Government Phone Surveillance for Dummies

First things first: What's all the fuss about?

The discovery and publication of a top-secret court order, issued this April, compelling Verizon to turn over the telephone records of millions of its U.S. customers to the National Security Agency. 

So, whoa, the government has been eavesdropping on our phone conversations? 

Not quite slash not that we know of. The order calls for the turnover of metadata, the external information about the telephone calls. It specifically excludes the content of the call. As the order puts it, "telephony metadata does not include the substantive content of any communication, as defined by 18 U.S.C. 2510(8), or the name, address, or financial information of a subscriber or customer."

Then what kind of metadata was actually sought through the order?

The order compelled Verizon to provides the NSA with "all call detail records or 'telephony metadata' created by Verizon for communications (i) between the United States and abroad; or (ii) wholly within the United States, including local telephone calls." 

Which includes, per the order:
- originating and terminating telephone number
- International Mobile Subscriber Identity (IMSI) number
- International Mobile station Equipment Identity (IMEI) number
- trunk identifier
- telephone calling card numbers
- time of call
- duration of call

As the New Yorker's Amy Davidson summed it up: "The government seems to have a list of all the people that Verizon customers called and who called them; how long they spoke; and, perhaps -- depending on how precise the cell-phone-tower information in the metadata is, where they were on a given day."

So how do we know about all this?

Glenn Greenwald, a columnist at The Guardian, seems to have received a leaked copy of the order. He posted the document, and an article about it, last night.

The order, now that I look at it, is dated April 25 -- which is just 10 days after the Boston bombings. Could there be any connection there?

Unlikely. In fact, very unlikely. The order is one piece of evidence for a surveillance program that seems to have been ongoing since 2006. It's a program that, from what we know so far, is renewed every 90 days. As Senator Diane Feinstein said of the document, "As far as I know, this is the exact three-month renewal of what has been in place for the past seven years."

Who in the government might have access to the metadata being gathered?

The order itself directs that the records be provided to the NSA. Then again, there seems to be nothing in the document that would explicitly prohibit the NSA from sharing the data with other agencies. There's also nothing in the order specifying limitations on who can access the data within the NSA itself.

Basically, the government is binge-watching Americans.

-- pourmecoffee (@pourmecoffee) June 6, 2013

What has the government, as far as we know, been doing with the metadata it's gathered? 

Very generally, it seems that the information is being put to use in the name of counter-terrorism. (As Feinstein put it: "It's called protecting America.")

In terms of the specifics, though, we don't precisely know how the metadata is being employed. At least in theory, that kind of information is mostly useful for identitying associations and networks of people who may be engaged in criminal activities. 

How is the Obama Administration explaining and trying to justify all this?

This way, according to talking points sent to Marc Ambinder:

* On its face, the order reprinted in the article does not allow the Government to listen in on anyone's telephone calls. The information acquired does not include the content of any communications or the name of any subscriber. It relates exclusively to metadata, such as a telephone number or the length of a call.

* Information of the sort described in the Guardian article has been a critical tool in protecting the nation from terrorist threats to the United States, as it allows counterterrorism personnel to discover whether known or suspected terrorists have been in contact with other persons who may be engaged in terrorist activities, particularly people located inside the United States.

* As we have publicly stated before, all three branches of government are involved in reviewing and authorizing intelligence collection under the Foreign Intelligence Surveillance Act. Congress passed that act and is regularly and fully briefed on how it is used, and the Foreign Intelligence Surveillance Court authorizes such collection.

So this would seem to be a continuation of Bush-era surveillance policies. 

Yes. And it might well be an extension of those policies.

Okay, but ... seriously, how is this not a violation of the Fourth Amendment?

So the Fourth Amendment generally requires that the government obtain a warrant when it's seeking private information about individual citizens. And the warrant, in turn, should be granted based on probable cause. There's a slight exception to that broad approach, though. Many Supreme Court rulings have held that you don't have a reasonable to privacy when it comes, specifically, to information you share with a third party. 

And the courts have now applied that standard to other areas. Which generally makes sense, except for one substantial tension. As David Cole, a Georgetown law professor who focuses on national security and constitutional law, told me: "Basically, everything you do now shares information with a third party." The numbers you dial on the phone, the amount of time you spend on the phone, the location from which you make a phone call -- all of that, because of how our technologies and businesses are structured, is de facto shared with the third party that is your phone company. 

And the rub, as Cole explains it, is that the Fourth Amendment doesn't limit the government's ability to obtain any of that third-party information. Bank records, credit card records, Internet searches: none of that, on its own, has protection under the Constitution.

How is it that a FISA court -- a court established under the auspices of  the "Foreign Intelligence Surveillance Act" -- is authorizing the government to monitor metadata from domestic calls?

This is where things get dicier. FISA, which was adopted in 1978 and has been amended several times since then, permits the U.S. government to obtain records that are related to a target of a foreign intelligence investigation. While "foreign" can be defined fairly broadly, it's notable -- and legally questionable -- that the FISA court order, in this case, includes purely domestic surveillance. 

Furthermore, FISA, as it's been widely understood, has allowed governments to gather third-party information in response to investigations into individuals' actions. It's unclear in this case how that translates, legally, to the kind of collective surveillance the NSA seems to be engaged in.

I keep reading about the PATRIOT Act. How does that fit into all this?

A section of the PATRIOT Act -- section 215, to be precise -- is what's ultimately guiding the legal affordances here, at least as the Administration is interpreting them. (You may know the section as the "library records" provision, named that way because of the breadth of personal information that can be investigated under its auspices.) Section 215, following the terror attacks of September 11, expanded the powers of the Foreign Intelligence Surveillance Court (the court that, in this case, issued the Verizon order). It established a process, through that court, for compelling businesses to turn over records that may be relevant to the gathering of foreign intelligence or the prevention of international terrorism. 

Here's the section language as it currently reads:

The Director of the Federal Bureau of Investigation or a designee of the Director (whose rank shall be no lower than Assistant Special Agent in Charge) may make an application for an order requiring the production of any tangible things (including books, records, papers, documents, and other items) for an investigation to protect against international terrorism or clandestine intelligence activities, provided that such investigation of a United States person is not conducted solely upon the basis of activities protected by the first amendment to the Constitution. ``(2) An investigation conducted under this section shall-- ``(A) be conducted under guidelines approved by the Attorney General under Executive Order 12333 (or a successor order); and ``(B) not be conducted of a United States person solely upon the basis of activities protected by the first amendment to the Constitution of the United States.

`(b) Each application under this section-- ``(1) shall be made to-- ``(A) a judge of the court established by section 103(a); or ``(B) a United States Magistrate Judge under chapter 43 of title 28, United States Code, who is publicly designated by the Chief Justice of the United States to have the power to hear applications and grant orders for the production of tangible things under this section on behalf of a judge of that court; and (2) shall specify that the records concerned are sought for an authorized investigation conducted in accordance with subsection (a)(2) to obtain foreign intelligence information not concerning a United States person or to protect against international terrorism or clandestine intelligence activities.