from the not-over-yet dept
Wikimedia (and the ACLU, who is helping with the case), believed they had a smoking gun that could grant them standing. The following slide, which was revealed by Ed Snowden:
Unfortunately, so far, it's not working. Earlier today, the court tossed out the lawsuit, saying that Wikimedia did not present enough evidence to prove it has standing. The court, not surprisingly, relies heavily on the Supreme Court's ruling in Clapper v. Amnesty International, in which SCOTUS rejected Amnesty's similar claim by saying the organization failed to prove it had standing, since it couldn't prove its team was caught up in dragnet surveillance. Of course, famously, to get to that ruling, the US government flat out lied to the Supreme Court (something it has since admitted), claiming (incorrectly) that if information collected via such surveillance was used in criminal cases, the defendants would be told about it.
But, no matter, the court says that under the Clapper ruling, Wikimedia does not have standing, and basically argues that this case really is no different than that one. It rejects the idea that, thanks to Snowden, we now know a lot more about the NSA's surveillance program, basically saying that it's still too speculative.
Plaintiffs cannot provide a sufficient factual basis for their allegations because the scope and scale of Upstream surveillance remain classified, leaving plaintiffs to prop their allegation of actual injury on suppositions and speculation about how Upstream surveillance must operate in order to achieve the government's "stated goals." Indeed, plaintiffs cite the government's "stated goals" in nearly every facet of their argument.... It is, of course, a "possibility" that the NSA conducts Upstream surveillance in the manner plaintiffs allege, but this "bare assertion" is unaccompanied by "factual matter" that raises it "above a speculative level," and hence does not establish standing.The court notes that the "speculative chain" may be "shorter" than in the Clapper case, but "it is a chain of speculation nonetheless."
The court also rejects the claim that since it's been revealed that the NSA does "about" searches in addition to "to" and "from" searches, that reveals much more broad searches. If you don't recall, one of the revelations is the fact that the NSA can run queries not just on something like "emails to or from Osama bin Laden" but also "emails about Osama bin Laden" which obviously would include a much larger set of content to sniff through. The court doesn't think this matters very much:
... plaintiff's contention that "about surveillance" is like the hypothetical government agent reading every piece of mail misses the mark. Unlike the hypothetical government agent reading every word of every communication and retaining the information, "about surveillance" is targeted insofar as it makes use of only those communications that contain information matching the tasked selector.In short... it's not a problem that the NSA sniffs through everything to find all the emails about Osama bin Laden, because it's not using the data in all the ones it rejects. Besides, the court argues, the argument is still highly speculative.
Finally, the court looks at a few specific arguments for why Wikimedia and some of the other plaintiffs have more direct evidence that situate themselves differently. First, there's lawyer Joshua Dratel, who is somewhat well known for taking some rather high profile cases, such as handling Ross Ulbricht's defense over the Silk Road arrest, or defending the widow of Boston Marathon bomber Tamarlane Tsarnaev. Two other clients were Agron Hasbajrami and Sabirhan Hasanoff -- and in both cases, the government has admitted those two were subject to Section 702 surveillance. From there, the ACLU argues this means that Dratel's communications were almost certainly swept up and looked at by the NSA as well. However, the court doesn't buy it, saying that while it may be true that Dratel's communications were likely swept up, there's still not enough evidence that it was swept up by the 702 upstream program that the lawsuit is about:
Plaintiffs in this case... do not allege facts that plausibly establish that the information gathered from the two instances of Section 702 surveillance was the product of Upstream surveillance. In neither of Dratel's cases did the government indicate whether the information at issue was derived from PRISM or Upstream surveillance, and no factual allegations in the AC plausibly establish that Upstream surveillance--rather than PRISM--was used to collect the information. Moreover, given what is known about the two surveillance programs, it appears substantially more likely that PRISM collection was used in these cases...The court is probably right here. There are two major surveillance programs under 702. The "Upstream" program that taps the backbone and then PRISM, in which a list of big internet firms agree to hand over certain information pursuant to a FISA court
Then there's the case of Wikimedia, who argues that given the government's "stated goals," and the vast amount of traffic going to Wikipedia, it's all but certain that Wikipedia has been swept up in the Upstream collection. The court still isn't buying it:
Plaintiffs' argument is unpersuasive, as the statistical analysis on which the argument rests is incomplete and riddled with assumptions. For one thing, plaintiffs insist that Wikimedia's over one trillion annual Internet communications is significant in volume. But plaintiffs provide no context for assessing the significance of this figure. One trillion is plainly a large number, but size is always relative. For example, one trillion dollars are of enormous value, whereas one trillion grains of sand are but a small patch of beach. Here, the relevant universe for comparison purposes is the total number of annual Internet communications, a figure plaintiffs do not provide--nor even attempt to estimate--in the AC. Without defining the universe of the total number of Internet communications, it is impossible to determine whether Wikimedia's alleged one trillion annual Internet communications is significant or just a drop in the bucket of all annual Internet communications.Ouch.
Moreover, plaintiffs conclude that there is a greater than 99.9999999999% chance that the NSA has intercepted at least one of their over one-trillion communications on the bases of an arbitrary assumption, namely that there is a 0.00000001% chance the NSA will intercept any particular Internet communication. Plaintiffs provide no basis for the 0.00000001% figure, nor do they explain why the figure is presented as a conservative assumption. Plaintiffs seem to presume a string of zeroes buys legitimacy. It does not. Indeed, a closer look reveals that the number of zeros chosen by plaintiffs leads conveniently to plaintiff's desired result. If three more zeros are added to plaintiffs' figure (0.00000000001%), the odds that at least one of Wikimedia's one trillion annual communications is intercepted drops to approximately 10%. If four more zeros are added (0.000000000001%), the odds that at least one of Wikimedia's communications is intercepted drops to 1%. In short, plaintiffs' assumption appears to be the product of reverse engineer; plaintiffs first defined the conclusion they sought--virtual certainty--and then worked backwards to find a figure that would lead to that conclusion. Mathematical gymnastics of this sort do not constitute "sufficient factual matter" to support a "plausible allegation."
The court also rejects the idea that this kind of ruling means that the Upstream program can never face judicial review, pretending that the fact that the FISA court reviewed it (without any adversarial party) is enough... and (again, incorrectly) that criminal defendants prosecuted with information collected under the program can challenge said collection. And, yes, it's true that the DOJ has now said that it will start informing defendants, but it didn't for years.
The ACLU is, not surprisingly upset by the ruling, and I imagine it will be appealed soon.