PPSA previously commented on a New York Times scoop in April that revealed a contractor for the U.S. government had purchased and used a spy tool from NSO, the Israeli firm that developed and released Pegasus software into the wild – which can turn smartphones into pervasive surveillance tools.
The White House was surprised that its own government did business with NSO a few days after the administration had put that firm on the no-business “Entity List.” NSO was placed on this blacklist because its products, the U.S. Commerce Department declared, “developed and supplied spyware to foreign governments that used these tools to maliciously target government officials, journalists, businesspeople, activists, academics, and embassy workers.”
Understandably upset, the White House tasked the FBI to sleuth out who in the government might have violated the blacklist and used the software. Mark Mazzetti, Ronen Bergman, and Adam Goldman of The Times report that months later the FBI has come back with a definitive identification of this administration’s scofflaw.
The FBI followed the breadcrumbs and discovered, you guessed it, that it was the FBI.
Fortunately, the FBI did not purchase the “zero-day” spyware Pegasus, but another spy tool called Landmark, which pings the cellphones of suspects to track their movements. The FBI says it used the tool to hunt fugitives in Mexico. It also claims that the middleman, Riva Networks of New Jersey, had misled the FBI about the origins of Landmark. Director Christopher Wray discontinued this contract when it came to light.
Meanwhile, The Times reports that two sources revealed that contrary to the FBI’s assertions, cellphone numbers were targeted in Mexico in 2021, 2022, and into 2023, far longer than the FBI says Landmark was used.
We should not overlook the benefits of such FBI investigations. In fact, PPSA has a tip to offer. We suggest that the FBI track down the government bureau that has been routinely violating the U.S. Constitution by conducting backdoor searches with FISA Section 702 material, as well as warrantlessly surveilling Americans purchased data.
More to follow.
Exhibit A for the PRESS Act – Judge Orders CBS’s Catherine Herridge to Reveal Her Confidential Sources
With perfect timing, Judge Christopher Cooper of the U.S. District Court in DC provided the U.S. Senate today with ample to reason to follow the example of the House and pass the PRESS Act. The judge seeks to compel CBS News senior correspondent Catherine Herridge to reveal her confidential source or sources for a news series she published when she was a journalist at Fox News.
Confidentiality is the lifeblood of a free press. From Watergate to Harvey Weinstein, confidential sources have helped journalists bring to light malfeasance and hidden crimes that otherwise would have continued. And a strong reporting culture is a counter to the growing surveillance state enabled by technology. That is why in September 2022, the House unanimously passed the bipartisan Protect Reporters from Exploitive State Spying, or PRESS Act – and why the House Judiciary Committee unanimously approved it again on July 19 of this year.
This measure would bring the federal government up to speed with 49 states by shielding reporters from choosing between jail or ratting out whistleblowers and sources as ordered by a federal judge or prosecutor. The PRESS Act is reasonable legislation, allowing for exceptions in extreme cases.
PPSA has long admired Catherine Herridge’s impartial and fearless reporting. We support her and all journalists who face these dilemmas. This is all the more reason why the House should again pass this bill and the U.S. Senate should take up the PRESS Act when Congress returns after August recess.
July was a banner month for surveillance reform. For years, civil libertarians have warned about the widespread practice of third-party data brokers selling Americans’ most sensitive and private information, scraped from our apps, to more than a dozen federal intelligence and law enforcement agencies, including the FBI, Drug Enforcement Administration, and the many agencies of the Department of Homeland Security.
The public is alarmed. Lawmakers in both parties are beginning to take effective action.
In July, the House Judiciary Committee unanimously passed The Fourth Amendment Is Not for Sale Act, which would restrict the ability of government agencies to warrantless extract Americans’ personal information from data purchases. Sen. Ron Wyden (D-OR) is reintroducing this measure in the Senate.
If the will of the Congress wasn’t clear enough, also in July the House passed an amendment sponsored by Rep. Warren Davidson (R-OH) and Sara Jacobs (D-CA) to the National Defense Authorization Act that expressly prohibits half of the intelligence community, including the NSA and the Defense Intelligence Agency, from purchasing our data at all, absent a warrant, court order, or subpoena.
Supporters of similar reforms range from the conservative Chairman of the House Judiciary Committee, Jim Jordan, to the liberal Ranking Member and former Chairman, Jerry Nadler. A passion for surveillance reform brings together respected members from Rep. Thomas Massie (R-KY) to Rep. Zoe Lofgren (D-CA), from Sen. Wyden to Sen. Mike Lee (R-UT).
It might seem, then, that surveillance reform is now a slam-dunk certainty. It isn’t.
Consider the fate of Lee-Leahy, a bill that would have imposed the rather modest goal of requiring the judges of the Foreign Intelligence Surveillance Act (FISA) court to seek the advice of civil liberties experts in cases that involve significant civil rights concerns when political, religious, or journalistic groups are surveilled and investigated. That measure passed the Senate in 2020 by an overwhelming 77 votes. Then, through a process of legislative confusion and the Trump Administration’s policy contortions, this modest and popular bill sailed into the round file like a paper airplane.
The Davidson-Jacobs Amendment and The Fourth Amendment Is Not For Sale Act risk dying in a far less dramatic way than Lee-Leahy did. All the elected champions of the surveillance state have to do is let these measures die in the darkness of a committee room or the Senate calendar. More good legislation has been killed by benign neglect than by explicit filibusters.
Any American who cares about privacy and civil liberties must draw two conclusions from this realization.
First, now more than ever, civil libertarians need to ramp up the activity. Members of Congress must know that this year we won’t settle for feel-good, symbolic votes. The Fourth Amendment Is Not For Sale Act must get a floor vote in the Senate.
Second, civil libertarians must continue to insist that FISA’s Section 702, an authority under which the government surveils foreigners, must be reformed so that it cannot continue to be used by the FBI and other agencies as a domestic surveillance tool. This reform must necessarily include closing the legal loophole that allows the government to buy our personal information and thumb through it, all without a warrant.
As Kenny Loggins sang so long ago, “this is it!” Our back is to the corner. Join the efforts of the civil liberties community by clicking here to stand up and fight!
One of the frustrations – there are many – of trying to pry answers about surveillance policy from federal agencies with Freedom of Information Act (FOIA) requests are the heavy redactions to responsive documents that protect “sources and methods.”
No one wants to blow a technique by which government intelligence and law enforcement agencies track bad guys. And no one wants an undercover agent or a confidential informant to wind up tied to a chair in dank basement because their cover was blown.
And so when redactions come back with heavy ink, we are supposed to trust that the government has good reasons for holding back that information. According to an Executive Order issued by President Obama, EO 13526, information cannot be classified by the government to merely spare an agency embarrassment.
Enter Paul Sperry of RealClear Investigations, who brings to light a new twist in a saga that we thought had been thoroughly explored – the problems with the FBI’s four applications to surveil Trump campaign advisor Carter Page in 2016 and 2017.
Sperry reports that redactions in a “Classified Appendix” to Special Counsel John Durham’s final report have nothing to do with sources and methods. It concerns an FBI request to the secret FISA Court to allow the Bureau to continue spying on Carter Page in early 2017. The FBI indicated that it had verified a rumor that Page had worked with the Kremlin to swing the recent election in Trump’s favor.
When the black ink is stripped away, Sperry reports, what did the redactions hide? They disguised the fact that the FBI took this investigative lead from a news story in The Washington Post, which the newspaper later retracted after determining it to be false.
So that’s the FBI’s “source and method” deemed so sensitive that it had to be hidden from the public?
It was a subscription to The Washington Post.
Who knows what other embarrassments government hides with its redactions. When all else fails, the government can simply refuse to respond at all by issuing a Glomar response. This is a court-created doctrine that came out of a super-secret CIA project to refloat a sunken Soviet submarine. Ever since, the Glomar response has been used to protect information so sensitive that the government is allowed to neither confirm nor deny… anything.
So forgive us if we’re jaded enough to believe that much of the black ink and Glomar responses are just the government protecting its own backside.
The unanimous passage of the Fourth Amendment Is Not for Sale Act by the House Judiciary Committee, as well as the expiration of Section 702 of the Foreign Intelligence Surveillance Act, is spurring the National Security Agency into a furious lobbying campaign of the public and Congress to stop surveillance reform.
NSA lobbyists argue that it would be hobbled by the House measure, which would require agencies to obtain a probable cause warrant before purchasing Americans’ private data. Former intelligence community leaders are also making public statements, arguing that passage of Section 702 of the Foreign Intelligence Surveillance Act (FISA) with any meaningful changes or reforms would simply be too dangerous.
George Croner, former NSA lawyer, is one of the most active advocates of the government’s “nothing to see here, folks” position.
In March, Croner portrayed proposals for a full warrant requirement as a new and radical idea. He quoted two writers that concern over warrantless, backdoor searches is a concern of “panicky civil libertarians” and right-wing conspiracy theorists. In a piece this week, Croner co-authored a broadside against the ACLU’s analysis of the NSA’s and FBI’s mass surveillance.
For example, Croner asserts that civil liberties critics are severely undercounting great progress the FBI has made in in reducing U.S. person queries, a process in which agents use the names, addresses, or telephone numbers of Americans to extract their private communications. Croner celebrates a 96 percent reduction in such queries in 2022 as a result of process improvements within the FBI.
But, to paraphrase the late, great Henny Youngman, 96 percent of what? Ninety-six percent of a trillion data points? A quadrillion? The government’s numbers are murky and ever-changing, but the remaining amount appears, at the very least if you take these numbers at face value, to constitute well over 200,000 warrantless searches of Americans.
Elizabeth Goitein of the Brennan Center for Justice, who has placed her third installment in a series on Section 702 in the online outlet Just Security – a masterclass on that program and why it must be reformed – has her own responses to Croner. While Croner portrays a warrant requirement for reviewing Americans’ data as a dangerous proposal, Goitein sees such a requirement as way to curb “backdoor searches,” and return to the guarantees of the Fourth Amendment.
“For nearly a decade, advocates, experts, and lawmakers have coalesced around a backdoor search solution that would require a warrant for all U.S. person queries conducted by any U.S. agency. Indeed, some broadly supported proposals have gone even further and restricted the type of information the government could obtain even with a warrant.”
She describes a Review Group on Intelligence and Communications Technologies that included many, like former CIA acting director Michael J. Morrell, who are anything but panicky civil libertarians. This group nevertheless found it responsible to recommend warrants “based on probable cause” before surveilling a United States person. Other supporters of probable cause warrants range from Rep. Thomas Massie (R-KY) and Zoe Lofgren (D-CA), to Sens. Dianne Feinstein (D-CA), Mike Lee (R-UT), and former Sen. Kamala Harris (D-CA).
They all saw what Goitein describes:
“Without such a measure, Section 702 will continue to serve as an end-run around the protections of the Fourth Amendment and FISA, and the worst abuses of the power to conduct U.S. queries will continue.”
We eagerly await ACLU’s response to Croner’s critique. Such debates, online and perhaps in person, are the only way to winnow out who is being candid and who is being too clever by half. It is a healthy development for intelligence and civil libertarian communities to debate their clashing views before the American people and the Congress rather than leave the whole discussion to secret briefings on Capitol Hill.
Does the Fifth Amendment privilege against self-incrimination prevent the government from forcing a defendant to unlock their cellphone? That’s the question at issue in People v. Sneed, a recent case brought before the Illinois Supreme Court, which found in favor of the state.
This ruling is a blow to Fifth Amendment protections in the digital age and an interpretation that cannot be sustained if we are to properly extend constitutional protections to ever-evolving technology.
In an amicus brief before the court, the American Civil Liberties Union aptly laid out the arguments against compelling passwords from the accused. Fifth Amendment protections against self-incrimination, they point out, derive from the founders’ fears of an American “Star Chamber,” the English judicial body that became synonymous with oppressive interrogation tactics and a lack of due process.
Drawing on this foundation, the American legal system has largely supported the notion that “the State cannot compel a suspect to assist in his own prosecution through recall and use of information that exists only in his mind.” To do so would impose a “cruel trilemma” on a defendant who would face an impossible choice: perjury, self-incrimination, or contempt of court.
As the ACLU points out, numerous high courts (including Indiana and Pennsylvania) have found that password disclosure constitutes testimony because it draws from “the contents of one’s mind.” Yet courts in New Jersey and Massachusetts have sided with Illinois, presenting a significant conflict of law in the ongoing effort to adapt constitutional precepts to our changing society.
In finding for the state and forcing the defendant, Sneed, to unlock his cellphone, the Illinois Supreme Court drew on a somewhat obscure legal exception to the Fifth Amendment right against self-incriminating testimony known as the “foregone conclusion” doctrine. That exception, which the Supreme Court of the United States has applied only once before, holds that producing a password is not testimonial when the government can show, with reasonable particularity, that it already has knowledge of the evidence it seeks, that the evidence was under control of the defendant, and that the evidence is authentic. The idea is that the act of producing a password has little testimonial value in and of itself.
The court misapplied that doctrine here, placing the focus on the password rather than the contents of Sneed’s cellphone.
The court drew on precedents that probable cause justifies the intrusion: “Any information that may be found on the phone after it is unlocked is irrelevant, and we conclude that the proper focus is on the passcode.”
But probable cause does not constitute evidentiary certainty. And, in applying its analysis to passcodes rather than the contents of a safe or lockbox or cellphone, the court ignores that the Supreme Court of the United States’ use of this exception in Fisher v. United States (1976) depended on a specific, narrow set of facts. There, the analysis focused on the production of business documents already proven to exist – not on a passcode.
Allowing the “foregone conclusion” exception to apply to testimonial production of cellphone passwords opens the door to forcible government snooping across the vast scope of our digital lives. Gaining access to someone’s cellphone can reveal anything and everything about that person – including the most intimate details of a life.
As the ACLU put it:
“Locked phones and laptops may impose obstacles to law enforcement in particular cases. So do window shades. It is sometimes true that constitutional protections interfere with law enforcement investigations.”
Until the Supreme Court of the United States resolves this issue, our Fifth Amendment rights in the digital age remain in doubt.
On Friday, the ACLU fired a full salvo at the FBI after the Office of the Director of National Intelligence released two court opinions that detail blatant violations of Americans’ privacy, including a sitting state court judge. The opinions come from the Foreign Intelligence Surveillance Court and describe how the entire national intelligence community, not just the FBI, performed numerous violations of legal requirements and court-ordered rules intended to protect Americans’ privacy.
The FISC writes that the FBI repeatedly engaged in prohibited searches of Section 702 databases for information pertaining to unsuspected targets. The opinions also demonstrate the evolving uses of Section 702: the NSA is reportedly using its Section 702 powers “to conduct routine, suspicionless searches of people overseas who are applying for immigration benefits or seeking to travel to the United States.” The FISC notes the unprecedented nature of this kind of use for Section 702. The data of millions of Americans who are in contact with people seeking to come to the United States will surely be swept up by this new trend.
Patrick Toomey, former U.S. Senator and Deputy Director of the American Civil Liberties Union’s National Security Project, said that “These disturbing new revelations show how Section 702 surveillance, a spy program the government claims is focused on foreign adversaries, is routinely used against Americans, immigrants, and people who are not accused of any wrongdoing.”
PPSA is astonished by the revelations disclosed by these two FISC opinions. The latitude for abuse of surveillance powers has only grown. Meanwhile, more and more Americans are being caught in the crossfire. Congress must act now to secure the privacy rights of Americans everywhere.
On Friday, the Office of the Director of National Intelligence released a Foreign Intelligence Surveillance Court opinion that details blatant violations of Americans’ privacy. Most distressingly, high-profile American political leaders were among the targets surveilled by the FBI. The heavily redacted opinion released on Friday reveals that the FBI attempted improper searches of the communications of a United States Senator, a state senator, and a judge who complained about civil rights violations by local police.
If that sounds beyond the pale, the National Security Division (NSD) of the United States Department of Justice thought so, too.
In the former case, the NSD determined that the “querying standard” used by the FBI to obtain foreign intelligence information was not met. In the latter case, it’s a little more opaque. Last October, the FBI used the anonymous Judge’s social security number to search the Section 702 database. The Judge "had complained to FBI about alleged civil rights violations perpetrated by a municipal chief of police.” The National Security Division’s review stated that this search was also illicit.
While the U.S. Senator has been notified about the improper search, the state Senator and the state Judge have not. It is clear is that a continued pattern of government abuse persists when it comes to Section 702 of the Foreign Intelligence Surveillance Act.
Although the FISC states that, “there is reason to believe that the FBI has been doing a better job in applying the querying standard,” the anonymous judge also admits that “[t]he prevalence of non-compliant queries conducted by the FBI, and particularly of broad queries that were not reasonably likely to return foreign intelligence information or evidence of crime, has been a major focus of concern….”
Indeed it has been. In fact, the same court found in 2018 that there was a “deficiency in the FBI’s querying and minimization procedures” based on “large-scale, suspicionless queries….”
The Court found that the FBI’s implementation of remedial measures has improved the Bureau’s compliance with Section 702’s specificity requirements. But they make sure to soften that finding with a disclaimer: “NSD devotes substantial resources to its oversight efforts, but still can examine only a fraction of total FBI queries. It is therefore possible that serious violations of the querying standard have so far gone undetected.”
The FBI has a long track record of repeatedly misusing the Section 702 database, but to poll information on high-profile elected officials is a new level of abuse. These revelations come amid a push by the Biden administration to reauthorize Section 702 mere months before it expires at the end of this year. When federal authorities inappropriately attempt to spy on legislators – and even judges – we truly find ourselves with one foot off the merry-go-round. Congress must take this into account in the coming months.
In late 2022, pursuant to its internal policy, Google informed two customers about law enforcement action taken against them by the Department of Justice five years prior. The customers in question: Republican staffers working for then-House Intelligence Committee Chairman Devin Nunes. According to contemporaneous reports, authorities subpoenaed addresses, screen names, telephone and payment records, and “all customer and subscriber account information” related to the two staffers. What’s more, as the Wall Street Journal editorial board recently pointed out, this was apparently done without informing Congress, as is typical practice.
One of the targeted staffers was Kash Patel, who at the time served as senior counsel to the House Intel Committee. Given the Committee’s focus at the time – looking into the origins of the FBI’s investigation of alleged collusion between the Trump campaign and Russia – some dot-connecting might well be warranted.
What truly shocks the conscience, however, is that Justice would clandestinely spy on Congress in the first place. As the Wall Street Journal wrote, “If DOJ used its law enforcement tools to snoop on Mr. Nunes, that would be an abuse of power.”
Now, House Judiciary Chairman Jim Jordan has issued a letter to FBI Director Christopher Wray demanding answers. All who care about data privacy – and the integrity of congressional authority – deserve them.
A recent article by Dell Cameron at Wired reports on ongoing congressional efforts to close the federal loophole allowing police and intelligence authorities to collect sensitive personal data from United States citizens without a warrant, subpoena, or court order.
The Fourth Amendment Is Not For Sale Act, sponsored by Representative Warren Davidson with bipartisan support, would prevent government entities from purchasing Americans’ personal data without court authorization, dramatically restricting a practice that even the Director of National Intelligence admits has tremendous potential for abuse. The bill passed out of committee with flying colors following markup.
In Wired, Cameron aptly explains the many controversies surrounding this issue, including the ongoing game of legal pretzel logic the government has used to justify its continued purchase of consumer data for law enforcement purposes. As the author points out, not only can the government access these data, so too can private companies and foreign actors.
But, as PPSA Senior Policy Advisor Bob Goodlatte notes in the piece, it’s our own governing authorities with which we should be most concerned.
Goodlatte said, “None of those other entities can arrest you, can charge you with a crime, try you, sentence you, imprison you, restrain you, enjoin you, fine you, tax you. All of those are powers of government, and any American should be concerned about the ease with which the federal government can gather information about people.”
With the biggest privacy battle of the year yet to come in the form of reauthorization of Section 702 of the Foreign Intelligence Surveillance Act, Fourth Amendment advocates can take comfort that these issues are getting the attention – and coverage – they deserve.
From Left to Right and across the nation, trust in American governing institutions is at rock bottom. Just this week, the Wall Street Journal ran an opinion piece with some eye-catching stats. A recent poll conducted by NBC found that only 37% of the public holds a positive view of the FBI, down from 52% in 2018. Among Republicans, that number is 17%.
Though liberals may still hold a somewhat more positive view of one of the country’s most powerful agencies, the same cannot be said for the police. Increased scrutiny and distrust towards the police in the wake of George Floyd’s killing in 2020 have gutted the force’s ranks. Since 2020, over 1,000 cops have prematurely retired from the Los Angeles Police Department alone. In just New York, about 1,400 NYPD cops are expected to resign this year before reaching retirement age. Overall, there were 50% more resignations nationally last year than in 2019.
Across the board, Americans are repulsed by the routine abuse of power. Is it any surprise, though, given the widespread feeling (backed by the FBI’s own data) that the FBI is all too happy to invade Americans’ security by spying on them, directly or indirectly? As the Office of the Director of National Intelligence revealed, the FBI conducted as many as 3.4 million searches of U.S. data in 2021. The Office of the Inspector General also released a report detailing “widespread non-compliance” with procedures and ethics rules.
The WSJ article argues that social breakdown—violence, lawlessness, drug addiction, but also distrust in the “institutions that provide the bedrock of domestic tranquility”—begets only further repressive tactics such as a willingness to engage in and tolerate greater surveillance in the name of safety and security. Just look at El Salvador, where a sudden rise in the country’s homicide rate, making the country the murder capital of the world, was met with fierce state reprisals. El Salvador crushed its violent crime, but at what cost to constitutional and civil liberties? Only time will tell.
The U.S. should avoid such a route for the reason that Americans’ distrust of governing institutions is due to the fact that they are being too heavy-handed, not that they are doing too little. Further invasions into privacy, crackdowns, and reprisals will only inflame the situation. Nor does adherence to constitutional procedures give way to higher crime and further social breakdown. The Fourth Amendment’s warrant requirement does not force us to sacrifice security where the need is genuine. It acts as a check against lazy assumptions and active abuse while also shining a harsh light on the exercise of the necessary but dangerous powers we hand to the government.
Recognizing the need for effective policing is not incompatible with recognizing the need for checks on abuse or overzealousness. In fact, the two are inextricably interrelated. A country cannot have good policing where abuse is rampant.
PPSA’s Gene Schaerr Appeals to Congress to Assert Its Authority to Protect Americans’ Privacy and the Fourth Amendment
End the “Game of Surveillance Whack-a-Mole"
Gene Schaerr, PPSA general counsel, in testimony before a House subcommittee on Friday, urged Congress to assert its prerogative to interpret Americans’ privacy and Fourth Amendment rights against the federal government’s lawless surveillance.
Schaerr said the reauthorization of a major surveillance law this year is a priceless opportunity for Congress to enact many long-needed surveillance reforms. There is, Schaerr told the Members of the House Judiciary Subcommittee on Crime and Government Surveillance, no reason for Congress to defer on such a vital, national concern to the judiciary.
Congress also needs to assert its authority with executive branch agencies, he said. For decades, when Congress reforms a surveillance law, federal agencies simply move on to other legal authorities or theories to develop new ways to violate Americans’ privacy in “a game of surveillance whack-a-mole.”
“As the People’s agents, you can stop this game of surveillance whack-a-mole. You can do that by asserting your constitutional authority against an executive branch that, under both parties, is too often overbearing – and against a judicial branch that too often gives the executive an undeserved benefit of the doubt. Please don’t let this once-in-a-generation opportunity slip away.”
Schaerr was joined by other civil liberties experts who described the breadth of surveillance abuse by the federal government.
Liza Goitein of the Brennan Center for Justice at NYU Law School said that FISA’s Section 702 – crafted by Congress to enable foreign surveillance – has instead become a “rich source of warrantless access to Americans’ communications.”
She described a strange loophole in the law that allows our most sensitive and personal information to be sold to the government. The law prevents social media companies from selling Americans’ personal data to the government, but it does not preclude those same companies from selling Americans’ data to third-party data brokers – who in turn sell this personal information to the government.
Federal agencies assert that no warrant is required when they freely delve into such purchased digital communications, location histories, and browsing records. Goitein called this nothing less than the “laundering” of Americans’ personal information by federal agencies looking to get around the law.
“We’re a nation of chumps,” said famed legal scholar and commentator Jonathan Turley of the George Washington University Law School, for accepting “massive violations” of our privacy rights. He dismissed the FBI’s recent boasts that it had reduced the number of improper queries into Americans’ private information, likening that boast to “a bank robber saying we’re hitting smaller banks.”
Many members on both sides of the aisle echoed the concerns raised by Schaerr and other witnesses during the testimony. Commentary from the committee indicates that Congress is receptive to privacy-oriented reforms.
Gene Schaerr cautioned that Congress should pursue such a strategy of inserting strong reforms and guardrails into Section 702, rather than simply allowing this authority to lapse when it expires in December. Drawing on his experience as a White House counsel, Schaerr said the “executive branch loves a vacuum.” Without the statutory limits and reporting requirements of Section 702, the FBI and other government agencies would turn to other programs, such as purchased data and an executive order known as 12333, that operate in the shadows.
Despite this parade of horribles, the hearing had a cheerful moment when it was interrupted by the announcement of a major reform coalition victory. The Davidson-Jacobs Amendment passed the House by a voice vote during a recess in the hearing, an announcement that drew cheers from witnesses and House Members alike. This measure would require agencies within the Department of Defense to get a probable cause warrant, court order, or subpoena to purchase personal information that in other circumstances would require such a warrant.
Schaerr was optimistic that further reforms will come. He said:
“Revulsion at unwarranted government surveillance runs deep in our DNA as a nation; indeed, it was one of the main factors that led to our revolt against British rule and, later, to our Bill of Rights. And today, based on a host of discussions with many civil liberties and other advocacy groups, I’m confident you will find wide support across the ideological spectrum for a broad surveillance reform bill that goes well beyond Section 702.”
PPSA Applauds House Judiciary Committee for Unanimous Vote to Advance the Fourth Amendment Is Not For Sale Act
Earlier today the House Judiciary Committee voted to advance the Fourth Amendment Is Not For Sale Act out of committee by a 30-0 unanimous vote, with one abstention. PPSA applauds Chairman Jordan, Ranking Member Nadler, and the Members of the Committee for taking this important step to protect Americans’ privacy.
“Stopping the government from spying on Americans by buying their sensitive personal information from data brokers is a critical part of the government surveillance reforms Congress is working towards this year,” said Bob Goodlatte, PPSA Senior Policy Advisor and former Chairman of the House Judiciary Committee. “As Congress considers the reauthorization of Section 702 of FISA, it should hold strong to the principle that no surveillance authorities should be reauthorized without closing the data broker loophole. The Committee’s overwhelming, bipartisan, unanimous approval of the Fourth Amendment is Not For Sale Act sends a strong signal in that regard.”
Our digital devices can tell everything about us – who we visit, what we like and believe, who we befriend, where we go, our medical concerns, and other personal information.
The government is required by the Fourth Amendment of the U.S. Constitution to obtain a warrant before it can seize our personal information. But the government has found a workaround to the Constitution – law enforcement, intelligence, and other federal agencies spy on us by simply buying our personal information from shady data brokers. The Fourth Amendment Is Not for Sale Act will close this loophole and prevent the government from sidestepping our constitutional rights.
PPSA is pleased that the House Judiciary Committee reported H.R. 4250, the Protect Reporters from Exploitative State Spying (PRESS) Act, to the full House by a unanimous 23-0 vote.
Many reporters have had their records seized by federal prosecutors, sometimes by secret orders to cloud computing companies. This bill, long supported by PPSA and civil liberties sister organizations, would protect journalists and their sources by granting a privilege to shield confidential news sources in federal legal proceedings. It contains reasonable exceptions in cases where application of the privilege could result in serious harm.
Former Rep. Bob Goodlatte, who served as Chairman of the House Judiciary Committee and now as PPSA Senior Policy Advisor, said:
“Journalism and the right to report on government actions must be better protected. We’ve all seen law enforcement officials under multiple recent administrations issue secret orders to surveil the private communications of journalists. Their freedom to report on government misdeeds is critical to maintaining a free society, and I encourage the broader House of Representatives to swiftly approve this legislation, as they have in the past.”
PPSA would like to extend its gratitude to Reps. Kiley and Raskin for their leadership in introducing the bill, as well as to Chairman Jordan and Ranking Member Nadler for their support in moving it through committee.
The PRESS Act’s passage is the result of overwhelming bipartisan support for freedom of the press guaranteed by the First Amendment of the Constitution, as well as support for our Fourth Amendment right to privacy. We hope the full House will take up and pass this important legislation soon.
In 2020, the Foreign Intelligence Surveillance Court (FISC), embarrassed by the many lapses uncovered by Department of Justice Inspector General Michael Horowitz, ordered the FBI to take steps to ensure greater consistency and accuracy in its Foreign Intelligence Surveillance Act (FISA) applications. How have the Bureau’s efforts progressed? As we reported in September of that year, the FBI was developing a new system, known as “the Bridge,” that would increase collaboration within the FBI, as well as between the FBI and the DOJ Office of Intelligence, to improve compliance with the law on surveillance. The Bridge will automatically cross-reference new data with existing data in FBI’s current case-management system, Sentinel.
The Bridge was slated to be completed around the end of 2021. Two years later, the Bridge is reportedly nearing completion and will finally be ready by the end of this year. The FISA Court ordered the FBI to provide quarterly updates about the status of the Bridge’s development. Now, PPSA has learned from documents supplied in response to Freedom of Information Act requests that the FBI has decided that it no longer wants to provide the court with updates on the development of its technology.
The FBI recently delivered a motion for relief to the court to be relieved from having to submit these two-page reports. Instead, the FBI wants to notify the court whenever “the Bridge has completed its long-term testing and has been fully implemented,” or when “there are any substantive updates to report.” This mode of reporting is not a good sign for the court’s imposition of an oversight obligation on the FBI, allowing the Bureau to decide when and how it wants to comply with the FISA Court.
Thus, a quarterly two-page report constitutes an unbearable onus for the FBI. When the Bridge is already years late and the FBI has a track record of failing to hold itself accountable, can we really trust the agency to do its due diligence without renewed oversight?
Last month, we wrote about a surprisingly frank report from the Office of the Director of National Intelligence admitting the government’s increasing role in utilizing Commercially Available Information about United States citizens for investigative purposes. Despite the Supreme Court’s ruling in Carpenter v. United States, which held that a warrant is required before the government can seize location history from cell-site records, the report candidly reveals that the bulk collection of Americans’ private data continues unabated. Now, the Commonwealth of Massachusetts is taking steps to ban the purchase and sale of location data altogether. It’s a blunt solution to a complex issue, and a bellwether for where this debate might be headed.
“Location data” refers to information about the geographic locations of mobile devices like smartphones or tablets. When collected, this data can be used for relatively benign purposes like marketing – but also to identify the movements of individuals and discern their identities (a 2013 study found that only four spatio-temporal data points are required to identify someone in most circumstances).
A host of companies collect this information, package it, and sell it to private actors like advertisers – and, increasingly, law enforcement agencies. The government can learn a lot about you based on your movements – and they know it. For example, the FBI has its own team dedicated to analyzing cell tower data.
A growing number of states are now taking action to protect the digital privacy of their residents. Laws passed in California and Virginia require the affirmative consent of consumers before geolocation data can be used for specified purposes. The European Union has gone further, prohibiting the use of sensitive data by default unless a company can demonstrate that its use falls under a specifically enumerated exemption.
In the United States, Massachusetts’ Location Shield Act (H.357|S.148) is by far the most comprehensive effort yet to protect our data from unwarranted (or warrantless) snooping. The bill’s drafters couch it within a social policy framework; it’s described as “An Act protecting reproductive health access, LGBTQ lives, religious liberty, and freedom of movement by banning the sale of cell phone location information.”
Such concerns are not unfounded. As the ACLU writes, “In the aftermath of the Supreme Court’s Dobbs decision…journalists found that data brokers have continued to buy, repackage and sell the location information of people visiting sensitive locations including abortion clinics. This puts people who seek or provide care in our state at risk of prosecution and harassment, creating a vulnerability in our state’s post-Roe protections.”
Beyond addressing those concerns, however, the bill does a lot to broadly reinforce our Fourth Amendment rights against unreasonable searches and seizures, implementing a warrant requirement for any law enforcement access to location data. Such restrictions would clear away some of the murk surrounding this issue in the wake of the Carpenter case, which required a warrant when accessing location data from phone companies, but which holds limited relevance when such data are readily available for commercial purchase. (Obviously, the same legal reasoning should apply.)
Americans are waking up to the dangers of the $16 billion data brokerage industry. In Massachusetts, 92% of survey respondents said the government should enshrine stronger protections for consumer data – all the way back in 2017. Whether this bill makes it over the finish line or not, it’s a clear sign that Americans want comprehensive data privacy reform.
And Massachusetts’ solution is one we’ll readily share.
PPSA previously sent an appeal to every Member of the U.S. House urging them to vote for the Davidson-Jacobs Amendment to the National Defense Authorization Act (NDAA). It would place significant restrictions on the government’s purchase of Americans’ Fourth Amendment-protected sensitive, personal information without a warrant.
We attached to our letter the endorsement of this measure from more than 40 civil liberties allies—ranging from the ACLU to FreedomWorks, from the Brennan Center and Demand Progress to Americans for Prosperity and the Due Process Institute.
The strong bipartisan support in the House led to the passage of this important measure by voice vote.
“This vote is vital because our digital histories reveal our personal lives—where we’ve been, who we’ve met or communicated with, what we’ve searched for online, even our medical issues,” we wrote. “A digital portrait can be more personal and intimate than a diary.
“Yet, under current practice, federal agencies purchase our most sensitive and personal information scraped from apps and sold by third-party data brokers. The general counsels of intelligence and law enforcement agencies assert a right to see our most personal information without the need to get a warrant, in flagrant disregard of the Fourth Amendment to the Constitution.”
“This is the kind of practice one expects of a surveillance state, not America.”
The House now officially agrees. This measure would require agencies within the Department of Defense to get a probable cause warrant, court order or subpoena to purchase personal information that in other circumstances would require such a warrant.
“This amendment strikes a reasonable balance between respecting the privacy of Americans while leaving the government with the power to search for potential threats to the homeland,” says Bob Goodlatte, PPSA Senior Policy Advisor. “The Senate should respect the groundswell of bipartisan support shown in the House today for this amendment in the NDAA.”
In today’s House Committee Judiciary hearing with FBI Director Christopher Wray, Rep. Pramila Jayapal (D-WA) expertly revealed the extent to which the FBI is unwilling to publicly discuss its use of commercially available information (go to 1:10:50 mark).
Rep. Jayapal asked the director about his claim before the Senate Intelligence Committee in March that the FBI had previously purchased Americans’ location data information from internet advertisers but had stopped the practice. Why, then, Jayapal asked, did a report from the Office of the Director of National Intelligence (ODNI) reveal that the government continues to purchase Americans’ personal data scraped from apps and sold to the government by third-party data brokers?
The report was surprising for its frankness. An ODNI panel admitted that such data can be used to “facilitate blackmail, stalking, harassment, and public shaming.”
Rep. Jayapal asked how the FBI uses such data. Director Wray responded that this is too complex to cover in a short exchange. He said there are so many precise definitions that he had best send “subject matter experts” from the FBI to give Rep. Jayapal a briefing, presumably behind closed doors and under classified rules that would prevent public discussion.
Rep. Jayapal then went on to note that more than historic location data is at stake. Purchased data, she said, include biometric data, medical and mental health records, personal communications, and internet search histories and activities. She asked Director Wray: Does the FBI have a written policy on how it uses such commercially available information?
Director Wray did not seem sure. He replied that he would be happy to provide a private briefing.
Rep. Jayapal next asked if there is an FBI policy for using purchased information against Americans in criminal cases.
Once again, Director Wray punted.
After Rep. Jayapal was finished, House Judiciary Chair Jim Jordan (R-OH), said that her remarks were “well said,” and promised a bipartisan approach on the issue. Speaking for Republicans, Chairman Jordan told Rep. Jayapal, chair of the progressive caucus, “you have friends over here who want to help you with that.”
We suggest that a bipartisan next step could be an open hearing with the FBI’s experts on how much purchased information is obtained and how it is used.
Technology presents new challenges in the protection of Fourth Amendment rights, especially regarding expectations of privacy and warrantless searches. A key question, as the U.S. Supreme Court found in 2001, is how to preserve “that degree of privacy against government that existed when the Fourth Amendment was adopted.”
A recent case out of Maryland goes a long way in enshrining critical protections for personal data in that state, striking a bold contrast with other recent decisions that degrade privacy.
The Fourth Amendment to the United States Constitution guarantees the “right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures…” [emphasis added] Since the advent of the digital age, courts around the country have analogized personal data to the founding-era concept of personal papers, which the Supreme Court has long held to be safeguarded against unwanted intrusion.
Yet, the Court has gone further in recent years, finding that digital information implicates “privacy concerns far beyond those implicated by the search of a cigarette pack, a wallet, or a purse.” After all, any thorough search of a citizen’s digital data is bound to turn up troves of personal information – from banking information to private correspondence – unrelated to the particularities of a warrant. It makes sense that our digital footprints would merit enhanced protection.
Despite this seeming clarity, much ambiguity persists surrounding the protection of digital data. State of Maryland v. Daniel Ashley McDonnell presents a novel question of law and fact unresolved at the national level: Does a reasonable expectation of privacy exist in the contents of a copied computer hard drive after consent to search that hard drive has been revoked?
The Supreme Court of Maryland found that it does.
Here’s the background: Daniel Ashley McDonnell granted investigating officers’ consent to search his computer. Police subsequently made a forensic copy of McDonnell’s hard drive and proceeded to analyze its data even after McDonnell withdrew his consent. For its part, the state argued that McDonnell lost any reasonable expectation of privacy once he allowed his data to be copied.
In constitutional law, warrantless searches of person or property are considered unreasonable unless certain exceptions apply – if a person lacks any reasonable expectation of privacy, for example, or if consent is granted to perform a search. Generally, when that consent is revoked, authorities may not conduct a search by relying on the prior consent.
In this case, the Supreme Court of Maryland found that McDonnell had a privacy interest in his data itself – not in the hard drive copy made by investigating authorities. Had the police examined the hard drive data while consent was in effect, McDonnell would have lost any reasonable expectation of privacy in that data. But given that consent was withdrawn prior to the search, he maintained that expectation absent an independent search justification.
The court wrote:
“To accept the State’s stance--i.e., that Mr. McDonnell irrevocably lost all privacy interest in the data on his hard drive when he allowed [police] to copy it—would be to permit a limitless search through vast quantities and a varied array of personal data that the Supreme Court of the United States has characterized as consisting of more information than would be found in an exhaustive search of a person’s home.”
In a similar case, the U.S. District Court for the Middle District of Florida came to a different conclusion, finding that “revocation of consent does not require the suppression of evidence already lawfully obtained.” However, the preponderance of case law and legal scholarship suggests the Supreme Court of Maryland struck the right balance. Its opinion is consistent with recent scholarship by law professor Orin Kerr, who argues that “the same Fourth Amendment rules that apply to searching a suspect’s computer should also apply to searching the government’s copy.” It is further consistent with the U.S. Supreme Court’s warnings in Riley v. California, which noted the potential of a cell phone search to reveal “[t]he sum of an individual’s private life.”
The Supreme Court of Maryland’s decision is a win for data privacy. To quote the amicus brief from our friends at Restore the Fourth, absent such protections the government could “copy and indefinitely detain every private paper on a person’s hard drive (i.e., millions of documents) at minimal cost—except to the Fourth Amendment.”
The Maryland decision was well reasoned and well done.
ACLU is celebrating the 15th anniversary of the Foreign Intelligence Surveillance Act (FISA) amendments by highlighting a floor statement President Joe Biden made as a U.S. Senator in 2008.
In his Congressional Record submission, Sen. Biden declared the measure that we would come to know as Section 702 as “constitutionally infirm.” He voted against it. Sen. Biden’s words would be a better guide to President Biden’s surveillance policies than those advocated by his appointees and representatives today.
For months now, the administration’s representatives on Capitol Hill have argued that Section 702 of FISA should be reauthorized without changes or reforms. FBI Director Christopher Wray and others have, with the backing of the president, made this case even though, by the administration’s own admission, this authority meant by Congress to authorize surveillance of foreigners located abroad has been used in 246,000 targeted searches of Americans’ communications.
While we should not uncritically accept the government’s numbers, and the definitions and assurances behind it, let’s take the government’s number as a minimum. The question remains why the government believes 246,000 violations of Americans’ civil liberties is acceptable. That number constitutes millions of civil rights violations in a few years and more violations than there are people in a sizable city, say, Richmond, Virginia.
As a U.S. Senator, Joe Biden foresaw problems with Section 702. He complained that the law authorized only weak judicial oversight by the FISA Court, beholden to the good faith of executive branch officials. Sen. Biden said the Attorney General and the Director of National Intelligence would certify after the fact to the FISA court that they had good reason to believe targets were located outside of the United States, “regardless of how many calls to innocent American citizens inside the United States were intercepted in the process.”
“This would be a breathtaking and unconstitutional expansion of the President’s powers,” Sen. Biden said. Now those powers are in the hands of President Joe Biden.
As senator, Joe Biden set out an overarching principle we’d all be wise to remember:
“One of the defining challenges of our age is to combat international terrorism while maintaining our national values and our commitment to the rule of law and individual rights. These two obligations are not mutually exclusive. Indeed, they reinforce each other.”
PPSA has been hearing as much from Congressional leaders, from Democrats as well as Republicans.
Our point is not to slam Joe Biden for inconsistency, but to sharpen the debate for Members of Congress. The president was right the first time: We can have protection from terrorists and spies without jettisoning our civil rights. We can reform Section 702 so it will work within the guardrails of the Constitution.
Sens. Ron Wyden and Rand Paul are renewing their push for the Protecting Data at the Border Act, a bill to ensure that government agents, including agents of Customs and Border Protection, obtain a warrant to search the personal data of Americans returning from abroad. The measure would send a resolute message: Americans' digital privacy is guaranteed, even at the border.
Until 2014, the federal government claimed it did not need a warrant to search a device if a person had been arrested. In Riley v. California, a landmark Supreme Court case, the Justices unanimously held that the warrantless, deep search of the digital contents of a cell phone during an arrest is unconstitutional under the Fourth Amendment. If this principle pertains to an arrestee, how much more should it pertain to an American citizen who is merely traveling?
Yet border zones, whether points of entry to Canada or Mexico, or airports, have become legal twilight zones where the Fourth Amendment is treated as a suggestion. With ever-increasing international traffic, the potential for government misconduct grows as well.
PPSA has called attention to constitutional loopholes at the border before. In 2021, we reported that two troubling trends at the border threatened the rights of Americans. One is the rollout of facial recognition technology and other biometric surveillance by Customs and Border Patrol, which is used on citizens and non-citizens who arrive at a U.S. airport. The other – and by far the most intrusive – is the existing practice of accessing the contents of returning citizens’ cellphones, laptops, and other electronic devices.
In 2017, a NASA employee was stopped by Customs and Border Patrol agents and told he could not leave until he gave CBP agents his password to his phone, which belonged to NASA and contained sensitive and confidential information. In an ACLU petition filed to the Supreme Court in 2021 (Merchant v. Mayorkas), eleven U.S. citizens sued over having their electronic devices examined at the border without a warrant or reasonable suspicion. Unfortunately, the Court declined to hear the case.
PPSA endorses the Protecting Data at the Border Act. This bill will go a long way towards codifying and ensuring that the Fourth Amendment protects American citizens at the border. The bill will also prohibit officials from delaying or denying entry to the U.S. if a person declines to hand over devices and requires law enforcement to have probable cause to seize a device.
Bob Goodlatte, PPSA senior policy advisor and former Chairman of the House Judiciary Committee, said:
“There is no excuse for the government to suspend the Fourth Amendment at the border. While it is reasonable for border agents to protect the nation with inspections for pests, contraband, and illegal narcotics, it is an outrageous violation of the Constitution for agents to scan the contents of our digital devices, delving into the sensitive and personal aspects of our domestic lives.
“Sens. Ron Wyden and Rand Paul are stepping up to remind the government that we don’t shed our constitutional rights just because we travel.”
The intelligence community and FBI are strenuously lobbying Congress that Section 702 of the Foreign Intelligence Surveillance Act, set to expire at the end of this year, should get a “clean” reauthorization – without any amendments or reforms.
Some Members of Congress are dead set against any reauthorization of Section 702, an authority designed by Congress to allow the surveillance of foreigners on foreign soil but has been used by government agencies – the FBI most notably – to spy on Americans at home.
Sen. Lindsey Graham (R-SC) sounded a note of caution to both sides in this debate. He recently noted that if Congress fails to reauthorize Section 702, “the country will be much at risk” without an ability to identify “some pretty bad actors.”
“The ISIS Al Qaeda footprint is coming back, China’s up to no good at every front, the Iranians are threatening to kill members of the Trump Administration and many of us have been briefed by the FBI based on pick-ups you’ve had regarding threats against us,” Sen. Graham said.
But the senator pushed back on the notion that 702 should be reauthorized without needed reforms.
“The downside is it has been abused and there’s a warrant requirement to investigate an American citizen for potential wrongdoing,” Sen. Graham said, “And we don’t want this to be used to get around a warrant requirement, so the bottom line is let’s reauthorize this program and build in some safeguards.”
It’s well and good that more leaders on the Hill are seeing the need for reform. PPSA looks forward to seeing Sen. Graham and his colleagues follow through on their recognition that new safeguards are needed.
Beneath the surface of Russia’s ever-changing autocratic regimes has always been suppressed but vibrant conversations in samizdat, private media in the form of homemade newsletters and clandestine literature. In the era of Putin and the Ukraine war, discussion among dissenters and dissidents is facilitated by end-to-end encrypted technologies such as Signal, Telegram, and WhatsApp. In a recent article in The New York Times, Aaron Krolik, Paul Mozur, and Adam Satariano call attention to Russia’s successful infiltration of these platforms to effectively eliminate dissent.
This trend promises devastating consequences for Russian dissidents and danger for the world.
The Russian government has managed to crack these once-secure channels, leveraging them to map networks of relationships and surveil its citizens. This alarming development is transforming Russia into a full-blown surveillance state like China’s, where private conversations are no longer secure and individuals risk persecution for expressing dissenting views.
Even more concerning is the certainty that new surveillance technologies and techniques will be easily exported to unfriendly countries and illicit groups around the world, much like Israeli-made Pegasus has been. The ability of Pegasus to infiltrate mobile devices and monitor individuals has been employed by various governments and threat actors worldwide, undermining privacy and individual freedoms.
New Russian spyware provides a similar “Swiss-army knife of spying possibilities,” enabling an unprecedented degree of surveillance and intrusion. One program can identify when people make voice calls or send files on encrypted chat apps such as Telegram, Signal, and WhatsApp. The software can map a person’s relationship network by tracking communications with others. Another product can collect passwords entered on unencrypted websites. Another tool can map the locations of two phones over the course of the day to determine whether they met, indicating a potential meeting between people.
Russia is effectively building a surveillance industrial complex, one which it plans to sell around the world. According to the U.S. State Department, one Russian surveillance company, Citadel, already controls between 60 to 80 percent of the global market for telecommunications monitoring technology.
“The spillover effects will be felt first in the surrounding region, then potentially the world,” says Adrian Shahbaz, Vice-President of research and analysis at the pro-democracy advocacy group Freedom House.
In the hands of a much larger and more sophisticated rival, like China, these tools can be a force for global repression. China has already developed the most robust facial recognition surveillance system in the world, which will integrate voiceprints, faceprints, and DNA samples to weave a comprehensive portrait of the individuals who make up its huge population. China can infiltrate cell phones and sweep up location data from many phones in a wide area. It is even developing the ability to observe brainwaves to detect what illegal activities residents might be up to. Technologies such as these are not likely to remain contained just to China or Russia.
Pegasus shows how such technology can be used to menacing effect. Pegasus was deployed against 26 Mexican journalists in 2016 and 2017. At least one was assassinated. Saudi Arabia successfully installed Pegasus on the phone of the wife of murdered dissident Jamal Khashoggi. Pegasus has even been found on the phones of several U.S. policymakers and in the office of the British Prime Minister.
You may not be worried that the Russian government has its eyes on you, but these capabilities will be sold to unfriendly forces around the world. A cartel could use these technologies to target Americans. An unscrupulous corporation could use them to develop an even more intricate and suggestive profile of potential customers. A government, perhaps our own, could use them to counter freedom of speech.
This is all the more reason for Americans to protect personal encryption from U.S. government pressure to provide backdoor access, while urging private sector champions to stay in the race with the tyrants.
PPSA, ACLU Freedom of Information Act Disclosures Reveal Feds Continue to Coach Agencies and Police on Hiding Stingray Use
“Fruit of a Poisonous Tree”
FBI documents acquired through Freedom of Information Act (FOIA) requests by PPSA and the American Civil Liberties Union show how authorities continue to conceal information about how stingray technology is really being used. The downstream effect of this deception likely results in defendants being denied the ability to know how a case was constructed against them, degrading their right to a fair trial.
Dozens of federal and state agencies have benefitted from the generosity of the Department of Justice in sharing with state and local police cell-site simulators, popularly known by the brand name “Stingrays.” These devices trick cellphones into revealing their owners’ locations and other sensitive, personal information.
An email from the Bureau of Alcohol, Tobacco, Firearms and Explosives (ATF), released today by PPSA, one ATF official writes to another:
“To remain consistent with our DOJ Partner, in this case, the USMS (U.S. Marshall Service) since they are the largest user of this technology, we respectfully request that this technique not be disclosed in an affidavit.”
ACLU’s FOIA shows the same instructions from the federal government imposed in nondisclosure agreements on police departments when they ask for this technology to track suspects. These contracts don’t beat around the bush. They explicitly require police departments to withhold information about stingrays and their usage from defendants and lawyers. The FBI argues that such secrecy is required to prevent revealing information that would enable criminals to “thwart law enforcement efforts.”
But what’s the big secret? Despite the clandestine nature of this federal/local partnership program, stingray technology and its capabilities have been an open secret for years now. This technology was depicted under another brand name – “triggerfish” –on season three of HBO’s The Wire. That was in 2004. Could the real secret be that police departments are conspiring with the FBI to conceal the use of privacy-invading technology to give prosecutors an unfair, “backdoor” advantage in their cases?
PPSA has often reported the ways in which federal or state agencies routinely circumvent constitutional privacy protections. One well-known method is the parallel construction of evidence, in which prosecutors leverage illicitly gained knowledge to turn up evidence from a source acceptable in court. It is well established legal doctrine that illicit evidence, the “fruit of the poisonous tree,” should not be admissible. But who knows what is poisonous if the tree is hidden?
The acquired federal documents actually spell out how parallel construction should work – advising the police to pursue “additional and independent investigative means and methods” to obtain evidence collected through use of a cell-site simulator.
The suggestions on how to accomplish such secrecy were redacted by the FBI. The Bureau argues that revealing information about stingrays would have a “significant detrimental impact on the national security of the United States.” The revelation of even minor details is so heavily restricted that police have dropped charges against a suspect rather than unveil information in open court.
“The important question posed by privacy advocates is why are police departments and the FBI going to such lengths to conceal information about a technology that is public knowledge?” asked Bob Goodlatte, former chairman of the House Judiciary Committee and PPSA Senior Policy Advisor. “The capabilities of stingrays are well-known, with knowledge of their deployment on popular television almost twenty years ago.
“Yet the government still insists that the basics of stingray use is a precious national secret,” Goodlatte said. “Congress should demand to know if there is any basis at all for these non-disclosure agreements – and how common parallel construction really is in practice.”
The digital trail you leave behind can be used to create a profile of you by your race, religion, gender, sexual orientation, financial issues, personal medical history, mental health, and your physical location.
PPSA has long warned against the routine sale of our personal and sensitive information scraped from apps and sold to U.S. federal agencies by data brokers. The general counsels of these law enforcement and intelligence agencies claim that they are not violating the Fourth Amendment prohibition against warrantless search and seizure because they are not seizing our data at all.
They’re just buying it.
That is galling enough, but what about hostile governments accessing your most personal information? They have no guardrails and would surely have no scruples in using your information against you and, for those in the military or other sensitive positions, the United States.
Under Chinese law, China’s technology companies are obligated to share their data with Chinese intelligence. Imagine all the data Chinese military, intelligence, and commercial actors have on the 80 million American users of TikTok. Then multiply that by all the data China acquires through legal, commercial means.
“Massive pools of Americans’ sensitive information – everything from where we go, to what we buy and what kind of health care services we receive – are for sale to buyers in China, Russia and nearly anyone with a credit card,” said Sen. Ron Wyden, (D-OR), sponsor of the Protecting Americans’ Data from Foreign Surveillance Act of 2023.
“The privacy and security of our data is essential to the freedoms we hold dear,” said co-sponsor Sen. Cynthia Lummis (R-WY). “If foreign adversaries can access our data, they can control it.”
Their bill is also supported in the Senate by Sens. Sheldon Whitehouse (D-RI), Bill Hagerty (R-TN), Martin Heinrich (D-NM), and Marco Rubio (R-FL). It is supported in the House by Rep. Warren Davidson (R-OH) and Rep. Anna Eshoo (D-CA). This bill would apply tough criminal and civil penalties to prevent employees of foreign corporations like TikTok from accessing U.S. data from abroad.
“Freedom surrendered is rarely reclaimed,” said Rep. Davidson. PPSA agrees and supports this bill.
“The need to address foreign exploitation of Americans’ data is urgent,” said Bob Goodlatte, former House Judiciary Committee Chairman and Senior Policy Advisor to PPSA. “This legislation should also prompt us to get our own house in order. Members should address exploitation of our personal information by our government. I hope every member who signs on to this bill supports requiring the U.S. government to obtain a warrant when it wishes to inspect our commercially acquired information, as well as data from Section 702 of the Foreign Intelligence Surveillance Act.”