As the Snowden Leaks Began… There Was "fear and panic" in The US Government. There Still Is.

Snowden's leaks include information on the PRISM Global surveillance program.

US Lawmakers are demanding that the Obama administration comes clean on how many Americans have been caught up in its domestic surveillance programs.

Without that information, a bipartisan group of leading lawmakers aren't able to fully determine what changes need to be made to US surveillance laws, some of which will expire by the end of 2017.

Those surveillance programs include the controversial PRISM program, which reportedly tapped data from nine tech titans including Apple, Facebook, Google, Microsoft and others.

These programs were authorized under Section 702 of the Foreign Intelligence Surveillance Act, a statute that allowed the government to secretly collect any data on foreign citizens, but also collect data on Americans who are incidentally collected as part of that effort.

Critics argue that this is a "backdoor search" on Americans that doesn't require a warrant, contravening Fourth Amendment protections against unwarranted domestic surveillance.

Let’s go back…

It was late evening on June 5 two years ago in a muggy Washington DC, when almost every phone belonging to a member of Congress began to ring.

News broke in The Guardian that the elusive National Security Agency was forcing Verizon, one of the nation's largest phone companies, to hand over on a rolling basis the phone records of its entire customer base.

Dozens of US lawmakers were finding out for the first time of this potentially massive domestic surveillance program, as were the American people who were reportedly ensnared by it.

But a handful of privy lawmakers in Congress were not surprised at all. One of those was Sen. Ron Wyden (D-OR), who along with his colleagues on the Senate Intelligence Committee had been secretly briefed on the program years prior to the program's leaking.

About fifteen minutes after the story broke, Wyden received another call on his cell phone.

"I can't tell you what you want me to tell you!," he told the caller. It was Wyden's former communications director Jennifer Hoelzer, who had spent more than half a decade by the senator's side. It wasn't news to her that her former boss had known about the secret program, but she was surprised that he was still barred from confirming or denying its existence.

By the end of the first hour -- approaching midnight -- press officers for the members on the Senate Intelligence Committee were unable to comment to journalists on the record about a program that they, as non-clearance holding staffers, weren't even aware of themselves.

"There was an incredible amount of fear and panic, because nobody knew what else was coming," said a senior congressional official with direct knowledge of the events on that and subsequent days, who declined to be named for this story.

"Nobody knew how sensitive these leaks were, and whether or not this was the sort of thing that would put individuals at risk," the person said. There was a strong suspicion that the leaker was someone within the intelligence community, perhaps someone high up in the chain of command with access to internal intelligence documents. There was a scramble among those with security clearance to find out what had been leaked, and who might have leaked it.

Sens. Dianne Feinstein (D-CA) and Saxby Chambliss (R-GA) released a joint statement first thing the next morning on June 6 as the American people were reading the news over their morning coffee. The statement said that members of Congress had been "briefed extensively" on the program. Except, that wasn't entirely true.

Some members of the Senate Intelligence Committee later admitted they weren't even aware of the full scope of the program. Sens. Angus King (I-ME) and Susan Collins (R-ME), who joined the committee months before the Snowden disclosures, told one local newspaper a day after news of the leaks broke that they had not known "specifics" of certain surveillance programs, including the phone records program.

Wyden became one of the few committee members (with the exception of Sen. Martin Heinrich (D-NM) and his then-colleague Mark Udall (D-CO), who are both allies of Wyden) to comment publicly.

In his statement, Wyden doled out his critical rhetoric, saying that he had been "concerned" for years about the program. He also said the program's effectiveness was "unclear."

Wyden's former chief of staff Josh Kardon, who served for more than a decade between 1996 and 2010, explained that prior to the leaks the senator was clued up because he wouldn't just rely on what the intelligence officials were telling him.

Kardon said the senator would "develop his own sources" within the intelligence community instead of relying on the White House to give him straight answer.

By law, the intelligence agencies have to keep the committee (and other key leadership-holding members of Congress) informed of their activities, but they would instead drip feed information and hope nobody asked too many follow-up questions. Things were so bad, said a former staffer close to Wyden who did not want to be named for the story, that the senator could have asked the simplest of questions, like "if anybody had the time," to which an intelligence agent would respond with, simply, "yes."

A day after the first leak, a second surveillance program, known as PRISM, was revealed.

The secret program was met with instant backlash from Silicon Valley after it was shown to allow the collection of almost every shred of user information held by nine named technology giants. Inside the walls of Congress, that panic had turned to anger at the inability to speak out.

It was clear by now that the first leak was not an isolated incident. It would be a guessing game as to what would come next, even to those who thought they were in the know.
ZD Net: http://bit.ly/1SZ4EGI  and  http://zd.net/1GVBJiB

« Implementing EU Privacy Laws Requires 28,000 New Data Professionals
Insurers Are Getting Smarter About Cyber Insurance »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

European Defence Agency (EDA)

European Defence Agency (EDA)

EDAs mission is to improve European defence capabilities. Programme areas include Cyber Defence.

IT Security Guru

IT Security Guru

IT Security Gurus publish daily breaking news. interviews with the key thinkers in IT security, videos and the top 10 stories as picked by our Editor.

Systancia

Systancia

Systancia offer solutions for the virtualization of applications and VDI, external access security, Privileged Access Management (PAM), Single Sign-On (SSO) and Identity and Access Management (IAM).

Fraunhofer Institute for Secure Information Technology (SIT)

Fraunhofer Institute for Secure Information Technology (SIT)

Fraunhofer SIT is a research centre specialising in all areas of IT security.

PerimeterX

PerimeterX

PerimeterX is the leading provider of solutions that secure digital businesses against automated fraud and client-side attacks.

SevenShift

SevenShift

SevenShift is a security consulting firm with a wealth of experience in the worlds of Cybersecurity and Internet of Things (IoT).

Conviso

Conviso

Conviso is a consulting company specialized in Application Security and Security Research.

Osirium

Osirium

The Osirium PxM Privileged Access Management platform addresses both security and compliance requirements by defining who gets access to what and when.

Council to Secure the Digital Economy (CSDE)

Council to Secure the Digital Economy (CSDE)

CSDE brings together companies from across the ICT sector to combat increasingly sophisticated and emerging cyber threats through collaborative actions.

GELLIFY

GELLIFY

GELLIFY is the first innovation platform dedicated to the high-tech B2B market, supporting start-ups and companies.

Diateam

Diateam

Diateam is an R&D company specializing in computer security. Diateam develops highly innovative cyber range platforms and Industry-leading systems for cybersecurity training and testing labs.

HacWare

HacWare

HacWare is a data driven cybersecurity awareness product that leverages machine learning and behavior analytics help IT professionals combat phishing.

Bluewave

Bluewave

Bluewave are a strategic IT advisory company that offers businesses a simple and comprehensive way to purchase information technology solutions.

Ignite Cyber

Ignite Cyber

IGNITE Cyber is focused on enabling secure technology adoption through intelligent business decisions. We are focused on providing a secure and stable business environment for everyone.

Abstract Security

Abstract Security

Abstract Security has created a revolutionary platform, equipped with an AI-powered assistant, to better centralize the management of security analytics.

Offenso Hackers Academy

Offenso Hackers Academy

At Offenso we focus on cyber security training focused on producing cyber security professionals with a wide range of abilities to counter threats from the internet and cloud to a business.