The purpose of the Privacy and Civil Liberties Oversight Board is two-fold: to analyze and review actions the executive branch takes to protect the nation from terrorism, ensuring that the need for such actions is balanced with the need to protect privacy and civil liberties; and to ensure that liberty concerns are appropriately considered in the development and implementation of law, regulations and policies related to efforts to protect the nation against terrorism.
The Board has two main functions: (a) advice and counsel on policy development and implementation and (b) oversight. Its functions include reviewing proposed legislation, regulations and policies; advising the President and the departments and agencies of the executive branch; and continually reviewing the implementation of the regulations, policies, and procedures of the executive branch relating to terrorism to ensure that privacy and civil liberties are protected. In addition, the Board is specifically charged with responsibility for reviewing the terrorism information sharing practices of executive branch departments and agencies to determine, whether they adhere to guidelines designed to appropriately protect privacy and civil liberties.[2][3] In the course of performing these functions, the Board shall coordinate with the privacy and civil liberties officers in the relevant departments and agencies.
The Board is authorized to have access to all relevant information necessary to fulfill its role, including classified information consistent with applicable law. The Board is required to report to Congress not less than semiannually.
History
2004–2006: Creation within the Executive Office
Recommended by the 9/11 Commission Report issued on July 22, 2004, the Privacy and Civil Liberties Oversight Board was initially established by the Intelligence Reform and Terrorism Prevention Act of 2004.[4] It consisted of five members appointed by the President, with the board being part of the Executive Office of the President and was supported by an Executive Director and staff. In February 2005, a majority of Minnesota congresspersons and senators had nominated Coleen Rowley to serve on the Board,[5] but President George W. Bush did not nominate her.
The first Board members from 2006 were Carol E. Dinkins, of Texas, Chairwoman; Alan Charles Raul, of the District of Columbia, Vice Chairman; Theodore B. Olson, of Virginia; Lanny Davis, of Maryland, and Francis X. Taylor, of Maryland. The Chairwoman and Vice Chairman were confirmed by the Senate on February 17, 2006. All Board members were sworn in and had their first meeting on March 14, 2006. On May 14, 2007, Lanny Davis resigned, charging that the White House had sought to control the content of a Board report.[6]
2007–2012: Lack of quorum
From 2007 until August 2012, the Board did not have a quorum.[citation needed]
In January 2007, H.R. 1 ("Implementing Recommendations of the 9/11 Commission Act of 2007"), aimed to reconstitute the board as an independent agency, composed of 5 Senate confirmed members serving staggered six-year terms and passed the U.S. House of Representatives. The Senate companion bill, ("Improving America's Security Act of 2007", S. 4), passed on March 13, 2007. The House language prevailed upon reconciliation and on August 3, 2007 President Bush signed the Implementing Recommendations of the 9/11 Commission Act of 2007, into law.[7] In January 2008, the changes took effect, at which time the original Board ceased to exist.
On February 27, 2008, the Senate received President George W. Bush's first three nominations to the revamped PCLOB: Daniel W. Sutherland, Officer for Civil Rights and Civil Liberties at the Department of Homeland Security, to serve a six-year term as chair of the board; Ronald D. Rotunda, professor of law at George Mason University, to serve a four-year term as a member of the PCLOB; and Francis X. Taylor, a former member of the board, to a serve a two-year term. On September 8, 2008, President Bush made a fourth nomination, of James X. Dempsey, senior counsel at the Center for Democracy and Technology, to serve a five-year term. The nominations were referred to the Senate Committee on the Judiciary, which took no further action.[6]
In December 2010, President Barack Obama nominated two persons to the Board: Dempsey, and Elisebeth Collins Cook, a former Assistant Attorney General at the U.S. Department of Justice and, at the time, a partner in a Chicago law firm.[8][9][10] Those nominations expired at the end of the 111th Congress.
In January 2011, President Obama re-nominated Dempsey and Cook.[11] In December 2011, the Obama administration announced to revitalize the Board as a check against its proposed cybersecurity policies and measures.[12] and the President made three more nominations: David Medine, a former associate director of the Federal Trade Commission, as chairman; Rachel Brand, Chief Counsel for Regulatory Litigation at the U.S. Chamber of Commerce and a former Assistant Attorney General at the United States Department of Justice, as a member; and Patricia M. Wald, a former federal appeals-court judge, as a member.[13]
On August 2, 2012, the Senate confirmed Dempsey, Brand, Cook, and Wald,[14] but did not act upon the nomination of David Medine to be chair at that time.
2013: Independent agency begins work
In January 2013, the White House re-nominated David Medine as chair,[15] and the Senate confirmed him on May 7, 2013 in a 53–45, party-line vote.[16]
On July 9, 2013, the Board held its first public workshop and its first substantive hearing on November 4, 2013.[17]
On January 23, 2014, the board released its first report. It was the first comprehensive review of the NSA warrantless surveillance program instituted under the Patriot Act, after Edward Snowden had released classified documents from the NSA.[18][19] It includes reviews of classified information and briefings with officials from the Department of Justice, FBI, NSA, and CIA.[19]
The report found two main problems with the NSA's surveillance program: it "lacks a viable legal foundation"[18][20] and there is "little evidence that […] NSA's bulk collection of telephone records actually have yielded material counterterrorism results that could not have been achieved without the NSA's Section 215 program."[21]
The PCLOB report argued that the legal basis for NSA surveillance programs in Section 215 of the Patriot Act, allows only the FBI to collect bulk data for investigations and that the NSA is not directly permitted to do so. The report found that the NSA's reliance on a 2004 Foreign Intelligence Surveillance Act (FISA) court opinion approving the bulk collection of Internet metadata does not correctly apply to the situation: "The government should not base an ongoing program affecting the rights of Americans on an interpretation of a statute that is not apparent from a natural reading of the text".[19]
The report said that data collected by the NSA did not contribute uniquely to any FBI criminal investigations and that the PCLOB did not find a single case where NSA surveillance programs directly contributed to the disruption of a terrorist attack. Additionally, there is only one instance where NSA data helped identify an unknown terrorism suspect. Since the NSA collects data as it is generated, the PCLOB argued that the collection process violated the Electronic Communications Privacy Act, could not be directed towards any specific investigation, and that the information could not be treated as relevant to any FBI investigation except in response to specific enumerated circumstances.[19] The PCLOB found no evidence of bad faith or misconduct on the part of the NSA, but that the technological complexity and vast scope of surveillance programs coupled with the potential for governmental abuse of power posed an inherent risk to Americans.
The report noted that although the FISA court was designed to hear cases regarding foreign surveillance, FISA does not provide a mechanism for the court to allow non-governmental parties to provide arguments against government surveillance proposals or otherwise participate in court proceedings.[19] As a result, there are very few appeals of FISA court decisions.
The PCLOB report recommended that the US end bulk data collection and that the FISA court judges' decision making "would be greatly enhanced if they could hear opposing views when ruling on requests to establish new surveillance programs"[19] to increase public confidence in intelligence and surveillance programs. It recommended that the government should promote more transparency to inform public debate on technology, national security, and civil liberties. Among other things, the board recommended that the FISA court should declassify its rulings and opinions of the FISA court and establish a Special Advocate board should be formed. These measures would allow citizens to bring up surveillance concerns in court, challenge government surveillance proposals, and help keep the proceedings of the court more transparent.[citation needed]
Some people initially viewed the PCLOB with skepticism, since the board was convened to protect the American public against privacy intrusions by their own government.[17] Under the board's statute, only the Chairperson is a full-time employee and has the power to hire staff. Since Medine was not confirmed until May 7, 2013, it was not until after that time that the Board was finally able to begin to engage in any substantial projects.
Proposals to strengthen the Board
In 2015, Ron Wyden (D-OR) in the Senate and Tulsi Gabbard (D-HI-2) in the House spearheaded, along with co-sponsors Tom Udall (D-NM) and Trey Gowdy (R-SC-4), the Strengthening Privacy, Oversight, and Transparency (SPOT) Act,[22] to, as Udall stated, strengthen the PCLOB and "significantly improve the oversight and accountability of the nation's intelligence community to protect Americans' constitutional rights."[23][24]
In 2017, the House bill H.R. 3523, the Cyber Intelligence Sharing and Protection Act (CISPA) of 2011, proposed that the PCLOB issue annual reports on the civil liberties and privacy impact of CISPA's provisions for the sharing of "cyber threat" information and intelligence between the government and private companies. It would have made PCLOB responsible for reporting on privacy and civil liberty intrusions under its information sharing program. The bill died in Congress.[25]