Congress Considers the Balancing Act Between Security and Privacy
Former National Security Agency contractor Edward Snowden’s disclosures about the agency’s surveillance programs have left Congress stuck between two hugely influential groups: a technology industry that’s long been unhappy about forced cooperation with intelligence operations and an intelligence community that says the work is vital to national security.
For years, technology companies and communications providers have waged a quiet legal campaign for more permission to publish information about the requests for data they receive from the NSA and the FBI. Gag orders often kept them from publicly discussing details of the cases.
Snowden’s leaks changed the landscape.
Now, the scope of information the federal government has been collecting and analyzing is known to the public — and known to potential technology customers at home and abroad. And while U.S. officials have spent a lot of time educating the American public on the privacy protections it applies to U.S. citizens and residents, the Snowden leaks have reminded everyone that those protections are not applied to non-U.S. citizens located outside of the country.
As a result, the leaks have united an industry that is traditionally split over legislative priorities. Now companies are agreeing that better privacy protections from surveillance, or at least less secrecy, would be better for business.
“Congress reacts to outside pressure, and on a lot of issues the industry has been divided, so it’s hard to pass bills,” said Darrell M. West, director of the Brookings Institution’s Center for Technology Innovation. “But on this issue, a lot of the companies are on the same page. When you have an industry that’s united, it’s easier.”
But Congress is deeply divided on how to proceed on a surveillance overhaul.
Several lawmakers have proposed sweeping packages to curtail the NSA’s work. Others, including Senate Intelligence Chairwoman Dianne Feinstein, D-Calif., have called for much more limited measures, and oppose ideas such as the White House review group’s recommendations to leave telephone and Internet metadata in the hands of companies, instead of having the NSA collect them.
Opponents of a large-scale overhaul would also be fine with Congress taking no action, a significant possibility for a hot-button issue in a midterm election year.
The technology lobby is well aware of the difficulties associated with congressional inertia. That’s why associations and companies have been working on multiple fronts, filing lawsuits and bringing their complaints to the executive branch.
When President Barack Obama gives a scheduled address Friday laying out his recommendations for how to change the NSA’s surveillance programs, West said he expects that the speech could involve new orders for the agency to provide increased privacy protections for noncitizens and allow companies to talk more publicly about data access.
The tech sector is now predicting a worst-case scenario of losing foreign customers, and is letting Congress know about it.
“I’ve heard from a number of companies who worry that their global competitiveness has been weakened and undermined,” Senate Judiciary Chairman Patrick J. Leahy, D-Vt., said during a December hearing. “They say that the American businesses stand to lose tens of billions of dollars in the coming year. And we need to make substantial reforms to our surveillance laws to rebuild confidence in the U.S. technology industry.”
For cloud computing alone, U.S. companies could lose up to $35 billion in business over the next three years because of loss of trust in their services, particularly abroad, according to the Information Technology and Innovation Foundation think tank. The analytics firm Forrester Research came up with an even grimmer assessment: up to $180 billion in the same period.
The inability to disclose much about their dealings with the NSA and the intelligence community is hurting those companies, Minnesota Democratic Sen. Al Franken said this week.
Edward Black, president and CEO of the Computer and Communications Industry Association, an industry lobbying group, said he has his doubts about the accuracy of loss projections — the cloud is a growing sector where the United States is poised to lead, and predicting how much is companies might lose is difficult — but the problem is real.
“I don’t buy any number I’ve seen so far, but I don’t dispute the magnitude,” he said.
Black’s group is making the case to Congress that the technology sector isn’t against surveillance, but that the government has to strike a better balance between ensuring security and preserving privacy. Many other countries have more invasive surveillance policies, he noted.
If the United States wants to help the industry bounce back from the bad publicity of the Snowden disclosures, he added, it should aim to become an example of privacy for those nations to follow, including when it comes to the treatment of foreigners.
When a presidentially appointed panel of experts released a set of recommendations for overhauling intelligence work in December, it also called for the NSA to change how it handles metadata from foreigners.
The agency currently takes much greater liberties when obtaining information on noncitizens, but the panel said the NSA should apply a 1974 privacy law (PL 93-579) defining restrictions on the collection and retention of personal data in the same way to citizens and noncitizens unless it is able to show a compelling reason to do otherwise.
The Spy Lobby
The technology lobby, which collectively in recent years has spent millions on its legislative priorities, may be powerful, but it faces an equally formidable foe in the intelligence community.
Although officials such as NSA head Gen. Keith B. Alexander have been lambasted by congressional critics of the agency’s work, they also have powerful allies in the Intelligence committees, where leaders continue to defend metadata collection and other operations.
Black argues that part of the strength of the intelligence community’s influence has to do with access, or a lack thereof. Many members of Congress either don’t have access to intelligence information or aren’t well-versed in it, and take their cues from those who are.
But as public outrage from the Snowden disclosures continues, that’s changing, he said.
“I’d say the surveillance community has an established party line that, at the beginning, seem to give them the upper hand in terms of PR and politics, but I think the trend line is clearly moving toward more reform,” Black said. “There’s been a steady erosion of earlier blind support for the intelligence community.”
This could leave some room for changes that would help appease technology companies.
If Congress were to consider a more limited overhaul, it could start by creating more privacy protections for foreigners, or allowing companies the freedom to disclose more about the intelligence requests they receive, which could be an easier sell politically.
“Technology companies would like greater disclosure because they feel it shields them better if there’s a backlash,” West said.
The industry realizes that its records are of great use to law enforcement and intelligence, Black said. For years, companies have faced an escalating amount of demands for information from everyone from attorneys general to divorce lawyers. The problem with intelligence requests, he said, is that the industry is barred from talking about them, even in general terms.
“On the national level, the secrecy involved also makes it particularly frustrating because you are handcuffed in your efforts to resist requests,” Black said.