Vast Data Collection, Privacy Laws and Digital Innovation Test Intelligence Law Experts
While the federal government has significant resources dedicated to protecting the rights of the American people, intelligence law experts say the greatest challenge is whether privacy law can adapt to rapidly changing technology and the vast amount of information now captured by the government and the private sector.
“It used to be your identity was essentially the data that would fit on a driver’s license. Today it’s what topping you had on your pizza when you phoned in or emailed your order and everything in between,” said Stephen Preston, general counsel for the CIA, at a panel discussion on Thursday. “And that has huge consequences for privacy. It has huge consequences for operating in a clandestine fashion, and as with most issues of privacy and operations, that generates issues for us lawyers as well.”
The discussion, part of the American Bar Association’s 22nd Annual Review of the Field of National Security Law, featured counsel from the CIA, Department of Defense, Office of the Director of National Intelligence and from both houses of Congress’ Intelligence Committees.
“We have not decided as an American public what is our level of comfort with the amount of data that we volunteer when we do a transaction on the Internet,” said Eliana Davidson, deputy general counsel for intelligence at the U.S. Department of Defense. “Very few people really think about the tradeoffs every time you let a ‘cookie’ [information-gathering technology] get implanted on your computer so you can do your Amazon Prime shopping faster. But that evolution is going to inform what is the proper amount of legislation that may be required.”
Chris Donesa, chief counsel for the Permanent Select Committee on Intelligence at the U.S. House of Representatives, cautioned that any legislation must be flexible and written broadly enough to account for innovation.
“I think we have been very, very conscious of the notion that you don’t want to legislate in a way that is going to be locked into the current technology,” Donesa said. “You don’t want to be writing specific provisions relating to a specific technology that we are using now because we can easily imagine and we are at a point where we can say the architecture may not look like this in three, five or six years.”
Technology has also put a premium on lawyers in the intelligence field who not only work well with technical experts, but also become experts themselves.
“It’s a little bit of lawyers becoming geeks,” Davidson said. “How do we train them to help the designers of the database systems and the search engines be able to identify the things we need to protect under the law?”
The panelists also discussed the ongoing dialogue among intelligence agencies and with Congress.
“There is a lot that can be done with cooperation and collaboration in both directions among military, law enforcement and the intelligence community,” said Robert Litt, general counsel of the Office of the Director of National Intelligence, who added that communications have already improved among the groups. “And the challenge for us is figuring out how to do that consistent with the respective authorities and appropriate roles of each of them so that we don’t end up in a situation where agencies end up doing something that we don’t really want them to do.”
Donesa said the House has focused on information sharing and how to facilitate that sharing between the government and the private sector while considering liability issues. “Our view at the end of the day is that while we are working on these other issues, let’s work on the things that we agree on,” he added. “So we can at least have those basic authorities in place that we believe are urgently needed to address the threats out there.”
Preston agreed that information sharing is critical. Agencies and communities each had their own set of rules that hindered such sharing in the past, but he said we are well past that now in terms of collaboration, calling it “light-years from where it was 15 years ago.”
Ultimately, the panelists agreed that the increasingly digital environment will test how members of the legal intelligence community will carry out a mandate that is consistent with people’s privacy and constitutional rights.
“The range of legal issues that we have to examine as counsel and that the judges have to examine in their operations are huge,” Davidson said. “We need to think creatively and innovatively about how to apply the law of and customs of war to a potential offensive use of cyberspace. We need to make sure our doctrine comports with those principles.”
The conference was co-sponsored by the ABA’s Standing Committee on Law and National Security, the Center for National Security Law at the University of Virginia School of Law, the Center on Law, Ethics and National Security at the Duke University School of Law and the Center on National Security and the Law at Georgetown University Law Center.