Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Data Protection

Washington Conundrum: Where to Stockpile Mountains of NSA Data?

WASHINGTON – Figuring out where to house mountains of data collected by the National Security Agency is the thorniest challenge the US faces in curtailing its massive surveillance program, officials said Sunday.

WASHINGTON – Figuring out where to house mountains of data collected by the National Security Agency is the thorniest challenge the US faces in curtailing its massive surveillance program, officials said Sunday.

In a long-awaited speech designed to quell a furor over the programs exposed by fugitive contractor Edward Snowden, President Barack Obama said he was trimming the reach of massive NSA phone surveillance.

He also vowed to halt spy taps on friendly world leaders and proposed new shields for foreigners caught in US data sweeps.

“I believe we need a new approach,” Obama said Friday in announcing changes to how and by whom bulk phone data is kept — including details about the time, duration and specific phone numbers dialed during calls.

NSA Data CenterThe president directed CIA chief James Clapper and US Attorney General Eric Holder to give him proposals by the end of March on which entity ought to maintain the sensitive information.

Major telecommunications firms have made clear, however, that they are reticent to keep the data.

Key US lawmakers, including Senate Intelligence Committee Chairwoman Dianne Feinstein, have expressed concerns that the information would not be readily available to the officials who need it if held by non-governmental entities.

“The whole purpose of this program is to provide instantaneous information, to be able to disrupt any plot that may be taking place,” she told NBC television’s “Meet the Press” program.

Obama, she said, “wants to keep the capability. He wants to look for other than the government holding the material.”

Advertisement. Scroll to continue reading.

Congressman Michael McCaul, who chairs the House Committee on Homeland Security, agreed that it was key to determine where to house the NSA “metadata.”

“I think metadata most significantly won’t be dismantled, but put in the hands of an outside third party,” he told ABC television’s “This Week.”

“I think the attorney general is going to have a very difficult decision to make here.”

Mike Rogers, The Republican chairman of the House Intelligence Committee, also is no fan of the changes announced by Obama, saying they have already sown uncertainty and doubt in America’s espionage community.

“What we got was lots of uncertainty,” Rogers told CNN’s “State of the Union.”

“Just in my conversations over the weekend with intelligence officials, this new level of uncertainty is already having an impact on our ability to protect Americans by finding terrorists who are trying to reach into the United States.”

Rogers pointed to the real dilemma of choosing where to keep the information.

“It can’t be at Target or at any of these places that end up being hacked into,” he said in jest, referring to the department store chain whose recent data breach saw the credit card details of some 110 million customers compromised.

“That’s interjected a level of uncertainty and having a whole bunch of us scratch our head.”

Republican former House Speaker Newt Gingrich criticized the Obama administration for announcing the end of one data collection regime without having answers for how the new one will be implemented, and faulted the president for “putting it on Congress” to work out many of the details.

Rogers, meanwhile, said in a separate interview on CBS’s “Face the Nation” show that the current system is filled with various layers of oversight that will be difficult, if not impossible, to maintain in private hands.

“There is a court review of that, there is an IG (inspector general) review, internal NSA review, DOJ review, Senate Intelligence Committee review and House Intelligence Committee review,” he said.

“If you move all of that to the private sector, you lose all of the review. That goes away.”

Meanwhile, privacy advocates said they doubt that the reforms go far enough.

The head of the American Civil Liberties Union said the only real solution to resolving the nation’s data collection problem was to end the program altogether.

“When the government collects and stores every American’s phone call data, it is engaging in a textbook example of an ‘unreasonable search’” ACLU executive director Anthony Romero said.

Kevin Bankston of the New America Foundation’s Open Technology Institute said that “the right answer here is to stop the bulk collection completely — not to keep the same bulk data under a different roof.”

Related: NSA Opens 604,000 Sq. ft. Cryptologic Center In Georgia

Written By

AFP 2023

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Data Protection

The cryptopocalypse is the point at which quantum computing becomes powerful enough to use Shor’s algorithm to crack PKI encryption.

Artificial Intelligence

The CRYSTALS-Kyber public-key encryption and key encapsulation mechanism recommended by NIST for post-quantum cryptography has been broken using AI combined with side channel attacks.

Compliance

The three primary drivers for cyber regulations are voter privacy, the economy, and national security – with the complication that the first is often...

Artificial Intelligence

Two of humanity’s greatest drivers, greed and curiosity, will push AI development forward. Our only hope is that we can control it.

Data Protection

While quantum-based attacks are still in the future, organizations must think about how to defend data in transit when encryption no longer works.

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...