With Patriot Act showdown looming, Sen. Chris Coons is trying to strike a balance

A hot day is predicted in Washington, D.C. this Sunday, with temperatures expected to exceed 90 degrees. But that summer swelter could be nothing compared to the heated debate scheduled to take place in Congress that afternoon and evening.

It will be the last day to argue over extending provisions of the Patriot Act that allowed for the warrantless bulk data collection of ordinary Americans, which are set to expire Monday, June 1.
Sen. Chris Coons (D-Del.), who sits on the Senate Judiciary Committee’s subcommittee on Privacy, Technology and the Law, spoke with Technical.ly Delaware Thursday about what he thinks will happen this weekend in Washington.

This is not a responsible way to legislate on complex, technical issues of national security and personal privacy.

“There’s broad and I think, bipartisan agreement that we should not reauthorize the NSA bulk data collection programs without making needed improvements to privacy protections,” Coons said.
But Senate Majority Leader Mitch McConnell (R-Ky.) isn’t going down without a fight. McConnell has been determined to let Section 215 of the Patriot Act stand, rather than allow it to sunset.
Although the Patriot Act was signed into law October 26, 2001, the vast amount of data collected under Section 215 did not come into the public’s consciousness until June 2013, when Edward Snowden disclosed to journalists thousands of classified documents he collected while working as an NSA contractor.
The USA Freedom Act was introduced in October 2013 in response, and was designed in part to end the bulk collection of Americans’ metadata, as well as to end secret laws created by the Foreign Intelligence Surveillance Act court. But the Act, which came within striking distance of passing in a vote taken last Saturday, didn’t pass because McConnell urged his caucus to vote against it, Coons said. The Act had strong bipartisan support in the House, but fell short by just three votes in the Senate.
McConnell is set to make a last-ditch effort to extend Section 215 of the Patriot Act Sunday. The Kentucky Republican has vehemently stated his support for the Patriot Act, saying in a speech last Friday it “would be a mistake to take from our intelligence community any of the valuable tools needed to build a complete picture of terrorist networks and their plans — such as the bulk data collection program. … The intelligence community needs these tools to protect Americans.”
Coons said he truly does not understand McConnell’s position, or his tactics. “Now, what we’re going to do is be called back into session late Sunday afternoon and early evening, with the [NSA bulk data collection] program’s expiration staring us in the face that evening. This is not a responsible way to legislate on complex, technical issues of national security and personal privacy,” Coons said.
However, there isn’t much time left for a lengthy debate. McConnell has already tried several times to get consensus on an extension of Section 215, without success — meaning this weekend could well be the swan song for bulk data collection of the phone records of ordinary citizens. The Obama Administration has already begun to shut down the program, which it promised to do if Congress did not pass legislation to reauthorize the government’s authority for the NSA’s bulk telephone record collection program by May 22. That day came and went without a reauthorization.
Privacy advocates like the Electronic Frontier Foundation (EFF) and the Electronic Privacy Information Center (EPIC) have long awaited the June 1 sunset date of the NSA’s bulk data collection program. In a 2013 petition EPIC filed with the U.S. Supreme Court, the organization argued, “It is simply not possible that every phone record in the possession of a telecommunications firm could be relevant to an authorized investigation.” Speaking at the National Constitution Center on Tuesday, EPIC President Marc Rotenberg made a cautious prediction that Section 215 will be allowed to expire on Sunday.
Meanwhile, the EFF, which sued the Department of Justice in 2011 over the NSA program to find out what specifically had been collected, is maintaining a countdown clock in the form of a banner at the top of its website, ticking off the days, hours, minutes and seconds “to end mass surveillance under the Patriot Act.”

“Some in Congress argue that they need the time for more discussion, but that’s not true: they’ve had nearly two years to address this program since the first Snowden leaks, and they’ve had more than a decade for discussion since the Patriot Act passed,” the EFF states on its website. “This isn’t about discussion. It’s an attempt to deflect public pressure and water down reform efforts.”
The American Civil Liberties Union has also been a vocal opponent of Section 215, stating that its expansion of records searches violates the First and Fourth Amendments of the U.S. Constitution. In June 2013, within days of the Snowden disclosures, in ACLU v. Clapper, the ACLU sued Director of National Intelligence James Clapper, alleging the NSA’s bulk collection of Verizon phone records under Section 215 violated Americans’ rights to privacy, due process and free speech. On May 7, 2015, the U.S. Court of Appeals for the Second Circuit ruled in favor of the ACLU, finding that the telephone metadata program had exceeded the scope of what was authorized by Congress under Section 215.
Coons said there’s widespread agreement the so-called “lone wolf” and roving wiretap provisions of the Patriot Act are worth renewing, but that he “doesn’t know how” McConnell is going to accomplish renewing those provisions if he insists on extending Section 215. The lone wolf provision addresses non-U.S. citizens engaged in terrorism, who may not be part of a recognized terrorist group; roving wiretaps are specific to a target who attempts to throw off law enforcement by acquiring a new phone and throwing away the old one, or by changing location.
The laser-like focus on mass surveillance conducted by the U.S. government spawned in response a number of new and offices created in response by the Obama administration. Arguably, we’ve gone from a dearth to a deluge of tools to address privacy. But just how it all will shake out remains to be seen.

###

In December 2014, President Obama signed into law the Federal Information Security Modernization Act and the National Cybersecurity Protection Act, as well as two other bills to improve the federal cybersecurity workforce. Does Coons think all this legislation, all at once, further complicates things? It’s all still an unknown, he said.

There are some still-unresolved questions about how we balance protecting individuals' private information with the commercial use of private information and the susceptibility of that information to theft.

Sen. Tom Carper (D-Del.), who is a ranking member on the Homeland Security Committee, introduced the Cyber Threat Sharing Act of 2015 (S.B. 456), which would help facilitate sharing of cyber threat data between the private sector and the federal government. Coons sees that Act as “a well-intentioned effort to strengthen our ability to respond to a recent rash of high-profile hacking cases … not just the IRS, which most recently happened, but Target and others, where threats to significant amounts of personal data held by private-sector companies need to be shared between those companies and law enforcement, so that we can take appropriate action to protect the data privacy of consumers.”
To those who ask if we really need another law to facilitate sharing personal data with the government, Coons says S.B. 456 “deserves the benefit of the doubt.”
“I do think there are some still-unresolved questions about how we balance protecting individuals’ private information with the commercial use of private information and the susceptibility of that information to theft. So I look forward to hearing more about the balance of concerns between privacy and security in the context of the Cyber Threat Sharing Act, and I also think the Cyber Information Sharing Act, which may end up being the moving legislative vehicle, raises concerns and questions as well.
“I believe we can have security and privacy,” Coons said. “And I’m going to continue to be a voice for responsible privacy protection as we work to try and deal with cyber threats, both to public infrastructure and national security, as well as cyber threats to individual privacy and data.”

The Obama Administration has rapidly created several offices to address cybersecurity, including the National Cybersecurity and Communications Integration Center, the Cyber Threat Intelligence Integration Center and the Cyber Response Group. But this flurry of activity for some raises the question of whether these offices will be duplicating efforts, and more importantly, whether there will be any meaningful change.
While Coons emphasized he doesn’t speak for the full Privacy, Technology and the Law committee on this point, he said he personally hopes there will be a streamlining of potentially duplicative programs and offices.
“We’ve gone from a place where the federal government did not have enough resources and organizations dedicated to addressing cybersecurity concerns, to a place where we’ve got several. Making sure they’re responsibly sharing information, respecting citizens’ privacy, and effectively protecting our country is one of the core challenges we face.”
For now, though, Coons is just focusing on what will happen Sunday.
“One of my real hopes this Sunday is that we will begin to take concrete steps toward amending the Patriot Act, and demonstrate a bipartisan ability and willingness to move in the direction of more strongly respecting the privacy of average Americans.
“After the Snowden revelations,” he continued, “I think millions of average Americans were concerned that, without any specific or concrete suspicion, their personal data was being gathered and analyzed. A lot of Delawareans have conveyed to me that their first priority is that we all be safe, and that we conduct the work of the nation on their part, pushing back against terrorism … but they also wondered whether this program was overly broad, was appropriately supervised, and was appropriately authorized by Congress.”
Sunday will tell whether the NSA’s bulk data collection program will see the reform Coons says is needed.