Finally we know, legally speaking, why the US thinks it's just fine and dandy to collect metadata relating to whom we call, who calls us, how long we talk, and maybe even where we're talking from.
The rationale will likely sound familiar to those who've been following ongoing news concerning National Security Agency (NSA) surveillance.
It boils down to a landmark case from 1976 - Smith v. Maryland - in which the Supreme Court ruled that calling a telephone number necessarily involves disclosing the number to a third party - i.e., the phone company.
Because the number was disclosed during the phone call, the number's not private, the Supreme Court held, and the government can have easy access to the call records.
This is the origin of the "third-party doctrine". The logic has, in the case of the NSA arranging metadata downloads from Verizon et al., been ported over to the idea of demanding massive amounts of phone metadata.
The rationale has been secret until now.
It was unveiled for the first time on Tuesday and published on the website for the nation's most secret court, the Foreign Intelligence Surveillance Court (FISC), as reported by Ars Technica's Cyrus Farivar.
As Farivar writes, the 46-page opinion [PDF], authored by Judge Claire Eagan, was written on 29 August but not published until this week.
The unveiling of the legal rationale comes after FISC Judge Reggie Walton ordered the Government to conduct a declassification review of such decisions and related orders in the wake of Edward Snowden having leaked documents and thereby set in motion a firestorm over the National Security Agency's (NSA's) extensive surveillance program.
In her opinion, Justice Eagan explains why the Fourth Amendment to the US Constitution, which prohibits unreasonable searches, doesn't pertain in the case of the metadata sharing program:
The telephone user, having conveyed this information to a telephone company that retains the information in the ordinary course of business, assumes the risk that the company will provide that information to the government. Thus, the Supreme Court conclude that a person does not have a legitimate expectation of privacy in telephone numbers dialed, and there, when the government obtained that dialing information, it "was not a 'search'", and no warrant was required.
. . .
Put another way, where one individual does not have a Fourth Amendment interest, grouping together a large number of similarly situated individuals cannot result in a Fourth Amendment interest springing into existence ex nihilo. [Ed. a Latin phrase meaning "out of nothing".]
In sum, because the Application at issue here concerns only the production of call detail records, or "telephony metadata" belonging to a telephone company, and not the contents of communications, Smith v. Maryland compels the conclusion that there is no Fourth Amendment impediment to the collection. Furthermore, for the reasons stated in [REDACTED] and discussed above, this Court finds that the volume of records being acquired does not alter this conclusion. Indeed, there is no legal basis for this Court to find otherwise.
Farivar's article is well worth the read, particularly given his analysis of whether the third-party doctrine on which Eagan bases her opinion might actually be starting to wobble.
As he explains, no telecomms company has to date challenged the legality of a FISC order.
Were Verizon, for one, to actually do so, it could well be bolstered by a January 2012 Supreme Court decision in the US v. Jones case, wherein the court ruled that law enforcement lacked the right to warrantlessly place a GPS tracking device on a suspect's vehicle.
Justice Sonia Sotomayor wrote in that case that it well might be time to review the third-party doctrine:
...It may be necessary to reconsider the premise that an individual has no reasonable expectation of privacy in information voluntarily disclosed to third parties.
Is change in the air? Is the climate ripe for a shift in legal thinking on issues of the legality of NSA surveillance?
Let us know your thoughts in the comments below.Follow @NakedSecurity