[NOTE: cryptome.org was the first site to warn about this - one year ago - but no one paid any attention. Agencies with mass spying tools now include the IRS, the DEA, the HHS, BATFE and the DHS.]
Late last night, the NY Times broke a very troubling story. Rather than finally putting an end to Executive Order 12333, it appears that President Obama is going to expand the power of it in dangerous ways. We've written about EO 12333 a bunch of times, but for those of you unfamiliar with it, it's an executive order signed by President Reagan that basically gave the NSA pretty free rein to collect signals intelligence outside of the US. Because it's not (technically) about domestic surveillance, what the NSA does under EO 12333 is not subject to Congressional oversight. That is, Congress is mostly as much in the dark as everyone else is on what the NSA is doing overseas. And, as former State Department official John Napier Tye revealed a couple of years ago, for all the talk of domestic surveillance programs revealed by Ed Snowden, the NSA's real power comes almost entirely from 12333.
And it has no limitations. Napier noted that the other programs – things like Section 215 (now morphed into whatever the USA FREEDOM Act allows) and Section 702 – were merely used to "fill in the gaps" not covered by 12333.
And it almost certainly involves both foreign and domestic intelligence. Basically, if any of your data goes outside of US boundaries, the NSA is free to capture it under 12333. Remember those stories of the NSA hacking into datacenters of companies like Google, Yahoo and Microsoft? Those datacenters were in Singapore. And the reason the target was Singapore rather than the US, was because of 12333.
Meanwhile, the NSA likes to insist that it respects the privacy of Americans thanks to its vast minimization program that is supposed to dump inappropriate data on Americans, or in stripping out private information when sharing data with other agencies.
This is crazy. For all the talk of the NSA having access to all of this information, and even a fair number of reports of NSA staff "abuse" of their access to data, in general, the NSA certainly has a reputation for being serious about not allowing any abuse of the data. Other agencies? Not so much. The FBI, CIA, DEA and ATF, for example, have long and colorful histories of abusing data to harass and intimidate people. Giving them much wider access to whatever the NSA slurps up overseas, and then trusting those agencies to handle "minimization" (as is the apparent plan) is downright frightening.
And despite this massive change, the public won't get to weigh in. Instead:
Intelligence officials began working in 2009 on how the technical system and rules would work, Mr. Litt said, eventually consulting the Defense and Justice Departments. This month, the administration briefed the Privacy and Civil Liberties Oversight Board, an independent five-member watchdog panel, seeking input. Before they go into effect, they must be approved by James R. Clapper, the intelligence director; Loretta E. Lynch, the attorney general; and Ashton B. Carter, the defense secretary.
Oh sure. They just need approval from the folks who will benefit most from all of this, and no real discussion with the public who will be impacted by it. What a surprise…
http://archive.is/2KsMm
https://www.techdirt.com/articles/20160225/22583933716/rather-than-ending-nsas-key-surveillance-tool-white-house-to-now-let-other-agencies-use-it.shtml