The Foreign Intelligence Surveillance Court has released the names of the first five Amici Curiae that will serve the Court as part of reforms enacted under the USA Freedom Act. The list, effective November 25th, 2015, can be found below:
Latest in usa freedom act
On midnight of November 29th, the NSA stopped its bulk collection of telephony metadata once authorized under Section 215 of the USA Patriot Act. Under the USA Freedom Act, which Congress passed in June, the agency was required to reform its phone records program, creating a mechanism by which the data would be stored locally with the phone providers and searchable only after receiving an order from the Foreign Intelligence Surveillance Court (FISC) for a "specific selection term."
Although it is a close call, the decision of the Court of Justice of the European Union (CJEU) in Schrems v. Data Protection Commissioner may turn out to be the most important consequence of the Snowden revelations. The CJEU invoked fears of NSA surveillance to strike down the safe harbor agreement that makes it easy for American companies to transfer personal information of Europeans to the United States.
What good is CISA, anyway?
Now that both the House and Senate have passed information sharing bills that are strikingly similar but not identical, the prospects for a change in the law are good. But what are those changes, and how much difference will they make to network defenders?
In my last post, I said that the European Court of Justice decision in Maximillian Schrems v. Data Protection Commission ignores some inconvenient truths. US frustrations with European double standards on surveillance are understandable. They are also beside the point. The US must reform surveillance law – specifically, Section 702 of FISA – if it wants to restore safe harbor.
According to the Office of the Director of National Intelligence, the National Security Agency will no longer access the historical metadata collected under Section 215 after the 180-day transition period authorized under the USA Freedom Act. The Agency will retain the information for three additional months (so, until sometime in late February 2016) to allow technical personel to evaluate the integrity of data from the new collection method, but it will be off limits for analytical purposes.
Dustin Volz of the National Journal brings us the news that the Foreign Intelligence Surveillance Court has "revived the National Security Agency's bulk collection of Americans' phone records" for an additional five months, as allowed under the USA Freedom Act passed earlier this month.
The order, written by Judge Michael W. Mosman, begins
The Foreign Intelligence Surveilance Court's memorandum opinion was signed on Wednesday. On first glance, Judge Dennis Saylor's conclusion seemingly was that the USA FREEDOM Act reinstated and at the same time amended FISA's business records provision as it existed on June 1—thereby permitting continued collection under that authority. As best I can tell, the idea was to iron out a quite conseqential wrinkle, itself caused by the timing of the USA FREEDOM Act's passage and the sunset of key business records language.
Our guest for Episode 70 of the Cyberlaw Podcast is Dan Kaminsky, a famous cybersecurity researcher who found and helped fix a DNS security flaw.