The Foreign Intelligence Surveillance Court granted U.S. intelligence agencies a 90-day extension to their wide-scale phone record collection program, including records of U.S. citizens.
The program supports the government's wide-scale surveillance activities under PRISM, outlined in documents leaked by former National Security Agency contractor Edward Snowden last year. The government sought the extension while Congress finalizes legislation attempting to rein in the broad scope of the telephone metadata collection, according to a statement issued by the U.S. Justice Department Friday. The House passed the USA Freedom Act in May in an attempt to curb the practice. The measure is being mulled by the Senate.
"Overall, the bill’s significant reforms would provide the public greater confidence in our programs and the checks and balances in the system, while ensuring our intelligence and law enforcement professionals have the authorities they need to protect the nation," according to the joint statement issued by the Justice Department and Director of National Intelligence James Clapper. "Given that legislation has not yet been enacted, and given the importance of maintaining the capabilities of the Section 215 telephony metadata program, the government has sought a 90-day reauthorization of the existing program."
The FISA court order was issued Thursday and expires Sept. 12, according to the statement. Senators began hearings on the USA Freedom Act on June 5 and are debating whether the bill has enough restrictions over the collection of domestic communications.
The government has been collecting location data, the length and other characteristics of telephone calls to analyze communication patterns and trace potential terrorist activity since a secret order was issued by the Bush Administration in 2001, following the 9/11 terrorist attacks, according to a report by USA Today in 2006. A FISA court order obtained last year by The Guardian indicated that the secret court was allowing the bulk collection sought by the government though a provision of the Patriot Act.
The extent of the government's surveillance activities is projected to negatively impact the international business growth among technology providers, including some U.S.-based managed service providers, according to industry groups, including the Information Technology & Innovation Foundation, which estimated the negative fallout to cost U.S firms billions of dollars in lost revenue. Providers of hosted email, data backup and archival services are facing a backlash from business owners in Europe, Brazil and other regions. U.S. technology providers, including Dell and Cisco Systems, have also warned of a negative impact on sales.
Solution providers in Canada and the U.S. interviewed by CRN said potential clients are asking more questions about the location and data-handling practices of the services they provide. A discussion typically tempers any potential fears, said Pete Zarras, founder and president of Cedar Knolls, N.J.-based Cloud Strategies. Zarras said he hasn't seen any effort to replace services or systems from his clients who seek help migrating email and other systems to Microsoft Office 365 and other cloud services.
"I guide all clients into taking reasonable efforts to protect their corporate data," said Zarras in a recent interview with CRN. "We discuss ways to establish stronger data-handling practices, encryption or other ways to control and document access."
While privacy advocates recommend additional restrictions to rein in the government's broad surveillance powers, supporters of the ongoing collection of cellphone, email and Internet communication say it's needed to prevent another terrorist attack. The public doesn't understand all the details of the surveillance program and the extent to which it improved the ability of the country to track down terrorists and other criminals, said former NSA director Gen. Keith Alexander (Ret.), who spoke at the Palo Alto Networks Ignite user conference in April. Alexander, who also spoke to IT security professionals last year at the Black Hat Conference in Las Vegas, said the intent of PRISM and other programs exposed in the Snowden documents was to respond to the modern ways terrorists communicate.
"We have to help people understand that there is difference between searching for malicious software and physically reading emails," Alexander said.
PUBLISHED JUNE 23, 2014