Sep 152014
 

Last week Durie Tangri and I filed an amicus brief on behalf of the National Association of Criminal Defense Lawyers in the appeal of Smith v. Obama. Smith v. Obama is one of the many lawsuits being brought against the government following revelations of how the NSA has been spying on Americans’ communications. Like several of the others, including First Unitarian Church of Los Angeles v. NSA and Klayman v. Obama, this case is about the government’s wholesale collection of telephonic metadata – or, in other words, information reflecting whom people called, when, and for how long (among other details).

In the Klayman case, which is now on appeal at the D.C. Circuit Court of Appeals, the district court judge found that this wholesale, warrantless, collection of people’s call records indeed violated the Fourth Amendment. In Smith v. Obama, however, the district court had reached the opposite conclusion. Despite finding the reasoning in Klayman persuasive, the district court judge here felt bound to follow the precedent set forth in a 1979 Supreme Court case called Smith v. Maryland.

In that case the Supreme Court held that it did not violate the Fourth Amendment for the government to acquire records of people’s calls. The government only violates the Fourth Amendment when it invades a “reasonable expectation of privacy society recognizes as reasonable” without a warrant. But how could there be an expectation of privacy in the phone number a person dialed, the Supreme Court wondered. How could anyone claim the information was private, if it had been voluntarily shared with the phone company? Deciding that it could not be considered private, the court therefore found that no expectation of privacy was being invaded by the government’s collection of this information, which therefore meant that the collection could not violate the Fourth Amendment.

The problem is, in the Smith v. Maryland case the Supreme Court was contemplating the effect on the Fourth Amendment raised by the government acquiring only (1) specific call information (2) from a specific time period (3) belonging only to a specific individual (4) already suspected of a crime. It was not considering how the sort of surveillance at issue in this case implicated the Fourth Amendment, where the government is engaging in the bulk capturing of (1) all information relating to all calls (2) made during an open-ended time period (3) for all people, including (4) those who may not have been suspected of any wrongdoing prior to the collection of these call records. What Smith is arguing on appeal is that the circumstances here are sufficiently different from those in Smith v. Maryland such that the older case should not serve as a barrier to finding the government’s warrantless bulk collection of these phone records violates the Fourth Amendment.

In particular, unlike in Smith v. Maryland, in this case we are dealing with aggregated metadata, and as even the current incarnation of the Supreme Court has noted, the consequences of the government capturing aggregated metadata are much more harmful to the civil liberties of the people whose data is captured than the Supreme Court contemplated back in 1979. In U.S. v. Jones, a Fourth Amendment decision issued in 2012, Justice Sotomayor observed that aggregated metadata “generates a precise, comprehensive record” of people’s habits, which in turn “reflects a wealth of detail about [their] familial, political, professional, religious, and sexual associations.” One of the reasons we have the Fourth Amendment is to ensure that these associations are not chilled by the government being able to freely spy on people’s private affairs. But when this form of warrantless surveillance is allowed to take place, they necessarily will be.

While it’s bad enough that any associations are chilled, in certain instances that chilling implicates other Constitutional rights. The amicus brief by the Reporters Committee for Freedom of the Press addressed how the First Amendment is undermined when journalists can no longer be approached by anonymous sources because, if the government can easily discover evidence of their conversations, the sources effectively have no anonymity and will be too afraid to reach out. Similarly, the brief I wrote discusses the impact on the Sixth Amendment right to counsel when another type of relationship is undermined by this surveillance: that between lawyers and their clients. Continue reading »

Mar 272013
 

I’ve written before about the balance privacy laws need to take with respect to the data aggregation made possible by the digital age. When it comes to data aggregated or accessed by the government, on that front law and policy should provide some firm checks to ensure that such aggregation or access does not violate people’s Fourth Amendment right “to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures.” Such limitations don’t forever hobble legitimate investigations of wrongdoing; they simply require adequate probable cause before the digital records of people’s lives be exposed to police scrutiny. You do not need to have something to hide in order not to want that.

But all too often when we demand that government better protect privacy it’s not because we want the government to; on the contrary, we want it to force private parties to. Which isn’t to say that there is no room for concern when private parties aggregate personal data. Such aggregations can easily be abused, either by private parties or by the government itself (which tends to have all too easy access to it). But as this recent article in the New York Times suggests, a better way to construct the regulation might be to focus less on how private parties collect the data and more on the subsequent access to and use of the data once collected, since that is generally from where any possible harm could flow. The problem with privacy regulation that is too heavy-handed in how it allows technology to interact with data is that these regulations can choke further innovation, often undesirably. As a potential example, although mere speculation, this article suggests that Google discontinued its support for its popular Google Reader product due to the burdens of compliance with myriad privacy regulations. Assuming this suspicion is true — but even if it’s not — while perhaps some of this regulation vindicates important policy values, it is fair to question whether it does so in a sufficiently nuanced way so that it doesn’t provide a disincentive for innovators to develop and support new products and technologies. If such regulation is having that chilling effect, we may reasonably want to question whether these enforcement mechanisms have gone too far.

Meanwhile public outcry has largely been ignoring much more obvious and dangerous incursions into their privacy rights done by government actors, a notable example of which will be discussed in the following post.

May 192012
 

There’s no discussing technology law without discussing how it implicates privacy.  But privacy is such a broad concept; to discuss it in any meaningful requires a definition with more detail.

I see there being (at least for purposes of the sort of discussion on this site) two main types privacy: privacy from the government, and privacy from other individuals.  And when it comes to regulating the intersection of privacy and technology, these two types of privacy require very different treatment. Continue reading »

Quicklinks 2/18/2012

 Quicklinks  Comments Off
Feb 182012
 

Last week’s links:

Quicklinks 1/14/2012

 Quicklinks  Comments Off
Jan 142012
 

Other recent items of interest…

First, catch-up:

Continue reading »

Quicklinks 1/7/2012

 Quicklinks  Comments Off
Jan 072012
 

Other interesting items from this past week (or so):

Jan 062012
 

Public photography is an issue that frequently appears on this site because it’s a real example of technology-enabled speech that all too often authorities try to prevent.  These attempts are often egregious and never balanced out by whatever policy reasons are ostensibly behind them.  But they are particularly odorous when these prohibitions are enforced on people using photography to record the power of the police.

What’s especially insidious is the logic so often used for it, that recording people acting in public — or, more specifically, agents of the state acting in public under the color of the authority granted by the state — might somehow violate a privacy interest. Continue reading »

Quicklinks 12/31/11

 Quicklinks  Comments Off
Dec 312011
 

From this past week:

Continue reading »

Dec 242011
 

From EPIC.org:

EPIC has filed a Freedom of information Act lawsuit against the Department of Homeland Security to force disclosure of the details of the agency’s social network monitoring program. In news reports and a Federal Register notice, the DHS has stated that it will routinely monitor the public postings of users on Twitter and Facebook. The agency plans to create fictitious user accounts and scan posts of users for key terms. User data will be stored for five years and shared with other government agencies.The legal authority for the DHS program remains unclear. EPIC filed the lawsuit after the DHS failed to reply to an April 2011 FOIA request. For more information, see EPIC: Social Networking Privacy.

(h/t Pogo Was Right)

Quicklinks 12/17/11

 Quicklinks  Comments Off
Dec 172011
 

Other items of interest this past week: