Search Mailing List Archives


Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] Schrodinger’s Catnip: Questions & Answers on NSA Data Collection

Yosem Companys companys at stanford.edu
Thu Jun 13 20:09:23 PDT 2013


From: Mark Rasch <mdrasch at AOL.COM>

Schrodinger’s Catnip

DISCLAIMER: I know nothing about the NSA surveillance programs other
than what I read in the papers.  Thus, my legal analysis of the
program may be completely wrong, since they are highly fact dependent.

The NSA programs to retrieve and analyze telephone metadata and
internet communications and files (the former I will call the
telephony program, the latter codenamed PRISM) are at one and the same
time narrow and potentially reasonably designed programs aimed at
obtaining potentially useful information within the scope of the
authority granted by Congress.  They are, at one and the same time
perfectly legal and grossly unconstitutional.  It’s not that I am of
two opinions about these programs.  It is that the character of these
programs are such that they have both characteristics at the same
time.  Like Schrodinger’s cat, they are both alive and dead at the
same time – and a further examination destroys the experiment.

Let’s look at the telephony program first.  Telephone companies, in
addition to providing services, collect a host of information about
the customer including their name, address, billing and payment
information (including payment method, payment history, etc.).  When
the telephone service is used, the phone company collects records of
when, where and how it was used – calls made (or attempted), received,
telephone numbers, duration of calls, time of day of calls, location
of the phones from which the calls were made,  and other information
you might find on your telephone bill.  In addition, the phone company
may collect certain technical information – for example, if you use a
cell phone, the location of the cell from which the call was made, and
the signal strength to that cell tower or others.  From this signal
strength, the phone company can tell reasonably precisely where the
caller is physically located (whether they are using the phone or not)
even if the phone does not have GPS.  In fact, that is one of the ways
that the Enhanced 911 service can locate callers.

The phone company creates these records for its own business purposes.
 It used to collect this primarily for billing, but with unlimited
landline calling, that need has diminished.  However, the phone
companies still collect this data to do network engineering, load
balancing and other purposes.  They have data retention and
destruction policies which may keep the data for as short as a few
days, or as long as several years, depending on the data.  Similar
“metadata” or non-content information is collected about other uses of
the telephone networks, including SMS message headers and routing
information.

Continuing with the Schrödinger analogy, the law says that this is
private personal information, which the consumer does not own and for
which the consumer has no expectation of privacy.  Is that clear?
Federal law http://www.law.cornell.edu/uscode/text/47/222 calls this
telephone metadata “Consumer Proprietary Network Information” or CPNI.
 47 U.S.C. 222 (c)(1) provides that:

Except as required by law or with the approval of the customer, a
telecommunications carrier that receives or obtains customer
proprietary network information by virtue of its provision of a
telecommunications service shall only use, disclose, or permit access
to individually identifiable customer proprietary network information
in its provision of (A) the telecommunications service from which such
information is derived, or (B) services necessary to, or used in, the
provision of such telecommunications service, including the publishing
of directories.

Surprisingly, the exceptions to this prohibition do not include a
specific “law enforcement” or “authorized intelligence activity”
exception.  Thus, if the disclosure of consumer CPNI to the NSA under
the telephony program is “required by law” then the phone company can
do it.  If not, it can’t.  But wait, there’s more.

At the same time that the law says that consumer’s telephone metadata
is private, it also says that consumers have no expectation of privacy
in that data.  In a landmark 1979  decision,
http://caselaw.lp.findlaw.com/scripts/getcase.pl?court=us&vol=442&invol=735
the United States Supreme Court held that the government could use a
simple subpoena (rather than a search warrant) to obtain the telephone
billing records of a consumer.  See, these aren’t the consumer’s
records.  They are the phone company’s records.  The Court noted, “we
doubt that people in general entertain any actual expectation of
privacy in the numbers they dial. All telephone users realize that
they must "convey" phone numbers to the telephone company, since it is
through telephone company switching equipment that their calls are
completed. All subscribers realize, moreover, that the phone company
has facilities for making permanent records of the numbers they dial,
for they see a list of their long-distance (toll) calls on their
monthly bills.”  The court went on, “even if petitioner did harbor
some subjective expectation that the phone numbers he dialed would
remain private, this expectation is not "one that society is prepared
to recognize as `reasonable.'”  By trusting the phone company with the
records of the call, consumers “assume the risk” that the third party
will disclose it.  The Court explained, “petitioner voluntarily
conveyed to it information that it had facilities for recording and
that it was free to record. In these circumstances, petitioner assumed
the risk that the information would be divulged to police.”

This dichotomy is not surprising.  The Supreme Court held that, as a
matter of Constitutional law, any time you trust a third party, you
run the risk that the information will be divulged.  Prosecutors and
litigants subpoena third party information all the time – your phone
bills, your medical records, credit card receipts, bank records,
surveillance camera data, and records from your mechanic – just about
anything.  These are not your records, so you can’t complain.  At the
same time, Congress was concerned with phone company’s use of CPNI for
marketing purposes without consumer consent, so they imposed statutory
restrictions on the disclosure or use of CPNI unless “required by
law.”

Enter the NSA.

There is little doubt that telephony metadata can be useful in foreign
intelligence and terrorism cases.  Hell, it can be useful in any
criminal investigation, or for that matter civil or administrative
case.  But if the CIA obtains the phone records of, say Abu Nazir (for
Homeland fans), and spots a phone number he has called, they, through
the NSA want to be able to find out information about that phone call,
and who that person called.  The NSA wants this data for precisely the
same reason that it is legally protected – phone metadata reveals
patterns which can show relationships between people, and help
determine who is associated with whom and for what purpose.  Metadata
and link analysis can help distinguish between a call to mom, a call
to a colleague, and a call to a terrorist cell.  Context can reveal
content – or at least create a strong inference of content.  So, in
appropriate cases involving terrorism, national security or
intelligence involving non-US persons, the NSA should have this data.
And indeed, they always have.  None of that is new.

If the NSA captured a phone number, say 876-5309, they could demand
the records relating to that call from the phone company through an
order issued by a special super-secret court called FISC.  The order
could say “give the NSA all the records of phone usage of 867-5309 as
well as the records of the numbers that they called.”  Problem is,
that is unwieldy, time consuming, requires a new court order with each
query, and in many ways overproduces records.  Remember, not only are
these terrorism and national security investigations, but the target
is a non-US person, usually (but not always) located outside the
United States.

The Fourth Amendment provides:

The right of the people to be secure in their persons, houses, papers,
and effects, against unreasonable searches and seizures, shall not be
violated, and no warrants shall issue, but upon probable cause,
supported by oath or affirmation, and particularly describing the
place to be searched, and the persons or things to be seized.

Read that carefully.  You would think that it requires a warrant to
search, right? Wrong.  Actually, Courts interpret the comma after the
word “violated” as a semi-colon (who says grammar doesn’t matter?)
“The people” which includes but is not limited to U.S. citizens, have
a right to be secure against unreasonable searches and seizures (more
on the “and” in a minute). Also, warrants have to be issued by neutral
magistrates and must specify what is to be seized.  So no warrant is
needed if the search is “reasonable.”  In fact, the vast majority of
“searches and seizures” in America are conducted without a warrant.
People are searched at airports and borders.  No warrant.  They are
patted down on the streets and in their cars.  No warrant.  Cops look
into their car windows, follow them around, and capture video of them
without a warrant.  Police airplanes, helicopters (and soon drones)
capture images of people in their back yards or porches.  No warrant.
Dogs can sniff for drugs, bombs or contraband.  No warrant.  And
people give consent to search without a warrant all the time.  When
the police searched the boat for the fugitive Boston bomber, they
needed no warrant because of exigent circumstances (and perhaps
because the boat’s owner consented).  Warrantless searches can be
“reasonable” and can pass constitutional muster.

That’s one reason Congress created the FISC.  For law enforcement
purposes (to catch criminals) the government can get a grand jury
subpoena, a search warrant, a “trap and trace” order, a “pen register”
order, a Title III wiretap order, or other orders if they can show
(depending on the information sought) probable cause or some relevance
to the criminal investigation.  But for intelligence gathering
purposes, the NSA can’t really show “probable cause” to believe that
there’s a crime, because often there is not.  It’s intelligence
gathering.  So the Foreign Intelligence Surveillance Act (FISA)
created a special secret court to allow the intelligence community to
do what the law enforcement community could already do – get
information under a court order, but instead of showing that a crime
was committed, they had to show that the information related to
foreign intelligence.  After September 11, Congress added terrorism as
well.  When Congress amended FISA, it allowed the FISA court (FISC) to
authorize orders for the production of “books records or other
documents”   Section 215 of the USA PATRIOT Act
http://www.law.cornell.edu/uscode/text/50/1861  allowed the FBI to
apply for an order to produce materials that assist in an
investigation undertaken to protect against international terrorism or
clandestine intelligence activities. The act specifically gives an
example to clarify what it means by "tangible things": it includes
"books, records, papers, documents, and other items".  Telephone
metadata fits within this description.

The NSA Telephony Program (As we know it)

So the NSA has the authority to seek and obtain (through the FBI and
FISC) telephone metadata.  It also has a legitimate need to do so.
But that’s not exactly what they did here.

Instead of getting the records they needed, the NSA decided that it
would get ALL the records of ALL calls made or received (non-content
information) about EVERYONE, at least from Verizon, and most likely
from all providers.  The demand was updated daily, so every call
record was dumped by the phone companies onto a massive database
operated by the NSA.

Now this is bad.  And good.  The good part is that, by collecting
metadata from all of the phone companies, the NSA could “normalize”
and cross reference the data.  A single authorized search of the
database could find records from Verizon, AT&T, Sprint, T-Mobile, and
possibly Orange, British Telecom, who knows?  Rather than having to
have the FISC issue an order to Verizon for a phone record, and then
after that is examined, another order to AT&T, by having the data all
in one place, “pingable” by the NSA, a singly query can find all of
the records related to that query.  So if the FISC authorizes a search
for Abu Nazir’s phone records, this process allows the NSA to actually
get them.  Also, the NSA doesn’t have to provide a court order (which
itself would reveal classified information about who they were looking
at) to some functionary at Verizon or AT&T (even if that functionary
had a security clearance).  And Verizon’s database would not have a
record of what FISC authorized searches the NSA conducted –
information which itself is highly classified.

Just because the NSA had all of the records does not mean that it
looked at them all.  In fact, the NSA and FBI established a protocol,
which was apparently approved by the FISC that restricted how and when
they could ping this massive database.  So the mere physical transfer
of the metadata database from the phone companies to the NSA doesn’t
impinge privacy unless and until the NSA makes a query, and these
queries are all authorized by the FISC and are lawful.  So what’s the
big deal?  It’s all good, man.

General Warrant

Not so fast Mr. Schrodinger.  There are two HUGE legal problems with
this program.  Undoubtedly, the USA PATRIOT Act authorizes the FISC to
order production of “tangible things” and these records are “tangible
things.”  But the law does not authorize what are called “general
warrants.”  A general warrant is a warrant that either fails to
specify the items to be searched for or seized, fails to do so with
particularity, or is so broad or vague as to permit the person seizing
the items almost unfettered discretion in what to take.  A warrant
which permitted seizure of “all evidence of crimes” or “all evidence
of gang activity” http://www.law.cornell.edu/supremecourt/text/10-704
would be an unconstitutional general warrant. It’s important to note
that the warrant is “legal” in the sense that it was for information
relevant to a crime (or, say terrorism), that the obtaining of the
warrant was authorized by law, that a court issued the warrant, and
that the proper procedures were followed.  But the warrant is
unconstitutional and so is the search and seizure.  This is
particularly true where the warrant seeks information that relates to
First Amdendment protected activities like what books we are reading,
and with whom we are associating. So when Texas authorized the search
and seizure of records relating to “communist activities” (the ism
before terrorism) and a cops got a warrant to take such books and
records, the Supreme Court had no problem finding that the warrant was
an unconstitutional “general
warrant.”http://caselaw.lp.findlaw.com/scripts/getcase.pl?navby=case&court=us&vol=379&invol=476



Even though the FISC warrant to Verizon specified exactly what was to
be seized (“everything”) it was undoubtedly a general warrant.
Remember, the Fourth Amendment prohibits unreasonable “searches” AND
“seizures.”  A warrant authorizing seizure of all records of millions
of people who did nothing wrong, particularly when it is designed to
figure out their associations is about as general as you can get.  And
that is assuming that the searches, or pinging to the database, which
happen later are reasonable.



What’s more, by taking custody of all of these records, the NSA
abrogates the document retention and destruction policies of all of
the phone companies.  We can assume that the NSA keeps these records
indefinitely.  So long after Verizon decides it doesn’t need to know
what cell tower you pinged on July 4, 2005 at 6:15.22 PM EST, the NSA
will retain this record.  That’s a problem for the NSA because now,
instead of subpoenaing Verizon for these records (especially in a
criminal case where the defendant has a constitutional right to the
records if relevant to a defense), the NSA (or FBI who obtained the
records for the NSA) can expect to get a subpoena for the records.
While the NSA and FBI would undoubtedly claim that the program is
classified, clearly my own phone records are not classified.  A
federal law called the Classified Information Procedures Act provides
a mechanism to obtain unclassified versions of classified data.  So if
you were charged with a crime by the FBI, and the same FBI had records
(in this database) that indicated that you did not commit the crime,
they would have to search the database and produce the records.
http://supreme.justia.com/cases/federal/us/373/83/case.html   And when
Verizon tells you that the records are gone, well… it aint true
anymore.

But wait, there’s more.  Even if the “seizure” is a general warrant,
the government would argue that it is “reasonable” because it is
necessary to effectuate the NSA’s function of protecting national
security, and its impact on privacy is minimal because the database
isn’t “pinged” without court approval.  The “collection” of data about
tens of millions of Americans doesn’t affect their privacy especially
when the Supreme Court said that they have no privacy rights in this
data, and it doesn’t even belong to them. (Even though the Director of
National Intelligence testified in March that the NSA did not
“collect” any data on millions of Americans).  Besides, the NSA would
argue, there is no other way for the government to do this.

What does the NSA Do with the Records?

Here’s where there is an unknown.  At present, we do not know what the
NSA does with the telephone metadata database.  Do they simply query
it – e.g., give me all the records of calls made by Abu Nazir; or do
they preform data mining, link analysis, and pattern analysis on the
database in order to identify potential Abu Nazir’s?  If the latter,
then the NSA is clearly searching records of millions of Americans.
If the former, it is still troubling for a few reasons.

Six Degrees of Separation

First, the NSA’s authority revolves around non-US persons.  While
there may be “inadvertent” collection on U.S. persons, the target of
the surveillance must be a non-US person in order for the program to
be legal.  According to the leaked documents, the NSA took a very
liberal interpretation of what this means.  First, they determined
that as long as there was a 51% chance that the target was a non-US
person, the NSA was entitled to obtain records.  Second, they may –
and I stress may – have interpreted their authority as providing that,
if the target of the investigation was foreign (again 51% chance) then
they could obtain records related to calls between two US persons
wholly in the US.  Finally, they apparently deployed a “two degrees of
separation” test.  If Abu Nazir (51% foreign) called John Smith’s
telephone number, the NSA could look at who Smith (100% US) called
within the US (first degree of separation).  If Smith called Jones,
the NSA could then look at Jones’ call records (second degree of
separation.)  At this point, even if the pinging of the database is
authorized by the FISC, we are a long way from Abu Nazir.  Toto, I’m
afraid we ARE in Kansas.

Writs of Assistance

OK, but what’s the big deal?  The seizure of the database is
authorized by FISC, under a statute approved by Congress, with
Congressional knowledge and oversight (maybe), and under strict
control by both the NSA, the FBI and DOJ.  Every search of the
database is approved by the super-secret court, right?

Not so fast, Kemo Sabe.

It is highly unlikely that the FISC approves every database search.
More likely is that the FBI and NSA have established protocols and
procedures designed to ensure that the searches are within their
jurisdiction, are designed to find information about terrorism and
foreign intelligence, that the targets are (51%) foreign, and that
there is a minimization procedure.  These protocols – rather than the
individual searches themselves – are what are approved by the FISC.
The NSA then most likely reports back to the FISC (through the DOJ)
about whether there was an “inadvertent disclosure” of information not
related to these objectives.  So the court most likely does not
approve every search.

And that’s another problem.

You see, each “search” of the database is – well – a search.  That
search must be supported by probable cause (in a criminal case to
believe that there’s a crime, in a FISA case, espionage, foreign
intelligence or terrorism) and must be approved by a court.  Each
search.  Not the process.

We have been down this road before.  In fact, this is precisely what
lead to the American Revolution in general and the Fourth Amendment in
particular.  When the British Parliament issued the Navigation Acts
imposing tariffs on goods imported into America, many colonists
refused to pay them (as Boston lawyer James Otis noted, “taxation
without representation is tyranny”)  So Parliament authorized King
George II to issue what are called “writs of assistance.”  This writ,
issued by a Court, authorized the executive branch (a customhouse
officer with the assistance of the sheriff) to search colonists houses
for unlawfully smuggled items.  These writs did not specify what the
sheriff could search for or seize, or where he could look.  They did
specify what he could look for.  Like the NSA program, the court
approved what could be done, the executive had discretion in how to do
it.  When George II was succeeded by George III (the writs expiring
with the death of the King) Parliament reauthorized them under the
hated Townsend Acts.  James Otis urged resistance, and it was the use
of these unspecific writs authorizing searches that galvanized public
opinion (and that of John Adams in particular) to urge revolution.  It
is why the Fourth Amendment demanded that a search warrant specify
based on probable cause, the specific place to be searched and item to
be seized.  It’s also why writs of assistance are prohibited in the
constitution.

The NSA FISC approved searches would be like a judge in Los Angeles
issuing a search warrant to the LAPD which said, “you may search any
house as long as you smell marijuana in that house.”  While the search
may be reasonable, and indeed, if the LAPD had applied for a warrant
to search a house after they smelled marijuana a court probably would
have issued the warrant, the broad blanket approval of these searches
would be more akin to a wit of assistance.

So the NSA digital telephony program, while legal in the sense that it
was approved by both Congress and the Foreign Intelligence
Surveillance Court, has some serious Constitutional problems.

Telephone Company Liability?

The phone companies could be on the hook for participating in the
program, even though they both have immunity and had no choice but to
participate.  In fact, they could not legally have even disclosed the
program.  In the FISA amendments, Congress expressly gave the phone
companies immunity for making “good faith” disclosures of information
pursuant to Section 215.
http://www.law.cornell.edu/uscode/text/50/1861  So why would the phone
company be in trouble?



The problem is the “good faith” part.

In 2012 the Supreme Court looked at the question of when someone (cops
in that case) should have immunity for a good faith search pursuant to
an unconstitutional warrant.
http://www.law.cornell.edu/supremecourt/text/10-704  The cops got a
warrant for all records of “gang related activity” and all guns in a
particular house.  The court agreed that the warrant was overbroad,
unconstitutional, and should not have been issued.  The question was
whether the cops, who executed the warrant, should have immunity from
civil liability because they acted in “good faith.”  The Supreme Court
noted that the fact that they got a warrant at all was one indication
that they acted in good faith, but that, “the fact that a neutral
magistrate has issued a warrant authorizing the allegedly
unconstitutional search or seizure does not end the inquiry into
objective reasonableness. Rather, we have recognized an exception
allowing suit when “it is obvious that no reasonably competent officer
would have concluded that a warrant should issue.”  In other words,
the cops are generally permitted to rely on the fact that a court
issued a search warrant, unless the warrant itself (or the means by
which it is procured) is so obviously unconstitutional, overbroad,
general or otherwise prohibited that you cannot, in good faith rely on
it.  While the court found that the cops had immunity because the
warrant was not so overbroad to lead to the inevitable conclusion that
it was unconstitutional, it is hard to make that same argument where
the FISA warrant essentially asked for every record of the phone
company.  Hard to imagine a broader warrant.  Justice Kagan pointed
out that it’s not illegal to be a member of a gang, and that a warrant
that authorized seizure of evidence of gang membership per se called
for associational records which were protected.  Much like the phone
logs here.  Justices Sotomayor and Ginsburg went further noting,

The fundamental purpose of the Fourth Amendment’s warrant clause is
“to protect against all general searches.” Go-Bart Importing Co. v.
United States, 282 U. S. 344, 357 (1931) . The Fourth Amendment was
adopted specifically in response to the Crown’s practice of using
general warrants and writs of assistance to search “suspected places”
for evidence of smuggling, libel, or other crimes. Boyd v. United
States, 116 U. S. 616–626 (1886). Early patriots railed against these
practices as “the worst instrument of arbitrary power” and John Adams
later claimed that “the child Independence was born” from colonists’
opposition to their use. Id., at 625 (internal quotation marks
omitted).

To prevent the issue of general warrants on “loose, vague or doubtful
bases of fact,” Go-Bart Importing Co., 282 U. S., at 357, the Framers
established the inviolable principle that should resolve this case:
“no Warrants shall issue, but upon probable cause . . . and
particularly describing the . . . things to be seized.” U. S. Const.,
Amdt. 4. That is, the police must articulate an adequate reason to
search for specific items related to specific crimes.

They found that the search by the police without probable cause was
unreasonable even though there was both judicial and executive
oversight, and that therefore there should be no immunity because the
actions were not in “good faith.”  The phone companies run that risk
here.


More information about the liberationtech mailing list