UPDATE 2014-03-11: today, a new CTIVD oversight report was published, together with the Dutch cabinet’s response to the Dessens report. The report covers exercises of various telecom-related powers by the AIVD and MIVD. Concerning the undirected (bulk) collection of phone metadata from wireless sources, the CTIVD has now established that it has not been motivated as required by law: nothing is known about necessity, proportionality or subsidiarity of such collection. IMHO the new report — which only exists as a result of Snowden’s revelations — reemphasizes that up until today, oversight on Dutch SIGINT is broken.
UPDATE 2014-02-10: here (.pdf, in Dutch) are the answers from the Minister of the Interior and the Minister of Defense to the Parliamentary Questions concerning the metadata and the incorrect information supplied by the Minister of the Interior in October/November 2013. These will be debated in Parliament tomorrow.
UPDATE 2014-02-09b: post updated with citations from CTIVD report Nr. 28 and information about Article 26 WIV2002. If you see errors in my post, please report them to koot at cyberwar dot nl.
UPDATE 2014-02-09: also see this excellent post by Peter Koop (@electrospaces).

As reported on Dutchnews it was the Netherlands, not the U.S., who gathered info from 1.8 million phone calls. It concerns foreign intelligence, collected in the context of counter-terrorism and military operations abroad (e.g. Afghanistan). The legal powers exercised by (likely) the Dutch military intelligence & security agency MIVD in collecting the metadata involve Article 26 (SIGINT ‘search’) and Article 27 (SIGINT ‘selection’) of the Dutch Intelligence & Security Act of 2002 (WIV2002).

The MIVD published slides (.pdf, in Dutch), dated December 18th 2013, on the topic of interception, metadata and the WIV2002. Slide 5 lists Article 24-27 from the WIV2002 (italic parts are mine):

• Art. 24: directed penetration of automated work (requires permission from head of service or Minister)
  • This is the power the AIVD exercises to hack jihadist internet fora.  
• Art. 25: directed interception from the cablebound and non-cablebound (requires permission from Minister)
  • E.g. directional microphone, telephone tap (landline, GSM), data tap (IP, email).
    • One smartphone can technically involve two taps: one for voice, one for data. 
• Art. 26: exploration of interception from the ether (=’SIGINT search’)
  • source or destination must be foreign (i.e., domestic communication cannot be explored)
  • exploring and determining whether data is relevant to the agency’s statutory duties
• Art. 27-1: undirected interception from the ether
  • interception itself is undirected
  • to see what to target, for instance through metadata analysis or encryption detection
• Art. 27-3 (=’SIGINT selection’)
  • selecting and inspecting content (requires permission from Minister)
  • 27-3-a: selection by identity (name of person or organization)
  • 27-3-b: selection by technical characteristic (some identifying number, e.g. phone number or IP address)
  •  27-3-c: selection by keywords. Minister annually approves list of topics -> AIVD/MIVD determine the exact keywords per topic.

The oversight carried out by the Review Committee on the Intelligence and Security Services (CTIVD) on lawfulness of exercise of the Article 27-3 power by the general intelligence & security service AIVD is structurally broken: this is evident from CTIVD oversight reports 19, 26, 31 and 35 that cover 2008 to 2013. A single-page extract of the relevant paragraphs is available here (.pdf, in Dutch). Key problem: the oversight is based on analysis of motivation expressed in permission requests that the AIVD sends to the Minister of the Interior to get permission for exercising the Article 27-3 powers, and those requests keep lacking proper motivation.
Concerning the MIVD, CTIVD oversight report 28 (.pdf, in Dutch, 2011) describes problems in (among others) the exercise of Article 26 and Article 27 between 2007 and 2010. For oversight on the exercise of the Article 27 selection powers by the MIVD the same problem exists as for the AIVD: requests for permission (sent to the Minister of Defense in case of the MIVD) are insufficiently motivated, withholding the CTIVD from making a statement about legality. The Article 26 searching power is intended to identify the radio/satellite channels to include in bulk data collection. The report states the following concerning the exercise of Article 26 by the MIVD:

“The CTIVD notes that the reason for and purpose of conducting a SIGINT search focused on SIGINT selection can vary. At least the following common practices can be distinguished:

1. The searching of the bulk of communication to determine whether it is possible to generate the desired data using the selection criteria for which permission has been granted;
2. The searching of the bulk of communication to identify targets;
3. The searching of the bulk of communication for data from which, in the context of an expected new area of investigation, future selection criteria can be derived. “

Original Dutch: “De Commissie constateert dat de aanleiding voor en het doel van het uitvoeren van een searchactiviteit gericht op selectie gelegen kunnen zijn in meerdere zaken. Zij onderscheidt in ieder geval de volgende gangbare praktijken:
1. Het searchen van de bulk aan communicatie om te bepalen of met de selectiecriteria waarvoor toestemming is verkregen de gewenste informatie kan worden gegenereerd
2. Het searchen van de bulk aan communicatie om potentiële ‘targets’ te identificeren of te duiden;
3. Het searchen van de bulk aan communicatie naar gegevens waaruit, in het kader van een verwacht nieuw onderzoeksgebied, toekomstige selectiecriteria kunnen worden afgeleid.” 

The CTIVD stated that (1) is permissible and that (2) and (3) are not permissible (hence: unlawful); and that all three variations were observed in daily practice at the MIVD.

None of the above means that the bulk metadata collection by the NSO or the sharing of the data with the NSA is unlawful. It does mean that the Dutch Parliament should pay real close attention to the matter of oversight on the exercise of special powers, notably Article 24-27, in the upcoming debate on the renewal of the WIV2002. That debate will likely result in expansion of the legal power of undirected interception to cablebound communications, enabling the Dutch services to carry out TEMPORA-like programs. To my knowledge, the CTIVD has never investigated the lawfulness of the exercise of the hacking power provided by Article 24 WIV2002 — the article cited by the AIVD as being the power exercised to hack jihadist internet fora. The Dutch Parliament should also specifically pay attention to oversight on Article 24 WIV2002, considering that no public oversight information exists concerning the exercise of this power over the last decade.

The remainder of this post provides details and background on last week’s revelation that it was not the Americans, but the Dutch who collected the 1.8M telephony metadata records.

On February 4th 2014, a short letter (.pdf, in Dutch) was sent to the Dutch parliament by the minister of Defense (responsible for military intelligence & security agency MIVD) and the minister Interior (responsible for general intelligence & security agency AIVD). My translation of the letter:

On August 5th, the German weekly magazine Der Spiegel published a graph that would originate from one of the documents brought out by Snowden. The data available at that time made it likely that the number of 1.8 million would point to metadata of telephone traffic between the United States and The Netherlands. [Note: that graph published by Der Spiegel originates from BOUNDLESS INFORMANT. It shows “Netherlands – last 30 days” and the number “1.831.506”. The minister of the Interior claimed on Dutch television (October 30th 2013) and in Parliament (November 6th 2013) that it was not the Netherlands, but the U.S. who collected this data, and hence that such data had not shared by the AIVD with the NSA. He warned the U.S. that spying on allies is `unacceptable’. (Although in intelligence circles it is a widely known and accepted fact that friends do spy on friends to a certain extent.)]

Original Dutch: “Op 5 augustus jl. heeft het Duitse weekblad Der Spiegel een grafiek gepubliceerd die afkomstig zou zijn uit één van de documenten die door Snowden naar buiten zijn gebracht. De toen beschikbare gegevens maakten het aannemelijk dat het getal van 1,8 miljoen zou wijzen op metadata van telefoonverkeer tussen de Verenigde Staten en Nederland.”

However, additional information and according to further research and analysis of the published data have led to the following conclusion. The graph in question points out circa 1.8 million records of metadata that have been collected by the National Sigint Organization (NSO) in the context of counter-terrorism and military operations abroad. It is therefore expressly data collected in the context of statutory duties. The data are legitimately shared with the United States in the light of international cooperation on the issues mentioned above.

Original Dutch: “Aanvullende informatie en vervolgens nader onderzoek en analyse van de gepubliceerde gegevens hebben echter geleid tot de volgende conclusie. De bedoelde grafiek wijst op circa 1,8 miljoen records metadata die door de Nationale Sigint Organisatie (NSO) zijn verzameld in het kader van terrorismebestrijding en militaire operaties in het buitenland. Het betreft dus uitdrukkelijk data verzameld in het kader van de wettelijke taakuitoefening. De gegevens zijn rechtmatig gedeeld met de Verenigde Staten in het licht van internationale samenwerking op de hierboven genoemde onderwerpen.”

According to this WikiLeaks-disclosed cable of 2007 the NSO “will be comparable to the NSA in the U.S.” Some 120 people are currently reportedly involved in the NSO. The Ministry of Defense and the Ministry of the Interior are responsibly for the NSO. The NSO is governed by the Ministry of Defense and directed by the head of the MIVD and the head of the AIVD. The NSO is absorbed by the Dutch Joint Sigint Cyber Unit (JSCU) that will have some 350 employees. The NSO has two stations for interception: 1) satellite traffic is intercepted in Burum; 2) high-frequency radio traffic is intercepted at a Dutch military base in Eibergen. The NSO itself has no legal ground for sharing the data they collect: the data must have been shared by either the AIVD or the military MIVD. Considering that the letter mentions “military operations abroad”, the MIVD is likely the sharing party.

In Snowden-documents, the Netherlands is listed as a Third Party member of the (14 Eyes group that form the) SIGINT Seniors Europe (SSEUR). Peter Koop notes:

“Being a 3rd Party means that there’s a formal bilateral agreement between NSA and a foreign (signals) intelligence agency. Probably the main thing that distinguishes this from other, less formal ways of cooperating, is that among 3rd party partners, there’s also exchange of raw data, and not just of finished intelligence reports or other kinds of support. Also both parties have a Special Liaison Officer (SLO) assigned at each others agency.

It’s not quite clear what the initial 3rd Party agreements are called, but we know that later on specific points are often laid down in a Memorandum of Understanding (MoU). An example is the Memorandum of Understanding between NSA and the Israeli signals intelligence unit, which was published by The Guardian on September 11, 2013.”

In the full Signal Profile diagram (.pdf) from BOUNDLESS INFORMANT about the Netherlands that was published today by NRC Handelsblad, the Sigint Activity Designator (SIGAD) “US-985Y” allegedly refers to the metadata that the MIVD provides to the NSA. Next to “US-985Y”, we see “1.831.506 Records” mentioned. The metadata concerns PSTN traffic, which can concern both mobile and landline communications. [UPDATE: the Minister stated that it did involve metadata about mobile calls, but about radio traffic and calls made via satellite phones.] Considering that the current Dutch law only permits undirected interception of non-cablebound communications (satellite and HF radio), landline traffic can only be legally intercepted if the end-to-end communication with the landline contains at least one wireless hop (e.g. Inmarsat).

The Dutch Parliament submitted a list of questions (.doc, in Dutch) that must be answered by the minister of the Interior (Ronald Plasterk / @RPlasterk) by February 10th, with the support of the minister of Defense (Jeanine Hennis / @JeanineHennis). On February 11th, the minister of the Interior will have to discuss these matters — and notably, explain the incorrect claims he made last October and November.

EOF

From Constant Hijzen (Twitter: @ConstantHijzen) I learned about the existence of the Geneva Centre for the Democratic Control of Armed Forces (DCAF). It was established in 2000 by the Swiss government and is described as follows on the DCAF website (original emphasis):

The Geneva Centre for the Democratic Control of Armed Forces – DCAF – is an international foundation whose mission is to assist the international community in pursuing good governance and reform of the security sector. The Centre provides in‐country advisory support and practical assistance programmes, develops and promotes norms and standards, conducts tailored policy research, and identifies good practices and recommendations to promote democratic security sector governance.

A lot of publications are available from DCAF — check it out. The publication Overseeing Intelligence Services: A Toolkit (2012, eds.: Hans Born & Aidan Wills) in the DCAF Handbooks series was pointed out to me by Hijzen and is particularly noteworthy:

DCAF’s toolkit on overseeing intelligence services is a compendium of booklets (tools) written by leading experts on intelligence governance from around the world. It provides policy-relevant information on the establishment and consolidation of independent bodies to oversee state organisations involved in the collection, analysis, production and dissemination of intelligence in the national security domain. The toolkit’s principal innovation is its provision of detailed guidance on the oversight of specific areas of intelligence services’ activities (please see below for a full list of the tools). Acknowledging that there is no single “best” approach to organising and conducting oversight, the toolkit’s guidance is based on examples from almost twenty countries.

The toolkit focuses primarily on oversight by parliamentary committees and expert non-parliamentary bodies (e.g. supreme audit institutions and data protection commissions) and, to a lesser extent, on oversight by (quasi)judicial bodies. The toolkit is, however, likely to be of broad interest to the following groups:

• persons involved in the design and establishment of oversight systems;
• civil society organisations and media that monitor and evaluate the work of oversight bodies;
• members of organisations that are subject to oversight by these bodies; and
• members and staffers of oversight bodies.

This publication has been made possible by the generous support of the Ministry of Foreign Affairs of the Netherlands.

The toolkit contains nine tools that can be downloaded in one file (.pdf, 1.8MB, 222 pages) or per tool (for each tool I cite a few sentences from its introductory chapter):

1. Tool 1: Introducing Intelligence Oversight (.pdf, Hans Born and Gabriel Geisler)
   

   “This tool introduces the reader to the subject of intelligence oversight, providing concise answers to the basic questions of who, what, when, how, and why. It also introduces readers to the other tools in this toolkit on intelligence oversight, which collectively provide more elaborate answers to these and other questions.. (…)”

• Tool 2: Establishing Effective Intelligence Oversight Systems (.pdf, Stuart Farson)
  

  “This tool examines one of the major topics of security sector reform: the establishment of effective intelligence oversight and accountability mechanisms (particularly legislative mechanisms) in transition states. An immediate question is: are the mechanisms used by established democracies appropriate models for states still in the process of developing and extending modes of democratic governance? The answer depends on the characteristics of the transition state with relevant considerations including the work that its intelligence services are asked to perform, the scope and scale of the services’ activities, and the specific threat environments in which the states exist. In analyzing these factors, one must also take into account broader issues, especially the degree to which the state has developed a democratic political culture and incorporated recognized democratic practices. (…)”

• Tool 3: Intelligence Transparency, Secrecy, and Oversight in a Democracy (.pdf, Laurie Nathan)
  

  “(…) This tool focuses on secrecy, openness, and provision of information in relation to intelligence oversight bodies. These bodies include parliament, a parliamentary intelligence oversight committee, the judiciary, a supreme audit institution (SAI), an independent inspector general of intelligence (as in Australia, New Zealand, and South Africa), and an expert intelligence oversight body (such as the Review Committee on the Intelligence and Security Services in the Netherlands). The tool outlines the political and conceptual debate around intelligence secrecy and transparency; presents good practice regarding legislation on protection of and access to information; and discusses the intelligence information that is required by parliament and other oversight bodies. It concludes with a set of recommendations. (…)”

• Tool 4: Conducting Oversight (.pdf, Monica den Boer)
  

  “(…) This tool explains how oversight bodies investigate the activities of intelligence services. It considers the widest possible range of oversight, from ad hoc investigations to long-term inquiries. In addition, it considers those situations in which multiple standing bodies have oversight responsibilities and those in which no permanent body exists, requiring the creation of a temporary body. (…)”

• Tool 5: Overseeing Information Collection (.pdf, Lauren Hutton)
  

  “The purpose of this tool is to examine the role that oversight bodies play in monitoring the information-collection functions of intelligence services. The production of intelligence is a multistep process, requiring tasking, planning, information collection, analysis, and dissemination. Yet of all these steps, it is the collection of information, especially through secret means, that remains the defining characteristic of intelligence services, at least in the public mind. Information collection is one of the most controversial aspects of intelligence work, and it presents an unusual set of challenges to oversight bodies charged with upholding democratic ideals. (…)”

• Tool 6: Overseeing the Use of Personal Data (.pdf, Ian Leigh)
  

  “This tool looks at how oversight bodies can ensure that intelligence services use personal data in compliance with the law governing the services. It aims to explain the role that oversight bodies play in examining how intelligence services store, access, and transfer personal data. It does not address the collection of personal data by intelligence services (covered in Hutton—Tool 5) or the sharing of personal data with domestic and foreign partners (covered in Roach—Tool 7). (…)”

• Tool 7: Overseeing Information Sharing (.pdf, Kent Roach)
  

  “This tool examines the challenges posed by increased information sharing to the oversight of intelligence services and other branches of government that collect, analyze, and distribute national security information.1 The term information sharing refers herein to information that is exchanged among intelligence services and partner agencies, whether they be foreign or domestic. Although the focus of this tool is principally on oversight bodies, it also considers the human rights and privacy implications of increased information sharing—which may be of interest to other entities such as the judicial and executive branches of government, the media, and civil society. (…)”

• Tool 8: Financial Oversight of Intelligence Services (.pdf, Aidan Wills)
  

  “(…) This tool presents a comparative overview of how democratic polities oversee the finances of intelligence services, from the formulation of budgets through to the ex post review of expenditures. Its aim is to highlight good practices. (…)”

• Tool 9: Handling Complaints about Intelligence Services (.pdf, Craig Forcese)
  

  “This tool focuses on the role that oversight bodies play in handling complaints about intelligence services from the public, as well as complaints raised by members of the intelligence services. The need for a complaint-handling system is particularly acute for intelligence services because they are ‘often trusted with exceptional powers, such as surveillance or security clearance, which, if used incorrectly or mistakenly, carry the risk of serious injustice to individuals.’ However, the justification for a complaint-handling system goes well beyond remedies for rights breaches. Complaint-handling mechanisms for intelligence services ‘can also bolster accountability by highlighting administrative failings and lessons to be learned, leading to improved performance.’ (…)”

EOF

Voor wie meer wil leren over terrorismebestrijding en de relatie met mensenrechten zijn de deliverables van het Europese project SECILE (@EuSECILE) goed leesvoer. Eerst een beschrijving van het SECILE project (bron):

SECILE (Securing Europe Through Counter-Terrorism: Impact, Legitimacy, and Effectiveness) is a part-EU funded project of assembled European human rights and legal research experts tasked with exploring the true impact of European counter-terrorism policy since 2001.

In the first European project of its kind, the project team will, over the next 18 months, look to assess and understand the extent to which various actors have been impacted by counter-terrorism legislation in Europe – from the citizen, to the legislator, to the security services, and the domestic courts.

SECILE loopt van oktober 2012 tot april 2014, draait gedeeltelijk op FP7-funding en heeft de volgende deelnemers: Statewatch, Durham University, Centre for Irish and European Security (CIES), National Maritime College of Ireland, Peace Research Institute Oslo (PRIO), King’s College London’s en de Supreme Court of the Republic of Latvia.

In deze post wordt uitgelegd welke onderzoeksvragen SECILE adresseert:

Counter-terrorism is full of difficult questions, such as: What is the level of threat? Who does it come from? How can we combat it? What prices are we prepared to pay to be—or to feel—safer? How can we put into action the political commitments to security that governments make? SECILE is fundamentally concerned with understanding how we can ask—and how we can properly answer—three of the other difficult questions about counter-terrorism:

1. What are the impacts of counter-terrorism on a whole range of actors (such as political institutions, individuals, communities, state security services, police, private corporations and NGOs)?
2. How can we assess whether or not counter-terrorist measures introduced by the European Union are legitimate? And what does legitimacy mean in this context?
3. How can we assess whether or not EU counter-terrorist measures are effective? What does ‘effectiveness’ mean in this context?

In Q4/2013 is een reeks rapporten opgeleverd. Hierbij de links naar de rapporten en de SECILE-blogpost bij elk rapport:

• rapport (.pdf; mirror) — Data Retention in Europe: A Case Study (Nov 6)
• rapport (.pdf; mirror) — Transposition of EU Counter-Terrorism Measures (Nov 26)
• rapport (.pdf; mirror) — Catalogue of EU Counter-Terrorism Measures (Dec 3)
• rapport (.pdf; mirror) — How does the EU assess its counter-terrorism law? (Dec 4)
• rapport (.pdf; mirror) — Democratic Perspectives on Impact, Legitimacy and Effectiveness in the Counter-Terrorism Context (Dec 6)
• rapport (.pdf; mirror) — Legal Understandings of Impact, Legitimacy and Effectiveness in the Context of Counter-Terrorism (Dec 6)
• rapport (.pdf; mirror) — Operational Perspectives on Impact, Legitimacy and Effectiveness in Counter-Terrorism (Dec 9)
• rapport (.pdf; mirror) — Societal Perspectives on Impact, Legitimacy and Effectiveness in the Counter-Terrorist Context (Dec 9)

Verder aanbevolen leesvoer over terrorisme:

• Mensenrechten en staatsveiligheid: verenigbare grootheden? Opschorting en beperking van mensenrechtenbescherming (2005, juridisch proefschrift van Jan-Peter Loof, Open Access)
• Terrorisme – Studies over terrorisme en terrorismebestrijding (2012, uitgeverij Kluwer, $$$).
• Handling ethical problems in counterterrorism: An inventory of methods to support ethical decisionmaking (.pdf, 2013, rapport door RAND Europe iov Rijksoverheid)

EOF

UPDATE 2014-01-19: Marcy Wheeler (@emptywheel) wrote a critique: The Tech Back Door in Obama’s New Spying Policy. James Oliphant (@jamesoliphant) of the National Journal wrote a critique: Obama’s NSA Proposals Fall Far Short of Real Change.

UPDATE 2014-01-17: The Register ‘translated’ it to plain English: Those NSA ‘reforms’ in full: El Reg translates US Prez Obama’s pledges – Filleting fact from fiction.

On January 17th 2014, the U.S. Presidential Policy Directive (PPD-28) on Signals Intelligence Activities (.pdf) was published and Obama gave a speech. Guardian has a piece on this, and ACLU commented on the speech. Here is an excerpt from PPD-28 (emphasis is mine):

The United States, like other nations, has gathered intelligence throughout its history to ensure that national security and foreign policy decisionmakers have access to timely, accurate, and insightful information.The collection of signals intelligence is necessary for the United States to advance its national security and foreign policy interests and to protect its citizens and the citizens of its allies and partners from harm. At the same time, signals intelligence activities and the possibility that such activities may be improperly disclosed to the public pose multiple risks. These include risks to: our relationships with other nations, including the cooperation we receive from other nations on law enforcement, counterterrorism, and other issues; our commercial, economic, and financial interests, including a potential loss of international trust in U.S. firms and the decreased willingness of other nations to participate in international data sharing, privacy, and regulatory regimes; the credibility of our commitment to an open, interoperable, and secure global Internet; and the protection of intelligence sources and methods.

In addition, our signals intelligence activities must take into account that all persons should be treated with dignity and respect, regardless of their nationality or wherever they might reside, and that all persons have legitimate privacy interests in the handling of their personal information.

In determining why, whether, when, and how the United States conducts signals intelligence activities, we must weigh all of these considerations in a context in which information and communications technologies are constantly changing. The evolution of technology has created a world where communications important to our national security and the communications all of us make as part of our daily lives are transmitted through the same channels. This presents new and diverse opportunities for, and challenges with respect to, the collection of intelligence – and especially signals intelligence. The United States Intelligence Community (IC) has achieved remarkable success in developing enhanced capabilities to perform its signals intelligence mission in this rapidly changing world, and these enhanced capabilities are a major reason we have been able to adapt to a dynamic and challenging security environment. [Footnote 1: For the purposes of this directive, the terms “Intelligence Community” and “elements of the Intelligence Community” shall have the same meaning as they do in Executive Order 12333 of December 4, 1981, as amended (Executive Order 12333).] The United States must preserve and continue to develop a robust and technologically advanced signals intelligence capability to protect our security and that of our partners and allies.  Our signals intelligence capabilities must also be agile enough to enable us to focus on fleeting opportunities or emerging crises and to address not only the issues of today, but also the issues of tomorrow, which we may not be able to foresee.

Advanced technologies can increase risks, as well as opportunities, however, and we must consider these risks when deploying our signals intelligence capabilities. The IC conducts signals intelligence activities with care and precision to ensure that its collection, retention, use, and dissemination of signals intelligence account for these risks. In light of the evolving technological and geopolitical environment, we must continue to ensure that our signals intelligence policies and practices appropriately take into account our alliances and other partnerships; the leadership role that the United States plays in upholding democratic principles and universal human rights; the increased globalization of trade, investment, and information flows; our commitment to an open, interoperable and secure global Internet; and the legitimate privacy and civil liberties concerns of U.S. citizens and citizens of other nations.

Presidents have long directed the acquisition of foreign intelligence and counterintelligence [Footnote 2: For the purposes of this directive, the terms “foreign intelligence” and “counterintelligence” shall have the same meaning as they have in Executive Order 12333. Thus, “foreign intelligence” means “information relating to the capabilities, intentions, or activities of foreign governments or elements thereof, foreign organizations, foreign persons, or international terrorists,” and “counterintelligence” means “information gathered and activities conducted to identify, deceive, exploit, disrupt, or protect against espionage, other intelligence activities, sabotage, or assassinations conducted for or on behalf of foreign powers, organizations, or persons, or their agents, or international terrorist organizations or activities.” Executive Order 12333 further notes that “[i]ntelligence includes foreign intelligence and counterintelligence.”] pursuant to their constitutional authority to conduct U.S. foreign relations and to fulfill their constitutional responsibilities as Commander in Chief and Chief Executive. They have also provided direction on the conduct of intelligence activities in furtherance of these authorities and responsibilities, as well as in execution of laws enacted by the Congress. Consistent with this historical practice, this directive articulates principles to guide why, whether, when, and how the United States conducts signals intelligence activities for authorized foreign intelligence and counterintelligence purposes. [Footnote 3: Unless otherwise specified, this directive shall apply to signals intelligence activities conducted in order to collect communications or information about communications, except that it shall not apply to signals intelligence activities undertaken to test or develop signals intelligence capabilities.]

Section 1. Principles Governing the Collection of Signals Intelligence.

Signals intelligence collection shall be authorized and conducted consistent with the following principles:

• (a) The collection of signals intelligence shall be authorized by statute or Executive Order, proclamation, or other Presidential directive, and undertaken in accordance with the Constitution and applicable statutes, Executive Orders, proclamations, and Presidential directives.
• (b) Privacy and civil liberties shall be integral considerations in the planning of U.S. signals intelligence activities. The United States shall not collect signals intelligence for the purpose of suppressing or burdening criticism or dissent, or for disadvantaging persons based on their ethnicity, race, gender, sexual orientation, or religion. Signals intelligence shall be collected exclusively where there is a foreign intelligence or counterintelligence purpose to support national and departmental missions and not for any other purposes.
• (c) The collection of foreign private commercial information or trade secrets is authorized only to protect the national security of the United States or its partners and allies. It is not an authorized foreign intelligence or counterintelligence purpose to collect such information to afford a competitive advantage to U.S. companies and U.S. business sectors commercially.
• (d) Signals intelligence activities shall be as tailored as feasible. In determining whether to collect signals intelligence, the United States shall consider the availability of other information, including from diplomatic and public sources. Such appropriate and feasible alternatives to signals intelligence should be prioritized.

Section 2. Limitations on the Use of Signals Intelligence Collected in Bulk

[…]

In particular, when the United States collects nonpublicly available signals intelligence in bulk, it shall use that data only for the purposes of detecting and countering:

• (1) espionage and other threats and activities directed by foreign powers or their intelligence services against the United States and its interests;
• (2) threats to the United States and its interests from terrorism;
• (3) threats to the United States and its interests from the development, possession, proliferation, or use of weapons of mass destruction;
• (4) cybersecurity threats;
• (5) threats to U.S. or allied Armed Forces or other U.S or allied personnel; and
• (6) transnational criminal threats, including illicit finance and sanctions evasion related to the other purposes named in this section.

In no event may signals intelligence collected in bulk be used for the purpose of suppressing or burdening criticism or dissent; disadvantaging persons based on their ethnicity, race, gender, sexual orientation, or religion; affording a competitive advantage to U.S. companies and U.S. business sectors commercially; or achieving any purpose other than those identified in this section.

[…]

The DNI shall maintain a list of the permissible uses of signals intelligence collected in bulk.  This list shall be updated as necessary and made publicly available to the maximum extent feasible, consistent with the national security.

[…]

EOF