In October 2003, Congress voted to end Total Information Awareness (TIA), a Pentagon plan designed to analyze vast amounts of computer data about all of us in order to search for patterns of terrorist activity. At the time, the vote in Congress seemed one of the most notable victories for privacy since September 11. Computers record virtually everything we do these days—whom we call or e-mail, what books and magazines we read, what Web sites we search, where we travel, which videos we rent, and everything we buy by credit card or check. The prospect of the military and security agencies constantly trolling through all of this information about innocent citizens in hopes of finding terrorists led Congress to ban spending on the program.
Admittedly, much of the credit for TIA’s defeat has to go to the Pentagon’s public relations department, which not only gave the program its less than reassuring name, but also came up with a logo consisting of a pyramid topped by a large, digitized eye and the Latin motto Scientia Est Potentia, or “Knowledge Is Power.” George Orwell and Michel Foucault could hardly have done better. It also helped that the Pentagon’s Defense Advanced Research Projects Agency (DARPA), which developed the plan, was headed by John Poindexter, who had been convicted of lying to Congress in the Iran-contra affair, and whose conviction had been overturned on appeal only on a technicality. The vote to kill TIA came shortly after DARPA floated the idea of creating a market for betting on terrorist attacks and other disasters. Still, the fact that Congress rejected TIA seemed to suggest that it was willing to stand up for privacy even in the face of the threat of catastrophic terrorism.
But reports of the death of TIA were greatly exaggerated. Federal programs to collect and search vast computer databases for security purposes continue virtually unabated, inside and outside the Pentagon. The congressional ban did not apply to the Pentagon’s classified budget, so the military’s development of programs to collect and analyze computer data has simply moved behind closed doors. Congress has directed the Department of Homeland Security to develop “data mining and other advanced analytic tools…to access, receive and analyze data, detect and identify threats of terrorism against the United States.” And with federal funding, several states are cooperating in the Multistate Antiterrorism Regional Information Exchange System, or MATRIX, which links law enforcement records with other government and private databases in order to identify suspected terrorists.
The private firm that is running MATRIX, Sesint, based in Florida, previously compiled a “terrorist index” of 120,000 persons using
such factors as age, gender, ethnicity, credit history, “investigational data,” information about pilot and driver licenses, and connections to “dirty” addresses known to have been used by other suspects.
Thus, despite the apparent victory for civil libertarians in stopping TIA itself, data mining remains a central instrument in the government’s response to the threat of terrorism. As a special committee appointed by Defense Secretary Donald Rumsfeld wrote in its recently released report, “TIA was not the tip of the iceberg, but rather one small specimen in a sea of icebergs.”
“Data mining,” the computerized analysis of extensive electronic databases about private individuals for patterns of suspicious activity, is just one example of the threats to privacy that Americans have faced following the terrorist attacks of September 11, 2001. Since then, through the USA Patriot Act and various executive initiatives, the government has authorized official monitoring of attorney– client conversations, wide-ranging secret searches and wiretaps, the collection of Internet and e-mail addressing data, spying on religious services and the meetings of political groups, and the collection of library and other business records. All this can be done without first showing probable cause that the people being investigated are engaged in criminal activity, the usual threshold that must be passed before the government may invade privacy.
Of course, these laws and policies merely authorize such snooping. They do not compel it. The administration’s message since September 11 has been “trust us.” President Bush and Vice President Dick Cheney say that critics have cited “no abuses” of the USA Patriot Act, as if to suggest that absence of visible abuse shows that we can trust them. But the “no abuses” defense is fundamentally misleading in two respects.
First, there have in fact been abuses of the Patriot Act. In June, a jury in Idaho acquitted Sami Omar al-Hussayen, an Idaho student charged under the Patriot Act for aiding terrorism because he had a Web site that included links to other Web sites that included some speeches endorsing terrorism. The government never even alleged, much less proved, that al-Hussayen had intended to further any terrorist activity. Under its theory, any posting of a link to a Web site advocating terrorism is a violation of the Patriot Act’s ban on providing “expert advice and assistance” to designated “terrorist organizations.” If that’s true, The New York Times could be prosecuted for including a link to Osama bin Laden’s latest recorded message, and it would be no defense to show that the link was posted solely for educational purposes.
In another case involving the same Patriot Act provision, the Humanitarian Law Project, a human rights group in Los Angeles, faces the threat of criminal prosecution for advising a Kurdish group in Turkey on protecting human rights. The project has provided the training precisely to discourage violence and to encourage the pursuit of lawful means to advance Kurdish rights in Turkey. Yet the administration claims that it can prosecute such human rights advocacy as “material support of terrorism,” even though it consists solely of speech and is not intended to promote violence. The courts have thus far ruled that the Patriot Act’s application to such activity is unconstitutional, but the Bush administration is appealing.
Similarly ominous is the case of Khader Hamide and Michel Shehadeh, two longstanding permanent resident aliens from Palestine now in Los Angeles.1 They have lived in the US for more than twenty-five and thirty years, respectively, and have never been charged with a crime. The administration is trying to deport them under the Patriot Act for having distributed magazines of a PLO faction in Los Angeles during the 1980s. The government does not dispute that it was entirely lawful to distribute the magazines at the time, or that the magazines are themselves legal and available in libraries across the country. Yet it claims that under the Patriot Act, it can retroactively deport the two Palestinians for engaging in activity that would plainly be protected by the First Amendment if engaged in by US citizens.
Still another provision of the Patriot Act allows the government to freeze the assets of any person or entity it chooses, simply by claiming that he or it is under “investigation.” It can then defend the action in court with secret evidence, presented to the court in a closed session but not disclosed to the entity or person whose assets have been frozen. The Bush administration has used this authority to close down three of the largest Muslim charities in the United States, without ever having to prove that they actually financed terrorism, and without affording the charities an opportunity to defend themselves.
In July, the administration invoked the Patriot Act to deny entry to Tariq Ramadan, a highly respected Swiss-born Muslim scholar. Ramadan, a moderate hired by Notre Dame to fill a chair in international peace studies, was apparently excluded under a Patriot Act ban on those who “endorse terrorism.” The administration has refused to specify his allegedly offending words.
And in September, a federal court in New York ruled that the FBI’s enforcement of still another Patriot Act provision squarely violated the First and Fourth Amendments. The court ruled that the provision, which authorizes the FBI to compel Internet service providers to turn over information about their customers, is invalid because it prohibits the provider from disclosing to anyone—even a lawyer—that the FBI request was made, and effectively precludes any judicial review.
So the first problem with the administration’s claim that there have been no abuses under the Patriot Act is that it is simply false. There have been plenty of abuses.
The second problem is more insidious. Many of the Patriot Act’s most controversial provisions involve investigative powers that are by definition secret, making it literally impossible for abuses to be uncovered. For example, the act expanded the authority to conduct wiretaps and searches under the Foreign Intelligence Surveillance Act (FISA) without having to show probable cause of criminal activity. We know from a government report that the number of FISA searches has dramatically increased since the Patriot Act was passed, and for the first time now exceeds the number of conventional wiretaps authorized in criminal cases. Yet that’s all we know, because everything else about FISA searches and wiretaps is secret.
The target of a FISA search is never notified, unless evidence from the search is subsequently used in a criminal prosecution, and even then the defendant cannot see the application for the search, and therefore cannot test its legality in court. When the attorney general uses conventional criminal wiretaps, he is required to file an extensive report listing the legal basis for each wiretap, its duration, and whether it resulted in a criminal charge or conviction. But no such information is required under FISA. The annual report detailing use of the criminal wiretap authority exceeds one hundred pages; the report on the use of FISA is a one-page letter.
Another provision of the Patriot Act radically expands the government’s ability to obtain personal business records without showing probable cause. Before the Patriot Act was passed, the government had to limit its inquiries to a specific set of financial, phone, and travel records, and these could be obtained only if the target was an “agent of a foreign power.” The Patriot Act expanded the definition of records that may be seized, so that it now includes, among other things, library and bookstore records and medical files. And it eliminated the requirement that the person whose records are sought be an “agent of a foreign power.” Now the government can get anyone’s records. Here, too, the authority is veiled in secrecy. The Patriot Act makes it a crime for the person or organization ordered to produce records to tell anyone about the request. The act does not require the government to notify people whose records have been reviewed, and does not require that any report of its activities be made available to the public.
The Internet service provider that brought the successful challenge to the Patriot Act described above had to violate the law’s nondisclosure provision to do so, and the lawsuit itself had to be filed in secret until the court allowed its existence to be acknowledged.
I represent both men as well as the Humanitarian Law Project, mentioned above.↩
I represent both men as well as the Humanitarian Law Project, mentioned above.↩