President Barack Obama delivers his remarks on surveillance in the Great Hall of the Department of Justice. Vesko Cholakov/MEDILL
WASHINGTON – President Barack Obama’s move to curb the mass data collection by the National Security Agency is a step in the right direction but crucial details remain to be addressed, Silicon Valley top companies said and pledged to continue pushing for reforms.
Google Inc., Apple Inc., Microsoft Inc., Facebook Inc. and other members of the Reform Government Surveillance group welcomed public privacy oversight to the Foreign Intelligence Surveillance court, greater transparency into what data companies turn over to the government and new privacy protections to non-U.S. citizens.
Other top tech developers worried that Obama didn’t go far enough to protect privacy and are planning a Feb. 11 demonstration to press for more.
Billing the reforms as “substantial and concrete,” Obama said his goal was to end the bulk collection of domestic phone data “as it currently exists” by moving the storage into private hands. He did not specify how that would be done, instead asking Attorney General Eric Holder to identify ways for others to store the data.
He also did not impose court approval for National Security Letters, which the FBI uses to compel a business to hand over information. A task force he had appointed to review NSA data collection had recommended the advance court approval. The president instead offered a time limit for keeping the letters, unless compelling reasons exist.
Communications of U.S. citizens “incidentally” collected while targeting foreigners will still be accessible without a court order, but the attorney general and the intelligence community will have to devise privacy safeguards, the president said.
Obama made no mention of his review group’s recommendation that NSA stop breaking encryption standards and hacking the security of private networks.
“Crucial details remain to be addressed on these issues, and additional steps are needed on other important issues,” said members of the Reform Government Surveillance group. “We’ll continue to work with the administration and Congress to keep the momentum going and advocate for reforms.”
Some smaller established voices of the Silicon Valley took an even stronger stand.
“Overall, the strategy seems to be to leave current intelligence processes largely intact and improve oversight to a degree,” said Alex Fowler, global privacy and public policy leader at The Mozilla Foundation, which develops the Firefox web browser. “Without a meaningful change of course, the Internet will continue on its path toward a world of balkanization and distrust.”
The Mozilla Foundation, social news website Reddit and online privacy and civil liberties advocacy group the Electronic Frontier Foundation are organizing a daylong protest on Feb. 11 against mass government surveillance.
The protest is modeled on the 2012 actions against the Stop Online Piracy Act – a bill introduced to combat copyright infringement – which set the music and film industry against Silicon Valley. Websites like Wikipedia and Flickr went dark and displayed banners urging Americans to bombard their congressmen with emails and phone calls to oppose the bill.
The February protest will urge Congress to pass specific legislation like the USA Freedom Act, which was introduced last year to both houses of Congress to curtail surveillance and stop metadata collection.
“It is becoming increasingly hard for international users to trust U.S. companies,” said Erik Martin, Reddit general manager.
Without stronger safeguards, U.S. surveillance programs may cost the American cloud computing industry between $22 and $35 billion in the next three years, according to a report by Daniel Castro, senior analyst at the Information Technology and Innovation Foundation.
In 2011, out of $13.5 billion in investments in cloud services, $5.6 billion came from companies outside North America, Castro said. During that time European companies attracted new customers by capitalizing on the fears around the USA Patriot Act, which gave federal authorities a wide latitude in monitoring Internet traffic in the U.S.
The shift to service providers outside the U.S. is expected to be even greater after former government contractor Edward Snowden released documents exposing the PRISM program under which NSA has a court-approved front-door access to Google and Yahoo user accounts.
“The president made it clear that we can’t scrap the surveillance programs,” said Allan Friedman, a visiting scholar at George Washington University and co-author of “Cybersecurity and Cyberwar.”
