​Perhaps you had other things to do during last week’s House Judiciary hearing, “A Continued Pattern of Government Surveillance of U.S. Citizens.” So here’s a summary: The Judiciary’s Subcommittee on Crime and Federal Government Surveillance brought together witnesses from across the political spectrum (including PPSA’s own Gene Schaerr) to identify potential solutions to the ongoing (and growing) problem of Fourth Amendment abuse by government entities.
 
At the heart of the discussion was the need to import probable cause warrants – the key requirement of the Constitution’s Fourth Amendment – to the practice of federal agencies freely accessing our international communications, as well as our personal, digital data.
 
Witnesses effectively rebutted the fearmongering campaign by the intelligence community to convince us that a warrant requirement for federal surveillance of American citizens is too onerous, and too dangerous to entertain. But the most effective remarks came from a Member of the committee.
 
Rep. Brad Knott (R-NC), a former U.S. Attorney for the Eastern District of North Carolina, addressed the issue of warrant requirements with the assurance of a former federal prosecutor. He spoke of what it took for him to get permission to “flip the switch” on some of the most “intrusive” forms of wiretapping American citizens.
 
“So you have to demonstrate necessity,” Rep. Knott said. “You have to demonstrate why other techniques are futile … the rigor we had to exercise was very important … it kept the internal investigators accountable.”
 
Rep. Knott said the warrant process made sure investigations were “open and honest.” Investigators knew “that their actions were going to be subject to pen and paper. They were going to be subject to judicial review … and opposing counsel.”
 
Given the clarity and accountability added by warrants, Rep. Knott added:
 
“It’s amazing to me that there’s so much resistance to the warrant requirement alone.”
 
Throughout the 90-minute hearing, Members and witnesses stressed one thing:
 
The countdown clock is ticking on what may be our last, best chance at meaningful reform – including the adoption of a warrant requirement for U.S. citizens when Section 702 of the Foreign Intelligence Surveillance Act (FISA) comes up for renewal next year (it’s due to sunset in April 2026).
 
Section 702 is the legal authority that allows federal intelligence agencies to spy on foreign targets on foreign soil. But it also “incidentally” picks up the international communications of Americans, which can then be warrantlessly inspected by the FBI and other agencies.
 
Section 702 got a lot of airtime at the hearing and was frequently linked with the words “loophole” and “backdoor.” The Reforming Intelligence and Securing America Act (RISAA) of 2024 attempted to fix Section 702 – and did add some useful reforms – but it also left a loophole in which the FBI and others attempt to justify warrantless backdoor searches on Americans’ private communications.
 
For the FBI in particular, this has become the go-to means to warrantlessly develop domestic leads.
 
“Three million times they did [backdoor searches] in 2021,” lamented Judiciary Chairman Jim Jordan (R-OH). Or, as James Czerniawski of Americans for Progress, put it: “Time and time again we have caught the intelligence community with their hand in the constitutional cookie jar.”
 
Members and witnesses alike also addressed a privacy crisis even greater than Section 702 – the routine purchases made by federal agencies of Americans’ private digital information from data brokers.
 
ACLU’s Kia Hamadanchy reminded the subcommittee that the kind of data that can be bought and sold would be, in the words of a former CIA deputy director, “top secret” sensitive if gathered by traditional intelligence means. It would have to be kept “in a safe,” not in a database.
 
The hearing also got at what many consider the underlying issue driving the new era of surveillance. Namely, the acknowledgment that we increasingly live not in one world, but two – our physical reality and its digital twin. But unlike our world, the laws governing how the Fourth Amendment should be applied in the digital context are largely unwritten. In other words, said Rep. Andy Biggs (R-AZ), it’s the “Wild West.”
 
And Ranking Member Rep. Jamie Raskin (D-MD) added, “New technologies make it a lot harder to reign in government intrusion in the lives of the people.” The unwitting result? “We live in a modern, albeit consensual, surveillance state,” declared Phil Kiko, principal at Williams & Jensen and former Judiciary counsel.
 
With any luck, things might be different a year from now when FISA is up for renewal, thanks to a U.S. District Court ruling in January.
 
“To countenance this practice,” of warrantless surveillance, wrote the court, “would convert Section 702 into … a tool for law enforcement to run ‘backdoor searches’ that circumvent the Fourth Amendment.”
 
That legal precedent didn’t exist when the last Congress debated FISA reforms. Emboldened by this landmark decision, Reps. Jordan and Raskin are pledging to once again work together in a bipartisan spirit to win this fight. Their continuing partnership captures the spirit of the subcommittee’s hearing and should give reformers a renewed sense of hope.

​Congratulations to Director of National Intelligence Tulsi Gabbard for launching a serious effort at intelligence community (IC) reform.
 
On Tuesday, Director Gabbard announced a “Task Force to Restore Trust in the Intelligence Community and End Weaponization of Government Against Americans.” Rather than saddle Washington with an unwieldy new acronym, TFRTICEWGAA, this task force will be known as the Director’s Initiatives Group (DIG).
 
“I established the Director’s Initiative Group to bring about transparency and accountability across the IC,” Director Gabbard said in a statement.
 
She lists many DIG priorities that are familiar hobby horses of this administration, though they are admittedly responses to deep and serious abuses – from official and secret government censorship during the Biden administration, to weaponization of government for political purposes.
 
What we find most intriguing about DIG is its charge to engage in mass declassification. We’ve long called out the absurd lengths the federal government goes to stamp “classified” on even the most innocuous documents, often in conflict with executive orders to declassify.
 
In this new effort we see enormous potential for DIG to inform Congress and the American people of key facts regarding oversight of intelligence community programs. A few are:
 

• How many Americans (or “U.S. Persons”) by year have had their communications warrantlessly collected and reviewed by federal agencies under FISA Section 702, a law meant to allow surveillance of foreign targets on foreign soil?
• How many times has evidence gleaned from Section 702 been used by prosecutors against American criminal defendants? Was the origin of such evidence revealed to those defendants’ counsels?
• How much money does each federal intelligence and law enforcement agency spend on purchasing the private and sensitive data of Americans from third-party data brokers?
• Who are the data brokers who sell this information to the government?
• How does each agency use this information obtained without warrants?

 
For years, PPSA has used FOIA and legal action to try to force the government into revealing how often it has “unmasked” – or internally revealed the identity – Members of Congress whose communications get picked up in surveillance. We also want to know if the agencies are using these surveillance authorities, whether Section 702 or purchased data, to surveil Members of Congress on the House and Senate Judiciary and Intelligence Committees, those with specific oversight of the intelligence community.
 
Director Gabbard has undertaken a strong and necessary corrective within the intelligence community – and one from the top, no less. Despite her position, she will no doubt encounter resistance and obfuscation along the way. But if she presses forward, Director Gabbard can reinforce the power of Congress to create guardrails and constitutional protections on programs that operate in near darkness.

​On a summer day in 1915 a commercial attaché for the German embassy fell asleep on a train, only to awaken with jolt to realize he was at his stop. In his haste to depart, the diplomat left behind his briefcase – stuffed with all the details of Germany’s clandestine spy ring against the United States and plans to cross America’s northern border to wage mayhem against British Canada. An American agent tailing the German made the correct decision to grab the case rather than continue to follow his target.
 
This is just one of the engrossing stories in The Triumph of Fear, a new book by Patrick Eddington, senior fellow in homeland security and civil liberties at the Cato Institute. Eddington traces the trajectory of rising government surveillance from the Spanish-American War under William McKinley to the Cold War under Dwight D. Eisenhower. Along the way, Eddington details how the interception of telegrams and the passage of the 1917 Espionage Act set the legal and institutional basis for today’s surveillance state and the government’s digital spying on the American people.
 
The contents of the diplomat’s briefcase proved the Woodrow Wilson administration was right to be paranoid about Germany’s intentions. But almost all of Germany’s covert actions were conducted by German agents and nationals, not by sympathetic Americans. This did not keep President Wilson from tarring Americans who objected to the U.S. entry into the war or who opposed the draft by peaceful, political means as traitors. President Wilson said:
 
“There are citizens of the United States, I blush to admit, born under other flags but welcomed under our generous naturalization laws to the full freedom and opportunity of America, who have poured the poison of disloyalty in the very arteries of our national life … to debase our politics to the uses of foreign intrigue.”
 
In service of this all-out war on dissent, Wilson secured passage of the Espionage Act, which continues to give the government broad powers to prosecute Americans for being perceived as helping hostile powers. One official warned “postal employees to be on the lookout for material that might ‘embarrass or hamper the government.’” Before long, the government had created an informal, national network of snitches, a milder version of the later East German Stasi apparatus. The precursor of the FBI, the Federal Bureau of Investigation, had been reading telegrams from Western Union and major communications providers since the Spanish-American War.
 
Few Americans of stature objected. One of them, Sen. Robert LaFollette, the progressive Republican from Wisconsin, warned Americans that “private residences are being invaded, loyal citizens of undoubted integrity and probity arrested, cross-examined, and the most sacred constitutional rights guaranteed to every American citizen are being violated.”
 
The courts were no bulwark against this trashing of the Constitution. The U.S. Supreme Court upheld the conviction of Charles Schenck for mailing leaflets to draft-age men asking them to take political action to oppose the draft. Before long, the government felt free to deport anarchist Emma Goldman and put Eugene Debs, the socialist candidate for president, in prison for opposing the war. Eddington writes:
 
“The American national security state, created in peace and vastly expanded during war, would now become a permanent feature of national life, complete with enduring, draconian national security laws.”
 
If you want to know how we got here, Triumph of Fear is an entertaining read and an essential one. It also casts a mirror on the current state of surveillance and speech. Today, as in the Wilson era, we are challenged to separate explicit calls from violence from controversial speech. Today, as then, the government warrantlessly inspects Americans’ movements, associations, and statements, but with infinitely more precision and more data than could be reaped just by reading telegrams.

​Jeremy Bentham, the Enlightenment era philosopher of utilitarianism, sketched out the concept of a Panopticon – a prison designed to keep inmates under constant inspection by guards. 

What are the psychological consequences of knowing that one is being watched constantly? Last year we reported that SciTechDaily reported on an Australian study revealing that people who know they are being surveilled become hyperaware of faces, recognizing others faster than a control group. They become a little jumpy, always on the lookout to categorize someone as benign or a potential threat.

And those results came from knowing that one is being surveilled by a camera. What happens to the mental health and social life of people who are being watched not only by gear and gadgets, but also by government agents tailing them everywhere? Imagine putting out the garbage, going to a store, or picking up the kids from school only to see a familiar stranger across the street watching you.

This is the fate of “defector families” in North Korea. When someone defects from North Korea, the government punishes the defector’s relatives by subjecting them to persistent, relentless surveillance.

NK News profiles one such family who went through elaborate procedures to obtain internal travel documents to attend a family wedding. They turned back when they realized that their wedding party would also include a full complement of government agents tailing them and recording their every utterance and move.

“They went home to avoid making their relatives uncomfortable or causing problems on such an important day,” NK News reported.

A source told an NK reporter:

“These people live in an invisible prison, constantly anxious because everything they do is being watched. This surveillance and pressure cause severe psychological pain. One defector’s family described their difficulties, saying they must live their entire lives feeling like criminals from the moment they’re branded as having a defector relative. They gradually began avoiding people because having every breath, meal, and word monitored and reported became unbearable.”
​
The United States is not North Korea. But we should not kid ourselves that the mounting surveillance of Americans – by facial recognition, by the tracking of our phones and cars, by the purchasing of our personal data – is free of a psychological cost.

​If this were a political thriller, “Quiet Skies” might be Russia’s clandestine government surveillance program being used to eliminate enemies of the state by poisoning their tea with polonium every time they take a flight.

In reality, “Quiet Skies” is the Transportation Security Administration’s secret spying program for the Air Marshal Service. First outed by the Boston Globe in 2018, Quiet Skies singles out potentially dangerous flyers for close attention and inspection (“enhanced observation”).

Enhanced observation is a 45-minute process that squeezes every inch of clothing, inspects the lining of suitcases, and requires a live review of every electronic device (meaning take it out, turn it on, and hand it over). Two bomb-sniffing canine teams and a plainclothes TSA supervisor may also be involved and, in the sky, up to three Air Marshals are tasked with watching these suspected passengers’ every move.

“SSSS” is TSA’s boarding pass designation for this treatment, which suggests that no focus groups or historians were consulted beforehand.

Such inspections in many cases are undoubtedly necessary to track bad actors intent on doing harm to the United States. As people who fly often with our family members, we are glad the government is on the lookout for the next potential shoe-bomber. Whistleblowers have indicated that the program, however, is also being abused as a means of targeting political opponents rather than as a $400-million-dollar anti-terrorist safety net.

Just ask Tulsi Gabbard, who was targeted in 2024 after returning from Rome with her husband. By then, of course, the Iraq War veteran and former Democratic representative had become the Biden Administration’s persona non grata du jour after she endorsed and campaigned for Donald Trump.

With Gabbard now the Director of National Intelligence, we hope that Rep. Tim Burchett’s (R-TN) request for answers as to why Gabbard was targeted will now see the light of day. Was she simply unlucky in being randomly chosen for this treatment, which has happened to one of us?
​
If politics is involved in any way, that would be a very serious misuse of security policy. You don’t have to be a fan of Director Gabbard to see how such an authority could be misused by any administration in any direction. Employing such tools to surveil political opponents is how republics fall.

As facial recognition and biometric scanning systems expand to 400 U.S. airports, Sen. Jeff Merkley (D-OR) is asking if this could be the beginning of a U.S. surveillance state.
 
In a video interview with Philip Wegman of RealClearPolitics, Sen. Merkley said:
 
“I'm concerned about the way facial recognition is used to encroach upon freedom and privacy around the world. We see China enslaving a million Uyghurs, and a tool they use is facial recognition software. It's so inexpensive and pervasive; if you put that power in the hands of a government, you can't know where it's going to go.

“This is not the kind of tool you want to give to the government in a free country. You would never know you have the ability to opt out at any airport where they're doing this program."

​Imagine a law enforcement agent – an FBI agent, or a detective in a large police department – who wants to track people passing out leaflets.
 
Current technology might use facial recognition to search for specific people who are known activists, prone to such activity. Or the agent could try not to fall asleep while watching hours of surveillance video to pick out leaflet-passers. Or, with enough time and money, the agent could task an AI system to analyze endless hours of crowds and human behavior and to eventually train it to recognize the act of leaflet passing, probably with mixed results.
 
A new technology, Vision Language Models (VLMs), are a game-changer for AI surveillance, as a modern fighter jet is to a biplane. In our thought experiment, all the agent would have to do is simply instruct a VLM system, “target people passing out leaflets.” And she could go get a cup of coffee while it compiled the results.
 
Jay Stanley, ACLU Senior Policy Analyst, in a must-read piece, says that a VLM – even if it had never been trained to spot a zebra – could leverage its “world knowledge (that a zebra is like a horse with stripes.)” As this technology becomes cheaper and commercialized, Stanley writes, you could simply tell it to look out for kids stepping on your lawn, or to “text me if the dog jumps on the couch.”
 
“VLMs are able to recognize an enormous variety of objects, events, and contexts without being specifically trained on each of them,” Stanley writes. “VLMs also appear to be much better at contextual and holistic understandings of scenes.”
 
They are not perfect. Like facial recognition technology, VLMs can produce false results. Does anyone doubt, however, that this new technology will only become more accurate and precise with time?
 
The technical flaw in Orwell’s 1984 is that each of those surveillance cameras watching a target human required another human to watch that person eat, floss, sleep – and try not to fall asleep themselves. But VLMs make those ever-watching cameras watch for the right things.
 
In 1984, George Orwell’s Winston Smith ruminated that:
 
“It was terribly dangerous to let your thoughts wander when you were in a public place or within range of a telescreen. The smallest thing could give you away. A nervous tic, an unconscious look of anxiety, a habit of muttering to yourself – anything that carried with it the suggestion of abnormality, of having something to hide." 
 
Thanks to AI – and now to VLMs – the day is coming when a government official can instruct a system, “show me anyone who is doing anything suspicious.”
 
Coming soon, to a surveillance state near you …

​Here's a philosophical question for you: If no one searches for the information stored in a database, does that mean the information doesn't exist? It may be right there – where Column 32 meets Row 743 – but if no one has executed a search, has it been “found” or “seen” yet? Does it even exist? Now hang on to that curious idea for a moment and we’ll circle back.
 
Recall that we recently commended the nonprofit periodical Cardinal News for publishing an investigative series on the growing use of surveillance technology by local police in Southwestern and South Central Virginia.
 
As part of their investigation, Cardinal News drove through nearly 20 cities, towns, and counties, then used Virginia’s Freedom of Information Act (FOIA) to request the video surveillance data of their vehicle. And what was the result of these FOIA requests?
​

• Three entities complied in a timely manner.
• Two declined the requests.
• Several asked for more time (as the law allows).
• And two are taking them to court.

The city of Roanoke and the Botetourt County Sheriff want the City Circuit Court to rule whether they “really have to” provide the data Cardinal News requested. In their complaint, Roanoke and the Botetourt Sheriff make three less-than-compelling arguments:

1. Virginia’s FOIA statute says that new records do not have to be created in order to comply with a request. The plaintiffs claim that executing a search to find the requested information equates to creating a new record – and therefore they don’t have to do it. As we said at the beginning, what a curious idea. It seems to us that a search doth not a record make. Like the sound of the proverbial falling tree in the forest, the record in the spreadsheet already exists whether or not it’s looked at. One hopes, of course, the City Circuit Court will recognize this fallacy for what it is when it takes up the case this month.
   
   
2. The government plaintiffs define all license plate data as “investigative” – by default. Conveniently, they claim their contract with Flock Safety (who owns the cameras and stores the data) prohibits them from performing non-investigative searches. It may be that Roanoke and the county sheriff are anticipating a law that does not go in effect until next year. The recent Virginia statute that allows the use of these camera systems expressly exempts such data from being subject to FOIA requests: “System data and audit trail data shall not be subject to disclosure under the Virginia Freedom of Information Act.” But that’s next year, and this is now.
   
   
3. The government plaintiffs are also arguing that fulfilling FOIA requests (at least in Virginia) is a felony under state law – at least when a computer and any personally identifiable information is involved. This approach strikes us as a dubious read of the actual statute, which applies only when someone uses a computer to effect “material artifice, trickery or deception” (Virginia Code § 18.2-152.5:1). Giving the sheriff your license plate number and asking to see when and where you were being recorded is not going to send the responding official to prison.

A final note: As Cardinal News points out, Virginia law says computers can’t be used to gather identifying information – i.e., account numbers, credit card numbers, biometric data, fingerprints, passwords, or other truly private information. “That’s what the statute is protecting,” the newspaper argues. In other words, the law is not meant to protect you from your own license plate number.
 
Where does such chutzpah come from? This FOIA response perhaps shows that local government is learning from the mental gymnastics and rhetorical sleights-of-hand that federal agencies have mastered in fobbing off lawful requests.
 
We look forward to seeing how these too-clever-by-half arguments will fly in front of a Virginia judge. Stay tuned.

​As we’ve reported, the Corporate Transparency Act (CTA) requires owners of America’s 33 million small businesses to report detailed personal data on anyone with at least a 25 percent stake in their company. This law represents that most dangerous of all mixtures – overreach and nonsense.
 
The stated purpose of this law is to catch crooks. So the ownership disclosure requirement in effect says:
 
“Dear Terrorist (or Cartel Member or Money Launderer), would you kindly tell us who owns at least 25 percent of your company? Having this information would make building a case against you so much easier.
So please check this box if you’re a criminal – Sincerely, the Feds.”
 
Such unassailable logic reminds us of the old standup routine that advises people to check their closets before bedtime for a possible axe murderer while he’s still hiding. Do that and you will be safe... somehow.
 
Fortunately, CTA’s days may be numbered. Rep. Warren Davidson (R-OH) has re-introduced what he calls the “Repealing Big Brother Overreach Act.” (A better name might be “Repealing the ‘Do You Think Criminals Are That Stupid Act’?”)
 
Not only does the Corporate Transparency Act fail to accomplish what it sets out to do (catch criminals), it also targets a completely irrelevant group in the process – the average American small business owner, forcing him or her to register with a massive federal database that can be accessed without a warrant. Your local barbershop, accountant’s service, and gym are the targets. Big businesses, financial entities, and more are exempt from CTA’s provisions, which only threatens small business owners with large fines and two years in prison if they don’t comply.
 
It doesn’t make sense that you can stop terrorists, drug dealers, and money launderers by going after honest small businesses. If this “beneficial ownership” provision ever went into effect, it is highly likely that the first fines and prosecutions would be against honest business owners who missed the filing deadline rather than a terrorist or money launderer.
 
PPSA believes that the government’s insatiable hunger to track ordinary Americans is the real intent behind this law. This is all in keeping with the recent extension of surveillance over Americans’ financial transactions. In the meantime, and thanks to a flurry of back-and-forth court rulings (see our filing before the 11th Circuit Court of Appeals) as well as new guidance from the Treasury Department, reporting beneficial ownership information is currently voluntary. As of today, no penalties will be associated with failing to report.
 
Treasury is also recommending a rule revision that limits the reporting requirements to foreign entities only. The stars seem to be aligning in favor of Rep. Davidson’s bill, with Alabama Republican Tommy Tuberville sponsoring it in the Senate. If this bill makes it to the Resolute Desk, President Trump is all but certain to sign it.
 
But now is the time to keep the pressure on. Let your representatives in the House and Senate know that you support the “Repealing Big Brother Overreach Act.”

​Americans value privacy in the marketplace when we vote with our dollars no less than when we go behind the curtains of a polling booth.
 
Now imagine if every dollar in our possession came with an RFID chip, like those used for highway toll tags or employee identification, telling the government who had that dollar in their hands, how that consumer spent it, and who acquired it next.
 
That would be the practical consequence of a policy proposal being promoted now in Washington, D.C., to enact a Central Bank Digital Currency (CBDC). Some have recently asked Congress to attach such a currency to the Bank Secrecy Act, to enable surveillance of every transaction in America.
 
Such a measure would end all financial privacy, whether a donation to a cause, or money to a friend. “If not designed to be open, permissionless, and private – resembling cash – a government-issued CBDC is nothing more than an Orwellian surveillance tool that would be used to erode the American way of life,” said Rep. Tom Emmer (R-MN).
 
This would happen because CBDC is a digital currency, issued on a digital ledger under government control. It would give the government the ability to surveil Americans transactions and, in the words of Rep. Emmer, “choke out politically unpopular activity.”
 
The good news is that President Trump is alert to the dangers posed by a CBDC. One of his first acts in his second term was to issue an executive order forbidding federal agencies from exploring a CBDC.
 
But the hunger for close surveillance of Americans’ daily business by the bureaucracy in Washington, D.C., is near constant. There is no telling what future administrations might do. Rep. Emmer reintroduced his Anti-Surveillance State Act to prevent the Fed from issuing a CBDC, either directly or indirectly through an intermediary. Rep. Emmer’s bill also would prevent the Federal Reserve Board from using any form of CBDC as a tool to implement monetary policy. The bill ensures that the Treasury Department cannot direct the Federal Reserve Bank to design, build, develop, or issue a CBDC.
 
Prospects for this bill are good. Rep. Emmer’s bill passed the House in the previous Congress. It doesn’t hurt that Rep. Emmer is the House Majority Whip and that this bill neatly fits President Trump’s agenda.
 
So there is plenty of reason to be hopeful Americans will be permanently protected from a surveillance currency. But well-crafted legislation alone won’t prevent the federal bureaucracy from expanding financial surveillance, as it has done on many fronts. PPSA urges civil liberties groups and Hill champions of surveillance reform, of all political stripes and both parties, to unite behind this bill.

​Credit Rep. Anna Paulina Luna (R-FL) for leading a task force of the House Oversight Committee to declassify federal secrets, including files concerning the assassinations of John F. Kennedy, Robert F. Kennedy, and the Rev. Martin Luther King Jr. The scope of Rep. Luna’s inquiry, approved by committee Chair James Comer (R-KY), will also examine the reach of Jeffrey Epstein’s vile activities, as well as government records on unidentified aerial phenomenon.
 
We urge Chairman Comer, Rep. Luna, and the other members of her task force to consider including in their declassification task force another matter of deep interest to the American people – key facts that reveal the extent of the American surveillance state and, especially, the extent to which it surveils Americans.
 
Digital Data Purchases
 
One area ripe for investigation is the common government practice of purchasing the personal digital data of Americans, scraped from apps and sold by data brokers. The FBI, IRS, Department of Defense, and Department of Homeland Security routinely buy our most sensitive and personal information and examine it without a warrant.
 
We urge Rep. Luna to work to unearth:

• The identity of the data brokers, foreign and domestic, who sell Americans’ information to the government.

 

• Estimates of the number of individual Americans whose personal information is purchased.

 

• The categories of purchases made that give the government access to our familial, romantic, professional, religious, and political associations.

What Is the Proposed “Fix” in the “Make Everyone a Spy” Law About?
 
Another area that cries out for transparency was the subject of a measure passed by Congress last April, which is widely called the “Make Everyone a Spy.” This law broadens the definition of an “electronic communications service provider” to practically any business or house of worship that offers free Wi-Fi. Falling under this definition obligates a business to secretly spy on its customers for the National Security Agency.
 
At the time of passage, Congress promised to narrow the scope of this law to types of companies defined in rulings by the Foreign Intelligence Surveillance Act (FISA) Court that were previously excluded from this law. This fix was nixed in the House, leaving the most expansive version of the law imaginable, hence the popular moniker – Make Everyone a Spy.
 
These companies are widely believed – and even hinted at in open debate on the Senate floor – to be providers of cloud storage.
 
We urge Rep. Luna and her colleagues to work to make public the nature of the proposed legislative fix. Such a disclosure would inform future debate in Congress over the scope of this ECSP provision, which has enormous implications for Americans’ privacy.
 
Topline Numbers on FISA Section 702
 
Yet another area that needs greater transparency is the impact of government surveillance under FISA Section 702. This law was enacted by Congress to enable surveillance of foreigners on foreign soil. But in recent years it has been used to search for the communications of millions of Americans “incidentally” caught up in this foreign surveillance program.
​

• We urge Rep. Luna to dig out the number of Americans who have had their communications searched under FISA Section 702 by the FBI.

This information is essential for an informed debate when Congress next considers the reauthorization of Section 702 in early 2026.
 
Spying on Members of Congress
 
There are also clear signs the intelligence agencies have spied on Members of Congress by “unmasking” their identities in foreign communications, and possibly examining their communications by tapping into the “upstream” backbone of the internet.
 
We urge Rep. Luna to:
​

• Work to release records on the “unmasking,” “upstreaming,” or purchasing of personal data by the NSA, CIA, or FBI of 48 current and recent members of committees with oversight responsibilities over the intelligence community, ranging from Marco Rubio to Devin Nunes, and Elise Stefanik.

Years of Freedom of Information Act requests and subsequent lawsuits by our organization and our civil liberties peers have rarely been met with substantive answers. There is no reason why the Congress and the American people do not already know the answers to these questions, none of which would compromise national secrets or intelligence “sources and methods.”
 
Chairman Comer, Rep. Luna, and the other members of the task force have a priceless opportunity to use their deep dive into the government’s sea of secrets to inform Congress and the American people of the nature and extent of federal surveillance of Americans.

​When CNN last week filed a Freedom of Information Act (FOIA) request asking for details about the Department of Government Efficiency (DOGE) and who has been granted access to sensitive or classified government documents, the news organization says it received an anonymous response from an Office of Personnel Management email account.
 
“Good luck with that,” the reply said, “they just got rid of the entire privacy team.”
 
So how outraged are we as a civil liberties organization that often files FOIA requests over the firing of very people who process our requests?
 
Not very. To be candid, PPSA has a higher level of concern over the change of the New York Yankees’ facial-hair policy, although we are split internally between a pro-beard and anti-beard faction.
 
The reason for our insouciance is that while privacy personnel in government offices scrupulously acknowledge receipt of our filings, the follow-up is always a ramshackle mess usually leading to a dead end. Deadlines mandated in statute are routinely ignored. And when the government does deign to answer us, it comes back with something called a “Glomar response.” This is a judicially created doctrine from the 1970s – created in response to reporting on the CIA’s recovery of a sunken Soviet submarine with nuclear-tipped missiles – that allows agencies to issue a non-response response.
 
Glomar responses, once uncommon, are now the boilerplate answer for most of our FOIAs.
 
This happened most recently when PPSA filed a FOIA request asking the National Security Agency to produce records showing how much money it spent buying Americans’ personal digital data, the size of the dataset purchased, and the sources of the data.
 
In July, NSA gave us a classic Glomar response, that it cannot disclose “the existence or non-existence” of the requested information. The government usually shrugs off our lawful requests for information by issuing a Glomar response.
 
When we sought dollar amounts of NSA spending on purchases of Americans’ personal information, and who is selling it to them, the NSA’s Glomar response also included a statement that it had not performed a records search – as required by the FOIA law. Riddle me this: How did the NSA know that these documents merited the hush-hush, top-secret Glomar response, previously reserved for the recovery of Soviet nuclear tipped missiles, if the agency didn’t even search for them?
 
Another one of our FOIA requests: We asked the government to reveal top-line facts about purchases about surveillance of Members of Congress who served on committees with oversight of the intelligence communities?
 
Glomar response.
 
Another one: Can the government reveal how many times it has “unmasked” – or internally identified – Members of Congress caught up in foreign communications?
 
Glomar response.
 
And then there is this middle-finger response from the Department of Justice to another one of our FOIA requests. They sent us 40 completely redacted pages to a FOIA request, with only one line unredacted: “Hope that’s helpful.”
 
We are sorry people in the privacy offices of the government are losing their jobs. We appreciate that they don’t make policy, just execute it, although that responder at Justice – who didn’t have the guts to sign his or her name – should probably find employment elsewhere, preferably a junkyard. We hope the rest of these government employees will be happier in public or private-sector jobs that actually do something for somebody.

​It is always refreshing to thumb through a court opinion that reads like an Elmore Leonard novel. For example, in a recent opinion of the Eleventh Circuit Court of Appeals, one defendant is also known as “a.k.a. Baldhead, a.k.a. Ball Head.” And the opinion contains numerous references to whether “a cup of ice” is code for an ounce of meth, and to extensive evidence presented in court – guns, money, dope, a gold necklace seized from a home – that could provide props from Netflix’s Narcos.
 
Our guess is that the several defendants in this case, whose convictions were mostly upheld by the court, did not earn enough merit badges to become Eagle Scouts. But they are still Americans with constitutional rights. And, for the good of us all, they should get the same protections of the Fourth Amendment as the rest of us.
 
Did they?
 
Here are the facts: The home of one Rolando Williamson in Birmingham, Alabama, was persistently surveilled by pole cameras from October 2018 through August 2019. The cameras warrantlessly recorded the comings and goings of Williamson and his visitors nonstop, including his front and back yards – the area often referred to in Fourth Amendment law as the home’s “curtilage.” 
 
On the basis of this persistent recording of a home, the government performed a sting operation and followed up with warrants to search Williamson’s home. We agreed with three out of six judges on the First Circuit Court in a similar case, Moore v. United States, that a “reasonable expectation of privacy” was violated when the government placed a pole camera in front of a woman’s home for eight months.
 
In this case, the Eleventh Circuit ruled that similarly persistent surveillance did not violate the Fourth Amendment. The court reasoned that, because one of the cameras overlooked the public street in front of Williamson’s home, and the other recorded the exposed and publicly viewable backyard, the cameras “could view only what was visible from the public streets in front of the house and the public alley behind it.”
 
The court rejected the defense’s comparisons to the U.S. Supreme Court’s Carpenter v. United States (2018), which found a Fourth Amendment violation in law enforcement’s seizure of a suspect’s location history from a cellphone tower. The court also asserted that this case did not resemble United States v. Jones (2012), in which the Supreme Court held that attaching a GPS device to a vehicle amounted to a search requiring a warrant.
 
“By contrast, a pole camera does not track movement,” the Eleventh Circuit found. “It does not track location. It is stationary – and therefore does not ‘follow’ a person like a GPS attached to his vehicle.” Moreover, “the Carpenter decision concerned a technology that is meaningfully different than pole cameras. Pole cameras are distinct both in terms of the information they mine and the degree of intrusion necessary to do so.”

We question the court’s conclusion about the narrowness of data mined by a pole camera. A persistent camera does track movement of residents and their visitors in and out of a home. It potentially reveals a target’s political, religious, and romantic interests. Watching the movements for months around the curtilage of a home – which is highly protected in Fourth Amendment law – is in fact very intrusive.
 
These are ripe questions for future cases. As for the Eleventh Circuit, it declared that it is not making a general rule on the constitutionality of pole cameras. State and federal courts remain divided on that question. And it is a question that will not go away. From pole cameras to drones, aerial panoramas from balloons that can loiter for months, and other persistent forms of surveillance, the courts – and likely, the Supreme Court – will need to set a rule on these forms of outside-in surveillance.
 
To see that they do, PPSA will be looking to provide legal support in cases that present the best fact patterns. 

For almost 70 years, the President’s Intelligence Advisory Board (PIAB) has advised U.S. Commanders-in-Chief on the effectiveness of the country’s intelligence operations. President Donald Trump recently announced his PIAB roster, chaired by his longtime ally, former Congressman and House Intelligence Committee Chairman Devin Nunes.
 
In Nunes, Trump has chosen a super-utility player when it comes to evaluating the efficacy and integrity of the intelligence community. When Nunes was Chair, the Department of Justice surreptitiously collected data on multiple committee staffers – an unlikely coincidence given that Nunes was then investigating the FBI’s suspicious interest in Trump’s 2016 campaign, and clashing with the Justice Department and the FBI. Chairman Nunes was vocal and effective in exposing government surveillance abuses.
 
That experience alone makes Nunes a good choice to chair PIAB, as he understands firsthand the dangers of surveillance overreach in domestic contexts. Yet he’s also strong when it comes to spying on other countries, having vigorously supported the renewal of Section 702 of the Foreign Intelligence Surveillance Act (FISA) in 2018.
 
Such balance is needed on this advisory board. When advising the president on intelligence matters, we urge the new PIAB to assess three well-documented misuses and abuses:

1. FISA Section 702: Invaluable for tracking foreign spies, it has long been used for unbridled surveillance of Americans on American soil. The ongoing abuse of Section 702 calls out for substantive reforms to shore up Fourth Amendment rights, including a warrant requirement for searches of Americans’ data.
   
   
2. The dangerous expansion of FISA’s Electronic Communication Service Provider standard – meaning the network/server user data of churches, law offices, gyms, department stores, campaign offices, car dealerships, you name it – can be spied on by the government without restriction. Some in the House blocked a promise made in the Senate’s passage to narrow this overreaching surveillance of Americans. Today, almost every free, business Wi-Fi network Americans use can be repurposed to spy on them. 
   ​
   
3. Commercially Available Information sold to federal agencies. At present, third-party data brokers may sell sensitive personal information (scraped from our apps, for example) to government intelligence and law enforcement agencies – from Americans’ financial and bankruptcy records, health and mental health issues, browsing and location histories. Virtually every aspect of our personal online identities can be acquired by the government, without cause or a warrant.

Other members of the newly-announced board include:

• Scott Glabe, Homeland Security alumnus
• Amaryllis Fox Kennedy, former CIA officer
• Wayne Berman of the Blackstone, Inc.
• Reince Priebus, former White House Chief of Staff
• Robert O’Brien, Former National Security Adviser
• Katie Miller, former Communications Director for Mike Pence

Given the experience of this team, we have high hopes they will bring balance to the board’s investigations and deliberations. Biden’s PIAB sidestepped calls for serious reforms of Section 702, despite being presented with evidence detailing more than 278,000 instances of rules violations by the FBI.
 
With President Trump’s stated goal that PIAB should “restore integrity” to the Intelligence Community, we urge the president’s PIAB appointees – who certainly have their work cut out for them – to do exactly that. They should begin by recommending specific measures to reign in the FBI’s rampant surveillance of Americans.

​At a time when quality journalism is believed to be dead, PPSA is finding incisive local reporting on how city by city, county by county, state by state, the elements of a national surveillance state are being put into place. Journalists are reporting on the alarming growth of surveillance networks, the generous federal and state funds and grants that fuel this growth, the impacts of surveillance on the rights of everyone, and on the privacy of the vulnerable.
 
***
 
One exemplar of local reporting is Cardinal News of Virginia, which is releasing an investigative series on the creeping emergence of comprehensive surveillance throughout the southern portion of that state.
 
The Cardinal article begins by asking: “So if the question is, ‘Who's watching me?’ The answer is: practically everyone.” Its reporters and editors reached out to 100 law enforcement agencies in Southwest and Southside Virginia, from county sheriffs’ offices to big city police departments.
​

• Cardinal found that 81 of 100 police agencies use some form of public surveillance that records and gathers data on citizens with no specific investigatory predicate.
  
  

What is happening in this portion of Virginia is happening everywhere. This is not the result of some nefarious scheme but rather the natural outgrowth of understaffed local law enforcement looking to use surveillance technology to plug the gaps and catch bad guys. These elements – automated license plate readers, facial recognition software, drones and other technologies – can all connect and share data, slowly knitting together a national system of surveillance. Add the power of artificial intelligence, and the means are being put in place to follow people by their movements, their activities, their associations, and their beliefs.

Who is paying for this? “A funny thing happened on the way to defunding the police,” is how the newspaper archly puts it. Cardinal reports the federal American Rescue Plan of 2021, meant to provide a large array of technology and body armor for police, is a major funder of the rollout of local surveillance technology. In addition to state funds, other journalists trace money for surveillance systems to HUD grants and federal funds provided to states meant for covid relief.
 
This federal and state largesse is funding the regional network of automated license-plate readers. With this technology, AI creates “vehicle fingerprints,” unique characteristics that include characteristics such as vehicle color, roof racks, and bumper stickers. This technology can be used to track robbers, abductions, confused elderly drivers, but also everyone else as they come and go from churches, mosques, gun stores, political rallies, and mental health clinics.

***
 
Todd Feathers of Gizmodo walked the streets of Toledo, Ohio, to survey the results of comprehensive surveillance – in this instance, streaming live images of residents of public housing complexes straight to police headquarters.
 
“This kind of surveillance has become the norm in Toledo, where living in subsidized housing now means being watched outside your home day and night by an officer you can’t see or speak to,” Feathers reports. He adds that this is the result of the city’s contract with Fusus, “a company whose controversial technology enables cops to access live streams from private camera networks that opt in to the system.”

• Feathers reports that in the first ten months of 2024, Toledo police spent a cumulative 3,822 hours – the equivalent of 159 days – watching live streams from 23 Fusus-enabled cameras aimed at one public housing complex.

 

• Officers spent 18,751 hours streaming live camera feeds from 275 cameras at 12 apartment complexes. That was twice as much time as they spent watching the other 439 Fusus-enabled cameras spread throughout Toledo combined.

“This data really illustrates the risks associated with this type of surveillance,” said Beryl Lipton, a senior investigative researcher with the Electronic Frontier Foundation, interviewed by Feathers. “The idea that people who are already in a vulnerable space in their housing development are subject to increased levels of surveillance simply because that is where they live really highlights how inequitable and unjust these applications of surveillance can be.”
​

• Only 20 percent of the city’s crime occurred within half a mile – a wide buffer zone – of one of the 12 housing complexes, according to police data on homicides, shootings, aggravated assaults, robberies, thefts from vehicles, and car thefts. But 66 percent of the time a Toledo officer streamed a live feed through Fusus, the camera was at one of the 12 developments.

Feathers concludes that “an important public safety decision – where police should focus their attention – is increasingly determined not by where crime happens, but by which private entities have chosen to pay thousands of dollars to join Fusus’s surveillance network.”
 
Worse, the local ACLU reports that the Toledo police lack a detailed policy of what officers can and can’t use these Fusus-enabled cameras for, set limits on how long footage collected through Fusus can be stored, and state whether anyone outside the Toledo Police Department is allowed to access the camera systems or recorded footage, and under what circumstances.
 
***
 

Gizmodo reported that when the Fusus contract came up for a vote before the Toledo city council, not a single council member asked police a question about how that technology might be used.
 
There are signs, however, that many local and state leaders are beginning to ask deeper questions and show a willingness to halt the expansion of surveillance. We reported earlier that in Virginia, state House Majority Leader Charniele Herring, a Democrat, advanced a bill that would also have enabled a dramatic expansion of cameras on state highway rights-of-way.
 
She argued that her bill would put “guardrails” on the use of surveillance. The bill failed in committee, 9 to 6 against the bill, with both Democrats and Republicans siding for and against Leader Herring’s bill.
 
Leader Herring’s bill did, in fact, include many useful guardrails, such as a 30-day limit on retaining license plate images, requiring reasonable suspicions of a major crime or incident before accessing the data, an audit trail for use, and making misuse of the system a Class I misdemeanor. Yet her bill still failed.
 
Perhaps this vote points to a new skepticism, a willingness by policy makers to slow down and think through the implications of this massive surveillance rollout. As policymakers deliberate, we hope they will continue to be informed by more good reporting like that of Cardinal News and Gizmodo.

​“I have as much privacy as a goldfish in a bowl,” Princess Margaret once said, despairing of the paparazzi. Now, thanks to the Home Secretary of the United Kingdom, you too can feel like royalty.
 
The British government has recently issued a secret order demanding a backdoor to all of Apple’s encrypted communications.
 
From time to time in the United States the Justice Department has demanded that Apple help it jailbreak a suspect’s iPhone. Apple stoutly refuses to bend the knee, knowing that granting one such demand would create a backdoor that would destroy Apple’s privacy promise forever. Since 2022, Apple has allowed users to opt for Advanced Data Protection in which no one but the user can access encrypted messages on iMessages.
 
Now London is not demanding, as the Justice Department did, to force Apple to create backdoors to individual accounts of suspected criminals. Instead, London is demanding backdoor access to all encrypted material – messages, texts, and images – stored on the cloud by all Apple customers around the world, including U.S. citizens.
 
“The British government’s demand is breathtaking by comparison,” said Erik Jaffe, President of PPSA. “It is nothing less than internet imperialism.
 
“We had a revolution, left the British Empire, and adopted the Fourth Amendment in part because of the abusive, unreasonable, and warrantless searches performed by agents of the Crown,” Jaffe said. “We should not tolerate the reimposition of such British high-handedness.”
 
Meredith Whittaker, president of the nonprofit Signal app, told The Washington Post, “If implemented, the directive will create a dangerous cybersecurity vulnerability in the nervous system of our global economy.” Given the breathtaking scope of this order, it is likely only a matter of time before similar orders will be directed at Meta’s encrypted WhatsApp backups. Signal and Telegram services might be next.
 
This is a terrible precedent with terrible consequences. With the UK now demanding a backdoor, expect China and other authoritarian regimes to follow suit.
 
The witless Whitehall nanny-staters overlook the value of encryption in protecting dissidents from tyrants, journalists from homicidal cartels, and even law-enforcement itself from organized criminals and state actors. Once this backdoor gets into the wild – and it will – women and children will have far less protection against stalkers and abusers. Inventors and businesses will also be exposed to industrial espionage by competitors and China. Everyday consumers who simply value their privacy will be betrayed.
 
It is out of concern for the human right to privacy that the European Court of Human Rights rejected a Russian law that would have broken encryption. Now, what Vladimir Putin could not achieve, the British government is happy to do for him.
 
This is just the latest sign that official attitudes toward personal privacy have crossed a threshold into authoritarian thinking. There is nothing shocking or unusual about privacy in communications. It has been the de facto rule for most person-to-person communications for all of human history. Once a government whets its appetite for your personal information, it will almost always seek more.
 
“Efforts to give the government back-door access around encryption is no different than the government pressuring every locksmith and lock maker to give it an extra key to every home and apartment,” Jaffe said.
 
Now the same country that celebrates the declaration of Sir Edward Coke, a 17th century jurist who declared that every person’s home is his “Castle and Fortress,” is busy forging digital keys.
 
PPSA urges the U.S. government to exert its diplomacy and defend Americans’ privacy.

​Following the New Year’s Day terrorist attack that left 14 dead, New Orleans is correct to, in the words of Homeland Security’s Eric DeLaune, “put a fresh set of eyes” on security plans for Sunday’s Super Bowl. But not all of those eyes will be human, and that’s not a reference to the 100 bomb-sniffing canines on duty.
 
The Superdome’s managing company has hired AI giant Dataminr to cast a virtual dragnet across the online world, looking for patterns that might suggest trouble is brewing. Throughout the weekend, the company will scrape more than a million sources of data (social media posts, traffic camera footage, dark web forums, and more) to feed its generative AI tool. Dataminr will then alert Superdome officials if it detects any potentially alarming patterns emerging from the data – all within 60 seconds of the real time event, according to the company’s own site.
 
The New Year’s Day attacker took advantage of a preventable lapse in physical security and planning – incomplete bollard installation, non-use of temporary barriers, ignored warnings, and good old-fashioned mismanagement. As they should, lawsuits aplenty are being filed. So revisiting such risks for the Super Bowl is warranted – banning drones, adding law enforcement, limiting traffic, restricting area access, requiring credentials. Add to those precautions snipers, National Guard members, SWAT vehicles, blast barriers, and giant X-ray machines.
 
All of that represents a suitably robust response. But the hiring of Dataminr and its “million-source-scrape” is a technological response of such astonishing scale that it risks going beyond proactive into the realm of paranoia. It should be even more alarming given that this represents a public-private partnership, as the Superdome is indirectly owned by the State of Louisiana.
 
What will happen with all that data, most of which will presumably not be needed for any legitimate safety concerns? No one knows, but in the past such data was used to report constitutionally-protected free speech to the U.S. Marshals Service and George Floyd protest details to police departments.
 
So be careful what you post on your social media accounts if you show your face at this Super Bowl Weekend. Big Brother and his algorithms will be watching – and collecting what they see.

​“Flock Safety” has nothing to do with birds. It is a corporation that is a $3.5 billion-dollar pillar of the burgeoning surveillance industry.
 
Flock’s particular surveillance niche is automated license plate recognition, and their cameras currently operate in more than 40 states, 4,000 cities, and 5,000 separate law enforcement agencies.  
 
The influence of this corporation is growing. In a recent Virginian-Pilot article, Peter Dujardin calls attention to a bill being considered by the state’s General Assembly. Put forth by House Majority Leader Charniele Herring, the legislation would authorize expanded reliance on Flock Safety cameras on state highways, representing a massive expansion of this surveillance technology (important given that Virginia has the nation’s third-largest state highway system).
 
To her credit, Rep. Herring’s bill also includes important privacy protections. These include:

• Formally codifying a 30-day limit for storing license plate images.
• Specifying that the database associated with this new system can only be used by law enforcement if there is reasonable suspicion in cases involving criminal investigations, missing persons, and alerts about fugitives or stolen vehicles.
• Requiring authorities to maintain an audit trail showing who accessed the system, and to annually report how the database was used, including the demographics of those charged as a result of its use.
• Making misuse of the system a Class 1 misdemeanor (keeping tabs on love interests, for example).

 
The Virginia bill is to be lauded for including these guardrails. Yet it still lacks what is arguably the most important safeguard – requiring a search warrant to access the database, as required by the Fourth Amendment to the Constitution. So it remains the case that in places like Norfolk, where a staggering 172 Flock Safety cameras easily track the city’s 238,000 residents, authorities can still freely access the image database, no warrant or other valid justification required.

We are fast approaching a tipping point between Fourth Amendment privacy rights and an unfettered technocratic surveillance state in the mold of Xi’s China – called a panopticon in which a citizen’s every move is monitored just in case. As we have written before, there is a proper place for surveillance systems. The targeted use of surveillance – with probable cause and a court-issued warrant – is necessary, productive, and constitutional.
 
But what’s happening in Virginia and elsewhere is tantamount to general surveillance because of its scale and accessibility. Using license plate readers on a vast statewide highway network is casting an enormously wide net, and with that comes the risk of overreach.
 
Good intentions mean little to someone whose life is torn apart when they are unjustly accused of a crime – all because authorities trusted a still-developing and largely unrestrained technology to make the call.
 
The constitutional right to privacy inherently includes the right not to be constantly watched and continuously tracked, by default, and for no just reason.

The U.S. Fourth Circuit Court of Appeals in Richmond, Virginia, heard oral arguments Thursday in United States v. Chatrie, a case that poses an important question at the heart of a dramatic split with the Fifth Circuit: Do geofence warrants violate the Fourth Amendment?

In that hearing, Judge James Andrew Wynn had a message for law enforcement, that warrants “don’t mean you can’t do your job. It means you need probable cause with particularity to be able to get information. And when we as a court begin to rewrite the Constitution so that we can allow law enforcement officers to do that which the Supreme Court has already told us they cannot do – that’s a problem.”

This case started in 2019 when a bank robber absconded with $200,000 from Call Federal Credit Union in Midlothian, Virginia. With no leads to speak of, investigators turned to Google, requesting location information for everyone within a 150-meter radius of the bank at roughly the time of the crime.

Police eventually landed on Okello Chatrie as the prime suspect, but only after searching the location information of 19 people, some dining at a Ruby Tuesday’s and some staying at a nearby Hampton Inn. Chatrie attorney Michael Price told the court that the government might as well have searched the apartments of anyone within that given area – which should be flatly prohibited under the particularized warrant requirements of the Fourth Amendment.

Chatrie eventually reached a plea agreement with the government but appealed a federal district court ruling denying his motion to suppress the geofenced information. A Fourth Circuit panel initially rejected Chatrie’s argument based, in part, on his voluntary exposure of data to the tech giant. He did this via the opt-in function on his phone, which – let’s be frank – is a legal vulnerability that most consumers fail to understand. PPSA filed an amicus brief in support of an en banc rehearing, which the court agreed to and held on Thursday.

Judge Harvie Wilkinson described far-reaching ramifications of taking away the geofencing tool. He said: “Next time, it's not going to be just a bank robber. It could be a murder. It could be a terrorism attack. I don't think you realize just how much you're taking off the table in terms of the tools that law enforcement can use in the most serious of situations."

But Judge Wynn disagreed, noting: “The result does not drive the means. If we are going to do the police's job, then let's just declare the Fourth Amendment nonexistent and just say anytime you want to do a search, just do it.”

PPSA has demonstrated that the non-particularized digital dragnets across a 17.5-acre swath of land and the subsequent search of the private data of those within that area is the technological descendant of the “general warrants” of the colonial era. In last year’s United States v. Jamarr Smith, the Fifth Circuit came to a similar conclusion, writing that the “use of geofence warrants – at least as described herein – is unconstitutional under the Fourth Amendment.”

It will likely be up to the Supreme Court to bridge this chasm between the Fourth and Fifth Circuits. The Court’s leanings are clear. In Carpenter v. United States (2018), the Supreme Court found that the government must obtain a probable cause warrant before reviewing a suspect’s location history emitted by a cellphone. Why shouldn’t similar reasoning apply when it comes to geofence warrants that cover millions of innocent people?

PPSA will continue to echo Judge Wynn’s pointed critique, who concluded:

“If we do this, we’re the ones who are going to broaden it. And the broadness is not just on Mr. Chatrie – it’s on every citizen who is under the Constitution of the United States. You just deprived them of an individual right that exists in the Fourth Amendment. You, every one of you sitting here right now, can have your location data ... and it can be put in a great pool and then you have no privacy whatsoever.”

​PPSA urges the Fourth Circuit to join the Fifth Circuit in upholding the constitutional rights of all Americans.

​Washington seemed to have reached a tipping point last week in the surveillance reform debate. Reformers are taking heart from the receptivity of the Trump Administration and its nominees to surveillance reform, while defenders of the surveillance status quo are doubling down on the untenable position of opposing all reform.
 
Those defenders likely agree with The Wall Street Journal, whose editorial board found the removal of Rep. Mike Turner, Chairman of the House Intelligence Committee, a “bad message about the need for public honesty about threats to U.S. security.” In confirmation hearings of Trump nominees several senators created a false dichotomy when describing the fate of Section 702 – the Foreign Intelligence Surveillance Act authority that allows federal agencies to spy on foreign threats on foreign soil, but abused to spy on many Americans in domestic cases. The choice these champions of the intelligence community offered was between two extremes. One would be to let Section 702’s authority lapse when it comes up for renewal in 2026. The other would be to leave it in place, unchanged. In other words, they are saying our only choice is to either expose the American homeland to terrorists or loyally affirm the surveillance status quo.
 
But something else happened last week as well. Nuance and more openness to debate seemed to be breaking through the noise, and not a minute too soon.
 
While the new House Intelligence Chairman Rick Crawford (R-AR) is not known as a surveillance reformer, civil liberties groups are hopeful he will allow a balanced debate to take place. We look forward to Chairman Crawford listening to our objections about the government’s abuses of Section 702 and the separate expansion of “electronic communications service providers” with a legal duty to engage in domestic spying. Chairman Crawford surely knows that many on the Hill are still smarting from the way some colleagues strong-armed them into blocking a promised fix to a law mandating that virtually every business, organization and house of worship with free Wi-Fi be obligated to spy on their customers for the NSA.
 
Chairman Crawford will also be told that reformers are pushing back on Section 702, not because we want to protect foreigners – who have no Fourth Amendment rights – but because we want to protect American citizens from warrantless FBI surveillance in ordinary domestic investigations. Consider that as recently as 2022, the FBI had accessed the communications of Americans garnered via Section 702 more than 200,000 times. President Trump, having been victimized himself through another FISA authority during the Carter Page affair, seems to be nominating Cabinet officers who agree that the FBI has been out-of-control.
 
Sen. Mike Lee (R-UT) made this clear when he was interviewed by Laura Ingraham on Fox News to discuss the confirmation testimony of Pam Bondi, President Trump’s AG nominee. Sen. Lee said of Bondi:
 
“She understands the Fourth Amendment. She understands that the U.S. government can’t go after your personal effects, your papers, your private communications, without a warrant … backdoor warrantless searches under FISA 702 have become a problem.
 
“We’re told over and over again by FBI Directors and attorneys general, ‘Don’t worry about it. These aren’t the [violations] you’re looking for. We have procedures to handle this.’ And they’re lying. Pam Bondi went on record today, saying ‘We shouldn’t do that.’ And I am thrilled that she did.”
 
The dust is still settling from an earthquake election, the replacement of a House Intelligence Committee chairman, and a likely attorney general affirming that the backdoor search loophole of Section 702 must be addressed. Perhaps now we can have a mature discussion about surveillance reform.
 
If we do, Congress can add guardrails to Section 702 to end the FBI’s warrantless surveillance of Americans while keeping a strong national security tool that protects the American homeland. Perhaps the stars are lining up for a deal.

​John Ratcliffe slid though his confirmation hearing for his nomination as Director of the Central Intelligence Agency on a greased toboggan. Along the way, he offered encouraging glimpses into his thinking about surveillance reform.
 
Sen. James Lankford (R-OK) spoke up for Section 702, the Foreign Intelligence Surveillance Act authority that allows federal agencies to surveil foreign threats on foreign soil. John Ratcliffe said that Section 702 is “an indispensable national security tool” and noted that information gleaned from programs authorized by that law often comprises half of the president’s daily intelligence briefing. But Ratcliffe also acknowledged that Section 702 “can be abused and that we must do everything we can to make sure it has appropriate safeguards.” Ratcliffe told the Senate Select Committee on Intelligence that surveillance “can’t come at the expense of Americans’ civil liberties.”
 
Sen. John Cornyn (R-TX) said that Ratcliffe in a private conversation had observed that surveillance authorities are somewhat like steak knives in the kitchen, useful but dangerous in the wrong hands. The problem in the past, the senator from Texas said, was a “lack of trust in people who’ve had access to those tools.” That seemed to be a reference to the FBI, which in the past had used Section 702 powers to vacuum up the communications of more than 3.4 million Americans.
 
There were also some irritating moments for surveillance reformers in the hearing. Several senators alluded to all critics of Section 702 as wanting to repeal that authority and expose Americans to terrorists and spies. They did so without acknowledging that it is possible to criticize and reform that law without ending it.
 
Under questioning from Sen. Michael Bennet (D-CO), John Ratcliffe spoke of his unique experience as a former House Member who sat on the Judiciary Committee and later the House Intelligence Committee and then served in the executive branch as Director of National Intelligence (DNI).
 
Ratcliffe said that he was surprised that despite having served in the legislative branch on an oversight committee of the intelligence community “there was so much intelligence I learned for the first time as a DNI that I knew no Member of Congress was aware of. And I think that sort of speaks to my approach and understanding that I take seriously the obligation that I will have to keep this committee fully informed on intelligence issues.”
 
John Ratcliffe told the oversight committee point blank that there is much it does not know but should. Perhaps that admission will spur senators to dig deeper and conduct stronger supervision of the intelligence community.

​A jury in London’s Old Bailey criminal court heard prosecutors last week make a case against a Bulgarian man who had stored enough spy equipment in rented rooms in England to fill the Washington, D.C., Spy Museum. The rooms also contained two devices that should be of interest to any American interested in protecting privacy.
 
Among the thousands of paper and digital exhibits shown to the jury were pendant necklaces, soda bottles, water bottles, and a cap with cameras inside, as well as a device to clone car keys. These surveillance tech devices were allegedly held by 46-year-old Orlin Roussev in a guesthouse at a resort on the east coast of England.
 
Roussev is charged with being part of a Russian plot to employ two devices commonly used by the FBI and state and local law enforcement in domestic cases. Among the items prosecutors say were found were two international mobile subscriber identity, or IMSI, devices worth £160,000. These devices, popularly known as “stingrays” are, in essence, fake cell towers that can pull data out of a nearby cellphone and use it to track its owner’s location. Roussev and several others are accused by British prosecutors of planning to go to Stuttgart, Germany, where Ukrainian soldiers are being trained to operate Patriot missile-defense batteries and to use stingrays to link to their personal phones.
 
The British government says these devices were to then be used to follow the Ukrainian soldiers back to Ukraine, locate them in the battlefield with their Patriot missiles, and target them for annihilation.
 
In a domestic context, stingrays can vacuum up the data and locations of a large number of civilian cellphones in a geofenced area. PPSA has learned that local governments signed an agreement with the FBI that severely restricts what local police and prosecutors can reveal about the use of stingrays in a trial. The agreement’s boilerplate stipulates that if the agency “learns that a District Attorney, prosecutor, or a court” is considering releasing such information, the customer agency must “immediately notify the FBI in order to allow sufficient time for the FBI to intervene …”
 
Once the FBI gains warrantless access to your location and movements, it won’t act like the Russians do and fire an Oreshnik missile at you. But it can follow you everywhere you go, make a case against you in court, and no jury will ever know how this evidence was obtained.
 
Perhaps spies accused of acting for Russia might receive more respect for due process in London than an American targeted by a stingray in your hometown.

​As much as we oppose warrantless surveillance by the FBI, we acknowledge there is much to fear from foreign threats as well.
 
Outgoing FBI Director Christopher Wray’s interview with Scott Pelley on CBS’s 60 Minutes covered a lot of hot political territory, including Wray’s contentious relationship with President-elect Donald Trump. Regardless of your political leanings, however, you should be alarmed by what Director Wray said about China’s use of surveillance and malware to threaten the people of the United States.
 
Pelley reported that CBS has confirmed that China has been listening to the conversations of the two recent presidential candidates, President-elect Trump and Vice President Kamala Harris. Without naming names, Wray said that the FBI believes that the People’s Republic of China has “collected their content, the actual communications of those people.”
 
Wray doubled down on prior statements that China has stolen trillions of dollars’ worth of intellectual property from the United States over the years. China, he said, “has stolen more of American’s personal and corporate data than that of every nation, big or small.”
 
Wray’s words about Chinese malware were the most chilling. He said the greatest danger is the “Chinese government’s pre-positioning [malware] on American civilian critical infrastructure. To lie in wait on those networks to be in a position to wreak havoc and can inflict real-world harm at a time and place of their choosing.”
 
What areas are China targeting? Wray said:
 
“Things like water treatment plants. We’re talking about transportation systems. We’re talking about targeting of our energy sector, the electric grid, natural gas pipelines. And recently we’ve seen targeting of our telecommunications systems.”
 
The latter appeared to be a reference to reports in October that China gained access to AT&T, Lumen, and Verizon systems that the FBI uses for domestic wiretapping investigations. So China appears to be using the FBI itself for outsourcing its spying on Americans.
 
What would an all-out Chinese malware attack on the United States look like? It would look like the Middle Ages, at least for a while. No air travel. No water at the tap. No electricity, which would shut down gas pumps, which would eventually stop vehicular transportation. After the food trucks stop rolling, the squirrels in your backyard might start to look appealing.
 
There is a growing sense among foreign policy experts that a hybrid-war between the United States and China could occur this year, or within the next few years. It is for this reason that PPSA – which has never donned a tin foil hat – soberly advises you to go online or to a big box retail store and purchase several months’ worth of long-term emergency food supplies. You might also want to store water in clean, BPA-free plastic containers, refreshing them every six months. With any luck, these items will just gather dust in your attic, but they will be providing insurance every minute of the day.

​The proliferation of automated license plate recognition systems (ALPRs) is a boon for safer roadways. These networked cameras can help police spot a stolen car or track fleeing bank robbers with just a few clicks. These systems are growing in capability as the sheer numbers of these watchers, generating data networked and analyzed by artificial intelligence, seamlessly track anyone who drives or rides in a car.
 
Now a privacy advocate has demonstrated that ALPRs systems are leaky, easily accessed on private networks without authentication – and even prone to allow a stalker to stream someone’s travels online.
 
Jason Koebler of 404 Media reports that privacy advocate Matt Brown of Brown Fine Security easily turned license plate readers into streaming video. Without any logins or credentials, Brown was able to join the private networks collecting the video and data these cameras collect. Worse, he found that many of these cameras are misconfigured in a way that an Internet of Things (IoT) search engine can access them for online streaming – a dream-come-true for stalkers, creeps, corporate espionage artists, and perhaps government agencies. Will Freeman, who created an open-source map of U.S. ALPRs, told Koebler that he can write a script to map vehicles to set times and precise locations.
 
“So when a police department says there’s nothing to worry about unless you’re a criminal, there is,” Freeman told 404 Media.
 
Koebler reports that Motorola, the camera’s manufacturer, promised a fix when informed of these vulnerabilities. Given the liability risk, it is likely this particular technological vulnerability will soon be patched. The longer-term threat pertains to the ubiquity of ALPRs systems, which brings to mind Jospeh Stalin’s famous quip about his tanks – “quantity has a quality all its own.” The same is true with camera surveillance.
 
The first few cameras allowed police to catch scofflaws who ran red lights. Many cameras can be used to track people as they drive to political, religious, romantic, or journalistic encounters. Add AI into the mix, and you take the labor out of following journalist Alice on her way to meet with government insider and whistleblower Bob, or to determine which political donor is meeting with which advocacy group, or which public figure is providing the watcher with kompromat.
 
This capability will only grow more robust, reports Paige Gross of the Florida Phoenix, as IoT technologies create “smart cities” with interconnected webs to make roadways and sidewalks safer and the flow of vehicles and people more efficient. We may feel like we’re in a zone of privacy when we’re in our cars. But the Internet of Things is also transforming cities into places where anonymity and privacy are evaporating.
 
“As the technology becomes increasingly denser in our communities, and at a certain point you have like three of them on every block, it becomes the equivalent to tracking everybody by using GPS,” Jay Stanley of the ACLU told Gross. “That raises not only policy issues, but also constitutional issues.”
 
License plate readers are just one element of a surveillance state being knitted together, day by day. From purchases of our digital data by government agencies and corporations, to the self-reporting we make of our movements by carrying our cellphones, to our cars – which themselves are GPS devices – there is a growing integration of a network of networks to follow our movements, posts, and communications … in the land of the free and the thoroughly surveilled.
 
The need for lawmakers in Congress and the state capitals to set guardrails on these integrating technologies is growing more urgent by the day. Perhaps the best solution to many of these 21st century problems is to be found in a bit of 18th century software – the founders’ warrant requirement in the Fourth Amendment to the Constitution.