Obama's NSA reform proposals spark disappointment from some

Some digital rights groups wanted an end to the NSA phone records program, but President Obama wants a transition to something similar

U.S. President Barack Obama's proposed changes to the National Security Agency's surveillance programs don't go far enough, some technology and digital rights groups said, while others hailed it as a good first step.

Obama called for a transition away from the NSA's bulk telephone records collection program and for a public advocate at the U.S. Foreign Intelligence Surveillance Court, but he didn't back many of the prior recommendations from civil liberties groups and his own surveillance review board.

While Obama defended the bulk collection of U.S. phone records and called for a replacement program with similar capabilities, many civil liberties groups wanted the program to be killed off.

But Obama's speech will help move forward a conversation on surveillance and privacy, said Greg Nojeim, director of the Center for Democracy and Technology's Project on Freedom, Security and Surveillance. Obama's call for a replacement to the phone records program means he "added his support to a growing consensus that bulk collection of communications metadata by the NSA must end."

Still, the president's recommendations lacked specifics and didn't include a call for court orders targeting specific suspects, Nojeim said. "While we were pleased to see the president acknowledge that bulk collection by the NSA is untenable, we were disappointed in his failure to offer a clear path forward on these reforms," he said. "Storage of bulk records by companies or a third party would be merely a shuffling of the chairs, not a real reform."

The CDT published a scorecard Friday, comparing Obama's surveillance reform proposals to those of his Review Group on Intelligence and Communications Technology.

Obama's speech didn't address the NSA's attempts to weaken and circumvent Internet encryption or its ability to use Internet communications of U.S. residents that the agency inadvertently or incidentally acquires by targeting people abroad, the CDT noted.

"Far more needs to be done to restore the faith of the American people and repair the damage done globally to the U.S. reputation as a defender of human rights on the Internet," Nojeim said in an email.

Other reactions to the speech:

Dean Garfield, president and CEO of trade group the Information Technology Industry Council: "I am encouraged by what I heard. It's clear that the White House listened carefully to the concerns, reforms, and principles that the tech sector has submitted and made public. The changes and plans for international engagement that the president laid out today are an important step in restoring the public's trust in the U.S. government, as well as in the technology sector."

Berin Szoka, president of free-market think tank TechFreedom, a plaintiff in a lawsuit challenging NSA surveillance: "The reforms announced today will certainly help address some of the greatest privacy concerns raised by U.S. surveillance. But the speech will probably be remembered most for the much-needed reforms it didn't announce."

Obama would let the NSA access telephone metadata if it can establish a reasonable suspicion that a number is connected to terrorists, Szoka said. "This standard is too low to protect the privacy of the innocent. In general, the Fourth Amendment requires a 'probable cause' showing before a court may issue a warrant."

Virginia Sloan, president of The Constitution Project, a legal watchdog group: "We are disappointed that President Obama chose not to end the NSA's bulk collection of Americans' phone call records, nor to provide any specifics on how he would significantly alter it, even though his own hand-picked panel of intelligence experts urged him to substantially reform the program.

"Today, the president could have taken important steps to protect people's privacy against out-of-control government surveillance.  Unfortunately, he largely let that opportunity go to waste."

Barbara Stripling, president of the American Library Association: "After months of calling for more government transparency and public accountability, it is promising that President Obama recognized the need to reform the National Security Agency's intrusive surveillance practices. The American Library Association agrees that the systematic and unwarranted collection of surveillance data on millions of unsuspecting Americans must be curtailed, and we support plans to make National Security Letters more transparent.

"However, we are cautiously monitoring the Obama administration to ensure that President Obama's suggested surveillance changes extend far beyond his speech today. Moving forward, we will continue to advocate for legislative reforms that restore our basic expectations of privacy."

Ed Black, president and CEO of trade group the Computer and Communications Industry Association: "The president's speech was empathetic, balanced and thoughtful, but insufficient to meet the real needs of our globally connected world and a free Internet.

"It's clear the president recognizes the potential for government overreach on surveillance and he is trying to provide more oversight and transparency about data collection. But we're disappointed he did not completely halt the collection and analysis of bulk metadata."

Grant Gross covers technology and telecom policy in the U.S. government for The IDG News Service. Follow Grant on Twitter at GrantGross. Grant's email address is grant_gross@idg.com.

Join the CSO newsletter!

Error: Please check your email address.

Tags telecommunicationVirginia SloanBerin SzokaU.S. National Security AgencyAmerican Library AssociationBarack ObamainternetprivacyDean GarfieldBarbara StriplingEd BlacksecurityTechFreedomCenter for Democracy and TechnologygovernmentGreg NojeimComputer and Communications Industry AssociationThe Constitution ProjectInformation Technology Industry Council

More about CDTComputer and Communications Industry AssociationIDGNational Security AgencyNSATechnology

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Grant Gross

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place