from the national-security-says-the-rules-don't-apply dept
The Director of National Intelligence's office has cleared another FISA court opinion [PDF] for release. These are getting far more interesting to read, even if little seems to be changing about the FBI/NSA's collection methods. The process is now a little bit more adversarial, thanks to the USA Freedom Act, which introduced the possibility of someone arguing on behalf of the surveilled and in the interest of privacy and the Fourth Amendment.
Unfortunately, this opinion finds the FISA court mostly unimpressed with the counterarguments. The discussion involved the use of pen register orders to capture "post-cut through" dialing digits -- the sort of thing the court determined to be content, rather than metadata in the past.
This time around, the court seems more amenable to the government's arguments that any digits obtained along with dialed phone numbers is fair game -- whether or not the orders actually allow for the collection of communications content.
The government claimed it had no technical ability to capture only dialing information. Everything entered on a phone keypad would make its way back to government with the pen register. Past the point of interception, the government was supposed to discard the extra digits because they might be considered content. This is what the court determined in 2006:
The court “had made modifications to the government’s proposed pen register orders,” reads the biannual report to Congress obtained by EPIC. “Although the [FISA Court] has authorized the government to record and decode all post-cut-through digits dialed by the targeted telephone, it has struck the language specifically authorizing the government to make affirmative investigative use of possible content” unless permission is specifically granted by the court.
A decade later, the FISA court is seeing things differently.
We have reviewed the record and considered briefs from the government and from amicus curiae appointed by the court under 50 U.S.C. 1803(i) to present argument in this matter. We conclude that section 1842 authorizes, and the Fourth Amendment to the Constitution of the United States does not prohibit, an order of the kind described in the certification. Read fairly and as a whole, the governing statutes evince Congress's understanding that pen registers and trap-and-trace devices will, under some circumstances, inevitably collect content information. Congress has addressed this difficulty by requiring the government to minimize the incidental collection of content through the employment of such technological measures as are reasonably available -- not by barring entirely, as a form of prophylaxis, the use of pen registers and trap-and~trace devices simply because they might gather content incidentally.
Nor does an order authorizing such surveillance run afoul of the Fourth Amendment's guarantee against unreasonable searches and seizures. The warrant requirement is generally a tolerable proxy for "reasonableness" when the government is seeking to unearth evidence of criminal wrongdoing, but it fails properly to balance the interests at stake when the government is instead seeking to preserve and protect the nation's security from foreign threat. We therefore hold that surveillance of this type may be constitutionally reasonable even when it is not authorized by a probable-cause warrant. We further hold, on the facts presented here, that the order under review reasonably balances the investigative needs of the government and the privacy interests of the people.
In other words, the Fourth Amendment is perfectly fine for criminal investigations, but doesn't really apply to national security investigations. Not really a comforting place to draw the line, considering the FBI's shift in focus from law enforcement to becoming the NSA's unofficial domestic wing over the past 15 years.
The problem with the removal of restrictions the court had erected earlier is that this decision doesn't just influence the collection of dialed digits through pen register orders. Other metadata collected from other forms of communications are also affected by this ruling, as is pointed out by Marc Zwillinger, the court-appointed amicus acting on behalf of the Fourth Amendment and the general public.
The amicus curiae contends that if the government's argument were applied to Internet pen registers, the government could collect information generated by a wide variety of activities on the Internet, including searching, uploading documents, and drafting emails.
The court leaves it up to Congress to solve the problem -- which to a certain extent it has. The laws surrounding pen register orders have been updated periodically, but the most recent changes are still more than 20 years old: the Communications Assistance for Law Enforcement Act (CALEA) was passed in 1994. At that point, Congress added statutory language that said the FBI, et al, must use "technology reasonably available to it" to restrict the recording/decoding of post-cut-through digits. Twenty years later, the government is still claiming it has no way of limiting this collection. I guess "nerd harder" is only applicable to the private sector.
The point made by Zwillinger isn't some form of privacy advocate paranoia. The Patriot Act allowed pen register orders to be deployed to capture internet metadata. As is pointed out in the opinion, Sen. Patrick Leahy expressed concern over this broadened collection and noted that without additional restrictions, the new law could be read as allowing the interception of a broad range of content, rather than just routing information. The court, however, interprets Congress's minimal actions post-Patriot Act as being indicative of its support for the collection of content (however inadvertently) with pen register orders. In fact, it goes so far as to claim the stipulations Congress did enact did not narrow the breadth of the collections, but rather only prevented the definition from being expanded further than it already had been.
According to the FISA court, the national security ends justify the Fourth Amendment-bruising means.
[T]he relevant statute at issue in this case authorizes the use of a pen register "to protect against… clandestine intelligence activities." 50 U.S.C. 1842(a)(1). Pursuant to that statute, the government seeks to monitor the dealings of a person, currently in the United States, who is suspected of collecting intelligence in the service of a foreign power. The purpose of the proposed monitoring is the preservation of national security. Few government interests are of a higher order. The interest at stake is no less -- and may even be greater -- for the foreign agent's being present in this country. And were we to insist on a showing of probable cause and the issuance of a judicial warrant in this setting, we would impede the Executive's ability to bring to bear against the threat those faculties -- "stealth, speed, and secrecy" -- needed to secure the nation's well-being in this most fundamental and sensitive of government endeavors.
The streak continues. The Fourth Amendment is mostly null and void when it comes to national security, whether it's the FBI using pen register orders to collect communications content or the DHS/CBP pawing through electronics/traveling dozens of miles from the border to hassle inland citizens.