New counterterrorism guidelines permit data on U.S. citizens to be held longer
By Sari Horwitz and Ellen Nakashima, Published: March 22
The Obama administration has approved guidelines that allow counterterrorism officials to lengthen the period of time they retain information about U.S. residents, even if they have no known connection to terrorism.
The changes allow the National Counterterrorism Center (NCTC), the intelligence community’s clearinghouse for terrorism data, to keep information for up to five years. Previously, the center was required to promptly destroy — generally within 180 days — any information about U.S. citizens or residents unless a connection to terrorism was evident.
The new guidelines, which were approved Thursday by Attorney General Eric H. Holder Jr., have been in the works for more than a year, officials said.
The guidelines have prompted concern from civil liberties advocates.
Those advocates have repeatedly clashed with the administration over a host of national security issues, including its military detention without trial of individuals in Afghanistan and at Guantanamo Bay, its authorization of the killing of U.S.-born cleric Anwar al-Awlaki in a drone strike in Yemen, and its prosecution of an unprecedented number of suspects in the leaking of classified information.
Officials said the guidelines are aimed at making sure relevant terrorism information is readily accessible to analysts, while guarding against privacy intrusions. Among other provisions, agencies that share data with the NCTC may negotiate to have the data held for shorter periods. That information can pertain to noncitizens as well as to “U.S. persons” — American citizens and legal permanent residents.
The director of national intelligence, James R. Clapper Jr., has signed off on the changes.
“A number of different agencies looked at these to try to make sure that everyone was comfortable that we had the correct balance here between the information-sharing that was needed to protect the country and protections for people’s privacy and civil liberties,” said Robert S. Litt, the general counsel in the Office of the Director of National Intelligence, which oversees the NCTC.
Although the guidelines cover a variety of issues, the retention of data was the primary focus of negotiations with federal agencies. Those agencies provide the center with information such as visa and travel records and data from the FBI.
The old guidelines were“very limiting,” Litt said. “On Day One, you may look at something and think that it has nothing to do with terrorism. Then six months later, all of a sudden, it becomes relevant.”
Since the Sept. 11, 2001, terrorist attacks, the government has taken steps to break down barriers in information-sharing between law enforcement and the intelligence community, but policy hurdles remain.
The NCTC, created by the 2004 Intelligence Reform and Terrorism Prevention Act, collects information from numerous agencies and maintains access to about 30 data sets across the government. But privacy safeguards differ from agency to agency, in some cases hindering timely and effective analysis, senior intelligence officials said.
“We have been pushing for this because NCTC’s success depends on having full access to all of the data that the U.S. has lawfully collected,” said Rep. Mike Rogers (R-Mich.), chairman of the House intelligence committee. “I don’t want to leave any possibility of another catastrophic attack that was not prevented because an important piece of information was hidden in some filing cabinet.”
The shootings at Fort Hood, Tex., and the attempted downing of a Detroit-bound airliner on Christmas Day 2009 gave new impetus to efforts to aggregate and analyze terrorism-related data more effectively.
In the case of Fort Hood, Maj. Nidal M. Hasan had had contact with Awlaki but that information had not been shared across the government. The name of Umar Farouk Abdulmutallab, the suspect in the 2009 airliner plot, had been placed in a master list housed at the NCTC but not on a terrorist watch list that would have prevented him from boarding the plane.
Officials said the privacy safeguards in the new guidelines include limits on the NCTC’s ability to redistribute information to other agencies.
“Within the intelligence community, there’s one set of controls for terrorism purposes, a stricter set of controls for non-terrorism purposes, and an even stricter set of controls for dissemination outside the intelligence community,” an official said, speaking on the condition of anonymity. An entire database cannot be shared; only specific information within that data set can be shared, and it must be with the approval of the agency that provided the data, the official said.
Privacy advocates said they were concerned by the new guidelines, despite the safeguards.
The purpose of the safeguards is to ensure that the “robust tools that we give the military and intelligence community to protect Americans from foreign threats aren’t directed back against Americans,” said the American Civil Liberties Union’s national security policy counsel, Michael German. “Watering down those rules raises significant concerns that U.S. persons are being targeted or swept up in these collection programs and can be harmed by continuing investigations for as long as these agencies hold the data.”
Other homeland security experts said the guidelines give officials more flexibility without compromising individual privacy.
“Five years is a reasonable time frame,” said Paul Rosenzweig, a former senior Department of Homeland Security policy official. “I certainly think 180 days was way too short. That’s just not a realistic understanding” of how long it takes analysts to search large data sets for relevant information, he said.
Uncle Sam is spying on youSource
U.S. to keep data on citizens with no terror ties
by Eileen Sullivan - Mar. 22, 2012 08:53 PM
WASHINGTON - The U.S. intelligence community will be able to store information about Americans with no ties to terrorism for up to five years under new Obama administration guidelines.
Until now, the National Counterterrorism Center had to destroy immediately information about Americans that already was stored in other government databases when there were no clear ties to terrorism.
Giving the NCTC expanded record-retention authority had been urged by members of Congress, who said the intelligence community did not connect strands of intelligence held by multiple agencies leading up to a failed bombing attempt on a U.S.-bound airliner on Christmas 2009.
"Following the failed terrorist attack in December 2009, representatives of the counterterrorism community concluded it is vital for NCTC to be provided with a variety of datasets from various agencies that contain terrorism information," Director of National Intelligence James Clapper said in a statement late Thursday. "The ability to search against these datasets for up to five years on a continuing basis as these updated guidelines permit will enable NCTC to accomplish its mission more practically and effectively."
The new rules replace guidelines issued in 2008 and have privacy advocates concerned about the potential for data-mining information on innocent Americans.
"It is a vast expansion of the government's surveillance authority," Marc Rotenberg, executive director of the Electronic Privacy Information Center, said of the five-year retention period.
The government put in strong safeguards at the NCTC for the data that would be collected on U.S. citizens for intelligence purposes, Rotenberg said. These new guidelines undercut the Federal Privacy Act, he said.
"The fact that this data can be retained for five years on U.S. citizens for whom there's no evidence of criminal conduct is very disturbing," Rotenberg said.
"Total Information Awareness appears to be reconstructing itself," he said, referring to the Defense Department's data-mining research program that began after the Sept. 11, 2001, attacks but was stopped in 2003 because of privacy concerns.
The Washington Post first reported the new rules Thursday.
The Obama administration said the new rules come with strong safeguards for privacy and civil liberties, as well.
The NCTC was created after the Sept. 11 attacks to analyze and integrate intelligence regarding terrorism.