The American Civil Liberties Union (ACLU) Tuesday urged the Sergeants at Arms in both the Senate and the House to take steps to better secure Congress and staffers by adopting “widespread encryption” and allowing “member offices to adopt secure technology on their own initiative.”
Noting in a letter that the U.S.'s “tripartite system of government works best when each branch…is independent and functionally able to serve as an effective check on the other,” the letter, penned by the ACLU's Gabe Rottman, legislative policy counsel, and Christopher Soghoian, principal technologist, Speech, Privacy, and Technology Project, contended that Congress cannot fulfill its oversight duties if it isn't insulated “from influence by bad actors outside government.”
The civil rights organization said a clear lesson from the CIA's search of a firewalled hard drive of the committee investigating torture should be that “secure communications facilities preserve effective checks and balances in constitutional government, and insecure facilities threaten them.”
The checks and balances preserve individual liberties and civil rights, the pair wrote, and protect those liberties and rights of “Congressional and government employees, who are themselves attractive targets of both foreign adversaries and, indeed, insider threats.”
The letter's writers pointed to breach at the Office of Personnel Management (OPM) that exposed sensitive information on 22 million government workers as making it “starkly clear” that steps need to be taken to protect Congressional communications from interception by outsiders or insiders intent on doing harm.
“We urge you to ensure that members of Congress and staff have the tools and training necessary to protect their communications,” the letter said.
Rottman and Soghoian reminded the sergeants in arms that the cell phone networks are insecure and their vulnerabilities can be and are being exploited by foreign governments, which blatantly monitor them. They noted that “special purpose cellular surveillance products, which are sold by surveillance companies in Russia, China, and Israel to governments around the world, are now among the “bestselling items” at surveillance industry trade shows.”
To date, though, only the communications of the President and other high-ranking national security officials have been safeguarded by the National Security Agency (NSA), but “those officials are the exceptions, not the norm.” The letter asked that the same level of protection be given to others. “Most policy makers in government, including members of Congress and their staff, are not provided with the tools necessary to protect their communications from interception,” the letter's writers said, positing that “widespread Congressional adoption of encryption offers a way forward.”
The duo pointed to modern smartphone apps that offer strong encryption, noting that the ACLU, national security journalists and others often use the communications encryption app Signal from Open Whisper Systems.
“There are no significant barriers to providing members of Congress with encrypted communications tools,” the letter said, noting that “encrypted voice, video, and text communications apps—FaceTime and iMessage—are built into Apple's mobile operating system and thus are already available to every member or staffer with an iPhone” and that apps like Signal and WhatsApp “are free and can be easily downloaded” from app stores. “Congress could take easy and cheap steps today to ameliorate” the growing threat of foreign and domestic interception of their communications.
The ACLU operatives stressed the importance of acting quickly. “The OPM hack, and the experience of the Senate intelligence committee with the CIA's facilities, lay bare the need to better protect Congress's oversight function by guaranteeing the integrity of its communications,” the letter said.