From the court order: "We add, moreover, that there is a high degree of probability that requiring a warrant wound hinder the government's ability to collect time-sensitive information and, thus, would impede the vital national security interests that are at stake." Cough
Nowhere in that document does it say anything about not needing a warrant to get information on U.S. citizens residing in the U.S. What it does actually say is
For these reasons, we hold that a foreign intelligence exception to the Fourth Amendment's warrant requirement exists when surveillance is conducted to obtain foreign intelligence for national security purposes and is directed against foreign powers or agents of foreign powers reasonably believed to be located outside the United States.
I.e. a FISA request.
Not according to the language used in this document it isn't. You can say it is similar if you want, but when they say "A warrant is not required" in this case they are not saying "no authorization is required".
So, one access to a external server? Visiting overseas?
Also, PRISM is an acronym for Planning Tool for Resource Integration, Synchronization, and Management. Could people please stop abusing it as a term for whatever random scary thing they want to believe the NSA is doing?
The text Fourth Amendment doesn't narrow itself to "United States Persons". It says:
"The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized."
It feels like the judge is stating: The authority for this principle can be found in Black Box.
It may be justified for civil cases to be held in secret. After all, civil cases can be resolved by mediation, arbitration, even just negotiation. When the matter concerns a petition against the government however, or against a law, there is no reason for the case to be sealed or secret.
Whats next, the congress voted in a closed secret session a new secret law?
Before the FAA passed, there were no requirements or oversight governing collection of non US persons communicating over a US carrier. And in fact, existing legal precedent does not treat the carrier as party to the communication, so collection under those circumstances was likely legal. That's exactly the loophole the previous administration exploited to compel third-party compliance in foreign intelligence collection without oversight.
Notwithstanding any other law, the Director of National Intelligence and the Attorney General, may for periods of up to one year authorize the acquisition of foreign intelligence information concerning persons reasonably believed to be outside the United States...
Notwithstanding any other provision of law... the Attorney General and the Director of National Intelligence may authorize jointly, for a period of up to 1 year from the effective date of the authorization, the targeting of persons reasonably believed to be located outside the United States...
I didn't say they were identical, just that they were similar. Though each does use the identical language about limits on targeting "persons reasonably believed to be located outside the United States" -- and we found out from last week's leaks how far that language can be stretched.
Even those passages you're citing are night and day apart. The first authorizes collection against US persons on foreign soil, which flew in the face of 50 years of precedent. Whereas the second is truncated to the point of being almost meaningless, but in context it defines some terms of collection against non US persons outside the US--something legal for all of US history. The only similarities between the two are the responsible parties and the duration, which are basically boilerplate.
See: http://www.guardian.co.uk/world/interactive/2013/jun/20/exhi..., page 4, paragraph 1.
If the NSA does not know whether someone is a US person or a foreigner, the agency assumes that the person is a foreigner. That matters a lot if, for example, you're using Tor.
You might also want to look at the recently leaked minimization rules, which permit the retention of purely domestic communications collected under the FAA, if that information can be used to develop and exploit security vulnerabilities. Given where you work now, and what you work on, that might be somewhat important.
See: http://www.guardian.co.uk/world/interactive/2013/jun/20/exhi..., page 5, paragraph 3.
The Section 215 program in which the NSA has been collecting metadata about every domestic telephone call would appear to violate that rule, even if, as we are told, only a couple dozen NSA employees can query the database, and even if they only use it for investigations related to terrorism.
Likewise, the non-us persons targeting rules leaked last week suggest that the NSA has ongoing access to GSM Home Location Register data for the entire United States. While this doesn't pinpoint someone's location to a house or street, we're still talking about the NSA getting city-level location data for hundreds of millions of innocent Americans.
See page 6 of:
Given how compartmentalized NSA is, it seems quite reasonable that your former team (which, I assume, penetrated the computers of foreign targets) would have no contact at all with the teams tasked with collecting domestic communications.
It relied, legally, on "FAA Authority", a reference to the 2008 Fisa Amendments Act that relaxed surveillance restrictions.
I just happened to be reading that Greenwald article around the same time I saw your response, but I'm not relying on his analysis: I posted excerpts from both bills. They are similar, not identical, and I wrote about both at the time they were enacted.
I'm going to decline to speculate about personal biases and motivations.
They take everything they want off the wire anyway; the best case scenario is that they have FISA rubber stamp warrants for the times where they "need a warrant".
Do we really care about specific instances of uses of PRISM? I mean, in an honest way I'm curious :: is there really any benefit if we could definitely prove that PRISM was used without a warrant? Is it worse than any of the other things that have been disclosed or leaked since originally finding out about PRISM?
I don't think so, but I was screaming bloody murder about NSLs in 2006, soooo......
I guess that's pretty much exactly what I'm experiencing. "Why bother trying if no one is listening". Not exactly the concept of 'disaster porn' but it's a close enough allusion.
Almost everyone I know that's involved in some kind of activism has this happen to them; I know that I feel it almost all the time. I'm not saying you're actually _doing_ any activism, but I think it's a side effect of paying so much attention to the letter of the law: law is a messy, sloppy thing, or at least it appears that way to this non-lawyer. It doesn't mesh well with my 'computers are deterministic' general mindset.
And really, _especially_ on this privacy front, it's terribly hard to see that these things are going to happen, get called 'crazy' and 'paranoid,' see them happen, and then sigh: "I told you so."
You mightn't have meant it but that was a polite way of provoking a bit of self evaluating. I don't really know what more to do outside of donate to the EFF, write my Congresspersons, etc. But I haven't made nearly an exhaustive effort of investigating what I could be doing.
>It doesn't mesh well with my 'computers are deterministic' general mindset. And really, _especially_ on this privacy front, it's terribly hard to see that these things are going to happen, get called 'crazy' and 'paranoid,' see them happen, and then sigh: "I told you so."
Are both very insightful statements.
If you're looking for something you could do.
From his comments it sounds like he's working with other app makers who are making independent apps so this could target everyone, effectively.
I do have a side project that would, at least personally, greatly decrease my dependence/reliance/usage of GMail...
According to the 4th amendment, "warrants" must be used in specific investigations and for specific individuals. There's nothing specific about a FISA warrant. They just get data en masse from a lot of people. And they use this paper that they are calling a "warrant" from the FISA court, that says they can get the data on everyone.
Also, FISA warrants completely ignores such things as "probable cause" and "reasonable searches", which are pretty important for a democracy, I'd say. You can't say you're getting all the data of 100 million people, and also have "probable cause" for them.
"The Fourth Amendment (Amendment IV) to the United States Constitution is the part of the Bill of Rights which guards against unreasonable searches and seizures, along with requiring any warrant to be judicially sanctioned and supported by probable cause. It was adopted as a response to the abuse of the writ of assistance, which is a type of general search warrant, in the American Revolution. Search and seizure (including arrest) should be limited in scope according to specific information supplied to the issuing court, usually by a law enforcement officer, who has sworn by it."
FISA "warrants" are really an oversight mechanism to the executive's generally accepted authority to conduct national security operations targeted at foreign powers. They're specifically to "warrant" that the Fourth Amendment is not being violated by a particular search, intercept, or program because the activity is appropriately targeted.
So the question is: what requires a warrant that meets the strictures of the 4th amendment? Not every kind of data gathering or information collecting activity requires a warrant.
A good hypothetical to think through is a Tesla car. Tesla has the capability to track you via GPS, though the functionality is apparently disabled on retail models. But say it was enabled, and Tesla collected and stored information about where you went to optimize your ownership experience. Do the police need a warrant to get that information?
On one hand, the police do require a warrant (meeting 4th amendment strictures) to put a GPS on your car (because it is a physical invasion of your private property). On the other hand, police don't need a warrant to ask your neighbors what they know about where you've been.
So: what do the police need to get your GPS information from Tesla? On one hand, you can say that the police shouldn't be able to do indirectly what they can't do directly, and say that they require a warrant meeting 4th amendment strictures to get that information from Tesla. On the other hand you can point to a crucial distinction: the police did not need to invade your physical property to put a GPS bug on you--you did that part yourself and voluntarily told Tesla exactly where you were going. If you had phoned Tesla, and told them exactly where you had went, and they wrote that down and stored it in a file, the police would not have required a 4th amendment warrant to get that data. Just a lesser court order in the event Tesla did not cooperate.
Er, um, no. FISA warrants and courts are different than regular warrants and courts for a very good reason. Most of them are issued post de-facto and as mtgx and I have pointed out, are literally rubber stamped. ZERO were declined last year.
I'd love a citation for the last sentence of your post. I'll work on background info on FISA warrants. Like I said, wish I had my debate evidence I cut years ago. Rather ironically, it's actually remarkably hard to refind some of that evidence 10 years later. Google loves to emphasize more recent publications.
A FISA warrant is as much a warrant as an FBI agent wiping their ass on a piece of paper and calling it a National Security Letter makes it a "legal warrant". (Yes, field FBI agents can issue them, and they're issued in the tens of thousands every single year, AND a single letter can apply to a person, team, family, or entire workplace.)
You might call it "legal" in that a law passed by Congress with secret interpretations and special addenedums tells them they can... but yeah, I'm going to keep on calling FISA warrants and NSLs used on US Citizens what it is: unconstitutional and thus practically, illegal.
Literally hand picking any of these keywords pretty much leads to the same Wikipedia page discussing at least some of these things. I'm still reading it to see how complete it is. Again, where are you getting this information that the government has been more conservative or particular about these directives?
Ironically it actually has a fairly good record dating back to 2006 in several places when some of this stuff got stirred up that time. http://en.wikipedia.org/wiki/NSA_warrantless_surveillance_co...
The whole thing is insightful. (I edited this comment to be far less rude, my apologies, I should've slowed down)
The 4th only applies to US citizens. Therefore a FISA warrant targeting people outside of the USA who are not believed to be US citizens does not have to meet the standard of the 4th.
A National Security Letter targets third parties (your email provider, your library, etc) and fails to search, seize, or directly affect any of you, your house, person, papers or effects. It therefore does not violate the 4th.
Channeling myself for a moment, this is not how I personally understand the clear intent of the 4th. I'm sure you agree with me. However I am forced to admit that multiple courts have sided with the interpretation that I just described.
Under common law, I don't get to decide what the law is. Judges do. Since they seem to be consistently accepting this line of argument, the 4th simply doesn't mean what I want it to mean. (I'm all for a better amendment, but that does not seem to be happening.)
edit: Look, all over the front page this morning. MORE sources and allegations describing MASSIVE domestic surveillance that occurred without any sort of oversight or warrants. How can you just ignore story after story after story and push your anecdotes?
What's amusing is how many people assume that the police ever needed a warrant to "investigate them." The police need a warrant to search your person or your property. The police don't need anything to investigate you, and need nothing more than a court order to subpoena documents from people who might have information about you. This has always been the way our system worked.
Depending on what exactly PRISM does, it may very well not require a warrant, any more than the police require a warrant to get your bank records or other kinds of information about you held by third parties.
For some reason, it's not really been refreshing to see people paying more attention now. I thought maybe it was a holier than thou thing but hitting blogs where we were talking about it back then I see the same thing. People who were outraged then are doing what they were then - trying to read between the lines and figuring out how it really works while still being legally compliant. Try commenting on that, and you're called a sheeple and told how it's all un-constitutional, yada, yada.
I don't mind when my outlying beliefs become hip, but I do get annoyed when they jump the shark.
Not the same thing.