On Thursday, a federal appeals court ruled that the bulk collection of Americans' phone data by the National Security Agency (NSA) violated the USA Patriot Act. The Washington Post reported:
"... a unanimous three-judge panel of the U.S. Court of Appeals for the 2nd Circuit overturned a lower court and determined that the government had stretched the meaning of the statute to enable “sweeping surveillance” of Americans’ data in “staggering” volumes... The NSA’s mass collection of phone records for counterterrorism purposes — launched after the Sept. 11, 2001, terrorist attacks... Under the program, the NSA collects “metadata” — or records of times, dates and durations of all calls — but not call content."
The NSA's massive phone collection program was revealed in June 2013 by former NSA agency contractor Edward Snowden. The U.S. Government argued that the phone records data collection program, underway since at least May 2006, was necessary to identify:
"... terrorism suspects. A series of judges on the secretive Foreign Intelligence Surveillance Court have agreed."
The plaintiffs in the original lawsuit and appellants were the American Civil Liberties Union, American Civil Liberties Union Foundation, New York Civil Liberties Union, and New York Civil Liberties Union Foundation. Named in the appeal lawsuit were James R. Clapper (Director of National Intelligence), Michael S. Rogers (Director of the National Security Agency and Chief of the Central Security Service), Ashton B. Carter (Secretary of Defense), Loretta E. Lynch (Attorney General of the United States), and James B. Comey (Director of the Federal Bureau of Investigation).
The Court opinion stated in part:
"This appeal concerns the legality of the bulk telephone metadata collection program (the “telephone metadata program”), under which the National Security Agency (“NSA”) collects in bulk “on an ongoing daily basis” the metadata associated with telephone calls made by and to Americans, and aggregates those metadata into a repository or data bank that can later be queried. Appellants challenge the program on statutory and constitutional grounds. Because we find that the program exceeds the scope of what Congress has authorized, we vacate the decision below dismissing the complaint without reaching appellants’ constitutional arguments.."
Telephone metadata does not include what people said during a phone call. Metadata includes only the date, time, call duration (in minutes), caller's phone number, and recipient's phone number. With smartphones, the metadata may also include the caller's geo-location, the recipient's geo-location, and a phone identifier. The Court opinion also stated:
"The district court held that § 215 of the PATRIOT Act impliedly precludes judicial review; that plaintiffs/appellants’ statutory claims regarding the scope of § 215 would in any event fail on the merits; and that § 215 does not violate the Fourth or First Amendments to the United States Constitution. We disagree in part, and hold that § 215 and the statutory scheme to which it relates do not preclude judicial review, and that the bulk telephone metadata program is not authorized by § 215."
The Court decision summarized some important history Americans should know:
"In the early 1970s, in a climate not altogether unlike today’s, the intelligence‐gathering and surveillance activities of the NSA, the FBI, and the CIA came under public scrutiny. The Supreme Court struck down certain warrantless surveillance procedures that the government had argued were lawful as an exercise of the President’s power to protect national security, remarking on “the inherent vagueness of the domestic security concept [and] the necessarily broad and continuing nature of intelligence gathering.” United States v. U.S. Dist. Court for the E. Dist. of Mich. (Keith), 407 U.S. 297, 320 (1972). In response to that decision and to allegations that those agencies were abusing their power in order to spy on Americans, the Senate established the Select Committee to Study Governmental Operations with Respect to Intelligence Activities (the “Church Committee”) to investigate whether the intelligence agencies had engaged in unlawful behavior and whether legislation was necessary to govern their activities. The Church Committee expressed concerns that the privacy rights of U.S. citizens had been violated by activities that had been conducted under the rubric of foreign intelligence collection. The findings of the Church Committee, along with the Supreme Court’s decision in Keith and the allegations of abuse by the intelligence agencies, prompted Congress in 1978 to enact comprehensive legislation aimed at curtailing abuses and delineating the procedures to be employed in conducting surveillance in foreign intelligence investigations. That legislation, the Foreign Intelligence Surveillance Act of 1978 (“FISA”)... established a special court, the Foreign Intelligence Surveillance Court (“FISC”), to review the government’s applications for orders permitting electronic surveillance... Unlike ordinary Article III courts, the FISC conducts its usually ex parte proceedings in secret; its decisions are not, in the ordinary course, disseminated publicly..."
To balance the competing needs of citizens' privacy and intelligence gathering:
"... Congress has amended FISA, most significantly, after the terrorist attacks of September 11, 2001, in the PATRIOT Act. See USA PATRIOT ACT of 2001, Pub. L. No. 107‐56, 115 Stat. 272 (2001). The government argues that § 215 of that Act authorizes the telephone metadata program..."
The Court added:
"We are faced today with a controversy similar to that which led to the Keith decision and the enactment of FISA. We must confront the question whether a surveillance program that the government has put in place to protect national security is lawful. That program involves the bulk collection by the government of telephone metadata created by telephone companies in the normal course of their business... "
The court recognized that while law enforcement has historically used metadata, new technologies have changed things:
"We recognize that metadata exist in more traditional formats, too, and that law enforcement and others have always been able to utilize metadata for investigative purposes. For example, just as telephone metadata may reveal the charitable organizations that an individual supports, observation of the outside of an envelope sent at the end of the year through the United States Postal Service to such an organization might well permit similar inferences, without requiring an examination of the envelope’s contents. But the structured format of telephone and other technology‐related metadata, and the vast new technological capacity for large‐scale and automated review and analysis, distinguish the type of metadata at issue here from more traditional forms. The more metadata the government collects and analyzes, furthermore, the greater the capacity for such metadata to reveal ever more private and previously unascertainable information about individuals... in today’s technologically based world, it is virtually impossible for an ordinary citizen to avoid creating metadata about himself..."
The Court opinion discussed secrecy and the Administrative Procedure Act (APA):
"The government has pointed to no affirmative evidence, whether “clear and convincing” or “fairly discernible,” that suggests that Congress intended to preclude judicial review. Indeed, the government’s argument from secrecy suggests that Congress did not contemplate a situation in which targets of § 215 orders would become aware of those orders... That Congress may not have anticipated that individuals... would become aware of the orders, and thus be in a position to seek judicial review, is not evidence that Congress affirmatively decided to revoke the right to judicial review otherwise provided by the APA... The government’s argument also ignores the fact that, in certain (albeit limited) instances, the statute does indeed contemplate disclosure. If a judge finds that “there is no reason to believe that disclosure may endanger the national security of the United States, interfere with a criminal, counterterrorism, or counterintelligence investigation, interfere with diplomatic relations, or endanger the life or physical safety of any person,” he may grant a petition to modify or set aside a nondisclosure order... Such a petition could presumably only be brought by a § 215 order recipient, because only the recipient, not the target, would know of the order before such disclosure. But this provision indicates that Congress did not expect that all § 215 orders would remain secret indefinitely..."