Privacy from the Government
Readings:The next segment we will do is on Privacy. Start
reading Baase Chapter 2.
Nothing to Hide
Supreme Court Cases on Privacy
Electronic Communications Privacy Act
They are watching you: http://www.youtube.com/watch?v=8JNFr_j6kdI.
The speaker is Jerry Day.
Is this a real threat? (See especially the section between 0:45 and 1:25)
I'm offering this as an example of a possible
threat, but which definitely has elements of "paranoia" as well. (I imagine
somewhere on YouTube there's a video of someone explaining the dangers of
the government eavesdropping on your conversations by beaming lasers on your
What is privacy all about? Baase (4e p 48 / 5e p 52) says it consists of
Are these all? Note that Baase put control of information as #2; I moved it
- control of information about oneself: who knows what about you?
- freedom from intrusion -- the right to be left alone in peace
- freedom from surveillance (watched, listened to, etc)
In some sense the second one above is really a different category: the need
to get away from others. A technological issue here is the prevalence of
phones, blackberries, and computers and the difficulty of getting away from
The third one is to some degree a subset of the first: who gathers
information about us, and how is it shared? Another aspect of the third one
is freedom from governmental spying. Privacy from the
government is a major part of Civil Liberties.
Privacy is largely about our sense of control
of who knows what about us. We willingly put information onto Facebook, and
are alarmed only when someone reads it who we did not anticipate.
- commercial interests
- local community (ie our friends and acquaintances)
What do we have to hide
Sometimes, when we try to argue for our privacy, we get asked what
do you have to hide? See below.
On the one hand, many people who don't have anything to hide are nonetheless
uncomfortable with surveillance. On the other hand, a big part of post-9/11
surveillance (eg, what the NSA is doing) is for protection of the public.
On yet another hand, should we care at all about privacy? Or is it just
MIT's Sherry Turkle gave the keynote talk at Loyola's Digital Ethics
conference in Fall 2012. She shared some comments made by teenagers in
privacy discussion groups:
- The way to deal with the loss of privacy is "just to be good"
- "Who would care about me and my little life" [respondent age 16]
Do we now have to be good all the time?
She also quotes Facebook founder Mark Zuckerberg as saying "privacy is no
longer a relevant social norm".
Turkle's own rule for healthy democracies is that the government should
assume "everyone has something to hide". That way, there can be no arguing
that if you're in favor of greater privacy then you have "something to
hide". But what if safety is involved?
Strange history: once upon a time we were mostly concerned about privacy
from the government, not from private commercial interests. Then things
shifted 180°; commercial interests were the primary concern.
Now they have shifted 180° again.
Once upon a time, concern about privacy was on the decline. People knew
about the junk-mail lists that marketers kept, but it did not seem
important, especially to younger people.
In the last few years, commercial privacy has become a significant issue.
Why is this?
Psychologists have ways of defining general personality
traits, eg the OCEAN set of
(The Myers-Briggs system has four dimensions, and classifies you as at one
end or the other (eg extraverted or introverted) on each axis.)
- Openness (to new ideas and experiences)
- Neuroticism (tendency towards anxiety and worry)
Are we approaching the point that outsiders can create a psychological
profile of us using online data only?
Is this even what we mean by losing our privacy? Psychologists have
suggested that "getting to know someone" is based significantly on the slow
voluntary exchange of personal information.
Or is it much simpler: perhaps the marketing information about us was too
remote for us to be concerned, but that Facebook has ushered in a new era of
online information about our social
situation: friends, events, likes, and that these are the things that are
relevant in our day-to-day interactions with others.
In 2010, Tal Yarkoni did a study Personality
and Blogging, in which he identified correlations between language use
and traditional OCEAN-based psychological categories, using subjects who had
consented to a standard psychological-profile evaluation. He was able to
create a mechanism for determining someone's psychological categorization
just from the language the person used in blogging.
In 2013, IBM's Eben Haber extended this to (much-shorter) twitter postings.
The goal is indeed to make use of the inferred information about personality
to target marketing efforts more effectively. The original (short) paper is
A Visualization Tool to Analyze People's Personality with Social Media,
by Liang Gou, Jalal Mahmud, Eben M. Haber and Michelle X. Zhou. See also http://www.economist.com/news/science-and-technology/21578357-plan-assess-peoples-personal-characteristics-their-twitter-streams-no.
An important corollary of Yarkoni and Haber's work is that it appears to be
much harder to conceal ones fundamental personality when online than some
have perhaps thought.
In January 2015, Youyou, Kosinski and Stillwell published a paper in which
they showed that Facebook likes also revealed ones OCEAN profile, and
furthermore did this more accurately than family and friends: Computer-based
personality judgments are more accurate than those made by humans.
This research has been widely covered in the popular press: see news.stanford.edu/news/2015/august/social-media-kosinski-082515.html,
where coauthor Kosinski notes "one of our most surprising findings is
that we could even predict whether your parents were divorced or
not, based on your Facebook likes." You can also go to http://applymagicsauce.com/
where you can upload your Facebook likes and then click "predict my
And then there are all those Facebook quizzes. Many of these represent
someone very deliberately mining for information about your OCEAN profile,
to help determine the kinds of ads you'll see. This works even if Facebook
keeps all the results: an advertiser can say "show this ad to
everyone whose best-match dog breed is a pit bull and whose best-match
flower is a thistle". See www.nytimes.com/2016/11/20/opinion/the-secret-agenda-of-a-facebook-quiz.html.
Personality identification in the advertising world continues to grow more
and more precise. Ordinary advertisers often have access to this
information; Facebook has your personality down very precisely. Do
you care? Yes, it can be used to help target ads to you.
We understand that all sorts of online purchasing information is collected
about us in order for the stores to sell to us again. Whenever I go to
Amazon.com, I am greeted with book suggestions based on past purchases. But
at what point does this information cross the line to become "personalized
What if the seller has determined that we are in the category
"price-sensitive shopper", and they then call/mail/email us with pitches
that offer us the "best price" or "best value"? (See the box on Baase, 4e p
72 / 5e p 65, for a related example. Here, the British Tesco
chain determined which shoppers were "price-conscious", and also what they
were most likely to buy. These products (maybe the top 20 in sales volume?)
were then priced below Wal*Mart's prices.)
Political parties do this kind of personalization all the time: they tailor
their pre-election canvassing to bring up what they believe are the
hot-button issues for you personally.
Marketing personalization sometimes involves your personality profile, but
often weighs other attributes (like "price-sensitive shopper) more highly.
What do computers have to do with
Old reason: they make it possible to store (and share) so much more data
- They enable complex data mining
- They allow us to find info on others via Google
- Records are kept that we never suspected (eg Google searches)
- Electronic eavesdropping
Baase, 4e p 48 / 5e p 52: The communist East-German secret police Stasi were
masters of non-computerized privacy invasion. The film The
Lives of Others was about this.
The Fourth Amendment states:
The right of the people to be secure in
their persons, houses, papers, and effects, against unreasonable searches
and seizures, shall not be violated.
Should this extend to any online information?
Baase 4e p 50 / 5e p 54: many companies use computers to create "a detailed
picture of the person's interests, opinions, relationships, habits and
Maybe also of what sales pitches we're likely to respond to?
Some non-governmental privacy issues:
- shopping data
- RFID chips in cards and merchandise
- search-engine queries
- cellphone GPS data
- event data recorders in automobiles
When it first came out in the early 1990's, Caller ID was widely seen as a
privacy intrusion. That is, it
took away your "right" to call someone anonymously. Actually, that is
a plausible right if you're calling a commercial enterprise; if you don't
want them calling you back, you should be able to refuse to give them your
Within a decade, Caller ID was widely seen as a privacy boost: you could
control who could interrupt you. This is privacy in sense #2 above; the
original issue was privacy in sense #1.
Caller ID never caught on with stores; it did
catch on with ordinary people.
Is there any right to phone someone
anonymously? What if you're trying to give the police a tip? What if you're
a parole officer?
Maybe some of the most sensitive information gathered about us today is our
location, typically from a cellphone. Traditional phones do not necessarily
track GPS in real time, unless an emergency call is placed, but smartphones
do this continuously in order to display advertisements for nearby
businesses. What undesirable things could be done with this information?
We will return to this later.
twitter/foursquare announcements that you will not be At Home (now "off"; I
wish I'd kept some sample data)
Facebook has made us our own worst privacy leakers.
Facebook and college admissions, employment, any mixed recreational &
Here is a list of some specific things we may want to keep private, and
which might also appear in records somewhere:
Of course, a central issue in the last item is what constitutes "minor".
- past lives (jobs, relationships, arrests, ...)
- life setbacks
- medical histories
- mental health histories, including counseling
- support groups we attend
- organizations of which we are members
- legal problems (certainly criminal, and often civil too)
- alcohol/drug use
- tobacco or alcohol purchases
- most sexual matters, licit or not
- pornography preferences
- pregnancy-test purchases; contraceptive purchases
- private digressions from public facade
- different facades in different settings [friends, work, church]
- comments we make to friends in context
- what about Donald Sterling?
- the fact that we went to the bar twice last week
- the fact that we did not go
to the gym at all last week
- minor transgressions (tax deductions, speeding, etc)
In keeping these sorts of things private, are
we hiding something?
More significantly, what has the rise of Facebook done to this list? How
much do we care about this "general background" information as opposed to
the kind of information that leaks out of Facebook: who we partied with last
night, what we drank, who we partied with five years ago, where we were last
night given that we said we would
be volunteering at the soup kitchen?
Consider the item above about "different facades in different settings". In
this context the following quote from Mark Zuckerberg is relevant:
The days of you having a different image for
your work friends or co-workers and for the other people you know are
probably coming to an end pretty quickly. ... Having two identities
for yourself is an example of a lack of integrity" [from David
Kirkpatrick, The Facebook Effect]
Lack of integrity? Really? The only thing that keeps LinkedIn alive is that
most people believe in keeping at least some separation between their work
life and pictures of their partying. But the separation goes much deeper
than that; many people maintain different images in different contexts. See
Sometimes we want to keep things private simply to avoid having someone else
Is this list what is really important to us in terms of privacy? Or are we
really only concerned with more intangible attributes?
In 1979, Harold Sackeim and Ruben Gur studied self-deception. They asked
participants the questions below, with the understanding that the honest
answer was almost always "yes" (this is debatable, but they do have a
point). The number of "no" answers was then interpreted as an indication of
For our purposes, the issue is that these questions represent another list
of things we might very well wish to keep private (note that the
survey dates from 1979, when taboos against homosexuality were still
1. Have you ever felt hatred toward either of
For many of these, however, there are not any records (except for
#8, if your friends' cameras were handy at the time).
2. Do you ever feel guilty?
3. Does every attractive person of the opposite sex turn you on?
4. Have you ever felt like you wanted to kill somebody?
5. Do you ever get angry?
6. Do you ever have thoughts that you don't want other people to know that
7. Do you ever feel attracted to people of the same sex?
8. Have you ever made a fool of yourself?
9. Are there things in your life that make you feel unhappy?
10. Is it important to you that other people think highly of you?
11. Would you like to know what other people think of you?
12. Were your parents ever mean to you?
13. Do you have any bad memories?
14. Have you ever thought that your parents hated you?
15. Do you have sexual fantasies?
16. Have you ever been uncertain as to whether or not you are homosexual?
17. Have you ever doubted your sexual adequacy?
18. Have you ever enjoyed your bowel movements?
19. Have you ever wanted to rape or be raped by someone?
20. Have you ever thought of committing suicide in order to get back at
Some data collection that we might not even be aware of:
Where do we draw the line? Or is there no line? Is loss of privacy a matter
of "death by a thousand cuts"?
- browser-search data from google
- browser location data
- ISPs and browser-search data
- web cookies
- automobile event recorders
Event data recorders in cars: lots of cars have them.
- fresh-values / preferred card
LOTS of people are uneasy about privacy issues
here, but specific issues are hard to point to.
Until 2010, my local Jewel never asked for
Preferred cards for alcohol sales.
Then they started again, but now have
discontinued the card for everything.
- street-level car cameras
- street-level pedestrian cameras
- bookstore purchases
- library records
- RFID data
Privacy from the government
This tends not to be quite as much a computing issue, though
facial recognition might be an exception. "Matching" (linking the names,
say, of everyone receiving welfare payments and also owning a car worth more
than $15K) was an example once upon a time. Interception of electronic
communications generally fits into this category; the government has tried
hard to make sure that new modes of communication do not receive the same
protections as older modes. They have not been entirely successful.
One of the biggest issues with government data collection is whether the
government can collect data on everyone, or whether they must have some
degree of "probable cause" to begin data collection. On 4e p 69 / 5e p 87 of
Baase there is a paragraph about how the California Department of
Transportation photographed vehicles in a certain area and then looked up
the registered owners and asked them to participate in a survey on highway
development in that area.
Why might that have been considered to be a problem?
The California episode probably happened in the late 1990's. Does that
Police departments (and their civilian contractors) across the US are now
routinely scanning all license-plate numbers.
Canadian position: government must have a "demonstrable need for each piece
of personal information collected".
Nothing to Hide
Why do we care about privacy? Is it true that we would not care if we had
nothing to hide? What about those "minor transgressions" on
the list? Are they really minor?
Or is is true that, as Julian Sanchez wrote, "we live 'in a nation whose
reams of regulations make almost everyone guilty of some violation at some
point'" [Baase 4e p 63 / 5e p 84]
The "nothing to hide" question is central to privacy. But note the hidden
assumption that you only need privacy if you do have something to
Once upon a time (in the 1970's) there was some social (and judicial)
consensus that private marijuana use was modestly protected: police had to
have some specific evidence that you were lighting up, before they could
investigate. Now, police are much more free to use aggressive tactics (eg
drug-sniffing dogs without a warrant, though they can't use thermal imaging
without a warrant).
Is this a privacy issue?
Now the NSA collects everyone's phone records, and sometimes (it is not
entirely clear how often) uses the information to identify drug dealers
(including marijuana dealers). The information may then be turned over to
Is personal marijuana use an example of the kind of thing we have a "right"
to keep hidden from the government? Or should the government make use of
every possible tool to prevent this?
What about speeding?
What about claiming as a tax deduction a lunch with a colleague, during
which you supposedly discussed business, but your pre-lunch texts to one
another make it clear that you both really wanted to watch a soccer match?
Here are a few "Nothing to Hide" essays:
Do you believe these arguments?
Perhaps you have some minor things to hide. Traditionally, that was the
justification for the Fourth Amendment. But how does that change in a world
with mass terrorist attacks? Some in the NSA have argued that as soon as
there is another attack, everyone will be clamoring for more
How much surveillance do we need? How much do we want?
On 4e p 50 / 5e p 54, Baase quotes Edward J Bloustein as saying that a
person who is deprived of privacy is "deprived of his individuality and
human dignity". Dignity? maybe. But what about individuality? Is there some
truth here? Or is this overblown?
On 4e p 62 / 5e p 78, Baase quotes Supreme Court Justice William O. Douglas
as saying, in 1968,
In a sense a person is defined by the checks
he writes. By examining them agents get to know his doctors, lawyers,
creditors, political allies, social connections, religious affiliation,
educational interests, the papers and magazines he reads, and so on ad
Nowadays we would add credit-card records. Is Douglas's position true?
The NSA and the Snowden Leaks
In the aftermath of the September 11, 2001 attack on the World Trade Center,
Congress passed the USA Patriot Act (or Usap At Riot Act, as Richard
Stallman likes to call it). Title II of this act greatly expanded the powers
of federal agencies to conduct surveillance on suspected terrorists.
Congress created the Foreign Intelligence Surveilllance Courts (or FISA
Courts) with the Foreign Intelligence Surveillance Act of 1978. These courts
gained additional authority with the Patriot Act. The FISA courts were
charged with issuing any necessary warrants for surveillance under the
The NSA eventually began collecting all of the following:
- Telephone records of essentially every call placed in the US
- contents of emails, Facebook messages, SMS messages and other
- raw packet data from direct taps into central Internet routers
The NSA claimed that all this was authorized by §215 of the Patriot Act,
which allows collection of a wide range of records for investigations
involving international terrorism. The pre-9/11 §215 allowed for
collection of "business records"; this was amended to allow collection of
"any tangible thing". The NSA interpreted this to allow collection of data
on US nationals as long as the investigation involved someone
who was not a US national. Here is the text of the relevant portion of the
ACCESS TO CERTAIN BUSINESS RECORDS FOR FOREIGN
INTELLIGENCE AND INTERNATIONAL TERRORISM INVESTIGATIONS.
(a)(1) The Director of the Federal Bureau of Investigation or a designee
of the Director (whose rank shall be no lower than Assistant Special Agent
in Charge) may make an application for an order requiring the production
of any tangible things (including books, records, papers,
documents, and other items) for an investigation to protect
against international terrorism or clandestine intelligence activities,
provided that such investigation of a United States person is not
conducted solely upon the basis of activities protected by the first
amendment to the Constitution. [pld: does this provision mean
(2) .. (b) Each application under this section--
(1) shall be made to--
(A) a judge of the court established by section 103(a);
or [pld: this is the FISA court]
(B) a United States Magistrate Judge under chapter 43 of title 28,
United States Code, ...
(2) shall specify that the records concerned are sought for an
authorized investigation conducted in accordance with subsection (a)(2) to
protect against international terrorism or clandestine intelligence
(d) No person shall disclose to any other person
(other than those persons necessary to produce the tangible things under
this section) that the Federal Bureau of Investigation has sought or
obtained tangible things under this section.
That the FISA courts are authorized to hear these cases is explicit in
(2)(1)(A). That is, the law clearly provides for the FISA courts to
authorize release of records of US nationals (the original jurisdiction of
the FISA courts was limited to non-US-nationals). The law also makes clear
that records can be released as part of any investigation;
the person whose records are released does not have to be a
subject of that investigation. That is, your records can be
released as part of an investigation of someone else.
The last clause quoted here, (d) mandates that communications providers
can not reveal to the public or their customers anything about this
surveillance activity. These "gag orders" are unpopular. They undermine
confidence in the US software-services industry. The reason nobody had any
idea about the extent of NSA domestic surveillance before Snowden was that
these gag orders prevented talking about it. See below.
In May 2013, Edward Snowden began releasing internal, classified information
about the National Security Agency's domestic-spying program. The
information was published starting in June 2013 by the Washington Post and
the British newspaper The Guardian. While there are lots of spying events
documented by Snowden, the two primary ones are the sweep of telephone
records and the PRISM program involving the content of emails.
In May 2006, the FISC issued its first order (a mass subpoena) requiring
telephone providers to turn over all telephone records to
the NSA, as part of the PRISM program. These records
The content of the call is not saved. The records above are the
normal business records of the providers. The government has long considered
"normal business records" to be fair game, although others have objected to
this interpretation. The Supreme Court ruled in Smith v Maryland
that the police do not need a warrant to gather the called-number
information for phone calls. But is your cellphone's location a "normal
- number called
- number placing the call
- subscriber information
- length of call
- location of any mobile phones involved
Note that there is no claim by the government that any particular phone
number might be associated with illegal activity.
The original order allowed for the collection of the data, but any use
had to be approved by the FISC. In 2009 the FISC discovered that the NSA had
not been complying with this portion of the requirement. Exactly what is the
status of the regulations on the use of this data is not clear.
The PRISM program also involved the collection of contents
of email and other text-based messages (and possibly some Skype calls). This
data came from providers (eg Gmail, Yahoo and Microsoft). The third leg of
the program included data obtained through direct taps into key Internet
routers. This information was supposedly collected on a per-name (that is,
individual) basis, but emails were included of those who were on the third
"hop" away from a suspect (someone who corresponded with a suspect is on the
second hop). So communications between US nationals were definitely
Supposedly no warrant is needed to monitor communications of either
non-nationals or of US nationals traveling outside the US. However, the FISA
court generally signed off on the subpoenas involved. Mass surveillance is
impractical if "probable cause" must be established for every individual
involved, eg for a warrant.
Snowden claimed he tried to bring his legal issues with mass surveillance to
the attention of his superiors at the NSA. The NSA denied this. A 2016
article suggested that the NSA was not being truthful: https://news.vice.com/article/edward-snowden-leaks-tried-to-tell-nsa-about-surveillance-concerns-exclusive.
However, neither did Snowden present detailed logs of his attempts at
contacting his superiors.
If your interaction with Facebook or gmail was via https,
that is, via an encrypted web connection, then the NSA would have to decrypt
anything it obtained through router taps. Decryption of much https traffic
is not terribly difficult, but it is time-consuming, and the NSA
probably cannot afford to decrypt all of it. Obtaining message information
from the providers -- such as Facebook and Google -- avoids that.
You can encrypt your email on an end-to-end basis, but that is not
exactly trivial. The standard open-source public-key encryption package is
probably GPG (Gnu Privacy Guard). There is a plugin for the Thunderbird
email reader, known as enigmail, that provides email
support for GPG. That is, email messages to and from selected recipients are
automatically encrypted and decrypted.
Catch #1: You have to resolve the public-key-trust issue.
Suppose Alice wants to email Bob, with whom she has no pre-existing
relationship. Then Alice needs Bob's public key. She can just
trust that the key is the one on Bob's website, but what if the NSA
redirects Alice to a fake copy of Bob's site, with a fake public key? Alice
then sends the email encrypted with the NSA's public key. The NSA decrypts
it, saves it, and re-encrypts it with Bob's real public key and delivers it
to Bob. Bob is none the wiser.
This is known as the "man-in-the-middle" attack.
The traditional assumption here is that you get other people's public keys
from people you trust. This can be tricky.
The Signal encrypted-text-message system has a reasonably convenient
approach to this problem. If Alice is worried, she can call Bob
(the idea is that she would recognize Bob's voice) and the two can exchange
key "fingerprints" by voice.
Catch #2: How many other people will set up encryption?
Until there is a large number, Alice's email stands out by dint of being
encrypted. The NSA can devote intense resources to breaking the encryption.
And Alice is now on the Watch List.
Also, you can only use encryption with other people who have set it up. Most
of your email is thus likely to remain plaintext.
Signal has tried hard to make encryption universal. Their biggest success
was probably in convincing Whatsapp to use their TextSecure protocol.
Catch #3: Where do Alice and Bob keep their keys? If they
are on their respective computers permanently, then they are vulnerable. If
they are only entered when necessary, then the act of typing the key is a
weak point. If Alice and Bob want to get each others' email on the go, and
try to use encryption on their smartphones, that becomes a weak point.
On the one hand, national security is an important goal. But what about the
following two-step argument:
Apparently the Special Operations Division of the DEA has been beneficiary
of some NSA data, and has been using it in narcotics arrests. DEA agents
have been trained in the art of parallel construction
-- coming up with an alternative explanation for why someone was arrested,
that avoids disclosure of the NSA data. While to a point this is legitimate,
ultimately the defendant's right to a fair trial depends on obtaining all
information about how a case was investigated.
- The government will intercept all emails and phone records in order to
improve national security
- Since we have all these emails, we will also use them to track down
those selling illegal drugs, those engaged in bank fraud, and those
claiming excess deductions on their tax returns
More disturbingly, use of personal data obtained without a warrant is often
forbidden at trials. The NSA/DEA subterfuge here intentionally bypasses
that. The NSA has also shared information with other federal agencies,
including the IRS.
The effect of all this is to allow the use of NSA-collected data in ordinary
See the article at http://www.reuters.com/article/2013/08/05/us-dea-sod-idUSBRE97409R20130805.
A more recent example  is described in theintercept.com/2016/05/05/fbi-told-cops-to-recreate-evidence-from-secret-cell-phone-trackers.
A memo regarding the use of the Stingray cellphone tracker was sent to the
Oklahoma City police department by FBI agent James Finch. It reads, in part:
Information obtained through the use of the
equipment is FOR LEAD PURPOSES ONLY, and may not be used as primary
evidence in any affidavits, hearings or trials. This equipment provides
general location information about a cellular device, and your agency
understands it is required to use additional and independent investigative
means and methods, such as historical cellular analysis, that would be
admissible at trial to corroborate information concerning the location of
the target obtained through the use of this equipment.
The problem here is that it is illegal for police to withhold evidence, but
it is hard to read this paragraph as not advocating just that! If historical
cellular data is adequate, why do the police need a Stingray? The real
problem with historical cellular data is that the police use the Stingray to
identify the suspect; finding the applicable historical data is like looking
for a needle in a haystack.
In the last century, the federal government discouraged encryption with the
stated goal of being able to investigate the following groups:
- child pornographers
- narcotics traffickers
What happens when the third group above includes recreational (or
medical) marijuana users? For that matter, what if the first group is
taken to include anyone who expresses an interest in a "subversive"
organization, such as Occupy Wall Street?
In 2016, the FBI petitioned Congress for access to a basic form of browser
records: a list of what web IP addresses you connected to. The FBI has tried
to argue that this was left out "by mistake" from a much earlier version of
the law, but that law explicitly listed only telephone records. See https://www.washingtonpost.com/world/national-security/fbi-wants-access-to-internet-browser-history-without-a-warrant-in-terrorism-and-spy-cases/2016/06/06/2d257328-2c0d-11e6-9de3-6e6e7a14000c_story.html.
Is a telephone call record really like a website connection? The phone
company uses the former for billing (or used to); no ISP uses your website
connections for billing. In this sense they are not business records.
In 2008, Yahoo attempted to fight the PRISM-based FISA Court order to turn
over a large volume of emails. The case made it to the appellate level --
the US Foreign Intelligence Surveillance Court of Review. The partially
redacted decision -- at http://www.fas.org/irp/agency/doj/fisa/fiscr082208.pdf
-- is chilling. First off, the appeals court makes several references to the
trial court decision, but the trial court decision is secret. The
trial-court decision is referred to as "Sealed Case".
Yahoo raised two issues: that a warrant was always needed, even for foreign
nationals, and that the requests for information were "unreasonable".
The first point -- whether the fourth amendment applies to foreigners -- is
a serious issue, but the court dismissed it without considering precedent.
As for the second point, the court basically agreed that there should be no
clear line "between foreign intelligence purposes and criminal investigation
purposes". Of course, some might argue that this should raise the
bar for whether a search was "reasonable", but the FISC ruled that as long
as the stated purpose was foreign-intelligence gathering, then
subpoenas were ok. The FISC turned the Fourth Amendment on its head by then
arguing (p 17) that warrants were "unreasonable":
We add, moreover, that there is a high
degree of probability that requiring a warrant would hinder the
government's ability to collect time-sensitive information and,
thus, would impede the vital national security interests that are at
Finally, the court decided that whether a search was "reasonable" must
depend on its importance. If national security is at stake, essentially all
searches (according to the opinion) become reasonable.
At one point (page 12) the decision states, in case the reader is confused,
"This makes perfect sense".
Spying and harm
Does the NSA spying on Americans actually cause any harm to ordinary
Americans? Is it true that if we have nothing to hide, then we have nothing
The government has long kept tabs on those who participate in protest
movements. So what?
Is there a "chilling effect"? If so, is it strong enough to matter?
According to a Congressional investigation committee, "Martin Luther King,
Jr. was the target of an intensive campaign by the Federal Bureau of
Investigation to 'neutralize' him as an effective civil rights leader." What
could the FBI actually do to MLK? They tried exposing him as a communist,
but failed as MLK had no ties to communism.
In November 1964 the FBI sent King an anonymous letter, here,
in which the letter writer threatens to expose King as a fraud (possibly for
adultery) and suggests that the only way out is for him to commit suicide.
Alternatively, perhaps the government might have tried blackmailing King.
Is this concern of any large-scale significance?
How is this related to apparent NSA use of sexual information to discredit
what it calls "radicalizers"?
The National Security Agency has been
gathering records of online sexual activity and evidence of visits to
pornographic websites as part of a proposed plan to harm the reputations
of those whom the agency believes are radicalizing others through
incendiary speeches, according to a top-secret NSA document. The document,
provided by NSA whistleblower Edward Snowden, identifies six targets, all
Muslims, as 'exemplars' of how 'personal vulnerabilities' can be learned
through electronic surveillance, and then exploited to undermine a
target's credibility, reputation and authority.
Is this the basis for another argument that we are entitled to privacy even
if we have "nothing to hide"?
Do we agree to this?
James Clapper, director of the NSA, says "We Should've Come Clean About
Phone Surveillance": http://swampland.time.com/2014/02/17/james-clapper-nsa-phone-surveillance/
I probably shouldn't say this, but I will...
Had we been transparent about this from the outset right after 9/11 --
which is the genesis of the 215 [Section of the Patriot Act -- pld]
program -- and said both to the American people and to their elected
representatives, we need to cover this gap, we need to make sure this
never happens to us again, so here is what we are going to set up, here is
how it's going to work, and why we have to do it, and here are the
safeguards ... We wouldn't have had the problem we had.... If the program
had been publicly introduced in the wake of the 9/11 attacks, most
Americans would probably have supported it.
Never mind that in June 2013 when the phone surveillance first came to
light he was quite upset that the secrecy of the program was lost. Now
that our enemies knew about it, he said then, they would find other ways
In the post-9/11 context, do you support at least the basic framework of
the NSA surveillance? Do you think a majority of Americans do? There may
have been some excesses (such as hacking and "parallel construction"), but
ignore those for the moment.
ACLU v Clapper
On May 7, 2015, the Second Circuit released their decision
in ACLU v Clapper, in which they found that Section 215 of the Patriot Act
does not allow bulk phone-metadata collection.
Implementation of the ruling was stayed, however, pending appeal to the
The decision did not address whether such collection violates the Fourth
Amendment; the claim was simply that the existing Section 215 did not allow
for the data collection that was being done.
The opening of the argument raised issues of domestic FBI surveillance
during the 1970's, which was eventually significantly curtailed.
The court also pointed out
A call to a single-purpose telephone number
such as a "hotline" might reveal that an individual is: a victim of
domestic violence or rape; a veteran; suffering from an addiction of one
type or another; contemplating suicide; or reporting a crime. Metadata can
reveal civil, political, or religious affiliations; they can also reveal
an individual's social status, or whether and when he or she is involved
in intimate relationships.
A large part of the case hinged on whether the ACLU, together with a set of
telephone subscribers, had in fact standing to sue. The Second Circuit held
that they did, because the government had collected their phone records.
Actual use of the records did not have to be shown, let alone actual harm.
On June 1, 2015, section 215 of the Patriot Act expired,
along with a few other provisions.
The next day Congress passed (and the president signed) the
so-called Freedom Act, which granted a 6-month extension to the NSA's
phone-metadata-collection program. After that time, the data-collection
program apparently came to an end.
On June 29, 2015 the FISA Court of Appeals ruled that the
Freedom Act had implicitly authorized the continuation of the NSA's
metadata-collection program, at least for 6 months, and thus "reversed" the
Second Circuit. The reversal of the Second Circuit decision raises a
decidedly awkward question of jurisdiction, but the FISA court has a point,
and the Second Circuit had stayed their own order pending appeal.
But because of the ending of the bulk-data-collection program, the case was
not appealed to the Supreme Court.
Microsoft vs US
(This case is also known as the "Microsoft Ireland case", and is not to be
confused with the antitrust litigation US v Microsoft.)
In December 2013, Microsoft received a search warrant from the US Department
of Justice for the email of a drug-trafficking suspect. Microsoft refused,
on the legal theory that the data was stored at a data center in Ireland,
and that therefore Irish laws should apply. The DoJ, instead of obtaining
approval of Irish authorities, decided that Microsoft had to turn over the
data because it was a US company, no matter where the data was located.
One problem with the government's legal theory is that it may be illegal
in the remote jurisdiction to turn over documents without a warrant.
and also natlawreview.com/article/microsoft-ireland-case-status-and-what-s-to-come.
Microsoft appealed to the Second Circuit. In July 2016 a three-judge panel
ruled unanimously in Microsoft's favor: the US must obtain a warrant in
Ireland, under the existing mutual-legal-assistance treaty. The US asked for
an en banc rehearing. This motion was denied in January 2017; the
eight circuit judges ruling on the motion were split four to four, and so
the three-judge panel decision holds.
This case has apparently not been appealed to the Supreme court.
A big concern for Microsoft -- and other US companies -- is that if the DoJ
had prevailed, then foreign companies would likely be increasingly reluctant
to trust US-based cloud providers -- even when the cloud storage is
physically located outside the US. This case, therefore, was central to
Microsoft's business interests.
In a related case, a Microsoft employee was charged in Brazil with failure
to turn over Skype records. In Brazil, turning over the records was
required, but at the same time in the US turning over the Brazilian records
was (and still is) forbidden.
Supreme Court cases on privacy --
Baase 4e pp 63ff / 5e p 77
1928: Olmstead v United States
The 4th amendment does NOT apply to wiretaps
v United States
The 4th amendment does too apply to wiretaps! Privacy may still exist in a
Katz was using a pay phone; the FBI had a microphone just outside the phone
booth. To the appellate court, the fact that the microphone did not intrude
into the phone booth was significant in finding for the FBI, but the supreme
Under Katz, the doctrine of "reasonable expectation of privacy"
(REoP) replaced the doctrine of "physical intrusion".
The problem with the REoP doctrine: as
technology marches on, isn't our reasonable expectation diminished? And
does this then give the government more license to spy?
Note the first part of the quotation above: if you expose something to the
"public", it is not private. This was later formalized in the Miller
decision, next, despite the following also from the Katz decision:
This second quote strongly suggests that your "papers" do not have to be
physical, or under your direct control, to be covered by the Fourth
Indeed, we have expressly held that the Fourth Amendment governs not
only the seizure of tangible items, but extends as well to the recording
of oral statements, overheard without any "technical trespass under . .
. local property law." Silverman v. United States, 365
U. S. 505, 365
U. S. 511. Once this much is acknowledged, and once it is
recognized that the Fourth Amendment protects people
-- and not simply "areas" -- against unreasonable searches and seizures,
it becomes clear that the reach of that Amendment cannot turn upon the
presence or absence of a physical intrusion into any given enclosure.
425 US 435
(There are at least three major Supreme Court cases involving someone named
Miller's incriminating bank records were subpoenaed. Miller tried to argue
that a warrant was needed. In this he lost.
The Supreme Court ruled that information we share with others (eg our bank)
is NOT private. The government can ask the bank, and get this information,
without a warrant. (However, the bank could in those days refuse.)
Justice William O Douglas was quoted earlier as saying a person could be
"defined by the checks he writes". Douglas might not have agreed with the
Miller decision, but he died in 1975.
The Miller decision created what is now known as the third-party doctrine:
all "business records" about us are fair game for an ordinary subpoena. On
the one hand, this is a straightforward extension of the idea in Katz that
what you expose to the public is not private (though there is room to debate
just what is "public"). On the other hand, though, Miller had tried to use
the second Katz quote above in his defense, that papers don't have to be
physically under ones control, and lost.
The decision quoted from an earlier ruling
This suggests that the transaction theory (later) of
privacy is involved: both parties have significant interests in the records.
What about "business records" that are largely irrelevant to the operation
of the business? Email providers have zero involvement in
the content of the email (except for gmail?), and cellular providers have no
interest in your nearest-tower location after you have left that particular
cell. Unfortunately, the Supreme Court has never really addressed this
aspect of the Third-party Doctrine, or for that matter even spelled out a
constitutional justification for it.
Another thread in the third-party doctrine comes from informants wearing a
wire. The Supreme Court ruled in On
Lee v US that no warrant was needed for that, whereas a warrant would
be needed if the informant were not present and the wire were simply an
eavesdropping device. The argument here is that the wire simply records what
the informant -- the third party -- has heard directly.
For a good history of the third-party doctrine by Orin Kerr, see http://www.michiganlawreview.org/assets/pdfs/107/4/kerr.pdf.
We will continue with this here in the context of
1979: Smith v Maryland
Reduction of REoP by the police is not SUPPOSED to diminish our
4th-amendment rights. However, in that case the supreme court ruled that
"pen registers" to record who you were calling did NOT violate the 4th
Patricia McDonough had her purse stolen. She remembered the assailant's car.
Soon after, she began receiving crank calls, and recognized the car driving
down her street. A police officer saw the car, noted its license plate, and
discovered the car was registered to Michael Smith. A pen register was
placed on Smith's home line; this revealed calls to McDonough. Based on
those calls, the police got a warrant, and at that point found further
evidence. Smith argued, through his lawyers, that the pen register was a
warrantless search and that all the later evidence should be thrown out. He
Application of the Fourth Amendment depends
on whether the person invoking its protection can claim a "legitimate
expectation of privacy" that has been invaded by government action. This
inquiry normally embraces two questions: first, whether the individual has
exhibited an actual (subjective)
expectation of privacy; and second, whether his expectation is
one that society is prepared to recognize as "reasonable."
First, we doubt that people in general
entertain any actual expectation of privacy in the numbers they dial. All
telephone users realize that they must "convey" phone numbers to the
telephone company, since it is through telephone company switching
equipment that their calls are completed. All subscribers realize,
moreover, that the phone company has facilities for making permanent
records of the numbers they dial....
If you want to keep a number private, don't call it!
Note the crucial issue that the defendant voluntarily
shared the number with the phone company! Of course, if you want to
use a phone, you have no choice.
Justices Stewart & Brennan dissented
The telephone conversation itself must be
electronically transmitted by telephone company equipment, and may be
recorded or overheard by the use of other company equipment. Yet we have
squarely held that the user of even a public telephone is entitled "to
assume that the words he utters into the mouthpiece will not be broadcast
to the world." Katz v. United States
What do you think of this distinction? Is there a difference between sharing
your phone number with the phone company and sharing your actual
conversation with them? Is the phone number a "business record" of continued
relevance? How does the phone number (which at the time of the case would
have been used for billing) differ from a cell-tower location? After all,
even today cell-tower locations are used to determine whether you are
roaming, and thus affect your bill.
Do you think the Supreme Court might have answered differently if they had
envisioned NSA-type "pen registers" on essentially everyone in the
United States? Note that Smith was an active suspect; the police
probably could have obtained a warrant based on McDonough's tying of Smith's
car to her robbery.
The Smith case represents a further extension of the third-party doctrine to
2001: Kyllo v United States
Thermal imaging of your house IS a 4th-amendment search! This is a very
important case in terms of how evolution in technology affects what is a
Held: Where, as here, the
Government uses a device that is not in general public use, to explore
details of a private home that would previously have been unknowable
without physical intrusion, the surveillance is a Fourth Amendment
'search', and is presumptively unreasonable without a warrant.
How long into the future will this hold? Could it be that part of the issue
was that the general public was not very aware of the possibility of thermal
imaging? If thermal imaging were
to come into not only general public awareness but also general public use (eg by equipping cellphones with IR
cameras), would the situation change?
In 2016, Caterpillar (yes, the maker of the D11
Bulldozer) has now introduced a phone with an infrared camera:
In 1990 the Supreme Court let stand a lower-court decision that
eavesdropping on someone else's phone call made on an old-fashioned cordless
phone (remember those?) was not an invasion of privacy because no one had a
"reasonable expectation of privacy" with these devices. Many users did know
that it was easy to listen in to someone else's call simply by playing with
the channel button. See http://articles.latimes.com/1990-01-09/news/mn-155_1_cordless-phone-transmissions.
A related issue came up in the context of John and Alice Martin's 1996
taping of an embarrassing conversation involving then-Representative Newt
Gingrich, who was engaged in a frank discussion of some ethics lapses. The
Martins used a police scanner to listen in to Rep. Gingrich's "cell" phone;
the phone was likely a first-generation analog (or "AMPS") model that was
almost as easy to eavesdrop on as a cordless phone though this did require
special equipment. The Martins were eventually fined $1,000.
Jonas Diener of Virginia was using eight times the normal amount of
electricity at his home. Based on that, police obtained a warrant, believing
he was running a marijuana "grow house". They did find some marijuana, but
it was unrelated to the electric usage. Diener was not growing marijuana.
The electricity use was due to a large-scale bitcoin-mining server Diener
had set up.
Diener received a six-month suspended sentence. Initially the police seized
his computer hardware and his bitcoins.
In general, once a search warrant has been executed, it is still possible to
challenge the search by making a motion to suppress evidence
obtained from the search. (Sometimes this is called a motion to quash,
though apparently that is really supposed to apply only to warrants that
have been issued but not executed.) Diener could have argued that excessive
electrical usage is not probable cause for a drug search
-- his own bitcoin-mining operation would have been Exhibit A here -- and
there is a good chance he would have prevailed.
However, justice like that is expensive. It appears Diener settled for the
suspended sentence rather than fighting the legal principles. The fact that
the government offered a completely suspended sentence suggests that they
were worried at least a little about losing the case.
2012: United States v Antoine Jones
Jones was an alleged cocaine dealer in the Washington, DC area. Police
attached a GPS tracker to his car while it was parked in the driveway. By
following him over a 30-day period, the police were able to build a strong
case against him. But Jones argued that such tracking was unreasonable
warrantless search, despite a 1983 Supreme Court ruling that allowed
wireless tracking for single trips. The Department of Justice argued that no
one has a REoP regarding his or her movements on public streets. The DoJ
also pointed to the 1983 US v Knotts case in which police had the
manufacturer attach a radio beeper to a drum of chloroform. When Knotts
purchased the drum, police used the beeper to track him to his cabin in the
In August 2010, the DC Court of Appeals agreed with Jones, and overturned
his conviction. (This decision was known as US v Maynard.)
The ninth circuit and the seventh circuit (including Illinois) had ruled
The Supreme Court ruled unanimously in January 2012 that "the Government's
attachment of the GPS device to the vehicle, and its use of that device to
monitor the vehicle's movements, constitutes a search under the Fourth
Amendment." As such, a warrant would be required.
However, by 5-4 the court also ruled
that the issue here was the government's trespass onto private property to
install the GPS tracker. That is, the court did not
rule broadly (by explicit choice!) on the question of whether sustained GPS
tracking itself violated a person's reasonable expectation of privacy.
Justice Scalia wrote the majority opinion, arguing that rules against
government trespass should coexist with the REoP approach, and that this
particular case could be decided on trespassing grounds without the need to
consider REoP (which others on the court agreed was a problematic standard).
Note that the trespass ruling makes the decision consistent with Knotts.
Jones was tried again in January 2013; in that trial, the government used
nearest-tower location data instead of GPS data. That trial ended in a hung
jury. The government prepared for yet another trial, but Jones finally
accepted a plea bargain of 15 years with credit for time served.
In US v Katzin, 2013, the Third Circuit ruled that the
police must obtain a warrant simply to monitor GPS trackers. In
this case, the device was installed before the US v Jones decision, but the
police continued to monitor the device afterwards. The Third Circuit ruling
expressly states that a warrant is required both to install a GPS tracker
and to monitor it.
The Mosaic Theory
In the DC Circuit version of the Antoine Jones case (US v Maynard), the
court developed what they called the "mosaic theory": that one individual
record might not require a warrant, but that continued use of such data
could be a different story.
[W]e hold the whole of a person's movements
over the course of a month is not actually exposed to the public because
the likelihood a stranger would observe all those movements is not just
remote, it is essentially nil. It is one thing for a passerby to observe
or even to follow someone during a single journey as he goes to the market
or returns home from work. It is another thing entirely for that stranger
to pick up the scent again the next day and the day after that, week in
and week out, dogging his prey until he has identified all the places,
people, amusements, and chores that make up that person's hitherto private
... When it comes to privacy, however, precedent suggests that the whole
may be more revealing than the parts.
What do you think of this? In many ways, this is the heart of the
NSA-surveillance issue: that the NSA took rules allowing isolated
surveillance, and applied them universally.
Here is the Volokh
Conspiracy's take on this (by Orin Kerr).
The FBI and cellphone location
nearest-tower (cell-handoff) records v GPS records
Supposedly the Justice Department gets warrants for GPS data (nearest few
feet), but usually does not for
nearest-tower data (which positions you to within a few miles at worst, a
few hundred feet at best).
Another distinction is between realtime data (where you are now) and
"historical" data (where you were).
The federal government has tried to claim that nearest-tower data simply
amounted to "routine business records". Are they?
Note that the Jones opinion does not apply here as the police do not
trespass when they acquire GPS phone records.
In August 2012 the Sixth Circuit ruled that police could use GPS tracking of
Melvin Skinner's phone without a warrant. Skinner was arrested with 1,100
pounds of marijuana in 2006; he was tracked via his prepaid cellphone.
The decision stated that the Antoine Jones case was specifically about
police intrusion onto Jones' property to attach a tracker, and not
about GPS tracking per se.
However, in Melvin Skinner's case, the police (with the cooperation of the
cellphone provider, under court order but not a warrant) turned on
the GPS feature of the phone remotely. Skinner was not tracked through his
use of the phone, or because he enabled GPS himself.
Judge John Rogers wrote,
When criminals use modern technological
devices to carry out criminal acts and to reduce the possibility of
detection, they can hardly complain when the police take advantage
of the inherent characteristics of those very devices to catch them.
In short, Skinner did not have a
reasonable expectation of privacy in the data emanating from his cell
phone that showed its location.
There is no Fourth Amendment violation
because Skinner did not have a reasonable expectation of privacy in the
data given off by his voluntarily procured pay-as-you-go cell phone.
If a tool used to transport contraband gives off a signal that can
be tracked for location, certainly the police can track the signal.
The law cannot be that a criminal is entitled to rely on the
expected untrackability of his tools.  Otherwise, dogs
could not be used to track a fugitive if the fugitive did not know that
the dog hounds had his scent. A getaway car could not be
identified and followed based on the license plate number if the
driver reasonably thought he had gotten away unseen. The recent
nature of cell phone location technology does not change this. If it
did, then technology would help criminals but not the police.
It follows that Skinner had no expectation of privacy in the context
of this case, just as the driver of a getaway car has no expectation
of privacy in the particular combination of colors of the car's
The footnote  clarifies:
We do not mean to suggest that there was no
reasonable expectation of privacy because Skinner's phone was used
in the commission of a crime, or that the cell phone was illegally
possessed. On the contrary, an innocent actor would similarly lack a
reasonable expectation of privacy in the inherent external locatability of
a tool that he or she bought.
On the other side of the question, what is so hard about getting a
warrant? In Skinner's case, it appears that the police already had
plenty of "probable cause".
A significant problem with the Skinner decision is that, while the police
discovery of Skinner's location clearly depended on GPS
data, most of the decision's argument makes sense only for the case of nearest-tower
data. Note, for example, the quote above where it says "Skinner did not have
a reasonable expectation of privacy in the data given off by his voluntarily
procured pay-as-you-go cell phone"; it is nearest-tower data that is given
off "volunarily". There are suggestions that the Sixth Circuit simply
confused the two.
The Skinner decision does represent something of a "circuit split": other
appeals courts have ruled against this kind of GPS tracking. In 2015, in US
v Graham, the Fourth Circuit ruled that police must obtain a warrant even to
make use of nearest-tower data.
However, the Supreme Court has not yet resolved the issue.
Baase 4e Section 2.2.4 / 5e Section 2.4.1
This is a big issue in Chicago, where there are both "obvious" and "hidden"
2001 Super Bowl: Tampa police used facial-recognition software on all
100,000 fans. The software did not work terribly well.
London: heavy camera use to:
- charge tolls for driving into central London during rush hour
- enforce youth curfews
London in 2005:
What about the rate of false positives? This is diminishing, slowly but
- report indicating cameras had little effect on crime
- (after the report) cameras helped identify subway bombers
Should the London cameras be used to track lesser crimes, such as
pickpocketing? Supposedly the Chicago street cameras have been quite
effective in handling minor crimes.
The police can track you outside your home by any or all of the following:
Is it true that you have no expectation of privacy outside
- Cellphone nearest-tower records
- IMSI catchers ("Stingrays"), by which the police device becomes
your nearest cellular tower
- Cellphone GPS
- car license-plate scanners (if you are driving)
- facial recognition
There is a longstanding notion that one can be anonymous in a large crowd; is
there a legal basis for this?
After all, if you are seen on the street by someone who recognizes you, or
your car, your privacy is lost. The police can simply follow you, if they
are interested in you.
Most people attending protest rallies perhaps assume that the police will
not recognize them. What if the police can easily look everyone up? Should
there be controls in place?
Facial recognition is starting to get quite accurate, particularly if the
government has multiple photos of you. A huge trove of tagged photos, for
example, can be found at Facebook.
Consider again the California DOT incident in which the state sent letters
to everyone whose car was recorded using a certain stretch of highway.
People at the time were upset. Should they have been informed that this was
a public road and they simply needed to get over it? Would that be what
would happen if the incident occurred today?
Baase 4e p 86 / 5e p 91: case study on federal DB on all US college
students. The database would list all courses taken, with grades; it would
also include loan and scholarship records.
This is a good example of a fairly common situation: creation of a new
database containing confidential information.
- tracking graduation records
- tracking how programs & funding affect student performance
- cradle-to-grave tracking of behavior issues, sometimes unsubstantiated
- potential availability to employers, etc
- identity theft
Is such a database a good idea?
What if in 2021 a law is passed giving prospective employers access to
the data, if the job applicant signs a consent form? What do you think
would happen if you refused to sign?
Related "database-matching" issue: should the government be able to link
- men receiving student aid
- men registered with the selective service (draft)?
Ross William Ulbricht, aka Dread Pirate Roberts, was arrested on October 1,
2013 for his role in running the hidden Silk Road website, generally reached
only via onion routing but possibly at https://silkroadvb5piz3r.onion.lu/,
and for his efforts to hire an assassin using the site. The Silk Road
website itself, widely used for purchasing illegal drugs, was also shut
One of the biggest FBI leads was the interception by the Canadian government
of nine fake drivers' licenses ordered by Ulbricht. Another may
have been the following post on StackOverflow.com,
about programming and onion routing: http://stackoverflow.com/questions/15445285/how-can-i-connect-to-a-tor-hidden-service-using-curl-in-php.
Does the Silk Road have any legitimate uses?
Electronic Communications Privacy Act, 1986
You might think that, because the Supreme court readily recognized that a
warrant is needed for phone wiretapping, the same would hold true of email.
This is not, however, how the government saw it.
The difference, for government lawyers, is that email sits around after it
is read. At that point it is a "stored document", and maybe even a "business
record" of your ISP. It has taken a long time to achieve any form
of recognition of a "reasonable expectation of privacy" for email.
was intended to extend the existing restrictions on government
wiretaps to other electronic communication, in particular email. However, it
also applies to private organizations. It has three exceptions that serve to
limit its applicability to employer monitoring (§2511(2)(a))
- The provider exception (except that a provider .. shall not
utilize service-observing or random monitoring except for ...quality
- The ordinary course of business exception
- The consent exception. (c)
Generally, most employer monitoring falls under one of these. Note that
the "provider" exception is a specific feature of ECPA; ownership of the
hardware does not create a general right of access and in particular
ownership of a telephone system
does not create a right to eavesdrop.
Phone surveillance in the workplace
Do computers empower workers, or shackle them?
While we're on the topic of ECPA, there is:
Title I, covering electronic communications in
Title18 Chapter 119)
no interception: http://www.law.cornell.edu/uscode/18/usc_sec_18_00002511----000-.html
evidence exclusion: http://www.law.cornell.edu/uscode/18/usc_sec_18_00002515----000-.html
Title II, the Stored Communications
Title 18 Chapter 121)
email stored 180 days or less: gov't needs a warrant
more than 180 days: warrant, subpoena, or court order
§2703 (a): less than 180 days
(b): more than 180 days
Here's that part from §2703(b) preserved for posterity:
A governmental entity
may require the disclosure by a provider of electronic communications
services of the contents of a wire or electronic communication that has
been in electronic storage in an electronic communications system for more than one hundred and eighty days
by the means available under subsection (b) of this section.
of Wire or Electronic Communications in a Remote Computing Service.
governmental entity may require a provider of remote computing service
to disclose the contents of any wire or electronic communication ...
required notice to the subscriber or customer, if the
governmental entity obtains a warrant
issued using the procedures described in the Federal Rules of
Criminal Procedure (or, in the case of a State court, issued using
State warrant procedures) by a court of competent jurisdiction; or
prior notice from the governmental entity to the subscriber or
customer if the governmental entity
uses an administrative
subpoena authorized by a Federal or State statute or a
Federal or State grand jury or trial subpoena; or
obtains a court order for such disclosure
under subsection (d) of this section; except that delayed notice may be given
pursuant to section 2705
of this title.
§2703(b) (above) has much less stringent restrictions. Debate continues
as to the appropriate category for email messages, but see below under
Nobody is quite sure why Congress thought the 180 day rule was important.
However, in 1986 keeping your email on your server indefinitely was
generally not an option.
ECPA amended the Wiretap Act of 1968.
There are three separate issues regarding email:
- Age less than 180 days versus older than 180 days (SCA rule)
- Whether you have opened the email or not (some court decisions have
held that email is subject to SCA protection only if it has not been
opened; after that, it is a stored personal record not unlike Google
- Whether the email is something you sent, or received: you generally
have no fourth-amendment rights in email sent you by others.
US v Councilman
Bradford Councilman ran a website that listed rare books; he also gave
email accounts (actually aliases) to booksellers within the domain
"interloc.com" (this might be comparable to amazon.com giving email
aliases to their associated private sellers, or even ebay). However,
Councilman examined these dealer emails in order to develop a competitive
strategy (these emails would show what rare books were in demand, for
example; apparently the real target was amazon.com).
In the case US v Councilman, the government prosecuted Councilman for
interception of email in violation of the ECPA/Wiretap Act. Councilman
argued that he only examined the email as it was stored on servers
temporarily while being routed to its final destination, and that
accessing stored documents did not
constitute "interception" for the purposes of the Wiretap Act. The
District Court and a 3-judge panel of the Appellate Court agreed with
Councilman's theory. In 2005, however, the First Circuit court ruled en banc that, yes, ECPA in-transit
rules did apply to data stored temporarily on disks (filesystems) as well.
Note that the issue here is not
government access to electronic communications.
Note also that the status of email as it sits in storage remains
Email differs technically from voice in that as email is forwarded to its
destination the full message sits briefly on various intermediate servers.
Phone servers store at most a few bits of a voice stream at a time. The
First Circuit ruled very definitively that, despite the appearance that
email was being stored, the practical understanding was that it was in transit, and as such was
protected. This is a good example of the courts rejecting a "technical"
argument for the "big picture"; note, however, that the first two courts
to hear the case agreed with the technical argument.
The full First Circuit decision is at http://www.ca1.uscourts.gov/pdf.opinions/03-1383EB-01A.pdf
Google is currently being sued over its scanning of gmail to better target
advertising. Plaintiffs are claiming that the process violates the ECPA.
Google's defense is that users agree to this in its Terms of Service, though
Google may also have scanned email from outsiders sent to gmail accounts.
In March 2014, district court judge Lucy Koh ruled that non-Gmail users who
sent email to gmail accounts could sue individually, but not as a class
action. The legal theory was apparently that there was too much variation
between class members as to what Google terms were agreed to. Financially,
that makes these cases very difficult. One issue may have been
that many non-Gmail users still have Google accounts, or otherwise have
agreed to Google's ToS in the past.
However, in a very similar case against Yahoo, Koh
ruled on May 27, 2015 that non-Yahoo users who sent email to Yahoo
accounts and had it scanned were eligible for class-action status.
Part of the issue may have been this sentence from Yahoo's ToS cited by
If you consent to this [Additional Terms of
Service] and communicate with non-Yahoo users using the Services, you are
responsible for notifying those users about this feature.
It would not be unreasonable to imagine that only scanning email sent
by ones users would be easy to implement.
United States v Warshak, civil case, 6th
circuit decided June 2007, redecided July 2008, redecided December 2010
This was a case involving government
compliance with ECPA. Steven Warshak ran a mail-order operation promoting
"Enzyte" for "natural male enhancement." At its peak, annual sales reached
$250 million, and the company employed 1500 people.
There were several allegations of fraud: that the physician testimonials
for the product were entirely fictitious, that many customers were
enrolled a monthly "auto-ship" program without notification, and that the
merchant bank accounts were manipulated to make credit-card complaints
seem to be a smaller percentage than there actually were. Eventually the
government investigated and then prosecuted.
The government got a subpoena order from a US Magistrate asking for his
email records. The first request came in October 2004 for Warshak's ISP,
NuVox, to retain copies of Warshak's emails. The second request came 180
days later, to turn over any emails that had been archived more than 180
days. In time, all the archived emails were turned over. Warshak and his
employees read their email using the POP protocol, which deletes messages
from the server as soon as they are read. The feds would have had nothing
to subpoena if NuVox hadn't retained copies.
In May 2006 Warshak found out about all this. As the emails were
incriminating, Warshak argued that the US needed a warrant, which is much
stronger than a subpoena. In 2006 he filed a claim seeking a declaratory
judgement that a warrant and not a subpoena was needed. (A
declaratory judgement is a court ruling on a procedural matter where there
is no actual action ordered.)
- subpoena v search warrant: latter is stronger
- warrant for unopened email, subpoena for opened?? (stored-document
- Subpoenas give you a few days to comply. Warrants do not.
- Subpoenas may or may not be issued by a court! But for search warrants
must be court-issued
- Search warrants are supposed to describe precisely what is being
- Phone calls: need warrant
(supreme court Katz v US
case, 1967) [Patriot Act created some new classes of search warrant, but
the basic principle remained.]
Are subpoena rules for email overly broad?
US argument: users of ISPs don't have a reasonable
expectation of privacy.
This is clear (post-Smyth) for employer-provided email, though there's
no reason to suppose loss of privacy extends to the government.
But what about email from a commercial provider? Are these some kind of
business record? Here's an imaginary
Yahoo Terms-of-service by Mark Rasch, from securityfocus.com/columnists/456/3
Because a customer acknowledges that Yahoo!
has unlimited access to her e-mail, and because she consents to Yahoo!
disclosing her e-mail in response to legal process, compelled disclosure
of e-mail from a Yahoo! account does not violate the Fourth Amendment.
The point here is that because Yahoo has access to your email, the
government thinks that all your email should be treated just like any
other commercial records. You
have no "expectation of privacy".
The government argued that this case was like the 1976 US
v Miller case, where bank records were found NOT to be protected.
However, bank records are pretty clearly different from email. For one
thing, under the "transaction" theory of privacy, bank records belong
to the bank, as well as to you. Email does not
belong, in any sense, to your ISP.
But there's also the issue that ISPs do not just route your email
messages, they also store them.
Sometimes indefinitely, even after you have read them.
Stored Communications Act, part of ECPA
email stored 180 days or less: gov't needs a warrant
more than 180 days: warrant, subpoena, or court order
Warshak was arguing that the government should need a warrant for ANY of
At the district court level, Warshak won in his declaratory-judgement
quest. (Quote from full 6th circuit decision)
The court reasoned that Warshak likely would
succeed on his Fourth Amendment claim because internet users have a
reasonable expectation of privacy in e-mails, and because the orders
authorized warrantless searches on less than probable cause.
In June 2007 a 3-judge panel of
6th circuit appellate court [Judges Boyce Martin, Martha Daughtry, William
Schwarzer (District Court judge sitting in)] again ruled for Warshak. The
decision was far-reaching, not specific to the facts at hand; the court
issued an injunction forbidding the US government from obtaining emails
without a warrant. From the ruling (at www.ca6.uscourts.gov/opinions.pdf/07a0225p-06.pdf):
[W]e have little difficulty agreeing with
the district court that individuals maintain a reasonable expectation of
privacy in e-mails that are stored with,
or sent or received through, a commercial ISP. The content of e-mail is
something that the user "seeks to preserve as private," and therefore "may
be constitutionally protected."
In October 2007 the 6th circuit agreed to an en
banc (whole court) review of this ruling.
2008 the full court ruled that the question of whether police
needed a warrant to obtain emails was not "ripe": the broad question was
not ready to be addressed. The injunction was lifted.
The ripeness doctrine serves to "avoid . .
. premature adjudication" of legal questions and to prevent courts from
"entangling themselves in abstract" debates that may turn out differently
in different settings.
That makes sense, but the full court also said some strange things about
expectations of privacy:
The answer to that question will turn in
part on the expectations of privacy that computer users have in their
e-mails -- an inquiry that may well
shift over time, that assuredly
shifts from internet-service agreement to internet-service agreement
and that requires considerable knowledge about ever-evolving technologies.
Some of these service-provider agreements could cast doubt on the validity
of § 2703(d) in a given case; others
might not. Better, we think, to decide the validity of the
statute in the context of a specific internet-service agreement and a
specific search and seizure."
In determining the "reasonableness" of searches under the Fourth Amendment
and the legitimacy of citizens' expectations of privacy, courts typically
look at the "totality of the circumstances,"
Do you think your email privacy
from the government should hinge on the agreement you have with your ISP?
(See Eugene Volokh, volokh.com/posts/1176832897.shtml)
Traditionally, the courts consider 4th-amendment cases only in concrete
contexts and not in the abstract. To be sure, the case as a whole was
still at the declaratory-judgement stage; the full court may have felt
that the email situation should wait to be decided at the actual trial.
But the comments above about the subjective nature of expectations of
privacy, and the idea that the terms of service might play a role in this
expectation, are unsettling.
While this appeal was going on the US continued to prosecute its criminal
case against Warshak. He was convicted in February 2008.
In December 2010, a (different)
three-judge panel of the 6th circuit ruled (http://www.ca6.uscourts.gov/opinions.pdf/10a0377p-06.pdf)
that emails were in fact
protected under the fourth amendment, and that to the extent that the SCA
(above) held otherwise (for emails held longer than 180 days), the SCA was
unconstitutional. This time the judges were Damon Keith, Danny Boggs, and
David McKeague. Alas for Warshak,
the court also held that Warshak's emails were nonetheless admissible as
evidence, because the government had acted in good faith (believing the
SCA was good law). The court based its protection of email on the
principle that wiretapping of telephones has long been regarded as a
fourth-amendment search (that is, requiring a warrant).
As for an ISP's ability to read emails, the court wrote
As an initial matter, it must be observed
that the mere ability of a third-party
intermediary to access the contents of a communication cannot be
sufficient to extinguish a reasonable expectation of privacy.
The case might still be appealed to the full 6th circuit or to the
Supreme Court, though it has not happened yet and it is probably
too late now.
The 6th Circuit decision appears to make no distinction between emails
Warshak sent and those he received.
The court compared email to conventional postal mail:
Put another way, trusting a letter to an
intermediary does not necessarily defeat a reasonable expectation that the
letter will remain private. See Katz , 389 U.S. at 351 ("[W]hat [a person]
seeks to preserve as private, even in an area accessible to the public,
may be constitutionally protected.")
Given the fundamental similarities between
email and traditional forms of communication, it would defy common sense
to afford emails lesser Fourth Amendment protection.
The court also considered the Third-Party Doctrine, and rejected it:
But Miller is distinguishable.
First, Miller involved simple business records, as opposed to
the potentially unlimited variety of "confidential communications" at
issue here. See ibid. Second, the bank depositor in Miller conveyed
information to the bank so that the bank could put the information to use
"in the ordinary course of business."
The second point is arguably the more significant. The bank is the other
party to your banking transactions; your email provider is simply an
Email has been around for ~20 years. Why has this decision taken so long?
Rep Zoe Lofgren (D-CA) has introduced a bill in Congress (HR 6529 - the
ECPA 2.0- Act of 2012) to require warrants for all email searches
(including things like Facebook messaging) and all uses of phone GPS
location information. It remains to be seen whether this will go anywhere.
One final note: Warshak's company often read a disclaimer to their telephone
In the case of Enzyte, sales reps were
instructed to lead into the disclosure language by stating that "the
product is not a contraceptive nor will it prevent or treat any sexually
transmitted disease." According to [Chief Operating Officer James]
Teegarden, the thinking was that, "if we started off with a statement
about a contraceptive, something other than what it was, that people
wouldn't really listen to what we were disclosing to them."
I had no idea those fast-paced disclosures attempted this kind of
Although the Sixth Circuit did not focus on this, one issue is that the
government asked Warshak's ISP NuVox to retain copies of the email. If this
had not occurred, there would have been no stored records to subpoena. A
more "limited" decision might have focused simply on forbidding this kind of
unauthorized archiving, explicitly authorized by §2703(f) of the SCA.
The government's behavior in requesting the archiving does somewhat undercut
the idea that they were placing "good-faith reliance" on the SCA.
Are the feds complying?
Not necessarily. But maybe partially.
... since the Sixth Circuit Court of Appeals' 2010 ruling in
U.S. v. Warshak, the Justice Department has generally sought court
warrants for the content of e-mail messages, but is far less inclined to
take that step for non-email files.
New bill proposed that would, in some cases, not require a
warrant (though the Sixth Circuit has already found that unconstitutional)
Talks about the "email privacy act".
The Third-Party Doctrine and email
The third-party doctrine (see above) says that you
lose any expectation of privacy in anything you disclose to a third party.
This is the traditional justification for the government's being able to
access any business records about you, including your bank records and
cellphone location records.
If you are corresponding via email with a co-conspirator, sometimes the
government tries to apply the third-party doctrine to argue that you have no
privacy expectation in the emails you sent. This is an extreme
position, but one grounded in the idea that the email in your in-box is
generally all from other parties.
Judge Tena Campbell, in the Utah case US v Young, decided the case exactly
along these lines: defendants lost all privacy expectations in
emails sent to other defendants: "[a] sender of an e-mail loses his or her
reasonable expectation of privacy in an e-mail that has actually reached the
intended recipient." If Alice sends an incriminating email to Bob, and the
police seize it from Bob without a warrant, then Bob has no standing to
challenge this as it is not his email. Similarly, Alice has no standing as
it has been delivered. Judge Campbell explicitly cited US v
In Warshak v. United States, the United
States Court of Appeals for the Sixth Circuit analogized a search and
seizure of e-mails through an ISP to the interception of a letter at a
post office [emphasis added - pld]. 631 F.3d 266,
286 (6th Cir. 2010). Here, transmission of all the e-mails and texts was
complete before seizure, that is, the e-mails had already arrived at the
intended recipient account.
Of course, the Warshak emails were also delivered before seizure; recall
that the main thrust of the Warshak case was arguably the 180-day rule that
was part of the Stored Communications Act. Judge Campbell was having none of
it; a big part of her ruling was to claim that email should work exactly
like postal mail in this regard. Once you have received a letter, the sender
has lost his or her privacy interest in it. (On the other hand, the feds
were interested in Warshak's email file in order to prosecute Warshak,
so Judge Campbell's argument would not apply.)
But there is one special circumstance here: the emails in question were sent
to defendant Taylor, who originally filed a motion to suppress their use.
Taylor then entered into a plea bargain, and withdrew that motion;
effectively, he agreed to turn over his received email to the
prosecutors. It is Taylor's co-defendants -- the senders of the email -- who
were still arguing for suppression; Campbell simply felt it was too late.
Campbell's decision is at http://scholar.google.com/scholar_case?&hl=en&as_sdt=6,47&case=14463355625153858382&scilh=0
Other arguments about email
The Federal government continues to try to use the argument that your email
represents business records of your ISP. Mostly the government has simply
ignored the Sixth Circuit ruling, though perhaps most email servers are
physically located outside the Sixth Circuit (Kentucky, Michigan, Ohio and
The Patriot Act (§215) has a gag-order clause:
(d) No person shall disclose to any
other person (other than those persons necessary to produce the
tangible things under this section) that the Federal Bureau of
Investigation has sought or obtained tangible things under this section.
So does §505 of the Patriot Act, covering National Security Letters. So does
the ECPA. Are these appropriate?
The short answer is yes, absolutely: in active law-enforcement
investigations it is important not to tip off the suspect. The problem is
that the gag orders often last indefinitely. The reason nobody knew about
all the NSA surveillance before Snowden was simply that none of the gag
orders -- some of them many years old -- had expired!
The lawsuit Doe v Ashcroft was filed in 2004 alleging that the gag
order involved on the NSL requests for email-account information was
unconstitutional. District Court judge Marrero ruled in favor of Doe, but
the case was appealed to the Second Circuit. The Second Circuit ruled that
gag orders were subject to "strict scrutiny" and returned the case to Judge
Marrero as Congress had in the meantime changed the law. In 2010, the FBI
agreed to partially lift the gag order, allowing Doe to identify himself as
Nicholas Merrill, and to identify the ISP involved as Merrill's Calyx
Internet Access. In 2015, Judge Marrero lifted the entire gag order.
California District Court Judge Susan Illston found NSA gag orders
unconstitutional in 2013, in a case brought by the EFF on behalf of a
telecommunications company (www.eff.org/deeplinks/2013/03/depth-judge-illstons-remarkable-order-striking-down-nsl-statute).
The Ninth Circuit was going to hear the case, but Congress passed the USA
FREEDOM act amending the law. The Ninth Circuit sent the case back to
Illston, who withdrew her earlier finding of unconstitutionality. One
provision of the new law is that the NSA or FBI needs to defend the gag
order in court if the recipient requests it.
Several other US providers (Google and Microsoft among them) have also filed
challenges to indefinite gag orders.
Discussion: do you believe people generally should have a
right to know when the government accesses their online documents?
Some sites maintain warrant canaries. If they have
received no gag orders, they publish that information. If a gag order is
received, the information is removed. The principle behind warrant canaries
is that "the government cannot order you to lie".
While there may be an emerging consensus that email is subject
to fourth-amendment protection, searches of phones (including location
information) are another thing entirely.
In 2010 the US Supreme Court ruled in Ontario [California]
v Quon that the City of Ontario had a right to
audit pager text messages on pagers issued by the city to police officers.
Many messages turned out to be personal, and the senders were disciplined.
Officer Jeff Quon sued, arguing that the department had promised that
personal messages were ok if officers reimbursed the city for any
The decision was unanimous that this particular case amounted
to a legitimate work-related search, and that Officer Quon should have
realized that privacy was not guaranteed here. However, the justices
explicitly refused to rule on the broader question of text-message search
without a warrant. Justice Kennedy wrote,
The judiciary risks error by elaborating too
fully on the Fourth Amendment implications of emerging technology before
its role in society has become clear
and alluded to the 1928 Olmstead ruling (reversed in
the 1967 Katz decision) that telephone wiretapping did not
require a warrant.
In January 2011 the California Supreme Court ruled, in the case of
Gregory Diaz, that when someone is arrested at a traffic stop and the
police search the vehicle, they may extend the search to at least the text
messages on any phones they find. The police rationale here was to tie a
suspect to a drug deal an hour before, through SMS messages. Note that the
police need only "probable cause" to search a vehicle when they
arrest someone (and also in some other situations I am not entirely
clear on), though the Supreme Court did rule in Knowles v Iowa
that the police may not search a vehicle or its passengers if the stop was
for a routine traffic violation.
In March 2012, the Seventh Circuit ruled (in US v Flores-Lopez)
that if the police find a cellphone on a person during an arrest, they may
look at the phone to find out the phone's number. The police did exactly
that when arresting Abel Flores-Lopez, and later subpoenaed the calling
records for that number. The decision, written by Judge Richard Posner,
likened the phone to a diary found on an arrested person, and established
precedent does allow the police to search a diary you have on your person.
In September 2012 a state judge in Rhode Island ruled that the police
should have obtained a warrant in the case of the death of six-year-old
Marco Nieves. An officer responding to the initial 911 call found a phone
on the kitchen counter and proceeded to read the text messages within it.
Some of the messages suggested child abuse, and charges were brought
against Michael Patino, boyfriend of Marco's mother.
In December 2012, the Massachusetts Supreme Judicial Court ruled that the
police may examine the call lists in a phone found on someone they arrested.
The case involved the arrest of Demetrius Phifer; after Phifer's arrest the
police cross-checked the called-numbers list on his phone and on the phone
of a suspected buyer. The police did the phone search after Phifer was
brought to the station.
All these cases relate to call lists or to simple SMS messages. What if you
also get email on your phone, or if you have a substantial browser or search
history, or if your phone has been tracking your location? This is even more
unsettled, though recall the Melvin Skinner case.
In 2014, the Supreme Court ruled in the combined cases Riley v
California and US v Wurie that the police do need
a search warrant to search a cellphone in the possession of
someone who is arrested. This was a unanimous decision,
written by Justice Roberts, with Justice Alito writing a concurring opinion.
Modern cell phones are not just another
technological convenience. With all they contain and all they may reveal,
they hold for many Americans "the privacies of life". The fact that
technology now allows an individual to carry such information in his hand
does not make the information any less worthy of the protection for which
the Founders fought.
In his concurrence, Alito pointed out that this decision now means that
police can search any printed records they find on someone
arrested, but not any electronic records. Alito thought that
complicated distinctions like this should really be made by Congress.
Eavesdropping on SMS messages ("text messages")
1. They are often transmitted as cleartext.
2. The government is likely to argue that the 4th amendment does not
apply to eavesdropping (or to physical examination of the phone, for that
3. They are not 'wire communications', and thus escape the Wiretap Act
rule that illegally intercepted messages cannot be used against you.
4. Your local police are not likely
to be intercepting SMS messages, but it's always a risk. The ECPA does
require a court order.
5. Your wireless provider probably logs and stores all your SMS messages.
More at https://ssd.eff.org/book/export/html/23
And if you are worried about this, get Signal.
Or even Whatsapp.