Ellen Nakashima at WaPo:
The Obama administration is seeking to make it easier for the FBI to compel companies to turn over records of an individual’s Internet activity without a court order if agents deem the information relevant to a terrorism or intelligence investigation.
The administration wants to add just four words — “electronic communication transactional records” — to a list of items that the law says the FBI may demand without a judge’s approval. Government lawyers say this category of information includes the addresses to which an Internet user sends e-mail; the times and dates e-mail was sent and received; and possibly a user’s browser history. It does not include, the lawyers hasten to point out, the “content” of e-mail or other Internet communication.
But what officials portray as a technical clarification designed to remedy a legal ambiguity strikes industry lawyers and privacy advocates as an expansion of the power the government wields through so-called national security letters. These missives, which can be issued by an FBI field office on its own authority, require the recipient to provide the requested information and to keep the request secret. They are the mechanism the government would use to obtain the electronic records.
Stewart A. Baker, a former senior Bush administration Homeland Security official, said the proposed change would broaden the bureau’s authority. “It’ll be faster and easier to get the data,” said Baker, who practices national security and surveillance law. “And for some Internet providers, it’ll mean giving a lot more information to the FBI in response to an NSL.”
Julian Sanchez at The American Prospect:
At issue is the scope of the Federal Bureau of Investigation’s power to obtain information from “electronic communications service providers” using National Security Letters (NLS), which compel private companies to allow government access to communication records without a court order. The administration wants to add four words — “electronic communication transactional records” — to Section 2709 of the Electronic Communications Privacy Act, which spells out the types of communications data that can be obtained with an NSL. Yet those four little words would make a huge difference, potentially allowing investigators to draw detailed road maps of the online activity of citizens not even suspected of any connection to terrorism.
In their original form, NSLs were extremely narrow tools designed to allow federal investigators to obtain very basic telephone records (name, address, length of service, calls placed and received) that could be linked by “specific and articulable facts” to persons suspected of being terrorists or foreign spies. In 1993, Congress amended the statute to clarify that NSLs could be issued to electronic information service providers as well as traditional phone companies. But wary of the potential for misuse of what the House Judiciary Committee called this “extraordinary device” in a world of rapidly changing technology, Congress placed tight limits on the types of records that could be obtained, making clear that “new applications” of NSLs would be “disfavored.”
The administration is presenting this change as a mere clarification meant to resolve legal ambiguity — as though Congress had simply misplaced a semicolon. Yet the Bush-era Office of Legal Counsel already rejected that argument in a 2008 opinion, concluding that the FBI had for years misread the “straightforward” language of the statute. And clarity is certainly needed, as it is hard to know just what falls under “categories of information parallel to subscriber information and toll billing records.” The standard reference for lawyers in this sphere, David Kris’ National Security Investigations and Prosecutions, simply notes that the scope of NSLs as applied to online activity is unclear. Even the Justice Department seems uncertain. In a 2001 response to congressional inquiries about the effect of the newly enacted PATRIOT Act, DOJ told Congress that “reasonable minds may differ” as to where the line should be drawn between addressing information equivalent to toll billing records and “content” requiring a search warrant.
Congress would be wise to specify in greater detail just what are the online equivalents of “toll billing records.” But a blanket power to demand “transactional information” without a court order would plainly expose a vast range of far more detailed and sensitive information than those old toll records ever provided.
Consider that the definition of “electronic communications service providers” doesn’t just include ISPs and phone companies like Verizon or Comcast. It covers a huge range of online services, from search engines and Webmail hosts like Google, to social-networking and dating sites like Facebook and Match.com to news and activism sites like RedState and Daily Kos to online vendors like Amazon and Ebay, and possibly even cafes like Starbucks that provide WiFi access to customers. And “transactional records” potentially covers a far broader range of data than logs of e-mail addresses or websites visited, arguably extending to highly granular records of the data packets sent and received by individual users.
As the Electronic Frontier Foundation has argued, such broad authority would not only raise enormous privacy concerns but have profound implications for First Amendment speech and association interests. Consider, for instance, the implications of a request for logs revealing every visitor to a political site such as Indymedia. The constitutionally protected right to anonymous speech would be gutted for all but the most technically savvy users if chat-forum participants and blog authors could be identified at the discretion of the FBI, without the involvement of a judge.
Now, there’s a good faith case to be made that the FBI ought to have this authority. After all, the bad guys don’t use telephones to talk to each other any more. But the FBI has abused the NSL authority, essentially fabricating pretexts for sending NSLs to thousands of people. Since the NSL authority was expanded by the PATRIOT Act, three separate OIG investigations have found abuses that rise above the level of incidental misuse of power. The FBI has excuses: it’s the databases. It’s the urgency of terrorism investigations. It’s the lack of clarity in the language.
The urgency factor is a good excuse for the FBI to have the authority, but not to misuse it. NSLs are issued without prior approval from a judge. They’re now part of the standard anti-terrorism investigatory toolkit. They’re needed.
Democrats on the Judiciary and Intelligence committees are skeptical of the request to change the statute for precisely these reasons, and one senior aide noted that the language was met with some skepticism by Congressional staff who’ve grown wary of FBI excuses for overreach. Then again, it is always hard for members of Congress to say no to something that the FBI claims is vital for its counterterrorism efforts.
There is a compromise here: the FBI can subject its NSL issuances to post-facto review from judges, who can decide whether the FBI’s pretexts are sufficient. The FBI doesn’t need to get a judge’s permission to issue an NSL and the internet provider can’t wait until the judicial review kicks in. This way, the FBI can get what it needs and there’s a check on that power.
But this compromise won’t work. The FBI issues tens of thousands of NSL requests per year, most of them for telephone records and other information, like credit reports. There’s no way a judge can individually approve, even in retrospect, tens of thousands of requests without significantly adding to already overflowing caseloads.
So, in the end, as with almost every issue about national security information, the question is one of trust. Can the American people, through Congress, trust the FBI to use this authority properly? Maybe the administration and the FBI should answer this question: given past abuses, what steps will you take to ensure that this authority isn’t abused?
Kelley Vlahos at The American Conservative:
It seems so perverse and creepy, considering that WaPo reported only last week in its “Top Security America” series that the federal government’s behemoth intelligence/security apparatus has way more data than it can possibly analyze effectively. It’s disheartening that the administration admits it’s targeting those hold-out Internet service providers that have been heretofore unwilling to play ball with the feds. In other words, private companies that have, so far, resisted the government’s push for greater authority and control over the Net.
Senior administration officials said the proposal was prompted by a desire to overcome concerns and resistance from Internet and other companies that the existing statute did not allow them to provide such data without a court-approved order…
To critics, the move is another example of an administration retreating from campaign pledges to enhance civil liberties in relation to national security. The proposal is “incredibly bold, given the amount of electronic data the government is already getting,” said Michelle Richardson, American Civil Liberties Union legislative counsel.
I guess it’s safe to say now that civil libertarians have been thoroughly hosed (in other words, hoodwinked, flimflammed, bamboozled, duped, chiseled and burned) by Barack “the constitutional law professor” Obama. The question remains, how far will he go?
The 4th Amendment’s requirement that “no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seize” is really a nuisance, the Obama administration argues.
I understand any administration’s or agency’s desire to accumulate more power — after all, they’re decent folk who just want what’s best for the country. But I don’t get how this passes judicial scrutiny.
While I’ve got a strong libertarian streak and am staunchly protective of our rights under the Constitution, I’m not an absolutist. Even our most fundamental liberties, such as freedom of speech and assembly, have to be balanced against the rights of others and the need for public safety.
During the Bush administration, I defended the idea that the government ought to be able to conduct data mining operations on mass communications with persons of interest overseas. My rationale was that this wasn’t a “search” in any meaningful sense because it was just computer algorithms sifting through impersonal information, that there would be no way to show probable cause ahead of time, the targets were overseas operatives, and that the purpose was intelligence gathering rather than prosecution. So, the harm to individual liberty was small and mostly theoretical while the potential harm to society from not gathering the information was substantial.
But this is something quite different: Specific searches of activities carried on by specific American citizens domestically. Further, it’s not like the records are going anywhere, making seeking out a magistrate and getting a proper warrant a minor burden. So there’s no reason that a warrant can’t be obtained and no additional risk to society by going through the process required by the Constitution outside the ones intended by the Framers.
Of course, checking out someone’s browser history could be very useful in a terrorism investigation. But if I had some kind of cause—probable cause, let’s say—to suspect someone of involvement in terrorism, I could just get a warrant. If I want to see whether my wife has a secret Match.com account, by contrast, I’m going to need some kind of authority to compel private companies to divulge this information without me needing to explain myself to a judge.
FBI personnel are, I’m sure, overwhelmingly decent and honorable people whose subjective understanding is that they want to use these enhanced powers for legitimate purposes. But who among us, when being honest, has never misused work resources a bit for personal purposes? Everyone slacks off on the job. Everyone has moments of prurient interest in the lives of other people. Taking the gloves off, surveillance-wise, is much more likely to lead to abusive behavior than to super-awesome counterterrorism operations.
Emptywheel at Firedoglake:
Make no mistake. This is one of the most important pieces of civil liberties news in a long time. The Obama Administration is asking Congress to sanction the collection of internet records without a warrant–the kind of shit they used to do without a warrant, until people expressed their opposition.
But then Democrats took over and now they want legal sanction and now–Voila, a request that presumably provides cover.
I forget. How many NSLs do the FBI and other federal agencies already send out every year? 30,000? 50,000? What’s it up to now? Whatever it is, I guess it’s still not enough. That business of getting approval from a judge is just so annoying, after all.
You know, if I’d wanted Dick Cheney as president I would have just voted for him.