First things first: What's all the fuss about?
The discovery and publication of a top-secret court order, issued this April, compelling Verizon to turn over the telephone records of millions of its U.S. customers to the National Security Agency.
So, whoa, the government has been eavesdropping on our phone conversations?
Not quite (or not that we know of). The order calls for the turnover of metadata, the external information about the telephone calls. It specifically excludes the content of the call. As the order puts it, "telephony metadata does not include the substantive content of any communication, as defined by 18 U.S.C. 2510(8), or the name, address, or financial information of a subscriber or customer."
Then what kind of metadata was actually sought through the order?
The order compelled Verizon to provides the NSA with "all call detail records or 'telephony metadata' created by Verizon for communications (i) between the United States and abroad; or (ii) wholly within the United States, including local telephone calls."
Which includes, per the order:
- originating and terminating telephone number
- International Mobile Subscriber Identity (IMSI) number
- International Mobile station Equipment Identity (IMEI) number
- trunk identifier
- telephone calling card numbers
- time of call
- duration of call
As the New Yorker's Amy Davidson summed it up: "The government seems to have a list of all the people that Verizon customers called and who called them; how long they spoke; and, perhaps -- depending on how precise the cell-phone-tower information in the metadata is, where they were on a given day."
So how do we know about all this?
The order, now that I look at it, is dated April 25 -- which is just 10 days after the Boston bombings. Could there be any connection there?
Unlikely. In fact, very unlikely. The order is one piece of evidence for a surveillance program that seems to have been ongoing since 2006. It's a program that, from what we know so far, is renewed every 90 days. As Senator Diane Feinstein said of the document, "As far as I know, this is the exact three-month renewal of what has been in place for the past seven years."
Who in the government might have access to the metadata being gathered?
The order itself directs that the records be provided to the NSA. Then again, there seems to be nothing in the document that would explicitly prohibit the NSA from sharing the data with other agencies. There's also nothing in the order specifying limitations on who can access the data within the NSA itself.
Basically, the government is binge-watching Americans.-- pourmecoffee (@pourmecoffee) June 6, 2013
What has the government, as far as we know, been doing with the metadata it's gathered?
Very generally, it seems that the information is being put to use in the name of counter-terrorism. (As Feinstein put it: "It's called protecting America.")
In terms of the specifics, though, we don't precisely know how the metadata is being employed. At least in theory, that kind of information is mostly useful for identitying associations and networks of people who may be engaged in criminal activities.
How is the Obama Administration explaining and trying to justify all this?
This way, according to talking points sent to Marc Ambinder:
* On its face, the order reprinted in the article does not allow the Government to listen in on anyone's telephone calls. The information acquired does not include the content of any communications or the name of any subscriber. It relates exclusively to metadata, such as a telephone number or the length of a call.
* Information of the sort described in the Guardian article has been a critical tool in protecting the nation from terrorist threats to the United States, as it allows counterterrorism personnel to discover whether known or suspected terrorists have been in contact with other persons who may be engaged in terrorist activities, particularly people located inside the United States.
* As we have publicly stated before, all three branches of government are involved in reviewing and authorizing intelligence collection under the Foreign Intelligence Surveillance Act. Congress passed that act and is regularly and fully briefed on how it is used, and the Foreign Intelligence Surveillance Court authorizes such collection.
So this would seem to be a continuation of Bush-era surveillance policies.
Okay, but ... seriously, how is this not a violation of the Fourth Amendment?
So the Fourth Amendment generally requires that the government obtain a warrant when it's seeking private information about individual citizens. And the warrant, in turn, should be granted based on probable cause. There's a slight exception to that broad approach, though. Many Supreme Court rulings have held that you don't have a reasonable expectation of privacy when it comes, specifically, to information you share with a third party.
And the courts have now applied that standard to other areas. Which generally makes sense, except for one substantial tension. As David Cole, a Georgetown law professor who focuses on national security and constitutional law, told me: "Basically, everything you do now shares information with a third party." The numbers you dial on the phone, the amount of time you spend on the phone, the location from which you make a phone call -- all of that, because of how our technologies and businesses are structured, is de facto shared with the third party that is your phone company.
And the rub, as Cole explains it, is that the Fourth Amendment doesn't limit the government's ability to obtain any of that third-party information. Bank records, credit card records, Internet searches: none of that, on its own, has protection under the Constitution.
How is it that a FISA court -- a court established under the auspices of the "Foreign Intelligence Surveillance Act" -- is authorizing the government to monitor metadata from domestic calls?
This is where things get dicier. FISA, which was adopted in 1978 and has been amended several times since then, permits the U.S. government to obtain records that are related to a target of a foreign intelligence investigation. While "foreign" can be defined fairly broadly, it's notable -- and legally questionable -- that the FISA court order, in this case, includes purely domestic surveillance.
Furthermore, FISA, as it's been widely understood, has allowed governments to gather third-party information in response to investigations into individuals' actions. It's unclear in this case how that translates, legally, to the kind of collective surveillance the NSA seems to be engaged in.
I keep reading about the PATRIOT Act. How does that fit into all this?
A section of the PATRIOT Act -- section 215, to be precise -- is what's ultimately guiding the legal affordances here, at least as the Administration is interpreting them. (You may know the section as the "library records" provision, named that way because of the breadth of personal information that can be investigated under its auspices.) Section 215, following the terror attacks of September 11, expanded the powers of the Foreign Intelligence Surveillance Court (the court that, in this case, issued the Verizon order). It established a process, through that court, for compelling businesses to turn over records that may be relevant to the gathering of foreign intelligence or the prevention of international terrorism.
The Director of the Federal Bureau of Investigation or a designee of the Director (whose rank shall be no lower than Assistant Special Agent in Charge) may make an application for an order requiring the production of any tangible things (including books, records, papers, documents, and other items) for an investigation to protect against international terrorism or clandestine intelligence activities, provided that such investigation of a United States person is not conducted solely upon the basis of activities protected by the first amendment to the Constitution. ``(2) An investigation conducted under this section shall-- ``(A) be conducted under guidelines approved by the Attorney General under Executive Order 12333 (or a successor order); and ``(B) not be conducted of a United States person solely upon the basis of activities protected by the first amendment to the Constitution of the United States.
`(b) Each application under this section-- ``(1) shall be made to-- ``(A) a judge of the court established by section 103(a); or ``(B) a United States Magistrate Judge under chapter 43 of title 28, United States Code, who is publicly designated by the Chief Justice of the United States to have the power to hear applications and grant orders for the production of tangible things under this section on behalf of a judge of that court; and (2) shall specify that the records concerned are sought for an authorized investigation conducted in accordance with subsection (a)(2) to obtain foreign intelligence information not concerning a United States person or to protect against international terrorism or clandestine intelligence activities.
So am I reading right that it's basically one judge who makes the ultimate decision about the legality of proposed surveillance?
And that judge's decision, in turn, would come down to how he or she defines "relevance"?
Sort of. Though we're not (yet?) privy to the original argument the government made to this particular judge, in this particular case, it seems that the logic here is based on the idea that the "tangible evidence" from Verizon is directly relevant to an ongoing investigation -- ostensibly, an investigation into terror threats.
But if that's the argument the government is making, David Cole notes, that's a very, very broad interpretation of the law as it stands. Particularly given the fact that the order involves records of wholly domestic calls.
In other words: it would seem to violate, pretty much any way you look at it, the spirit of the law, if not the letter. As Amy Davidson puts it, "The sophistry lies in pretending that 'metadata' is just about the transaction with Verizon -- the business -- rather than about the privacy of the callers."
But wait -- the transaction with Verizon. Does this mean that Verizon customers were singled out here? If I'm a T-Mobile customer, I haven't been surveilled?
Probably not. Again, the court order Greenwald obtained is only one document of what would seem to be many; it's highly likely that AT&T and other carriers have been on the receiving end of similar orders. "Which means," Cole says, "that they are sweeping up this phone data on all of us, all the time."
Do we know for sure that Verizon did, in fact, comply with the order?
No, not for sure. We haven't seen specific evidence that it fought the order; then again, though, we've seen very little evidence at all when it comes to the surveillance.
Let's say Verizon didn't comply. What recourse would it have had, in that case? Would it realistically be able to refuse the order?
It could challenge the order in court, before the same judge who ordered it. It could have engaged in what Marc Rotenberg, executive director of the Electronic Privacy Information Center, has called "adversarial proceedings."
So should we be outraged by all this?
That's your choice, fellow citizen! There is certainly a national security argument to be made for this kind of ongoing tracking of telephonic metadata. And it's significant that the order, as written, doesn't allow for the surveillance of calls' content.
Then again, there's the fact that it took an unauthorized leak for us to know about our call information being monitored in the first place. You could see the situation the way David Cole does: "This is one order, but it authorizes data taken from millions of customers." You could also focus on the idea that, as Cole puts it, "Every time an American picks up the phone, they're sharing that fact with the National Security Agency."
And what about the person or people who gave the order to The Guardian in the first place?
According to NBC's Pete Williams, "It seems highly likely this will trigger a leak investigation."
We want to hear what you think about this article. Submit a letter to the editor or write to firstname.lastname@example.org.