President Obama will respond to the report in January (White House photo).

A presidential panel has made 46 recommendations that include limiting the National Security Agency's surveillance methods, such as curtailing how the government systematically collects and stores metadata from Americans' phone calls.

The five intelligence and legal experts who wrote a 308-page report, Liberty and Security in a Changing World, recommend the metadata be maintained by communications providers, rather than the NSA. And they say that government agencies should only be able to search the metadata if they obtain a court order.

"In our view, the current storage by the government of bulk meta-data creates potential risks to public trust, personal privacy and civil liberty," the report says. "We recognize that the government might need access to such meta-data, which should be held instead either by private providers or by a private third party. This approach would allow the government access to the relevant information when such access is justified, and thus protect national security without unnecessarily threatening privacy and liberty."

President Obama ordered the review after former NSA contractor Edward Snowden leaked documents revealing government surveillance programs (see How Did Snowden Breach NSA System). The report, issued Dec. 18, also includes a recommendation aimed at preventing the NSA from subverting initiatives to create secure encryption to safeguard confidential communications and data.

Reports earlier this year that said the NSA had cracked much of the encryption that shields global commerce and Internet communications caused the National Institute of Standards and Technology to withdrawal one of its cryptographic guides (see NIST to Review Crypto Guidance Methods). The panel says it's aware of these reports, but says it could not find any evidence that the NSA circumvented encryption. Still, it says the suggested limits to be placed on the NSA are designed to encourage the proper use of encryption.

The White House had planned to release the report, along with Obama's response to it, in January. But a day after the president met with key technology company executives who criticized NSA surveillance practices, the administration decided to move up the release of the report (see President Confronts NSA Critics).

Report Gets High Marks

Cryptographer and author Bruce Schneier, who first reported concerns that the NSA meddled in NIST's cryptography standards in 2007, says he's "flabbergasted at how good" the panel's recommendations are. "I expected something much, much worse," he says. "[But] I can't imagine that the White House will accept these recommendations."

In fact, the White House precluded one of the panel's recommendations even before the report was submitted. Army Gen. Keith Alexander, who will retire this spring, serves as NSA director as well as commander of the military's Cyber Command. The panel not only recommends ending the dual-hatted position, but suggests the director of the NSA could be a civilian. A general or admiral has always led the NSA.

The Obama administration last week rejected that idea. "Following a thorough interagency review, the administration has decided that keeping the positions of NSA director and Cyber Command commander together as one, dual-hatted position is the most effective approach to accomplishing both agencies' missions," says White House spokeswoman Caitlin Hayden.

James Lewis, a cybersecurity expert at the think tank Center for Strategic and International Studies, says the panel's strong recommendations would go far to rebuild trust by addressing legitimate concerns about NSA's collection activities.

"While some of its recommendations are tangential or superfluous, the central recommendations, if adopted, would go far to bring the intelligence programs and the laws passed after 9/11 into line with the constitutional requirements for judicial oversight and with the reforms that have guided intelligence collection since the 1970s," he says.