In a time of rapidly evolving surveillance technology and movements for reform across the U.S., intelligence and law enforcement agencies often take for granted that a 1970s view of how surveillance affects our rights still applies today. From that perspective, where monitoring of our cell phone activity is concerned, the government contends that it doesn’t intrude on our privacy if it grabs records of our calls and texts but not the content of our conversations.
But in the modern world of sophisticated data-mining tools, secretive government programs that gather such data on a large scale could be a great threat to our fundamental rights. As Congress in the coming months confronts massive call records surveillance that the National Security Administration (NSA) and Drug Enforcement Administration (DEA) can carry out, it should recognize this reality and end the dragnets.
Using today’s technology, the government could indefinitely store and search the phone data it collects, mine it and fuse it with other data for more intrusive and comprehensive insights into people’s lives, social networks and movements.
The NSA program, first revealed by Edward Snowden and conducted under Section 215 of the USA Patriot Act, reportedly has been discontinued in practice. However, the law remains on the books, meaning the NSA could revive its surveillance behemoth or create new ones. Congress should seize the opportunity presented by Section 215’s December renewal deadline to enact reforms.
House and Senate committees also should take a hard look at the large DEA programs the Justice Department’s inspector general harshly critiqued in a recent report.
In 1979, the U.S. Supreme Court addressed a purse-snatching case, Smith v. Maryland, in which the robber went on to make harassing phone calls to the victim. Police identified a suspect and — without a warrant — asked the telephone company to use a special device to log the numbers he dialed. The court decided this practice was constitutional, finding that by using a phone company’s services, we voluntarily disclose what numbers we call and lose any privacy interest in them.
However, the NSA’s and DEA’s massive programs do not involve agents sitting down with a list of numbers a specific suspect has dialed and analyzing them by hand — as illustrated by the NSA’s collection of more than 534 million phone records under Section 215 in 2017 and more than 434 million in 2018. Under the ongoing DEA Hemisphere program, a major U.S. phone company analyzes billions of its own records on the government’s behalf.
Two catalogs of surveillance software, one obtained by Human Rights Watch and another located online, highlight the possibility of sophisticated merging and mining of call records. The documents, “The Big Black Book of Electronic Surveillance,” appear to have been compiled as a guide to vendors attending an annual conference series aimed at intelligence and law enforcement agencies worldwide (commonly nicknamed the “Wiretappers’ Ball”) in 2016 and 2017. In a chapter on “advanced analytics,” the catalogs describe software they say governments can use to fuse and mine phone records, social media information, location data, vehicle records and other information about people.
The catalogs are not evidence that the U.S. government is applying such powerful data-mining software to the NSA or DEA phone records data, and Human Rights Watch has not sought to verify all the information they contain. However, they illustrate that such high-tech charting of nearly every aspect of our lives and relationships through data fusion is possible, and that tools for doing so are being marketed to agencies. Thanks to the Privacy and Civil Liberties Oversight Board, we do know the NSA has the power to “apply ‘the full range’ of signals intelligence analytic tradecraft” — which would include software tools — to mine call records and merge them with other data.
The risk of harm to our rights from a greater intrusion on our personal lives is real.
First, as the United Nations’ top human rights body has recognized, data about our communications can be just as revealing as the content of the conversations. Under the human right to privacy, the government’s collection of call records should be limited to what’s strictly necessary and subject to strong safeguards.
Second, the phone records programs, especially if combined with other data, pose risks to free expression and dissent.
In the early 1940s, as later fictionalized in the novel and film “Alone in Berlin,” Elise and Otto Hampel secretly dropped postcards with subversive messages, including pleas for a free press, throughout the German capital. Police gathered data about where and when these resistance activities happened, but were unable to catch up with the Hampels for two years. With today’s data fusion and mining technology, however, they may well have been able to identify the couple in a snap — for example, by combining information about where people lived, worked and had friends or relatives; who was connected to other known dissidents; and who had placed calls to a certain neighborhood before cards were found there.
If the possibility that U.S. agents could use their capabilities to behave oppressively seems far-fetched, readers should consider the troubled history of government surveillance aimed at the civil rights movement and other activists.
Congress should act on the understanding that records about our communications, alone and in combination with other information about us, raise serious rights concerns. If agents can use advanced techniques to fuse and mine different types of data, this is an indispensable part of the picture — and is one excellent reason among many to halt the programs.