Outdated snooping law
Reagan-era legislation allows for NSA hack of Google, Yahoo
A Google campus-network room is seen at a data center in Council Bluffs, Iowa. With the cooperation of foreign allies, the NSA is potentially gaining access to every email sent or received abroad, or between people abroad, from Google and Yahoos email services, as well as anything in Google Docs, Maps or Voice, according to a series of articles in the Washington Post. AP photo
SAN JOSE, Calif. — Back when Yahoo was something hollered at a rodeo and no one could conceive of Googling anything, President Ronald Reagan signed an executive order that extended the power of U.S. intelligence agencies overseas, allowing broader surveillance of non-U.S. suspects. At the time, no one imagined he was granting authority to spy on what became known as Silicon Valley.
But recent reports that the National Security Agency secretly broke into communications on Yahoo and Google overseas have technology companies, privacy advocates and even national security proponents calling for a re-examination of Reagan’s order and other intelligence laws.
Experts suggest a legislative update is long overdue to clear up what Electronic Frontier Foundation legal director Cindy Cohn calls “lots of big gray areas.”
With the cooperation of foreign allies, the NSA is potentially gaining access to every email sent or received abroad, or between people abroad, from Google and Yahoo’s email services, as well as anything in Google Docs, Maps or Voice, according to a series of articles in the Washington Post. It’s impossible to know how many of Google and Yahoo’s collective 1.8 billion accounts are affected, but in a single 30-day period last year, field collectors processed and warehoused more than 180 million new records — ranging from “metadata,” which would indicate who sent or received emails and when, to content such as text, audio and video, the Post reported.
The Post reported that the NSA and its British counterpart, the U.K. Government Communications Headquarters, have intercepted and tapped into data funneled by Google and Yahoo through fiber optic cables, routing information in an NSA operation called Muscular. The information was provided to the newspaper by former NSA contract employee Edward Snowden, who is being sought by the U.S. for leaking classified information.
“Had the NSA done the same warrantless tapping at Google’s Mountain View, California, headquarters, there’s no doubt they would be violating the law,” said Cohn, whose San Francisco-based nonprofit fights for digital freedoms. “They’re doing this abroad because they want that fig leaf of legality.”
The NSA, in an online statement, says its collection operations comply with federal laws and orders.
Reagan’s 1981 Executive Order 12333 for the first time in a public, written record allowed foreign covert action to be conducted from inside the U.S. The measure, amended several times after 9/11, outlines key rules for more than a dozen intelligence agencies. It spells out when spies are allowed to peek into mail, homes and electronics, identifies who has to approve of specific searches, and details how to carry out clandestine collection of foreign intelligence.
“What NSA does is collect the communications of targets of foreign intelligence value, irrespective of the provider that carries them,” the agency said, likening the data channels at private firms to super highways.
Even Google’s chairman Eric Schmidt, outraged by the invasion, says he’s not sure it is illegal, telling CNN the operation is “perhaps a violation of law but certainly a violation of mission.”
The Post reported that the NSA isn’t breaking into accounts as they sit, stored in data centers, but is able to gather the emails and other communications as they move between them.
It’s also quite possible Yahoo and Google weren’t the only ones, said Fowler, noting that Microsoft’s Hotmail, which with Google’s Gmail and Yahoo’s email dominate the email market.
“It wouldn’t be a stretch to think they might try to get that data from the other entities,” said Fowler.
Attorney Steven Bradbury, who headed of the Justice Department’s office of legal counsel until 2009, used to advise the president and executives on constitutional questions of privacy and security. Today he says public concerns about invasions of privacy are off base because the NSA is not allowed to target U.S. data abroad, and when it gets it, there are tight limits.
“Communications that travel over wires overseas are susceptible to interception by all kinds of foreign governments that are active in collecting and doing surveillance,” he said. “The difference is that the NSA and U.S. intelligence agencies are subject to strict rules and oversight. There’s much more protection for U.S. persons than for foreign citizens.”