A Fascinating Document.
The White House has released its new “Report and Recommendations of The President’s Review Group on Intelligence and Communications Technologies” today.
It’s about 300 pages long, so I haven’t actually finished reading it. That said, Chapters VII and VIII read like they were plagiarized off my post on internet freedom being a US national security interest. It’s an interesting document, so far, chock full of surprises in terms of recommendations compared to what, I think, most people expected.
This is a placeholder post for people, but there’s a good review of the document from a tech perspective at Ars Technica.
Lawfare of course is an interesting place to look to. There’s the executive summary here, along with a brief commentary by Ben Wittes.
The important bits by the way in the recommendation list I think are:
Recommendation 27
We recommend that:
(1) The charter of the Privacy and Civil Liberties Oversight Board should be modified to create a new and strengthened agency, the Civil Liberties and Privacy Protection Board, that can oversee Intelligence Community activities for foreign intelligence purposes, rather than only for counterterrorism purposes;
(2) The Civil Liberties and Privacy Protection Board should be an authorized recipient for whistle-blower complaints related to privacy and civil liberties concerns from employees in the Intelligence Community;
(3) An Office of Technology Assessment should be created within the Civil Liberties and Privacy Protection Board to assess Intelligence Community technology initiatives and support privacy-enhancing technologies; and
(4) Some compliance functions, similar to outside auditor functions in corporations, should be shifted from the National Security Agency and perhaps other intelligence agencies to the Civil Liberties and Privacy Protection Board.
Recommendation 28
We recommend that:
(1) Congress should create the position of Public Interest Advocate to represent privacy and civil liberties interests before the Foreign Intelligence Surveillance Court;
(2) the Foreign Intelligence Surveillance Court should have greater technological expertise available to the judges;
(3) the transparency of the Foreign Intelligence Surveillance Court’s decisions should be increased, including by instituting declassification reviews that comply with existing standards; and
(4) Congress should change the process by which judges are appointed to the Foreign Intelligence Surveillance Court, with the appointment power divided among the Supreme Court Justices.
Recommendation 29
We recommend that, regarding encryption, the US Government
should:(1) fully support and not undermine efforts to create encryption standards;
(2) not in any way subvert, undermine, weaken, or make vulnerable generally available commercial software; and
(3) increase the use of encryption and urge US companies to do so, in order to better protect data in transit, at rest, in the cloud, and in other storage.
Recommendation 31
We recommend that the United States should support international norms or international agreements for specific measures that will increase confidence in the security of online communications. Among those measures to be considered are:
(1) Governments should not use surveillance to steal industry secrets to advantage their domestic industry;
(2) Governments should not use their offensive cyber capabilities to change the amounts held in financial accounts or otherwise manipulate the financial systems;
(3) Governments should promote transparency about the number and type of law enforcement and other requests made to communications providers;
(4) Absent a specific and compelling reason, governments should avoid localization requirements that (a) mandate location of servers and other information technology facilities or (b) prevent trans-border data flows.
Recommendation 32
We recommend that there be an Assistant Secretary of State to lead diplomacy of international information technology issues.
Recommendation 33
We recommend that as part of its diplomatic agenda on international information technology issues, the United States should advocate for, and explain its rationale for, a model of Internet governance that is inclusive of all appropriate stakeholders, not just governments.
I’m reading it probably tomorrow.Report
No. 28 is my idea!Report
I spent most of the day wondering why Obama would have wanted to create the impression that he can only do his job when forced to by an outside body (even if of his creation) by first letting the IC get as far out of control as it has and then bringing out into the public his policy review process, which should just be part of governing, shouldn’t have to be conducted by a special commission outside of the administration, should have (internally) led him to take action to bring the IC to heel much sooner, and which will likely lead to some set of reforms he could have adopted all along. But then it dawned on me: whatever success he would have had internally pushing back against the entrenched thinking in the IC that leads to the “if it can be done and there’s any way to argue it’s legal (which means, if it can be done), then it must be done” attitude he’d get essentially no public credit for it. Certainly from privacy activists (he still won’t now), and it’s just not likely that he would have pushed back enough that, in the case of Snowden-like disclosures about ongoing activities after those hypothetical reforms, there wouldn’t still be a scandal on the level of what Snowden’s disclusures in fact occasioned. (Whether the insufficiency of those reforms would be to a deficiency of Obama’s effectiveness, or because such reversals are basically impossible once programs such as this are in place, or just because his own policy preferences meant he wouldn’t have sought such an outcome could be debated.) I.e., I realised that, short of successfully keeping the extent of the programs secret indefinitely, there was no route to reforms that would be even potentially minimally sufficient to those who are vocal about these issues that didn’t run through public disclosures leading to public review processes outside the administration.
That’s not a defense of Obama; I’m saying that a much more courageous, principled, substantively correct, committed, politically indifferent, and dogged Obama could have made real policy changes internally that might have quieted privacy activist criticism a bit. But that’s not the Obama we have. I was trying to figure out why the Obama we have wanted to put himself in the position of having to place his policy review process outside the administration and in public, and to be forced from without to do his basic governing job: it’s because the Obama we actually have isn’t up to doing that task in a way that satisfies stakeholders enough to give that he gets sufficient political advantage from doing it. So he waits until he’s forced to and decides not to care how it looks. Profiles in courage.Report
Are you sure this isn’t akin to the way he handled DADT? Force the hand of Congress and the judiciary in a way that makes reforms sticky in a way that executive orders alone don’t?Report
I think that’s a valid point. The difference, however, is that there was a much weaker argument that the president could override DADT with an executive order, since it actually was a law Congress passed about how it wanted the military run. Here, the programs re essentially Executive Branch actions taken pursuant to more general Congressional grants of power and funding to pursue nearly all methods to maximise security that are legal and good policy. Congress nowhere specifically directed NSA to develop the capability to store the records of all American phone calls; they did so pursuant to their mission as more generally defined. Therefore, the President, as head of the Executive Branch and commander in chief (the NSA is part of the military) ought in theory to have more space to shape or direct activities than on a point where the Congress has specifically weighed in like DADT.
But that’s in theory. In fact, the intelligence community and the military carry immense political weight of their own regardless of the will of the commander in chief, and important elements of those power centers have mobilised heavily to argue for the necessity of these programs. That’s why I raised the questions both of this president’s or of any president’s actual ability to effect reforms of significant scope (even assuming their will to do so, which we can’t assume). So that’s the reason that you point is valid – it may simply be that reforms couldn’t have been achieved (they still might not) without the president having the reinforcement of a public process like this in which IC éminences grises act/speak out to counterbalance incumbent IC interests, and public sentiment mobilised by shocking disclosures as well as the processes they occasion are brought to bear on Congress, all of which significantly strengthens the president’s hand.
That view, though, does tend to give a bit too much credit to the White House, which for all the world looks to me to simply be getting carried along by events on this more than shaping them in really any way at all. At the very least they’re primarily reactive – I certainly don;t think they were searching in any particularly concerted way for ways to reign in the NSA on these programs before Snowden’s leaks.Report
Michael,
if they weren’t, then they really have been letting foxes in the henhouse…
[Maybe no one bothered to tell them about something called “industrial espionage”? nah…]Report
The institutional defense against change is not political clout in this case*, it is simply the sheer size and opaqueness of the enterprise. The intelligence community is a 70 plus billion dollar a year concern (money largely separate from the military budget, as sequester furloughs illustrated) spread across 15-17 different government agencies. Even those on the inside have a hard time getting a handle on all the different organizational branches and tendrils (I’m talking pure org chart stuff here, not operations)
Were Obama to have made a concerted effort to institute some changes**, people would have listened to him (they do have discipline in that sense), but there would have been a lot of parsing and rule lawyering anyway.*** Which, in something with so many levels between political leadership, upper management, and the folks at the analytical front lines, would have easily led to disconnects between the intentions of the political leadership, the orders given by upper management, and the execution by the front line folks. Heck, that’s the story of Iraq (and Afghanistan. And Vietnam. And Black Hawk Down. And so on).
* political clout comes through on budgetary matters, not operational ones. You can’t close a base anywhere, and there’s a small furor going on now about how military retirement pension COLAs are being reduced with this current budget deal, but operational matters are a different thing. For instance, the institutional military was at its most bullish on Iraq in late 2006 early 2007, while the body politic was at its most bearish. (but because Bush could do a surge by executive order, and was past any personal electoral repercussions, the opinion of the people on the surge didn’t matter)
**which, to be clear he didn’t. He didn’t want to. Why change? We got Bin Laden after all. Everything was good.
***which is largely the case now anyway. The NSA, as an institution, doesn’t think it’s doing anything wrong. And in the strict legal and (current) regulatory sense, they’re probably right.Report
It’s certainly institutional inertia, Kolohe, (opacity I’m starting to think less so – Ryan Lizza’s reporting gives me the sense they had a really pretty complete picture of what was going on right from the start in 2009), but it’s definitely the political clout of the military/IC as well. Their ability, notwithstanding whatever judgement the president comes to on the merits (which wasn’t really that adverse to their preferences in this case anyway if we trust Lizza’s account) to go out through their public-information intermediaries and imply tat the president of the United states isn’t doing everything he could to keep the country safe – and be believed. That exists, and it’s definitely an active reality in actors’ calculations on these matters.Report
Their ability … to go out through their public-information intermediaries and imply tat the president of the United states isn’t doing everything he could to keep the country safe – and be believed.
I disagree slightly, but only insofar as the strategic communications capability of the White House (any White House) trumps all. They have the biggest megaphone and, more importantly, the most connections into the media memestorm. The ability to lead and dominate the narrative is pretty much ipso facto from their ability to get elected – and especially, in cases where they are re-elected.
(and, after May 2, 2011, this administration particularly could just say ‘scoreboard’, and (correctly) deflect any criticism. which actually is what they did (also correctly) and it did assist in their re-election.)
It’s just a facet of this particular administration, with the notable exception of that Bin Laden raid and the partial exception of the Odyssey Dawn, that it is rather passive-agressive when faced with either military or diplomatic policy decisions. It really need not be. (though that possibly partly the result of the first year’s Afghanistan decision cycle)Report
We’ll have to disagree that defense community voices are as completely trumped by the all-powerful presidential megaphone as you suggest, K.Report
Every time there’s been a White House vs military establishment conflict since WW2*, the White House has won. Truman v MacArthur, Kennedy in the Cuban Missile Crisis, Clinton yanking troops out of Somalia (and yes, DADT).
It’s only when they have failed to make a decision – Kennedy in the Bay of Pigs, Clinton allowing mission creep in Somalia in the first place – where they get burned. And all modern presidents (and any conceivable one in the near future) are perfectly fine with as dhex would call it, the throne of blood, so there is normally comity between the White House and the establishment. So we get the Gulf of Tonkin (and Korea) and Iraq 2 (and 1) and every other Clinton-era military kinetic strike and Afghanistan – and the current state of the national security state.
The only arguable ‘loss’ between the White House and the establishment is how Ike, of all people, was accused of weakness late in his administration which Kennedy exploited to get himself into the White House
*before WW2 there was no military establishment. During WW2 the military establishment and FDR were rarely at loggerheads, but in those cases that it was, FDR got his way.Report
Ultimately, yes, the WH pretty much has to win the fights when they occur. They’re ultimately in charge, and civ-mil relations in this country aren’t that out of whack. But the issue that affects actors’ behavior is not the prospect of losing the fights outright, but of the political costs that are inflicted on WHs during the course of them. WHs are to varying degrees interested in avoiding them if possible, this WH relatively more so than some.Report
…This is illustrated in your admission that “It’s only when they have failed to make a decision … where they get burned.” Certainly there are ample examples of native indecision by WHs on military affairs. But to deny that often the indecision you talk about is significantly influenced by concern over the reception of their policy by the military or defense community and their public signaling about that reception I think denies a significant driver of presidential decision making in the national security area.Report
I’ve not read the document and probably won’t, but I’ve heard a lot about it on NPR. When they got to the part about “needing Congress to pass laws to make most of the changes”..well, let’s just say I’m not optimistic.
I think my main comment to all this is “yeah, that’ll happen”. NO ONE gives up power once they have it-not without a fight.Report
These recommendations look like someone’s advocating that the U.S. actually uphold its ideals of democratic accountability. The question is, in the age of the national security state, can this actually be implemented in a way that’s more than mere window dressing?Report
Yes. However, we may not like the way it gets implemented.
Wikileaks and Snowden are methods to uphold democratic accountability.
… but they’re the nice methods.
Push Google and IBM and everyone else far enough, and the methods
will not be so nice.Report
“These recommendations look like someone’s advocating that the U.S. actually uphold its ideals of democratic accountability.”
No way. I’m pretty sure you read it wrong.Report
One interesting thing about the recommendations specifically in regard to the current discussion of the phone metadata program and Judge Leon’s decision is that, unless I am reading this section wrong:
…then, far from falling short of a policy that comports with a rule that is on the scale of the search carried out in the original Maryland v. Smith case, where the issue was a warrantless pen register search but one, critically for privacy advocates engaged in the 4th Amendment aspect of this fight now, limited in whose records it reviewed over what period (not due to any such limitation imposed by law, but merely of law enforcement interest/search capability in the case at hand), this report actually recommends the institution of a (statutory) legal requirement for a warrant for any such query (even, well, really only, since that is the domain these recommendations limit themselves to, for matters of national security!). (It may be that the FISC order that section refers to wouldn’t amount to a warrant, but it sounds pretty warrant-y to me.)
In effect, while it could be argued that a judicial clarification of Smith that limited it to something like the facts of the case rather than the actual rule it articulated would amount, under present technological conditions, to a de facto reversal of the rule of the decision (after all, the majority in ’79 surely could have limited the rule to one where the investigating authority would have to at least name the parties whose records they have an interest in, even if not requiring enough evidence for suspicion be given to justify a warrant issuing…), these recommendations blow right through any distinctions of that sort whatsoever, and simply say that even the kinds of targeted queries that (at least) the Court said could go forward in domestic law enforcement work without a warrant in 1979 now, in the national security context, should, by law, require something very much like a warrant in order to go forward legally. Again, unless I’m wrong about the nature of the order the authors recommend requiring in the quoted passage.Report
(…Which, as to the caveat in the last line, I very well may in fact be wrong, to be sure…)Report
Maryland v. Smith says that the Constitution does not require a warrant before the government takes a pen register. It doesn’t say that a statute requiring the government to get some other sort of finding before seeking one would be unconstitutional. IOW, both this recommendation and Smith can peacefully coexist.Report
Of course.Report
…My point wasn’t that they’re inconsistent, but that that particular recommendation probably shouldn’t stand accused of lacking robustness if considered in the context of the terms of the most recent constitutional discussion of the matter. This recommendation would require a showing of cause (in the national security sphere no less!) that would be greater (again, unless I misunderstand the nature of the order being contemplated) than that which would be required under a Smith rule that had been rewritten to right-size it to the facts of Smith, with that right-size-to-facts being defined as many privacy advocates would have it (i.e. some kind of limitation as to number of records reflecting what period of time can be reviewed, though obviously many others would just throw Smith 100% overboard if they could).Report