The National Security Agency’s PRISM Internet data collection program is legal and has been effective at uncovering useful foreign intelligence, according to a new report from an independent oversight board, but intelligence agencies could do more to narrow the scope of data collections to better protect Americans’ privacy.
The report examined programs used by the NSA to collect Internet data — including emails and other communications — of non-U.S. citizens abroad which also ended up amassing information from innocent Americans.
“Overall, the Board has found that the information the program collects has been valuable and effective in protecting the nation’s security and producing useful foreign intelligence,” the Privacy and Civil Liberties Oversight Board said in a 191-page report released Tuesday night.
The Senate is currently considering legislation intended to curb the NSA’s bulk data collection programs somewhat, but it’s been a tough sell with some lawmakers because tech companies, privacy advocates and others have raised concerns that the legislation doesn’t go far enough.
The report is a blow to U.S. technology companies including Google, Microsoft, Apple and others who continue to complain about the NSA’s data collection program, saying it’s hurt their relationship with customers and has made it more difficult to do business overseas with distrustful governments and companies which don’t want their data collected by U.S. intelligence agencies. Last week, Verizon Communications lost a contract with the German government over such concerns.
The board raised concerns about the amount of data being collected, searched and stored from Americans with no ties to any terrorist or foreign intelligence organizations. Collected by the NSA, some of that PRISM data is also used by the FBI and Central Intelligence Agency for non-foreign intelligence-related investigations and prosecutions, the report said.
“The government is presently unable to assess the scope of the incidental collection of U.S. person information under the program.”
Congress and the Obama administration asked the independent, bipartisan five-member board to examine the constitutionality and bulk data collection practices of NSA surveillance programs uncovered by former contractor Edward Snowden. An earlier report by the group on an NSA program to collect Americans’ phone records said the program was illegal and should be terminated. The report released Tuesday night examined a separate but related bulk data collection program.
“The Board has found that certain aspects of the program’s implementation raise privacy concerns,” the report said, citing the “scope of the incidental collection of U.S. persons’ communications” while analysts were examining other targets.
What’s more, the board found that “the government is presently unable to assess the scope of the incidental collection of U.S. person information under the program.”
During the course of its year-long investigation, the board said it found no signs of “illegitimate activity” associated with the NSA’s PRISM and other data collection programs. “But the applicable rules potentially allow a great deal of private information about U.S. persons to be acquired by the government,” the report said.
The board offered ten recommendations for changing the program, mostly to limit the scope and use of data collected from U.S. citizens and to require more disclosure of how much information the NSA is collecting. They’re scheduled to vote on the recommendations Wednesday.
The group also suggested the Obama administration figure out a way to tell if these programs are actually working. (“The government should develop a comprehensive methodology for assessing the efficacy and relative value of counterterrorism programs.”)
The oversight board didn’t offer a to-do list for lawmakers, which was probably wise since Congress hasn’t shown the ability to do much this year.