Clearing Up Surveillance

Henry V’s claim to the throne of France is “as clear as is the summer’s sun,” explains the Archbishop of Canterbury in Shakespeare’s play.  The joke, of course, is that he has come to this conclusion following several dozen lines of impenetrably dense legal argument.  I’ve found it similarly difficult to explain intelligence surveillance law, as I’ve just been trying to do at Bobby’s excellent conference at the University of Texas at Austin.  I’ll try again here – minus the iambic pentameter and the Latin. For anyone who is trying to talk about what the NSA is doing in this new era of transparency, there are major pitfalls.  They largely stem from the fact that the rules are simply counterintuitive; they often don’t match our expectations of what the rules ought to be. Incidental collection.  This should be obvious, but it simply isn’t.  You don’t know to who your target is going to talk to before collection.  The NSA does have a system for trying to figure out where its targets are located so it can make sure they are abroad.  But it can’t really figure out, prior to collection, where everyone with whom the target is communicating is located.  (Unless it turns out that MINDPRISM was real.)  It would be nice if we could have a stricter rule for collecting “foreign-to-US” communications than we have for “foreign-to-foreign,” but it generally doesn’t work like that. Content vs. metadata.  However many times the difference between content and metadata is explained, it needs to be explained again.  It is, of course, reasonable for people to think this distinction is outdated.  In the aggregate, metadata may be very revealing indeed.  Nevertheless, the distinction is valid under existing law.  Smith v. Maryland, for all the criticism, is the law of the land and that means obtaining telephony metadata is not (at least for now) a search under the Fourth Amendment. Collection over the air vs. collection from a wire.  This is very counterintuitive.  FISA uses the term “wire communication” to refer to communications that are travelling over a wire when they are intercepted.  A cell phone call is a “wire communication” if that is how the call is intercepted.  Conversely, FISA uses the term “radio communication” to refer to a communication intercepted from the air.  A landline call intercepted from a satellite is a radio communication.  This is a legacy of 1970’s communications technology, when most international communications were carried by satellite.  Despite amendments to FISA since then, it still matters quite a bit, as collection from a wire generally involves the FISA court whenever it occurs inside the United States, regardless of where the targets are located.  Collection over the air, or outside the United States, generally doesn’t.  The privacy interests are pretty much the same, so why do we have different rules?  The short answer is because that’s what the law says. Bulk collection vs. targeted collection under FISA.  To be clear, the only bulk collection program currently under FISA at NSA that we know of is telephony metadata.  There was an Internet metadata bulk collection program, but it was discontinued in 2011.  Content collection under FISA is targeted, either because it is based on a traditional “probable cause” FISA warrant, or because it is governed by procedures under section 702 of FISA that require targeting of foreign persons reasonably believed to be located abroad.  Of course, using its traditional signals intelligence authorities outside of FISA (see above), content can be scooped up in bulk, as long as the NSA is not targeting a particular, known United States person.  That has been true for many decades, and it’s a major reason NSA’s activities have been controversial long before Snowden came along.  However, when people talk about “bulk collection,” they are generally talking about the collection of metadata authorized by the FISA court’s very expansive definition of relevance in section 215 of the Patriot Act (the “business records” provision).  That theory simply cannot be applied to content. Hope that clears things up . . .