No, the PATRIOT Act Didn’t Really Expire

A few days ago, I was speaking to a client who informed me that “the PATRIOT Act expired last week.” She went on to tell me that as a result, she now felt her electronic communications were safe from warrantless government surveillance.

My client, who I’ll call “Debby,” wasn’t correct in saying that the entire PATRIOT Act expired. It’s true that a small section of the law dealing with the bulk collection of phone records expired November 30. But I can’t blame her for believing this entire ill-conceived law no longer exists.

Over the last few months, apologists for the military-industrial-surveillance complex that dominates US politics have warned that America is at grave risk without the bulk records collection program. No less an authority than CIA director John Brennan testified before Congress that the US has been placed at risk by “political grandstanding and crusading for ideological causes.” Worshipping the Myths ... Edward W. Wood Jr Best Price: $3.99 Buy New $10.40 (as of 05:35 UTC - Details)

You’d think that this comment signified a total dismantling of America’s incredibly sophisticated surveillance infrastructure. But nothing could be further from the truth.

What exactly happened November 30? On that date, the bulk collection by the National Security Agency (NSA) of the call detail records of virtually every phone call made in the US ended. A call detail record doesn’t reveal the content of your phone conversations. But it’s still very revealing, since it shows every phone call made or received, how often you call or receive calls from a particular number, and the duration of each call.

And now, to obtain call detail records, the NSA must show there is “reasonable, articulable suspicion” that a specific “individual, account, or personal device” is associated with international terrorism. And while apologists for the surveillance state are outraged by this restriction, this limitation hardly ends mass surveillance.

In fact, the PATRIOT Act is just a tiny piece of the global surveillance infrastructure the US government has constructed in the years since World War II. And the bulk phone collection program is only a tiny piece of the PATRIOT Act.

For proof, we need to look no further than the comments of former NSA director Michael Hayden in relation to the bulk collection program. In a speech at the annual meeting of Wall Street Journal CFO Network, Hayden mocked the end of this initiative, calling it “that little 215 program” (referring to the section number of the PATRIOT Act that authorizes bulk phone collection). He also indicated that he was astonished that Congress had done so little to rein in the NSA after the revelations of Edward Snowden demonstrating the incredible breadth of surveillance it conducts.

Hayden didn’t mention it, but if the NSA wants to resume its bulk collection program, it won’t have to go to court to do it. Instead, it will simply ask another country’s intelligence agency to conduct the surveillance, and share the Against the State: An ... Rockwell Jr., Llewelly... Best Price: $5.02 Buy New $5.52 (as of 11:35 UTC - Details) results. This type of cooperation has been ongoing for nearly 70 years, courtesy of a top-secret intelligence alliance informally called the “Five Eyes” club. The club’s first members were the UK and the USA. Canada, Australia, and New Zealand joined later. The agreement setting the alliance in place includes a clause that makes clear that each member agrees not to spy on citizens of another member without permission from that other member.

So, now that Congress has repealed the bulk records provision, what do you think will happen? Simple. The NSA will simply “outsource” this data collection to one of its Five Eyes partners. Indeed, this type of outsourcing is common and longstanding.

There are numerous other ways the NSA can grab your phone records, and other personal information. The most important authority comes under Executive Order 12333, signed by President Ronald Reagan in 1981. E.O. 12333 gives free rein to the NSA to spy on anyone, as long as the surveillance takes place outside the US. However, if the NSA “incidentally” collects the contents of a communication within the US, the order allows it to be retained. And “incidental” collection of data is more the rule than the exception. For instance, all major domestic email providers have backup servers outside the US. To retrieve the data, all the NSA needs to do is to tap into these servers – a capability the Snowden leaks demonstrated it has practiced for years.

The bottom line is that if you want to “privatize” your electronic communications, you need to encrypt everything. Encryption scrambles your data using mathematical formulas that make the data unreadable to anyone except for someone possessing the key to “decrypt” it. The programs and processes now used for this purpose are so sophisticated, according to Edward Snowden, that even the NSA can’t routinely decipher encrypted messages.

There are four levels of encryption you should be using:

  • Crippled America: How ... Donald J. Trump Best Price: $1.48 Buy New $8.97 (as of 03:40 UTC - Details) Encrypt email messages. For this task, a good option is some variant of “Pretty Good Privacy” (PGP). One of the best is Enigmail, a plug-in for the popular Thunderbird email program.
  • Encrypt your data stream. Even if you encrypt the content of your messages, the “header” information (analogous to call detail information in your phone records) remains intact. No warrant is necessary to retrieve this data. The best way to protect yourself from this type of privacy intrusion is with a “virtual private network,” or VPN. The one we use at The Nestmann Group is Cryptohippie.
  • Encrypt stored emails. Stored email messages have very little privacy under US law. To protect yourself from this type of surveillance, you’ll want a non-US email provider. A good one is ProtonMail. The company offers end-to-end encrypted email and is based in Switzerland. That means your stored emails are secure from US subpoenas and court orders.
  • Encrypt your smartphone. Smart phone encryption isn’t nearly as advanced as e-mail encryption. But there are some encouraging developments, especially a newish product called Blackphone. This is an Android phone, sold by a Swiss-based company, rebuilt and fortified to put privacy first.

One thing is for certain: Governments don’t cede power willingly. Edward Snowden’s revelations proved beyond a shadow of a doubt that the NSA is much more focused on hoarding data to blackmail current and future political enemies than it is in unearthing terror plots. Perhaps that’s why it’s so bad at finding actual terrorists.

Nothing less than a political earthquake will change this status. And the end of the bulk records program of the PATRIOT Act represents only a very small tremor.

Don’t say you haven’t been warned.

Reprinted with permission from Nestmann.com.