Skip to content
by
  • Products
  • Free Tools
  • Search
  • Free Sophos Home
XG Firewall
Next-Gen Firewall
Intercept X
Next-Gen Endpoint
  • Sophos Cloud Optix
  • Sophos Central
  • Sophos Mobile
  • Intercept X for Server
  • Secure Wi-Fi
  • Phish Threat
  • SafeGuard Encryption
  • Secure Email
  • SG UTM
  • Secure Web Gateway
For Home Users

Sophos Home protects every Mac and PC in your home

Learn More
Free Security Tools
Free Trials
Product Demos
Have you listened to our podcast? Listen now

NSA metadata collection is illegal, rules US court

08 May 2015 6 Law & order, Privacy

Post navigation

Previous: Apple updates Safari on OS X, fixes critical flaws
Next: The USBKILL anti-forensics tool – it doesn’t do *quite* what it says on the tin
by Lee Munson

NSA. Image courtesy of Carsten Reisinger/ShutterstockA US federal appeals court has ruled that the National Security Agency’s (NSA’s) bulk, warrantless collection of phone records is illegal.

The unanimous decision from the three-judge panel of the Second US Circuit Court of Appeals in New York represents a major victory for opponents of the NSA and its surveillance activities and comes as Congress debates whether to extend or curb the soon-to-sunset legislation that underpins the data collection program.

The appeal court’s ruling undermines many of the legal theories employed by the US government to expand surveillance following the September 11 2001 terror attacks.

While the judges did not rule on whether the NSA program violated privacy rights granted by the US Constitution, they did rule that the wording of the Patriot Act was not sufficient to justify the massive collection of data seen under the Bush and Obama administrations.

In their 97-page ruling the judges wrote:

The statutes to which the government points have never been interpreted to authorize anything approaching the breadth of the sweeping surveillance at issue here. The sheer volume of information sought is staggering.

The ruling will not affect the NSA’s international surveillance efforts but it will go some way in curtailing the agency’s domestic telephone metadata program – which came to light in 2013 when former NSA contractor Edward Snowden leaked documents detailing how the agency was collecting lists of phone numbers called, along with details of the time and duration of each call – in order to aid in the detection of terror suspects.

Though the NSA does not collect the content of the phone conversations, the all-encompassing collection of metadata, the judges noted, was far beyond the original intent of Section 215 of the Patriot Act:

If the government is correct, it could use § 215 to collect and store in bulk any other existing metadata available anywhere in the private sector, including metadata associated with financial records, medical records, and electronic communications (including email and social media information) relating to all Americans.

Such expansive development of government repositories of formerly private records would be an unprecedented contraction of the privacy expectations of all Americans.

The Patriot Act itself was already under threat before this ruling as lawmakers continue to debate Section 215 which is due to expire under a sunset clause on 1 June.

US politicians have already suggested the USA Freedom Act as a possible alternative – it would retain some elements of the Patriot Act while ditching the metadata collection program – hence making this latest decision moot, as noted by the judges:

On April 30, 2015, a modified version of the USA FREEDOM Act, which would limit the bulk metadata program in various ways, was passed by the House Judiciary Committee, see USA FREEDOM Act of 2015, H.R. 2048, 114th Cong. (2015), and a vote in that Chamber is expected later this month.

This latest ruling follows yesterday’s reports that the German government has “drastically reduced” the level of co-operation between its own intelligence agency, the BND, and the NSA.

The union between the BND and the NSA is said to have been in place for at least ten years but is now being re-evaluated as it seems the NSA went far beyond the scope of the 2002 agreement between the two countries on which the co-operation is based.

Image of NSA courtesy of Carsten Reisinger / Shutterstock.com.

  • Follow @NakedSecurity on Twitter for the latest computer security news.

  • Follow @NakedSecurity on Instagram for exclusive pics, gifs, vids and LOLs!

Free tools

Sophos Firewall Home Edition

Boost your home network security.

Sophos Scan & Clean

Free second-opinion scanner for PCs.

Sophos Cloud Optix

Monitor 25 cloud assets for free.

Post navigation

Previous: Apple updates Safari on OS X, fixes critical flaws
Next: The USBKILL anti-forensics tool – it doesn’t do *quite* what it says on the tin

6 comments on “NSA metadata collection is illegal, rules US court”

  1. Anonymous says:
    May 8, 2015 at 2:56 pm

    Doesn’t matter now anyway as the data the NSA have they will always have even if they had a court order to remove it all.
    They’ll have it backed up in several other locations that no one knows about apart from the people that need to know.
    The NSA don’t care about the law…they have already proven that!

    Reply
    • brianc6234 says:
      May 8, 2015 at 6:16 pm

      They can’t use it in a court case so it’s worthless. Hard to believe anyone would support what the NSA was doing though. It goes against the laws the US already had. This government wants to do whatever they want and they don’t care if they break the law.

      Reply
  2. Jj says:
    May 8, 2015 at 3:58 pm

    This is all well and good, but you cannot prosecute people who are above the law..

    Reply
  3. windridgepta15 says:
    May 8, 2015 at 6:54 pm

    At least now, the US federal court is able to recognize that the “Patriot Act” is not enough to justify NSA”s program “Domestic Surveillance Program” illegal activities. I think, that one major problem between NSA’s Domestic Surveillance Program and the people who are fighting for privacy right (e.g Stop Watching us) is communication between those two parties.

    Reply
  4. Jack Wilborn says:
    May 8, 2015 at 10:23 pm

    Knowing our system, they will reach some agreement that lets them keep going the way they are going, with very little change. When our system allows the Government to singly address a court to allow without any kind of counter able to speak for the citizens, we are at a loss to ‘our’ government.

    We are moving so far from our founding fathers system that it will be very hard to recover. I don’t know what use most of this when after about 15 days the data is so old that it’s probably useless, unless added to other meta-data and massaged.

    They will keep it and nothing will change.

    Jack

    Reply
  5. Unknown Soldier says:
    June 10, 2015 at 2:40 am

    This data is a very valuable political tool. Think Denny Hastert. If info on his coaching were available to someone like Clinton at an opportune time, there may not have been an impeachment. Coming from the other direction, maybe Clinton wasn’t convicted because of info like this. Metadata can be used to scour such details. And how do we know they aren’t warehousing message and phone call content? The IRS sure cooperated with O’s political schemes, why not the NSA? How do we know some lowley troubled tech in the NSA can’t be coerced?

    Reply

Leave a Reply to Jack Wilborn Cancel reply

Recommended reads

May01
by Paul Ducklin
32

Apple delivers first-ever Rapid Security Response “cyberattack” patch – leaves some users confused

Apr20
by Paul Ducklin
15

S3 Ep131: Can you really have fun with FORTRAN?

Mar24
by Paul Ducklin
1

WooCommerce Payments plugin for WordPress has an admin-level hole – patch now!

  • About Naked Security
  • About Sophos
  • Send us a tip
  • Cookies
  • Privacy
  • Legal
  • Intercept X
  • Intercept X for Server
  • Intercept X for Mobile
  • XG Firewall
  • Sophos Email
  • Sophos Wireless
  • Managed Threat Response
  • Cloud Optix
  • Phish Threat
© 1997 - 2023 Sophos Ltd. All rights reserved. Powered by WordPress VIP