I posted a quick initial take Tuesday on the Supreme Court’s ruling in Clapper v. Amnesty International, mostly just noticing the intuitive problem with declaring laws authorizing large-scale covert surveillance effectively immune from constitutional review. The folks at EFF and the ACLU have already put out more extended responses to the ruling, but a few additional points seem worth making.
In the very first sentence of the ruling, Justice Alito subtly but importantly mischaracterizes the scope and nature of the “702 authority” created by the FISA Amendments Act in a way that persists throughout the majority opinion and distorts its analysis. According to Alito, §702 of the Foreign Intelligence Surveillance Act empowers the attorney general and director of national intelligence to authorize the surveillance of “individuals” outside the United States—including their communications with Americans, which previously required a warrant from the FISA Court. In some sense, of course, all surveillance is ultimately surveillance of individuals, but “authorizations” for programmatic surveillance under §702 do not need to specify individuals or facilities, but rather groups and (as the administration has put it) “categories of foreign intelligence targets,” where for FISA purposes, the “target” is the person or entity from or about whom the government seeks information.
The “targeting procedures” approved by the secret FISA Court must be designed to avoid intentionally collecting wholly domestic communications, but the statute doesn’t require that they guarantee the international communications collected under §702 programs will be narrowly limited to those of the actual targets. The FISA Court doesn’t have to review the particular phone lines or e-mail accounts or IP addresses that are collected from; those are selected after the procedures are approved, apparently with the aid of data mining and “link analysis” algorithms.
The public has no idea just how broad the initial collection is—the NSA has steadfastly refused to even estimate how many Americans’ communications are in their system—but everything we know about the program suggests they err on the side of breadth and figure out which of the intercepts actually pertain to their targets after collection. For example, a New York Times report on “overcollection” of domestic communications under §702, based on high-level intelligence sources, suggests that a single authorization typically covers surveillance on hundreds or thousands of phone lines and e-mail accounts, often in large “blocks.” As with all probabilistic reasoning, you need to know something about the background frequency or “prior probability” of an event—in this case, the scale of the National Security Agency interception program—before you can say anything intelligent about its likelihood in a specific instance.