Late Wednesday night, the website of the British broadsheet The Guardian broke the news that the National Security Agency (NSA) has been monitoring the phone activity of millions of Verizon cell-phone customers. Under a warrant approved by a Foreign Intelligence Surveillance Act (FISA) court, Verizon was required to provide “metadata” for all foreign-to-domestic and, critically, domestic-to-domestic calls for a three-month period starting on April 25. This metadata does not include the substance of any message or the personal information of the caller, but it does include numbers dialed, length and duration of calls, routing information, and International Mobile Subscriber Identity numbers (unique 15-digit identifiers assigned to each mobile device). The court order also expressly prohibited Verizon from publicly acknowledging the warrant.
Is the NSA’s program an unnecessary infringement of liberty? Many, including NRO regulars John Yoo and Andy McCarthy, argue that too much is being made of the story. McCarthy points out that the collection of telephone records (the “metadata” in question) is quite different from the monitoring of telephone calls for their content, and that the former is not covered under the Fourth Amendment. He writes:
Unlike the content of your communications, you have no expectation of privacy in your telephone activity records. If you think about it for a second, you know you don’t. If there were a mistake on your phone bill — for example, if you were charged for a long-distance call you didn’t make — you would expect to be able to call your phone company and have the problem addressed. That is because you understand that, when you make a call, that information is not secret: Your phone company keeps records of whom you called and how long the call lasted. A phone record is, by nature, a record of information shared with third parties. It is not like personal papers and other personal items you keep in your home — items the government may not search without a judicial warrant (except in certain circumstances not relevant to this discussion).
I will of course defer to the former federal prosecutor on the matter, but it seems to me two things make the NSA program different from the ordinary collection of phone records by law enforcement for a specific criminal investigation.
First, the sheer scale of the NSA program. As Benjamin Wittes notes at the Lawfare blog, federal law requires the government to submit “a statement of facts showing that there are reasonable grounds to believe that the tangible things sought” by such a warrant “are relevant to an authorized investigation.” When the NSA story first broke, some speculated that the late-April timing of the order suggested it had to do with the investigation into the Boston bombings. But congressional sources have since made statements suggesting the leaked Verizon order is just the most recent in an unbroken chain of such orders that stretches back at least as far as 2006 or 2007, and that presumably is not just limited to one phone carrier.
As Wittes asks, what conceivable “statement of facts” could have produced such an open-ended series of orders? To what “authorized investigation” are seven years of exhaustive and uninterrupted phone records relevant? Some say the NSA is “mining” the data for suspicious patterns using complex proprietary algorithms, and that for such a process to be effective, the data have to be complete. But as Wittes concludes (indirectly touching on Andy’s point that “it would actually be easier for the government to get the information it is collecting by a grand jury subpoena than under the Patriot Act”), “The trouble is that if that constitutes relevance for purposes of [FISA] — or for purposes of grand jury subpoena, for that matter — then isn’t all data relevant to all investigations?”
George Washington University law professor Orin Kerr raises another question about the “relevance” of phone records on such an immense scale:
When dealing with a physical object, we naturally treat relevance on an object-by-object basis. Sets of records are different. If Verizon has a database containing records of billions of phone calls made by millions of customers, is that database a single thing, millions of things, or billions of things? Is relevance measured by each record, each customer, or the relevance of the entire database as a whole? If the entire massive database has a single record that is relevant, does that make the entire database relevant, too? The statute doesn’t directly answer that, it seems to me. But certainly it’s surprising — and troubling — if the . . . relevance standard is being interpreted at the database-by-database level.
Second, unlike the ordinary collection of phone records for law-enforcement purposes, the metadata the government is collecting from Verizon can easily be used to track the movements of users; it includes information on the cell-phone towers calls are routed through. In at least one recent case, United States v. Jones, the Supreme Court ruled that high-tech tracking — in that case by a GPS device placed on a suspected drug kingpin’s car — constitutes a “search” and is covered by the Fourth Amendment. The facts of the cases are different, as are the technologies involved, but in Jones, a concurring minority found that the continuous monitoring of an individual’s whereabouts for a month violated a “reasonable expectation of privacy” even if it did not constitute the kind of physical “trespass” usually associated with Fourth Amendment violations. In making his case, Andy cites a decision from 1979, Smith v. Maryland, finding that the installation of a “pen register,” which merely tracked numbers dialed, did not constitute an illegal search. But given how much more can be done with metadata in 2013, it’s not implausible to think that the minority opinion in Jones could end up being the more relevant standard. At the very least, since the majority in Jones remained silent on whether monitoring by itself constitutes a search, the question remains open.
I must also disagree with Andy’s conclusion, in which he argues that the right way to prevent the abuse of such extraordinary surveillance powers is to encourage “exacting congressional oversight” and to elect leaders who will not abuse them:
Because there is great potential for abuse — for spying on ordinary Americans or, more likely, political opponents of the administration — there must be very exacting congressional oversight.
This is why it’s so critical to have a trustworthy president and administration — including an attorney general Congress can trust to provide truthful, accurate, and complete information. It is not unreasonable to conclude that the Obama administration — with its serial lawlessness, authoritarian abuses of power to harass dissenters, and pattern of misleading and stonewalling Congress — has so grossly violated the public trust that it is unfit to exercise the executive’s awesome investigative authorities. It must also be observed, though, that those authorities exist because they are necessary to our security.
The problem here is not government power. It is the government officials we’ve elected to wield it.
I don’t share Andy’s confidence that “exacting congressional oversight” can stop the abuse of the executive powers granted by the PATRIOT Act. As many have already pointed out, it was Congress that retroactively immunized warrantless NSA wiretaps in the past, Congress that actively allowed the executive to keep secret its interpretation of its own powers under the PATRIOT Act, and Congress that kept the present NSA program under wraps. Members of Congress now claim the program is no big deal. Some of this happened under a government divided between the two parties; imagine what is possible given persistent control of Congress and the White House by the same party.
Nor do I think the solution to a problem like the NSA is to elect better leaders. I admit to indulging in a bit of partisan schadenfreude seeing President Obama embrace every bit of the national-security state Senator Obama condemned President Bush for presiding over. And I rejoice in the frowny-faces of the idealistic young Obama supporters who have watched their man’s descent from Harvey Dent into Two-Face, if only because, as Poor Richard said, “Experience keeps a dear school, but fools will learn in no other.” But the reason I take such joy in their cruel lesson is that safeguarding our constitutionally protected liberties means understanding that bad political leaders are inevitable — that all elected leaders are capable of abusing their power, and that institutional checks and the rule of law, not electing “good guys,” are the best bets for preventing such abuses.
— Daniel Foster is NRO’s news editor.