The Wall Street Journal has an article today, titled “U.S. Terrorism Agency to Tap a Vast Database of Citizens.” It reports:
The rules now allow the little-known National Counterterrorism Center to examine the government files of U.S. citizens for possible criminal behavior, even if there is no reason to suspect them. That is a departure from past practice, which barred the agency from storing information about ordinary Americans unless a person was a terror suspect or related to an investigation.
Now, NCTC can copy entire government databases—flight records, casino-employee lists, the names of Americans hosting foreign-exchange students and many others. The agency has new authority to keep data about innocent U.S. citizens for up to five years, and to analyze it for suspicious patterns of behavior. Previously, both were prohibited.
It’s important to think carefully about how the government can use the information it collects (whereas the most intense public debate has been about how the government collects information in the first place), but I don’t agree with the immediate reaction of some to this story (see, e.g., here) that it shows vast new government surveillance powers.
For one thing, it’s important to keep in mind what the referenced Guidelines do and don’t do. These are new rules approved by the Attorney General to govern some sharing of information among government agencies, so in that respect they may facilitate NCTC’s access to some datasets, but they can’t enlarge NCTC’s statutory powers and responsibilities to integrate and analyze all intelligence pertaining to counterterrorism, and all of these activities remain bounded by other laws like the Privacy Act. These Guidelines also still require that NCTC and agencies with relevant databases work out additional terms and conditions for NCTC access, so there may be other protections to those found in the baseline Guidelines themselves.
Moreover, to me one of the most interesting aspects of this Wall Street Journal article and the documents it is based on is the role of internal agency checks – especially the role of privacy officers – within the intelligence community. As the story notes:
Privacy offices are a relatively new phenomenon in the intelligence community. Most were created at the recommendation of the 9/11 Commission. Privacy officers are often in the uncomfortable position of identifying obstacles to plans proposed by their superiors.
Yet the story shows the influential sway of these officers, even if in the end they didn’t roll back proposed Guideline changes as much as they would have preferred. The story shows their influence on deliberations within and among federal agencies, including their direct participation in high-level White House meetings. Far from a story about the intelligence community running amok, this is a story about the agencies involved working to solve technical impediments to their mandates with a serious awareness of the civil liberties implications.