The Guardian reports: The CIA has confirmed that it is obliged to follow a federal law barring the collection of financial information and hacking into government data networks.

But neither the agency nor its Senate overseers will say what, if any, current, recent or desired activities the law prohibits the CIA from performing – particularly since a section of the law explicitly carves out an exception for “lawfully authorized” intelligence activities.

The murky episode, arising from a public Senate hearing on intelligence last week, illustrates what observers call the frustrations inherent in getting even basic information about secret agencies into public view, a difficulty recently to the fore over whistleblower Edward Snowden’s revelations about the National Security Agency (NSA) and its surveillance partners.

Last Wednesday, in a brief exchange at the hearing, Senator Ron Wyden, an Oregon Democrat, asked CIA director John Brennan if the agency is subject to the Computer Fraud and Abuse Act, a three-decade-old law intended to protect computer systems, like those of financial and government networks, from unauthorized access.

Brennan demurred, citing the need to check on the legal complexities posed by Wyden’s question, and pledged to give the senator an answer within a week.

The answer, agency spokesman Dean Boyd told the Guardian, is: “Yes, the statute applies to CIA.”

Wyden gave no indication of what prompted his query. His office would not elaborate, citing classification rules, and neither would the CIA. [Continue reading…]