Liberty and Security in a Changing World: Report and Recommendations of the President’s Review Group on Intelligence and Communications Technologies
Remarks by the President on Review of Signals Intelligence
Report on the Telephone Records Program Conducted under Section 215 of the USA PATRIOT Act and on the Operations of the Foreign Intelligence Surveillance Court
When the secretive Foreign Intelligence Surveillance Court (FISC) first authorized the National Security Agency in May 2006 to collect and search the telephone metadata records of every American—including every number we call, how often we call, when we call, and how long we talk—it did not even write an opinion justifying its decision. Judge Malcolm J. Howard, one of eleven federal judges hand-picked by the chief justice of the Supreme Court to serve on the FISC, simply issued a secret ten-page order, largely comprised of the rules and regulations under which the program was to operate. The order included no discussion whatever of whether the program was constitutional. It asserted formulaically that the government had satisfied the requirements of Section 215 of the USA Patriot Act, but included no explanation of how the program did so.
This is surprising, because on its face, Section 215 would not seem to support the program. It authorizes the FBI, not the NSA, to obtain business records, and only if it can identify specific facts showing that the records are “relevant” to an authorized counterterrorism investigation. Yet the FISC order authorized the NSA, not the FBI, to collect not specific records relevant to a particular terrorism investigation, but all records of all Americans’ every phone call, without showing that any of them were connected to terrorism. Every ninety days thereafter, the FISC routinely—and secretly—reauthorized the program, again without any attempt to explain why it deemed the program lawful.
In fact, the FISC did not issue an opinion explaining its rationale until August 29, 2013, more than seven years after the program had been up and running—and two months after Edward Snowden had disclosed the program to the public. That the FISC would authorize such an unprecedented and sweeping surveillance program, affecting virtually every American, without even bothering to explain its rationale for doing so is emblematic of the problem with secret law in the post–September 11 era. As a rule, the FISC operates in secret, hears only from government attorneys, nearly always grants their requests, and does not publish its orders. The NSA similarly operates almost entirely in the dark. Formally established by a classified executive order in 1952, its existence and operations were so clandestine that the intelligence community wryly referred to it as “No Such Agency.” If your operations are secret, why would you feel any obligation to explain your rationale?
All that changed in June 2013, when Snowden brought the public into the conversation. The first of many NSA programs that Snowden revealed was its telephone metadata program. Within the United States, that program has generated the most attention (although the NSA’s even more expansive foreign surveillance has created a firestorm of controversy outside the US). Once American citizens learned that the NSA was collecting and searching records of every phone call they made, what had previously gone unquestioned suddenly prompted substantial soul-searching.
In December, a special panel of constitutional scholars and former national security officials appointed by President Obama issued a 303-page report asserting that the NSA’s surveillance, including but not limited to its metadata program, raised serious legal and policy concerns, and proposing forty-six reforms. The panel included constitutional law scholars Cass Sunstein and Geoffrey Stone; privacy expert Peter Swire; Richard Clarke, the former chief counterterrorism adviser to the National Security Council; and Michael Morell, the former acting director of the CIA.
Among other things, the expert panel recommended that the NSA no longer house the phone metadata, but that it be left in private hands, and that the NSA be permitted to access the data only upon specific court orders approving specific searches. On January 17, President Obama gave a major national speech on the subject. While he acknowledged the serious privacy concerns that the NSA’s activities raise, Obama adopted only a few of his expert panel’s recommendations, including the two noted above.
Just six days later, the newly created Privacy and Civil Liberties Oversight Board, an independent watchdog entity created by Congress and appointed by the president, issued its first-ever report, on the Section 215 program and the FISC. (The board included Patricia Wald, a widely respected former judge of the D.C. Circuit Court of Appeals.) Going further than the president or his expert panel, the board’s 234-page report declared that the NSA metadata program was not authorized by Section 215, found that it had produced little in the way of tangible security benefits, and recommended that the program be terminated.
The reports of the president’s expert panel and the Privacy and Civil Liberties Oversight Board are both impressive documents. The expert panel report ranges more broadly, addressing virtually all the NSA’s disclosed surveillance activities, and proposing widespread reforms. The Privacy Board’s more focused report is the single best account to date of how the NSA’s metadata program developed, of the legal and policy questions it raises, and of the striking absence of any evidence that it has delivered significant security benefits. Together, they make a persuasive case that the president’s proposed reforms are radically insufficient.
Both the Privacy Board and the expert panel found that the collection and analysis of vast amounts of metadata pose substantial risks to Americans’ privacy and freedom of association. As the expert panel noted, quoting the National Academy of Sciences, the “essence of the information age” is that everyone leaves
personal digital tracks…whenever he or she makes a purchase, takes a trip, uses a bank account, makes a phone call, walks past a security camera, obtains a prescription, sends or receives a package, files income tax forms, applies for a loan, e-mails a friend, sends a fax, rents a video, or engages in just about any other activity.
That metadata can reveal one’s most intimate associations, beliefs, and desires. If the government is free to gather and search everyone’s phone records, the panel reasoned, free society will be the loser:
Knowing that the government has ready access to one’s phone call records can seriously chill “associational and expressive freedoms,” and knowing that the government is one flick of a switch away from such information can profoundly “alter the relationship between citizen and government in a way that is inimical to society.”
The president’s expert panel avoided drawing any legal conclusions, deeming that outside its mandate. But the Privacy Board addressed those questions head-on, and with admirable clarity. The board makes a persuasive case that the metadata program never should have been authorized in the first place. As noted above, Section 215, a controversial Patriot Act provision, authorizes the FBI to obtain business records only if it can show a court that they are “relevant to an authorized [terrorism or foreign intelligence] investigation.” The government argued in secret that collecting all Americans’ phone records and maintaining them for five years was “relevant” to a terrorism investigation because at some future time it might want to search those records for links to as yet unidentified terror suspects. In other words, your and my phone numbers are “relevant” not because we have any connection to terrorism, but solely because the NSA might someday find it useful to search through them.
On this theory, the Privacy Board noted, “virtually all information may be relevant to counterterrorism and therefore subject to collection by the government.” Indeed,
while terrorists use telephone communications to facilitate their plans, they also write emails, open bank accounts, use debit and credit cards, send money orders, rent vehicles, book hotel rooms, sign leases, borrow library books, and visit websites.
On the government’s view, it could collect records on every American’s e-mail, Internet, banking, credit, and library activities, because at some point those records might be useful to a terrorism search. There is no limiting principle. But surely Congress meant to impose some limit when it authorized collection only of “relevant” records.1
The government rests its constitutional defense of the NSA program on a Supreme Court decision from 1979, Smith v. Maryland, which held that the police could use a device called a “pen register” to track the numbers a suspect dialed without obtaining a warrant. The primitive “pen register” merely recorded numbers dialed by a phone user; it did not indicate whether any calls were connected or any phone calls were received by the user. Invoking what has become known as the “third-party disclosure rule,” the Court in Smith reasoned that one forfeits one’s expectation of privacy concerning information one voluntarily shares with a third party; and one shares with the phone company the numbers dialed when one makes a call.
The Privacy Board noted that there is a world of difference between the simple pen register, installed for a couple of days, that was upheld in Smith, and the sophisticated NSA metadata program, which gathers five years of data on every American’s phone usage, combines it in a single database, and then searches through it for potential links to terrorism. In 1979, it was simply not possible to collect comprehensive phone records on every American and search them. Today, an NSA computer does it automatically.
Without advanced computers, the NSA could not conduct the “contact-chaining” searches in which it examines all numbers contacted by an initial “seed” number, and then all numbers contacted by the numbers that communicated with the “seed,” and then all numbers that those numbers called. The Privacy Board estimated that a single search beginning with one suspected phone number can easily generate 420,000 phone numbers (conservatively assuming that each number has had seventy-five distinct contacts over five years). That means that three hundred searches of the database in a given year will pull up over 120 million numbers. Once the NSA generates those numbers, it can search and mine them for any foreign intelligence purpose, without court review. One cannot know, but it seems unlikely that the decision in the Smith case would have been the same had it concerned a permanent program involving every American’s phone records and singling out the numbers of 120 million Americans every year.
Moreover, the Smith decision was based on the proposition that the numbers one calls are not as revealing of private information as the contents of a phone call. There was reason to question that even in 1979. Dissenting Justice Potter Stewart wrote then that a list of “the persons and the places called” could “reveal the most intimate details of a person’s life.” Today, there is far greater reason to question the distinction. Former NSA general counsel Stewart Baker has admitted that
metadata absolutely tells you everything about somebody’s life. If you have enough metadata, you don’t really need content…. [It’s] sort of embarrassing how predictable we are as human beings.2
And if that’s true of phone data, consider what the government could learn about you if it could obtain all your Internet, banking, e-mail, cell phone location, credit, hotel, hospital, and library records. If all such records were subject to the “third-party disclosure rule,” the government could, without any basis for suspicion, fairly quickly construct a portrait of anyone’s interests, associations, and shopping, reading, and viewing habits that would reveal more even than his or her closest friends and family members know. Nor is this entirely speculative. The NSA’s phone metadata program was modeled on an Internet metadata program that the government abandoned only in 2011. It could be revived at any time.
In light of Smith, the Privacy Board did not conclude that the metadata program is unconstitutional. It merely noted that the program raises substantial concerns about privacy and freedom of association, and that given the very different circumstances, those concerns are not readily resolved by a simple citation to Smith. The Supreme Court has frequently adapted Fourth Amendment doctrine to ensure that advances in technology do not eviscerate the privacy that the amendment was designed to protect. It has done so in cases involving wiretapping of telephone calls, the installation of a GPS to monitor travel, and the use of a beeper and a thermal imaging device to determine what was happening inside a house. It may well do so when and if the NSA metadata program reaches the Court. Two federal courts have already reached opposite conclusions about the program’s constitutionality, and both cases are being appealed.
But we ought not wait for the Supreme Court. The profound effects of the program on Americans’ privacy and freedom of association, the Privacy Board insisted, should cause Congress and the president to reassess the program today. Any such assessment necessitates a balancing of the program’s costs to our fundamental freedoms against the security benefits it provides. If the program is essential to maintain our way of life, the sacrifices might well be reasonable. Privacy is not an absolute right; the Fourth Amendment bars only “unreasonable” searches and seizures. The Court has always recognized that interests in privacy can be overcome by the government’s interest in law enforcement—usually at the point that the government obtains probable cause that one has committed a crime.
So what can we say about the effectiveness of the NSA metadata program? On this question, the Privacy Board’s report is devastating. The board had access to classified information, and held classified briefings with NSA and other security officials. It pointedly asked for evidence of the program’s utility. In its report, the board painstakingly analyzes each of the various “success stories” that the government has touted. Its conclusion could not be more stark:
We have not identified a single instance involving a threat to the United States in which the telephone records program made a concrete difference in the outcome of a counterterrorism investigation. Moreover, we are aware of no instance in which the program directly contributed to the discovery of a previously unknown terrorist plot or the disruption of a terrorist attack.
Reviewing seven years of the NSA amassing comprehensive records on every American’s every phone call, the board identified only one case in which the program actually identified an unknown terrorist suspect. And that case involved not an act or even an attempted act of terrorism, but merely a young man who was trying to send money to Al-Shabaab, an organization in Somalia. If that’s all the NSA can show for a program that requires all of us to turn over to the government the records of our every phone call, is it really worth it?
Apparently President Obama thinks it is. His speech, sandwiched between the reports of the expert panel and the Privacy Board, was, by comparison, deeply disappointing. He conceded that there is something disturbing about the extent of information about our private lives available in the digital age, and specifically acknowledged that “given the unique power of the state, it is not enough for leaders to say: Trust us, we won’t abuse the data we collect. For history has too many examples when that trust has been breached.”
But he proposed only minimal reforms, and left the bulk metadata program in place. He said that the NSA should be required to go to a FISC judge before searching the database, and that the database should be held by a private entity. But he left unspecified what that private entity would be, and many doubt he’ll be able to come up with one. The phone companies have already said they don’t want to be the repositories. And the bigger issue is not who holds the data, but the very fact that the government is engaged in the dragnet collection of data on all of us, rather than conducting the more traditional targeted searches that the Constitution has long required.
In his speech on intelligence gathering, Obama said nothing at all about many of the NSA’s most disturbing practices, including the vacuuming up of cell phone location data, e-mail address books, personal information collected by apps on mobile phones, and vast streams of data running between the overseas communications hubs of Google and Yahoo. He extended a symbolic olive branch to foreigners, saying they would benefit from some of the statutory privacy protections that Americans enjoy. But he did not advocate any change to the 2008 law that authorizes the NSA to listen in on foreigners’ phone calls and read foreigners’ e-mails based on nothing more than the suspicion that they are foreign nationals living outside our borders.
Obama’s speech did not satisfy many. It was roundly condemned in the United States and even more so abroad for not going nearly far enough to rein in the NSA. For real reform, we may need to look to Congress. The good news is that there is genuine bipartisan concern. Congress is considering a multitude of reform bills, but the leading and best one, cosponsored by Senator Patrick Leahy and Representative Jim Sensenbrenner, would, among other things, eliminate the bulk collection of metadata, instead requiring the government to show some specific connection between any records sought and a target of a particular investigation.
More broadly, all three branches of government—and the American public—need to take up the challenge of how to preserve privacy in the information age. George Orwell’s 1984, Ray Bradbury’s Fahrenheit 451, and Philip K. Dick’s The Minority Report all vividly portrayed worlds without privacy. They are not worlds in which any of us would want to live. The threat is no longer a matter of science fiction. It’s here. And as both reports eloquently attest, unless we adapt our laws to address the ever-advancing technology that increasingly consumes us, it will consume our privacy, too.
1 Two members of the Privacy Board, Rachel Brand and Elisebeth Collins Cook, dissented from this legal conclusion, but offered little more than general assertions that the government’s interpretation of the statute was “reasonable.” The dissenters did not respond in any direct way to the majority’s rationale for why the program was unauthorized by Section 215. ↩
Two members of the Privacy Board, Rachel Brand and Elisebeth Collins Cook, dissented from this legal conclusion, but offered little more than general assertions that the government’s interpretation of the statute was “reasonable.” The dissenters did not respond in any direct way to the majority’s rationale for why the program was unauthorized by Section 215. ↩