from the so,-more-of-the-same,-except-retroactively? dept
A legal battle between Yahoo and the government over the Protect America Act took place in 2008, but
details (forced from the government's Top Secret file folders by FISA Judge Reggie Walton) are
only emerging now. A total of 1,500 pages will eventually make their way into the public domain once redactions have been applied. The most recent release is a transcript [
pdf link] of oral arguments presented by Yahoo's counsel (Mark Zwillinger) and the US Solicitor General (Gregory Garre).
Zwillinger opens up the arguments by questioning the government's methods of determining who should be placed under surveillance.
Why I show this to you is because I think it's a perfectly fair question for you to ask the Solicitor General of the United States how a name gets on this list. This isn't reviewed by a -- the FISA Court. These names aren't reviewed by the Attorney General of the United States. The difference between surveilling an account and exposing someone's most private communications and not is how a name gets on this list; and all we know about it from page 47 of their brief, is that an intelligence analyst puts it on the list.
From this arbitrary beginning springs a wealth of errors.
[REDACTED] of the accounts we have been given do not exist. They aren't accounts at Yahoo. Whether the government is misinformed, or using stale information, we don't know; But the fact that [REDACTED] accounts do not exist raises a serious possibility that some of those accounts have already been recycled and are used by other Yahoo users, or that the information that the government has is just wrong, and the wrong is being placed under surveillance.
Zwillinger points out that Yahoo is just one provider and yet has (the number is redacted, but is
at least 4 digits with a comma) a large number of accounts under surveillance. He then refers to the multiple errors again, stating that when the government screws up, it's very likely that American citizens will be mistakenly placed under surveillance.
The difference between a U.S. person and a non-U.S. person in this context could be a letter or a digit in an email address; and if they have it wrong, the consequences will likely be felt here, because more Yahoo users are from the United States than any other single country.
The judges claim minimization procedures eliminate the problem of inadvertent collections, but Zwillinger points out that the surveillance carried out under the Protect America Act actually doesn't contain protections against use of wrongly swept up US persons' communications and data.
The government's response begins by denying that US persons' data is retained. "There is no database," says Gregory Garre, before having to admit a few sentences later, that incidental data is retained (and distributed) if there is evidence of other, non-national-security-related
criminal activity.
Garre then goes on to explain
why the government feels it should have warrantless access to US persons' communications, routed through and stored at US servers. He refers to satellite communications -- something in use when FISA was enacted in 1978. Garre says that even though these communications may have been captured by domestic satellite receivers, it's the point of origin that matters. Outside the US? No warrant needed, even for US persons. Likewise for emails stored on Yahoo servers.
MR. GARRE: I don't think anybody would argue that the Fourth Amendment would apply to that communication, even though the email communications go to account in Sunnyvale, California. I haven't understood Yahoo to argue that the Fourth Amendment would be implicated by that.
And, similarly, the Fourth Amendment isn't --
JUSTICE SELYA: You mean the interception there by you and Yahoo would not implicate the Fourth Amendment?
MR. GARRE: That Certainly would be the government's view.
Garre also blames the large number of dead accounts in the court orders on Yahoo's refusal to immediately comply, while simultaneously spinning it as the unavoidable collateral damage of "efficient" surveillance.
So the fact that accounts have been closed is not significant, and that's particularly true given that the large number of email accounts here is reflected by the fact that Yahoo is in noncompliance for several months. So, if you go back several months, it's not surprising that several accounts have been closed.
Garre asserts that if anyone deserves the benefit of a doubt in this situation, it's the US government. He states that the Executive Branch and the intelligence community have a long-standing history of not violating the rights of US citizens -- a statement that wasn't even
mostly true prior to the 9/11 attacks, and is almost laughable in the wake of what's been uncovered since then. He also points to Congressional oversight and suggests its legislative powers would have been used to rein in the NSA and others if it had actually seen signs of abuse.
In his rebuttal, Zwillinger punches holes in Garre's narrative.
You know, the Solicitor General talks about Congress spoke here, but to the extent Congress has spoken, then they turn around and admit they misspoke. And now they have a Senate report that says we failed to provide adequate protections for U.S. persons, and we are going to pass new legislation. They intentionally let the Protect America Act lapse. So to the extent congressional oversight even exists after February 16, 2008, which I'm not sure it does, it provides no check. Congress can't do anything differently. The statute has passed. The directives continue all the way until the expiration date, but the statute doesn't exist any more. It's not Congress's current view of how surveillance should he conducted.
But the most surprising assertions made in these oral arguments don't come from the Solicitor General. They come from Judge Morris S. Arnold, who shows something nearing disdain for the privacy of the American public and their Fourth Amendment rights.
In the first few pages of the oral arguments, while discussing whether or not secret surveillance actually harms US citizens (or the companies forced to comply with government orders), Arnold pulls a
complete Mike Rogers:
If this order is enforced and it's secret, how can you be hurt? The people don't know that -- that they're being monitored in some way. How can you be harmed by it? I mean, what's --what's the -- what's your -- what's the damage to your consumer?
By the same logic, all sorts of secret surveillance would be OK -- like watching your neighbor's wife undress through the window, or placing a
hidden camera in the restroom -- as long as the surveilled party is never made aware of it. If you don't know it's happening, then there's nothing wrong with it. Right? [h/t to
Alex Stamos]
In the
next astounding quote, Arnold makes the case that the Fourth Amendment doesn't stipulate the use of warrants for searches because it's not written right up on top in bold caps… or something.
The whole thrust of the development of Fourth Amendment law has sort of emphasized the watchdog function of the judiciary. If you just look at the Fourth Amendment, there's nothing in there that really says that a warrant is usually required. It doesn't say that at all, and the warrant clause is at the bottom end of the Fourth Amendment, and -- but that's the way -- that's the way it has been interpreted.
What's standing between US citizens and unconstitutional acts by their government is a very thin wall indeed.
Filed Under: fisa court, fisc, gregory garre, mark zwillinger, morris arnold, nsa, paa, prism, protect america act, section 702, surveillance
Companies: yahoo