Obama proposes changes to NSA surveillance

U.S. President Barack Obama called for changes to U.S. National Security Agency surveillance, with new privacy advocates assigned to a surveillance court and a transition away from a controversial telephone records collection program in the U.S.

However, Obama stopped short of major changes advocated by his own surveillance review panel and civil liberties groups. A recent debate over the NSA's surveillance programs, prompted by leaks from former NSA contractor Edward Snowden, forced Obama to propose changes.

"Ultimately, what's at stake in this debate goes beyond a few months of headlines or passing tensions in our foreign policy," Obama said in a speech Friday. "When you cut through the noise, what's really at stake is how we remain true to who we are in a world that's remaking itself at dizzying speed."

The biggest change Obama proposed was a transition away from an NSA bulk phone records collection program, with the goal being a new program that doesn't include the NSA holding onto the records, Obama said. Obama wants members of his administration to propose a new program by late March, when the phone records program up for reauthorization.

"I believe it is important that the capability this program is designed to meet is preserved," Obama said.

The NSA will continue to collect and store large numbers of U.S. phone records as the agency transitions away from the program, Obama. The NSA's bulk phone records collection program will have new limits, with investigators there able to query phone numbers just two steps away from a known terrorist instead of three.

In addition, the U.S. Foreign Intelligence Surveillance Court (FISC) will have to approve any queries to the phone records database, Obama said.

The Obama-appointed Review Group on Intelligence and Communications Technology recommended in December that telecom carriers keep the records or that a third party store them, but Obama said both of those approaches raised new privacy concerns.

In addition, Obama called on Congress to approve a new group of privacy advocates to argue on behalf of the public before the FISC. Currently, only U.S. agencies seeking surveillance orders appear before the court.

Obama also issued a new surveillance policy directive calling for new transparency and oversight into U.S. surveillance programs. Obama also promised new privacy protections for foreigners, and he pledged to stop surveillance of the leaders of allied countries, unless there was a significant national security reason.

Instead of tapping the phones or Internet services of foreign leaders, Obama will "pick up the phone" and ask for their views on issues the U.S. is interested in, he said.

Several digital rights groups called on Obama for a larger overhaul of the NSA's surveillance programs.

Real reform requires Obama to "end mass collection" of metadata phone records, said David Segal, executive director of digital rights group Demand Progress. "We urge the president to recognize that the public concern is not only over whether mass spying programs are explicitly abused, within standards set by the NSA, but whether these programs should exist at all -- whether they are fundamentally compatible with the notion that we live in a free society, a democracy," Segal said in an email.

Obama's call for a transition in the bulk phone records program raises new questions, added Kevin Bankston, policy director of the New America Foundation Open Technology Institute.

"If the ultimate alternative to government collection is mandatory bulk data retention by the phone companies or mandatory bulk handover to a third party, the president should be prepared for a major legislative battle with key members of Congress, the technology industry and the privacy community arrayed against him," Bankston said by email. "Particularly when the president's own review group concluded that the records program is not essential to preventing terrorist attacks ... the right answer here is to stop the bulk collection completely -- not to keep the same bulk data under a different roof."

Grant Gross covers technology and telecom policy in the U.S. government for The IDG News Service. Follow Grant on Twitter at GrantGross. Grant's email address is grant_gross@idg.com.

Join the CSO newsletter!

Error: Please check your email address.

Tags New America FoundationtelecommunicationsecurityKevin BankstonU.S. National Security AgencyDemand ProgressgovernmentBarack ObamainternetDavid Segalprivacy

More about IDGNational Security AgencyNSATechnology

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Grant Gross

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts

Market Place