national security and privacy Flashcards
Foreign Intelligence Surveillance Act of 1978 (FISA)
what was it amended by?
USA Patriot Act of 2001
USA Freedom Act of 2015
FISA
statute allowing for executive branch to engage in surveillance for national security purposes while also providing limits on such use of surveillance authority
FISA
electronic surveillance order
government agencies must apply for electronic surveillance order from FISC if
1. significant purpose of surveillance is to gather foreign intelligence
2. probable cause to believe person being monitored is foreign power or agent or foreign power
3. minimization procedures are employed to limit info obtained about US persons (citizens and permanent residents)
FISA- FISC
screens government applications for surveillance orders- FISA orders
11 district court judges (term of 8 years)
appointed by Chief Justice of US Supreme Court
FISA
process for obtaining FISA order
- attorney general reviews application before submitting to FISC
- FISC can either
- issue order if requirements met
- deny order and government can appeal
FISA
surveillance- non-US persons outside US
attorney general and director of national intelligence can certify surveillance of non-US persons outside US for up to 1 with approval for FISC
examples:
- upstream program (collects info from internet physical infrastructure that passed through US)
- PRISM program (downstream) collects info from internet companies
FISA
section 215 USA patriot act
tangiblethingorder
government may obtain court order requiring production of any tangible thing that would advance investigation into foreign intelligence
recipients of order are prohibited from disclosing fact they received order (unless necessary to comply with order ex attorney)
person producing tangible thing is immune from liability
FISA
section 217 USA patriot act amended by wiretap act
interceptcomputer
person acting under color of law may intercept wire or electronic communications of computer trespassers so long as
1. owner/operator of protected computer authorizes interception
2. person is acting in official capacity in investigation
3. official has reasonable grounds to believe contents of communication are relevant to investigation
4. interception doesn’t acquire communications other than those transmitted
FISA
National security letters (NSL)
subpoena that doesn’t need judicial pre-approval
calls for production of information relevant to authorized foreign intelligence investigation
require secrecy only if agency issuing NSL has made finding disclosure may result in danger to national security, interference with investigation, or other listed reasons
FISA
USA freedom act of 2015
disclosure to target of electronic surveillance is not permitted (even after fact)
companies and persons public statistics about number of FISA orders and NSLs they receive to attempt to increase transparency and show FISC application process is not being abused
attorney general provides annual and semi-annual report showing # of FISA orders requests, # granted, denied or modified, and # of subjects targeted by FISA orders
FISA enforcement
criminal offense
private cause of action
Cybersecurity Information Sharing Act (CISA)
permits sharing and receiving of cyber threat indicators and defensive measures for cybersecurity purposes between government and private sector
applies to government (local and state) as well as private entities
CISA
requirements information sharing
all sharing is voluntary (not mandatory)
information shared must be stripped of personal information and all info not directly related to cybersecurity threat
CISA
immunity
private entities not immune for actual defensive measures they partake in that cause harm
private entities are immune from sharing info with government
CISA
waiver of protection of info
sharing information with government information doesn’t lose protected status (trade secret, privilege)
but protection is waived if shared with state and local governments
