The Central Intelligence Agency (CIA) on Wednesday unveiled Revised Rules for Collecting, Analyzing, and Storing Information on American Citizens, updating the Rules for the Information Age and publishing them in full for the first time.
The Guidelines are designed "in a manner that protects the privacy and civil rights of the American people," CIA General Counsel Caroline Krass told a briefing at the Agency's headquarters in Langley, Virginia.
The New Rules were released amid continued Public discomfort over the Government's Surveillance powers, an issue that gained prominence following revelations in 2013 by former Government Contractor Edward Snowden that the National Security Agency (NSA) secretly collected the Communications data of millions of ordinary Americans.
The Guidelines were published two days before President-Elect Trump is sworn into Office and may be changed by the new Administration. Trump has said he favors stronger Government Surveillance powers, including the monitoring of "certain" mosques in the United States.
The CIA is largely barred from collecting information inside the United States or on U.S. Citizens. But a 1980s Presidential Order provided for discrete exceptions governed by procedures approved by the CIA Director and the Attorney General.
Known as the "Attorney General Guidelines," the Original Rules over time became a "patchwork of policies and procedures" that failed to keep pace with the development of technology that can store massive amounts of digital data, said Krass.
In 2014, Legislation gave U.S. Intelligence Agencies two years to develop procedures limiting the storage of information on U.S. Citizens.
The new procedures, under development for years, were signed on Tuesday by CIA Director John Brennan and Attorney General Loretta Lynch.
While the 1982 Guidelines were made public two years ago, sections were blacked out. The updated procedures were posted in full for the first time on the CIA's website on Wednesday.
The Updated Procedures include what the CIA must do when it clandestinely obtains a computer hard drive holding millions of pages of text, hours of videos and thousands of photos containing information on foreigners and U.S. citizens.
Because extensive time and many Analysts are required to assess such large volumes of data, the new rules regulate the handling of material whose intelligence value cannot be promptly evaluated.
They also regulate how such data can be searched and create strict requirements for dealing with Un-Evaluated Electronic Communications, which must be destroyed no later than five years after the are first examined.
The rules were unveiled a week after Civil Liberties groups decried new guidelines approved by the Obama Administration expanding the NSA's ability to share Communications Intercepts with other U.S. Intelligence Agencies, including the CIA.
Important aspects of the revised Attorney General Guidelines include:
- Protections for Unevaluated Information: When the Attorney General Guidelines were first promulgated in the 1980s, a clandestine operation may have resulted in the CIA collecting a limited number of hard copy documents. Today, in addition to traditional intelligence scenarios, a single storage device may contain the equivalent of millions of pages of information, hours of video, thousands of photos, or more. This volume of information requires longer periods of time, and more personnel, to evaluate. The new Attorney General Guidelines include specific approval requirements for handling any data set that cannot be promptly evaluated for its intelligence value, including a requirement to take reasonable steps to limit the collection of information to the smallest subset of data necessary to achieve CIA’s authorized intelligence objectives, and develop appropriate plans for ensuring that the data is properly handled and queried.
- Restrictions on Queries: Relatedly, the revised Attorney General Guidelines specifically address the querying of CIA’s data holdings, requiring both that such queries be conducted only in relation to CIA’s authorized intelligence activities and that, where practicable, queries of particularly sensitive data sets, such as the contents of communications, be accompanied by a statement explaining the purpose for the query when retrieving information concerning a United States person.
- Exceptional Handling Requirements for Electronic Communications and Other Similarly Sensitive Information: The CIA complies with Executive Order 12333’s prohibition against conducting electronic surveillance in the United States, but may in the course of its authorized intelligence activities acquire electronic communications through other means. In recognition of the heightened privacy concerns surrounding electronic communications, the revised Attorney General Guidelines impose exceptional handling requirements on unevaluated electronic communications. The Attorney General Guidelines limit access to such communications, require training in the handling of such communications, and with limited exceptions, require the destruction of communications subject to these more stringent handling requirements no later than five years after it has been made available to CIA intelligence professionals. Certain other sensitive information is subject to these same exceptional handling requirements.
- Limitations on Undisclosed Participation: Executive Order 12333 also authorizes the Intelligence Community, including CIA, to participate in organizations in the United States without disclosing their intelligence affiliation in limited circumstances. While CIA officers generally disclose their affiliation with the Agency when engaging with United States organizations, in certain situations CIA officers may be allowed to withhold such information in order to, for example, maintain their cover. The revised Attorney General Guidelines provide clear rules concerning the CIA’s undisclosed participation in organizations in the United States. For example, under the Attorney General Guidelines, CIA employees may not join or participate in an organization for the purpose of influencing the organization without disclosing their affiliation unless the organization is composed primarily of non-United States persons, is reasonably believed to be acting on behalf of a foreign power, and the CIA employee has received the approval of the Director of the CIA.
- Compliance and Oversight: To ensure compliance, the Attorney General Guidelines impose a number of authorization and documentation requirements on activities that may result in the acquisition of United States person information. The Guidelines also require periodic auditing. These requirements build on the extensive oversight already conducted by Congress, CIA’s Office of Inspector General, and other executive entities, which include the Privacy and Civil Liberties Oversight Board and the President’s Intelligence Oversight Board.
NYC Wins When Everyone Can Vote! Michael H. Drucker
No comments:
Post a Comment