(Originally posted on the ACSBlog.)
Last week the New York Times broke a story that came as no surprise: when armed with expansive dragnet surveillance authority that lacks meaningful safeguards, the government will intercept huge numbers of private, domestic communications between Americans. What’s worse, the government seems to acknowledge the likelihood of such overreaching surveillance, but believes that through trial and error it will eventually solve the problem — notwithstanding the constitutional violations committed in the meantime.
How Did We Get Here?
The recent revelations involve surveillance implemented under the FISA Amendments Act (FAA), which went into law last July. The FAA is the latest attempt to provide legislative approval to some of the surveillance tactics the government implemented secretly until 2005, when the existence of the National Security Agency (NSA) warrantless wiretapping program was uncovered (by the same two Times journalists who wrote last week’s piece).
Normally, before it can wiretap a suspected criminal, terrorist or spy, the government must show probable cause to believe the surveillance target is engaging in unlawful activity or acting for a “foreign power” or terrorist organization, and it must specify the “facilities” (e.g., phone number) it will tap into. Not so under the FAA: the government can now engage in sweeping, suspicion-less surveillance programs with only the most minimal judicial oversight.
Based on a certification to the special surveillance court that it will not intentionally “target” specific Americans or purely domestic communications and that it will take steps to “minimize” inappropriate use of intercepted information, the government wields authority to pursue surveillance on a massive scale without ever identifying particular persons or places it intends to focus its surveillance on. While a “significant purpose” of the surveillance must be “to obtain foreign intelligence information,” the government is not required to assert that its targets are suspected of any wrongdoing or any connection to terrorism or espionage.
This represents a radical departure from the constitutional standards governing surveillance of private communications. As the ACLU has argued in pending litigation challenging the constitutionality of the statute, this system invites surveillance of innocent Americans on a large scale.
Predictable “Over-collection”
What was predictable from the face of the new law has apparently already played out in practice. Here’s the crux of the recent Times’ report: “Several intelligence officials, as well as lawyers briefed about the matter, said the NSA has been engaged in ‘over-collection’ of domestic communications of Americans. They described the practice as significant and systematic, although one official said it was believed to be unintentional.”
In other words, spy agencies did not set out to intercept purely domestic communications — that would be an outright violation of the statute. Instead, they instituted what were probably very broad dragnet surveillance programs (it is impossible to know the precise details), for which the FAA clearly grants authority. Vacuuming up large batches of communications predictably results in netting some that are meant to be protected, and that seems to be what happened here.
Almost as disturbing as this large-scale privacy violation is that this is exactly what the statute envisions—a series of trial-and-error experiments as the NSA calibrates its “targeting” procedures. The cost of that kind of experimentation, of course, is the invasion of constitutionally protected privacy that must occur in order to prompt the government to tweak its methods.
Indeed, the government’s litigation papers seem eerily prescient when compared to the Times report. According to the Times, the “over-collection problems appear to have been uncovered as part of the twice-annual certification” that, under the FAA, the government must provide to the surveillance court. This is exactly the dynamic that the government, in litigation, has claimed will guard the privacy rights protected by the Fourth Amendment.
The reporting requirement, the government has argued, helps ensure the statute’s compliance with the Fourth Amendment, because the surveillance court “can assess how often approved targeting procedures result in targeting mistakes and thereby develop a body of experience to guide future decisions on whether to continue approving similar targeting procedures.” Developing a “body of experience” sure sounds nice, but it writes off, as a mere part of the learning process, the individuals whose private communications get swept within the government’s mass search program. Remember, these aren’t the communications of terrorism suspects; the government doesn’t have to show any reason to believe its surveillance is that finely targeted. But it is only by intercepting such communications that the NSA develops the “experience” necessary to (perhaps, eventually) intercept only international communications.
The good news is that the rest of us also get to develop a “body of experience” about what the FAA means for Americans’ constitutional rights. As the ongoing legal challenge asserts, large-scale surveillance programs stand a far greater chance of invading legitimate expectations of privacy when the main safeguards are attached to the “back-end” (i.e., what happens after communications are intercepted) instead of implementing deeply rooted “front-end” protections — for example, a showing to a judge that the proposed surveillance is based on a specific belief that the targets of surveillance are engaging in illegal activity or are connected to terrorism.
This idea isn’t novel. It finds expression, most famously, in the Fourth Amendment.