Ninth Circuit Says NSA's Bulk Phone Records Collection Was Illegal, Most Likely Unconstitutional
from the suck-it,-Clapper dept
The NSA’s bulk phone records collection is dead. It died of exposure. And reform. It was Ed Snowden’s first leak back in 2013. A few years later, a reform bill prompted by Snowden’s leaks revamped the program, forcing the NSA to tailor its requests for phone records from telcos. The NSA used to collect everything and sort through at its leisure. But once the program eliminated the “bulk” from the NSA’s bulk collection, the NSA couldn’t figure out how to obtain records without getting more than it was legally allowed to take.
This recent courtroom win may have come a bit too late to matter much. But it’s still a big win. In a case involving material support for terrorists by Somali citizens living in the United States, the Ninth Circuit Court of Appeals has arrived at the conclusion that the NSA’s bulk phone records collection is/was illegal.
Here’s the short summary from the court [PDF]:
We conclude that the government may have violated the Fourth Amendment and did violate the Foreign Intelligence Surveillance Act (“FISA”) when it collected the telephony metadata of millions of Americans, including at least one of the defendants…
And here’s what follows that ellipsis, which should be read while accompanied by the saddest trombone:
… but suppression is not warranted on the facts of this case.
Also, the court does not make a declaration one way or the other whether the DOJ ignored its duty to inform accused suspects that FISA-authorized surveillance provided some of the evidence being used against them. The DOJ rarely does this so it’s safe to assume it didn’t do it here either. But the court says even if the DOJ ignored this requirement, it didn’t have much of an effect on the case.
The government argued (as it has countless times) that it could get all the phone records it wanted whenever it wanted because they’re just “third-party records.” Wrong, says the Ninth Circuit. The Smith v. Maryland decision that created the Third Party Doctrine is over 40 years old. Technology and Fourth Amendment jurisprudence have both evolved since that point. Using a pen register to gather one suspect’s phone records is not even the same thing as gathering millions of phone records created by millions of non-suspects.
The distinctions between Smith and this case are legion and most probably constitutionally significant. To begin with, the type of information recorded in Smith was “limited” and of a less “revealing nature” than the telephony metadata at issue here. Carpenter, 138 S. Ct. at 2219. The pen register did not disclose the “identities” of the caller or of the recipient of a call, “nor whether the call was even completed.” Smith, 442 U.S. at 741 (quoting United States v. New York Tel. Co., 434 U.S. 159, 167 (1977)). In contrast, the metadata in this case included “comprehensive communications routing information, including but not limited to session identifying information (e.g., originating and terminating telephone number, International Mobile station Equipment Identity (IMEI) number, International Mobile Subscriber Identity (IMSI) number, etc.), trunk identifier, telephone calling card numbers, and time and duration of call.”
The information collected here was thus substantially more revealing than the telephone numbers recorded in Smith.
Not only was it more revealing, there was also much, much more of it.
The duration of the collection in this case—and so the amount of information collected—also vastly exceeds that in Smith. While the pen register in Smith was used for a few days at most, here the NSA collected Moalin’s (and millions of other Americans’) telephony metadata on an ongoing, daily basis for years.
The court says the discussion about reasonable expectations of privacy has already occurred. The public has disagreed with the government on this topic for at least seven years.
Society may not have recognized as reasonable Smith’s expectation of privacy in a few days’ worth of dialed numbers but is much more likely to perceive as private several years’ worth of telephony metadata collected on an ongoing, daily basis—as demonstrated by the public outcry following the revelation of the metadata collection program.
Even if the government is right — that the collection of one person’s phone records does not violate the Constitution — stretching that same theory to cover millions of phone records doesn’t work. A single set of records only reveals so much. Millions of records allow analysts to tie multiple people together and make some pretty good assumptions about their private lives — who they talk to, when they’re most active, what businesses, churches, etc. they frequent.
But the Appeals Court does not decide the Fourth Amendment question.
For all these reasons, defendants’ Fourth Amendment argument has considerable force. But we do not come to rest as to whether the discontinued metadata program violated the Fourth Amendment because even if it did, suppression would not be warranted on the facts of this case.
If the government chooses to challenge this decision, the Supreme Court may draw that conclusion. Considering this isn’t going to cost it any evidence, the government may let this one ride, even if it does draw the line in the Section 215 sand: the bulk collection violated the law that authorized it.
The government more or less argued the ends justify the means. The statute says all data collected must be “relevant to an authorized investigation.” Since this involved an investigation, gathering phone records on millions of non-targets was somehow OK. Wrong, says the Ninth:
[W]e do not accept the government’s justification in this case that “the call detail records at issue here—the records that suggested that a particular U.S.-based telephone number may have been associated with a foreign terrorist— were clearly relevant to a counterterrorism investigation.” That argument depends on an after-the-fact determination of relevance: once the government had collected a massive amount of call records, it was able to find one that was relevant to a counterterrorism investigation. The problem, of course, is that FISA required the government to make a showing of relevance to a particular authorized investigation before collecting the records.
That means the bulk records collection was unlawful.
We hold that the telephony metadata collection program exceeded the scope of Congress’s authorization in section 1861 and therefore violated that section of FISA.
It seems unlikely the government will attempt to restart the program the NSA divested itself of after it became apparent the technical issues of complying with the USA Freedom Act weren’t worth the effort. The program was almost always useless. But the requirements added by the reforms meant the NSA had to tailor its record collection, which it found difficult to do after years of just getting everything.
At the end of all of this, it’s still a loss for the defendants. No evidence is suppressed and the court’s review of the classified record has led it to the conclusion the records obtained through Section 215 had little to add to the case built against the four accused terrorist supporters. The wins belong to the public and longtime critics of the NSA’s bulk collection program. And if the collection of phone records is unlawful, any other “third party” records the NSA is still collecting in bulk have been illegally obtained. That might bother the government enough to appeal this part of the decision. But it risks losing everything if it does.