To put it mildly this is the first step in a long, long path.
District courts have the final say in the vast bulk of routine matters that never get appealed, and they can play an influential role in setting the presumptive factual record in high profile cases destined for appeal. But in a high profile case destined for appeal that largely turns on interpreting the Constitution, this court was mostly a gatekeeper. In other words, if the district court had ruled the other way, maybe that would have been the end of the story. Given that it ruled as it did, this will certainly be heard by the Court of Appeals for the District of Columbia (possibly by one of the judges appointed by Obama now that the filibuster has been weakened), and then if the petitioner wins there, either by the full DC Court of Appeals en banc, or the Supreme Court, or first one then the other. If Smith v. Maryland is to be overturned, it will be the Supreme Court that does it, not a district court.
bradleyjg: I generally agree except that "if the district court had ruled the other way, maybe that would have been the end of the story." This was a case that would have been appealed no matter who won and who lost. Still, the factual record established by the judge (who indicated he was annoyed at misrepresentations by NSA/FedGov) is going to help the plaintiffs quite a bit after FedGov appeals.
Also, I wonder if Orin read the opinion fully. His post incorrectly says: "Finding the entire NSA metadata program unconstitutional, Judge Leon enjoins it..." That is not true. The judge's opinion did not halt the NSA phone metadata program overall; it merely orders two plaintiffs removed from the NSA's database. I posted about that important distinction here:
https://twitter.com/declanm/status/412697277363286016
Well in fairness to Orin, that was what all the reporting seemed to say, was that the entire program had been summarily ruled unconstitutional (but that the ruling was stayed).
Orin is a smart fellow, and it's common to make mistakes when quickly summarizing court opinions that have just been published. But he never corrected his post.
The Supreme Court wouldn't necessarily be deciding whether Smith v. Maryland should be overturned, but whether NSA collection of phone/SMS metadata can be distinguished from Smith. The district judge here presents some excellent arguments that Smith is fundamentally different, and I was disappointed to read Professor Kerr's very sloppy analysis, given how excellent his Fourth Amendment coverage usually is. Perhaps he did not have a chance to read the case carefully.
Brief background on Smith v. Maryland:
In Smith, a robbery victim complained to police that she was continually receiving threatening and obscene phone calls. The phone company installed a pen register at police request, without a warrant or court order, to record metadata for about 2 weeks; this revealed the phone numbers of all subsequent callers to her home. It also revealed that Smith made another harassing phone call. In short, the Supreme Court ruled that, in the process of calling, Smith voluntarily transmitted the phone numbers he dialed to the phone company, information he and everyone else know are commonly stored as business records, so he had no reasonable expectation of privacy in the numbers dialed. Therefore, the Fourth Amendment didn't apply.
Contrary to Professor Kerr's blog post, the real reasons Judge Leon thinks the NSA's metadata collection is different are quite compelling. Here's my summary of his reasons from pages 42-56:
1. Smith surveillance was only for 2 weeks; NSA surveillance is for as long as terrorism lasts in the United States (forever?)
2. Previous case law supports a distinction on the basis of time length: In US v. Knotts (1983), the Court said police use of a tracking beeper on an automobile does not implicate the Fourth Amendment because we have no reasonable expectation of privacy in our movement on public streets. But last year in US v. Jones, the Court distinguished Knotts, which was about short-term tracking, saying that police installation of a GPS device on Jones's car for a month was too long and violated Jones's reasonable expectation of privacy.
3. In Smith there was no indication the phone records would be kept; NSA keeps phone records for 5 years
4. Smith was a one-time, targeted request; the NSA program is a daily, all-encompassing, indiscriminate dump of phone metadata. Leon: "It's one thing to say people expect phone companies to occasionally provide information to law enforcement; it is quite another to suggest that our citizens expect all phone companies to operate...a joint intelligence-gathering operation with the Government."
5. The Smith Court did not foresee in 1979 the "almost-Orwellian technology" the NSA is using to track and store hundreds of millions of Americans' phone data.
6. "Most importantly," the nature of the information in our telephony metadata is much different.
7. Phones are ubiquitous and much more frequently used, so metadata reveals more about our private lives and implicates a bigger privacy interest than in 1979.
8. SMS metadata reveals who we wrote to, information that would not have been available in 1979 phone metadata when we had to write letters.
Judge Leon's conclusion, which I think is compelling given the foregoing: "I cannot navigate these uncharted Fourth Amendment waters using as my North Star a case that predates the rise of cell phones."
I see you are an attorney, so I'll skip the detailed explanation of vertical stare decisis and simply point out that Sotomayor joined Scalia's opinion in Jones, which commanded a majority and was the opinion of the Court. Therefore, the holding of the case has to do with the continuing validity of traditional trespass as a fourth amendment search, and the mosaic theory in the concurrence is dicta. I personally find it compelling, but I'm not a District Court judge bound by the strictures of precedent.
Nothing in Smith itself or it's Supreme Court progeny indicate that the length of time the government intends to keep information that it found the people have no reasonable expectation of privacy in is of constitutional moment. Nor the number of phones, or how frequently they are used. As for SMS and writing letters, it is the Court's allowing the government to collect mail metadata (the envelope info) that got this entire line of precedents started.
If this had been an email case, I'd be right there with you. I don't think the device that the government wanted to install in the Lavabit case is sufficiently similar to a classic pen register to be covered by Smith, and I think the third party and his representations matter with respect to customers' expectations. But here we have telephone records as collected by telephone companies. Smith is squarely on point. Limiting Smith to 1979 is tantamount to overruling it, not distinguishing it.
Judge Leon doesn't like Smith, I get that, I don't either. Fortunately or unfortunately, neither if us is on the Supreme Court. (See also, Reinhardt, J. any opinion.)
It's possible to distinguish Smith as inapposite without throwing away stare decisis. The term of surveillance (forever), the breadth of surveillance (almost every American), and the greater privacy intrusion (because of cell phones' ubiquity and because we use them more frequently) all make NSA surveillance very different from Smith.
And as far as the length of surveillance goes, Kerr's pointed out that 5 justices in Jones (the 2012 GPS case) signed onto the idea that long-term GPS monitoring of a car counts as a search even if short-term monitoring does not.
> Smith voluntarily transmitted the phone numbers he dialed to the phone company, information he and everyone else know are commonly stored as business records
I think I can understand and agree with this. I'm not sure what I think about the phone company disclosing these records to other people. Regardless of its actual legality, I think the distribution of that data could be a breach of trust.
It is entirely reasonable for my phone company to know who I'm calling, but I still expect that data to be "relatively private". I would be upset if my neighbours could get it from the phone company. I would be upset if the phone company mailed that data to me on a postcard. I think we should be similarly upset if the police can get hold of it without a court order.
How does the law address this? Is that information just not disclosed "in confidence"? Does the law follow a "genie out of the bottle" logic, whereby information that is not absolutely private is not private at all? Or do law enforcement agencies have a privileges regarding otherwise private information?
"The depositor takes the risk, in revealing his affairs to another, that the information will be conveyed by that person to the Government. . . . This Court has held repeatedly that the Fourth Amendment does not prohibit the obtaining of information revealed to a third party and conveyed by him to Government authorities, even if the information is revealed on the assumption that it will be used only for a limited purpose and the confidence placed in the third party will not be betrayed."
I guess that makes sense again -- I don't have a problem with them "obtaining" the data, and a voluntary disclosure certainly shouldn't be called a "search". If the government asks for the data and the telco willingly complies with the request then I don't think the government has done anything that should be illegal (though it's not very nice of them.)
Two caveats, though: Even if the government is in the clear for obtaining the data, I'm not so sure the telco has a (moral) leg to stand on. We should consider making the distribution of that information illegal, if it isn't already. I have no idea if this would make the government's request "incitement", though I guess the answer might lie somewhere around the civil/criminal distinction. I'm clearly not a lawyer, so I can't really pretend to understand the likely forms or consequences of any of this...
The second caveat is that if the government compels the telco to hand the data over then it's a completely different ball game. That is a (plain-language) search, and it would be disappointing if that weren't subject to Fourth Amendment protections.
Larry Klayman is an interesting plaintiff in this case.[1] He was a career Justice Department prosecutor during the Reagan administration and worked on the successful antitrust case against the former ATT telephone monopoly. Another article[2] agrees with the article kindly submitted here in reporting that the United States district judge (appointed by President George W. Bush) has stayed his ruling, pending a very likely appeal by the federal government, but it is clear that he thinks the current surveillance program is too broad to be constitutional based on the testimony at trial. That's good legal work.
The link to the full opinion of the district court[3] loads very slowly just now, presumably because many readers are trying to access it.
AFTER EDIT: A legal blogger has put up a copy of the court opinion on a page that loads rapidly.[4]
> Another article[2] agrees with the article kindly submitted here in reporting that the United States district judge (appointed by President George W. Bush) has stayed his ruling, pending a very likely appeal by the federal government
Note that staying a decision pending appeal is the norm, to preserve the status quo until a final resolution. There are exceptions, but it is usually not noteworthy (even if it is frustrating to those who support the decision that is stayed) that that has occurred.
From the article: "The judge, Richard Leon of U.S. District Court in Washington, said that the NSA relied on 'almost-Orwellian technology' that would have been unimaginable a generation ago, at the time of a landmark Supreme Court decision on phone records."
I disagree strongly! The NSA's technology would more properly be called super-Orwellian. Two-way TV, hidden microphones, and steaming open your mail is nothing compared with what the NSA can do.
I was just thinking today - we're about to start using "smart light-bulbs" in a few years. Lightbulbs with Internet connections, that can potentially record everything we say anywhere, even in real world (unless they are doing that already with idle cellphones).
If we don't stop this now, and don't make it explicitly illegal, and actually punish the people involved (otherwise they's no downside to continuing it), then it will get a lot worse in the future.
Also, how can US law be so asymmetrical? It's illegal to look into someone's mail, which just includes one single conversation, but it's not to look at someone's real-time conversations for a long time, which can include all sorts of topics, and then multiply that by millions of people.
If looking into just one mail conversation is illegal, how come mass surveillance isn't immediately seen as massively illegal?
The government's position is that collecting the data isn't surveillance until a government employee actually looks at the data. E.g. the idea is that you collect a huge pool of data, and then get individual warrants to go spelunking in it.
> and then get individual warrants to go spelunking in it.
And that warrant is obtained whenever, in the future, that that person opposes the national interests. Then it's like you've been spying on them all along. Retroactive wiretapping!
If hundreds of thousands of letters stream in and out of the US every second then you bet your ASCIIs the government wouldn't waste time "modernizing" the law to be more "aligned with international norms."
I think Orwellian surveillance was a degree worse because you could never escape it. Even in your most private spaces you had to act as if everything was ok, and the body lead the mind into thinking everything was ok.
Not that I'm defending current practices, but if we ever get to mandatory mass surveillance it will definitely be worse than covert mass surveillance that the most informed citizens can still choose to avoid.
By being able to "choose to avoid," what do you mean? Simply that anyone can avoid surveillance by choosing not to communicate over phone, email, or http, and by not living in communities that directly or indirectly pass any of your information over any of those?
With 1984, at least, the book implies that the proles had some measure of freedom from surveillance (though the plot also suggests that it's still there but more surreptitious). Short of living on a commune and totally removing yourself from the broader economy, what can people actually do to avoid NSA surveillance as it exists today, let alone a decade from now?
It's pretty easy for any two informed citizens to avoid those means of communication. When you're corresponding with someone who doesn't care if the government spies on them, no level of paranoia will keep your messages private.
Well, Skype, which is currently tapped by the NSA, is being used in Microsoft's Xbox and Kinect. So, much like in the book 1984, people have cameras in their living rooms.
The difference is that in 1984, the cameras were put there by the government. Today, people themselves unknowingly put those cameras there.
Time for the cuffs to come out and the trials to begin.
Finally, as recently March 12, 2013, in a hearing of the Senate Select Committee on Intelligence, Sen. Wyden had this exchange with Director of National Intelligence James Clapper, who was under oath:
Wyden: Does the NSA collect any type of data at all on millions or hundreds of millions of Americans?
> Leon wrote that the government was justifying its counterterrorism program based on a 34-year-old Supreme Court precedent that has been eclipsed by “technological advances and a cell phone-centric lifestyle heretofore inconceivable.”
It's insane to suggest criminal prosecution for actions taken pursuant to a reasonable interpretation of Supreme Court precedent, even if ultimately that interpretation is rejected (and I'm not confident that this will hold up on appeal).
Or should we start criminal prosecutions for the people in the government responsible for trying to enforce the campaign finance laws found unconstitutional in Citizens United?
This is the fourth occasion that a federal court has found NSA actions to be unconstitutional. Apparently some people think that it is okay to play the NSA's game of pushing the limits and making tiny corrections whenever they get scolded. I do not.
Not really. A bunch of tea partiers sent a letter suggesting that he resign or be held on perjury charges, which prompted him to apologize. His apology asserted that he forgot about the existence of the PATRIOT Act, which is why he accidentally said what he said, on accident.
Decades in jail? For what? I do not like the NSA's overcollection, but decades in jail ought to be reserved for violent types and people who you can easily demonstrate have ruined people's lives (through ponzi schemes and fraud).
The rule of law is government's fundamental contribution to civilization. It may not be sufficient, but it's definitely necessary. In context, it's sacred.
Most government employees, particularly members of the military, directors of agencies (Alexander is both), cabinet secretaries, judges, members of Congress and the President, take an oath of office. The first or second thing in the oath is usually an affirmation to protect and defend the Constitution. In the President's oath, it's one of only two things: do your best at being President, and protect and defend the Constitution.
I swore that oath when I joined the Navy. I was only in for six years, I've been out more than thirty years, but I still consider myself bound to that oath. I've long been disenchanted by my government, but I still hope for the Constitution's health and longevity. It may be "just a goddam piece of paper," but it symbolizes our commitment to each other.
I'm tired of watching the NSA and the rest of the government treat the Constitution as just a piece of scrap paper.
Yes, decades in jail are appropriate for fundamental crimes of such depth and sweep.
There's a lot of personal anecdote in your reply but little justification for why decades of jail are appropriate responses. It just seems like you think if you feel it intuitively that everyone else should just accept it. Sorry, I don't agree, and you're not very convincing.
"The rule of law is government's fundamental contribution to civilization."
"Most government employees, particularly members of the military, directors of agencies (Alexander is both), cabinet secretaries, judges, members of Congress and the President, take an oath of office."
Yes, most of my post was anecdotal. Those two points above are my case. I'm sorry it's not good enough.
It's not good enough because taking an oath and breaking it does not automatically equate to the horrors of imprisoning people for long, live changing lengths which is a pretty fucking horrible thing to do to individuals and their families. Especially not if they had good intentions. And not only that I don't agree with the first claim regarding "rules of law" and "civilization". It sounds like some historian's quote from the 19th century completely unaware of a century's worth work in the social sciences.
when is ignorance of the law ever an excuse for citizens?
yes officer I didn't know the speed limit.. does that work for you? or yes sir I didn't know you would object to fondling your ass! No harm no foul right?
At no point did I ever make any kind of argument about ignorance of the law. Do you see that in my post? Perhaps point it out, because you're reading something that isn't there.
Prove it. I mean, how are you going to prove this? Exactly. Which is why "good intentions" doesn't mean anything to anyone with sense in their head, especially not a legal court.
Counterfeiting laws in the US seem to be unreasonably harsh, the reasoning is, that it is such an insidious crime due to the fact it can undermine the fundamental trust in our economy and government. The NSA scandal has done at least one of those things.
> but decades in jail ought to be reserved for violent types and people who you can easily demonstrate have ruined people's lives (through ponzi schemes and fraud).
> For a criminal trial, a specific law must be broken.
Perjury. I don't understand the subtleties of this law, but my ordinary man interpretation is telling me that if you are a government official, you are allowed to lie under oath in a court, with no repercussions.
Quoting Wikipedia,
Wyden then asked Director Clapper, "Does the NSA collect any type of data at all on millions or hundreds of millions of Americans?" He responded, "No, sir." Wyden asked "It does not."[31] and Clapper said "Not wittingly. There are cases where they could inadvertantly perhaps collect, but not wittingly."
No, I think the principle of law they have violated is the use of State Intelligence against its own citizens. Similarly, we do not use our armed forces against our citizens, because those two bodies are intended to be used against the enemies of the country. To the degree to which it can be said that warfare obeys any moral or legal imperatives, it rarely rises above the level of avoiding killing civilians out of hand. One may reflect on the degree to which the right to private communications is violated in warfare, but summarizing is beyond my abilities. The employment against citizens of these same tools, honed for deadly violence, is calamitous.
More succinctly, what on earth is the use of a polity having military specialists employed against itself?
That they have violated our right to freedom from investigation without cause as guaranteed by the 4th Amendment is secondary to the concern of the military running an operation against its own people. It is rather unfortunate that this Agency happens to be extremely well-funded, terrifyingly effective, and employing geniuses, but clearly in Snowden they are hoist on their own petard. Through his actions it has become plainly evident that the National Security Agency administrators are not merely engaged in un-Constitutional aims, but in conducting military action against the People of the United States themselves, have committed an awful treason. We should not let them plead against a lesser charge.
"Rep. James Sensenbrenner Jr., the original author of the Patriot Act, says Director of National Intelligence James Clapper should be prosecuted for lying to Congress."
"Lying to Congress is a federal offense, and Clapper ought to be fired and prosecuted for it," the Wisconsin Republican said in an interview with The Hill.
If you actually think something of substance will happen, you are delusional. At this point it's just the worlds biggest PR game.
The systems are in place. The staff is untouched. Nobody is getting penalized. It's already over and we've lost by a huge margin. Every corp is in on it.
It's just a new reality we have to face. Secure and encrypt everything or have your data stolen. Simple.
I don't think this decision will hold up on appeal. From the article:
Basically, the judge found the on-point Supreme Court precedent to be inapplicable based on changes in technology in the intervening time:
"Leon wrote that the government was justifying its counterterrorism program based on a 34-year-old Supreme Court precedent that has been eclipsed by 'technological advances and a cell phone-centric lifestyle heretofore inconceivable.'"
Pay specific attention to the discussion starting at the end of page 743 ("Second, even if petitioner..."). That reasoning doesn't seem any less valid to me today than it was 34 years ago. It's an easy, clear rule: "private" means private, not "private but shared with my hundred closest sysadmin friends at AT&T or Google."
You're absolutely right that there are reasons to believe this might not stand up on appeal. However, the reasoning from Smith is hugely problematic with the advent of the cloud. Smith is based on what's called third-party doctrine: basically that the Fourth Amendment applies to your stuff that's in your possession. If you give your stuff to someone else, they don't have a Fourth Amendment right to it, and the government can take it without a warrant. Before the digital age, it was unusual to entrust sensitive private information to third parties. Most of what we had was kept on paper. Now, people put huge amounts of information in the hands of third parties, often without really realizing it. Extending third-party doctrine to all digital information would decimate online privacy.
This is where the future of Fourth Amendment jurisprudence is headed, and how the courts decide will have huge ramifications for the future of privacy. So again, you're right that there's significant precedent that must be overcome, but it's by no means a done deal. Even some of the conservative Justices in the recent Fourth Amendment cases seem pretty concerned.
There's been a lot of movement in the legal community (well, outside of FedGov) for rethinking Smith v. Maryland. This may give SCOTUS an opportunity. I doubt they'd go as far as today's opinion, but there's plenty of scholarship to say that Smith is outdated.
Compare to the decades of legal scholarship that eventually culminated in the Second Amendment being reinstated, kind of, by SCOTUS in the Heller and McDonald cases. What, it actually means the government can't ban guns? Gasp!
The issue isn't whether privacy should exist in the digital age. The fact is that it doesn't, or at least not as we have understood it for all of these years. Something that dozens of sysadmins at Google can read is simply not private within traditional definitions. The real issue is whether we can create a practical pretense of privacy: treating data that isn't private, as a matter of fact, as private as a matter of law.
I'm curious if he's more motivated by NSA-as-a-tool-to-attack-Obama or the merits of the case itself. Beggars can't be choosers, but still pretty strange to be in a position to back someone tactically on one issue while probably opposing most of the rest of his agenda.
As a liberal who supports social justice, the social contract, and health care reform and the like, it feels really weird to find myself cheering Freedomworks and tea party types on when we agree on something.
From the outside, the way American politics divides people is strange. The psychology of republicans vs democrats, tpartiers vs big staters seems more like the supporters of a sports team.
When you support a sports team, if your player blatantly breaks the rules, you curse when he gets penalized. However badly they perform, you say they are unlucky and will win next season. When you watch a match with other fans, you feel like you are part of a clan, you feel a sense of belonging. Some people support terrible teams because they like that feeling, and they enjoy getting angry at the other team and its supporters. Sometimes they enjoy it so much they have riots, or at least a punch up.
I'm not saying America is unique, and the... sad cynicism you see in other countries is it's own evil. It's just a bit scary watching the fate of the world be decided like a bar room sports argument.
I guess this comment is a dumb generalization, but that debt ceiling thing really freaked me out.
> From the outside, the way American politics divides people is strange. The psychology of republicans vs democrats, tpartiers vs big staters seems more like the supporters of a sports team.
That's exactly what it's like, and the worst thing (in my opinion) is how it has spread to every facet of American life, so that arguments over factual information are seen the same way. The country as a whole is far more concerned with winning or losing than with the actual significance of the "field" on which their "team" is "playing."
Mind you, given how central sports is to American lifestyles[1], it's not like nobody could have seen this coming. But that doesn't reduce how dangerous it is.
[1] Walk into any American high school. Chances are, the walls are lined with football trophies, and the faculty's letterhead is plastered with logos for the resident teams. The social hierarchy of the students revolves around the star players. Outcasts are called "losers."
Your experiences with high schools are different than the ones I've encountered. The social hierarchies aren't oriented around the sports team, but rather the standard hierarchy with the wealthy at the top and the poor at the bottom.
Granted, there's some variation, and being athletically talented or aesthetically pleasing can move you up the hierarchy, but being poor and having both of those traits will only raise you as high as the ugliest, clumsiest, wealthy student.
In four years of high school, I could only ever name one basketball player and that was only because he was my debate partner is speech class. I never knew who the quarterback on the football team was, despite hearing of some impressive victories. I was far more aware of the less popular sports (e.g. track, tennis, gymnastics), precisely because the team members in those sports came from higher income families and thus had more popular athletes.
I'm not disagreeing with your point regarding wealth, but football is the most popular men's high school sport (by participation) in the country so your experiences aren't likely the norm. Also track, tennis and gymnastics are mostly individual sports so they're less likely to be the ones driving the same level of school-wide support and pride (logos on the masthead, trophies in the hall, etc).
Also HN readers might be unlikely to have had the average American high school experience.
While I agree with you, I think looking at this through the lens of only "hey look some irrational muggles" belies the fact that hackers do the EXACT SAME THING.
Web vs native? Vi vs emacs? Tabs vs spaces? PHP vs... everybody else? TDD vs anti-TDD? Git vs Mercurial?
I mean sure there are statistics and facts to back these views but there are also statistics and facts behind which sports team is the best or whether the debt ceiling is bad. There's no meaningful difference.
I guess my point is, the difference between sports and politics is that sports don't really matter. Neither do the other things you list.
TDD vs Anti-TDD for a self driving car. That matters. The engineer that decides that based on an online argument is going to jail when someone dies.
Is mental illness real or should people just pull themselves together? Well we can banter about that, but if you are a psychologist deciding whether to release a patient from protective custody, you better follow evidence based best practice or you are in big trouble when they jump onto a freeway.
That last example is kinda important - when we talk about politics, it feels like it is just banter. Like we don't have to have nuanced, well formed opinions because who cares what we think anyway. We only have one tiny little vote right?
But democracy is driven by the average. And if the average views politics as the same as an internet flamewar (which is what you said right?) then democracy says that politics becomes an internet flamewar. And... well, what I'm saying is, oh look, it kinda has.
You know, poor Americans die about 20 years younger than average ones. I'm not saying that is your fault, and I'm not saying the solution is mandatory health insurance or glorious revolution. I'm just saying it's kinda fucked up. And I'm saying the real issues don't seem to get debated. Not really. Because... the public want a flamewar.
See, America needs to do something about it's debt levels. Probably. And the answer to that is probably years of slow deficit reductions, best done when the economy is growing (accepting it will take a chunk out of that growth). And America probably needs to do something about it's poor, because things are becoming less equal, and if you go for a walk around Mexico City late at night looking swag, you will find out that isn't a situation you want to have. But the solution to that is hard an slow and boring and probably involves scaling back this free trade thing a bit.
But the conversation about debt is either continue borrowing like crazy or massively scale back, both of which mean doom, so neither of which happen. The answer to the poor problem is too nuanced to be discussed, except in terms of rage against the rich or people on SSI depending on your team of choice.
I dunno, that was sort of my point. I think it tailed off toward the end...
> the difference between sports and politics is that sports don't really matter
I have some news for you. The sports industry is something like $400bn. If the Lakers have a bad night or whatever, it matters.
You may not understand why moving players around a field matters, but it seems to me that this is roughly the same sort of ignorance that would be behind the view that pushing pixels around a screen "doesn't matter". The fact that X is a hundred billion dollar industry is primate facie evidence that it is important. You may not want it to matter but this is a different thing than determining whether or not it actually does.
I guess what I'm trying to get across is that there is a certain sentiment of "silly other people, stop being bad!" that easily occurs in these conversations. The TDD debate sounds important for cars but .001% of engineers are working on the self-driving cars. Most software is mundane and these debates are 99.9% academic and are even had in the abstract without affecting any tangible software at all! In many ways, the hacker arguments are far more tribal and less practical than anything going on in sports or politics.
This is not particular to American society, you can see the same in France (where the left and right divide originated), the UK or any other country or indeed religion - people are tribal, and don't really care about details enough - the sense of belonging to a group and the rewards that brings trumps judging issues individually on their merits.
Oddly enough, I get a lot of flack from my friends for being an openly fair weather fan.
With politics, I support policies, not politicians. I understand the draw for rooting for the guy who 'thinks like you', or, if you find somebody who 'gets it', but the flip side of that is that it's hard to reconcile where they're wrong. A lot of people will actually conform their own beliefs to match the beliefs of a politician they like.
Polls of the NSA surveillance highlighted some of this; many Democrats who hated the PATRIOT Act under Bush didn't mind its abuses under Obama, and similarly, many Republicans who were okay with the law under Bush hated its uses by the Obama administration. Same law, same nonsense, and admittedly, Obama made at least a token effort to instate the FISA court, if only to give it the appearance of fairness.
With sports though, I'm exactly the same. I'm a Ravens fan, but if we don't make the playoffs, I'll pick another team that's convenient and start rooting for them. If we have a years' long streak of bad luck, like the Bills, or the Browns, I'll jump ship and root for a better team.
Yes, that makes me a 'traitor' to many 'real fans', but the counter is that I don't get anything out of being a fan other than some manufactured emotions. If it were Green Bay, and I owned shares, that'd be a little bit different, I suppose, but until and unless I get some kind of perk for a winning season (beyond the one I want most, which is to see my team make the playoffs), I just don't see the logic in being wed to them arbitrarily.
I've always found the US high school obsession with sports teams very fascinating. Growing up in Norway, I can say that I don't even know if my school had any sports teams. It is possible - some do - but to the extent they do it's usually something pretty much only those on the teams care about.
Well it's not really about party identification, at least for me. I think poverty and health services are basic rights a rich country can afford. It has nothing to do with who is for it or against it. It's the principle of it, and Freedom works and tea party types are very much on the complete opposite of it. The disagreement on these points are considerable. I am not likely to be convinced that not helping others out is not a matter of social justice and a requirement for participating in our society. Those on the other side seem about as likely to change as I am. I happen to agree with Freedomworks and the Tea party on NSA/and other social-liberty stuff like the war on drugs and not fighting in foreign countries, but that's pretty much the end of it.
You may believe that you have taken a principled stand on these issues, but unless your psychology is different from everyone else it's probable that your elevation of these specific issues, and the solutions you advocate, owes more to your social environment and the opinions which are considered acceptable within that milieu.
...more to my social environment than rational thought? Not sure what your point is or if you're just trying to blow up and discredit a view point with some pop-psychology/anthropology 101 that could apply to everything equally and thus be a completely meaningless statement.
You need to understand that the division in American politics is intentional. It's the entire intent of making a dual-party system: to make government less efficient. An efficient government structure with a centralized power base could quickly and easily transform into a tyranny, in theory a decentralized multi-branch dual-/multi- party government would require more time.
If you are saying the division is by original design, that is kind of awesome. Did one of the founders say anything about it in a speech? That would actually be pretty cool.
I guess what I object to is the black and whiteness of the discussion. About 20% of the US electorate are swing voters. That's a lot of people who would never vote republicrat, regardless of policy. They will vote Democrat after 2 terms of drone strikes, or Republican after the tea party nearly caused an econopocalypse. That is really sad.
It also means that only the swing voters count. And the only swing voters worth trying to persuade are the ones with simple priorities, i.e. the nutty ones. It's not very healthy.
It's at least a strong tradition, if not by design. But I believe it's actually by design. I wish I had time while at work to find a link for you, but I'll give it a shot when I get home in a few hours.
If you're a "liberal" in the sense of the classical tradition[1] you should have no problem whatsoever cheering on the tea-party types at times. In fact, it would be highly unusual if you didn't. Well, at least to the extent that the Tea Party had, at one time, a sort of vaguely libertarian bent to it, since classical liberal thought overlaps with libertarian thought in many regards.
But most people who call themselves "liberal" in this day and age aren't, and the term has all but lost any actual meaning. These days, the people calling themselves "liberal" probably ought to use "statist" or "authoritarian" to refer to themselves. shrug
OTOH, the Tea Party these days has become a weird sort of mishmash of populism, anti-incumbent thinking, paleo-convervatism, libertarian thought, and (God|Satan|Allah|Dionysus|Zoroaster|Zeus|Thor|FSM|$DEITY) knows what. I'm not sure the Tea Party "movement" can be said to represent anything in particular anymore.
This is why I am a registered independent. I have a very hard time believing that any rational person can agree with the party line 100%. Now obviously there are disagreements between members within the same party, but the minority is almost always drowned out. So, in effect, if you disagree with your party on any of these big issues you may as well switch teams if you want to do anything about it.
Don't feel too bad, you have more in common with any individual in the US than you might assume based on media coverage. We're all in this together, and we have largely the same concerns. Our differences are not irrelevant, but you shouldn't feel dirty or weird just because you find yourself agreeing with other average Americans about topics of mutual concern.
"In 2012, Klayman filed on behalf of a Florida resident an unsuccessful challenge to Barack Obama's placement on the primary ballot and claimed that the latter is not a natural-born citizen."
> The judge, a conservative, ruled that the NSA must remove from its records data related to two Americans who filed suit to stop the program.
Since Groklaw was KIA, can someone with a better understanding of the law explain if this applies to all Americans, or only those two who brought the suit?
EDIT: I looked at the opinion a little more closely, though I still haven't read it in its entirety. The judge's order only "(1) bars the Government from collecting, as part of the NSA’s Bulk Telephony Metadata Program, any telephony metadata associated with their personal Verizon accounts and (2) requires the Government to destroy any such metadata in its possession that was collected through the bulk collection program."
So by its terms, the judge's order only applies to these plaintiffs. However, if the opinion is upheld on appeal (see below), it seems unlikely that the NSA would continue the bulk program against anyone without individualized suspicion. If the opinion is upheld it would indeed be very easy for anyone else to sue and get a similar order.
EDIT 2: Footnote 69 of the opinion confirms that it applies only to two plaintiffs, Larry Klayman and Charles Strange. Other plaintiffs did NOT get relief, apparently because they didn't prove they were telephone subscribers.
--------------------------------
ORIGINAL COMMENT
I have a law degree from Stanford, but I have not read the opinion in its entirety, so this is quite possibly premature. The judge ruled that the program is unconstitutional. Typically, the remedy for such a ruling would be for the judge to enjoin the program. That would prohibit the NSA from continuing surveillance against everyone, not just the two plaintiffs.
However, the judge stayed his own ruling, meaning that he will not issue an injunction at this time. He did that to let the government appeal, which it will undoubtedly do. In other words, the ruling will not take effect unless and until it is upheld on appeal. The case was decided in the District of DC, so it will go to the DC Circuit, and (potentially) the Supreme Court. So it could be a long time before it has any effect at all.
Regarding Zikes's comment, unfortunately a district court court opinion has little precedential value. It is not binding on other federal district courts, even within the district where it was decided. It may be persuasive, and it can certainly be cited, but it has no power to bind other federal courts. If it is upheld by the DC Circuit, it will carry a lot more weight.
Even if the ruling currently only applies to the two who brought the suit, surely it would serve as a precedent for future suits, even a possible class-action?
But legally and politically, especially if the ruling is upheld on appeal, it will become difficult for NSA to continue the program in its current form. The key is less the order than the legal reasoning that led the court to this result.
Note Sec. 215 metadata collection was one of the more benign NSA programs that Snowden revealed. Bulk warrantless data collection on Americans ("incidental" of course) through fiber taps is a much bigger deal, IMHO.
“The government does not cite a single instance in which analysis of the NSA’s bulk metadata collection actually stopped an imminent attack, or otherwise aided the Government in achieving any objective that was time-sensitive in nature.”
Edward Snowden on this ruling: "Today, a secret program authorized by a secret court was, when exposed to the light of day, found to violate Americans' rights. It is the first of many."
No problem, the NSA and whatever administration happens to occupy the Whitehouse at the moment will just re-interpret the ruling as if it ruled that the program is constitutional.
We used to say that whoever wins the war writes the history. But the war on terror will never be won, by definition and design. The NSA probably cares fuckall who writes the history books anymore. They want the dictionary.
Some of the metadata in my opinion is obviously OK to collect - the stuff that would have been captured by a pen register decades ago - Who you called, who called you, how long you talked - this stuff, which is otherwise known as call detail records it available to nearly everyone who works for the telco and is not really what I would consider private.
Other stuff - like Geolocation data is in my opinion clearly not OK to collect - it constitutes an unreasonable encroachment on privacy, normally to track someone historically a warrant must be obtained first, and it required probable cause, I see no reason why a lesser standard should be applied here.
I don't consider blanket recording of calls to be acceptable, but I don't see that as something that has been happening, at least on domestic to domestic endpoints (it's not really technically feasible to do with the way the telephone network is structured), its a bit easier to record calls going to international endpoints because of the structure of the PSTN - VoIP is its own deal, and YMMV on weather you can actually capture those calls or not.
I don't want to see us throw the baby out with the bath water as it were, nor do I want the unreasonable encroachment on privacy to continue.
I disagree. I interned twice at a telco, and while I had access to a bunch of information in databases as a developer, I had no access to call records, and in general you didn't have access to it unless you needed it for work.
The problem is as I understand it, the NSA currently has the view that if a corporation has access to it, then it's not private and they get free reign. It's not that I don't expect Google to have my gmail records, or my phone to have call records and geolocation. Those companies can use that data to improve their services to me. It's when the NSA decides that they have access to all of this information from all these companies is when I have a problem.
Different companies, different policy, I worked in customer care, and later in a quasi-engineering role. In both cases, and two different companies I had full access to customer CDR's.
It's really all of them - If your doing a job that involves either customer care, or resolving call based issues, you have the ability to: See call detail records, sometimes capture voice calls to and from that subscriber, capture signalling data in realtime, track a mobile user in call thru the system for the purposes of finding defective network elements.
There is a good reason why we had these abilities, they were essential to resolve and troubleshoot user reported issues.
For example, if a customer reported troubles or call quality issues calling 202-555-1212, I needed to be able to pull their CDR's so I could determine which outbound trunk group the call went out on, so I could report it to that carrier to see if they could resolve.
> There is a good reason why we had these abilities
Bullshit. Systems can be designed to allow troubleshooting and problem resolution without giving broad access to user data. Telecoms are just too lazy to do it. They have local monopolies, so they just don't need to care.
I've written tools for VoIP companies for diagnostics. The most helpful system is one that logs everything and has it available on-demand. The one I wrote literally recorded and indexed every call-related packet (except audio) and records were kept indefinitely. This is network-level traffic. It reduced time-to-resolution by at least an order of magnitude, since a ticket to the effect of "this weekend someone at the office called someone in Germany and it didnt work" could find out exactly what happened.
Apart from that, call detail records (CDRs) are available to many people in a telecom. And it doesn't matter if you trust your telco, because they probably hand off traffic to others in many cases. Even large companies like AT&T deal with very scummy third-parties to get the cheapest prices to place calls. (I know that first hand, because sometimes people sell call capacity they don't have. Instead of completing the call, they answer and play a fake recording of someone saying "wait a sec". Once, when dialing from my AT&T cell, I got the same exact recording I had PCAP'd from some third-rate provider.)
Unlike email, where you don't need to provide access to email records in most cases, CDRs are needed for all aspects of billing. While your complete profile may be relatively safe in a large company with internal controls, depending on your calling patterns, you may very well be leaking a lot of details to many third parties you've never heard of.
Edit: You could theoretically add all sorts of controls and access-limitations. There's really zero benefit to doing so. Plenty of companies still rely on techs being able to run tcpdump on a mirror port or server in question.
We had the problem with low cost carriers too - though it was usually a quality issue, some customers because of the nature of their business (e.g. lots of fax calling) we would push them on to generally high cost TDM trunks via the local LEC versus lower costs VoIP trunks with level3 or other carriers.
I wish I could convey to people that they need to trust that their carrier is not just sharing their info beyond what is required to make the network work and what is legally required of them by the federal/state/local government.
I wish I could also explain more about how the telephone network, works. Like, how its virtually impossible to record every single call made in the US in a blanket sort of way, and that every transiting carrier from here to there also has a slice of their information.
> You could theoretically add all sorts of controls and access-limitations. There's really zero benefit to doing so.
Wow. That, right there, is the problem. You don't have to care about other people's privacy, so you don't. You're not accountable, and neither are the companies you work for.
I hope there's a disgruntled insider at one of the companies that uses your tools, and they vacuum up all the data they can find and leak it. Maybe a public scandal could make you care, if it affected your bottom line.
Hah. I don't mean to be condescending, but the security in telecom is laughable. I've tested nearly a dozen systems and networks, and in every case never had to spend more than a day getting root. (I'm sure there are decently designed ones, but that's not the common case.)
I had the CTO of one of the major switch vendors tell me that "buffer overflows aren't a problem, unless maybe the network is very fast". This is a company that markets an edge device with security being one of the main bullet points.
Not to mention, I'm willing to bet in many datacenters, you could literally just walk in and take disks out of machines. If they've got RAID and no alarming on RAID (not too uncommon) no one will even notice. Sure, some places have solid cages or require escorts. But a lot of colo space is relatively unmonitored and so long you look like you belong there and get past perimeter security (as easy as renting 1U in the same place, often) you're totally in.
And the sad part? To my knowledge, these attacks aren't that widespread. Why? Because there's even lower-hanging fruit that's more lucrative to hackers.
Anyways, to your point: How would this access control work? How are you going to verify a CSR actually got a call from a specific customer? How much effort are you going to put in verifying that data? This is an industry where tons of money is charged and moved around based purely on emails received, with zero verification. Also remember that full wiretap capabilities are a federal requirement (CALEA). So somewhere, they'll have a system that can turn on lawful intercept. That avenue is probably ripe for abuse.
You're right in your overall sentiment. The FCC and federal government should enact privacy laws and force companies to internalize this externality. Until they do, there's little reason to make it any more difficult for support to do their job.
Reminds me of a linux based edge router/SIP ALG product we used at a former employer if you put it on a 20 meg or faster symmetrical pipe, it would fall over, and eventually hardlock. Bugs in the drivers and a lack of hardware acceleration for the ethernet cards.
A popular ISP in one country shipped default DSL modem/routers with a SIP ALG on that didn't work. But not just the normal "totally screwing SIP up" but the alarm light would go on and the modem would be dead until power reset. On any SIP packet. This was over 6 years ago, but I think it was a ZyXEL.
"I had an incoming call come in at 3pm, no, I dont know the number, and I couldn't hear them/poor quality audio, can you check and see what was wrong?"
OR
"Everyone who calls me from johnstown says I have a really bad echo"
These require either the calling party or the called party, you need to be able to locate what network element they touched. At every company I had to sign a generic NDA to not disclose customer information without consent from the company. In the end though, you don't own this data, the company you contract with for service does - you'd need to change the contract with them to get control over it.
Adding the restrictions you propose would just make things more complex, not better. In the end, someone you don't want to have access will still have access - you need to trust the company you do business with to have good policy restrictions to protect their data, and your privacy.
You're just illustrating my point. Telecom systems are currently designed without privacy in mind at all. It would be possible to design these systems such that privacy was respected, but telecoms just don't care.
> you need to be able to locate what network element they touched
That doesn't require or justify you having
blanket access to call metadata as a customer service technician. Instead, in a reasonable system, users would grant limited access to account data on a case-by-case basis. For example, a user could use a website or app to report a recent call as bad quality, which would grant access to a technician for that call only so they could investigate.
The number of people in the company with blanket access to all user data should be very, very low. Certainly nobody in customer service should have it.
The telecoms legally own this data, its theirs, and its needed for all sorts of internal functions beyond just customer care - but lets focus on customer care:
Without this access how would you:
Create Trouble Tickets on call quality when the customer cant give very precise information?
Give credits on miss dialed calls to overseas destinations?
Explain charges on a customers bill?
Open tickets on calls that cant complete - the example above "someone called Germany on Saturday, can you check and see why it didnt go thru?"
I mean, I'd be interested on what form you think these access systems should take.
There should be better ways to report call quality issues than calling up to wait on hold for an hour to tell someone "fix it for me". Problem reporting should be mostly if not entirely automated. Google Voice, for example, has a "report bad call quality" option in its list of recent calls. Reporting other kinds of issues like failed calls could happen the same way.
For situations where phone support is still required, automated systems can still enforce that a technician can only access data relevant to the user who is calling, and that access can be logged, audited, and reported to the user on their next bill.
The important thing is that users should give limited consent to access data for troubleshooting, and that access should be enforced by automated systems, not NDAs. Technicians do not need and should not have blanket access to user data.
Really, a lot of the problems you describe have been created by the telecoms for themselves. Telecoms rely on antiquated and terrible old equipment, and that causes the call quality issues. If they invested in updating their infrastructure, they could have consistent better quality calls and automated monitoring. But they have no incentive to update their infrastructure when they already have oligopolies or monopolies. My phone has a 10 Mbps connection to the internet and yet phone calls still sound like they're happening underwater; it's a joke! Billing complexity is an even more obvious example of a problem the telecoms have created for themselves.
Even if we had an automated ticketing system that let a customer pick which call was bad, they wouldn't use it. Also keep in mind, every customer along the path would need to do this. There might be 5 or more companies involved in completing a single call.
The end-user might report it to their local PBX guy. He's going to call his wholesaler and say "yeah sometime over the weekend, someone made a call from somewhere and something didn't work right". If the wholesaler is lucky and can comb through data, they might find the call in question. Sometimes the answer is "uh, you hung up" or "...yeah, so you got a busy tone". Most of the time, if you can actually find a problem, you forward it on to the offending carriers, and they repeat the search and forward it until it hits a real network. The answer to the end-user is mostly "Sorry about that, we've made some routing updates." and hopefully they won't experience the issue again. If the end-user repeatedly has issues, it's probably a question of their line not having proper QoS, or something else their local PBX guy needs to sort out.
The "antiquated and terrible old equipment" is actually the least likely to cause issues. As much as I hate telecom, the real switches do a solid job. Dedicated hardware on TDM leaves far less place for problems. VoIP is the real quality issue most of the time.
Ironically, the carriers who have the most billing and call quality troubles are not the legacy incumbent local exchange carriers, its the newer VoIP based carriers.
In your 10mbps scenario its either a lack of QoS on your circuit (either from you or your ISP) or poor generally qualities of the end to end connection - like too much jitter or something.
There are scaling effects here which I don't think you're taking into account.
We're not talking about pen registers or targeted investigations anymore.
We're talking about big data techniques, trawling through massive databases to find related suspects and evidence of suspicious behaviour. A guilt inference engine. "Google suspects".
This is both quantitatively and qualitatively different from your view that "CDRs are available to people who work at the telco".
I'm somewhat OK with big data being used in this case, these are cases that traditional police work cannot be used in. So long as our court system remains a strong protector of the innocent, big data in this case is used to generate a list of people to talk to, to interview, and often to rule out. I'm very leery of thoughtcrime and guilt by association, but its up to the courts to make sure we are protected, and that the rights of the innocents are protected.
I believe this gets to the crux of the argument. Broadly, I think there are two views on why the U.S. has laws regarding "unreasonable" search and seizure:
a) Being searched all is unreasonable because it inconveniences those being searched, takes up their time and involves a degree of forced submission.
b) Being searched all the time is unreasonable because it grants the government too much power over the individual. The government should not be able to snoop into the lives of private citizens without good reason. True freedom and perfect enforcement of crime are incompatible.
You can hold (a) or (b) or both. Digital searches happen quietly and invisibly, so is it OK to be constantly searched if it involves no personal inconvenience?
I believe you hold mostly position (a), whereas those who believe this program is bad (including me) hold (a) and (b).
Point (a) isn't sufficient to understand the 4th amendment.
For example, the Supreme Court in Kyllo vs. U.S. decided that using a thermal imaging device to scan houses to find indoor marijuana farms is an unreasonable search, and reversed Kyllo's conviction for growing 100 marijuana plants.
You'll easily note that scanning a house from the street does not inconvenience the person being searched, take up their time, or involve a degree of forced submission.
For another example, the Supreme Court said that attaching a tracking device to a car without a warrant is also an illegal search. This also does not fit the criteria of (a). (While it immeasurably slightly worsens mileage, the court decided that it was a form of trespass. One does not need to be present in order for trespass to occur.)
For a more historical example, Ex Parte Jackson (1878) says "Letters and sealed packages subject to letter postage in the mail can be opened and examined only under like warrant, issued upon similar oath or affirmation, particularly describing the thing to be seized, as is required when papers are subjected to search in one's own household. The constitutional guaranty of the right of the people to be secure in their papers against unreasonable searches and seizures extends to their papers, thus closed against inspection, wherever they may be."
Again, 4th Amendment protection of letters exists even when the conditions of (a) are not held.
Could you be more explicit on which reason is this "same reason"? I listed several reasons.
Do you think law enforcement use of E911 pings without a warrant is trespass on your possessions, which was the reasoning behind the US vs Jones (2012) case I mentioned?
In any case, United States v. Graham disagrees with you. Geolocation data is "information voluntarily disclosed to a third party" and so "ceases to enjoy Fourth Amendment protection."
What do you find wrong with the reasoning in the Graham ruling?
In reviewing your other comments, it sounds like you also disagree with the conclusions of pages 47-56 of this most recent opinion by Judge Leon, where the judge describes how collection now is different than from a few decades ago, and in a manner that the Supreme Court has indicated other cases indicated may have substantial 4th amendment concerns.
Why specifically do you disagree with the reasoning behind his opinions?
Obviously US v. Graham (US District Court for Maryland) and Leon's opinion (US District Court for DC) are at odds. Leon points that out in his own opinion, on p66. It's going to take the Supreme Court (or a big change in the law) to sort this one out for the US.
I would argue that the e911 data is not a voluntary disclosure. The cellular companies were compelled to generate and provide this information, as well as generate and store hordes of other information to assist law enforcement. In short, I don't think the government should be able to compel a company to store a class of data about its users, then because now they are holding it (at the behest of the government), then strip the data of privacy and compel the cellular companies to provide it to law enforcement.
I don't find a substantial difference between the police planting a tracking device on your vehicle, and requesting geolocation data records for your mobile phone, they achieve largely same goals, thru only what I consider marginally different means - meaning, both should require a warrant.
The exception to that would be geolocation data that is generated as part of making a phone call. I want to hold the line on what can be monitored to the era before always on mobile communications devices. Just because the data is there, does not mean it should be able to be gotten without a warrant.
I take it from your answer that you haven't read the court decisions I mentioned?
That's okay, I haven't read all of them either.
E911 data is a subset of geodata. US. v Jones concerns tower data, which the business captures as part of its normal business. This is not under mandate from the government.
"A majority of courts" (quote from p9) "have concluded that the acquisition of historical cell site location data pursuant to the Stored Communications Act‘s specific and articulable facts standard does not implicate the Fourth Amendment, regardless of the time
period involved."
By your argument, since the phone companies are not compelled to store this historical geodata, then it's okay for the police to access these records.
"I don't find a substantial difference..."
Congratulations. But there is a substantial difference anyway. Trespassing on someone's car, in order to plant a tracking device, is quite different than, say, tailing someone to get the same information. The courts have said that the first is illegal. The second is definitely not illegal, even though it provides the same information.
I understand that you want a limited, very technical distinction on what information law enforcement cannot get from cell phone data. You base your argument on similarity to what land lines provide.
In doing so, you reject the 10 pages from this most recent legal opinion of Judge Leon which characterize why this similarity is not appropriate.
In doing so, you ignore other technical ways that law enforcement can and does get geodata from mobile phones even without using government mandated methods like E911. The government can bypass the phone company entirely and use IMSI catchers. By your logic, which only looks to see if the government is compelling a person or company to do something, then IMSI catchers are acceptable.
Would you kindly read some of the relevant court judgements, hopefully starting with this most recent one by Judge Leon, and comment with regards to them?
i think I find your reasoning flawed, as a matter of personal opinion at least.
> Who you called, who called you, how long you talked - this stuff, which is otherwise known as call detail records it available to nearly everyone who works for the telco and is not really what I would consider private.
I see what you're saying, as applied by the Smith v MD, that the information in a PEN register is fair game, but even in Smith, the collection of records had to be manual, which prevented its collection and use en masse, meaning that its application was self-limiting. Sure, the police could probably collect all the PEN registers, but as most of it would be useless, why would they?
Regarding your earlier statement though, for some perspective, had the British been able to keep tabs on the metadata of the populace, our founding fathers would have all been hanged for treason, and America would never have declared independence.
I don't mean to suggest that being subjects of Britain would be necessarily bad, but I think it's fair to suggest that our founding fathers considered their actions just, and as a matter of course, would have likely considered actions that would have resulted in their death equally unjust. If you agree, I think that should have some bearing on your interpretation of the fourth amendment.
The collection of records has not been manual since sometime in the 80's - the switch can generate a report of all this data. But I get the point.
I think metadata alone is useless - it gives you associations, not content, you could be calling someone not very nice to talk about the fact that they owe you money for work you did on their car - or about blowing something up. All this metadata is useful for is generating leads for traditional police work (aka shoe leather) to follow up on and dig up information the old fashioned way.
I'm confused as to why you'd be against the collection of GPS metadata then. GPS data is, effectively, only associative metadata. It can tell you where you were, and when you were there, but not what you were doing. That's why I'm having a hard time finding consistency in your position.
That isn't meant as judgement of you, by any means... the entire issue is a morass. We want law enforcement agencies to be effective (assuming that we're not acting criminally), but we don't want them to be overseers.
I personally think that the precedent is for us to err on the side of liberty over justice, and I think that in the spirit of presumption of innocence and all that, but that's influenced by confirmation bias, at the least.
It depends on the KIND of GPS metadata - the GPS that is generated when I call happens is attached to the call metadata. The Metadata that is generated just by having your phone on is not. I'm ok with things attached to calls, I'm not OK with blanket tracking of peoples locations.
The standard that I use is what information would you have gotten from a pen register in say 1973 or at least inferred from other sources of data, which is, calling party, called party, duration of conversation, location of parties in call, and really nothing more. Which leave out whole hosts of other kinds of data, like e911 pings, and tower data (showing all the users on the tower) and so on. Because much of this data is compelled to be kept by the government beyond what would be needed for engineering purposes (or in the case of e911 data generated by order of the government) it most certainly shouldn't be available without a warrant.
I find your argument, which is based on what the government compels others to do, to be oddly limited. You often focus on the phone call aspect of a phone, and compare it to a 1970s pen register. But that doesn't fit with modern phones.
An SMS message, or a smart phone check for new messages or to get map data, would under the 1970s technology parallel be implemented as a phone call. Under your logic, law enforcement would get all this information as well, no?
If so, most smart phones positively leak information. (Note that according to Judge Leon's opinion, it's not known if the metadata we're talking about includes data related to text messages. See p52, footnote 56.
If not, why not?
Also, the current system captures more information than a 1970s pen register. As footnote 57 points out, the pen register in the 1970s Smith decision did not keep track of if the phone call went through, nor the length of the call. It then points out the difference between building location from the 1970s, and caller location from mobile phones, with reference to New Jersey vs. Earls. 'the New Jersey high court found that "cell-phone location information, which users must provide to receive service, can reveal a great deal of personal information about an individual."'
So at least in New Jersey there is a distinction between the two.
The point in Judge Leon's opinion is that "This rapid and monumental shift towards a cellphone-centric culture means that the metadata from each person's phone "reflects a wealth of detail about her ... associations" ... that could not have been gleaned from a data collection in 1979." (page 54).
While you are entitled to your beliefs, I would enjoy it if you compared your beliefs to the actual opinion under discussion.
I should point out, the original post I meade that spawned this rather large thread, had no bearing on the decision - it was my opinion purely.
Something else I should point out - there were mobile (pre-cellular) phones in the 1970's and some geolocation data could be implied from their use - because in most cases they couldn't roam beyond their home area. For what its worth, some of this data could have been gathered as early as 1979 - when the first AMPS systems were being turned up.
Beyond that - I guess what I'm looking to say is, landline equivalence, I don't think you should be able to collect more information about a mobile phone user than a landline one, even if the information is there - at least not without a warrant.
My discussion here has really been about what is acceptable without probable cause and a warrant, and not just for the NSA - but for all Law Enforcement Agencies. I think Call Detail Records and Call Associated Geolocation Data is acceptable, but really, nothing else, not without probable cause and a warrant, I even think that using big data techniques on CDR's is novel and worthwhile - but it should be as a clue to find more information thru old fashioned police work, not as the end evidence.
Yes, I do believe I understand your argument. My question to you is three-fold:
1) the judge gives 10 pages of opinion, with 4 distinct points, on why land-line equivalency cannot be used as a guide. Can you speak to why you disagree with those 4 points?
2) Do SMS and app data count as "telephone calls"? Does an open TCP socket, which isn't in use, count as a "telephone call"? Under a landline equivalency doctrine, your answers must be yes. In that case, if most people's phones check for messages automatically every 5 minutes, then is there really that much of a difference than what we have now? Will your view change in the future when peoples' phones connect every minute, or have a continuous connection?
Also, since you mentioned the start of this rather large thread, there's another point. You said "I'm somewhat OK with big data being used in this case, these are cases that traditional police work cannot be used in"
Judge Leon pointed out that the government has provided no evidence that "big data" was used to solve any case, and that a government witness has stated that most of the times other methods could be used, only that metadata gathering is faster and cheaper.
3) Given that, how do you draw your opinion that traditional police work cannot be used in this case, when the government themselves cannot convince the judge?
> It depends on the KIND of GPS metadata - the GPS that is generated when I call happens is attached to the call metadata. The Metadata that is generated just by having your phone on is not. I'm ok with things attached to calls, I'm not OK with blanket tracking of peoples locations.
Maybe I'm fully mistaken here, but I think that's the exact same KIND of GPS metadata, which is that generated by tower triangulation. The way you phrase it, I interpret the latter type of GPS data as that which is generated by the internal GPS chip on a smart phone, but to be sure, the police can track the location of a dumb phone through triangulation when a phone is just 'on', without the requirement that calls be made, and the mechanism is the same.
Why is the former special, when the mechanics are exactly the same?
Because you have to do something beyond having your telephone ready to use, like making a call - and the call associated Metadata is a given, location is somewhat inherent to a landline.
> Because you have to do something beyond having your telephone ready to use, like making a call - and the call associated Metadata is a given, location is somewhat inherent to a landline.
Concerning cellphones, that is a distinction that only you make. Network-based location service doesn't make it, nor do the authorities, nor do the telcos, nor does your phone. Network-location can be done even on dumb phones, and if they can capture your location from making a call, they can capture your location without you making a call.
Regarding handset-based GPS technology also does not depend on whether or not you're actively making a call or not. Obviously, this excludes dumb phones that don't have GPS, but location tracking is done anytime your phone is on and the GPS radio is active. if the GPS radio is inactive, network-based location still works. If your phone is on, your GPS radio is active, if someone is tracking you based on that information, it makes no difference to them whatsoever whether your phone is making a call or not -- you are just as trackable either way.
Beyond this, again, I fail to see the distinction anywhere. If we're just talking about what's in Smith v MD, which was decided in 1979, then we can exclude all cell phone data whatsoever, as they weren't in use then. If we're talking about just landlines, then the content of the calls would be excluded anyway. Either way, none of it is necessarily conclusive without the content of the call itself, because anybody could have made the call.
I'm just confused as to where you chose to draw the line specifically, as there really isn't a line there. You're of course welcome to make the distinction however you like, but if you're basing it on some precedent, I'm afraid there isn't any. If you're basing it on technological limitations, then again, there isn't any. If it's just your personal preference on how trackable you think you ought to be, then I'm worried you're dramatically underestimating the implication of what you're saying.
For what its worth - I didnt read the decision because when I started this thread, I was commenting on an NBCNews article.
That said, I largely agree with the judge - I think I didn't know the full details - I didn't know the government kept historical data for 5 years. Based on the early reports, I presumed they kept the last 90-180 days on hand in an indexed database and if not needed it was aged out. So I made some assumptions of what was going on, and they were much more limited than reality.
I think that moment has hit all of us at some point. I remember seeing the first of the Snowden documents roll out, and thinking "Well, duh, of course they are."
It wasn't until probably months later that I realized how much greater the scope was in reality than even the worst of what I'd assumed... that this[1] had been built, basically, to accommodate all the data they were acquiring... that they had hooks not just into the telcos, but into the ISPs, and into service providers like Google, Facebook, et al.. It wasn't until well later that I realized that, now that the public has heard about this and exclaimed how against it they are, that nothing would be done without fierce political pressure.
Also, I'm betting the 5 years is just a target figure, or, more qualified, I bet what they actually mean is "at least" 5 years. Of course, having seen everybody involved with this lie at least once, and brazenly too. This is the first step in making all this go away, or at least paring it back to something reasonable. I'm not comfortable with every communication being tapped that the government just happens to be able to get their hands on.
Correct. I largely hold position (a). I believe in position (b) as well, but there is a bar there, if something is above a certain level of invasion in invokes my belief in position (b) otherwise I consider it to be generally acceptable. Geolocation data is one of those things that invokes position (b) because I consider it to be an unreasonable invasion of privacy.
Based on parent comments, you're ok with the government knowing WHO/WHEN you call someone. But you have a beef with the government knowing WHERE you called from?
And your basis for that is that they've always been able to collect WHO/WHEN, but WHERE is different because it's new?
The geolocation data is not tied to placing a call, the cell carriers keep and have a record wherever my mobile terminal is whenever its turned on and registered. Its tantamount to putting a GPS tracker on my person. This to me is a totally unreasonable encroachment on my right to privacy.
The where attached to a placed call is a grey area for me. It's might be acceptable, it might not, because where is a given when using a landline.
"I don't want to see us throw the baby out with the bath water as it were, nor do I want the unreasonable encroachment on privacy to continue."
I believe you have a valid point about moderation being the key here. Obviously there are bad people in the world, and obviously the state has a need to investigate their actions in an effort to protect us from them. And it is always a mistake to go around with your hair on fire demanding absolute answers to nuanced questions.
But right now from where I'm standing? I'm happy with throwing a lot of baby away. Maybe we keep his foot. Or a toenail. Rest of him's gotta go.
Here's the reason why: we are at the end of a slippery slope, not at the beginning. We started off with the state knowing next to nothing. Bit by bit, over the decades, they've encroached more and more. We've got to roll this back and take an honest look at whether all that we've lost was worth it.
I agree we're on a slippery slope, but disagree that it's a slope of state encroachment. The precedents at issue here are decades old (the line of cases starts in the 1960's), and even the first time the 4th amendment status of phone calls came up in the 1920's, the Supreme Court determined that they were not protected because the phone company had access to them.
The government has not been invading previously protected spaces. The slope here is people broadcasting previously private information indiscriminately into the ether, to locations that the government always had access to.
I believe that you are saying that the people, by using new methods to communicate, are encroaching in on government's "natural" right to scrape up everything it possibly can?
That's certainly an interesting way of looking at it. The government retains all the rights to collect anything it can, and it's up to the citizens to act in such a manner as to stop it.
Please correct me if I missed this. Fascinating 180-degree reversal of natural rights.
Constitutionally, if an end is generally within the federal government's enumerated powers, the government can take any steps "necessary and proper" to achieve that end, unless it infringes on a right. That's basic U.S. Constitutional law since 1819.
It has been long understood, since at least 1963 if not earlier, that the federal government does not violate someone's 4th amendment rights by acquiring information that a person has voluntarily disclosed to a third party, on the very reasonable grounds that if you risk someone disclosing that information by divulging it to them, then it's not really private information.
What you've seen since then is not an encroachment of the government into areas previously considered private. Instead, what's changed is people sharing "private" information in ways that were never protected: specifically by exposing them broadly to third parties.
Well, there it is. The administration's case. It is legal.
However, my question was along the lines of political theory, not constitutional law. There's no doubt that some really powerful legal minds have concluded that all of this is legal, but can a government function this way? Obviously this type of information collection and storage wasn't happening before at this scale. Obviously it is now. Aside from the most likely correct reading of the constitution, does it not seem from a simply observational viewpoint that something is now amiss? Would it not be reasonable for the average citizen, looking back on decades and centuries of private conversations with his friends, meetings which did not involve public records being kept, and private papers immune from government scrutiny, to wonder if somehow he wasn't getting the short end of the stick compared to his ancestors? Or is your response that since it is legal, our citizen should just shut up? Or perhaps you have something along the lines of "elect representatives who will then pass laws"
I find it fascinating that the status quo has changed so much, and because a technology shift was involved, your presumption is that it is the citizen who should have been more wary, lest his personal affairs become part of the public record. Especially since 1) officials have been very careful not to allow the citizens to know what they are recording and what their capabilities are, and 2) It's virtually impossible to live in the modern world without "broadcasting"
If you've got something else besides "but it's legal!" I'd love to hear it.
> However, my question was along the lines of political theory, not constitutional law.
There is an important practical reason for drawing the distinctions and putting things into correct legal perspective: if you believe that the government has slowly chipped away at legal rights that used to exist, then it's harder to justify believing that political action can change the status quo. On the other hand, if you recognize that what you really have is a disconnect between peoples' behaviors as enabled by new communications technologies, and the government's acting pursuant to established law, then it's much more justifiable to believe that political action can change the status quo.
As for whether the government should collect less or people should be more wary of broadcasting their private information, my answer is: both. I think laws are necessary to create protections for electronic communications that didn't exist before (and I think those laws could work because I don't believe the government is just ignoring the law). At the same time, I find it a little bit disingenuous for people to complain about being tracked when they carry little tracking devices around with them.
Ultimately, what you'll see is a shift in equilibrium of privacy. I don't think you can structure the law to hamstring the government so much that it doesn't know anything more about you than it did in 1975. Not in an era when people broadcast their bowel movements in real time to their thousand closest Facebook friends so that companies can spam them with advertisements for the best laxatives. Socially, we're in a post-privacy era in that regard. Though I do think you'll see the equilibrium fall at a point short of "the government collects everything, all the time."
I'm not sure I'm getting any more detail with your last response. It seems that you are wanting to shift the discussion now from "But it's legal!" to more along the lines of "But whether people think they have a chance at changing things is important!" This is interesting, but only if you assume the entire situation is in the toilet and your goal is simply to try to mitigate a disaster approaching on the horizon.
I'm not so sure that such mitigation is possible or wise. As I recall, the entire reason for having a Bill of Rights was the fear -- to the point of considering this a certainty -- that the government would encroach on individual rights and continue encroaching unless it was specifically forbidden to do so. Now perhaps from a civil unrest viewpoint it's better to have the plebians thinking they have a shot at changing the great ship of state by the traditional democratic process, but I doubt the founders would have believed it. For historical reasons.
I have no idea if the "post privacy" world is upon us or not. If I have any say, the answer is something along the lines of "fuck no!" but, unfortunately, they do not ask me these things.
I do know, however, that lots of folks view most all current problems through political filters. They tend to forgive more when their guys are in power and condemn more when they're not. This, along with changing up the figureheads at the top of the corrupt political system regularly, has kept a lid on social unrest for a good long time. Here's hoping that continues along unimpeded.
At the risk of playing messenger and getting shot, I'll say this: I think what rayiner's trying to do is clarify the narrative. Right now the dominant narrative on HN seems to be "the government has expanded their powers to intrude on our right to privacy." Rayiner is suggesting that perhaps the government is simply exercising the power it had been granted over years of precedent-setting court decisions (including, critically, the loss of expectation of privacy when information is handed to a third party). According to this alternate narrative, what has changed hasn't really been the government's scope of power, but rather our increasing reliance on third-party services to mediate our interactions in the modern world. As more and more of our communication is digitized and aggregated by third party services, more of our information falls within the government's constitutionally limited scope.
A key point of contention is whether what we're seeing here is the government breaking laws, or the government following laws that simply haven't caught up with the times. Rayiner believes (I think) that it's the latter, and therefore has reason for optimism; as he says, "I think those laws [to protect electronic communications] could work because I don't believe the government is just ignoring the law."
> As I recall, the entire reason for having a Bill of Rights was the fear -- to the point of considering this a certainty -- that the government would encroach on individual rights and continue encroaching unless it was specifically forbidden to do so. Now perhaps from a civil unrest viewpoint it's better to have the plebians thinking they have a shot at changing the great ship of state by the traditional democratic process, but I doubt the founders would have believed it.
This "rights-centric" view of the founding is a bit of historical revisionism that seems to be in vogue as of late. The framers saw republicanism, federalism, democratic accountability, and separation of powers as the key bulwarks against excess government power, not the Bill of Rights. That's why the Constitution is almost wholly preoccupied by defining a blueprint for these things.
Only one of the 85 Federalist Papers is primarily concerned with individual rights, and it's an argument for why a Bill of Rights is unnecessary: http://thomas.loc.gov/home/histdox/fed_84.html. In Federalist 84, Hamilton makes the argument that a Bill of Rights is unnecessary in a democratic republic. In the context of the freedom of the press, he writes:
"What signifies a declaration, that 'the liberty of the press shall be inviolably preserved'? What is the liberty of the press? Who can give it any definition which would not leave the utmost latitude for evasion? I hold it to be impracticable; and from this I infer, that its security, whatever fine declarations may be inserted in any constitution respecting it, must altogether depend on public opinion, and on the general spirit of the people and of the government. [3] And here, after all, as is intimated upon another occasion, must we seek for the only solid basis of all our rights." (emphasis added).
> This, along with changing up the figureheads at the top of the corrupt political system regularly, has kept a lid on social unrest for a good long time. Here's hoping that continues along unimpeded.
Well obviously we don't see eye-to-eye on whether its worthwhile to fix the spying issue, because we apparently disagree about whether it's a defect in an otherwise fairly sound system, or a symptom of irreparable corruption. I will say this, however: revolutions are rarely democratic processes. They are, more often than not, a way for radicals and other ideological minorities to impose their viewpoints on the majority. I don't think they're something to look forward to.
The important point is that the founders felt such boundaries were mere "parchment barriers", not that such boundaries were unnecessary! just the opposite. The BOR was created because the states would not go along with ratifying the constitution based solely on structural descriptions. Clear and deliberate promises would have to be made, and even then all the parties concerned were dubious such promises would hold out over the test of time.
I agree with that assessment. I think systems of people drift from well-executing to poorly executing. Good systems of people have self-correction mechanisms built in. Our system of government has one such system. Over time, however, the self-correction mechanism itself becomes broken.
I do not necessarily feel that it is irreparable or a revolution is required (as opposed to many of the founders, who privately felt that another revolution was all but certain). I'm simply pointing out that you can't keep beating the same mule and expecting it to continue plowing the field. I think that's the difference here. If I understand you correctly, the problem is one of perception -- if only we could get those citizens happy again! Whereas in my mind the problem is structural -- over time, with the government in basically a state of war with its own population, "keeping them happy" is not in the cards.
I'm not sure what a "fix" would be, but I'm not opposed to any action taken on the issue. Couldn't hurt. The spying issue isn't an issue because I'm upset about it -- the problem here isn't that people are just going bonkers when they realize what's going on (as Senator Wyden describes). The problem is that the democratic system of government itself cannot function over a long period of time with the state knowing so much about the people. It just doesn't work. That's a theory of government problem, not a constitutional or realpolitik one. If you understand that, then you realize that this is the type of problem that exists outside of the structures created to contain it - hence the response that "it's all legal". Of course it's legal. We don't have tyrants out to purposefully destroy our system of government. Instead we have patriotic, brilliant, and hard-working people out to protect us. And these people will continue to game the system in any way possible to make sure we're protected. That's how we got here.
I think if you don't understand how we got here, and you don't understand the nature of the problem, it becomes very difficult to understand what could be done to "fix" it. You might start thinking that you could vote in some handsome slick-talking schmucks who can wave a magic wand around and put the genie back in the bottle. That might be a great recipe for kicking the can down the road, but not so much for actually self-correcting. From where I sit, a few more constitutional amendments are going to be necessary. Good luck taking bets on when that's going to happen.
EDIT: I'll also add that the anti-federalists, you know, those tin-foil-hat-wearing hand-waving guys, turned out to be exactly correct in many of the arguments they made against a federal government. A standing army, use of the executive to control the military and interfere in state's matters, and so on. At the time they were shouted down as being paranoid. Sounds very familiar, doesn't it?
But I honestly do wish you the best of luck in your "vote some good guys in office" plan. Anything that will keep the country on a stable path for another century or two is a good thing in my book.
Just because the third-party doctrine has always been applied to phone records, doesn't mean they were not protected. The court just decided they weren't. The TPD is not law.
I'm normally amenable to the "just because the Supreme Court says so doesn't mean they're right" line of argument, but in this case not as much.
The 4th amendment prohibits "unreasonable" searches and seizures. The word "reasonable" has an important significance, one of which the founders (being mostly lawyers in the Anglo tradition) were aware. When the standard for something is "reasonableness" that essentially commits to the judiciary the task of drawing lines on a case-by-case basis and developing doctrines to guide that task.
In other words, what the Supreme Court says about the 4th amendment has particular relevance because the wording of the Constitution commits to the judiciary, in a special way, the task of determining the scope of the 4th amendment.
Of course, but by the same token it doesn't make sense to say phone metadata was previously protected nor unprotected. It was just an early point (cf. CFAA) at which the gov't made a case that they should never be blocked from getting this information whenever they want, for any reason. Likewise, "reasonable" is really putting lipstick on the pig, since there was really no previous history of use for the data, aside from phone companies keeping it away from law enforcement as a matter of business. Furthermore, as far as the TPD goes, there is no "case by case" basis once the judiciary says, "if the person gives it to a business, it's yours."
I actually would argue we're about half way up, we can choose to continue to slide down the hill, or claw our way higher, and have the government have less access, or 'give up' and slide down the hill, hoping that the overlords are benevolent. I personally want to claw our way a little higher up the hill again.
You wrote: "the stuff that would have been captured by a pen register decades ago"
Yes, but pen registers (as noted in Judge Leon's opinion today) were different: they lasted a few days and were targeted at an individual. Neither case holds for bulk NSA surveillance that lasts indefinitely and vacuums up billions of records.
In addition, the opinion points out that the "Supreme Court itself has long-recognized a meaningful difference between cases in which a third party collects information and then turns it over to law enforcement ... and cases in which the government an the third party create a formalized policy under which the service provider collects information for law enforcement purposes. ... It's one thing to say that people expect phone companies to occasionally provide information to law enforcement; it is quite another to suggest that our citizens expect all phone companies to operate what is effectively a joint intelligence-gathering operation with the Government."
All of pp 47-56 are used to contrast "the stuff that would have been captured by a pen register decades ago" with what the NSA does now.
> Who you called, who called you, how long you talked - this stuff, which is otherwise known as call detail records it available to nearly everyone who works for the telco
And to law enforcement with a warrant for a specific person relating to an ongoing investigation. All the NSA just got rid of that pesky legal requirement. Why all the fuss?
Also that anyone at the telco that used that information, if that got out that anyone probably wouldn't have a job for long.
Exactly my arguments about CDR's, I have mixed feelings about disclosing location with CDR's - but if it were a landline, the location part is sort of a given, unless using a beige box or some other diverter like object (like a DISA on a PBX).
All you really said is that you were comfortable with things the way they are.
I'd like to see some sort of data rights legislation, where when I ask the phone company to please try to connect me to some other person I can expect that they are minimizing access to those details. I wouldn't even mind if my requests related to service problems meant authorizing a period of wider disclosure. That at least changes the tone of the privacy discussions (and 'trusted third parties' are a well carved out aspect of privacy).
I'm uncomfortable with the way things are, I'd rather things be more like they were a decade (or more) ago, which is to say nearly universal access by law enforcement to call detail records on demand, these records might include location call is placed from (for both Mobile and Landline telephones), I'm also comfortable with disclosure of Text Messaging metadata (envelope information), but not Geolocation data attached to texts without a warrant.
I'm deeply uncomfortable with anything beyond this - that includes but is not limited to geolocation data not tied to a voice call without a warrant, taps on IP/Text/Voice content without a warrant.
I (and probably many others) would be more accepting of my data being collected and analyzed if there was an equal effort by the government to make it's own data equally available and easily analyzed. Instead I feel like the government is as secret as ever (and prone to blatant lies) and I'm skeptical of their actions by default.
Can I use any of this new tech to see which lobbyists a Senator talked to before an unpopular vote or listen in on some of those back-room meetings? Or is it only the general population that gets spied on?
Collecting metadata about email is OK - as in, who you mailed, and who mailed you. This information is no more private than the address on an envelope being sent to you via the postal service. Collecting the email itself I think has a higher bar to cross - the logic used in the CDR collection was akin to that of the postal mail address question.
A question of legal history: Were warrants required to "tail" a suspect? If not, I could see the case being made that indiscriminately "tailing" all cell phone users is an extension of following someone in a car. I disagree that the same standard applies, but from a legal perspective I think it's important to note whether there was a precedent set that allows "publicly available" or "non-invasive" data to be collected sans warrant.
No warrant is required to follow someone in public.
Why do you think call record and geolocation data are 'publicly available' data? How are they accessible to the public at large? If they were accessible to the public at large, the government wouldn't need to ask teleco's for the info, or for permission to install the government's own tracking devices -- if someone in the public at large asks a teleco for this info, they aren't going to get it, it clearly isn't public information.
I would include call record and geolocation data in the "non-invasive" category, because they can be accessed without disrupting the target. On the other hand, "publicly available" data are the publicly observable actions the target takes. Twenty years ago that meant getting in a car and driving somewhere. These days that might also include a Twitter stream or GPS EXIF data on publicly published photos.
I suspect the courts would agree that actual public things, like a twitter stream or publicly published photos, can be viewed and recorded without a warrant. And I would agree with you that that is right and proper.
I find your 'non-invasive' category to be odd though. I am not sure there is any legal basis for 'non-invasive' having any bearing on these issues, nor do I think it ought to. Recording the full contents of all your phone calls would be just as 'non-invasive' as recording the 'metadata' -- it would not 'disrupt the target' in any case. I don't see what 'non-invasive' has got to do with it.
From a legal perspective, I don't know if non-invasive data collection falls under a certain category. I know that authorities cannot enter my home and bug it or install cameras without a warrant. Authorities cannot install a camera in my bathroom to see if I am flushing away drugs, but can they ASK the water company to tap my pipe as it returns to wastewater management? The first action would require a warrant, since they are violating my home and person to obtain the information. If the same or comparable data are gathered through the cooperation of a third party, does that action still require a warrant?
I suppose the standard of 'non-invasive' is whether information is collected directly from my non-public activities (warrant certainly required) or from compliant third parties. Of course if the third party does not cooperate then a warrant will compel their cooperation.
I would argue that ANY data collection on a target should require a warrant issued by a judge for probable cause. So, indiscriminate collection of cell phone metadata would be prohibited, because my metadata is included, and there is no probable cause for surveillance against me.
One difference is that it's not in a central GOV DB. Shouldn't it be considered private if the company can guarantee me it's not analyzed by the government without my knowledge?
The presumption by many people was that it was available to the government on demand before, it matters little to me if the government has it whenever it asks for it, or has it on file in near realtime - either way, I get no notice that someone has asked for it.
This one judge is the least of their worries. There are a dozen more federal cases coming over the next few years (the one going on in NY right now for example, by the EFF or ACLU, forget which).
All the momentum is strongly against the NSA, and the Snowden documents will continue to apply an endless wall of pressure. They likely won't get a chance to breathe in terms of making themselves look good (short of maybe a false flag to save the day).
Obama is about to meet with 'Silicon Valley' to try to deal with that fire. Whether it's meant to pacify them or to actually act on their marching orders (money rules), it points to the fact that the NSA & Co. are struggling non-stop to contain the wild fire.
I don't know. I don't think NSA & Co. give a crap! I think they think a lot along these lines:
Son, we live in a world that has walls, and those walls have to be guarded by men with guns. Who's gonna do it? You? You, Lt. Weinburg? I have a greater responsibility than you could possibly fathom. You weep for Santiago, and you curse the Marines. You have that luxury. You have the luxury of not knowing what I know. That Santiago's death, while tragic, probably saved lives. And my existence, while grotesque and incomprehensible to you, saves lives. You don't want the truth because deep down in places you don't talk about at parties, you want me on that wall, you need me on that wall. We use words like honor, code, loyalty. We use these words as the backbone of a life spent defending something. You use them as a punchline. I have neither the time nor the inclination to explain myself to a man who rises and sleeps under the blanket of the very freedom that I provide, and then questions the manner in which I provide it. I would rather you just said thank you, and went on your way, Otherwise, I suggest you pick up a weapon, and stand a post. Either way, I don't give a damn what you think you are entitled to.
What a sorry piece of news! A federal judge thinks that mass surveillance is LIKELY unconstitutional? The only thing the constitution is good for these days is wiping you ass. Even if these practices are officially ruled as illegal, what will change? How will the oversight be conducted to prevent such practices from continuing. In my opinion, the NSA will simply begin hiding their operations from oversight. The biggest question is whether it is possible at all to implement practical and systematic methods that correctly oversee such government organizations. Is there a solution that guarantees that it will be impossible for the NSA and the like to hide their actions considering the almost system-wide corruption of government bodies? The solution to this problem is difficult to imagine for this reason.
Um, the judge went as far as he could given the procedural posture of the case. He was not asked at this stage to go any further; nor could he have.
Yes, many provisions of the Constitution and BoR are widely ignored by congresscritters, bureaucrats, and judges. But this is not one of those examples.
The NSA clearly at least makes some attempt to rationalize its actions according to the law and precedent (hence the focus on "metadata", exceptions the administrations has made for "national security", etc). This is true even if we on the outside believe those rationalizations to be rather flimsy or themselves unconstitutional.
Having an official ruling that explicitly states that certain activities are unconstitutional means, at the very least, that they must come up with new rationalizations (or stop rationalizing altogether, though at that point it'll be harder for your Average Joe NSA Engineer to continue to believe they're the good guy).
> The NSA clearly at least makes some attempt to rationalize its actions according to the law and precedent (hence the focus on "metadata", exceptions the administrations has made for "national security", etc).
It's misleading to call the NSA's legal justifications "flimsy" rationalizations. They're rooted in two well-established principles of American law:
1) Foreigners on foreign soil don't have Constitutional rights.
2) Information knowingly exposed to third parties (such as banks, accountants, etc) are fair game for judicial subpoenas.
The NSA's programs aren't resting on reed-like rationalizations. They may be unconstitutional at the edges (procedures for ensuring that target is foreign?), but they're otherwise on solid foundations.
Furthermore, the courts won't do anything about (1). It's too deeply embedded a premise. As for (2), courts may very well pull that foundation out from underneath the NSA. But it will be a long process, because it's tied up in the same doctrine that justifies things like the SEC subpoenaing Enron's records from its accountants, and other powers it would be difficult to convince people to abandon.
Certainly, the NSA is surely dug in like a tick when it comes to domestic surveillance. Even with this ruling, I'm sure it will be years before they actually stop the cited unconstitutional behavior, if ever.
My question is, did the process fail in allowing it to happen in the first place, or is this correction after the fact the way the system is intended to work?
they invested so much I'm sure this is how it is for good now, no turning back. that's the screwed up thing. America seems to have a lot of sunken cost fallacy. Once they've begun something it's easier to continue illegally than tear it all down. Same deal with 23andme Genome stuff. Makes more sense to them to operate illegally & take on the FDA than slow down a lucrative business.
I can seriously picture some sort of phased process where they stop doing one thing, and then another, over the course of several years. It would be as a result of this ruling or one like it, which explicitly calls out the behavior as invasive and harmful, but they would tread on as long as they could thanks to sunk costs.
It'd be akin to a bully with a tazer saying "Well I've already spent the past several years tazing you several times a day and I spent sooo much on this fancy tazer, so how about we bring that down to just twice a day for the first year, then daily for the year after that, then every other day, and so on?"
This is a significant ruling; but only one small step in a long journey. The importance attached to our choice of destination is heightened by the ever-changing technological landscape over which we travel.
The increasingly pervasive and omnipresent nature of public and private sector surveillance, together with the intimate and revealing nature of the information collected, presages a new phase in the relationship between individual and the institutions and organisations to which our social and economic fealty is directed.
A relationship that is far closer and far more intimate; based on an extensive knowledge of the individual's drives, weaknesses, foibles, and personality traits. We can clearly see a worrying potential for forced intimacy and abusive exploitation of the relationship; just as we currently observe (thankfully infrequent) incidents of abusive physical violence and coercion. Perhaps the most troubling aspect of this is the potential that modern technologies have for scalability; facilitating abuse on an industrial and global scale, in market contrast to the inherent limitations of abusive physical interventions.
The key factors here are the fact that the information is intimate; that the collection is involuntary and coercive; and that the means of collection and exploitation may be automated and deployed on a large scale.
The presence or absence of mens rea is besides the point.
Sunday night they carry water for Amazon or NSA. Right before Monday, the big day.
(My presumption: The NSA knew a ruling was coming today. Getting a puff piece on 60 Minutes is positive spin regardless of whether the ruling turns out good or bad for them.)
The pervasive and omnipresent nature of the surveillance, together with the intimate and revealing nature of the information revealed, presages a new phase in the relationship between individual and state; one that is far closer and far more intimate; based on an extensive knowledge of the individual's drives, weaknesses, foibles, and personality traits. We can clearly see a worrying potential for forced intimacy and abusive exploitation of the relationship; just as we currently observe (thankfully infrequent) incidents of abusive physical violence and coercion. Perhaps the most troubling aspect of this is the potential that modern technologies have for scalability; facilitating abuse on an industrial and global scale, in market contrast to the inherent limitations of abusive physical interventions.
Is there any way to tackle this at the Terry level? It seems like we can protect ourselves more if we can explicitly eliminate the ability to systematically manufacture terry stops based on phone calls, other behavior, skin color, religion...
I don't think Terry is applicable. Terry has to do with stopping a person based on some suspicion that that person might be committing a crime. You're quite right to point out that the suspicion required is minimal, and that it's easy to manipulate. However, the type of search that can be conducted through a Terry stop is limited to fairly strict justifications--the officers can really only conduct searches to protect themselves (i.e. to see if you have a weapon) or evidence (to prevent you from destroying it).
But what's going on here is massive, indiscriminate collection of information on people whom the government has no reason whatsoever to suspect of any crime. Not only that, the officer safety and evidence preservation justifications don't apply either. NSA surveillance isn't really comparable to conducting a Terry stop on the entire nation.
My interpretation was that this was the justification for three-hop data imports based on phone selectors. Which, to me, is interpreting RAS as allowing for stopping and frisking an entire network of people to discover previously unknown operatives, based on suspicion of just one. If you try to imagine how that would look in real life, it's a bit scary. Actually, racial terry stops lean toward doing just that.
We need to generate tangible evidence to the political system that the defenders of the NSA have no credibility. Restore the Fourth SF and others have created a mechanism for Californians to do so.
https://shameonfeinstein.org/
Whether one supports the NSA program or not, it's fairly clear that it's not compatible with the 4th Amendment as understood today. The Constitution has been amended before, if this is important it needs to be taken under the umbrella of a Constitutional amendment.
Does it even matter what the courts say? The NSA seems like it has no problems operating outside of the law and lying when asked what it's actually doing.
At this point, the USA has a ton of enemies. Filtering through emails, phone, etc. is a good way to catch these. We need to give law enforcement the tools it needs.
Seeing how this access was abused to hunt down Tea Party groups convinces me that the NSA needs to be de-politicized, not shut down.
I think we'll find that this monitoring is inevitable because the technology is there and also, since the technology is there, if it is not used and a terrorist incident occurs, people will be held responsible for NOT using it.
For one, the United States has a ton of enemies because of dirty and mean things we have done to other countries. Maybe if we fixed our foreign policy and stopped dropping bombs on poor people there'd be less people that hate us. That would be a lot simpler than making people hate us more by spying on them, installing backdoors in encryption standards, spending billions of dollars on said spying, not having proper auditing of said spying, and putting our democracy at risk due to said spying.
As for the monitoring preventing a terrorist attack:
A. As of yet they have not been able to demonstrate that they have successfully prevented an attack based on information they gained through the NSA. The best they could show was that they arrested some taxi cab driver in California who sent $8500 to some militants.
B. Even if the massive spying prevented some attacks, you have to ask, "at what cost?" This type of unaccountable intelligence apparatus has the very real potential to undermine our democracy and turn the United States into a police state. In some ways that is already happening. And if you get too far down the road towards an authoritarian government, some humanities worst atrocities await.
Terrorists may have killed thousands in the last century, but murderous governments have killed 10's of millions, potentially over 100 million. And I'm not talking about war, I'm talking about state-sanctioned murder. I'd rather take my chances with the occassional nutjob with a pressure cooker than an oppressive government .
I'm not saying we need to get rid of the NSA completely, but it should be dramatically curbed and it should have a lot more independent and transparent oversight. From the get-go dragnet spying on Americans should be ended.
> "Filtering through emails, phone, etc. is a good way to catch these."
There has not been evidence that the benefits of doing the search outweigh the costs to a free society. For an example quote from this case, p62 of the court opinion:
"Given the limited record before me at this point in the litigation - most notably, the utter lack of evidence that a terrorist attack has ever been prevented because searching the NSA database was faster than other investigative tactics - I have serious doubts about the efficacy of the metadata collection program as a means of conducting time-sensitive investigations in cases involving imminent threats of terrorism."
If you have any evidence that the NSA domestic telephone metadata gathering has been effective at catching enemies of the US, then I'm sure the courts would love to hear from you. Since the government has not presented that information, I am certain that you do not have any evidence that "filtering .. is a good way to catch these."
> "if it is not used and a terrorist incident occurs, people will be held responsible for NOT using it"
Well, yes. That's why we have laws and court cases - to define where those limits are.
If someone shoots and murders someone else, then there can be the cry "let's ban all guns!", but the 2nd amendment prevents that. If a newspaper wants to print secret documents which show that the president "systematically lied, not only to the public but also to Congress", then the 1st amendment can prohibit the government from getting a prior restraint injunction.
This is all about giving a reason for why the NSA or other organization is NOT responsible - because doing so would be against the law.
The writers of our Constitution specifically enumerated the rights we have so that they couldn't be taken away for the sake of security. Liberty is more important than security and it is the government's responsibility to provide the latter without trampling on the former.
District courts have the final say in the vast bulk of routine matters that never get appealed, and they can play an influential role in setting the presumptive factual record in high profile cases destined for appeal. But in a high profile case destined for appeal that largely turns on interpreting the Constitution, this court was mostly a gatekeeper. In other words, if the district court had ruled the other way, maybe that would have been the end of the story. Given that it ruled as it did, this will certainly be heard by the Court of Appeals for the District of Columbia (possibly by one of the judges appointed by Obama now that the filibuster has been weakened), and then if the petitioner wins there, either by the full DC Court of Appeals en banc, or the Supreme Court, or first one then the other. If Smith v. Maryland is to be overturned, it will be the Supreme Court that does it, not a district court.
Still, I wish the plaintiffs the best of luck.
For further analysis keep on eye on fourth amendment guru Orin Kerr. His first post describing the opinion is already up: http://www.volokh.com/2013/12/16/judge-leon-enjoins-nsa-tele... and he says another with analysis will be coming soon.