Update: Obama's NSA proposals underscore reform challenges
Advocates and opponents of reform have plenty to complain about with the proposed changes, observers say
Computerworld - President Obama's proposals Friday to reform the National Security Agency's surveillance practices reflect the enormous challenges the administration faces in finding the right balance between national security needs and privacy and civil rights concerns.
Advocates of major NSA reform have already dismissed the proposals as too meager to effect meaningful reform. Others, meanwhile, are sure to worry about the changes affecting the ability of the NSA to do its mission.
"There is no pathway that will satisfy both the national security advocates and the privacy advocates," said Alan Paller, director of research at the SANS Institute. "So instead of trying to find one, [Obama] is trying to do the right thing."
Neither side is likely to be happy because the impact of the reforms will be controlled by the details, Paller said. U.S. security agencies, for instance, are sure to hate Obama's proposal to permit third parties to control phone metadata records. Privacy advocates won't like the expedited judicial review processes that will need to be put in place to allow NSA rapid access to the metadata, he said.
"And Congress is speaking with so many voices that it is unlikely a coherent plan will arise from that quarter," Paller said.
Obama called for a series of changes to the NSA's surveillance practices in response to concerns raised by NSA contractor Edward Snowden's leaks about the agency.
The most significant of these changes pertains to the NSA's controversial metadata program under which the agency for the past several years has been collecting telephone numbers and other details on all phone calls made by U.S residents.
The NSA claimed the data is vital to help it identify U.S. residents who may be communicating with terror suspects based outside the country. Privacy and civil rights advocates have slammed the program as illegal and unconstitutional.
In his remarks Friday, Obama reiterated the importance of the metadata collection effort but said he was ending the program as it stands. Instead of the NSA's holding on to the data records, the government will implement a new approach under which telecommunication companies or another third party will retain the bulk phone records and make them available to the NSA under court order.
The transition won't be simple and poses its own set of privacy and legal challenges, the president cautioned. "Any third party maintaining a single, consolidated database would be carrying out what is essentially a government function with more expense, more legal ambiguity, and a doubtful impact on public confidence that their privacy is being protected," he said,
Effective immediately, the NSA will be allowed to query the database only after getting proper judicial approval. Even then, the agency will only be allowed to search for phone records that are two steps removed from a number associated with a terrorist, instead of the current three-step standard, the president said.
Obama said he has also issued a new presidential directive that would strengthen executive branch oversight of the country's intelligence activities and provide greater transparency over surveillance activities. Going forward, the director of National Intelligence will work with the U.S. Attorney General's office to annually review and declassify any future opinions of the Foreign Intelligence Surveillance Court that have broad privacy implications, he said.
Obama noted that he has also called on Congress to authorize the creation of a panel of privacy and civil rights advocates to provide an independent voice to significant cases before the FISA Court.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Pay-as-you-Grow Data Protection: IBM Tivoli's Full-featured Data Protection Suite for Small to Medium Businesses IBM Tivoli Storage Manager Suite for Unified Recovery gives small and medium businesses the opportunity to start out with only the individual solutions...
- Streamline Data Protection with IBM Tivoli Storage Manager Operations Center IBM Tivoli Storage Manager (TSM) has been an industry-standard data protection solution for two decades. But, where most competitors focus exclusively on Backup...
- Simplify and Consolidate Data Protection for Better Business Results Learn about IBM® Tivoli® Storage Manager Operations Center, which provides advanced visualization, built-in analytics and integrated workflow automation features that leapfrog traditional backup...
- HP HAVEn: See the big picture in Big Data HP HAVEn is the industry's first comprehensive, scalable, open, and secure platform for Big Data. Enterprises are drowning in a sea of data...
- Meg Whitman presents Unlocking IT with Big Data During this Web Event you will hear Meg Whitman, President and CEO, HP discuss HAVEn - the #1 Big Data platform, as well...
- The New Way to Work Knowledge Vault This Knowledge Vault focuses on how, in today's increasingly virtual world, it's more important than ever to engage deeply with employees, suppliers, partners,... All Cyberwarfare White Papers | Webcasts