Tough love to restore privacy

Regrettably, we’re all at least partially to blame.  Our collective fear of terrorism has compelled our elected representatives to allow a culture where any and all means are acceptable to prevent acts of terrorism.

Fortunately, we can restore balance to this broken system to safeguard privacy while keeping the nation safe, but it will require some tough love for those in Washington.  And since tech consumers increasingly want stronger privacy protections, tech companies can benefit by pressuring Congress to pass privacy-restoring legislation.  In the spirit of the Fourth Amendment, here are four things the tech sector should demand of Washington:

ADVERTISEMENT
Public reports to ensure transparency.  We don’t need to know the details of every action taken to protect the country, but we have a right to know general information.  For example, the existence of programs that collect data on every American could be discussed without compromising sensitive sources and methods.

The notion that terrorists will somehow be able to evade a surveillance system by simply acknowledging its existence is severely misguided.  Terrorists know American drones are hunting them, but they don't know the resolution of their optics or range of their missiles.  Acknowledging the existence and legal justification of drone-strikes has not reduced their effectiveness.  Likewise, telling Americans their call records will be collected won’t give the bad guys our counter-terrorism playbook.

Congress should require quarterly publicly reports of domestic surveillance activities to include macro-level statistics about national security letters, the generic value of the information collected and the legal justification for such collection.  The increased transparency will help tech companies convince users they’re not giving the U.S. government unlimited access to their data.

A privacy and civil liberties defense attorney for the FISA court.  A common defense of the domestic surveillance status quo has been that the programs have been authorized and overseen by all three branches of government.  However, as one of our framers argued, a system of checks and balances relies on ambition made to counteract ambition.

Unfortunately, there’s often a reluctance to challenge national security officials who have developed an aura of unfailing credibility because of their length of time on the job.  Many elected overseers simply accept the arguments made behind closed doors by career national security officials, giving them a rubber stamp rather than ambitious counter-arguments.

It’s now clear that FISA court judges have at times vigorously challenged the assertions of national security officials; however, they still must rely on agencies to be forthcoming about program risks to privacy rather than benefiting from an adversarial process.

Congress should require a privacy and civil liberties attorney to represent Americans during FISA court proceedings to ensure there are at least informed judicial counter-arguments to government surveillance requests.

Commitments for votes on ECPA, FISA and CFAA reform by the end of the year.  Broad, ambiguous statutes enable agency overreach; these three statutes have all provided government officials with discretion that has been abused.  Securing firm commitments from congressional leaders to hold votes in each chamber will help prioritize reform of these overly broad statutes.

A strategy to divest the military from domestic security.  There was a time when supercomputers and large dedicated infrastructures were expensive and necessary to perform analysis of large data sets.  The military’s National Security Agency (NSA) has traditionally been considered to have unmatched capabilities.  Cloud computing and concurrency breakthroughs have changed the paradigm.  Big data analytics is something our private sector technology innovators now do extraordinarily well.

We should leverage our national laboratories to serve as a clearinghouse for private sector and academic capabilities to aid our homeland security and law enforcement professionals rather than relying on a military spy agency.  The military and intelligence community should be limited to sending data to homeland security and law enforcement agencies from information collected abroad.  It’s time to let the military get back to the business of preparing for conflicts overseas.

There's a clear business case for stronger federal privacy policies.  A recent study by the Information Technology and Innovation Foundation (ITIF) projects that U.S. cloud service providers will lose $35 billion in revenue over the next three years because of the NSA surveillance programs.  These intrusive, opaque initiatives have put U.S. tech companies at a competitive disadvantage.

As a result of this unprecedented alignment of business and privacy interests, tech companies and their users are an increasingly distinct, and consequential, political force.  The tech community should use this leverage to begin the process of restoring our fundamental right to privacy.

Finan is a former adviser to the Obama administration on cybersecurity, cybersecurity technology entrepreneur, and fellow at the Truman National Security Project.