NRC Study on (The Lack of) Software-Based Replacements for Bulk Collection

WASHINGTON, DC — No software-based technique can fully replace the bulk collection of signals intelligence, but methods can be developed to more effectively conduct targeted collection and to control the usage of collected data, says a new report from the National Research Council. Automated systems for isolating collected data, restricting queries that can be made against those data, and auditing usage of the data can help to enforce privacy protections and allay some civil liberty concerns, the unclassified report says. The study was a result of an activity called for in Presidential Policy Directive 28, issued by President Obama in January 2014, to evaluate U.S. signals intelligence practices. The directive instructed the Office of the Director of National Intelligence to produce a report within one year "assessing the feasibility of creating software that would allow the intelligence community more easily to conduct targeted information acquisition rather than bulk collection."

It would be a mistake to misinterpret this finding as justification for continuing dragnet surveillance or rejecting reform efforts. Such conclusions both misread the report and ignore the core of the surveillance debate. One, the National Academies did not find that existing mass surveillance programs have been effective intelligence tools. For example, it does not rebut findings by thePrivacy and Civil Liberties Oversight Board, President's Review Group, and others that the domestic nationwide call detail record program has never stopped an act of terrorism or led to the identification of a terrorist suspect. Indeed, the report does not even attempt to provide one concrete example of a case where bulk collection was essential to a national security investigation. What the report says is that information collected in bulk, and retained indefinitely, could theoretically be of use in a terrorist investigation. But, it doesn't suggest that this theoretical possibility has happened, is likely to happen, or justifies mass surveillance. Two, the report did not find that the resource costs, privacy impacts, and economic harms associated with bulk collection are balanced by any concrete benefits in intelligence capabilities. In fact, the report emphasizes that the policy and legal arguments that weigh in favor of ending mass surveillance programs are not at conflict with their conclusions. Finally, the report acknowledges that there are additional steps that the intelligence community can take to increase transparency, improve oversight, and limit the use of information collected through surveillance. Fundamentally, the surveillance question is about whether our country is willing to trade constitutional liberties for dragnet surveillance programs that have yet to prove their effectiveness.