Tag: privacy

Ohio Backs off of REAL ID

Sometimes there are setbacks to the efforts of the Department of Homeland Security, the American Association of Motor Vehicle Administrators, and state motor vehicle bureaucrats to quietly knit together a national ID. If this story is true, Ohio appears to be breaking with the national ID plan.

What’s remarkable about this case is Ohio’s recognition that the federal government will never act on the threat that TSA will refuse drivers’ licenses and IDs from states that decline to implement the REAL ID Act.

Ohio is among a growing number of states that are refusing to comply with federal standards intended to toughen access to driver’s licenses. … The states are betting that federal officials do not implement plans to accept only “Gold Star” licenses as proof of identity to fly on commercial flights or to enter federal buildings and courthouses. “We’re not so sure the federal government” will only honor IDs that meet its requirements, [Ohio Department of Public Safety spokesman Joe] Andrews said.

Time was when states fell in line at the suggestion of this federal government threat. Eight-and-a-half years after REAL ID became law, the states may be recognizing the inability of the feds to coerce them into implementing their national ID.

If You Think Smith v. Maryland Permits Mass Surveillance, You Haven’t Read Smith v. Maryland

… and you’re not following developments in Fourth Amendment law.

Jeffrey Toobin is the latest to claim that Smith v. Maryland settles the Fourth Amendment issues around the National Security Agency’s acquisition of data about every call made in the United States. He even links to the text of the decision in a recent blog post.

The majority opinion in Smith did say that people don’t have a reasonable expectation of privacy in phone records, but that rationale is weak, and the facts of Smith are inapposite to the present controversy. I think that’s easily gathered from reading the case with awareness of legal currents.

Here’s what happened in Smith:

On March 5, 1976, in Baltimore, Md., Patricia McDonough was robbed. She gave the police a description of the robber and of a 1975 Monte Carlo automobile she had observed near the scene of the crime. After the robbery, McDonough began receiving threatening and obscene phone calls from a man identifying himself as the robber. On one occasion, the caller asked that she step out on her front porch; she did so, and saw the 1975 Monte Carlo she had earlier described to police moving slowly past her home. On March 16, police spotted a man who met McDonough’s description driving a 1975 Monte Carlo in her neighborhood. By tracing the license plate number, police learned that the car was registered in the name of petitioner, Michael Lee Smith.

The next day, the telephone company, at police request, installed a pen register at its central offices to record the numbers dialed from the telephone at petitioner’s home. The police did not get a warrant or court order before having the pen register installed. The register revealed that on March 17 a call was placed from petitioner’s home to McDonough’s phone. On the basis of this and other evidence, the police obtained a warrant to search petitioner’s residence. The search revealed that a page in petitioner’s phone book was turned down to the name and number of Patricia McDonough; the phone book was seized. Petitioner was arrested, and a six-man lineup was held on March 19. McDonough identified petitioner as the man who had robbed her. (citations omitted)

Nat Hentoff on the NSA and Privacy

Today’s Washington Post reports that the National Security Agency violated the rules on domestic surveillance thousands of time a year since Congress granted the agency broader surveillance powers in 2008. Note this revelation did not come to light because of forthright disclosure from the professionals that run the agency, the congressional oversight committees, or the FISA court. Rather, whistleblower Edward Snowden provided this information to the Post. The U.S. government has made it clear that it wants Snowden locked away in a prison cell incommunicado. 

Over at the Wall Street Journal, Peggy Noonan interviewed Cato senior fellow Nat Hentoff about the implications of the surveillance state. Here’s an excerpt:

A loss of the expectation of privacy in communications is a loss of something personal and intimate, and it will have broader implications. That is the view of Nat Hentoff, the great journalist and civil libertarian. He is 88 now and on fire on the issue of privacy. “The media has awakened,” he told me. “Congress has awakened, to some extent.” Both are beginning to realize “that there are particular constitutional liberty rights that [Americans] have that distinguish them from all other people, and one of them is privacy”…

He wonders if Americans know who they are compared to what the Constitution says they are.

Mr. Hentoff’s second point: An entrenched surveillance state will change and distort the balance that allows free government to function successfully. Broad and intrusive surveillance will, definitively, put government in charge. But a republic only works, Mr. Hentoff notes, if public officials know that they—and the government itself—answer to the citizens. It doesn’t work, and is distorted, if the citizens must answer to the government. And that will happen more and more if the government knows—and you know—that the government has something, or some things, on you. “The bad thing is you no longer have the one thing we’re supposed to have as Americans living in a self-governing republic,” Mr. Hentoff said. “The people we elect are not your bosses, they are responsible to us.” They must answer to us. But if they increasingly control our privacy, “suddenly they’re in charge if they know what you’re thinking.”

This is a shift in the democratic dynamic. “If we don’t have free speech then what can we do if the people who govern us have no respect for us, may indeed make life difficult for us, and in fact belittle us?”

More thoughts from Nat Hentoff here.

NSA Spying in the Courts

The National Security Agency’s collection of every American’s telephone dialing information is hotly contested in the court of public opinion and in Congress. It is now seeing its first test in the courts since its existence was revealed.

The Electronic Privacy Information Center, arguing that it has no other recourse, has filed an extraordinary appeal to the Supreme Court of the order requiring Verizon to turn over telephone calling information en masse to the government. EPIC is a Verizon customer that communicates by telephone with confidential sources, government officials, and its legal counsel.

Cato senior fellow and Georgetown University law professor Randy Barnett joined me this week on a brief to the Court urging it to accept the case so it can resolve statutory and constitutional issues that have “precipitated a juridical privacy crisis.”

The brief first argues that the Foreign Intelligence Surveillance Act does not authorize a sweeping warrant for all communications data. The law requires such a warrant to show relevance to an existing investigation, which is impossible when the data is gathered in support of future, entirely speculative investigations. Not only the text of the statute, but Congress’s intent and the structure of the statute support this interpretation.

Idaho Cooperates with Homeland Security on National ID

In June 2011, I noted here how a new cardless national ID system was forming up using state driver license data. It hasn’t gone very far. Passage of an immigration reform bill containing a national E-Verify requirement would slam down the gas pedal.

But a few days ago, Idaho became the third state in the union to sign up for the Department of Homeland Security’s RIDE (Records and Information from DMVs for E-Verify) program, which is administered by the ID-friendly American Association of Motor Vehicle Administrators. Idaho joins Mississippi and Florida in volunteering state driver information to the DHS.

As the full name of the program suggests, RIDE is an “add-on” to E-Verify, the government’s highly problematic system for “internal enforcement” of immigration law via government background checks. RIDE is intended to let the E-Verify system check the authenticity of driver licenses that are typically provided as one of the forms of ID during the broader verification process. E-Verify’s problems are legion—I documented them in my 2008 paper, “Franz Kafka’s Solution to Illegal Immigration“—and we highlighted them again on Capitol Hill in March.

Much like mass-scale license plate scanning, the RIDE program represents the application of technology and systems developed for one purpose to vastly different ones. The RIDE program takes state driver licensing data—which is for driver licensing and traffic law enforcment—and turns it over to the DHS for federal law enforcement and the creation of a national ID.

In 2007, Idaho was the second state in the nation to reject the REAL ID Act, our national ID law. The Idaho House and Senate passed a resolution condemning that effort to put all Americans into a national ID system. But the bureaucrats appear to have waited out the legislature. With most people’s attention elsewhere, the Idaho Transportation Department teamed up with DHS officials to move forward with a national ID.

After the DHS has tapped into Idahoans’ driver data, there is no guarantee that the uses of it would be limited to E-Verify. Mission creep is a law of gravity in government, and it’s likely over time that E-Verify and Idaho driver data will be put to new and interesting uses by the federal government. Expect the DHS to get a lot more familiar with you and your driver license data if mandatory E-Verify comes into effect and RIDE continues to grow.

Surprised by the Latest Privacy Invasion? Don’t Be

You shouldn’t be surprised by the revelation that police departments across the country are gathering data about innocent people’s movements.

Using automated scanners, law enforcement agencies across the country have amassed millions of digital records on the location and movement of every vehicle with a license plate, according to a study published Wednesday by the American Civil Liberties Union. Affixed to police cars, bridges or buildings, the scanners capture images of passing or parked vehicles and note their location, uploading that information into police databases. Departments keep the records for weeks or years, sometimes indefinitely.

The ACLU study is here.

You should be outraged that your tax dollars are going into surveillance that undercuts your privacy, but don’t be surprised. Why not? Because Cato told you so.

Here’s text from a study we published nearly nine years ago, Understanding Privacy—and the Real Threats to It:

Red-light cameras and speed cameras are another part of the rapidly growing Big Brother infrastructure. Little technical difference separates a digital camera that takes occasional snapshots from one that records continuous footage. Equipped with optical character recognition technology, traffic cameras may soon have the technical capability to read license plates and scan traffic for specific cars. Networked cameras will be able to track cars throughout a city and on the highways. And database technology will make it possible to create permanent records of the movements of all cars captured on camera.

That material is based on testimony I gave to the House Transportation and Infrastructure Committee’s Subcommittee on Highways and Transit almost a dozen years ago. In it, I addressed the constitutional status of public monitoring like this. I talked about how license plates deprive drivers of the ability to navigate streets anonymously. That’s not the worst privacy invasion, given how driving laws and traffic disputes are administered. But it’s akin to requiring people to wear nametags to walk on public sidewalks.

Because the law has deprived people of the ability to protect privacy, the better view is that there is a Fourth Amendment search when law enforcement notes the license plates on cars. This search is inherently unreasonable if they do so when they do not suspect crime. As soon as red-light cameras are used for anything other than snapping suspected speeders — and they soon will be — these cameras should be shown a red light themselves.

Courts have only just begun to grapple with these issues, including the Supreme Court in the Jones case, which last year held that the government couldn’t attach a GPS device to a car and monitor its movements, even in public, without getting a warrant. I wrote about the state of Fourth Amendment law in this area in an article cleverly (ahem) titled: “U.S. v. Jones: Fourth Amendment Law at a Crossroads.”

Concerned? Yes, you should be. Angry? If you need that outlet. But don’t be surprised to learn that police departments are tracking of every car’s movements without a warrant.

Using Metadata to Find Paul Revere

What stood out to me in David Brooks’ amateur psychologizing about NSA leaker Edward Snowden on Monday was his claim that Snowden “has not been able to point to any specific abuses.” Brooks’ legal skills are even worse than his psychologizing. He didn’t notice that the document Snowden leaked was a general warrant. It fails to satisfy the Fourth Amendment’s requirements of probable cause and particularity. That’s an abuse.

I gather that it’s hard to apply the principles of liberty and our nation’s founding charter to the new world of data. In aid of your consideration, I offer you the fun essay: “Using Metadata to Find Paul Revere,” which recounts how metadata (so-called) reveals relationships and, from the perspective of King George, sedition.

The essay concludes:

[I]f a mere scribe such as I—one who knows nearly nothing—can use the very simplest of these methods to pick the name of a traitor like Paul Revere from those of two hundred and fifty four other men, using nothing but a list of memberships and a portable calculating engine, then just think what weapons we might wield in the defense of liberty one or two centuries from now.

The present-day federal surveillance programs revealed in media reports are “the tip of the iceberg,” Rep. Loretta Sanchez (D-CA) said Wednesday after being briefed Tuesday.