American Civil Liberties Union

(Updated below)

I was invited to give a talk on surveillance at the Information Security Systems Association (ISSA) Baltimore Chapter yesterday, and the keynote speaker was Dr. John Levine of the NSA. He works on the “information assurance” side of the agency (charged with securing communications rather than breaking them) and had some interesting things to say on the NSA’s work trying to make mobile devices more secure for the military and other government users who need to exchange classified information.

Last week’s Washington Post report that the CIA had requested that Boston bomber Tamerlan Tsarnaev be placed on a terrorist watch list raises an interesting point about total surveillance societies: in addition to all their negative implications for citizens, they actually bring some disadvantages for the authorities as well.

It’s not clear what information the CIA’s request was based upon, but reportedly it came from Russian authorities. It is also possible that Tsarnaev’s communications were flagged by US agencies such as the NSA. Either way, it seems as though there’s a real possibility that Tamerlan’s name came to the attention of the authorities through some dragnet-style surveillance technique.

If so, the conundrum for the authorities is this:

Can using privacy-enhancing tools (such as Tor or a Virtual Private Network) actually expose you to warrantless surveillance by the National Security Agency? This week, the ACLU sent off four FOIA requests to federal agencies in order to try and answer this question.

To understand why we think that may be the case, we have to go back to the passage of the FISA Amendments Act (FAA) in 2008. That act was not a high-point for civil liberties or the rule of law. It included a provision giving immunity to the telecom companies that violated the law by assisting the NSA with its warrantless wiretapping program. Although the get-out-of-jail-free card given to the phone companies is the most well-known aspect to the FAA, there is much more to the law, and many other things that give privacy advocates reason to worry.

How many different ways does Sen. Ron Wyden (D-OR) have to ask the government the number of Americans it has spied on under its warrantless wiretapping program before he can get a straight answer?  So far, it’s at least three and counting.

Wyden’s public inquiry concerning surveillance of Americans under the FISA Amendments Act (FISA) started with a letter to the Office of the Director of National Intelligence (DNI) in July 2011.  The DNI told him “it is not reasonably possible to identify the number” of Americans who had been spied on.