… and why you (probably) shouldn't worry about it.
- By Stewart Baker<p> Stewart Baker is a partner at Steptoe & Johnson in Washington, D.C. He has been general counsel of the National Security Agency and assistant secretary for policy at the Department of Homeland Security. His book on, among other things, the FISA Court is titled Skating on Stilts. </p>
Suddenly, the national security establishment is drowning in data. On June 5, the Guardian released what appears to be a highly classified order issued by the Foreign Intelligence Surveillance Court, known as the FISA Court, to collect Verizon customers’ phone records of calls made to or by Americans. On June 6, the Washington Post revealed the existence of PRISM, which allows the collection of Internet data on a massive scale. Does this mean the end of privacy, law, and the Constitution?
Nope. There are a lot of reasons to be cautious about rushing to the conclusion that these "scandals" signal a massive, lawless new intrusion into Americans’ civil liberties. Despite this apparent breadth, and even if we assume that the leaked FISA order is genuine, there are a lot of reasons to be cautious about rushing to the conclusion that it signals a massive, lawless new intrusion into Americans’ civil liberties.
Let’s start with the order. It seems to come from the court established to oversee intelligence gathering that touches the United States. Right off the bat, that means that this is not some warrantless or extrastatutory surveillance program. The government had to convince up to a dozen life-tenured members of the federal judiciary that the order was lawful. You may not like the legal interpretation that produced this order, but you can’t say it’s lawless.
In fact, it’s a near certainty that the legal theory behind orders of this sort has been carefully examined by all three branches of the government and by both political parties. As the Guardian story makes clear, Sen. Ron Wyden has been agitating for years about what he calls an interpretation of national security law that seems to go beyond anything the American people understand or would support. He could easily have been talking about orders like this. So it’s highly likely that the law behind this order was carefully vetted by both intelligence committees, Democrat-led in the Senate and Republican-led in the House. (Indeed, today the leaders of both committees gave interviews defending the order.) And in the executive branch, any legal interpretations adopted by George W. Bush’s administration would have been carefully scrubbed by President Barack Obama’s Justice Department.
Ah, you say, but the scandal here isn’t what has been done illegally — it’s what has been done legally. Even if it’s lawful, how can the government justify spying on every American’s phone calls?
It can’t. No one has repealed the laws that prohibit the National Security Agency (NSA) from targeting Americans unless it has probable cause to believe that they are spies or terrorists. So under the law, the NSA remains prohibited from collecting information on Americans.
On top of that, national security law also requires that the government "minimize" its collection and use of information about Americans — a requirement that has spawned elaborate rules that strictly limit what the agency can do with information it has already collected. Thus, one effect of "post-collection minimization" is that the NSA may find itself prohibited from looking at or using data that it has lawfully collected.
I would not be surprised to discover that minimization is the key to this peculiarly two-party, three-branch "scandal." That is, while the order calls for the collection of an enormous amount of data, much of it probably cannot actually be searched or used except under heavy restrictions. (If I’m right, the administration is likely to find itself forced quite quickly to start talking about minimization, perhaps in considerable detail.)
But why, you ask, would the government collect all these records, even subject to minimization, especially when Wyden was kicking up such a fuss about it? And, really, what’s the justification for turning the data over to the government, no matter how strong the post-collection rules are?
To understand why that might seem necessary, consider this entirely hypothetical example. Imagine that the United States is intercepting al Qaeda communications in Yemen. Its leader there calls his weapons expert and says, "Our agent in the U.S. needs technical assistance constructing a weapon for an imminent operation. I’ve told him to use a throwaway cell phone to call you tomorrow at 11 a.m. on your throwaway phone. When you answer, he’ll give you nothing other than the number of a second phone. You will buy another phone in the bazaar and call him back on the second number at 2 p.m."
Now, this is pretty good improvised tradecraft, and it would leave the government with no idea where or who the U.S.-based operative was or what phone numbers to monitor. It doesn’t have probable cause to investigate any particular American. But it surely does have probable cause to investigate any American who makes a call to Yemen at 11 a.m., Sanaa time, hangs up after a few seconds, and then gets a call from a different Yemeni number three hours later. Finding that person, however, wouldn’t be easy, because the government could only identify the suspect by his calling patterns, not by name.
So how would the NSA go about finding the one person in the United States whose calling pattern matched the terrorists’ plan? Well, it could ask every carrier to develop the capability to store all calls and search them for patterns like this one. But that would be very expensive, and its effectiveness would really only be as good as the weakest, least cooperative carrier. And even then it wouldn’t work without massive, real-time information sharing — any reasonably intelligent U.S.-based terrorist would just buy his first throwaway phone from one carrier and his second phone from a different carrier.
The only way to make the system work, and the only way to identify and monitor the one American who was plotting with al Qaeda’s operatives in Yemen, would be to pool all the carriers’ data on U.S. calls to and from Yemen and to search it all together — and for the costs to be borne by all of us, not by the carriers.
In short, the government would have to do it.
To repeat, this really is hypothetical; while I’ve had clearances both as the NSA’s top lawyer and in the top policy job at the Department of Homeland Security, I have not been briefed on this program. (If I had, I wouldn’t be writing about it.) But the example shows that it’s not that hard to imagine circumstances in which the government needs to obtain massive amounts of information about Americans yet also needs to remain bound by the general rule that it may only monitors those whom it legitimately suspects of being terrorists or spies.
The technique that squares that circle is minimization. As long as the minimization rules require that all searches of the collected data must be justified in advance by probable cause, Americans are protected from arbitrary searches. In the standard law enforcement model that we’re all familiar with, privacy is protected because th
e government doesn’t get access to the information until it presents evidence to the court sufficient to identify the suspects. In the alternative model, the government gets possession of the data but is prohibited by the court and the minimization rules from searching it until it has enough evidence to identify terror suspects based on their patterns of behavior.
That’s a real difference. Plenty of people will say that they don’t trust the government with such a large amount of data — that there’s too much risk that it will break the rules — even rules enforced by a two-party, three-branch system of checks and balances. When I first read the order, even I had a moment of chagrin and disbelief at its sweep.
But for those who don’t like the alternative model, the real question is "compared to what"? Those who want to push the government back into the standard law enforcement approach of identifying terrorists only by name and not by conduct will have to explain how it will allow us to catch terrorists who use halfway decent tradecraft — or why sticking with that model is so fundamentally important that we should do so even if it means more acts of terrorism at home.