Show sidebar

Early Thoughts on the New NSA Disclosures

There’s going to be a lot to say in the coming days and weeks about the more-than-six dozen surveillance-related documents declassified and disclosed yesterday by the ODNI. This post is not meant as either the first or last word. Instead, I want to flag a couple of points that struck me in the three significant FISA Court opinions included within the disclosures: Judge Kollar-Kotelly’s opinion upholding the “internet metadata” collection program; Judge Bates’s opinion authorizing reinstatement of the internet metadata program; and Judge Walton’s opinion reacting to a host of compliance incidents, apparently under both the internet and telephony metadata programs. Although I make a few specific observations below the fold, let me offer off the top my three larger takeaways from these documents. First, on substance, the rationale for the internet metadata program is appallingly weak. Second, whatever its merits, that rationale appears to have informed the rationale for the bulk telephony metadata program–which was then relied upon to support reinstatement of the internet metadata program, a fairly obvious exercise in circular logic. Third, substance aside, it’s hard to miss the repeated allusions to, as Judge Bates put it, the “serious compliance problems that have characterized the government’s prior implementation of FISC orders”–which should provide only further reason to disagree with those who continue to argue that existing accountability mechanisms are sufficient to hold the government to the authorities Congress has provided.

I.  The Internet Metadata Program

With regard to the legal justification for the internet metadata program, I commend readers to Orin Kerr’s excellent (and terrifyingly fast) analysis over at Lawfare. Orin highlights, quite rightly, the “major problems” in Judge Kollar-Kotelly’s analysis, including her conflation of Fourth Amendment reasonableness analysis with the actual text of the pen-register/trap & trace authorities. As Orin concludes,

By imagining that the statute provides more protection than it does, and by then construing the ambiguity in the statute in the government’s favor, the FISC’s opinion ends up approving a program that Congress did not contemplate using privacy protections Congress did not contemplate either. The resulting opinion endorses a program that appears to be pretty far from the text of the statute.

There’s another point to flag about the internet metadata program, though: the whole predicate of the program appears to have been that it was “necessary” — so much so that the government even requested the power to use information that had been improperly obtained (per the Bates opinion). But then such a “necessary” program was shut down a couple of years ago because it apparently wasn’t providing anything of value. Either (1) the government found a better, still-secret way to obtain comparable information (rendering the internet metadata program moot); or (2) the government’s unsubstantiated assertions of “necessity” were, from the beginning, dramatically overstated. [See Jameel's post on this point in the context of the telephony metadata program.]

II.  The Circularity Problem

The substantive flaws in Judge Kollar-Kotelly’s analysis of the internet metadata program become particularly troubling when read alongside Judge Eagan’s much-discussed August 2013 opinion upholding the bulk telephony metadata program. Indeed, Judge Eagan appears to rely upon Judge Kollar-Kotelly’s reasoning, even though, so far as we can tell from the disclosed FISA Court filings, the government was no longer pursuing such an interpretation (if it ever had). And when the government proposed to make the internet program even more “bulk” than it had been before (if I’m reading this right, by adapting it to a more “non-targeted” form that does not have, as the version endorsed by Judge Kollar-Kotelly apparently did), “a high concentration of Foreign Power communications,” Judge Bates relies (see, e.g., page 74) on the intervening telephony metadata decisions as authority.

It’s not just that these analyses are circular (which they are); it’s that they’re about wholly different sets of statutory authorities, at least some of which were enacted at different times and with materially different language. There may be a not-yet-declassified opinion out there that justifies reading these authorities as in pari materia (as the FISA Court judges appear to assume they are), but (1) we haven’t seen it; and (2) I’m hard-pressed to see how such an analogy could be convincing. Simply put, the circularity of these analyses underscores not just the questionable quality of the FISA Court’s decisionmaking, but also the increasing extent to which that Court has had to depart from the text of the government’s statutory surveillance authorities to justify the programs the government is operating pursuant to those provisions.

III.  The Compliance Problems

Finally, even if folks aren’t as bothered as I am by the analytical shortcomings documented above, the Walton and Bates opinions provide yet further fodder for those concerned by the potential for government abuses of its (debatable) surveillance authorities–and its “frequent failures to comply with [the] terms” of the FISA Court’s prior rulings. There may well be explanations for each of the compliance incidents documented in the Walton and Bates opinions; that’s not the point. Instead, the larger message that comes through these newly disclosed opinions is the pervasiveness of compliance incidents, and the extent to which careful supervision by the FISA Court, while apparently able to produce some accountability in response to such incidents (as in the opinions released yesterday), simply does not seem to have mooted these concerns. That is to say, with every new FISA Court opinion responding to new compliance incidents, it becomes that much harder to trust that compliance concerns are ancient history.

*                                           *                                           *

In all, then, yesterday’s disclosures seem to only embolden calls for reform–of substantive surveillance authorities (where we should continue to scrutinize governmental claims of “necessity”); of the process before the FISA Court; and of the other oversight and accountability mechanisms that try to ensure that the government only exercises those authorities that Congress has actually provided.

Filed Under: , ,


About the Author

is co-editor-in-chief of Just Security. Steve is a professor of law at American University Washington College of Law. Follow him on Twitter (@steve_vladeck).