UPDATE: The New York Times reported that in a speech on January 17, 2014, US President Obama said that “he was taking the ‘unprecedented step’ of extending privacy safeguards to non-Americans, including requiring that data collected abroad be deleted after a certain period and limiting its use to specific security requirements, like counterterrorism and cybersecurity.’The bottom line,’ he said, ‘is that people around the world — regardless of their nationality — should know that the United States is not spying on ordinary people who don’t threaten our national security.’ The NYT added that “Mr. Obama said that new safeguards would limit the duration that the government can hold personal information about foreigners and restrict its use. While he acknowledged the United State’s responsibility to ask ‘tough questions’ about its technological capabilities, he made clear that foreigners overseas do not enjoy the same protections as U.S. citizens. ‘This is not unique to America,’ he said. ‘Few, if any, spy agencies around the world constrain their activities beyond their own borders.’”
These new safeguards are included in Presidential Policy Directive 28 Policies and Procedures (pdf)
See also NSA PUBLIC ANNOUNCEMENT 03 February 2015: Administration Releases Report on Presidential Policy Directive-28/Signals Intelligence Activities; NSA Releases Specific Procedures to Implement
Daniel Severson, American Surveillance of Non-U.S. Persons: Why New Privacy Protections Offer Only Cosmetic Change, 56 Harv. Int’l L. J. 465 (2015) (pdf)
On December 12, 2013 the US President’s Review Group on Intelligence and Communications Technologies submitted its report and recommendations concerning the National Security Agency’s surveillance practices. The report suggests reforms that would limit US surveillance of foreigners in respect of their right to privacy.
Recommendation 13 suggests, inter alia, that such surveillance, (1) be authorized by duly enacted laws or properly authorized executive orders; (2) be directed exclusively at the national security of the United States or its allies; (3) not disseminate information about foreigners if the information is not relevant to protecting the national security of the US or its allies; (4) not target foreigners located outside the US based solely on their political views or religious convictions; and (5) be subject to careful oversight and to the highest degree of transparency consistent with protecting the national security of the US and its allies.
Recommendation 14 provides that “in the absence of a specific and compelling showing, the US Government should follow the model of the Department of Homeland Security, and apply the Privacy Act of 1974 in the same way to both US persons and non-US persons.”
The reasons invoked for these recommendations are striking. Continue reading