A group of prominent technology companies wrote a letter to the chairman of the House Judiciary Committee, asking Congress to reform the National Security Agency’s surveillance powers.
The companies told Rep. Bob Goodlatte R-Va., that Congress should codify the recent changes that the NSA made to stop collecting information from Americans that discuss foreign targets. The companies also said that the reforms should require judicial oversight for government queries of the contents of data collected from U.S. citizens, and reauthorization legislation should narrow the definition of “foreign intelligence information” to reduce the likelihood of collecting information about non-U.S. persons who are not suspected of wrongdoing.
“Increasing oversight and transparency of Section 702 collection will improve confidence in both its utility and lawfulness,” the letter stated. “Companies should be allowed to disclose the number of requests they receive by a legal authority and should be permitted to make more granular disclosures concerning the volume of national security demands that they receive.”
The companies said that there should be greater transparency as to how U.S. citizens’ communications could be incidentally collected by the NSA and how often surveillance databases are searched using identifiers that are tied to U.S. persons.
The NSA has been under fire recently for a cache of stolen hacking tools that were used to ignite the WannaCry ransomware attack that took down systems around the world. The group of suspected hackers known as the ShadowBrokers on May 30 announced their monthly subscription service to provide remaining documents from their NSA cache. The group called the subscription service its “Wine of the Month” club for new NSA leaks.
The WannaCry attack exploited a vulnerability in Microsoft’s old systems, which were promptly patched. This incident uncovered distrust between technology companies and the NSA, due to the NSA’s job of exploiting systems in order to gather national intelligence without notifying the companies of the network vulnerabilities it finds.