(ANTIMEDIA) March has been a quite the month for mass surveillance and the intelligence community.
On March 1st, the House Intelligence Committee met to discuss the renewal of Section 702 of the Foreign Intelligence Surveillance Act, the controversial policy that allowed the NSA to capture the contents of communications of Americans, using the ‘targeted’ surveillance of non-Americans abroad to justify it.
A week later, on March 7th, Wikileaks published its latest data set, 8,761 documents from a series of Central Intelligence Agency leaks that Wikileaks dubbed “Vault 7.”
Mainstream news responded sympathetically to the CIA, even promoting the most recent leaks as evidence that Assange has been playing into the hands of the Trump administration. Still others downplayed the leak. “The most striking thing about the WikiLeaks CIA data dump is how little most people cared,” quipped one Quartz headline.
While Vault 7 was a relatively low-level data breach that simply affirmed what many within the digital security world already knew, cyber activists such as Cindy Cohn, Executive Director of the Electronic Frontier Foundation, were most disturbed by the revelation that the CIA chose to not to inform technology companies of the weaknesses they found in certain software, essentially leaving the American public vulnerable to attacks from outside hackers.
“People need to really turn to the CIA and ask them why—why aren’t they standing with tech companies and with the American people and people around the world to have secure products? That’s where their interest should be,” Cohn said in an interview with Democracy Now.
The leaks compelled former Democratic congressman Dennis Kucinich to write an op-ed for Fox News claiming the U.S. is heading towards a totalitarian state “where private lives do not exist.” In fact, both Kucinich and Senator Rand Paul used President Trump’s claim of being wiretapped by Obama as an opportunity to draw attention to the government’s unwarranted wiretapping of U.S. citizens.
Yet, as Anti-Media has observed, Congress as a whole has been more intent on protecting the government from insider leaks than protecting the public from government surveillance.
Last month, the House passed the Insider Threat and Mitigation Act of 2017, ominously titled H.R. 666, to establish an Insider Threat Program for identifying potential data breaches within the Department of Homeland Security. Strategies outlined in the Act include “workplace monitoring technologies” to identify the so-called “insider threats.”
While the legislation makes use of neutral language, Rep. Peter King (R-NY), the bill’s author, made no attempt to disguise the fact the program is, in fact, a response to leaks from government whistleblowers, namely Edward Snowden and Chelsea Manning, who he grouped with Navy Yard gunman Aaron Alexis, who was vetted by the same government contractor that vetted Snowden.
“Unfortunately, Snowden, Manning, and others were able to conduct their traitorous work undetected because the government had at one time vetted and granted them access to secure facilities and information systems,” King told Congress.
“In response to these cases, it is vital that Congress ensure Federal agencies have the tools to detect and disrupt future insider threat situations before damage is done. H.R. 666, in contrast to its unholy numbering, has the important and respectable goal of authorizing and expanding insider threat detection and mitigation efforts at the Department of Homeland Security.”
The term “insider threat” is not just used as a weak euphemism for “whistleblower,” but a broad label applicable to public figures. A U.S. Army powerpoint allegedly obtained by Judicial Watch shows Hillary Clinton listed alongside Manning and Snowden as an “insider threat” to operational security, indicating that the use of the label is not only contentious but highly political.
The concerted effort by the U.S. government to identify and mitigate “insider threats” is part of a larger globalized effort to crack down on government whistleblowers. Last month, the Law Commission in the U.K., an independent advisory body, published a consultation paper that recommended radically increasing prison sentences for whistleblowers and journalists from two years to 14 years and expanding the definition of espionage to include “obtaining sensitive information” regardless of whether that information is shared or not.
The U.K.’s interest in data security “future-proofing” can also be drawn back to Edward Snowden, with grave implications for whistleblowers and journalists abroad, as Jim Killock, Chief Executive of the digital activism organization Open Rights Group, told The Guardian.
“It’s squarely aimed at the Guardian and Edward Snowden. They want to make it a criminal offence for journalists to handle a large volume of documents in the way that journalists did with Snowden. They have even recommended that foreigners be criminalised for this, meaning Snowden would be prosecutable in the UK.”
Snowden himself took to Twitter to criticize the Law Commission paper.
The focus on mitigating “insider threats” within Western governments is matched by a growing international concern for the threat governmental surveillance activities pose to privacy. A day after the Wikileaks data dump, the U.N. Human Rights Council released a 6-page report focusing on the right to privacy.
The report notably found:
“There is little or no evidence to persuade the SRP of either the efficacy or the proportionality of some of the extremely privacy-intrusive measures that have been introduced by new surveillance laws in France, Germany, the UK and the USA. Like Judge Robart in the recent case on the immigration ban in the USA, the SRP must seek evidence for the proportionality of the measures provided for by laws.”
The SRP also implored the U.S. Congress to amend the Email Privacy Act and make a legislative effort to formally recognize the right to privacy as a fundamental human right.
The tension between privacy and government surveillance is one that runs central to the ongoing debate over the CIA and NSA’s data collection tactics, as well as the potential Homeland Security policy that aims to refocus efforts to target “insider threats.”
There is still a chance for major policy change. Both the Email Privacy Act and the Insider Threat and Mitigation Act of 2017 passed in the House but are still pending approval in Senate. The Foreign Intelligence Surveillance Act is set to expire if it is not renewed come December 31st. Still, if the American public has learned anything from Wikileaks, it is that just because it a policy isn’t explicitly legal doesn’t mean it isn’t already happening.