Today's document details the implementation of reforms that the President announced a little more than a year ago. For background on the directive, Lisa Monaco's statement from the White House is here. The report opens as follows:
Over the course of the past eighteen months, the United States has undertaken a comprehensive
effort to examine and enhance the privacy and civil liberty protections we embed in our signals
intelligence (SIGINT) collection activities.
As part of this process, we have sought — and benefited from — a broad cross section of views,
ideas, and recommendations from oversight bodies, advocacy organizations, private companies,
and the general public. This effort has resulted in strengthened privacy and civil liberty
protections; new limits on signals intelligence collection and use; and increased transparency.
On January 17, 2014, President Obama signed Presidential Policy Directive-28,
Signals Intelligence Activities (PPD-28) and delivered an address at the Department of Justice on
the steps we are taking to reform certain intelligence activities. As we mark the one-year
anniversary of these events, it is a good time to report on the status of a range of ongoing
As this report shows, the Intelligence Community has made significant progress implementing
many reforms. However, our work is not done. To that end, the Office of the Director of National
Intelligence will issue another public report in 2016 about the Intelligence Community’s on-going
progress to implement these reforms.
A simultaneously issued "Fact Sheet" regarding implementation says a bit more about the executive branch's efforts of the past year:
Over the past eighteen months, the United States has undertaken a comprehensive effort to
examine and enhance the privacy and civil liberty protections embedded in our signals
intelligence (SIGINT) collection activities.
As part of this process, we have sought — and benefited from — a broad
cross section of views, ideas, and recommendations from oversight bodies, advocacy
organizations, private companies, and the general public. This effort has resulted
in strengthened privacy and civil liberty protections, new limits on the collection
and use of signals intelligence, and increased transparency.
On January 17, 2014, President Obama signed Presidential Policy
Directive-28, Signals Intelligence Activities (PPD-28) and delivered an
address at the Department of Justice on the steps we are taking to reform certain
signals intelligence activities.
To mark the one-year anniversary of these events, we have prepared an
online report to update the public on our reform efforts, including the implementation
of PPD-28 and other actions taken based upon recommendations from several independent
review groups. This report is posted on IC on the Record.
PRESIDENTIAL POLICY DIRECTIVE-28
Signals Intelligence Activities
- PPD-28 states, “our signals intelligence activities must take into
account that all persons should be treated with dignity and respect, regardless
of their nationality or wherever they might reside.” This commitment reiterates
long-standing SIGINT collection principles; limits Intelligence Community elements’
ability to use signals intelligence collected in bulk to six specific purposes;
requires an annual Cabinet-level review of SIGINT priorities and requirements in
light of potential risks to national security interests and relationships abroad;
and requires each Intelligence Community element to update or issue new policies
and procedures that implement safeguards for all personal information collected
through SIGINT, regardless of nationality, consistent with technical
capabilities and operational needs.
- All Intelligence Community elements have completed new policies
or revisions to existing policies to implement the requirements of PPD-28.
You can read each agency’s policies on IC on the Record.
The protections in these policies and procedures include new limits on the
retention and dissemination of personal information for persons of all
nationalities, as well as additional oversight, training, and compliance
- In addition, the Intelligence Community, in partnership with
the National Security Council, has elevated the process by which SIGINT
requirements and priorities are identified, so that the heads of the relevant
departments and agencies can better evaluate SIGINT collection in light of its
potential risks to national interests and our law enforcement, intelligence,
and diplomatic relationships abroad. The process of reviewing signals intelligence
collection covered almost seven dozen countries and organizations and resulted
in restrictions on the current signals intelligence collection posture.
Bulk Telephony Metadata Program
- In his remarks on January 17, 2014, the President ordered a transition
that would end Section 215 bulk metadata program as it currently exists.
- To begin this transition, the Intelligence Community in February 2014
began operating the telephony metadata collection program under new constraints
directed by the President to provide enhanced privacy protections, including
seeking advance approval from the Foreign Intelligence Surveillance Court for
each query term (except in an emergency) and limiting the results of queries to
two “hops” (or steps removed from a phone number associated with a terrorist
organization) instead of three, limiting the number of potential results from
- Then, based on recommendations from the Department of Justice and
the Intelligence Community, the President proposed that the government end the
bulk collection of telephony metadata records under Section 215 of USA PATRIOT Act,
while ensuring that the government has access to the information it needs to meet
its national security requirements. The Administration supported the USA FREEDOM Act
as a means of enacting this proposal, and we continue to call on Congress to reform
Section 215 in a manner consistent with the President’s proposal.
- In addition to the reforms announced in the President’s January 17 address,
the Privacy and Civil Liberties Oversight Board (PCLOB) conducted a comprehensive review
of the Intelligence Community’s activities under Section 215 and made 12 recommendations.
The Intelligence Community is working to address the majority of these
Related to the Bulk Collection of Signals Intelligence
- As noted above, PPD-28 imposes limitations on the use of SIGINT collected
- Moreover, over the past several months, a committee of independent experts
from top technology firms and academia assessed the technical feasibility of creating
software-based alternatives as substitutes for bulk collection. The committee just
released its report, which concluded that there is no software-based alternative which
will provide a complete substitute for bulk collection in the detection of some national
security threats, but the report suggested other steps to reduce risks to privacy and
civil liberties, as well as to improve oversight of bulk collection activities. We are
currently reviewing how to address these important findings.
Of the Foreign Intelligence Surveillance Act
- Section 702 allows the government to acquire foreign intelligence information
concerning non-U.S. persons reasonably believed to be located outside the United States.
As announced by the President in his January 17 address, we will provide additional privacy
protections for U.S. persons whose communications are incidentally collected under Section
702. This new executive branch policy limits the ability to retain, query, and use in criminal
cases this type of information.
- In addition, in 2014, the PCLOB conducted an in-depth review of the Intelligence
Community’s activities under Section 702. The PCLOB found them to be lawful and important
to national security, and offered ten recommendations to enhance privacy and civil
liberties protections for both U.S. and non-U.S. persons. The Intelligence Community
has agreed to make changes to address all of these recommendations.
The Intelligence Community has agreed to address all of these recommendations.
- We have declassified and publicly released an unprecedented amount of
information about current programs, much of which relates to the government’s use of
FISA authorities. We have published the first IC Annual Transparency Report,
disclosing statistics on the government’s use of National Security Letters and FISA authorities.
- We have also declassified certain aggregate FISA data so that communications
providers can disclose to the public additional information about how they respond to
requests they receive from the government.In addition, providers can now also make public
additional information about the number of National Security Letters they receive.
- We recently issued the Principles of Intelligence Transparency, which we will
implement this coming year to further enhance transparency while protecting intelligence
sources and methods.
OTHER KEY MEASURES
- National Security Letters. The FBI will amend its use of National
Security Letters to ensure that the non-disclosure requirement placed on recipients will
terminate within a fixed time period, absent a demonstrated need for further secrecy.
- Judicial Redress for Citizens of Certain Countries. In furtherance
of its commitment to protecting privacy in the law enforcement context, the Administration
is working with Members of Congress on legislation to give citizens of designated countries
the right to seek judicial redress for intentional or willful disclosures of protected
information, and for refusal to grant access or to rectify any errors in that information.
- Whistleblower Protections. As we have strengthened the security
of our systems, we have also reaffirmed the process by which Intelligence Community
personnel can report suspected violations of law or other ethical and legal concerns
without fear of retaliation. Within each agency there are multiple officials designated
to receive ethical, legal, or other concerns from intelligence employees. In addition,
intelligence personnel may leverage the Inspector General for the Intelligence Community,
the Civil Liberties and Privacy Officer in the Office of the Director of National Intelligence,
or, consistent with the Intelligence Community Whistleblower Protection Act, speak to
Members of Congress.
As we continue to implement these and other reforms, we will also
carefully review progress to identify any additional protections that might be needed.
In particular, we expect to focus on:
- Privacy Protections: Over the next year, Intelligence Community
elements will continue to implement the requirements their PPD-28 policies and procedures.
In addition, the Intelligence Community will continue to work to update agency guidelines
under Executive Order 12333 to protect the privacy and civil liberties of U.S. persons.
- Section 215 of the USA PATRIOT Act Capability: We will continue
to work with Congress to enact legislation preserving essential capabilities of the bulk
telephony metadata collection program without the need for the government to hold the data
in bulk before Section 215 of the USA PATRIOT Act sunsets in June 2015.
- Transparency: We have established a senior working group to continue
to identify ways the Intelligence Community can increase transparency without harming
national security. Expect to hear more from us on this effort.
- Annual Reports: In January of 2016 we will provide our next annual
report on our progress implementing SIGINT reforms.