We’ve now had federal judges come down two different ways on the question of NSA surveillance of U.S. citizens. In the most recent rulings, Richard J. Leon of the U.S. District Court for the District of Columbia said on 16 December that most of NSA’s surveillance program violates the Fourth Amendment; William H. Pauley III of the U.S. District Court for the Southern District of New York ruled on Friday that the bulk of NSA’s program is lawful.
Commentators have keyed on the different concerns emphasized in the rulings: concerns, respectively, for Fourth Amendment protections, and for the government’s ability, post-9/11, to protect the nation against terrorist attacks. No surprise there.
The Daily Caller cites the New York Times on the central point of law with which both recent rulings have wrestled:
“The main dispute between Judge Pauley and Judge Leon was over how to interpret a 1979 Supreme Court decision, Smith v. Maryland, in which the court said a robbery suspect had no reasonable expectation that his right to privacy extended to the numbers dialed from his phone,” The New York Times reports.
Essentially, Pauley held that the principle in Smith v. Maryland applies to the NSA surveillance program, whereas Leon questioned its applicability given the extensive changes in technology since 1979. (See this summary for a brief discussion.)
Pauley added that citizens surrender personal information to corporations on a regular basis:
“The right to be free from searches and seizures is fundamental, but not absolute,” he wrote. “Every day, people voluntarily surrender personal and seemingly private information to trans-national corporations, which exploit that data for profit. Few think twice about it, even though it is far more intrusive than bulk telephony metadata collection.”
I see two significant errors of logic in the judicial thinking here. Others may no doubt see more. First, Judge Leon discusses the changes in technology since 1979, when in my view the most important reason for questioning the applicability of Smith v. Maryland is the issue of probable cause after the commission of a crime. In the case of a robbery suspect, there is already probable cause for investigating him in relation to a crime. In neither 1979 nor 2013 would a court uphold a “fishing expedition” warrant: a warrant to probe someone’s phone records just for the heck of it.
That’s the “Fourth Amendment” argument. There has to be some demonstrable, rule-of-law, reasonable-man, replicable-criteria evidence of probable cause, in order to “search or seize” things relating to a U.S. person – a government action from which the U.S. person is to be held otherwise immune.
The other error is in Judge Pauley’s thinking. Who cares what people voluntarily choose to disclose to transnational corporations every day? What we’re talking about here is a basis for search or seizure by the U.S. federal government. The latter is involuntary. It’s an act of the state. Precisely because it is an act of the state, against which the recourse of the citizen is limited, the Fourth Amendment provides us strong protections against it.
No transnational corporation can force us to do anything – not even Google. You don’t want Google to know your information, you take precautions to avoid interacting with Google programs on the web. There are companies that advertise they can arrange for you to do just that. And no one assumes you’re trying to hide anything for a nefarious purpose.
That said, I think the different approaches in the two rulings at least get at what the core issues really are. One of them is, of course, the issue of probable cause. If we want to be lazy in our approach to government, we can stop right there, because the protection of the probable cause requirement is already on the books. The NSA program can be held to be one giant, ongoing violation of the probable cause requirement – not because the phone records belong to you, but because of two circumstances: the records inherently lead to you and reveal your personal activities; and there has been no crime to activate the proper interest of government, even if it’s just potential interest, in your personal activities.
Records with personally identifying information contain the inherent bias of leading inevitably to you. It’s not like searching a storm drain for evidence. You can pull things out of a storm drain all day long and not encounter one speck of personally identifying information about anyone. Sometimes you get lucky, but more often, you don’t. With records from a phone company, you get lucky every time. The scope of what government needs to get lucky doing with those records thus needs to be severely limited.
This is where Judge Leon’s point about changes in technology comes in. It’s a window into the second of the two core issues, which is the issue of what constitutes public versus private “space” – or property, or activity – and how we see the “ownership” of that space. Technology has raised new questions about this; so has the War on Terror, and at approximately the same time.
From the War on Terror perspective, an important analogy I see, which apparently didn’t figure prominently in either judge’s thinking, is the analogy between the NSA surveillance program and the charter of the TSA. Airline travelers are searched regularly without probable cause, as a judge would require it to be defined for other purposes of law enforcement. Settling on this procedure was a combination of war-time exigency and politics: the Fourth Amendment is overlooked because of the threat of terrorism on commercial airline flights, but the common-sense expedient of profiling is rejected because of political concerns.
In the TSA case, however, the questions of what is private and who “owns” the non-personal space are at least relatively clear. No one doubts that the person and belongings of the traveler are his personal possessions, whereas the airport belongs to its owners, the airplane belongs to the airline, and the various levels of government, including the U.S. government, have established regulatory roles.
Those questions are murkier when it comes to cyberspace and our interactions with it. Judges can look for analogies to base rulings on, but a more basic question is whether we should be settling the issues that way. It is perfectly proper for the American people to decide that a judge may find something lawful, but that still doesn’t mean it’s OK for their government to do it. There’s more than one way to change or rein in what the government does.
Rethinking the rules
With the NSA surveillance program – as with street cameras, the automated issuance of traffic tickets, and helicopter and drone surveillance by law enforcement entities – we have changed the game. My argument is that it’s time for a change of rules. Instead of asking judges to keep trying to stretch analogies from the old rules – a process in which they are likely to give us a body of law we can’t live with – we need to take these questions up in our legislatures.
Courts may have ruled that phone records belong to the phone company, and that if law enforcement has probable cause to suspect a person of a crime, it can investigate the phone company’s records on him without violating the Fourth Amendment. But that doesn’t mean that any and all governments should have constant access to customer phone records maintained by all phone companies. It certainly doesn’t mean that governments should have constant access to the metadata, or any other data, relating to all communications, including emails and texts.
The latter is a leap well beyond probable cause, and it demands an answer to questions that do not belong with the courts. What basic level of activity do we accept from the government? Does government get to do everything that is not explicitly prohibited to it, or should it refrain from doing what is not explicitly permitted to it? The philosophy of the Ninth and Tenth Amendments would give the latter as the answer.
How, in general, do we define IT companies’ rights over their records? The customer’s rights? The government’s rights?
Equally important is the question whether there is a priori “ownership” of, or rights over, every record, activity, or other “event” that isn’t deemed to be inherently personal. (Of course, there’s also the evolving question of what’s personal and what isn’t.) There never used to be ways of recording and tagging almost everything that happened. Now there are. Does someone “own” the “events” that have thus been created? And if so, for what purposes?
What is our idea of “government” itself? Is it an entity that automatically owns or has rights over everything that doesn’t belong personally to us? Why should there even be such an entity? Why shouldn’t some questions of ownership, rights, and/or responsibility come up only if we have probable cause to suspect (a) a crime, and (b) a particular person’s involvement? Why shouldn’t the universe of “cyber-events” be something that the government, at least, has no prior rights over?
We don’t have accepted answers to these questions. And such answers won’t come from courts looking at laws that were written for a time when crude phone-company records represented the boundaries of what was technologically possible. Nor should the answers properly come from the extraordinary measures taken to fight a war.
The principle of probable cause will survive technological changes, although the criteria for it may evolve. But technology has brought us a new set of questions about what constitutes a justiciable event; what is public, private, and personal; and what rights and authorities we concede over such things to men and the state.
These questions, if they are not a job for a constitutional convention (and I’m open to suggestion on that), are at least a job for our legislatures. The people, not the courts, should speak on this one.