Friday, June 7, 2013

The missing check: the plaintiff's bar

The Guardian and the Washington Post broke blockbuster stories this week about the NSA using cooperative (some would say pliant) corporations to gather and mine electronic data such as phone records, emails, VOIP, etc.

Over at the Volokh Conspiracy, "national security conservative" Stewart Baker does his best to defend the NSA:
In short, there’s less difference between this “collection first” program and the usual law enforcement data search than first meets the eye.  In the standard law enforcement search, the government establishes the relevance of its inquiry and is then allowed to collect the data.  In the new collection-first model, the government collects the data and then must establish the relevance of each inquiry before it’s allowed to conduct a search.
If you trust the government to follow the rules, both models end up in much the same place.  I realize that some folks simply will not trust the government to follow those rules, but it’s hard to imagine a system with more checks and restrictions and doublechecks than one that includes all three branches and both parties looking over NSA’s shoulder.
In theory, you could add the check of exposing the system to the light of day, but that means wrecking much of its intelligence value. Or you could simply prohibit the collection-first model (and lose the ability to spot terrorism patterns by matching disparate bits of data). I doubt that those “solutions” are worth the price.
As usual, Mr. Baker is laughably incorrect. It's nice that he pays at least lip service to the idea of transparency before swatting it aside. But he hasn't thought it through. One of the major problems with the current legal apparatus is that judges on the FISA court are making secret interpretations of the law. Thus, people like Congressman James F. Sensenbrenner, who largely drafted the Patriot Act, can be "extremely disturbed" at the way it is being secretly used by law enforcement. This can happen because secret rulings provide no check on government power. If the FISA court judges deny a warrant or a request, the government will just tweak it and come back. Eventually the government will get what it wants because the FISA court judges, like everyone else, care more than anything about just being left alone.

And then, of course, there is the fact that the intelligence courts just kind of have to take the government's word on a lot of stuff. For example, there's a case from the FISA appeals court that rejects a brave service provider's Fourth Amendment challenge on behalf of its customers to a government directive to spy on them. Here's part of the reasoning:
The government assures us that it does not maintain a database of incidentally collected information from non-targeted United States persons, and there is no evidence to the contrary. 
In re Directives [redacted text] pursuant to Section 105B of the Foreign Intelligence Surveillance Act, 551 F.3d 1004, 1015 (2008). (You know you're in trouble when there's redacted information in the case title.) Well, at least now we know where to stuff those "government assurances."

The redacted nature of the opinion-making also leads to this:
A Parting Shot. The petitioner fires a parting shot. It presented for the first time at oral argument a specific privacy concern that could possibly arise under the directives. This parting shot may have been waived by the failure to urge it either before the FISC or in the petitioner's pre-argument filings in this court. We need not probe that point, however, because the petitioner is firing blanks: no issue falling within this description has arisen to date. Were such an issue to arise, there are safeguards in place that may meet the reasonableness standard. We do, however, direct the government promptly to notify the petitioner if this issue arises under the directives.[10]
Id.

I have never read a more Kafkaesque passage in the Federal Reporter. What was the "specific privacy concern" that the service provider raised at oral argument? Apparently even the argument is top secret, because the opinion doesn't say. (It's presumably explained in footnote 10, which is redacted.)

But let's leave aside transparency, because Mr. Baker completely ignores another obvious "check" that is missing against the NSA surveillance program: civil liability. In 2008, Congress passed a law (the FISA Act Amendments of 2008) providing blanket (and retroactive!) immunity for any one or any company who is sued "for providing assistance to an element of the intelligence community." 50 U.S.C. § 1885a(a). Such cases are to be "promptly dismissed." As a result, there isn't even a threat that Google, or Verizon, or any of the other companies that have been providing assistance to the NSA could be sued. If they are, they can just file a one page motion to dismiss and it will be immediately granted.

These companies are in the business of making money. The threat of huge class-action lawsuits can certainly provide a real check on their actions. But Congress removed that threat in 2008. Now the information companies have literally nothing to lose by cooperating with the government because they cannot be sued for doing so. On the other hand, the government can obviously drive up legal costs and threaten them with civil contempt if they don't cooperate. So it's no surprise that the government has now what it assured the FISA court it didn't have in 2008: a database of incidentally collected information from non-targeted United States persons.

1 comment:

Comments on posts older than 30 days are moderated because almost all of those comments are spam.