Governance & Risk Management , Standards, Regulations & Compliance

Paris Attacks' Impact on U.S. Lawmaking

Patriot Act Renewal Seen Likely After Deadly Terrorist Assaults
Paris Attacks' Impact on U.S. Lawmaking
Ex-DHS Undersecretary George Foresman discusses the Paris attacks.

The Paris terrorist attacks could make it more likely Congress will renew the USA Patriot Act and less likely that lawmakers will curtail a program to collect metadata on telephone conversations of Americans.

See Also: Webinar | Navigating the SEC Rules for Enhanced Cybersecurity in IT and OT Environments

"The horrific attacks in France makes it easier for the Congress of the United States to continue those programs that are essential to the security of the country," former Homeland Security Undersecretary George Foresman says.

Richard Stiennon, an IT security consultant who wrote the book, "Surviving Cyberwar," picks up Foresman's theme. "Supporters of the surveillance state are already using the Charlie Hebdo massacre as justifying their activities," says Stiennon, referring to the terrorists gunning down staff members at a satirical French publication. "Even though the Paris attack is an obvious law enforcement failure - suspects had long criminal records - U.S. legislation for more mass surveillance of communication and more budget for the NSA and FBI will quickly be enacted."

Impact on DHS Funding

Lawmakers are set to increase funding for the Department of Homeland Security as well. Unlike other government agencies, the last Congress - with Republicans frustrated over President Obama's unilateral moves on immigration policy - refused to fund for the remainder of the fiscal 2015 the budget for DHS, which oversees customs and border protection as well as immigration and customs enforcement.

But on Jan. 6, the House Appropriations Committee approved a bill to fully fund DHS, at $39.7 billion, including $753.2 million for cybersecurity operations in the National Programs and Protection Directorate, which sustains improvements to the federal network security and network security deployment programs to help blunt cyber-attacks and foreign espionage. The full House is expected to take up that bill shortly.

Section 215 of the Patriot Act

Key surveillance provisions of the Patriot Act, the anti-terrorism statute Congress enacted after the Sept. 11 terrorist attacks, expire at the end of 2015. Former senior government policymakers say the events in France last week could make it more difficult for lawmakers to restrict provisions of one part of that law, Section 215, that's used by the government to justify the bulk collection of phone records' metadata that could be used to identify terrorists.

"A good way to catch transnational terror plotters like those in Paris is when they call their trainers and inspirers abroad," says Stewart Baker, a former assistant secretary for policy at the Department of Homeland Security, who now heads the homeland security practice at the law firm Steptoe & Johnson. "Paris is going to make it hard for Congress simply to let the 215 program expire, because that's exactly what the program is designed to do. If anything, we ought to be asking how to make the program more effective and comprehensive, while also looking for practical privacy protections."

The federal government has used Section 215 of the USA Patriot Act to compel American telecommunications companies to provide the National Security Agency records that contain the metadata of phone calls made by millions of Americans, such as phone numbers called and the time they occurred. Supporters of bulk collection say the contents of the communications themselves cannot be intercepted by authorities and the metadata gathered is only used by authorities to link the calls to suspected terrorists overseas. Opponents contend the collected metadata from calls made by Americans could be pieced together to reveal information about citizens that could threaten their civil liberties.

Mindset of the American Public

In September, Attorney General Eric Holder and Director of National Intelligence James Clapper endorsed language in legislation that would have limited, but not entirely eliminated, government surveillance of phone calls. The bill to do just that - the Senate version of the USA Freedom Act - never came up for a vote, having failed to overcome a filibuster by opponents.

Foresman says he doesn't see Congress enacting legislation that would prevent authorities from collecting intelligence that could thwart a Paris-like attack in the United States. And that includes collecting and analyzing the metadata of communications collected in bulk by the NSA, as long as the culled data isn't being used to infringe the privacy and civil liberties of Americans, he says. "The mindset of the American public is going to be, 'What are you doing to ensure the NSA is not going to spy on me, but are doing to keep me secure?"

Still, a supporter of the USA Freedom Act says he doesn't believe the Paris terrorist attacks would prevent Congress from reconsidering a new version of the bill, which is likely to be introduced in the new legislative session. "We've seen this argument play out before, but I continuously point to the letter sent by Gen. Clapper and Attorney General Holder noting that the proposed NSA reform last year would not have disrupted operational capabilities," says Mark Jaycox, a legislative analyst at the digital civil liberties advocacy group the Electronic Frontier Foundation.


Rand Corp.'s Martin Libicki addresses the challenge of connecting the dots to stop terror and cyber-attacks.

The debate over curtailing bulk collection doesn't mean American intelligence agencies have put their guard down after the Paris attacks. But unlike Britain, where the head of its MI5 domestic intelligence agency called for new powers to fight extremism, warning that the risk of an attack in the United Kingdom remains "highly likely," no such declaration has yet to come from his counterparts in the United States (see Surveillance Demands Follow Paris Massacre).

British Prime Minister David Cameron, meanwhile, is promising to reintroduce controversial surveillance legislation - derided as the "Snooper's Charter" by critics - if his Conservative party wins the next general election. The legislation, together with a "more comprehensive approach" to surveillance, is required to better combat the "poisonous death cult" of Islamist extremists, Cameron told BBC Radio (see UK Debates Rebooted 'Snooper's Charter').

American intelligence and law enforcement agencies have been on higher alert for potential terrorists' attacks in the United States as they cull databases for information that track the activities of known and potential terrorists and their supporters. Foresman says: "No doubt everyone in the intel community woke up (the day after the attacks) with fresh guidance from on up high, asking, 'Look, if this happened in France, is this indicative of a pending plot in the U.S.? Is there higher likelihood that we're going to have copycat attacks?"


About the Author

Eric Chabrow

Eric Chabrow

Retired Executive Editor, GovInfoSecurity

Chabrow, who retired at the end of 2017, hosted and produced the semi-weekly podcast ISMG Security Report and oversaw ISMG's GovInfoSecurity and InfoRiskToday. He's a veteran multimedia journalist who has covered information technology, government and business.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.