Scholl and Bednarz v. Illinois State Police We recently reported on the proliferation of automated license plate readers (ALPRs) in Virginia. Now a lawsuit from two Cook County, Illinois, residents make a Fourth Amendment claim against the growing system of ALPRs. It directly sets out the dangers such systems pose to privacy and constitutional rights.
The suit by plaintiffs Stephanie Scholl and Frank Bednarz against the Illinois State Police highlights the proliferation of license plate readers to the point of near ubiquity – 300 ALPRs across every expressway in Cook County. Calling this “a system of dragnet surveillance,” the plaintiffs write that law enforcement is “tracking anyone who drives to work in Cook County – or to school, or a grocery store, or a doctor’s office, or a pharmacy, or a political rally, or a romantic encounter, or family gathering – every day, without any reason to suspect anyone of anything, and are holding onto those whereabouts just in case they decide in the future that some citizen might be an appropriate target of law enforcement.” As with so many surveillance systems, danger to privacy lies not just in the mere collection of data, but how long it is stored and when and how it is used. The plaintiffs write that when “law enforcement chooses to investigate a citizen’s past movements, the ALPRs feed databases creating a comprehensive map of their travels, recording every time they’ve driven past ISP’s cameras – and indeed every time they’ve driven past cameras in other jurisdictions using the same database.” The vendor for these devices, Vetted Security Solutions, which uses Motorola’s “Vigilant” system, feeds every detected license plate into Vigilant’s Law Enforcement Archival Reporting Network (LEARN) national database, which holds millions of license plate images that allow millions of Americans to be tracked. The good news is that the Illinois State Police only holds its license plate data for 90 days after it is collected. But this agency is not required by law or by Vigilant policy to do so. Every law enforcement customer is allowed to set their own retention limits – or none at all. The result is potentially years’ worth of data held by law enforcement agencies that track the movements of Americans around the country. Add to this all the data that our cars and GPS systems produce, in addition to all the commercial information that is purchased by federal and local agencies, and we begin to get a sense of the scale of warrantless surveillance of Americans. We should be grateful to Scholl and Bednarz for laying out in plain English the danger license plate readers can pose to Americans. This technology is one more tile being set into an enormous mosaic of capabilities, an emerging American panopticon. It is also one more reason to spark a national discussion on what data the government should collect, and the need for warrants to track Americans. Someone has to watch the watchers, and we can all do our part not to let the government gather such dangerous surveillance powers unnoticed and unchallenged. George Orwell wrote that in a time of deceit, telling the truth is a revolutionary act.
Revolutionary acts of truth-telling are becoming progressively more dangerous around the world. This is especially true as autocratic countries and weak democracies purchase AI software from China to weave together surveillance technology to comprehensively track individuals, following them as they meet acquaintances and share information. A piece by Abi Olvera posted by the Bulletin of Atomic Scientists describes this growing use of AI to surveil populations. Olvera reports that by 2019, 56 out of 176 countries were already using artificial intelligence to weave together surveillance data streams. These systems are increasingly being used to analyze the actions of crowds, track individuals across camera views, and pierce the use of masks or scramblers intended to disguise faces. The only impediment to effective use of this technology is the frequent Brazil-like incompetence of domestic intelligence agencies. Olvera writes: “Among other things, frail non-democratic governments can use AI-enabled monitoring to detect and track individuals and deter civil disobedience before it begins, thereby bolstering their authority. These systems offer cash-strapped autocracies and weak democracies the deterrent power of a police or military patrol without needing to pay for, or manage, a patrol force …” Olvera quotes AI surveillance expert Martin Beraja that AI can enable autocracies to “end up looking less violent because they have better technology for chilling unrest before it happens.” Olivia Solon of Bloomberg reports on the uses of biometric identifiers in Africa, which are regarded by the United Nations and World Bank as a quick and easy way to establish identities where licenses, passports, and other ID cards are hard to come by. But in Uganda, Solon reports, President Yoweri Museveni – in power for 40 years – is using this system to track his critics and political opponents of his rule. Used to catch criminals, biometrics is also being used to criminalize Ugandan dissidents and rival politicians for “misuse of social media” and sharing “malicious information.” The United States needs to lead by example. As our facial recognition and other systems grow in ubiquity, Congress and the states need to demonstrate our ability to impose limits on public surveillance, and legal guardrails for the uses of the sensitive information they generate. Every moral person agrees we must fight the sexual abuse of children online. But a renewed push by the Belgian Presidency within the European Union’s executive branch would force all consumers to accept software that would annihilate any semblance of communications privacy. This would be done with government technology that would break end-to-end encryption. (Hat tip to Joe Mullin of EFF.)
In the name of catching those who traffic in Child Sexual Abuse Materials (CSAM), the EU is poised to degrade the ability of anyone to privately communicate. Worse, it could enable illicit and dangerous surveillance by bad actors. The EU had previously proposed scanning the full content of encrypted messages. In what is being sold as a new approach, the executive branch is now offering a tweaked but still problematic approach called “upload moderation.” This proposal would mandate the scanning of hyperlinks and images within encrypted messages. In theory, consumers could refuse to consent to this snooping, but they would be blocked from sharing any further photos or videos. Such coerced consent is, of course, no consent at all. What is lost in this debate is that encryption is a major protector of personal security, human rights, and liberty. In an open letter to the EU, leading civil liberties organizations – including the Center for Democracy & Technology, Mozilla, and the Electronic Frontier Foundation – warn policymakers that such technology would be dangerous “bugs in our pockets.” Such “client-side scanning” pushes surveillance beyond what is shared on the cloud directly to the user’s device. Some trolls already threaten journalists by sending them unwanted CSAM. Dictatorships could use Europe’s system to send innocuous images to dissidents that contain the correct parameters to trigger a CSAM alarm – and then use the results of that alarm to locate that person. Cartels and other criminal gangs could use it to locate witnesses. Experts demonstrate that malevolent agents can manipulate the hash database of such a system to transform it into a risk for physically locating and surveilling individuals. Victims around the world could ironically include women and children hiding in safe houses from abusers and stalkers. CSAM users are despicable criminals who deserve to be ferreted out and punished. But creating a system that eradicates all privacy in electronic communications is not the solution. In the early 1920s revenue agents staked out a South Carolina home the agents suspected was being used as a distribution center for moonshine whiskey. The revenue agents were in luck. They saw a visitor arrive to receive a bottle from someone inside the house. The agents moved in. The son of the home’s owner, a man named Hester, realized that he was about to be arrested and sprinted with the bottle to a nearby car, picked up a gallon jug, and ran into an open field.
One of the agents fired a shot into the air, prompting Hester to toss the jug, which shattered. Hester then threw the bottle in the open field. Officers found a large fragment of the broken jug and the discarded bottle both contained moonshine whiskey. This was solid proof that moonshine was being sold. But was it admissible as evidence? After all, the revenue agents did not have a warrant. This case eventually wound its way to the Supreme Court. In 1924, a unanimous Court, presided over by Chief Justice (and former U.S. President) William Howard Taft, held that the Fourth Amendment did not apply to this evidence. Justice Oliver Wendell Holmes, writing the Court’s opinion, declared that “the special protection accorded by the Fourth Amendment to the people in their ‘persons, houses, papers and effects,’ is not extended to the open field.” This principle was later extended to exclude any garbage that a person throws away from Fourth Amendment protections. As strange as it may seem, this case about broken jugs and moonshine from the 1920s, Hester v. United States, provides the principle by which law enforcement officers freely help themselves to the information inside a discarded or lost cellphone – text messages, emails, bank records, phone calls, and images. We reported a case in 2022 in which a Virginia man was convicted of crimes based on police inspection of a cellphone he had left behind in a restaurant. That man’s attorney, Brandon Boxler, told the Daily Press of Newport News that “cellphones are different. They have massive storage capabilities. A search of a cellphone involves a much deeper invasion of privacy. The depth and breadth of personal and private information they contain was unimaginable in 1924.” In Riley v. California, the Supreme Court in 2018 upheld that a warrant was required to inspect the contents of a suspect’s cellphone. But the Hester rule still applies to discarded and lost phones. They are still subject to what Justice Holmes called the rules of the open field. The American Civil Liberties Union, ACLU Oregon, the Electronic Privacy Information Center, and other civil liberties organizations are challenging this doctrine before the Ninth Circuit in Hunt v. United States. They told the court that it should not use the same reasoning that has historically applied to garbage left out for collection and items discarded in a hotel wastepaper basket. “Our cell phones provide access to information comparable in quantity and breadth to what police might glean from a thorough search of a house,” ACLU said in a posted statement. “Unlike a house, though, a cell phone is relatively easy to lose. You carry it with you almost all the time. It can fall between seat cushions or slip out of a loose pocket. You might leave it at the check-out desk after making a purchase or forget it on the bus as you hasten to make your stop … It would be absurd to suggest that a person intends to open up their house for unrestrained searches by police whenever they drop their house key.” Yet that is the government position on lost and discarded cellphones. PPSA applauds and supports the ACLU and its partners for taking a strong stand on cellphone privacy. The logic of extending special protections to cellphones, which the Supreme Court has held contain the “privacies of life,” is obvious. It is the government’s position that tastes like something cooked up in a still. State of Alaska v. McKelveyWe recently reported that the Michigan Supreme Court punted on the Fourth Amendment implications in a case involving local government’s warrantless surveillance of a couple’s property with drone cameras. This was a disappointing outcome, one in which we had filed an amicus brief on behalf of the couple.
But other states are taking a harder look at privacy and aerial surveillance. In another recent case, the Alaska Supreme Court in State v. McKelvey upheld an appeals court ruling that the police needed to obtain a warrant before using an aircraft with officers armed with telephoto lenses to see if a man was cultivating marijuana in his backyard at his home near Fairbanks. In a well-reasoned opinion, Alaska’s top court found that this practice was “corrosive to Alaskans’ sense of security.” The state government had argued that the observations did not violate any reasonable expectation of privacy because they were made with commercially available, commonly used equipment. “This point is not persuasive,” the Alaska justices responded. “The commercial availability of a piece of technology is not an appropriate measure of whether the technology’s use by the government to surveil violates a reasonable expectation of privacy.” The court’s reasoning is profound and of national significance: “If it is not a search when the police make observations using technology that is commercially available, then the constitutional protection against unreasonable searches will shrink as technology advances … As the Seventh Circuit recently observed, that approach creates a ‘precarious circularity.’ Adoption of new technologies means ‘society’s expectations of privacy will change as citizens increasingly rely on and expect these new technologies.’” That is as succinct a description of the current state of privacy as any we’ve heard. The court found that “few of us anticipated, when we began shopping for things online, that we would receive advertisements for car seats and burp cloths before telling anyone there was a baby on the way.” We would add that virtually no one in the early era of social media anticipated that federal agencies would use it to purchase our most intimate and sensitive information from data brokers without warrants. The Alaska Supreme Court sees the danger of technology expansion with drones, which it held is corrosive to Alaskans’ sense of privacy. As we warned, drones are becoming ever cheaper, sold with combined sensor packages that can be not only deeply intrusive across a property, but actually able to penetrate into the interior of a home. The Alaska opinion is an eloquent warning that when it comes to the loss of privacy, we’ve become the proverbial frog, allowing ourselves to become comfortable with being boiled by degrees. This opinion deserves to be nationally recognized as a bold declaration against the trend of ever-more expanding technology and ever-more shrinking zones of privacy. Katie King in the Virginian-Pilot reports an in-depth account about the growing dependency of local law enforcement agencies on Flock Safety cameras, mounted on roads and intersections to catch drivers suspected of crimes. With more than 5,000 police agencies across the nation using these devices, the privacy implications are enormous.
Surveillance cameras have been in the news at lot lately, often in a positive light. Local news is consumed by murder suspects and porch pirates alike captured on video. The recently released video of a physical attack by rapper Sean “Diddy” Combs on a girlfriend several years ago has saturated media, reminding us that surveillance can protect the vulnerable. The crime-solving potential of license plate readers is huge. Flock’s software runs license plate numbers through law enforcement databases, allowing police to quickly track a stolen car, locate suspects fleeing a crime, or find a missing person. With such technologies, Silver and Amber alerts might one day become obsolete. As with facial recognition technology, however, license plate readers can produce false positives, ensnaring innocent people in the criminal justice system. King recounts the ordeal of an Ohio man who was arrested by police with drawn guns and a snarling dog. Flock’s license plate reader had falsely flagged his vehicle as having stolen tags. The good news is that Flock insists it is not even considering combining its network with facial recognition technology – reducing the possibility of both technologies flagging someone as dangerous. As with so many surveillance technologies, the greater issue in license-plate readers is not the technology itself, but how it might be used in a network. “There’s a simple principle that we’ve always had in this country, which is that the government doesn’t get to watch everybody all the time just in case somebody commits a crime – the United States is not China,” Jay Stanley, a senior analyst with the American Civil Liberties Union, told King. “But these cameras are being deployed with such density that it’s like GPS-tracking everyone.” License plate readers could, conceivably, be networked to track everywhere that everyone goes – from trips to mental health clinics, to gun stores, to houses of worship, and protests. With so many federal agencies already purchasing Americans’ sensitive data from data brokers, creating a national network of drivers’ whereabouts is just one more addition to what is already becoming a national surveillance system. With apologies to Jay Stanley, we are in serious danger of becoming China. As massive databases compile facial recognition, location data, and now driving routes, we need more than ever to head off the combination of all these measures. A good place to start would be for the U.S. Senate follow the example of the House by passing the Fourth Amendment Is Not For Sale Act. The City of Denver is reversing its previous stance against the use of police drones. The city is now buying drones to explore the effectiveness of replacing many police calls with remote aerial responses. A Denver police spokesman said that on many calls the police department will send drones first, officers second. When operators of drones see that a call was a false alarm, or that a traffic issue has been resolved, the police department will be free to devote scarce resources to more urgent priorities.
Nearby Arapahoe County already has a fleet of 20 such drones operated by 14 pilots. Arapahoe has successfully used drones to follow suspects fleeing a crime, provide live-streamed video and mapping of a tense situation before law enforcement arrives, and to look for missing people. In Loveland, Colorado, a drone was used to deliver a defibrillator to a patient before paramedics were able to get to the scene. The use of drones by local law enforcement as supplements to patrol officers is likely to grow. And why not? It makes sense for a drone to scout out a traffic accident or a crime scene for police. But as law enforcement builds more robust fleets of drones, they could be used not just to assess the seriousness of a 911 call, but to provide the basis for around-the-clock surveillance. Modern drones can deliver intimate surveillance that is more invasive than traditional searches. They can be packed with cell-simulator devices to extract location and other data from cellphones in a given area. They can loiter over a home or peek in someone’s window. They can see in the dark. They can track people and their activities through walls by their heat signatures. Two or more cameras combined can work in stereo to create 3D maps inside homes. Sensor fusion between high definition, fully maneuverable cameras can put all these together to essentially give police an inside look at a target’s life. Drones with such high-tech surveillance packages can be had on the market for around $6,000. As with so many other forms of surveillance, the modest use of this technology sounds sensible, until one considers how many other ways they can be used. Local leaders at the very least need to enact policies that put guardrails on these practices before we learn, the hard way, how drones and the data they generate can be misused. A report by The New York Time’s Vivian Wang in Beijing and one by Tech Policy’s Marwa Sayed in New York describes the twin strategies for surveilling a nation’s population, in the United States as well as in China.
Wang chronicles the move by China’s dictator, Xi Jinping, to round out the pervasive social media and facial recognition surveillance capability of the state by bringing back Mao-era human snitching. Wang writes that Xi wants local surveillance that is “more visible, more invasive, always on the lookout for real or perceived threats. Officers patrol apartment buildings listening for feuding neighbors. Officials recruit retirees playing chess outdoors as extra eyes and ears. In the workplace, employers are required to appoint ‘safety consultants’ who report regularly to the police.” Xi, Wang reports, explicitly links this new emphasis on human domestic surveillance to the era when “the party encouraged residents to ‘re-educate’ purported political enemies, through so-called struggle sessions where people were publicly insulted and humiliated …” Creating a society of snitches supports the vast network of social media surveillance, in which every “improper” message or text can be reviewed and flagged by AI. Chinese citizens are already followed everywhere by location beacons and a national network of surveillance cameras and facial recognition technology. Marwa Sayed writes about the strategy of technology surveillance contained in several bills in New York State. One bill in the state legislature would force the owners of driver-for-hire vehicles to install rear-facing cameras in their cars, presumably capturing private conversations by passengers. Another state bill would mandate surveillance cameras at racetracks to monitor human and equine traffic, watching over people in their leisure time. “Legislators seem to have decided that the cure to what ails us is a veritable panopticon of cameras that spares no one and reaches further and further into our private lives,” Sayed writes. She notes another measure before the New York City Council that would require the Department of Sanitation to install surveillance cameras to counter the insidious threat of people putting household trash into public litter baskets. Sayed writes: “As the ubiquity of cameras grows, so do the harms. Research shows that surveillance and the feeling it creates of constantly being watched leads to anxiety and paranoia. People may start to feel there is no point to personal privacy because you’ll be watched wherever you go. It makes us wary about taking risks and dampens our ability to interact with one another as social creatures.” Without quite meaning to, federal, state, and local authorities are merging the elements of a national surveillance system. This system draws on agencies’ purchases of our sensitive, personal information from data brokers, as well as increasingly integrated camera, facial recognition, and other surveillance networks. And don’t think that organized human snitching can’t come to these shores either. During World War One, the federal government authorized approved citizens to join neighborhood watch groups with badges inscribed with the words, “American Protection League – Secret Service.” At a time when Americans were sent to prison for opposing the war, the American Protection League kept tabs on neighbors, always on the watch out for anyone who seemed insufficiently enthusiastic about the war. Americans could be reported to the Department of Justice for listening to Beethoven on their phonographs or checking out books about German culture from the library. Today, large numbers of FBI and other government employees secretly “suggest” that social media companies remove posts that contain “disinformation.” They monitor social media to track posts of people, whether targeted by the FBI as traditional Catholics or observant Muslims, for signs of extremism. As world tension grows between the United States and China, Russia, Iran and North Korea, something like the American Protection League might be resurrected soon in response to a foreign policy crisis. Its digital ghost is already watching us. The House of Representatives on Thursday passed the CBDC Anti-Surveillance State Act, 216-192, a measure sponsored by House Majority Whip Tom Emmer (R-MN) that would prohibit the Federal Reserve from issuing a central bank digital currency (CBDC) that would give the federal government the ability to monitor and control individual Americans’ spending habits.
“A digital dollar could give the FBI and other federal agencies instant, warrantless access to every transaction of any size made between Americans,” said Bob Goodlatte, former congressman and PPSA Senior Policy Advisor. “This would be an alarming and unacceptable invasion of our Fourth Amendment right to privacy. The CBDC Anti-Surveillance State Act takes a critical step to prevent this from happening. We applaud Rep. Emmer for his leadership in protecting Americans against pervasive government surveillance of our financial data.” Perhaps next the House will consider measures to rein in financial surveillance by the U.S. Treasury and the Financial Crimes Enforcement Network (FinCEN). Passage by the House of the CBDC Anti-Surveillance State Act is an encouraging sign that more Members and their constituents are learning about the government’s financial surveillance and are ready to push back. Suspect: “We Have to Follow the Law. Why Don’t They?" Facial recognition software is useful but fallible. It often leads to wrongful arrests, especially given the software’s tendency to produce false positives for people of color.
We reported in 2023 on the case of Randall Reid, a Black man in Georgia, arrested and held for a week by police for allegedly stealing $10,000 of Chanel and Louis Vuitton handbags in Louisiana. Reid was traveling to a Thanksgiving dinner near Atlanta with his mother when he was arrested. He was three states and seven hours away from the scene of this crime in a state in which he had never set foot. Then there is the case of Portia Woodruff, a 32-year-old Black woman, who was arrested in her driveway for a recent carjacking and robbery. She was eight months pregnant at the time, far from the profile of the carjacker. She suffered great emotional distress and suffered spasms and contractions while in jail. Some jurisdictions have reacted to the spotty nature of facial recognition by requiring every purported “match” to be evaluated by a large team to reduce human bias. Other jurisdictions, from Boston to Austin and San Francisco, responded to the technology’s flaws by banning the use of this technology altogether. The Washington Post’s Douglas MacMillan reports that officers of the Austin Police Department have developed a neat workaround for the ban. Austin police asked law enforcement in the nearby town of Leander to conduct face searches for them at least 13 times since Austin enacted its ban. Tyrell Johnson, a 20-year-old man who is a suspect in a robbery case due to a facial recognition workaround by Austin police told MacMillan, “We have to follow the law. Why don’t they?” Other jurisdictions are accused of working around bans by posting “be on the lookout” flyers in other jurisdictions, which critics say is meant to be picked up and run through facial recognition systems by other police departments or law enforcement agencies. MacMillian’s interviews with defense lawyers, prosecutors, and judges revealed the core problem with the use of this technology – employing facial recognition to generate leads but not evidence. They told him that prosecutors are not required in most jurisdictions to inform criminal defendants they were identified using an algorithm. This highlights the larger problem with high-tech surveillance in all its forms: improperly accessed data, reviewed without a warrant, can allow investigators to work backwards to incriminate a suspect. Many criminal defendants never discover the original “evidence” that led to their prosecution, and thus can never challenge the basis for their case. This “backdoor search loophole” is the greater risk, whether one is dealing with databases of mass internet communications or facial recognition. Thanks to this loophole, Americans can be accused of crimes but left in the dark about how the cases against them were started. The federal government’s hunger for financial surveillance is boundless. A central bank digital currency (CBDC) would completely satisfy it. Under a CBDC, all transactions would be recorded, giving federal agencies the means to review any Americans’ income and expenditures at a glance. Financial privacy would not be compromised: it would be dead.
Federal Reserve Chairman Jerome Powell says this country is “nowhere near” establishing a digital currency. To be sure, such an undertaking would take years. But Nigeria, Jamaica, and the Bahamas already have digital currencies. China is well along in a pilot program for a digital yuan. The U.S. government is actively exploring this as an option. It is not too early to consider the consequences of a digital dollar. Such a digital currency would create a presumably unbreakable code, or “blocks” linked together by cryptographic algorithms, to connect computers to create a digital ledger to record transactions. Some risks of a CBDC are obvious – from the breaking of “unbreakable” codes by criminals and hostile foreign governments, to the temptation for Washington, D.C., to expand the currency with a few clicks, making it all the easier to inflate the currency. House Majority Whip, Rep. Tom Emmer (R-MN), is especially concerned about the privacy implications of a digital currency. “If not designed to be open, permissionless, and private – emulating cash – a government-issued CBDC is nothing more than a CCP-style (Chinese Communist Party) surveillance tool that would be used to undermine the American way of life,” Rep. Emmer said. He is expected to soon reintroduce a bill that would require any central bank digital currency to require authorizing legislation from Congress before it could be enacted. Emmer’s stand is prescient, not premature. From the new requirement for “beneficial ownership” forms by small businesses, to the revelation from House hearings of warrantless, dragnet surveillance through credit card and ATM transactions, the federal government is inventing new ways to track our every financial move. Rep. Emmer is right to head this one off at the pass. PPSA endorses this bill and urges Emmer’s colleagues to pass it into law. A new fiat currency should have the permission of Congress and the American people. The long back-and-forth between Michigan’s Long Lake Township and Todd and Heather Maxon ended with the Michigan Supreme Court punting on the Fourth Amendment implications of drone surveillance over private property.
An appellate court had held that the township’s warrantless use of a drone three times in 2017 to photograph the Todd’s property was an unreasonable, warrantless search, constituting a Fourth Amendment violation. PPSA filed a brief supporting the Maxons before the Michigan Supreme Court, alerting the court to the danger of intimate searches of home and residents by relatively inexpensive drones now on the market. To demonstrate the privacy threat of drones, PPSA informed the court that commercially available drones have thermal cameras that can penetrate beyond what is visible to the naked eye. They can be equipped with animal herd tracking algorithms that can enhance the surveillance of people. Drones can swarm and loiter, providing round-the-clock surveillance. They can carry lightweight cell-site simulators that prompt the mobile phones of people inside the targeted home to give up data that reveals deeply personal information. Furthermore, PPSA’s brief states that drones “can see around walls, see in the dark, track people by heat signatures, and recognize and track specific people by their face.” PPSA agreed that even ordinary photography from a camera hovering over the Maxon’s property violated, in the words of an appellate court, the Maxon’s reasonable expectation of privacy. But in a unanimous decision, Michigan’s top court was having none of this. It concluded that the exclusionary rule – a judicial doctrine in which evidence is excluded or suppressed – is generally applied when law enforcement violates a defendant’s constitutional rights in a criminal case. The justices remanded the case based upon a procedural issue unrelated to the Fourth Amendment question. The Michigan Supreme Court, therefore, declined to address “whether the use of an aerial drone under the circumstances presented here is an unreasonable search in violation of the United States or Michigan Constitutions.” A crestfallen Todd Maxon responded, “Like every American, I have a right to be secure on my property without being watched by a government drone.” The issue between the township and the Maxons was the contention that, behind the shelter of trees, the couple was growing a salvage operation. This violated an earlier settlement agreement the Maxons had made pledging not to keep a junkyard on their five-acre property. Given the potential for drones to use imaging and sensor technology to violate the intimate lives of families, it is all but inevitable that a better – and uglier – test case will come along. If anything, this ruling makes it a virtual certainty. The Federal Government’s “Beneficial Ownership” Snoop Millions of small business owners are about to be hit with a nasty surprise. The Corporate Transparency Act, which passed Congress as part of the must-pass National Defense Authorization Act of 2021, goes into effect this year. Advertised as a way to combat money laundering, this new law now requires small businesses to report their “beneficial owners” to the U.S. Department of Treasury’s Financial Crimes Enforcement Network (FinCEN).
This reporting requirement falls on any small business with fewer than 20 employees to reveal its “beneficial owner.” In plain English, this means a small business must give the government the name of anyone who controls or has a 25 percent or greater interest in that business. By Jan. 1, 2025, small businesses must submit the full legal name, date of birth, current residential or business address, and a unique identifier from a government ID of all its beneficial owners. There are significant privacy risks at stake in this seemingly innocuous law, beginning with the widespread access multiple federal agencies will have to this new database. This law, which covers 32 million existing companies and will suck in an additional 5 million new companies every year, threatens anyone who makes a mistake or files an incomplete submission with up to $10,000 in fines and up to two years in prison. “The CTA will potentially make a felon out of any unsuspecting person who is simply trying to make a living in his or her own lawful business or who is trying to start one and makes a simple mistake for violations,” says the National Small Business Association (NSBA). The “beneficial ownership” provision is one more way for the federal government to break down the walls of financial privacy in its quest to comprehensively track Americans’ finances. Consider another big bill, the recent Infrastructure Investment and Jobs Act of 2021, which requires $10,000 or more in cryptocurrency transactions to be reported to the government within 15 days. Incorrect or missing information may result in a $25,000 fine or five years in prison. In addition, the CATO Institute reports that new regulations under consideration would hold financial advisors accountable to “elements of the Bank Secrecy Act, which currently compels banks to turn over certain financial data to the feds.” It is likely that your financial advisor will soon be required to snitch on you. This undermines the whole concept of a fiduciary, someone who is by law supposed to be loyal to your interests. All of these measures are justified by the quest to track the money networks of criminals, terrorists, and drug dealers. But the data these authorities generate will be available, without a warrant, to the IRS, the FBI, the ATF, the Department of Homeland Security, and just about any agency that wants to investigate you for your personal activities or statements that some official deems suspicious. The CTA’s “beneficial ownership” provision represents a new assertion by the federal government over small business. Since before the Constitution, the regulation of small business has been under the purview of the states. Now Washington is assembling a database with which it can heap new regulations on small business regardless of state policies. The NSBA, which is challenging this law in court, estimates that complexities in business ownership will require companies to spend an average of $8,000 a year to comply with this law. NSBA’s lawsuit is moving forward with a named plaintiff, Huntsville business owner Isaac Winkles, in a federal lawsuit. NSBA and Winkles won summary judgment from Judge Liles Burke of the U.S. District Court of the Northern District of Alabama, who held the beneficial owner requirement to be unconstitutional because it exceeds the enumerated powers of Congress. While the government appeals its case to the Eleventh Circuit, FinCEN maintains that it will only exclude small businesses from this requirement if they were members of NSBA on or before March 1. These encroachments are steady and their champions on the Hill are growing bolder in financial surveillance. The good news is that privacy activists have just acquired 32 million new allies. Well, that didn’t take long.
A little more than three weeks ago Congress reauthorized FISA Section 702, a surveillance program enacted to authorize foreign surveillance but which is often used by the FBI to snoop on Americans’ communications caught up in the NSA’s global data trawl. Central to that debate was whether 702 should be made to conform to the Fourth Amendment’s bar against unreasonable searches. The House and Senate fiercely debated late into the night over whether to reauthorize this flawed program. Supporters said it is vital to national security. Critics said that is no excuse for the FBI using Section 702 to surveil large numbers of Americans in recent years, including sitting Members of the House and Senate, journalists, politicians, a state judge, and 19,000 donors to a Congressional campaign. In the House that debate culminated in a 212 to 212 tie vote. That’s how close advocates of privacy and freedom for law-abiding citizens from warrantless government surveillance came to victory. The intelligence establishment and its champions on Capitol Hill won many votes with promises. They included in their bill a codification of a list of new internal FBI procedures that they promised would curb any abuses of Americans’ privacy. FBI Director Christopher Wray promised that agents would be “good stewards” who would protect the homeland “while safeguarding civil rights and liberties.” On April 19, the Senate finalized the reauthorization of Section 702 and sent it to President Biden to be signed into law. On April 20, FBI deputy director Paul Abbate emailed Bureau employees, stating: “To continue to demonstrate why tools like this [Section 702] are essential, we need to use them, while also holding ourselves accountable for doing so properly and in compliance with legal requirements.” He added, “I urge everyone to continue to look for ways to appropriately use US person queries to advance the mission …” Wired, which obtained a copy of the memo, quoted Rep. Zoe Lofgren (D-CA), who said that Deputy Director Abbate’s email directly contradicted earlier assertions from the FBI made during the debate over Section 702’s reauthorization. “The deputy director’s email seems to show that the FBI is actively pushing for more surveillance of Americans, not out of necessity but as a default,” Rep. Lofgren said. The FBI reports it has drawn down the number of such U.S. person queries from about 3 million in 2021 to 57,094 in 2023. As Wired notes, however, the FBI methodology counts multiple accessing of Americans’ personal identifier, such as phone numbers, as just a single search. As Wired reports, the FBI’s proud assertion that its compliance rate of 98 percent with its more stringent rules would still leave it with more than 1,000 violations of its own policies. With the deputy director arrogantly pushing the Bureau to make greater use of Section 702 for the warrantless surveillance of Americans, we can only wonder what the numbers of U.S. person searches will be in the next few years. Whatever happens, the more than 150 civil liberties organizations, including PPSA, will be back when Section 702 is next up for reauthorization in less than two years. The Constitution’s protections of the people cannot be ignored. Today, Laredo – Tomorrow, Los Angeles and Little Rock? When the U.S. military dispatches a drone to strike a target, it often uses a wireless device detection system that can correlate signals from terrorists’ cellphones and other devices emanating from within a target vehicle. Under such circumstances, calls and other signals from terrorists’ devices lead missiles straight into a target’s car.
As law and order along the U.S. border breaks down, it is not surprising that two Texas jurisdictions – Webb and Val Verde counties – purchased such military-grade wireless detection systems. NOTUS.org reports that law enforcement along the border can detect in-vehicle wireless signals and merge them with systems that track vehicles’ license plates to isolate a given car. This is yet another sign that the U.S. Supreme Court urgently needs to revisit the limits that federal and local law enforcement agencies are placing on the Court’s 2018 Carpenter opinion, which requires a probable cause warrant before officers can use cell tower GPS data to access a suspect’s location history. Agencies have not internalized the basic principles of that ruling. Instead, they’ve rationalized that if they are not specifically accessing historical cell tower data, they are complying with the law. To be fair, parts of the border are beginning to resemble a war zone, with out-of-control illegal immigration organized by criminal cartels. Given the current lawless state of the U.S.-Mexican border, local governments are using Department of Justice grants to purchase systems similar to those used by the U.S. military and CIA. Captain Federico Calderon of the Sheriff’s office of Webb County, which includes the large border city of Laredo, told NOTUS that the county purchased a “very restricted” version. Capt. Calderon said that Webb County is using this technology as a pilot program to scan for signals coming from the empty quarters of ranches where no one should be. Val Verde County did not respond to NOTUS’s questions. The potential for widespread abuse of this technology rivals that of cell-site simulators and data purchases. NOTUS reports “as people walk around with headphones, fitness wearables and other devices, emitting a cloud of radio frequency signals unique to them, their data can be linked to a car, even after they have ditched the car.” Local law enforcement officials want such technology to identify human traffickers and cartel smugglers. It is doubtful, however, that this technology will remain restricted to such narrow purposes. And as with purchased data and cellsite simulators, the introduction of this new militarized technology compromises the privacy of many more people – friends, family, and bystanders. “We are well beyond the idea that people have no privacy in public,” Jennifer Grannick of the American Civil Liberties Union told NOTUS. “Here, they’re installing this mass surveillance system.” With the spread of often violent political protests across the nation, a high level of terror alert from the FBI, and college campuses convulsed by tent cities, there will be no lack of reasons for law enforcement to add one more capability to what is evolving into a national surveillance state. It is reasonable to use technology to control the border. But it is up to Congress and the courts to keep a close eye on the widespread introduction of military wireless device detection systems to track Americans. Why did the “unmasking” of Americans’ identities in the global data trawl of U.S. intelligence agencies increase by 172 percent, from 11,511 times in 2022 to 31,330 times in 2023?
Government officials briefing the media say that most of this increase was a defensive response to a hostile intelligence agency launching a massive cyberattack on U.S. infrastructure, possibly infiltrating the digital systems of dams, power plants, or the like. What we do know for sure is that this authority has been abused before. Unmasking occurs when American citizens or “U.S. persons” are caught up, incidentally, in warrantless foreign surveillance. When this happens, the identities of these Americans are routinely hidden from government agents, or “masked.” But senior officials can request that the NSA “unmask” those individuals. This should be a relatively rare occurrence. Yet for some reason, over a 12-month period between 2015 and 2016, the Obama Administration unmasked 9,217 persons. Former UN Ambassador Samantha Power, or someone acting in her name, was a prolific unmasker. Power’s name was used to request unmasking of Americans more than 260 times. Large-scale unmasking continued under the Trump administration, with 2018 seeing 16,721 unmaskings, an increase of 7,000 from the year before. In recent years, the number hovered around 10,000. Now it is three times that many. This is a concern if some subset of these unmaskings (which mostly involve an email account or IP address, not a name) were for named individuals for political purposes. Consider that in 2016, at least 16 Obama administration officials, including then-Vice President Joe Biden, requested unmaskings of Donald Trump’s advisors. Outgoing National Security Advisor Susan Rice took a particular interest in unmasking members of President-elect Trump’s transition team. We are left to wonder if all of this rise in unmasking numbers can be explained away by Chinese or Russian hackers, or if some portion of them reflect the use of this authority for political purposes. Were prominent politicians, officeholders, or candidates unmasked? These raw numbers come from the government’s Annual Statistical Transparency report. This report on intelligence community activities from the Office of the Director of National Intelligence offers revealing numbers, but often without detail or explanation that would explain such jumps. All we have to rely on are media briefs that at times seem more forthcoming than the briefings available to Members of Congress, even those tasked with oversight of intelligence agencies in the House and Senate Judiciary Committees. As these numbers rise, the American people deserve more information and a solid assurance that these authorities will never again be used for political purposes by either party. Like a gourmand gorging at a banquet table, the government’s growing appetite for expanding surveillance is beginning to get a little hard watch. Consider some recent developments.
First, the Senate is voting this week on a bill to reauthorize FISA Section 702 with an amendment that includes what Sen. Ron Wyden calls “one of the most dramatic and terrifying expansions of government surveillance authority in history.” This bill would compel millions of small businesses that merely have “access” to “communications equipment” (like Wi-Fi) to hand over customers’ messages to the government. Little wonder this has been branded the “Everyone’s a Spy” provision. Second, the House will also vote on the Fourth Amendment Is Not For Sale Act, which would curb the practice of the FBI and other federal agencies of purchasing Americans’ most sensitive digital information from data brokers. Third, a House Judiciary Committee investigation also recently found that the U.S. Treasury’s Financial Crimes Enforcement Network (FinCEN) has been working with banks to conduct warrantless dragnets of large numbers of Americans’ confidential financial information, often using politically charged search terms. In all, 650 companies were connected to the FBI’s web port, covering two-thirds of U.S. GDP and 35 million people. See a pattern here? The government’s hunger to expand surveillance into every realm of American life cannot be filled. Many of these programs – like data purchases and FinCEN surveillance – are based on no law and fall under no Congressional or judicial oversight. Now, thanks to former Attorney General William Barr, we know that the Securities and Exchange Commission (SEC) is also getting in on the act. With no statutory approval, the SEC is taking it upon itself to start a huge database called the Consolidated Audit Trail that will allow 3,000 government employees to track, in real time, the identity of tens of millions of Americans who buy and sell stocks and other securities. “This invites abusive investigatory fishing expeditions, targeting of individuals, and intrusive data mining,” Barr writes in The Wall Street Journal. “Concentrating this sensitive data in a single repository guarantees it inevitably will be hacked, stolen, or misused by bad actors.” Barr mostly dwells on the inappropriateness of government surveillance of millions of people who’ve done nothing suspicious. He adds that “the whole point of the Fourth Amendment is to make the government less efficient by making it jump through hoops when it seeks to delve into private affairs. For an agency to argue that it should be able to avoid these hoops to make investigations easier is to assert that it should be exempt from the Fourth Amendment.” Well stated. This is the same William Barr, however, who also recently took the pages of National Review to persuade his fellow conservatives to support the House Intelligence Committee’s version of FISA reauthorization – which also authorizes many forms of dragnet surveillance. Perhaps it will soon dawn on the supporters of the status quo that the “whole point of the Fourth Amendment” should reach beyond stock trades to include “Everyone’s a Spy,” data purchases and all the other egregious privacy violations of our growing surveillance state. Five Maine lobstermen are suing Maine’s Department of Marine Resources after the agency issued regulations requiring electronic tracking of vessels fishing in federal waters. The plaintiffs allege such tracking violates privacy rights, due process, and equal protection under the Constitution. It’s a red-hot, lobster pot controversy with significant implications on the ever-evolving body of law surrounding geolocation tracking and surveillance.
Maine adopted the tracking regulation in December to comply with a requirement issued by the Atlantic States Marine Fisheries Commission, whose overarching policy objective here is to help protect the North Atlantic right whale. This is certainly a noble objective, but it brings with it troubling implications. Maine Department of Marine Resources Commissioner Patrick Keliher makes the argument that because lobstermen work in a “closely regulated industry,” they have “a greatly reduced expectation of privacy.” It’s a common refrain for those seeking to impose new surveillance measures. But as attorney John Vecchione of the New Civil Liberties Alliance once said, “the expansion of closely regulated-industry theory is a huge, huge danger to liberties for everybody.” Indeed, as society, the economy, and ensuing regulations grow, simply having to get a license could subject any business to warrantless inspections. Such an argument could be used to attach trackers to realtors as they move around from house to house, salespersons, contractors, or any other group of mobile professionals. The U.S. District Court for the District of Maine, where the case was filed, might take a page from the Fifth Circuit, which in 2023 struck down a U.S. Department of Commerce requirement that would have forced charter boat owners to install, at their own expense, a “vessel monitoring system” that would continuously transmit their boats’ location, regardless of whether it was being used for commercial or personal purposes. In that case, the court found that it “borders on incredible” that the government claimed it failed to notice personal privacy concerns in public comments to its rule. The court, further, found that discovery of prime fishing spots in the Gulf would constitute a hardship for many charter operators. Similarly, attorneys for the suing lobstermen argue that they “jealously guard the whereabouts and the techniques they use to place their traps. This is directly correlated to their ability to make a living.” It’s not just fishing locations that are at risk, however. The U.S. Supreme Court has repeatedly held that warrantless GPS tracking constitutes an unlawful search. Tracking someone’s movements, it needn’t be emphasized, can reveal quite a lot about their personal and private lives. As the Maine federal court considers these issues, we side unequivocally with the lobstermen. Simply put, there must be a way to balance the privacy interests of fishermen and the policy objective of protecting marine life. Top-down surveillance mandates seem a poor fit. Forbes reports that federal authorities were granted a court order to require Google to hand over the names, addresses, phone numbers, and user activities of internet surfers who were among the more than 30,000 viewers of a post. The government also obtained access to the IP addresses of people who weren’t logged onto the targeted account but did view its video.
The post in question is suspected of being used to promote the sale of bitcoin for cash, which would be a violation of money-laundering rules. The government likely had good reason to investigate that post. But did it have to track everyone who came into contact with it? This is a prime example of the government’s street-sweeper shotgun approach to surveillance. We saw this when law enforcement in Virginia tracked the location histories of everyone in the vicinity of a robbery. A state judge later found that search meant that everyone in the area, from restaurant patrons to residents of a retirement home, had “effectively been tailed.” We saw the government shotgun approach when the FBI secured the records of everyone in the Washington, D.C., area who used their debit or credit cards to make Bank of America ATM withdrawals between Jan. 5 and Jan. 7, 2021. We also saw it when the FBI, searching for possible foreign influence in a congressional campaign, used FISA Section 702 data – meant to surveil foreign threats on foreign soil – to pull the data of 19,000 political donors. Surfing the web is not inherently suspicious. What we watch online is highly personal, potentially revealing all manner of social, romantic, political, and religious beliefs and activities. The Founders had such dragnet-style searches precisely in mind when they crafted the Fourth Amendment. Simply watching a publicly posted video is not by itself probable cause for search. It should not compromise one’s Fourth Amendment rights. Byron Tau – journalist and author of Means of Control, How the Hidden Alliance of Tech and Government Is Creating a New American Surveillance State – discusses the details of his investigative reporting with Liza Goitein, senior director of the Brennan Center for Justice's Liberty & National Security Program, and Gene Schaerr, general counsel of the Project for Privacy and Surveillance Accountability.
Byron explains what he has learned about the shadowy world of government surveillance, including how federal agencies purchase Americans’ most personal and sensitive information from shadowy data brokers. He then asks Liza and Gene about reform proposals now before Congress in the FISA Section 702 debate, and how they would rein in these practices. A federal court has given the go-ahead for a lawsuit filed by Just Futures Law and Edelson PC against Western Union for its involvement in a dragnet surveillance program called the Transaction Record Analysis Center (TRAC).
Since 2022, PPSA has followed revelations on a unit of the Department of Homeland Security that accesses bulk data on Americans’ money wire transfers above $500. TRAC is the central clearinghouse for this warrantless information, recording wire transfers sent or received in Arizona, California, New Mexico, Texas, and Mexico. These personal, financial transactions are then made available to more than 600 law enforcement agencies – almost 150 million records – all without a warrant. Much of what we know about TRAC was unearthed by a joint investigation between ACLU and Sen. Ron Wyden (D-OR). In 2023, Gene Schaerr, PPSA general counsel, said: “This purely illegal program treats the Fourth Amendment as a dish rag.” Now a federal judge in Northern California determined that the plaintiffs in Just Future’s case allege plausible violations of California laws protecting the privacy of sensitive financial records. This is the first time a court has weighed in on the lawfulness of the TRAC program. We eagerly await revelations and a spirited challenge to this secretive program. The TRAC intrusion into Americans’ personal finances is by no means the only way the government spies on the financial activities of millions of innocent Americans. In February, a House investigation revealed that the U.S. Treasury’s Financial Crimes Enforcement Network (FinCEN) has worked with some of the largest banks and private financial institutions to spy on citizens’ personal transactions. Law enforcement and private financial institutions shared customers’ confidential information through a web portal that connects the federal government to 650 companies that comprise two-thirds of the U.S. domestic product and 35 million employees. TRAC is justified by being ostensibly about the border and the activities of cartels, but it sweeps in the transactions of millions of Americans sending payments from one U.S. state to another. FinCEN set out to track the financial activities of political extremists, but it pulls in the personal information of millions of Americans who have done nothing remotely suspicious. Groups on the left tend to be more concerned about TRAC and groups on the right, led by House Judiciary Chairman Jim Jordan, are concerned about the mass extraction of personal bank account information. The great thing about civil liberties groups today is their ability to look beyond ideological silos and work together as a coalition to protect the rights of all. For that reason, PPSA looks forward to reporting and blasting out what is revealed about TRAC in this case in open court. Any revelations from this case should sink in across both sides of the aisle in Congress, informing the debate over America’s growing surveillance state. The best intentions of Amazon to reduce easy, warrantless surveillance of the American people are being undermined by cheap, Chinese cameras.
PPSA has long tracked the privacy threat of Amazon’s cooperative agreements with more than 2,000 police and fire departments to solicit Ring videos for neighborhood surveillance from customers. In January, we celebrated Amazon’s disabling of its Request for Access tool, a feature that facilitated requests from law enforcement to ask Ring camera owners to volunteer video of their neighbors and neighborhood. The Electronic Frontier Foundation was so impressed by Amazon’s move that they removed Ring from its Atlas of Surveillance, a comprehensive, national map of points of police surveillance. In March, EFF removed 2,530 data points from its Atlas because Amazon will no longer facilitate warrantless requests for consumer video footage. As EFF notes, this does not mean that the police won’t still be able to access Ring footage. PPSA reported in February that law enforcement in central Texas are ho-hum about Amazon’s policy change, telling reporters they will simply appeal to individual households to ask for videos. But at least this means police requests will be tied to actual events, requiring an expenditure of shoe leather after a burglary, car accident, or fire, instead of a broad array of surveillance footage available for police to examine. Around the same time, journalists Stacey Higginbotham and Daniel Wroclawski of Consumer Reports (CR) demonstrated the alarming vulnerability of cheap, Chinese doorbell cameras sold by Amazon, as well as by Walmart, Sears, and Chinese online retailers Shein and Temu. These cameras are sold by the thousands under an ever-shifting array of brand names, but all are connected to the same app called Awit, owned by Shenzen-based Eken Group Ltd., and apparently managed in North America out of an apartment in east Los Angeles County. Higginbotham and Wroclawski reported that with the use of the Awit app, these cameras were easily compromised and used for remote surveillance of their owners – the exact opposite of the purpose of a security camera. They wrote: “People who face threats from a stalker or estranged abusive partner are sometimes spied on through their phones, online platforms, and connected smartphone devices. The vulnerabilities CR found could allow a dangerous person to take control of the video doorbell on their target’s home, watching when they and their family members come and go.” Worse, these doorbells expose their owners’ home IP address and Wi-Fi network name to the internet without encryption. They also lack a visible ID issued by the Federal Communications Commission, making them illegal to sell in the United States. Weeding out junk products is probably a difficult task for Amazon, given the shape-shifting, brand-changing nature of some providers. Like many Chinese-made products, these doorbell cameras are booby-trapped, either through sloppiness or by intention, or perhaps both. It doesn’t take a lot of imagination to envision them being used against U.S. officials, civilian or military, by Chinese intelligence during a crisis. Imagine the intelligence value of seeing National Security Council personnel leaving their homes at the same time around 2 a.m. Amazon’s top search results showed few of these Chinese cameras available now, though it is hard to tell given the plethora of ever-changing brand names. Perhaps Amazon products should come with a cautionary “China” sticker for consumers. The reauthorization of FISA Section 702, which allows federal agencies to conduct international surveillance for national security purposes, has languished in Congress like an old Spanish galleon caught in the doldrums. This happened after opponents of reform pulled Section 702 reauthorization from the House floor rather than risk losing votes on popular measures, such as requiring government agencies to obtain warrants before surveilling Americans’ communications.
But the winds are no longer becalmed. They are picking up – and coming from the direction of reform. Sen. Dick Durbin (D-IL), Chairman of the Senate Judiciary Committee, and fellow committee member Sen. Mike Lee (R-UT), today introduced the Security and Freedom Enhancement (SAFE) Act. This bill requires the government to obtain warrants or court orders before federal agencies can access Americans’ personal information, whether from Section 702-authorized programs or purchased from data brokers. Enacted by Congress to enable surveillance of foreign targets in foreign lands, Section 702 is used by the FBI and other federal agencies to justify domestic spying. According to the Foreign Intelligence Surveillance Act (FISA) Court, under Section 702 government “batch” searches have included a sitting U.S. Congressman, a U.S. Senator, journalists, political commentators, a state senator, and a state judge who reported civil right violations by a local police chief to the FBI. It has even been used by government agents to stalk online romantic prospects. Millions of Americans in recent years have had their communications compromised by programs under Section 702. The reforms of the SAFE Act promise to reverse this trend, protecting Americans’ privacy and constitutional rights from the government. The SAFE Act requires:
Durbin-Lee is a pragmatic bill. It lifts warrants and other requirements in emergency circumstances. The SAFE Act allows the government to obtain consent for surveillance if the subject of the search is a potential victim or target of a foreign plot. It allows queries designed to identify targets of cyberattacks, where the only content accessed and reviewed is malicious software or cybersecurity threat signatures. The SAFE Act is a good-faith effort to strike a balance between national security and Americans’ privacy. It should break the current stalemate, renewing the push for debate and votes on amendments to the reauthorization of Section 702. While Congress debates adding reforms to FISA Section 702 that would curtail the sale of Americans’ private, sensitive digital information to federal agencies, the Federal Trade Commission is already cracking down on companies that sell data, including their sales of “location data to government contractors for national security purposes.”
The FTC’s words follow serious action. In January, the FTC announced proposed settlements with two data aggregators, X-Mode Social and InMarket, for collecting consumers’ precise location data scraped from mobile apps. X-Mode, which can assimilate 10 billion location data points and link them to timestamps and unique persistent identifiers, was targeted by the FTC for selling location data to private government contractors without consumers’ consent. In February, the FTC announced a proposed settlement with Avast, a security software company, that sold “consumers’ granular and re-identifiable browsing information” embedded in Avast’s antivirus software and browsing extensions. What is the legal basis for the FTC’s action? The agency seems to be relying on Section 5 of the Federal Trade Commission Act, which grants the FTC power to investigate and prevent deceptive trade practices. In the case of X-Mode, the FTC’s proposed complaint highlight’s X-Mode’s statement that their location data would be used solely for “ad personalization and location-based analytics.” The FTC alleges X-Mode failed to inform consumers that X-Mode “also sold their location data to government contractors for national security purposes.” The FTC’s evolving doctrine seems even more expansive, weighing the stated purpose of data collection and handling against its actual use. In a recent blog, the FTC declares: “Helping people prepare their taxes does not mean tax preparation services can use a person’s information to advertise, sell, or promote products or services. Similarly, offering people a flashlight app does not mean app developers can collect, use, store, and share people’s precise geolocation information. The law and the FTC have long recognized that a need to handle a person’s information to provide them a requested product or service does not mean that companies are free to collect, keep, use, or share that’s person’s information for any other purpose – like marketing, profiling, or background screening.” What is at stake for consumers? “Browsing and location data paint an intimate picture of a person’s life, including their religious affiliations, health and medical conditions, financial status, and sexual orientation.” If these cases go to court, the tech industry will argue that consumers don’t sign away rights to their private information when they sign up for tax preparation – but we all do that routinely when we accept the terms and conditions of our apps and favorite social media platforms. The FTC’s logic points to the common understanding that our data is collected for the purpose of selling us an ad, not handing over our private information to the FBI, IRS, and other federal agencies. The FTC is edging into the arena of the Fourth Amendment Is Not for Sale Act, which targets government purchases and warrantless inspection of Americans’ personal data. The FTC’s complaints are, for the moment, based on legal theory untested by courts. If Congress attaches similar reforms to the reauthorization of FISA Section 702, it would be a clear and hard to reverse protection of Americans’ privacy and constitutional rights. Ken Blackwell, former ambassador and mayor of Cincinnati, has a conservative resume second to none. He is now a senior fellow of the Family Research Council and chairman of the Conservative Action Project, which organizes elected conservative leaders to act in unison on common goals. So when Blackwell writes an open letter in Breitbart to Speaker Mike Johnson warning him not to try to reauthorize FISA Section 702 in a spending bill – which would terminate all debate about reforms to this surveillance authority – you can be sure that Blackwell was heard.
“The number of FISA searches has skyrocketed with literally hundreds of thousands of warrantless searches per year – many of which involve Americans,” Blackwell wrote. “Even one abuse of a citizen’s constitutional rights must not be tolerated. When that number climbs into the thousands, Congress must step in.” What makes Blackwell’s appeal to Speaker Johnson unique is he went beyond including the reform efforts from conservative stalwarts such as House Judiciary Committee Chairman Jim Jordan and Rep. Andy Biggs of the Freedom Caucus. Blackwell also cited the support from the committee’s Ranking Member, Rep. Jerry Nadler, and Rep. Pramila Jayapal, who heads the House Progressive Caucus. Blackwell wrote: “Liberal groups like the ACLU support reforming FISA, joining forces with conservatives civil rights groups. This reflects a consensus almost unseen on so many other important issues of our day. Speaker Johnson needs to take note of that as he faces pressure from some in the intelligence community and their overseers in Congress, who are calling for reauthorizing this controversial law without major reforms and putting that reauthorization in one of the spending bills that will work its way through Congress this month.” That is sound advice for all Congressional leaders on Section 702, whichever side of the aisle they are on. In December, members of this left-right coalition joined together to pass reform measures out of the House Judiciary Committee by an overwhelming margin of 35 to 2. This reform coalition is wide-ranging, its commitment is deep, and it is not going to allow a legislative maneuver to deny Members their right to a debate. |
Categories
All
|