Add technologists to surveillance tech review panel, IT groups say
U.S. President Barack Obama should add actual technologists to a group reviewing the nation’s surveillance technologies, IT-related groups have said.
The President’s Review Group on Intelligence and Communications Technology, announced in August after revelations of large-scale data collection and surveillance programs at the U.S. National Security Agency, has five members, with four of them former government officials. But the board is “limited in technical expertise,” said Sascha Meinrath, director of the Open Technology Institute at the New America Foundation, a Washington, D.C., think tank.
The board has an undefined scope, and it’s unclear what exactly the group is reviewing, Meinrath wrote in comments about the review board, due Monday.
“Revelations regarding the breadth and scope of the NSA’s surveillance have raised serious concerns among a variety of stakeholders within and outside the United States, including technology companies, civil liberties groups, and the millions of citizens who rely upon digital communications in their personal and professional lives,” Meinrath wrote. “It is critical that the Administration rebuild trust in the United States as a benevolent steward of the Internet and reaffirm the nation’s respect for international law and commitment to protecting civil liberties and human rights both at home and abroad.”
Meinrath’s comments follow similar criticisms of the board filed by a group of 47 high-profile technologists last Friday. The review group needs “competent technical advice to do its job properly,” said the group in comments filed. “A technologist can situate advancements in modern technology, how they work, what is possible, how data moves through infrastructure, and how modern technology may implicate privacy and security.”
Among the IT experts signing the letter were staff members at the Center for Democracy and Technology and the Electronic Frontier Foundation; Apache Web server developer Brian Behlendorf; Princeton University computer science Professor Ed Felton; Johns Hopkins University computer security Professor Matthew Green; Mozilla senior policy engineer Chris Riley; cryptographer Bruce Schneier; and PGP creator Phil Zimmerman.
Obama administration officials, including James Clapper, the U.S. director of national intelligence, have repeatedly defended the NSA’s efforts, saying the surveillance programs are necessary to protect the U.S. from terrorism. The president’s review board reports to Clapper.
“Within our lawful mission to collect foreign intelligence to protect the United States, we use every intelligence tool available to understand the intent of our foreign adversaries so that we can disrupt their plans and prevent them from bringing harm to innocent Americans,” Clapper said in a statement last week.
Doubts on NSA statements
The group of tech experts raised doubts about some NSA assertions to the U.S. Foreign Intelligence Surveillance Court about its technical inability to separate out individual email messages or other Internet communications from what the agency calls multi-communication transactions, messages sent together in bulk. The NSA has used this supposed inability to justify its bulk collection of Internet communications.
“As technologists, it strikes us as highly unlikely that no reasonable solution exists to overcome the technical hurdle in this example,” the group of IT experts wrote. “It is deeply problematic that the court has no way to verify these types of assertions, and that the court is not provided an independent technologist or adviser outside of the intelligence community.”
The letter from the 47 technologists also criticized the recently revealed NSA attempts to circumvent encryption technologies, saying the encryption exploitation program was “staggering news for technologists.”
The NSA efforts “fundamentally undermine” Internet security, the group said. “The NSA assumes that it can exploit these weaknesses and gain exclusive access to the content of communications,” the group wrote. “The reality is that backdoors and covert access mechanisms are fragile and often exploitable by organized criminals, hackers, and the military and intelligence services of other governments.”