CDT has been arguing for some time  that federal surveillance laws fail to adequately protect privacy in light of changing technology. While Congress has been lowering the standards in laws like the PATRIOT Act, and while the President has been arguing that he should not be subject to any statutory constraints, the digital revolution has given the government unprecedented opportunities to to collect information about our daily lives. Rather than further weakening the surveillance laws, Congress should be strengthening the Electronic Communications Privacy Act , the Foreign Intelligence Surveillance Act and other statutes to require the government to better focus its surveillance and to set standards for "data mining" and other techniques.
As one starting point in this serious process, the shift in control of the Congress offers important opportunities for oversight of issues at the intersection of national security, privacy and technology. Carefully done, oversight can pave the way for improvements in the laws that benefit both national security and civil liberties.
First and foremost, Congress should get the full facts on the government's electronic surveillance activities as they affect Americans, not only the Terrorist Surveillance Program but also the collection of information identifying domestic calls and emails. The House and Senate should conduct, through the Intelligence and Judiciary Committees working together, a deep, objective inquiry into what the NSA has been doing inside the US and how FISA may or may not be outdated, including the ways in which it fails to adequately protect privacy.
National Security Letters should also be near the top of the oversight list - how many are issued, for what kinds of data, and especially whether they are being issued for large datasets as opposed to individual records.
Another major issue that merits oversight is the domestic intelligence and security role of the military - clearly, the military has expanded domestic intelligence gathering, without clear limits.
Some constructive oversight could break the logjam on passenger name records from Europe. If the Administration agreed to use the information only for screening and not to build a long-term database, they could get cooperation of the Europeans and start screening in-bound flights before they take off. Too often, the Administration has let the perfect be the enemy of the good, trying to get large sets of information and keep it forever, rather than getting only what it needs for the specific problem at hand (in the case of air passenger data, keeping terrorists off airplanes).
Bottom line: any investigations should be conducted with the long view, with a focus on substance, and without the "gotcha" element.