Yesterday, in a disturbing report published on CNET, new documents obtained by EPIC reveal that Obama administration officials have authorized a new government program involving the interception of communications on Internet service providers, including AT&T—one of the key players in the NSA warrantless wiretapping program.
Under long-standing federal law, the government needs to use legal process to compel service providers to hand over customer communications, yet reportedly, the government is promising these companies they will not to prosecute them for violating US wiretapping laws if they hand over the information voluntarily. And the secret surveillance authorization seems quite broad, touching on huge swaths of private, domestic activity:
The secret legal authorization from the Justice Department originally applied to a cybersecurity pilot project in which the military monitored defense contractors' Internet links. Since then, however, the program has been expanded by President Obama to cover all critical infrastructure sectors including energy, healthcare, and finance starting June 12.
CNET reported also that the National Security Agency (NSA) and Department of Defense were “deeply involved in press for the secret legal authorization” further underscoring widespread worries that the military may be given access to Americans’ personal information through cybersecurity operations. The report comes as Congress is debating CISPA, a dangerous bill that carves a “cybersecurity” loophole in all our privacy laws.
While we are still sifting through the more than thousand pages of documents—obtained by EPIC Privacy through the Freedom of Information Act and posted to their website—the most controversial aspect of this program seems to be that the government has not used legal process to obtain Internet traffic from AT&T and other ISPs involved in the program. Instead, the Justice Department has handed them what the Justice Department calls a “2511 letter”—named after a section of the Wiretap Act—which purports to immunize them from prosecution.
Section 2511 makes it a crime to wiretap—intercept electronic communications—with some exceptions, like a properly issued warrant. It provides no exception for a letter from the Justice Department. CNET reported an industry representative told them "the 2511 letters provided legal immunity to the providers by agreeing not to prosecute for criminal violations of the Wiretap Act. It's not clear how many 2511 letters were issued by the Justice Department."
Beyond what CNET reported, we still need to analyze these new documents to determine how pervasive this surveillance is and its impact on the American public. We are currently reading them over and will have a more detailed analysis soon.