Originally published at Bloomberg by Chris Strohm on 11/29/16
The FBI, National Security Agency and CIA are likely to gain expanded surveillance powers under President-elect Donald Trump and a Republican-controlled Congress, a prospect that has privacy advocates and some lawmakers trying to mobilize opposition.
Trump’s first two choices to head law enforcement and intelligence agencies — Republican Senator Jeff Sessions for attorney general and Republican Representative Mike Pompeo for director of the Central Intelligence Agency — are leading advocates for domestic government spying at levels not seen since the aftermath of the Sept. 11, 2001, terrorist attacks.
The fights expected to play out in the coming months — in Senate confirmation hearings and through executive action, legislation and litigation — also will set up an early test of Trump’s relationship with Silicon Valley giants including Apple Inc. and Alphabet Inc.’s Google. Trump signaled as much during his presidential campaign, when he urged a consumer boycott of Apple for refusing to help the FBI hack into a terrorist’s encrypted iPhone.
An “already over-powerful surveillance state” is about to “be let loose on the American people,” said Daniel Schuman, policy director for Demand Progress, an internet and privacy advocacy organization.
New Hacking Rule
In a reversal of curbs imposed after Edward Snowden’s revelations in 2013 about mass data-gathering by the NSA, Trump and Congress may move to reinstate the collection of bulk telephone records, renew powers to collect the content of e-mails and other internet activity, ease restrictions on hacking into computers and let the FBI keep preliminary investigations open longer.
Read more: Apple, the FBI and encryption — a QuickTake
A first challenge for privacy advocates comes this week: A new rule is set to go into effect on Dec. 1 letting the FBI get permission from a judge in a single jurisdiction to hack into multiple computers whose locations aren’t known.
“Under the proposed rules, the government would now be able to obtain a single warrant to access and search thousands or millions of computers at once; and the vast majority of the affected computers would belong to the victims, not the perpetrators, of a cybercrime,” Senator Ron Wyden, an Oregon Democrat who serves on the Intelligence Committee, said in a statement.
Wyden is one of seven senators, including libertarian Republican Rand Paul, who have introduced a bill, S. 3475, to delay the new policy until July to give Congress time to debate its merits and consider amendments.
Orlando, San Bernardino
Sessions, Pompeo and officials with national security and law enforcement agencies have argued that expanded surveillance powers are needed, especially because of the threat of small, deadly terrorist plots that are hard to detect, like the killing of 49 people at a gay nightclub in Orlando, Florida, in June and 14 people in San Bernardino, California, last year.
The FBI had at one point opened a preliminary investigation into the Orlando killer, Omar Mateen, but didn’t have the authority to keep it going for lack of evidence of wrongdoing.
“What’s needed is a fundamental upgrade to America’s surveillance capabilities,” Pompeo and a co-author wrote in a Wall Street Journal commentary in January. “Legal and bureaucratic impediments to surveillance should be removed.”
Pompeo and Sessions want to repeal a 2015 law that prohibits the FBI and NSA from collecting bulk phone records — “metadata” such as numbers called and dates and times — on Americans who aren’t suspected of wrongdoing.
“Congress should pass a law re-establishing collection of all metadata, and combining it with publicly available financial and lifestyle information into a comprehensive, searchable database,” Pompeo wrote.
Press aides for Sessions and Pompeo declined to comment.
Warrantless Interceptions
Sessions has opposed restraints on NSA surveillance and said in June that he supported legislation to expand the types of internet data the FBI can intercept without warrants.
Congress is also expected to consider legislation early next year that would renew the government’s ability to collect the content of e-mail and other internet activity from companies such as Google and Facebook Inc.
Under the Prism program, investigators pursuing suspected terrorists can intercept the content of electronic communications believed to come from outside the U.S. without specific warrants even if one end of the communications is inside the country or involves an American.
Patriot Act
Prism came under criticism when it was exposed by Snowden, the former NSA contractor who stole hundreds of thousands of documents on agency surveillance programs. Section 702 of the USA Patriot Act, under which Prism and other spy programs are conducted, is set to expire at the end of 2017 if it isn’t reauthorized by Congress.
James Comey, director of the Federal Bureau of Investigation, has said he also wants to renew a debate early next year about whether Apple and other companies can resist court warrants seeking to unlock encrypted communications. The agency went to court trying to force Apple to create new software to crack password protection on a phone used by the shooter in San Bernardino.
“Boycott Apple until they give up the information,” Trump said at a rally in South Carolina in February. He said Tim Cook, Apple’s chief executive officer, “is looking to do a big number, probably to show how liberal he is. Apple should give up.”
While the FBI dropped that case against Apple after buying a tool to hack into the phone, the increasing use of encryption on mobile devices and messaging services remains a challenge to national security and law enforcement agencies.
Browsing History
Republicans led by Senate Intelligence Committee Chairman Richard Burr of North Carolina are expected to re-introduce legislation requiring companies to give investigators access to encrypted communications.
The FBI is also seeking legislation that would allow it to obtain “non-content electronic communication transactional records,” such as browsing histories and computer Internet Protocol addresses, without court oversight or a warrant.
Sessions and Burr supported the legislation earlier this year, while it was opposed by major technology groups as well as Google and Facebook.
