Unnamed Phone Company Challenges NSA's Bulk Records Collection; FISC Says It's Perfectly Legal
from the of-course-they-would dept
Late on Friday, the FISA Court unclassified a few documents, including a ruling on an until now secret attempt by a telco to challenge the latest FISC order demanding that the telco hand over metadata on all phone records under Section 215 of the Patriot Act. The telco's name is redacted, but it relied entirely on Judge Richard Leon's ruling from December, which found the bulk collection of phone records unconstitutional. Basically, the telco appears to have received the renewed Section 215 bulk collection order from FISC in January, and then challenged it on the basis of Judge Leon's ruling. The FISC shoots down that challenge, rejecting Judge Leon's reasoning, and insisting that bulk collection of phone records is perfectly legal and constitutional.Turning now to the merits of the Fourth Amendment issue, this Court finds Judge Leon's analysis in Klayman to be unpersuasive and concludes that it provides no basis for vacating or modifying the Secondary Order issued [REDACTED] January 3, 2014....FISC, of course, immediately highlights the infamous Smith v. Maryland case that all defenders of bulk collection point to (and which Judge Leon said did not apply here, given the very different circumstances). But, FISC still argues it applies claiming that the differences are "indistinguishable."
The information [REDACTED] produces to NSA as part of the telephony metadata program is indistinguishable in nature from the information at issue in Smith and its progeny. It includes dialed and incoming telephone numbers and other numbers pertaining to the placing or routing of calls, as well as the date, time and duration of the calls.That seems disingenuous at best. You need to be willfully distorting the facts to argue that Smith and the bulk data collection programs are "indistinguishable" from one another. Smith involved information on a single person. The bulk collection covers everyone. In fact, Judge Leon himself went through a rather detailed explanation of what "distinguishes" the Smith case from the bulk collection, including the fact that while people may expect phone companies to occasionally provide information to law enforcement on suspects, they do not reasonably expect the telcos to do that on everything from every person.
FISC Judge Rosemary Collyer admits that Judge Leon explained why the two situations are wholly different, but simply disagrees on every distinguishing factor.
This Court respectfully disagrees with Judge Leon's reasons for deviating from Smith. To begin with, Judge Leon focused largely on what happens (and what could happen) to the telephony metadata after it has been acquired by NSA -- e.g., how long the metadata could be retained and how the Government could analyze it using sophisticated technology. Smith and the Supreme Court's other decisions applying the third-party disclosure principle make clear that this focus is misplaced in assessing whether the production of telephony metadata constitutes a search under the Fourth Amendment.From there, Judge Collyer goes on to restate the rather expansive view that, under the third party doctrine, basically you have absolutely no 4th Amendment rights whatsoever to anything held by a third party. There's also this fun tidbit, in which the ruling dismisses the "everyone's content" vs. "just one target's content"
Smith reaffirmed that the third-party disclosure principle -- i.e., the rule that "a person has no legitimate expectation of privacy in information he voluntarily turns over to third parties" ... applies regardless of the disclosing person's assumptions or expectations with respect to what will be done with the information following its disclosure.
The aggregated scope of the collection and the overall size of NSA's database are immaterial in assessing whether any person's reasonable expectation of privacy has been violated such that a search under the Fourth Amendment has occurred. To the extent that the quantity of the metadata collected by NSA is relevant, it is relevant only on a user-by-user basis. The pertinent question is whether a particular user has a reasonable expectation of privacy in the telephony metadata associated with her or her own calls. For purposes of determining whether a search under the Fourth Amendment has occurred, it is irrelevant that other users' information is also being collected and that the aggregate amount acquired is very large.Basically, even though there is a very big distinguishing factor between collecting one targeted person's info and everyone's info, the FISA Court insists that this factor can be ignored, because you have to look at it in terms of each person's individual situation. That seems like a highly questionable analysis, and a very dangerous "cheat" to hide from the biggest factor that makes the 215 bulk collection orders so different from the situation in Smith.
Even more troubling, is that the FISC seems to argue that phone metadata probably isn't that revealing anyway -- which is clearly bogus. It points to the case that Smith mainly relied upon, the Miller case involving bank records, and argues that phone metadata and bank records are basically the same:
It is far from clear to this Court that even years' worth of non-content call detail records would reveal more of the details about a telephone user's personal life than several months' worth of the same person's bank records. Indeed, bank records are likely to provide the Government directly with detailed information about a customer's personal life -- e.g., the names of the persons with whom the customer has had financial dealings, the sources of his income, the amounts of money he has spent and on what forms of goods and services, the charities and political organizations that he supports -- that the call detail records simply do not, by themselves, provide.I find it equally questionable that bank record information isn't considered private, but even if we grant that premise, the rest of the argument makes little sense. In fact, much of the above information may not actually be supplied by bank records, and a person can often use cash to leave no such record. While both records may be quite revealing (beyond what I think the 4th Amendment should allow), given the choice, I'd argue that my phone records are a hell of a lot more revealing and private than my bank records.
FISC also rejects the idea that the Supreme Court's decision in the Jones case (arguing that GPS tracking may go too far) changes the analysis here. Judge Collyer points out that the rulings that Judge Leon relies on were concurring opinions, but not, technically part of the majority ruling (he basically lumped together Justice Alito and Justice Sotomayor's rulings, despite each taking slightly different approaches).
In the end, the FISC rejects the attempt by the unnamed telco, and basically says that Judge Leon's ruling is wrong. Kudos to the nameless telco for actually challenging the Section 215 order. Hopefully we'll find out soon which telco actually made a move to protect its users' privacy.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: 4th amendment, bulk data, bulk records collection, fisa court, fisc, larry klayman, metadata, patriot act, richard leon, rosemary collyer, section 215
Reader Comments
Subscribe: RSS
View by: Time | Thread
Prove it
After all, if it's really that harmless, then they have nothing to fear, and if it's not a violation of privacy either, then they have no reasonable grounds not to provide the data.
[ link to this | view in chronology ]
Re: Prove it
what is not said is more often (and in this case) more revealing, than what is actually said.
[ link to this | view in chronology ]
Also, typo
I imagine that's supposed to be 'So this is interesting'.
[ link to this | view in chronology ]
can a 3rd party give a privacy guarantee creating a reasonable expectation?
[ link to this | view in chronology ]
Re: can a 3rd party give a privacy guarantee creating a reasonable expectation?
Say a company had, as part of their TOS, a clause stating that all the information they stored related to you would be treated as though it was still owned by you, and in your possession. They had to get your permission any time they wanted to use it, they couldn't hand it over to anyone without your explicit consent, on a case-by-case basis, for all intents and purposes it was still your information.
Then say the NSA or another agency tried their usual 'Gimme everything' fishing expeditions, would the company be justified in refusing, baring the presentation of a valid, targeted warrant, on the grounds that their TOS states that it's not the company's data, but yours?
[ link to this | view in chronology ]
Re: Re: can a 3rd party give a privacy guarantee creating a reasonable expectation?
[ link to this | view in chronology ]
Does anyone else realize how dangerous an idea this is?
They're basically suggesting that the only qualifying factor in this scenario is the type of information at issue. Not when, how, or why it is obtained, or in what quanities.
Any information that is ever obtainable without a warrant in any way, shape, or form, is obtainable without a warrant in every possible scenario???
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Reasonable Expectation of Privacy
One could hope.
[ link to this | view in chronology ]
Re: Reasonable Expectation of Privacy
[ link to this | view in chronology ]
Re: Reasonable Expectation of Privacy
Even now the companies don't give a shit (Verizon) either way, cause they get cushy regulatory laws to screw they're paying customers and they get money from the Feds in the form of hard drive space, as it were...
So either way, we're screwed...
[ link to this | view in chronology ]
Revelations
Is that point even arguable any more? There's enough research in circulation now to make that proposition look more like an established fact. Is there a judicial equivalent to Ivory Tower oblivion?
[ link to this | view in chronology ]
Also, I don't "voluntarily" hand over any information to the phone companies. That's a "mandatory" requirement if I want to live in the 21st century and have a cell phone.
Next up, bank information doesn't reveal nearly as much personal information as a cell phone. Credit cards don't have GPS chips implanted in them, yet, nor do they have a radio transceivers that track your every movement 24/7.
It's simply a flawed, unconstitutional ruling.
[ link to this | view in chronology ]
Re:
"FISA 'court'" works okay though I'd say, given the second half of the name is really only true technically.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
But when it comes right down to it, revolutions take leaders, and we're lacking. There needs to be a polarizing figure to head a revolt.
I barely know anyone who pays attention, let alone anyone willing to fight.
So what's to be done?
[ link to this | view in chronology ]
Re: Re:
Look at "groups" such as Anonymous - they accomplish a lot in nameless, leaderless fashion, and frankly, it scares the fuck out of governments around the world.
[ link to this | view in chronology ]
Re: Re:
Be very careful in what you wish for, see the history of people like Hitler, Stalin, Mao, Pole Pot etc. They were all polarising leaders.
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
They never had a problem up till the public started saying this isn't right and a violation of the Constitution. This isn't blowing over like the government had hoped it would. Instead it is going the other way. As it continues, more and more pressure will be brought to bear against the government to discontinue all this mass spying. At this point it isn't if it will continue but when will the pressure become enough to force the government to obey the will of the people.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
[ link to this | view in chronology ]
[ link to this | view in chronology ]
[ link to this | view in chronology ]
"The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized."
Now, to me, the word particular would, in fact, seem to prohibit bulk searches. My understanding is that that's why the NYPD can't get a warrant to search, say, "all of Manhattan."
It seems to me that you might similarly expect that a warrant seeking "details of all the people you do business with" might be similarly un-particular enough to be a violation of the fourth amendment.
[ link to this | view in chronology ]
Maybe not a third party
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
Having examined the relevant statutes and common law; and the Constitution of the United States, [redacted] does not recognize the legitimacy of the purported court from which this purported order issues: the existence of the court is plainly unconstitutional; its orders are disallowed in that the application for the warrant did not follow the rules of civil procedure (and I would include the statute here - can't be bothered to look it up); and the warrant itself is unconstitutionally vague and imprecise.
For the above reasons, [redacted] refuses on Fourth Amendment grounds to produce any information which would be responsive to the named order.
On behalf of respondent, [redacted]
signed, Irma Schuyster
Dewey Billim and Howe, attorneys at law.
And file a formal complaint with the local attorney general, and a real court against Uncle S.
[ link to this | view in chronology ]
The "Third-Party" claim is a Red Herring
Under this guideline, nearly any business data could be requested from any company, if some claim could be made that the actual information sought was about a customer/vendor.
[ link to this | view in chronology ]
Where exactly is my 'oversight'? Is it where you guys sent the Fourth Amendment too?
[ link to this | view in chronology ]
[ link to this | view in chronology ]