Wiretapping law's renewal dismays rights groups

The FISA Amendments Act presents a unknown privacy risk for Americans, opponents say

A last-minute move by the U.S. Senate to renew a controversial wiretapping law, days before it was set to expire on Dec. 31, has dismayed privacy advocates, rights groups and lawmakers who have long opposed the measure.

The FISA Amendments Act of 2008 is an anti-terror measure that authorizes U.S. intelligence agencies to conduct surveillance, including electronic wiretapping, of foreign nationals inside the U.S and overseas who are believed to pose a security risk to the country. Proponents of the measure have described it as a vital tool in the fight against terrorism.

But many others believe that the manner in which the law has been written allows U.S spy agencies to intercept, without a warrant, phone calls and other electronic communications that may involve American citizens as well.

They have decried what they claim is an absolute lack of transparency into how the law is being applied. They have demand more information on how FISA is being interpreted by the non-public court that was created under the law to handle search warrant requests involving foreign suspects on U.S. soil.

The law, which basically amends the Foreign Intelligence Surveillance Act (FISA) of 1978, was scheduled to expire on Dec. 31. But it was renewed in the U.S. Senate by a vote of 72-23 on Dec. 28 and signed into law by President Barack Obama two days later. The U.S House of Representatives voted last September to reauthorize the bill for another five years.

Mark Rumold, a staff attorney at the Electronic Frontier Foundation (EFF), said the renewal of the bill, without any of the several amendments that had been proposed by lawmakers such as Senators Ron Wyden (D-Ore.), Jeff Merkley (D-Ore.) and Rand Paul (R-KY), was disappointing.

It basically gives the government wide leeway to intercept all sorts of communications -- including those involving American citizens -- without needing to establish a particularly strong connection to terrorism, he said.

"My main concern with the law is that we don't know how it is being used," he said.

In fact, even many of the lawmakers who voted to extend the FISA amendments know very little about how, when, where or why it is being used, he said. Apart from lawmakers in the Senate Intelligence Committee and the Senate Judiciary Committee, very few have been briefed on the law and therefore know little about it, Rumold said.

The law gives the government "expansive authority and they are using it in secret and nobody knows for sure how they are using it," he said.

The people who have been briefed on FISA have downplayed concerns about the law being used to illegally to spy on American people, he said. And they have pointed to the FISA court as an example of the protections that exist under the law to prevent illegal spying on Americans.

The problem is that without more transparency there is no way of knowing whether FISA provisions are being interpreted by the court in ways that are different from the language or intent of the statue, Rumold said.

In an interview with the Huffington Post after the Senate vote, Sen. Wyden, a vocal FISA critic, voiced similar concerns. "When the public finds out that these secret interpretations are so dramatically different than what the public law says, I think there's going to be extraordinary anger in the country," Wyden said in comments to the story. "Because it's one thing to have debates about laws... but we assume that the law itself is public."

In comments made at this week's Consumer Electronics Show (CES) in Las Vegas, Wyden reiterated his previous commitment to fight for new accountability measures for ensuring the law will not be abused. "We will win this," Wyden said in comments made to reporters at the show and independently confirmed by Computerworld via his press office. "It's not a question of 'are we,' but 'when'?" he said.

After the vote to renew the bill the ACLU expressed hope that the growing calls in the Senate to make the FISA Amendments Act more transparent would result in some changes.

"Close to half of the Senate is on record demanding disclosure, and that should only help efforts to get basic information about how our rights are affected [by FISA,]" the ACLU said in a statement.

Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at @jaivijayan or subscribe to Jaikumar's RSS feed. His e-mail address is jvijayan@computerworld.com.

See more by Jaikumar Vijayan on Computerworld.com.

Read more about privacy in Computerworld's Privacy Topic Center.

Join the CSO newsletter!

Error: Please check your email address.

Tags Gov't Legislation/Regulationdata securityregulationsecuritygovernmentinteldata protectionprivacy

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Jaikumar Vijayan

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place