Tag: surveillance

Atlas Bugged II: Is There an NSA Mass Location Tracking Program?

Way back in 2011—when “Snowden” was just a quiescent indie band from Atlanta—I wrote two posts here at the Cato blog trying to suss out what the “secret law” of the Patriot Act that Sen. Ron Wyden (D-OR) and others were raising alarms about might involve: “Atlas Bugged” and “Stalking the Secret Patriot Act.” Based on what seemed like an enormous amount of circumstantial evidence—which I won’t try to summarize here—I speculated that the government was likely engaged in some kind of large scale program of location tracking, involving the use of the Patriot Act’s Section 215 to bulk collect cell phone location records for data mining purposes.

I remained reasonably confident in my guess until the disclosure of the Section 215 bulk call records program, which was soon followed by insistent public statements from NSA officials that they did not collect location records “under this program.” That ubiquitous qualifier certainly left some wiggle room, but naturally the government collects location information in some circustances for intelligence purposes—at the very least when it has a FISA warrant for full electronic surveillance of a specific target—and it seemed only natural that if the government was engaged in bulk location tracking and data mining, it would obtain that information in tandem with its bulk collection of call detail records. So, I concluded, I had probably guessed wrong: The secret Section 215 program did involve bulk collection of phone records—but not phone location records.

Then, last week, Wyden gave a barnburner of a speech on NSA surveillance at the Center for American Progress—one that makes me think I may have guessed correctly after all. Between his talk and the question and answer sessions that followed, Wyden explicitly mentioned location tracking no fewer than five separate times—discussing it far more frequently than the program we actually know about, involving bulk collection of call records:

[A]s you listen to this talk, ponder that most of us have a computer in our pocket that potentially can be used to monitor us 24/7. […]

 This is particularly true if you’re vacuuming up cell phone location data, essentially turning every American’s cell phone into a tracking device. We are told this is not happening today, but intelligence officials have told the press that they currently have the legal authority to collect Americans’ location information in bulk. […]

The piece of technology we consider vital to the conduct of our everyday personal and professional life hapens to be a combination phone bug, listening device, location tracker, and hidden camera. […]

Today, government officials are openly telling the press that they have the authority to effectively turn Americans’ smart phones and cell phones into location-enabled homing beacons. […]

These smartphones that everybody’s got in their pockets […] can be used as a tracking system for everyone in this room, 24/7.

This is not exactly subtle. Wyden’s constant references to location tracking in this context would be nothing short of bizarre unless he had reason to believe that the governments assurances on this score are misleading, and that there either is or has been some program involving bulk collection of phone records. Wyden, of course, would know full well whether there is or is not any such program via his role on the Intelligence Committee—and his focus on location tracking over the activities we know NSA is engaged in, such as monitroing of Internet communications and bulk collection of phone records, would be an inexplicable obsession if he knew that no such program existed.

There’s another hint along these lines early in the talk, when Wyden says that “secret rullings of the Foreign Intelligence Surveillance Court have interpreted the Patriot Act as well as section 702 of the FISA statute in some surprising ways.” Wyden says that these rulings “can be astoundingly broad” and then adds: “The one that authorizes the bulk collection of phone records is as broad as any I have ever seen.” (Emphasis mine.) That’s a very specific word choice: not broader than any he has seen, or the broadest ruling he has seen—even though a ruling authorizing bulk collection of every American’s phone records would be the broadest anyone without access to classified information had ever seen—but rather as broad. As in: there are other rulings of comparable breadth, perhaps allowing bulk collection of other types of information about all Americans. Wyden gestures in this direction again later, calling it “especially troubling” that “there is nothing in the Patriot Act that limits this sweeping bulk colection to phone records.”

If this sounds like overreading, consider that actually it’s consistent with several Senators’ previous efforts to hint at the nature of their concerns without directly exposing classified programs. As Wyden noted at the outset of his talk, he and his colleague Mark Udall (D-CO) may not be able to “tap out the truth in Morse code,” but they have “tried just about everything else we could think of to warn the American people.” That means they have often, without explicitly disclosing classified information, given some very strong hints to what they were concerned about to those of us paying close attention. For instance, as I noted in one of those prior posts, Sen. Udall frequently explained his concerns using the same specific, and rather curiously worded example, warning that Section 215 gave the government “unfettered” access to “business records ranging from a cell phone company’s phone records to an individual’s library history.” (Emphasis mine.) The pointed contrast between “an individual’s” library records and “a cell phone company’s” phone records was, in retrospect, about as close as Udall could come to explicitly warning that phone records were being collected in bulk, not merely for specifically targeted individuals. Perhaps this talk was as close as Wyden can come to warning us—without coming right out and saying it—that there’s a bulk location tracking program yet to be disclosed.

Surprised by the Latest Privacy Invasion? Don’t Be

You shouldn’t be surprised by the revelation that police departments across the country are gathering data about innocent people’s movements.

Using automated scanners, law enforcement agencies across the country have amassed millions of digital records on the location and movement of every vehicle with a license plate, according to a study published Wednesday by the American Civil Liberties Union. Affixed to police cars, bridges or buildings, the scanners capture images of passing or parked vehicles and note their location, uploading that information into police databases. Departments keep the records for weeks or years, sometimes indefinitely.

The ACLU study is here.

You should be outraged that your tax dollars are going into surveillance that undercuts your privacy, but don’t be surprised. Why not? Because Cato told you so.

Here’s text from a study we published nearly nine years ago, Understanding Privacy—and the Real Threats to It:

Red-light cameras and speed cameras are another part of the rapidly growing Big Brother infrastructure. Little technical difference separates a digital camera that takes occasional snapshots from one that records continuous footage. Equipped with optical character recognition technology, traffic cameras may soon have the technical capability to read license plates and scan traffic for specific cars. Networked cameras will be able to track cars throughout a city and on the highways. And database technology will make it possible to create permanent records of the movements of all cars captured on camera.

That material is based on testimony I gave to the House Transportation and Infrastructure Committee’s Subcommittee on Highways and Transit almost a dozen years ago. In it, I addressed the constitutional status of public monitoring like this. I talked about how license plates deprive drivers of the ability to navigate streets anonymously. That’s not the worst privacy invasion, given how driving laws and traffic disputes are administered. But it’s akin to requiring people to wear nametags to walk on public sidewalks.

Because the law has deprived people of the ability to protect privacy, the better view is that there is a Fourth Amendment search when law enforcement notes the license plates on cars. This search is inherently unreasonable if they do so when they do not suspect crime. As soon as red-light cameras are used for anything other than snapping suspected speeders — and they soon will be — these cameras should be shown a red light themselves.

Courts have only just begun to grapple with these issues, including the Supreme Court in the Jones case, which last year held that the government couldn’t attach a GPS device to a car and monitor its movements, even in public, without getting a warrant. I wrote about the state of Fourth Amendment law in this area in an article cleverly (ahem) titled: “U.S. v. Jones: Fourth Amendment Law at a Crossroads.”

Concerned? Yes, you should be. Angry? If you need that outlet. But don’t be surprised to learn that police departments are tracking of every car’s movements without a warrant.

NSA Spying, NSA Lying, and Where the Fourth Amendment Is Going

If you want a good primer on the NSA spying disclosed so far, check out the item by Cato alum Tim Lee on the Washington Post’s WonkBlog. It’s a blessedly brief but informative run-down covering:

- mass collection of phone records;

- the PRISM program, which gathers data about Americans incidentally to its stated aim of foreign surveillance; and

- the NSA’s fiber optic eavesdropping: “[T]he NSA has a broad program (actually, several of them) to sweep up Internet traffic from fiber optic cables.”

Also, be sure to read the letter Senators Wyden (D-OR) and Udall (D-CO) sent to NSA head General Keith Alexander yesterday. In it, they point out inaccurate and misleading statements the NSA made in a recently distributed fact sheet. At a certain point, inaccuracies become willful.

On the question of whether surveillance of every American’s phone calling is constitutional, Lee notes how the government and its defenders will rely on a 1979 case called Smith v. Maryland. In that case, the government caused a telephone company to install a pen register at its central offices to record the numbers dialed from the home of a suspected robber. Applying doctrine that emerged from Katz v. United States (1967), the Court found that a person doesn’t have a “reasonable expectation of privacy” in phone calling information, so no search occurs when the government collects and examines this information.

It takes willfulness of a different kind to rely on Smith as validation the NSA’s collection of highly revealing data about all of us. Smith dealt with one suspect, about whom there was already good evidence of criminality, if not a warrant. The NSA program collects call information about 300+ million innocent Americans under a court order. And the Supreme Court is moving away from Katz doctrine, having avoided relying on it in recent major Fourth Amendment cases such as Jardines (2013), Jones (2012), and Kyllo in 2001.

Nobody knows where exactly the Court is headed with the Fourth Amendment in the challenging area of communications, but I’ve argued for reaching back to the wisdom of Justice Butler, dissenting in Olmstead (1929):

Telephones are used generally for transmission of messages concerning official, social, business and personal affairs, including communications that are private and privileged – those between physician and patient, lawyer and client, parent and child, husband and wife. The contracts between telephone companies and users contemplate the private use of the facilities employed in the service. The communications belong to the parties between whom they pass.

Public More Wary of NSA Surveillance Than Pundits Claim

Based on a bevy of polls conducted in the wake of revelations that the NSA surveiled millions of ordinary Americans’ private communications, many have prematurely concluded public support or opposition to the government surveillance program (for instance here, here, and here). These polls are insufficient gauges for what Americans actually think for several reasons. First, slight wording differences result in majority support or opposition of the program as described in each particular survey question, as I’ve written about here. Second, the full extent of these government programs is not yet fully known; fully 76 percent of Americans think that we’ll find out the programs are “even bigger and more widespread than we know even now.” Third, most Americans are not even fully aware of the revealed information and its implications—according to a Time poll only 24 percent of Americans say they’ve been closely following the reports of the large-scale government surveillance program called PRISM.

The public’s view of the information leak and revelations about these programs is complicated, as Americans strike a delicate balance between security and privacy. For instance, a Time poll found that 53 percent of Americans think the “government should prosecute government officials and others who leak classified materials that might damage security efforts,” but 54 percent thought that Edward Snowden, the person who leaked the information about the secret program, “did a good thing in informing the American public.” This is likely because only 30 percent, according to a CBS/New York Times poll, think these leaks will weaken U.S. security.

Examining the different poll wordings can still offer value, demonstrating how people’s opinions change when they learn different details of the program. For instance, the public distinguishes between tracking ordinary Americans not suspected of any wrongdoing and collecting records of those suspected of terrorist activity. Pew/Washington Post found 56 percent thought it was acceptable for the NSA to get “secret court orders to track telephone call records of millions of Americans in an effort to investigate terrorism.” However, a CBS/NYTimes poll distinguished between tracking phone records of ordinary Americans and those suspected of terrorist activity. In contrast to Pew, CBS/NYtimes found 58 percent disapprove of “federal government agencies collecting phone records of ordinary Americans” but 75 percent approve of tracking “phone records of Americans that the government suspects of terrorist activity.” Americans continue to reveal their preference for targeted surveillance when 73 percent told a Rasmussen poll that the “government should be required to show a judge the reason for needing to monitor calls of any specific Americans” and 64 percent said “it is better to collect phone records only of people suspected of having terrorist connections.”

Survey data also suggests Americans distinguish between government tracking phone records and government monitoring the content of online activities. Although polls have found public support for tracking phone records to investigate terrorism, most Americans draw the line at government monitoring the content of Internet activity, such as emails and chats. For instance, Pew found 52 percent think the government should not be able to “monitor everyone’s email and other online activities.” Likewise, when Gallup describing the government program as collecting phone records and Internet communications, 53 percent disapproved.

Surveys that assume away potential misuses and abuses of the data not surprisingly find greater support for government surveillance programs. For instance, A CNN/ORC poll, found 66 percent thought the Obama administration was “right” in gathering and analyzing data on Internet activities “involving people in other countries,” while assuring respondents that the “government reportedly does not target Internet usage by US citizens and if such data is collected it is kept under strict controls.” The validity of this later assertion, however, is actually at the crux of the debate for those critical of the surveillance program. In fact, according to the same CNN poll, nearly two-thirds believe the US government has collected and stored data about their personal phone and Internet activities. Moreover, Rasmussen found that 57 percent thought it was likely that government agencies would use the data collected to “harass political opponents.” The fact that the public’s reported support for the program jumps when survey-wording guarantees the collected data will not be abused suggests that part of the reason the public is wary of the program is the very potential for abuse. The public does not desire privacy for just privacy’s sake, rather the public fears loss of privacy because of the potential for misuse or abuse. Questions that assume away this possibility are entirely unenlightening.

In sum, these data suggest the public is wary of untargeted government surveillance of ordinary Americans, especially without a warrant. They are more tolerant of government tracking phone records; however, many draw the line at government monitoring the content of ordinary Americans’ Internet activity.

A version of this post also appeared on Reason.com

In Its Bubble of Secrecy, the National Security Bureaucracy Redefined Privacy for Its Own Purposes

Rep. Jim Sensenbrenner (R-WI) is nothing if not a security hawk, and this weekend he decried the NSA’s collection of all Americans’ phone calling records in a Guardian post entitled, “This Abuse of the Patriot Act Must End.” On Thursday last week, he sent a letter to Attorney General Eric Holder demanding answers by Wednesday.

It also became apparent over the weekend that the National Security Agency’s program to collect records of every phone call made in the United States is not for the purpose of data mining. (A Wall Street Journal editorial entitled “Thank You for Data Mining” was not only wrong on the merits, but also misplaced.) Rather, the program seizes data about all of our telephone communications and stores that data so it can aid investigations of any American who comes under suspicion in the future.

Details of this program will continue to emerge–and perhaps new shocks. The self-disclosed leaker–currently holed up in a Hong Kong hotel room waiting to learn his fate–is fascinating to watch as he explains his thinking.

The court order requiring Verizon to turn over records of every call “on an ongoing daily basis” is a general warrant.

The Framers adopted the Fourth Amendment to the Constitution in order to bar general warrants. The Fourth Amendment requires warrants 1) to be based upon probable cause and 2) to particularly describe the place to be searched and the persons or things to be seized. The leaked warrant has neither of these qualities.

A warrant like this would never be adopted in an open court system. With arguments and decisions available to the public and appeals going to public courts, common sense and simple shame would foreclose suspicionless data-gathering about every American for the benefit of future potential investigations. 

Alas, many people don’t believe all that deeply in the Constitution and the rule of law when facile promises of national security are on offer. It is thus worthwhile to discuss whether this is unconstitutional law enforcement and security practice would work. President Obama said last week, “I welcome this debate and I think it’s healthy for our democracy.”

What Is the Value of Bitcoin?

With Bitcoin enjoying a spike in price against government currencies, there is lots of talk about it on the Interwebs. If you’re not familiar with it yet, here’s a good Bitcoin primer, which also counsels reading a lot more before you acquire Bitcoin, as Bitcoin may fail. If you like Bitcoin and want to buy some, don’t go all goofy. Do your homework. As if you need to be told, be careful with your money.

Much of the commentary declares a Bitcoin bubble for one reason or another. It might be a bubble, but nobody actually knows. A way of guessing is to compare Bitcoin’s qualities as a currency and payment network to the alternatives. Like any service or good, there are many dimensions to value storage and transfer.

I may not capture them all, and they certainly don’t predict the correct price against the dollar or other currencies. That depends on the ultimate viscosity of Bitcoin. But Bitcoin certainly has value of a different kind: it may discipline fiat currencies and the states that control them.

Government Surveillance of Travel IT Systems

If you haven’t seen Edward Hasbrouck’s talk on government surveillance of travel IT systems, you should.

It’s startling to learn just how much access people other than your airline have to your air travel plans.

Here’s just one image that Hasbrouck put together to illustrate what the system looks like.

He’ll be presenting his travel surveillance talk here at Cato at noon on April 2nd. We’ll also be discussing the new public notice on airport strip-search machines issued by the TSA earlier this week.

Register now for Travel Surveillance, Traveler Intrusion.