Alan W. Dowd is a Senior Fellow with the American Security Council Foundation, where he writes on the full range of topics relating to national defense, foreign policy and international security. Dowd’s commentaries and essays have appeared in Policy Review, Parameters, Military Officer, The American Legion Magazine, The Journal of Diplomacy and International Relations, The Claremont Review of Books, World Politics Review, The Wall Street Journal Europe, The Jerusalem Post, The Financial Times Deutschland, The Washington Times, The Baltimore Sun, The Washington Examiner, The Detroit News, The Sacramento Bee, The Vancouver Sun, The National Post, The Landing Zone, Current, The World & I, The American Enterprise, Fraser Forum, American Outlook, The American and the online editions of Weekly Standard, National Review and American Interest. Beyond his work in opinion journalism, Dowd has served as an adjunct professor and university lecturer; congressional aide; and administrator, researcher and writer at leading think tanks, including the Hudson Institute, Sagamore Institute and Fraser Institute. An award-winning writer, Dowd has been interviewed by Fox News Channel, Cox News Service, The Washington Times, The National Post, the Australian Broadcasting Corporation and numerous radio programs across North America. In addition, his work has been quoted by and/or reprinted in The Guardian, CBS News, BBC News and the Council on Foreign Relations. Dowd holds degrees from Butler University and Indiana University. Follow him at twitter.com/alanwdowd.

ASCF News

Scott Tilley is a Senior Fellow at the American Security Council Foundation, where he writes the “Technical Power” column, focusing on the societal and national security implications of advanced technology in cybersecurity, space, and foreign relations.

He is an emeritus professor at the Florida Institute of Technology. Previously, he was with the University of California, Riverside, Carnegie Mellon University’s Software Engineering Institute, and IBM. His research and teaching were in the areas of computer science, software & systems engineering, educational technology, the design of communication, and business information systems.

He is president and founder of the Center for Technology & Society, president and co-founder of Big Data Florida, past president of INCOSE Space Coast, and a Space Coast Writers’ Guild Fellow.

He has authored over 150 academic papers and has published 28 books (technical and non-technical), most recently Systems Analysis & Design (Cengage, 2020), SPACE (Anthology Alliance, 2019), and Technical Justice (CTS Press, 2019). He wrote the “Technology Today” column for FLORIDA TODAY from 2010 to 2018.

He is a popular public speaker, having delivered numerous keynote presentations and “Tech Talks” for a general audience. Recent examples include the role of big data in the space program, a four-part series on machine learning, and a four-part series on fake news.

He holds a Ph.D. in computer science from the University of Victoria (1995).

Contact him at stilley@cts.today.

FBI Warrantless Searches More Than Doubled in 2021, With 3.4 Million FISA Requests; Agency Claims Unusual Surge in Cyber Attacks on Critical Infrastructure

Thursday, May 19, 2022

Categories: ASCF News Cyber Security

Comments: 0

Source: https://www.cpomagazine.com/data-privacy/fbi-warrantless-searches-more-than-doubled-in-2021-with-3-4-million-fisa-requests-agency-claims-unusual-surge-in-cyber-attacks-on-critical-infrastructure/

CPO Magazine

The Federal Bureau of Investigation (FBI) is authorized to conduct warrantless searches of certain types of digital information under the terms of Section 702 of the Foreign Intelligence Surveillance Act (FISA). Passed in 2008, the amendment is supposed to be used to investigate foreign nationals outside of the United States. However, “incidental collection” provisions allow for the data of Americans to be swept up, mostly in the form of “large batch queries” that cover particular keywords.

The FBI releases annual information on these queries and at the end of April revealed that it had run nearly 3.4 million of these FISA searches in the prior year, nearly triple the 1.3 million in the prior year. The FBI defended the increase by claiming that the searches were necessary to curtail a wave of foreign threat actors conducting operations against domestic firms, and that a “quirk” in the system often causes a search that returns the name of one American to be counted as 100 searches.

Warrantless searches jump in midst of increase in cyber crime
Section 702 must be renewed by Congress every five years, and has been an ongoing source of controversy. The renewals are sometimes tweaked over privacy concerns, something that happened with the most recent version (revised in 2018); it was expanded to restore powers that had been nixed in the prior renewal of the bill.

The information comes from an annual transparency report that the agency issues, in which it is required to disclose some amount of information about its warrantless searches. The agency was more detailed than it has ever been before in the current edition of the report, saying that 1.9 million of these searches in 2021 (more than the full total for 2020) were related to cyber threats based in Russia. These were not the only threats against critical infrastructure, however, with the report suggesting that the vast majority of 2021’s warrantless searches focused on cyber threats to the US perpetrated by an assortment of foreign actors.

The FBI did not specify exactly what the threats that merited warrantless searches were, only indicating that the majority came from Russia. 2021 was the year of notorious attacks on critical infrastructure, headlined by the disruptive breaches of fuel provider Colonial Pipeline and meat packer JBS, in which a line was crossed by criminal groups in terms of temporarily shutting down distribution of real world essentials via ransomware. Though the perpetrators had no direct ties to the Russian government, the hacking groups were based in Russia and the issue publicly highlighted the Putin administration’s unofficial policy of letting cyber criminals have a free hand so long as they avoided domestic targets and did not cause major problems overseas.

One incident that was linked to the Russian government was the SolarWinds attack, which was aimed at collecting intelligence from US government agencies but incidentally compromised thousands of private companies (and could have leveraged ransomware or malware against them should the attackers have desired) in the process.

In addition to the need created by these foreign hacking campaigns, the FBI also defended its warrantless searches by pointing out a “quirk” in the FISA search system. When a resident of the US is identified in one of these searches, every term in a bulk keyword search must be associated with that person’s name even if most of the keywords did not apply to them. The FBI says that this can cause a hit on one particular name for one particular keyword to be counted as many as 100 times in terms of the overall search total, with the name associated with as many as 99 other keyword searches that ended up having nothing to do with it. Additionally, if the same search is conducted more than once, each new search is added to the total even if it turns up identical results.

FISA bulk searches vastly outnumber open investigations, targets under surveillance
Related data released by the Office for the Director of National Intelligence indicates that the FBI’s warrantless searches dwarf the amount of open cases that involve surveillance of foreign nationals that may be on US soil but do not have resident status. The agency identified 376 warrants issued for wiretaps or physical searches of individuals in this category, a decrease in the number (451) served in 2020.

There were 232,432 named targets of FISA warrantless searches authorized by Section 702 in 2021, all of these foreign nationals residing outside of the US that made use of some US-based product (such as Google’s GMail) that federal agencies have the legal authority to search as part of an investigation but without the need for an individual court order.

Critics have argued that FISA bulk collection constitutes a legal loophole that is sometimes knowingly applied for domestic surveillance and warrantless searches that would otherwise not be permitted. Chris Hauk, consumer privacy champion at Pixel Privacy, takes this view and recommends that Americans perform a privacy checkup with this practice in mind: “As we’ve seen in the past, the FBI and other government agencies will use any excuse they can to spy on U.S. citizens and their activities. While the usual terrorist and hacker fears are usually used as an excuse, unconstitutional searches like these are worrying to anyone that is concerned about their personal and business privacy. The government will continue to practice unconstitutional searches such as are mentioned in the report, at least until someone speaks up to put a stop to it. Until then, U.S. citizens will need to stay vigilant about who accesses their information, protecting as much as they possibly can by using encrypted storage to protect their information and by using VPNs and privacy focused browsers and search engines to protect their online activities from the nosy digging of the government and other bad actors.”

Section 702 is also once again up for renewal in 2023, and there is broad expectation that the Biden administration will allow warrantless searches to remain in spite of a greater legislative focus on digital privacy in recent years. Paul Bischoff, privacy advocate with Comparitech, observes: “Given that Obama renewed FISA’s powers with the Freedom Act in 2015, I expect Biden will follow suit and renew the FBI’s surveillance powers under FISA. FISA was originally enacted prior to the proliferation of the internet and was only intended to target foreigners, not US citizens. Bulk surveillance of private correspondence is a violation of the 4th Amendment because it targets Americans who have not been suspected of any crime. The lack of transparency, due to FISA courts being secret, makes it impossible to know which or even how many Americans were targeted. The announcement underscores the necessity of end-to-end encrypted messaging apps in lieu of unencrypted emails and SMS messages.”

Comments RSS feed for comments on this page

There are no comments yet. Be the first to add a comment by using the form below.

Search