The National Security Agency’s ability to retain and mine bulk phone records may be limited under recommendations from an independent privacy board created by Congress, its chairman said.
The Privacy and Civil Liberties Oversight Board is considering a proposal to reduce the length of time that records can be kept to three years from five years, David Medine told reporters in Washington today.
The board also may recommend that foreigners have more privacy protections under an NSA program that intercepts e-mails and other Internet communications, Medine said.
“There’s been concern both domestically and internationally about these programs and that’s really why we’re conducting this study,” Medine said. “We’re taking a very hard look at it.”
The NSA is under mounting scrutiny in Congress and abroad in response to revelations that it has spied on foreign leaders, tapped fiber-optic cables abroad to obtain data from companies including Google Inc. (GOOG) and Yahoo Inc., and gathered the e-mails and bulk phone records of innocent Americans.
The board, established as an independent agency under a 2007 law, is reviewing court-authorized NSA programs that allow it to collect phone records on millions of Americans and intercept electronic communications of foreign terrorist suspects. The programs were exposed in June by former NSA contractor Edward Snowden, who remains in Russia under temporary asylum.
The administration could support some changes to the phone-records collection program, such as reducing the length of time records are held, limits on mining the data, and having the Justice Department periodically review the legal determinations NSA uses to conduct searches on the records, said Robert Litt, general counsel to Director of National Intelligence James Clapper.
“We’re open to consideration of a variety of possible reforms of the program so long as they don’t eliminate its utility,” he said at a privacy board hearing today.
While Clapper has said the Obama administration is open to changes to spy programs, lawyers for intelligence agencies today cautioned the privacy board against some proposals.
“Arbitrary limits really don’t take account of operational realities,” Litt said.
Requiring telecommunications companies, rather than the NSA, to retain bulk phone records could slow counterterrorism investigations if court orders have to be served on multiple carriers for different numbers, said Brad Wiegmann, deputy assistant attorney general at the Department of Justice.
Raising the legal standard for searching bulk phone numbers may limit the program’s usefulness, said Patrick Kelley, acting general counsel for the Federal Bureau of Investigation.
Allowing Apple Inc. (AAPL), Google and other technology companies to publish statistics about government demands for customer data might signal to adversaries which Internet services to avoid using, Litt said.
The board hasn’t made any decisions, including whether the NSA should be prohibited from collecting bulk phone records, Medine said.
While the board can’t compel the NSA to alter spying programs, Obama and top administration officials have cited its review as critical to providing oversight of surveillance programs.
“We’ve asked questions from ending the program to reforms to the program to continuing as it is,” Medine said.
Along with reducing the length of time phone records can be retained, the board is considering a proposal to limit the agency’s ability to search the connections between phone numbers, Medine said.
The board plans to issue a report with its recommendations, although Medine didn’t know when that would occur.
“We are not required to clear our report with the White House,” he said. “We will issue it directly to the president and Congress and express our views.”
To contact the editor responsible for this story: Bernard Kohn at email@example.com