Senate Passes USA Freedom Act, Ushering In A Kindler, Gentler Era Of NSA Snooping

As expected following the June 1 expiration of one of the PATRIOT Act’s most controversial privacy-invading provisions, the Senate today passed a substitute bill, the USA FREEDOM Act (or rather, deep breath… the Uniting and Strengthening America by Fulfilling Rights and Ensuring Effective Discipline Over Monitoring Act of 2015) that prohibits the sort of mass data collection the National Security Agency enjoyed under the recently sunset Patriot provisions, but still leaves in place many concerns for privacy advocates.

After voting to get over the filibuster hump on Sunday afternoon, the Senate today considered a trio of amendments today by Majority Leader Mitch McConnell, who had been a staunch advocate for approving a straightforward extension of the provisions rather than passing this new law.

One amendment would have doubled the FREEDOM Act’s transition period, during which telephone companies are to build out systems that will let the NSA make warranted searches of specific individuals, from six months to a year. McConnell said this would “ensure that there is adequate time… to build and test a system that doesn’t yet exist.”

The second McConnell amendment would have required the director of national intelligence certify that these new systems will suffice. Finally, McConnell wanted to require the telecoms to notify the government of any changes to their data-retention policies.

All three of the amendments fell short of approval by the Senate.

In the end, when the unamended bill went up for a vote, it passed with a large majority, 67-32. Sen. Lindsey Graham of South Carolina was the only senator to not vote. On Twitter, the recent entry into the 2016 presidential election says he would have been a “no” vote. All signs point to the FREEDOM Act being signed by President Obama.

Assuming the bill is enacted as is, it will mark the most significant restriction on NSA surveillance in decades.

Even so, we’re celebrating. We’re celebrating because, however small, this bill marks a day that some said could never happen—a day when the NSA saw its surveillance power reduced by Congress. And we’re hoping that this could be a turning point in the fight to rein in the NSA.

But for privacy advocates, there is still much to be done in terms of limiting the government’s ability to pry into the private lives of Americans.

The Electronic Frontier Foundation points to a number of troublesome ways in which our online communications are still vulnerable.

For example, there’s Sec. 702 of the FISA Amendments Act of 2008, which allows the bulk communications of Internet communications if at least one end of that communication is outside the U.S.

The loophole there, according to former NSA contractor Edward Snowden, is that the NSA can use Sec. 702 surveillance to snoop on e-mail communications in the U.S. if that e-mail leaves the country at any point in its journey to the recipient.

“Even if you’re sending to someone within the United States, your wholly domestic communication between you and your wife can go from New York to London and back and get caught up in the database,” he explained recently to John Oliver.

Sec. 702 is scheduled to sunset in 2017 and the EFF and others will undoubtedly campaign to ask Congress to let it expire.

Then there’s Executive Order 123333, which isn’t just a horrible e-mail password, but a 1984 executive order signed by President Reagan, authorizing the intelligence community to expand its data collection operations.

The NSA relies on E.O. 12333 to justify most of its digital surveillance, including its efforts to secretly collect e-mail data from servers at Google and others. The order has been the subject of calls from privacy advocates for more transparency and for reform to limit its application.