Protection from prying NSA eyes
A (Classified) proposal
Comment From the US Fourth Amendment, the Stored Communications Act and US wiretap laws to the Pen-register statute, Mark Rasch looks at legal protections available to the telecommunications companies and individual Americans in the wake of the NSA's massive spying program.
One day, you receive a visit from agents of the National Security Agency (NSA), who make a formal "request" that you, as a patriotic American company, turn over records of telephone calls made by millions of customers in the interests of "national security". If you don't do it, the agent reminds you, you probably wont get those lucrative government contracts, and you certainly won't get any work with any classified government agencies. If you do it, you may open yourself up to class action litigation. What do you do?
Unfortunately, there currently is no way for you do go to any court and get a definitive ruling on what you are allowed – or required – to do. I propose that we open up the super-secret FISA court to allow private citizens or companies that receive requests or demands from the government to demand judicial intervention in a way that would protect national security, and act as a check and balance on any unlimited powers of the Executive Branch.
NSA monitoring millions of Americans
On Thursday, 11 May, USA Today disclosed that several US telephone companies gave over records relating to telephone calls made by millions of Americans to the National Security Agency in the wake of the events of 11 September, 2001.
We do not know the scope of this program. As reported to date, the government requested that various telephone companies turn over calling pattern information on millions of US origin telephone calls – these are reportedly calls that both originated and terminated in the United States.
At least one report has suggested that the program worked as follows: the government would have a suspected al-Qaeda suspect, and would learn of telephone numbers he or she called, or merely possessed. If any of these telephone numbers were located in the United States, the NSA would then attempt to learn what these numbers were, and who these people had called. Thus, if you operate a local Dominoes pizza, and received a call from someone who received a call from someone who the government suspected was associated with a terrorist, then Dominoes would make it to the list of suspects.
The President has suggested that the program is more narrow than this, stating so in his weekly radio address on 13 May, 2006.
"It is important for Americans to understand that our activities strictly target al Qaeda and its known affiliates...The privacy of all Americans is fiercely protected in all our activities. The government does not listen to domestic phone calls without court approval. We are not trolling through the personal lives of millions of innocent Americans. Our efforts are focused on links to al Qaeda terrorists and its affiliates who want to harm the American people."
Does this mean that the records of telephone calls requested from the telephone companies were only those of al Qaeda and its known affiliates? Does that mean that the NSA neither sought nor received the records of phone calls of "millions of innocent Americans" so it could troll through them? Or does it mean that, while the government didn't listen in on purely domestic calls (where the source and destination were in the United States), the NSA might have obtained records of the calls made by many millions of other callers, but did so in order to "target" al Qaeda or others? Or that the President doesn't believe that reviewing the records of calls made and received constitutes "trolling" into a part of American's "personal lives?" Right now, we just don't know, and if the NSA has anything to say about it, we probably will never know.
Other reports indicate that the program may not have even been as narrow as suggested. It is possible that the NSA requested all calling data from the phone companies – that is every telephone number called by every other telephone number. Indeed, this would not be very different from what the government did with the airlines in the wake of 9/11, when it asked for records of every flight taken by every person in America, despite the fact that the airlines had promised they wouldn't give that information out.
In the airline case, at least one federal court held that these records, being records of the airlines themselves, could lawfully be turned over to the government (in that case, NASA, not the NSA) privacy policies notwithstanding. So it is altogether possible that the NSA has requested, and the phone companies have disclosed, records of every call made and received. Assuming this to be the case, is it illegal? The answer is not so clear.
Whose data is it anyway?
The reports to date tend to indicate that the records turned over to the NSA were records of telephone calls from numbers within the United States. This would essentially be "raw data" – for example, that telephone number (202) 555-1213 called telephone number (313) 555-0802 on a particular date, at a particular time, and that the conversation lasted for a particular period of time.
There are various laws that protect the privacy of telephone records in the United States. First and foremost, there is the Fourth Amendment which provides that:
The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.
For some reason, when this Amendment was drafted in 1791, the drafters left out the terms "telephone records" and "intercepted communications" and "Voice Over Internet Protocol". Possibly just an 18th Century oversight. Indeed, the United States Supreme Court initially found in 1928 that you can't "seize" a telephone call, and therefore the Fourth Amendment didn't apply to phone calls. It wasn't until 1967 that the Court finally realised that the Constitution protects the rights of privacy of persons, not just places, and therefore warrants were required if you wanted to listen in on the contents of communications.
Sponsored: Global DDoS threat landscape report