President Obama recently announced slight changes to NSA data collection practices. The recent tweaks mean two new privacy protections for those that U.S. law considers foreigners (in this case, people who are outside of the United States borders who are neither U.S. citizens nor legal U.S. residents). 

Perhaps you’re thinking Obama is using his executive authority to stop the mass surveillance of all Internet traffic of people worldwide? Nope, not quite. The new protections are:

  1. If the U.S. government collects information about a foreigner, it will consider the  privacy ramifications before disseminating that information, such as to other governments;1 and
  2. If the U.S. government collects information on innocent foreigners not connected to any crime or investigation and the information has no national security value, it will dispose of that information after five years.2

That’s right, the world's personal information will only be retained for five short years. And that's if the U.S. government decides you're not under suspicion.

David Medine, the chairman of the Privacy and Civil Liberties Oversight Board, has said that "There’s no country on the planet that has gone this far to improve the treatment of non-citizens in government surveillance."

That’s certainly laudable. However, a critic might also note that there’s no country on earth extending such enormous resources into surveilling all the people on the planet, so the United States has more room for "improvement" than most countries. (That's certainly what President Obama implied when he spoke of his country's "unique" capabilities in his speech defending the new rules.)

We wondered if people worldwide would be excited about these new privacy protections, and so we reached out to a few of our global partners to solicit their feedback.

Here’s what they thought of Obama’s protections for the privacy rights on non-US citizens:

"This decision is not only a confirmation of the disregard the United States has for its international human rights obligations, but given the fact that the US is treating our privacy worse than our own governments, it sends a terrible message for human rights defenders fighting against unchecked surveillance in our own country," said Luis Fernando García, a lawyer at Network for Digital Rights in Mexico.

"Deleting is no comfort at all because it can never be confirmed," said Professor K.S. Park of Korea University Law School, "Korea also allows warrantless wiretapping of overseas people for national security purposes. The United States should not set a bad precedent for the whole world to follow."

And Carolina Botero, a Colombian researcher and blogger with Fundacion Karisma, said, "Mass surveillance is unacceptable in democratic societies because of the threat it poses to human rights. Obama's reforms to NSA practices fail to address this situation for his citizens and continue the obnoxious violation of the privacy rights of foreigners. A data retention period of 5 years is a clear example of an illegal measure that can be seen abroad as justification for similar laws in other countries."

If Obama wants to make good on his promise to uphold the privacy of innocent people outside the United States, he’s going to have to do better than this.

And he should start by ending mass surveillance under Executive Order 12333, the primary legal authority for mass surveillance of people outside U.S. borders. Sign our petition and tell Obama to rein in mass spying of people worldwide.

  • 1. The exact language from IC on the Record is: "All agency policies implementing PPD-28 now explicitly require that information about a person may not be disseminated solely because he or she is a non-U.S. person and the Office of the Director of National Intelligence has issued a revised directive to all Intelligence Community elements to reflect this requirement. Intelligence Community personnel are now specifically required to consider the privacy interests of non-U.S. persons when drafting and disseminating intelligence reports."
  • 2. IC on the Record explains: "We have imposed new limitations on the retention of personal information about non-U.S. persons. Before PPD-28, Intelligence Community elements had disparate restrictions on how long information about non-U.S. persons could be retained. PPD-28 changes these retention practices in significant ways to afford strengthen privacy protections. Now Intelligence Community elements must delete non-U.S. person information collected through SIGINT five years after collection unless the information has been determined to be relevant to, among other things, an authorized foreign intelligence requirement, or if the Director of National Intelligence determines, after considering the views of the Office of the Director of National Intelligence Civil Liberties Protection Officer and agency privacy and civil liberties officials, that continued retention is in the interest of national security."

Related Issues