Executive Order 12333
EPIC has a long-standing interest in public oversight of government surveillance, including activities conducted under Executive Order 12333. As Professor Francesca Bignami has explained, “[t]he NSA’s original mandate was considerably elaborated and extended in Executive Order 12,333, promulgated by President Reagan in 1981.” EPIC has tracked the government’s reliance on EO 12333, particularly the reliance on Section 1:12(b)(13), which authorizes the NSA to provide “such administrative and technical support activities within and outside the United States as are necessary to perform the functions described in sections (1) through (12) above, including procurement.” This provision appears to have opened the door for the NSA’s broad and unwarranted surveillance of U.S. and foreign citizens.
Executive Order 12333 was signed by President Ronald Reagan on December 4, 1981. It established broad new surveillance authorities for the intelligence community, outside the scope of public law. EO 12333 has been amended three times. It was amended by EO 13284 on January 23, 2003 and was then amended by EO 13555 on August 27, 2004. EO 13555 was subtitled “Strengthened Management of the Intelligence Community” and reflected the fact that the Director of National Intelligence (DNI) now existed as the head of the intelligence community, rather than the CIA which had previously served as the titular head of the IC. EO 13555 partially supplemented and superseded EO 12333. On July 30, 2008, President George W. Bush signed EO 13470, which further supplemented and superseded EO 12333 to strengthen the role of the Director of National Intelligence.
Since the Snowden revaluations there has been a great deal of discussion regarding the activities of the IC community, but relatively little attention has been paid to EO 12333. EO 12333 often serves an alternate basis of authority for surveillance activities, above and beyond Section 215 and 702. As Bruce Schneier has emphasized, “Be careful when someone from the intelligence community uses the caveat “not under this program,” or “not under this authority”; almost certainly it means that whatever it is they’re denying is done under some other program or authority. So when[NSA General Counsel Raj] De said that companies knew about NSA collection under Section 702, it doesn’t mean they knew about the other collection programs.” Senator Dianne Feinstein (D-CA), Chair of the Senate Intelligence Committee, has said in August 2013 that, “The committee does not receive the same number of official reports on other NSA surveillance activities directed abroad that are conducted pursuant to legal authorities outside of FISA (specifically Executive Order 12333), but I intend to add to the committee’s focus on those activities.” In July 2014, a former Obama State Department official, John Napier Tye, wrote an Op-Ed in the Washington Post calling for greater scrutiny of EO 12333. Tye noted that “based in part on classified facts that I am prohibited by law from publishing, I believe that Americans should be even more concerned about the collection and storage of their communications under Executive Order 12333 than under Section 215.”
Structure of EO 12333
EO 12333 is divided into three parts (this describes the current EO 12333 as amended). The first part is the bulk of the order, describing the overall goals, directions, duties, and responsibilities of U.S. intelligence efforts. The second part applies to the actual conduct of intelligence activities and includes a prohibition on assassination. The third part consists of general provisions and includes general definitions, implementation, and the requirement of compliance with congressional oversight.
Part 1: Goals, Directions, Duties, and Responsibilities with Respect to United States Intelligence Efforts
- 1:1 Goals
- 1.2 The National Security Council
- 1.3 Director of National Intelligence
- 1.4 The Intelligence Community
- 1.5 Duties and Responsibilities of the Heads of Executive Branch Departments and Agencies
- 1.6 Heads of Elements of the Intelligence Community
- 1.7 Intelligence Community Elements
- a) The Central Intelligence Agency
- b) The Defense Intelligence Agency
- c) The National Security Agency
- d) National Reconnaissance Office
- e) The National Geospatial-Intelligence Agency
- f) The Intelligence and Counterintelligence Elements of the Army, Navy, Air Force, and Marine Corps
- g) Intelligence Elements of the Federal Bureau of Investigation
- h) The Intelligence and Counterintelligence Elements of the Coast Guard
- i) The Bureau of Intelligence and Research, Department of State; The Office of Intelligence and Analysis, Department of the Treasury; The Office of National Security Intelligence, Drug Enforcement Administration; The Office of Intelligence and Analysis, Department of Homeland Security; and the Office of Intelligence and Counterintelligence, Department of Energy.
- j) The Office of the Director of National Intelligence.
- 1.8 Department of State
- 1.9 The Department of the Treasury
- 1.10 The Department of Defense
- 1.11 The Department of Homeland Security
- 1.12 The Department of Energy
- 1.13 The Federal Bureau of Investigation
Part 2: Conduct of Intelligence Activities
- 2.1 Need
- 2.2. Purpose
- 2.3 Collection of Information
- 2.4 Collection Techniques
- 2.5 Attorney General Approval
- 2.6 Assistance to Law Enforcement and Other Civil Authorities
- 2.7 Contracting
- 2.8 Consistency With Other Laws
- 2.9 Undisclosed Participation in Organizations Within the United States
- 2.10 Human Experimentation
- 2.11 Prohibition on Assassination
- 2.12 Indirect Participation
- 2.13 Limitation on Covert Action
Part 3: General Provisions
- 3.1 Congressional Oversight
- 3.2 Implementation
- 3.3 Procedures
- 3.4 References and Transition
- 3.5 Definitions
- 3.6 Revocation
- 3.7 General Provisions
In 2012, EPIC sought and obtained from the Office of the Director of National Intelligence the guidelines for the National Counterterrorism Center (NCTC). The NCTC is a part of the intelligence community, which operates under the authority of EO 12333.EPIC has stressed through its comments, statements, and testimony that U.S. intelligence agencies should not exercise broad authority without oversight. Executive Order 12333 is such a case, an order that has never been subject to meaningful oversight by either courts or Congress. Senator Dianne Feinstein, the Chair of the Senate Intelligence Committee, referring to EO 12333, has said, “I don’t think privacy protections are built into it. It’s an executive policy. The executive controls intelligence in the country.”
Ronald Reagan executed the order in 1981. Executive Order 12333 authorizes the collection of not only metadata, but of the actual communications of US citizens, so long as the communications are collected “incidentally.” These communications can then be held for five years, as described by a document that the Director of National Intelligence recently declassified. The NSA has used Executive Order 12333 to justify, among other things, the interception of unencrypted data between Google and Yahoo data centers. None of the currently proposed reforms address the over-broad surveillance authorities established by Executive Order 12333. EPIC has long urged PCLOB to move beyond their Section 215 and Section 702 investigations and examine the scope of information under EO 12333 and the need for greater public oversight. As EPIC Advisory Board member Steven Aftergood has noted, “If they deviated from their own rules, how would it be discovered? I am not satisfied that they have an answer to that question.”
EPIC’s FOIA Requests
In mid-2014, EPIC requested from multiple government agencies “records related to the government’s surveillance and collection of electronic communications outside the United States under EO 12333, and other related EOs, including the collection and interception of messages, metadata, and other transactional and business records regarding e-mail, telephone, and Internet usage.”
The Office of the Director of National Intelligence also announced on February 3, 2015, that pursuant to Presidential Policy Directive 28 the members of the Intelligence Community have revised their policies and adopted new rules regarding the retention and minimization of signals intelligence. Those policies are linked below:
- Office of the Director of National Intelligence
- Central Intelligence Agency
- National Security Agency
- National Reconnaissance Office
- Federal Bureau of Investigation
- Department of Homeland Security
- Drug Enforcement Agency
- State Department
- Treasury Department
- Department of Energy
- U.S. Coast Guard
- See also Commandant Instruction M3820.12, Coast Guard Intelligence Activities, Procedure 5. (Received Jan. 2, 2015).
- Other DOD IC Elements
- National Security Agency
- First production (received March 16, 2015)
- Second production (received January 26, 2016)
- Privacy and Civil Liberties Oversight Board
- FOIA Request (June 13, 2017)
- Production (received Oct. 18, 2017)
- Current Executive Order 12333 as amended.
- Executive Order 12333, with hyperlinks.
- Executive Order 13470, “Further Amendments to Executive Order 12333, United States Intelligence Activities. Signed by President George W. Bush, July 30, 2008.
- Executive Order 13355, “Strengthened Management of the Intelligence Community,” amending EO 12333. Signed by President George W. Bush on August 27, 2004.
- Executive Order 13284. Signed by President George W. Bush on January 23, 2003.
- Executive Order 12333 as originally written and signed by President Reagan.
- President’s Review Group, Liberty and Security in a Changing World, December 12, 2013. Recommendation 12 (pp145-150) is now believed to call for reform of EO 12333, not just Section 702 of the FISA Amendments Act.
- Office of the Director of National Intelligence, Civil Liberties and Privacy Office, Description of Civil Liberties and Privacy Protections Incorporated in the 2008 Revisions of Executive Order 12333, August 2008 (revised August 2013).
- Department of Justice, The Attorney General’s Guidelines for Domestic FBI Operations, September 29, 2008.
- Department of the Army, Army Regulation 381-10, May 3, 2007.
- Department of Defense, Procedures Governing the Activities of DOD Intelligence Components that Affect United States Persons, December 1982.
- Church Committee Reports.
- EPIC, Jeramie Scott, Prepared Statement for the Record before the Privacy and Civil Liberties Oversight Board on EO 12333, July 23, 2014.
- Marc Rotenberg, The Sui Generis Privacy Agency: How the United States Institutionalized privacy Oversight After 9-11, SSRN.
- Steven Aftergood, Hearing on Secret Law and the Threat to Democratic and Accountable Government, Before the Subcommittee on the Constitution of the U.S. Senate Judiciary Committee, April 30, 2008
- Request for Agencies to Update Guidelines under EO 12333, Privacy and Civil Liberties Oversight Board, August 22, 2013.
- Laura K. Donahue, “In the Name of National Security: U.S. Counterterrorist Measures, 1960-2000.” BCSIA Discussion Paper 2001-6, John F. Kennedy School of Government, Harvard University, August 2001.
- Ellen Nakashima and Ashkan Soltani, Privacy Watchdog’s Next Target: The Least-Known But Biggest Aspect of NSA’s Surveillance, The Washington Post, July 23, 2014.
- Conor Friedersdorf, New Surveillance Whistleblower: The NSA Violates the Constitution, The Atlantic, July 21, 2014.
- Jon Wolverston, Disclosure: Reagan NSA Order Worse than Patriot Act, The New American, July 20, 2014.
- John Napier Tye, Meet Executive Order 12333: The Reagan Rule that Lets the NSA Spy on Americans, Washington Post, July 18, 2014.
- Rainey Reitman, Former State Department Executive Calls EO 12333 a ‘Legal Loophole’ for Spying on Americans, Electronic Frontier Foundation, July 18, 2014.
- Alex Abdo, The NSA’s Other Privacy Loophole, ACLU, July 18, 2014.
- Hiawatha Bray, Scholars Warn of NSA Loopholes, The Boston Globe, July 10, 2014.
- Spencer Ackerman, NSA Reformers Dismayed After Privacy Board Vindicates Surveillance Dragnet, The Guardian, July 2, 2014.
- Zack Whittaker, Secret Loopholes Drive NSA’s ‘unrestrained surveillance’ on Americans, CNET.com, June 30, 2104.
- Bruce Schneier, Don’t Listen to Google and Facebook: The Public-Private Surveillance Partnership is Still Going Strong, The Atlantic, March 25, 2014.
- Ali Watkins, Most of NSA’s Data Collection Authorized by Order Ronald Regan Issued, McClatchy DC, November 21, 2013.
- Bart Gellman and Ashkan Soltani, NSA Collects Millions of Email Address Books Globally, The Washington Post, October 14, 2013
- Wired, U.S. Makes Spy Images Inside the U.S, Associated Press, September 26, 2004.