News Stay informed about the latest enterprise technology news and product updates.

Emotions raw over FISA bill

Bill BrennerThe fur has been flying this week over whether Congress should extend the life of a controversial surveillance law or let it expire tonight.

The firestorm surrounding the Foreign Intelligence Surveillance Amendments Act (FISA) is just the latest battleground in a debate that has raged throughout the war on terror — whether the threat of another attack on U.S. soil justifies unfettered government surveillance of most of its citizens in hopes of finding the few evil seeds that hide among us.

As my colleague Dennis Fisher wrote this week, the bill would grant retroactive immunity to telecoms that aided in President Bush’s warrantless wiretapping program. The bill’s passage would effectively prevent the public from ever discovering the details of that program, privacy experts told Dennis. In a follow-up posting in this blog, Dennis noted the increased likelihood that Congress will let the current extension expire tonight rather than try to work out a compromise between separate bills passed by the House and Senate that would extend the legislation for several years. Security Blog Log

“Democrats in the House, who are opposed to a provision in the Senate version of the bill that would grant retroactive immunity to telecoms that aided in President Bush’s warrantless wiretapping program, apparently decided simply to not act on the legislation,” he wrote. “Bush and Republican Congressmen ripped the Democrats for their decision, saying that it places the country at greater risk of terrorist attack.”

I must admit I’m torn on the issue. On the one hand, we are in a war where a small band of radicals are hiding in the shadows, bent on unleashing more death and destruction, including the variety where nuclear and biological weapons may be used. There’s a reasonable argument to be made that wiretapping is a necessary evil to catch enemies who play by unconventional rules.

On the other hand, I have no doubt the Bush Administration has used the threat as an excuse to trample on our basic rights, stoking our fear to get public approval. It’s maddening to me when people are duped, by their fear, into giving the government carte blanche to invade any private space it wants in the name of security. That’s what the terrorists want, isn’t it?

Here’s what some bloggers have to say:

Phantom Lady, a conservative FISA bill supporter and keeper of the Frustrated Incorporated blog, ripped at Sen. Hillary Clinton for not showing up to vote on the issue, Sen. Barack Obama for voting against it (though she praised him for at least showing up to vote); and she praised Sen. John McCain for voting for it. In the entry, she uses this nugget from the Rush Limbaugh website:

“Congratulations to Senator McCain. He made sure he was there while fighting off this challenge from Governor Huckabee. He voted to preserve the powers of the intelligence agency in the executive branch to defend and protect this country. Also, hats off to Senator Obama. He showed up. He voted. He voted against it. In so doing, he demonstrated he is not fit to lead this country as commander-in-chief. He has voted against every reasonable authority that has come before him in the form of legislation in terms of intelligence and protecting this country. But at least Obama showed up. At least he voted. At least he told the country he’s incompetent.”

A blogger named Scarecrow took the opposite view in the Firedoglake blog, writing that House Democrats finally said enough and called George Bush’s bluff. “The President had threatened to leave the country in an intelligence blackout if Congress did not accede to his demands for sweeping warrantless surveillance and telecom immunity,” Scarecrow wrote. “But this time, for the first time, Democrats said, “we don’t believe you.” That moment of courage may well define the fall campaign.”

Errington Thompson wrote in the Where’s the Outrage blog that the House has finally stood firm and that it’s confusing as to why the Senate bowed to the White House.

“Mr. Bush’s rhetoric is simply tiresome,” Thompson wrote. “The terrorists this and the terrorist that. Are we so lame that we can’t do anything without trying to figure out what the terrorists will do? Hell, don’t we need to be more worried about our own homegrown crazies?”

I realize this week’s topic runs astray of what I usually set out to do — write about the latest IT security issues and point to blogs where IT pros can go for guidance. But this is a case where telecoms are helping the government in what many consider an invasion of privacy. The reach of the telecoms stretches to practically every enterprise, and that’s where there IT shops face a potential security quandary.

A big part of IT security is about keeping hackers from breaking into company networks and accessing sensitive information. But what do you do when it’s the government breaking in, all in the name of national security?

Please share your thoughts on this one.

About Security Blog Log: Senior News Writer Bill Brenner peruses security blogs each day to see what’s got the information security community buzzing. In this column he lists the weekly highlights. If you’d like to comment on the column or bring new security blogs to his attention, contact him at

Join the conversation


Send me notifications when other members comment.

Please create a username to comment.

Bill, Thanks for showing both sides of this issue. Just wanted to add a side note to your to your closing comment in your article. "But what do you do when it’s the government breaking in, all in the name of national security?" As I stated on my Blog, "telephone companies, telecommunications companies which provided data to the president for its warrantless wiretap searching program." These companies provided data, the government did not hack into their system. Regards PL
You write "The bill’s passage would effectively prevent the public from ever discovering the details of that program, privacy experts told Dennis." Actually, what the bill would do is take away a large and very lucrative tort possibility for the trial lawyers. Noticed how much the billion dollar settlements of the tobacco companies have helped health care in this country? When it become the right of the American people to know State secrets that are used to protect us from attack anyway? Nowadays secrets are told routinely, without any consideration for the damage they do. It's almost as if this country has a death wish.
Nice call there Antimedia. But, what would we do without all those lawyers? Isn't that what the ACLU, and the New York Times is for? LOL The Libs/Dems do have a death wish for this country! That's the scary part. Keep fighting the good fight. Regards, PL
Antimedia: the "trial lawyers" in these cases are generally underpaid lawyers who forego lucrative salaries in the private sector to help protect our civil liberties. Do you even know who the lawyers are who are representing the plaintiffs? Hint: the Electronic Frontier Foundation and the Center for Constitutional Rights have been at the forefront of these lawsuits, and their lawyers -- and other lawyers who work in the public interest -- do not profit from these suits. So you can continue repeating the desperate mudslinging that I've seen elsewhere, but your argument isn't credible. As to "State Secrets:" A federal judge has already ruled out that defense (Judge Walker) in at least some of the consolidated cases. There is no "state secrets" defense possible on the main point when the government has already publicly admitted that the telecoms did participate in the program. Details that might actually represent genuine issues of national security or "state secrets" can be handled by a federal court judge, as they have been handled in many other cases. This is not the first time that federal courts have been asked to handle cases that might involve some aspect of national security. And for the record: I am neither a Democrat nor a Liberal. A lot of conservatives and independents believe in the rule of law and constitutional protections, and I've always been a fan of the Fourth Amendment.
I can't believe how many Americans believe having their Constitutional rights abrogated is a good thing. The fact that a single successful terrorist act occurred on US soil should not be enough cause to turn the nation into a police state. Compare 9/11 to acts of terrorism and government/citizery response in other countries, then look at how panic stricken we are.
It's not true to say that the House Democrats have had enough and finally called Bush's bluff. That ignores the facts. The facts are that Speaker Pelosi refused to bring the bill to a vote, even though there were enough so called Blue-Dog Democrat votes to go with the Republicans to pass the bill. Instead she sent directions for negotiations "to begin" in conference. And this was on Friday. It doesn't matter which way you believe this one should go. What is important is that people understand the details before they opine. Many of these posts show that people don't do their homework before forming and posting an opinion.
I think the issue is more about whether this administration can be trusted with the level of authority they are given. It is a fact that they have lied (over WMD's) and cheated (illegal wiretapping). Hence, I would argue, they have already proven they cannot be trusted with the authority they already have and under no circumstances should be given further carte-blanche powers. It is also disappointing that some who would have themselves elected president do not have the courage to turn up and vote according to their convictions.
The problem is not when the surveillance is used against the enemies of the country. The problem is when it is used against the opponents of the administration. Judicial oversight is intended to permit the former and prevent the latter. Even assuming that this administration would never abuse this power, eliminating oversight almost guarantees that a future administration will.
"It is a fact that they have lied (over WMD’s) ..." Wow, this one still is amusing to me. If you are going to take the opinion that "they" being the Bush administration lied about WMDs, then if you are to be intellectually honest, you have to take the stand that "they" means just about everyone in all political parties including Senator Clinton, former President Bill Clinton (who said they were there when he was president, on Larry King Live), along with UN weapons inspectors Scott Ritter and Hans Blix. Remember, a lie is only a lie if you know it to be false when you make the statement. We knew that WMDs were there but could not properly inspect for them. You need to look at it with what we "knew" at the time, not what we know now. Then there's at least some evidence that much of the WMDs went over to Syria and then there is proof that residue of biological weapons were found. So, what happened to the stuff that was proven to be in existence, regardless of how old it is? It's very easy to have an opinion when you don't have to make a decision that will impact 100s of millions of people.
Regarding the subject of the article. I've not seen any proof that the Bush administration has abused the surveillance provisions in the Patriot Act. But consider a few things: If you think that the Bush administration is the first or only one to spy without warrants on US citizens, then you are being very naive. Like I said above, I have never come across any direct proof but I have no doubt that both federal and state and even local government have people within them that will disregard the law and will listen in on conversations without a warrant or intercept physical mail or Internet traffic. Look how corrupt the Clinton administration was, how corrupt the Nixon administration was, do you actually think that they would not spy on citizens without a warrant if they would commit the crimes they did commit? That's like expecting a murderer and a thief to obey gun control laws. Ridiculous. Consider what the supposed use of the surveillance provisions: If the CIA/NSA or whomever are tracking and doing surveillance on a known or suspected terrorist in another country and are listening in on their phone conversations and then that suspect then calls a number here in the US, to me, it is perfectly OK for them to continue with the surveillance, after all, we want to know who and why they are in contact with individuals here in the US. I don't see why, though, they can't apply for a warrant within the 72 hours which is what I understand the FISA act provides for. Of course, a judge refused to give a search warrant to the FBI when it had a laptop that had some information about hijacking planes and crashing them into the buildings in the mid-90s, so you have to take a chance that one person, a judge, may totally miss the import of information. Already, many people have blamed the Bush administration for 'not connecting the dots' (of course they ignore the almost decade that the previous administration did almost nothing to stop terrorism and they ignore the fact that the UN is useless in stopping anything) so what would you do if you were President? Would you not use everything at your disposal to try to make sure another attack would not happen? Would you be willing to make a mistake in your attempt to protect this country or would you 'play it safe' like the previous administration? Tony Blair said it best when he said (paraphrasing) 'history will judge us (the US/Bush, Blair, and those who went along with them) and they may judge us harshly but we must do our best to make sure that this does not happen again'. I think inactivity would have only invited another attack. I also am convinced that the mettle of the next president,regardless of who he or she is, will be tested with another attack. I believe that these radical Muslim terrorist hate the US, not because of our involvement in the middle east or our support of Israel (ok, well they may hate us for that as well) but because we stand for everything they are against-especially equality for women (like that American woman arrested for having coffee with a man she is not related to, what a bunch of asses) and freedom of religion. As for tracking what you are doing online, if you connect your computer to the Internet, you have no expectation of privacy. That's just the way it is and what judges (at least one that I know of) has ruled. I agree with it. Put up a firewall and encrypt your traffic, but if it is in "plain sight", then plain sight rules will apply. And as for letting the law expire, that was done purely because it is an election year and so many people have believed the hype that the Bush administration is routinely spying on citizens in large numbers or spying on individuals that do not have any connection or suspicion with terrorists. There have been so many things that are either only partially true or are out and out false that the general population believes because it is repeated so often from many outlets (i.e. man-caused global warming, "Bush lied, thousands died", Bush blew up the levee in New Orleans, the moon landing was faked, to name just a few) so why would this subject be any different?
I am all in favor of the EFF lawsuits. If the telcos did what they are accused of, they broke the law blatantly and wilfully. To understand just how cuplable their alleged behavior is, consider: (1) The FISA law, on the books since 1978, was written with the cooperation of AT&T to ensure legal clarity. It requires written certification from the Attorney General that a wiretap request is lawful. That letter all any telco needed to ask for. If they chose not to meet that minimal requirment, they are liable. (2) The FISA law sets up a special secret court to issue surveillance warrants. It has refused only a tiny handful out of thousands of such requests in the last thirty years. (3) The FISA law also allows the government to begin surveillance before going to the FISA court, which will then issue the warrant retroactively. (4) Finally, the Protect America Act grants prospective immunity for actions pursuant to government certification that the requests are legal. Telcos are bound by law to protect the confidentiality of their users. This is not in the least controversial. It has been the law of the land for decades. It is spelled out in the Communications Act of 1934, in 18 U.S.C. titles 2511, 2520 and 2702, and other laws as well. These laws make warrantless eavesdropping a felony and spell out the penalties for it. Those laws are the basis of the lawsuits. I think anyone with the least respect for law will be unable to avoid the conclusion that the lawsuits should proceed.
It's not true that warantless wiretapping will make us safer. 9-11 did not happen because of lack of data. We had the data; we just weren't able to integrate it into a useful warning in time. Our government's solution has been to put yet another layer of bureaucracy on the disorganized intelligence gathering agencies. next administration will figure out how to interpret and coordinate data. The constitution has developed a balance of power to protect us from our government. Let’s stick to the American way; warrants for search and seizure
Mr. Brenner, This issue is not about national security, it is about granting retroactive immunity to the Telco's that chose to ignore the advice of their own in-house legal counsel. These communicatins carriers chose to cooperative with the government in the hopes of currying favour with the FCC and the Cheney administration. I was a very senior executive for one of the Telco's that allowed the government unconstitutional (IMO) access to our network. We did this AGAINST THE ADVICE of our own company's legal department who correctly noted it would expose the company to just the kind of legal exposure the Telco's now potentially face. We rationalized our decision to break the law with the expectation we would curry favour with Congress, the Cheney Administration, and the FCC. As Rhett Butler so eloquently said in "Gone With The Wind," when it came to our paying customer's rights, "Frankly, we didn't give a damn!" Only one major Telco chose to reject the Administration's request for these unconstitutional and warrant-less invasions of privacy. And we all know what happened to their CEO, Joseph Nacchio. Yes, it is common knowledge he was specifically targeted for prosecution to be made an "example of" what would happen to any senior Telco executive if they chose to disregard the wishes of the Cheney administration, or attempted to require the Cheney administration to act in accordance with current legal precedents involving wiretapping and warrant-less invasions of customer privacy. I'm retired now, so I'm out of the game. But IMO what the Cheney administration asked us to do was beyond the pale and was a gross violation of our constitutional rights. But the reality is, from the 100,000' perspective I was flying at, we really didn't give a damn about the "little people" who were the majority of our customers. And most of us believed if we could curry political favour with the Cheney administration and Congress and the FCC, we convinced ourselves the possible gains outweighed the violations of the law we would be committing. Now that I'm retired, my conscience bothers me and i really do support NOT GRANTING retroactive immunity. Let the courts and juries sort this out - This is an issue that should be decided by the Judicial Branch of our government, not the Cheney Executive Branch.
For me this is a very very simple issue. Our government is only legitimate and sustainable to the degree that it has and uses proper checks and balances. The statement equal protection under the law fits this discussion to a T. The government should be accountable all of its citizens. How is destroying our freedoms consistent with protecting them? If you are going to track a citizen of the USA then you must have material evidence as to that person being involved in terrorism. A sneaking suspicion is not enough nor should it be enough. All people are asking the government to do is to get clearance from the representatives that the governed themselves elected! Is that not simple, quick and right?