Section 702 data led to State Department warnings about North Korean IT scams, official says

Section 702 data led to State Department warnings about North Korean IT scams, official says

A controversial surveillance authority played a vital role in State Department’s ability to learn about and warn international partners and U.S. businesses about North Korea’s efforts to commit digital fraud to fund its nuclear program, a senior state department official said Tuesday.

The revelation about the 2022 scheme comes as the State Department joins the intelligence community, the Justice Department, and the White House in pushing for Congress to renew Section 702 of the Foreign Intelligence Surveillance Act before its sunset at the end of this year.

While other officials have focused primarily on the surveillance tool’s importance in combatting nation-state threats, Brett Holmgren, the State Department’s assistant secretary for its Bureau of Intelligence and Research, emphasized how crucial the tool is to diplomatic efforts.

“From Russia, China, Iran and North Korea to foreign influence and cyber threats, 702 reporting provides our analysts with unique insights that when combined with other sources of information, make our policymakers better informed about the issues so they can make better decisions,” he said at a Center for Strategic and International Studies event in Washington on Tuesday.

Section 702 of the FISA Act allows intelligence agencies to collect domestic communications of non-U.S. citizens. While the authority does not allow for the collection of Americans’ data, that information is often swept up in searches and can then later be queried under certain conditions.

In addition to North Korean IT fraud, Holmgren pointed to a variety of State Department issues including human rights work. He noted that Section 702 intelligence directly enabled diplomats to act against a Middle Eastern state in 2021 that was surveilling and tracking dissidents abroad. More broadly, the information has enabled the department to monitor “Russian atrocities” in Ukraine and share intelligence with allies supporting Ukraine.

The State Department intelligence and research division’s use of Section 702 data reflects shifting priorities in the intelligence community in recent years from counterterrorism to taking on a litany of nation-state threats, including cyberattacks. In its 2023 annual threats assessment, the Office of the Director of National Intelligence put China, Russia, North Korea and Iran and their cyber capabilities as some of the leading threats to the nation.

Section 702 has over the years also proved a diplomatic challenge for the U.S., including as part of European Union concerns about American surveillance that led to the invalidation of the last transatlantic data-sharing agreement. The U.S. and European Union are expected to reach a new agreement this summer.

Holmgren noted that, like other agencies, the Research and Intelligence Bureau is in the process of implementing privacy controls required by the White House’s signals intelligence executive order last year as part of the forthcoming EU and U.S. data transfer agreement. The executive order also establishes a not yet enacted redress mechanism for EU citizens who believe their data has been collected in a way that violates U.S. law.

“I think it’s a model for the future in the age of ubiquitous communications and in a rapidly evolving communications technology environment for other nations to follow in terms of how do you conduct legitimate intelligence activities, again, consistent with these transparency and privacy imperatives,” said Holmgren.

Holmgren acknowledged concerns from the civil liberties community about the abuse of Section 702 data and noted that State’s intelligence division has a detailed compliance process for requests to unmask the identity of Americans whose information is included in data shared with the agency.

The Biden administration began its push to renew the authority in February but has so far been met with resistance from lawmakers from both parties who have called for serious reforms or in some cases scrapping the program altogether. The FBI’s claims that internal reforms have cut down on inappropriate searches of Section 702 data have been dwarfed by outrage over recently declassified reports of repeated abuse.

Holmgren didn’t directly address reforms but said that anything that diminishes the amount of intelligence received by the agency “would have a negative impact on the work of our analysts to produce their assessments and the support that we provide to our diplomats.”

So far, no legislation to reauthorize or reform the authority has been introduced in Congress.

The post Section 702 data led to State Department warnings about North Korean IT scams, official says appeared first on CyberScoop.