[Infowarrior] - NSA cooperation: OK for e-mail, IM companies?

Tue Oct 23 11:46:46 UTC 2007

NSA cooperation: OK for e-mail, IM companies?

By Declan McCullagh
http://www.news.com/NSA-cooperation-OK-for-e-mail%2C-IM-companies/2100-7348_
3-6214609.html

Story last modified Mon Oct 22 10:56:50 PDT 2007

A new Senate bill would protect not only telephone companies from lawsuits
claiming illegal cooperation with the National Security Agency. It would
retroactively immunize e-mail providers, search engines, Internet service
providers and instant-messaging services too.

The broad language appears in new legislation that a Senate committee
approved by a 13-to-2 vote on Thursday during a meeting closed to the press
and public. It enjoys the support of the panel's Democrats and Republicans.

It goes further in crafting an impenetrable legal shield than similar
proposals in the House of Representatives, such as the so-called Restore Act
(PDF), which immunizes only "communications service providers." Bowing to
pressure from President Bush, House Democrats postponed a vote on the
Restore Act last week.

The broader Senate bill (PDF) would sweep in Web sites, e-mail providers and
more. "My suspicion is the scope of the immunity provision is the most
revealing way to assess the scope of the underlying authority," said Marc
Rotenberg, director of the Electronic Privacy Information Center.

The disparity is striking because telecommunications companies--not major
providers of Web-based services like Google, Yahoo, AOL and Microsoft--have
been frequently named as complicit in illegal NSA surveillance. Yet under
the Senate proposal, those companies would become immune from any lawsuits.

"Private companies who received legal assurances from the highest levels of
government should not be dragged through the courts for their help with
national security," Sen. John Rockefeller (D-W.V.), the Intelligence
Committee chairman and the bill's primary Democratic sponsor, said in a
statement. "The onus is on the administration, not the companies, to ensure
that the request is on strong legal footing, and if it is not, it is the
administration that should be held accountable."

A demand for retroactive immunity
After news reports said AT&T and other major telecommunications carriers
opened their networks to the NSA after September 11, 2001, dozens of civil
lawsuits were filed. A decision on whether the lawsuits will be permitted to
proceed is expected from the 9th Circuit Court of Appeals in San Francisco
at any time.

President Bush has insisted on retroactive legal immunity, and the Justice
Department on Friday gave the Senate bill a preliminary thumbs-up, though it
said further changes will likely be necessary before it's satisfied.

"The bill has many good components, and we appreciate the serious work done
on this bill in the Senate Intelligence Committee," spokesman Dean Boyd
said. "We appreciate that the bill has strong liability provisions."

The Senate bill overrides every other law, including state laws, criminal
laws and privacy laws, when saying that lawsuits against companies must be
"promptly" dismissed, as long as the attorney general certifies that the
cooperation was authorized. The definition covers any company that has
"access" to "electronic communications" that are stored or in transit. It
would almost certainly pull the plug on the 9th Circuit lawsuits, including
the one brought by the Electronic Frontier Foundation last year.

While some information has dribbled out regarding how companies like AT&T
allegedly worked hand in hand with the NSA, less is known about how much
cooperation might take place with e-mail and instant-messaging providers.

Some companies, including Yahoo and Google, refused to comment in a survey
conducted by CNET News.com last year that asked: "Have you turned over
information or opened up your networks to the NSA without being compelled by
law?" Others, like Comcast and BellSouth, did reply in the negative.

During an appearance before a congressional committee last year about
Chinese Internet censorship, Yahoo was pressed by Rep. Brad Sherman, a
California Democrat, about whether it would cooperate with the NSA in the
absence of legal authorization. Yahoo's general counsel, Michael Callahan,
said the company would not provide law enforcement with e-mail without
"proper legal process." But when asked whether Yahoo's requirements would be
lowered if the NSA requested e-mail, Callahan refused to comment.

Still, there's no evidence that any extralegal cooperation has ever taken
place, and some of the same companies have taken very public steps to
protect their customers' privacy in the past. Google fought the Justice
Department's subpoena for excerpts from its database, and an EarthLink
attorney was the first person to publicly disclose the existence of the
FBI's Carnivore surveillance system.

The Senate bill's immunization would extend to companies involved with
surveillance beyond that requested by the NSA. It says Internet companies
cannot be held liable for secretly cooperating with the CIA, the Defense
Department, the Office of the Director of National Intelligence, the Defense
Intelligence Agency, the State Department, the Treasury Department, Homeland
Security and other intelligence-related organizations that may be even more
shadowy.
Now on News.com
Apple earnings soar; Mac, iPhone roar NSA cooperation: OK for e-mail, IM
companies? Photos: Maker Faire fares well Extra: World of workcraft

One type of immunization would extend from September 11, 2001, to January
17, 2007, the day the Justice Department announced that the secret NSA
program would be revamped and brought under the scrutiny of the Foreign
Intelligence Surveillance Court. The other immunization grant would continue
into the future.

The next stop for the Senate bill is the Judiciary Committee. It's unclear
exactly when that panel will take up the bill, but it's not going to be this
week, a Democratic committee aide said Monday. That uncertainty exists
largely because members of that panel have requested--but still have not
received--sufficient information about how the Bush administration's spying
programs worked and what involvement telephone companies had, the aide
added.

In addition, Sen. Christopher Dodd (D-Conn.), a 2008 presidential hopeful,
has vowed to take a procedural step that would prevent the bill from going
to a vote, as long as it cloaks corporations with legal protections.

"I will do everything in my power to stop Congress from shielding this
president's agenda of secrecy, deception and blatant unlawfulness," he said
in a statement last week. Democratic Sen. Patrick Leahy and Republican Sen.
Arlen Specter, the top senators on the Judiciary Committee, both have
expressed skepticism about retroactive immunity.

Under existing law, electronic communications providers already are exempted
from all liability--as long as the attorney general has delivered a
"certification in writing that no warrant or court order is required by
law."

Other sections of the Senate bill permit the attorney general and the
national-intelligence director to sign off on wiretaps without court
approval. They could authorize such snooping for up to a year, provided that
the target is "reasonably believed to be outside the United States" and a
U.S. person isn't being "intentionally" targeted in the process.