In this series of blogs we will examine all topics under the information security umbrella. From corporate blunders to rogue state attacks to the occasional celebrity hack, we believe there is something for businesses and individuals to learn from any cyber security event. We also believe that, while experience is the best teacher, it’s even better to let other people make the mistakes for you.
Okay, politics and religion are the third rail of conversation, I get it. But every now and then there is something so relevant to anyone who has ever been on the internet or a telephone (read- “everyone”) that it begs our attention. So here it is, the political edition of Protect Ya Neck. Hip-hop references considerably diminished for this one.
What’s the Deal?
The Senate held late night talks on a Sunday at the end of May to discuss matters of both national security and personal privacy. Yeah, there’s a lot going on in that sentence, mostly surrounding the fact that the Senate was working late on a Sunday, but I digress. The topic that got the 100 distinguished gentlemen and women to have a senatorial slumber party had to do with the expiration of certain parts of the USA PATRIOT Act. To help understand how this has a huge impact on the personal information of all Americans, we’ve compiled this handy guide for you to know the facts.
Two key provisions of the Act that were slated to expire-
- NSA Metadata Collection – You’ve heard about this before, this was the big sweeping dragnet that allowed the National Security Agency to collect huge stores of data from America’s telephone service providers that was made part of public scrutiny by the now expatriated Edward Snowden. The data that was collected was permitted to be stored for five years, but this sweeping power is, for the time being, no longer permitted to continue.
- Roving Wiretaps – This provision allowed law enforcement officials to only include the individual(s) they intended to wiretap and not each specific device or phone number. The concept was based on the fact that terror suspects would often change pre-paid phones and so going through the standard procedures of getting a warrant for each new line was too cumbersome to provide any meaningful surveillance.
- Bonus Provision – There was a third component of the Act that dealt with appropriating “national security tools” against the “lone wolf” operative. I’m not going to go into too much detail on this one for three reasons-
- It doesn’t directly affect the world of telecommunications like the former two do so it isn’t particularly relevant here.
- According to the Department of Justice, this provision actually hasn’t been used since the Act was written into law.
The term “national security tools” is pretty intense and I don’t want to venture guesses as to what all that entails.
Let’s Try it This Way
The USA Freedom Act made slight changes to the metadata collection and roving wiretap provisions but left the lone wolf provision intact. Therefore, moving forward, current changes to these provisions include-
- The NSA is no longer collecting the metadata, but rather they will present warrants to telephone companies for release and will only be able to collect info on individuals rather than wide swaths of millions of people. So that’s nice.
Wiretapping practices that were permitted under the original Act will be allowed to continue so long as they were begun prior to the June 1, 2015 expiration date of the Act. Any such wiretaps moving forward will not be immediately allowed, but rather will be subject to approval from the super secretive FISA Court so, basically nobody will know if these are actually expired practices or not.
Aftermath- Are we less safe?
The yes we are camp says– Absolutely. Mostly backed by national security hawks, there are dissenting voices on both sides of the aisle. Attorney General Loretta Lynch said that the inability of the Senate to act on extending these provisions would result in, “a serious lapse,” in America’s ability to protect herself from terror.
The no we’re not camp says– Well, not exactly. Retired General Michael Hayden was the head of the NSA from 1999 to 2005 and was recently quoted at a Wall Street Journal conference saying that, effectively; nothing has changed for the security organization. According to Hayden, by merely transferring the responsibility of storing metadata onto the telephone companies, the NSA can essentially continue operating as if the provisions of the USA PATRIOT Act were still wholly unchanged. So, net-net, this former security official seems to think it’s business as usual.
Nifty Bonus Fact!
In case you were wondering why USA PATRIOT Act is written in all caps, it’s not because we yell things that are important. Actually, it is because unlike the acronym, SCUBA, this is a backronym (acronym that was constructed to fit an existing word, not a word from an acronym) that stands for Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act. So, there’s that.
One more thing, all of this is still tenuous in that there will very likely be additional voting, extending, editing, revising, and deliberating of these and a bevy of other surveillance-related provisions. Stand by for more as it develops but in the meanwhile, always remember to stay safe out there and Protect ya Neck.