SurveillanceAdministration rejects criticism of NSA’s surveillance of foreign hackers

Just two years after the Edward Snowden leaks exposed the NSA’s domestic surveillance program, another report released last Friday from the Snowden files shares information about the NSA’s efforts to track foreign hackers. As with the NSA’s controversial foreign surveillance program which kept metadata records of suspected foreign terrorists’ conversations with Americans, the NSA’s hacker program may incidentally gather Americans’ private information from the files of foreign hackers. Lawmakers and the Foreign Intelligence Surveillance (FISA) court were made aware of the hacker program, but critics say it violates privacy rights.

The program, which has been in operation for at least five years, initially tracked Internet signatures associated with cyberthreats that originated from foreign or terrorist sources. The New York Times reported last week that in 2012, the NSA sought to expand the program to including surveillance of Internet signatures linked to “malicious cyber activity,” not just foreign or terrorist sources. “Without public notice or debate, the Obama administration has expanded the National Security Agency’s warrantless surveillance of Americans’ international Internet traffic to search for evidence of malicious computer hacking, according to classified NSA documents,” the Times story read.

Many in defense of the program say it carries out “warrantless” searches because it operates under Section 702 of the Foreign Intelligence Surveillance Act, which authorizes foreign intelligence collection programs after approved by the FISA court. Still critics point to a 2010 NSA Office of General Counsel briefing slide presentation, released by Snowden, that comments on the hacker program and warns NSA analysts, “Hacker signatures pull in a lot.” The slide, however, goes on to tell analysts, “Focus on foreign target use of intrusion capabilities.” It adds that the “worst thing” the NSA could do is “to collect against a USP (U.S. person) hacker” because that would be using NSA surveillance capabilities “for LE (law enforcement) purpose without a warrant.”

NSA analysts were told to halt surveillance of an Internet signature if that signature led to an American hacker. If the U.S. hacker had gone into a “protected computer,” a violation of U.S. law, then the analysts were to provide details of the hacker to the General Counsel for transmission to the Justice Department. TheWashington Post points out that generally, federal employees, particularly those involved in collecting and reviewing information, have an obligation to report potential federal criminal acts to the Justice Department.

The NSA slide also advised that if analysts came across a foreign hacker’s download of Internet traffic from or about American individuals or companies, they were to limit what was not foreign intelligence and minimize retained information, including removing names of Americans, gathering only what was needed to show the hacker’s intentions.

Last Friday’s disclosure of the NSA foreign hacker surveillance program came at the same time the Obama administration released information about the hacking of records of four million current and former federal employees held by the Office of Personnel Management, allegedly by Chinese hackers. Since then, legislators have proposed increasing rather than reducing the NSA’s anti-foreign hacking efforts.

Representative Adam B. Schiff (D-California), the ranking minority member on the House Permanent Select Committee on Intelligence, said on Fox News last Sunday that the NSA’s anti-foreign hacking program “is fundamentally what the American people expect of their government” and “we ought to be aggressively going after identifying and protecting the country from cyber hackers.”