Spies Gone Wild?
William Bendix and Paul Quirk on how government surveillance got out of control.
Intelligence leaks by American whistleblower Edward Snowden have revealed highly intrusive surveillance programs conducted by the National Security Agency (NSA). Governed by a simple but alarming motto, “Collect It All,” the agency captures billions of communication records, electronic messages, and phone conversations every day around the world. But the United States is not alone in conducting indiscriminate snooping. Recent leaks have also revealed that Canadian authorities perform aggressive surveillance at home and abroad, often in collaboration with the NSA. In fact, readers in Canada should assume that the government will know they have looked at this essay.
Defenders of broad electronic surveillance argue that eavesdropping programs uncover critical intelligence that helps safeguard North America against terrorist threats. Critics insist that traditional human intelligence has largely been responsible for disrupting extremist groups, and that blanket electronic surveillance has needlessly diminished the privacy of Americans and Canadians. As we see it, neither side has provided strong evidence to support its claims because, despite Snowden’s voluminous leaks, we still know relatively little about the value and effectiveness of broad surveillance programs. However, the leaks have shown that many policymakers in both countries lack a basic understanding of how their intelligence agencies operate and what kinds of information they routinely collect. Such policymakers obviously do not know the value or effectiveness of these surveillance programs either, nor have they carefully weighed the costs in citizens’ privacy.
In the United States, institutional failures have allowed the NSA to go largely unmonitored by lawmakers. The executive branch—under George W. Bush and, to a lesser degree, Barack Obama—has expanded surveillance without seeking the presumably necessary legal authorization from Congress first. In key instances, especially during the Bush years, the executive has withheld vital information from Congress, ensuring that no effective oversight of the NSA could be conducted. At the same time, many members of Congress have passed up opportunities to learn about electronic surveillance, and now have insufficient understanding of the technical issues to conduct meaningful reviews of intelligence gathering.
Canadians have somewhat less to fear from government spying than Americans, even though Canada uses similar methods of eavesdropping as the United States. According to publicly available information, the NSA does not aim its surveillance tools at Canada. But NSA restraint occurs largely because the Canadian government monitors its own citizens with broad, NSA-like surveillance and shares any pertinent information with U.S. authorities.
The main difference is that, despite some important shortcomings in attention, the Canadian government has developed significantly more effective institutional arrangements than the U.S. for control over its intelligence agencies. Notably, it has mandated independent commissioners to conduct ongoing reviews of surveillance programs and to investigate possible violations of Canadian laws by authorities. More than the United States, Canada has at least struck a deliberate balance between enhancing security and maintaining civil liberties. Nevertheless, some of its security laws are quite lax, giving investigators access to Canadian communication records without a requirement of court approval. Parliament has neglected to review national-security laws and has failed to consider whether adequate investigative limits are in place. This failure has perhaps allowed agencies to violate the privacy of Canadians without violating statutes.
Apart from spying on their own citizens, both the United States and Canada have ignored legitimate privacy interests of foreign targets, and they now face serious loss of international reputation and goodwill because of the sweeping electronic surveillance they have conducted against rivals and allies alike.
In our view, the crucial issues in the surveillance controversy have been institutional ones, in both the United States and Canada. We recommend that both countries implement major institutional reforms to strengthen oversight of their intelligence services and to improve policy deliberations on national-security strategies.
Controversies over U.S. Spying
The Snowden leaks have exposed the massive, almost inconceivable scope of NSA surveillance both within and beyond American borders. Equally important, the leaks have shown that the executive branch launched the eavesdropping programs unilaterally, without legislative sanction, and that reviews of the programs have been conducted only sporadically.
The first Snowden leak concerned the NSA’s bulk collection of phone numbers dialed and received by U.S. callers, technically known as “telephony metadata.” President Bush authorized the program less than a month after the 9/11 attacks, without briefing Congress or seeking judicial approval. The collection of records was deemed necessary because telecom carriers discard billing information after a few months, limiting the ability of authorities to examine the call histories of new suspects.
Companies initially complied with NSA requests for metadata, but grew increasingly worried that, should details of the program leak, they would be vulnerable to lawsuits. After the press exposed another NSA program in late 2005, phone companies threatened to withhold customer records unless they received court orders first. In response, the Bush administration took an easy route of doubtful constitutional legitimacy. It simply reinterpreted a provision in the Patriot Act to justify the blanket collection of U.S. phone logs. Under the original Act, federal agents could obtain a business-records order from the Foreign Intelligence Surveillance Court to seize a person’s private items—such as books, medical files, or financial statements—without having to show probable cause for suspecting illegal activity. The Bush administration adopted new rules permitting the NSA to use a single order to collect all customer records from a telephone carrier. Thus, a handful of orders would capture the logs for most of the population. The FISA Court accepted this reinterpretation of the Patriot Act, and the phone companies continued to provide metadata to the NSA without interruption. When President Obama took office in 2009, he continued the blanket collection of phone records.
Under the statutory provisions, the NSA is still legally prohibited from reviewing the bulk data unless it obtains separate approval from the FISA Court to access the records of a particular, named target. However, from 2006 to 2009, the agency frequently violated court rules and examined phone records without judicial approval. These violations have apparently ended, and the Obama administration insists that current surveillance focuses on only a few hundred U.S. suspects per year. However, the FISA Court allows the NSA to examine records of people who have two or three degrees of separation from a suspect. That means Americans can be investigated if they have had incidental contact with someone who communicated with a surveillance target. By one estimate, the investigation of 100 suspects could allow authorities to scrutinize the phone records of approximately one million callers (provided they follow every link in the communication chain, regardless of apparent value). Reports also indicate that, along with phone data, the NSA uses Facebook profiles, email contacts, and banking information to map out enormous social networks that identify ties between Americans and foreigners.
The second leak, concerningPRISM, came a day after the metadata program was revealed. Under PRISM, the NSA can scoop up emails, video chats, and all other electronic content from foreign sources that pass through U.S. servers. In comparison to the metadata program, PRISM captures information on fewer people but obtains a greater variety of electronic communications and includes the content of messages. Since the NSA does not need court approval to collect overseas conversations, PRISM receives only limited judicial oversight. Indeed, executive-branch officials authorize the seizure of foreign emails and chats, and only periodically report the details of these seizures to the FISA Court. Although PRISM likely poses fewer risks to American privacy than the metadata program, the NSA often captures domestic communications as it collects foreign messages. Authorities can target anyone “reasonably believed to be located outside the United States”—a low legal threshold that makes inadvertent collection of domestic records all but certain. And because rules allow agents to search these records without court approval, the NSA may be routinely examining the private chats and emails of Americans without warrants. Moreover, under a program similar to PRISM, known as MUSCULAR, the NSA has tapped the fiber-optic cables of Google and Yahoo servers around the world, copying emails and other communications without court oversight. Again, inadvertent capture of American communications is inevitable.
Beyond these programs, the NSA also runs Boundless Informant, XKeyscore, and Upstream, among others, to help compile its massive trove of international communications data. In fact, recent reports have confirmed that the NSA conducts sweeping electronic surveillance on at least twenty-nine countries—including rivals (such as China and Russia) as well as allies (such as France and Germany). But some reports suggest that it spies on nearly every country in the world.
The agency also runs a powerful decryption program, codenamed Bullrun, that allows it to unscramble coded internet data. Encryption is commonly used by businesses to ensure that electronic transactions, like online banking transfers, remain private. Businesses and governments also use encryption to secure sensitive communications and files. According to publicly available information, the NSA, with the assistance of technology companies, has introduced weaknesses into online security products in order to swiftly decode data. These weaknesses are the digital equivalent of “backdoors,” and experts worry that groups besides the NSA, such as hackers, may find these openings and gain access to extremely sensitive information.
The operations revealed by the leaks may only represent, as one Congress member has claimed, “the tip of the iceberg” of U.S. spying. But taken together, the leaks clearly establish that the NSA captures billions of communications on a daily basis around the globe.
Presidential Overreach and Congressional Failure
In addition to aggressive surveillance, news reports have exposed Congress’s failure to conduct thorough deliberations on security policy over the last decade. Most members of Congress, including those who authored the Patriot Act, were clueless about NSA activities until recent leaks. At least three factors have contributed to Congress’s inability to monitor and assess intelligence gathering by U.S. agencies. First, the executive branch, especially under President Bush, has opted to conduct domestic spying by secret means rather than ask Congress to authorize new security programs. Second, complex surveillance technology has often baffled the lawmakers tasked with overseeing the NSA. And third, many Congress members have shown little interest in conducting thorough oversight of intelligence agencies, passing up the opportunity to attend classified briefings.
In the weeks after the September 11 attacks, the Bush administration worked with Congress to draft the Patriot Act. Congress rejected the administration’s most aggressive, probably unconstitutional proposals—such as detaining noncitizens indefinitely without charges. But it accepted the Bush request to ease the evidentiary requirements for conducting electronic surveillance and seizing private documents. Fearing additional attacks, Congress members decided that federal agents needed broad powers to investigate terrorism suspects at home. Yet, while the Bush administration was busy negotiating the Patriot Act, it was also secretly launching the metadata program. It is unclear why the Bush administration did not ask Congress to include metadata collection in the Patriot Act. Congress at the time supported most of the administration’s surveillance proposals and likely would have added metadata gathering to the bill. Worse yet, it appears that Bush officials did not brief lawmakers about the full scope of metadata collection until May 2006. And regular briefings did not start until 2007.
That Bush initially hid this surveillance program from Congress violated the executive’s reporting requirements under national-security laws. But even the timing of the overdue disclosure was problematic and allowed Congress to make unnecessary adjustments to the Patriot Act, based on false concerns over spying on libraries. Starting in 2005, Congress spent a year debating whether to add stronger privacy safeguards to the Act. In March 2006, lawmakers decided finally to make it harder for federal authorities to obtain business-records orders by adding special protections for libraries and bookstores. They worried that agents could use these orders to investigate innocent citizens on the basis of their reading habits. Apparently, Congress at this point was still unaware that the Bush administration had rewritten the Patriot Act in secret and was using business-record orders not for targeted investigations but rather for the blanket collection of U.S. phone records. In other words, the changes that Congress made to the Patriot Act in 2006 were based on guesswork, not on reported abuse, and only dealt with imaginary threats to privacy, while leaving actual threats unchallenged. Congress should have investigated the use of business-records orders more thoroughly than it did. But it was suspiciously convenient that Bush only disclosed the enhanced scope of the orders two months after Congress had finished amending the rules of their use.
Unfortunately, disclosure of the metadata program did not trigger significant congressional investigations. Bush informed the Intelligence and Judiciary committees—not the entire Congress—about the NSA’s surveillance. Classified briefings on domestic spying are typically limited to these panels, and so the administration followed standard protocols. However, members on these committees apparently lacked sufficient technical expertise to conduct meaningful oversight of NSA spying. Recently, members on the Intelligence panels admitted publicly that they do not understand how surveillance technologies work.
In sharp contrast with the Bush administration, President Obama urged Congress to engage in broad deliberations on NSA practices. But lawmakers either ignored the issue or struggled with the legal and technical complexities of the surveillance programs. In 2010 and 2011, the administration requested that the Intelligence committees brief all members of Congress on metadata collection. Each congressional party received two briefings on the scope and legal basis of the dragnet, and members had opportunities to learn about the surveillance programs in greater depth by attending more than a dozen additional classified meetings. Yet it appears that these sessions were poorly attended. Most members—including ones on the well-briefed Judiciary panels—were stunned by the recent NSA revelations. Following the leaks, the Intelligence committees scheduled several additional briefings to provide members information on NSA surveillance. Again, most legislators failed to attend, preferring instead to travelback to their home states and districts. Those members who did go to the meetings found them confusing and unhelpful, in part because they did not have enough understanding of intelligence-gathering techniques to ask NSA officials probing questions. So, after neglecting surveillance policy for many years, members of Congress now lacked the necessary knowledge to assess the merits of the metadata program.
Clearly, a mix of executive-branch secrecy and congressional indifference has produced uneven, and at times nonexistent, oversight of the NSA. Congress’s failure to monitor and debate expanding surveillance programs has allowed authorities to bend the rules and, in some cases, commit serious privacy violations. From a Canadian perspective, the leaks of the last four months raise an obvious question. If the NSA can easily sidestep legal restrictions and conduct sweeping surveillance at home, what does it do around the world where it faces no constitutional barriers to spying?
Canada’s Surveillance Role
In light of the intelligence leaks, the Canadian press has investigated the extent to which the NSA targets Canadian communications. For the most part, reportsindicate that U.S. authorities do not concentrate on calls and emails inside Canada. But Canadians should not assume they are going unmonitored simply because the NSA pays little direct attention to them. Canada’s version of the NSA, the Communications Security Establishment (CSE), conducts its own domestic metadata program, collecting phone and Internet records since 2005. Publicly available information on the CSE is limited. However, because the agency faces regular audits by an independent commissioner, it appears that Canadians face less risk of warrantless wiretaps than Americans do.
The problematic issue for Canada is the nature and scope of its foreign-intelligence operations. The CSE maintains very close relations with several national-intelligence services—including, above all, the NSA. The agency also conducts foreign spying on its own, apart from its U.S. commitments, for purposes well beyond any national-security purpose. Extreme secrecy has made it difficult for Canadians to identify—let alone evaluate—the full costs and benefits of CSE activities. As a consequence, the agency may be conducting operations that harm Canadian interests and undermine the country’s foreign-policy traditions.
The CSE may be less prone to violating privacy than the NSA because Canada appears to have a better-structured oversight system than the United States. Congress splits oversight duties between multiple committees and two legislative chambers. Partisan rivalries often get in the way of investigations. Restraining the executive branch is therefore difficult for Congress, especially on national-security matters. Parliament, by contrast, has empowered an independent commissioner to conduct regular oversight of the CSE and to issue annual, publicly available reports. The commissioner must be a standing or retired judge to ensure that oversight is performed by an independent observer, not an intelligence or military insider. With unhampered access to the CSE, the commissioner and accompanying staff observe agency analysts on the job, conduct regular interviews of these analysts, and check for any discrepancies between the CSE’s files and its databases. Moreover, the commissioner is not alone in conducting investigations on the CSE. The Canadian Human Rights Commission, the Privacy Commissioner, the Information Commissioner, the Commissioner of Official Languages, and the Auditor General of Canada also monitor the agency. So far, independent audits have uncovered only minor procedural violations, and no major abuses, by the CSE.
However, the agency may not be guilty of legal violations in part because current statutes provide inadequate privacy protections. The CSE does not require court approval—only authorization from the minister of defence—to examine Canadian phone and internet metadata. A lack of judicial review increases the likelihood of government agents conducting fishing expeditions. Several commissioners have noted similar problems in Canadian surveillance laws, but so far the Conservative government has declined to address these concerns.
The biggest risk to Canadian privacy may come from abroad. Canada engages in expansive surveillance overseas as part of the Five Eyes intelligence network, whose other members are the United States, Great Britain, Australia, and New Zealand. Each country monitors different parts of the globe and shares its intelligence with the other partners (Canada focuses primarily on Latin America). One worry is that the Five Eyes may invite each other to spy on the citizens of their respective countries in order to circumvent domestic privacy laws. Since 2001, the commissioner of the CSE has investigated whether the agency sidesteps the courts by getting one of the Five Eyes to do its dirty work in Canada. Based on available reports, the agency does not appear to be guilty of this practice. However, some of the other Five Eyes may be engaged in regular intelligence swaps to evade their countries’ warrant requirements.
Another concern is that aggressive intelligence gathering by the CSE may harm Canadian foreign interests. Security experts widely agree that the Five Eyes partnership has produced important defence benefits for all countries involved. But the CSE does not work exclusively on national-security operations. Recent revelations indicate that the agency has spiedon the Brazilian government and its natural-resources sector to collect economic intelligence. Not only does this leak threaten to damage the growing trade relationship between Canada and Brazil, but it also threatens to tarnish Canada’s reputation as an honest global actor. Additional evidence suggests that Canada has helped the NSA spy on European allies, including attendees at G20 summits, again for reasons that may have little to do with national security.
For Canada, the likelihood of additional leaks concerning industrial espionage is high. The CSE has been gathering economic intelligence on Canadian business rivals, including American competitors, since the early 1980s. Initially, government officials refrained from giving sensitive intelligence to Canadian firms, preferring instead to supply companies with broad strategic advice to help win foreign contracts. Most likely intelligence gathered by the CSE shaped some of this advice. But in recent years, under the direction of the Conservative government, CSE officials have met directly with dozens of Canadian energy companies to provide them with crucial business secrets. These meetings indicate that industrial espionage represents a bigger part of the agency’s mission than previously suspected.
Because the commissioner’s mandate only considers whether the CSE has broken Canadian laws, his office does not evaluate the agency’s foreign operations conducted beyond the scope of domestic statutes. The task of identifying breaches in Canadian privacy rights is obviously important, but this narrow focus overlooks all other potentially controversial actions taken by the agency. Since no other independent authority examines or assesses these activities, it appears that oversight of Canada’s spy agencies suffers its own major gaps.
Improving Intelligence Oversight
Neither the U.S. nor Canada has established adequate oversight of its intelligence services. Over the last ten years, Congress has developed a dismal record on national-security policy, handing off important surveillance decisions to the executive branch and, at key points, deliberately ignoring the activities of the NSA. This decade-long failure demonstrates that Congress lacks the institutional capacity not only to conduct effective oversight of U.S. spy agencies but also to develop sensible policy that balances security needs and privacy interests. Canada, by comparison, has a better record on intelligence oversight than the U.S., but it too has overlooked important surveillance programs. Independent audits have provided some assurance that the CSE does not commit frequent or gratuitous privacy violations in Canada. Yet Parliament has not debated the range of activities that the CSE may and may not conduct overseas. Major decisions on Canadian foreign-policy have been made beyond public scrutiny and without public consent. We suggest, therefore, that both Congress and Parliament undertake significant institutional reforms that increase their capacity to deliberate security matters.
To improve congressional performance, we suggest that Congress establish a new select committee whose sole mission is to oversee surveillance programs. It should include members of the Judiciary committees, as well as the Intelligence and Homeland Security panels. And it should have jurisdiction for monitoring agency activities, reviewing the decisions of the FISA Court, holding legislative hearings, and recommending bills. At present, the Judiciary and Intelligence committees are equally responsible for monitoring and developing surveillance policy. But, as we have seen, jurisdictional overlap has allowed them to collectively shirk responsibilities. The problem is that these panels have broad policy duties that focus their attention away from the issues of domestic- and foreign-intelligence gathering. For example, the Intelligence panels work on budgets for sixteen agencies involved in espionage and covert activities, and dedicate much time to appraising the costs of tactical programs conducted overseas.
A panel focused exclusively on electronic eavesdropping would enable Congress to examine concerns over domestic operations and evaluate controversial foreign missions, including surveillance targeting allies and allied leaders. Over time such a panel would gain sufficient knowledge, generate necessary consensus, and develop enough credibility to restrain the executive on surveillance policy.
We also suggest that Congress establish an independent office of privacy that reports directly to multiple committees and provides briefings to all interested members of Congress regardless of committee assignment. This office should have the legislative authority to monitor all domestic surveillance programs, evaluate their threats to privacy, investigate possible cases of rights violations, and complete regular audits on the spy agencies. In short, it should operate much like Canada’s Office of the CSE Commissioner. It is necessary to have such an office work alongside a new surveillance committee to ensure that neither one develops cozy relations with the very agencies they are supposed to monitor.
To bring accountability to Canadian surveillance operations, we suggest that Parliament establish a permanent committee dedicated to monitoring both domestic- and foreign-intelligence gathering. This committee should include members from all parties, and have broad access to the internal records of Canada’s intelligence agencies, including the CSE. It should review the audits by independent commissioners, conduct its own studies on intelligence agencies, hold regular hearings, question agency directors, and monitor the Five Eyes partnership. Part of these reviews should also include a broad, ongoing assessment of Canadian surveillance laws, with the aim to identify any statutory gaps that allow warrantless or otherwise questionable spying on Canadians.
Additionally, this new parliamentary intelligence committee should publicly debate and produce recommendations concerning the scope of Canada’s global surveillance activities. The prime minister, with the aid of advisors, largely determines Canadian foreign policy. But the decision to engage in industrial espionage or to support controversial NSA operations should involve more than a single political leader and his close allies. Ultimately, the Canadian public needs opportunity to consider the pros and cons of conducting intrusive surveillance around the world. Without a parliamentary committee dedicated to this issue, major foreign-policy initiatives will continue to be developed exclusively behind closed doors.
For both the United States and Canada, these proposals call for ambitious reforms. But the growing sophistication of surveillance technology, the complexity of intelligence relationships among countries, and the continuing threat of terrorism require governments to develop new institutional capacity for effective policy deliberation. U.S. and Canadian lawmakers need to monitor intelligence agencies closely to ensure that not only civil liberties are protected but also that antiterrorism programs are working. The reforms are needed to bring policymakers up to speed with the new challenges.
1. The program initially included both phone and email data, but the executive branch halted email collection in 2011 due to “operational” difficulties.
2. Statement of Rep. Mike Rogers (R-MI), This Week with George Stephanopoulos, ABC (June 9, 2013).
3. The Terrorist Surveillance Program, which allowed the NSA to conduct warrantless wiretaps on U.S. calls involving a foreign party, was leaked in December 2005.
4. Investigations show that the NSA, along with breaking the rules, has also frequently committed gross surveillance errors. In 2008, it accidentally captured a large number of calls from Washington, DC, instead of Egypt, because a programming glitch confused the U.S. area code 202 for the Egyptian country code 20.
5. The NSA also collects hundreds of millions of email address books and instant messenger “buddy lists” to map relationships between people around the world.
6. Section 702(a) of the FISA Amendments Act of 2008.
7. For example, under a separate bulk collection program, the NSA estimated that it captured between 46,000 and 56,000 domestic emails in a year.
8. For a rundown of the NSA’s global surveillance activities, see Scott Shane’s “No Morsel Too Miniscule for All-Encompassing N.S.A.,” in the The New York Times.
9. The NSA very likely conducts surveillance on far more than 29 countries. But it is unclear how many more are part of the agency’s “get everything” efforts. We know, for example, that the agency has targeted the communications of at least 35 foreign leaders.
10. Evidence suggests that Canada helped the NSA introduce the backdoor to 163 countries.
11. It has had this capacity since at least 2010.
12. At some point after authorizing several secret NSA programs, including the bulk collection of metadata, the Bush administration briefed only the chairs and ranking minority members of the Intelligence committees. These briefings were limited to a few slides and apparently revealed almost no operational details. Then, when several leaks exposed these programs in 2005 and 2006, the full Intelligence committees received briefings.
13. The National Security Act (1947) and the Intelligence Reform and Terrorism Prevention Act (2004) require the president to keep Congress informed of all classified operations—even ones involving highly sensitive covert actions. For a discussion of reporting requirements, see Alfred Cumming’s “Sensitive Covert Action Notifications: Oversight Options for Congress,” and “Reporting on Intelligence Activities to Congress,” by the Director of National Intelligence, Intelligence Community Policy Memorandum Number 2005-100-3 (10 January 2006).
14. Indeed, there was no evidence that agents had ever targeted libraries or bookstores, or had any interest in monitoring reading lists.
15. Jim Sensenbrenner (R-WI), a longstanding member and one-time chair of the House Judiciary Committee, admitted that he has intentionally skipped all classified briefings. However, there is controversy over whether, in 2011, freshmen members of the House—including, in particular, new Tea Party members—were briefed. Rep. Justin Amash (R-MI) claims that the House Intelligence Committee withheld documents from freshmen prior to a key vote on the Patriot Act to avoid difficult questions on surveillance. The House Intelligence Committee denies the accusation.
16. There is the added problem that NSA officials often withhold information during briefings unless lawmakers press them for specific, technical details. Because many lawmakers lack a background in surveillance operations, they struggle to ask the right questions or to articulate concerns with adequate detail.
17. Patrick J. Donaldson, “Infiltrating American Intelligence: Difficulties Inherent in the Congressional Oversight and the Joint Committee Model,” American Intelligence Journal 28:1 (2010), pp. 13-28.
18. A classified report is submitted annually to the minister of defence. Any violations detected by the commissioner are also reported to Canada’s Attorney General. See Kostas Rimsa, “Eavesdroppers,” in Inside Canadian Intelligence: Exposing the New Realities of Espionage and International Terrorism, 2nd ed., ed. Dwight Hamilton (Toronto: Dundurn Press, 2010), ch. 10.
19. In his last three annual reports, the CSE Commissioner has noted that the law leaves the duties of the CSE inadequately defined. See e.g., Communications Security Establishment Commissioner, Annual Report 2012-2013. Ottawa: Minister of Public Works and Government Services (June 2013).
20. See Greg Fyffe, “The Canadian Intelligence Community after 9/11,” Journal of Military and Strategic Studies 13:3 (Spring 2011); Adam Svendsen, “The Globalization of Intelligence since 9/11: Frameworks and Operational Parameters,” Cambridge Review of International Affairs 21:1 (March 2008).
21. Others have made similar suggestions. See Alan Charles Raul’s “After NSA Revelations, a Privacy Czar Is Needed,” and Britt Snider and Charles Battiglia’s “The National Security Agency Needs an Independent Inspector General.” Importantly, Senator Ron Wyden (D-OR) has introduced the Intelligence Oversight and Surveillance Reform Act which, among other things, proposes enhanced powers for an existing privacy oversight board. And Rep. Jim Sensenbrenner (R-WI) has drafted the USA Freedom Act, which proposes that a privacy advocate appear before the FISA Court for every surveillance application.
22. Congressional committees have a long history of being overly supportive and protective of the intelligence agencies they oversee. See Frank J. Smist, Congress Oversees the United States Intelligence Community, 1947-1994, second edition (Knoxville, TN: University of Tennessee, 1994). Moreover, the Intelligence committees have a tendency to withhold information from the rest of Congress.
23. A former head of the CSE has suggested a similar proposal.
24. Nelson Michaud, “The Prime Minister, PMO, and PCO: Makers of Canadian Foreign Policy,” in Handbook of Canadian Foreign Policy, eds. Patrick James, Nelson Michaud, and Marc O’Reilly (Lanham, MD: Lexington Books, 2006), pp. 21-48.