BU Today

In the World

LAW Prof Weighs US Phone, Internet Surveillance

Moves were legal, cautionary sign of the times

Last Thursday, US intelligence officials confirmed that for six years the National Security Agency (NSA) has been collecting information on foreigners overseas from Google, Facebook, Apple, and other internet companies through a program called PRISM, in what they say is an effort to root out threats to national security.

The revelation of that snooping arrived on the heels of a government acknowledgement of a separate seven-year-long program sponsored by the NSA and the Federal Bureau of Investigation that combed records of all telephone calls handled by Verizon inside the United States. Other companies have not acknowledged whether they have also complied with the government demand. Government officials say both programs operate within the bounds of law, as is spelled out by the Patriot Act of 2001, but that assurance has failed to quell the outrage of many Americans, including Jim Sensenbrenner, the Wisconsin Republican congressman who introduced the legislation. Sensenbrenner calls the seizure of millions of phone records “excessive and un-American.”

BU Today spoke with Tracey Maclin, a School of Law professor and the Joseph Lipsitt Faculty Research Scholar, author of The Supreme Court and the Fourth Amendment’s Exclusionary Rule (Oxford University Press, 2013), about what type of information the programs target, why civil liberties advocates are alarmed, and what this news reveals about President Barack Obama.

BU Today: PRISM and the Verizon surveillance programs are allegedly legal and have been vetted by all three branches of government. But they definitely have an air of Big Brother to them. Is this surveillance legal, and are we naïve to think that our information is private?
Professor Tracey Maclin, Joseph Lipsitt Faculty Research Scholar, Boston University School of Law

Tracey Maclin, a School of Law professor and the Joseph Lipsitt Faculty Research Scholar. Photo courtesy of the School of Law

Maclin: If they have been authorized by the Foreign Intelligence Surveillance Act court, then they’re legal. I also base that opinion on what seems to be not much of an uproar from members of Congress. They seem to think that this is OK in the sense that the administration has been following the statutory rules.

We are a little naïve to think this information is going to remain private. Anything that goes out on the internet, whether it be emails or Facebook or social media, people should assume that that information is going to be in the hands of third parties and could eventually end up in the hands of the government.

Both programs began in the Bush administration, but President Obama has continued to implement them. What is the rationale for keeping these active?

The rationale is about protecting the country, keeping an eye on terrorists, and preventing another terrorist attack. They’re trying to find out who these terrorist suspects are in contact with and trying to preempt terrorist attacks before they occur.

In the Verizon case, congressional representatives and the White House say the program thwarted a significant domestic terrorist attack in recent years. Is it fair to say the Obama administration is more concerned about security than about civil liberties?

Yes. Our definition of a civil right may be different from the administration’s definition. The Obama administration is going to say, ‘Look, we’re gathering up information, monitoring people’s communications’—which to me results in both searches and seizures—‘and doing it with respect to citizens of the United States and lawful residents, but what we’re doing is reasonable.’ Why? ‘Because we’re following the law or we have specific reasons to think that these people are in contact with terrorists and we just want to check it out.’ And so they would say that nobody’s civil rights have been violated here. ‘No Fourth Amendment violations have occurred because what we’ve done is reasonable.’ And a court might eventually agree with them.

Civil liberties advocates say there are other means to protect national security and collect this data without sacrificing citizens’ rights. Can you think of any examples?

One way is that, before you do anything, you’ve got to come up with reasonable suspicion for looking at people’s communications. You have to identify specific individuals and not just do this dragnet metadata gathering.

If these programs are legal, does the government have an obligation to tell citizens about their existence?

When you send an email, it goes to the internet service provider, or if you send out communications through Facebook or other social media, those communications have to go somewhere and then get transmitted to the people you want to send them to. A good argument can be made that you don’t have any constitutional protection with respect to those communications, because that information is no longer private. That’s US constitutional law that many people don’t understand.

What about the corporations whose databases are searched? Do they have an obligation to tell their customers about it?

That depends upon what their contracts with their customers say. That’s a private matter. The Constitution, the Fourth Amendment specifically, doesn’t apply to private individuals or private companies. The Constitution only protects us against government actions. That being said, the government can get a court order to say to the companies, ‘Don’t tell your customers that we’ve done this.’ If it comes from a federal judge, that’s going to trump any contract that may exist between the private parties.

The Verizon program appears to snag only metadata, or logs of calls made and received, and not the calls’ contents. What can this type of information tell the government?

It can tell the government whom you’re calling. That can reveal a lot of information. It can reveal whether you’re calling your doctor, a house of prostitution, a grocery store, a church, or a synagogue. All those things can, quoting a federal court case, provide a mosaic of what you’re doing, particularly if it’s done over a long period of time.

A lot of what the government has been doing with respect to the revelations of the last few days is showing that the information is relevant, not that somebody’s committed a crime or not committed a crime. Well, relevant? That’s not a very high standard.

James Clapper, Director of United States National Intelligence, National Security Agency NSA

James Clapper, the director of national intelligence, has been the Obama administration’s key liaison in describing the PRISM program. Photo by Kit Fox/Medill DC

And with PRISM, what are government officials looking for in these email, Skype, or chat conversations among foreign nationals?

They’re looking for connections with people who they suspect may be plotting or have interests in harming US interests, whether here in the country or outside. We’ve had attacks on foreign embassies, on US citizens abroad, soldiers, members of the armed services. What this is about is trying to piece together the dots.

Obama was a constitutional law professor and promised in his 2008 campaign to be the polar opposite of President George W. Bush when it came to surveillance and tackling terrorism. Are we seeing a conflicted president or someone who was transformed by his position?

In fairness to Obama, at least the initial parts of the surveillance conducted by the Bush administration were not done under any court order. The NSA was doing it on its own. The Obama administration can say, ‘Well, we went out and got court orders. We are complying with the law.’ Now, eventually they struck a deal with the FISA court to get that court to issue orders that would cover a lot more of the materials and communications that we’re talking about.

Clearly the Obama administration has seen that the world is a dangerous place and we have to do these sorts of things to protect us. But is it legal or not? Many people, in my view correctly, saw what the Bush administration initially was doing as illegal, whereas the Obama administration can make a good case to say that what they’re doing is lawful.

Is there anything Verizon customers or people using services like Google or Facebook can do to prevent their information from being swept?

Don’t use the phone. Don’t use social media. Don’t email people.

No, of course not. That’s the world we live in.

10 Comments
Leslie Friday, BU Today, Boston University
Leslie Friday

Leslie Friday can be reached at lfriday@bu.edu; follow her on Twitter at @lesliefriday.

10 Comments on LAW Prof Weighs US Phone, Internet Surveillance

  • Anonymous Coward on 06.10.2013 at 9:50 am

    Professor Maclin’s answers in this interview concern me a great deal. If law professors have become so “friendly” to the eroding of constitutional protections then how can we hope the average citizen has any backbone left to stand up for the civil protections we long enjoyed in this country?

    I suspect people will be complacent about this, especially supporters of the current administration…but imagine what it will be like when future Presidents have this authority and deep penetration into our lives. Would we have so happily handed this power over to Nixon?

    Just because a secret court (FISA) has ruled (in secret orders) that the Patriot Act to gives the government the legal authority to perform this sort of widespread surveillance of everyone does not make it constitutional. And just because this spying has supposedly been deemed legal does not make it right, proper or justified.

    Is this really the world we wish to live in? Have we become so scared that we will surrender our rights to privacy at the door to buy a bit of (perceived) security?

    I’d like to also point out in regards to the metadata being captured… while existing rulings *may* make it legal to capture the data about who you call and the duration of the call, the capture of the location data could very likely still be found to be unconstitutional. With that location data for every phone call you can be tracked with not just who you are calling but where you were. Is that just the price we now pay? Would the public fight having gps tracking devices forced on us, but gladly accept the same device if it comes in a shiny gadget?

    In any case this will be forgotten in a couple days as the public is distracted with the latest bit of domestic violence, sexual scandal, celebrity gossip or new gadget released by Apple.

    *Shhhh* nothing to see here, move along…

  • Sky on 06.10.2013 at 10:09 am

    The real question many people have about this situation is not on whether or not it is legal, but whether or not it is right. I would love to hear from a few experts on the ethical side of this as most of the buzz I’ve heard has come from somewhat uninformed conspiracy seekers(of whom I am one)who point at George Orwell spinning in his grave.
    I don’t know anyone who seemed surprised to hear this news, the general reaction was something like…”well no s—, of course the government is doing things they’re not telling us about”. How does the the public respond to this situation?

  • Concerned Citizen on 06.10.2013 at 10:54 am

    I’m sorry, but the assertion that people may not have a reasonable expectation of privacy for the content of email communications, because it is transmitted using third party servers, makes no sense. By that logic, private first class letters delivered by USPS (a third party) would also be subject to indescriminate searches. However, this is not the case.

    In fact, the decision in United States v. Maxwell explicitly compares e-mail to postal mail and suggests that the same protections should apply (routing information public but message content private) to a message in transmission.

    See http://itlaw.wikia.com/wiki/Reasonable_expectation_of_privacy

    Also, end to end encryption is one way to protect one’s privacy. The author’s suggestion that there is no technical way to prevent unwanted eavesdropping is misinformed.

    I’m glad that law professors at other reputable Boston universities (i.e. the Berkman Center) are making a sincere effort to keep people informed about online privacy issues rather than only making apologies for government conduct that is both morally and legally dubious.

    In fact, Mother Jones is reporting that a FISA court, in at least one instance, ruled that some activity by the administration was unconstitutional. The administration is fighting the EFF’s FOIA request for the ruling.

    See http://m.motherjones.com/politics/2013/06/justice-department-electronic-frontier-foundation-fisa-court-opinion

    How about adding some balance to this piece?

    • Mike from Boston on 06.10.2013 at 1:38 pm

      Concerned Citizen, your first example actually reinforces the professor’s argument, who never refers to the content of email.

      Both the question he was asked, and his response, reference the metadata of a message — not the contents. You correctly point out the Maxwell decision, but you miss this point, quoted directly from your link: “Computer users lack a legitimate expectation of privacy in information regarding the to/from addresses for e-mails, the IP addresses of websites visited, the total traffic volume of the user, and other addressing and routing information conveyed for the purpose of transmitting Internet communications to or from a user. E-mail addresses and IP addresses provide addressing and routing information to an Internet service provider (ISP) in the same manner as a telephone number provides switching information to a telephone company. Just as a telephone user has no objectively reasonable expectation of privacy in telephone numbers voluntarily turned over to the phone company to enable switching of a phone call, an Internet user has no such expectation of privacy in routing information submitted to an ISP in order to deliver an Internet communication. That routing information also is akin to the addressing information written on the outside of a first-class letter, which also is not constitutionally protected.”

      Nothing in Snowden’s “big reveal” indicated that the NSA was going beyond this, and when it did, it either received approval from the FISA court or, in the case referred to in the Mother Jones article, there was at least one seizures of info deemed unconstitutional. If anything, that’s a sign that the process is working.

      • Concerned Citizen on 06.10.2013 at 5:20 pm

        Mike from Boston:

        You are correct, with respect to equating certain metadata with the address information of a first class letter. But, the professor went further with his comment that:

        “Anything that goes out on the internet, whether it be emails or Facebook or social media, people should assume that that information is going to be in the hands of third parties and could eventually end up in the hands of the government.”

        He continued:

        “When you send an email, it goes to the internet service provider, or if you send out communications through Facebook or other social media, those communications have to go somewhere and then get transmitted to the people you want to send them to. A good argument can be made that you don’t have **ANY** (emphasis mine) constitutional protection with respect to those communications, because that information is no longer private. That’s US constitutional law that many people don’t understand.”

        He is, thereby, suggesting that it is a “good” argument that there should be absolutely no expectation of privacy for any Internet communications, because they may be conveyed by a third party. I suspect we both agree that this is clearly problematic from both a legal and moral perspective. Furthermore, he does not present the counterargument, which the Maxwell decision accepts, that such communications are entitled to a level of 4th Amendment protections analogous to those offered to offline communications.

        I do not believe “the process is working” when secret DOJ interpretations of the law may allow the administration to go further than the law may have been intended to allow. The professor alludes to some the abuses of the Bush administration, but it is worth mentioning that a similar process (secret DOJ legal interpretations not subject to disclosure) gave cover to some of the worst of those abuses (enhanced interrogation/torture, for example).

        See a good argument against secret legal interpretations at http://www.bloomberg.com/news/2013-06-06/the-secret-law-behind-nsa-s-verizon-snooping.html .

        You are right when you say that nothing that was released suggests that any specific, intentional, abuse was taking place. But, in my opinion, the right question to be asking is whether there are enough safeguards (both legal and technical) in place to protect us against a future administration that is inclined to push the envelope even further.

        I appreciate your position and think it is important for us, as a country, to be having this debate. After 9/11, we saw a massive expansion of executive powers under Bush that has not been fully rolled back and, in some cases, has been expanded. Are we, as a country, willing to continue to trade our privacy (and/or other freedoms) for some measure of increased security? I, for one, certainly hope not!

        • Concerned citizen 2.0 on 06.10.2013 at 9:04 pm

          I’d like to add something here.

          If what they are doing is legal and moral and amounts to no more intrusive then reading the “front of the envelope” as it were, then why are these programs classified?

          In a world where this kind of “non invasive surveillance” is public, and widely accepted as moral, then I could see a reason to keep the names of people whose data is requested out of it.

          But they didn’t make this public knowledge, did they? I wonder why..

  • Mike Z. on 06.10.2013 at 3:32 pm

    Surveillance policy of Bush 42 “puts forward a false choice between the liberties we cherish & the security we provide.” – B. Obama 2007

  • Justicia on 06.11.2013 at 11:02 am

    I fail to see how doing my on line banking or transmitting an e-mail to a friend or colleague through a 3rd party is any different from sending a letter via the US Postal Service or FedEx?

    I agree that Facebook and Twitter are “public spaces” and posts on those sites would not come with an expectation of privacy. But my electronic mail should be no different, in terms of privacy rights, than my snail mail.

  • BU Law Alum on 06.20.2013 at 11:56 am

    A liberal law professor defending a liberal President’s policies. I wonder how quickly Prof. Maclin’s tune would change if a conservative President were doing the exact same thing.

  • Internet Surveillance on 08.06.2013 at 10:23 am

    ѕоmеbоdу еlѕе ѕаid it…………… a monitored society iѕ nоt a free society ….. I hаvе gladly served аnd mаnу оthеrѕ hаvе givеn thеir life fоr freedom. Nоt freedom fоr a government tо analyze disent but freedom tо discent. Freedom tо move аnd асt within thе law withоut thе constant threat оf charges construed frоm documents unobtainable bесаuѕе thеу аrе “classified”. I аm trulу disappointed in thе leadership оf thе country but proud оf mу local congressman whо voted tо protect mу privacy. I аm a American fоr Constirutional Liberty. Hоw аbоut you?

Post Your Comment

(never shown)