The Limits of Oversight and the PCLOB

(Update below)

Today, the nominees to the Privacy and Civil Liberties Board (PCLOB) were voted from the Senate Judiciary Committee for full consideration in the Senate. It looks like the Senate is finally going to act to nominate five people to fill this vital oversight board. While this is an important step, it’s also something of a good government scandal and certainly a cautionary tale about the limits of oversight.

The scandalous part is simple: it took us five years to get here. Back in 2007, the PCLOB was reconstituted from an Executive branch function with limited authority and independence to a stronger independent body (i.e., an independent commission like the FTC, FCC etc.). It was formally tasked with two purposes:

(1) analyze and review actions the executive branch takes to protect the Nation from terrorism, ensuring that the need for such actions is balanced with the need to protect privacy and civil liberties; and

(2) ensure that liberty concerns are appropriately considered in the development and implementation of laws, regulations, and policies related to efforts to protect the Nation against terrorism.

Apparently that level of oversight and independence was too much for both Democratic and Republican administrations to stomach. Through the simple expedient of not nominating anyone to fill the vacant seats, the PCLOB was a dead letter from 2007 until now.

In spite of numerous appeals from advocates and lawmakers, neither President Bush nor President Obama wanted an independent eye on what was happening with counter-terrorism policy in the U.S. Here are at least three guesses why that might be the case. Seemingly, it was only the pressure of an election year that forced action. A pretty straightforward lesson: if there is no one doing the oversight job, there is no danger of bad practices being uncovered.

Then there is the question of resources or the lack thereof. We wrote an in-depth report on this a few years ago, but one of the basic takeaways is that the national security establishment is huge, with tens of thousands of employees and a budget of more than $60 billion . The NSA alone has more than 30,000 employees. Contrast that with the PCLOB. It’s currently authorized (if it finally gets filled) to spend a whopping $900,000 and hire ten full-time employees for the 2012 fiscal year. With this level of staffing, it’s hard to imagine that the Board and its investigators can even begin to understand this vast national security infrastructure, never mind properly oversee it.

Nor are all resource issues just about money. To give just one example, the PCLOB does not have subpoena authority—it cannot force an agency to produce documents or answer questions on its own. Instead it has to ask the Attorney General to enforce a subpoena when it gets stonewalled. That’s another cumbersome barrier and a real threat to its independence.

In addition, Congress has an almost infinite expectation of what the PCLOB can accomplish. When it was created, the Board was tasked with reviewing all proposed and existing legislation, regulations, and policies related to terrorism, and advising the President and executive branch on whether there was an appropriate balance between terrorism power and civil liberties. More recently it was suggested that the board oversee cybersecurity as well. It’s exhausting just thinking about ten people trying to do all that.

One final example. Recently the National Counter Terrorism Center (NCTC) made a huge change to how intelligence agencies handle information that is gathered about U.S. persons. Instead of treating such collection as a mistake and requiring the data be discarded within 180 days (the old policy), it now allows information on innocent Americans with no connection to terrorism to be held, analyzed, and shared for up to five years. Information on millions of Americans is flowing through the NCTC and its enormous intelligence apparatus, used in a wide variety of ways and shared for almost any security-related reason. Who has the responsibility for monitoring and overseeing this entire system? The PCLOB, of course.

We’ll happily work with and try to assist the PCLOB, and if and when they uncover real wrongdoing we’ll applaud them for it. But realistic policy making demands that we understand the limits of what this institution can do and how much oversight work is still left to be done. Congress should act to ramp up the Board and expand its hiring authority. With all the billions we spend on our national security establishment, we need to make sure we have checks and balances that are commensurate with the challenge.

Update (May 17)

Statement from Senate Judiciary & Chair Sen. Patrick Leahy