by CHHS Extern Jiah Park
In 2013, Edward Snowden, a former Central Intelligence Agency (CIA) employee and former employee of Booz Allen Hamilton, a National Security Agency (NSA) contractor, leaked information regarding the United States’ (U.S.) government’s surveillance practices, which were used on both its own citizens and foreign individuals. Through different programs, the NSA collected both content and metadata of private communications. Notable programs include PRISM, governed by Section 702 of the Foreign Intelligence Surveillance Act (FISA), and the telephone records program, conducted pursuant to Section 215 of the United and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism (USA PATRIOT) Act.
Under PRISM, the government can obtain a FISA order from a Foreign Intelligence Surveillance Court (FISC), requiring an Internet services provider to disclose the contents of communications of a foreign individual. However, FISA orders are not search warrants under the Fourth Amendment, which require probable cause, and do not require a showing of probable cause that the target of the surveillance committed a crime. In fact, there is no requirement that the government have a reasonable suspicion that the target is involved with terrorist activities. Rather, the government must establish only that “a significant purpose of the acquisition is to obtain foreign intelligence information.”
Although PRISM “has not been as controversial  in the U.S., because it does not target Americans, . . . some content from Americans’ communication gets caught in the dragnet.” The program collects private communications of Americans “incidentally” when Americans communicate with foreign targets. Furthermore, according to Section 702 of FISA, FISA orders may be authorized to “target[ ] persons reasonably believed to be located outside the United States.”
Despite outcry from privacy advocates, PRISM, which was set to expire, was renewed in January 2018.
Another controversial surveillance method is the phone records program, in which the NSA collects metadata in bulk from telecommunications companies. Metadata includes information such as when you made the call, whom you called, the duration of the call, and all the same information if you received a call.
Although seemingly less invasive than disclosing the contents of a call, metadata can be just as, if not more useful to the government. While “content generally requires labor-intensive human analysis to become meaningful to the intelligence agencies,” metadata can be analyzed by a computer, “easily provid[ing] a complete [profile] of all your personal associations and interests,” says Shayana Kadidal from the Center for Constitutional Rights. This profile can be so detailed, it can be more informative than the content of the communication itself. Additionally, this metadata is collected in bulk, meaning that, in the program’s original form, which was authorized by the USA PATRIOT Act, phone companies had to disclose all logs they collected about all customers. However, in 2015, Congress passed the Uniting and Strengthening America by Fulfilling Rights and Ending Eavesdropping, Dragnet-collection, and Online Monitoring (FREEDOM) Act, which renewed many portions of the USA PATRIOT Act that were set to expire, but with limits concerning bulk collection, due to backlash from the Snowden leaks. Under the FREEDOM Act, phone companies no longer have to automatically provide the government with all of their records. Instead, phone companies retain their records, and the NSA may request access to the records from a FISC under a “reasonable articulable suspicion” standard.
The Freedom Act has decreased the number of records collected, but the NSA still collects hundreds of millions of records per year—151 million call records in 2016 related to 42 terrorism suspects, and 534 million call records in 2017 related to 40 suspects.
Although PRISM is still in effect, portions of the USA PATRIOT Act that authorize metadata collection are set to expire in December 2019, and the NSA is considering allowing its expiration because the program lacks operational value, according to people familiar with the matter.
Furthermore, technical issues may have resulted in the unauthorized collection of information, forcing officials to “purge hundreds of millions of call and text logs [from the agency’s database that] it got from phone companies . . . .”
According to a podcast segment with Luke Murray, a national-security adviser for Republican congressional leadership, the program has not been used in six months and the NSA may not seek renewal of the portions of the USA PATRIOT Act that authorize it. Lack of use of the program and lack of interest in preventing its expiration seriously undermines the NSA’s previous claims that metadata collection is vital to national security.
However, deliberations are still in the early and informal stages, and earnest debate is not expected to begin until the fall. Furthermore, any final decision about whether to end the program would be made by the White House. Nevertheless, there are a multitude of reasons that support nonrenewal.
In 2014, the Privacy and Civil Liberties Oversight Board (PCLOB) released a report regarding the phone records program. In its report, the PCLOB recommended that the government end the program, in part due to the fact that the program has not contributed in a demonstrable way to the effort to safeguard the nation from terrorism. Out of fifty-four counterterrorism events in the summer of 2013, only twelve incidents involved the use of the 215 program. The PCLOB found that the program primarily provides value to the NSA in two ways, both of which relates to information already known by law enforcement. Furthermore, the PCLOB could not identify “a single instance involving a threat to the United States in which the telephone records program made a concrete difference in the outcome of a counterterrorism investigation.”
In any case, in instances in which phone records may be necessary to an investigation, there are alternative methods by which the government may gain access to the records, such as court orders, subpoenas, and national security letters (“NSL”), authorized by the Electronic Communications Privacy Act (“ECPA”). In addition, technological changes and advancements have also made the program less useful since its introduction, such as the major shift from landline to cellular technology.
Finally, the program has serious implications on peoples’ privacy and civil liberties. As mentioned above, metadata has the ability to “reveal intimate details about a person’s life, particularly when aggregated with other information and subjected to sophisticated computer analysis.” Permitting the government to collect such data “fundamentally shifts the balance of power between the state and its citizens.”