Does the Fourth Amendment regulate the NSA’s analysis of call records? The FISC might have ruled it does.

A striking (and underreported) feature of the NSA’s recently-revealed surveillance programs is the government’s claim that there is judicial oversight of the analysis and querying of telephony metadata acquired under the program.  As Orin Kerr pointed out last week, the DNI’s statement about the NSA programs states that a court-imposed reasonable suspicion standard governs government “queries” into call records collected from Verizon and other providers:

By order of the FISC, the Government is prohibited from indiscriminately sifting through the telephony metadata acquired under the program. All information that is acquired under this program is subject to strict, court-imposed restrictions on review and handling. The court only allows the data to be queried when there is a reasonable suspicion, based on specific facts, that the particular basis for the query is associated with a foreign terrorist organization. [My emphasis.]

This judicially enforced standard—which some commentators appear to have overlooked—could, in theory, impose practical limitations on the government’s access to private information from call records collected by the NSA.  The DNI’s description suggests that before government agents can query those records, they must comply with a court-imposed standard that requires specific facts reasonably tying the query to data associated with a foreign terrorist organizations. I’m speculating on the specifics of the standard here; the language is ambiguous, including [as discussed in the comments to this post] as to whether the FISC approves queries ex ante or reviews them ex post, if at all.

Details aside, the statement suggests that while the collection of telephony metadata is indiscriminate, its analysis is circumscribed and is overseen by the FISC.  Indeed, the reasonable suspicion standard described by the DNI is the same legal standard used to limit law enforcement discretion in other contexts.

That is not to say that a “downstream” reasonable suspicion standard is, by itself, sufficient to protect legitimate privacy interests. It may not be; and whether it is may depend on a variety of facts we don’t know, including how “queries” are constructed, the specific application of the reasonable suspicion standard in this context, and the FISC’s process in overseeing queries. Still, commentators writing about the NSA programs should not leave out this crucial feature, which suggests the NSA’s surveillance of telephony metadata is something less than indiscriminate.

* * *

Assuming the DNI’s statement is correct, what is the basis for the FISC regulating downstream queries into telephony metadata? One possibility is that the downstream restrictions were imposed as an application of the ‘reasonable grounds’ and ‘minimization’ requirements of 50 USC 1861. But those provisions, on their face, do not seem to require a court to impose a separate reasonable suspicion standard for processing evidence after it is collected and stored by the government.

Another possibility, based on the little information we have, is that the FISC imposed additional downstream restrictions as an application of the Fourth Amendment–perhaps in conjunction with FISA’s minimization requirements. Such an application of the Fourth Amendment would be novel, and would have broad-ranging implications for the regulation of government investigations, which increasingly consists in the analysis and “mining” of large stores of data.  It would not, however, be implausible.

To be sure, applying the Fourth Amendment to the downstream analysis of telephony metadata would be a departure from the Supreme Court’s third party doctrine cases–particularly Smith v. Maryland, which held that call records receive no Fourth Amendment protection.  Under prevailing understandings, once a person’s telephone records are “exposed” (here, to the third party telephone providers) and collected (here, by the NSA) the subsequent manipulation or analysis of those records would not be subject to the Fourth Amendment.

But the unique circumstances in this case might well have led the FISC to apply a different balance than in traditional law enforcement contexts.  These unique circumstances include the massive, ongoing scale of the government’s information collection, the revealing nature of today’s telephony metadata as compared to the call records at issue in the Supreme Court’s previous decisions, and the heightened national security concerns in terrorism investigations.  Put together, these circumstances may plausibly lead a court to reach the type of compromise position the FISC appears to have reached here: allowing the government to collect telephony metadata, but restricting the way that data is subsequently analyzed and accessed.

Indeed, legal scholars (starting with Harold Krent’s 1995 piece on the subject) have long argued that Fourth Amendment protections should, where necessary, extend to post-collection manipulation or analysis of evidence; i.e., that the Fourth Amendment can impose “use restrictions.” Arguments along these and similar lines have gained additional traction of late, likely due to the increasing practice of government agencies aggregating and storing evidence in massive databanks for later analysis.  (See, for instance, this paper from CoOp’s Danielle Citron, co-authored with David Gray, and this working paper from Peter Swire and Erin Murphy.  I also workshopped a short paper on this issue at this year’s PLSC, which I am happy to share with interested CoOp readers.  Feel free to add additional relevant references in the comments).

These arguments are novel, but they are not purely academic. The Supreme Court’s seminal Fourth Amendment cases—from Katz, Kyllo and Jones, to Walter v. United StatesUnited States v. Jacobsen, and the Court’s special needs cases—provide a plausible foundation for extending Fourth Amendment protections past the point of collection, to the downstream analysis and processing of evidence, where necessary to protect Fourth Amendment interests.  There is even support for this expansion of Fourth Amendment principles in two of the Court’s recent less-than-privacy-friendly decisions: Aclu v. Clapper and Maryland v. King.  I hope to discuss these cases, along with other Supreme Court authority that might support the FISC’s application of a reasonable suspicion standard to the analysis of telephony metadata, in more detail in a later post.

[UPDATE: Added a reference to the applicability of 50 USC 1861.]

[UPDATE: Based on comments below, modified discussion of standard to account for ambiguity in Director Clapper’s statement].


You may also like...

11 Responses

  1. Orin Kerr says:

    It seems very unlikely to me that the FISC ruled that the Fourth Amendment applies to call records. As you say, it would be very hard to square such a ruling with Smith. As I see it, it’s much more likely that they either have a theory that reads that standard into the statute or else it was imposed as a way to effectuate the minimization requirement.

  2. Babak Siavoshy says:

    Orin, thanks for your comment.

    I agree this could be the FISC’s interpretation or application of FISA’s “reasonable grounds” or minimization requirements, including those under 50 USC 1861.

    But the FISC would have to ensure those provisions are consistent with the Fourth Amendment. As you noted in your post, the broadest reading of 50 USC 1861–allowing the ongoing collection of all telephony metadata–is hard to swallow. Smith notwithstanding, it’s not implausible a court would strike down this broad reading of the provision as unconstitutional — unless, perhaps, the government’s discretion was limited through downstream minimization requirements like the one imposed here. If so, that would bring the government’s post-collection conduct within the scope of Fourth Amendment analysis.

    This is all speculation, of course. Until the government releases some of the FISC’s legal analysis we won’t know for sure.

  3. Orin Kerr says:

    Based on what theory of the Fourth Amendment, though? They would need to be very creative in their reinterpretation of the Fourth Amendment to get there. That’s possible, but it seems pretty unlikely.

  4. The title and premise of this post to me seem misguided. The Fourth Amendment deals in “probable cause.” Even if the FISC somehow pulled a “reasonable suspicion” standard out of its rear end, that’s not the same as a Fourth Amendment warrant requirement. When one speaks of “reasonable suspicion,” you’re talking about a court-created EXCEPTION to the Fourth Amendment.

    Since all the legal justifications are secret we can only speculate. However we do know that they never turn down queries so whatever standard is being applied exists in name only. In practice it doesn’t appear to be much of a barrier to the data’s use.

    Given that the NSA has lied to Congress about this data being gathered in the first place, it wouldn’t surprise me if the hokum about “reasonable suspicion” is just a public relations ploy with no basis in reality. Orin’s right there’s no rational basis for applying a Terry-frisk standard under these circumstances.

  5. Joe says:

    “Given that the NSA has lied to Congress about this data being gathered in the first place”

    What does this reference specifically?

  6. Babak Siavoshy says:

    Orin, thanks for your comment.

    I don’t think it would be so far of a reach for courts to test minimization procedures against the Fourth Amendment in this context. The Supreme Court’s special needs cases are a good analogue — when the Supreme Court has allowed dragnet (that is, suspicionless) government drug-testing programs, its holding has restricted the government’s subsequent analysis and use of the blood and urine samples collected pursuant to the programs. We’ve also seen language to this effect in the law enforcement context, in the recent Maryland v. King, albeit in dicta.

    Similarly, in ACLU v. Clapper (again responding to allegations of dragnet surveillance) the Supreme Court held plaintiffs could not meet standing requirements as part of their allegations of Fourth Amendment harm in part because, “critically, the [FISC] must also assess whether the Government’s targeting and minimization procedures comport with the Fourth Amendment.” The Court did not suggest these procedures are limited to pre-collection procedures.

    To my mind, these and other cases suggest that, when faced with a suspiconless collection regime it wants to approve, the Supreme Court is willing to look more broadly at the government’s conduct, including by requiring post-collection minimization procedures, in addressing Fourth Amendment concerns. (Dicta in Whalen v. Roe also suports this position).

    Smith v. Maryland is a different issue. It’s true, of course, that applying the Fourth Amendment to telephony metadata would require a departure from Smith v. Maryland. The question, for me, is whether that’s unlikely development, given the changing nature of police investigations/technology and the unique circumstances of this case.

    I don’t think it is. I still remember Justice Roberts’ first question when government attorneys started their argument in Jones with a reference to Knotts and Karo: ‘That was 30 years ago, the technology is very different, you get much more information from GPS surveillance than you do from a beeper.’

    That is just to say that anytime courts carves new rules to address changing technology they are being “very creative.” I don’t think you disagree this does and should happens — your recent piece on cell phone searches incident to arrest would also require a departure from traditional Fourth Amendment understandings. (My sense is that courts will ultimately apply additional Fourth Amendment protections in that context as well).

    As I explained in my post, I think the differences between the conduct and evidence collected in Smith and the conduct and evidence collected here are sufficient to lead a court to deviate from the Smith standard. And I think there is enough leeway in the Court’s past cases to allow such a deviation without going too far into the unknown. I’m hoping to write a bit more about this in my next post, though it may be a few days.

  7. Babak Siavoshy says:

    Gritsforbreakfast, I appreciate your comment. I agree the reasonable suspicion standard is an exception to the probable cause and warrant requirements, but I wouldn’t characterize it as an exception to the Fourth Amendment. If there were no Fourth Amendment, there would be no reasonable suspicion standard.

  8. Howard Gilbert says:

    It is not clear that these records have been “collected” by the government in the same way as records obtained in response to a particular request. Instead, it appears that the NSA is allowed by the FISC to transfer raw data from the phone companies to NSA computers where it is prepared for later processing. This data is, in a sense, in escrow and has not yet been released by the FISC. Subsequently the prepared data can be queried in accordance with specific FISC approved inquiries or in an emergency can be released by the AG as provided in FISA. If you get a hot lead and every second counts, you cannot wait 72 hours to put the paperwork together, serve the companies, extract the data, load it into computers, and only then run the queries.

  9. Paul Ohm says:

    You say that, “The DNI Director’s description suggests that before government agents can query those records, they must persuade an Article III judge that there are specific facts reasonably tying the query to data associated with a foreign terrorist organizations.” But is that correct? I read Director Clapper’s statement to be saying that the FISC approved the procedures and required a use restriction based on the reasonable suspicion standard, but nothing I’ve read suggests that the FISC plays any role on a per query basis.

    The statement goes on to say that the program is “overseen” by DOJ and the FISC and reviewed by the FISC every 90 days. But, reading between the lines, I’m guessing that analysts query the data when they have reasonable suspicion without any subsequent judicial involvement. Let’s hope they are at least required to go up ODNI’s management chain, which may provide a little comfort.

  10. Joe says:

    Per my question, Prof. Adler etc. (Volokh Conspiracy) has talked about what seems to be the issue. Hard to keep track at times. As to Smith, like Justice Sotomayor (Jones, concurring), I am wary of the third party doctrine. At the very least, I think statutory protections are important here for “reasonableness” purposes. So, if that is where some limited restraint is being read into the process, good.

  11. Babak Siavoshy says:

    Paul, thanks for your comment.

    I agree the DNI’s language (“the Court only allows”) could be read as you say — though of course we cannot know for sure without more information. Even so, I assume (or hope) that the FISC’s periodic review of the program includes an ex-post, if not ex-ante, review of individual queries to ensure they were compliant.

    This highlights a deeper concern with FISC proceedings, which makes them far less protective than reviewing courts in the traditional law enforcement context: Since the evidence collected through NSA surveillance is not typically used in criminal proceedings, there are few opportunities for adversarial, ex-post, challenges to the FISC’s evidentiary determinations. This means surveillance proceedings lack one of the most important mechanisms in traditional law for refining and correcting judicial error. The Jewel case, currently before the N.D.Cal, will determine whether civil challenges can be used to fill some of this vacuum.

    In any case, I’ve slightly modified my description to account for the ambiguity you pointed out, with a note for the update.