After Snowden: Privacy, Secrecy, and Security in the Information Age (2015)
THE FUTURE OF PRIVACY IN THE SURVEILLANCE AGE
JON L. MILLS
JON L. MILLS is Dean Emeritus, Professor of Law, and Director of the Center for Governmental Responsibility at the University of Florida’s Fredric G. Levin College of Law, where he served as Dean from 1999 to 2003. From 1978 to 1988 he served in the Florida Legislature and was Speaker of the House. As a lawyer, he has appeared in courts nationwide arguing on topics including voting rights and constitutional law. As a professor, he has directed major studies in Brazil, Poland, Haiti, and Central America. An expert on constitutional issues, Mills has been quoted by The New York Times, The Wall Street Journal, The Los Angeles Times, The Chicago Tribune, and The Washington Post. He has appeared on CNN, PBS, NPR, ABC, and the BBC, and produced an Emmy-winning report on the Florida Everglades. He has authored books, articles, and reports on environmental issues, voting rights, government ethics, and the Constitution, the most recent of which, Privacy: The Lost Right, was published by Oxford University Press in 2008.
I. THE HAYSTACK—PRIVACY VS. SECURITY
THE WORLD STOOD still on 9/11. Then it changed. President George W. Bush ordered security agencies to make certain the United States would never again wake up to crumbling towers and a burning Pentagon. Securing our homeland was the top priority. The primary tool we developed to achieve security became a strong surveillance system to find the new enemy.
The surveillance mission is to find and stop terrorists whose sole goal is to inflict pain on the United States. NSA Director General Keith B. Alexander’s technique was said to be comprehensive: “Rather than look for a single needle in a haystack, his approach was, ‘Let’s collect the whole haystack.’”1 Who comprises the haystack? Perhaps we all do.
The scope and breadth of the intelligence that Edward Snowden disclosed in 2012 suggest that government surveillance has overrun the boundaries of U.S. citizens’ constitutional rights. By now, we all know that the NSA collected U.S. citizens’ e-mails, family photos, and résumés. The data was gathered through PRISM, MUSCULAR, and other programs with memorable names. Today, citizens are anxious not only about security but privacy as well. The concern about whether the U.S. government is becoming Big Brother has even led George Orwell’s book 1984 to spike in sales.
The NSA intended for these programs to remain a secret. The intelligence overseers never expected them to become public—after all, they were compelled to spy on citizens in the interests of national security. Some argue that the public would be better off if the programs had remained secret. We cannot help but recall the words of Jack Nicholson’s Colonel Jessup in A Few Good Men—“You can’t handle the truth!” Regardless, the new wave of alarm that Snowden’s intelligence leaks set into motion cannot reverse its course. We are presented with the inescapable conflict between security and personal privacy.
All human beings prioritize safety and security before any other earthly need. The idea of privacy as an intrinsic value cannot compete on this hierarchy. Recent trends in public opinion suggest that people regret the degradation of their privacy and its consequences. Perhaps this sentiment is a result of viewing the loss of privacy as a secondary security issue.
For example, we condemn authoritarian surveillance states like Nazi Germany where children informed on their parents and parents informed on their neighbors. In the Kafkaesque surveillance state, everyone is at risk. Being constantly observed or even the possibility of being observed has an effect on human conduct—it is intended to do so. Jeremy Bentham’s panopticon prison was entirely based on controlling the inmates by merely presenting the possibility that an inmate might be observed at any time. Similarly, a Harris poll conducted after Snowden’s disclosures revealed that 47 percent of 2,000 adult respondents reported changing their online behavior because of what they learned about government surveillance.2 Twenty-four percent of respondents reported that they are less inclined to use e-mail and 26 percent of respondents reported that they engaged in less online shopping and banking. In other words, the possibility of observation affected behavior—just like in Bentham’s panopticon.
Do today’s citizens whose Internet use takes place in virtual glass houses really care if the government is watching them? The individuals in our contemporary culture post intimate details on Facebook and willingly trade off their location for discounts. Yet even in this sometimes exhibitionist society, being watched by government is different and more frightening. We care if Big Brother is eavesdropping without our permission. Americans do not want to live in a 1984 world. Our citizens still revere the values of privacy, dignity, solitude, free thought, and free speech. Increasingly, our actions demonstrate how the loss of privacy has real societal consequences. Chilling thought and speech has repercussions and is contrary to basic democratic principles.
Snowden’s disclosures present the opportunity to take an inventory of the status of privacy and liberty. What is the toll of CCTV cameras, facial recognition software, DNA identification, comprehensive e-mail monitoring, cell phone collection, cataloging of Internet purchases, monitoring of Internet use and searches, location monitoring, drone surveillance, etcetera? And what is the danger of aggregating all of this information in one place? Has Big Data replaced Big Brother? If the NSA can successfully predict that a person will commit a terrorist act and detain him before he blows up the neighborhood mall, will we in turn tolerate more intrusions into personal life as a price for that security?
These are fundamental policy issues about what kind of society we want to live in. There are practical questions about what is essential for national security in an era when domestic safety has been compromised and foreign enemies will use all available resources to cause harm. There are also questions about the constitutional and legal boundaries of modern surveillance. The Constitution protects a citizen’s reasonable expectation of privacy from governmental search and seizure. What is a reasonable expectation of privacy today?
Modern culture prioritizes privacy less than the one that existed even two decades ago when the Church Committee reviewed U.S. surveillance practices and warned of the real danger of increased intrusion. Today’s consumer and surveillance capabilities go far beyond those in the Church Committee’s pre-Internet era. In addition, the contemporary world has more domestic threats than ever before. The perfect storm of new technology, justifiable post-9/11 fears, and the vast voluntary disclosures of contemporary society provide the recipe for collecting unprecedented amounts of data on individuals. There are, however, still constitutional limits to government’s data gathering in this new era.
II. PRIVACY, SECURITY, AND THE CONSTITUTION
Domestic surveillance creates an inevitable collision of two legal principles and basic human instincts—security and privacy. Security is arguably the very first ideal manifested in the U.S. Constitution. The preamble includes the phrases “insure domestic Tranquility,” “provide for the common defense,” and “secure the Blessings of Liberty to ourselves and our Posterity.” On the other hand, the word “privacy” does not appear even once in the Constitution. However, the concept was included in the Fourth Amendment’s codification of the right of the people to be free from unreasonable searches and seizures. That provision clearly allows individuals “to be secure in their persons, houses, papers and effects against unreasonable searches and seizures.” This language specifically identifies “personal security” as a right that is held separate from and in addition to national security.
Personal security was deemed to be a natural right derived not from a government arbiter, but rather from God. Motivated by distaste for government and the invasion of personal space, recognition of this right was fueled by an era when the British government had vast authority to search people’s homes and businesses. The British rulers were viewed as oppressors and the colonists had a healthy antagonism for what has come to be known as “Big Brother.” The Founders did not anticipate drones, GPS surveillance, or the Internet. The possibility of a 9/11 terrorist attack was unthinkable. Technology and history have painted a vexing conflict between these principles of privacy and security that Americans have valued since the beginning of the republic.3
Technology has facilitated surveillance for national security purposes as well as law enforcement purposes. Constitutional protections from technology-assisted warrantless searches have changed dramatically. When telephone calls were made on shared lines, law enforcement officers frequently listened in, believing that existing wiretapping laws were not applicable. A landmark privacy case in 1928 involved precisely this circumstance. In Olmstead v. United States, a bootlegger appealed his conviction on the grounds that the admission of damning evidence obtained via the wiretapping of the home and office phones of the defendants violated the Fourth Amendment.4 The relevant wiretapping lasted for many months. Chief Justice William Howard Taft, writing for the majority, determined that there was neither a “searching” nor a “seizure.” He confined Fourth Amendment protections as pertaining only to a physical entry—“intervening wires are not part of [a defendant’s] house or office [emphasis added], any more than are the highways along which they are stretched.” Because the federal prohibition officers did not breach the homes, offices, or mail of the defendants, the actions were allowed. Justice Louis Brandeis was one of four dissenters. Thirty-eight years earlier, he coauthored “The Right to Privacy,” a law review article that has since come to be known as the theoretical birthplace of American privacy.
Brandeis recognized that the single most important issue for privacy in the era of technology-based surveillance is that privacy protections should not be limited to a physical location. Affirming that the right to privacy was a basic principle, he advocated that every unjustified intrusion by government constituted a violation of the Fourth Amendment:
The makers of our Constitution undertook to secure conditions favorable to the pursuit of happiness.… They sought to protect Americans in their beliefs, their thoughts, their emotions and their sensations. They conferred, as against the government, the right to be let alone—the most comprehensive of rights and the right most valued by civilized men. To protect, that right, every unjustifiable intrusion by the government upon the privacy of the individual, whatever the means employed, must be deemed a violation of the Fourth Amendment.
It was not until the 1967 decision of Katz v. United States that Justice Brandeis, then deceased, would be redeemed. Charles Katz was convicted on the basis of gambling information he transmitted via telephone from Los Angeles to Miami, which was captured by a recording device FBI agents had placed on the outside of a public phone booth.5 He appealed his conviction on the grounds that the recording violated his Fourth Amendment rights. In a 7–1 ruling, the Supreme Court held that Fourth Amendment protections “do not vanish when the search in question is transferred from the setting of a home, an office, or a hotel room to that of a telephone booth.” Justice John Marshall Harlan II’s five-paragraph concurrence contains the reasoning supporting the expanded Fourth Amendment test for a search. In it he introduced the idea of a reasonable expectation of privacy:
[A]n enclosed telephone booth is an area where, like a home,… a person has a constitutionally protected reasonable expectation of privacy … and … the invasion of a constitutionally protected area by federal authorities is, as the Court has long held, presumptively unreasonable in the absence of a search warrant.
This opinion was a major change from the Olmstead decision. Whereas the Fourth Amendment had previously only guaranteed a right to privacy in one’s physical home, Katz now permitted a more expansive application that protected privacy beyond the home.
The Court took another landmark step in 2014. In a 9–0 decision, the Court held that citizens can legitimately assert a reasonable expectation of privacy in their personal information.6 In fact, Justice John Roberts concluded, “a cell phone search would typically expose to the government far more than the most exhaustive search of a house.” The Riley v. California case epitomizes the realization that obtaining a technological accumulation of data intrudes on personal privacy. Observation of the phone’s accumulation of e-mails, location information, Internet browsing, personal communications, and personal schedule creates a mosaic of a person’s entire life. The Court decided that the warrantless governmental search of this information is illegal. Is the warrantless accumulation of similar data through Internet surveillance acceptable for national security purposes, or are the current practices of the NSA also a violation?
III. HISTORY AND PERSPECTIVE OF PRIVACY AND SURVEILLANCE
Today, privacy is eroding because of a flood of security threats. History teaches that governments can use surveillance to control people rather than protect them. The examples are legion. Rulers and kings prefer to avoid, outsmart, or behead opponents. Knowing who they are and what they are doing is a wonderful advantage. While there are instances in U.S. history where surveillance was used to create enemies lists—such as those employed by President Richard Nixon—that type of oppression is not the U.S. norm. There are historic and contemporary precedents for surveillance societies in which the government’s motive is to identify its disruptive or outspoken critics in order to limit dissent. China and North Korea are obvious examples.
Fear motivates a government or its leaders to find out as much about its enemies as possible. Historically, little restraint was applied to spy technology. If you had it, you used it. That certainly seems justified when fighting against a foreign military enemy—especially when the enemy uses a similarly unbridled approach. While Nazis were trying to break our codes and deceive us any way they could, we were doing the same thing to them.
Post-9/11, the motivation to protect the homeland was very high and the technology had advanced to a stage where it was possible to watch, listen to, and monitor individuals in unprecedented ways. This technology gave birth to Stellar Wind (aka The Program), PRISM, and so many other spy surveillance operations. However, before looking at the specifics of contemporary privacy invasions, it is worth exploring the rich history of spying.
When Hamlet feared that the “walls have ears,” he was right. In the Middle Ages, some castles were constructed with built-in coves covered in curtains where observers or spies could listen to conversations. Intelligence on the thoughts and actions of enemies and friends alike has always been incredibly important to governments during both war and peace. In fact, it could arguably be considered negligent not to surveil your enemies, and sometimes even your friends. Perhaps it should not have been surprising when it was revealed that British and U.S. intelligence agencies had hacked the phone of German Chancellor Angela Merkel.7
After the advent of the telegram, eavesdroppers had the ability to tap into communications from a remote location and without the knowledge of those directly involved. In the same mold as the Internet, the technology of the telegraph improved communication and at the same time made spying easier.
During the Civil War, both the Union and Confederacy intercepted each other’s telegrams. Abraham Lincoln would personally review some of these Confederate communications during his presidency.8 Confederate General Jeb Stuart even traveled with his own wiretap specialist.9 In fact, when President Bush was under pressure following the disclosure of the government’s warrantless wiretapping program, Attorney General Alberto Gonzales referenced the long-standing tradition of wartime enemy surveillance within the United States, including during the Civil War.10It was the attorney general’s contention that a legislative grant to use “‘all necessary and appropriate force’” to combat the enemy included the warrantless surveillance of even potential enemies.
During both World War I and World War II, domestic surveillance was widespread. In World War I, prior to substantial telephone use, the government employed postal workers to examine 30 million letters sent to approximately 10 million German-Americans.11 This spying later expanded to a force of agents who conducted surveillance on not only immigrants, but also union members and socialists. During World War II, the FBI continued to surveil domestically, but with a greater focus on tapping telephones. Keep in mind that the U.S. Supreme Court had not yet decided that wiretapping was an illegal search and seizure. Therefore, it was a plausible argument that the FBI’s domestic wiretaps did not violate existing law.
President Franklin Roosevelt entrusted FBI Director J. Edgar Hoover with domestic espionage operations. However, Hoover did not limit his surveillance to wartime. In 1945, Project SHAMROCK was launched to read all telegraphs entering and exiting the United States.12 Continuing into the 1950s and 1960s, this counterintelligence program (COINTELPRO) investigated “dissidents” ranging from Vietnam War protesters to Dr. Martin Luther King Jr.13
In the early 1970s, a new set of intrusions on American citizens was brought to the front pages by a Senate investigation that was in some ways a response to Watergate-era revelations of surveillance used to monitor perceived enemies of the FBI, the CIA, and the President. Senator Frank Church of Idaho chaired the select committee chosen to investigate intelligence activities relating to American citizens. The Church Committee exposed mail-opening programs, domestic wiretapping, COINTELPRO, and a multitude of other constitutionally questionable activities. The types of intrusions described in the report sound eerily familiar—the collection of too much information for too long, the use of illegal or improper means, general ignorance of the law, deficiencies in accountability, and the adverse impact of improper intelligence activity.14
Three intelligence activities caused particular alarm: physical data collection, subsequent dissemination, and the purposeful targeting of individuals who were “far beyond persons who could properly be characterized as enemies of freedom.” The essential finding was that “[t]oo many people have been spied upon by too many Government agencies and to [sic] much information has been collected.” The most significant result of the Church Committee was passage of the Foreign Intelligence Surveillance Act of 1978, which established the court and secret processes that are a central issue in today’s debate. Although the act was intended to provide needed oversight of the intelligence gathering process, the reform of 1978 was arguably a flawed secret process that allowed or facilitated some of the excesses disclosed by Edward Snowden.
IV. THE TURNING POINT—9/11
The tragedies of 9/11 produced a focused effort to preserve and protect the security of the U.S. homeland. The War on Terror was launched against the specific enemy, al Qaeda, and the amorphous specter of foreign and domestic terrorists threatening our safety. That strong motivation to protect the homeland combined with new technical capabilities created a perfect storm for vastly expanding surveillance.
Attorney General John Ashcroft recounted his experiences in the days following the 9/11 attacks, relaying how President Bush admonished, “Never let this happen again.”15 The Department of Justice and others now had the broad task of prevention in addition to the focused task of prosecuting wrongdoing. Preventing a crime from happening is a far different task than punishing it. Under the broad banner of preventing terrorism, collecting information about innocent Americans was simply collateral damage.
To prevent another tragedy, information had to be gathered about potential acts of terrorism and about potential terrorists. There was, however, a legal barrier to unfettered surveillance of U.S. citizens on U.S. soil. Under the Foreign Intelligence Surveillance Act, intelligence wiretaps inside the United States are impermissible without a FISA court warrant. In general, surveillance must be targeted in order to obtain such a warrant. But the FBI and National Security Agency wanted to engage in the newer practice of data mining, the antithesis of a targeted effort. They intended to search a broad range of data in a continuing effort to find the needle in the data haystack.
To enable this collection, a legal theory was necessary. David Addington, legal counsel to Vice President Dick Cheney, engineered a legal basis to engage in the collection of metadata without the authority of the FISA court.16 His justification was the national security power of the President. Three separate NSA lawyers approved the authorization order for the collection of domestic information without a warrant pursuant to the President’s Article II authority. Article II, Section 2 of the U.S. Constitution reposes military authority with the commander in chief. The scope of authority granted to the President by these NSA attorneys’ interpretations has yet to be disclosed. However, former Deputy Assistant U.S. Attorney General John Yoo has posited two interpretations.17 First, he has argued that the wording of the Fourth Amendment leaves open the possibility of reasonable warrantless searches. Secondly, he has claimed that the restriction on unreasonable search and seizure does not govern wartime operations. The administration of this new program, known only to a handful of people under the code name Stellar Wind, was left to the NSA.
Stellar Wind gathered phone and Internet traffic from U.S. citizens and searched it for any suspicious activity. The technology was based upon an earlier prototype code-named ThinThread.18 But whereas ThinThread had built-in privacy protections that anonymized the source of captured communications, those protections were stripped out in Stellar Wind. In other words, communications derived from U.S. persons were no longer encrypted, and a court order was no longer required to disclose the identity behind any communications. Whereas prior surveillance programs included only communications where either the sender or recipient was outside the United States, Stellar Wind tracked communications that both originated and terminated within the United States. It is debatable exactly how clearly or how fully this program was described to members of Congress. We now know that under Stellar Wind, the government was conducting warrantless and personally identifiable domestic searches of personal communications of American citizens.
In response to questions about overreaching surveillance, there was always the possibility that a limitation on surveillance could result in the loss of American lives in another 9/11. Nonetheless, there was internal dissension over the constitutionality of Stellar Wind and other domestic surveillance programs. In October 2001, shortly after 9/11, three NSA employees retired after refusing to use ThinThread technology domestically. One of those employees later joined forces with a Republican congressional staffer on the House Intelligence Committee. Another NSA employee separately took his concerns to the NSA’s general counsel and director. After what he believed constituted retaliation for his questioning, he turned over unclassified domestic surveillance documents to a Baltimore Sun reporter.
Jack Goldsmith, the former head of the DOJ’s Office of Legal Counsel and a true conservative, brought his objection to the e-mail collection directly to David Addington. James Comey, who was acting attorney general during General Ashcroft’s illness, refused to sign a reauthorization of the domestic surveillance program until warrantless e-mail data collection came to a stop. Alberto Gonzales, who was White House Counsel at the time, signed the reauthorization order in the attorney general’s stead. This constitutionally vague action was made moot when the NSA Director later obtained a FISA order permitting the wholesale reinstitution of e-mail metadata collection.
Standing up for privacy is not a partisan or unpatriotic act. DOJ Attorney Thomas Tamm was heir to an FBI legacy; his uncle and father worked with J. Edgar Hoover. While preparing warrants, Tamm became concerned that the NSA conducted electronic surveillance on American citizens without warrants and then bootstrapped the information gathered to obtain FISA warrants. He was unable to persuade the NSA that these actions were illegal. He took his outrage to The New York Times.19
On December 16, 2005, James Risen and Eric Lichtblau of The New York Times wrote an article disclosing the phone and e-mail monitoring.20 They had previously attempted to do so, but Times editors had acquiesced Bush administration requests to scuttle the story. Amid the public outrage subsequent to the disclosure of Stellar Wind, Congress passed the FISA Amendments Act of 2008 in an attempt to rein in warrantless activity. However, the act was largely criticized for its excessive loopholes. Just as the post–Church Committee reforms did not foresee the problems of the FISA courts, in the ongoing attempt to balance privacy and security, privacy lost again in 2008.
Even when the FISA Amendments Act was reauthorized in 2012, the Congressional Research Service noted, “[i]n at least two important ways, the standard that must be met … before the [Foreign Intelligence Surveillance Court] will issue an order authorizing an acquisition is less stringent than the standard that has been traditionally required under FISA.”21 The 2012 reauthorization did away with two significant requirements. First, FISA applications were no longer required to identify the facilities that would be subject to surveillance. Secondly, U.S. citizens could now be targeted even if they were not linked to international terrorism or clandestine activities. The roller-coaster evolution of surveillance and privacy policies in the United States has been crisis driven. As of 2012, it is fair to say that privacy protections in the surveillance area had not been significantly expanded in the last fifty years.
V. SECURITY AND PRIVACY THROUGH THE PRISM OF 2012
Enter Edward Snowden. In December 2012, Snowden reached out to journalist Glenn Greenwald via e-mail. Approximately six months later, Greenwald, documentary film director Laura Poitras, and Guardian correspondent Ewen MacAskill flew to Hong Kong to meet with Snowden in person. Snowden showed the journalists documents that directly contradicted earlier Senate testimony of Director of National Intelligence James Clapper. On June 5, 2013, The Guardian published a story by Greenwald, which detailed a secret court order requiring Verizon to disclose to the NSA all telephone calls in its systems, including phone numbers of both parties to a call, location data, call duration, and other unique identifiers.22
Just two days later, The Washington Post published an article by Barton Gellman and Laura Poitras outlining the PRISM program.23 PRISM allowed the NSA and FBI to extract “audio and video chats, photographs, e-mails, documents, and connection logs” directly from the servers of nine U.S. Internet service providers. PRISMS’s Internet providers were Microsoft, Yahoo, Google, Facebook, Paltalk, YouTube, Skype, AOL, and Apple. In Snowden’s first video interview with Greenwald and Poitras, he expressed his concern that the storage of communications content gives the government the ability to go back in time to “derive suspicion from an innocent life and paint anyone in the context of a wrongdoer.”24 Later it was discovered that PRISM went even further than the mere collection of metadata. It also collected the actual content of e-mails and other online communications and storage.25
I think it’s important to recognize that you can’t have 100 per cent security and also then have 100 per cent privacy and zero inconvenience.… In the abstract you can complain about Big Brother and how this is a potential program run amok, but when you actually look at the details then I think we’ve struck the right balance.
—President Barack Obama
June 7, 2013
On October 30, 2013, Gellman and Ashkan Soltani authored another Washington Post article, which claimed that the NSA and its British counterpart had been secretly capturing data from overseas fiber optic cables.26 The program was code-named MUSCULAR. Whereas PRISM represented a disclosure of data pursuant to a court order, MUSCULAR was an outright hacking of Google and Yahoo’s networks abroad. In one of the NSA presentations outlining MUSCULAR, a sketch of how the government overcomes Google’s security systems is notated with a smiley face. Although Google and Yahoo officials expressed dismay at these revelations, by and large, telecommunications and Internet corporations have submitted themselves to FBI National Security Letters without challenge, even though such NSLs are not issued under the signature of an Article III judge. NSLs are comparable to administrative subpoenas in criminal investigations. The Patriot Act, which was signed in the wake of 9/11, greatly expanded the use of NSLs.27 Previously, the threshold for NSL use required specific facts that showed that the target of the NSL was an agent of a foreign power. After the Patriot Act revision, the records sought needed only to be “‘relevant’ to an authorized investigation.”
Another critical revelation is that NSLs were used to obtain intelligence from corporations. There was little resistance to NSLs, and ISPs became significant sources of information. Internet providers are an excellent source of information. Big providers such as Google and Facebook work hard to develop the best analytics about customers. That information is tremendously valuable to advertisers. The NSA utilized these advanced analytics to improve surveillance.
All of these revelations paint a frightening picture. Discussing these disclosures, President Obama described what we see in the privacy security conflict. His view was that it is impossible to have perfect security and absolute privacy. That statement is obviously true. The real issue is how to reach a reasonable balance.
The table below represents an effort to provide an overview of most of the known surveillance programs. This overview includes a description of the technological process employed by the NSA and its subsidiaries to retrieve the data, the manner in which the technological process intrudes upon one’s privacy, and the legal authority that is cited to justify the actions.
The technological processes discussed feature not only the programs that target specific individuals, but also the broader data collections and efforts to weaken encryption platforms. The totality of these programs demonstrates the extensive amount of information available to the government and the substantial efforts exerted to collect it. This breadth and sum of the parts represent an unprecedented gathering of data on citizens by the U.S. government.
The programs described below rely primarily on the guidelines established by three sources: Executive Order 12333, the Patriot Act, and the Foreign Intelligence Surveillance Act.
EXECUTIVE ORDER 12333
Issued by Ronald Reagan in 1981, EO 12333 governs the collection of foreign intelligence by American intelligence agencies.28 Under EO 12333, these agencies can only collect intelligence on American citizens with the approval of the attorney general. This approval is further contingent on the collection meeting one of the following categories: information that is publicly given or given with consent; information obtained during the course of a lawful foreign intelligence, counterintelligence, international counternarcotics, or international counterterrorism investigation; information necessary to preserve the safety of persons or organizations; information obtained from persons reasonably believed to be potential sources or contacts in order to determine credibility; information necessary to protect intelligence sources and methods; and information incidentally collected that may indicate involvement in activities that violate federal law.
Passed by Congress in 2001 in response to the 9/11 terrorist attacks, Title II of the Patriot Act increased government agencies’ powers of surveillance.29 Section 215 expands agency access to telephony (and potentially Internet) metadata under the FISA business records provision to include “tangible things” relevant to an investigation of a foreign target. This section authorizes the collection of phone records. Section 505 permits the issuance of NSLs in order to obtain information deemed relevant to national security investigations.
FOREIGN INTELLIGENCE SURVEILLANCE ACT
Signed into law in 1978, FISA establishes the guidelines for foreign collection intelligence.30 Congress has since amended FISA to include Title VII, 702, 703, and 704. Section 702 specifies the guidelines for collecting data of non-U.S. citizens. Specifically, Section 702 allows the targeting of any individual reasonably believed to be located outside of the United States. The section also specifies that these organizations cannot intentionally target any American citizen. Sections 703 and 704 discuss the targeting of Americans overseas. These sections authorize the warrantless surveillance of Americans located abroad.31 The Foreign Intelligence Surveillance Court, which is not subject to public view, then oversees these FISA collections. The overwhelming majority of the government’s requests for warrants are granted, leading one to question whether it really provides adequate oversight as opposed to the mere appearance of legitimacy.32
SUMMARY OF SURVEILLANCE PROGRAMS
IMPACT ON PRIVACY
Stellar Wind (also known as The Program)
Bulk metadata collection of American phone calls and Internet traffic.33
Until 2011, the NSA could collect information about Americans’ phone calls and e-mail messages without receiving individual warrants. This information includes whom you called and e-mailed.
The Constitution does not apply because there is no reasonable expectation of privacy for Americans.
Direct content extraction by the NSA from the servers of data providers. Program was initiated with apparent consent of Microsoft, Yahoo, Google, Facebook, Paltalk, YouTube, Skype, AOL, and Facebook.34
NSA can collect shared content (e.g., e-mails, chats, videos, photos, stored data, voice-over Internet protocol, file transfers, videoconferencing, log-ins, and social networking details) of any individual—American or foreign—sharing content with anyone reasonably believed to be outside the United States. This collection can occur without individual court orders or authorization from the service providers.
“Legally compelled collection” and “cooperation”35
Sec. 702 FISA36
The Constitution does not apply because there is no reasonable expectation of privacy for Americans.
Upstream Undersea Cable Tapping (OAKSTAR, STORMBREW, BLARNEY, and Fairview); (Tempora [in the UK])
A joint NSA and British Government Communications Headquarters Program (GCHQ) that the NSA may access. Using intercept probes and physical taps, the organizations access undersea fiber optic cables throughout the world with occasional permission of the nearest country and intercept cable communications. Data is preserved for three days and metadata is stored for thirty days. Mass Volume Reduction is used to filter the data with the help of thousands of selectors.37
Cable communications collected include phone call recordings, e-mail messages, Internet history, and Facebook content. The NSA makes a copy of everything collected, searches through this data using selectors and target information, and then stores the data that matches. There also appears to be no distinction between innocent individuals and targeted suspects.38
Sec. 702 FISA39
The Constitution does not apply because the actions take place outside the United States.
Cell Phone Records (RAGTIME and MARINA)
Court order requiring the provision of electronic copies of “telephony metadata” in bulk to the NSA by Verizon.40 This data is then stored in an NSA database.41
Verizon provides the NSA with information in bulk about phone calls (e.g., location, length, and session identifying information) placed by U.S. citizens. The order allows this collection to occur without any evidence of wrongdoing by the caller or the person being called. The NSA can then search through these results within three hops of a preapproved seed number connected to a foreign terrorist organization. Individual warrants are not required to collect the information.42 However, the NSA supposedly would need an additional warrant to access the data.43
Sec. 215 Patriot Act: a FISA court order falls under FISA “business records” provision 50 USC § 1861.
The Constitution does not apply because (i) there is no reasonable expectation of privacy for Americans; and (ii) foreign targets do not receive constitutional protections.
To perform “target development,” the NSA taps into global cable network connections (i.e., telephony links) and intercepts data pertaining to the location of cell phones through cellular networks, GPS, Wi-Fi, and triangulation.44
Allows the NSA to track locations of mobile users—including those suspected of no wrongdoing who are inadvertently included in the data sweep— in order to locate unknown associates of targeted suspects.
The Constitution does not apply because (i) there is no reasonable expectation of privacy for Americans; and (ii) foreign targets do not receive constitutional protections.
Extraction of unencrypted data in bulk from Google and Yahoo’s overseas fiber optic cables by hacking into their internal networks, supposedly without the authorization of the Internet service providers. After being copied, the data is then filtered and stored.46
Despite the existence of PRISM, the NSA extended its collection of Internet metadata from over a million users of the two providers. This allows the NSA to copy data and content in real time without the knowledge or permission of the providers.47
Attorney general approved processes48
The Constitution does not apply because (i) there is no reasonable expectation of privacy for Americans; and (ii) foreign targets do not receive constitutional protections.
Using over 700 servers, this program indexes unfiltered metadata from other data extractions into tables and provides the ability to perform strong-selector searches.49
Allows the NSA to retrospectively search through their bulk data collection for any type of information (e.g., a telephone number, name, or an individual’s Google searches) without a warrant. This program also provides the NSA with the ability to conduct a much more effective and specific search within its massive storage of data. These searches are conducted by NSA analysts who select a “foreign factor” to bypass a FISA court warrant.50
Tracks, categorizes, and maps NSA collections of metadata by geographical location.51
Those with access to the program can select a country on the map and view the amount and type of information collected by the NSA within the country.
The Constitution does not apply because foreign targets do not receive constitutional protections.
MYSTIC and SOMALGET
Interception, recording, and archiving of the telecommunications of select countries.52
While MYSTIC only provides the NSA with the power to collect metadata from the selected countries, SOMALGET provides access to the actual content of every phone conversation in the Bahamas and one additional unnamed country (speculated to be Afghanistan). The NSA is also seeking to expand SOMALGET to include more countries.
The Constitution does not apply because foreign targets do not receive constitutional protections.
SIGINT Enabling Project and EgotisticalGiraffe
Digital insertion of vulnerabilities into encryption systems, IT networks, and Tor.53
Weakens encryption systems utilized by network providers and Internet users to protect private data.54
Follow the Money
Collection of financial data.55
Monitoring of international payments and banking and credit card transactions.
The Constitution does not apply because foreign targets do not receive constitutional protections.
National Security Letters
After an ISP or phone company receives an NSL, they are required to submit user profile information to the FBI.56
While the law supposedly limits the FBI from content such as e-mail or text messages, the companies are usually under a gag order and cannot alert their users that this information has been shared.
18 USC § 2709— expanded by Sec. 505 Patriot Act57
USCA Second Circuit held § 2709(c) and § 3511(b) unconstitutional based on their lack of judicial oversight for the nondisclosure requirements.58
Together, these programs have the capability to form a comprehensive electronic profile on any American citizen. This profile includes different types of data:
1. Public information on an individual in public records, the press, and open Web sites
2. Personal communications (e-mail, text, Twitter, cell phone)
3. Internet usage including site visits (Google)
4. Commercial internet use including purchases and contractual disclosures (Amazon)
5. Social media sites (Facebook)
6. Location information (cell phone locator, GPS)
7. Nonpublic stored information (medical records, financial records)
Each program relates to this data in a distinct way. There are also varying levels of intrusion and legality. For example, PRISM, upstream cable tapping, and XKEYSCORE all extract or analyze data from social networks like Facebook. This data is obtained in one of three ways: NSL/FISA warrant, private agreement between the government and the Internet company, or hacking into the system. We know that Facebook can be legally compelled to hand over user metadata and content if they are served with an NSL or a FISA warrant. Facebook can also enter into a private agreement with the government and allow them direct access to their servers. The government could even hack into its internal networks and extract data without its knowledge or consent as is presumably done in MUSCULAR with Google and Yahoo. How much access Facebook gives to the government remains unknown. The PRISM slides that Snowden leaked indicate that the NSA has direct access to Facebook servers. They also indicate that this extraction is done with the cooperation of Facebook and is not necessarily the product of a FISA warrant or NSL. Facebook has ardently denied that the NSA has direct access to their servers, but admits that they comply with individual warrants.59
Can the government really do that? This is the question that crossed every American’s mind when he or she heard of the Snowden leaks. Even if the motivations were noble, at some point warrantless and random collection of personal information steps over the line. Of course not all surveillance is illegal, and intelligence gathering is a necessity. The following legal principles support surveillance activities:
• The surveillance is conducted on foreign soil.
• The information gathered does not contain information subject to a reasonable expectation of privacy.
• The information gathered is necessary to protect national security.
As a baseline, our historic conception of surveillance involved spying on the “enemy.” The enemy was a foreign power. Of course the United States wanted to find out the war secrets of Nazi Germany. The public perception of spies included images of James Bond and Mata Hari. Conducting surveillance of foreign enemies on foreign soil was expected. Today the dominant profile of a spy is different. The new master spies are faceless computer geeks like Edward Snowden. They use PRISM and MUSCULAR to sweep up information about foreigners and Americans alike in searching for a terrorist needle in the haystack. Remember, the Constitution protects Americans from warrantless searches—it does not prohibit surveillance on foreign soil. What happens when otherwise constitutional surveillance conducted on “foreign soil” contains data on American citizens? Obviously, global Internet surveillance changes the impact of foreign surveillance.
The government is not spying if it simply collects publicly available information. When a citizen voluntarily discloses information, he or she generally abandons a reasonable expectation of privacy in that information. There are some fundamental flaws in the current legal definition of voluntarily abandoning information. For example, the current state of the law dictates that there is no reasonable expectation of privacy in certain bank records and phone logs that have been “voluntarily” disclosed to third parties. Is it rational to hold that all disclosures to third parties represent a conscious acquiescence to make that information available to the NSA?
Another legal justification to allow collection of information for surveillance is the straightforward assertion of the “special needs” of government to protect national security. After 9/11, at least one court recognized potential terrorist activity as one of these “special needs.”60 The justification of national security may have the broadest implications. Since 9/11, our concept of national security includes protecting domestic locations within the United States. The motivation of national security and the availability of new technology have enabled the surveillance environment in which we find ourselves today, but there has always been a motivation for national security and a thirst to use the new technology of the time. Is the situation today more extreme and difficult than ever before? Yes, based on global terrorism issues and unprecedented technology.
I’m glad that the NSA is trying to find out what the terrorists are up to overseas and in our country. I’m glad that activity is going on, but it is limited to tracking people who are suspected to be terrorists and who they may be talking to.… Yes, I am sure that that’s what they’re doing.
—Senator Lindsey Graham
June 6, 2013
There are multiple contradictions among statements by the NSA, ISPs, and stories based on Snowden’s leaks. As of this writing, there is no final definitive determination about the methods, techniques, and extent of surveillance. The analysis here is based primarily on the Snowden leaks and official statements by government agents.
How do these programs actually affect the average American citizen or company? The NSA stresses that the only Americans that should be worried are either terrorists or those who contact terrorists. Recent reports indicate that the majority of data being collected concerns nonsuspects whose information is swept up indiscriminately. And nearly half of this bulk of information is from American citizens.61 Geoffrey R. Stone, a legal scholar and member of the President’s Review Group, emphasized that no American’s data is being accessed unless there are connections between him or her and a suspected terrorist target.62 However, this statement paints an incomplete, if not dishonest, picture. The actual operation of these programs is better demonstrated by hypothetical stories that describe the interrelationships of programs and how they could affect real people.
THREE HOP JANE DOE: SEARCH
Wake up with your Verizon phone fully charged. Text message a friend who is reasonably believed to be outside the United States and who happens to be under surveillance as part of a contact chain. Your contact is the second hop from the original suspected terrorist target. You are the third hop. This information alone targets you as a suspect. The data sweep begins. CO-TRAVELER tracks your location through your phone throughout the day. PRISM collects your Gmail messages and tagged Facebook photos. Verizon has provided your call records to the NSA for years and the NSA can now potentially access the data because of your text message. After realizing the breadth of metadata collected on you over time, an NSA programmer uses XKEYSCORE to search through this collected data retroactively and review all of your Google searches for the past five years. Innocent searches about TSA regulations, meth labs, or breathing techniques that were made to allay your curiosity or solve an argument suddenly become incriminating. Your prior efforts and use of Tor to encrypt your data are rendered useless because of EgotisticalGiraffe and other NSA efforts to weaken encryption programs. This analysis continues until you are cleared—if you are ever cleared.
INCIDENTAL SWEEP JOHN DOE: COLLECTION
Throughout the day, John Doe constantly shares information that is incidentally swept into one of the NSA’s servers. The NSA collects his Verizon phone records daily and saves this information for five years. If John calls a relative in the Bahamas or a patriotic friend serving in Afghanistan, the entire content of his phone conversation is recorded and archived. Any additional Internet communication he conducts with a foreign person or server is collected in real time by the undersea fiber optic cables. This content is then copied, searched, and potentially stored for up to thirty days.
PROFILE OF ISP DOE, INC.: COMPLIANCE
Doe, Inc., is a small Internet service provider that offers its users an encrypted platform to send e-mails, chat with friends, and store photos and videos. Using its Section 702 FISA powers, the NSA compelled Doe, Inc., to cooperate with the investigation of a specific terrorist target. While Doe, Inc., prioritizes the privacy of their users, the national security concern appeared too vast to disregard. The information that the NSA needed only infringed upon one user’s information. Doe, Inc., begrudgingly complied. A couple of months later, Doe, Inc., received a National Security Letter that required the ISP to submit the content of 150 Doe, Inc., users. Doe, Inc., viewed this request as illegal, but the NSL directs them to contact no one and not seek legal advice. Knowing no other option, Doe, Inc., obeyed and then shut down its service forever in fear of future requests made by the NSA.
VI. PREDICTING AND PREVENTING CRIMES—IS MINORITY REPORT THE NEXT STEP?
In the wake of some of the tragedies documented by social media in recent years, officials discovered confession videos and Facebook entries that either predicted or threatened the tragedy to come: students promised to hurt others or themselves, or worse, cried out for help when none was forthcoming. Sometimes the documentation simply suggests the pending tragedy by showing pieces of it coming together: a search for how to build a bomb coupled with a Google map result for street views of a city park. If the government has enough information to indicate that an individual is going to bomb the Boston Marathon, should the authorities stop him before he does it?
We have a system of pervasive, pre-criminal surveillance where the government wants to watch what you’re doing just to see what you’re up to, to see what you’re thinking, even behind closed doors.
May 29, 2014
Predicting future human behavior is increasingly valued, particularly as understanding consumer behavior becomes the holy grail of Internet search engines and marketers. The defense contractor Raytheon has also developed a program that uses social networking data to track people’s movements and predict future behavior. The Rapid Information Overlay Technology (RIOT) uses GPS from photographs posted on Facebook and Foursquare check-ins to determine where individuals have been and where they will likely go in the future. Raytheon has not sold RIOT to any clients, but has shared its technology with the U.S. government.63 Amazon recently gained a patent for anticipatory shipping. The company is so sure about what we are going to buy that it plans to ship it to us before we order it.64 Why not use the same tools to predict and thereby prevent criminal behavior?
Of course trying to punish individuals before they actually commit a crime is tricky business. Thankfully we are not living in the sci-fi dystopia of Steven Spielberg’s film Minority Report. The 2002 film portrayed a United States in 2054 where “precrime police” in D.C. worked with preventive government to protect citizens. They stopped murders before they happened with the help of “precogs” and computers. As long as the “precrime” system was 100 percent correct, the public supported it and there seemed to be no more murders. When the fictional system inMinority Report was found to be flawed, it collapsed. There may be a logical appeal or longing for a perfect system that prevents all crime and terrorism. Using the name “Minority Report” is simply a reminder that perfection is elusive.
In order to prevent terrorist acts amid rapidly advancing technology, there is a need for rational assessment of future surveillance actions. If predictive technology is deemed accurate, then most people would likely support employing it to prevent crime. The issue then becomes the degree of accuracy of the prediction.
The government currently has technology that provides predictions on criminal behavior. The Department of Homeland Security developed Future Attribute Screening Technology (FAST) and tested it publicly in 2011. FAST uses sensors and video and audio recordings to assess the probability that an individual—not yet suspected of any crime—will commit a crime in the future. These sensors and recordings evaluate an individual’s psychophysiological signals to determine malintent. This behavioral biometric data includes cardiovascular signals, pheromones, skin conductivity, eyeblink rate, and respiratory patterns. The public field test occurred in an undisclosed location in the Northeast. The details of the field test have not been disclosed, but a 2011 Privacy Impact Assessment discussed limited operational tests planned to occur in large public places—temporarily closed to the public—where volunteers would undergo screenings (image alone, questions alone, or images and questions combined).65 While the DHS did not reveal the results of the public test, it has reported a success rate of 70 percent in its lab tests.66 The evolution of this program from lab tests and volunteer participation to public tests signifies the continued development of the predictive incident avoidance agenda.
Although the Snowden disclosures did not focus on any specific predictive preventive programs, another NSA employee revealed the NSA program AQUAINT (Advanced Question Answering for Intelligence) in 2009. This artificial intelligence system uses the massive amount of data shared on the Internet (and likely already collected by the NSA) to answer predictive questions about future events. The unnamed researcher, who quit for moral reasons related to AQUAINT, explained that the system is incredibly similar to the robot HAL 9000 from 2001: A Space Odyssey. In addition, and similar to AQUAINT, the Center for Advanced Study of Language (CASL) has initiated a program that seeks to determine whether a person is lying by studying his behavior and listening to him speak.67 CASL is a national security research lab accessible to the NSA.68Snowden worked at CASL as a security specialist in 2005 before he worked as a private contractor for the NSA.69
Think of 2001: A Space Odyssey and the most memorable character, HAL 9000, having a conversation with David. We are essentially building this system. We are building HAL.
—former NSA employee
The use of predictive programs to avert future crimes is rationally appealing in many ways. Obviously there are major risks relating to accuracy or abuse. We are now aware that bulk data collection was used to construct search warrants. The existence of so much data coupled with enhanced predictive coding could move a search warrant up to an arrest warrant. Luckily, no identified “precrime” program has yet been disclosed.
The motivation to stop crime and terrorist events is strong, and technology is certainly able to make better predictions than ever. The ability to predict is well established and well honored. Based on evidence about the behavior of different celestial bodies, astrophysicists mathematically predicted the existence of Neptune before it was observed.
In a precrime analysis, if surveillance of a suspected terrorist operative indicated that he had trained for bomb making, acquired bomb materials, was diagnosed as psychotic, had threatened to bomb a stadium, and had two tickets to a football game for the next day, he would likely be detained. As a matter of perspective, even crimes that have already occurred are often hard to solve. Crimes are also difficult to stop even with today’s best technology.
By the time of the Boston Marathon bombing, Boston had a comprehensive CCTV network, with some 500 cameras mounted throughout the city. Omnipresent surveillance did not deter the Boston bombers from detonating their homemade bombs near the finish line. In the hours following the bombing, local, state, and national intelligence and security officials combed through hundreds of hours of footage captured by CCTV cameras near the bombing site. This terrorist attack was the first committed in a place with comprehensive surveillance and with the tools to search suspects’ Facebook pages, Twitter feeds, geolocation posts, and blog posts. Technology provided real advantages to the investigation. In addition, thousands of Bostonians and others across the world viewed images and contributed resources through crowdsourcing. Yet the first suspects identified were the wrong people.
A combination of media, technology, and the crowdsourcing element contributed to the wrongful identification of these individuals as the perpetrators; then it published their pictures. Ultimately technology played a major role in indentifying Dzhokhar and Tamerlan Tsarnaev as the principal suspects. Even comprehensive surveillance will not deter a determined or suicidal terrorist. Second, technology does not always provide an instant or accurate answer. Third, technology and surveillance can nonetheless be useful in uncovering and proving a crime.
The Snowden disclosures have opened the programs described above to serious scrutiny. Some of the programs are apparent intrusions and give us motivation to analyze rational approaches to reforms that protect privacy and national security. They also challenge us to consider the overzealous extension of modern technology, and whether it might deeply harm our personal freedoms.
VII. SHORT-TERM REACTIONS TO THE DISCLOSURES OF 2012
The disclosures beginning in 2012 generated a series of responses to the actions of the NSA as well as efforts to remedy perceived privacy intrusions. In May 2014, the House passed a gutted version of the USA Freedom Act. That proposal lost support from the Electronic Frontier Foundation and major Internet companies because it does little to prevent bulk data collection. In December 2013, the U.S. District Court for the District of Columbia held that the Smith v. Maryland case that allows the collection of certain targeted data entrusted to a third party without a warrant does not apply to bulk data collection.70 Smith, which was decided in 1979, has been used as the primary legal basis to review data “voluntarily” disclosed to a third party. There, the Supreme Court reasoned that there was not a reasonable expectation of privacy in a warrantless search of pen registers.71 Pen registers are records of phone calls from landlines. Although it has been treated as precedent, in many ways this case symbolizes the law’s failure to catch up with reality and new technology. In 1979, there was no Internet, and there were no cell phones, and no programs that could easily collect, aggregate, and analyze masses of information.
In Klayman, Judge Richard Leon reasoned that this long-term collection and analysis likely violates the Fourth Amendment and our reasonable expectation of privacy. Other cases dealing with the modern aggregation of data such as warrantless GPS tracking and warrantless review of smartphones show that the law is changing to catch up with the times. It is time to view the Smith holding as obsolete.
Perhaps the most important case regarding the data privacy of citizens was the previously mentioned Supreme Court ruling in Riley that the search and seizure of a cell phone’s digital data is unconstitutional. The fact that the aggregation of sensitive personal data on a cell phone cannot be obtained without a warrant sends a message to the legal system. Even though the case applied to a criminal search and not the more compelling purpose of national security, the logic is the same as applied to protect surveillance of bulk data. Both types of aggregated personal data create an intrusive personal mosaic.
The information affected corporations as well. The Snowden disclosures—particularly the tech industry’s involvement with NSA—have led several Internet companies to invest in better encryption services. In June 2014, Google even announced a new Chrome extension, End-To-End, that encrypts sent messages with an easier process than the other PGP and GnuPG encryption software. They also released the code before the official extension was available on the Chrome Web store and offered financial awards to anyone who finds a security defect in the code.72
Following the PRISM disclosures, Mark Zuckerberg wrote on his Facebook page that “it’s up to us—all of us—to build the internet we want. Together, we can build a space that is greater and a more important part of the world than anything we have today, but is also safe and secure.”73However, the competition to feed the information race is fierce, and it continues to drive innovations that feed on consumer privacy. For instance, more recently, Facebook faced scrutiny after releasing a new feature for their app that uses your phone’s microphone to listen to the background noise to determine what television show you are watching or song you are listening to.74
All these reactions show that policy makers, courts, citizens, and corporations are struggling with the new realities without a clear outcome.
VIII. THE FUTURE: PROTECTING THE HOMELAND AND THE HAYSTACK
Spying, surveillance, and privacy are different in the twenty-first century. They are different because the “enemy” is different, technology is different, and society is different. First, there are domestic and foreign terrorists in the United States who play by their own rules. Second, new technology gives the terrorists more options and also provides us with more options for surveillance. Third, today’s global society is dominated by technology and gathers more information than at any time in history.
The intense focus brought by the Snowden disclosures provides a moment in time to reflect on two predominant themes of modern life—national security and individual privacy in the technology age. The 9/11 tragedies raised the stakes for security and the Snowden disclosures have raised the visibility of privacy. No doubt there will be “reform.” There is sufficient outcry that something will happen. Congress will pass a bill with a well-designed acronym (Uniting and Strengthening America by Fulfilling Rights and Ending Eavesdropping, Dragnet Collection, and Online Monitoring Act, for example). Agencies will provide new processes to guard against abuses and future Snowdens. Reforms, even when well intended, sometimes turn out well and sometimes do not. Some argue the well-intended FISA courts that were part of the Church Committee’s reforms in 1978 have ended up allowing abuses under the appearance of court review.
The reforms under way will ultimately be judged by their ability to protect the public from danger and restore the public’s faith. There are a variety of stakeholders that want faith restored, including the Internet companies that rely on public acceptance and use. From my point of view reform should focus in four areas:
1. Establish transparency in domestic surveillance.
2. Provide for effective, independent, and trustworthy oversight of surveillance.
3. Design a whistleblower system that will encourage the disclosure of abuse, but still protect national security.
4. Define rational limits of search and seizure law that protects citizens in the new technical world.
Rational, effective, and pragmatic remedies are hard. As previously mentioned, there is no option for absolute security and total privacy. Real solutions must recognize that reality. However, there must be a balance restored to protect the privacy and dignity of U.S. citizens and restore faith in the systems that protect us. We must accept that rational solutions should not abandon surveillance or disclose every surveillance program used by the United States. Legitimate foreign surveillance of foreign enemies can still exist. We should not have to ask permission from the Taliban to tap their communications or surveil their operations with drones.
The Snowden disclosures renewed focus and interest on overreaching government surveillance and privacy intrusions. However, the interest in security has not disappeared. Citizens want protection from the Boston and Oklahoma City bombers just as well as the foreign-based 9/11 terrorists, but the process of sifting through the haystack of communications and data to thwart domestic and foreign terrorists should be able to still honor the U.S. Constitution and its principles. Our legal system and criminal justice system should be agile enough to perform needed searches of citizens in a constitutional way.
There are four major categories of reform that can better protect privacy and still recognize the importance of national security. Overall, these reforms seek to increase transparency of domestic surveillance, provide trustworthy oversight of intelligence and surveillance programs, improve whistleblower processes to disclose abuses, but protect national security, and finally, seek a constitutional standard that actually protects U.S. citizens from surveillance intrusions.
Congress has the authority to respond to many of the claims of privacy intrusions. They can amend or further define the authority to gather domestic intelligence and address the policy changes discussed below. In fact, at the time of this writing there are proposed legislative solutions that deal with some of these issues. One version of the USA Freedom Act would ban the bulk collection of Americans’ personal data. The details and definitions are important. For example, a “specific selection term” is an important definition because that term defines the scope of a surveillance warrant. Can a “selection term” allow the surveillance of a whole geographic region, like a city? While the House’s version defined “specific selection term” broadly,75 the draft Senate version at the time of this writing narrows the definition and specifically prohibits the collection of entire geographic regions or particular service providers.76
The basic principles relating to reform of our intelligence system are fairly straightforward. Be transparent, avoid intruding on U.S. persons, and review the legal process that authorizes surveillance.77 Those issues are being considered by Congress. If legislative reforms fail or fall short, legal challenges to surveillance policies may well define the constitutional boundaries of surveillance. Ultimately, the Constitution itself defines the limits of government surveillance, and the courts are perfectly capable of enforcing those boundaries. This option is further discussed below in the analysis of the rational constitutional limits on government surveillance.
1. Establish Transparency in Domestic Surveillance
Snowden’s leaks identified secret government intrusions on American citizens. A central need for restoring public faith is for the U.S. government to tell its citizens why it is conducting domestic surveillance and how. Of course there cannot be public disclosures about secrets dealing with foreign and enemy intelligence. No rational British citizen was upset that his or her government failed to disclose that it possessed technology to crack German “Enigma” communications during World War II.78 Americans can hardly complain about their government’s methods of surveilling international actors when those actions identify and locate potential and known terrorist threats. However, there are true constitutional limits when it comes to surveillance of American citizens. That constitutional limit is discussed more extensively below. This issue of transparency is about telling the truth about how our government is conducting itself. As it stands now, after the Snowden disclosures and before major reforms are in place, the American public does not know or trust the surveillance system.
In 2013, the Office of the Director of National Intelligence and the Department of Justice explicitly recognized the need for transparency. They said there was a need for the public to have an “understanding of how the Intelligence Community uses the legal authorities provided by Congress to conduct surveillance and gather foreign intelligence.”79 They also articulated the “need not to disclose information that our adversaries could exploit to evade surveillance and harm our national security.”
There is some public disclosure based on a post-Snowden presidential directive. The Office of the Director of National Intelligence’s Civil Liberties and Privacy Office now publishes guidelines for protecting privacy when gathering intelligence80 and releases an annual report, describing the nature of intelligence agencies’ surveillance programs.81 This information includes data on the number of targets and the definition of an intelligence target. This information is declassified and published online. The ultimate issue is what is future policy for the disclosure of domestic surveillance.
The goal of transparency is to disclose the truth and to promote public understanding and trust. Therefore, disclosures must indeed be accurate. By disclosing the rules of the game to the public, Congress, an oversight agency, or a whistleblower can point to acts that exceed and violate rational policies to protect privacy. Compare that with the current situation, where citizens were not told of surveillance policies and then discovered that the secret and intrusive policies were being legally justified or legally approved by the FISA court. If the future policies are transparent, we can evaluate those justifications for ourselves rather than having blanket domestic surveillance determined in secret.
2. Provide for Effective Independent Oversight of Intelligence Activities
An important element of having a clear policy for domestic surveillance is to have reasonable and independent oversight of surveillance actions to assure compliance. Two groups currently oversee surveillance activities that are otherwise secret: members of the Privacy and Civil Liberties Oversight Board (PCLOB) and the federal judges who sit on the FISA court. Additionally, leaders of the intelligence community brief congressional intelligence and judiciary committees on their surveillance activities. Congress is also required to authorize mass data collection activities under Section 215 of the Patriot Act. Despite congressional approval and oversight, the discovery of the current ongoing domestic surveillance activities has been a shock to the American people. Perhaps as big a shock to Congress was that the CIA surveilled the computers of staffers on the Senate Intelligence Committee, the congressional committee charged with direct oversight of the intelligence community.82 Therefore, the restoration of public trust is going to require more or different oversight.
The PCLOB has released reports on NSA and other agency compliance with Section 702 of the Foreign Intelligence Surveillance Act. It is generally tasked with balancing civil liberties and surveillance. Reviews have been mixed. Its reports indicate that many surveillance activities of Internet communications were in compliance.83 However, the report also indicated that outside of Section 702’s “fundamental core,” certain practices “push the program close to the line of constitutional reasonableness.” The fundamental core is collection of foreign intelligence, but other practices go beyond that. The analysis of the constitutional issue is greatly limited by the fact that the board was unable to evaluate “the unknown and potentially large scope” of Section 702’s incidental collection of U.S. persons’ data. In other words, the board was not informed of the full impact of the government’s “incidental collection.” The oversight impact of the PCLOB is defined by two indisputable shortcomings. First, they have no authority to implement or control policy. Second, they apparently do not or cannot consider the full scope of government surveillance. The reports are, however, important and useful in understanding intelligence activities.
The FISA court, which the Church Committee created in 1978, consists of eleven federal judges appointed by the Chief Justice of the United States. It has been the principal authority to approve surveillance activities. Statistics show the court approved the overwhelming majority of surveillance proposals that have been part of the disclosures that offended many Americans.84 Further, detractors criticize the makeup of the court and suggest a change in the appointments process. For instance, one critic of the current FISA court system, Connecticut Senator Richard Blumenthal, has proposed increasing the number of judges on the court from eleven to thirteen, and shifting the appointment power from the Chief Justice of the United States to the chief judges of the eleven circuit courts of appeals.85
Equally important to some structural reform in the FISA court is the scope of jurisdiction of that court in approving surveillance activities. In other words, legislation may prohibit or limit the FISA court’s jurisdiction to grant bulk domestic warrants. Another proposal, suggested by President Obama, would add an adversary requirement to the FISA court.86 This option provides a counterbalance in situations where a zealous advocate for a broad surveillance request would need to respond to an advocate who might question the breadth and constitutionality of a domestic request.
Oversight is critical in the post-Snowden era. But oversight in the form of a nonadversarial court review system, such as the present FISA court system, has proven to be inadequate to protect privacy interests. Reform is needed, perhaps in the guise of the proposal advanced by Senator Blumenthal. The independent PCLOB is a promise of greater oversight, but the board’s small budget and staff hamper its promise. Furthermore, since the President appoints all of its members, some might view the board as less than completely independent.
For an oversight function to help restore public faith, the policy to be overseen must be rational and supportable. The fact that the oversight board recently suggested that many NSA surveillance techniques were legal suggests to the general public that either the oversight or the laws are flawed. At this point, it may well be the latter.
3. Design a Whistleblower System That Will Encourage Disclosure of Abuse, But Still Protect National Security Secrets
Critics of Edward Snowden say he knew about internal whistleblower avenues at the NSA but chose to approach The Guardian for the greater possibility of international acclaim and notoriety. Supporters accept Snowden’s argument that the NSA’s internal whistleblower options were not effective. Irrespective of your view of Snowden, the existing whistleblower system is flawed. It did not attract Snowden nor did it work for Thomas Tamm. We should explore a better system that appeals to both the computer nerds and the patriotic Justice Department lawyers who might uncover unconstitutional or illegal violations. Many of the new spies and contractors are different. Spy agencies recruit from hacker conventions as much as or more than from the Ivy League. Some question the maturity of a few of these young genius hackers and spies. There are even credible stories of hiring cyber criminals and using their techniques to help law enforcement and spy agencies.87 Remedies must recognize the nature of the people involved in the new intelligence game.
A new framework must acknowledge the dramatic failures of the current system over the last decade. Chief among them is access to the courts. Right now there is no external avenue for whistleblowers in the intelligence community. The first time a whistleblower has the opportunity to see a judge is after he or she is charged with a crime.88 Post-Snowden reforms have included unguaranteed appellate opportunities to inspectors general of other intelligence communities, but they still fall well short of a workable framework. Two former NSA employees believe that Snowden’s actions in terms of misappropriating vast amounts of confidential data was in part a reaction to their own previous failed attempts at whistleblowing within the system. William Binney and Thomas Drake experienced investigations and intimidation by armed FBI agents. The government ended up prosecuting Drake for violating the Espionage Act, although he settled for a misdemeanor plea bargain after the government withdrew the bulk of evidence it had planned to present.89 Snowden recognized that he would need to physically possess the data in order for individuals to believe him.
Binney and Drake had several specific thoughts about what kind of system would work better. They wanted a lawyer and a court. While there should still be an internal inspectors general system for whistleblowers, there is an advantage to devising a process that allows a whistleblower to have private counsel and access to the courts. There is a well-established legal process that could be adapted to whistleblowers in the intelligence community.
The qui tam proceeding was devised to identify misconduct that cost the government money. Latin for “who as well,” qui tam lawsuits originated in medieval England as a legal action against parties undermining the king. The action was brought on behalf of the king. We have no king. We have a government by the people. So, qui tam actions in the United States are brought to vindicate and protect the people rather than the crown. Since the passage of the 1863 federal False Claims Act in America, qui tam lawsuits have been a tool for citizens to “assist in the detection and prosecution of fraud against the government.”90 In a very real sense illegal acts of surveillance are a fraud against the government and its citizens.
The False Claims Act works. Qui tam actions recovered billions of dollars in wasteful spending over 150 years. The private party, or relator, is rewarded for identifying the fraud on government. He may recover 30 percent of the amount the government lost. The process allows the government to prosecute the fraud if it chooses. If it does, and thereby reduces the burden on the private citizen, that individual shares in the recovery because he or she alerted the government to the potential fraud. An important part of the qui tam remedy is the fact that attorneys’ fees are paid if the fraud is proven and the government recovers. This facilitates the process of a whistleblower obtaining counsel. Another critical quality of the qui tam process is confidentiality.
An adaptation for security violations could be patterned after these confidentiality qualities. A qui tam claim is initially filed under seal, where the accusations and evidence supporting them are only made known to the court. The potential national security qui tam would allow the whistleblower to remain confidential, and provide an incentive to not disclose national secrets to the public, but to disclose the allegations to a court. This alternative would place review in the hands of a federal judge without compelling a whistleblower to go to his boss or his agency. He could go to his lawyer with the allegations of unlawful conduct. Even if the court ultimately found that no violations occurred, the federal Whistleblower Protection Act of 1989 could be amended to offer protection from current or future employment retaliation to whistleblowers who exercised their rights under the privacy qui tam system.91
Rather than proving the government has been injured or defrauded, a privacy qui tam suit would require proving a violation of American citizens’ civil liberties. A whistleblower would file a qui tam claim under seal in federal court, alleging the nature of the civil liberty violation. Filing under seal minimizes the danger of disclosing harmful secrets and is surely better than a whistleblower making his or her own determination of whether to leak to the media. The court conducts a closed proceeding to allow the government to decide how it wishes to proceed. If the government decides the allegations are worthy of proceeding, they may then notify the government agency accused of wrongdoing. The judge conducts a confidential review of the evidence presented. If the judge determines the surveillance activities were unlawful, the agency is ordered to cease the surveillance activity and the relator is compensated. The compensation would be based on a fine levied against the government for violating Americans’ civil liberties, and as an award to the whistleblower for uncovering the violation.
If the government decides not to proceed, the relator may then proceed to attempt to prove the case against the agency in question. In this case, the fines paid to the whistleblower would be doubled because he or she was compelled to prosecute the case. The same logic is used in the existing qui tam proceedings.
In either case, if the surveillance were determined to be unlawful, the nature of the violation would be made public to the extent that disclosure does not harm national security.
The privacy qui tam system advanced here encourages whistleblowers to report government violations of civil liberties while providing a regime that protects sensitive intelligence.
4. Define Rational Limits of Search and Seizure Law That Protects Citizens in the New Technical World
Defining a basic constitutional concept like “reasonable expectation of privacy” is all the more difficult when technology changes overnight and law evolves over decades. Constitutional protection for privacy can and has evolved in the past. As noted previously, at one time wiretapping was legal; then it was deemed illegal as constitutional interpretation caught up with reality. The Snowden disclosures and search and seizure cases in the past several years have set the stage for another step forward.
Justice Sonia Sotomayor’s concurring opinion in United States v. Jones asked if the law could redefine a reasonable expectation of privacy to fit twenty-first-century realities rather than legal theories better suited to the time when the U.S. mail was the dominant means of communication.92 She stated that the older approaches are “ill suited to the digital age, in which people reveal a great deal of information about themselves to third parties in the course of carrying out mundane tasks.” In the Jones opinion from a lower court, one judge called the information from a 24/7 GPS tracking involved in that case, by itself, an intrusive mosaic that could be definitive of a person’s life.
The Riley case is another example of new recognition of the impact of technology on the legal concept of constitutional privacy. As previously discussed, a unanimous Court, with Chief Justice Roberts writing, concluded a warrantless search of the aggregated data in a modern cell phone was more intrusive than the search of a home.
The reasoning of these Courts can be applied to the domestic surveillance issues raised by the Snowden disclosures. According to various reports, NSA surveillance may have included e-mails, texts, Internet searches, online purchases, cell phone records, location records, and social network records. If they occurred, did these searches violate the existing law or the Constitution? To answer that question we must know if the information was collected pursuant to the issuance of an individual warrant, a FISA warrant for bulk collection, or an NSL directing private companies to grant access, or whether it was done with some other authorization. The PCLOB recently found that some of the NSA activities were lawful.93 It may be that certain surveillance was authorized by the FISA court or collected through NSLs that may have been legally justifiable at the time under existing interpretations and statutes. Maybe. The determination that they were legally justified in some way is an entirely different question than whether those programs should be legal in the future.
To be specific, the central issue is defining the limits of bulk data collection from U.S. citizens. If a warrant based upon probable cause is issued for an individual for cause determined by a judge, that search is, at least facially, within the Fourth Amendment. The salient issue is to what extent can the government sift through the “haystack” without a warrant. Also, how broad is the authority of the FISA court to authorize bulk collection of data through a warrant?
To analyze these issues effectively, it is important to understand the types of data that can be collected with modern technology. The programs listed in the section describing surveillance programs, including PRISM, MUSCULAR, and XKEYSCORE, are programs that collect or analyze information. The following is the list of the classes of information that might be collected by these programs.
1. Public information on an individual in public records, the press, and open Web sites
2. Personal communications
3. Internet usage, including site visits
4. Commercial Internet use, including purchases and contractual disclosures
5. Social media sites
6. Location information
7. Nonpublic stored information
This list includes all the potential sources needed to create a thorough profile of an average American today. As this list is analyzed, realize that some of this information is freely and readily publicly available. Consequently, the collection of that kind of information is not an invasion of personal privacy. In the modern society that lives in figurative glass houses, much of people’s lives are transparent to anyone, including the government. There are some gray areas where information is available on a limited basis. And there are some situations where that data is clearly personal, private, and not generally available. All of this information can be characterized as electronic information. Importantly, modern technology can allow the assembly and aggregation of all of this data to create an electronic profile.
Other technical issues affect the level or nature of the collection. For example, is it surveillance or a search if only a computer scans information and no human ever observes the information? For example, what if a computer algorithm is programmed to review all e-mails during a certain date but only retain and identify those e-mails that are sent to a known terrorist? Has the scan violated any rights of a person whose e-mails are scanned but not identified? Yet another issue to be aware of is the distinction between collecting metadata and content. Collection of metadata, or data about data, is sometimes considered less intrusive. For example, is a warrant necessary to collect a person’s e-mail metadata (i.e., the “To” and “From” lines with the destination address) as long as the computer does not collect the content of the e-mail? If anyone thinks metadata is unimportant, consider former NSA head Michael Hayden’s statement on ABC News in May 2014: “We kill people based on metadata.” Of course he was referring to non-U.S. persons.
One does not have a reasonable expectation of privacy in public data accessible to any individual with an Internet connection. This is true for both metadata and content. Public data can include public blog entries and YouTube videos, as well as information publicly provided by government, such as arrest records, tax records, personal licenses, and ownership history. Many of these records are freely available on the Internet and are routinely aggregated by commercial data brokerage firms. Data brokers bank on the fact that there is a vast amount of information available from public files. In addition, media publications, broadcasts, and blogs are certainly public information and collectible by government. Without a warrant, government can often capture a great deal of information about individuals from this category of publicly available information.
The Fourth Amendment should protect the content of personal communications, such as e-mail messages and conversations via phone. In fact, phone wiretapping cases are significant benchmarks in search and seizure law. Personal communications such as the content of a written letter are also protected. However, the addressed destination on a letter is different than content and has always been considered unprotected because the addressee is voluntarily disclosed to multiple postal workers. The commonly used analogy is that the written address on a letter is the same as an e-mail address on an e-mail communication. Under this reasoning, e-mail metadata (i.e., the addressee of the e-mail) is fair game for surveillance without a warrant. New technology should require a reexamination of this analogy. With new technology, it is easy to collect and classify thousands of e-mails and analyze their destination. The collection and classification of months of personal communications is qualitatively different than knowing the destination of one or two letters. Surveillance of communication metadata needs to be reexamined.
The government should clearly be required to obtain a warrant to collect the content of any personal electronic communication. However, if the communication is a Facebook public posting to 300 friends or a mass e-mail to 500 business associates, the privacy of that communication diminishes. These communications are more akin to public statements. Certainly a Twitter posting from an unrestricted account is not private.
The Fourth Amendment may also protect the metadata of personal communications. The Supreme Court has yet to explicitly overturn the holding in Smith that treats information disclosed to third parties as available without a warrant, but the Klayman decision that found bulk collection telephony metadata unconstitutional, and some other legislative proposals in the USA Freedom Act of 2014, indicate that warrantless bulk collection of telephony metadata may soon come to an end. This same reasoning should be applied to the metadata of all electronic communications, including e-mail. Communication data, particularly personal communications, often disclose very sensitive data that should require a warrant to allow government surveillance.
The Fourth Amendment protection of Internet use is an intricate concept. The metadata of Internet use is presumably the URL of a Web site or how many times an individual visits a Web site. The content would be determining the actual substance of the Web site that an individual observed. The Fourth Amendment does not prevent an investigator from observing the content placed on public Web sites by an individual if the Web site is generally available to the public. Therefore, if an investigator knows a suspect is posting his views or blogging on a public Web site, the investigator can look at those postings. The URLs of public Web sites are tantamount to public information data. However, the Fourth Amendment may protect the content of more interactive Web sites that are password protected. The government would need to issue an NSL, obtain a warrant to access this information, or reach an agreement with the Web site.
COMMERCIAL WEB SITE
One likely does not have a reasonable expectation of privacy for the metadata and content hosted on commercial Web sites like Amazon or eBay. These commercial Web sites depend on the collection of personal information to cross-market and provide future recommendations. Many of these sites have terms and conditions allowing data collection to which the user agrees. While the government may not need a warrant to access this information, the Fourth Amendment should prevent the government from a warrantless hacking into Amazon or Google to obtain the metadata or content without the consent of the company as was done through MUSCULAR. It seems the government could obtain information with a targeted individual warrant, but should they be able to obtain bulk data with a bulk warrant like an NSL that could allow the collection of data on a broad number of Internet users? This invasive type of intrusion could constitute a Fourth Amendment violation. The area of bulk data collection from Internet providers is one of the central and most controversial issues that came out of the Snowden disclosures. If NSLs are to be allowed to continue, they should not be allowed for an indiscriminate vacuuming of information about the entire haystack. The government should be compelled to state a cause for obtaining domestic information and conduct a rationally targeted search.
PERSONALLY SENSITIVE (STORED INFORMATION)
Individuals have a reasonable expectation of privacy for certain personally sensitive information like health records. This expectation is true for both metadata and content. For example, the fact that a person had an operation and the fact that it was a heart transplant are both facts that are nonpublic. For certain kinds of information like medical information, there are explicit standards for confidentiality. Of course, the government already collects health data for health regulation purposes. The 2003 Health Insurance Portability and Accountability Act Privacy Rule included a national security exception that authorizes the collection of medical records by federal agents if part of a national security investigation.94 Therefore, collection of health data is specifically authorized by HIPAA, and the NSA may therefore use a FISA warrant or other legal justifications to obtain health information on a target.
Beyond health records, the Fourth Amendment should also protect bank records. Currently, warrantless review of certain bank records is justified under a 1976 Supreme Court decision. This type of transaction surveillance is one of the most unregulated forms of government surveillance. Record holders such as banks have vast access to our personal data only because “we cannot otherwise realistically function in the modern world.”95 If an individual wants to keep money in a bank, he or she must consent to the bank’s issuance and knowledge of his or her account number. This ordinary participation in the modern world is not a voluntary submission to general observation of financial information by government. The only way to avoid this “voluntary disclosure” is to put your cash in a mattress. In this instance, transaction surveillance is an illogical justification for warrantless surveillance that is completely inconsistent with reality. Courts have extended a person’s reasonable expectations of privacy to zones outside the home and to private information. Bank records should be considered sensitive information, and the limited disclosure to a bank should not equate to voluntary disclosure. The government should be obligated to obtain a warrant before procuring this kind of sensitive information for both metadata and content.
Cloud-based services have become one of the easier methods to store and access data. Is the cloud data fair game for the government to obtain without a subpoena? Probably not. Both the metadata and content of stored data are comparable to that which a person saves on her computer’s hard drive. There is no intent to broadly share this information, which is stored in a hypothetically secure place. The Stored Communications Act (SCA) should provide a basis for protection.96 As with the other types of data, a person’s conduct can limit her expectation of privacy. If a person shares a Dropbox folder with a hundred people, then it would be easier for the court to grant the government a warrant.
Oversharing is the norm on social media sites like Twitter and Facebook. Yet many users are surprised to learn that the government may gain access to the same information they share with their Facebook friends through programs like PRISM. Where posts are made broadly available, without any limitations, then the individual may have abandoned a reasonable expectation of privacy. Government viewing of such unrestricted information is not likely to require a warrant. In addition, Facebook might be compelled through an NSL or FISA warrant to disclose additional information. In contrast, the Fourth Amendment may protect individual messages sent through Facebook from one user to another. In addition, if a person places specific limits on distribution and viewing, then those communications may be more protected and more similar to the content of e-mail.
While some disclosure of information is necessary to participate in the modern technological world, such as the disclosure of the destination address of an e-mail to an ISP, the disclosure of one’s birthday, home address, vacation plans, book preferences, or best friends on a Facebook page may be different. Courts have evaluated Facebook pages for claims of confidentiality by parties to criminal and civil lawsuits. Basically, the courts will grant a subpoena for Facebook posts when a party identifies the relevancy of the underlying information.97 They will not usually grant blanket access to an individual’s Facebook account.98
There are numerous social networks with different markets and purposes. They have in common the purpose of a broad disclosure of information—not confidentiality. People have a lower expectation of privacy in the social networking arena than in some of the other classifications discussed here, such as personal communications. However, certain social network posts that more closely resemble personal communications than public disclosures may be entitled to a higher expectation of privacy.
GPS tracking of an individual’s location through a smartphone or any other device can be very intrusive. The Supreme Court has held that the government cannot place a GPS tracker on a suspect’s car 24/7 for a criminal investigation without a warrant. The majority’s opinion focused on the property or trespassing nature of the placement on the defendant’s car. Justice Sotomayor went further in her concurrence. She reasoned that the GPS placement was an unconstitutional search and seizure. While this opinion provides helpful reasoning for Fourth Amendment protections in the future, there are many other instances of voluntary disclosure of a person’s location that may be legally obtained by the government. A person who posts his or her location on Foursquare or checks in on Facebook may be deemed to have voluntarily disclosed the information to the public. However, the Fourth Amendment may prevent the government from obtaining an individual’s Google Maps searches or Find My iPhone data without a warrant because the individual did not intentionally share that information with any particular person by consenting to use the application. Nevertheless, Google possesses and retains that information and the government may attempt to obtain it directly from such a third party.
Ultimately, a person’s conduct and choices regarding how much he or she chooses to share with the world can determine his or her privacy rights. Furthermore, distinguishing the relative intrusiveness of content collection versus metadata collection is challenging. Most collections of metadata are intrusive because of the aggregation effect. It is arguable that the GPS coordinates or address constitutes the metadata while what occurs in the location is the content.
THE SURVIVAL OF PRIVACY
There are clearly many issues to be resolved as technology evolves. Currently, two of the biggest concerns are aggregation and bulk collection. The sensitive nature of aggregated information from phone records, browser history, stored data, personal communications, etcetera, has influenced recent Supreme Court decisions. The Jones case dealing with continuous GPS monitoring and the majority opinion in Riley concerning a warrantless search of a smartphone indicate the recognition that the aggregation of data is a major threat to privacy. While the extraction of personal communication metadata from a phone may not yet constitute a Fourth Amendment violation, the aggregation of multiple types of data—including personal communication metadata—does. The technological aggregation of data changes the qualitative nature from nonintrusive information to an intrusive comprehensive data profile. For example, GPS tracking showing “location information” that someone was at a bar one day does not provide much insight. However, when a thirty-day record indicates that the individual spends three hours every afternoon for thirty days at that bar, that location information aggregation paints a picture.
Bulk collection is intrusive for a different reason. By its nature, bulk collection is a randomized sweep of information from mostly unaware and innocent people. Keep in mind that the technical capabilities described in the previous section may enable the collection of large amounts of information about those random individuals subject to bulk collections. If bulk surveillance is allowed to sweep communications (e.g., cell phone contacts or e-mails) and Internet use through upstream collection as well as easily collected public records, a quite specific profile may be stored even if it is not observed. It is at this point that the haystack argument is central to the discussion. Bulk collection allows the “incidental” collection of nonsuspect American data that can be stored and searched through in the future utilization of programs like XKEYSCORE. This collection is a serious intrusion and may well be found to be a Fourth Amendment violation. As mentioned above, Congress may statutorily limit bulk collection of information.
Further, other bulk collection programs like the undersea cable tapping that indiscriminately collects domestic information must be reexamined. In that case, a technical solution exists that preserves the ability to conduct foreign surveillance and preserve Americans’ privacy.
When the NSA developed ThinThread, programmers created a code that immediately extracted or blocked American information from the data collected. This code prevented any domestic data from being seen or stored by the NSA. Unfortunately, the NSA decided to forgo the use of this code under post-9/11 pressures.99 To rectify privacy concerns, the NSA should reinstate this code and coding similar to it to filter out domestic data. Beyond coding modifications, FISA warrants should require more targeted bulk collection practices. For example, if there is a suspected terrorist with known connections to a New York mosque, should the NSA be allowed to perform a bulk collection of all the data from any individual who attends that same mosque? That seems to be an overreach without more explicit reasons. The collection should instead be limited to those individuals with whom the suspect directly communicates or who are suspects for other specific reasons. Without some more specific limitations, bulk collection of otherwise confidential domestic information is a major focus for reform.
Other programs like MUSCULAR and XKEYSCORE raise other issues of legality. Purportedly, MUSCULAR allows NSA programmers to hack into the internal networks of ISPs. XKEYSCORE functions with the use of a dropdown menu that allows an NSA worker to determine the justification of his or her own search. The NSA worker—or contractor, like Snowden—may justify his own search of all the data collected under this program. Each of these programs appears to allow the hacking of private information without a specific statutory justification or judicial oversight. Instead, the NSA worker chooses from dropdown options including “the person has stated that he is located outside of the US,” “human intelligence source indicates person is located outside the US,” and “open source information indicates that person is located outside the US.”100
The legality of overseas surveillance programs like SOMALGET presents more complicated legal issues. Recall that SOMALGET is recording entire cell phone conversations. With millions of Americans visiting the Bahamas yearly, the NSA is clearly intercepting the phone conversations of American citizens. This action would be illegal in the United States, and a person’s mere presence in the Bahamas is, by itself, a highly suspect justification to wiretap an American citizen. However, the fact that a U.S. person is in a foreign country may be cited as legal justification for the surveillance. Beyond domestic legal issues, there are also real concerns that SOMALGET violates international laws.101
Reforms require a complex balancing of national security and personal privacy. The motivation to protect the homeland is strong and justified. The new concern about individual privacy is substantial and a comprehensive response is imperative. Programs spurred by 9/11 and enhanced by new technology have created a toxic environment of public distrust. Put in the best light, NSA officials were not candid in describing surveillance programs in response to the Snowden disclosures. It seems clear that these programs gathered massive amounts of information about innocent Americans without the NSA ever intending to tell the American public. No wonder there is a trust gap.
The public can handle the truth and there is likely a general willingness to support a strong surveillance program. However, transparency and real change are just the beginning. The above-suggested changes are a start at a critical moment when our nation has a chance to restore the core element of an effective democracy—faith of the people in the government.