Judge Richard Leon delivered a pretty severe smackdown to the NSA last week. He has ruled in favour of granting a preliminary injunction to Larry Klayman and Charles Strange to prevent the US federal government from collecting any of their phone record metadata, and to force the government to delete any existing records concerning them. He believes that the plaintiffs have a reasonable chance of successfully arguing that the bulk collection and analysis is unconstitutional under the Fourth Amendment.
Leon’s 68-page memorandum opinion is fascinating (if somewhat heavy) reading. The plaintiffs’ arguments fall short in some ways but he has used the Government’s own defence to plug those gaps. He explicitly rejects some of the traditional arguments used to justify this type of collection. He presents some interesting background describing NSA’s inability to comply with regulations, which was only declassified post-Snowden. The case also provides some insights into the ways that the US Government defends its programs.
Ignoring the more procedural and US-centric parts, here are some parts I found most interesting.
Collecting enormous amounts of data with the three-hop rule (p17)
The Foreign Intelligence Surveillance Court (FISC) orders specify that metadata records can only be accessed for counter-terrorism purposes. There has to be a “reasonable, articulable suspicion” (RAS) that the search term is associated with a foreign terrorist organisation. These terms have to be approved by one of a number of (non-judicial) officers before they can be used. It is claimed that fewer than 300 unique identifiers met this standard in 2012.
For each of these terms, query results are limited to three hops away from the starting point. This means if they search for a phone number of a suspect they will receive:
- For that suspect, records of all incoming and outgoing phone calls in the last five years
- For all the suspect’s contacts, records of all their incoming and outgoing phone calls in the last five years
- For all the suspect’s contacts’ contacts, records of all their incoming and outgoing phone calls in the last five years
Leon does some very rough maths to suggest that if each person has 100 contacts over the last five years, a single query will return records for perhaps one million numbers (assuming no overlap). He also suggests that if the suspect has called a local pizza shop, suddenly the second and third hops will cover incredible numbers of people. Furthermore, once a search term is authorised they can use it again and again to obtain new data.
Once they have this enormous block of data they are free to place it in an unrestricted database which they can query without specific justification. It seems to me that if they choose their numbers carefully they could “incidentally” capture the phone records of pretty much everybody in the United States.
Non-compliance with restrictions on querying metadata (p21)
To make matters worse the NSA does not even comply with the rules. Leon quotes a report by a FISC judge in 2009. This report was only declassified by the Obama administration after the backlash following the Snowden leaks.
The Government has nonetheless acknowledged, as it must, that failures to comply with the minimization procedures set forth in the orders have occurred. For instance, in January 2009, the Government reported to the FISC that the NSA had improperly used an “alert list” of identifiers to search the bulk telephony metadata, which was composed of identifiers that had not been approved under the RAS standard… After reviewing the Government’s reports on its noncompliance, Judge Reggie Walton of the FISC concluded that the NSA had engaged in “systematic noncompliance” with FISC-ordered minimization procedures over the preceding three years, since the inception of the Bulk Telephony Metadata Program, and had also repeatedly made misrepresentations and inaccurate statements about the program to the FISC judges.
So the NSA lies not only to Congress, but also to the secret courts. Marvellous.
Every phone customer has a reasonable expectation that their privacy is being violated (p38)
At the preliminary injunction hearing the plaintiffs were asked if they had any “basis to believe that the NSA has done any queries” involving their phone numbers. Their response was inadequate – Mr Klayman had been experiencing strange behaviour with sent and received messages but the court found that this held no bearing on whether the NSA had analysed his phone metadata. In spite of this Leon stated:
The Government, however, describes the advantages of bulk collection in such a way as to convince me that plaintiffs’ metadata—indeed, everyone’s metadata—is analyzed, manually or automatically, whenever the Government runs a query using as the “seed” of a phone number or identifier associated with a phone for which the NSA has not collected metadata
This is based on the idea that your records are searched every time the government uses a foreign phone number as a starting point. Leon refers to a government declaration stating that if they have the phone number of an al Qaeda safe house in Yemen, they would be able to use the metadata to find people who had contact with that number. Leon argues that since the government would not have access to the Yemeni records, they would be required to search all of the US customer data in order to find those people who had called the foreign number. This would constitute a search of every US citizen whose data they possessed.
To me this seems like a very important finding – that having your data queried for a term, even if it comes up negative, counts as a Fourth Amendment search.
Distinguishing between opaque and transparent data (p41 footnote)
In its response the government referred to a previous case (Horton v. California) concerning whether seizure of a container amounted to a search of it. They claimed that acquiring an item without examining it contents (i.e., collecting metadata without subjecting it to a query) “does not compromise the interest in preserving the privacy of its contents”. Leon specifically rejects this similarity:
Horton involved the seizure of tangible items under the plain view doctrine… In the case of the bulk telephony metadata collection, there is no analogous “container” that remains sealed; rather, all of the metadata is handled by the Government, at least to the degree needed to integrate the metadata into the NSA’s database…
Telephony data is not kept in an unmolested, opaque package that obscures it from the Government’s view.
I find this interesting because it leaves open the possibility of collecting either encrypted data or data which is never processed or analysed in any way. The fact that the data from each provider must be processed to match their metadata database seems to be an important factor in his decision.
Rejecting the Smith case that you have no reasonable expectation of privacy for numbers dialled (p44)
Leon describes a famous case Smith v. Maryland (1979) which discussed police putting a pen register on Smith’s telephone line without a warrant, allowing them to monitor which numbers were dialled over a period of days.
The Supreme Court held that Smith had no reasonable expectation of privacy in the numbers dialed from his phone because he voluntarily transmitted them to his phone company, and because it is generally known that phone companies keep such information in their business records. The main thrust of the Government’s argument here is that under Smith, no one has an expectation of privacy, let alone a reasonable one, in the telephony metadata that telecom companies hold as business records; therefore, the Bulk Telephony Metadata Program is not a search. I disagree.
He then launches into a long and passionate argument why this case is substantially different in many ways. These reasons include the number of phones in use, the way we use our phones now, ongoing vs targeted collection and changes in society’s reasonable expectation of privacy. None of these are unfamiliar but it is great to see a judge putting them forward as serious considerations.
The phone metadata has not been shown to be useful (p61)
Leon says that the searches are likely to be found unreasonable because the government is not able to demonstrate that they are actually useful. The main argument they presented in favour of the bulk collection was the speed with which they were able to respond to emergent threats.
Yet, turning to the efficacy prong, the Government does not cite a single instance in which analysis of the NSA’s bulk metadata collection actually stopped an imminent attack, or otherwise aided the Government in achieving any objective that was time-sensitive in nature.
In this opinion Judge Leon strode boldly into the key issues that we’re facing today – what is legal and illegal collection of metadata, and what is it that ordinary people would find reasonable? It is of immense help to the plaintiffs that they have the Fourth Amendment to lean upon, a benefit we lack here in Australia. We should observe the case closely, both for its eventual outcomes and also the arguments put forward by both sides in the inevitable appeal.