Skip to main content

Home/ Socialism and the End of the American Dream/ Group items tagged pen-register

Rss Feed Group items tagged

Filter: All | Bookmarks | Topics Simple Middle
4More

FindLaw | Cases and Codes - 0 views

caselaw.lp.findlaw.com/...getcase.pl surveillance state NSA pen-register 4th Amendment
shared by Paul Merrell on 20 Jun 13 - No Cached
  • SMITH v. MARYLAND, 442 U.S. 735 (1979)
  • The telephone company, at police request, installed at its central offices a pen register to record the numbers dialed from the telephone at petitioner's home. Prior to his robbery trial, petitioner moved to suppress "all fruits derived from" the pen register. The Maryland trial court denied this motion, holding that the warrantless installation of the pen register did not violate the Fourth Amendment. Petitioner was convicted, and the Maryland Court of Appeals affirmed. Held: The installation and use of the pen register was not a "search" within the meaning of the Fourth Amendment, and hence no warrant was required. Pp. 739-746. (a) Application of the Fourth Amendment depends on whether the person invoking its protection can claim a "legitimate expectation of privacy" that has been invaded by government action. This inquiry normally embraces two questions: first, whether the individual has exhibited an actual (subjective) expectation of privacy; and second, whether his expectation is one that society is prepared to recognize as "reasonable." Katz v. United States, 389 U.S. 347 . Pp. 739-741.
  • (b) Petitioner in all probability entertained no actual expectation of privacy in the phone numbers he dialed, and even if he did, his expectation was not "legitimate." First, it is doubtful that telephone users in general have any expectation of privacy regarding the numbers they dial, since they typically know that they must convey phone numbers to the telephone company and that the company has facilities for recording this information and does in fact record it for various legitimate business purposes. And petitioner did not demonstrate an expectation of privacy merely by using his home phone rather than some other phone, since his conduct, although perhaps calculated to keep the contents of his conversation private, was not calculated to preserve the privacy of the number he dialed. Second, even if petitioner did harbor some subjective expectation of privacy, this expectation was not one that society is prepared to recognize as "reasonable." When petitioner voluntarily conveyed numerical information to the phone company and "exposed" that information to its equipment in the normal course of business, he assumed the risk that the company would reveal the information [442 U.S. 735, 736]   to the police, cf. United States v. Miller, 425 U.S. 435 . Pp. 741-746. 283 Md. 156, 389 A. 2d 858, affirmed.
  • Paul Merrell on 20 Jun 13
     
    The Washington Post has reported that "on July 15 [2001], the secret surveillance court allowed the NSA to resume bulk collection under the court's own authority. The opinion, which remains highly classified, was based on a provision of electronic surveillance law, known as "pen register, trap and trace," that was written to allow law enforcement officers to obtain the phone numbers of incoming and outgoing calls from a single telephone line." .  The seminal case on pen registers is the Supreme Court's 1979 Smith v. Maryland decision, bookmarked here and the Clerk's syllabus highlighted, with the Court's discussion on the same web page. We will be hearing a lot about this case decision in the weeks and months to come.  Let it suffice for now to record a few points of what my antenna are telling me:  -- Both technology and the law have moved on since then. We are 34 years down the line from the Smith decision. Its pronouncements have been sliced and diced by subsequent decisions. Not a single Justice who sat on the Smith case is still on the High Bench.   -- In Smith, a single pen register was used to obtain calling information from a single telephone number by law enforcement officials. In the present circumstance, we face an Orwellian situation of a secret intelligence agency with no law enforcement authority forbidden by law from conducting domestic surveillance perusing and all digital communications of the entire citizenry. -- The NSA has been gathering not only information analogous to pen register results but also the communications of American citizens themselves. The communications themselves --- the contents --- are subject to the 4th Amendment warrant requirement. Consider the circuitous route of the records ordered to be disclosed in the Verizon FISA order. Verizon was ordered to disclose them to the FBI, not to the NSA. But then the FBI apparently forwards the records to the NSA, who has both the "pen register
7More

U.S. surveillance architecture includes collection of revealing Internet, phone metadat... - 0 views

www.washingtonpost.com/...2-b05f-3ea3f0e7bb5a_print.html surveillance state NSA must-read pen-register
shared by Paul Merrell on 19 Jun 13 - No Cached
  • On March 12, 2004, acting attorney general James B. Comey and the Justice Department’s top leadership reached the brink of resignation over electronic surveillance orders that they believed to be illegal. President George W. Bush backed down, halting secret foreign-intelligence-gathering operations that had crossed into domestic terrain. That morning marked the beginning of the end of STELLARWIND, the cover name for a set of four surveillance programs that brought Americans and American territory within the domain of the National Security Agency for the first time in decades. It was also a prelude to new legal structures that allowed Bush and then President Obama to reproduce each of those programs and expand their reach.What exactly STELLARWIND did has never been disclosed in an unclassified form. Which parts of it did Comey approve? Which did he shut down? What became of the programs when the crisis passed and Comey, now Obama’s expected nominee for FBI director, returned to private life?Authoritative new answers to those questions, drawing upon a classified NSA history of STELLARWIND and interviews with high-ranking intelligence officials, offer the clearest map yet of the Bush-era programs and the NSA’s contemporary U.S. operations.STELLARWIND was succeeded by four major lines of intelligence collection in the territorial United States, together capable of spanning the full range of modern telecommunications, according to the interviews and documents.
  • Two of the four collection programs, one each for telephony and the Internet, process trillions of “metadata” records for storage and analysis in systems called MAINWAY and MARINA, respectively. Metadata includes highly revealing information about the times, places, devices and participants in electronic communication, but not its contents. The bulk collection of telephone call records from Verizon Business Services, disclosed this month by the British newspaper the Guardian, is one source of raw intelligence for MAINWAY.The other two types of collection, which operate on a much smaller scale, are aimed at content. One of them intercepts telephone calls and routes the spoken words to a system called ­NUCLEON.For Internet content, the most important source collection is the PRISM project reported on June 6 by The Washington Post and the Guardian. It draws from data held by Google, Yahoo, Microsoft and other Silicon Valley giants, collectively the richest depositories of personal information in history.
  • The debate has focused on two of the four U.S.-based collection programs: PRISM, for Internet content, and the comprehensive collection of telephone call records, foreign and domestic, that the Guardian revealed by posting a classified order from the Foreign Intelligence Surveillance Court to Verizon Business Services.The Post has learned that similar orders have been renewed every three months for other large U.S. phone companies, including Bell South and AT&T, since May 24, 2006. On that day, the surveillance court made a fundamental shift in its approach to Section 215 of the Patriot Act, which permits the FBI to compel production of “business records” that are relevant to a particular terrorism investigation and to share those in some circumstances with the NSA. Henceforth, the court ruled, it would define the relevant business records as the entirety of a telephone company’s call database.The Bush administration, by then, had been taking “bulk metadata” from the phone companies under voluntary agreements for more than four years. The volume of information overwhelmed the MAINWAY database, according to a classified report from the NSA inspector general in 2009. The agency spent $146 million in supplemental counterterrorism funds to buy new hardware and contract support — and to make unspecified payments to the phone companies for “collaborative partnerships.”When the New York Times revealed the warrantless surveillance of voice calls, in December 2005, the telephone companies got nervous. One of them, unnamed in the report, approached the NSA with a request. Rather than volunteer the data, at a price, the “provider preferred to be compelled to do so by a court order,” the report said. Other companies followed suit. The surveillance court order that recast the meaning of business records “essentially gave NSA the same authority to collect bulk telephony metadata from business records that it had” under Bush’s asserted authority alone.
  • ...3 more annotations...
  • Telephone metadata was not the issue that sparked a rebellion at the Justice Department, first by Jack Goldsmith of the Office of Legal Counsel and then by Comey, who was acting attorney general because John D. Ashcroft was in intensive care with acute gallstone pancreatitis. It was Internet metadata.At Bush’s direction, in orders prepared by David Addington, the counsel to Vice President Richard B. Cheney, the NSA had been siphoning e-mail metadata and technical records of Skype calls from data links owned by AT&T, Sprint and MCI, which later merged with Verizon.For reasons unspecified in the report, Goldsmith and Comey became convinced that Bush had no lawful authority to do that.MARINA and the collection tools that feed it are probably the least known of the NSA’s domestic operations, even among experts who follow the subject closely. Yet they probably capture information about more American citizens than any other, because the volume of e-mail, chats and other Internet communications far exceeds the volume of standard telephone calls.The NSA calls Internet metadata “digital network information.” Sophisticated analysis of those records can reveal unknown associates of known terrorism suspects. Depending on the methods applied, it can also expose medical conditions, political or religious affiliations, confidential business negotiations and extramarital affairs.What permits the former and prevents the latter is a complex set of policies that the public is not permitted to see.
  • In the urgent aftermath of Sept. 11, 2001, with more attacks thought to be imminent, analysts wanted to use “contact chaining” techniques to build what the NSA describes as network graphs of people who represented potential threats.The legal challenge for the NSA was that its practice of collecting high volumes of data from digital links did not seem to meet even the relatively low requirements of Bush’s authorization, which allowed collection of Internet metadata “for communications with at least one communicant outside the United States or for which no communicant was known to be a citizen of the United States,” the NSA inspector general’s report said.Lawyers for the agency came up with an interpretation that said the NSA did not “acquire” the communications, a term with formal meaning in surveillance law, until analysts ran searches against it. The NSA could “obtain” metadata in bulk, they argued, without meeting the required standards for acquisition.Goldsmith and Comey did not buy that argument, and a high-ranking U.S. intelligence official said the NSA does not rely on it today.As soon as surveillance data “touches us, we’ve got it, whatever verbs you choose to use,” the official said in an interview. “We’re not saying there’s a magic formula that lets us have it without having it.”
  • When Comey finally ordered a stop to the program, Bush signed an order renewing it anyway. Comey, Goldsmith, FBI Director Robert S. Mueller III and most of the senior Bush appointees in the Justice Department began drafting letters of resignation.Then-NSA Director Michael V. Hayden was not among them. According to the inspector general’s classified report, Cheney’s lawyer, Addington, placed a phone call and “General Hayden had to decide whether NSA would execute the Authorization without the Attorney General’s signature.” He decided to go along.The following morning, when Mueller told Bush that he and Comey intended to resign, the president reversed himself.Three months later, on July 15, the secret surveillance court allowed the NSA to resume bulk collection under the court’s own authority. The opinion, which remains highly classified, was based on a provision of electronic surveillance law, known as “pen register, trap and trace,” that was written to allow law enforcement officers to obtain the phone numbers of incoming and outgoing calls from a single telephone line.
  • Paul Merrell on 19 Jun 13
     
    Note particularly the mention that the FISA Court decision to throw the doors open for government snooping was based on "pen register, trap and trace" law. As suspected, now we are into territory dealt with by the Supreme Court in the pre-internet days of 1979 In Smith v. Maryland, 442 U.S. 735 (1979), More about that next, in a bookmark also tagged with "pen-register".
6More

Is the Government's Aerial Smartphone Surveillance Program Legal? | TIME - 0 views

time.com/...government-aerial-surveillance surveillance-state DoJ aerial-stingrays location-data
shared by Paul Merrell on 18 Nov 14 - No Cached
  • Still, is the Justice Department’s airborne dragnet program legal? The answer is “maybe.” Federal authorities have employed similar tools in the past. The Federal Bureau of Investigation is known to use a surveillance tool called a “stingray,” a portable transceiver that tricks cell phones within a certain area into relaying their locations, not unlike the equipment onboard the Marshals’ aircraft. A government vehicle with a stingray can net hundreds of nearby cell phones’ approximate locations just by driving through a typical neighborhood. The government has said it doesn’t need a probable cause warrant to use stingrays because investigators don’t collect the content of phone calls, just the locations of those phones. Government officials, meanwhile, have said they get court approval to use the devices. Much of the government’s warrantless use of stingray-style technology hinges on a 1979 Supreme Court decision titled Smith v. Maryland. Smith involved law enforcement’s use of a device called a pen register that, when attached to a suspect’s phone line, recorded the numbers of outgoing calls, but not the calls themselves. The Smith decision upheld the warrantless use of such devices because the suspect’s phone company would record the same data picked up by the pen register, and therefore the suspect had no reasonable expectation of privacy when it came to that information. Currently, the law requires a court to approve the use of a pen register, but investigators only have to show that the device’s use is “relevant to an ongoing criminal investigation,” a much weaker standard than a probable cause warrant requires.
  • However, to get back to the Smith decision, wireless carriers do store your location history for several months to several years, information they obtain by keeping a record of the cell towers to which your device connects as you move from place to place. That could mean Americans don’t have a reasonable expectation of privacy over their location data and the Smith precedent applies, making the DoJ’s aerial surveillance program legal. Still, that would be a matter for the courts to decide. “There are a lot of tricky questions whether a stingray or dirtbox operated by the government directly is a pen register, or the Fourth Amendment concerns dismissed by the Supreme Court 35 years ago in Smith v. Maryland are more applicable here,” Fakhoury said.
  • Hanni Fakhoury, an attorney at the pro-privacy Electronic Frontier Foundation, says the Department of Justice could use the Smith precedent as legal justification for the airborne dirtbox program. However, Fakhoury also highlighted a key problem with that argument: Location. Pen registers aren’t intended to pick up location data beyond an area code, whereas the airborne dirtboxes can track a person down to a single building. Many courts, he said, have expressed that location data deserves greater constitutional protection than is afforded to other kinds of information.
  • ...2 more annotations...
  • Civil rights groups are raising serious constitutional questions about the Justice Department’s use of dragnet technology onboard aircraft to collect data from suspects’ cell phones, as reported by the Wall Street Journal Thursday.
  • The Justice Department said it could not confirm or deny the existence of the program. But a department official said that all federal investigations are consistent with federal law and are subject to court approval. That official also said the Marshals Service does not maintain any databases of cell phone information — meaning the program could possibly only be used to track the whereabouts of suspects on a case-by-case basis and that it’s vastly different in nature from the kinds of sweeping government surveillance programs first revealed by Edward Snowden.
  • Paul Merrell on 18 Nov 14
     
    Smith v. Maryland is a dead precedent for mass surveillance after the Supreme Court's ruling in Riley v. California. It awaits only the judicial coup de grace. 
5More

Told Ya So: NSA's Collection Of Metadata Is Screamingly Illegal - Forbes - 1 views

www.forbes.com/...2 NSA-Patriot-Act-NDAA Edward-Snowden
shared by Gary Edwards on 27 Jan 14 - No Cached
  • The PCLOB disagrees.  While “the matter is not free from doubt, we believe that these decisions are wrong. ‘[I]t is a commonplace of statutory construction that the specific governs the general,’ the Supreme Court has said.” If Congress said telephone companies can share customer data in specific circumstances, but not in response to Section 215 orders, that’s what the law is.  That conclusion seems, to us if not to Judge Pauley, crystal clear.
  • So the NSA’s telephone metadata spying program exceeds the agency’s authority under the Patriot Act, and violates ECPA in the process. But we’re still not done – it gets worse yet. For there are good reasons to believe the NSA’s phone records collection is not just illegal, but criminal.
  • Telephone and Internet metadata are protected by law under the aforementioned “pen register” statute.  That statute says that “no person may install or use a pen register or a trap and trace device without first obtaining a court order under section 3123 of this title or under the Foreign Intelligence Surveillance Act of 1978 (50 U.S.C. 1801 et seq.).” Pen registers and trap and trace devices collect dialing, routing, signaling or addressing information. Violation of the statute is a criminal misdemeanor.
  • ...2 more annotations...
  • We suspect that the phone companies have put in place a process adopted specifically to collect the information that the government demands via its section 215 orders and transmit that information to the government according to technological specifications that the government establishes.  We have seen just this sort of cooperative relationship in another of the NSA’s mass surveillance programs – PRISM – which collects the content of emails, text messages, IMs, and other Internet communications.
  • The government works with telephone and Internet companies to get access to the data it wants in a specific, interoperable format. And this is the problem: If the process for collecting data in response to section 215 orders is in any way different from the process for regular billing, without meeting the statutory requirements for installation of a pen register device, it is a crime.
5More

Documents: FBI Spyware Has Been Snaring Extortionists, Hackers for Years | Threat Level... - 0 views

www.wired.com/...fbi-spyware-pro FBI Tor NSA surveillance state anonymizers
shared by Paul Merrell on 05 Oct 13 - No Cached
  • A sophisticated FBI-produced spyware program has played a crucial behind-the-scenes role in federal investigations into extortion plots, terrorist threats and hacker attacks in cases stretching back at least seven years, newly declassified documents show. As first reported by Wired.com, the software, called a "computer and internet protocol address verifier," or CIPAV, is designed to infiltrate a target’s computer and gather a wide range of information, which it secretly sends to an FBI server in eastern Virginia. The FBI’s use of the spyware surfaced in 2007 when the bureau used it to track e-mailed bomb threats against a Washington state high school to a 15-year-old student. But the documents released Thursday under the Freedom of Information Act show the FBI has quietly obtained court authorization to deploy the CIPAV in a wide variety of cases, ranging from major hacker investigations, to someone posing as an FBI agent online. Shortly after its launch, the program became so popular with federal law enforcement that Justice Department lawyers in Washington warned that overuse of the novel technique could result in its electronic evidence being thrown out of court in some cases. "While the technique is of indisputable value in certain kinds of cases, we are seeing indications that it is being used needlessly by some agencies, unnecessarily raising difficult legal questions (and a risk of suppression) without any countervailing benefit," reads a formerly-classified March 7, 2002 memo from the Justice Department’s Computer Crime and Intellectual Property Section.
  • The documents, which are heavily redacted, do not detail the CIPAV’s capabilities, but an FBI affidavit in the 2007 case indicate it gathers and reports a computer’s IP address; MAC address; open ports; a list of running programs; the operating system type, version and serial number; preferred internet browser and version; the computer’s registered owner and registered company name; the current logged-in user name and the last-visited URL. After sending the information to the FBI, the CIPAV settles into a silent "pen register" mode, in which it lurks on the target computer and monitors its internet use, logging the IP address of every server to which the machine connects. The documents shed some light on how the FBI sneaks the CIPAV onto a target’s machine, hinting that the bureau may be using one or more web browser vulnerabilities. In several of the cases outlined, the FBI hosted the CIPAV on a website, and tricked the target into clicking on a link. That’s what happened in the Washington case, according to a formerly-secret planning document for the 2007 operation. "The CIPAV will be deployed via a Uniform Resource Locator (URL) address posted to the subject’s private chat room on MySpace.com."
  • The software’s primary utility appears to be in tracking down suspects that use proxy servers or anonymizing websites to cover their tracks.
  • ...1 more annotation...
  • The documents appear to settle one of the questions the FBI declined to answer in 2007: whether the bureau obtains search warrants before using the CIPAV, or if it sometimes relies on weaker "pen register" orders that don’t require a showing of probable cause that a crime has been committed. In all the criminal cases described in the documents, the FBI sought search warrants. The records also indicate that the FBI obtained court orders from the Foreign Intelligence Surveillance Court, which covers foreign espionage and terrorism investigations, but the details are redacted. The FBI released 152 heavily-redacted pages in response to Threat Level’s FOIA request, and withheld another 623.
  • Paul Merrell on 05 Oct 13
     
    The article summarizes many cases in which the CIPAV exploit was used by the FBI. But the article's closing observation that the released documents "whether the bureau obtains search warrants before using the CIPAV" stretches the evidence a bit too far, methinks. If they exist, the FBI very likely would not have produced records of incidents in which it used CIPAV without court authorization. 
2More

Great Privacy Essay: Fourth Amendment Doctrine in the Era of Total Surveillance | CIO - 0 views

www.cio.com/...era-of-total-surveillance.html privacy the-Fourth-Amendment
shared by Gary Edwards on 04 Aug 14 - No Cached
  • Gary Edwards on 04 Aug 14
     
    "'Failing Expectations: Fourth Amendment Doctrine in the Era of Total Surveillance' is a thought-provoking essay written by a Fordham University law professor about how the reasonable expectation test for privacy is failing to protect us. Add into our networked world the third-party doctrine and we have little protection against unreasonable searches and seizures."
  • Paul Merrell on 05 Aug 14
     
    It doesn't detract substantially from the essay's central thesis, but an important part of the learned professor's heartfelt desires were delivered in a Supreme Court decision just decided, after the essay was published, Reilly v. California, http://www.supremecourt.gov/opinions/13pdf/13-132_8l9c.pdf The Court held in relevant part: "We also reject the United States' final suggestion that officers should always be able to search a phone's call log, as they did in Wurie's case. The Government relies on Smithv. Maryland, 442 U. S. 735 (1979), which held that no warrant was required to use a pen register at telephone company premises to identify numbers dialed by a particular caller. The Court in that case, however, concluded that the use of a pen register was not a "search" at all under the Fourth Amendment. See id., at 745-746. There is no dispute here that the officers engaged in a search of Wurie's cell phone. Moreover, call logs typically contain more than just phone numbers; they include any identifying information that an individual might add, such as the label "my house" in Wurie's case." The effect there was to confine Smith v. Maryland, the foundation of the third-party doctrine, to its particular facts. In other words, the third-party doctrine is now confined to connected telephone numbers, the connect time, and the duration of the call. If any other metadata is gathered, such as location data, the third-party doctrine no longer applies. When you read the rest of the Reilly decision, you see a unanimous Supreme Court shooting down one government defense after another that have been used in the NSA's defense to mass telecommunications surveillance. But most interestingly, the Court unmistakably has laid the groundwork for a later decision drastically cutting back on digital surveillance without a search warrant based on particularized probable cause to believe that evidence of a specific crime has occurred and that the requested sear
7More

US v. Comprehensive Drug Testing, Inc., 621 F. 3d 1162 - Court of Appeals, 9th Circuit ... - 0 views

scholar.google.com/scholar_case surveillance-state 4th Amendment bulk-collection future-investigations
shared by Paul Merrell on 05 Dec 14 - No Cached
  • Concluding Thoughts
  • The advent of fast, cheap networking has made it possible to store information at remote third-party locations, where it is intermingled with that of other users. For example, many people no longer keep their email primarily on their personal computer, and instead use a web-based email provider, which stores their messages along with billions of messages from and to millions of other people. Similar services exist for photographs, slide shows, computer code and many other types of data. As a result, people now have personal data that are stored with that of innumerable strangers. Seizure of, for example, Google's email servers to look for a few incriminating messages could jeopardize the privacy of millions. It's no answer to suggest, as did the majority of the three-judge panel, that people can avoid these hazards by not storing their data electronically. To begin with, the choice about how information is stored is often made by someone other than the individuals whose privacy would be invaded by the search. Most people have no idea whether their doctor, lawyer or accountant maintains records in paper or electronic format, whether they are stored on the premises or on a server farm in Rancho Cucamonga, whether they are commingled with those of many other professionals 1177*1177 or kept entirely separate. Here, for example, the Tracey Directory contained a huge number of drug testing records, not only of the ten players for whom the government had probable cause but hundreds of other professional baseball players, thirteen other sports organizations, three unrelated sporting competitions, and a non-sports business entity—thousands of files in all, reflecting the test results of an unknown number of people, most having no relationship to professional baseball except that they had the bad luck of having their test results stored on the same computer as the baseball players.
  • This pressing need of law enforcement for broad authorization to examine electronic records, so persuasively demonstrated in the introduction to the original warrant in this case, see pp. 1167-68 supra, creates a serious risk that every warrant for electronic information will become, in effect, a general warrant, rendering the Fourth Amendment irrelevant. The problem can be stated very simply: There is no way to be sure exactly what an electronic file contains without somehow examining its contents—either by opening it and looking, using specialized forensic software, keyword searching or some other such technique. But electronic files are generally found on media that also contain thousands or millions of other files among which the sought-after data may be stored or concealed. By necessity, government efforts to locate particular files will require examining a great many other files to exclude the possibility that the sought-after data are concealed there. Once a file is examined, however, the government may claim (as it did in this case) that its contents are in plain view and, if incriminating, the government can keep it. Authorization to search some computer files therefore automatically becomes authorization to search all files in the same sub-directory, and all files in an enveloping directory, a neighboring hard drive, a nearby computer or nearby storage media. Where computers are not near each other, but are connected electronically, the original search might justify examining files in computers many miles away, on a theory that incriminating electronic data could have been shuttled and concealed there.
  • ...3 more annotations...
  • This case well illustrates both the challenges faced by modern law enforcement in retrieving information it needs to pursue and prosecute wrongdoers, and the threat to the privacy of innocent parties from a vigorous criminal investigation. At the time of Tamura, most individuals and enterprises kept records in their file cabinets or similar physical facilities. Today, the same kind of data is usually stored electronically, often far from the premises. Electronic storage facilities intermingle data, making them difficult to retrieve without a thorough understanding of the filing and classification systems used—something that can often only be determined by closely analyzing the data in a controlled environment. Tamura involved a few dozen boxes and was considered a broad seizure; but even inexpensive electronic storage media today can store the equivalent of millions of pages of information. 1176*1176 Wrongdoers and their collaborators have obvious incentives to make data difficult to find, but parties involved in lawful activities may also encrypt or compress data for entirely legitimate reasons: protection of privacy, preservation of privileged communications, warding off industrial espionage or preventing general mischief such as identity theft. Law enforcement today thus has a far more difficult, exacting and sensitive task in pursuing evidence of criminal activities than even in the relatively recent past. The legitimate need to scoop up large quantities of data, and sift through it carefully for concealed or disguised pieces of evidence, is one we've often recognized. See, e.g., United States v. Hill, 459 F.3d 966 (9th Cir.2006).
  • Second, there are very important benefits to storing data electronically. Being able to back up the data and avoid the loss by fire, flood or earthquake is one of them. Ease of access from remote locations while traveling is another. The ability to swiftly share the data among professionals, such as sending MRIs for examination by a cancer specialist half-way around the world, can mean the difference between death and a full recovery. Electronic storage and transmission of data is no longer a peculiarity or a luxury of the very rich; it's a way of life. Government intrusions into large private databases thus have the potential to expose exceedingly sensitive information about countless individuals not implicated in any criminal activity, who might not even know that the information about them has been seized and thus can do nothing to protect their privacy. It is not surprising, then, that all three of the district judges below were severely troubled by the government's conduct in this case. Judge Mahan, for example, asked "what ever happened to the Fourth Amendment? Was it ... repealed somehow?" Judge Cooper referred to "the image of quickly and skillfully moving the cup so no one can find the pea." And Judge Illston regarded the government's tactics as "unreasonable" and found that they constituted "harassment." Judge Thomas, too, in his panel dissent, expressed frustration with the government's conduct and position, calling it a "breathtaking expansion of the `plain view' doctrine, which clearly has no application to intermingled private electronic data." Comprehensive Drug Testing, 513 F.3d at 1117.
  • Everyone's interests are best served if there are clear rules to follow that strike a fair balance between the legitimate needs of law enforcement and the right of individuals and enterprises to the privacy that is at the heart of the Fourth Amendment. Tamura has provided a workable framework for almost three decades, and might well have sufficed in this case had its teachings been followed. We have updated Tamura to apply to the daunting realities of electronic searches. We recognize the reality that over-seizing is an inherent part of the electronic search process and proceed on the assumption that, when it comes to the seizure of electronic records, this will be far more common than in the days of paper records. This calls for greater vigilance on the part of judicial officers in striking the right balance between the government's interest in law enforcement and the right of individuals to be free from unreasonable searches and seizures. The process of segregating electronic data that is seizable from that which is not must not become a vehicle for the government to gain access to data which it has no probable cause to collect.
  • Paul Merrell on 05 Dec 14
     
    From a Ninth U.S. Circuit Court of Appeals en banc ruling in 2010. The Court's holding was that federal investigators had vastly overstepped the boundaries of multiple subpoenas and a search warrant --- and the Fourth Amendment --- by seizing records of a testing laboratory and reviewing them for information not described in the warrant or the subpoenas. At issue in this particular case was the government's use of a warrant that found probable cause to believe that the records contained evidence that steroids had been found in the urine of ten major league baseball players but searched the seized records for urine tests of other baseball players. The Court upheld the lower courts' rulings that the government was required to return all records other than those relevant to the ten players identified in the warrant. (The government had instead used the records of other player's urine tests to issue subpoenas for evidence relevant to those players potential use of steroids.) This decision cuts very heavily against the notion that the Fourth Amendment allows the bulk collection of private information about millions of Americans with or without a warrantor court order on the theory that some of the records *may* later become relevant to a lawful investigation.   Or rephrased, here is the en banc decision of the largest federal court of appeals (as many judges as most other federal appellate courts combined), in direct disagreement with the FISA Court orders allowing bulk collection of telephone records and bulk "incidental" collection of Americans' telephone conversations on the theory that the records *might* become relevant to national security investigations. Yet none of the FISA judges in any of the FISA opinions published thus far even cited, let alone distinguished, this Ninth Circuit en banc decision. Which says a lot of the quality of the legal research performed by the FISA Court judges. However, this precedent is front and center in briefs filed with the Ni
5More

James Comey remained at Justice Department as monitoring went on | World news | guardia... - 0 views

www.guardian.co.uk/...ice-department-data-monitoring surveillance state NSA FBI Comey Obama confirmation
shared by Paul Merrell on 04 Jul 13 - No Cached
  • James Comey famously threatened to resign from the Justice Department in 2004 over the warrantless surveillance of Americans' internet records. But once Justice Department and National Security Agency lawyers found a novel legal theory to cover the surveillance, the man Barack Obama tapped last week to lead the FBI stayed on as deputy attorney general for another year as the monitoring continued.Comey was the acting attorney general in March 2004, when long-simmering legal tensions over the online "metadata" surveillance pitted the Justice Department and FBI against the Bush White House and NSA. That incident, dramatically recounted by Comey to the Senate in May 2007, earned the 6ft 8in former federal prosecutor a reputation for integrity that has become central to his persona.
  • President Obama directly referred to that reputation when he nominated Comey to take over the FBI on June 21. Hovering over the announcement were the Guardian and Washington Post's revelations of wide-ranging surveillance efforts."To know Jim Comey is also to know his fierce independence and his deep integrity," Obama said. "He was prepared to give up a job he loved rather than be part of something he felt was fundamentally wrong."Except that a classified report recounting the incident, acquired by the Guardian, complicates that view. Comey threatened to resign over the perceived illegality of one aspect of the surveillance. But he remained at the Justice Department for another year as that effort, operating under a new legal theory, continued nearly unchanged.
  • Comey would later testify to the Senate that the episode was "the most difficult of my professional career."But "immediately," the NSA IG report shows, lawyers from the NSA and Comey's Justice Department "began efforts to recreate this authority." They found it in what the document nebulously refers to as a Pen Register/Trap and Trace Order – a reference to devices traditionally used by surveillance officials to record the incoming and outgoing calls made and received by a telephone.The Fisa court, the secret court that oversees NSA surveillance, approved the first such order for NSA to again collect and analyze large volumes of internet records from Americans on July 14 2004, barely three months after Comey's rebellion.
  • ...1 more annotation...
  • "Although NSA lost access to the bulk metadata from 26 March 2004 until the order was signed, the order essentially gave NSA the same authority to collect bulk internet metadata that it had" previously, the NSA IG report reads, "except that it specified the datalinks from which NSA could collect, and it limited the number of people that could access the data."The surveillance Comey and his colleagues – including Mueller, the FBI director he is nominated to replace – objected to had merely been paused and rerouted under a new legal basis. Comey remained at the Justice Department as deputy attorney general until August 15, 2005.
  • Paul Merrell on 04 Jul 13
     
    Here's hoping that the Senate has the sense to reject James Comey as the new FBI Director. The FBI needs a Director and Comey's active assistance  in unconstitutional NSA surveillance, even if not an absolute disqualifier, cannot possibly be sorted out  during the foreseeable future.   Hey, Mr. President, how about a real civil libertarian instead?
6More

NSA surveillance may be legal - but it's unconstitutional - The Washington Post - 0 views

www.washingtonpost.com/...2-a73e-826d299ff459_print.html surveillance state NSA constitutional law law
shared by Paul Merrell on 22 Jun 13 - No Cached
  • Laura K. Donohue is a professor at Georgetown University Law Center and director of Georgetown’s Center on National Security and the Law. The National Security Agency’s recently revealed surveillance programs undermine the purpose of the Foreign Intelligence Surveillance Act, which was established to prevent this kind of overreach. They violate the Fourth Amendment’s guarantee against unreasonable search and seizure. And they underscore the dangers of growing executive power.
  • Another program, PRISM, disclosed by the Guardian and The Washington Post, allows the NSA and the FBI to obtain online data including e-mails, photographs, documents and connection logs. The information that can be assembledabout any one person — much less organizations, social networks and entire communities — is staggering: What we do, think and believe.The government defends the programs’ legality, saying they comply with FISA and its amendments. It may be right, but only because FISA has ceased to provide a meaningful constraint.Under the traditional FISA, if the government wants to conduct electronic surveillance, it must make a classified application to a special court, identitying or describing the target. It must demonstrate probable cause that the target is a foreign power or an agent thereof, and that the facilities to be monitored will be used by the target.In 2008, Congress added section 702 to the statute, allowing the government to use electronic surveillance to collect foreign intelligence on non-U.S. persons it reasonably believes are abroad, without a court order for each target. A U.S. citizen may not intentionally be targeted.To the extent that the FISC sanctioned PRISM, it may be consistent with the law. But it is disingenuous to suggest that millions of Americans’ e-mails, photographs and documents are “incidental” to an investigation targeting foreigners overseas.
  • Another program, PRISM, disclosed by the Guardian and The Washington Post, allows the NSA and the FBI to obtain online data including e-mails, photographs, documents and connection logs. The information that can be assembledabout any one person — much less organizations, social networks and entire communities — is staggering: What we do, think and believe.The government defends the programs’ legality, saying they comply with FISA and its amendments. It may be right, but only because FISA has ceased to provide a meaningful constraint.
  • ...3 more annotations...
  • Under the traditional FISA, if the government wants to conduct electronic surveillance, it must make a classified application to a special court, identitying or describing the target. It must demonstrate probable cause that the target is a foreign power or an agent thereof, and that the facilities to be monitored will be used by the target.In 2008, Congress added section 702 to the statute, allowing the government to use electronic surveillance to collect foreign intelligence on non-U.S. persons it reasonably believes are abroad, without a court order for each target. A U.S. citizen may not intentionally be targeted.To the extent that the FISC sanctioned PRISM, it may be consistent with the law. But it is disingenuous to suggest that millions of Americans’ e-mails, photographs and documents are “incidental” to an investigation targeting foreigners overseas.The telephony metadata program raises similar concerns. FISA did not originally envision the government accessing records. Following the 1995 Oklahoma City bombing, Congress allowed applications for obtaining records from certain kinds of businesses. In 2001, lawmakers further expanded FISA to give the government access to any business or personal records. Under section 215 of the Patriot Act, the government no longer has to prove that the target is a foreign power. It need only state that the records are sought as part of an investigation to protect against terrorism or clandestine intelligence.
  • The telephony metadata program raises similar concerns. FISA did not originally envision the government accessing records. Following the 1995 Oklahoma City bombing, Congress allowed applications for obtaining records from certain kinds of businesses. In 2001, lawmakers further expanded FISA to give the government access to any business or personal records. Under section 215 of the Patriot Act, the government no longer has to prove that the target is a foreign power. It need only state that the records are sought as part of an investigation to protect against terrorism or clandestine intelligence.This means that FISA can now be used to gather records concerning individuals who are neither the target of any investigation nor an agent of a foreign power. Entire databases — such as telephony metadata — can be obtained, as long as an authorized investigation exists.Congress didn’t pass Section 215 to allow for the wholesale collection of information. As Rep. F. James Sensenbrenner Jr. (R-Wis.), who helped draft the statute, wrote in the Guardian: “Congress intended to allow the intelligence communities to access targeted information for specific investigations. How can every call that every American makes or receives be relevant to a specific investigation?”As a constitutional matter, the Supreme Court has long held that, where an individual has a reasonable expectation of privacy, search and seizure may occur only once the government has obtained a warrant, supported by probable cause and issued by a judge. The warrant must specify the places to be searched and items to be seized.
  • There are exceptions to the warrant requirement. In 1979 the court held that the use of a pen register to record numbers dialed from someone’s home was not a search. The court suggested that people who disclose their communications to others assume the risk that law enforcement may obtain the information.More than three decades later, digitization and the explosion of social-network technology have changed the calculus. In the ordinary course of life, third parties obtain massive amounts of information about us that, when analyzed, have much deeper implications for our privacy than before.As for Section 702 of FISA, the Supreme Court has held that the Fourth Amendment does not protect foreigners from searches conducted abroad. But it has never recognized a foreign intelligence exception to the warrant requirement when foreign-targeted searches result in the collection of vast stores of citizens’ communications.Americans reasonably expect that their movements, communications and decisions will not be recorded and analyzed by the government. A majority of the Supreme Court seems to agree. Last year, the court considered a case involving 28-day GPS surveillance. Justice Samuel Alito suggested that in most criminal investigations, long-term monitoring “impinges on expectations of privacy.” Justice Sonia Sotomayor recognized that following a person’s movements “reflects a wealth of detail about her familial, political, professional, religious, and sexual associations.”The FISC is supposed to operate as a check. But it is a secret court, notorious for its low rate of denial. From 1979 to 2002, it did not reject a single application. Over the past five years, out of nearly 8,600 applications, only two have been denied.
4More

New York Police Have Used Stingrays Widely, New Documents Show - 0 views

theintercept.com/...rays-widely-new-documents-show surveillance state NYPD stingrays ACLU
shared by Paul Merrell on 13 Feb 16 - No Cached
  • The NYPD has used cell-site simulators, commonly known as Stingrays, more than 1,000 times since 2008, according to documents turned over to the New York Civil Liberties Union. The documents represent the first time the department has acknowledged using the devices. The NYPD also disclosed that it does not get a warrant before using a Stingray, which sweeps up massive amounts of data. Instead, the police obtain a “pen register order” from a court, more typically used to collect call data for a specific phone. Those orders do not require the police to establish probable cause. Additionally, the NYPD has no written policy guidelines on the use of Stingrays. Stingrays work by imitating cellphone towers. They force all nearby phones to connect to them, revealing the owners’ locations. That means they collect data on potentially hundreds of people. They are small enough to fit in a suitcase, or be mounted on a plane.
  • When they were originally developed in 2003, Stingrays were designed for military use. But in the past decade, they have increasingly been purchased by law enforcement agencies. According to the ACLU, Stingrays are used by at least 59 police departments in 23 states, and at least 13 federal agencies, including the DEA, FBI, and the IRS. Because most departments withhold information about Stingrays, these numbers likely underrepresent the total.
  • Stingrays have long been a topic of concern for privacy activists. “Cell-site simulators are powerful surveillance devices that can track people, including in their homes, and collect information on innocent bystanders,” said Mariko Hirose, a senior staff attorney at the NYCLU.  “If they are going to be used in communities the police should at minimum obtain a warrant and follow written policies.” Instead, law enforcement agencies have fought to keep Stingrays secret, even dropping criminal cases to avoid disclosing anything about them. The FBI has forced local police agencies to sign Stingray-related non-disclosure agreements, claiming that criminals and terrorists who know about Stingrays could take countermeasures against them. The increasing use of Stingrays, coupled with the lack of transparency, has alarmed civil liberties groups. “I think it’s critical to have transparency about the use of technology like Stingrays,” said Faiza Patel, an attorney with the Brennan Center for Justice. “That’s what allows courts, the public, and our elected officials to weigh in on the proper rules.”
  • ...1 more annotation...
  • In September, the Department of Justice issued guidelines requiring its officers to seek probable cause warrants before using a Stingray. But the guidelines only applied to federal law enforcement agencies, not to state and local police, who have fought such a change. In one ongoing court case, the state of Maryland has argued that anyone who turns on their phone consents to having his or her location tracked. In November, Senator Ron Wyden, D-Ore., and Rep. Jason Chaffetz, R-Utah, introduced the GPS Act, a bill that would extend the Department of Justice’s guidelines to all law enforcement agencies. “Buying a smartphone shouldn’t be interpreted as giving the government a free pass to track your movements,” Wyden said.
1 - 10 of 10
Showing 20 items per page