I really didn’t give this report much respect coming out of the gate for the word-leaked-out, was that it does nothing to stop the NSA’s abuse.   However, I have deep respect for Richard Clarke who was one of the five, so I felt compelled to read the whole thing

Since I’m sure few of you will venture to read the entire report, If something jumps out, I jotted it down below…

1. The United States Government must protect, at once, two different forms of security: national security and personal privacy.

In addition to reducing risks to national security, public officials must consider four other risks:

• Risks to privacy;
• Risks to freedom and civil liberties, on the Internet and elsewhere;
• Risks to our relationships with other nations; and
• Risks to trade and commerce, including international commerce.

We recommend that Congress should end such storage and transition to a system in which such metadata is held privately for the government to query when necessary for national security purposes.

In our view, the current storage by the government of bulk meta-data creates potential risks to public trust, personal privacy, and civil liberty.

We recognize that the government might need access to such meta-data, which should be held instead either by private providers or by a private third party. This approach would allow the government access to the relevant information when such access is justified, and thus protect national security without unnecessarily threatening privacy and liberty.

We endorse a broad principle for the future: as a general rule and without senior policy review, the government should not be permitted to collect and store mass, undigested, non-public personal information about US persons for the purpose of enabling future queries…

We also recommend that legislation should be enacted authorizing telephone, Internet, and other providers to disclose publicly general information about orders they receive directing them to provide information to the government. Such information might disclose the number of orders that providers have received, the broad categories of information produced, and the number of users whose information has been produced…

We recommend that, in the absence of a specific and compelling showing, the US Government should follow the model of the Department of Homeland Security and apply the Privacy Act of 1974 in the same way to both US persons and non-US persons.

We recommend a series of organizational changes.  We believe that the Director should be a Senate-confirmed position, with civilians eligible to hold that position; the President should give serious consideration to making the next Director of NSA a civilian. NSA should be clearly designated as a foreign intelligence organization….

The head of the military unit, US Cyber Command, and the Director of NSA should not be a single official.

We favor a newly chartered, strengthened, independent Civil Liberties and Privacy Protection Board (CLPP Board) to replace the Privacy and Civil Liberties Oversight Board (PCLOB)…

We recommend that Congress should create the position of Public Interest Advocate to represent the interests of privacy
and civil liberties before the FISC.

The US Government should take additional steps to promote security, by

(1) fully supporting and not undermining efforts to create encryption standards;

(2) making clear that it will not in any way subvert undermine, weaken, or make vulnerable generally available commercial
encryption; and

(3) supporting efforts to encourage the greater use of encryption technology for data in transit, at rest, in the cloud, and in
storage.

The use of “for-profit” corporations to conduct personnel investigations should be reduced or terminated.

There then follow forty-six recommendations, most of which were mentioned above… They start on page 26 and continue until page 44,  For the most part, these are where the complaints that the report is too soft, lie.  The report states things should be in a certain way, and like the Articles of Confederation, there is no teeth to back them up….  For instance it states we recommend that private third parties turn over data only if it is necessary to the security of the United States… Easily setting up this scenario… “Hi, can you give me info on Ms Murphy.  Appears we have some trousers in some soup…” ” Is it a national emergency?” “Yes, sure is”… “Ok here are all their calls…” Essentially unless teeth are added, this allows the same actions as go on today, to progress further.

Teeth such as:  any third party who gives, or any governmental employee who asks for private confidential information for purposes other than an immediate physical threat to national security, may be sued in court for any damages such misuse of information may cause…. etc…

It is our sincere hope, that one, this power is removed from the government.  Private corporations cannot arrest one in the middle of the night, and that with this data in the hands of private entities, that those private entities are at risk if any wrong information falls into anyone’s wrong hands…

Most of us would still trust our privacy in that scenario…  “What?  Someone just told my spouse I was sexting Miley Cyrus?  Oh well, (sigh) with the judgment of $68 million I’ll eventually receive, I’m much better off if I’m divorced before I receive it… ..”