Anti-Terrorism Legislation Gutting Privacy Standards Becomes Law
CDT POLICY POST Volume 7, Number 11, October 26, 2001
A BRIEFING ON PUBLIC POLICY ISSUES AFFECTING CIVIL LIBERTIES ONLINE
THE CENTER FOR DEMOCRACY AND TECHNOLOGY
(1) ANTI-TERRORISM LEGISLATION GUTTING PRIVACY STANDARDS BECOMES LAW
President Bush on October 26 signed into law an anti-terrorism package that dismantles many privacy protections for communications and personal data. Many of the provisions are not limited to terrorism investigations, but apply to all criminal or intelligence investigations.
This bill has been called a compromise but the only thing compromised is our civil liberties.
- Allows government agents to collect undefined new information about Web browsing and e-mail without meaningful judicial review;
- Allow Internet Service Providers, universities, network administrators to authorize surveillance of "computer trespassers" without a judicial order;
- Overrides existing state and federal privacy laws, allowing FBI to compel disclosure of any kind of records, including sensitive medical, educational and library borrowing records, upon the mere claim that they are connected with an intelligence investigation;
- Allows law enforcement agencies to search homes and offices without notifying the owner for days or weeks after, not only in terrorism cases, but in all cases - the so-called "sneak and peek" authority;
- Allows FBI to share with the CIA information collected in the name of a grand jury, thereby giving the CIA the domestic subpoena powers it was never supposed to have;
- Allows FBI to conduct wiretaps and secret searches in criminal cases using the lower standards previously used only for the purpose of collecting foreign intelligence.
The text of the legislation and analyses by CDT and others are online at http://www.cdt.org/security/010911response.shtml
(2) PROVISIONS TAKE EFFECT IMMEDIATELY; SOME "SUNSET" IN 2005
As passed, some of the surveillance provisions expire, or "sunset," in four years unless renewed by Congress. In four years, before any extension of the provisions, CDT hopes that there will be a Congressional review that will involve the deliberative balancing of civil liberties and national security that was lacking from the current debate.
CDT made it clear throughout the debate that terrorism was a serious problem, that the U.S. counter-terrorism effort had failed on September 11, and that changes to government security programs were needed. What is doubly distressing about the new law is that it was enacted without any examination of why existing authorities failed to prevent the September 11 attacks.
It is our greatest concern that the changes will be worse than ineffective - that, by cutting government agencies loose from standards and judicial controls, they will result in the government casting an even wider net, collecting more information on innocent people, information that distracts the government from the task of identifying those who are planning future attacks.
The sunset provision does not apply to the sharing of grand jury information with the CIA, giving the CIA permanent benefit of the grand jury powers. Nor does it apply to the provisions for sneak and peek searches or the provision extending application of the pen register and trap and trace law to the Internet.
The sunset also does not apply to ongoing investigations. Since intelligence investigations often run for years, even decades, the authorities will continue to be used even if they are not formally extended in 2005.
(3) NEW LAW REQUIRES CLOSE OVERSIGHT; OTHER CIVIL LIBERTIES ISSUES LOOM
Many threats to civil liberties loom in the short and mid-term. CDT is planning a series of efforts to monitor implementation of the new law as well as to counter additional efforts to erode privacy and other civil liberties:
- CDT is calling upon Congress to exercise its oversight powers to conduct a probing and sustained review of how the new law is interpreted and applied. To that end, CDT will be working, through its Digital Privacy and Security Working Group, to share information among affected members of the telecommunications and Internet industry and other civil liberties groups. The co-chairs of the Congressional Internet Caucus have asked CDT to use DPSWG and the Internet Caucus Advisory Committee to examine the new law and future proposals.
- The FBI may be pushing for extension to the Internet of the Communications Assistance for Law Enforcement Act, the 1994 law requiring telecommunications carriers -- but not providers of information services -- to build surveillance capabilities into their networks. Implementing CALEA in the traditional and wireless telephone networks has proven extremely contentious. Extending it to the Internet could have even worse consequences for network operations and security.
- CALEA for the Internet is only one shape that design mandates may take. European governments have been particularly aggressive in pushing data retention requirements -- rules requiring ISPs and others to maintain logs of all communications for a period of months. The issue of critical infrastructure protection also could serve as a vehicle for government controls on technology.
- Calls have been made for a national ID card. In addition to the civil liberties implications of hard copy identity cards, the concept poses additional risks if extended to the Internet. Several bills have been introduced or are being drafted calling for greater use of biometrics at the borders and in other contexts.
- Encryption is not entirely off the agenda. While Senator Judd Gregg pulled back from his announced intent to introduce mandatory key recovery legislation, the issue may return.
- At the behest of the new cyber-security czar, NSC official Richard Clarke, the Bush Administration issued a Request for Information (RFI) to the U.S. telecommunications industry seeking information and suggestions for the development of a special telecommunications network, separate from the Internet. The proposal's impact on e-government and citizen access to information is unclear, and it raises questions about the lack of government confidence in, and commitment to, the Internet.
Detailed information about online civil liberties issues may be found at http://www.cdt.org/.
This document may be redistributed freely in full or linked to http://www.cdt.org/publications/pp_7.11.shtml.
Excerpts may be re-posted with prior permission of email@example.com
Policy Post 7.11 Copyright 2001 Center for Democracy and Technology