs Stop Terrorists?”, New America Foundation, 1/13/2014,
https://static.newamerica.org/attachments/1311-do-nsas-bulk-surveillance-programs-stopterrorists/IS_NSA_surveillance.pdf)//MBB
It is difficult to determine the precise importance to counterterrorism of the NSA’s surveillance
programs under Section 702 in cases such as those above, because the NSA also conducts or has
conducted surveillance under a range of other authorities. Not only are there the traditional, targeted
FISA authorities and Section 702 of 2008’s FISA Amendments Act, there is also Executive Order 12333,
which primarily governs surveillance undertaken outside of the United States that is not targeted at U.S.
persons, as well as the authorities that were used prior to 2008 to justify the Bush administration’s
warrantless wiretapping program, those being the temporary Protect America Act of 2007 and President
Bush’s own claims of inherent executive authority. The attempt to divine how useful Section 702 has
been is also complicated by the fact that unlike the Section 215-based telephone metadata collection
program, the exact scope and methods of the 702-based programs are still unclear.
However, according to the White House review panel’s report, surveillance conducted under Section
702 authorities “has produced significant information in many, perhaps most, of the 54 situations in
which signals intelligence has contributed to the prevention of terrorist attacks since 2007.”82 But the
wording of the report also raises doubts about the importance of those contributions from Section 702,
because the report concludes that it would be “difficult to assess precisely how many of these
investigations would have turned out differently without the information learned through section
702.”83
Warrant requirements don’t undermine terrorism investigations – history, exigent
circumstances
Goitein and Patel 15 - Elizabeth (Liza) Goitein co-directs the Brennan Center for Justice’s Liberty and National Security Program. Served
as counsel to Sen. Russell Feingold with a particular focus on government secrecy and privacy rights. Was a trial attorney in the Federal
Programs Branch of the Civil Division of the Department of Justice. Graduated from the Yale Law School and clerked for the Honorable Michael
Daly Hawkins on the U.S. Court of Appeals for the Ninth Circuit. Faiza Patel serves as co-director of the Brennan Center for Justice’s Liberty and
National Security Program. Clerked for Judge Sidhwa at the International Criminal Tribunal for the former Yugoslavia. Ms. Patel is a graduate of
Harvard College and the NYU School of Law. (Elizabeth and Faiza, “What went wrong with the FISA court”, Brennan Center for Justice at New
York University School of Law, 2015 //DM)
First, the government argued that security leaks from a warrant hearing could threaten national security
or impede surveillance. The Supreme Court had rejected this contention in the context of domestic
intelligence operations (the Keith case).226 The D.C. Circuit found it equally unconvincing in the foreign
intelligence context.227 Indeed, the 35-year history of the FISA Court shows that judges and their staff
are well able to maintain the requisite secrecy.
Second, the government argued that obtaining a warrant in foreign intelligence cases would cause
unacceptable delay.228 It is evident, however, that not every instance of foreign intelligence
surveillance involves an urgent matter. Given the enormous scope of the NSA’s collection and its
repeated assertion that intelligence gathering often entails gathering innocuous pieces of a mosaic to
reveal a potential threat, it can hardly be argued that each piece of information involves a time sensitive
operation. And in truly urgent cases, the government may rely on a separate “exigent circumstances”
exception to the warrant requirement.229
Finally, the government argued that evaluating foreign intelligence surveillance is beyond the scope of
judicial expertise, citing the risk of harm to national security if a judge does not properly understand the
government’s foreign intelligence interest. The Zweibon court described this as relegating Fourth and
First Amendment interests “to the level of second-class rights,” and “naively equat[ing] all foreign
threats with such dangers as another Pearl Harbor.”230 The court believed it was self-evident that a
judge faced with a warrant application would take into account the magnitude of the threat identified
by the government so that “the probability that a judge would erroneously deny the Executive the
requested warrant approaches the infinitesimal.”231
Today, the government might well add a fourth argument: the sheer extent of foreign intelligence
surveillance necessary in the post-9/11 world makes the warrant requirement unworkable. Indeed,
significant additional resources would be required for the government to obtain individualized warrants
for all instances in which it currently captures communications between Americans and foreign targets.
On the other hand, this factor presumably would cause the government to be more judicious in
selecting targets. In any event, the need for significant additional resources cannot justify dispensing
with a warrant requirement. As the Supreme Court has observed, “The argument that a warrant
requirement would oblige the Government to obtain warrants in a large number of cases is hardly a
compelling argument against the requirement.”232
AT: CP links to terrorism – intelligence wall
A primary purpose test doesn’t erect a wall between the FBI and NSA
Patel and Goitein, 15 – *co-director of the Liberty and National Security Program at the Brennan Center
for Justice AND ** co-directs the Brennan Center for Justice’s Liberty and National Security Program
(Faiza and Liza, “Fixing the FISA Court by Fixing FISA: A Response to Carrie Cordero” 4/8, Lawfare,
http://www.lawfareblog.com/fixing-fisa-court-fixing-fisa-response-carrie-cordero
Carrie particularly disagrees with our recommendation that FISA surveillance should be available only if
obtaining foreign intelligence is the primary purpose of collection. She equates this recommendation
with a proposal to “rebuild ‘the wall.’” She suggests that “the wall” had catastrophic effects, citing a
statement by prosecutor Patrick Fitzgerald to the effect that he was not allowed even to speak with
intelligence investigators at the FBI while he was building a criminal case against Osama bin Laden.
Carrie ignores the legal issue at the center of this recommendation. Although the FISCR takes a different
view, the circuit courts that have addressed this issue have held that the “primary purpose” test is
necessary to trigger the foreign intelligence exception to the warrant requirement. Without such a
requirement, these courts observed, it would be far too easy for the government to avoid the warrant
requirement in ordinary criminal cases. Their concerns have come to pass, as the PCLOB reports that the
FBI “with some frequency” searches databases containing Section 702 data when opening criminal
investigations or assessments “unrelated to national security efforts.”
Critics of reform posit dire consequences to reinstating this vital Fourth Amendment protection. Our
report identified three flaws in the logic chain that purports to lead from the “primary purpose” test to
disaster, and Carrie’s argument tracks two of them precisely. First, our report notes that nothing in the
“primary purpose” test necessitated the particular limits that the Justice Department imposed on itself.
Carrie doesn’t dispute this point; instead, she states, “the reality is that the rules and restrictions were
put in place.” That’s a truism; it doesn’t suggest that the Justice Department would follow exactly the
same course today if a “primary purpose” test were reinstated. We strongly suspect the Department
would take a different approach in operationalizing this requirement.
Second, the problems that followed from the limits the Justice Department imposed on itself do not
appear to have resulted from the rules themselves – the FISA Court described these rules as permitting
“broad information sharing” and “substantial consultation and coordination” – but from a widespread
misunderstanding of what they required. Indeed, the 9/11 Commission described the term “the wall” as
“misleading,” and notes that the rules in question “were almost immediately misunderstood and
misapplied.”
Fitzgerald’s quote illustrates this point nicely. He says,
But there was one group of people we were not permitted to talk to. Who? The FBI agents across the
street from us in lower Manhattan assigned to a parallel intelligence investigation of Usama Bin Laden
and al Qaeda. We could not learn what information they had gathered.
That isn’t a remotely accurate description of what the rules required. Intelligence investigators and
prosecutors were not only allowed but required to talk to each other. While prosecutors could not
direct intelligence investigations, they could provide “guidance,” and investigators were required to
inform prosecutors if their investigations turned up information about serious crimes (and to provide
them with monthly briefings in any event). Investigators had to get higher-level approval to share
certain other kinds of information, but that’s hardly the same thing as prohibiting any communication.
The third flaw in the logic chain is the notion that “the wall” – or, more accurately, officials’ perception
of a wall – led to 9/11. Carrie doesn’t make this claim; in fact, she doesn’t mention any specific national
security damage that resulted from the wall. In any event, the 9/11 Commission Report makes pretty
clear that the failures to communicate critical information in advance of the attack had little to do with
the Justice Department’s rules and everything to do with bureaucratic incompetence.
The primary purpose test didn’t create an intelligence sharing wall – bad decisions pre
9/11 did
Goitein and Patel 15 - Elizabeth (Liza) Goitein co-directs the Brennan Center for Justice’s Liberty and National Security Program. Served
as counsel to Sen. Russell Feingold with a particular focus on government secrecy and privacy rights. Was a trial attorney in the Federal
Programs Branch of the Civil Division of the Department of Justice. Graduated from the Yale Law School and clerked for the Honorable Michael
Daly Hawkins on the U.S. Court of Appeals for the Ninth Circuit. Faiza Patel serves as co-director of the Brennan Center for Justice’s Liberty and
National Security Program. Clerked for Judge Sidhwa at the International Criminal Tribunal for the former Yugoslavia. Ms. Patel is a graduate of
Harvard College and the NYU School of Law. (Elizabeth and Faiza, “What went wrong with the FISA court”, Brennan Center for Justice at New
York University School of Law, 2015, //DM)
The hypothesis that the “primary purpose” test required the establishment of a “wall” which then led to
9/11 is flawed in a number of respects. Most fundamentally, the 9/11 Commission’s report showed that
the “wall” did not cause the lack of coordination that contributed to intelligence failures before 9/11. It
documented that CIA investigators, as well as FBI officials detailed to the CIA, had information months
before the attack that two of the hijackers were potential terrorists already in the United States. There
were many opportunities to share this information more broadly, and most of these opportunities were
squandered because of poor judgment calls by individual analysts.145 Moreover, the hypothesis
oversimplifies the relationship between the “primary purpose” test and “the wall.” While courts
signaled that they would look askance if criminal prosecutors were directing foreign intelligence
surveillance, no court held that the “primary purpose” test necessitated the particular limitations that
the Justice Department imposed on itself.146 Nor is it clear that chilling coordination was the direct and
inevitable result of implementing those limitations. According to the Attorney General’s Review Team,
the voluntary restraints that were in place between 1984 and 1993 “appear[] to have worked quite
satisfactorily . . . both from the perspective of the Criminal Division and that of the FBI.”147 At least
some of the impediments to coordination that subsequently emerged appear to have been a result of
officials’ conservative interpretation of the rules, rather than the rules themselves.148
AT: Perms
The permutation severs the text and meaning of the plan – FAA exclusivity bans the
individualized court order requirement – the CP makes it the exclusive requirement
for surveillance.
Patel and Goitein, 15 – *co-director of the Liberty and National Security Program at the Brennan Center
for Justice AND ** co-directs the Brennan Center for Justice’s Liberty and National Security Program
(Faiza and Liza, “Fixing the FISA Court by Fixing FISA: A Response to Carrie Cordero” 4/8, Lawfare,
http://www.lawfareblog.com/fixing-fisa-court-fixing-fisa-response-carrie-cordero
Our report notes that Section 702 had a limited effect on the government’s ability to collect
communications between foreigners without obtaining a FISA order; instead, its primary purpose and
effect was to remove the requirement of an individualized order for the acquisition of communications
between foreign targets and U.S. persons. Carrie responds that Section 702 was necessary because,
under FISA, “the pre-2008 definitions in FISA technically required that the government obtain a
probable-cause order from the Court in order to collect the communications of Terrorist A in
Afghanistan with Terrorist B in Iraq.” But, as we explain in our report, this was true only for one category
of foreign-to-foreign communications: e-mails stored on U.S. servers.
That’s because of the statute’s complicated definition of “electronic surveillance,” which is the activity
that FISA regulates. The definition is broken down into three types of surveillance: acquisition of wire
communications (which includes phone calls or Internet communications in transit over cables),
acquisition of radio communications (which includes calls or Internet communications in transit through
wireless means), and “monitoring” (which previously meant planting a bug, but today includes acquiring
stored e-mails). For the first two categories, acquisition is defined as “electronic surveillance” only if one
or more of the communicants is a U.S. person. In other words, for wire or radio communications
between foreigners, 1978 FISA simply had nothing to say; “monitoring” is the only category of foreignto-foreign communication that 1978 FISA regulated.
That’s why our report states that, “[w]ith the exception of e-mails stored in the United States, the new
law had no impact on the government’s ability to collect the communications of foreigners with other
foreigners.” Carrie is, of course, correct that Section 702 allows the government to obtain other types of
foreign-to-foreign communications without a court order… but so did 1978 FISA, so Section 702 made
no change there. The most significant change Section 702 made was to permit the acquisition of
communications between foreign targets and U.S. persons without a court order. Carrie does not
explain why this was necessary to allow the government to collect the communications of Terrorist A in
Afghanistan with Terrorist B in Iraq.
Reasonable suspicion CP
1nc Reasonable suspicion CP
Text – (rewrite the plan but replace ‘probable cause’ with ‘reasonable suspicion’.
Obviously only read this against an aff based on probable cause)
Reasonable suspicion with oversight solves the case but avoids terrorism
Sievert 14 * Professor, Bush School of Government and U.T. Law School, author of three editions of
Cases and Materials on US Law and National Security (Ronald, “Time to Rewrite the Ill-Conceived and
Dangerous Foreign Intelligence Surveillance Act of 1978”, National Security Law Journal Vol. 3, Issue 1 –
Fall 2014)//GK
Although the author believes this reasonable suspicion standard should apply to all FISA interceptions, the most urgent need, and the one that
may be most favorably considered by Congress, relates to the monitoring of Al Qaeda, ISIS (the Islamic State of Iraq and Syria, also known as
“ISIL”) and those who are attempting an attack with a WMD. Therefore, FISA
should be changed to allow interception where
there is reasonable suspicion to believe the target is a person subject to an AUMF or engaged in an
effort to employ a WMD in the United States or against U.S. facilities. Harvard Law professor Jack Goldsmith argued
when he was head of the Office of Legal Counsel in 2003 that both the AUMF as well as the concept of special needs should permit the
President to monitor Al Qaeda without going through the traditional requirements of the FISA statute. 272 His argument was later supported
by the wording of Hamdi v. Rumsfeld, stating that the AUMF allowed the President to utilize all necessary elements of military force against Al
Qaeda and the Taliban. 273 Surely, monitoring the enemy is one such element of military force. Goldsmith’s position is strongly opposed by
those who state that FISA requires the President to follow the procedures established by Congress and not act without FISA court approval.274
But assuming Congress can intrude on the President’s authority in this area, there is nothing preventing Congress from amending the FISA
statute to provide for more efficient interception when the target is the subject of an AUMF or planning a WMD attack. Abandoning
probable cause would certainly raise legal concerns similar to those expressed in United States v. Truong275 and by the
petitioners in In Re Sealed Case,276 if the intent and direct result was ordinary criminal prosecution as opposed to intelligence collection. At the
same time, an interception intended to obtain intelligence is likely to pick up evidence of national security crimes (sabotage, terrorism,
espionage). The government should be able to use this evidence under the doctrine that the government can use anything it finds while it is
legally present.277 The
solution in part would be to draw upon the 2001 FISA Court’s practice and prohibit
criminal division direction and control of intelligence wiretaps. In addition, as Judge Posner has suggested, “the use
of intercepted information for any other purpose other than investigating (or prosecuting) threats to
national security would be forbidden. Information could not be used as evidence or leads in the prosecution of ordinary
crime.”278 Finally, if the government thought it was likely to uncover criminal acts other than national security crimes, it would be wise in those
few cases to go the extra step and seek to demonstrate probable cause instead of reasonable suspicion before obtaining a judicial warrant.
Any public fears regarding the creation of a new FISA could be assuaged by establishing an independent
body to look after the concerns of the civilian community. We have seen such entities in Germany’s G-10 committee, the
U.K.’s Interception of Communications Commission, and Italy’s Data Protection Authority. These organizations perform a variety of roles, from
reviewing all surveillance after the fact to issuing reports to the legislature, or, in some cases, examining individual allegations of excessive
surveillance. An
American version of this independent body would exist alongside the judiciary, which
would grant the initial interception warrant based on a finding of reasonable suspicion. Any objective
individual who steps back and reviews the series of attempted attacks on the United States in the last
fifteen years understands our population is in great danger, and this is especially so if our adversaries
obtain some type of WMD. It is folly to hamstring our intelligence services by imposing a criminal law
search standard that is neither constitutionally required nor mandated by the recognized human rights
principles of the international community. It is imperative, therefore, that we correct the mistakes of the
past and enact a new, more effective Foreign Intelligence Surveillance Act.
2nc – reasonable suspicion solves
A reasonable suspicion standard solves better than probable cause – protects privacy
and avoids terrorism
Sievert 14 * Professor, Bush School of Government and U.T. Law School, author of three editions of
Cases and Materials on US Law and National Security (Ronald, “Time to Rewrite the Ill-Conceived and
Dangerous Foreign Intelligence Surveillance Act of 1978”, National Security Law Journal Vol. 3, Issue 1 –
Fall 2014)//GK
The analysis above, however, strongly suggests that a
statute authorizing intelligence surveillance warrants based on
reasonable suspicion alone would and should pass constitutional muster. Time and again the Supreme
Court has recognized that detailed searches can be conducted without establishing probable cause, even
when the results of those searches could, as with intelligence surveillance, potentially result in criminal prosecution. Such a statute
would insure that the government’s overwhelming interest in safeguarding our population would be
met far better than it is now with the obstacles created by the burdensome FISA standard of probable
cause. Privacy would be protected by a warrant process guaranteeing judicial control and guidance so that
surveillance could not be initiated for political, partisan, or personal reasons, and by the need to
demonstrate there was reasonable suspicion, or specific articulable facts to suspect a specific target. Congress overreacted
when it imposed the highest criminal law search standard on foreign intelligence surveillance and the result of their decision has proven
hazardous to the American people. Meanwhile, our
European allies have demonstrated a civilized respect for
individual privacy but, as will be discussed in the next section, many recognize that imposing such hurdles is far too
dangerous when it comes to protecting a nation’s security.
No constitutional requirement for probable cause exists
Sievert 14 * Professor, Bush School of Government and U.T. Law School, author of three editions of
Cases and Materials on US Law and National Security (Ronald, “Time to Rewrite the Ill-Conceived and
Dangerous Foreign Intelligence Surveillance Act of 1978”, National Security Law Journal Vol. 3, Issue 1 –
Fall 2014)//GK
In the words of Chief Justice Roberts, “As the text makes clear, ‘the ultimate touchstone of the Fourth Amendment is reasonableness.’” 159 In
other words, although the Fourth Amendment states that warrants should be supported by probable cause, the
ultimate test of the
constitutionality of a search is whether it is reasonable, not whether the government has established
probable cause. Noted constitutional law scholar Akhil Amar has written that those who seek to impose a “global
probable cause requirement have yet to identify even a single early case, treatise, or state constitution that
explicitly proclaims ‘probable cause’ as the prerequisite for all ‘searches and seizures.’”160 In National Treasury
Employees Union v. Von Raab, the Court stated that “neither a warrant nor probable cause, nor, indeed, any measure of individualized
suspicion, is an indispensable component of reasonableness in every circumstance.”161 Rather, the
reasonableness of a search is
determined essentially by balancing the government’s interest against the intrusion and expectation of
privacy in the particular context of the case.162 An analysis of the Supreme Court’s opinions demonstrates that
there really is no inherent constitutional requirement that the government show probable cause before
conducting a search for foreign intelligence purposes. In the past fifty years, the Court has repeatedly sanctioned searches conducted without
probable cause where significant safety and security concerns were present. The Court has not deviated from these holdings even where such
searches may very well uncover criminal activity and eventually result in prosecution.
Whistleblower protection
1nc – Whistleblower protection CP
CP Text:
The United States Federal Government should offer protection to whistleblowers who
leak classified data, if and only if such leaks provide evidence of wrongdoing.
Expanding whistleblower protection makes existing oversight effective
Schneier, 15, fellow at the Berkman Center for Internet and Society at Harvard Law School, a program
fellow at the New America Foundation's Open Technology Institute, a board member of the Electronic
Frontier Foundation, an Advisory Board Member of the Electronic Privacy Information Center, and the
Chief Technology Officer at Resilient Systems, Inc (Bruce, Data and Goliath: the Hidden Battles to Collect
Your Data and Control Your World, Ch. 13)//AK
PROTECT WHISTLEBLOWERS
Columbia law professor David Pozen contends that democracies need to be leaky— leaks and
whistleblowing are themselves security mechanisms against an overreaching government. In his view,
leaks serve as a counterpoint to the trend of overclassification and, ultimately, as a way for governments
to win back the trust lost through excessive secrecy.
Ethnographer danah boyd has called whistleblowing the civil disobedience of the information age; it
enables individuals to fight back against abuse by the powerful. The NGO Human Rights Watch wrote
that “those who disclose official wrongdoing … perform an important service in a democratic society… .”
In this way of thinking, whistleblowers provide another oversight mechanism. You can think of them as a
random surprise inspection. Just as we have laws to protect corporate whistleblowers, we need laws to
protect government whistleblowers. Once they are in place, we could create a framework and rules for
whistleblowing legally.
This would not mean that anyone is free to leak government secrets by claiming that he’s a
whistleblower. It just means that conscience-driven disclosure of official wrongdoing would be a valid
defense that a leaker could use in court—juries would have to decide whether it was justified—and that
reporters would legally be able to keep their sources secret. The clever thing about this is that it
sidesteps the difficult problem of defining “whistleblower,” and allows the courts to decide on a caseby-case basis whether someone’s actions qualify as such or not. Someone like Snowden would be
allowed to return to the US and make his case in court, which—as I explained in Chapter 7— currently
he cannot.
Additionally, we need laws that protect journalists who gain access to classified information. Public
disclosure in itself is not espionage, and treating journalism as a crime is extraordinarily harmful to
democracy.
2nc – whistleblower protection
Existing whistleblower laws fail only because of the classified information exemption
Pozen 13, Yale Law School, J.D., 2007 Oxford University, M.Sc., Comparative Social Policy (distinction),
2003 Yale College, B.A., Economics (summa cum laude), 2002, Columbia Law Professor, expert
surveillance legal analyst, (David, THE LEAKY LEVIATHAN: WHY THE GOVERNMENT CONDEMNS AND
CONDONES UNLAWFUL DISCLOSURES OF INFORMATION , SSRN)//AK
The federal whistleblower statutes might be expected to comprise the last major piece of the legal
framework, except that in the national security context they play a marginal role. Several laws protect
executive branch employees who disclose information regarding alleged abuses to designated agency
officials or congressional committees under specified procedures.63 But these laws offer significantly
less succor when it comes to classified information, are widely seen as confusing and user-unfriendly,
and under no circumstances permit disclosures directly to the press.64 These laws also do not ensure
against revocation of one’s security clearance,65 which in the national security and foreign policy fields
generally means loss of one’s job. And though the point is contestable, the laws are fairly read to
provide “absolutely zero protection” for those who publicly reveal classified information, even as a last
resort, and even when the information reveals illegal government conduct.66 The vast majority of
leakers have no interest in reporting wrongdoing in any event.67 Consequently, the whistleblower
statutes tend to be ignored in the debate over classified information leaking, apart from occasional calls
to revise them. It is telling that in Jack Goldsmith’s recent book-length study of mechanisms that
publicize and constrain the executive’s national security activities, these laws are never once mentioned.
Whistleblower protections from the CP solve transparency through intentional leaksthe key internal link to all the aff’s impacts
Pozen 13, Yale Law School, J.D., 2007 Oxford University, M.Sc., Comparative Social Policy (distinction),
2003 Yale College, B.A., Economics (summa cum laude), 2002, Columbia Law Professor, expert
surveillance legal analyst, (David, THE LEAKY LEVIATHAN: WHY THE GOVERNMENT CONDEMNS AND
CONDONES UNLAWFUL DISCLOSURES OF INFORMATION , SSRN)//AK
The federal whistleblower statutes might be expected to comprise Congress’s longstanding failure to
confront the executive secrecy system must be understood in light of these institutional and
memberlevel interests in leakiness. With some notable exceptions such as the bill vetoed by President
Clinton that would have strengthened the Espionage Act,333 Congress has done little to address
national security leaks or the classification system that underlies them. A variety of committees have
held hearings on high-profile incidents, and the intelligence committees have recently mooted measures
to curb certain forms of planting and pleaking. But in general legislative action has been minimal for
decades. Of particular note, members have declined to make use of the protection afforded by the
Constitution’s Speech or Debate Clause334 to reveal, or threaten to reveal, executive branch
information without fear of criminal or civil liability.335 One might expect that a responsible legislature
would try to steer classified information leaks its way, so as to preserve legitimate secrecy while
providing an outside check on the executive.336 Congress has largely bypassed this approach, which
would force it to take greater responsibility over the revelations that emerge, and has instead
countenanced minimal enforcement against media leakers while directing all prospective
whistleblowers to their agency inspectors general in the first instance.337 Many members of Congress
seem quite content to be regular readers (and perhaps occasional purveyors) rather than recipients of
leaks. Systematic recourse to leaking emerges, once again, as the more efficient and politically palatable
alternative to systematic legal reform.
Congress’s role in the ecosystem of national security leaks is a large and complex subject. Certain
congressional entities receive a steady flow of classified information through official channels,
supplemented by a side traffic in direct and indirect unofficial disclosures. Agencies typically incur
political risk if they try to limit this traffic by clamping down on staffers’ communications with their
oversight committees. Partisan motivations and sincere good-governance sentiments sustain a
perpetual interest on the Hill in leaks, along with a ready-made rhetoric of crisis about their prevalence.
The recent rise of a “commuter Congress,” in which many members spend as little time as possible in
Washington, may have helped strengthen relationships between elite reporters and less peripatetic
executive officials, shifting power to the latter in the intragovernmental game of leaks.
Transparency CP
1nc transparency CP
CP text: The United States Federal Government should
-increase transparency about US surveillance activities, adopt data minimization, and promote global
transparency standards
-eliminate any government efforts to introduce backdoors in software or weaken encryption
-establish international legal standards for government access to data
-strengthen U.S. mutual legal assistance treaties and pass the Law Enforcement Access to Data Stored
Abroad Act
-complete the Trans Pacific Partnership trade agreement to ban digital protectionism
The CP solves US tech leadership, US jobs, and the economy
Castro and McQuinn 15, Daniel Castro works at the Center for Data Innovation, Government
Technology, The Information Technology & Innovation Foundation, worked at the U.S. Government
Accountability Office, went to Carnegie Mellon. Alan McQuinn works at the Federal Communications
Commission, previously had the Bill Archer Fellowship at the University of Texas, (June 2015, “Beyond
the USA Freedom Act: How U.S. Surveillance Still Subverts U.S. Competitiveness”,
file:///C:/Users/Mark/Downloads/2015-beyond-usa-freedom-act.pdf)//AK
In the short term, U.S. companies lose out on contracts, and over the long term, other countries create
protectionist policies that lock U.S. businesses out of foreign markets. This not only hurts U.S.
technology companies, but costs American jobs and weakens the U.S. trade balance. To reverse this
trend, ITIF recommends that policymakers:
backdoors in
software or weaken encryption.
ual legal assistance treaties (MLATs).
Work to establish international legal standards for government access to data.
protectionism, and
pressure nations that seek to erect protectionist barriers to abandon those efforts.
2nc CP solvency top level
The combination of planks resolves all of the case – transparency, international
harmonization and trade solve every aff internal link
Castro and McQuinn 15, Daniel Castro works at the Center for Data Innovation, Government
Technology, The Information Technology & Innovation Foundation, worked at the U.S. Government
Accountability Office, went to Carnegie Mellon. Alan McQuinn works at the Federal Communications
Commission, previously had the Bill Archer Fellowship at the University of Texas, (June 2015, “Beyond
the USA Freedom Act: How U.S. Surveillance Still Subverts U.S. Competitiveness”,
file:///C:/Users/Mark/Downloads/2015-beyond-usa-freedom-act.pdf)//AK
The free and open Internet that powers the globally networked economy is dependent on the ability of
individuals and companies to engage in commerce without geographic restrictions. To turn back the tide
of technology protectionism, U.S. trade negotiators will need a stronger hand to play. They cannot go to
other nations and tell them to not discriminate against U.S. tech firms if the U.S. intelligence system
continues to follow policies that threaten their citizens and businesses. As a result, it is incumbent on
the Congress and the Obama administration to take the lead in showing the world the best standards for
transparency, cooperation, and accountability.
First, the U.S. government should be forthcoming and transparent about its surveillance practices and
clearly inform the public about the data it collects domestically and abroad. The U.S. government should
set the gold standard for international transparency requirements , so that it is clear what information
both U.S. and non-U.S. companies are disclosing to governments at home and abroad. The U.S.
government should then work with its allies to create an international transparency requirement that
illuminates when countries conduct surveillance that accesses foreign companies’ information.
Second, the U.S. government should draw a clear line in the sand and declare that the policy of the U.S.
government is to strengthen not weaken information security. The U.S. Congress should pass legislation,
such as the Secure Data Act introduced by Sen. Wyden (D-OR), banning any government efforts to
introduce backdoors in software or weaken encryption.43 In the short term, President Obama, or his
successor, should sign an executive order formalizing this policy as well. In addition, when U.S.
government agencies discover vulnerabilities in software or hardware products, they should responsibly
notify these companies in a timely manner so that the companies can fix these flaws. The best way to
protect U.S. citizens from digital threats is to promote strong cybersecurity practices in the private
sector.
Third, the U.S. government should strengthen its mutual legal assistance treaties (MLATs), which allow
law enforcement agencies to receive assistance from and provide assistance to their counterparts in
other countries. These treaties work through cooperation between both governments, which agree to
share information during lawful investigations. Some governments—such as China and the United
States—have begun to circumvent the MLAT process to access data stored in other countries because
they perceive the process to be too slow. 44 If this becomes the norm for the U.S. government, the end
game is clear: significantly fewer foreign businesses, governments, and citizens will do business with U.S.
companies. Rather than abandon the MLAT process, the U.S. government should work to improve it and
make these requests more transparent. While the U.S. government cannot force other governments to
improve their own MLAT process, it can set an example by streamlining its own and asserting that other
countries should do the same. The Law Enforcement Access to Data Stored Abroad (LEADS) Act, recently
introduced in the Senate by Sens. Orrin Hatch (R-Utah), Chris Coons (D-Del.) and Dean Heller (R-Nev.)
and in the House by Reps. Tom Marino (R-Pa.) and Suzan DelBene (D-Wash.), would do just that.45
Fourth, the U.S. government should work with its trade partners to establish international legal
standards for government access to data. The United States should engage with its trade partners to
develop a “Geneva Convention on the Status of Data.”46 This would create a multi-lateral agreement
that would establish international rules for transparency, settle questions of jurisdiction, engender
cooperation for better coordination of international law enforcement requests, and limit unnecessary
access by governments to citizens of other countries. Only by working to establish a global pact on these
issues can countries that have previously engaged in mass cyberespionage assure the international
community that countries can hold each other accountable in the future.
Finally, while many countries will continue to use U.S. surveillance practices as a pretext to pursue techmercantilist measures, the United States should not let these practices go unchallenged. The U.S.
government should push back against these barriers by completing trade agreements that eliminate
protectionism. The Trans-Pacific Partnership (TPP) may be the first U.S. trade agreement to enshrine
such strong free trade provisions for cross- border data flows. U.S. negotiators should ensure that other
agreements, including the Trans-Atlantic Trade and Investment Partnership (T-TIP), and the Trade in
Services Agreement (TISA), are equally strong. 47 The United States should build an alliance against bad
actors, forcing protectionist countries to the sidelines of the global trade arena if they continue to enact
these anti-competitive rules. Furthermore, as the U.S. Congress weighs future trade promotion
authority, it should direct U.S. negotiators to include prohibitions against protectionist barriers in all
future U.S. trade agreements.
For other nations, especially China, U.S. messages and actions need to be much tougher. If a country
resorts to protectionism on the pretext of guarding against U.S. surveillance, but its true end game is to
systemically exclude U.S. companies and distort its market for competitive advantage, then the U.S.
government should push back aggressively with trade measures that impose significant economic
penalties.
The LEADS Act alone would restore confidence in cloud computing
Maines 3/30/15 – contributor to the Hill and president of the Media Institute (Patrick, The LEADS Act
and cloud computing, The Hill, http://thehill.com/blogs/pundits-blog/technology/237328-the-leads-actand-cloud-computing)//JJ
Bipartisan legislation , introduced last month in the House and Senate, promises to reform and update
the antiquated Electronic Communications Privacy Act (ECPA) and in the process push back against the
practice by agencies of government to gain access to personal data stored on U.S. corporation servers
abroad.
The legislation, called the LEADS Act , is co-sponsored in the Senate by Sens. Orrin Hatch (R-Utah), Chris
Coons (D-Del.) and Dean Heller (R-Nev.), and in the House by Reps. Tom Marino (R-Pa.) and Suzan
DelBene (D-Wash.).
Short for "Law Enforcement Access to Data Stored Abroad," the LEADS Act's principal improvements on
ECPA are in recognizing that U.S. law enforcement may not use warrants to compel the disclosure of
customer content stored outside the United States unless the account holder is a U.S. person, and by
strengthening the process — called MLATs (mutual legal assistance treaties) — through which
governments of one country allow the government of another to obtain evidence in criminal
proceedings.
One of the better examples of the need for updating ECPA centers on a government warrant served on
Microsoft for the contents of the email of an Irish citizen stored on a Microsoft server in Dublin. The
government's interest in this individual is reported to be in connection with drug trafficking. Microsoft
denied the request and is currently embroiled in litigation, now before a federal appeals court.
At the mention of drug trafficking one imagines that many people might, at first glance, side with the
government in this. But consider the same scenario, only with the countries reversed. Imagine the
outrage if the Irish government demanded that a server located in the U.S. turn over to it the contents
of the personal email of a U.S. citizen!
The larger issue in the Microsoft case, and as addressed by the LEADS legislation, is the fear, especially
since the Edward Snowden revelations, that foreigners will lose confidence that the content of their
email on U.S. servers will be open to government inspection, and go elsewhere for the purpose.
Organizations like Forrester Research and the Information Technology and Innovation Foundation have
attempted to put a price tag on the cost to the U.S. cloud computing industry of what is called the
PRISM project, an outgrowth of the Protect America Act which authorizes the NSA to conduct metadata
searches of email. Those estimates are uneven, and evolving, but all the figures reported are in the
billions of dollars. And while PRISM operates on a different legal foundation than the one, ECPA, that is
the subject of the LEADS Act, there can be no question that if Microsoft were to lose its case, and in the
absence of the passage of the LEADS Act , U.S. cloud providers will suffer .
Nor is the suffering to be endured just by cloud computing companies. As published in a paper by the
Media Institute, media and privacy lawyer Kurt Wimmer makes a compelling case that media companies
may be especially sensitive to issues like those addressed by the Microsoft case and the LEADS Act
legislation:
In an era of tight budgets for newsrooms and infrastructure, cloud computing has helped many media
companies reduce costs and make their newsgathering operations more efficient and effective. It can be
much more efficient for a newsgathering and publishing operation to purchase a package of cloud-based
services (e.g., word processing, photography, publishing, storage) rather than maintain its own IT
department, servers, and software.
Although there are substantial advantages for media companies in adopting cloud-based technologies,
there are also risks. Newsgathering operations routinely handle highly sensitive information, and they
rely on a foundation of trust between reporters and their confidential sources. If a media organization
concludes that entrusting its data with a cloud service provider will result in that data being less private
or secure, then the organization is less likely to embrace cloud technologies. ...
This concern has been accentuated by the controversy surrounding Edward Snowden's disclosures in
2013 regarding government surveillance. Particularly for media organizations with headquarters or
operations outside the United States, the Snowden disclosures increased concern that if the companies
entrusted their data to a U.S. cloud provider, that would make it easier for U.S. law enforcement to
obtain their data.
For media companies, these are not abstract questions. As the Department of Justice (DOJ) recognized
in updating its rules regarding subpoenas to reporters, maintaining the confidentiality of the
newsgathering process is essential to both a free press and a working democracy. The DOJ now has
strong guidelines governing the considerations that will be considered before subpoenas will be directed
to reporters, but these are only internal guidelines and they only apply to the DOJ. The bipartisan
LEADS Act provides a path forward to update the law to permit the cloud to be more meaningful and
useful to media companies — and to others concerned about the privacy and security of their data. And
by doing so, Congress can bolster the competitiveness of an emerging and important area of our
information economy.
2nc – solves data localization
The CP solves global data localization
Hill 14 - technology and international affairs consultant, formerly worked in the Office of the
Cybersecurity Coordinator on the National Security Staff at the White House (Jonah, “The Growth of
Data Localization Post-Snowden: Analysis and Recommendations for U.S. Policymakers and Business
Leaders”, Conference on the Future of Cyber Governance, 5/1/14)//DBI
2. Create (or refocus) a senior U.S. government position to serve as the primary contact person and
advocate for U.S. industry global data issues
At present, there is no single point-person in the U.S. government coordinating data flow issues, or
advocating on behalf of the U.S. for freedom of data flows. The head of the Federal Trade Commission,
the U.S. Trade Representative, the Privacy and Civil Liberties Oversight Board, the Department of
Commerce (importantly, the Deputy Assistant Secretary for Services), the Chief Privacy Officer of the
NSA, several individuals within the Department of State (importantly the U.S. Coordinator for
International Communications and Information Policy) as well as many, many others, are all working on
the problem, but largely separately, with inevitably separate institutional viewpoints and objectives.
While multiple individuals and agencies should be addressing the issue simultaneously, there is a need
for a single coordinating office to track and manage this vital economic issue. Perhaps an office of Chief
Privacy Officer in the U.S. State Department and/or U.S. Trade Representative could be developed, or
the newly-created White House Chief Privacy Officer position could take on this broader international
responsibility. President Obama has suggested, in a speech delivered at the U.S. Department of Justice
on January 17, 2014, that his administration plans to create a new position at the U.S. State Department
“to coordinate [American] diplomacy on issues related to technology and signals intelligence.”121 This
new role – which has only been vaguely described – could also potentially fill the leadership vacuum
within the U.S. government on these issues. However the reorganization happens, is clear that the
current bureaucratic arrangement needs to be restructured to ensure that the anti- localization
outreach strategy is effectively coordinated and harmonized across the entire U.S. government and
among U.S. industry leaders.
3. Reform and streamline the Mutual Legal Assistance Treaty process
The cumbersome MLAT process has proven to be one of the leading motivations behind many
localization proposals . In order to expedite the MLAT process, the Department of Justice’s should
develop an online MLAT submission form, and devote the resources necessary to respond in a timely
fashion, recognizing the urgency of many law enforcement requirements. In addition, the Department of
Justice should (consistent with the reasonable confidentiality requirements of sound law enforcement)
also publish regular government transparency reports, including breakdowns of number of requests
received from different countries, the response provided, the crimes to which the requests relate, and
the time each request required, and should provide clear, public guidance on what information can be
obtained through an MLAT. These reports would not only result in an anticipated speed-up of response
time (no one wants publicly to be shown to be dilatory), but would also demonstrate to foreign law
enforcement personnel that their queries are receiving treatment not meaningfully less prompt than are
other nations’ requests of a similar nature.122
Transparency solves – XO12333
The CP creates transparency and minimization standards for XO12333
Rotenberg, EPIC President and Executive Director, 6-16-15 [Electronic privacy information
center, non-profit research and educational organization established in 1994 to focus
public attention on emerging privacy and civil liberties issues.12 We work with a distinguished panel of
advisors in the fields of law, technology and public policy., COMMENTS OF THE ELECTRONIC PRIVACY
INFORMATION CENTER, file:///C:/Users/Jonah/Downloads/EPIC-12333-PCLOB-Comments-FINAL.pdf]
Schloss2
The basic pillars of data privacy impose comparable transparency obligations. For example, the Privacy Guidelines of
the Organization for Economic Co-operation and Development call on data controllers—government or otherwise—to adopt a “general
policy of openness about developments, practices and policies with respect to personal data.” Similarly, the
Fair Information Practices set forth by the Secretary's Advisory Committee on Automated Personal Data Systems prescribe (1) that “there
must be a way for an individual to find out” how information collected about her is used, and (2) that there
must be a way for an individual to prevent information “obtained for one purpose from being used or made available for other purposes”
without her consent.121 The
data collected under EO 12333 should be held to the sesame standards.
In view of the above, the Board should ensure that the NSA, the CIA, and any other entity collecting data
pursuant to EO 12333 publicly disclose detailed polices and procedures for retaining, minimizing, using,
and disseminating that data. Though both the NSA and CIA have released bare-bones descriptions of
their data handling policies and procedures,122 these documents are much too brief and superficial to
assess the strength of the agencies’ privacysafeguards.123 Greater transparency is required so that the
public may “evaluate the degree to which its privacy is currently protected . . . .”124
That solves the perception of abuse
Rotenberg, EPIC President and Executive Director, 6-16-15 [Electronic privacy information
center, non-profit research and educational organization established in 1994 to focus
public attention on emerging privacy and civil liberties issues.12 We work with a distinguished panel of
advisors in the fields of law, technology and public policy., COMMENTS OF THE ELECTRONIC PRIVACY
INFORMATION CENTER, file:///C:/Users/Jonah/Downloads/EPIC-12333-PCLOB-Comments-FINAL.pdf]
Schloss2
There is a broad consensus on the need to minimize data collected under EO 12333, particularly when that
data concerns USPs. Congress, legislating through the Privacy Act, has mandated that any agency that collects identifying
records about USPs maintain “only such information about an individual as is relevant and necessary to
accomplish a purpose of the agency required to be accomplished by statute or by executive order of the
President.”125
President Obama
has specifically highlighted the importance of data minimization in an intelligencegathering context. PPD 28 requires that agencies in the IC “establish policies and procedures reasonably
designed to minimize the dissemination and retention of personal information,” noting that “long-term
storage of personal information unnecessary to protect our national security is inefficient, unnecessary, and
raises legitimate privacy concerns.”126 The
President’s Review Group on Intelligence and Communications Technologies has similarly advised that if an intercepted
communication “includes a United States person as a participant or reveals information about a United
States person . . . any information about that United Statesperson should be purged upon detection
unless it either has foreign intelligence value or is necessary to prevent serious harm to others.”127
Even the NSA has acknowledged the risks of failing to use minimization procedures. Overbroad retention
of data means that the agency “may possibly fail to completely remove data[it] was not authorized to
acquire” and “may potentially lose data because of ‘spillage,’ improper intentional disclosure, or
malicious exfiltration.”128 The subsequent dissemination of improperly retained data means that the agency “could
inappropriately share information that does not have a foreign intelligence purpose, or is based on data that is
required to be removed” and “may possibly disseminate more information than is relevant to foreign intelligence.”129
These concerns have long been reflected in the basic tenets of data privacy. In 1977, the Privacy Protection Study Commission—drawing on the
Code of Fair Information Practices—urged that there be limits “on the internal uses of information about an individual within a record-keeping
organization” and “on the external disclosures of information about an individual. . . .”130 The National Strategy for Trusted Identities in
Cyberspace echoed this in a 2011 report, announcing a “Data Minimization” principle: “Organizations
should only collect PII that
is directly relevant and necessary to accomplish the specified purpose(s) and only retain PII for as long as
is necessary to fulfill the specified purpose(s).
In view of the above, the Board should ensure that the NSA, the CIA, and any other entity collecting data
pursuant to EO 12333 minimize the retention of PII by using robust privacy enhancing techniques. Such
measures are necessary “to ensure that information belonging to both U.S. and non-U.S. persons is
used, retained and disseminated only when necessary for the protection of specifically articulated U.S.
national security interests and in a manner that produces the least intrusion on rights necessary to
secure those interests.”132
Transparency solves backlash
Surveillance transparency is key to a free society and dampening societal backlash
over surveillance
Schneier, 15, fellow at the Berkman Center for Internet and Society at Harvard Law School, a program
fellow at the New America Foundation's Open Technology Institute, a board member of the Electronic
Frontier Foundation, an Advisory Board Member of the Electronic Privacy Information Center, and the
Chief Technology Officer at Resilient Systems, Inc (Bruce, Data and Goliath: the Hidden Battles to Collect
Your Data and Control Your World, Ch. 12)//AK
Transparency is vital to any open and free society. Open government laws and freedom of information
laws let citizens know what the government is doing, and enable them to carry out their democratic
duty to oversee its activities. Corporate disclosure laws perform similar functions in the private sphere.
Of course, both corporations and governments have some need for secrecy, but the more they can be
open, the more we can knowledgeably decide whether to trust them. Right now in the US, we have
strong open government and freedom of information laws, but far too much information is exempted
from them. For personal data, transparency is pretty straightforward: people should be entitled to know
what data is being collected about them, what data is being archived about them, and how data about
them is being used—and by whom. And in a world that combines an international Internet with countryspecific laws about surveillance and control, we need to know where data about us is being stored. We
are much more likely to be comfortable with surveillance at any level if we know these things. Privacy
policies should provide this information, instead of being so long and deliberately obfuscating that they
shed little light.
We also need transparency in the algorithms that judge us on the basis of our data, either by publishing
the code or by explaining how they work. Right now, we cannot judge the fairness of TSA algorithms
that select some of us for “special screening.” Nor can we judge the IRS’s algorithms that select some of
us for auditing. It’s the same with search engine algorithms that determine what Internet pages we see,
predictive policing algorithms that decide whom to bring in for questioning and what neighborhoods to
patrol, or credit score algorithms that determine who gets a mortgage. Some of this secrecy is necessary
so people don’t figure out how to game the system, but much of it is not. The EU Data Protection
Directive already requires disclosure of much of this information. It may seem as if I am contradicting
myself. On one hand, I am advocating for individual privacy over forced surveillance. On the other, I am
advocating for government and corporate transparency over institutional secrecy. The reason I say yes
to both lies in the existing power imbalance between people and institutions. Institutions naturally wield
more power than people. Institutional secrecy increases institutional power, and that power differential
grows. That’s inherently bad for personal liberty. Individual privacy increases individual power, thereby
reducing that power differential. That’s good for liberty. It’s exactly the same with transparency and
surveillance. Institutional transparency reduces the power imbalance, and that’s good. Institutional
surveillance of individuals increases the power imbalance, and that’s bad.
AT: Leaks bad
Leaks are inevitable- the CP gets out in front of them
Schneier, 15, fellow at the Berkman Center for Internet and Society at Harvard Law School, a program
fellow at the New America Foundation's Open Technology Institute, a board member of the Electronic
Frontier Foundation, an Advisory Board Member of the Electronic Privacy Information Center, and the
Chief Technology Officer at Resilient Systems, Inc (Bruce, Data and Goliath: the Hidden Battles to Collect
Your Data and Control Your World, Ch. 12)//AK
Transparency doesn’t come easily. The powerful do not like to be watched. For example, the police are
increasingly averse to being monitored. All over the US, police harass and prosecute people who
videotape them, and some jurisdictions have ruled it illegal. Cops in Chicago have deliberately obscured
cameras, apparently attempting to conceal their own behavior. The San Diego Police Department denies
all requests for police videos, claiming that they’re part of ongoing investigations. During the 2014
protests in Ferguson, Missouri, after the police killed an unarmed black man, police routinely prevented
protesters from recording them, and several reporters were arrested for documenting events. Los
Angeles police even went so far as to sabotage court-mandated voice recorders in their patrol cars.
Governments and corporations routinely resist transparency laws of all kinds. But the world of secrecy is
changing. Privacy-law scholar Peter Swire writes about a declining half-life of secrets. What he observed
is that, in general, secrets get exposed sooner than they used to. Technology is making secrets harder to
keep, and the nature of the Internet makes secrets much harder to keep long-term. The push of a
“send” button can deliver gigabytes across the Internet in a trice. A single thumb drive can hold more
data every year. Both governments and organizations need to assume that their secrets are more likely
to be exposed, and sooner, than ever before.
One of the effects of a shrinking half-life for secrets is that their disclosure is more damaging. One of
Snowden’s documents indicated that the NSA spied on the cell phone of German chancellor Angela
Merkel. The document is undated, but it’s obviously from the last few years. If that document had
become public 20 years from now, the reaction in Germany would have been very different from the
public uproar that occurred in 2013, when Merkel was still in office and the incident was current events
rather than historical.
Cultural changes are also making secrets harder to keep. In the old days, guarding institutional secrets
was part of a lifelong culture. The intelligence community would recruit people early in their careers and
give them jobs for life. It was a private men’s club, one filled with code words and secret knowledge. The
corporate world, too, was filled with lifers. Those days are gone. Many jobs in intelligence are now
outsourced, and there is no job-for-life culture in the corporate world anymore. Workforces are flexible,
jobs are outsourced, and people are expendable. Moving from employer to employer is now the norm.
This means that secrets are shared with more people, and those people care less about them. Recall
that five million people in the US have a security clearance, and that a majority of them are contractors
rather than government employees.
There is also a greater belief in the value of openness, especially among younger people. Younger
people are much more comfortable with sharing personal information than their elders. They believe
that information wants to be free, and that security comes from public knowledge and debate. They
have said very personal things online, and have had embarrassing photographs of themselves posted on
social networking sites. They have been dumped by lovers in public online forums. They have
overshared in the most compromising ways—and they survived intact. It is a tougher sell convincing this
crowd that government secrecy trumps the public’s right to know.
These technological and social trends are a good thing. Whenever possible, we should strive for
transparency.
NSA exaggerates the impact of leaks – New York Times incident proves
Currier 6/26 - journalist with a focus on national security, foreign affairs, and human rights (Cora
Currier, “HOW THE NSA STARTED INVESTIGATING THE NEW YORK TIMES’ WARRANTLESS WIRETAPPING
STORY”, The Intercept, 6/26/2015, https://firstlook.org/theintercept/2015/06/26/nsa-startedinvestigating-new-york-times-original-warrantless-wiretapping-story/)//MBB
Three days after the New York Times revealed that the U.S. government was secretly monitoring the
calls and emails of people inside the United States without court-approved warrants, the National
Security Agency issued a top-secret assessment of the damage done to intelligence efforts by the story.
The conclusion: the information could lead terrorists to try to evade detection. Yet the agency gave no
specific examples of investigations that had been jeopardized.
The December 2005 bombshell story, by James Risen and Eric Lichtblau, set off a debate about the
George W. Bush administration’s expansion of spying powers after the 9/11 attacks, and also about the
Times editors’ decision to delay its publication for a year. White House officials had warned the Times
that revealing the program would have grave consequences for national security.
The NSA’s damage assessment on the article — referred to as a “cryptologic insecurity” — is among the
files provided by former NSA contractor Edward Snowden. The memo recounts meetings in 2004 and
2005 in which administration officials disclosed “certain details of the special program to select
individuals from the New York Times to dissuade them from publishing a story on the program at that
time.”
The memo gives a general explanation of what terrorists might do in reaction to the information
revealed. It was “likely” that terrorists would stop using phones in favor of mail or courier, and use
encryption and code words. They could also plant false information, knowing the U.S. government was
listening. But the leaked program had not “been noted in adversary communications,” according to the
memo. It gave no specific examples of investigations or targets that had or might be impacted by the
revelations.
“To this day we’ve never seen any evidence — despite all the claims they made to keep us from
publishing — that it did any tangible damage to national security. This is further confirmation of that,”
Lichtblau told The Intercept.
“The reality was that the story told Americans what they didn’t know about how the system was being
stretched; it didn’t tell terrorists anything that they didn’t know, that the U.S. was aggressively trying to
gather their communications,” he said.
Oversight CP
Oversight CP – 1nc
CP text: The United States federal government should
-establish an external auditor to manage NSA oversight
-establish a public advocate to oversee surveillance applications
-establish a committee mirroring the Church Committee from the 1980s to extensively research the
NSA, CIA, and FBI
-make the FISA court judge a senate-appointed position
CP solves NSA perception and transparency and has a stronger internal link than the
aff to US credibility overall
Schneier, 15, fellow at the Berkman Center for Internet and Society at Harvard Law School, a program
fellow at the New America Foundation's Open Technology Institute, a board member of the Electronic
Frontier Foundation, an Advisory Board Member of the Electronic Privacy Information Center, and the
Chief Technology Officer at Resilient Systems, Inc (Bruce, Data and Goliath: the Hidden Battles to Collect
Your Data and Control Your World, Ch. 13)//AK
More members of Congress must commit to meaningful NSA reform. We need comprehensive strategic
oversight by independent government agencies, based on full transparency. We need meaningful rules
for minimizing data gathered and stored about Americans, rules that require the NSA to delete data to
which it should not have access. In the 1970s, the Church Committee investigated intelligence gathering
by the NSA, CIA, and FBI. It was able to reform these agencies only after extensive research and
discovery. We need a similar committee now. We need to convince President Obama to adopt the
recommendations of his own NSA review group. And we need to give the Privacy and Civil Liberties
Oversight Board real investigative powers.
Those recommendations all pertain to strategic oversight of mass surveillance. Next, let’s consider
tactical oversight. One primary mechanism for tactical oversight of government surveillance is the
warrant process. Contrary to what many government officials argue, warrants do not harm security.
They are a security mechanism, designed to protect us from government overreach.
Secret warrants don’t work nearly as well. The judges who oversee NSA actions are from the secret FISA
Court. Compared with a traditional court, the FISA Court has a much lower standard of evidence before
it issues a warrant. Its cases are secret, its rulings are secret, and no one from the other side ever
presents in front of it. Given how unbalanced the process it is, it’s amazing that the FISA Court has
shown as much backbone as it has in standing up to the NSA (despite almost never rejecting a warrant
request).
Some surveillance orders bypass this process entirely. We know, for example, that US Cellular received
only two judicially approved wiretap orders in 2012—and another 10,801 subpoenas for the same types
of information without any judicial oversight whatsoever. All of this needs to be fixed.
Start with the FISA Court. It should be much more public. The FISA Court’s chief judge should become a
position that requires Senate confirmation. The court should publish its opinions to the extent possible.
An official public interest advocate should be assigned the task of arguing against surveillance
applications. Congress should enact a process for appealing FISA rulings, either to some appellate court
or to the Supreme Court.
But more steps are needed to put the NSA under credible tactical oversight. Its internal procedures are
better suited to detecting activities such as inadvertent and incorrect surveillance targeting than they
are to detecting people who deliberately circumvent surveillance controls, either individually or for the
organization as a whole. To rectify this, an external auditor is essential. Making government officials
personally responsible for overreaching and illegal behavior is also important. Not a single one of those
NSA LOVEINT snoops was fired, let alone prosecuted. And Snowden was rebuffed repeatedly when he
tried to express his concern internally about the extent of the NSA’s surveillance on Americans.
Other law enforcement agencies, like the FBI, have their own internal oversight mechanisms. Here, too,
the more transparency, the better. We have always given the police extraordinary powers to investigate
crime. We do this knowingly, and we are safer as a society because of it, because we regulate these
actions and have some recourse to ensure that the police aren’t abusing them. We can argue about how
well these are working in the US and other countries, but the general idea is a sound one.
Cybersecurity CP
1nc – nearly all PIC
The United States federal government should appoint an independent oversight
commission that reviews zero day vulnerabilities, under a mandate to patch nearly all
possible vulnerabilities and disclose nearly all cyber bugs it fixes.
The CP solves for US credibility, transparency, and enhances cybersecurity, but
prevents unilateral disarmament
Schneier, 15, fellow at the Berkman Center for Internet and Society at Harvard Law School, a program
fellow at the New America Foundation's Open Technology Institute, a board member of the Electronic
Frontier Foundation, an Advisory Board Member of the Electronic Privacy Information Center, and the
Chief Technology Officer at Resilient Systems, Inc (Bruce, Data and Goliath: the Hidden Battles to Collect
Your Data and Control Your World, Ch. 13)//AK
As I discussed in Chapter 11, a debate is going on about whether the US government —specifically, the
NSA and US Cyber Command—should stockpile Internet vulnerabilities or disclose and fix them. It’s a
complicated problem, and one that starkly illustrates the difficulty of separating attack and defense in
cyberspace.
An arms race is raging in cyberspace right now. The Chinese, the Russians, and many other countries are
also hoarding vulnerabilities. If we leave a vulnerability unpatched, we run the risk that another country
will independently discover it and use it in a cyberweapon against us and our allies. But if we patch all
the vulnerabilities we find, there goes our armory.
Some people believe the NSA should disclose and fix every bug it finds. Others claim that this would
amount to unilateral disarmament. President Obama’s NSA review group recommended something in
the middle : that vulnerabilities should only be hoarded in rare instances and for short periods of time.
I have made this point myself. This is what the NSA, and by extension US Cyber Command, claims it is
doing: balancing several factors, such as whether anyone else is likely to discover the vulnerability—
remember NOBUS from Chapter 11—and how strategic it is for the US. The evidence, though, indicates
that it hoards far more than it discloses.
This is backwards. We have to err on the side of disclosure. It will especially benefit countries that
depend heavily on the Internet’s infrastructure, like the US. It will restore trust by demonstrating that
we’re putting security ahead of surveillance. While stockpiled vulnerabilities need to be kept secret, the
more we can open the process of deciding what kind of vulnerabilities to stockpile, the better. To do this
properly, we require an independent government organization with appropriate technical expertise
making the decisions.
In today’s cyberwar arms race, the world’s militaries are investing more money in finding and purchasing
vulnerabilities than the commercial world is investing in fixing them. Their stockpiles affect the security
of us all. No matter what cybercriminals do, no matter what other countries do, we in the US need to err
on the side of security by fixing almost all the vulnerabilities we find and making the process for
disclosure more public. This will keep us safer, while engendering trust both in US policy and in the
technical underpinnings of the Internet.
1nc – NIST CP
The United States should remove the requirement that the NSA be consulted on
encryption standards and prohibit the NSA from using appropriated funds to interfere
with National Institute of Standards and Technology’s encryption standards
Solves cybersecurity – sets better international standards for data encryption
Kehl 14 - Danielle Kehl is a Policy Analyst at New America’s Open Technology Institute (OTI) (Danielle, “Surveillance Costs: The NSA’s Impact
on the Economy, Internet Freedom & Cybersecurity”, New America’s Open Technology Institute,
https://www.newamerica.org/downloads/Surveilance_Costs_Final.pdf//DM)
Because of United States’ critical role in the development of the Internet, U.S.-based organizations and
government agencies have historically been central to standards setting and oversight of key Internet
functions, particularly through the National Institute of Standards and Technology (NIST). NIST is the
Commerce Department agency responsible for setting scientific and technical standards that both the
government and the private sector rely upon.239 As outlined in the 2002 Federal Information Security
Management Act (FISMA), NIST has a statutory obligation to consult with the NSA on certain standards
and guidelines “to assure, to the maximum extent feasible, that such standards and guidelines are
complementary with standards and guidelines developed for national security systems.”240 The
Snowden leaks revealed that the NSA took advantage of that position to influence the standards-setting
process to weaken encryption standards to the agency’s benefit. According to documents released by
The Guardian, The New York Times, and ProPublica in September 2013, the NSA “worked covertly to get
its own version of a draft security standard issued by the US National Institute of Standards and
Technology approved for worldwide use in 2006.”241 This standard was later adopted by the
International Organization for Standardization, a body with membership from countries all over the
world. A number of experts suspected that the NSA had engineered a weakness in the standard that two
Microsoft cryptographers discovered in 2007, and the classified memos released last year apparently
confirm that this was the case. According to The New York Times, “The N.S.A. wrote the standard and
aggressively pushed it on the international group, privately calling the effort ‘a challenge in finesse.’”242
A few days after details about the compromised standard were revealed by the press, RSA Security—an
American network security company that publicly fought against the Clipper Chip in the 1990s243—
privately alerted its customers that they should stop using an encryption algorithm that had been
influenced by the NSA. Officials advised customers that one of the cryptography components in the
BSAFE toolkit and Data Protection Manager by default used a specification known as Dual_EC_DRBG
when generating keys.244 Although NIST approved Dual_EC_DRBG in 2006, the Snowden documents
revealed that the random number generator contained a vulnerability engineered by the NSA. According
to the Wall Street Journal, the announcement marked one of the first times that a security company had
acknowledged the U.S. government’s involvement in direct tampering with a product in order to
facilitate access.245 The BSAFE library has been used in a number of products, including some versions
of the McAfee Firewall Enterprise Control Center, and, according to Ars Technica, the backdoor “means
that an untold number of third-party products may be bypassed not only by advanced intelligence
agencies, but possibly by other adversaries who have the resources to carry out attacks that use
specially designed hardware to quickly cycle through possible keys until the correct one is guessed.”246
Documents released a few months later, in December 2013, revealed that RSA had a secret $10 million
contract with the NSA wherein the security company agreed to set the compromised standard as the
default in a number of its BSAFE products.247
Many cryptographers and security researchers have been skeptical of the NIST process for years,
although they are heavily reliant upon the organization for everything from random number generators
to more complex functions.248 While NIST has said it would never “deliberately weaken a cryptographic
standard,” it is unclear whether the agency was aware that the NSA was aggressively pushing for it to
adopt a compromised standard.249 Both NIST and the NSA issued statements after the stories broke in
September 2013 defending the standard, although NIST’s statement indicated that the agency would
also evaluate its processes to ensure that they were open, transparent, and held to high professional
standards.250 Yet, it is clear that, at least in part as a result of the NSA’s effort to exert its pervasive
influence and perceived security expertise, NIST issued a compromised algorithm that was included for
almost a decade in the cryptographic libraries of major tech companies, including Microsoft, Cisco,
Symantec and RSA, because it was required for eligibility for government contracts.251 “The impact of
weakening a standard may be even greater than a weakening a specific product or service because that
one standard may be used in so many different products and services,” notes a recent report from the
Institute of Electrical and Electronics Engineers in the U.S.252 Although some have argued that the
compromised algorithm was not widely-used, its presence in a number of products nonetheless
diminishes America’s reputation as a standards-setter, which is viewed as increasingly critical as foreign
competition for products and software intensifies. Meddling with standards can undermine American
industry, adding economic costs on top of security concerns.253
Weakening cryptographic standards demonstrably harms Internet security. It also hurts the credibility of
NIST, which has been directed by President Obama to draft cybersecurity guidelines for critical
infrastructure including telephone systems and power plants. “Suspicions of NSA intervention in NIST
standards in support of the NSA intelligence mission have a negative effect on NIST’s reputation and the
credibility of the standards NIST develops… [T]hey also have a negative effect on the credibility of US
industry that implements those standards and thus on international competitiveness,” observed
Microsoft’s Steven B. Lipner.254 Put simply, “NIST is operating with a trust deficit right now,” said Chris
Soghoian of the American Civil Liberties Union to the National Journal. 255 As part of an effort to begin
rebuilding that trust, NIST announced in May 2014 that it would begin a review of its cryptographic
standards and guidelines program with the help of a panel of outside experts known as the Visiting
Committee on Advanced Technology (VCAT).256 In July 2014, the VCAT issued a report that examined
the agency’s processes and relationship with the NSA, outlining a series of recommendations to rebuild
its credibility.257 These recommendations included improving transparency and openness around NIST
processes, increasing the technical staff at NIST, and clarifying NIST’s relationship with the NSA.258 As
Ellen Richey, an Executive Vice President at Visa, Inc. and member of the VCAT, noted in her assessment,
“The allegation that NSA has, or had, a program designed to insert weaknesses into global cryptographic
standards… calls into question the integrity… of all the cryptographic standards developed by NIST,”
adding that, “Participants in the development process should understand that the risk from conflicts of
interest arises from the appearance of impropriety, even in the absence of actual misconduct.”259
With regard to redefining or clarifying NIST’s statutory relationship to the NSA, parallel efforts are
underway in Congress as well. In May 2014, the House Science and Technology Committee voted to
adopt an amendment to the Frontiers in Innovation, Research, Science, and Technology (FIRST) Act
offered by Representative Alan Grayson (D-FL) which would remove the requirement that the NSA be
consulted on encryption standards, allowing NIST to request NSA assistance on an as-needed basis
instead.260 A similar amendment proposed by Representative Grayson that would prohibit the NSA
from using appropriations funds to interfere with NIST’s security standards was approved by the House
in June 2014 as part of a defense appropriations bill.261 However, it remains to be seen if such a
measure will ultimately be passed into law.
2nc – solves encryption
Increased support, usage, and standards of encryption solves cybersecurity
Rubinstein and Hoboken 14 – *Senior Fellow at the Information Law Institute (ILI) and NYU School of
Law, AND **Microsoft Research Fellow in the Information Law Institute at New York University, PhD
from the University of Amsterdam (Ira and Joris Van, PRIVACY AND SECURITY IN THE CLOUD: SOME
REALISM ABOUT TECHNICAL SOLUTIONS TO TRANSNATIONAL SURVEILLANCE IN THE POST- SNOWDEN
ERA, 66 Maine L. Rev. 488, September 2014, http://ssrn.com/abstract=2443604)//JJ
B. The Industry Response: Taking Care of Old Business
In a recent article, reporter Steven Levy nicely captures the general response of Internet firms to the
Snowden revelations by providing a look “inside their year from hell.”133 Levy documents industry’s
struggle to craft a proper response to the uproar about direct government access to their servers (as
alleged in the early reports of PRISM) and reassure overseas customers in light of the unhelpful U.S.
government statements that NSA snooping was only directed at “non-American citizens.”134 Industry
had little success in quelling suspicion and regaining trust, especially from foreign customers and
governments. “Every time we spoke it seemed to make matters worse . . . [w]e just were not believed,”
explained one tech executive to Levy.135
Quite apart from overcoming this atmosphere of general distrust, industry players had enough on their
hands in deciding on a practical response to the Snowden troubles. Of the many possible technical
measures aimed at restricting undue access to online information and communication, the most obvious
one for them to consider was more extensive use of encryption . When properly implemented by cloud
providers, encryption measures can help secure communications and stored data against third party
intrusions, including those of government intelligence agencies.136 At the very least, service providers
could deploy encryption protocols like TLS/SSL to secure client-server communications between users
and their own services.137 The MUSCULAR revelations suggest that service providers could also encrypt
data more comprehensively once it arrives at their servers for processing or storage.138 Indeed, many
of the measures discussed in this Section are but old wine in new bottles: that is, prudent responses to
longstanding security risks that have been given greater urgency by the Snowden revelations. If the
cloud industry had taken information security more seriously years ago, their services would have been
less vulnerable in the first place.
Before turning to the specifics of the industry responses, it is worth briefly observing that despite the
value of encryption measures in hindering surveillance, it has some limitations. In particular, as long as a
service provider holds or has access to its users’ encryption keys, it maintains the ability to access a
user’s data in unencrypted form, notwithstanding the fact that data travels between a client and a
server securely. Moreover, for encryption measures to be effective in preventing backdoor access,
industry must rely on cryptographic standards and implementations that have not been corrupted and
must keep encryption keys out of the hands of government agencies. This may seem obvious, but
achieving it is less so. Recent revelations related to NSA efforts to undermine cryptographic standards
themselves are particularly worrying in this regard.139
In its discussion of what should be done to promote security and trust in encryption technologies, the
President’s Review Group implicitly rejected NSA activities undermining encryption standards by
recommending that the U.S. Government should : “(1) fully support and not undermine efforts to
create encryption standards ; (2) not in any way subvert, undermine, weaken, or make vulnerable
generally available commercial software; and (3) increase the use of encryption and urge US companies
to do so , in order to better protect data in transit, at rest, in the cloud, and in other storage.” While
specific implementations of encryption technologies may suffer from security weaknesses, the use of
encryption generally helps protect cloud data against interception by third parties , including
government agencies . In contrast, no encryption or weak encryption enables government agencies to
access cloud data without having to rely on legal process directed at cloud providers or the targeted
interception of key material.
Ex post CP
1nc – ex post CP
Text:
The United States federal government should:
--require ex post review by the Foreign Intelligence Surveillance Court of NSA surveillance
targeting criteria
--establish a public advocate at the FISC
--establish a cabinet-level privacy agency
The CP restores domestic and international confidence in US surveillance without
restricting the scope of NSA activities – instead it conducts post-surveillance
minimization
Margulies, 14 - Professor of Law, Roger Williams University School of Law (“CITIZENSHIP, IMMIGRATION,
AND NATIONAL SECURITY AFTER 9/11: THE NSA IN GLOBAL PERSPECTIVE: SURVEILLANCE, HUMAN
RIGHTS, AND INTERNATIONAL COUNTERTERRORISM” 82 Fordham L. Rev. 2137, April, lexis)
While I have concluded that U.S. surveillance policy does not violate the ICCPR, further reforms could
highlight this point and silence persistent doubts here and abroad. These reforms could also remove any
barriers to cooperation between the United States and foreign states, such as those in Europe, which
are subject to the European Convention on Human Rights. This section identifies reforms that would add
a public advocate to FISC proceedings, enhance FISC review of the criteria used for overseas
surveillance, establish a U.S. privacy agency that would handle complaints from individuals here and
overseas, and require greater minimization of non-U.S. person communications. These reforms would
signal U.S. support of evolving global norms of digital privacy.
Although President Obama's speech in January 2014 proposed a panel of independent lawyers who
could participate in important FISC cases, n161 further institutionalization of this role would be useful. A
public advocate would scrutinize and, when necessary, challenge the NSA's targeting criteria on a
regular basis. n162 Challenges would be brought in the FISC, after the NSA's implementation of criteria.
The NSA would be able to adapt the criteria on an exigent basis, subject to ex post review by the FISC
at the public advocate's behest. A public advocate and enhanced FISC review would serve three valuable
functions: (1) ensure that the FISC received the best arguments on both sides; (2) serve as a valuable ex
ante check on the government, encouraging the government to adopt those criteria that could
withstand subsequent scrutiny; and (3) promote domestic and global confidence in the legitimacy of
processes governing NSA surveillance .
A U.S. cabinet level privacy agency would also bolster the legitimacy of surveillance . The agency could
provide more regular recourse to subjects of surveillance, as the ECHR requires. That change would ease
the barriers to continued U.S.-Europe cooperation on counterterrorism. A national agency would also
work hand in hand with privacy officers in executive departments. It would increase the leverage of
those officials, who could advocate vigorously in internal debates, knowing that their views would also
have a champion in a free-standing executive department independent [*2166] of the national security
bureaucracy. There are downsides to this proposal, of course. A new agency would add expense, and
create some redundancy in government functions. Moreover, current models that provide recourse,
such as the approach currently taken by the Department of Homeland Security, n163 have been
criticized as unduly burdensome. n164 However, preserving cooperation with Europe and enhancing the
overall legitimacy of U.S. surveillance provides a compelling justification.
Each of these instrumentalities - a public advocate at the FISC and a new privacy agency - could also
work to strengthen minimization requirements for foreign communications. The NSA says that it
disposes of all irrelevant communications within five years. There may be ways to shorten this time and
require even more rigorous controls on sharing of information that lacks a clear link to terrorism or
other foreign intelligence matters. More exacting minimization would also promote U.S.-European
information sharing and enhance global legitimacy .
The net benefit is terrorism – the CP solves but avoids the chilling effect of ex ante
restrictions that prevents the NSA reacting in exigent circumstances
Margulies 14 [Peter, Professor of Law, Dynamic Surveillance: Evolving Procedures in Metadata and
Foreign Content Collection After Snowden,
http://papers.ssrn.com/sol3/papers.cfm?abstract_id=2400809&download=yes] Schloss
The better course for Congress would be to offer an itemized, but not exhaustive list of permissible uses
of U.S. person identifiers. Congress could permit U.S. person queries in cases involving pre-existing FISA
orders, threats to life, efforts to join international terrorist groups (the ISIS example), and other
transnational illegal activity. This list would not categorically bar other uses of U.S. person identifiers,
allowing some room for those uses when compelling circumstances arose. However, it would frame the
substantive discussion in a useful way, and send a signal to the FISC and the executive branch that
deliberation on the scope of U.S. person queries was vital.
A set of guidelines like those suggested would also compensate for the broader latitude that the NSA
has for incidental collection under § 702. In cases that comprise the basis for the incidental collection
doctrine, a federal judge had already issued a warrant based on probable cause to believe that
wrongdoing had occurred.383 That is not the case with § 702, where the FISC merely reviews
government targeting procedures.384 The latitude permitted under § 702 gives the government more
room to frame initial searches to ensnare Americans. Critics have surely exaggerated the government’s
ability to engage in reverse targeting. Evidence that the NSA has engaged in such practices is slim to
nonexistent. However, a dynamic approach that adjusts to the post-Snowden climate should not treat
the absence of reported abuse as a recipe for complacency. Instead, this is the appropriate time to put
in place safeguards that will avoid abuse in the future.
External constraints should be optimal for providing flexibility while ensuring checks on potential abuse.
As in other situations, a public advocate should receive notice of the NSA’s use of U.S. person identifiers
to query § 702 data. Once a statutory standard is in place, the advocate should be able to seek FISC
review of any identifier when a reasonable possibility exists that the use of the identifier does not
comply with Congress’s formulation. This review would be ex post , to avoid chilling the agency’s
discretion in exigent situations . Ex post review would still be meaningful, given the NSA’s status as a
repeat player dependent on the FISC’s continued good will. External constraints of this kind would
assure critics that substantive standards were being followed. This external check is essential in the
post-Snowden climate, in which internal “protocols” have – perhaps to a fault – become objects of
corrosive cynicism.
NSA confidence to act in exigent circumstances are key to fighting terrorism
Jordan 2006 – Adjunct Professor of Law, Washington & Lee University School of Law, Institute Fellow,
New York University School of Law, Institute for International Law and Justice, J.D. with honors
Washington and Lee University School of Law, B.A. Dickinson College (David, “DECRYPTING THE FOURTH
AMENDMENT: WARRANLESS NSA SURVEILLANCE AND THE ENHANCED EXPECTATION OF PRIVACY
PROVIDED BY ENCRYPTED VOICE OVER INTERNET PROTOCOL” 47 B.C.L. Rev. 505, law digital
commons)//TT
http://lawdigitalcommons.bc.edu/cgi/viewcontent.cgi?article=2330&context=bclr
The NSA is perhaps the most important force protecting the United States from foreign terrorism and
other threats to national security. The information provided by the agency informs national security and
foreign policy decisionmakers, thereby also playing a vital role in ensuring international peace and
security. While the incredible value of this agency cannot be overstated, neither can the risks posed by
its vast capabilities. The broad scope of the agency's vigilant efforts has the potential to threaten the
legitimate rights of American citizens, and appropriate checks must be in place.234
FISA provides a well-established legal framework that has protected the rights of American citizens from
unwarranted government surveillance since 1978. 235 Although it appears that this framework recently
may have been circumvented through a secret executive order,236 warrantless surveillance of
Americans is nothing new. 237 Gaps in our legal protections have existed since FISA's enactment. 236
The NSA's minimization procedures provide strong protection for the rights of U.S. citizens under most
circumstances, but they allow breaches to occur in situations that are arguably the most crucial.
Although the NSA is required to destroy information inadvertently obtained about U.S. citizens in most
cases, the current minimization procedures allow the agency effectively to initiate criminal
investigations by turning over such information to law enforcement if criminal conduct is revealed. This
places Americans at risk of criminal prosecution resulting from warrantless eavesdropping on their
private telecommunications. This should not be permitted. Although it may not be practicable for the
NSA to obtain a warrant in every case where information about U.S. citizens may be inadvertently
acquired, the heightened expectation of privacy provided by encrypted Internet telephony should
require additional limitations on what may be done with such information after it is acquired.
USSID 18 must be redrafted to forbid the use of inadvertently obtained information for the purpose of
initiating criminal investigations against U.S. citizens unless exigent circumstances are presented . By
disallowing the use of such information for these purposes, the government would be ensuring that the
NSA stays focused on its primary mission— protecting the United States from terrorism and foreign
intelligence operations—and not engaging in general criminal investigations domestically. Under the
current directive, the NSA has an incentive to collect as much "inadvertently acquired" information as
possible. If the possibility of using such information to initiate unrelated criminal investigations were
removed, the agency would cease to have an incentive to collect information unrelated to its national
security mission. This would provide the agency with an incentive to maintain its focus on foreign
terrorism and counterintelligence, and it would curb the temptation to stray into unrelated matters
more appropriately left to those charged with domestic law enforcement.
This solution would allow the NSA to protect U.S. national security, while also enabling American citizens
to communicate with foreign acquaintances without fear. It would also have the benefit of restoring
public confidence in the NSA , effectively combating the perception that the agency engages in
frequent violations of the very rights it was created to defend.
2nc – ex post solves
The CP’s ex post review process deters executive abuse and restores legitimacy to US
surveillance
Sales, 14 - Associate Professor of Law, Syracuse University College of Law (Nathan, I/S: A Journal of Law
and Policy for the Information Society, “Domesticating Programmatic Surveillance: Some Thoughts on
the NSA Controversy” 10 ISJLP 523, Summer, lexis)
As for the structural considerations, one of the most important is what might be called an antiunilateralism principle. A system of programmatic surveillance should not be put into effect on the sayso of the executive branch, but rather should be a collaborative effort that involves Congress (in the
form of authorizing legislation) or the judiciary (in the form of FISA court review of the initiatives). n42
An example of the former is FISA itself, which Congress enacted in 1978. At the time, the NSA was
engaged in bulk collection, without judicial approval, of certain international communications into and
out of the United States--namely, by tapping into offshore telecommunications cables and by
eavesdropping on satellite based radio signals. FISA's [*533] famously convoluted definition of
"electronic surveillance" n43 preserved these preexisting practices even as Congress was imposing a
new requirement of judicial approval for other kinds of monitoring. n44 An example of the latter
concerns the warrantless Terrorist Surveillance Program, under which the NSA was intercepting, outside
the FISA framework, certain communications between suspected al-Qaeda figures overseas and people
located in the United States. After that program's existence was revealed in late 2005, the executive
branch persuaded the FISA court to issue orders allowing it to proceed subject to various limits. n45
(That accommodation eventually proved unworkable, and the executive then worked with Congress to
put the program on a more solid legislative footing through the temporary Protect America Act of 2007
n46 and the permanent FISA Amendments Act of 2008.) n47
Anti-unilateralism is important for several reasons. To take the most obvious, Congress and the courts
can help prevent executive overreach. n48 The risk of abuse is lessened if the executive branch must
enlist its partners before commencing a new surveillance initiative. Congress might decline to permit
bulk collection in circumstances where it concludes that ordinary, individualized monitoring would
suffice, or it might authorize programmatic surveillance subject to various privacy protections. In
addition, inviting many voices to the decision-making table increases the probability of sound outcomes.
More participants with diverse perspectives can also help mitigate the groupthink tendencies to which
the executive branch is sometimes [*534] subject. n49 If we're going to engage in programmatic
surveillance, it should be the result of give and take among all three branches of the federal
government, or at least between its two political branches, not the result of executive edict.
A second principle follows from the first: Programmatic surveillance should, wherever possible, have
explicit statutory authorization. Congress does not "hide elephants in mouseholes," n50 the saying goes,
and we should not presume that Congress meant to conceal its approval of a potentially controversial
programmatic surveillance system in the penumbrae and interstices of obscure federal statutes. Instead,
Congress normally should use express and specific legislation when it wants to okay bulk data collection.
Clear laws will help remove any doubt about the authorized scope of the approved surveillance, thereby
promoting legal certainty . Express congressional backing also helps give the monitoring an air of
legitimacy . And, a requirement that programmatic surveillance usually should be approved by clear
legislation helps promote accountability by minimizing the risk of congressional shirking. n51 If the
political winds shift, and a legislatively approved program becomes unpopular, Congress will not be able
to hide behind an ambiguous statutory grant of power and deflect responsibility to the President.
Ex post oversight is key to effective programmatic surveillance – the CP allows the
government to collect all available data – it just puts ex post restrictions on the data
analysis stage that deters executive data abuses
Sales, 14 - Associate Professor of Law, Syracuse University College of Law (Nathan, I/S: A Journal of Law
and Policy for the Information Society, “Domesticating Programmatic Surveillance: Some Thoughts on
the NSA Controversy” 10 ISJLP 523, Summer, lexis)
As for the operational considerations, among the most important is the need for external checks on
programmatic surveillance. In particular, bulk data collection should have to undergo some form of
judicial review, such as by the FISA court, in which the government demonstrates that it meets the
applicable constitutional and statutory standards. Ideally, the judiciary would give its approval before
collection begins. But this will not always be possible, in which case timely post-collection judicial review
will have to suffice. (FISA has a comparable mechanism for temporary warrantless surveillance in
emergency situations.) n60 Programmatic surveillance also should be subject to robust congressional
oversight. This could take a variety of forms, including informal consultations with members of Congress
when designing the surveillance regime (including, at a minimum, congressional leadership and
members of the applicable committees), [*537] as well as regular briefings to appropriate personnel on
the operation of the system and periodic oversight hearings.
Of course, judicial review in the context of bulk collection won't necessarily look the same as it does in
the familiar setting of individualized monitoring of specific targets. If investigators want to examine the
telephony metadata associated with a particular terrorism suspect, they can apply to the FISA court for
a pen register or trap and trace order upon a showing that the information sought is relevant to an
ongoing national security investigation. n61 But, as explained above, that kind of particularized showing
often won't be possible where authorities are dealing with unknown threats, and where the very
purpose of the surveillance is to identify those threats. In these situations, reviewing courts may find it
necessary to allow the government to collect large amounts of data without individualized suspicion.
This doesn't mean that privacy safeguards must be abandoned and the executive given free rein.
Instead, courts could be tasked with scrutinizing the initiative's overall structure and operation to
determine its compatibility with constitutional and statutory requirements. And courts further could
require authorities to demonstrate some level of individualized suspicion before accessing the data that
has been collected. Protections for privacy and civil liberties thus can migrate from the collection phase
of the intelligence cycle to earlier and later stages, such as the systems design and analysis stages. n62
In more general terms, because programmatic surveillance involves the collection of large troves of
data, it likely means some dilution of the familiar ex ante restrictions that protect privacy by
constraining the government from acquiring information in the first place. It therefore becomes critically
important to devise meaningful ex post safeguards that can achieve similar forms of privacy protection.
In short, restrictions on the government's ability to access and use data that it has gathered must
substitute for restrictions on the government's ability to gather that data at all; what I have elsewhere
called use limits must stand in for collection limits . n63
This sort of oversight by the courts and Congress provides an obvious, first-order level of protection for
privacy and civil liberties--an external veto serves as a direct check on possible executive [*538]
misconduct. Judicial and legislative checks also offer an important second-order form of protection. The
mere possibility of an outsider's veto can have a chilling effect on executive misconduct, discouraging
officials from questionable activities that would have to undergo, and might not survive, external
review. n64 Moreover, external checks can channel the executive's scarce resources into truly important
surveillance and away from relatively unimportant monitoring. This is so because oversight increases the
administrative costs of collecting bulk data--e.g., preparing a surveillance application, persuading the
judiciary to approve it, briefing the courts and Congress about how the program has been implemented,
and so on. These increased costs encourage the executive to prioritize collection that is expected to
yield truly valuable intelligence and, conversely, to forego collection that is expected to produce
information of lesser value.
Ex ante requirements amount to a rubber stamp
Harvard Law Review, 8 – no author cited, “SHIFTING THE FISA PARADIGM: PROTECTING CIVIL LIBERTIES
BY ELIMINATING EX ANTE JUDICIAL APPROVAL” http://cdn.harvardlawreview.org/wpcontent/uploads/pdfs/shifting_the_FISA_paradigm.pdf
The FISC approves virtually every application for an order with which it is presented. According to
Electronic Privacy Information Center (EPIC) statistics, the court denied only five applications from its
inception through 2006.40 In that time, it has approved thousands of others, including a new high of
2176 in 2006.41 Of course, “[i]t is possible to draw divergent conclusions from this data. One could infer
that the extensive FISA safeguards have forced the Executive to self-censor its requests. One could also
argue, however, that the courts act merely as a ‘rubber stamp’ whenever the Executive invokes
national security.”42 Upon analyzing FISA’s structure and track record, the nature of electronic
surveillance in service of national security, and more general separation of powers and national security
lessons, it seems that something more like the latter is the ultimate result of FISA.
Limitations inherent in the project of judicial pre-approval of national security surveillance render the
system unable to perform the function for which it was created; each of the problems described below
mutually reinforces the others, leading to systemic ineffectiveness . In the absence of the notice
requirements that attach in domestic surveillance, 43 and in light of the ex parte nature of FISC
proceedings, no opportunity for meaningful review may ever present itself.44 “The potential for abuse is
substantial, since all applications remain sealed and unavailable to the public, and since targets are
never notified that they have been under surveillance.”45
The lack of adversariality, reliance on executive representations and national security
framing mean it’s a rubber stamp
Harvard Law Review, 8 – no author cited, “SHIFTING THE FISA PARADIGM: PROTECTING CIVIL LIBERTIES
BY ELIMINATING EX ANTE JUDICIAL APPROVAL” http://cdn.harvardlawreview.org/wpcontent/uploads/pdfs/shifting_the_FISA_paradigm.pdf
1. Non-adversariality. — One of the most striking elements of the FISA system is the total absence of
adversariality. Because the collection of intelligence in this context requires by its very nature that the
surveilled party not receive notice in advance, the ex ante approval system is almost by definition also
ex parte. This puts the FISC in an “anomalous position,”46 in the words of the current Attorney General,
similar to that of a court reviewing FISA materials for admission in a criminal case. In such situations,
“[t]he judge is forced not only to act as an arm of the prosecution in weighing the prosecution’s
arguments about whether disclosure would or would not compromise national security, but also to act
as a defense lawyer in determining whether the information is useful to the defendant.”47 Similarly, in
reviewing a FISA application, the FISC must attempt the difficult, if not impossible, task of
simultaneously occupying the roles of advocate and neutral arbiter — all without the authority or ability
to investigate facts or the time to conduct legal research.48 The judge lacks a skeptical advocate to vet
the government’s legal arguments, which is of crucial significance when the government is always able
to claim the weight of national security expertise for its position. It is questionable whether courts can
play this role effectively, and, more importantly, whether they should.49
2. Reliance on Executive Representations. — One frequently overlooked element of the FISA system is
its almost complete reliance upon the Executive’s representations and willingness to abide by the
statutory terms.50 This would be all the more true if Congress lowers the degree of factual specificity
necessary for issuance of a FISC order, a change that is included in both the Senate and House bills.51
Even under the current standard, however, the FISC cannot inquire behind the representations made by
the applicant; so long as the applicant presents a “statement of facts showing that there are reasonable
grounds”52 for the order to issue, “the judge shall enter an ex parte order as requested.”53
There is a strong connection between the difficulties of relying on executive branch representations and
the ex parte nature of the FISC inquiry: the FISC lacks the presence of an adversarial voice drawing into
focus any concerns with an application. In this sense, the two problems are mutually reinforcing. Indeed,
the FISC on one occasion detailed “misstatements and omissions of material facts” that the government
confessed “in some 75 FISA applications,”54 problems that did not come to light at the time the orders
were issued. In this context it is also worth noting that the Executive has never actually accepted that it
is bound by FISA, citing inherent presidential authority over national security under Article II of the
Constitution.55 The current administration acted in part on this basis in operating the TSP.56 Lacking the
ability to initiate an inquiry beyond what the Executive brings to its attention, the FISC’s oversight of the
process is substantially controlled by the very entity it is designed to oversee.
3. Institutional Limitations of the Judiciary. — Even if the above problems could be overcome,
institutional factors that are inherent in the national security arena will always function to limit the
ability of the judiciary to serve as an effective check. First, the surveillance that FISA deals with
necessarily involves secrecy, inherently requires policy judgments, and takes place in the context of the
increased powers of the Executive in the national security arena. As a result, policymakers are rightly
fearful of giving too much review power to courts and face inevitable pressure to scale back the amount
of decisionmaking authority left to the judiciary.
Second, the courts are, and have always been, extremely passive in exercising jurisdiction over cases
touching upon national security, both because of the reasons just noted (political judgment and
executive power) and because of resultant concerns for institutional legitimacy and judicial restraint.57
Courts tend to be highly deferential because of “concern for the efficiency and expertise of the nation’s
foreign intelligence process and the deleterious effects that might result from judicial interference.”58
Judges are most certainly aware of the limits of their own policy expertise. This effect is greatly
enhanced when judges must weigh the national security necessity ex ante, rather than being asked to
review it after the fact.
Indeed, it is interesting to note that the scope of review exercised by the FISC has steadily narrowed
over time. To be sure, it was narrow to begin with,59 but both legislative action and limiting
constructions applied by the courts themselves have narrowed the FISC’s authority even further. For
example, when Congress amended FISA to require only that national security be a “significant purpose,”
rather than the “primary purpose,” of the surveillance for which authorization is sought,60 the FISCR
read the statutory shift quite broadly. It held that when surveillance of a foreign agent is undertaken for
purposes of both national security and law enforcement, the government need only “entertain[] a
realistic option of dealing with the agent other than through criminal prosecution” in order to satisfy the
test.61 The court reasoned that the new provisions “eliminated any justification for the FISA court to
balance the relative weight the government places on criminal prosecution as compared to other
counterintelligence responses.” 62 Yet this seems a far less robust limit than the plain language or
legislative history indicated: importantly, the legislature considered and rejected requiring only “a”
rather than “a significant” purpose.63 Given a hint of statutory ambiguity, then, the court effectively
read the requirement of “significant purpose” out of the statute, resulting in a regime of even less
exacting scrutiny. Ultimately, “[t]hrough a combination of government tactics, the mandate of the FISA
court, and federal court interpretations of the FISA law, the FISA safeguards which were intended to
balance individual rights against the government’s claims of national security have been essentially
eviscerated.”64
As a result, “[c]harging a panel of federal judges with insufficient background information on specific
cases, and little intelligence experience, with approving foreign intelligence surveillance applications has
resulted in an essentially rubber stamp process where applications are practically never denied.”65
Primary reliance on judicial oversight will virtually always tend toward deference, both in exercising
jurisdiction and in determining individual cases.
Ex ante review undermines effective restrictions on domestic surveillance and shuts
down an engaged citizenry
Harvard Law Review, 8 – no author cited, “SHIFTING THE FISA PARADIGM: PROTECTING CIVIL LIBERTIES
BY ELIMINATING EX ANTE JUDICIAL APPROVAL” http://cdn.harvardlawreview.org/wpcontent/uploads/pdfs/shifting_the_FISA_paradigm.pdf
Ex ante judicial review is not only of limited effectiveness, but it is also affirmatively harmful in several
respects. Ex ante judicial approval imparts a broader imprimatur of validity than is warranted given the
limited effectiveness of the review. Further, it clouds accountability and can be a cumbersome and
intrusive process harmful to national security interests. In fact, “the creation of FISA courts may actually
have resulted in fewer restrictions on the domestic surveillance activities of intelligence agencies”69
because “[t]he secrecy that attends FISC proceedings, and the limitations imposed on judicial review of
FISA surveillance, may insulate unconstitutional surveillance from any effective sanction.”70
1. The Judicial Imprimatur. — The issuance of an order by the FISC confers a stamp of approval from the
widely respected Article III courts. A FISC order makes a strong statement that a neutral arbiter has
looked closely at the situation and found the surveillance warranted. Yet, as the set of limitations just
discussed indicates, the protective force of a FISC order may not align with the actual vigor of the
inquiry.
This disparity may give rise to several problems. First, changed circumstances following the issuance of
the order may undermine the validity of the surveillance. Minimization procedures are largely unhelpful
in solving this problem: “[T]he Act provides for the same kind of incoherent and largely unenforceable
‘minimization’ requirements that plague criminal wiretap statutes.”71 Much more importantly, the
judicial order may mask and indeed later provide cover for improper governmental motives and
improper intrusions on liberty.72 In these situations, ex ante review may sanitize the improper
surveillance . The presence of the judicial order may function to dissuade legislative or executive
oversight entities from inquiry. Worse, judicial orders offer the potential for the government to hide
behind the nominally objective, even if only minimally rigorous, scrutiny that they represent.
Surveillance conducted for political reasons, for example, might escape detection, condemnation, and
consequences — political, if not legal — if that surveillance is given judicial protection.73 Indeed, this
sanitization could occur on an even broader level: ex ante judicial approval interferes with the healthy
public skepticism that attends political actors and that may help keep the citizenry engaged in
considering the difficult tradeoffs between liberty and security necessary in this context. This is not to
say that the judiciary should decline to play a constitutionally permissible role; rather, the point is that
system designers concerned with protecting civil liberties should keep in mind the drawbacks of ex ante
approval. In total, the capacity of ex ante approval to enable some of the most dangerous sorts of
abuses far outweighs its middling ability to provide a useful check.
Ex ante review undermines political accountability – key to checking abuses and
fostering public engagement
Harvard Law Review, 8 – no author cited, “SHIFTING THE FISA PARADIGM: PROTECTING CIVIL LIBERTIES
BY ELIMINATING EX ANTE JUDICIAL APPROVAL” http://cdn.harvardlawreview.org/wpcontent/uploads/pdfs/shifting_the_FISA_paradigm.pdf
2. Clouded Accountability. — Although several of FISA’s provisions recognize the need for clear lines of
accountability, the statute’s broad structure fails to account for this crucial element. A simple
comparison is useful: The Attorney General would be far more politically exposed if he or she signed off
on an improper emergency order, which permits an exception to the ex ante approval requirement,
rather than a regular FISA order approved by the FISC. In fact, the emergency authorization procedures
under 50 U.S.C. § 1805(f) recognize the need for accountability by requiring notice if the application is
turned down after the Attorney General has authorized it on an emergency basis.74 Similarly, the
personal review provisions of § 1804(e) establish clear lines of authority for approval. But the presence
of a judicial order authorizing surveillance permits a culpable official to escape the political
consequences of his or her improprieties by using the court’s approval as evidence of reasonableness,
claiming reasonable reliance, or foisting blame upon the court.
Exposing the Attorney General — and through him or her the President — to the political consequences
of these decisions is crucial for two reasons: First, it minimizes the possibility of politically motivated
surveillance that would pass minimal judicial review, because such invasions of privacy would be seen as
wholly illegitimate.75 Second, it would both enable and force the American public to confront the fact
that, ultimately, it is responsible for determining the proper balance between liberty and security. The
public will be much more comfortable with allowing invasions of fellow citizens’ privacy when judges
authorize them. In the end, “if a government is intent on engaging in interrogation to protect national
security there is little the judges can do about it anyway.”76 Forcing citizens to think hard about their
values is of particular importance in the context of a vague “war on terror” devoid of identifiable
boundaries.
Ex post review creates the best overall balance between liberty and national security
Harvard Law Review, 8 – no author cited, “SHIFTING THE FISA PARADIGM: PROTECTING CIVIL LIBERTIES
BY ELIMINATING EX ANTE JUDICIAL APPROVAL” http://cdn.harvardlawreview.org/wpcontent/uploads/pdfs/shifting_the_FISA_paradigm.pdf
C. The Role of the Courts
While the limitations and dangers associated with ex ante judicial approval of national security
surveillance counsel in favor of developing a new core means of protecting civil liberties in this arena,
they in no way mandate a complete elimination of the judicial role. To the contrary, an appropriately
modified role for the judiciary is of fundamental importance to address some of the limitations of the
system of political checks. Ultimately, a return of the judiciary to its pre-FISA role of ex post
reasonableness review would permit the federal courts to complement the proposed broader oversight
system and to meet Fourth Amendment requirements by restoring judicial focus to individual
constitutional rights and relaxing national security pressures on the courts.101
1. Fourth Amendment Strictures. — It is worth noting initially that FISA has always contemplated
situations in which full-on ex ante judicial oversight is not necessary to permit domestic electronic
surveillance. At present, FISA conceives of three situations in which a court order is not necessary. These
are all situations in which the balance in favor of the government is most compelling because the risk to
privacy interests is low, the need for dispatch is great, or a drastic change of circumstances takes place.
First, 50 U.S.C. § 1802 gives the Attorney General power, upon written certification under oath, to
authorize up to one year of electronic surveillance directed at communications “exclusively between or
among foreign powers” or “technical intelligence . . . from property or premises under the open and
exclusive control of a foreign power” so long as “there is no substantial likelihood that the surveillance
will acquire the contents of any communication to which a United States person is a party” and
minimization procedures are complied with. Second, under § 1805(f), the Attorney General may
authorize emergency surveillance without court interference for seventy-two hours if he or she
determines that a standard FISA order could not be acquired in time and that there is a sufficient
“factual basis for issuance of an order.” Finally, for fifteen days following a declaration of war, § 1811
permits non-court-ordered, Attorney General–authorized surveillance.
Foreign intelligence surveillance occupies a unique spot in the Court’s Fourth Amendment
jurisprudence.102 In Katz v. United States,103 the Court issued perhaps its sternest statement on the
obligation of obtaining a warrant prior to exercising a search,104 while also extending Fourth
Amendment protection to include electronic surveillance. 105 Importantly, however, the Court
expressly reserved the issue of electronic surveillance in the national security context.106 In United
States v. U.S. District Court107 (the Keith case), the Court again focused on the need for “prior judicial
scrutiny” in rejecting the government’s claim for an exception to the warrant requirement in the
domestic national security context.108 Yet once again, the Court made a crucial reservation: “[T]his case
involves only the domestic aspects of national security. We have not addressed, and express no opinion
as to, the issues which may be involved with respect to activities of foreign powers or their agents.”109
It is thus an open constitutional question whether foreign intelligence surveillance falls within an
exception to the Fourth Amendment’s warrant requirement.
While full argumentation for the proposition that the Fourth Amendment embodies such an exception is
beyond the scope of this Note,110 the case law is clear that the true “touchstone of the Fourth
Amendment is reasonableness,”111 such that the Fourth Amendment only “[s]ometimes . . . require[s]
warrants.”112 Especially in light of the increasing number of exceptions to the warrant requirement,113
it seems likely that an exception is appropriate in the context of foreign intelligence surveillance for
purposes of national security, not only in terms of meeting a more formalist reading of the Fourth
Amendment, but even more forcefully meeting a functionalist reading, under which the improved
protections of civil liberties could render the decreased reliance on ex ante judicial review preferable
under the Fourth Amendment.
2. Policy Benefits. — A proponent of a national security exception notes that “[t]he repeal of FISA . . .
would simply effectuate the nation’s return to its previous tradition.”114 Yet the obvious retort is that
the very abuses detailed in the Church Committee report were a major product of that tradition. Still,
the old tradition did have some benefits that can be obtained by coupling the ex post reasonableness
role of reviewing courts with the political checks described above. For one, rather than shielding
meaningful inquiry, as ex ante review can, ex post review may produce “a renewed focus on Fourth
Amendment principles”115 by both the judicial and political branches. Indeed, the more developed
factual setting available in ex post review would help with the effort to define reasonableness.
Further, it could be argued that since only a small number of people are likely to be affected by
surveillance, and especially given that those affected are likely to be disfavored or underrepresented
groups such as members of minority religions or immigrants, the political process cannot be trusted to
perform oversight. Yet ex post judicial review would remain a powerful check if the government seeks to
use FISA-gathered information in other legal settings, such as criminal trials, habeas corpus proceedings,
or motions for prospective relief. Ex post reasonableness review thus provides an important backstop to
the oversight process.
IV. CONCLUSION
The current FISA system is illogical. Its purported benefits are at best questionable, and it features
serious drawbacks in terms of the efficient functioning of national security surveillance and the
numerous ways it undermines protections of liberty. While the Senate bill falls short of instituting the
sort of robust political checks buttressed by ex post judicial review necessary to provide adequate
protections, it offers an important paradigm shift in the way that FISA is conceived. This
reconceptualization should be embraced and bettered by incorporating some of the terms of the House
bill, rather than rejected as insufficiently protective of the role of the judiciary. Those concerned with
protecting civil liberties should view an end to reliance on ex ante judicial review as a chance to develop
real political checks that can vigorously protect both national security and liberty interests.
AT: Courts will defer
Ex post review creates executive self-restraint despite deference
Goitein and Patel 15 - Elizabeth (Liza) Goitein co-directs the Brennan Center for Justice’s Liberty and National Security Program. Served
as counsel to Sen. Russell Feingold with a particular focus on government secrecy and privacy rights. Was a trial attorney in the Federal
Programs Branch of the Civil Division of the Department of Justice. Graduated from the Yale Law School and clerked for the Honorable Michael
Daly Hawkins on the U.S. Court of Appeals for the Ninth Circuit. Faiza Patel serves as co-director of the Brennan Center for Justice’s Liberty and
National Security Program. Clerked for Judge Sidhwa at the International Criminal Tribunal for the former Yugoslavia. Ms. Patel is a graduate of
Harvard College and the NYU School of Law. (Elizabeth and Faiza, “What went wrong with the FISA court”, Brennan Center for Justice at New
York University School of Law, 2015 //DM)
290 Advocates for greater oversight might argue that a clear error review — on a matter in which the
judiciary already is inclined to be deferential to the executive’s judgments — would accomplish little. In
fact, however, the requirement would serve an important checking function. By forcing the government
to articulate the factual basis for choosing selectors, it would create an incentive for self-restraint at the
front end of the process. While it is unlikely that the FISA Court would reject any of the selectors that
the government submitted to it, it is quite likely that the list of selectors presented to the court would
be smaller and better justified than would otherwise be the case. On the flip side, the government
would no doubt argue that this proposal represents an unworkable burden on the executive branch and
the FISA Court. If the government’s scope of collection remained as broad as it is now, that argument
might hold some weight. However, the burden stemming from this proposal should be greatly
diminished by the reinstatement of the “agent of a foreign power” and “primary purpose” criteria, as
well as the narrowing of the definition of “foreign intelligence information.” Following these changes,
the number of targets for whom selection terms must be presented to the court — while no doubt large
— should be nowhere near the reported 89,000 targets today. 2013 Transparency Report, supra note
178 (estimating that 89,138 targets were affected by Section 702 in 2013).
AT: FISC oversight weak
The public advocate part of the CP and the strengthening of PCLOB to make it a
cabinet level agency remedies existing weaknesses of the FISC
Setty, 15 - Professor of Law and Associate Dean for Faculty Development & Intellectual Life, Western
New England University School of Law (Sudha, “Surveillance, Secrecy, and the Search for Meaningful
Accountability” 51 Stan. J Int'l L. 69, Winter, lexis)
One promising move with regard to oversight and transparency has been the establishment and staffing
of the Privacy and Civil Liberties Oversight Board (PCLOB). n186 This board, tasked with assessing many
aspects of the government's national security apparatus both for efficacy and for potentially
unnecessary incursions into civil liberties, has a broad mandate and, compared with many national
security decision makers, significant independence from the executive branch. n187 Retrospectively, the
PCLOB has, among other things, issued the highly critical report of the NSA Metadata Program in
January 2014 that led to further public pressure on the Obama administration to curtail this program; it
is promising that the PCLOB's prospective agenda includes further analysis of various surveillance
programs. n188 However, the PCLOB's potential influence in protecting civil rights may be limited by its
position: The PCLOB is an advisory body that analyzes existing and proposed programs and possibly
recommends changes, but it cannot mandate that those changes be implemented. The ability to have a
high level of access to information surrounding counterterrorism surveillance programs and to
recommend changes in such programs is important and should be lauded, but over-reliance on the
PCLOB's non-binding advice to the intelligence community to somehow solve the accountability and
transparency gap with regard to these programs would be a mistake.
For example, on prospective matters, it is likely that intelligence agencies would consult the PCLOB only
if the agency itself considers the issue being faced new or novel, as the NSA metadata program was
labeled prior to its inception. In such cases, decision makers within an agency generally ask whether the
contemplated program is useful or necessary, technologically feasible, and legal. If all three questions
are answered affirmatively, the program can be implemented. Now that the PCLOB is fully operational,
it seems likely that if a contemplated program is considered new or novel, an intelligence agency would
consult the PCLOB at some stage of this process for its guidance on implementing the program. This
nonpartisan external input may improve self-policing within the [*102] intelligence community and
help intelligence agencies avoid implementing controversial programs or, even if implemented, set
better parameters around new programs. n189
If the PCLOB is able to exert some degree of soft power in influencing national security decision-making,
then the judiciary represents hard power that could be used to force the protection of civil liberties
where it might not otherwise occur. The FISC should be reformed to include a public advocate lobbying
on behalf of privacy concerns, making the process genuinely adversarial and strengthening the FISC
against charges that it merely rubber stamps applications from the intelligence community. n190 Article
III courts need to follow the lead of Judge Leon in Klayman in conceptualizing privacy as broad and
defensible, even in a world where electronics-based communication is dominant and relatively easy for
the government to collect. If the judicial defense of privacy were combined with the possibility of
liability for violations of that privacy, it is likely that this would incentivize increased self-policing among
the members of the intelligence community. The creation of an active PCLOB and a more adversarial
process before the FISC will not provide a perfect solution to the dilemmas posed by the government's
legitimate need for secrecy and the protection of the public against potential abuse. Yet because these
changes are institutional and structural, they are well-placed to improve the dynamic between the
intelligence community, oversight mechanisms, and the public.
Conclusion
Genuine accountability should not depend on the chance that an unauthorized and illegal leak will
occur. In the comparative example of the United Kingdom, engagement with a European Union
energized with a commitment to increase privacy protections, along with domestic parliamentary
oversight, provide two potential avenues for increased constraint on surveillance. In India, the
parliament and the courts historically enabled, not constrained, the intelligence community. Whether
that stance will continue as the government's technological capabilities increase is yet to be seen.
Domestically, it could be argued that the types of reform recommended here to improve actual
accountability and transparency over programs like the NSA Metadata Program are overkill: They
involve multiple branches of government, the PCLOB, and the public. However, much of the
accountability apparatus that has been in place was dormant until the Snowden disclosures, and would
have remained passive without those disclosures. A multi-faceted, long-term, structural approach
[*103] to improving transparency and accountability - one that involves at a minimum the courts and
the PCLOB, but hopefully Congress, the executive branch, and the public as well - improves the
likelihood of sustained and meaningful accountability as new surveillance capabilities are developed and
implemented.
2nc – FISC special advocate solves
A public advocate would check FISC rubber stamping
Cetina 14– John Marshall Law School (Daniel, “Balancing Security and Privacy in 21st century America: A
Framework for FISA Court Reform”, John Marshall Law Review, Summer 2014,
http://heinonline.org/HOL/Page?collection=journals&handle=hein.journals/jmlr47&type=Text&id=1540
)//DBI
The first remedy involves appointing a privacy advocate whose sole duty would be to argue against the
government's warrant requests, in essence acting as a quasi-public defender or guardian of privacy
rights.' 0 ' Such an idea is already percolating in the House of Representatives.102 Retired Judge James
Robertson, who formerly presided over the FISA Court, claims this is a necessary step 0 3 because the
Court has frequently been merely a proverbial rubber stamp for surveillance requests.104 Indeed,
available literature suggests that the FISA Court grants over 90% of the government's requests. 105
Introducing a privacy advocate would effectively force the FISA Court to consider individual requests
from both perspectives: on the one hand, the government would present important security arguments,
while the privacy advocate would focus on potential or actual dangers to cognizable privacy interests.
This system would thereby promote equity in FISA Court proceedings and enable the public at large to
have a representative promote privacy.
A public advocate would be easy to implement and would reform much of the singlemindedness of the past FISC decisions
Schlanger 15 [Margo, Professor of Law at the University of Michigan Law School, and the founder and
director of the Civil Rights Litigation Clearinghouse., Intelligence Legalism and the National Security
Agency’s Civil Liberties Gap,
file:///C:/Users/Jonah/Downloads/Intelligence%20Legalism%20and%20the%20National%20Security%20
Agency-s%20Civil%20Li%20(2).pdf] Schloss3
Finally, it seems highly likely that in the near future, the FISA Court will gain a new process for occasional
appearance of a public or special advocate. This proposal has been endorsed in varying forms by the
Director of National Intelligence,393 the President’s Review Group,394 the PCLOB,3 and the
President.396 It was included in the recently-defeated Senate’s USA FREEDOM Act bill, which will be one
source for the next Congress’s work on the issue. 397 Even former FISA presiding Judge John Bates, now
the Director of the Administrative Office of the U.S. Courts, agrees in part.398 There is, however,
substantial disagreement about details—and the details matter.
The argument for such an advocate is straightforward: even if the government exhibits exemplary
candor as to facts, it cannot be relied upon to brief against its own authority. Because the issues are
complex and important, they deserve full adversarial development in support of better judicial decisionmaking. The arguments against are likewise easily summarized: There’s not enough for a special
advocate to do, since most issues before the FISA Court are not legally complex, and the facts will not be
available to the advocate. Adversarial process will be slower and more cumbersome without leading to
better decision-making. Indeed, it might lead to worse decision-making, because “adversarial process in
run-of-the-mill, fact-driven cases may erode” the government’s compliance with a “heightened duty of
candor to the Court.”399 Indeed, “intelligence agencies may become reluctant to voluntarily provide to
the Court highly sensitive information, or information detrimental to a case, because doing so would
also disclose that information to a permanent bureaucratic adversary.”400
The consensus for some form of public advocate does not encompass key details. The largest open
question is about access. Under the House version of the USA Freedom Act, FISA court public advocates
could have been excluded from factual or even legal presentations by the government to FISA judges
and their legal advisors.401 The Senate version of the bill, by contrast, specified that public advocates
would receive “access to all relevant legal precedent, and any application, certification, petition, motion,
or such other materials as are relevant to the duties of the special advocate.”402 Judge Bates, who
served for six years as a FISA Court judge, has written several letters to Congress,403 purportedly on
behalf of the judiciary,404 opposing a full-time, autonomous special advocate in the FISA Court. Those
letters pointed out, as a disadvantage, that inclusion of adversarial process would make the FISA Court
more court-like. Judge Bates explained that “FISC judges currently have substantial flexibility in deciding
how best to receive from the government information they consider relevant to a particular case.” That
flexibility, he suggested, could not survive inter partes procedural requirements:
In order for the FISC to abide by the procedural and ethical requirements that apply in adversarial
proceedings, and for the advocate to appear on equal footing with the applicant, the FISC would have to
ensure that the advocate was involved in all such interactions in any case in which the advocate may
participate. . . .We expect that the logistical challenges of administering such a three-way process for
more than a handful of cases would be considerable.405
The Obama Administration, unfortunately, seems to be favoring limiting access, as well: In a letter to
Senator Pat Leahy about the Senate bill, Attorney General Eric Holder and Director of National
Intelligence James Clapper opined that “the appointment of an amicus in selected cases…need not
interfere with…the process of ex parte [that is, one-party] consultation between the Court and the
government.”406
In fact, the FISA court and the public would be best served by a more empowered public advocate—one
who is authorized to appear even without invitation from the government or the court, and, still more
important, who is entitled to full access to information relevant to her duties. This would no doubt alter
the current one-party procedures before the FISA court. But that’s a feature, not a bug. The FISA Court’s
current procedures allow meetings quite unlike ordinary judicial hearings, even ex parte ones. In
advance advice from court staff to the government and iterative drafting are common. The 2009
PowerPoint slide deck already described is similarly odd for a judicial forum.”407 Other practices such as
an annual lunch bringing together FISA Court judges and legal advisors (and the Chief Justice) with the
heads of the CIA, NSA, and FBI likewise encourage the judges to see their own role as co-workers in the
administration of the intelligence community’s surveillance programs, supervising, for sure, but almost
from within. If a public advocate’s procedural rights disrupted this cozy relationship, that would be all to
the good. The salutary effect might be to reinforce the FISA judges’ role as arbiters of surveillance
legality, not coworkers in the administration of the IC’s surveillance programs.
If designed properly, this variation of an Office of Goodness could be essentially free from the ordinary
threats to that kind of organization’s influence and commitment. After all, the role of government-paid
court opponent is utterly familiar from the criminal justice system. Unlike agencies, where staff must
negotiate for a seat at decision-making tables, most courts have firm inter partes norms requiring access
for all parties.408 If Congress applies these norms to the FISA court, as it should, implementation will be
very familiar. As for capture, the analogous public defenders certainly sometimes allow organizational or
situational imperatives to subvert their assigned courtroom role, 409 but there seems far less reason to
worry about capture in this litigation setting than inside of agencies, at least if the public advocates are
not otherwise beholden to the agencies. If anything, the problem here might be too much single-minded
commitment, a strict preference for civil liberties over security—but of course the court, which would
remain the decider, is unlikely to become unduly single-minded. I therefore see a FISA Court public
advocate as a variant on an Office of Goodness whose institutional setting would—if it is well
designed—shield it from many of the landmines that usually threaten such an office’s influence or
commitment.
A FISC special advocate solves overreach
Sommer, 14 - The author is with ZwillGen PLLC in Washington, D.C.; a law firm that represented a
telecomm provider against a FISA order (Jacob, “FISA Authority and Blanket Surveillance: A Gatekeeper
Without Opposition” Litigation, Spring, Vol. 40 No. 3
http://www.americanbar.org/publications/litigation_journal/201314/spring/fisa_authority_and_blanket_surveillance_gatekeeper_without_opposition.html
One of the pending bills, Senator Blumenthal’s FISA Court Reform Act of 2013, Senate Bill 1460 and
Senate Bill 1467, provides an answer that, having had the experience of litigating before the FISC myself,
I believe could provide much needed improvements. That bill provides for a new Office of the Special
Advocate, which introduces an adversary to the court. (This is similar to the public privacy advocate that
President Obama recently proposed.) The act attempts to solve a basic problem with the current
oversight procedures: There is no true adversarial process for most of the legal issues that arise. The
newly declassified opinions the director of national intelligence has released make this abundantly clear.
Setting aside the legal arguments, the procedural history of the opinions indicates delays on the
government’s part, a lack of supervision after the court issues its orders, and a preference for secrecy
over public disclosure at any cost. Appointing a special advocate ad litem for the public would ensure
that novel legal arguments in the FISA court would face a consistent, steady challenge no matter who
the provider is, thereby strengthening the FISA process by subjecting results to checks and balances.
Without such a process, the court and the Department of Justice must work through difficult legal issues
with no balancing input. An advocate could participate in all cases involving a new statute or authority
or a new interpretation or application of an existing authority. The special advocate could choose the
cases in which to be involved, or the court or a provider that receives process could request its
involvement where an opposition would be useful to test and evaluate the government’s legal
arguments. The special advocate’s office could be established with proper security safeguards to draft,
store, and access classified records more efficiently. It could also be required to report to the public and
Congress the number of cases it has argued and how often it has limited or pared back the
government’s requests. It would provide a vital counterpoint for legislators exercising their oversight
duties.
The special advocate would be especially useful in cases in which the government demands access to
communications in a way that may have a profound effect on people other than the target, such as
when decryption may be involved or when a provider is asked to provide assistance in ways that are
unlike traditional wiretaps.
The FISC court advocate would be effective in reducing privacy concerns over NSA
surveillance
Vladeck, Professor of law, 14 [Stephen I., Standing and Secret Surveillance ,
http://moritzlaw.osu.edu/students/groups/is/files/2014/08/13-Vladeck.pdf] Schloss
This shortcoming may help to explain the growing support for proposals to have some kind of “special
advocate” participate in at least some cases before the FISA Court.103 Although the details vary, the
basic gist is that Congress would create an independent office staffed by (or a rotating panel of courtdesignated private) lawyers empowered to appear in at least some cases before the FISA Court,
specifically tasked with arguing against the government’s interpretation of the relevant statutory and
constitutional authorities. Such lawyers would have appropriate security clearances—allowing the FISA
Court to entertain such arguments in secret—and, under most of the proposals, would not formally
represent a “client.”104 Instead, their statutory obligation would be to play the devil’s advocate—to
assist the FISA Court by providing alternative possible readings of the same procedural, evidentiary,
statutory, and constitutional language on which the government has rested its application.105
At least with regard to proceedings before the FISA Court, the creation of a “special advocate,” however
conceived, should not raise any new Article III concerns (if anything, it should mitigate existing
constitutional objections with respect to the absence of adverseness before that court).106 Assuming
arguendo that these disputes already comport with Article III’s justiciability requirements, it is difficult to
see how adding a new party in suits initiated by the government as plaintiff would raise any new
concerns. Although reasonable people will certainly disagree about the wisdom of competing “special
advocate” proposals as a matter of policy, it is difficult to dispute their validity as a matter of law—at
least in proceedings before the FISA Court.107
A public advocate is critical to reforming the internal FISC system
Margulies 14 [Peter, Professor of Law, Dynamic Surveillance: Evolving Procedures in Metadata and
Foreign Content Collection After Snowden,
http://papers.ssrn.com/sol3/papers.cfm?abstract_id=2400809&download=yes] Schloss
A more institutionalized public voice at the FISC would be even more valuable than reliance on amici
curiae as a policy matter, for two reasons.289 First, a public advocate would enhance the reasoning in
FISC decisions. Although the FISC was correct in extending a measure of deference to the Executive on
the contours of the § 215 relevance standard in place at the time of Snowden’s disclosures, the FISC’s
reasoning left much to be desired. The 2006 FISC opinion, in particular, is truncated and conclusory,
offering virtually no analysis. The absence of analysis is problematic. The deliberation that Hamilton
extolled in Federalist No. 78 as judicial review’s hallmark requires statements of reasons.290 The
statement of reasons sends a useful signal to audiences for the judge’s decision, conveying the judge’s
seriousness and ongoing vigilance. In contrast, especially in the secret loop of the pre-Snowden
metadata program, a conclusory approval may send a signal to those who have sought judicial
authorization that they have more license than the court actually intends. This dynamic may have played
a role in the compliance issues that the FISC was forced to deal with in 2009.
The presence of a public advocate would prod the FISC to provide reasons for its decisions. The advocate
would receive all government requests. It would be empowered to intervene when it believed that a
matter raised novel legal issues, or when it certified to the FISC that there was a reasonable possibility
(10% or greater) that the government’s request failed to meet the statutory standard. The public
advocate would present the best legal and factual arguments against the government. The court would
then have to weigh the arguments, and explain why it selected one side. The entire process also signals
to the government that compliance is a serious matter.
Second, the seriousness imposed by a public advocate would compensate for an even bigger blind spot
in the current process: the barely adequate disclosure that the government has provided to Congress.
The “rogue robot” explanation for noncompliance furnished by the Justice Department in its December
2009 letter did not supply the comprehensive self-appraisal that Congress has a right to expect. While
the Leahy bill provides for more transparency, the cabined deliberation characteristic of Title 50
oversight may not prove sufficiently robust over the long haul. The work of the Privacy and Civil Liberties
Oversight Board (PCLOB), while exceptionally valuable, may also fail to completely close the gap. An
institutional advocate at the FISC would supplement legislative oversight, hedging against future deficits
in disclosure to Congress
AT: Special advocate links to terrorism
The special advocate functions ex post – ex ante advocacy compromises terrorism
investigations
Vladeck 15 – Professor of Law at American University Washington College of Law
(Stephen, THE CASE FOR A FISA “SPECIAL ADVOCATE,” 2 Texas A&M L. Rev. 2)//JJ
To be sure, Judge Bates is certainly correct that the participation of the special advocate should not
unduly interfere with the government’s ability to conduct lawful foreign intelligence surveillance
activities, especially ex ante. To that end, the special advocate might only be notified of a government
application under the relevant authorities once that application has been granted by FISC, at which
time the appointed advocate would have a fixed period of time within which to seek reconsideration of
the underlying ruling. Among other things, this approach would allow the government to act
expeditiously when circumstances warrant (lest an expressly legislated emergency exception otherwise
swallow the rule), and would preserve the status quo (in which authorization has been provided by the
FISC) until and unless the special advocate convinces the FISC judge, the FISCR, or the Supreme Court to
vacate such authorization. And, of course, if the special advocate prevails before either the FISC or
FISCR, the government retains the option of seeking a stay of the ruling in question to continue the
underlying surveillance pending appeal.
A FISA court advocate still operates within a covert regime – the target of surveillance
is never alerted
Patel and Goitein, 15 – *co-director of the Liberty and National Security Program at the Brennan Center
for Justice AND ** co-directs the Brennan Center for Justice’s Liberty and National Security Program
(Faiza and Liza, “Fixing the FISA Court by Fixing FISA: A Response to Carrie Cordero” 4/8, Lawfare,
http://www.lawfareblog.com/fixing-fisa-court-fixing-fisa-response-carrie-cordero
We would be providing greater ability to challenge surveillance to foreign intelligence targets, than to
subjects of criminal investigation domestically, for whom wiretap applications are approved in camera
ex parteby district court judges and magistrates.
In fact, foreign intelligence targets would have no ability to challenge surveillance under our Special
Advocate proposal. They would not be able to choose and hire an attorney to present their case, and to
communicate to this attorney the facts only they could know. Instead, they would remain ignorant of
the surveillance, and a Special Advocate would do his/her best to present a case without their help or
involvement. By contrast, subjects of searches in criminal cases are informed of the search. At a
minimum, then, they can bring a civil suit, and they often have the opportunity to challenge the search
as part of a criminal trial (an opportunity that’s rare in foreign intelligence cases). They can do so with
full knowledge of their own actions and with an attorney of their choosing who works only for them.
When it comes to the ability to challenge surveillance, the advantage clearly belongs to the subject of
the criminal search, even under our proposal.
2nc terrorism link wall – FAA restrictions
FISA’s authority alone is insufficient to prevent terrorism – the government needs the
widest possible net, including domestic surveillance
Posner, 6 - judge on the United States Court of Appeals for the Seventh Circuit in Chicago and a Senior
Lecturer at the University of Chicago Law School (Richard, Not a Suicide Pact: The Constitution in Time of
National Emergency, p. 94-96
According to the administration, these are just interceptions of communications to and from the United
States in which one of the parties is suspected of terrorist connections, though the suspicion does not
rise to the probable-cause level that would be required for obtaining a warrant. There may be more to
the program, however. Most likely the next terrorist attack on the United States will, like the last one,
be mounted from within the country but be orchestrated by leaders safely ensconced somewhere
abroad. If a phone number in the United States is discovered to have been called by a known or
suspected terrorist abroad, or if the number is found in the possession of a suspected terrorist or in a
terrorist hideout, it would be prudent to intercept all calls, domestic as well as international, to or from
that U.S. phone number and scrutinize them for suspicious content. But the mere fact that a suspected
or even known terrorist has had a phone conversation with someone in the United States or has
someone’s U.S. phone number in his possession doesn’t create probable cause to believe that the other
person is also a terrorist; probably most phone conversations of terrorists are with people who are not
themselves terrorists. The government can’t get a FISA warrant just to find out whether someone is a
terrorist; it has to already have a reason to believe he’s one. Nor can it conduct surveillance of terrorist
suspects who are not believed to have any foreign connections, because such surveillance would not
yield foreign intelligence information.
FISA has yet another gap. A terrorist who wants to send a message can type it in his laptop and place it,
unsent, in an e-mail account, which the intended recipient of the message can access by knowing the
account name. The message itself is not communicated. Rather, it’s as if the recipient had visited the
sender and searched his laptop. The government, if it intercepted the e-mail from the intended recipient
to the account of the “sender,” could not get a FISA warrant to intercept (by e-mailing the same
account) the “communication” consisting of the message residing in the sender’s computer, because
that message had never left the computer.
These examples suggest that surveillance outside the narrow bounds of FISA might significantly
enhance national security . At a minimum, such surveillance might cause our foreign terrorist enemies
to abandon or greatly curtail their use of telephone, e-mail, and other means of communicating
electronically with people in the United States who may be members of terrorist sleeper cells. Civil
libertarians believe that this is bound to be the effect of electronic surveillance, and argue that therefore
such surveillance is futile. There is no “therefore.” If the effect of electronic surveillance is to close down
the enemy’s electronic communications, that is a boon to us because it is far more difficult for terrorist
leaders to orchestrate an attack on the United States by sending messages into the country by means of
couriers. But what is far more likely is that some terrorists will continue communicating electronically,
either through carelessness— the Madrid and London bombers were prolific users of electronic
communications, and think of all the drug gangsters who are nailed by wiretaps—or in the mistaken
belief that by using code words or electronic encryption they can thwart the NSA. (If they can, the
program is a flop and will be abandoned.) There are careless people in every organization. If al-Qaeda is
the exception, civil libertarians clearly are underestimating the terrorist menace! In all our previous
wars, beginning with the Civil War, when telegraphic communications were intercepted, our enemies
have known that we might intercept their communications, yet they have gone on communicating and
we have gone on intercepting. As for surveillance of purely domestic communications, it would either
isolate members of terrorist cells (which might, as I said, have no foreign links at all) from each other or
yield potentially valuable information about the cells.
FISA’s limitations are borrowed from law enforcement. When a crime is committed, the authorities
usually have a lot of information right off the bat—time, place, victims, maybe suspects—and this
permits a focused investigation that has a high probability of eventuating in an arrest. Not so with
national security intelligence, where the investigator has no time, place, or victim and may have scant
idea of the enemy’s identity and location; hence the need for the wider, finer-meshed investigative
net . It is no surprise that there have been leaks from inside the FBI expressing skepticism about the NSA
program. This skepticism reflects the Bureau’s emphasis on criminal investigations, which are narrowly
focused and usually fruitful, whereas intelligence is a search for the needle in the haystack. FBI agents
don’t like being asked to chase down clues gleaned from the NSA’s interceptions; 999 out of 1,000 turn
out to lead nowhere. They don’t realize that often the most that counterterrorist intelligence can hope
to achieve is to impose costs on enemies of the nation (as by catching and “turning” some, or forcing
them to use less efficient means of communication) in the hope of disrupting their plans. It is mistaken
to think electronic surveillance a failure if it doesn’t intercept a message giving the time and place of the
next attack.
Bureaucratization of ex ante review undermines counter-terrorism investigations
Harvard Law Review, 8 – no author cited, “SHIFTING THE FISA PARADIGM: PROTECTING CIVIL LIBERTIES
BY ELIMINATING EX ANTE JUDICIAL APPROVAL” http://cdn.harvardlawreview.org/wpcontent/uploads/pdfs/shifting_the_FISA_paradigm.pdf
3. The Demands of National Security. — Finally, while the focus of this Note is on the protection of civil
liberties, the current system may also do a poor job of promoting security. From an institutional
competence perspective, it seems questionable that judges should occupy a gatekeeping role. Indeed,
all the reasons discussed above that judges have invoked in reducing their own authority over such
issues apply with equal force here.77
The inefficiencies of the current system are even more problematic. Given the permissiveness of the
statutory standards and the FISA courts, inefficiency is the primary motivating force behind attempts to
reduce judicial oversight. As DOJ has noted, “[n]umerous Congressional and Executive Branch reviews of
the FISA process have recommended that the FISA process be made more efficient.”78 Others are more
forthright, describing the FISC order procedures as “hopelessly slow and bureaucratic.”79 On the whole,
“if we are seeking a model of judicial review that advances security, there is little reason to think that
the FISA Court, at least as currently set up, advances that goal.”80
FISA can’t identify unknown terrorists – advance surveillance is necessary to generate
enough information
Sales, 14 - Associate Professor of Law, Syracuse University College of Law (Nathan, I/S: A Journal of Law
and Policy for the Information Society, “Domesticating Programmatic Surveillance: Some Thoughts on
the NSA Controversy” 10 ISJLP 523, Summer, lexis)
Programmatic surveillance thus can help remedy some of the difficulties that arise when monitoring
covert adversaries like international terrorists. FISA and other particularized surveillance tools are useful
when authorities want to monitor targets whose identities are already known. But they are less useful
when authorities are trying to identify unknown targets. The problem arises because, in order to obtain
a wiretap order from the FISA court, the government usually must demonstrate probable cause to
believe that the target is a foreign power or agent of a foreign power. n39 This is a fairly straightforward
task when the target's identity is already known--e.g., a diplomat at the Soviet embassy in Washington,
DC. But the task is considerably more difficult when the government's reason for surveillance is to
detect targets who are presently unknown--e.g., al-Qaeda members who operate in the shadows. How
can you convince the FISA court that Smith is an agent of a foreign power when you know nothing about
Smith--his name, nationality, date of birth, location, or even whether he is a single person or several
dozen? The government typically won't know those things unless it has collected some information
about Smith--such as by surveilling him. And there's the rub. Programmatic monitoring helps avoid the
crippling Catch-22 that can arise under particularized surveillance regimes like FISA: officials can't surveil
unless they show that the target is a spy or terrorist, but sometimes they can't show that an unknown
target is a spy or terrorist unless they have surveilled him.
Ex post restrictions can protect information being used against people for anything
other than preventing terrorism
Posner, 6 - judge on the United States Court of Appeals for the Seventh Circuit in Chicago and a Senior
Lecturer at the University of Chicago Law School (Richard, Not a Suicide Pact: The Constitution in Time of
National Emergency, p. 98-101)
Concerns with privacy could be alleviated, moreover, by adopting a rule forbidding the intelligence
services to turn over any intercepted communications to the Justice Department for prosecution for any
offense other than a violation of a criminal law intended for the protection of national security. Then
people would not worry that unguarded statements in private conversations would get them into
trouble. Such a rule would be a modification, urged in a parallel setting by Orin Kerr, of the “plain view”
doctrine of search and seizure. That doctrine, another of the exceptions to the requirement of a warrant
to search or seize, allows the seizure of evidence that the police discover in plain view in the course of
an unrelated lawful search—even though the discovery is accidental and a warrant could not have been
obtained to search for the evidence discovered. But what if an intelligence officer, reading the transcript
of a phone conversation that had been intercepted and then referred to him because the search engine
had flagged it as a communication possibly possessing intelligence value, discovers that one of the
parties to the communication seems to be planning a murder, though a murder having nothing to do
with any terrorist plot? Must the officer ignore the discovery and refrain from notifying the authorities?
Though the obvious answer is no, my answer is yes.
There is much wild talk in private conversations. Suppose the communication that has been intercepted
and read for valid national security reasons contains the statement “I’ll kill the son of a bitch.” The
probability will be very high that the statement is hyperbole, that there is no serious intent to kill
anyone. But suppose intelligence officers have been told that if a communication they read contains
evidence of crime, they should turn it over to the FBI. The officer in my hypothetical case does that, and
the Bureau, since the matter has been referred to it by a government agency, takes the threat seriously
and investigates (or turns the matter over to local police for investigation, if no federal crime is
suspected). As word of such investigations got around, people would learn that careless talk in
seemingly private conversations can buy them a visit from the FBI or the police. At this point the risk
that national security surveillance would significantly deter candor in conversation would skyrocket. It is
more important that the public tolerate extensive national security surveillance of communications than
that an occasional run-of-the-mill crime go unpunished because intelligence officers were not permitted
to share evidence of such a crime with law enforcement authorities. But if the evidence is of a crime
related to national security, then sharing it with law enforcement authorities is appropriate and should
be (and is) required. Other exceptions may be needed. Suppose that what is overheard is a conversation
that identifies one of the parties as a serial killer. Serial killing is not terrorism, but it is such a serious
crime that clues to it picked up in national security surveillance should be communicated to law
enforcement authorities.
If such a rule (with its exceptions) were in place, I believe that the government could, in the present
emergency, intercept all electronic communications inside or outside the United States, of citizens as
well as of foreigners, without being deemed to violate the Fourth Amendment, provided that computers
were used to winnow the gathered data, blocking human inspection of intercepted communications
that contained no clues to terrorist activity. We know that citizens (and permanent residents) can be
terrorists operating against their country, even without any foreign links. The United States has had its
share of U.S. citizen terrorists, such as the Unabomber and Timothy McVeigh and presumably whoever
launched the anthrax attack on the East Coast in October 2001. The terrorist bombings of the London
subway system in July 2005 were carried out by British citizens. And U.S. persons who are not terrorists
or even terrorist sympathizers might have information of intelligence value—information they might be
quite willing to share with the government if only they knew they had it. The information that enables
an impending terrorist attack to be detected may be scattered in tiny bits that must be collected,
combined, and sifted before their significance is apparent. Many of the bits may reside in the e-mails or
phone conversations of innocent people, such as unwitting neighbors of terrorists, who may without
knowing it have valuable counterterrorist information—one consequence of the jigsaw puzzle character
of national security intelligence.
A further question, however, is whether the Fourth Amendment should be deemed to require warrants
for such surveillance. The Keith case that I mentioned earlier held that warrants are required for
conducting purely domestic surveillance even when the purpose is to protect national security, though
the Court suggested that perhaps the probable-cause requirement could be attenuated. It would have
to be. If the goal of surveillance is not to generate evidence of criminal activity but to detect terrorist
threats, including those too incipient to be prosecutable as threats, and even threats of which the
persons under surveillance may be unaware because the significance of the clues they possess eludes
them, then to insist that the investigators establish probable cause to believe criminal activity is afoot
will be to ask too much. The amendment’s requirement of particularity of description of what is to be
searched or seized would also have to be relaxed for surveillance warrants adequate to national security
to be feasible, because intelligence officers will often not have a good idea of what they are looking for.
Requiring a particular demonstration of threat wrecks terrorism investigations
Posner, 6 - judge on the United States Court of Appeals for the Seventh Circuit in Chicago and a Senior
Lecturer at the University of Chicago Law School (Richard, Not a Suicide Pact: The Constitution in Time of
National Emergency, p. 138-141)
Civil libertarians argue that the government ought to be required to demonstrate that it has a
reasonable basis for believing that the person to whom the records pertain is involved in terrorist
activity. But as should be clear by now, that would be too restrictive a requirement . To impose it
would be either to misunderstand the needs of intelligence or to underestimate the value of intelligence
in the struggle against terrorism (or perhaps to underestimate the terrorist threat). Information about
an individual who is not part of a terrorist ring may nevertheless be highly germane to an investigation
of the ring or, what may be as important, to an investigation aimed at discovering the existence of such
rings. The information might concern an imam who, though not himself involved in terrorism, was
preaching holy war. It might concern family members of a terrorist, who might have information about
his whereabouts. It might consist of sales invoices for materials that could be used to create weapons of
mass destruction, or of books and articles that expressed admiration for suicide bombers.
The impact of section 215 on civil liberties is quite limited— only a few dozen section 215 demands have
been served on libraries. Most records custodians will, as I said, voluntarily hand over nonprivileged
records to the government when told the records may contain information relevant to national security.
A custodian’s refusal to disclose the records might generate enough suspicion to enable the government
to obtain a subpoena even under a much narrower version of section 215.
One understands, though, why civil libertarians have labeled section 215 the “libraries provision”
despite its being used so rarely against libraries. To discover what people have been reading, as distinct
from discovering their financial or health status, is to gain insight into what they are thinking—and what
they are planning. This is why the government might want to obtain a record of a person’s library
borrowings (not to mention his bookstore purchases, records of which also fall within the scope of
section 215). And when the quest for knowledge of what a person is thinking is driven by concern with
terrorism, which is almost always politically motivated, success in the quest is likely to include the
acquisition of a comprehensive picture of the subject’s political beliefs. Knowing that the government is
seeking to compile such pictures, people of unorthodox views may hesitate to buy or borrow books that
express such views. This is the same issue that is raised by the government’s conducting surveillance of
mosques. Whether such surveillance presents Fourth Amendment problems depends on the method
used to conduct it; surveillance as such, as we saw in Chapter 4, does not violate the First Amendment
despite its undoubted effect on the exercise of free speech.
The Miller line of decisions, in holding that a voluntary disclosure of information manifests a willingness
to waive or forfeit any right of privacy, seems unrealistic about the meaning not only of “voluntary” but
also of “privacy” itself. Informational privacy does not mean refusing to share information with
everyone. Obviously a telephone conversation is not private in that sense, nor a letter, nor a
conversation between spouses or friends. Every conversation is at least twosided. The fact that I disclose
symptoms of illness to my doctor does not make my health a public fact, especially if he promises (or the
rules of the medical profession require him) not to disclose my medical history to anyone without my
permission.
One must not confuse solitude with secrecy; they are distinct forms of privacy. Solitude fosters
individualistic attitudes; conversely, the constant presence of other people or the sense of being under
constant surveillance enforces conformity. But one also needs freedom to communicate in private. The
planning of organized activity obviously is impossible without communication; less obviously, productive
independent thinking almost always requires bouncing ideas off other people. And few of us are
sufficiently independent-minded to persist in an unorthodox idea if we don’t discover that others share
it.
If “liberty” in the Fifth Amendment’s due process clause can connote sexual freedom, and “due process”
can be understood to require that any restriction on liberty be no greater than is necessary, why can’t
there be a due process right to control information about oneself that is not already public knowledge,
unless one is trying to use that control for unlawful ends or the government has a pressing need for the
information? Maybe there can be—provided, however, that the “pressing need” qualification is taken
seriously. Constitutional rights, as we have seen throughout this book, are not absolutes whose scope is
fixed without regard to competing interests. How much information about oneself one should be
permitted to withhold from the government depends critically on how valuable the information is to the
government. In an era of global terrorism and proliferation of weapons of mass destruction, the
government has a compelling need to gather, pool, sift, and search vast quantities of information, much
of it personal.
Restrictions on collection of data aid terrorism – protections against misuse of data
solve better
Posner, 6 - judge on the United States Court of Appeals for the Seventh Circuit in Chicago and a Senior
Lecturer at the University of Chicago Law School (Richard, Not a Suicide Pact: The Constitution in Time of
National Emergency, p. 143-144)
Privacy is the terrorist’s best friend , and the terrorist’s privacy has been enhanced by the same
technological developments that have both made data mining feasible and elicited vast quantities of
personal information from innocents: anonymity combined with the secure encryption of digitized data
makes the Internet a powerful tool of conspiracy. The government has a compelling need to exploit
digitization in defense of national security. But if this is permitted, intelligence officers are going to be
scrutinizing a mass of personal information about U.S. citizens. And we know that people don’t like even
complete strangers poring over the details of their private lives. But the fewer of these strangers who
have access to those details and the more professional their interest in them, the less the affront to
privacy. One reason people don’t much mind having their bodies examined by doctors is that they know
that doctors’ interest in bodies is professional rather than prurient; we can hope that the same is true of
intelligence professionals.
The primary danger of such data mining is leaks by intelligence personnel to persons inside or outside
the government who might use the leaked data for improper purposes. Information collected by a
national security data-mining program would have to be sharable within the national security
community, which would include in appropriate cases foreign intelligence services, but not beyond.
Severe sanctions and other security measures (encryption, restricted access, etc.) could and should be
imposed in order to prevent—realistically, to minimize—the leakage of such information outside the
community. My suggestion in the last chapter that the principle of the Pentagon Papers case be relaxed
to permit measures to prevent the media from publishing properly classified information would
reinforce protection of the privacy of information obtained by national security data mining.
I have said both that people value their informational privacy and that they surrender it at the drop of a
hat. The paradox is resolved by noting that as long as people don’t expect that the details of their
health, love life, or finances will be used to harm them in their interactions with other people, they are
content to reveal those details to strangers when they derive benefits from the revelation. As long as
intelligence personnel can be trusted to use their knowledge of such details only for the defense of the
nation, the public will be compensated for the costs of diminished privacy in increased security from
terrorist attacks.
Distinguishing between domestic and foreign targets in advance is frequently
impossible
Harvard Law Review, 8 – no author cited, “SHIFTING THE FISA PARADIGM: PROTECTING CIVIL LIBERTIES
BY ELIMINATING EX ANTE JUDICIAL APPROVAL” http://cdn.harvardlawreview.org/wpcontent/uploads/pdfs/shifting_the_FISA_paradigm.pdf
4. The Nature of Terrorism. — Institutional limitations are especially pressing given the vagaries of
“terrorism.”66 Substantial gray areas exist in distinguishing domestic from foreign and criminal from
intelligence interests. Courts, fearful of treading too heavily in the national security arena, will be loath
to tell the government that someone it has determined to be connected to terrorism is in fact being
targeted unfairly for his or her religion or national origin.
Indeed, recent statutory developments have greatly clouded the already difficult task of making such
distinctions. For example, the legislative move from “primary” to “significant” purpose discussed above,
and the related tearing down of the “wall” that prevented information sharing between intelligence and
law enforcement entities,67 means that a court must accuse the government of not reasonably
suspecting a target’s involvement with terrorism if it is to deny an application. Similarly, the standard for
pen/trap orders68 was lowered from a showing that the device was used to communicate with an agent
of a foreign power under the old 50 U.S.C. § 1842(c)(3) to a much lower showing of “relevant to an
ongoing investigation” under the new 50 U.S.C. § 1842(c)(2). Whereas before the FISC may at least have
been able to point to the relatively objective question of whether an individual was in fact an agent of a
foreign power, the current loose standard would force the court to tell the government that the desired
target bore no relevance to a terrorism investigation.
AT: Privacy agency now
The CP’s mandate is different – squo privacy agencies aren’t coordinated, the CP
elevates it to cabinet level status
Hill 14* Technology policy consultant at Monitor 360, fellow of the Global Governance Futures 2025
program at the Brookings Institution (Jonah, “THE GROWTH OF DATA LOCALIZATION POST-SNOWDEN:
ANALYSIS AND RECOMMENDATIONS FOR U.S. POLICYMAKERS AND BUSINESS LEADERS” p.31)//GK
At present, there is no single point-person in the U.S. government coordinating data flow issues, or
advocating on behalf of the U.S. for freedom of data flows. The head of the Federal Trade Commission, the U.S. Trade
Representative, the Privacy and Civil Liberties Oversight Board, the Department of Commerce (importantly, the Deputy
Assistant Secretary for Services), the Chief Privacy Officer of the NSA, several individuals within the Department of State (importantly the U.S.
Coordinator for International Communications and Information Policy) as
well as many, many others, are all working on the
problem, but largely separately, with inevitably separate institutional viewpoints and objectives. While multiple
individuals and agencies should be addressing the issue simultaneously, there is a need for a single coordinating office to
track and manage this vital economic issue. Perhaps an office of Chief Privacy Officer in the U.S. State Department and/or U.S.
Trade Representative could be developed, or the newly-created White House Chief Privacy Officer position could take on this broader
international responsibility. President Obama has suggested, in a speech delivered at the U.S. Department of Justice on January 17, 2014, that
his administration plans to create a new position at the U.S. State Department “to coordinate [American] diplomacy on issues related to
technology and signals intelligence.”121 This new role – which has only been vaguely described – could also potentially fill the leadership
vacuum within the U.S. government on these issues. However the reorganization happens, is
clear that the current bureaucratic
arrangement needs to be restructured to ensure that the anti- localization outreach strategy is
effectively coordinated and harmonized across the entire U.S. government and among U.S. industry leaders.
AT: Judge ignores advocate
The CP makes a special advocate mandatory – FISC judges can’t decline them
Vladeck 15 – Professor of Law at American University Washington College of Law
(Stephen, THE CASE FOR A FISA “SPECIAL ADVOCATE,” 2 Texas A&M L. Rev. 2)//JJ
As the metadata program illustrates, many of the applications that would otherwise trigger such review
are nothing more than requests to re-authorize programs already approved by the FISC under the same
rationale. Thus, after a transitional period during which preexisting rulings could all be revisited at least
once, the special advocate’s participation could further be limited to cases in which the government is
either (1) seeking an initial authorization for a new program and/or recipient; (2) seeking a
reauthorization under materially different facts / technological capabilities; or (3) seeking a
reauthorization under a materially different legal theory. Because of the modest number of cases in
which the special advocates would thereby participate, it should follow, as provided in the Schiff bill,
their participation in such cases should be mandatory , and not up to the discretion of FISC judges. But a
protocol where FISC is separately empowered to invite the participation of a (again, randomly selected)
special advocate in any other case in which her participation is not already provided for would also make
sense.
AT: Executive branch capture
Designating a pool of security-cleared lawyers solves the perception of executive
branch capture
Vladeck 15 – Professor of Law at American University Washington College of Law
(Stephen, THE CASE FOR A FISA “SPECIAL ADVOCATE,” 2 Texas A&M L. Rev. 2)//JJ
III. THE WAY FORWARD FOR CREATING A SPECIAL ADVOCATE
a. Policy Issue #1: Where and How Should the Position be Constituted and Overseen?
As detailed above, there are three principal approaches to how and where a special advocate should be
constituted and overseen. Two of the more common variants favor the creation of a new government
entity, located in either the Executive or Judicial Branch, with appointments controlled by a combination
of the PCLOB, FISCR, National Security Division of the Department of Justice, and/or Chief Justice of the
United States. A third iteration, seen for example in the Schiff bill, endorses a model more analogous to
the “CJA panel” in federal criminal cases, 60 pursuant to which a rotating roster of specially selected and
security-cleared private lawyers would be empowered to participate on similar terms, but would remain
structurally independent from any branch of the government.
There are several reasons that commend the latter approach over the former: First , no matter how
much independence Congress seeks to invest in the office, there will always be the perception that a
special advocate who works in and for the government will not be as well situated to take positions
adverse to the Executive Branch as these proposals appear to contemplate. To similar effect, concerns
might also arise that, so long as the special advocate is only litigating a hyperspecific set of statutory and
constitutional issues in a hyperspecific set of cases, she may be less able to capitalize upon
developments in other areas of the law and/or become more subject to “capture” by the very entities
she is seeking to serve as a check against. Whereas criminal lawyers would be especially privy to
developments in, among other things, Fourth Amendment jurisprudence, one could worry that a
uniquely tasked “special advocate” would develop such a niche practice as to become insulated from
such doctrinal shifts. And as the Schiff bill suggests, it would not be that difficult as a matter of drafting
or policy to create a panel of specially designated , security-cleared lawyers who would rotate through
relevant cases while maintaining their regular practice. Indeed, a variation on this theme already exists
in criminal prosecutions involving classified information.61
Nor is there anything to the argument that security-cleared private lawyers cannot be trusted to handle
such sensitive information. 62 Indeed, there is no evidence to date that a security-cleared counsel has
ever been responsible for an unauthorized disclosure of classified information.
Instead, the principal objection such an approach is likely to provoke stems from the potential diffusion
of responsibility (and, as such, of knowledge and experience) among a panel of private lawyers, as
opposed to a hierarchical government office with a specific head. It might then become harder for the
individual lawyers to keep abreast of developments in other FISC cases, and, as such, to appreciate
developments in the law from case to case. This concern can largely be mitigated, though, by the
relatively small number of cases in which the participation of special advocates should be required.
Because I agree with Judge Bates that special advocates won’t be necessary in the vast majority of FISC
applications, the ultimate pool of special advocates will be relatively modest in size—and it will
therefore not be particularly difficult for the members of that pool to share knowledge and otherwise
collaborate across the spectrum of cases in which they would be authorized to participate.
AT: Perm do both
The perm links to terrorism – the existing FAA structure is carefully balanced to allow
ex post review. Increasing the ex ante nature of the FAA could wreck terrorism
investigations
Blum, 9 (Stephanie, “WHAT REALLY IS AT STAKE WITH THE FISA AMENDMENTS ACT OF 2008 AND IDEAS
FOR FUTURE SURVEILLANCE REFORM” 18 B.U. Pub. Int. L.J. 269, Spring, lexis)
In sum, under traditional FISA, certain kinds of international communications have always been
completely outside of FISA review. Under the FAA, there is now FISC reviews of targeting and
minimization procedures as well as the ex post oversight mechanisms. Additionally, it is not even clear
that a warrant would be required to gather foreign intelligence within the country. While per Keith, a
warrant is required if the threat is solely domestic, it is unsettled whether a warrant is required when
there is a connection to a foreign power. Significantly, in August 2008, the FISCR upheld the
constitutionality of the PAA (that had expired) explicitly finding that there was a foreign intelligence
exception to the Fourth Amendment warrant requirement. n241 Although the petitioners
(telecommunication companies who did not want to comply with an order under the PAA) argued that
the PAA would result in incidental communications of innocent Americans being retained due to
warrantless surveillance of people reasonably believed to be overseas, the FISCR rejected that
argument. It stated, "The petitioner's concern of incidental collections is overblown. It is settled beyond
peradventure that incidental collections occurring as a result of constitutionally permissible acquisitions
do not render those acquisitions unlawful." n242
The FISCR's holding that the PAA was constitutional means that it would likely find the FAA - which has
more judicial review and reporting requirements than the PAA - to be similarly lawful. Hence, it seems a
legal stretch to maintain that the government needs a warrant when it targets foreign nationals
overseas who may incidentally communicate with U.S. persons in the United States. While the FAA, as
applied to U.S. persons, must still be reasonable under the Fourth Amendment, given the FISCmonitored minimization procedures and ex post oversight mechanisms, it seems that the FAA has struck
a [*306] nuanced compromise between the need to expeditiously gather foreign intelligence, and the
protection of civil liberties.
Furthermore, compared to traditional FISA, the FAA relies more heavily on ex post oversight
mechanisms than on ex ante warrants based on individualized suspicion - and this may be a benefit.
Several scholars have questioned the effectiveness of FISA's ex ante warrants issued by a secret court
based on only one-sided information provided by the government. n243 Critics of FISA argue that
because the FISC approves virtually all requests for warrants, it merely serves as a rubber stamp and
does not provide any genuine judicial review. The FISC has, indeed, approved almost all warrant
requests - as of 2006, the FISC had approved all but five out of over 17,000 requests. n244 According to
a Note written by the Harvard Law Review, ex ante judicial review to conduct foreign surveillance may
be counterproductive and unworkable:
The [FISC] judge lacks a skeptical advocate to vet the government's legal arguments, which is of crucial
significance when the government is always able to claim the weight of national security expertise for its
position. It is questionable whether courts can play this role effectively, and, more importantly, whether
they should. n245
Because the FISC has no way to evaluate the facts presented by the government, it has to assume that
the government-provided facts are correct. Problematically, the FISC identified evidence of
governmental misstatements and omissions of material facts in seventy-five FISA applications. n246 This
evidence did not come to light until after the FISC issued the warrants. n247
Judges are also extremely deferential to claims of national security, especially when they "must weigh
the national security necessity ex ante, rather than being asked to review it after the fact." n248 The
Harvard Note argues that "ex ante judicial review is not only of limited effectiveness, but it is also
affirmatively harmful " in that it "imparts a broader imprimatur of validity than is warranted given the
limited effectiveness of judicial review." n249 Hence, as the Note observes, ex ante judicial review may
impede security without providing any real privacy interest protection. n250 Therefore, the Note
argues that "Congress is better situated constitutionally and better equipped institutionally to make the
sort of value judgments and political determinations that are necessary [*307] to fulfill FISA's
purposes." n251 The Note concludes that "those concerned with protecting civil liberties should view an
end to reliance on ex ante judicial review as a chance to develop real political checks that can vigorously
protect both national security and liberty interests." n252
The permutation increases the burden on the government and inhibits investigations
Kerr, 10 - Professor, George Washington University Law School (Orin, “EX ANTE REGULATION OF
COMPUTER SEARCH AND SEIZURE” Virginia Law Review, October, SSRN)
At the same time, all of the ex ante restrictions will necessarily be poor proxies for an ex post review of
reasonableness. Instead of substituting for ex post review of reasonableness, ex ante restrictions
supplement those restrictions. Ex ante limitations force the government to follow two sources of law:
the reasonableness of executing the warrant imposed by reviewing courts ex post, and the restrictions
imposed by the magistrate judge ex ante. If the ex ante restrictions happen to be modest, or are drafted
in a way that ensures that they are always less than or equal to the restrictions of reasonableness ex
post, then such restrictions will merely replicate the ex post reasonableness determinations. But every
time an ex ante restriction goes beyond ex post reasonableness, the restrictions will end up prohibiting
the government from doing that which is constitutionally reasonable. The limitations will be
unreasonable limitations caused by judicial error.
Ex ante restrictions are highly error prone
Kerr, 10 - Professor, George Washington University Law School (Orin, “EX ANTE REGULATION OF
COMPUTER SEARCH AND SEIZURE” Virginia Law Review, October, SSRN)
Ex ante restrictions tend to introduce constitutional errors in this environment. To be sure, such
restrictions stem from the best of intentions: they reflect a good-faith effort to identify what will be
constitutionally reasonable.201 However, ex ante predictions of reasonableness will be more error
prone than ex post assessments for two major reasons. First, ex ante restrictions require courts to “slosh
[their] way through the factbound morass of reasonableness” 202 without actual facts. Second, ex ante
restrictions are imposed in ex parte hearings without legal briefing or a hearing. Both reasons suggest
that ex ante restrictions often will inaccurately gauge the reasonableness of how warrants are executed.
The major difficulty with ex ante restrictions is that the reasonableness of executing a warrant is highly
factbound, and judges trying to impose ex ante restrictions generally will not know the facts needed to
make an accurate judgment of reasonableness. Granted, magistrate judges might have a ballpark sense
of the facts, from which they might derive a sense of what practices are ideal. For example, they might
think that it is unreasonable to seize all of a suspect’s home computers if on-site review is possible.
Alternatively, they might think it is unreasonable to conduct a search for image files if the warrant only
seeks data not likely to be stored as an image. They might think it is unreasonable to keep a suspect’s
computer for a very long period of time without searching it. All of these senses will be based on a rough
concept of how the competing interests of law enforcement and privacy play out in typical computer
searches and seizures.
At the same time, these ballpark senses of reasonableness can never improve past very rough
approximation. A magistrate judge cannot get a sense of the exigencies that will unfold at each stage of
the search process. The reasonableness of searching on-site will not be known until the agents arrive
and determine how many computers are present, what operating systems they use, and how much
memory they store. The needed time window before the government searches the seized computer
depends on how much the government can prioritize that case over other cases, given existing forensic
expertise and resources, as well as which agency happens to be working that case.203 The
reasonableness of different search protocols depends on the operating systems, an analyst’s expertise in
forensics, which forensics programs the government has in its possession, what kind of evidence the
government is searching for, and whether the suspect has taken any steps to hide it.204 Finally, the
reasonableness of retaining seized computers that have already been searched depends on whether the
government might need the original computer as evidence or whether it ends up containing contraband
that should not be returned and is subject to civil forfeiture. 205
The magistrate presented with an application for a warrant simply cannot know these things. Judges are
smart people, but they do not have crystal balls that let them predict the number and type of computers
a suspect may have, the law enforcement priority of that particular case, the forensic expertise and
toolkit of the examiner who will work on that case, whether the suspect has tried to hide evidence, and
if so, how well, and what evidence or contraband the seized computers may contain. Magistrate judges
can make ballpark guesses about these questions based on vague senses of what happens in typical
cases. But even assuming they take the time to learn about the latest in law enforcement resources and
the computer forensics process—enough to know about typical cases—they cannot do more than come
up with general rules that they think are useful for those typical cases.
The errors of ex ante restrictions are particularly likely to occur because warrant applications are ex
parte. The investigators go to the judge with an affidavit and a proposed warrant.206 The judge reads
over the materials submitted. The judge can modify the warrant, but his primary decision is whether to
sign or reject it. The entire process takes a matter of minutes from start to finish. No hearing occurs.
There is no testimony beyond the affidavit in most cases, and the affidavit usually contains only
standard language about computer searches.207 A prosecutor may be present, but need not be.
Obviously, no representative of the suspect is present to offer witnesses or argument.
In that setting, judges are particularly poorly equipped to assess reasonableness. The most they can
develop is a standard set of ex ante restrictions that they use in all computer warrants, perhaps one
shared with other magistrate judges in their district. More careful scrutiny is both impractical and
unlikely. The ability of a magistrate judge to assess reasonableness in that setting is a far cry from her
ability to rule on reasonableness in an ex post hearing, in which agents and experts can take the stand
and counsel for the defendant can cross-examine the agent, offer his own witnesses, submit written
briefs, and present oral argument.
Ex post review significantly decreases the risk of judicial errors
Kerr, 10 - Professor, George Washington University Law School (Orin, “EX ANTE REGULATION OF
COMPUTER SEARCH AND SEIZURE” Virginia Law Review, October, SSRN)
The proper answer is “no.” Ex ante restrictions are unworkable and unwise for two core reasons. First,
the combination of error-prone ex ante judicial review and more accurate ex post judicial review will
result in systematic constitutional error. Instead of requiring reasonableness, ex ante review will result
in reasonable steps being prohibited by judicial error. The likelihood of error will be a function of
constitutional uncertainty. The more unclear the relevant legal rules, the more uncertain will be the
restrictions needed to ensure reasonableness. However, as the law of reasonableness becomes clear, ex
ante restrictions also become useless: the police will follow the rules because they know they will be
imposed ex post, without a need for ex ante restrictions. From this perspective, the perceived need for
ex ante restrictions is merely a response to present legal uncertainty.
Of course, it is better to prohibit unreasonable searches ex ante than invalidate them ex post while the
law remains uncertain. Perhaps this carves out a role for ex ante restrictions, just as a placeholder until
the law becomes settled? Again, the answer is “no.” The difficulty is that ex ante restrictions impair the
ability of appellate courts and the Supreme Court to develop the law of unreasonable searches and
seizures in the usual case-by-case fashion. Assuming ex ante restrictions are not null and void, they
transform Fourth Amendment litigation away from an inquiry into reasonableness and towards an
inquiry into compliance with the magistrate’s commands. Search and seizure law cannot develop in this
environment. For that reason, ex ante restrictions cannot be temporary measures used until the law
becomes settled. Ironically, those measures will actually prevent the law from being settled.
AT: Perm do the CP
The perm severs – it requires prior authorization before surveillance may proceed –
that’s ex ante. The CP establishes robust FISC review of surveillance after it has
occurred – that’s ex post
Morgan, 8 - Law Clerk to the Honorable Samuel H. Mays, Jr., United States District Court for the Western
District of Tennessee. J.D., 2007, New York University School of Law (Alexander, “A BROADENED VIEW
OF PRIVACY AS A CHECK AGAINST GOVERNMENT ACCESS TO E-MAIL IN THE UNITED STATES AND THE
UNITED KINGDOM” 40 N.Y.U. J. Int'l L. & Pol. 803, Spring, lexis)
In this Note, I use "oversight" to refer to any form of review, be it internal or external, judicial or
nonjudicial, that accompanies e-mail surveillance either before (ex ante) or after (ex post) its use. The
American regime includes both ex ante and ex post oversight of e-mail surveillance. Ex ante oversight
includes departmental protocols, as well as the judicial authorization requirements under the ECPA and
FISA . Departmental protocols that require senior agency officials to approve applications to courts
provide an administrative hurdle that informally limits the number of surveillance applications and
ensures a good-faith basis for their submission. n61 Though these protocols provide initial limits on email surveillance, the judiciary remains the most important, as judges provide an extrinsic check that
agency officials cannot. Judges are less likely than prosecutors or executive agents to have a vested
interest in an investigation's success and are therefore better suited to oversee compliance with
surveillance requirements. n62
[*815] Courts are the only forum for ex post oversight in the United States. Where the government
conducts surveillance in violation of statute, courts may impose penalties on the persons guilty of
unauthorized surveillance and, in some cases, they may exclude the evidence from trial. n63
Suppression of evidence obtained in violation of the ECPA is available for wire or oral communications,
but is inexplicably absent for e-mail. n64 Legal commentators denounce this distinction as "baseless"
n65 and further argue that, without a statutory hook, criminal defendants have a lesser "incentive to
raise challenges to the government's internet surveillance practices." n66
When government surveillance abridges constitutional rights, there are two avenues of redress. n67 At
trial, criminal defendants may seek to suppress evidence obtained through unconstitutional means, as
well as evidence derived therefrom (deemed "fruit of the poisonous tree"). n68 Victims of
unconstitutional searches may also bring civil actions seeking damages for deprivation of rights under
color of law. n69
Ex post oversight is qualitatively different from the plan – it allows all surveillance to
occur, but establishes protections against the misuse of surveillance data. The plan
severs because it has to curtail surveillance from the start
Sales, 14 - Associate Professor of Law, Syracuse University College of Law (Nathan, I/S: A Journal of Law
and Policy for the Information Society, “Domesticating Programmatic Surveillance: Some Thoughts on
the NSA Controversy” 10 ISJLP 523, Summer, lexis)
In addition to oversight by outsiders, a programmatic surveillance regime also should feature a system
of internal checks within the executive branch, to review collection before it occurs, after the fact, or
both. As for the ex ante checks, internal watchdogs should be charged with scrutinizing proposed bulk
collection to verify that it complies with the applicable constitutional and statutory rules, and also to
ensure that appropriate protections are in place for privacy and civil liberties. The Justice Department's
Office of Intelligence is a well known example. The unit, which presents the government's surveillance
applications to the FISA court, subjects these requests to exacting scrutiny with the goal of increasing
the likelihood of surviving judicial review. n65 Indeed, the office has a strong incentive to ensure that
the applications it presents are airtight, so as to preserve its credibility with the FISA court. n66 Ex post
checks include such commonplace mechanisms as agency-level inspectors general, who can audit bulk
collection programs, assess their legality, and make policy recommendations to improve their operation,
as well as entities like the Privacy and Civil Liberties Oversight Board, which perform similar functions
across the executive branch as a whole. Another important ex post check is to offer meaningful
whistleblower protections to officials who know about programs that violate constitutional or statutory
requirements. Allowing officials to bring their concerns to ombudsmen within the executive branch (and
then eventually to Congress) can help root out lawlessness and also relieve [*539] the felt necessity of
leaking information about highly classified programs to the media.
The CP doesn’t curtail surveillance – it curtails what authorities may DO with the data
after it’s collected – it’s a form of harm minimization only
Sales, 14 - Associate Professor of Law, Syracuse University College of Law (Nathan, I/S: A Journal of Law
and Policy for the Information Society, “Domesticating Programmatic Surveillance: Some Thoughts on
the NSA Controversy” 10 ISJLP 523, Summer, lexis)
A third operational consideration is the need for strong minimization requirements. Virtually all
surveillance raises the risk that officials will intercept innocuous data in the course of gathering evidence
of illicit activity. Inevitably, some chaff will be swept up with the wheat. The risk is especially acute with
programmatic surveillance, in which the government assembles large amounts of data in the search for
clues about a small handful of terrorists, spies, and other national security threats. n71 Minimization is
one way to deal with the problem. Minimization rules limit what the government may do with data that
does not appear pertinent to a national security investigation--e.g., how long it may be retained, the
conditions under which it will be stored, the rules for accessing it, the purposes for which it may be
used, the entities with which it may be shared, and so on. Congress appropriately has required
intelligence officials to adopt minimization procedures, both under FISA's longstanding particularized
surveillance regime n72 and under the more recent authorities permitting bulk collection. n73 But the
rules need not be identical. Because programmatic surveillance often involves the acquisition of a much
larger trove of non-pertinent information, the minimization rules for bulk collection ideally would
contain stricter limits on the use of inadvertently collected information for purposes unrelated to
national security. In other words, the minimization procedures should reflect the anti-mission-creep
principle described above.
Defamation CP
1nc – defamation CP
The United States federal government should:
-designate the four main Congressional leaders with powers to appoint FISC
judges
-require a simple majority in Congress to uphold all FISC decisions
-implement an adversarial process in FISC cases
-subject all FISC cases to the same standards as defamation cases
The CP successfully reforms the FISC
Cetina 14– John Marshall Law School (Daniel, “Balancing Security and Privacy in 21st century America: A
Framework for FISA Court Reform”, John Marshall Law Review, Summer 2014,
http://heinonline.org/HOL/Page?collection=journals&handle=hein.journals/jmlr47&type=Text&id=1540
)//DBI
A. Structural Prong
Despite suggested structural proposals' substantial limitations, 124 much of what has been suggested
thus far could be effective if modestly modified. Requiring the Senate to reconfirm non-Article III FISA
Court judges is a patently inadequate option because of the considerable constitutional problems it
raises.125 However, designating the four main congressional leaders with some appointment powers ,
instead of vesting this enormous responsibility exclusively in the chief justice, 126 is an intriguing
approach. Furthermore, Congress should review FISA Court decisions, but only require a simple
majority to approve them. 127 This would avoid the infeasible supermajority threshold.128 It would
also give Congress a stake in these decisions, thereby making them politically accountable to the people,
that sovereign body for whom Congress is directly responsible and to whom Congress is directly
beholden, unlike the sequestered, electorally unaccountable federal judiciary.129 In other words, the
system would become more transparent - a virtue missing from the current security apparatus.130
Finally, FISA Court proceedings must incontrovertibly become adversarial in accord with the great
American tradition.
Additionally, courts - namely, the FISA Court - require a distinct framework for addressing challenges to
governmental surveillance. Thus, in addition to applying these structural changes, introducing a judicial
interpretive remedy is critical.
B. Interpretive Prong
Relying on the state secrets doctrine or routinely acquiescing to the government's demands cannot
replace reasoned determinations of surveillance's practical effects on legitimate privacy interests or its
potential overbreadth. Thus, courts should adopt a new approach that addresses both security interests
and privacy interests.
Considering the relative dearth of effective judicial tests and precedent in surveillance cases,1 3 1 which
again are generally decided pursuant to the state secrets privilege - and therefore in favor of the
governmentl 32 - a good approach is to analogize to an existing test. The best doctrinal underpinning for
a new test is First Amendment law, more specifically, the various tests for defamation. 133
Defamation cases, 134 such as libel and slander, present a dichotomy between two critical interests
somewhat akin to surveillance cases: free speech and reputation.135 In New York Times Co. v. Sullivan,
the Supreme Court extended First Amendment protection to libel for the first time in our nation's
history.136 However, recognizing that personal reputation is as important to citizens as free speech
rights, the Court subsequently carved out numerous exceptions when confronted with novel
scenarios.137 The specific test created for libel against public officials or public figures requires the
plaintiff to show with convincing clarity that the defendant propagated made the defamatory statement
with actual malice or with knowledge or reckless disregard of its falsehood. 138
This test provides a good general framework that the judiciary should appropriate for surveillance cases.
The government, bringing a surveillance request before the FISA Court, would have the same burden as
public officials in defamation situations: convincing clarity.13 9 Currently, the standard is probable
cause140 - far too loose when it comes to citizens' privacy. With this in mind, the government would be
required to satisfy a threshold evidentiary standard by showing a substantial need for limited
surveillance (the knowing or reckless falsehood prong) that is causally connected to preventing definite
threats (the actual malice prong).
Of course, like any judicial test, these subjective phrases require specificity. To satisfy the "substantial
need" requirement, the government would have to articulate what it intends to do with information
gathered from limited surveillance.141 As a corollary, this substantial need would have to outweigh the
competing need for privacy, and it would necessarily be contingent on the government to overcome this
barrier with convincing clarity.
To satisfy the "definite threat" requirement, the government would be compelled to demonstrate how
desired information would help prevent an articulable threat to American interests.142 In considering
this element, the court would examine the threat on a sliding scale that considers both magnitude and
probability. At one extreme would be a putative ticking time bomb scenario, where the government
shows surveillance is necessary to counter an identified threat that is actually at risk of transpiring; in
such a situation judicial deference slides towards the government. The other extreme is a mere
hypothetical threat,143 for which surveillance is only required in the abstract; in this situation judicial
deference slides towards privacy. Between these extremes are numerous situations of varying severity,
and the balance may tip either way depending on the strength of the government's case.
Ideally, the FISA Court would apply the security-privacy test in an adversarial proceeding. Thus, as the
government attempts to fulfill these stringent requirements, the privacy advocate would counter with
evidence of the requested surveillance's effect or effects on privacy.144 The burden, however, would
always remain with the government as the entity seeking to circumvent privacy rights. And, assuming
all of the structural remedies are adopted, Congress would then have to approve the surveillance
decision via majority vote. These changes, however, would inevitably inspire multiple critiques.
2nc – solves state secrets privilege
The CP resolves inefficiency and the state secrets privilege
Cetina 14– John Marshall Law School (Daniel, “Balancing Security and Privacy in 21st century America: A
Framework for FISA Court Reform”, John Marshall Law Review, Summer 2014,
http://heinonline.org/HOL/Page?collection=journals&handle=hein.journals/jmlr47&type=Text&id=1540
)//DBI
There are numerous counterarguments to the two-pronged proposal. First, government proponents
would argue that introducing additional oversight procedures could hamper federal objectives,
especially as they relate to identifying threats and apprehending suspected terrorists, 145 and create
unwanted burdens. This argument is not without some import. The 2013 Boston Marathon bombing 46
is a persuasive indicatorl 4 7 that not only is the War on Terrorism an enduring conflict but also that
enemies can emerge internally, necessitating continued monitoring of both foreign and domestic
threats.
Second, there is no guarantee that a bright-line judicial test can withstand additional successful
applications of the state secrets privilege .148 Indeed, the interpretive component does not
contemplate eradicating the state secrets privilege from the government's repertoire, and it may
effectively become a failsafe for borderline cases, particularly at lower federal courts considering privacy
claims.
However, the two-pronged proposal should quiet such criticisms. Governmental efficiency may be
affected, but the system was designed not for unrestricted freedom to perpetuate controversial
programs but rather for debate and contemplation, 149 those hallmarks of democracy. Furthermore,
the new judicial test's substantial need and definite threat requirements should, absent the most
extraordinary circumstances, overshadow the state secrets privilege.
V. CONCLUSION
Anthony Lewis wrote that the "accommodation of conflicting interests is always complicated. It requires
judges to draw nice lines, it requires lawyers to argue, it requires academics to reflect."' 5 0 Though he
was speaking about libel law, Lewis's reflections apply with equal force to the security/privacy dynamic
at the nucleus of surveillance law. Justice Souter clearly agrees that many legal controversies involve the
"tension of competing values, each constitutionally respectable, but none open to realization to the
logical limit."'51
The government's interest in protecting the country is praiseworthy, but the right to privacy 52 is also
respectable and constitutionally protected. Neither of these crucial values should be marginalized or
abandoned;- indeed, a strong democracy is capable of accommodating both. The proposed structural
and interpretive remedies to United States surveillance tactics are important steps to realizing a more
effective security apparatus that, far from dangerously impinging on cherished liberty, thoughtfully
balances security and privacy in 21st century America.
Standing CP
1nc
The United States federal government should change its definition of “protected
information” in the FISA Amendments Act of 2008 so plaintiffs can satisfy standing in
court.
Changing the definition of “protected information” receives broad support and allows
the people to challenge intrusive surveillance
Greene 14 - John Marshall Law School, B.S. in Political Science (Michael, “Where Has Privacy Gone? How
Surveillance Programs Threaten Expectations Of Privacy”, The John Marshall Journal of Information
Technology & Privacy Law, Summer 2014,
http://heinonline.org/HOL/Page?handle=hein.journals/jmjcila30&div=36&g_sent=1&collection=journals
)//DBI
There is a clearer way of redefining the actions of the NSA under the FAA of 2008, which would be to
give plaintiffs a greater chance of challenging the constitutionality of FAA of 2008. Currently under
Clapper, plaintiffs have yet to establish an injury in fact that would supersede the Supreme Court
majority’s apprehension of giving extenuating circumstances enough merit to justify standing.167 If a
congressional amendment to the current FAA of 2008 inserted a new definition for protected
information, then standing to challenge the acquisition of communications can be satisfied and there
would be a significant increase in surveillance oversight . This bill would avoid the messiness of trying
to restructure the currently secretive FISC court operations. Rather than attempting to create a new
form of judicial review168 or the creation of a new authority for Congressional oversight board,169 a
more constructive attempt at addressing the need for a clearer balance would be to give the
constitutional challenge back to the people . Rather than trying to legislate it into firmly rooted
governmental bodies, let the private section, the plaintiffs of the United States, fight this battle as they
are the ones who are “injured in fact.”
This proposed legislation combines the pragmatic approach of the SOR and STA Acts by avoiding any
drastic rewrite of the FAA of 2008 while still achieving the goals of affecting significant change to NSA
surveillance programs found in ISOR. Since this legislation only requires creating a new section of
protected information, it does not require significant alterations to the FAA of 2008 that could block
bipartisan support. Creating a new definition for protected information will likely receive broad support
and lobbying from the technology industry, because it would restrict what information they would be
required to relinquish.
The aforementioned legislation does not address the entirety of FISA programs nor does it attempt to
solve every issue in FISA. The goal of this proposed legislation is instead to create an avenue for plaintiffs
to get into court by satisfying standing . Unlike proposed legislation like ISOR or SOR/STA, this proposed
solution will give plaintiffs a method to actually challenge the constitutionality of FISA. Creating a clear
method for plaintiffs to assert challenges to FISA is the most practical solution to these convoluted
problems. So far, the U.S. Supreme Court has been able to avoid ruling on FISA. This legislation will
alleviate the burdens upon the legislature to address FISA on its own and will compel all branches of
the federal government to work towards a solution .
2nc – xt: solves intrusive surveillance
Amending the FAA allows FISA to be successfully challenged in court—it solves the
issues with the Clapper case
Greene 14 - John Marshall Law School, B.S. in Political Science (Michael, “Where Has Privacy Gone? How
Surveillance Programs Threaten Expectations Of Privacy”, The John Marshall Journal of Information
Technology & Privacy Law, Summer 2014,
http://heinonline.org/HOL/Page?handle=hein.journals/jmjcila30&div=36&g_sent=1&collection=journals
)//DBI
Although this solution is a roundabout way of addressing the plaintiff’s shortcomings in Clapper, it
satisfies the issues that Justice Alito had presented in his majority holding.170 Justice Alito’s opinion
established that plaintiffs must be able to show an injury in fact and more than a speculation that the
government used Section 1881a authorized surveillance to target their clients.171 Furthermore, giving
plaintiffs the opportunity to satisfy standing will allow the Supreme Court to adjudicate the
constitutionality of the FAA of 2008. There does not need to be a drastic Congressional bill that will
likely not pass both houses of Congress for there to be a significant change to the legal rights of
plaintiffs to challenge the constitutionality of FAA of 2008.
Although attacking the present issues in a very different way than ISOR or SOR/STA Acts, this proposed
solution could actually be successful in asserting a change to the current dilemma both Congress and the
American public face. First, a new amendment to the FAA of 2008 should insert limitations on the
acquisition of metadata . Currently under Section 703, any intentional targeting of a known or
reasonably believed target that is a U.S. person is restricted.172 The collection of U.S. persons’
metadata information is an intentional targeting of U.S. persons that was limited directly by Section 703.
Although this collection targets U.S. persons, courts have yet to find that metadata is the type of
information or communication that is protected under the Fourth Amendment.173 Metadata should
be presented as a new point under Section 703 limitations. This will give plaintiffs the ability to point
directly at a statutory limitation that they can base their injury in fact off of. This will likely be sufficient
to establish that plaintiffs have standing to challenge the constitutionality of the FAA of 2008. Justice
Alito determined that the simple fear of having information collected was not enough for plaintiffs to
achieve Article III standing. Contrary to Justice Alito’s apprehension of plaintiff’s fear, leaked documents
show that U.S. persons have been intentionally targeted through the dragnet collection of all Verizon
communications.174
Secondly, although these challenges may not be able to satisfy the second crux of Justice Alito’s opinion,
they provide a basis for this to be achieved in the future. Justice Alito found that if there was some other
possible way for the government to have conducted the surveillance, there should not be a rush to
judgment or finding that the government had certainly conducted warrantless surveillance.175 While
the proposed legislation cannot achieve this on its own, the importance of allowing the potential
success of it, is that it at least plaintiffs can establish that they have been targeted in dragnet
surveillance programs. Establishing direct evidence of dragnet surveillance programs will limit the need
to address other possible ways surveillance could have been conducted and set a firm basis for a
constitutional challenge of FISA program legality.
The goal of this new legislation is not to take on the bear of a problem that is the FAA of 2008, but
merely to establish the framework for this Act to at least be challenged on a constitutional basis. So far,
the legislation that has been proposed has only looked at creating a new subset of judicial control in the
FISC court or has catered only to the dissemination side of producing user information. The larger goal,
of any congressional act that wishes to address the issue of guaranteeing U.S. persons’ privacy rights are
secured, is to allow a plaintiff into federal court to challenge the constitutionality of the FAA of 2008.
2nc – at: legislation key
Forcing courts to respect FISA spurs legislative reforms that facilitate more effective
judicial enforcement
Seamon 8 – Professor, University of Idaho College of Law (Richard, “Domestic Surveillance for
International Terrorists: Presidential Power and Fourth Amendment Limits”, Hastings Constitutional Law
Quarterly, Spring 2008, http://www.hastingsconlawquarterly.org/archives/V35/I3/seamon.pdf)//DBI
Third, courts should respect legislation, such as FISA, that generally falls within Congress's powers and is
carefully designed to protect Fourth Amendment rights against executive surveillance.' 95 By respecting
such legislation, courts encourage legislative enforcement efforts . Those efforts deserve judicial
support because they can produce legislative rules that facilitate judicial enforcement. 196 FISA does
this, for example, by generally requiring advance judicial approval for FISA surveillance. 97 Some
statutes deserve judicial skepticism because they expand executive power with little attention to
individual rights. 198 FISA does not fall within that description; it restricts executive power to enforce
Fourth Amendment safeguards. 199
2nc – at: cp can’t solve fisc
Forcing FISA to reveal court orders is a necessary first step to reform the FISC
Greene 14 - John Marshall Law School, B.S. in Political Science (Michael, “Where Has Privacy Gone? How
Surveillance Programs Threaten Expectations Of Privacy”, The John Marshall Journal of Information
Technology & Privacy Law, Summer 2014,
http://heinonline.org/HOL/Page?handle=hein.journals/jmjcila30&div=36&g_sent=1&collection=journals
)//DBI
Forcing FISC court orders into the public domain, by allowing plaintiffs to petition them directly for the
evidence of being monitored by government agencies, will be the first step in securing that trust in the
government will be reformed. Although legislation can establish new parameters and set out more
stringent guidelines for how communications are collected and stored, without the ability to challenge
the constitutionality of the program in the legal system, these problems will persist . Although there
may seem to be easier ways of achieving a constitutional challenge to the FAA of 2008, these paths are
all likely dead ends . Legislation that does not try to give plaintiffs a larger platform or a more defined
Article III standing will fail at achieving any real end result . The likelihood of another change to the
actual legislation will be too low.
2nc – xt: no link ptx
The CP avoids politics
Greene 14 - John Marshall Law School, B.S. in Political Science (Michael, “Where Has Privacy Gone? How
Surveillance Programs Threaten Expectations Of Privacy”, The John Marshall Journal of Information
Technology & Privacy Law, Summer 2014,
http://heinonline.org/HOL/Page?handle=hein.journals/jmjcila30&div=36&g_sent=1&collection=journals
)//DBI
This current petition is a clear example of why there needs to be additions made to the FAA of 2008 that
allow for plaintiffs to satisfy the standing requirements to be heard in front of the Supreme Court. It is
highly unlikely that legislation will be passed that restricts the activities of the FISC court, or that will give
plaintiffs enough authority to challenge the FISC court decisions. Currently under the FAA of 2008, FISC
court decisions are not challengeable by U.S. persons. Without creating a way for U.S. persons to
establish standing, there will be no legal remedy available to protect civil liberties. Absent a new found
commonality among the differing parties in Congress, there is little to no chance that a substantial bill
will be passed that drastically changes how the FISC court is structured or how FISA surveillance
programs are implemented. The most successful challenge to these rigid ideas will come from the most
unlikely source, and that is why there needs to be a reliance on plaintiffs getting into the Supreme Court
to challenge the constitutionality of FAA of 2008.
Disadvantage links
Presidential powers links
1nc – exigent circumstances link
A limited emergency exception to the plan is vital to presidential powers
Seamon 8 – Professor, University of Idaho College of Law (Richard, “Domestic Surveillance for
International Terrorists: Presidential Power and Fourth Amendment Limits”, Hastings Constitutional Law
Quarterly, Spring 2008, http://www.hastingsconlawquarterly.org/archives/V35/I3/seamon.pdf)//DBI
Of course, the President's "genuine emergency" power has limits. The Japanese attack on Pearl Harbor
created a "genuine emergency," but that emergency did not last for the entire war.'34 Nor did the
attack on Pearl Harbor necessarily justify every measure that the President deemed reasonable,
including the mass internment of Japanese Americans.135 The existence of genuine emergency powers
in the President-and the relaxation of Bill of Rights limits on those powers-must be limited in time and
scope.136 Otherwise, the separation of powers system cannot work effectively and Bill of Rights
freedoms become fair weather friends. I propose two limits on the President's "genuine emergency"
powers.
First, the President's power depends on the legislative framework within which it is exercised. The
President can defy an Act of Congress in a national security emergency only if defiance of the
legislation is necessary to respond to the emergency. If the President can effectively respond to the
emergency while obeying the statute, the President lacks power to defy it. 137 Thus, Congress can
regulate the President's power to respond to national security emergencies by enacting legislation that
gives the President adequate leeway in such emergencies. By the same token, it is the inadequacy of
legislation that justifies presidential defiance of the legislation in cases of genuine emergency. 38
Second, the President's emergency powers are residual when Congress has enacted generally valid
legislation in the same area. Congress and the President share power in many areas, including the
waging of war.139 In matters of shared governance, the separation of powers doctrine gives Congress
the power to make rules and the President power- not to unmake Congress's rules-but to break them
when reasonably necessary in a genuine emergency. 40 For example, in late 2005 Congress enacted a
law prohibiting members of the armed forces from torturing people detained in the war on terrorism. 14
1 Assume for the sake of argument that it is possible to conceive of a "genuine emergency" in which the
President could reasonably decide it was necessary to defy this prohibition. 42 It is one thing to
recognize presidential power to break Congress' rule in a particularly exigent situation, after making an
individualized determination that it was necessary to violate the prohibition. It is quite a different
matter to recognize presidential power to unmake Congress's rule by promulgating a "program"
authorizing torture in broadly defined categories of situations.1 43 One way to express the difference is
by saying that, in the second situation, the President is impermissibly exercising legislative power,
whereas in the first situation he is exercising irreducible executive power.144 Another way to express
the difference is to say that the executive power to act in "emergencies" is limited in scope and duration
to that necessary when there is "no time for deliberation., 145 Those limits flow from our system of
separated powers.
2nc – exigent circumstances link
External surveillance restrictions undermine presidential powers and the ability to
speak with one voice
Seamon 8 – Professor, University of Idaho College of Law (Richard, “Domestic Surveillance for
International Terrorists: Presidential Power and Fourth Amendment Limits”, Hastings Constitutional Law
Quarterly, Spring 2008, http://www.hastingsconlawquarterly.org/archives/V35/I3/seamon.pdf)//DBI
Recognizing a congressionally irreducible "genuine emergency" power in the President is supported by
the Constitution's creation of a "unitary executive."' 14 The Constitution provided for only one president
so that, on appropriate occasions, one person can act for the nation without consulting others. 1 5 The
Framers thought a unitary executive was particularly important for conducting foreign affairs. A unitary
executive not only enables the country to speak to other countries with one voice, 116 it also ensures
quick action when necessary to protect national security. 17 Too, it helps ensure the secrecy of sensitive
foreign intelligence. 1 8 Thus, the Court has often referred to the President as the "sole organ" of foreign
affairs." 9 The "sole organ" concept cannot, however, be stretched so far that it puts the President
indefinitely above the law. Rather, it makes sense to let the President act as the "sole organ" if-but only
so long as-it is necessary in a genuine national security emergency for him or her to function. 120 The
unitary executive concept rests on the need for prompt, univocal action that will often be informed by
information that cannot be broadly shared. As that need subsides, so does the legitimacy of conduct
justified by reference to the unitary executive concept.
This reliance on the unitary executive concept is deliberately narrow. It does not embrace broader
claims that have been asserted under the unitary executive theory. Unitary executive extremists assert
Presidential power to ignore congressional restrictions on removal of executive branch officials and
congressional enactments vesting exclusive power to administer statutory programs in officials other
than the President. 121 In particular, recognition of congressionally irreducible presidential power in
national security emergencies does not imply that the President has a greater role than Congress in the
prosecution of war. 122 The position staked out here does, however, reject the view that "there is no
constitutional impediment to Congress restricting the President's ability to conduct electronic
surveillance within the United States and targeted at United States persons."'123 That view would
apparently preclude the President's violation of statutory surveillance restrictions even if the President
reasonably concluded that violation of those restrictions was necessary to respond to a national security
emergency.
This analysis leaves many questions unanswered, including: Who decides whether a national security
emergency exists?; What response is appropriate to a particular emergency?; and, How does one decide
whether a particular legislative provision should be read to unconstitutionally intrude upon the
President's power to respond to such an emergency?' 214 As a practical matter, the President often
must decide those questions initially. 125 Courts, however, can often review those decisions when they
are implemented by officials other than the President and when the decisions affect individual
rights.126 Indeed, sometimes the federal courts can set aside such decisions, as the Court's recent
decision in Hamdan v. Rumsfeld shows. 12 7 Thus, regardless of the power the President may
individually possess as a "unitary executive," he or she is judicially accountable in many settings. In
addition, the President is politically accountable for his or her unilateral responses to genuine national
security emergencies, at least once those decisions become public. 128
By any standard, 9/11 constituted a genuine national security emergency. 129 Accordingly, it
empowered the President to take some immediate actions that he reasonably thought necessary, even
if those actions violated federal statutes. Suppose, for example, that the passengers aboard United
Airlines Flight 93 had not caused the plane to crash in Shanksville, Pennsylvania, and that it had
continued its suicide mission toward the U.S. Capitol. 130 Can anyone doubt that the President could
have ordered the flight shot down before it hit the Capitol, even if that order violated a federal statute?
131 Similarly, suppose the President had ordered the instant electronic monitoring of all cell phone calls
to and from the plane to determine the plane's target and those responsible for the suicide mission.
Would not the President have authority to order that surveillance even if it violated FISA?'32
One basis for concluding that the President would have that authority is to interpret FISA (and other
statutes limiting the President's power in genuine emergencies) to implicitly include exceptions for
genuine emergencies. That interpretation finds support in the canon requiring courts to avoid statutory
interpretations that produce "absurd results."' 1 33 But the canon should not obscure the reason why it
would be absurd to interpret FISA to prohibit the President from responding to genuine national security
emergencies: It is absurd to give Congress such a prohibitory power. To the contrary, common sense
and precedent support recognition of presidential power, irreducible by Congress, to make necessary,
immediate responses to genuine national security emergencies.
Terrorism links
1nc – FAA exclusivity link
FAA exclusivity undermines counterterrorism measures—time, standards, and
authorizations
Seamon 8 – Professor, University of Idaho College of Law (Richard, “Domestic Surveillance for
International Terrorists: Presidential Power and Fourth Amendment Limits”, Hastings Constitutional Law
Quarterly, Spring 2008, http://www.hastingsconlawquarterly.org/archives/V35/I3/seamon.pdf)//DBI
True, FISA has shortcomings. The shortcomings reflect changes in surveillance technology and in
international terrorism. Those shortcomings could very well justify surveillance outside FISA-even todayif the President reasonably determines that, in a particular instance, it is reasonably necessary to depart
from FISA. Specifically, FISA has at least three shortcomings that could create "genuine emergencies"
justifying event-specific departures from FISA.
First, it can take too long to get a FISA surveillance order.164 True, the Attorney General can authorize
"emergency orders" approving FISA surveillance without prior court approval. 165 But this statutory
emergency authority has drawbacks. The Attorney General must personally determine the existence of
both an emergency and a factual basis for the issuance of an order.166 Until he or she does so,
emergency surveillance cannot occur.167 NSA, however, may need to start surveillance the instant that
NSA determines the surveillance is justified, without awaiting Attorney General authorization.' 68
Furthermore, the Attorney General is only one person, and he or she may be called upon personally and
very quickly to make dozens or hundreds of "emergency" determinations. The Attorney General could
become a bottleneck. Finally, the government must advise the FISA court of each emergency order and
apply within seventy-two hours for a surveillance order from the court to ratify the attorney general's
emergency order. 169 This supposedly expedited application process, required for every emergency
order, could keep dozens of government lawyers employed on a continual fire drill without coming close
to achieving the instantaneous authorization that is sometimes required for national security
surveillance.
Second, the standards for getting FISA surveillance orders can be too high. NSA monitors phone calls and
emails into and out of the United States involving people whom NSA has a "reasonable basis" for
believing are associated with al Qaeda.170 The government may not have probable cause to believe
that these people are "agents of foreign power" who can be targeted under FISA.171 Indeed, the person
in the United States whose phone calls or emails are monitored may be entirely innocent, if it is the
person outside the U.S. who is associated with al Qaeda and who triggers NSA surveillance. 172 To cite
another example, perhaps the person in the U.S. who is being monitored is associated with al Qaeda but
the association does not make that person a foreign agent.173 Even so, the government may have good
reason to monitor the communication.174
Third, FISA orders could be too narrow. FISA authorizes surveillance of one target at a time. 175 The
government, however, sometimes needs to conduct wholesale surveillance-for example, by monitoring
phone calls to all persons in the United States from particular individuals outside the U.S and by filtering
communications to detect certain words and patterns of words.176 Wholesale surveillance may very
well violate FISA but be reasonably necessary in a genuine national security emergency, such as when
the government has strong evidence that someone outside the U.S. is planning terrorist attacks on a
U.S. target with accomplices inside the U.S. 177
In sum, the President may have power to authorize surveillance "outside FISA" in situations presenting
a "genuine emergency." That power, however, exists only when national security exigencies make it
reasonably necessary to ignore FISA. Even so, the power justifies surveillance outside FISA even today,
to the extent FISA's shortcomings create exigent circumstances precluding resort to the FISA process.
This residual power does not support the current NSA surveillance "program," which authorizes
wholesale departure from FISA. 178
2nc – FAA exclusivity link
Adhering to FISA undermines intelligence collection capabilities and effective counterterrorism strategy
Sievert 14 * Professor, Bush School of Government and U.T. Law School, author of three editions of
Cases and Materials on US Law and National Security (Ronald, “Time to Rewrite the Ill-Conceived and
Dangerous Foreign Intelligence Surveillance Act of 1978”, National Security Law Journal Vol. 3, Issue 1 –
Fall 2014)//GK p. 51-52
To counter these and other ongoing threats, the United States government has been burdened with the
restrictions of the misguided and ill-conceived Foreign Intelligence Surveillance Act of 1978 (“FISA”).14 This statute requires
that, in their effort to protect the nation’s security, intelligence analysts, agents, and attorneys must produce evidence before members of the
federal judiciary that meets the maximum criminal law search standard of probable cause before they can monitor the domestic conversations
and emails of agents of a foreign power and terrorist organizations.15 The procedure created by this statute is both confusing and, in the words
of New York City Police Commissioner Raymond Kelly, “an unnecessarily protracted, risk-adverse process that is dominated by lawyers, not
investigators and intelligence collectors.”16 Both the 9/11 Commission17 and Amy Zegart in her book Spying Blind18 have detailed how FBI
agents were stymied in tracking the hijackers before the September 11th attacks because, as a result of FISA
interpretations, lawyers in the Department of Justice’s “Office of Intelligence and Policy Review, FBI leadership and the
FISA Court built barriers between agents—even agents serving on the same squads.”19 This “wall” was breached to
some extent with the 2001 PATRIOT Act provisions permitting information sharing,20 but the statute’s basic
restrictions and confusion surrounding its interpretation remain. The FBI had detained hijacker Zacarias Moussaoui in
Minneapolis days before the 9/11 attacks, but agents were prevented from scanning his computer because
a supervisor at FBI Headquarters concluded there was not probable cause for a FISA warrant. Meanwhile, according
to the DOJ Inspector General’s report, the Minneapolis office believed that “probable cause for the warrant was clear” and “became
increasingly frustrated with the responses and guidance it was receiving.” The Bush administration initiated the publicly criticized Terrorist
Surveillance Program because, even with the PATRIOT Act’s modifications, obtaining
FISA warrants “incurr(ed) a delay that
was unacceptable given the time-sensitivity and sheer volume of intelligence requirements after 9/11.”22
The government apparently knew that 2007 Times Square bomber Faisal Shahzad had “established interaction with the Pakistani Taliban,
including bomb making training in Waziristan” and had made “thirteen trips to Pakistan in seven years,” yet did not monitor him as he slowly
assembled the materials to construct his potentially devastating weapon.23 This led the Wall Street Journal to question whether the failure was
due to “restrictions imposed on wiretapping by the Foreign Intelligence Surveillance Act” and to quote officials on the reduced effectiveness
and excessive delays of the judicially regulated program.24 In a very extensive, detailed investigation of the Boston Marathon bombing, Keith
Maart further highlighted the confusion endemic to attempts at interpreting FISA. 25 He noted that the Russian Federal Security Service (“FSB”)
had twice informed the FBI and CIA that Tamerlan Tsarnaev “had contacts with foreign Islamic militants/agents, was visiting jihadist websites
and was looking to join jihadist groups” and that he had travelled to Dagestan on an unknown mission.26 Maart offered that it would certainly
appear there was “sufficient probable cause to obtain FISA warrants that would allow . . . more encompassing surveillance.”27 However, the
FBI had apparently come to a contrary conclusion.28 By
adhering to FISA, we are weakening our intelligence collection
capabilities rather than strengthening our ability to prevent catastrophic attacks by those who do not hesitate to
target and inflict mass casualties on innocents. At the same time, we are overreacting to the government’s access to
the limited information contained in metadata that has been routinely collected by telephone
companies for decades.29 This Article will explain how FISA was an excessive response to the Supreme Court’s decision in U.S. v. U.S
District Court (Keith)30 and the Watergate era, and demonstrate why, because of the foreign affairs power and the Supreme Court’s decisions
on public safety searches, it is not constitutionally required.31 Furthermore, this Article will show that most of our foreign partners in the
supposedly sophisticated, privacy-protecting nations of Europe do not restrain their security forces in a similar manner in intelligence cases.
This is due to the obvious reason that national security investigations involve threats that endanger the lives of thousands of people and
potentially imperil the very existence of the nation, unlike the far more constrained menace of ordinary crime.32 It is well recognized that the
arguments contained here are directly opposed to those who are demanding more, not fewer, government regulation in the wake of the
revelations attributed to Edward Snowden.33 Accordingly, this Article will also address why our recent media, political, and judicial reactions
might once again lead to restrictions that are not constitutionally required, and that could further undermine the government’s reasonable
efforts to provide security for the American people.
FISA is the exclusive means for domestic electronic surveillance for foreign intelligence
purposes
Seamon 8 – Professor, University of Idaho College of Law (Richard, “Domestic Surveillance for
International Terrorists: Presidential Power and Fourth Amendment Limits”, Hastings Constitutional Law
Quarterly, Spring 2008, http://www.hastingsconlawquarterly.org/archives/V35/I3/seamon.pdf)//DBI
First, the TSP may violate FISA. FISA prescribes "the exclusive means by which electronic surveillance [for
foreign intelligence purposes]... may be conducted" in the United States.21 FISA's legislative history
confirms that Congress intended FISA to govern all domestic electronic surveillance for foreign
intelligence purposes.22 Congress made FISA exclusive to stop executive abuses exposed in the 1970s
through efforts such as the Church Committee investigations." The Church Committee revealed that
Presidents since Franklin D. Roosevelt had authorized warrantless surveillance of Americans.24 Although
Presidents claimed "inherent" power to authorize this surveillance for "national security" purposes, the
surveillance often targeted people merely because of their political views.25 By enacting FISA in 1978,
Congress intended to "prohibit the President, notwithstanding any inherent powers," from conducting
domestic electronic surveillance for foreign intelligence purposes without complying with FISA. 6
Congress seemingly precluded any domestic surveillance outside of FISA .
2nc - FAA exclusivity link – probable cause
FISA has a rigorous warrant requirement based upon probable cause
Harper 14, University of Chicago Law School, U.S. Department of Justice, Civil Division, (Nick, “FISA’s
Fuzzy Line between Domestic and International Terrorism”, University of Chicago Law
Review;Summer2014, Vol. 81 Issue 3)//AK
Each FISA warrant application must meet several requirements. The application must identify the target
of the surveillance and describe both the nature of the information sought and the type of
communications or activities that would likely be subject to surveillance.41 The government also must
propose procedures to minimize its use of the information sought and must certify that (1) the
information sought is deemed to be foreignintelligence information, (2) a “significant purpose of the
surveillance is to obtain foreign intelligence information,” and (3) “such information cannot reasonably
be obtained by normal investigative techniques.”42
FISA also requires a submission of facts that establishes probable cause that the target is a “foreign
power or an agent of a foreign power.”43 Unlike in Title III, the target of surveillance need not be tied to
a specific criminal offense.44 Instead, to satisfy probable cause, the government must show some
linkage to a “foreign power” as outlined in the definitional section of the Act (known as the “targeting
provisions”).45
Because of this peculiar probable cause requirement, the scope of the definitions of “foreign powers”
effectively controls the potential reach of FISA-authorized surveillance. FISA lists seven different types of
foreign powers, but they basically consist of foreign governments and entities controlled by those
governments, foreign-based political organizations, and international terrorist groups.46 FISA then has
two sets of definitions of “agent of a foreign power,”47 depending on whether the target is a “United
States person.”48 There are several differences between the two agency provisions, but the main
distinction is that the government must show that US persons knowingly engaged in forbidden activity
on behalf of a foreign power.49 Thus, for example, to surveil a US person suspected of being an alQaeda operative, the government would have to show that the person knowingly engaged in
international terrorism on behalf of al-Qaeda. Once the government submits its application, a FISC judge
must approve the surveillance if he finds that the government has met the above requirements,
provided that no US person was considered a foreign power or an agent of a foreign power solely based
on activities protected by the First Amendment.50 This represents the last step in the FISC’s
involvement with the FISA wiretap process: district court judges, rather than FISC judges, assess the
application’s compliance with FISA and FISA’s compliance with the Fourth Amendment when evidence
derived from the wiretaps is challenged in a criminal proceeding.
Link – ‘domestic’ limit
Attempting to preclude NSA ‘domestic’ surveillance guts their ability to do bulk
collection – they lack the technological ability to distinguish
Donohue, 15 - Professor of Law, Georgetown University Law Center (Laura, “SECTION 702 AND THE
COLLECTION OF INTERNATIONAL TELEPHONE AND INTERNET CONTENT” 38 Harv. J.L. & Pub. Pol'y 117,
Winter, lexis)
In its October 2011 memorandum opinion, the court confronted two areas: first, targeting procedures as
applied to the acquisition of communications other than Internet transactions -- that is, "discrete
communications between or among the users of telephone and Internet communications facilities that
are to or from a facility tasked for collection." n290 As in the past, the court found the targeting
procedures with regard to non-Internet transactions to be sufficient. Second, the court considered de
novo the sufficiency of the government's targeting procedures in relation to Internet transactions
[*192] transactions. n291 Despite the acknowledgement by the government that it knowingly collected
tens of thousands of messages of a purely domestic nature, FISC found the procedures consistent with
the statutory language that prohibited the intentional acquisition of domestic communications. n292
The court's analysis of the targeting procedures focused on upstream collection. n293 At the time of
acquisition, the collection devices lacked the ability to distinguish "between transactions containing only
a single discrete communication to, from, or about a tasked selector and transactions containing
multiple discrete communications, not all of which may be to, from, or about a tasked selector." n294
The court continued: "As a practical matter, this means that NSA's upstream collection devices acquire
any Internet transaction transiting the device if the transaction contains a targeted selector anywhere
within it." n295 Because of the enormous volume of communications intercepted, it was impossible to
know either how many wholly domestic communications were thus acquired or the number of nontarget or U.S. persons' communications thereby intercepted. n296 The number of purely domestic
communications alone was in the tens of thousands. n297
Despite this finding, FISC determined that the targeting procedures were consistent with the statutory
requirements that they be "reasonably designed" to (1) "ensure that any acquisition authorized under
[the certifications] is limited to targeting persons reasonably believed to be located outside the United
States" and (2) "prevent the intentional acquisition of any communication as to which the sender and all
intended recipients are known at the time of the acquisition to be located in the United States." n298
To reach this conclusion, the court read the statute as applying, in any particular instance, to
communications of individuals "known at the time of acquisition to be located in the United [*193]
States." n299 As the equipment did not have the ability to distinguish between purely domestic
communications and international communications , the NSA could not technically know, at the time
of collection, where the communicants were located. From this, the court was "inexorably led to the
conclusion that the targeting procedures are 'reasonably designed' to prevent the intentional acquisition
of any communication as to which the sender and all intended recipients are known at the time of the
acquisition to be located in the United States." n300 This was true despite the fact that the NSA was
fully aware that it was collecting, in the process, tens of thousands of domestic communications. n301
As far as the targeting procedures were concerned, at least with regard to MCTs, the NSA had
circumvented "the spirit" but not the letter of the law. n302
The court's reading led to an extraordinary result. The statute bans the knowing interception of entirely
domestic conversations. The NSA said that it knowingly intercepts entirely domestic conversations. Yet
the court found its actions consistent with the statute.
A few points here deserve notice. First, it is not immediately clear why the NSA is unable to determine
location at the moment of intercept and yet can ascertain the same at a later point. Second, in focusing
on the technical capabilities of any discrete intercept, the court encouraged a form of willful blindness-that is, an effort to avoid criminal or civil liability for an illegal act by intentionally placing oneself into a
position to be unaware of facts that would otherwise create liability. n303 In light of the court's
interpretation, [*194] the NSA has a diminished interest in determining at the point of intercept
whether intercepted communications are domestic in nature. Its ability to collect more information
would be hampered . So there is a perverse incentive structure in place, even though Congress intended
the provision to protect individual privacy.
Link – programmatic surveillance
Programmatic surveillance is necessary for pattern analysis that can identify future
terrorist threats – forcing individualized determinations wrecks investigations
Sales, 14 - Associate Professor of Law, Syracuse University College of Law (Nathan, I/S: A Journal of Law
and Policy for the Information Society, “Domesticating Programmatic Surveillance: Some Thoughts on
the NSA Controversy” 10 ISJLP 523, Summer, lexis)
Programmatic surveillance initiatives like these differ in simple yet fundamental ways from the
traditional forms of monitoring with which many people are familiar--i.e., individualized or particularized
surveillance. Individualized surveillance takes place when authorities have some reason to think that a
specific, known person is breaking the law. Investigators will then obtain a court order authorizing them
to collect information about the target, with the goal of assembling evidence that can be used to
establish guilt in subsequent criminal proceedings. Individualized surveillance is common in the world of
law enforcement, as under Title III of the Omnibus Crime Control and Safe Streets Act of 1968. n23 It is
also used in national security investigations. FISA allows authorities to obtain a court order to engage in
wiretapping if they demonstrate, among other things, probable cause to believe that the target is "a
foreign power or an agent of a foreign power." n24
By contrast, programmatic surveillance has very different objectives and is conducted in a very different
manner. It usually involves the government collecting bulk data and then examining it to identify
previously unknown terrorists, spies, and other national security threats. A good example of the practice
is link analysis, in [*528] which authorities compile large amounts of information, use it to map the
social networks of known terrorists--has anyone else used the same credit card as Mohamed Atta?--and
thus identify associates with whom they may be conspiring. n25 (It is also possible, at least in theory, to
subject these large databases to pattern analysis, in which automated systems search for patterns of
behavior that are thought to be indicative of terrorist activity, but it's not clear that the NSA is doing so
here.) Suspects who have been so identified can then be subjected to further forms of monitoring to
determine their intentions and capabilities, such as wiretaps under FISA or other authorities. In a sense,
programmatic surveillance is the mirror image of individualized surveillance. With individualized
monitoring, authorities begin by identifying a suspect and go on to collect information; with
programmatic monitoring, authorities begin by collecting information and go on to identify a suspect.
Programmatic surveillance is a potentially powerful counterterrorism tool . The Ra'ed al-Banna incident
is a useful illustration of how the technique, when coupled with old-fashioned police work, can identify
possible threats who otherwise might escape detection. Another example comes from a 2002 Markle
Foundation study, which found that authorities could have identified the ties among all 19 of the 9/11
hijackers if they had assembled a large database of airline reservation information and subjected it to
link analysis. n26 In particular, two of the terrorists--Nawaf al-Hamzi and Khalid al-Mihdhar--were on a
government watchlist after attending a January 2000 al-Qaeda summit in Malaysia. So they could have
been flagged when they bought their tickets. Querying the database to see if any other passengers had
used the pair's mailing addresses would have led investigators to three more hijackers, including
Mohamed Atta, the plot's operational leader. Six others could have been found by searching for
passengers who used the same frequent-flyer and telephone numbers as these suspects. And so on.
Again, the Markle study concerns airline reservation data, not the communications data that are the
NSA's focus. But it is still a useful illustration of the technique's potential.
The government claims that programmatic surveillance has been responsible for concrete and actual
counterterrorism benefits, not just hypothetical ones. Officials report that PRISM has helped detect and
[*529] disrupt about 50 terrorist plots worldwide, including ten in the United States. n27 Those
numbers include Najibullah Zazi, who attempted to bomb New York City's subway system in 2009, and
Khalid Ouazzani, who plotted to blow up the New York Stock Exchange. n28 Authorities further report
that PRISM played an important role in tracking down David Headley, an American who aided the 2008
terrorist atrocities in Bombay, and later planned to attack the offices of a Danish newspaper that printed
cartoons of Mohamed. n29 The government also claims at least one success from the telephony
metadata program, though it has been coy about the specifics: "The NSA, using the business record FISA,
tipped [the FBI] off that [an] individual had indirect contacts with a known terrorist overseas. . . . We
were able to reopen this investigation, identify additional individuals through a legal process and were
able to disrupt this terrorist activity." n30 Quite apart from foiling attacks, the government also argues
that the NSA programs can conserve scarce investigative resources by helping officials quickly spot or
rule out any foreign involvement in a domestic plot, as after the 2013 Boston Marathon bombing. n31
These claims have to be taken with a few grains of salt. Some observers believe that the government
could have discovered the plots using standard investigative techniques, and without resorting to
extraordinary methods like programmatic surveillance. n32 The metadata program has elicited special
skepticism: The President's Review Group on Intelligence and Communications Technologies bluntly
concluded that "the information contributed to terrorist investigations by the use of section 215
telephony meta-data was not essential to preventing attacks and could readily have been obtained
[*530] in a timely manner using conventional section 215 orders." n33 The Privacy and Civil Liberties
Oversight Board reached the same conclusion. n34 (Judicial opinion is split on the program's value. One
judge has expressed "serious doubts" about its utility, n35 while another has concluded that its
effectiveness "cannot be seriously disputed.") n36 Furthermore, we should always be cautious when
evaluating the merits of classified intelligence initiatives on the basis of selective and piecemeal
revelations, as officials might tailor the information they release in a bid to shape public opinion. n37
But even if specific claimed successes remain contested, programmatic surveillance in general can still
be a useful counterterrorism technique.
As these examples imply, effective programmatic surveillance often requires huge troves of information-e.g., large databases of airline reservations, compilations of metadata concerning telephonic and
internet communications, and so on. This is why it typically will not be feasible to limit bulk collection to
particular, known individuals who are already suspected of being terrorists or spies. Some officials have
defended the NSA programs by pointing out that, "[i]f you're looking for the needle in a haystack, you
have to have the haystack." n38 That metaphor doesn't strike me as terribly helpful; rummaging around
in a pile of hay is, after all, a paradigmatic image of futility. But, the idea can be expressed in a more
compelling way. Programmatic surveillance cannot be done in a particularized manner. The whole point
of the technique is to identify unknown threats to the national security; by definition, it cannot be
restricted to threats that have already been identified. We can't limit programmatic [*531] surveillance
to the next Mohamed Atta when we have no idea who the next Mohamed Atta is--and when the goal of
the exercise is indeed to identify the next Mohamed Atta.
Link – bulk collection
Bulk collection is vital to reduce terrorism risk – terrorists will use the plan’s privacy
protection to hide communications
Lewis 5/28 – Director and Senior Fellow, Strategic Technologies Program (James Lewis, “What
Happens on June 1?”, CSIS Strategic Technologies Program,
http://www.csistech.org/blog/2015/5/28/what-happens-on-june-1, 5/28/2015)//MBB
After a week or so, potential attackers will probably look for ways they can exploit newly unsurveilled
space for operational advantage. Risk will increase steadily once they get over their shock, and then
plateau two or three months out (when they've presumably adjusted their operations to reduced
surveillance). How much risk increases will depend on whether the USG can compensate for the lost
collection and whether attackers find ways to gain advantage.
All the propaganda about how this kind of collection "never stopped an attack" is divorced from reality.
It is the the totality of collection that reduced risk. Reduce collection and risk increases. How much is
unclear, and Americans may be willing to trade a small increase in risk for less government surveillance.
215 is probably the least valuable program, and ending it creates the least risk, but ending it is not risk
free.
Adding some privacy advocates to the Foreign Intelligence Surveillance Court will also increase risk. We
don't do this for any other kind of warrant process, and it will add delays. One of the problems with FISC
that led to the 9/11 success (for the other side) was the slowness of its processes. Adding privacy
advocates will return us to the bad old days of FISA. It's also insulting to the judges.
Link – narrowing 702
Requiring individualized determinations for targets creates a massive bureaucratic
drain, wrecking investigations
Cordero, 15 - Director of National Security Studies, Georgetown University Law Center, Adjunct
Professor of Law (Carrie, “The Brennan Center Report on the FISA Court and Proposals for FISA Reform”
4/2, Lawfare, http://www.lawfareblog.com/brennan-center-report-fisa-court-and-proposals-fisa-reform
1. “End Programmatic Surveillance”…”or If Programmatic Surveillance Continues, Reform It”
One of the major criticisms of the government’s use of FISA to emerge in the recent debate is that the
Court has shifted from approving individual surveillance or search requests directed at a particular agent
of a foreign power or foreign power, to a practice of approving “programmatic” requests for collection
authority. The criticism is a repudiation of not only the bulk telephone metadata program, but also of
section 702 of FISA, which was added to the Act in 2008. Section 702 authorizes the Director of National
Intelligence and the Attorney General to issue directives to communications service providers under a
set of procedures and certifications that have been approved by FISC.
Referring to the collection authorized by Section 702 as “programmatic” can lead to misunderstanding.
Acquisition under section 702 is programmatic in the sense that the Court approves rules and
procedures by which the acquisition takes place. The Court does not, under section 702, make a
substantive finding about a particular target. It does not approve individual requests for collection.
Instead, the FISC approves the rules and procedures, and then intelligence community personnel abide
by a decision-making process in which there are actual intended targets of acquisition. In his February 4,
2015 remarks at Brookings, ODNI General Counsel Bob Litt described it this way:
“Contrary to some claims, this [section 702 collection] is not bulk collection; all of the collection is based
on identifiers, such as telephone numbers or email addresses, that we have reason to believe are being
used by non-U.S. persons abroad to communicate or receive foreign intelligence information.”
Regardless of the characterization, however, it is correct to say that section 702 allows the intelligence
community, not the Court, to make the substantive determination about what targets to collect against.
Those decisions are made consistent with intelligence community leadership and policymaker strategic
priorities, which Litt also discussed in his February 4th remarks. Targets are selected based on their
anticipated or demonstrated foreign intelligence value. And targeting decisions are subject to
continuous oversight by compliance, legal and civil liberties protection authorities internal to NSA, and
external at the Office of the Director of National Intelligence and the Department of Justice.
The question, then, is why was the change needed in 2008? And, if the Brennan Center’s
recommendation were accepted, what would be the alternatives? What follows is a shorthand answer
to the first question (which I previously addressed here): basically, the change was needed because the
pre-2008 definitions in FISA technically required that the government obtain a probable-cause based
order from the Court in order to collect the communications of Terrorist A in Afghanistan with Terrorist
B in Iraq. This was a problem for at least two reasons: one, as non-U.S. persons outside the United
States, Terrorist A and Terrorist B are not entitled to Constitutional protections; and two, the
bureaucratic manpower it took to supply and check facts, prepare applications and present these
matters to the Court were substantial. As a result, only a subset of targets who may have been worth
covering for foreign intelligence purposes were able to be covered.
This is an extremely condensed version of the justification for 702 and does not cover additional reasons
that 702 was sought. But, from my perspective, it is the bottom line, and one that cannot be overlooked
when suggestions are made to scale back 702 authority.
Section 702 has empirically been used to stop terrorist attacks
Young 14– President and General Counsel of Ronin Analytics, LLC. and former NSA senior leader (Mark,
“National Insecurity: The Impacts of Illegal Disclosures of Classified Information”, I/S: A Journal of Law
and Policy for the Information Society, 2014,
http://moritzlaw.osu.edu/students/groups/is/files/2013/11/Young-Article.pdf)//DBI
The Deputy Attorney General has noted that the Federal Bureau of Investigation benefited from NSA’s
Section 702 collection in the fall of 2009. Using Section 702 collection and “while monitoring the
activities of Al Qaeda terrorists in Pakistan, the National Security Agency (NSA) noted contact from an
individual in the U.S. that the Federal Bureau of Investigation (FBI) subsequently identified as Coloradobased Najibulla Zazi. The U.S. Intelligence Community, including the FBI and NSA, worked in concert to
determine his relationship with Al Qaeda, as well as identify any foreign or domestic terrorist links.”44
“The FBI tracked Zazi as he traveled to New York to meet with co-conspirators, where they were
planning to conduct a terrorist attack. Zazi and his co-conspirators were subsequently arrested. Zazi,
upon indictment, pled guilty to conspiring to bomb the NYC subway system. Compelled collection
(authorized under Foreign Intelligence Surveillance Act, FISA, Section 702) against foreign terrorists was
critical to the discovery and disruption of this threat against the U.S.”45 Regardless of the accuracy of
the information released by Snowden, the types of programs described by the material contribute to
national security and its release, regardless of its validity, will negatively impact US security.
Removing section 702 means probable cause requirements would be applied to
foreign investigations
Cordero, 15 - Director of National Security Studies, Georgetown University Law Center, Adjunct
Professor of Law (Carrie, “The Brennan Center Report on the FISA Court and Proposals for FISA Reform”
4/2, Lawfare, http://www.lawfareblog.com/brennan-center-report-fisa-court-and-proposals-fisa-reform
Which brings us to the second question I posed above—what are the alternatives if Section 702
authority, were, as the Brennan Center recommends, repealed? One option is to revert to the pre-2008
practice: obtaining Court approval based on probable cause for non-U.S. persons located outside the
United States. The operational result would be to forego collection on legitimate targets of foreign
intelligence collection, thereby potentially losing insight on important national security threats. Given
the challenging and complex national security picture the United States faces today, I would think that
most responsible leaders and policymakers would say, “no thanks” to that option.
A second option would be to conduct the acquisition, but without FISC supervision. This would be a
perverse outcome of the surveillance debate. It is also, probably, in the current environment, not
possible as a practical matter, because an additional reason 702 was needed was to be able to serve
lawful process, under a statutory framework, on communications service providers, in order to
effectuate the collection.
In light of these options: collect less information pertaining to important foreign intelligence targets, or,
collect it without statutory grounding (including Congressional oversight requirements) and judicial
supervision, the collection framework established under 702 looks pretty good.
Link – FISC special advocate
A FISC advocate wrecks terrorism investigations – litigation delays and public notice
Cordero, 15 - Director of National Security Studies, Georgetown University Law Center, Adjunct
Professor of Law (Carrie, “The Brennan Center Report on the FISA Court and Proposals for FISA Reform”
4/2, Lawfare, http://www.lawfareblog.com/brennan-center-report-fisa-court-and-proposals-fisa-reform
Instead, the Brennan Center report calls for a special advocate that would “be notified of cases pending
before the court, have the right to intervene in cases of their choosing, and are given access to all
materials relevant to the controversy in which they are intervening.” (p.46). If this type of special
advocate were created by legislation, here is just a snapshot of what it would mean:
We would be providing greater ability to challenge surveillance to foreign intelligence targets, than to
subjects of criminal investigation domestically, for whom wiretap applications are approved in camera
ex parte by district court judges and magistrates.
We would be endorsing the concept of litigating surveillance conducted for national security purposes
before it takes place, placing intelligence operations and national security at risk.
We would be creating an entire new bureaucracy duplicating the legal and oversight functions that the
Justice Department, under the leadership of the Attorney General, and the Court, comprised of
independent federal district court judges, perform.
There are currently many different components involved in the oversight of activities under FISA. They
include: internal compliance offices at the collecting agencies, Offices of General Counsel, Inspectors
General, the Office of the Director of National Intelligence, the Department of Justice, the FISC,
Congressional oversight committees and the newly invigorated Privacy and Civil Liberties Oversight
Board. If there is a desire to strengthen the oversight and accountability of activities conducted under
FISA, focus should be given to making the existing structure more effective, not adding more
bureaucracy.
Link – primary purpose test
The primary purpose test builds a wall between intelligence services and criminal
investigation – that wrecks terrorism investigation and is the reason 9/11 occurred
Cordero, 15 - Director of National Security Studies, Georgetown University Law Center, Adjunct
Professor of Law (Carrie, “The Brennan Center Report on the FISA Court and Proposals for FISA Reform”
4/2, Lawfare, http://www.lawfareblog.com/brennan-center-report-fisa-court-and-proposals-fisa-reform
3. “Restore the Primary Purpose Test”
This recommendation could alternatively be called “re-build the ‘wall’.” The report’s least persuasive
recommendation is that FISA should revert to its pre-9/11 standards that resulted in a “wall” separating
criminal investigators and intelligence investigators chasing the pre-2001 al Qaeda threat. It is a
provocative recommendation in that it is a clear call to fully push the pendulum back to the pre-9/11
construct. Given the way that the national security and law enforcement communities have
implemented various recommendations to work collaboratively, share information, and fulfill the
mandate to prevent acts of international terrorism, reverting to the old legal standards that led to the
creation of the “wall” would involve undoing many of the positive changes that have taken place in the
last decade-plus. In addition, similar to section 702 (discussed above) the purpose standard is not one of
the provisions that is up for sunset this year; the provision is currently permanent, unless there were to
a new effort to undo it.
The report attempts to place distance between the prevailing pre-9/11 interpretation of the “primary
purpose” standard, the implementation of procedures that were intended to support that
interpretation, and the practical effects. In other words, the report suggests that the legal standard did
not demand the rules and restrictions that were put in place. But the reality is that the rules and
restrictions were put in place, and the “wall” was the result.
The actual, practical impact of the "wall" has been described in various statements before Congress by
current and former government officials. One such compelling testimony was the 2003 statement
before the Senate Judiciary Committee of Patrick Fitzgerald, the former United States Attorney in the
Northern District of Illinois. New York served as the hub of the FBI and DOJ’s efforts against al Qaeda
prior to the 9/11 attacks. Fitzgerald was a lead prosecutor in New York at the time who worked closely
with the FBI’s New York office. He had first-hand experience with the “wall”:
“It is nearly impossible to comprehend the bizarre and dangerous implications that "the wall" caused
without reviewing a few examples. While most of the investigations conducted when the wall was in
place remain secret, a few matters have become public. I was on a prosecution team in New York that
began a criminal investigation of Usama Bin Laden in early 1996. The team -- prosecutors and FBI agents
assigned to the criminal case -- had access to a number of sources. We could talk to citizens. We could
talk to local police officers. We could talk to other U.S. Government agencies. We could talk to foreign
police officers. Even foreign intelligence personnel. And foreign citizens. And we did all those things as
often as we could. We could even talk to al Qaeda members -- and we did. We actually called several
members and associates of al Qaeda to testify before a grand jury in New York. And we even debriefed
al Qaeda members overseas who agreed to become cooperating witnesses.
But there was one group of people we were not permitted to talk to. Who? The FBI agents across the
street from us in lower Manhattan assigned to a parallel intelligence investigation of Usama Bin Laden
and al Qaeda. We could not learn what information they had gathered. That was "the wall." A rule that a
federal court has since agreed was fundamentally flawed -- and dangerous.”
The federal court that, I believe, Fitzgerald’s testimony refers to is the 2002 decision In Re Sealed Case,
issued by the Foreign Intelligence Surveillance Court of Review. The Brennan Center report provides the
background for how the case reached the Court of Review, but in short, the Court rejected the notion
that the “primary purpose” test was required by the 1978 version of FISA.
For all the criticisms of the USA Patriot Act of 2001, changing FISA’s standard to “a significant purpose”
and removing the justification for the old “wall” is one that has been overwhelmingly understood as an
important substantive correction. There is no reason to go backwards.
Link – transparency
Increasing transparency alerts terrorists of NSA tactics – increases the risk of
cyberterrorism
De 14 - General Counsel, National Security Agency (Rajesh, “The NSA and Accountability in an Era of Big
Data”, JOURNAL OF NATIONAL SECURITY LAW & POLICY, 2014,p.4//DM)
Perhaps the most alarming trend is that the digital communications infrastructure is increasingly also
becoming the domain for foreign threat activity. In other words, it is no longer just a question of
“collecting” or even “connecting” the dots in order to assess foreign threats amidst more and more
digital noise, it is also a question of determining which of the so-called “dots” may constitute the threat
itself. As President Obama has recognized, “the cyber threat to our nation is one of the most serious
economic and national security challenges we face.”
Many of us read in the papers every day about cyber attacks on commercial entities. Hackers come in all
shapes and sizes, from foreign government actors, to criminal syndicates, to lone individuals. But as
former Secretary of Defense Leon Panetta warned a few months ago, “the greater danger facing us in
cyberspace goes beyond crime and it goes beyond harassment. A cyber attack perpetrated by nation
states or violent extremist groups could be as destructive as the terrorist attack on 9/11.” And as the
President warned in his recent State of the Union address, we know that our enemies are “seeking the
ability to sabotage our power grid, our financial institutions, our air-traffic control systems.” We also
have seen a disturbing trend in the evolution of the cyber threat around the world. As General Keith
Alexander, the Director of NSA, describes it, the trend is one from “exploitation” to “disruption” to
“destruction.” In fundamental terms, the cyber threat has evolved far beyond simply stealing – the
stealing of personal or proprietary information, for example-to include more disruptive activity, such as
distributed denial of service attacks that may temporarily degrade websites; and more alarmingly, we
now see an evolution toward truly destructive activity. Secretary Panetta, for example, recently
discussed what he described as “probably the most destructive attack the private sector has seen to
date” – a computer virus used to infect computers in the Saudi Arabian State Oil Company Aramco in
mid-2012, which virtually destroyed 30,000 computers.
***
Within this context, big data presents opportunities and challenges for the government and the private
sector. Improving our ability to gain insights from large and complex collections of data holds the
promise of accelerating progress across a range of fields from health care to earth science to biomedical
research. But perhaps nowhere are the challenges and opportunities of big data as stark as in the
national security field, where the stakes are so high – both in terms of the threats we seek to defeat,
and of the liberties we simultaneously seek to preserve. This reality is readily apparent in the evolving
and dynamic cyber environment, and perhaps no more so than for an agency at the crossroads of the
intelligence and the defense communities, like NSA.
Of course, NSA must necessarily operate in a manner that protects its sources and methods from public
view. If a person being investigated by the FBI learns that his home phone is subject to a wiretap,
common sense tells us that he will not use that telephone any longer. The same is true for NSA. If our
adversaries know what NSA is doing and how it is doing it – or even what NSA is not doing and why it is
not doing it – they could well find ways to evade surveillance, to obscure themselves and their activities,
or to manipulate anticipated action or inaction by the U.S. government. In sum, they could more readily
use the ocean of big data to their advantage.
Link - PRISM
PRISM collects vast amount of data—prevents terrorism
Kelly et al, 2014 – Project director for Freedom on the Net, author and editor (“Freedom on the Net”,
Freedom House, no date,
https://freedomhouse.org/sites/default/files/FOTN_2014_Full_Report_compressedv2_0.pdf)//TT
Leaked documents indicated that the Foreign Intelligence Surveillance Court (FISA Court) had
interpreted Section 215 of the PATRIOT Act to permit the FBI to obtain orders that compel the largest
telephone carriers in the United States (Verizon, AT&T, Sprint, and presumably others) to provide the
NSA with records of all phone calls made to, from, and within the country on an ongoing basis. These
billions of call records include numbers dialed, length of call, and other “metadata.”81 Data are
gathered in bulk, without any particularized suspicion about an individual, phone number, or device.
Without approval from the FISA Court or any other judicial officer, NSA analysts conduct queries on this
data, generating contact chains that show the web of connections emanating from a single phone
number suspected of being associated with terrorism.82
Leaks also revealed new details about programs authorized by Section 702 of the Foreign Intelligence
Surveillance Act. Section 702 allows the NSA to conduct surveillance of people who are not U.S. citizens
and who are reasonably believed to be located outside the United States in order to collect “foreign
intelligence information.”83 Under a program called “PRISM,” the NSA has been compelling at least nine
large U.S. companies, including Google, Facebook, Microsoft and Apple, to disclose content and
metadata relating to emails, web chats, videos, images, and documents.84 Also under Section 702, the
NSA taps into the internet backbone for “collection of communications on fiber cables and
infrastructure as data flows past.”85 Although these programs are targeted at persons abroad, the NSA
is able to retain and use information “incidentally” collected about U.S. persons.
Link – third party doctrine
Narrowing the third party doctrine will wreck terrorism investigations
Sievert 14 * Professor, Bush School of Government and U.T. Law School, author of three editions of
Cases and Materials on US Law and National Security (Ronald, “Time to Rewrite the Ill-Conceived and
Dangerous Foreign Intelligence Surveillance Act of 1978”, National Security Law Journal Vol. 3, Issue 1 –
Fall 2014)//GK
As discussed in this Article, at present the government must demonstrate probable cause that a target is an agent of a foreign power before
conducting FISA surveillance. The government also needs probable cause for physical searches, arrests, and indictments. Probable cause
does not exist at the moment an informant advises an agent an individual is a dangerous terrorist, or when an agent observes a suspect
clandestinely meet a terrorist or spy. It is
generally established only after the receipt of corroborating evidence
such as that contained in phone, bank, and travel records. These records are currently obtained with a Grand Jury
subpoena or court order based merely on relevance to the federal investigation.267 This lower standard exists because in the
past the Supreme Court has held, in cases such as Smith and Miller, that there was no expectation of privacy in
these records because of the third party doctrine. Probable cause is not needed and often is not present at this stage of an
investigation. Judge Leon’s essential rejection of the third party doctrine finds support in the questions raised by Justice Sotomayor. It is also
supported by the public outcry of those whose response to the Snowden revelations has been to demand probable cause before the
government obtains records.268 If this rejection
of the third party doctrine were to lead to statutory or judicial
requirements that the government meet a standard higher than legitimate relevance before obtaining
phone, bank, travel, and other records shared with a third party, the government would often be stymied in the
earliest stages of an investigation. Probable cause, as defined, seldom if ever exists in these early stages.
The ability to obtain the corroborating evidence that would support a FISA order, Title III warrant, or
indictment, would be foreclosed. As has been repeatedly stated in this Article, the mandate to demonstrate probable cause before
conducting electronic surveillance in intelligence cases was an unjustified overreaction to the Watergate era. A further requirement
that the government show probable cause to obtain basic records from a third party would be another
overreaction, which would likely eviscerate the government’s ability to protect the American people.
AT: No data confirms link
NSA programs are key to stop terrorists—empirics prove
Young 14– President and General Counsel of Ronin Analytics, LLC. and former NSA senior leader (Mark,
“National Insecurity: The Impacts of Illegal Disclosures of Classified Information”, I/S: A Journal of Law
and Policy for the Information Society, 2014,
http://moritzlaw.osu.edu/students/groups/is/files/2013/11/Young-Article.pdf)//DBI
It is not only logic that leads one to believe in the value of NSA collection, but also testimony by
intelligence professionals. For example, according to the House Intelligence Committee, NSA activities
have “been integral in preventing multiple terrorist attacks, including a plot to attack on the New York
Stock Exchange in 2009.”42 The PRISM program – a program reported to provide NSA access to
information some of the largest technology companies - provided “critical leads” to disrupt more than
50 potential terrorist events in more than 20 countries. The Foreign Intelligence Surveillance Act
authority - the congressional authorization to target communications of foreign persons who are located
abroad for foreign intelligence purposes - contributed to more than 90 percent of these disruptions.43
AT: info overload
Bulk data collection is necessary to ensure we have the important information
Young 14– President and General Counsel of Ronin Analytics, LLC. and former NSA senior leader (Mark,
“National Insecurity: The Impacts of Illegal Disclosures of Classified Information”, I/S: A Journal of Law
and Policy for the Information Society, 2014,
http://moritzlaw.osu.edu/students/groups/is/files/2013/11/Young-Article.pdf)//DBI
This information was declassified and publically released to inform the public about what data were
collected and analyzed by NSA, to balance inaccurate speculations by the media about NSA, and to
facilitate the debate about U.S. intelligence Community operations. When examined together, the
information disclosed by Snowden and the declassified information released by the ODNI present a
positive picture of prudent measures for national security. If the information about programs such as
PRISM, FAIRVIEW, or OAKSTAR is accurate, then it appears as if the intelligence community has not only
adjusted well to global technical advancements in telecommunications, but also learned significant
lessons from the September 11, 2001 terrorist attacks.
It was known in early 2001 that NSA’s effectiveness was challenged by the “multiplicity of new types of
communications links, by the widespread availability of low-cost encryption systems, and by changes in
the international environment in which dangerous security threats can come from small, but well
organized, terrorist groups as well as hostile nation states.”39 Any challenge about the value of an
intelligence program must address the importance of data quantity and quality. First, since intelligence
analysis depends on having access to relevant information, logic dictates that more data is always
better. As noted by Mark Lowenthal:
The issue then becomes how to extract the intelligence from the mountain of information. One answer
would be to increase the number of analysts who deal with the incoming intelligence, but that raises
further demands on the budget. Another possible response, even less palatable, would be to collect less.
But, even then, there would be no assurance that the “wheat” remained in the smaller volume still
being collected.40
Thus, quantity has an intelligence quality all its own. In addition, the type of information needed by the
intelligence community is also important. Given the priorities noted in the National Security Strategy,
the importance of NSA collection and analysis as noted in congressional testimony and the ever-present
threats by terrorist groups and hostile nations the American public should vigorously endorse the type
of programs viewed by Snowden as oppressive. It is troubling to see the disclosure of techniques
allegedly used by NSA to obtain “cryptographic details of commercial cryptographic information security
systems through industry relationships,”41 and the rampant speculation about the monitoring of the
mobile phones of the heads of state from Europe.
AT: Freedom Act N/U
The Freedom Act only got low hanging fruit – it didn’t curtail the bulk of NSA actions
Dyer, 15 – staff for Financial Times (Geoff, “Surveillance bill fails to curtail bulk of NSA activities” 6/3,
http://www.ft.com/cms/s/0/39089cc6-097f-11e5-b643-00144feabdc0.html#axzz3dwYfO1mL
The passage of the first bill since 9/11 to curtail government surveillance represents a dramatic shift in
the politics surrounding terrorism in the US, but a much less significant change in the way the
intelligence community actually operates.
The USA Freedom Act, which has been comfortably approved by both the Senate and the House, bars
the government from collecting the phone records of millions of US citizens, a programme which
became the focus of public fears about overbearing electronic surveillance.
The surveillance legislation reform still leaves the US intelligence community with formidable legal
powers and tools to collect data and other online information for terrorism-related investigations,
however.
Despite the tidal wave of revelations and public anger towards the National Security Agency following
the 2013 leaks by Edward Snowden, congressional efforts to rein in the agency have so far not curtailed
the bulk of its activities.
“The more savvy members of the intelligence community have been saying for some time, ‘If this is the
hit that we have to take, then so be it’,” says Mieke Eoyang at the centrist Third Way think-tank in
Washington, referring to the bulk telephone data collection programme.
The very first Snowden leak was a secret court order requiring Verizon to hand over the call records of
its customers, in the process revealing an official dragnet that was capturing details about tens of
millions of Americans.
Amid the many Snowden documents about the NSA that followed, it was this programme that
crystallised public fears in the US that the government was abusing privacy rights in its zeal to monitor
terrorist threats.
The Freedom Act is designed to tackle those concerns about the bulk collection programme. The
legislation calls for telephone companies and not the government to store the information and requires
a court order before the call data can be searched.
Supporters of the reform celebrated two further conditions in the bill. It limits the scope of government
inquiries, so that officials cannot ask, for instance, for all calls in the 212 area code. And it requires that
the secret foreign intelligence court publish legal opinions that change the scope of information that can
be collected.
Beyond the specifics, the passage of the bill represents a landmark in the underlying politics of national
security. Before the Snowden revelations, the political climate over terrorism would have made it
routine to renew the sections of the post-9/11 Patriot Act that have now been replaced by the USA
Freedom Act.
Yet the reality is that for the past 18 months, the administration has been making a tactical retreat from
the call records programme. A panel of experts appointed by the White House, which included former
senior intelligence officials, said in December 2013 that the programme was “not essential” for
preventing terrorist attacks. In early 2014, President Barack Obama called for many of the changes to
the programme contained in the new legislation.
“This is something we can live with ,” says a former senior intelligence official of the USA Freedom Act.
Moreover, even the bill’s biggest supporters among privacy advocates acknowledge that it leaves much
of the intelligence collection conducted by the US untouched.
“We have now addressed the excesses from the very first Snowden story, so for that I am lifting a glass,”
says Julian Sanchez at the libertarian Cato Institute in Washington. “But there is a lot left. In terms of the
total scope of surveillance conducted by the NSA, this is a tiny corner.”
The Freedom Act didn’t actually curtail surveillance
Brenner, 15 - Senior Fellow, the Center for Transatlantic Relations; Professor of International Affairs,
University of Pittsburgh (Michael, Huffington Post, “The NSA's Second Coming” 6/8,
http://www.huffingtonpost.com/michael-brenner/the-nsas-second-coming_b_7535058.html
That all makes for one awesome production. Doubtless there will be a film adaptation immortalized in a
script by Bob Woodward. Something like that will happen -- even though it is a concocted yarn whose
meaning has been twisted and whose significance has been vastly inflated. For the truth is that what
Congress did, and what it did not do earlier, changes very little -- and nothing of cardinal importance.
The main effect is to give the impression of change so as to release pressure for reform that might really
be meaningful. The base truth is that everything that counts remains the same. To entrench and to
legitimate a system of massive surveillance that undercuts our privacy while doing nothing to secure our
well-being.
Let's look at the false notes struck by this narrative.
Matters of Fact
1.
The so-called restrictions on bulk data collection apply only to telephone calls. All else is
exempted: emails, Internet searches, social media, and info regarding each that is retained in our
communicating devices.
2.
The restrictions on real-time surveillance of telephone calls can be overcome by the granting of
a warrant by the FISA upon request by NSA, FBI, Justice Department, CIA -- not to speak of local
authorities. That Court, over the past eight years, has refused only 11 of 33,900 requests. The judges, by
the way, are handpicked by Supreme Court Chief Justice John Roberts who has jumped into the policy
arena by declaring himself strongly opposed to any tightening of restrictions on how the court operates
or on the NSA's methods. The FISA court's attitude toward government spying on Americans has been
generous to the extreme. Former lead judge of the FISA Court, John D. Bates, has campaigned vigorously
on behalf of the status quo. He even objected to the extra workload of requiring that courts approve all
national security letters, which are administrative subpoenas allowing the F.B.I. to obtain records about
communications and financial transactions without court approval.
3.
The specified targets may be organizations, groups and networks as well as an individual. In
practice, that means each grant of surveillance power may authorize comprehensive electronic spying
on hundreds or thousands of citizens.
Currently the NSA is overwhelmed by the billions of communications they register and try to catalogue
each week. Long-term data retention only makes sense if there is a project afoot to exploit it
systematically in order to control, to suppress, to penalize. There is no such Big Brother plan in place or
on the horizon. NSA operations fortunately have instead been conceived and managed by fantasists and
bureaucratic empire builders -- as is demonstrated by Edward Snowden's leaks of their immense target
list and their major intelligence failures.
4.
The terms of the warrants allow for a two-step "hop" from the identified target to others whose
suspect communications emerge from the initial combing.
Here is one hypothetical scenario. The NSA requests approval from the FISA court to collect the
communications of the Arab-American Civil Rights League on the grounds that it suspects some dubious
characters have been using its facilities. Over a period of months (if there a restriction on the duration of
electronic surveillance under FISA rules), they register 1,000 communications. Using 'first hop' privileges
they identify 250 persons whose own communications they wish to tap. Using "second hop" privileges
they next identify a total of 1,500 more people whose communications they wish to tap. That makes a
total of 2,700 persons whose telephone calls they are monitoring and storing. Each year, the NSC
requests warrants from the FISA courts about 500 times. Hence, we can project more than 1 million
telephone numbers now under surveillance for an indefinite period of time. For we should further note
that once an official investigation is begun the records acquire the status of legal documents in a judicial
or quasi-judicial proceeding.
5. There is an exemption for on-going investigations. The Patriot Act's Section 224, its "grandfather
clause", allows active investigations that began prior to midnight on Monday to continue using the
expired programs.They number in the thousands given the hyper-activism of our security agencies in
identifying subjects for their attentions in order to justify vast capabilities and vast budgets. Those
broadly cast investigations can go on for years. And all of this is secret.
FREEDOM Act creates no actual constraints against intelligence
Brenner, 15 - Senior Fellow, the Center for Transatlantic Relations; Professor of International Affairs,
University of Pittsburgh (Michael, Huffington Post, “The NSA's Second Coming” 6/8,
http://www.huffingtonpost.com/michael-brenner/the-nsas-second-coming_b_7535058.html
The United States Freedom Act does not trouble Intelligence agency leaders. They have widely assumed,
as admitted in private statements, that the compromise provisions merely create a few procedural
inconveniences that could be circumvented or neutralized by exploiting loopholes - no more than speed
bumps. None of the Agency's core activities would be significantly affected. So there is no reason for
anyone in the intelligence agencies to sweat the small stuff: a shift in the number of days the NSA can
retain the sweepings of Metadata collection; or whether the data should be held at their storage lock-up
or the one across the street protected by a bicycle lock and owned by a very accommodating neighbor?
And who's checking, anyway -- the FBI? the FCC?