Narrowly Constructing National Surveillance Law

Orin Kerr has a new article that argues for narrowly constructing national security law:

This Essay argues that Congress should adopt a rule of narrow construction of the national security surveillance statutes. Under this interpretive rule, which the Essay calls a "rule of lenity," ambiguity in the powers granted to the executive branch in the sections of the United States Code on national security surveillance should trigger a narrow judicial interpretation in favor of the individual and against the State. A rule of lenity would push Congress to be the primary decision maker to balance privacy and security when technology changes, limiting the rulemaking power of the secret Foreign Intelligence Surveillance Court. A rule of lenity would help restore the power over national security surveillance law to where it belongs: The People.

This is certainly not a panacea. As Jack Goldsmith rightly points out, more Congressional oversight over NSA surveillance during the last decade would have gained us more NSA surveillance. But it's certainly better than having secret courts make the rules after only hearing one side of the argument.

Posted on November 11, 2014 at 2:13 PM • 35 Comments


Rufo guerreschiNovember 11, 2014 2:41 PM

Stepping back overight on NSA from NSA private courts to Congress si not nearly enough given the way Congress completely underused the power it could have exercised.

Given the state of elected bodies in the US, a much better oversight could be given by a decentralized citizen-jury based system.

01November 11, 2014 3:07 PM

I hate to be "that guy" (you know... the guy), but how is it "obviously" a nation-state attack ?

The most nation-statish thing about it is that it uses really good flash 0-days, and even that is not exclusively a nation-state thing.

Given the potential cost of information one can gain by targeting high-profile individuals, I wouldn't put it past some of the more underhanded comptetitive intelligence companies to at least try something like that.

edgeNovember 11, 2014 3:30 PM

I can imagine the push-back. The NSA would argue that they need flexibility to respond immediately to changes in technology and target communication methods. They would argue that the legislative process is too slow to keep up with their needs.

(Unfortunately, the converse is true. In a world without narrow construction, the legislative process is too slow to effectively limit the ever changing types of privacy abuse that the intelligence agencies come up with.)

AlanSNovember 11, 2014 5:47 PM

Kerr himself says the remedy he proposes would "not solve everything. But it is an easy first step".

Whether you agree with his proposed remedy or not, the paper is worth reading for the analysis of why the operation of the FISC ran off the rails and is so problematic.

Ex parte regulation works best with transparent practices and stable technology. National security surveillance offers the worst of both worlds, with secret practices and rapid technological change.

...The traditional role of ex parte and ex ante review is merely to review applications and either sign or refuse to sign orders. Ex parte review normally does not generate case law or lead to opinions. But until the summer of 2013, the work of the FISC remained secret—both as to whether the FISC had exceeded the traditional role of an ex parte court and if so, how the FISC had regulated the executive branch and what legal interpretations it had adopted. The flurry of Snowden documents changed that. Starting in the summer of 2013, several documents from the FISC were disclosed.

And in response to Snowden’s leaks, the federal government released additional troves of FISC materials. The documents revealed that the FISC had indeed issued legal opinions on its surveillance powers. When faced with an application for surveillance based on a questionable reading of its powers, the FISC had issued opinions interpreting its authorities. FISC opinions also engaged in extensive oversight of the NSA’s compliance with its earlier orders

The FISC’s opinions that regulated the FISC were striking in their content and form. First, the quality of the FISC’s legal analysis was surprisingly poor. The FISC had authorized vastly more surveillance than outside observers could have imagined based on the public text of the statute. In the hands of the FISC judges, acting in secret, the text of FISA was no longer a reliable guide to executive branch authority.

Bob S.November 11, 2014 5:55 PM

Mr. Kerr is a smart man in many respects but he obviously does not understand Congress at all.

They aren't going to grant the people more rights or powers at all.
I dread the coming "Internet Privacy and Freedom Act(s)" which likely will follow the Patriot Act pattern by granting the military and law enforcement ever more power over our electronic data and devices, certainly not less. This is a pattern going on with governments and corporations all over the world. They have the money and power and want more. They will get it if they can.

It would take a vast awakening of the American people, and citizens of the world, to change things. Millions of people protested the Viet Nam War yet it took many, many years before the war mongering politicians would let it go.

Ditto for the war on our privacy and data. The difference in my mind is that the war on our data and devices is a violation of rights deemed unalienable by the founders. They didn't have iPhones in those days, but they knew tyranny when they saw it. They would see it today, too.

WhatDidYouExpectNovember 11, 2014 8:22 PM

How about businesses making their own rules without benefit of court of law...found on Slashdot:

ISPs Removing Their Customers' Email Encryption

From the EFF:

"Recently, Verizon was caught tampering with its customer's web requests to inject a tracking super-cookie. Another network-tampering threat to user safety has come to light from other providers: email encryption downgrade attacks. In recent months, researchers have reported ISPs in the U.S. and Thailand intercepting their customers' data to strip a security flag — called STARTTLS — from email traffic. The STARTTLS flag is an essential security and privacy protection used by an email server to request encryption when talking to another server or client.

By stripping out this flag, these ISPs prevent the email servers from successfully encrypting their conversation, and by default the servers will proceed to send email unencrypted. Some firewalls, including Cisco's PIX/ASA firewall do this in order to monitor for spam originating from within their network and prevent it from being sent. Unfortunately, this causes collateral damage: the sending server will proceed to transmit plaintext email over the public Internet, where it is subject to eavesdropping and interception."

JestInCaseNovember 11, 2014 8:36 PM

@Bob S.

I agree with your premise and will carry it forward. Yes, it will take a vast awakening of the world population to get changes made. No, I don’t see it happening.

The protests over the Vietnam war were actuated because journalists, both print and photo, captured the horrors and supplied them to the major television outlets. The blood, guts, and tears, were real (I was there) and for the first time the masses of the detached world could see the results of brutal conflict.

I cannot imagine anything approaching that for our loss of security and privacy. What sort of calamity, what kind of privacy breach, what act of lost freedom, will activate the general population? That’s an open question.

The article by Mr. Goldsmith closed with an observation that scares the bejebus out of me:
“In this sense, the Snowden revelations – … – might one day be seen to have paved the way to broader NSA powers.”

I pray to all of the Goddesses of Bits and Bytes that this does not come to pass.

AlanSNovember 11, 2014 8:50 PM

@Bob S "It would take a vast awakening of the American people..."

Agreed. There is no fix for a lack of "virtue and intelligence in the community".

Madison 1788 Virginia Ratifying Convention

I go on this great republican principle, that the people will have virtue and intelligence to select men of virtue and wisdom. Is there no virtue among us? If there be not, we are in a wretched situation. No theoretical checks, no form of government, can render us secure. To suppose that any form of government will secure liberty or happiness without any virtue in the people, is a chimerical idea. If there be sufficient virtue and intelligence in the community, it will be exercised in the selection of these men; so that we do not depend on their virtue, or put confidence in our rulers, but in the people who are to choose them.

AlanSNovember 11, 2014 9:12 PM


Part of Kerr's argument is that the current oversight processes are ineffectual because there is only limited disclosure to Congress, there is no public pressure on members to do the right thing as the public never gets to know what's going on (absent a Snowden), and elected members of the intelligence committees tend to develop a cozy relationship with the intelligence agencies:

Congress has addressed the absence of a natural feedback loop by requiring the executive to provide classified briefings about intelligence efforts to members of the House and Senate Intelligence and Judiciary Committees....Although well-intentioned, these limited disclosures fail to generate the necessary feedback about what the law authorizes. That is true for two reasons... see pp.1523-1524

ThothNovember 11, 2014 11:41 PM

Mail servers should always be using TLS these days instead of allowing plaintext communications. Cryptography is so much cheaper but people are just not willing to get out of their comfort zone to realize security. TLS between servers (mail or web servers) are pretty pointless because end-to-end security is so easily defeated. If a person actually used PGP/GPG to encrypt the emails, whether the STARTTLS gets disabled or not, the email is still encrypted end-to-end until a person picks it up and decides to decrypt it on their endpoint to read the encrypted message.

David HendersonNovember 12, 2014 12:44 AM

@Thoth writes
"whether the STARTTLS gets disabled or not, the email is still encrypted end-to-end until a person picks it up"

The body of the message may be encrypted inside s/MIME encryption, but the ultimate destination and return address must be known to all the pop/imap servers in the chain.The email addresses of the endpoints are known to the servers by the very nature of the protocol.

Its better than nothing, but traffic analysis is still very possible.

Another approach is BitMessage; wikipedia link:

"Bitmessage replicates all the messages inside its own anonymous P2P network, therefore mixing all the encrypted messages of a given user with all the encrypted messages of all other users of the network, thus making it difficult to track which particular computer is the actual originator of the message and which computer is the recipient of the message."

BitMessage could be truly secure, but the author is still seeking an audit of protocol and implementation.

JustinNovember 12, 2014 12:55 AM

Going a bit off-topic, but...

I have used PGP/GPG before and I can't say it's a viable solution. Only a small percentage of the general population uses encrypted e-mail, so it sticks out like a sore thumb where "High Strength Adversaries" are monitoring it, and most users would be performing the encryption/decryption on unsecured commodity PCs running insecure commodity operating systems and software and connected to the internet.

So the "High Strength Adversaries" will naturally be suspicious or just curious, and they definitely have the means to compromise most any PC connected to the internet, and I've definitely had my PC compromised, (about the time I was experimenting with GPG---which discouraged me from using it ever again.)

Programmers think hard about crypto, and they try hard to get it right, but as far as just generally securing the rest of the system, like browsers, e-mail clients, various active content plugins, Java, JavaScript, pdf readers, etc., we just don't have an effective way run this stuff and at the same time prevent unwanted code with too many privileges from running all over the system.

And I'm not talking about Windows, either. Linux may be a little better, OpenBSD better yet, who knows? But really, how do I run a secure desktop system, with say, a web browser, e-mail client, and office suite? I don't have any assurance any of this software is secure.

FluffytheObeseCatNovember 12, 2014 12:55 AM

"Mr. Kerr is a smart man in many respects but he obviously does not understand Congress at all.
They aren't going to grant the people more rights or powers at all."

I seriously doubt he has any deficits of understanding -- at least not on this score. What he is hoping for I suspect, is some very minimal, non-threatening return to public input. Bringing Congress back in the loop isn't going to hamper the critical functions of our security apparatus, despite what many well paid professional hysterics may claim. Congress is an annoyance, but not an impediment to the security state status quo. What they are is a (weak) impediment to is its continued exponential growth.

Legislative bodies have always functioned as a brake on the Executive -- including back before we existed, when the Executive was an insufficiently bathed "sovereign" in a drafty palace in Europe. That is one of their chief virtues. The people who complain most about it are generally the ones you want to keep an eye on. And keep a hand on your wallet while you are at it.

65535November 12, 2014 1:51 AM

I agree with Kerr.

“…as the technological facts change, the [FISA] rule may end up allowing a vastly different amount of surveillance [higher amount of surveillance] than was assumed when the [original FISA] rule was initially created. Second, the meaning of the law itself can become uncertain. Existing language that defines the government’s burden in one technological era may become quite fuzzy in another technological era… Over time, FISA expanded its use of ex parte orders [and continued to expand it use of ex parte orders until all Americans were wire-tapped all of the time].

Basically, the FISC became a servant to the NSA. Then NSA handed an order to the FISC and the FISC rubber stamped it - like a crudely forged SSL/TLS certificate.

In “geek” terms it became a root-kit spyware virus in and of itself. The FISC court was the “dropper” and the NSA was the Command and Control Server which controlled international bot-nets stealing any and all private information it desired. Thus, the Fourth Amendment and some of the First Amendment to the US Constitution were XOR’d into an indecipherable hash and rendered useless to the average American citizen.

ThothNovember 12, 2014 2:08 AM

@David Henderson
It is true that by only encrypting the content body, the headers are pretty much left bare without TLS encryption. Even with TLS encryption, you could still do traffic analysis and how the traffic flows. Dropping a PGP/GPG message inside a pseudo anonymous network like TOR, FreeNet or GNUnet would be much better than sending it over the conventional network channels.

TOR itself has been shown to be vulnerable to traffic analysis after much attacking done by multiple parties and I wonder if Bitmessage would be up to the task to handle secure communications. It does deserve a good security audit before people can start trusting Bitmessage.

The problem is centralized servers passing messages (email). Another viable method is RetroShare which allows you to pass messages including it's version of emails over it's secure routing network (I wouldn't call these networks as truely anonymous).

Again, it requires people to chooose whether they want to use specialized softwares to message each other securely over a pseudo anonymous routing network.

In the context of a normal SMTP/POP/IMAP setup with or without TLS, PGP/GPG only protects the content but the traffic is pretty much exposed unless it is routed in some secure routing tunnels as mentioned above.

Encrypting messages in fuzzy protocol logics and fuzzy blocks which have a plausible range of protocols would be the best way to secure a communication as the adversary does not know the exact protocol being used (protocol headers betrays) and in a routed environment using fuzzy protocols and fuzzy data blocks, it will make traffic flow much more difficult to trace and predict but such stuff is still theoretical.

In regards to endpoint security, we have the TFC project which me, Nick P and Markus Otella are throwing ideas around and experimenting ( It uses data diodes and isolated secure environment concepts. The process in such secure environments are more restricted (no USB flash disk conveniences and such) but the security return is much higher.

So, how do you balance your security oriented lifestyle ? Create logical segmentations of parts of your life you want private and secured. Are you going to talk about sensitive stuff or really private stuff you don't want others to know ? Use the high security mindset and go the extra mile to transfer encrypted keys manually across isolated secure environments (like the TFC setup) and if you don't mind people knowing some stuff, you can just use a computer for your daily internet browsing of news and all that. Segment your life and decide how much security somethings deserve and apply the appropriate effort and resources into each segment.

For starters, designate an environment for casual access, one as the intermediate and one for high security stuff and lay down different rules and different mechanisms for each one of them. High security environments should have no network access, no external devices which includes device capable of video or audio recording or playback. Transferring encrypted keys should be by manual typing of hex bytes copied from a piece of paper using a strong password to wrap it and so forth.

The medium security region allows certain monitored network access and you might want to control it's network flow directions and interactions. You may transfer encrypted keys using devices like SD cards but it much be controlled (read-only/write-only) single modes of operations to prevent key exfiltrations and such.

The low security region would allow free internet access but still monitored to a degree.

These are just some ideas.

George H. H. MitchellNovember 12, 2014 5:15 AM

Minor grammatical nit: In lawyers' talk, a rule of narrow construction argues for construing laws narrowly, not constructing them narrowly, as the text of the article shows:

Congress should enact an interpretive rule directing that government powers granted under the Foreign Intelligence Surveillance Act
(“FISA”) should be narrowly construed.

65535November 12, 2014 6:04 AM

@WhatDidYouExpect, David Henderson, Thoth, Justin

“How about businesses making their own rules without benefit of court of law.” –WhatDidYouExpect

“Verizon was caught tampering with its customer's web requests… researchers have reported ISPs in the U.S. and Thailand intercepting their customers' data to strip a security flag — called STARTTLS — from email traffic.” – EFF (and Slashdot)

Good point.

What the customer is complaining is the perceived bait-and-switch tactic by Verizon [under Verizon’s a guise of bandwidth limiting, or traffic shaping, or Quality of Service and such].

The customer bought communication bandwidth from Versizon thinking his VPN was safely on a encrypted and non-tampered circuit – only to find it stripped SSL/TLS. Worse, the customer could not send secure TLS email.

The customer possibly could have violated Verizon’s “terms of service” by piping his Netflix though the VPN bypassing Verizon’s Traffic shaping policies. But having his email stripped of privacy seemed even worse and I agree. As far as I know is legal to send an encrypted email within the USA.

Note there is some discussion of a Cisco ASA in the chain – out of Verizon’s control – which theoretically could have done the TLS flag re-write, stripping the SSL/TLS from the customer’s encryption but I am doubtful.

Mail servers should always be using TLS these days… If a person actually used PGP/GPG to encrypt the emails, whether the STARTTLS gets disabled or not, the email is still encrypted end-to-end…” –Thoth

That is basically true.

But most people use web servers belonging to Google, Yahoo, and the like because it’s “Fee” and has “HTTPS” or are forced to because of wireless internet connection, Customer high speed package with it’s fine print TOS and subsidized iPhone/Android from the Telecom provider – with little economic choice.

It would be nice to first encrypt the message with PGP/GPG and then re-encrypt it with SSL/TLS [in case of SSL stripping]. Your message would be encrypted but routing and DNS information leakage would indicate your location. But, as you said at least your message would be encrypted.

“The body of the message may be encrypted inside s/MIME encryption, but the ultimate destination and return address must be known to all the pop/imap servers in the chain.” - David Henderson

Basically, you are correct assuming you encrypted first with PGP/GPG. In the first part of the discussion it appears the customer of Verizon was given a lemon [that is he/she ways sold down the river and his communication were altered leaving his message in the clear or he was blocked altogether].

He probably did not have the ability to use PGP/GPG or could not because of his mobile contract.

I will consider BitMessage. BitMessage maybe very helpful.

“I have used PGP/GPG before and I can't say it's a viable solution.” – Justin

Very true.

PGP and GPG are not as wide spread as Google or Yahoo web mail [both of which are insecure – for economic reasons and their association with US intelligence agencies]. PGP Key exchange is a weak link as is the size of its user base. Encryption is never easy.

Returning to the beginning post by WhatDidYouExpect regarding the unfair stripping of SSL/TLS on private emails by Verizon when a customer is sold on the idea that his communication would be free from tampering - it’s as travesty. And, I would say it is also bait-n-switch scam.

If Verizon had a large printed disclaimer saying "We Strip Your SSL!" things would be different.

The reality is they can strip SSL/TLS at a whim and have their PR department handle the complaints. SSL/TLS stripping not only extends to the average Joe it extends to Lawyers, Doctors, Insurance agents, financial officers and others who are forced to public Telecoms for their communications. That stinks.

kronosNovember 12, 2014 9:39 AM

@ Justin: But really, how do I run a secure desktop system, with say, a web browser, e-mail client, and office suite? I don't have any assurance any of this software is secure.

First, download a Linux ISO from a trusted source and burn it to a DVD. Then you can boot from the DVD and have the option to run the O/S without installing it. That makes it far more difficult for someone to either corrupt your system to their own advantage or install malware.
Your system will be resistant to any bad stuff that might live through a cold boot.

MrCNovember 12, 2014 11:45 AM

Mr. Kerr's proposal rest on, among others, these two assumptions:

First, it assumes that the FISA court would faithfully apply such a rule rather than just doing whatever the hell they want in secret. Rules about interpretation, such as rules of lenity, tend to be inherently "squidgy," leaving lots of wiggle room for the trial judge to do as he or she pleases. The trial judge is kept (somewhat) honest by the possibility that a really untenable interpretation will provoke a rebuke from the appeals court or a public backlash if the press notices it. Given that neither of those checks are present in the current design of the FISA court, and considering its history of becoming a de facto rubber stamp for whatever the NSA wants, I have zero confidence the FISA court would faithfully apply Mr. Kerr's rule of lenity.

Second, it assumes that the NSA will obey the FISA court rather than just doing whatever the hell it wants in secret. We've already seen that when (on those rare and treasured occasions) the FISA court says "no," the NSA goes ahead and does what it wants to do anyway.

I think Mr. Kerr's proposal would work if the parties it applied to had good-faith intentions to voluntarily obey the law, but everything we've seen so far indicates that they don't.

KurzlegNovember 12, 2014 1:06 PM

Would this narrow construction survive a Supreme Court challenge? That's really what matters.

BoppingAroundNovember 12, 2014 4:58 PM

re: BBC article on privacy

> "At the same time, there's an overwhelming sense that consumers have lost control over the way their personal information is collected and used by companies."

Did they have any?

> the winner was the landline phone

Strange. I have very little knowledge regarding telecommunications but hasn't the landline been digital for a long time already (meaning it is probably as suspectible to wiretaps and metadata collection as everything else)?

> People tend to do what is easy."

Accurate observation.

DudNovember 12, 2014 11:52 PM

To Mr. Schneier & many wonderful commenters:

It is difficult to trust anything about the internet whilst peaceful anti-nuclear peeps are placed under multiple malvertising attacks, phishing, planted warts that bomb our threads with chatterBots/pornLinks/falseInfo/FUD/"cures"forCancer/paypalComplaints-accountClosure/etc/etc/etc in attempts to discredit and discourage those genuinely concerned citizens.

The last straw has been the BIOS attacks.

Please send help to expose the Oak Ridge malefactory which seems to originate @

Thank you for your time and consideration.

Andrew_KNovember 13, 2014 12:20 AM

@ 65535, Regarding Cisco ASA and stripping STARTTLS

The Cisco ASA brings a firewall that can perform SMTP inspection and has the option of not-allowing STARTTLS -- as can be found in their Documentation, that was a bug which seems now to be sold as a feature.

I will not comment on the question why such an option is implemented after all. But this incident has made me quite reluctant when it comes to assuming bad intention if configuration flaw is a plausible explaination, too.

65535November 13, 2014 7:12 AM


Interesting. A bug as a feature :)

The Cisco ad should highlight “We strip your SSL for no additional charge!”

What a great deal /

Coyne TibbetsNovember 13, 2014 7:00 PM

I think this is entirely the wrong approach.

Part of the reason the Constitution has the success it has had is because its rights proscriptions are broad and without qualification.

Consider a slightly modified excerpt: "Freedom of speech, excepting indecency, shall not be abridged." The wisdom of the creators of these rights was in the lack of the italicized phrase: Most people would consider that phrase reasonable. But if it were present, well, it is indecent to speak against the government, indecent to speak against the wars, indecent to talk about pollution, and etc., ad nauseum. With that phrase, the right becomes an empty shell.

Think Progress had an interesting article, A Non-Lawyer’s Guide To The Latest Supreme Court Case Attacking Obamacare on how Congress can easily define the word dog to mean "felis catus" (cats only). It's all in how you define the words, and the more words, the more possibilities for the "wrong" definition (or a deliberate misinterpretation) to be used.

So I understand what he hopes to accomplish, but I am not confident that doing it this way will accomplish any such thing.

Better instead to broadly define the protections the people have against surveillance and intrusion.

JustinNovember 13, 2014 7:36 PM

Better instead to broadly define the protections the people have against surveillance and intrusion.
That's already done in the Bill of Rights. The trouble is in the interpretation, where these rights, defined so broadly, are construed so narrowly.

Nick PNovember 13, 2014 8:36 PM

@ Coyne Tibbets

Excellent points. I'll add that we should define our rights broadly, but their powers narrowly. Their power expands easy enough so I doubt it would be a problem for them for most situations. Might be a lot better for us.

Sancho_PNovember 14, 2014 6:31 PM

@ 65535

OT: I think your posting regarding STARTTLS and SSL/TLS (Verizon) is based on unsound technical conclusions and “inflates” the issue.
As I understood they do not “strip SSL/TLS”.
It seems they strip the STARTTLS advertisement from a third party’s email provider, which, if true, would be bad enough.

@ Coyne Tibbets

We don’t need (weasel) words but meaning.
We don’t need secrecy but sincere boldness.

vas pupNovember 19, 2014 10:08 AM

I want to remind all respected bloggers that SCOTUS itself acquired the right to interpret US Constitution (and Bill of Rights as part of it) not by Constitutional articles, but its own decision Marbury v. Madison. Legislative Branch only could assign rights and authority to other branches of the Government, not vice versa. That is applied to FISC relations with the Congress as well.

The good point in the Kerr's article is an attempt to introduce deductive paradigm in the FISCourt activity (principle goes before practice/precedent), and that rule of interpretation is set up not by the Court, but by the legislature. Generally, all rights/authorities of the government should be narrow constructing when evaluated in relation to citizen rights in particular, i.e.they can do only what is directly authorized by Constitution and Laws adopted in accordance with Constitution (at least not contradicted it's Articles). For gov (executive, intel/LEAs in particular), what is not directly allowed is prohibited.
For citizens it is opposite: what is not directly prohibited by Law is allowed (broad construction). Just small remarks on subject matter.

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Resilient.