One year ago today, the first in a series of leaks from former National Security Agency contractor Edward Snowden revealed that the government was collecting the domestic phone records of American citizens in bulk. Since then, new information about government data mining and surveillance has been published by various news outlets, including The Washington Post, showing a sophisticated set of digital tools that appear to be aimed at trying to "collect it all."
But the policy debate surrounding the privacy implications of these programs is still in flux a year later. Perhaps the biggest victory for civil liberties advocates has been heightened public awareness around government surveillance and data collection.
"Prior to the Snowden leaks, if you'd said the NSA was collecting everyone's phone records, or that it was sucking up masses of data directly from the Internet backbone both here in the U.S. and abroad, you'd be called a crazy conspiracy theorist," says Kevin Bankston, policy director for the New American Foundation's Open Technology Institute. Bankston, who worked on court cases aimed at exposing government surveillance for years before the Snowden disclosures, adds, "I know, because I was one of the people saying it!"
That attention has been slow to translate into substantive policy reforms, perhaps in part because the public remains divided on whether and how much the government should prioritize security over privacy. Judicial decisions related to the data collection programs have been split. And the highly technical nature of the surveillance programs makes it hard to determine which reforms offer effective privacy protections.
But over the past year, the Snowden leaks forced the Obama administration to engage with privacy advocates and the public over surveillance issues like never before. In the days after the first series of leaks, leading politicians called Snowden a traitor, and President Obama said, "You can't have 100 percent security and also then have 100 percent privacy and zero inconvenience," adding that the government had "struck the right balance." Snowden himself was charged under a seldom-used espionage law dating to World War I before the month was through and fled his initial hideout in Hong Kong to Russia, where he lives under temporary asylum.
But among the rank-and-file in Congress, some lawmakers were outraged by the government's surveillance behavior. Rep. Justin Amash (R, Mich.) led a bipartisan rebellion in the House in July, narrowly losing a vote on an amendment aimed at defunding the phone records collection program despite opposition from leadership in both parties.
As more revelations from Snowden's documents appeared in the press, legislative proposals aimed at addressing privacy concerns emerged over the fall. Senate Intelligence Committee Chair Dianne Feinstein (D-Calif.) introduced her version in September, although critics including the Electronic Frontier Foundation called the measure an attempt to "codify and extend" government surveillance powers.
USA Patriot Act author Rep. Jim Sensenbrenner (R-Wis.) and Senate Judiciary Committee Chair Patrick Leahy (D-Vt.) introduced their reform proposal in October. The USA Freedom Act, as it was called, was generally considered to be one of the more agreeable bills to privacy advocates at the time.
Meanwhile, the president began to soften his rhetoric. In August, Obama announced that he would with Congress on reforms to some programs, and he appointed a board of outside experts to review NSA spying efforts.
That group -- which turned out to be mostly former White House insiders and intelligence community members -- released their report in December. It made 46 recommendations, including urging phone companies or a private third party to maintain phone records data instead of the government. The NSA and other agencies could then gain access only by court order.
The president didn't take the group's advice on every issue -- such as separating the positions of NSA chief and the head of U.S. Cyber Command. But in a January speech Obama announced he would change how the government interacted with domestic phone records. Recognizing that federal maintenance of this information opened up potential privacy concerns, the president said he was "ordering a transition that will end the Section 215 bulk metadata program as it currently exists and establish a mechanism that preserves the capabilities we need without the government holding this bulk metadata."
But even now, it is unclear exactly how the new system would work.
A week after that speech, Obama had to grapple with the recommendations of a separate committee, called the Privacy Civil Liberties Oversight Board. The bipartisan, independent executive branch group found that the phone records program was illegal and should be abolished. The administration moved within weeks to implement some changes, including asking the Foreign Intelligence Surveillance Court to put greater safeguards in place for when it grants intelligence agencies access to phone records.
Other high-ranking administration officials, even some from the intelligence community, also shifted their tone.
In a February hearing on the Hill, Director of National Intelligence James Clapper described Snowden's leaks as "potentially the most massive and most damaging theft of intelligence information in our history." Snowden, he said, had left Americans less safe from terrorists by revealing just how the government tracks their activities and thus helped them figure out how to avoid detection. But Clapper also said that a major takeaway for the administration was that it "must lean in the direction of transparency" whenever possible during this debate.
"With greater transparency about these intelligence programs, the American people may be more likely to accept them," Clapper argued. Over the course of the past year, Clapper's office has posted a veritable treasure trove of declassified documents related to NSA spying programs on a Tumblr set up for that purpose.
"The Obama Administration and Congress have gone from vigorously defending the bulk records program as perfectly legal and absolutely necessary to national security," says the New America Foundation's Bankston, "to conceding that maybe some reform might be necessary, to finally admitting that the government's collection of that much data about its citizens is an unjustifiable threat to privacy and liberty that must end."
It's true that administration officials have evolved on the issue -- from the feeling they struck the right balance to endorsing reforms to some programs that privacy advocates consider the most egregious oversteps.
That move toward greater openness is arguably an incredible shift of policy in a very short period of time, even if so far no substantial legislative action has made it into law. As Bankston says, Americans are "only in the first year of what is likely to be a generational debate about what level of government surveillance power is acceptable in a 21st century democracy."
Still, the trajectory of the debate may not translate into changes that would please privacy advocates.
The USA Freedom Act, the most significant legislation on the horizon, made it out of the House Intelligence and Judiciary committees in a compromise form. Last month, the House Rules committee reported out an altered version of the bill just days before a final vote. The new version was reportedly negotiated with input from the intelligence community and received the White House's endorsement. But many privacy groups, along with a coalition of technology companies, dropped their support of the bill, arguing that it might not actually end bulk domestic data collection.
Although half of the original bill's co-sponsors in the lower chamber voted against it, the new version of the USA Freedom Act passed the House. It now heads to the Senate, where privacy advocates and the intelligence community will no doubt continue to haggle over specific provisions that could someday define the scope of future government spying.
The bill primarily focuses on the bulk collection of phone records."Congress hasn't even begun to address the NSA's massive Internet and telephone wiretapping programs, its undermining of key security standards, and its dangerously broad deployment of malware and spyware across the Internet," Bankston notes.
In the near term, some limits on government surveillance programs may be imposed by Silicon Valley, not Washington.
In his increasingly public profile, Snowden has frequently endorsed encryption as a first line of defense against prying eyes. And many tech companies have followed suit by beefing up their security measures. Some of the biggest names in the industry -- including Apple, Google and Microsoft-- are taking an increasingly defiant stand against giving Internet data to law enforcement officials without telling consumers about such requests. The companies formed a coalition called Reform Government Surveillance.
On Wednesday, Snowden came out in support of "Reset the Net," a day of action focused on using and sharing online privacy tools organized by Fight for the Future on the anniversary of the Snowden leaks.
"One year ago, we learned that the Internet is under surveillance, and our activities are being monitored to create permanent records of our private lives — no matter how innocent or ordinary those lives might be," Snowden said in a statement. "Today, we can begin the work of effectively shutting down the collection of our online communications, even if the US Congress fails to do the same."