Earlier this week, EFF published a scorecard for rating Obama's NSA reforms. Now that the reforms have been announced, it's time to measure them up. They don't fare well, I'm afraid. Here's a roundup of commentary from privacy leaders around the world, expressing disappointment (if not surprise) at Obama's half-hearted reining in of the surveillance state.
3. No data retention mandate.
Obama’s review group recommended that the telephone metadata surveillance program be taken away from the government, suggesting that a third party or even telecom companies themselves be responsible for maintaining a searchable list of our calling records. This approach—mandating companies act as Big Brother’s little helper—won’t alleviate the serious privacy concerns with maintaining a digital record of every call we make. We had hoped that Obama would make clear that he would reject any form of mandatory data retention. Instead, Obama acknowledged some of the concerns with a data retention mandate but called for “options for a new approach that can match the capabilities and fill the gaps that the Section 215 program was designed to address, without the government holding this metadata itself.” He never specifically rejected the idea of forcing companies or a third party to hold this data, and so he does not receive a point in this category.
5. Stop undermining Internet security.
The NSA’s systematic efforts to weaken and sabotage the encryption and security technology make us all less safe. But in contrast to his review group’s recommendations to stop those practices, Obama was silent on the issue. That silence is disappointing, as this is a critical problem that has not just undermined the privacy of millions around the world, but poisoned our collective trust in institutions that depend most on it. Zero points.