US tech devices may be forced to become "spy machines"
And not even VPN services can protect your privacy
The US House of Representatives recently agreed to reauthorize a controversial spying law, referred to as Section 702 of the Foreign Intelligence Surveillance Act (FISA). Not only did the House expand its mandate for at least two more years, but it also widened its reach considerably. While the US Senate is now set to vote on the legislation, many commentators are worried.
Dubbed by privacy advocates as a "Make Everyone A Spy" provision, one particular amendment has attracted lots of criticism. The reformed FISA seeks to extend the definition of US electronic communication service providers required to spy on people's calls, texts, and emails. This is a level of surveillance that not even the best VPN services would be able to mitigate.
The US Senate is expected to vote on what's known as the Reforming Intelligence and Securing America Act (RISAA) on Wednesday, April 17, 2024. What's certain now is that an agreement will strike a major blow to everyone's privacy—no matter if you're a foreigner living overseas or an American citizen.
A dangerous bill
Ron Wyden, the senior US senator from Oregon, is one of the many commentators who has stood up against what he described as "a dangerous bill."
"This provision is not necessary and there’s certainly no justification for this vast expansion of surveillance authorities," Wyden said in the Senate a day before the vote, urging his colleagues to reject these expanded powers—see the video below.
1/ 🚨🚨🚨WATCH: Senator @RonWyden's floor speech on a terrifying provision in the FISA Section 702 bill (RISAA) that will virtually make everyone a spy is both dystopian and realistic. We urge everyone to call their U.S. Senators ASAP at 202-899-8938 and tell them to vote NO! pic.twitter.com/qCzcf72hKRApril 17, 2024
Section 702 is a spy program established over a decade ago, in the wake of the 9/11 terrorist attack. It enables the government to force major telecommunication companies to "cooperate" with authorities during anti-terrorist investigations by eavesdropping on people's private communications.
FISA's targets are supposed to be selected foreign citizens living abroad. Yet, many American conversations have been wiretapped over the years under this law. Reports of abuses carried on by FBI agents showed how this regulation was illegally used to get into the communications of tens of thousands of American protesters, journalists, and politicians.
Get daily insight, inspiration and deals in your inbox
Sign up for breaking news, reviews, opinion, top tech deals, and more.
The RISAA bill is meant to do two things. It seeks to renew Section 702 ahead of its expiration deadline of April 19, while introducing new amendments to expand its scope and make the regulation fit for today's internet technology landscape.
According to the most concerning of these provisions, "any other service provider who has access to equipment that is being or may be used to transmit or store wire or electronic communications" will be required to spy on people's communication upon government request. A duty that, since now, was exclusive to telecommunications, email service providers, and similar companies.
"[This] means that if you have access to any communication, the government can force you to help it spy. That means anybody with access to a server, a wire, a cable box, a Wi-Fi router, a phone, or a computer," said Wyden, arguing that this may include IT engineers as much as people cleaning offices or guarding buildings.
"If this provision is enacted, the government can deputize any of these people against their will and force them, in effect, to become what amounts to an agent for Big Brother," he added.
If you work at a US tech firm, this bill could transform your whole company into a spy machine—whether you like it or not—and will be voted on in DAYS. The 𝐞𝐧𝐭𝐢𝐫𝐞 𝐢𝐧𝐝𝐮𝐬𝐭𝐫𝐲 needs to be lobbying to kill this thing. This is what a red alert looks like. https://t.co/bOQoEjVoYiApril 15, 2024
The long list of opponents even includes former President Donald Trump, who's calling to "Kill FISA." While privacy advocate and exiled whistleblower Edward Snowden took to X (formerly Twitter) to pledge his support that the tech industry fight back before the new law "could transform your whole company into a spy machine."
What's next for online privacy?
As mentioned, RISAA's boost to the US surveillance machine will have dire consequences for our online privacy—whether or not we live in the United States.
For starters, "the US does not recognize any foreign citizen abroad as having privacy rights," WIRED reported. This means that while the spy project should target individuals believed to have ties with Hamas, ISIS, or any designated terrorist groups, any one of us might end up having our conversation wiretapped by US spy agencies without even the US Congress knowing about it.
Privacy violations aren't difficult to foresee for American residents, either. As Wyden pointed out, reproductive data tracking has already become even more invasive across the 15 US states that banned abortion.
"Congress needs to safeguard Americans’ privacy, not give the President new surveillance powers," he said.
The biggest irony, perhaps, is that while people in the US are getting closer to having their privacy protected by federal law for the first time, the RISAA could end up thwarting these efforts, once again.
Chiara is a multimedia journalist committed to covering stories to help promote the rights and denounce the abuses of the digital side of life—wherever cybersecurity, markets and politics tangle up. She mainly writes news, interviews and analysis on data privacy, online censorship, digital rights, cybercrime, and security software, with a special focus on VPNs, for TechRadar Pro, TechRadar and Tom’s Guide. Got a story, tip-off or something tech-interesting to say? Reach out to chiara.castro@futurenet.com