As the Snowden Leaks Began… There Was "fear and panic" in The US Government. There Still Is.

Snowden's leaks include information on the PRISM Global surveillance program.

US Lawmakers are demanding that the Obama administration comes clean on how many Americans have been caught up in its domestic surveillance programs.

Without that information, a bipartisan group of leading lawmakers aren't able to fully determine what changes need to be made to US surveillance laws, some of which will expire by the end of 2017.

Those surveillance programs include the controversial PRISM program, which reportedly tapped data from nine tech titans including Apple, Facebook, Google, Microsoft and others.

These programs were authorized under Section 702 of the Foreign Intelligence Surveillance Act, a statute that allowed the government to secretly collect any data on foreign citizens, but also collect data on Americans who are incidentally collected as part of that effort.

Critics argue that this is a "backdoor search" on Americans that doesn't require a warrant, contravening Fourth Amendment protections against unwarranted domestic surveillance.

Let’s go back…

It was late evening on June 5 two years ago in a muggy Washington DC, when almost every phone belonging to a member of Congress began to ring.

News broke in The Guardian that the elusive National Security Agency was forcing Verizon, one of the nation's largest phone companies, to hand over on a rolling basis the phone records of its entire customer base.

Dozens of US lawmakers were finding out for the first time of this potentially massive domestic surveillance program, as were the American people who were reportedly ensnared by it.

But a handful of privy lawmakers in Congress were not surprised at all. One of those was Sen. Ron Wyden (D-OR), who along with his colleagues on the Senate Intelligence Committee had been secretly briefed on the program years prior to the program's leaking.

About fifteen minutes after the story broke, Wyden received another call on his cell phone.

"I can't tell you what you want me to tell you!," he told the caller. It was Wyden's former communications director Jennifer Hoelzer, who had spent more than half a decade by the senator's side. It wasn't news to her that her former boss had known about the secret program, but she was surprised that he was still barred from confirming or denying its existence.

By the end of the first hour -- approaching midnight -- press officers for the members on the Senate Intelligence Committee were unable to comment to journalists on the record about a program that they, as non-clearance holding staffers, weren't even aware of themselves.

"There was an incredible amount of fear and panic, because nobody knew what else was coming," said a senior congressional official with direct knowledge of the events on that and subsequent days, who declined to be named for this story.

"Nobody knew how sensitive these leaks were, and whether or not this was the sort of thing that would put individuals at risk," the person said. There was a strong suspicion that the leaker was someone within the intelligence community, perhaps someone high up in the chain of command with access to internal intelligence documents. There was a scramble among those with security clearance to find out what had been leaked, and who might have leaked it.

Sens. Dianne Feinstein (D-CA) and Saxby Chambliss (R-GA) released a joint statement first thing the next morning on June 6 as the American people were reading the news over their morning coffee. The statement said that members of Congress had been "briefed extensively" on the program. Except, that wasn't entirely true.

Some members of the Senate Intelligence Committee later admitted they weren't even aware of the full scope of the program. Sens. Angus King (I-ME) and Susan Collins (R-ME), who joined the committee months before the Snowden disclosures, told one local newspaper a day after news of the leaks broke that they had not known "specifics" of certain surveillance programs, including the phone records program.

Wyden became one of the few committee members (with the exception of Sen. Martin Heinrich (D-NM) and his then-colleague Mark Udall (D-CO), who are both allies of Wyden) to comment publicly.

In his statement, Wyden doled out his critical rhetoric, saying that he had been "concerned" for years about the program. He also said the program's effectiveness was "unclear."

Wyden's former chief of staff Josh Kardon, who served for more than a decade between 1996 and 2010, explained that prior to the leaks the senator was clued up because he wouldn't just rely on what the intelligence officials were telling him.

Kardon said the senator would "develop his own sources" within the intelligence community instead of relying on the White House to give him straight answer.

By law, the intelligence agencies have to keep the committee (and other key leadership-holding members of Congress) informed of their activities, but they would instead drip feed information and hope nobody asked too many follow-up questions. Things were so bad, said a former staffer close to Wyden who did not want to be named for the story, that the senator could have asked the simplest of questions, like "if anybody had the time," to which an intelligence agent would respond with, simply, "yes."

A day after the first leak, a second surveillance program, known as PRISM, was revealed.

The secret program was met with instant backlash from Silicon Valley after it was shown to allow the collection of almost every shred of user information held by nine named technology giants. Inside the walls of Congress, that panic had turned to anger at the inability to speak out.

It was clear by now that the first leak was not an isolated incident. It would be a guessing game as to what would come next, even to those who thought they were in the know.
ZD Net: http://bit.ly/1SZ4EGI  and  http://zd.net/1GVBJiB

« Implementing EU Privacy Laws Requires 28,000 New Data Professionals
Insurers Are Getting Smarter About Cyber Insurance »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

4ARMED

4ARMED

4ARMED specializes in penetration testing, information security consultancy and security training

Black Hat Briefings

Black Hat Briefings

The Black Hat Briefings are a series of highly technical information security conferences that bring together thought leaders from all facets of the infosec world.

Riverbed Technology

Riverbed Technology

The Riverbed Network and Application Performance Platform enables organizations to visualize, optimize, accelerate and remediate the performance of any network for any application.

Seclore

Seclore

Seclore is the most advanced, secure, and automated Enterprise Digital Rights Management (EDRM) solution available.

CERT Polska

CERT Polska

CERT Polska is the first Polish computer emergency response team and operates within the structures of NASK (Research and Academic Computer Network) research institute.

Akheros

Akheros

Akheros develops cybersecurity learning algorithms which anticipate, detect and prevent offensive and incongruous behaviors of M2M interactions.

Maticmind

Maticmind

Maticmind is an ICT System Integrator providing solutions and specialized skills in Networking, Security, Unified Communications & Collaboration, Datacenter & Cloud and Application.

Forgepoint Capital

Forgepoint Capital

ForgePoint Capital is a premier venture investor for early stage cybersecurity companies.

689cloud

689cloud

689Cloud is a cloud content collaboration platform that allows users to protect, track, and control files AFTER they have been shared.

TrustGrid

TrustGrid

Trustgrid is a pioneer and leader in secure, cloud-native software-defined connectivity.

Brace168

Brace168

Specialising in Cyber Security incident identification and response, Brace168 is uniquely positioned to provide a vast experience in managed security services to meet the needs of all business types.

Syracom

Syracom

syracom is a consultancy firm specialized in development of efficient business processes. With our expertise and IT competence, we develop tailored solutions for customers in various industries.

Purple Team

Purple Team

Purple Team is an expert cybersecurity and managed security service provider focused on arming your IT infrastructure with both red team and blue team services.

Ermes

Ermes

Ermes – Intelligent Web Protection provides companies with a solution that effectively secures them against web threats.

Papua New Guinea National Cyber Security Centre (PNG NCSC)

Papua New Guinea National Cyber Security Centre (PNG NCSC)

PNG NCSC is a jointly funded initiative enabling PNG to benefit with the most advanced cyber protection of its critical information and communications technology infrastructure.

Mediatech

Mediatech

Mediatech, specialized in managed Cybersecurity and Cloud services, a single point of contact for your company's IT and infrastructure.