As the Snowden Leaks Began… There Was "fear and panic" in The US Government. There Still Is.

Snowden's leaks include information on the PRISM Global surveillance program.

US Lawmakers are demanding that the Obama administration comes clean on how many Americans have been caught up in its domestic surveillance programs.

Without that information, a bipartisan group of leading lawmakers aren't able to fully determine what changes need to be made to US surveillance laws, some of which will expire by the end of 2017.

Those surveillance programs include the controversial PRISM program, which reportedly tapped data from nine tech titans including Apple, Facebook, Google, Microsoft and others.

These programs were authorized under Section 702 of the Foreign Intelligence Surveillance Act, a statute that allowed the government to secretly collect any data on foreign citizens, but also collect data on Americans who are incidentally collected as part of that effort.

Critics argue that this is a "backdoor search" on Americans that doesn't require a warrant, contravening Fourth Amendment protections against unwarranted domestic surveillance.

Let’s go back…

It was late evening on June 5 two years ago in a muggy Washington DC, when almost every phone belonging to a member of Congress began to ring.

News broke in The Guardian that the elusive National Security Agency was forcing Verizon, one of the nation's largest phone companies, to hand over on a rolling basis the phone records of its entire customer base.

Dozens of US lawmakers were finding out for the first time of this potentially massive domestic surveillance program, as were the American people who were reportedly ensnared by it.

But a handful of privy lawmakers in Congress were not surprised at all. One of those was Sen. Ron Wyden (D-OR), who along with his colleagues on the Senate Intelligence Committee had been secretly briefed on the program years prior to the program's leaking.

About fifteen minutes after the story broke, Wyden received another call on his cell phone.

"I can't tell you what you want me to tell you!," he told the caller. It was Wyden's former communications director Jennifer Hoelzer, who had spent more than half a decade by the senator's side. It wasn't news to her that her former boss had known about the secret program, but she was surprised that he was still barred from confirming or denying its existence.

By the end of the first hour -- approaching midnight -- press officers for the members on the Senate Intelligence Committee were unable to comment to journalists on the record about a program that they, as non-clearance holding staffers, weren't even aware of themselves.

"There was an incredible amount of fear and panic, because nobody knew what else was coming," said a senior congressional official with direct knowledge of the events on that and subsequent days, who declined to be named for this story.

"Nobody knew how sensitive these leaks were, and whether or not this was the sort of thing that would put individuals at risk," the person said. There was a strong suspicion that the leaker was someone within the intelligence community, perhaps someone high up in the chain of command with access to internal intelligence documents. There was a scramble among those with security clearance to find out what had been leaked, and who might have leaked it.

Sens. Dianne Feinstein (D-CA) and Saxby Chambliss (R-GA) released a joint statement first thing the next morning on June 6 as the American people were reading the news over their morning coffee. The statement said that members of Congress had been "briefed extensively" on the program. Except, that wasn't entirely true.

Some members of the Senate Intelligence Committee later admitted they weren't even aware of the full scope of the program. Sens. Angus King (I-ME) and Susan Collins (R-ME), who joined the committee months before the Snowden disclosures, told one local newspaper a day after news of the leaks broke that they had not known "specifics" of certain surveillance programs, including the phone records program.

Wyden became one of the few committee members (with the exception of Sen. Martin Heinrich (D-NM) and his then-colleague Mark Udall (D-CO), who are both allies of Wyden) to comment publicly.

In his statement, Wyden doled out his critical rhetoric, saying that he had been "concerned" for years about the program. He also said the program's effectiveness was "unclear."

Wyden's former chief of staff Josh Kardon, who served for more than a decade between 1996 and 2010, explained that prior to the leaks the senator was clued up because he wouldn't just rely on what the intelligence officials were telling him.

Kardon said the senator would "develop his own sources" within the intelligence community instead of relying on the White House to give him straight answer.

By law, the intelligence agencies have to keep the committee (and other key leadership-holding members of Congress) informed of their activities, but they would instead drip feed information and hope nobody asked too many follow-up questions. Things were so bad, said a former staffer close to Wyden who did not want to be named for the story, that the senator could have asked the simplest of questions, like "if anybody had the time," to which an intelligence agent would respond with, simply, "yes."

A day after the first leak, a second surveillance program, known as PRISM, was revealed.

The secret program was met with instant backlash from Silicon Valley after it was shown to allow the collection of almost every shred of user information held by nine named technology giants. Inside the walls of Congress, that panic had turned to anger at the inability to speak out.

It was clear by now that the first leak was not an isolated incident. It would be a guessing game as to what would come next, even to those who thought they were in the know.
ZD Net: http://bit.ly/1SZ4EGI  and  http://zd.net/1GVBJiB

« Implementing EU Privacy Laws Requires 28,000 New Data Professionals
Insurers Are Getting Smarter About Cyber Insurance »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Cynet

Cynet

Cynet simplifies security by providing a rapidly deployed, comprehensive platform for detection, prevention and automated response to advanced threats with near-zero false positives.

Uppsala Security

Uppsala Security

Uppsala Security built the first crowdsourced Threat Intelligence platform known as the Sentinel Protocol, which is powered by blockchain technology.

Stage2Data

Stage2Data

Stage2Data is one of Canada’s most trusted cloud solution providers offering hosted Backup and Disaster Recovery Services.

Sadoff E-Recycling & Data Destruction

Sadoff E-Recycling & Data Destruction

Sadoff E-Recycling and Data Destruction protect the environment and your data with proven and trusted electronics recycling and data destruction services.

Centre for Multidisciplinary Research, Innovation & Collaboration (C-MRiC)

Centre for Multidisciplinary Research, Innovation & Collaboration (C-MRiC)

C-MRiC collaborates on initiatives, ranging from national cyber security, enterprise security, information assurance, protection strategy, climate control to health and life sciences.

IntaPeople

IntaPeople

IntaPeople are IT and engineering recruitment specialists. We have specialist teams for job sectors including Cybersecurity, IT infrastructure and DevOps.

Cobalt Iron

Cobalt Iron

Cobalt Iron is a global leader in SaaS-based enterprise backup and data protection technology.

Coveware

Coveware

Coveware helps businesses remediate ransomware. We help companies recover after files have been encrypted, and our analytic, monitoring and alerting tools help companies prevent ransomware incidents.

Security BSides Cayman Islands

Security BSides Cayman Islands

Security BSides is a non-profit, community-driven event built for and by information security community members. Our aim is to help build an Information Security community in the Cayman Islands.

Slamm Technologies

Slamm Technologies

Slamm Technologies is a trusted IT firm that offers Cyber Security Support, Corporate IT Solutions and Professional IT Training courses with international certification.

Wavenet

Wavenet

Wavenet has grown from simple beginnings to become one of the UK’s market leaders in unified communications, business telephony, and Cyber Security solutions.

Cloudbrink

Cloudbrink

Cloudbrink is purpose-built to deliver the industry’s highest performance connectivity to remote and hybrid workers, anywhere in the world.

Haiku

Haiku

Haiku stands at the forefront of cybersecurity upskilling, leveraging video games to immerse you in a flow state for accelerated, enduring learning.

PDI Technologies

PDI Technologies

PDI Technologies helps convenience retail and petroleum wholesale businesses around the globe increase efficiency and profitability by securely connecting their data and operations.

UBDS Digital

UBDS Digital

UBDS Digital is your Digital Lifecycle Partner for Secure Cloud Transformation.

Faddom

Faddom

Faddom is an agentless tool that visualizes your on-premises and cloud infrastructure, as well as their inter-dependencies.