Information Privacy Law
Professor Ira Rubinstein
April 12, 2017
Transparency Reports and the FREEDOM Act.
The Snowden revelations showcased how Sections 215 and 702 was abused by the NSA in bulk collection of phone metadata. The FREEDOM Act (the Act) sought to curtail this practice by banning the NSA from directly collecting the metadata. Now, its role is limited to approaching service providers using Reasonable Articulable Suspicion approved selectors, as opposed to simply gathering all the metadata itself. This article, through the emergence of the latest transparency reports, will showcase how despite the banning of bulk collection, the same is still achievable today. This is because the Act only shifts the burden of collection onto the service providers, while the law silently permits the government to collect the same from such providers.
The Act also imposes transparency requirements on the Foreign Intelligence Surveillance Court, which otherwise has a long (and notorious) history of secrecy. The FISC is now required to start publishing its decisions thanks to the Act. Interestingly, pursuant to the FREEDOM Act, many data companies have started issuing their own transparency reports. These are published for such companies to be more transparent with their customers about disclosures made to the government. More pertinently, these transparency reports show a number of subpoenas and gag orders relating to the disclosure of these subpoenas.
There is ample legislation allowing the FBI and other government agencies to issue subpoenas to service providers, requiring them to hand over their information. What is important is that with regard to phone metadata, old precedent of the Supreme Court does not accord any 4th Amendment protection to it. This is because information that is given to third parties, such as phone operators and banks, do not entail a reasonable expectation of privacy (See Smith v. Maryland and U.S. v. Miller. While circuit courts have questioned the applicability of such a doctrine in modern times, the fact remains that the Court has not overturned it enforcement agencies can continue to use it to their advantage.
The transparency reports showcase how these subpoenas can be overbroad, and can be used to achieve what was sought to be banned through the passage of the Act. Recently, Signal, a messaging app, was served a subpoena to hand over its records relating to a targeted customer of its app by the FBI. Unsurprisingly, this subpoena came with a gag order. However, Signal does not have a log of the data it collects of the communications by its customers and could not provide them with what they were looking for. However, they fought the gag order and had it successfully lifted on account of it being overbroad. Apart from Signal, there seems to be a growing trend of tech giants such as Yahoo and Google disclosing such NSLs. This only indicates that they were successful in getting these lifted.
However, there is a larger issue from the facts above. It is clear that passing the burden of collection onto third party service providers does not seem to have been done with an intention of preserving privacy. To the contrary, it seems to have been engineered by the government to legitimise its exposed and questionable information collection tactics. Instead of collecting the information themselves, the government may serve the service providers with a subpoena and gain the information without any judicial oversight. This highlights a great inadequacy, which the FREEDOM Act failed to address. However, the increasing disclosure of the NSLs in transparency reports indicate the growing sentiment that the shroud of secrecy around data gathering by federal agencies can be excessive.