William Trevor Case v. State of Montana “The poorest man may, in his cottage, bid defiance to all the forces of the Crown. It may be frail; its roof may shake; the wind may blow through it; the storm may enter; the rain may enter; but the King of England may not enter …” William Pitt the Elder, 1763 The U.S. Supreme Court in 2021 reaffirmed the sanctity of the home in Caniglia v. Strom, restricting warrantless entry into a home for “community caretaking” in order to conduct a wellness check on an American in his or her home. Despite this clear precedent, the Supreme Court of Montana allowed warrantless entry into William Case’s home under the “community caretaker” exception supported by a wildly lenient standard that merely requires “specific and articulable facts.” (In this instance, Case v. Montana, Case’s ex-girlfriend reported to police that she thought Case might be suicidal.) On Monday evening, PPSA filed a brief asking the U.S. Supreme Court to review Montana’s decision and preserve the Caniglia standard. The creeping expansion of the “community caretaking” exception extends far beyond the law. Common law has long held that officers could enter a home without a warrant only to apprehend a fleeing felon, or if police witnessed a fight or other event that could lead to imminent harm. There is no law from the Founding-era that would have allowed the police to enter a person’s home without a warrant for “community-caretaking.” PPSA told the Supreme Court: “Another powerful reason to grant review is the diluting effect such a low bar for emergency aid searches would cause in other contexts – especially regarding electronic devices … It seems inevitable that lowering the burden for warrantless home invasion would lower the burdens for warrantless invasion of all other repositories or private information.” If the Montana Supreme Court’s ruling holds, this camel’s nose of community caretaking will threaten to admit not just the whole camel but other strange beasts. What is at stake is ultimately not just the long-held “castle and fortress” view of home privacy that traces back to English common law. It is also that an entry into a home will naturally lead to the next logical step – to “check-in” on someone’s well-being by breaking into the contents of their smartphone or other electronic devices. Ninety-eight percent of Americans own a cellphone, and 91 percent own a smartphone. The Supreme Court found that in Riley v. California (2014) a “phone not only contains in digital form many sensitive records previously found in the home; it also contains a broad array of private information never found in a home in any form.” Millions of Americans have sensitive information in their phones – apps for alcohol, drug, and gambling addictions; apps for prayer requests; apps for pregnancy symptoms; apps for financial issues; and apps for romance. Cellphones can track Americans’ location, and data that reveals where a person worships, banks, organizes political activities, and a network of friends and associates. If the government may enter the home without a warrant based only on a reasonable belief that an emergency exists – far short of probable cause – the government will surely treat electronic sources of information the same way. The expansion of this doctrine will pose an even greater threat to privacy and the ultimate integrity of the Fourth Amendment. We told the Supreme Court: “The insidious branding almost writes itself: ‘Big Brother’ may be ‘watching you,’ but it is for your own good!” For all these reasons, PPSA urges the Court to grant the petition and hear this case. Suppose you have a next-door neighbor you trusted to help you sell some items online, in exchange for a share of the profits. You give him a key for easy access, and all seems to go well. Sometime later, you can’t remember the combination to your safe, so the locksmith opens it, and you discover your cash is gone. You suspect your neighbor and report him. The police raid his home and collect his cellphone along with other evidence. Law enforcement then obtains a warrant to search the phone, and finds it contains incriminating text messages. A conviction is obtained on that basis. This scenario is based on Michigan v Carson. The warrant in question initially appeared to restrict the phone search to data pertaining to larceny and safe-breaking. So far, so good. But subsequent clauses in the warrant contained language that effectively negated any sensible limitation. The additional language was so expansive as to give authorities carte blanche to search every single piece of data the phone could offer up. What began as a reasonable search within the Constitution’s guardrails for particularity morphed into a broad search amounting to a general warrant. For this reason, PPSA filed an amicus brief before the Michigan Supreme Court showing that the contents of a phone are equivalent to physical documents and other items in a home. Both are personal property and therefore protected from exploratory searches by the Fourth Amendment, which requires that the “things to be seized” be described in very specific terms. This requirement is in fact the heart of the Fourth Amendment – the prohibition of unencumbered search and seizure regularly visited on colonial citizens by British authorities. Searching all data on a modern smartphone is the 21st-century equivalent of ransacking homes and personal property without restriction, only worse. The language in the Carson warrant is something that should give every American just as much pause. The police, it said, could “seize and search” all data on the phone and SIM card, and “all records or documents which were created, modified, or stored in electronic or magnetic form and any data, image, or information that is capable of being read or interpreted by a cellular phone or a computer.” The warrant also contradicted itself by further authorizing the seizure of other physical items, rendering it unconstrained. In the colonial era, this amounted to a writ of assistance, another insidious form of search and seizure that, along with general warrants, were top of mind when the Fourth Amendment was crafted. Whether electronic information or physical belongings, personal “effects” are subject to the same privacy principles. One could painstakingly reconstruct a target’s entire private life using the contents of their phone. It’s arguably a far more intrusive violation than rummaging through the documents in a dwelling. Just think about the contents of your own smartphone for a moment and how you would feel if it was all exposed. It is for this reason that the U.S. Supreme Court held that cellphones contain “the privacies of life.” When it comes to any warrant, its degree of particularity can vary greatly depending on the specifics of the case. But the intent of the Fourth Amendment is that every warrant must be limited in some sensible way. The warrant being challenged in Michigan v Carson contained no limits. Its scope was unbounded and that is why we demonstrated to the Michigan Supreme Court that this search was unconstitutional. Endorses “Appropriate Safeguards” for Section 702 John Ratcliffe slid though his confirmation hearing for his nomination as Director of the Central Intelligence Agency on a greased toboggan. Along the way, he offered encouraging glimpses into his thinking about surveillance reform. Sen. James Lankford (R-OK) spoke up for Section 702, the Foreign Intelligence Surveillance Act authority that allows federal agencies to surveil foreign threats on foreign soil. John Ratcliffe said that Section 702 is “an indispensable national security tool” and noted that information gleaned from programs authorized by that law often comprises half of the president’s daily intelligence briefing. But Ratcliffe also acknowledged that Section 702 “can be abused and that we must do everything we can to make sure it has appropriate safeguards.” Ratcliffe told the Senate Select Committee on Intelligence that surveillance “can’t come at the expense of Americans’ civil liberties.” Sen. John Cornyn (R-TX) said that Ratcliffe in a private conversation had observed that surveillance authorities are somewhat like steak knives in the kitchen, useful but dangerous in the wrong hands. The problem in the past, the senator from Texas said, was a “lack of trust in people who’ve had access to those tools.” That seemed to be a reference to the FBI, which in the past had used Section 702 powers to vacuum up the communications of more than 3.4 million Americans. There were also some irritating moments for surveillance reformers in the hearing. Several senators alluded to all critics of Section 702 as wanting to repeal that authority and expose Americans to terrorists and spies. They did so without acknowledging that it is possible to criticize and reform that law without ending it. Under questioning from Sen. Michael Bennet (D-CO), John Ratcliffe spoke of his unique experience as a former House Member who sat on the Judiciary Committee and later the House Intelligence Committee and then served in the executive branch as Director of National Intelligence (DNI). Ratcliffe said that he was surprised that despite having served in the legislative branch on an oversight committee of the intelligence community “there was so much intelligence I learned for the first time as a DNI that I knew no Member of Congress was aware of. And I think that sort of speaks to my approach and understanding that I take seriously the obligation that I will have to keep this committee fully informed on intelligence issues.” John Ratcliffe told the oversight committee point blank that there is much it does not know but should. Perhaps that admission will spur senators to dig deeper and conduct stronger supervision of the intelligence community. A jury in London’s Old Bailey criminal court heard prosecutors last week make a case against a Bulgarian man who had stored enough spy equipment in rented rooms in England to fill the Washington, D.C., Spy Museum. The rooms also contained two devices that should be of interest to any American interested in protecting privacy. Among the thousands of paper and digital exhibits shown to the jury were pendant necklaces, soda bottles, water bottles, and a cap with cameras inside, as well as a device to clone car keys. These surveillance tech devices were allegedly held by 46-year-old Orlin Roussev in a guesthouse at a resort on the east coast of England. Roussev is charged with being part of a Russian plot to employ two devices commonly used by the FBI and state and local law enforcement in domestic cases. Among the items prosecutors say were found were two international mobile subscriber identity, or IMSI, devices worth £160,000. These devices, popularly known as “stingrays” are, in essence, fake cell towers that can pull data out of a nearby cellphone and use it to track its owner’s location. Roussev and several others are accused by British prosecutors of planning to go to Stuttgart, Germany, where Ukrainian soldiers are being trained to operate Patriot missile-defense batteries and to use stingrays to link to their personal phones. The British government says these devices were to then be used to follow the Ukrainian soldiers back to Ukraine, locate them in the battlefield with their Patriot missiles, and target them for annihilation. In a domestic context, stingrays can vacuum up the data and locations of a large number of civilian cellphones in a geofenced area. PPSA has learned that local governments signed an agreement with the FBI that severely restricts what local police and prosecutors can reveal about the use of stingrays in a trial. The agreement’s boilerplate stipulates that if the agency “learns that a District Attorney, prosecutor, or a court” is considering releasing such information, the customer agency must “immediately notify the FBI in order to allow sufficient time for the FBI to intervene …” Once the FBI gains warrantless access to your location and movements, it won’t act like the Russians do and fire an Oreshnik missile at you. But it can follow you everywhere you go, make a case against you in court, and no jury will ever know how this evidence was obtained. Perhaps spies accused of acting for Russia might receive more respect for due process in London than an American targeted by a stingray in your hometown. As much as we oppose warrantless surveillance by the FBI, we acknowledge there is much to fear from foreign threats as well. Outgoing FBI Director Christopher Wray’s interview with Scott Pelley on CBS’s 60 Minutes covered a lot of hot political territory, including Wray’s contentious relationship with President-elect Donald Trump. Regardless of your political leanings, however, you should be alarmed by what Director Wray said about China’s use of surveillance and malware to threaten the people of the United States. Pelley reported that CBS has confirmed that China has been listening to the conversations of the two recent presidential candidates, President-elect Trump and Vice President Kamala Harris. Without naming names, Wray said that the FBI believes that the People’s Republic of China has “collected their content, the actual communications of those people.” Wray doubled down on prior statements that China has stolen trillions of dollars’ worth of intellectual property from the United States over the years. China, he said, “has stolen more of American’s personal and corporate data than that of every nation, big or small.” Wray’s words about Chinese malware were the most chilling. He said the greatest danger is the “Chinese government’s pre-positioning [malware] on American civilian critical infrastructure. To lie in wait on those networks to be in a position to wreak havoc and can inflict real-world harm at a time and place of their choosing.” What areas are China targeting? Wray said: “Things like water treatment plants. We’re talking about transportation systems. We’re talking about targeting of our energy sector, the electric grid, natural gas pipelines. And recently we’ve seen targeting of our telecommunications systems.” The latter appeared to be a reference to reports in October that China gained access to AT&T, Lumen, and Verizon systems that the FBI uses for domestic wiretapping investigations. So China appears to be using the FBI itself for outsourcing its spying on Americans. What would an all-out Chinese malware attack on the United States look like? It would look like the Middle Ages, at least for a while. No air travel. No water at the tap. No electricity, which would shut down gas pumps, which would eventually stop vehicular transportation. After the food trucks stop rolling, the squirrels in your backyard might start to look appealing. There is a growing sense among foreign policy experts that a hybrid-war between the United States and China could occur this year, or within the next few years. It is for this reason that PPSA – which has never donned a tin foil hat – soberly advises you to go online or to a big box retail store and purchase several months’ worth of long-term emergency food supplies. You might also want to store water in clean, BPA-free plastic containers, refreshing them every six months. With any luck, these items will just gather dust in your attic, but they will be providing insurance every minute of the day. Christian Parenti, John Jay College professor of economics, has penned an intriguing, if somewhat mischievous piece in Compact that makes “The Left Case for Kash Patel.” Parenti builds his appeal for liberal support of Patel, President-elect Trump’s nominee to head the FBI, by drawing on the long-time skepticism of the FBI by the left. This tradition harks back to Sen. Frank Church and his eponymous committee that revealed domestic spying by the federal government and the FBI’s scrutiny, sometimes bordering on persecution, of left-wing and liberal activists. Most notoriously, the FBI tried to provoke The Rev. Martin Luther King Jr. into committing suicide, and was involved in the Cook County police raid that is now largely seen as an assassination of radical activist Fred Hampton. “But these days,” Parenti writes, “many leftists in good standing scoff at the very idea of a ‘deep state’ with the intelligence agencies at its heart.” Parenti goes on to recount for his left-leaning readers conservative complaints about the FBI’s interference in the political process, beginning with the FBI’s use of political opposition research smears to persuade the Foreign Intelligence Surveillance Court (FISC) to issue four surveillance orders of Trump campaign aide Carter Page in 2016, and through him a presidential campaign. Parenti writes that the FBI “proceeded to launder accusations derived from” the Steele Report, which it knew was discredited, “through the press and the DC rumor mill and then treated the resulting rumors as if they were real intelligence.” Parenti makes it clear that the FBI also worked for the better part of a year holding 30 meetings with social media companies to “prebunk” the Hunter Biden laptop story, even though the FBI had authenticated the laptop on Hunter Biden’s iCloud storage account. By connecting the FBI’s misconduct against the left and the right, Parenti argues for a few Patel reform proposals that liberals should get behind. Here are two of them: Move the FBI out of Washington: Parenti writes that “Patel suggests most DC-based FBI staff can be sent to existing field offices, and that the top leadership might need to operate by traveling a circuit of regional offices … An FBI located at the center of DC influence-peddling is necessarily different from one that is scattered across America and tasked with fighting interstate fraud and white-collar crime.” Reform the FBI’s interactions with the secret FISA Court: Patel would do this by “introducing some due-process requirements, including written transcripts of its deliberations and a stable of defense attorneys to attack every warrant request.” This is the essence of the Lee-Leahy Amendment, a proposal to inject civil liberties experts to advise the FISA Court whenever a case implicates sensitive rights involving politics, religion, or journalism. That proposal received 77 votes in the Senate in 2020, with strong support from liberal senators. Parenti concludes that Patel’s agenda to radically reform a Bureau that has “a sordid history of targeting trade unions, peace activists, campus radicals, and Black politicians” deserves the support of the left. But he is skeptical that this will happen in today’s polarized Washington. We ask: Why not welcome the chance to bring guardrails to federal surveillance and reforms to end the Bureau’s political interference? Anyone on either side of the aisle concerned with surveillance abuse should hope for – and encourage Patel – to make good on his goals. A solemn promise was made on the floor of the U.S. Senate – and by the Congress to the American people – that has been broken. As a result, most businesses and organizations in the United States that offer free Wi-Fi service now have a legal obligation to spy on their tenants and customers for the National Security Agency and keep that spying secret from them forever. In April the U.S. Senate reauthorized FISA Section 702, an authority that allows federal agencies to spy on foreign targets on foreign soil. Facing an eleventh-hour vote, the Senate took Senate Intelligence Committee Chairman Mark Warner (D-VA) at his word that a flaw in the bill would soon be corrected. Accepting that promise, the Senate reauthorized Section 702. That flaw concerns a provision added to the reauthorization that allows the NSA to force businesses that offer internet communications – from the landlords of office complexes that house journalists and political campaigns, to fitness centers, to houses of worship – to make the communications of their customers secretly available. Janitors and cleaning services with access to equipment and thumb-drives in their pockets can now be legally enlisted to spy for the NSA. All this can be done without bothering with niceties like the U.S. Constitution’s Fourth Amendment and its warrant requirement. Sen. Warner acknowledged that this language defining an “electronic communications service provider” was overbroad and promised a fix to narrow it. Though the target category is classified, that fix is widely believed to be narrowing the provision to providers of cloud communications. To be fair to Sen. Warner, it was a few House Republicans who rejected adding the fix to the Intelligence Authorization Act. And it was some Republicans who fought to reject any narrowing of this vast expansion of the American surveillance state, dubbed by many to be the “Make Everyone a Spy” provision. We still remain dismayed and disappointed that the Chairman of the Senate Intelligence Committee could make such a promise and not see to it that it is kept. But Congress can still redeem itself. Surely Members will not want to disappoint constituents as word spreads about the extent and magnitude of this new, limitless domestic surveillance program. Surely they will also want to live up to a solemn promise made to colleagues. This fix can be enacted next year. In the meantime, PPSA will be working with our surveillance reform allies, left and right, to narrow the “Make Everyone a Spy” provision. If Congress chooses not to keep its word, however, the American people will surely grow alarmed and upset over this expansive surveillance. Keep in mind that the House came within one tie-breaking vote of adding a warrant requirement in the reauthorization of Section 702 this year. The Make Everyone a Spy law will now be Exhibit A in making our case for warrants and against the surveillance state. The Horror … the Horror … of Federal Financial Surveillance Revealed by U.S. House ReportIn a previous blog, we reported on the use of “Suspicious Activity Reports” mandated by the Bank Secrecy Act to spy on politically disfavored groups. We also reported that the government uses these reports to force banks to close the accounts of groups ranging from a trade association to pawn shops, firearms dealers, and a former First Lady. Debanking is an easy way to silence or intimidate people and organizations. Now, thanks to a recent report from the House Judiciary Committee and its Select Subcommittee on the Weaponization of the Federal Government, it is clear that this misuse of this law is even more expansive and worse than we suspected. Congress enacted the Bank Secrecy Act (BSA) to require banks to report to the government suspicious transactions by customers that might indicate that they are linked to terrorism, human trafficking, or drug dealing. The House report reveals that the FBI “has turned this framework on its head” by issuing “requests” – authorized by no law – to demand banks spy on targeted people or organizations. In 48,000 pages of documents, House investigators could confirm only one financial institution requested legal process from the FBI for the information it was seeking. “All too often,” House investigators wrote, “the FBI appeared to receive no pushback.” They concluded: “In sum, the FBI has turned this framework on its head and contravened the Fourth Amendment’s requirement of particularity and probable cause.” While the FBI had an obligation to seek out those who beat police officers and smashed the doors and windows of the Capitol on Jan. 6, it coordinated with the U.S. Treasury Department’s Financial Crimes Enforcement Network (FinCEN) to encourage financial institutions across the country to scour their data and file Suspicious Activity Reports on Americans without any clear criminal nexus. As we reported before, Americans were targeted for going to certain stores, like Dick’s Sporting Goods or a Bass Pro Shop. A Bank Secrecy Act Advisory Group, meant to serve as an advisory body to the Treasury Department, has become a secret service unto itself. House investigators report that this advisory group “is also a tool for federal law enforcement and financial institutions to monitor the private, financial data of American citizens.” The scale of warrantless surveillance under this authority is immense. In 2023, some 25,000 federal, state, and local officials had warrantless access to data acquired under this law. In 2023, government officials ran more than 3.3 million searches of a FinCEN Query program of these reports. FinCEN reports that “472 federal, state, and local law enforcement, regulatory, and national security agencies have access to BSA reports …” And this is just one federal program monitoring Americans financial lives, which is a way of monitoring our personal, romantic, political, and religious lives as well. Reforming the Bank Secrecy Act should be at the top of the agenda for the incoming Trump Administration and the 119th Congress. Allysia Finley in The Wall Street Journal covers the widespread and growing practice of federal agencies’ using the Bank Secrecy Act to surveil and punish politically disfavored groups through “debanking.” Banks face penalties that can go into the billions of dollars if they fail to close an account for a customer who is the target of numerous “Suspicious Activity Reports” (SARs), which flag them as “high risk.” Last year, banks filed 4.6 million SARS, leading to an unknown number of customers losing their accounts. Victims include former First Lady Melania Trump, and groups targeted by some in government such as firearms dealers, payday lenders, and pawn shops. Now the provision has blocked the Blockchain Association, a trade group for the cryptocurrency industry. Barney Frank, a former Chair of the House Financial Services Committee, says that the FDIC seizes banks “to send a message to get people away from crypto.” Finley writes: “The overbreadth in bank reporting is a plus for the government, since it gives the Federal Bureau of Investigation a trove of reports to scour without a warrant. The more info it has on more bank customers, the better, even if most haven’t committed a crime. Regulators prohibit banks from notifying customers if they have filed a SAR.” Unraveling the use of the Bank Secrecy Act to compile voluminous records of Americans’ private financial activities should be high on the list for reform by the incoming Trump administration and the next Congress. Paul Atkins, Donald Trump’s nominee to head the Securities Exchange Commission, will have a chance to roll back big expansions of the federal surveillance state within his first few days on the job. Atkins can do this because outgoing SEC Chair Gary Gensler has pioneered new territory by using his agency to expand the financial surveillance of the American people without clear statutory authorization. The SEC under Gensler has made use of a program called the Consolidated Audit Trail, a database that collects not just investors’ trades, but also the personally identifiable information of 100 million U.S investors in a database run by an agency with a record of vulnerability to hackers. This surveillance is based not on a law, but on SEC’s Rule 613, which was originally meant to respond to the 2010 “flash crash.” Never one to let a crisis go to waste, Gensler expanded what was meant to be a fix to a technical glitch and instead turned it into a national surveillance program. SEC’s Rule 613 now requires self-regulatory organizations, like private stock exchanges, to collect details about private trades on a U.S. exchange. Consequently, some 3,000 federal employees have access to the confidential data of America’s private investors. The SEC under Gensler has also fined 26 financial firms almost $400 million for failing to track the private communications of their employees on their personal phones. Most financial firms already enforce policies that prohibit their employees from using their personal devices and messaging apps like WhatsApp for business. But until now, it was not the business of an employer to force employees to hand over their personal phones for inspection. Perhaps Paul Adkins, as the new SEC Chair, will work to quickly undo Gensler’s handiwork and return a modicum of financial privacy to the American people. President-elect Trump’s nominee as Treasury Secretary, Scott Bessent, has a similar chance to undo bureaucratically conjured surveillance. He can do this by ending the department’s Financial Crimes Enforcement Network’s “beneficial ownership” form, which threatens Americans with prison time and a $10,000 fine if they fail to file this form listing all the owners of their small businesses. There is a lot of warrantless surveillance conducted by the federal government that can only be changed by law, from the purchasing of Americans’ personal data by the IRS, FBI, and many other federal agencies, to the expansion of the “Make Everyone a Spy” law to enable the NSA to force millions of small businesses that provide Wi-Fi to customers to turn over the communications of their customers. Those are heavy lifts that will take considerable effort by Congressional reformers to change. But the SEC and FinCen items are low-hanging fruit. Scott Bessent and Paul Adkins should pick them as soon as possible. DOJ Hid from FISA Court that Surveillance Targets Were Members of Congress and Key Oversight Staff12/17/2024
The first reactions to a report issued last week by Department of Justice Inspector General Michael Horowitz centered on the man-bites-dog irony of the Justice Department having spied on the nominee to head the FBI, Kash Patel. The underlying story is far bigger and as significant as any other of recent surveillance scandals – Horowitz revealed that the government’s lawyers failed to inform a judge in the secret FISA Court that their applications for surveillance were to spy on Members of Congress and senior congressional aides on committees that oversee the Department of Justice. It’s as if you asked a friend if you could borrow her car to go to the store but forget to tell her that the store is in Mexico. Justice Department prosecutors showed just about that level of mendacity in 2017 when they sought communications of Members of Congress, including then-House Intelligence Committee Chairman, Rep. Adam Schiff (D-CA), and Rep. Erik Swalwell (D-CA), 20 Democratic staffers, as well as Patel and 19 other Republican staffers. The intent of the request was to reveal if there was cause-and-effect between their emails and journalists at The Washington Post, The New York Times, and CNN, who wrote stories in those outlets based on a classified leak of “Top Secret/Sensitive Compartmentalized” documents. As it turned out, no crimes or leaks were discovered. Horowitz reveals that DOJ obtained 40 Non-Disclosure Orders forcing communications providers to secretly provide the records of Members of Congress and staffers, with some of the search orders extended up to four years – even though the request involved leaks around the same time frame in 2017. Horowitz concludes:
The Justice Department’s policy did not, at that time, have an internal policy governing the compelled acquisition of congressional communication records from third-parties. Perhaps feeling the heat from outraged Members of Congress, Justice established the requirement in future applications to inform the Justice Department’s Public Integrity Section and a U.S. attorney before surveilling Members of Congress and their staffers in this way. Horowitz found that process insufficient, calling on a new policy that requires the informing of the Attorney General or the Deputy Attorney General. Concerning the surveillance of journalists, Horowitz found that the Justice Department did not comply with all of its internal provisions. For example, a committee dedicated to applications for media surveillance was not convened, as required by Justice Department policy. That policy also required informing the Director of National Intelligence, which the Justice Department did not do in at least one instance. PPSA believes the intelligence agencies are surveilling Congress in many other ways. That is why we have sued not just the Department of Justice, but also the NSA, the FBI, the CIA, and the State Department to learn if these agencies are surveilling current and former Members of Congress with oversight responsibilities over those very agencies. If the intelligence community is surveilling Members of Congress on the Intelligence and Judiciary Committees, then it is a case of the overseen overseeing the overseers. This danger is made much worse by House policies, where relatively few House staffers have security clearances that would allow them to help their bosses keep the intelligence agencies in check. We hope at a minimum that the House will widen staffer clearances, as the Senate has done, to assist in greater oversight of these agencies. We especially hope that incoming President Trump will have his people dig into the practice of surveilling Members of Congress and bring it to light. Expansive Spy Law Even Targets Churches Breitbart recently broke a story that a few recalcitrant House Members are holding up a promised fix to what many referred to as the “Make Everyone a Spy” law. The fix regards an amendment to the reauthorization of FISA Section 702, passed in April, in which pro-surveillance advocates added a requirement that U.S. business owners who offer customers the use of their Wi-Fi and routing equipment be covered as “electronic communication service providers” under the law. This means that any business – your neighborhood fitness center, an office complex that houses journalists, political campaigns, or even a church or other house of worship, as well as a host of other establishments – would face the same requirement as large telecoms to turn over the communications of their customers, no warrant required. This was not meant to happen. As the Senate voted in April to reauthorize FISA Section 702, bipartisan furor erupted over this provision, including leading conservatives in both chambers. Sen. Mark Warner (D-VA), Chairman of the Senate Intelligence Committee, promised his colleagues that the amendment that included this expansive authority would be narrowed to include only one category of business. That category is classified but is widely believed to be data centers that provide cloud computing and storage. With this promise in hand, the Senate voted down an amendment to remove the flawed provision, and immediately passed the reauthorization of Section 702 – all in the belief that the expansive new spy power would soon be curbed. Sen. Warner was true to his word, inserting language into the Senate intelligence bill that narrows the scope of the new measure. Now, in a baffling turn of events, it is the House that is refusing to include the fix in its version of the intelligence bill. Why are some House Members insisting on keeping an authority that allows spying on churchgoers, shoppers, and office workers? Bob Goodlatte, the former chairman of the House Judiciary Committee and PPSA senior policy advisor, told Breitbart News: “This measure passed because of assurances that this insanely broad authority would be narrowed. The promise of a fix was made and accepted in good faith, but that promise is being trashed by advocates for greater surveillance of our citizens. Unless Congress reverses course, Americans’ data that runs through the Wi-Fi and servers of millions of small businesses, ranging from fitness centers to department stores, small office complexes, as well as churches and other houses of worship, will be fair game for warrantless review. This would truly transform our country into a thorough surveillance state. I can’t imagine the next Congress and new Administration would welcome that.” Surely, giving the deep state free rein to spy on Americans is not in keeping with the philosophy of the incoming Trump administration, the new Republican majority in Congress, or most Democrats. Contact your House Member and say: “Please don’t let this legislative year end without narrowing the Electronic Communication Service Provider standard. Congress must keep its promise to fix the Make Everyone a Spy Law.” Why Signal Refuses to Give Government Backdoor Access to Americans’ Encrypted Communications11/4/2024
Signal is an instant messenger app operated by a non-profit to enable private conversations between users protected by end-to-end encryption. Governments hate that. From Australia, to Canada, to the EU, to the United States, democratic governments are exerting ever-greater pressure on companies like Telegram and Signal to give them backdoor entry into the private communications of their users. So far, these instant messaging companies don’t have access to users’ messages, chat lists, groups, contacts, stickers, profile names or avatars. If served with a probable cause warrant, these tech companies couldn’t respond if they wanted to. The Department of Justice under both Republican and Democratic administrations continue to press for backdoors to breach the privacy of these communications, citing the threat of terrorism and human trafficking as the reason. What could be wrong with that? In 2020, Martin Kaste of NPR told listeners that “as most computer scientists will tell you, when you build a secret way into an encrypted system for the good guys, it ends up getting hacked by the bad guys.” Kaste’s statement turned out to be prescient. AT&T, Verizon and other communications carriers complied with U.S. government requests and placed backdoors on their services. As a result, a Chinese hacking group with the moniker Salt Typhoon found a way to exploit these points of entry into America’s broadband networks. In September, U.S. intelligence revealed that China gained access through these backdoors to enact surveillance on American internet traffic and data of millions of Americans and U.S. businesses of all sizes. The consequences of this attack are still being evaluated, but they are already regarded as among of the most catastrophic breaches in U.S. history. There are more than just purely practical reasons for supporting encryption. Meredith Whittaker, president of Signal, delves into the deeper philosophical issues of what society would be like if there were no private communications at all in a talk with Robert Safian, former editor-in-chief of Fast Company. “For hundreds of thousands of years of human history, the norm for communicating with each other, with the people we loved, with the people we dealt with, with our world, was privacy,” Whittaker told Safian in a podcast. “We walk down the street, we’re having a conversation. We don’t assume that’s going into some database owned by a company in Mountain View.” Today, moreover, the company in Mountain View transfers the data to a data broker, who then sells it – including your search history, communications and other private information – to about a dozen federal agencies that can hold and access your information without a warrant. When it comes to our expectations of privacy, we are like the proverbial frogs being boiled by degrees. Whittaker says that this is a “trend that really has crept up in the last 20, 30 years without, I believe, clear social consent that a handful of private companies somehow have access to more intimate data and dossiers about all of us than has ever existed in human history.” Whittaker says that Signal is “rebuilding the stack to show” that the internet doesn’t have to operate this way. She concludes we don’t have to “demonize private activity while valorizing centralized surveillance in a way that’s often not critical.” We’re glad that a few stalwart tech companies, from Apple and its iPhone to Signal, refuse to cave on encryption. And we hope there are more, not fewer, such companies in the near future that refuse to expose their customers to hackers and government snooping. “We don’t want to be a single pine tree in the desert,” Whittaker says, adding she wants to “rewild that desert so a lot of pine trees can grow.” We’re all resigned to the need to go through security at high-profile sporting and cultural events, just as we do at the airport. The American Civil Liberties Union is raising the question – will that level of scrutiny be the new normal at the mall, at open-air tourist attractions, outdoor concerts, and just plain walking around town? The Department of Homeland Security (DHS) is investing in research and development to “assess soft targets and address security gaps” with new technology to track people in public places. It is funding SENTRY, the Soft Target Engineering to Neutralize the Threat Reality. SENTRY will combine artificial intelligence from the “integration of data from multiple sources,” which no doubt will include facial recognition scans of everyone in a given area to give them a “threat assessment.” We do not dismiss DHS’s concern. The world has no lack of violent people and our country is full of soft targets. Just hark back to the deranged shooter in 2017 who turned the Route 91 Harvest music festival in Las Vegas into a shooting gallery. He killed 60 people and wounded more than 400. A similar act by a terrorist backed by a malevolent state could inflict even greater casualties. But we agree with ACLU’s concern that such intense inspection of Americans going about their daily business could lead to the “airportization” of America, in which we are always in a high-security zone whenever we gather. ACLU writes that “security technology does not operate itself; people will be subject to the petty authority of some martinet guards who are constantly stopping them based on some AI-generated flag of suspicion.” We would add another concern. Could SENTRY be misused, just as FISA Section 702 and other surveillance authorities have been misused? What is to keep the government from accessing SENTRY data for warrantless political surveillance, whether against protestors or disfavored groups targeted by biased FBI agents? If this technology is to be deployed, guardrails are needed. PPSA seconds ACLU’s comment to the watchdog agency, the Privacy and Civil Liberties Oversight Board (PCLOB), that asks it to investigate AI-based programs as they develop. Congress should watch the results of PCLOB’s efforts and follow up with legal guardrails to prevent the misuse of SENTRY and similar technologies. Supreme Court Justice Oliver Wendell Holmes observed that anyone “who respects the spirit as well as the letter of the Fourth Amendment would be loath to believe that Congress intended to authorize one of its subordinate agencies to sweep all our traditions into the fire to direct fishing expeditions into private papers on the possibility that they may disclose evidence of crime.” A century after Justice Holmes delivered that warning, the U.S. Securities and Exchange Commission is doing just that. This agency is methodically sweeping all our traditions into the fire to direct fishing expeditions that treat every investor as a criminal suspect. The good news is that the constitutionality of the SEC’s program is on trial in a case now before a federal judge in Waco, Texas. Here’s the background: Historically, when the SEC has suspected someone of insider trading, it had to issue an investigative subpoena. Then in 2010, the market suffered the “flash crash” – a trillion-dollar decline caused by technical glitches that lasted for 36 minutes. The SEC responded to this technical glitch by proposing Rule 613, which established the Consolidated Audit Trail (CAT), a database that collects not just investors’ trades, but also their privately identifiable information. This “solution” had nothing to do with the crash, but it perfectly illustrates former Chicago Mayor Rahm Emmanuel’s dictum that “you never want a serious crisis to go to waste.” Rule 613 requires self-regulatory organizations, like private stock exchanges, to collect every detail about trades in securities on a U.S. exchange. It also includes confidential data on more than 100 million private investors, making it the largest database outside of the National Security Agency. This database includes investors’ names, dates of birth, taxpayer identification numbers, Social Security numbers, and more. Now two Texas investors, in affiliation with the National Center for Public Policy Research, are suing the SEC for this massive violation of privacy. Their lawsuit, represented by the New Civil Liberties Alliance, could be required reading for law students seeking to understand the application of our constitutional rights, beginning with the Fourth Amendment. This lawsuit makes the case:
The lawsuit makes a convincing case that the U.S. Supreme Court’s 2018 Carpenter decision – which held that the government violates the Fourth Amendment whenever it seeks a suspect’s cellphone location history without a warrant – should make this case against CAT a slam-dunk. After all, the plaintiffs assert that unlike the issue in Carpenter, “with Rule 613 SEC does not need an investigative predicate, much less a court order, to obtain and analyze private information, nor is the information limited to any particular person or time frame.” Even if a federal judge declares CAT to be unconstitutional, however, it will only strike down one of many intrusive violations of Americans’ financial privacy by federal agencies. These include a new requirement of all business owners to file “beneficial ownership” forms, for which any American business owner can face two years in prison for a clerical mistake, and the U.S. Treasury’s Financial Crimes Enforcement Networks snooping into Americans’ financial transactions with the coerced cooperation of 650 private financial institutions. Once the election is over, Congress should pass the “Protecting Investors' Personally Identifiable Information Act,” introduced by Sen. John Kennedy, (R-LA), and Rep. Barry Loudermilk, (R-Ga.), which would allow the SEC to obtain personally identifiable information only by requesting it on a case-by-case basis. As the risks of the SEC’s reckless program become clearer, more Members of Congress should embrace another Holmes dictum: “State interference is an evil, where it cannot be shown to be a good.” The Securities and Exchange Commission is tracking the 61 percent of Americans who buy and sell stocks, from the trades they make to their personal identifying information. Some 3,000 SEC bureaucrats now have ready access to this database containing every single stock in the United States in a database called the Consolidated Audit Trail. Marc Wheat of Advancing American Freedom in The Washington Examiner writes: “The database is a disaster for the privacy of millions of people. In terms of the amount of information collected, only the National Security Agency’s data-collection program is larger, and that database is not focused on people. What is worse, these types of databases are not secure. In 2016, hackers made off with over $4 million by trading on at least 157 nonpublic earnings releases from the SEC’s very own Electronic Data Gathering, Analysis, and Retrieval system. “A commission that cannot protect a filing system that processes 1.7 million filings every year cannot be trusted to maintain the security of what will likely become a 100 million data point database. It is only a matter of time before it is breached, leaking people’s personal information to nefarious actors.” Government Promises to Protect Personal Data While Collecting and Using Americans’ Personal Data10/21/2024
Digital data, especially when parsed through the analytical lens of AI, can detail almost every element of our personal lives, from our relationships to our location histories, to data about our health, financial stability, religious practices, and political beliefs and activities.
A new blog post from the White House details a Request for Information (RFI) from OMB’s Office of Information and Regulatory Affairs (OIRA) seeking to get its arms around this practice. The RFI seeks public input on “Federal agency collection, processing, maintenance, use, sharing, dissemination, and disposition of commercially available information (CAI) containing personally identifiable information (PII).” In plain language, the government is seeking to understand how agencies – from the FBI to the IRS, the Department of Homeland Security, and the Pentagon – collect and use our personal information scraped from our apps and sold by data brokers to agencies. This request for public input follows last year’s Executive Order 14110, which represented that “the Federal Government will ensure that the collection, use, and retention of data is lawful, is secure, and mitigates privacy and confidentiality risks.” What to make of this? On the one hand, we commend the White House and intelligence agencies for being proactive for once on understanding the privacy risks of the mass purchase of Americans’ data. On the other hand, we can’t shake out of our heads Ronald Reagan’s joke about the most terrifying words in the English language: “I’m from the government and I’m here to help.” The blog, written by OIRA administrator Richard L. Revesz, points out that procuring “CAI containing PII from third parties, such as data brokers, for use with AI and for other purposes, raises privacy concerns stemming from a lack of transparency with respect to the collection and processing of high volumes of potentially sensitive information.” Revesz is correct that AI elevates the privacy risks of data purchases. The government might take “additional steps to apply the framework of privacy law and policy to mitigate the risks exacerbated by new technology.” Until we have clear rules that expressly lay out how CAI is acquired and managed within the executive branch, you’ll forgive us for withholding our applause. This year’s “Policy Framework for Commercially Available Information” released by Director of National Intelligence Avril Haines, ordered all 18 intelligence agencies to devise safeguards “tailored to the sensitivity of the information” and produce an annual report on how each agency uses such data. It is hard to say if Haines’ directive represents a new awareness of the Orwellian potential of these technologies, or if they are political theater to head off legislative efforts at reform. Earlier this year, the U.S. House of Representatives passed the Fourth Amendment Is Not For Sale Act, which would subject purchased data to the same standard as any other personal information – a probable cause warrant. The Senate should do the same. The government’s recognition of the sensitivity of CAI and accompanying PII is certainly a step in the right direction. It is also clear that intelligence agencies have every intention of continuing to utilize this information for their own purposes, despite lofty proclamations and vague policy goals about Americans’ privacy. To quote Ronald Reagan again, when it comes to the promises of the intel community, we should “trust but verify.” The recent approval of the House Intelligence Committee’s annual intelligence policy bill sets up a critical moment for the ongoing debate over surveillance powers, particularly the controversial FISA Section 702. While the bill does not include a provision to narrow the definition of "electronic communication service providers" (ECSP), this issue will soon come to a head in the House-Senate conference. Rep. Jim Himes (D-CT) signaled his acceptance of Senate Intelligence Chair Mark Warner’s "technical fix," which would narrow the scope of the ECSP definition. Himes said the change “would be totally fine with me,” and that “I always believed that the language was overbroad in the initial amendment…” This change would prevent ordinary businesses—like coffee shops or small offices—from being forced to assist in government surveillance. While Himes expressed he would be "totally fine" with Warner’s proposal, the issue has yet to be fully debated or incorporated into House legislation. We’ve seen efforts at reform falter before, and the final outcome will be determined behind closed doors in the House-Senate conference, where transparency is sorely lacking. As we’ve previously noted, broadening the ECSP definition without clear limitations would create a “Make Everyone a Spy” law, enlisting small businesses into the surveillance apparatus. Moreover, the administration’s reassurance that the law will only be applied to specific providers, based on a classified FISA court decision, is insufficient. History shows that such promises often erode over time, allowing the intelligence community to expand its surveillance reach through legal loopholes. John Wiegmann, the new top lawyer for the Office of the Director of National Intelligence, also supported Warner’s. But as with everything, we want to see the changes in writing in the bill. The closed-room conference between the House and Senate is where these decisions will play out, but the lack of public scrutiny makes it a fraught process. Given past betrayals on surveillance reform, we have ample reason for anxiety. Privacy advocates must remain vigilant and press for real reforms that ensure no further expansion of surveillance powers. The House and Senate need to guarantee that any changes made truly limit the scope of ECSPs and protect Americans from warrantless data collection. PPSA will be monitoring this situation closely as it unfolds. The Project for Privacy and Surveillance Accountability recently submitted a series of FOIA requests to law enforcement and intelligence agencies seeking critical information on how the agencies handle data obtained through the use of cell-site simulators, also known as Stingrays or Dirtboxes, which impersonate cell towers and collect sensitive data from wireless devices. Specifically, PPSA submitted requests to DOJ, CIA, DHS, NSA, and ODNI. These requests focus on what happens after the government collects this data. As PPSA’s requests state, PPSA “seeks information on how, once the agency obtains information or data from a cell-site simulator, the information obtained is used.” We are particularly interested in learning about the agencies’ policies for data retention, usage, and deletion, especially for data collected from individuals who are not the target of surveillance. PPSA has long been concerned with the invasive nature of these surveillance tools, which capture not only targeted individuals' data but also data from anyone nearby. As we previously stated in a 2021 FOIA request, “this technology gives the government the ability to conduct sweeping dragnets of metadata, location, and even text messages from anyone within a geofenced area.” These FOIA requests specifically demand transparency about what happens after the government collects such data. We seek records regarding policies on data retention, use, and destruction, particularly for information unrelated to surveillance targets. As our requests state, “PPSA wishes to know what policies govern such use and what policies, if any, are in place to protect the civil liberties and privacy of those whose data might happen to get swept up in a cell-site simulator’s data collection activities.” As we previously highlighted, Stingrays represent a significant intrusion into personal privacy, and we are committed to holding the government accountable for its use of such tools. By pursuing these requests, we aim to inform the public about the scope and potential risks of the agencies’ surveillance activities, and to push for greater safeguards over Americans’ private information. PPSA will continue to push towards transparency, and we will keep the public informed of our efforts. The Cato Institute is challenging the FBI and Department of Justice in court to demand transparency regarding the government’s warrantless surveillance practices under Section 702 of the Foreign Intelligence Surveillance Act (FISA). The lawsuit, brought under the Freedom of Information Act (FOIA), seeks the release of records on how well the FBI is complying with restrictions placed on the use of this controversial program. Section 702 allows U.S. agencies to monitor communications between foreigners abroad, but it has also been used to capture the communications of Americans, leading to allegations of overreach and privacy violations. Despite bipartisan efforts in Congress to reform or even dismantle Section 702, the public has been kept in the dark about whether any meaningful changes have occurred. Cato has been stonewalled in its efforts to obtain information that could reveal the extent of this surveillance. As Cato Senior Fellow Patrick Eddington pointed out: “When the FBI stonewalls public records requests about a massive surveillance program that gobbles up billions of communications yearly — including yours and mine — it’s violating the law… A law its agents and managers are sworn to uphold.” This case is about more than just documents; it’s about shedding light on potential abuses of power and ensuring that the law protects ordinary citizens from unwarranted government surveillance. The lawsuit raises an essential question about the balance between national security and civil liberties. Without transparency, it's impossible to know whether surveillance programs are being misused or if they adequately protect Americans’ privacy. Cato’s case is a crucial step toward uncovering whether the FBI is following the legal limits placed on Section 702 or if it continues to overreach under the cover of secrecy. If successful, this case could force the government to reveal whether it is truly adhering to the law in its use of FISA's broad surveillance powers. At stake is the privacy of millions of Americans whose communications could be intercepted without their knowledge or consent. This case deserves attention from everyone who values privacy and accountability. PPSA is proud to support Cato’s efforts to push for a future where government overreach is kept in check and individual liberties are safeguarded. We look forward to further developments in this case. The Fourth Amendment of the U.S. Constitution requires authorities to obtain a probable cause warrant before entering an American’s property. But Pennsylvania knows better. The Keystone State has a law that permits Waterways Conservation Officers – in plain language, fish wardens – to enter private property without a warrant to enforce fishing laws.
Call it the fishing exception to the Fourth Amendment. Tim Thomas and his late wife Stephanie discovered this purported legal loophole in 2023 while at their home on Butler Lake in Susquehanna County. (Hat tip for this story to Dan King of the Institute for Justice.) Pennsylvania Waterways Conservation Officer Ty Moon terrified Stephanie by banging on her front door, entering the Thomases’ backyard and standing on the porch to bang on her back door. He then took pictures of the couple’s cabin, vehicle, and boat. No warrant needed. The next day, the Thomases had pulled over to the side of the road to pick flowers, only to be confronted by officer Moon, who jumped out his car and accused the couple of illegal fishing. They later received a citation accusing Tim of evading the officer and fishing without a license. The charges were dismissed. Undeterred, Moon surveilled these very dangerous people with binoculars on a stakeout. Thinking he saw more rods on a boat that were legally allowed, he tramped several times up and down the side of the Thomases’ property, each time walking past a window where Stephanie, who was battling Stage IV cancer, had settled into a bath. (See the Institute for Justice’s compelling video on the case here.) The officer again accused the couple of breaking the law. This case against the Thomases also collapsed in court. Now the Institute for Justice has filed a federal lawsuit against the Pennsylvania Fish and Boat Commission seeking to strike down this blatantly unconstitutional law. “You don’t lose your constitutional rights simply because you happen to live near a lake,” says Institute for Justice attorney John Wrench. “That’s why we’re challenging the Pennsylvania statute that authorizes these outrageous searches.” We could end this piece with puns about wardens fishing for a crime, or the same wardens having to face the scales of justice, or constitutional arguments that will be like shooting fish in a barrel. But we see two larger issues with serious implications arising from this case. The first is that lawmakers in a major American state could be so out of touch with the roots of the law that they thought that there could be a fishing exception to the Constitution’s Fourth Amendment. Second, if a fish warden can be this invasive and clueless, just imagine how dangerous federal agencies can be on cases where the stakes go well beyond a mere citation. Sen. Mike Lee (R-UT) is advancing his new Saving Privacy Act to protect Americans’ personal financial information from warrantless snooping by federal agencies.“The current system erodes the privacy rights of citizens, while doing little to effectively catch true financial criminals,” Sen. Lee said. The bill’s co-sponsor, Sen. Rick Scott (R-FL), added: “Big government has no place in law-abiding Americans’ personal finances. It is a massive overreach of the government and a gross violation of their privacy.”
Are these two senators paranoid? Or are they reacting to genuine “massive overreach” from a government that already illicitly spies on Americans’ personal finances? Consider what PPSA has reported in the last three years:
“Traditionally, Americans’ financial holdings are kept between them and their broker, not them, their broker, and a massive government database,” state auditors and treasurers wrote in a recent letter to House Speaker Mike Johnson. “The only exception has been legal investigations with a warrant.”
TRAC sucks in wire transfers within the United States between American citizens, as well as with those sending or receiving money from abroad. Sen. Wyden told The Wall Street Journal that TRAC lets the government “serve itself an all-you-can-eat buffet of Americans’ personal financial data while bypassing the normal protections for Americans’ privacy.”
Could that actually happen? It did across the border, when the Canadian government used emergency powers to debank truckers engaged in a political protest. At home, the tracking of Americans’ spending is a Fourth Amendment violation that inevitably leads to the degradation of the First Amendment.
Sen. Lee’s bill counters this financial surveillance state by repealing many of the reporting requirements of the Bank Secrecy Act. It also repeals the Corporate Transparency Act (which forces small businesses to reveal their ownership), closes the SEC’s database on Americans’ trades, prohibits the creation of a Central Bank Digital Currency, and requires congressional approval before any agency can create a database that collects personally identifiable information of U.S. citizens. Finally, Sen. Lee’s Saving Privacy Act would institute punishments for federal employees who release Americans’ protected financial information, while establishing a private right of action for Americans and financial institutions harmed when their privacy is compromised by the government. The Saving Privacy Act is a landmark bill that deserves to become the basis of debate and action in the next Congress. The FBI, which surveilled academics at the University of California, Berkeley, in the 1950s and 1960s, is now reaching out to a think tank on that campus for help in devising ways to break encryption and other privacy measures used by consumers and private social media companies.
In this task, the FBI is seeking advice from the Center for Security in Politics, founded by former Arizona governor and Homeland Security Secretary Janet Napolitano, to devise ways to access the contents of communications from apps and platforms. “We need to work with our private-sector partners to have a lawful-access solution for our garden-variety cases,” one FBI official at the event told ABC News. The FBI’s actions are in keeping with a growing global crackdown on encryption, highlighted by the recent arrest of Telegram founder Pavel Durov in France. We could take days trying to unravel this Gordian knot of ironies. Better to just quote Judge James C. Ho of the Fifth Circuit Court of Appeals, who wrote in a recent landmark opinion on geofence warrants that: “Hamstringing the government is the whole point of our Constitution.” In finding geofencing the data of large numbers of innocent people unconstitutional, Judge Ho noted that “our decision today is not costless. But our rights are priceless.” The FBI has a lot of tools to catch the drug dealer, the pornographer and the sex trafficker. After all, the Bureau has been doing that for decades. The best mission for the partnership between the FBI and the Center for Security in Politics would be to focus on the “lawful-access” part of their quest. With so many smart people in the room, surely they can invent new and effective ways to solve many crimes while honoring the Fourth Amendment. The U.S. Department of Justice is pioneering ever-more dismissive gestures in its quest to fob off lawful Freedom of Information Act (FOIA) requests seeking to shed light on government surveillance. One PPSA FOIA request, aimed at uncovering details about the DOJ's purchase of Americans’ commercially available data from third-party data brokers, sets a new record for unprofessionalism.
Until now, we had become used to the Catch-22 denials in which the government refuses to even conduct a search for responsive records with a Glomar response. This judge-made doctrine allows the withholding of requested information if it is deemed so sensitive that the government can neither confirm nor deny its existence. But when the government issues a Glomar response without first conducting a search, we can only ask: How could they know that if they haven’t even searched for the records? DOJ’s latest response that arrived this week, however, is a personal best. The DOJ’s response shows that it didn’t bother to even read our FOIA request. Our request sought records detailing the DOJ's acquisition of data on U.S. persons and businesses, including the amounts spent, the sources of the data, and the categories of information obtained. This request was clearly articulated and included a list of DOJ components likely to have the relevant records. Despite this clarity, DOJ responded by stating that the request did not sufficiently identify the records. DOJ's refusal to conduct a proper search appears to be based on a misinterpretation, either genuine or strategic, of our request. DOJ claimed an inability to identify the component responsible for handling a case based solely on the “name” of the case or organization. However, PPSA's request did not rely on any such identifiers. Instead, DOJ's response indicates that it may have resorted to a generic form letter to reject our request without actually reviewing its contents. Precedents like Miller v. Casey and Nation Magazine v. U.S. Customs Service establish that an agency must read requests “as drafted” and interpret them in a way that maximizes the likelihood of uncovering relevant documents. DOJ’s blanket dismissal is not just a bureaucratic oversight. It is an affront to the principles of openness and accountability that FOIA is designed to uphold. If the DOJ, the agency responsible for upholding the law, continues to disregard its legal obligations, it sets a dangerous precedent for all government agencies. The good news is that DOJ’s Office of Information Policy has now ordered staff to conduct a proper search in response to PPSA’s appeal, a directive that should have been unnecessary. It remains to be seen whether the DOJ will comply meaningfully or continue to obstruct … perhaps with another cookie-cutter Glomar response. How far might DOJ go to withhold basic information about its purchasing of Americans’ sensitive and personal information? In a Glomar response to one of our FOIA requests in 2023, DOJ came back with 40 redacted pages from a certain Mr. or Mrs. Blank. They gave us nothing but a sea of black on each page. The only unredacted line in the entire set of documents was: “Hope that’s helpful.” This latest response is just another sign that those on the other end of our FOIA requests are treating their responsibilities with flippancy. This is unfortunate because the American public deserves to know the extent to which our government is purchasing and warrantlessly accessing our most private information. Filing these requests and responding to non-responsive responses administratively and in court is laborious and at times frustrating work. But somebody has to do it – and PPSA will continue to hold the government accountable. The Texas Observer reports that the Texas Department of Public Safety (DPS) signed a 5-year, nearly $5.3 million contract for the Tangles surveillance tool, originally designed by former Israeli military officers to catch terrorists in the Middle East.
In its acquisition plan, DPS references the 2019 murder of 23 people at an El Paso Walmart, as well as shooting sprees in the Texas cities of Midland and Odessa. If Tangles surveillance stops the next mass shooter, that will be reason for all to celebrate. But Tangles can do much more than spot shooters on the verge of an attack (assuming it can actually do that). It uses artificial intelligence to scrape data from the open, deep, and dark web, combining a privacy-piercing profile of anyone it targets. Its WebLoc feature can track mobile devices – and therefore people – across a wide geofenced area. Unclear is how DPS will proceed now that the Fifth Circuit Court of Appeals in United States v. Jamarr Smith ruled that geofence warrants cannot be reconciled with the Fourth Amendment. If DPS does move forward, there will be nothing to keep the state’s warrantless access to personal data from migrating from searches for terrorists and mass shooters, to providing backdoor evidence in ordinary criminal cases, to buttressing cases with political, religious, and speech implications. As the great Texas writer Molly Ivins wrote: “Many a time freedom has been rolled back – and always for the same sorry reason: fear.” |
Categories
All
|