Office of the DNI Releases List of Permissible Uses of Data Collected in Bulk

If you’ll recall last month, in conjunction with his January 17th speech on U.S. signals intelligence reform, President Obama issued Presidential Policy Directive/PPD-28 – Signals Intelligence Activities.  Generally speaking, PPD-28 set forth guiding principles for the U.S. signals intelligence collection.  If you’re interested in reading more in depth about the directive, Ben Wittes provided a helpful overview of PPD-28 over at Lawfare last month.

Among other things, PPD-28 directed the Director of National Intelligence to “maintain a list of permissible uses of signals intelligence collected in bulk” and further to make the list “publicly available to the maximum extent feasible, consistent with the national security.”  Today, at IC on the Record (the Office of the DNI’s official Tumblr page), DNI Clapper publicly released the List of Permissible Uses of Signals Intelligence Collected in Bulk (entire statement is reprinted after the jump).  So for what purposes can the government use bulk collected data?  Here is the complete list:

  • Espionage and other threats and activities directed by foreign powers or their intelligence services against the United States and its interests;
  • Threats to the United States and its interests from terrorism;
  • Threats to the United States and its interests from the development, possession, proliferation, or use of weapons of mass destruction;
  • Cybersecurity threats;
  • Threats to U.S. or allied Armed Forces or other U.S. or allied personnel; and
  • Transnational criminal threats, including illicit finance and sanctions evasion related to the other purposes named above.

The list is unsurprising.  However, on an initial read, the first purpose in the list, with the inclusion of “other threats and activities” by foreign powers, provides the government wide latitude to use bulk collected data–although likely similar in scope to the already permissive definition of “foreign intelligence information” found in FISA.  Likewise, the final purpose in the list, “transnational criminal threats,” struck me as exceptionally broad, especially since it is not limited (note the use of the word “including”–but without a limiting modifier).  It could be read as a sort of catch-all inclusion that would cast a very wide net regarding the purposes for which bulk collections could be used.  So while PPD-28 purported to direct the DNI to provide the public with information on the reasons for which the government can use bulk collected data, it leaves us still asking for what purposes can’t the government access the data.

Here is the full statement from IC on the Record:

List of Permissible Uses of Signals Intelligence Collected in Bulk

February 10, 2014

Presidential Policy Directive/PPD-28 – Signals Intelligence Activities establishes a process for determining the permissible uses of nonpublicly available signals intelligence that the United States collects in bulk. It also directs the Director of National Intelligence to “maintain a list of permissible uses of signals intelligence collected in bulk” and make the list “publicly available to the maximum extent feasible, consistent with the national security.”

Consistent with that directive, I am hereby releasing the current list of permissible uses of nonpublicly available signals intelligence that the United States collects in bulk.

Signals intelligence collected in “bulk” is defined as “the authorized collection of large quantities of signals intelligence data which, due to technical or operational considerations, is acquired without the use of discriminants (e.g., specific identifiers, selection terms, etc.).” As of Jan. 17, 2014, nonpublicly available signals intelligence collected by the United States in bulk may be used by the United States “only for the purposes of detecting and countering:

  • Espionage and other threats and activities directed by foreign powers or their intelligence services against the United States and its interests;
  • Threats to the United States and its interests from terrorism;
  • Threats to the United States and its interests from the development, possession, proliferation, or use of weapons of mass destruction;
  • Cybersecurity threats;
  • Threats to U.S. or allied Armed Forces or other U.S. or allied personnel; and
  • Transnational criminal threats, including illicit finance and sanctions evasion related to the other purposes named above.”

Further, as prescribed in PPD-28, “in no event may signals intelligence collected in bulk be used for the purpose of suppressing or burdening criticism or dissent; disadvantaging persons based on their ethnicity, race, gender, sexual orientation, or religion; affording a competitive advantage to U.S. companies and U.S. business sectors commercially;” or achieving any purpose other than those identified above.

James R. Clapper, Director of National Intelligence

  

About the Author(s)

Thomas Earnest

Former Managing Editor of Just Security (2013-14) Follow him on Twitter (@thomasdearnest).