Skip to main content

CTIC’s Vagle on intelligence, surveillance laws in wake of Paris attacks

November 23, 2015

Jeffrey Vagle, Executive Director of the Center for Technology, Innovation & Competition is an expert on surveillance law, cryptograp...
Jeffrey Vagle, Executive Director of the Center for Technology, Innovation & Competition is an expert on surveillance law, cryptography and cybersecurity law, and electronic privacy.
In the wake of the recent attacks in Paris Jeffrey Vagle spoke about the USA Freedom Act, encryption backdoors, and how we should be discussing the balance between security and civil liberties.

In the wake of the recent attacks in Paris and recent comments on intelligence gathering made by CIA Director John Brennan, Penn Law talked to Jeffrey Vagle, Executive Director of the Center for Technology, Innovation & Competition and an expert on surveillance law, cryptography and cybersecurity law, and electronic privacy.

Vagle spoke about the USA Freedom Act, encryption backdoors, and how we should be discussing the balance between security and civil liberties. 

Penn Law: What is your reaction to CIA Director Brennan’s most recent comments about the intelligence community having more leeway to do what they need to do?

Jeffrey Vagle: First off, many of us in the cybersecurity community felt that Brennan’s statement was fairly crass, and in bad taste — irrespective of any legal or technical merit it might have. Given the timing, Brennan’s statement appeared more opportunistic and exploitative than anything else.

That said, he made mention of the fact that essentially the intelligence service’s hands are tied because of what he called “hand-wringing” on the part of U.S. politicians and the public — post-[Edward] Snowden revelations. What he fails to recognize, however, is that what he is referring to as “hand-wringing” was actually a popular reaction to the revelations of illegal spying on the part of intelligence agencies. To discover something as illegal and engage in reforms, as modest as they were, probably would not be characterized by most people as “hand-wringing.”

This past summer, the USA Freedom Act was passed, which was in many ways a direct reaction to the Snowden revelations. The USA Freedom Act was meant to reform some of the overreaching aspects of the Patriot Act. For example, it eliminated the bulk metadata phone collection. But it did not eliminate email collection and a few other things. It did require that the FISA Court — which is a secret court — publicize the most important decisions that it makes.

But the USA Freedom Act was viewed, by most, as a very modest reform of the Patriot Act. If Director Brennan is saying that’s “hand-wringing,” it’s really not clear what else he is asking for. If he’s implying that he would like to go back to some of the programs like Section 215 — those have been ruled by many courts, and now by law, as illegal programs.

PL: How should we be thinking about security policies and practices, in light of the recent attacks in Paris?

JV: I’ve mentioned before that times of tragedy and stress are exactly the wrong times to start reconsidering our constitutional principles. We’ve now had a few days since the attacks in Paris to evaluate some of the things that went right for police and intelligence agencies, and also what went wrong. One important point is that the intelligence agencies there had all the information that they needed. The attackers were on watch lists. Some were wanted for other crimes.

So it’s not that they don’t have enough information, it’s that they had too much of it — when the haystack becomes too big, there’s no magic formula to find that needle. In retrospect, of course, you can find the thread that lead back and say “we had that information.”

This comes back to what Brennan was asking for. If he’s asking for a return to bulk surveillance, is that really going to solve their problem or further exacerbate it?

A few weeks ago, Robert Litt, general counsel in the office of the Director of National Intelligence, sent an email that said basically that they were going to drop their push for new surveillance legislation for now because the Obama administration wasn’t going to help them, but they would wait for the next terrorist event, which would make it easier for them to make their case. Again, a very cynical attitude toward this problem.

Now that we have this event, it’s sure to reinvigorate the call for backdoors in encryption. The problem, which has not changed, is that a backdoor for one is potentially a backdoor for everybody. To force the inclusion of security backdoors makes these products — by say Apple or Google or Facebook — less secure, not just against the legal interception of information, but also illegal interception from criminals, other foreign governments, and industrial espionage.

There’s a great deal that can be made of existing legal methods — all legal, but sometimes requiring a warrant. Many of us feel this is not the time to start throwing babies out with bathwater.

PL: In your view, how do you combine the rule of law with best practices in the intelligence community to prevent these kinds of attacks?

JV: First and foremost, there needs to be a frank conversation on both sides. One of the problems that the public, academics, and politicians have with Director Brennan is that he’s been less than forthcoming and has misrepresented some facts in the past. It’s very difficult to see him as a good faith advocate for the intelligence community.

That aside, we need to decide what the goals are and how they fit within our existing constitutional framework. This is not the time to start reevaluating the Constitution; this is the time to start thinking: “What are we trying to accomplish here?”

France recently passed legislation that restricted certain civil liberties with respect to privacy, which may have given them some additional information — but they probably would have had that information anyway through old-school policing. That’s probably not the answer they’re looking for.

If Brennan is looking for a free hand, that can’t be allowed. That’s just not the way that things work here in the United States. In the 1970s, the Church Committee showed us that there were abuses in the intelligence agencies when things were done completely in the dark.

That’s part of the problem here. We are not seeing evidence of some of the hand-tying that Director Brennan and his predecessors have been complaining about. In fact, much of the evidence we do have points in the other direction. The information is there; it’s just that it’s not being used properly. For Director Brennan and others to say that we need to reevaluate this balance — I think we need to take that with a fairly large grain of salt. We need to see evidence of this hand tying before we start reconsidering legal precedent that has been in place for generations.