Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Management & Strategy

US Appeals Court Rules NSA Bulk Data Sweep Illegal

A US appeals court ruled Thursday that the National Security Agency’s massive collection of phone records of Americans is illegal, saying it exceeds the scope of what Congress authorized.

A US appeals court ruled Thursday that the National Security Agency’s massive collection of phone records of Americans is illegal, saying it exceeds the scope of what Congress authorized.

The laws used as a basis for the bulk data collection “have never been interpreted to authorize anything approaching the breadth of the sweeping surveillance at issue here,” said the Second Circuit Court of Appeals in a 97-page opinion.

The ruling came in a lawsuit filed by the American Civil Liberties Union against the NSA and FBI, following disclosures about the vast surveillance programs in documents leaked by former NSA contractor Edward Snowden.

The “metadata” collected from millions of phone calls includes the numbers called, times and other information but not the content of conversations. Still, civil liberties advocates argue the program is a massive intrusion on privacy with only minimal help in the anti-terrorism effort.

The court stopped short of ruling on the constitutional issues of the bulk collection of phone metadata, but said the government went far beyond what Congress intended in Section 215 of the Patriot Act, a law aimed at allowing authorities to thwart terrorism.

“There is no evidence that Congress intended for those statutes to authorize the bulk collection of every American’s toll billing or educational records and to aggregate them into a database,” the appellate panel said in the opinion.

“The interpretation that the government asks us to adopt defies any limiting principle. If the government is correct, it could use (Section) 215 to collect and store in bulk any other existing metadata available anywhere in the private sector, including metadata associated with financial records, medical records, and electronic communications (including email and social media information) relating to all Americans.”

The court declined to issue an injunction to halt the program, saying it would make little sense since the law is set to expire on June 1.

Lawmakers are currently debating whether to reform the law or extend it.

The court said that “in light of the asserted national security interests at stake, we deem it prudent to pause to allow an opportunity for debate in Congress that may (or may not) profoundly alter the legal landscape.”

Written By

AFP 2023

Click to comment

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.

Management & Strategy

Tens of cybersecurity companies have announced cutting staff over the past year, in some cases significant portions of their global workforce.

Management & Strategy

Microsoft making a multiyear, multibillion dollar investment in the artificial intelligence startup OpenAI, maker of ChatGPT and other tools.

Funding/M&A

Twenty-one cybersecurity-related M&A deals were announced in December 2022.

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...