The U.S. Senate Intelligence Committee Thursday voted to back a "spying reform" bill that critics contend codifies and extends the National Security Agency's controversial phone metadata collection practices.
The FISA Improvement Acts of 2013, sponsored by Senator Dianne Feinstein (D-Calif.) is touted as bipartisan legislation that increases privacy protections for individuals. It's also said by backers to shed more light on NSA surveillance practices.
The Senate Intelligence Committee moved the legislation on to the full Senate by an 11-4 vote.
The bill seeks to, among other things, restrict the collection of bulk communication records and prohibit spy agencies from collecting the content of communications. The bill also calls for imposing criminal penalties for unauthorized access to data collected under the Foreign Intelligence Surveillance Act (FISA).
The proposed legislation also requires that the NSA report all violations of the law to Congress, and authorizes the secret FISA court to seek help from outside legal experts when they need help interpreting the law.
Many privacy rights groups are pointing the what's left out of the legislation.
Rather than prohibiting the NSA from collecting metadata records of phone calls made by U.S. citizens, Feinstein's bill actually codifies the practice that was exposed in documents leaked by fugitive Edward Snowden, said Alan Butler, appellate advocacy counsel at the Electronic Privacy Information Center (EPIC).
The government argues that Section 215 of the Patriot Act gives the NSA the authority to collect metadata records in bulk. Groups such as EPIC, the Electronic Frontier Foundation (EFF) and others have argued that the claimed authority is based on a flawed interpretation of section.
"EPIC and others have argued quite persuasively and strongly in the Supreme Court that this program violated the law," Butler said. "What [Feinstein's] bill does is to take the program and enshrine it in law. This is not reform. It is just a codification of the status quo and an imprecise codification at that."
EFF activist Trevor Timm noted in a blog post that the bill's backers really aim "paint a veneer of transparency over still deeply secret programs."
The bill does nothing "to stop NSA from weakening entire encryption systems, it does nothing to stop them from hacking into the communications links of Google and Yahoo's data centers, and it does nothing to reform the PRISM Internet surveillance program," Timm noted.
An alternative bill introduced earlier this week by Senate Judiciary Committee chairman Patrick Leahy (D-Vt) and Congressman Jim Sensenbrenner (R-WI) offers a better alternative to the one proposed by Feinstein, Butler said.
The Uniting and Strengthening America by Fulfilling Rights and Ending Eavesdropping, Dragnet Collection, and Online Monitoring" (USA Freedom) Act is backed by more than 80 Republican and Democratic lawmakers and is expected to get more backing than the bill passed yesterday.
The USA Freedom Act would end what the lawmakers describe as the dragnet collection of U.S. phone records under Section 215 of the FISA law, its backers say. It also seeks to prevent the NSA and other intelligence agencies from using other provisions of the Patriot Act to justify bulk collection of phone records and other data on U.S. residents.
The Leahy and Sensenbrenner proposal "is much more of a reform bill," Butler said. "It is a bill that says quote forcefully that any kind of bulk records collection is not permitted by law."
Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at @jaivijayan, or subscribe to Jaikumar's RSS feed . His email address is firstname.lastname@example.org.
Read more about cyberwarfare in Computerworld's Cyberwarfare Topic Center.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.