Unwarranted, p.37
Unwarranted,
p.37
The FISA judges were well aware they were being asked to allow something unprecedented. In 2004, for example, the court was asked to authorize the Stellar Wind program under FISA, forcing telecommunications and Internet companies to turn over vast amounts of information on targets. It described its order as one of “first impression,” “resulting in the collection of metadata from an enormous volume of communications, the large majority of which will be unrelated to international terrorism.”54
Still, the judges went ahead, although it was perfectly apparent that they were being asked to squeeze a large square peg into a much smaller round hole. For example, surveillance orders are supposed to specify “the identity, if known, of the person” to whose line the surveillance device is to be attached. But the administration was, as we all now know, not specifying any person whatsoever: it was collecting data on everyone. The gap between FISA’s text and the executive’s request was so wide that the court should then and there have required the executive to go to Congress. Instead, the FISA court simply waved the problem away, saying (remarkably) “there is no requirement to state the identify of such a person if it is not ‘known.’”55
Most extraordinarily, the FISA court signed off on the NSA collecting all our phone metadata—without writing any legal opinion at all. That is just not done. It is a fundamental canon of judging that consequential decisions are accompanied by a written legal justification, one that is subject to critique and appeal. The fact that the FISA judges did not write the requisite opinion serves to underscore the difficulty they must have understood they had in justifying the program under existing law.56
When the FISA court finally felt forced to explain its approval in writing—after Snowden’s disclosures—its opinion was threadbare, to say the least. Section 215 of FISA requires the government to show that the information being requested is “relevant” to an ongoing international terrorism investigation. How was the phone information of every American “relevant” to such an investigation? The court simply bought the government’s argument that “[a]nalysts know that the terrorists’ communications are located somewhere in the metadata,” they just don’t know where right now. So looking everywhere was apparently okay under the statute. As Congressman James Sensenbrenner, the author of the Patriot Act, points out, “The government may need the haystack to find the needle, but gathering the haystack without knowledge that it contains the needle is precisely what the relevance standard and Section 215 are supposed to prevent.”57
Once caught in the act, the FISA court became defensive, blaming Congress for the public brouhaha. It defended approving bulk collection by saying that even if the words of FISA don’t bear the desired meaning, Congress reauthorized FISA in 2011 knowing full well what had been going on, so if anyone was at fault it was Congress. In support of this claim the court pointed to a briefing document that members of Congress got about the bulk telephone collection. It (and another, later, federal court opinion) basically called out members of Congress who claimed they did not know what was happening as incompetents, liars, or both. That was hardly fair: members of Congress were only allowed to look at the briefing document in a special secure space, with no staff to help them understand what was going on. Nothing like this has ever remotely counted in law as congressional authorization, nor should it. Congress can’t strip our rights in secret.58
Why the judges acted as they did is difficult to fathom. Perhaps it was because they—being in no position to question the executive branch’s claims of necessity—thought it better to try to bring the program within their notion of what was proper procedure, rather than letting it continue without any supervision.
In any event, it was simply wrong. When the FISA court finally had to justify its long negligence, it passed the buck: “[W]hether and to what extent the government seeks to continue the program … is a matter for the political branches to decide.” That is what the court should have said when it was first asked to approve such extraordinary measures, not years later. Rather than approving an extraordinary program that defied existing law, it should have sent the administration immediately to Congress, thus forcing the very democratic deliberation the Constitution requires.59
Is the FISA Court a Court?
The FISA court had a far more profound reason to be defensive: It is a not a real law court, and thus should not be making legal determinations of such a serious magnitude anyway.
Law courts act in public. Under our justly famous adversarial system, judges hear all sides of an argument, not just the government’s. They decide in written opinions that are open to public scrutiny and debate. Any affected party can appeal initial decisions. All these proceedings are open to public scrutiny.
None of this is true of the FISC, which was designed to act in secret. As the FISA court was originally conceived, secrecy was just fine. The FISA court’s imagined role was to act as a magistrate, granting warrant requests for searches of specific targets based on individualized suspicion. Magistrates typically consider particularized warrant requests in secret, hearing only from the government.60
But when it comes to deciding legal questions of great constitutional moment, the FISA judges—lacking all the accoutrements of a real court—were in over their head. The benefit of our public, adversarial system is that judges hear both sides of a tough question, and know their resultant opinion will have to stand up under public scrutiny.
The Fourth Amendment Failings of the FISA Opinions
The result of the FISA court’s one-sided secret proceedings was a series of inadequate legal opinions, nowhere more so than regarding the constitutionality of the President’s Surveillance Program under the Fourth Amendment.
Take the issue of bulk telephone data collection. The FISA court said the question was controlled by the Supreme Court’s 1979 decision in Smith v. Maryland. That was the case involving the telephone stalker, critiqued in Chapter 10, in which the justices held that collecting the phone numbers dialed by one person (who there was cause to believe had committed the offense) was not a “search” within the meaning of the Fourth Amendment. It would seem perfectly obvious even to the greenest law student that there is a bit of distance between what got approved in Smith, and collecting the data of an entire nation. Yet all the FISA court could say was, “Whether a large number of persons are otherwise affected by the government’s conduct is irrelevant.” 61
Courts that have handled this issue since, in public, with full briefing by both sides, have acknowledged that the question is considerably more difficult than the FISA court believed. The data from the Smith pen register was collected for a short time, and not retained; the bulk collection data is collected nonstop and retained for years. At the time of Smith, the information was collected from an independent third party, the phone company, while today the communications companies are so clearly in cahoots with the government that it is little different from the government simply gathering the data itself. The information collected under PSP was different than Smith: it included not just the number dialed, but also whether the call was completed, the call’s duration, and the “trunk identifier” that can be used for location tracking. Since Smith, the Supreme Court itself has pointed to the perils of data collection that allows long-term location tracking. None of this, apparently, even occurred to the FISA court as worthy of discussion.62
Even more difficult to get one’s head around—if that were possible—was the FISC Court of Review’s decision that the executive branch could engage in surveillance of Americans, without warrants, so long as the purpose was foreign intelligence gathering. The case, In re Directives, arose when Yahoo balked at turning over data under a 2007 stopgap measure that allowed warrantless spying on Americans so long as they were “reasonably believed to be located outside the United States.” Yahoo argued that allowing the executive branch to search on its own say-so invited “abuse.” The Court of Review brushed aside Yahoo’s argument, saying it is “little more than a lament about the risk that government officials will not operate in good faith.” But isn’t the whole point of the Constitution to trust in law rather than the good faith of government employees? As the Supreme Court in Keith pointed out—and it is awfully hard to square the Yahoo decision with Keith—“The Fourth Amendment contemplates a prior judicial judgment, not the risk that executive discretion may be reasonably exercised.” Stated more plainly: Don’t just trust in the good faith of the executive branch—get a warrant.63
UNCERTAIN EFFICACY
What the executive branch and the FISA court should have done was force Congress to decide in the first instance whether the sort of widespread surveillance of PSP was appropriate. When authorization is not sought, there is insufficient debate about the plusses and minuses, or the costs and benefits, of what government agencies wish to do. Bad decisions get made.
There are serious questions as to whether the government’s bulk collection efforts—which occurred at breathtaking expense—make any sense. As the Privacy and Civil Liberties Oversight Board explained, in its skeptical review of the 215 bulk collection program, “[C]ounterterrorism resources are not unlimited, and if a program is not working those resources should be directed to other programs that are more effective in protecting us from terrorists.” 64
In the aftermath of the Snowden revelations, officials—including President Obama, General Keith Alexander, the NSA Director, and Representative Mike Rogers, the chair of the House Intelligence Committee—all claimed that bulk data collection had prevented some fifty terrorist incidents. The one federal judge outside the FISA court who upheld the bulk collection under the 215 program detailed three specific cases, including a plot to bomb New York’s subways and another to attack the New York Stock Exchange.65
Under the cold eye of critical examination, however, the number of thwarted incidents dwindled pretty much to zero. The Privacy and Civil Liberties Oversight Board could find no instance of any threat where telephony data made a difference. The Privacy Review Board appointed by the president to review the PSP concluded the same. A joint report by the Inspectors General of the NSA, Department of Defense, CIA, Office of the Director of National Intelligence, and the DOJ determined that “most PSP leads were determined not to have any connection to terrorism.” Even Matt Olsen, the lawyer at the DOJ who smoothed the path for FISC approval of bulk collection, conceded that it is really “a bit of an insurance policy … it’s a way to do what we otherwise could do, but do it a little bit more quickly.” 66
The difficulty is that we are gathering vast amounts of information simply because we can. Technology has always been a driver of intelligence. In the 1960s, for example, advances in flight led to the U-2 spy plane and a greater emphasis on aerial surveillance. Similar advances in data collection, storage, and mining led to the PSP.67
When the 9/11 Commission member Richard Shelby called out the spy agencies for failing to connect the dots before the disaster, something serious was lost in translation. The first word in “connecting the dots” is connecting, not collecting. In his exhaustive and engrossing study of intelligence gathering post-9/11, Shane Harris concluded: “[T]he Watchers have become very good at collecting the dots and not very good at connecting them.” Intelligence professionals and scholars worry we are drowning in a sea of data. Their oft-expressed concerns are about analytic capabilities, not data collection. Even an NSA internal report expressed concern that gathering location data was “outpacing our ability to ingest, process, and store that data.” Today’s mantra, “drowning in data, [yet] starving for wisdom,” is as true in intelligence as elsewhere.68
There is, furthermore, good is reason to be skeptical that the government’s entire endeavor of predictive data mining can ever be successful. Jeff Jonas is a data engineer who has had great success with commercial data mining, and who worked for a time with Poindexter on TIA. Subsequently, he and his coauthor Jim Harper wrote a scathing denunciation of what was being done. For predictive data mining to work—as it does in fighting credit card fraud or targeting consumers—one needs a good model of what one is looking for. Yet terrorist plots come in so many varieties that it is ultimately impossible to find them in all the noise, quite unlike the submarines Poindexter hunted long ago. “[D]esign of a search algorithm based on anomaly is no more likely to turn up terrorists than twisting the end of a kaleidoscope is likely to draw an image of the Mona Lisa.” Thus, they conclude, “pursuing this use of data mining wastes taxpayer dollars, needlessly infringes on privacy and civil liberties, and misdirects the valuable time and energy of the men and women in the national security community.”69
WHAT’S CONSTITUTIONAL?
Whether efficacious or not, the American people are entitled to have the programs they want, so long as they are constitutional. That’s what democracy is all about. What is notable here, however, is that when portions of the PSP have been debated publicly, judgments about what is constitutional and what is efficacious have altered. As we have seen time and again, policy changes when the public participates.
After intense national debate, in 2015 Congress adopted the USA Freedom Act. (Correcting, it should be noted, some of the abuses that occurred under the USA Patriot Act. There may be a message there.) Under the Freedom Act, the government is no longer permitted to collect and hold our information in bulk. Rather, that data rests with the telecom companies. More important, in order to access it the government now must have a court order, founded on reasonable suspicion.
These measures, readily approved after public debate, are all that the Constitution may require. Suspicionless collection of data is just fine so long as it is authorized by law, and the data of all of us is collected, in a nondiscriminatory manner. This was the lesson of Chapter 7, about suspicionless searches.
As for searching the data in government hands, that is fine too—so long as there is a warrant supported by cause whenever an American’s data is being searched. That is the bedrock constitutional requirement, widely violated in the aftermath of 9/11. Voices on the left and right now agree that when the government searches United States persons, warrants should be required. The Privacy and Civil Liberties Oversight Board and the Privacy Review Board expressed this view in the strongest of terms.70
In other words, the government could have had much of what it wanted after 9/11 if it had only asked for prior approval. And it’s not apparent why a congressional debate over those requests could not have been had publicly. With programs as general as these, it is difficult to know how public debate would have informed the terrorists of much of anything—except that they had better beware because the NSA has enormous capabilities, and has wide permission from the American people to exercise them. Indeed, it is a hallmark of deterrent programs that their existence is made public to put the bad guys on notice not to even try. Yes, there will be operational details we may not know—but we do not need to know so long as approval is sought and granted in general terms.
In sharp contrast to the national mood after 9/11, when the American people were—rightly or wrongly—prepared to give the government virtually all the tools it wanted, that is no longer the case. Today, pleas of necessity and good faith from the executive branch are met with skepticism, and moving legislation through Congress has proved extremely difficult. The cost of going it alone, it seems, has been a loss of the trust needed to govern, not of intelligence-gathering capability. And for that, we are all the poorer.
CONCLUSION: THE CHALLENGES OF DEMOCRATIC POLICING
As must be clear by now, achieving democratic and constitutional policing is not going to be easy. Moving policing to a democratic footing means fundamental change. That sort of change comes neither quickly nor easily. Still, there are promising signs from around the country that some policing agencies are endeavoring to engage with their communities over matters of policing policy and practice—and by doing so enhancing the legitimacy of, and public trust in, policing.
But here’s the challenge: even as we move toward democratic engagement around policing, we still have to pause and reassure ourselves that is the correct path. Because democracy itself is fraught with dysfunction. Democratic governance has bequeathed us a destructive war on drugs. Democratic institutions tend to act precipitously under pressure—which has been all too evident at times in the fight against terrorism. And, importantly, majority rule does not always bode well for the treatment of minorities, racial, religious, or otherwise. The majority tends to want lower crime rates, and doesn’t care who is inconvenienced—or worse—to get them.
The failings of democracy are so substantial that some might be skeptical of democratic policing altogether. In the end, though, what better option do we have, really? We have to move forward fully aware of democratic policing’s challenges, as well as its benefits. That’s what this concluding chapter is about.
Here’s one last story, to bring us home. This one ended well. Still it, and its ironic aftermath, underscore both the possibilities and the cautions of democratic policing, within a framework of constitutional law.
WHO WILL WATCH THE WATCHERS?
At 7:00 a.m. on April 8, 2010, Anthony Graber—a twenty-five-year-old systems network engineer and reservist in the Air National Guard—was asleep in his parents’ house in Abingdon, Maryland. He was recovering from two recent surgeries. His father, a twenty-six-year veteran of the Air Force, was already at work; his mom was up and getting ready to leave the house herself.1
Just then, the Maryland State Patrol came knocking, some five officers strong. They waved an unsigned copy of a warrant and proceeded to search the house for ninety minutes, going through closets and drawers. Before departing, they seized all the electronics from Graber’s room, including a video recorder, four computers, and an external hard drive. They were supposed to have arrested Graber as well, but in light of his medical condition he was allowed to turn himself in a week later, at which time he spent a night in a Baltimore jail cell before posting the $15,000 bail that was set to assure his appearance.2



