A better article on the new bill.It is essentially enshrining an active executive order (originally Regan's, but amended by Bush) in legislation. Techdirt see this as negative, legitimising the collection. I'm less opposed to it in principle for two reasons;
1) Saying that legislation legitimises executive orders is akin to saying that executive orders are not legitimate forms of government, which I disagree with.
2) Legislation is far more open to debate and reform than executive orders (IMO). The potential for debate and revision are higher, especially for topics such as these where the subject comes up in each appropriation bill. The actors cycle more frequently and are more accountable, as well as being able to make names for themselves by aligning with current anti-surveillance trends of thought.
In this case I do think it was a silly law. I don't imagine that they would ban such collections, but they haven't even put in place serious oversight. The five year limit is absurdly high. There is no requirement for any minimisation procedures or similar. I feel they ought to have made any collection at least equal in accountability to the FISA programs.
As for why I don't see them banning such collection, the 12333 collection is (as noted in the section 309 title) incidental. It's information collected as part of surveillance of a legitimate target (eg, non-citizen outside of US territory targeted for some reason). Unless the US gets out of the signal intelligence game entirely you are going to have such surveillance and going to have incidental collection of information that this law addresses. Which (and again, IMO) is where you want aggressive congressional standards for minimisation and accountability.