Just a reminder about FISA's historical performance:
> Between 2001 and 2012, the FISA judges approved 20,909 surveillance and property search warrants - an average of 33 a week. During that 12-year period, the judges denied just 10 applications. Prosecutors withdrew another 26 applications.
> From 2007 to 2012, FISA judges also approved 532 "business record" warrant applications, the category used in the order that directed Verizon to release metadata on all phone calls inside the United States. No business record warrants were rejected.
and, on the judges perception of themselves:
> Walton, the senior judge on FISA, declined to be interviewed. In a statement, he said: "The perception that the court is a rubber stamp is absolutely false. There is a rigorous review process of applications submitted by the executive branch, spearheaded initially by five judicial branch lawyers who are national security experts, and then by the judges, to ensure that the court's authorizations comport with what the applicable statutes authorize."
I can tell you from first hand experience that getting a warrant TO the FISA court from a sponsoring agency is a massive bureaucratic battle in and of itself.
Reason being, the agency powers that be don't want to send something up that will be disapproved because it takes significant time and effort of general counsel and leadership of these agencies to process, implement and track to maintain compliance - even if the warrant is reasonably broad.
So these numbers really don't mean anything in terms of just "blanket surveillance." The bar for even getting something to the court, in my experience, is incredibly high and you typically need very high ranking people to sign off on it. Which means your evidence, reason for doing and ensuring that it is within the boundaries of EO 12333 and a million other regulations, has to be pretty airtight.
Imagine a system that works as follows. You can have people assassinated. In order to do so, however, you need to fill in a hundred-page form with exhaustive details of your personal finances, your medical history, and the contents of your computers' hard drives; and then you need to play six sets of tennis against a strong player and win at least two; and then you need to play a 7-game chess match against a holder of FIDE's International Master title, and win at least two. Oh, and then there's a fee of $100k. Once you've done this, your application takes six months to be processed. Every week during this time, you get a callback and are asked intrusive personal questions about your sex life, your religion, and how you have voted in past elections. And then, at the end of the six months, the person named on the form gets assassinated by government agents.
Can we agree that (1) this would be a "massive bureaucratic battle", and (2) the bar would be "incredibly high" ... but (3) this shouldn't reassure us much, because jumping through the bureaucratic hoops and meeting those difficult criteria doesn't actually constitute good reason for having your target assassinated?
Your comments about the FISA court seem a little like this. Let's stipulate that getting approval is a tiresome process, and that there are difficult criteria to meet. That doesn't in any way guarantee that it only happens in cases where it's actually a good idea.
That's a terribly analogy. The bureacracy isn't there as just a speedbump. It's there to make sure you don't waste time on cases doomed to fail. Secondly, surveillance is an essential tool in fighting crime. Assassinations are not.
> "Secondly, surveillance is an essential tool in fighting crime."
This is a very dubious assertion. I'm not aware of any evidence that mass surveillance deters or prevents crime at all, much less is "an essential tool" for doing so.
But even if one, for the sake of argument, concedes the point that mass surveillance does significantly deter or prevent crime, you still have a system set up where the costs of that surveillance (loss of privacy, loss of accountability for abuses of power, introducing/secretly discovering backdoors, etc) are borne by the least powerful--ordinary citizens--while the benefits of mass surveillance (concentration of power, ability to bribe/extort/intimidate rivals, being seen as "doing something" about terrorism, etc) accrue only to those who are already powerful.
That is the real problem with mass surveillance. It creates a positive feedback loop that only exacerbates existing power imbalances, inevitably leading to corruption and capricious injustices by those who are most able to get away with it. Having a speedbump on the road to that inevitable destination, even a big one, is not much of a consolation if the heading is still the same.
Exactly that, as long as you have those who have access and those that don't you have something to be exploited. There you move towards a great divided in power, towards total lack of privacy or you don't gather the data. I think the later is actually the least likely. There are a lot of really powerful things you can do with good data, that seems worthwhile. The issue is then exploitation of that knowledge. For sure advantage will be had by someone, question is extent of imbalance and lack of privacy.
> I'm not aware of any evidence that mass surveillance deters or prevents crime at all, much less is "an essential tool" for doing so.
Oh, you think you are sneaky. This is so carefully worded. You explicitly twist the words of the GP, where they use "fighting crime" you turn that to meaning "deters of prevents crime." They mention "surveillance", and you turn that into "mass surveillance."
That's like me saying "I don't see how fingerprint analysis helps to deter or prevent crimes." Oh sure, it helps capture people after the fact, but I don't think there has ever been evidence show that fingerprint analysis has actually deterred or prevented crime.
So, while you can stand their, smug with your "technically correct" remark, the reality is "surveillance is an essential tool in fighting crime" has been proven to be correct time and time again, and has been instrumental in handing convictions for a long, long time.
However, you also don't provide much proof that "surveillance is an essential tool in fighting crime". Its efficiency to deter/prevent crime, or even to help catch offenders a posteriori, is also highly debatable (I guess it's more likely to be helpful for the latter, but that still makes the definition of "fighting crime" rather vague as well).
In the case of digital surveillance, I'd be extremely cautious about its actual efficiency. And that something is legal and efficient doesn't necessarily warrant that its ethical and should be used.
There is another way in which the analogy is flawed. The analogy states that after the six months, when the forms have been reviewed or approved, the target dies.
If this is to be analogous to bulk surveillance, the assassination agency would have to discover that the target had actually died in an accident eight months ago, just before the forms were submitted, and they would simply retroactively dismiss any wrongful death or homicide cases that may be ongoing.
The panopticon operators are asking forgiveness rather than permission, and only for those specific instances where the surveillance needs to be laundered from illegally gathered to warrant-authorized.
As such, I have no faith that the spying has ever stopped, or slowed, or even decreased its rate of growth. The steep bureaucratic hurdle does nothing to prevent it. The most it does is limit the amount of information that can be moved from the shadows into the sunshine via that method, and strongly encourages less costly alternatives to actually honoring the law. One such workaround is "parallel construction", where the illegal spying is converted into an anonymous tip to another "innocent" agency of the state, who then gets reasonable suspicion on a pretext charge--like failure to signal a lane change, plus the invocation of the magical ritual phrase "I smell marijuana"--and then the road-patrol cop somehow finds 20 kilograms of cocaine in the trunk.
Fixing or eliminating the FISA court won't stop the behavior. Only actual accountability for the people actually doing the dirty deeds will help.
The mission of FISA is explicitly not for fighting crime! It is for foreign intelligence collection only. It's also ill-suited for the purpose.
State and federal law enforcement can request a warrant. The turnaround time is far lower, the search methods more diverse, and the evidence gathered can be used in court.
So let me get this straight, to prevent agents from wasting time on cases that are doomed to fail, they make sure that agents waste large amounts of time going through bureaucracy for legitimate cases that will probably win?
That's a straw man argument. Andrew said that the reason the court doesn't decline a lot of requests warrants is because the cases that are not "airtight" never make it to the court. I think this is a fair response to the original comment analyzing the court's "historical performance" as being too lax.
Good question. I don't know if we should, although I've heard similar things said about requests to non-FISA judges, as well. It makes sense to me that if investigators' careers involve learning to cross their t's and dot their i's before they go to a judge requesting an intercept, and they spend years doing it, they get good at it.
Separately from belief, which is somewhat subjective (i.e. it involves more inputs than is practical to list in a discussion), it's important to realize that on a logical level, there are at least two interpretations to a 99% acceptance rate: (1) the bar is really low and (2) there are pre-filters. The certainty with which I often hear (1) being declared or implied seems to miss this point.
You make good points to ponder. In this sort of situation I find that looking at the outcome or the end result provides more information towards the intent or competency of the subject questioned. In my opinion the only real reason for a FISA court existence is to prevent civil laws from being broken.
Has the FISA court overstepped the constitution in favor of securing our liberty? Has the FISA court been successful in securing privacy for those they serve?
I don't believe you, sorry. You may be telling the truth but there are so many lies we've been told that I just don't.
Sorry, that's how it is and I'm sure a very large number of people would agree with that.
The FISA court /is/ a rubber stamp, how do we know? Ed Snowden told us about all the incredible amounts of overreach that the FISA court approved in secret.
We're at far more risk from public servants with delusions of grandeur and infallibility going unchecked than lunatics with bombs. Lunatics with bombs cannot destroy democracy & freedom.
“The Constitution is not an instrument for the government to restrain the people, it is an instrument for the people to restrain the government - lest it come to dominate our lives and interests.”
― Patrick Henry
We're at far more risk from public servants with delusions of grandeur and infallibility going unchecked than lunatics with bombs. Lunatics with bombs cannot destroy democracy & freedom
Definitely in agreement there. Look at history, it's always been the case.
The problem isn't whether passing FISA is difficult or not. The problem is what does pass FISA.
That something is not illegal does not mean it shouldn't be illegal. The FISA process legitimises a kind of mass surveillance that shouldn't be legal to begin with.
This is why people call it a rubber stamp process. Even if they're only approving valid requests, the put problem is what is being considered valid.
This is exactly the case. The reason there are almost no denials is that there would have been a great amount of due diligence performed to ensure that FISA collection was warranted. The fact that there are any denials after such analytic rigor takes place, suggests that the FISA court is not a rubber stamp.
Every single year people who are read onto FISA must complete a comprehensive course on how to deal with FISA data, and it's not taken lightly. People lose their job over mishandling of this type of data, for reasons such as: poor query construction, failure to timely delete accidental collection on US Persons, or collecting without prior justification.
> failure to timely delete accidental collection on US Persons
You mean that rule which previously said you had to delete accidental collected information regarding US persons after 6 months? That rule was changed a year ago to 5 years, and in 4 years there won't be any systems left that can delete information and the 5 years will be extended again and again, in the same way as copyright.
It's believable that FISA approval is hard to get, but it's not reassuring. What gets through FISA and what people want the government to do don't match well at all. We've already seen leaked examples of what gets through FISA, and a lot of them are sweeping, invasive, and don't respect the US persons standard in the ways most people would like.
Basically, there's no way to claim the system works when we can watch it produce bad results.
The issue seems to be what is considered warranted/justified. Legal vs Moral
If the rules/procedures/expectations are well defined, one will attain a great rate of success simply by virtue of having a system which can be predicted ( failing candidates early, prior to submission ). This doesn't mean that the system is a rubber stamp, simply that it is reasonably consistent and that the expectations are clear.
This view of rigor/justice contradicts perhaps a common sense understanding which could be rephrased perhaps along the lines of 'should this be warranted/justified?'
It is frustrating perhaps as a result of this mismatch.
The problem with your argument is that nobody can legally validate it's central premise, because nobody is allowed to review applications to the FISC.
Unless you have some sort of inside track, I must ask you how you know that applications are thorough and well constructed? Because the only way to be sure is to allow for public scrutiny, but the whole point of the FISC is to avoid this.
This reeks of the typical police brutality / killing internal affairs investigation: we investigated ourselves and found that we did nothing wrong. Trust us.
The NSA has re-interpreted the meaning of the word "relevant" (for investigation) in order to collect millions of people's data at once. How can the FISA judges ever approve that?
Also, you're forgetting that a federal Court has just said that the Patriot Act NEVER allowed for bulk collection. Yet the FISA Court allowed it. Why?! But that's what you get with a secret spy Court that has no accountability.
>The fact that there are any denials after such analytic rigor takes place, suggests that the FISA court is not a rubber stamp.
The fact that there are any indictments after such extensive training takes place suggests that Internal Investigations is not dismissing warranted claims of illegal police behavior.
I've been thinking about this for a while. This is a very compelling argument.
You must have left on horrible terms though, the FISA court has just approved tracking your personal calls. I realize it's not personal, heck, they did the same to me. Nonetheless, there is a warrant to track your personal data. I'm not sure how reliable you could be. Why would they collect your data if you aren't under investigation?
Anyway, this is a stupid ranty argument appealing to emotion rather than logic. Bulk collection seems wrong in a way i have a hard time articulating.
Honestly, this isn't meaningful reassurance. I'll grant that the FISA approval rate is a bad number to look at - most approval systems eventually get into a pattern where people only submit things that will get approved.
On the other hand, saying that it's hard to get something to the court means basically nothing unless we trust that the bureaucracy and the court share our standards for "good requests". Having seen what things the FISA court has approved in the past, we can say that the system doesn't work simply because it already hasn't worked.
If this is true, it doesn't help at all. Getting a patent approved by the USPTO takes literally years (plural plus). Yet look at all the terrible patents and how the patent system has essentially become the opposite of encouraging innovation.
Government agencies will use FISA because it's there and they know it will get them what they want regardless of whether it makes sense to do it or not, leaked documents have shown.
So, it's OK that the court is effectively a rubber-stamp, because we can trust that the agencies requesting warrants won't ask for things they don't think are reasonable?
I believe you misunderstood him. He seems to be saying that almost no invalid requests were submitted, because there was a rigorous review before submission. The court might not be a rubber-stamp, but the agencies happened to only send reasonable requests, so they got approved.
Damn near everything they sent to be approved was in line with how FISA rules on such things.
We've got two arguments
- Did FISA properly check submissions were appropriate for their rules/laws.
- Are FISA rules/laws appropriate for USA #1
I think we can all agree the first might be true (and thus they are not rubber stamping), whilst simultaneously mostly agreeing the second is definitely doubtful
This is a great summary of the problem, and of why we're talking at cross purposes. Defending the accuracy of the FISA decisions only defends points one, while almost everyone attacking the court is talking about point two.
Whoever mentions the numbers on how few applications were rejected as an argument seemingly can't be talking about point two. And that was what prompted this particular discussion, so I don't think you can claim the people involved are talking about point two.
Not sure if you read the OP, but it made it clear the conflicting ruling was from the Second Circuit, not the Supreme Court. Also, the Second Circuit ruling was based on Congress not being clear on what was allowed; now that Congress passed another law that extends bulk collection for 6 months, that argument no longer applies.
I'm not saying anything about how much trust you should put in the system, rather that the review process is significantly more in depth than what these statistics can show.
Maybe so, but what evidence does the public have of that claim? We get only the tiniest peeks at this process, and they look terrible, and then we're told "it's not so bad, you don't have enough information to know."
Which is exactly what people have complained about.
Ok, let's assume anecdotally that this is true. This is your experience.
How would this be any different from the bar that a prosecutor has for bringing a criminal trial to court? Lost time, lost reputation, chance of losing the election. Every time a prosecutor decides to go all in, they're taking what could be a huge risk -- if not in that particular case then in the aggregate.
Yet we see much different numbers from courts when an open adversarial system is used.
So a reasonable outside observer is left to conclude that either the federal government is full of incredibly competent legal minds, for whom the slightest mistake would be anathema -- or it's a rigged game. Doesn't matter what they bring.
I understand I'm making a bit of a false dichotomy for rhetorical effect, but my argument is still sound. One of these options is much more likely than the other one.
That's not a fair comparison, because the FISA court isn't proving guilt, it's requesting a warrant by attempting to prove reasonable suspicion. It would be a fair comparison if you compared them to the percentage-granted for regular search-warrants, and what I can find online seems to indicate that it's fairly high for those as well, again because they're not proving guilt.
I stop you right at the term 'court'. The doors are locked and all proceedings are done in secret with no counterparty. I say this 'court' doesn't conform to its definition of a "place where justice is administered". Maybe "court theatre" or "cargo cult court" might be a more accurate term ?
If the evidence bar is so high, why exactly have there never been any arrests made using the data? That is an awful lot of people affected negatively for a zero benefit program. You would think a massive bureaucratic battle to only submit valid warrants would result in at least one arrest.
>why exactly have there never been any arrests made using the data?
To clarify the statements in press have been that no terrorists have been arrested based on the data. That is not the same as never having arrests.
There have been plenty of domestic arrests but they don't typically fall under the "terrorism" scope because of the nature of the act. Espionage etc... can be proven with this data and actions can be taken (like arrests) more quickly and easily than determining if someone is going to attack something a la terrorism.
A gripe I have with the community at large is that the messaging focuses too much on terrorism and not enough on the other functions that are seeing successes everyday (counterintelligence etc...).
They have been hiding the activities of FISA by using parallel construction as the basis for arrests: 1) Get dirt on someone illegaly. 2) Find a legal avenue to discover that same information now that you know it's there. That protects their collection methods when defendants try to find out how they were nabbed. The FISA warrant never has to be disclosed if no one outside the community knows it exists. Consequently they are never "officially" used for an arrest.
So the justification of the warrants is to use a "national security" cover for spying on people while evading discovery for when we don't actually use it for national security? That sounds pretty impeachable to me.
The problem with an explanation like that is three-fold:
1. It applies to agencies you know and more specifically parts of those agencies you have experience with. Many federal agencies have demonstrated that the left hand and the right hand don't always talk.
2. Other agencies are free to apply different policies (cough NSA cough DEA cough) that aren't in line with say, the FBI's policies.
3. This does not change the fact that the FISA court acts as a rubber stamp, the bulk majority of what it rubber-stamps might have met the requirement of EO 12333, some of ought might also have been legal under the constitution and existing laws or maybe the judges are so blasé that they just assume that most of what they see must be OK, it got there after all.
Well, it's also very high. Obviously, because these are highly trained, hard working, excessively competent, law enforcement agents who wouldn't suspect a person if he weren't doing something wrong. Who's got the time for that what with them being chronically under-funded, under-trained, and under-staffed. /s
Those numbers don't mean much without the ability to compare them to the acceptance rate of warrants in other criminal courts.
I haven't found a single statistic on that seems that no one actually is keeping or publishing it, but every article I've read seems to point that denying warrants is very rare in all jurisdictions.
> Every few months, the FISA judges set aside their regular, public cases, travel to Washington, and take the bench inside a secure, windowless courtroom at 333 Constitution Avenue.
Oh, so what actually happens is that every few months the judges get together and do a "rigorous review process of applications" of hundreds of applications?
And we're expected to believe that the three letter agencies just sit around, twiddling their thumbs, patiently waiting all those months for FISA approval before commencing surveillance on their targets?
Sounds a lot like a grand jury stuffed with hand-picked jurors. We know how that sort of thing usually turns out.
>"During a single four-hour workday last week, a Mecklenburg County grand jury heard 276 cases and handed down 276 indictments.
That means the 18 jurors heard evidence, asked questions, weighed whether the charges merit a trial, then voted on the indictments – all at the average rate of one case every 52 seconds…".
A pair of judges every six months with 800 applications to review? Or a pair of judges every month with 150 applications to review? In what time period? Do they spend an hour? A whole day? A whole week? All we have to go on is one vague article.
...and that article suggests that (if we accept they rotate duty and meet monthly say) they spend, on average, (8 hours / 133 * 60 minutes) ~3.5 minutes carefully evaluating each application. If not, it's ~30 seconds per application.
So are the numbers wrong? Or is the bold assertion that they 'carefully review each application' completely farcical?
30 seconds to rubber stamp an application sounds about right to me.
The point remains; there is no 'fulltime' FISA court.
Periodically the presiding judges get together and process a bulk of applications all at once.
> A pair of judges ... Do they spend an hour? A whole day? A whole week? All we have to go on is one vague article.
The FISC has its own website which happens to answer your question right on the "About" page[1]:
The Court sits in Washington D.C., and is composed of eleven federal district court judges who are designated by the Chief Justice of the United States. Each judge serves for a maximum of seven years and their terms are staggered to ensure continuity on the Court. By statute, the judges must be drawn from at least seven of the United States judicial circuits, and three of the judges must reside within 20 miles of the District of Columbia. Judges typically sit for one week at a time, on a rotating basis.
> ...and that article suggests that (if we accept they rotate duty and meet monthly say) they spend, on average, (8 hours / 133 * 60 minutes) ~3.5 minutes carefully evaluating each application. If not, it's ~30 seconds per application.
No, the article says 33 per week. The judges aren't meeting together every few months; the sitting judge is replaced by the next every week or so. Assuming an 8 hour work day and 33 warrants per week, that (8 * 5) / 33 = 1.2 hours per warrant on average.
All the real work is being done by clerks and staff attorneys. The judges just show up to read the briefs and sign the orders. I doubt the judges themselves are spending much more than 15 minutes on each warrant. The court staff are likely spending 4-12 man-hours on each warrant, mostly filling in the blanks on forms and boilerplate.
And their jobs are not really to weigh the merits, but to cover the judge's ass, just in case something really egregious comes back that points at their bench.
As they preside over a secret court that determines whether the low standard of reasonable suspicion has been passed, the judges barely need to spend any time at all actually judging anything. The worst that can happen is that the trial judge might exclude the evidence collected on their warrant, and that's about as damaging to their careers as an ingrown hair.
I'm not sure you could find a cushier job if you designed one from scratch.
Also the FISA court has been called an "almost parallel supreme court" by the New York Times, and given that it only hears one side of a case, makes this all the more troubling.
On the other hand, we do have expiry (by default) of the secrecy surrounding regular warrants when they're executed, plus the ability to challenge them at trial and in appellate proceedings, with the result that there's an enormous amount of regular case law about them, even though all of them were originally issued ex parte.
So that is very different.
The main exception that we know about in the regular criminal justice system has been cell site simulators and cell site location information, where the government tried super-hard to prevent people from knowing that this information was being collected or challenging its collection or use.
So how does the FISA court determine that "3-hop" people (millions) are "suspicious, then?
The standard for an NSA "general warrant" is FAR, and I mean FAR weaker than for a regular warrant. Literally orders of magnitudes weaker, to the point you could barely consider it a "standard". Especially when the FISA court approves for for 3 months at once (and now for 6).
What kind of "warrant" is that? Does that sound reasonable to you?
I hate to break it to you, but organizations and agencies are basically using humans to further their own desires, such as to continue existing and expand their powers. You can see this in organizations ranging from companies to government agencies. And Big Data is like crack cocaine to them. Do you really think you can cut off their access to something so eminently collectable? Do you think if it technology has enabled it, then organizations won't find a way to use it? If the USA spy agencies don't do it, the Chinese and Russians will. The details of some domestic law doesn't matter, they'll just find ways around it. At the end of the day, the organizations need the data. Humans can only fight organizations with other organizations... humans that try to get in the way on their own are eliminated and replaced.
Well in that case they've never had it with regard to 'all' business records of ANY kind. By definition there is no 'reasonable suspicion' in that context.
In fact there is no suspicion at all, and that lack of suspicion is the crux of the whole argument is it not?
It's about stuffing databases full of surveillance information gathered by the NSA; databases which are shared with law enforcement agencies across the country. Those agencies then use the data to mine for leads, stage fake context searches, seize peoples' property, and put people on criminal trial; all while denying collusion with the surveillance state. I'm supposed to think this is all okay because, 'hey, they're guilty, right?' except that 1. This is explicitly prohibited by the Bill of Rights and 2. They aren't always guilty.
> comport with what the applicable statutes authorize
If the statutes are extremely broad and permissive of surveillance, then he could well be telling the truth - FISA could be rigorously scrutinising every request and finding that the statutes permit almost all of them.
The resistance to the Bill of Rights was based on this very notion, the fear that adding an enumeration of some rights would eventually be seen as an enumeration of all rights and that any rights not explicitly enumerated would be considered as lesser rights not protected by the Constitution.
Of course, a right being clearly stated in the Constitution doesn't do much to protect it either. Consider all the limits on gun ownership that run counter to the second amendment. Even someone who is against guns should be of the view that a Constitutional amendment should be needed to allow for limits like those we currently have. For example, banning a mentally ill person from owning a gun or charging a licensing fee to own a gun. Both of these exists and are not considered to infringe on second amendment rights. Now imagine if the same logic was applied to other rights, such as a fee to vote or not allowing free speech to those deemed to have a mental illness (never mind the difficulty in determining what constitutes a mental illness).
I personally think that creating laws to prevent government surveillance is a pointless endeavor. The NSA has ignored and broken laws in the past, why would we expect them to follow new ones that are passed?
The only way to prevent surveillance is with a technical solution (encryption), not a legal solution (more laws).
You need both. By that same logic do you think the constitution and bill of rights is a pointless endeavor? Our government has violated these rights many times in our history. I could just as easily say that the constitutional amendments passed after the civil war were pointless because there was still institutionalized discrimination and racism for another hundred years.
How much did encryption help Lavabit? The court forced them to hand over the encryption keys anyway.
We need to change the laws and place proper oversight over the NSA and other intelligence agencies with real penalties for the violation of our rights. Encryption alone is not enough.
>with real penalties for the violation of our rights.
This. The flagrant violations of our constitution that have taken place are tantamount to treason and the guilty parties deserve punishment at the level of life in prison. And I will vote for any candidate that has the intestinal fortitude to say so.
> How much did encryption help Lavabit? The court forced them to hand over the encryption keys anyway.
Lavabit has a pretty bad system because it did not take the law into account at all and was run by someone that does not seem to understand legal concepts very well. From what I understand, the court that forced them was not FISA, but a plain old federal trial court. Please correct me if I'm wrong.
Furthermore, even the best encryption does little to prevent meta data and anonymity networks ala Tor are inherently high latency and low throughput.
What's more, people tend to prefer centralised systems at the moment, for the sake usability. E.g., I don't see how Androids automatic photo backup could be as friction-less otherwise.
If the NSA's domestic spying is illegal, it's only on a technicality. Congress explicitly authorizes it, and the Supreme Court explicitly finds that the 4th amendment doesn't protect 3rd party records. I'm sure it's violated some specific regulations here and there, but on the whole, spying on everything everyone says and does is not illegal.
The 3rd Party Doctrine made sense when you were physically handing something to somebody else or whispering something in somebody else's ear. In today's world, its interpretation is ludicrously antiquated.
Unfortunately, I don't forsee Congress doing much to solve this any time soon.
Fortunately. Only battles hard-fought are valued. If congress caved for a few years until this blew over, nothing would really change. And ultimately only strong client-side communication schemes (encryption+identity+etc) will solve the problem. Which is something that has a cost people must bear but that they will not if they don't understand the issue.
TL;DR - If congress made it "illegal" it wouldn't change anything. That they refuse to, will change everything.
Also, the third-party doctrine is sort of a recognition of the right the blow the whistle on crimes you see. It's not even (generally) a bad thing. It's only our government's too-cozy of a relationship with too much of the industry that means it's not whistle-blowing but twisted-arm leaks.
It doesn't matter if the actions of the government are (by some technicality we wouldn't accept from a five-year old) legal, if we don't want that behavior anyways.
Government rules by the mandate of the people. And we don't owe it a n-year mandate, or the completion of a grand plan, or trust, etc. When it steps out of line it is illegitimate despite its "legality" in its own laws.
It costs political capital to ignore the law. Dig into the leaks that have come out. Why so much talk about meta data and U.S. persons and minimization? If they were just ignoring the law, they wouldn't bother with any of that. They do it because the law gives them leeway along certain dimensions, and it costs them much less political capital if they can justify their activities as sticking to those rules.
Technical solutions can and will be made illegal once they become a significant impedance to what the government wants to do, preventing the vast majority of people from using them.
Encryption does not prevent surveillance, it just means surveillance changes to more watching people and devices and less watching traffic. You can use all the end to end encryption you want, it does you no good when the ends are insecure.
The encryption game is rigged since the NSA and other government actors are able to use public funds to sabotage it. So the legal angle is still important.
Agreed. With the ability to carry out correlation attacks and the proven information content of metadata, encryption can't provide a complete "technological solution."
I personally fear that it might be equally pointless to try to encrypt your data.
There are just too many point of failures.
Some futurists like David Brin have been pushing the idea that encryption will ultimately fail and that sousveillance and a push for transparency were the only adapted responses.
I think it would be interesting to push in that direction (it does not prevent from trying to encrypt your data as well).
The only way to prevent surveillance is with a technical solution (encryption), not a legal solution (more laws).
I'd say both have their place however focus on protecting the legality of encryption, not on making it illegal to spy. Bolster security by design with law, don't use law to haphazardly stop spooks from doing spooky things.
The problem isn't necessary the laws, but the fact that there never seems to be any punishment for abuses, so the NSA just learns the laws don't apply to them, and keep doing whatever they want. If our representatives actually punished them, we'd be in a different situation.
This is one of the few cases where "starve the beast" makes sense: there is a large entrenched power structure responsible for this, and the public is paying for it. A budgetary line of attack can work as well.
It adds complexity, but it ultimately isn't really particularly difficult.
The problem is that your backend servers can no longer operate on that data in any meaningful way. For this reason, full end-to-end encryption is likely not realistic for certain applications.
Simpler applications, like iMessage, can and do implement end-to-end encryption without much difficulty at all.
The NSA is a military organization, and arguably does not consider itself to be bound by domestic law. After all, the US is perpetually at war. But the legal environment can limit the NSA's options for using intelligence. When efforts must remain secret, there's more need for parallel construction.
I don't understand how the FISA court, created by Congress outside the bounds of the appointment clause, for the specific task of approving or rejecting surveillance warrants, can so casually set aside the rulings of an actual court.
I mean, this is really simple stuff - like Marbury vs. Madison simple.
Isn't this precisely what the Church committee (out of which FISA grew) intended to prevent?
The actual arguments start from 10 and go to 12. The quote about Second Court not being binding on them is from page 14, and some problems they had with the Second Court's analysis are on page 16, including pointing out that some of the claims of the Second Court are no longer true after the Freedom Act was passed.
Yeah, it's really oddly worded. Whether or not the 2nd Circuit is binding on FISC is not at issue. The question is whether or not the 2nd Circuit is binding on the NSA (or at least NSA activities within its geographical jurisdiction).
Poorly worded on my part. By "actual" Court, I meant a court whose personnel are appointed pursuant to the appointments clause of the US Constitution.
Sure, they're all created by congress, but the District and Circuit courts have clear, long-established, transparent mechanisms for figuring out who is on the court.
The judicial Power of the United States, shall be vested in one supreme Court, and in such inferior Courts as the Congress may from time to time ordain and establish. The Judges, both of the supreme and inferior Courts, shall hold their Offices during good Behavior, and shall, at stated Times, receive for their Services a Compensation which shall not be diminished during their Continuance in Office.
Congress has an authority to create courts as they see fit, now FISA might not be perfect it might be a complete disaster, but it's not unique as all modern courts have issues on being completely transparent at all times.
For example court orders such as search and seizure, peak and enter, wiretap etc' cant be public for obvious reasons since you can't argue that when you need to tap some one's phone to gather enough evidence to convict them of a crime you can make it public.
You could also argue that such warrants violate the whole "innocent until proven guilty" posture by simply issuing a warrant before there's actual evidence of that a crime has been committed, or in fact it allows the state to force people to incriminate them selves in future crimes.
Now back to the FISA court the hearings and it's orders on specific efforts against specific targets can't be public, some oversight and process transparency might be possible but you can't make a court like that public.
That said the US is pretty much the only country which actually has a court like that, everyone spies, not to the extent that the US does but no one else have those resources, but I haven't heared about any other country in which the intelligence services have not only executive/legislative oversights but also judicial.
I'm not sure how much I trust a judicial oversight that has rejected somewhere in the range of 11 out of 34000 petitions. And it may not even be the FISA court's fault:
“The FISC is forced to rely upon the accuracy of the information that is provided to the court,” Judge Reggie Walton, chief judge of the Foreign Intelligence Surveillance Court (aka FISA court) wrote. “The FISC does not have the capacity to investigate issues of noncompliance, and in that respect the FISC is in the same position as any other court when it comes to enforcing [government] compliance with its orders.”[1]
The utter and complete lack of transparency around the FISA court pretty much makes it impossible to verify that information. We are left with the Executive saying, "Trust us, we won't do anything wrong".
The federal appellate courts other than the fed circuit have regional jurisdiction. Their decisions are not binding authority on courts outside their own regions.
As I understand it, that's not at issue here. The rulings of the circuit and district courts are binding on actors in their jurisdictions - the FISC can't (or at least, I didn't understand it to be legal for them to) come in and rule that conduct deemed unconstitutional by a circuit court on a particular actor (ie, the Second Circuit ruling on conduct by the NSA).
To add to what others have already said, the Second Circuit stayed the order that would prevent the NSA from doing the calls. This means the Second Circuit didn't order them to stop.
Since the FISA court isn't under the Second Circuit, it is under no obligation to follow second circuit holdings.
Further, the FISA court distinguishes from the situation in the Second Circuit, but that's not all that persuasive to me.
- In any case the USA FREEDOM Act explicitly rules out bulk collection by the NSA in 6 months ( it's done by the phone companies afterwards, not sure if that's really any better)
- The Second Circuit ruled that Section 215 of the Patriot Act was not intended to allow for mass surveillance. But they did not issue an injunction, saying that further action is dependent on the USA FREEDOM Act
- Congress passed the act _with this 6 month period_ and otherwise similar language, basically saying "We know this is interpreted as mass surveillance, and we are not contradicting that"
The second circuit ruling was not based off of constitutional interpretation, but off of the interpretation of the law. By passing the Freedom act with that 6 month period, Congress has made clear that the "mass surveillance" interpretation is acceptable to them (again, for that 6 month period).
And yet how does the FISA court have jurisdiction in the matter at all? My understanding was that the FISA court existed solely for the purpose of evaluating the validity of warrants that if applied for in a general court would prove a natural security risk.
The FISA court does not handle criminal warrants. It was created to add a layer of judicial oversight for foreign power surveillance activities that previously did not require warrants.
One thing I don't understand about the updates to the law governing the FISA court:
How would there be any challenge to its rulings? Without a challenge, how would it be appealed to SCOTUS? Without a public appeal, how would the legal community be able to debate the merits of different cases as they do with other constitutional law issues?
It is like if the FBI was doing the bulk collection but never using the data to prosecute anyone: there isn't any place for the exclusionary rule* to restrain the prosecution.
>The surveillance court is subject to review by its own appeals panel, the Foreign Intelligence Surveillance Court of Review. Both the Second Circuit and the surveillance review court are in turn subject to the Supreme Court, which resolves conflicts between appeals courts.
If I'm reading it right, the plaintiff here was appointed an "interested party" in some legal sense, which would give them the right of appeal? Am I misunderstanding that?
I worry sometimes when I hear people say things like "What is the point, as soon as we overcome something or strike a victory, the other side starts looking for ways to undermine or overcome it"
That is true, but it's almost the universal constant in life. The fight for good is never won... it's a continual struggle, a process- not fixed condition to be achieved.
Should we so easily accept that premise? Sure, we must guard against an erosion of rights. But, it seems that in some cases, we are guarding against subversion of the very tools emplaced to aid us in that objective.
Yes, the premise is right, the "some cases" you have now, are subversion, definately, the problem is, they only gained a foothold purely because you failed to guard your rights from erosion in the first place.
So, would someone please hack the NSA's collection of bulk metadata and use it to reveal embarrassing information about politicians and NSA employees who support this program? Why hasn't this happened yet?
The solution is to use strong encryption all the time. When it becomes the standard mode of operation for the majority of people, protocols, and applications, it will no longer be suspicious (and therefore probable cause) for a warrant. Let them subpoena the encryption keys in court or burn CPU time trying to crack things they find important. Encryption will help resist indexing and slow down data mining, bringing back some of the privacy and freedom we used to have.
Caveat here that the crypto needs to actually be good, and key management and negotiation needs to be good, and key sizes and algo parameters need to be good, and that hardware needs to be good, and that key escrow systems ("Secure" Enclave, "Trusted" Platform Module) need to be good, you can not use computing services - everything must be done locally (the third party doctrine means that copies of this data must be kept to be made available), and the software stack must be kept secure and the hardware must be trusted.
It's really scary to think of the potential for abuse and corruption that such a treasure trove represents. Why should we trust them with the ability to essentially blackmail everyone?
A non-adversarial system, with the Judge being a part of the Govt.
Does anyone ever believe that this is anything other than the thinnest of fig leaves to cover the almost limitless power of the NSA to peep into people's private business?
Help elect Rand Paul and all of this is likely to stop. Any other candidate, regardless of party affiliation, is a vote for maintaining the current state of affairs.
Not sure he'd be able to accomplish everything he talks about due to political realities. That said, the massive message sent by having him and his ideas pushed to the top of the stack would shake-up the political class. It's about letting them know, in very clear terms, what we want and what we are unhappy with.
> Between 2001 and 2012, the FISA judges approved 20,909 surveillance and property search warrants - an average of 33 a week. During that 12-year period, the judges denied just 10 applications. Prosecutors withdrew another 26 applications.
> From 2007 to 2012, FISA judges also approved 532 "business record" warrant applications, the category used in the order that directed Verizon to release metadata on all phone calls inside the United States. No business record warrants were rejected.
and, on the judges perception of themselves:
> Walton, the senior judge on FISA, declined to be interviewed. In a statement, he said: "The perception that the court is a rubber stamp is absolutely false. There is a rigorous review process of applications submitted by the executive branch, spearheaded initially by five judicial branch lawyers who are national security experts, and then by the judges, to ensure that the court's authorizations comport with what the applicable statutes authorize."
http://www.reuters.com/article/2013/06/21/us-usa-security-fi...