President Barack Obama's administration ending its eight-year rule by expanding the sharing of intercepted communications and data between federal agencies may feel a little bit like a final giant middle finger to the many critics of the massive, secretive surveillance state.
Attorney General Loretta Lynch just signed off on changes that will increase the ability of the National Security Agency (NSA) to share some raw intercepted data with other agencies before the process of filtering out private information from people unconnected to actual targets. The snooping itself is not changing, but more people will have access earlier in the process.
Specifically this is surveillance authorized by Executive Order 12333, the provisions that outline the conduct of intelligence agencies. These are rules separate from the Foreign Intelligence Surveillance Act (FISA), the PATRIOT Act, and the new USA Freedom Act. The 12333 rules are specifically intended to oversee surveillance of foreign targets and foreign countries. It has very little oversight outside of the executive branch.
Because of the intelligence community's attitude of "collect everything and sort it out later," the surveillance taking place through 12333 also ends up gathering all sorts of communications and data from domestic sources. What had been happening is that the NSA would filter out anything other agencies shouldn't be getting access to and then pass the info along. Under the new rules, these other agencies will be able to search through the raw information itself but would still be required to purge unrelated communications.
So the end result is not more surveillance, but more federal staffers will have greater access to the surveillance that's already happening. According to The New York Times, the NSA is aware of the increased risk of private data getting out and will grant requests that are partly based on how potentially damaging it could be if people's private data were "improperly used and disclosed."
The stated purpose for this shift, which has been in the works for years and is not some abrupt final act from Obama, is to help reduce the problem of potentially important intelligence not being adequately passed between agencies in the effort to track down possible terror plots.
But it clearly, obviously also could potentially lead to abuse. Patrick Toomey of the American Civil Liberties Union (a critic of the broadness of the 12333 data collection) tells The New York Times:
"Rather than dramatically expanding government access to so much personal data, we need much stronger rules to protect the privacy of Americans," Mr. Toomey said. "Seventeen different government agencies shouldn't be rooting through Americans' emails with family members, friends and colleagues, all without ever obtaining a warrant."
As the Times notes, though the rules severely restrict how the agencies may search data about Americans (only for the purposes of foreign intelligence investigations), it does allow the NSA to tip off the Justice Department if it stumbles across evidence of crimes.
The number of people who will potentially have access to this evidence collected without a warrant will increase, and as Wired explains, there will be increased opportunities for law enforcement agencies to use the concept of "parallel construction" to attempt to secretly collected information without having to reveal it to defendants. Under "parallel construction," law enforcement agencies act upon the information they've gotten without warrants but then look for additional evidence they wouldn't have known about without the surveillance information. The "additional" evidence is what gets submitted to the courts, and they keep their mouths shut about the existence of the data or communications they've accessed without court approval. The judge and the defense don't even know about the secret sources, and therefore cannot challenge the constitutionality of the data collection.
The Electronic Frontier Foundation has been ringing the alarm about the potential misuses of communications collected under 12333 for years, particularly in connection with Edward Snowden's domestic surveillance disclosures. Read about their concerns here.
And we already have examples of how surveillance authorities are already misused against Americans. There are thousands of incidences of privacy violations by NSA employees per year. Most are not intentional and are not done with any ill intent, allegedly. But there have been cases where NSA employees have engaged in inappropriate snooping for personal reasons. It is not unreasonable to think an increased number of people looking over raw data will lead to increased incidences of the data being misused.
For a different perspective, Susan Hennessey, a former NSA attorney who serves as the managing editor of Lawfare, told The Atlantic she believes carefully hammering out and implementing these rules will actually reduce the risk of reckless changes by Donald Trump's heavily pro-surveillance incoming administration. Read her argument here.