Unnamed Phone Company Challenges NSA's Bulk Records Collection; FISC Says It's Perfectly Legal

Privacy

from the of-course-they-would dept

Late on Friday, the FISA Court unclassified a few documents, including a ruling on an until now secret attempt by a telco to challenge the latest FISC order demanding that the telco hand over metadata on all phone records under Section 215 of the Patriot Act. The telco’s name is redacted, but it relied entirely on Judge Richard Leon’s ruling from December, which found the bulk collection of phone records unconstitutional. Basically, the telco appears to have received the renewed Section 215 bulk collection order from FISC in January, and then challenged it on the basis of Judge Leon’s ruling. The FISC shoots down that challenge, rejecting Judge Leon’s reasoning, and insisting that bulk collection of phone records is perfectly legal and constitutional.

Turning now to the merits of the Fourth Amendment issue, this Court finds Judge Leon’s analysis in Klayman to be unpersuasive and concludes that it provides no basis for vacating or modifying the Secondary Order issued [REDACTED] January 3, 2014….

FISC, of course, immediately highlights the infamous Smith v. Maryland case that all defenders of bulk collection point to (and which Judge Leon said did not apply here, given the very different circumstances). But, FISC still argues it applies claiming that the differences are “indistinguishable.”

The information [REDACTED] produces to NSA as part of the telephony metadata program is indistinguishable in nature from the information at issue in Smith and its progeny. It includes dialed and incoming telephone numbers and other numbers pertaining to the placing or routing of calls, as well as the date, time and duration of the calls.

That seems disingenuous at best. You need to be willfully distorting the facts to argue that Smith and the bulk data collection programs are “indistinguishable” from one another. Smith involved information on a single person. The bulk collection covers everyone. In fact, Judge Leon himself went through a rather detailed explanation of what “distinguishes” the Smith case from the bulk collection, including the fact that while people may expect phone companies to occasionally provide information to law enforcement on suspects, they do not reasonably expect the telcos to do that on everything from every person.

FISC Judge Rosemary Collyer admits that Judge Leon explained why the two situations are wholly different, but simply disagrees on every distinguishing factor.

This Court respectfully disagrees with Judge Leon’s reasons for deviating from Smith. To begin with, Judge Leon focused largely on what happens (and what could happen) to the telephony metadata after it has been acquired by NSA — e.g., how long the metadata could be retained and how the Government could analyze it using sophisticated technology. Smith and the Supreme Court’s other decisions applying the third-party disclosure principle make clear that this focus is misplaced in assessing whether the production of telephony metadata constitutes a search under the Fourth Amendment.

Smith reaffirmed that the third-party disclosure principle — i.e., the rule that “a person has no legitimate expectation of privacy in information he voluntarily turns over to third parties” … applies regardless of the disclosing person’s assumptions or expectations with respect to what will be done with the information following its disclosure.

From there, Judge Collyer goes on to restate the rather expansive view that, under the third party doctrine, basically you have absolutely no 4th Amendment rights whatsoever to anything held by a third party. There’s also this fun tidbit, in which the ruling dismisses the “everyone’s content” vs. “just one target’s content”

The aggregated scope of the collection and the overall size of NSA’s database are immaterial in assessing whether any person’s reasonable expectation of privacy has been violated such that a search under the Fourth Amendment has occurred. To the extent that the quantity of the metadata collected by NSA is relevant, it is relevant only on a user-by-user basis. The pertinent question is whether a particular user has a reasonable expectation of privacy in the telephony metadata associated with her or her own calls. For purposes of determining whether a search under the Fourth Amendment has occurred, it is irrelevant that other users’ information is also being collected and that the aggregate amount acquired is very large.

Basically, even though there is a very big distinguishing factor between collecting one targeted person’s info and everyone’s info, the FISA Court insists that this factor can be ignored, because you have to look at it in terms of each person’s individual situation. That seems like a highly questionable analysis, and a very dangerous “cheat” to hide from the biggest factor that makes the 215 bulk collection orders so different from the situation in Smith.

Even more troubling, is that the FISC seems to argue that phone metadata probably isn’t that revealing anyway — which is clearly bogus. It points to the case that Smith mainly relied upon, the Miller case involving bank records, and argues that phone metadata and bank records are basically the same:

It is far from clear to this Court that even years’ worth of non-content call detail records would reveal more of the details about a telephone user’s personal life than several months’ worth of the same person’s bank records. Indeed, bank records are likely to provide the Government directly with detailed information about a customer’s personal life — e.g., the names of the persons with whom the customer has had financial dealings, the sources of his income, the amounts of money he has spent and on what forms of goods and services, the charities and political organizations that he supports — that the call detail records simply do not, by themselves, provide.

I find it equally questionable that bank record information isn’t considered private, but even if we grant that premise, the rest of the argument makes little sense. In fact, much of the above information may not actually be supplied by bank records, and a person can often use cash to leave no such record. While both records may be quite revealing (beyond what I think the 4th Amendment should allow), given the choice, I’d argue that my phone records are a hell of a lot more revealing and private than my bank records.

FISC also rejects the idea that the Supreme Court’s decision in the Jones case (arguing that GPS tracking may go too far) changes the analysis here. Judge Collyer points out that the rulings that Judge Leon relies on were concurring opinions, but not, technically part of the majority ruling (he basically lumped together Justice Alito and Justice Sotomayor’s rulings, despite each taking slightly different approaches).

In the end, the FISC rejects the attempt by the unnamed telco, and basically says that Judge Leon’s ruling is wrong. Kudos to the nameless telco for actually challenging the Section 215 order. Hopefully we’ll find out soon which telco actually made a move to protect its users’ privacy.

Filed Under: 4th amendment, bulk data, bulk records collection, fisa court, fisc, larry klayman, metadata, patriot act, richard leon, rosemary collyer, section 215