This actually may be a first in terms of a government report arriving ahead of schedule. In the wake of the Edward Snowden leaks about the NSA and data security, the US national security apparatus and political leaders have been scrambling to figure out how to find a balance between national security issues and the right to privacy. In a speech to the nation on January 17, President Barack Obama responded to the furor caused by the leaks with the announcement of some reforms and request that the security agencies and the US Justice Department report back by March 28, 2014 with recommendations on how to handle the tricky issue of storing and retrieving cellphone data. Today is February 26 and according to the Wall St. Journal the President now has four options before him a month and two days ahead of the timeline.
Whether the sensitivity of the issue led to the quick work or not, the work now begins on choosing a path to go forward. Three of the options would relocate the data and its management to third parties other than the NSA. The fourth would be to abolish the NSA data collection program entirely. Currently the NSA collects and stores data in the US from the major carriers. This has proven to be one of the most contentious issues raised by the Snowden leaks.
The four options include:
- Leave the data stored with the major carriers subject to specific requests by the NSA.
- Store the data with another government agency such as the FBI or the FISA court.
- Store the data with a non-government, non-carrier third party agency or concern.
- Abolish the phone-data collection and data storage program entirely.
Unsurprisingly, various constituencies have issues with each option so there is obviously still work to be done. The cellular carriers also claim they have not been consulted on the options yet.
There are technological challenges in addition to the political, privacy, and security concerns with the options as well. Using the phone companies or a different government agency would offer the least technological challenges according to the report. Storing the data with a non-government or non-carrier agency raises concerns from privacy advocates of essentially creating a new arm of the NSA without any additional privacy benefit. US carriers would most likely require some system of liability protection and other conditions before agreeing to participate as envisioned. Already the carriers have been granted immunity for their involvement.
The report may have reached the President’s desk earlier than expected but there is still much work to be done before arriving at any solution (if there is to be one).