US spy chief Clapper defends Prism and phone surveillance

[Magda Hassan]

Ah, you really didn't think it would be just in Australia did you Dave?

US and UK struck secret deal to allow NSA to 'unmask' Britons' personal data

2007 deal allows NSA to store previously restricted material
UK citizens not suspected of wrongdoing caught up in dragnet
Separate draft memo proposes US spying on 'Five-Eyes' allies
[SUP]Beta[/SUP]

• James Ball
  
  
• The Guardian, Thursday 21 November 2013 06.00 AEST
  
• Jump to comments (2055)
  

The memo explains that the US and UK 'worked together to come up with a new policy that expands the use of incidentally collected unminimized UK data.'

The phone, internet and email records of UK citizens not suspected of any wrongdoing have been analysed and stored by America's National Security Agency under a secret deal that was approved by British intelligence officials, according to documents from the whistleblower Edward Snowden.
In the first explicit confirmation that UK citizens have been caught up in US mass surveillance programs, an NSA memo describes how in 2007 an agreement was reached that allowed the agency to "unmask" and hold on to personal data about Britons that had previously been off limits.
The memo, published in a joint investigation by the Guardian and Britain's Channel 4 News, says the material is being put in databases where it can be made available to other members of the US intelligence and military community.
Britain and the US are the main two partners in the 'Five-Eyes' intelligence-sharing alliance, which also includes Australia, New Zealand and Canada. Until now, it had been generally understood that the citizens of each country were protected from surveillance by any of the others.
But the Snowden material reveals that:
In 2007, the rules were changed to allow the NSA to analyse and retain any British citizens' mobile phone and fax numbers, emails and IP addresses swept up by its dragnet. Previously, this data had been stripped out of NSA databases "minimized", in intelligence agency parlance under rules agreed between the two countries.
These communications were "incidentally collected" by the NSA, meaning the individuals were not the initial targets of surveillance operations and therefore were not suspected of wrongdoing.
The NSA has been using the UK data to conduct so-called "pattern of life" or "contact-chaining" analyses, under which the agency can look up to three "hops" away from a target of interest examining the communications of a friend of a friend of a friend. Guardian analysis suggests three hops for a typical Facebook user could pull the data of more than 5 million people into the dragnet.
A separate draft memo, marked top-secret and dated from 2005, reveals a proposed NSA procedure for spying on the citizens of the UK and other Five-Eyes nations, even where the partner government has explicitly denied the US permission to do so. The memo makes clear that partner countries must not be informed about this surveillance, or even the procedure itself.
The 2007 briefing was sent out to all analysts in the NSA's Signals Intelligence Directorate (SID), which is responsible for collecting, processing, and sharing information gleaned from US surveillance programs.
Up to this point, the Americans had only been allowed to retain the details of British landline phone numbers that had been collected incidentally in any of their trawls.
But the memo explains there was a fundamental change in policy that allowed the US to look at and store vast amounts of personal data that would previously have been discarded.
It states: "Sigint [signals intelligence] policy … and the UK Liaison Office here at NSAW [NSA Washington] worked together to come up with a new policy that expands the use of incidentally collected unminimized UK data in Sigint analysis.
"The new policy expands the previous memo issued in 2004 that only allowed the unminimizing of incidentally collected UK phone numbers for use in analysis.
"Now SID analysts can unminimize all incidentally collected UK contact identifiers, including IP and email addresses, fax and cell phone numbers, for use in analysis."
The memo also set out in more detail what the NSA could and could not do.
The agency was, for example, still barred from making any UK citizen a target of surveillance programs that would look at the content of their communications without getting a warrant. However, they now:
"Are authorized to unmask UK contact identifiers resulting from incidental collection."
"May utilize the UK contact identifiers in Sigint development contact chaining analysis."
"May retain unminimized UK contact identifiers incidentally collected under this authority within content and metadata stores and provided to follow-on USSS (US Sigint System) applications."
The document does not say whether the UK Liaison Office, which is operated by GCHQ, discussed this rule change with government ministers in London before granting approval, nor who within the intelligence agencies would have been responsible for the decision.
The Guardian contacted GCHQ and the Cabinet Office on Thursday November 7 to ask for clarification, but despite repeated requests since then, neither has been prepared to comment.
Since the signing in 1946 of the UKUSA Signals Intelligence Agreement, which first established the Five-Eyes partnership, it has been a convention that the allied intelligence agencies do not monitor one another's citizens without permission an agreement often referred to publicly by officials across the Five-Eyes nations.
However, a draft 2005 directive in the name of the NSA's director of signals intelligence reveals the NSA prepared policies enabling its staff to spy on Five-Eyes citizens, even where the partner country has refused permission to do so.
The document, titled 'Collection, Processing and Dissemination of Allied Communications', has separate classifications from paragraph to paragraph. Some are cleared to be shared with America's allies, while others marked "NF", for No Foreign are to be kept strictly within the agency. The NSA refers to its Five-Eyes partners as "second party" countries.
The memo states that the Five-Eyes agreement "has evolved to include a common understanding that both governments will not target each other's citizens/persons".
But the next sentence classified as not to be shared with foreign partners states that governments "reserved the right" to conduct intelligence operations against each other's citizens "when it is in the best interests of each nation".
"Therefore," the draft memo continues, "under certain circumstances, it may be advisable and allowable to target second party persons and second party communications systems unilaterally, when it is in the best interests of the US and necessary for US national security."
The draft directive states who can approve the surveillance, and stresses the need for secrecy.
"When sharing the planned targeting information with a second party would be contrary to US interests, or when the second party declines a collaboration proposal, the proposed targeting must be presented to the signals intelligence director for approval with justification for the criticality of the proposed collection.
"If approved, any collection, processing and dissemination of the second party information must be maintained in NoForn channels."
The document does not reveal whether such operations had been authorized in the past, nor whether the NSA believes its Five-Eyes partners conduct operations against US citizens.
The other sections of the document, cleared for sharing with the UK and other partners, strike a different tone, emphasising that spying on each other's citizens is a collaborative affair that is most commonly achieved "when the proposed target is associated with a global problem such as weapons proliferation, terrorism, drug trafficking or organised crime activities."
It states, for example: "There are circumstances when targeting of second party persons and communications systems, with the full knowledge and co-operation of one or more second parties, is allowed when it is in the best interests of both nations."
The memo says the circumstances might include "targeting a UK citizen located in London using a British telephone system"; "targeting a UK person located in London using an internet service provider (ISP) in France; or "targeting a Pakistani person located in the UK using a UK ISP."
A spokeswoman for the NSA declined to answer questions from the Guardian on whether the draft directive had been implemented and, if so, when. The NSA and the White House also refused to comment on the agency's 2007 agreement with the UK to store and analyze data on British citizens.
The British foreign secretary in 2005 was Jack Straw, and in 2007 it was Margaret Beckett. The Guardian approached both of them to ask if they knew about or sanctioned a change in policy. Both declined to comment.
The Five-Eyes nations have, so far, steered clear of the diplomatic upheavals, which have emerged as a result of revelations of the NSA spying on its allies.
France, Germany and Spain have all recently summoned their respective US ambassadors to discuss surveillance within their borders, while earlier this month the UK ambassador to Germany was invited to discuss alleged eavesdropping from the UK embassy in Berlin.

http://www.theguardian.com/world/2013/no...sonal-data

[Peter Lemkin]

Just a heads up. I believe Greewald's next article to come out using documents from Snowden will be about Australia's involvement[s] in all this illegal electronic spying....no secret, that...but the details will be interesting. ::willynilly::

[David Guyatt]

Looks like Oz's Defence minister agrees with you Pete.

But like the Iron Lady, it looks like there's going to be "no turning back" no matter what.

Australia's surveillance has 'achieved too much' to stop, says David Johnston

'Assume the worst,' defence minister tells industry forum, warning of more leaks to come about intelligence sharing

• Katharine Murphy, deputy political editor
  
• Follow @murpharooFollow @guardianaus
  
• theguardian.com, Monday 2 December 2013 23.32 GMT
  

Intelligence agencies scoop up metadata the information we generate whenever we use technology, from the time of a phone call to the location from which an email is sent. Photograph: Tara Moore/Getty Images

Australia's defence minister, David Johnston, says the "5-Eyes" intelligence partners have achieved far too much with their co-operative surveillance programs to take a backward step now.
In a recording obtained by the West Australian newspaper, Johnston warns an audience of defence industry representatives to expect more damaging intelligence leaks courtesy of the US National Security Agency contractor-turned-whistleblower, Edward Snowden.
"We must assume the worst," Johnston said. "Suffice to say it's an area that I can't get into in great detail, but I simply say assume the worst.
"We are watching with great acuity what is happening in the space."
His remarks follow the latest revelation by Guardian Australia on Monday that Australia's surveillance agency offered in 2008 to share information collected about ordinary Australian citizens with its major intelligence partners.
According to a working draft memo recording the discussions in 2008, the Australian intelligence agency, then known as the Defence Signals Directorate, indicated it could share bulk material without some of the privacy restraints imposed by other countries, such as Canada.
The conversation referred to metadata the information we all generate whenever we use technology, from the date and time of a phone call to the location from which an email is sent. It is unclear what if any decisions or specific actions followed the 2008 meeting at Britain's GCHQ, at its headquarters in Cheltenham, on 22-23 April, 2008.
Johnston is the minister responsible for the Australian Signals Directorate.
He told the defence forum the 5-Eyes partners would press on with intelligence activities despite the disruptions created by the Snowden disclosures.
In comments apparently confirming co-operative surveillance activities, Johnston said the group had "invested far too much in this space to allow the event [the leaks] … to even contemplate a backward step".
The group to which Johnston refers is Australia and its major intelligence-sharing partners, the US, Britain, Canada and New Zealand.
The revelations have raised concerns about the adequacy of privacy protections in an era of widespread digital surveillance and the Greens have called for a full parliamentary inquiry to ensure Australia's intelligence agencies are not overstepping their legal mandates.
The prime minister rebuffed that idea on Monday.
Tony Abbott argued there was no evidence of overreach and argued the legal framework on intelligence gathering struck the right balance between protecting national security and protecting people's privacy.
Abbott, like Johnston, signalled that he expected Australia's intelligence services to remain vigilant and on task.
"Australia will act to protect our national interest and to protect our citizens," Abbott told parliament on Monday.
"We always have under governments of both persuasions and, as far as I'm concerned, we always will we will act to protect our national security."

[David Guyatt]

My my. Sir Malcolm Rifkind's loyal nose has just been tweaked

MPs ask MI5 boss to justify claim that NSA leaks endangered national security

Keith Vaz, chairman of home affairs select committee, says spy chief Andrew Parker has been summoned to give evidence

• Patrick Wintour, Political editor
  
• The Guardian, Tuesday 3 December 2013 21.58 GMT
  

Home affairs select committee chairman Keith Vaz has asked the MI5 chief to justify comments about the Guardian's coverage of Edward Snowden's leaks from the NSA Photograph: Linda Nylind for the Guardian

A committee of MPs challenged the existing system of oversight for the security services by asking the head of MI5 to justify his claims that the Guardian has endangered national security by publishing leaks from the former NSA contractor Edward Snowden.
In an unprecedented step, Keith Vaz, the chairman of the home affairs select committee, announced that spy chief Andrew Parker had been summoned to give evidence in public to the Commons committee next week.
The decision was taken at a private session of the select committee on Tuesday before the body heard evidence from Guardian editor Alan Rusbridger seeking to justify the Guardian's decision to publish a string of stories based on US and UK intelligence agency files leaked by Snowden to the media.
Although last month the security services appeared in public for the first time to give evidence to parliament, they appeared before the Intelligence and Security Committee (ISC). Members of that committee are appointed by the prime minister and tend to have defence or a security background. Commons select committees, by contrast, are parliamentary committees, with the chairs and members elected by MPs.
It is understood that the home affairs select committee rejected inviting Parker to give evidence in private. Julian Huppert, a Lib Dem member of the committee, said: "A precedent has been set and now that the heads of the security services have given evidence once in public they should do so again to us, and not just to MPs they would like to have ask them questions. I would expect Mr Parker to attend."
Labour committee member David Winnick also pointedly ridiculed the ISC referring to the way in which Britain's three main spy chiefs had been given prior notice of the questions in its first public evidence session last month. Some committee members want Parker to reveal how much MI6 and MI5 had told the ISC about its mass programme of surveillance, so in effect testing the value of the ISC as a constitutional check on the security services. Deep political divisions over the Guardian's publication of the Snowden files were exposed throughout the one-hour cross examination of the Guardian's editor, with Tory MPs rigidly focusing on whether the newspaper had broken the Terrorism Act by sending the names of UK agents abroad as documents were shared with the New York Times.
Cressida Dick, the Met's Assistant Commissioner who heads London's Specialist Operations unit, told the committee in subsequent testimony confirmed that the Metropolitan police was looking to see whether individuals had broken Section 58A of the Terrorism Act, saying she would go wherever the evidence took her. "It appears possible ... that some people may have committed offences," she said, but declined to specify whether the Guardian is under investigation.
Following the session Julian Smith, the Conservative at the helm of Tory criticism of the Guardian, went so far to accuse Rusbridger of treason. The MP said that Rusbridger had "admitted the names of British agents were in documents he could not bother to read, but he sent abroad to America. The Terrorism Act 2000 makes it an offence to communicate the names of the agents that protect us. It is for the police to take the decisions, but I hope he is prosecuted."
Rusbridger told the committee he did not know if the police were conducting an inquiry, but promised the paper would not be intimidated from publishing stories that it regarded were in the public interest. He said approximately 1% of the 58,000 intelligence files leaked by US whistleblower Snowden have been published by the paper. He had consulted government officials prior to the publication of every story, but one. He explained the files had originally been placed in four locations with the Guardian, the Washington Post, a location in Rio de Janeiro and a location in Germany. "That's the hand of cards we were all dealt The Guardian, security services and governments." Vaz referred to Parker's claim that the Guardian had gifted the terrorists the ability to attack at will, saying "this is severe criticisms of a kind I have not seen before from the head of our security services".
Rusbridger countered that "the problem with the accusations is they tend to be very vague and not rooted in specific stories" adding the publication of the NSA files "leaps over the hurdle of public interest". He said: "There is no doubt in my mind ... that newspapers have done something that oversight has failed to do".
He pointed to a series of senior UK and US officials that had described the Guardian's behaviour as incredibly responsible, insisting the Guardian was not a rogue newspaper, but acting in concert with other responsible newspapers to publish stories .
In possibly the most heated exchanges Conservative MP Michael Ellis insisted he would not be a party to "a Labour love-in", and asked Rusbridger, "if you'd known about the Enigma code during World War Two would you have transmitted that information to the Nazis?"
Ellis suggested to Rusbridger by using Fed-Ex to communicate some of the NSA files, containing the names of intelligence officers, he had committed a criminal offence. "It isn't only about what you've published, it's about what you've communicated. That is what amounts, or can amount, to a criminal offence," Ellis asserted.
"You may be a lawyer, Mr Ellis, I'm not, so I will leave that with you," the editor replied. He also pointed out "We have never used a single name. We have published no names and we have not lost control of any names". The files sent to the US were encrypted to military grade and had not been compromised, he said.
Ellis also clamed the Guardian may have exposed the identity of gayGCHQ staff, or GCHQ families that had been on a trip to Disneyland in Paris. Rusbridger pointed out the fact that there was a Pride branch of GCHQ was on the website of Stonewall, the gay rights pressure group.
At one point Vaz took an unexpected tack, asking the editor whether he "loved this country." A startled Rusbridger replied: "We are patriots and one of the things we are patriotic about is the nature of our democracy and of a free press. There are countries and they are not generally democracies where the press are not free to write about this and where the security services do tell editors what to write. That's not the country we live in, in Britain, and it's one of the things we love about the country."

[Magda Hassan]

The most damaging thing they can find is that the Guardian may have breeched Fed Ex's terms and conditions.

[David Guyatt]

But will anyone now believe them if the Google's of the world are told they'll get their way?

I won't.

NSA surveillance: tech companies demand sweeping changes to US laws

Apple, Google and Microsoft among companies to call for reforms to restore the public's trust in the internet

• Dan Roberts in Washington and Jemima Kiss in London
  
• theguardian.com, Monday 9 December 2013 05.00 GMT
  

AOL, Twitter, Yahoo, Microsoft, Facebook, Google, Apple and LinkedIn say: 'The balance in many countries has tipped too far in favour of the state and away from the rights of the individual'

The world's leading technology companies have united to demand sweeping changes to US surveillance laws, urging an international ban on bulk collection of data to help preserve the public's "trust in the internet".
In their most concerted response yet to disclosures by the National Security Agency whistleblower Edward Snowden, Apple, Google, Microsoft, Facebook, Yahoo, LinkedIn, Twitter and AOL will publish an open letter to Barack Obama and Congress on Monday, throwing their weight behind radical reforms already proposed by Washington politicians.
"The balance in many countries has tipped too far in favour of the state and away from the rights of the individual rights that are enshrined in our constitution," urges the letter signed by the eight US-based internet giants. "This undermines the freedoms we all cherish. It's time for change."
Several of the companies claim the revelations have shaken public faith in the internet and blamed spy agencies for the resulting threat to their business interests. "People won't use technology they don't trust," said Brad Smith, Microsoft's general counsel. "Governments have put this trust at risk, and governments need to help restore it."
The chief executive of Yahoo, Marissa Mayer, said: "Recent revelations about government surveillance activities have shaken the trust of our users, and it is time for the United States government to act to restore the confidence of citizens around the world."
Silicon Valley was initially sceptical of some allegations about NSA practices made by Snowden but as more documentary evidence hasemerged in the Guardian and other newspapers detailing the extent of western surveillance capabilities, its eight leading players collectively valued at $1.4tn have been stung into action amid fears of commercial damage.
"We understand that governments have a duty to protect their citizens," they say in the letter. "But this summer's revelations highlighted the urgent need to reform government surveillance practices worldwide."
A separate list of five "reform principles" signed by the normally fiercely competitive group echoes measures to rein in the NSA contained in bipartisan legislation proposed by the Democratic chair of the Senate judiciary committee, Patrick Leahy, and the Republican author of the Patriot Act, Representative Jim Sensenbrenner.
Crucially, Silicon Valley and these key reformers in Congress now agree the NSA should no longer be allowed to indiscriminately gather vast quantities of data from individuals it does not have cause to suspect of terrorism in order to detect patterns or in case it is needed in future.
"Governments should limit surveillance to specific, known users for lawful purposes, and should not undertake bulk data collection of internet communications," says the companies' new list of principles.
They also argue that requests for companies to hand over individual data should be limited by new rules that balance the "need for the data in limited circumstances, users' reasonable privacy interests, and the impact on trust in the internet".
This places them in direct conflict with Dianne Feinstein, the Democratic chair of the Senate Intelligence Committee, who is sponsoring a rival bill that would enshrine the right of security agencies to collect bulk data.
Feinstein, who represents California, has been accused by critics of being a cheerleader for Washington's intelligence committee but now faces opposition from her state's largest industry.
The companies also repeat a previous demand that they should be allowed to disclose how often surveillance requests are made but this is the first time they have come together with such wide-ranging criticism of the underlying policy.
The industry's lobbying power has been growing in Washington and could prove a tipping point in the congressional reform process, which has been delayed by the autumn budget deadlock but is likely to return as a central issue in the new year.
The Feinstein and Leahy/Sensenbrenner bills agree with technology companies that there should be greater transparency of court rulings regulating surveillance and more opportunity for privacy advocates to argue against intelligence agency requests.
The eight technology companies also hint at new fears, particularly that competing national responses to the Snowden revelations will not only damage their commercial interests but also lead to a balkanisation of the web as governments try to prevent internet companies from escaping overseas.
"The ability of data to flow or be accessed across borders is essential to a robust, 21st century, global economy," the companies argue in the list of reform principles. "Governments should permit the transfer of data and should not inhibit access by companies or individuals to lawfully available information that is stored outside of the country. Governments should not require service providers to locate infrastructure within a country's borders or operate locally."
And they argue foreign governments need to come together to agree new international standards regulating surveillance, hinting at legal disputes and damage to international trade otherwise.
"In order to avoid conflicting laws, there should be a robust, principled, and transparent framework to govern lawful requests for data across jurisdictions, such as improved mutual legal assistance treaty or "MLAT" processes," say the companies. "Where the laws of one jurisdiction conflict with the laws of another, it is incumbent upon governments to work together to resolve the conflict."
Official responses to the Snowden revelations have been angriest in countries subject to US surveillance such as Germany and Brazil, but more muted in countries such as Britain and Australia, whose governments are close partners of the NSA.
Martha Lane Fox, who recently resigned as the British government's digital champion, responded to the new letter by expressing concern at the lack of understanding of both the scale and complexity of the surveillance story within Britain's government.
"We do have an issue in this country among the corporate world, the political establishment and the general population where we have a shortage of skills and understanding for the digital age," she told the Guardian. "There is an absence of a clear, coherent debate around this subject in this country and it's a very big issue that will only become more frequent the more technologically dependent we become."
She pointed to comments made by the former Conservative home office minister Lord Blencathra and the Labour peer Lord Soley, who both expressed concern at the scope of surveillance by the security services.
"[The government] needs to listen to people, to examine whether their policies are fit for the digital age. It's not that people aren't used to their data being collected, but what it is being collected for, and there needs to be a distinction between the average person and a security threat."
The eight internet companies behind the new letter also acknowledge that business also has a responsibility to protect privacy.
"For our part, we are focused on keeping users' data secure, deploying the latest encryption technology to prevent unauthorised surveillance on our networks, and by pushing back on government requests to ensure that they are legal and reasonable in scope," they conclude.
"We urge the US to take the lead and make reforms that ensure that government surveillance efforts are clearly restricted by law, proportionate to the risks, transparent and subject to independent oversight."
Google, Twitter, Yahoo and last week Microsoft have all responded to public concerns over surveillance by increasing the security of their products, introducing "perfect forward secrecy" encryption to protect information travelling on their internal systems.
"The security of users' data is critical, which is why we've invested so much in encryption and fight for transparency around government requests for information," said Google's chief executive, Larry Page.
"This is undermined by the apparent wholesale collection of data, in secret and without independent oversight, by many governments around the world. It's time for reform and we urge the US government to lead the way."

[Magda Hassan]

I wouldn't trust any of those companies. And certainly don't trust the US government intel services. They've done too many deals with the devil already. And continue to do so. I take this as PR damage control because many are walking with their feet and wallets to the many free alternatives that support privacy and user control. https://prism-break.org/

[Peter Presland]

I wouldn't trust any of those companies. And certainly don't trust the US government intel services. They've done too many deals with the devil already. And continue to do so. I take this as PR damage control because many are walking with their feet and wallets to the many free alternatives that support privacy and user control. https://prism-break.org/

The bottom line for me is simple: Where technical and logistical capabilities exist, they WILL be used by the SIS's for their largely hidden purposes; period. If those capabilities reside in large corporations, then those corporations will be made offers that, consistent with remaining large corporations, cannot be refused.

Thus Google's idealistic young start-up motto 'don't be evil' morphs seamlessly into it's Orwellian opposite - and few people seem to notice or care.

[David Guyatt]

Beware!

Military-intelligence-big business shill at work.

Obama rocks, right.

NSA review to leave spying programs largely unchanged, reports say

Panel to propose bulk surveillance continue with some curbs
Adviser calls apparent decision to leave core intact 'shameful'

• Spencer Ackerman in Washington
  
• The Guardian, Friday 13 December 2013 16.54 GMT
  

Barack Obama ordered the review of NSA surveillance in the wake of the Edward Snowden disclosures. Photograph: Rex Features

A participant in a White House-sponsored review of surveillance activities described as "shameful" an apparent decision to leave most of the National Security Agency's controversial bulk spying intact.
Sascha Meinrath, director of the Open Technology Institute, said Friday that the review panel he advised is at risk of missing an opportunity to restore confidence in US surveillance practices.
"The review group was searching for ways to make the most modest pivot necessary to continue business as usual," Meinrath said.
Headed by the CIA's former deputy director, Michael Morrell, the review is expected to deliver its report to President Barack Obama on Sunday, the White House confirmed, although it is less clear when and how substantially its report will be available to the public.
National security council spokeswoman Caitlin Hayden said she would have no further comment "on a report that is not yet final and hasn't yet been submitted to the White House".
Should the review group's report resemble descriptions that leaked late Thursday, the report "does nothing to alter the lack of trust the global populace has for what the US is doing, and nothing to restore our reputation as an ethical internet steward," said Meinrath, who met with the advisory panel and White House officials twice to discuss the bulk surveillance programs that have sparked international outrage.
Leaks about the review group's expected recommendations to the New York Times and Wall Street Journal strengthened Meinrath and other participants' long-standing suspicions that much of the NSA's sweeping spy powers would survive. The Times quoted an anonymous official familiar with the group saying its report "says we can't dismantle these programs, but we need to change the way almost all of them operate".
According to the leaks, the review group will recommend that bulk collection of every American's phone call data continue, possibly by the phone companies instead of the NSA, with tighter restrictions than the "reasonable, articulable suspicion" standard for searching through them that the NSA currently employs. Less clear is whether the review will recommend removing authorities NSA possesses to allow searches for Americans' identifying information in its vast databases of foreign communications content.
The leaks in the New York Times and Wall Street Journal suggested that the review group will do less to restrain the bulk spying on foreign nationals that is a more traditional NSA activity, although the Journal referred to additional privacy safeguards. For surveillance of foreign leaders, the group looks likely to recommend such spying be personally approved by the president or White House officials.
Revelations that the NSA spies on allied leaders yielded a diplomatic outcry after German chancellor Angela Merkel personally raised the issue with Obama. Dianne Feinstein, the Senate intelligence committee chairwoman who has sponsored a bill preserving and in some cases expanding the bulk collection efforts, declared herself "totally opposed" to spying on allied leaders.
The report also appears to embrace the idea of allowing a privacy advocate to contest government collection requests before the secret surveillance panel known as the Fisa court, a key reform sought by congressional privacy advocates.
But the White House rejected a more controversial proposal that would split the technologically sophisticated NSA from the military's relatively new cyber command, which is tasked with protecting the military's data networks and launching wartime cyberattacks. Keeping the NSA director in charge of cyber command is "the most effective approach to accomplishing both agencies' missions", Hayden told the Washington Post. The decision likely indicates the NSA will continue to be run by a military officer, unless an unusual bureaucratic arrangement is found.
On Wednesday, NSA director Keith Alexander, the army general who will retire in the spring after leading the agency for eight years, strongly defended the bulk collection of phone data as necessary to detect future domestic terrorist attacks. "There is no other way we know of to connect the dots," Alexander told the Senate judiciary committee.
For months, the NSA and other intelligence officials have said they were open to the idea of letting phone companies conduct the bulk retention of data although they have warned that doing so is technologically cumbersome provided the bulk data pool continues. The NSA has maintained strong, secret ties with the phone companies since its inception in 1952.
Michelle Richardson, the ACLU's surveillance lobbyist, said the organization would wait for a public release of the report to evaluate its merits, but said the group's support depended on how far the review panel went in curbing "bulk suspicionless spying or not".
"To the extent that they, like Feinstein, codify existing practices, we'll oppose it," Richardson said, "but if they make substantial reforms about protecting this very sensitive data, it's on the right track."
Jim Harper of the libertarian Cato Institute warned that the phone companies' retention of bulk domestic phone data was a "non-starter".
"Is secretly violating Americans' communications privacy really rewarded by a policy requiring the violation of Americans' communications privacy?" Harper wrote in a Friday blogpost.
Lurking in the background of the White House's internal review is a heated legislative battle over ending bulk surveillance.
Civil libertarians in both parties and both houses of Congress are backing a bill, the USA Freedom Act, that would prevent the NSA's bulk collection of Americans' data without individualized, court-approved suspicion of wrongdoing. The Obama administration has yet to take a formal position on the bill, which supporters claim has 120 congressional co-sponsors but has yet to pass.
It is unclear whether the bill's proponents will be satisfied by requiring the bulk preservation of phone data by the phone companies. Currently the phone companies retain the data for 18 months, while the NSA desires a data pool comprised of information spanning between three and five years.
Obama has publicly portrayed the surveillance review process as substantial and inclusive of all equities in a debate he did not expect to have pre-Snowden.
In an MSNBC interview last week, Obama said the review heard from "a whole bunch of folks, civil libertarians and lawyers and others to examine what's being done", and predicted proposing "some self-restraint on the NSA and to initiate some reforms that can give people more confidence".
Yet the anticipated surveillance report appears to stop short of desires for reforms expressed in a little-noticed public-comments section on the review group's website which is nestled within the director of national intelligence's online home.
Richard Barnblace, who described himself as having nearly avoided death or injury in this year's Boston Marathon bombing, commented: "The NSA's desire to collect ever more data is a prime example of the Haystack Fallacy: the absurd notion that you will find more needles by piling on more hay."
"We need the same level of confidence in our electronic privacy as in we do in our physical homes," wrote Cyprien Noel of California.
Some commenters discussed technical shortcomings of the NSA's now-public geolocation activities, describing them as inevitably and mistakenly collecting data domestically.
"If the NSA were to mistakenly classify domestic servers as outside the United States, even at low rates, it would acquire a substantial amount of purely domestic internet traffic," wrote Jonathan Mayer of Stanford University's department of computer science.
The Open Technology Institute's Meinrath said he told White House chief of staff Denis McDonough that the bulk surveillance revelations represented a "reputational crisis" for the US. "I think the Obama administration is going to be shocked in their own special way by just how little impact this has in turning around public perception of what they're doing," he said.
"I think what they're going to find is when the initial dust settles from this attempt to spin the story is that people are going to be quick to realize this is not meaningful reform, this is not a bold new direction, and it is not going to do much to rein in a surveillance regime run amok."

[David Guyatt]

Ask Greenwald I suppose. He's got it all. Which if the Greenwald has sold out report is true, then this story is now false:

US 'may never know extent of Edward Snowden NSA leaks' report

New York Times quotes senior administration official saying: 'They still don't know all of what he took'

• Amanda Holpuch in New York
  
• theguardian.com, Saturday 14 December 2013 21.20 GMT
  
• Jump to comments (504)
  

A senior administration official said: 'I know that seems crazy, but everything with this is crazy.' Photograph: Patrick Semansky/AP

Government officials have concluded that they may never know the full extent of information leaked by the National Security Agency whistleblower Edward Snowden, according to a report published on Saturday by the New York Times.
Senior government officials told the newspaper that investigators are unsure of the scope of information Snowden collected, partially because the Hawaii data facility he worked at, as a contractor, did not have employee monitoring software with which other NSA facilities were equipped. Such software is meant to detect unusual behavior among the agency's approximately 35,000 employees.
"They've spent hundreds and hundreds of man hours trying to reconstruct everything he has gotten, and they still don't know all of what he took," the Times quoted a senior administration official as saying. "I know that seems crazy, but everything with this is crazy."
Officials provided some details on how Snowden was able to avoid detection, including that he was able to hack firewalls intended to prevent employees from accessing some parts of the agency's system. They also said they believe Snowden acted alone. According to the officials, Snowden would have known the Hawaii facility did not have the employee-monitoring software installed.
On Friday, an advisory committee tasked with assessing the agency's operation submitted a report to the president. According to the White House, the contents of the report will not be made public until next month. President Barack Obama will then announce which recommendations he will act on.
Snowden, who was granted a year-long amnesty by Russia, has said that he gave all the documents, of which he kept no copies, to a group of journalists who then shared them with news organizations including the Guardian. However, the leader of the presidential advisory committee, Rick Ledgett, believes Snowden has access to documents that have not yet been disclosed. Ledgett said he would consider granting Snowden amnesty if he could provide those documents.
"So, my personal view is, yes, it's worth having a conversation about,"Ledgett told CBS in an interview scheduled to air on Sunday, on 60 Minutes. "I would need assurances that the remainder of the data could be secured, and my bar for those assurances would be very high. It would be more than just an assertion on his part."