The chairman of the U.S. Senate’s intelligence committee said she wants to make changes to a bill passed by the House of Representatives to further narrow the scope of National Security Agency surveillance practices.
The House bill has confusing language regarding what kind of phone and Internet records the NSA would be permitted to gather in bulk, said Senator Dianne Feinstein, a California Democrat. That bill says it would allow collection of records that identify “a person, entity, account, address or device.”
“The language used in the bill is somewhat controversial,” Feinstein said at a hearing in Washington today. “We should take a close look at the House legislation with a view to its passage perhaps as amended in the Senate.”
The hearing was held on the one-year anniversary of the publication of documents leaked by former NSA contractor Edward Snowden exposing the range of government surveillance tactics. The public backlash has prompted Congress and President Barack Obama to consider new parameters for spy programs.
Technology and Internet companies including Microsoft Corp. (MSFT) and Google Inc. (GOOG) have asked the Senate to craft a version of NSA legislation that would narrow what was passed in the House. The companies are largely against the government’s bulk gathering of e-mails and other Internet records.
U.S. Deputy Attorney General James Cole said during the hearing the government doesn’t believe the House bill would permit bulk data collection, such as gathering records from an entire zip code.
“That would be the type of indiscriminate bulk collection that the bill is designed to end,” Cole said.
Federal investigators still need flexibility, he said. He outlined a scenario where if a terrorist stayed at a hotel, investigators may need to access records of all other guests in the hotel to determine if there are any connections.
“We need to have enough room to do an investigation that would be effective and we need to have enough restrictions so that we are not indiscriminately collecting records in bulk,” Cole said.
The Obama administration would be willing to work with the Senate intelligence committee to craft new language, Cole said.
“We think the definition that’s in the bill works,” he said, referring to the House legislation. “If you feel there is better language, we’re more than happy to work with the committee.”
Some senators questioned whether it would be practical to end the NSA’s collection and storage of phone records of millions of Americans. The House bill would require the NSA to obtain a court order to direct Verizon Communications Inc. (VZ) and other phone companies to query records they hold for business purposes. Obama proposed such a plan in January.
“I think we all need to step back and ask ourselves whether all these changes are really necessary,” Senator Saxby Chambliss of Georgia, the top Republican on the intelligence panel, said during the hearing. “It seems to me this bill is fixing a lot of things that aren’t really broken.”
Senator Jay Rockefeller, a West Virginia Democrat and chairman of the Senate Commerce Committee, said having the phone companies hold the records creates an “unnecessary and unpredictable” risk to national security.
Senator Susan Collins, a Maine Republican, said phone records held by the carriers may be more prone to being hacked and exposed.
Cole and Richard Ledgett, the NSA’s deputy director, said the government has a long history of working with the phone companies in criminal investigations, and steps will be taken to ensure the carriers have adequate security.
“The companies already have this data,” Ledgett said. “We will work with the companies to put protections in place.”
In another change from the House bill, Feinstein said a government mandate may be needed to ensure carriers retain phone records for at least 18 months so they’re available for counterterrorism investigations.
“What I don’t know is why the House didn’t put in 18 months in the bill and I’m going to find out,” she told reporters after the hearing. “Telephone companies and the CEOs that I know are good Americans. They may prefer not to do it but, if they’re really pressed to do it, I think they will.”
Verizon only keeps records for as long as needed for its business purposes, which is generally 12 to 18 months, said Michael Woods, the company’s associate general counsel.
Requiring carriers to retain data could jeopardize customer trust, Woods said in prepared testimony for the hearing.
“Any constitutional benefit of having the data held by private entities is lost when, by compelling retention of that data for non-business purposes, the private entity becomes a functional surrogate of the government,” he said.
To contact the editors responsible for this story: Romaine Bostick at firstname.lastname@example.org Bernard Kohn