Obama panel advises big changes to NSA surveillance practices
Posted on 19 December 2013.
The "independent" Review Group on Intelligence and Communications Technologies ordered to be created by US president Barack Obama in August has finally delivered its long-awaited report on NSA intelligence-gathering practices on Sunday, and it has been released to the public.

It includes over 40 recommendations, and among the most important ones are that:
  • Section 215 orders and National Security Letters can be issued by the Foreign Intelligence Surveillance Court only if they are "reasonable in focus, scope and breadth", and only if "the government has reasonable grounds to believe that the particular information sought is relevant to an authorised investigation intended to protect 'against international terrorism or clandestine intelligence activities'"
  • "The government should not be permitted to collect and store all mass, undigested, non-public personal information about individuals to enable future queries and data-mining for foreign intelligence purposes"
  • The storage of bulk telephony meta-data by the government should be put to an end. This his meta-data be held by private third parties (likely providers), and access to it given to government agencies only if the FISC allows it.
  • When legally intercepting communication directed at non-US persons, information about a US person disclosed in the communication should be "purged upon detection" if not useful or can be used to prevent serious harm, and should not be used as evidence in any proceeding against that US person
  • Surveillance of non-US persons outside the US must be lawful, and must be done only for national security reasons and not to obtain trade secrets or other economic advantages, and should not target non-US persons located outside the US for their political views or religious convictions.
  • Intelligence collection should be reviewed on an ongoing basis
  • A more stringent criteria should be used when considering whether to engage in surveillance of foreign leaders
  • The US government should create software that would allow intelligence agencies to conduct targeted information acquisition instead of bulk-data collection
  • The NSA become a strictly foreign intelligence organisation, with a possibly civilian Director, and that the US Cyber Command and the Director of the NSA not be the same person.
  • FISC judges be given greater technological expertes, and a Public Interest Advocate to be assigned to argue privacy and civil liberties before the court.
  • The US government should not sabotage efforts to create encryption standards and weaken encryption commercial encryption software.
The issued recommendations are just that, and don't have to be accepted and enforced by the government.

Currently, both sides of the fence have found things to be unsatisfied about regarding the report, but time will tell what good it can and will do.









Spotlight

Targeted attack protection via network topology alteration

Posted on 17 October 2014.  |  This article from Trend Micro tackles how network topology can aid in defending the enterprise network from risks posed by targeted attacks.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Mon, Oct 20th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //