Latest in Culture

Image credit:

CIA reveals new guidelines for collecting data on Americans

The rules may help spies keep pace with the internet era.
Jon Fingas, @jonfingas
January 19, 2017
Share
Tweet
Share

Sponsored Links

Reuters/Larry Downing

There's no question that the US government's approach to handling sensitive data could stand an update to acknowledge the online age, and the CIA is taking a stab at it. The agency has published new procedures that govern how it collects, keeps and shares information on Americans under Executive Order 12333. The guidelines acknowledge that it's much, much easier to collect large volumes of data than when the Order surfaced in the 1980s, and that the nature of the internet requires restrictions that hadn't even been considered before.

The updated rules include "specific approval requirements" for any data that can't be evaluated right away, and limit data collection to the smallest the CIA needs to achieve its goals. Agents can't just scoop up as much as they can and hoard it for later, in other words. The agency will also limit access to unevaluated data, insist on training for handling that data and require the deletion of that data no more than 5 years after it's available.

Data searches, meanwhile, have to both be limited to legal activities and include an explanation whenever there's extra-sensitive information involved, like messages. And spies can't just inflitrate online social circles at will, either. Operatives have to identify their affiliation unless they're joining an organization that primarily consists of and is run by non-Americans, and they'll still have to get approval from the CIA's Director before diving in.

There will be periodic audits on top of existing oversights, the CIA says.

We can see some potential flaws in the guidelines. While the agency does have a good reason to keep info around for a while, 5 years is a long time to retain internet data that probably won't be useful. And is a statement of purpose enough for the CIA to look at private conversations in its databases, even if the scope is narrow? Still, the very fact that the CIA is updating its rules (not to mention making the changes public) is important. This theoretically lowers the odds that surveillance teams will grab more data than they're allowed (ahem, NSA), and increases the chances that abusers will be caught in the act.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
Tweet
Share

Popular on Engadget

NASCAR driver 'rage quits' esports race

NASCAR driver 'rage quits' esports race

View
The best games for PS4

The best games for PS4

View
Quit trying to make Quibi happen

Quit trying to make Quibi happen

View
Twitter bans deepfakes that are 'likely to cause harm'

Twitter bans deepfakes that are 'likely to cause harm'

View
Google Fit redesign focuses on your step count

Google Fit redesign focuses on your step count

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr