How can the US government possibly claim that its collection of the phone records of millions of innocent Americans is legal? It relies mainly on two arguments: first, that no one can have a reasonable expectation of privacy in their metadata and second, that the outcome is controlled by the so-called “third party doctrine,” which says that no one has an expectation of privacy in information they convey to a third party (such as telephone numbers dialed). We expect the government to press both of these arguments on November 4, before the D.C. Circuit Court of Appeals. We look forward to responding.
Oral argument will take place at 9:30 am at the D.C. Circuit Court at 333 Constitution Ave., NW, Courtroom 20, before Judges Sentelle, Williams and Brown. The public is welcome to attend.
A little context for EFF’s role in this case: EFF and ACLU filed an amicus brief in Klayman v. Obama on August 20, 2014. The case itself was first filed June 6, 2013, just one day after journalists began publishing information from the Snowden leaks, and it was the first challenge to the government’s “telephony metadata” collection. Judge Richard Leon of the District Court for the District of Columbia granted a preliminary injunction. The government appealed, Mr. Klayman cross appealed some issues, and now the case is headed to the Court of Appeals.
Judge Leon found that the government’s bulk collection of telephony metadata likely constitutes an unconstitutional search under the Fourth Amendment. We agree, and since the issue is so important, we weighed in on the case along with the ACLU and the ACLU of the Nation’s Capital. We asked the court for the right to participate in the oral argument, and the court agreed, giving us 10 minutes and also giving 10 minutes to another amicus, the Center for National Security Studies. Cindy Cohn will argue the case for EFF and ACLU.
Here’s what we’ll be saying on those two key points:
We want to ensure that the court recognizes that: “The call records collected by the government are not just metadata—they are intimate portraits of the lives of millions of Americans.”
The argument that the bulk collection of private information from millions of Americans is no big deal because it’s “just metadata” is a tired one. It’s been disproven by research—and it doesn't stand up to common sense. First, there’s no bright line. What is deemed “metadata” is often murky (such as subject lines and URLs) and context dependent—and not clearly distinguishable from content, which everyone agrees is protected by the Fourth Amendment.
Second, and more important, even without listening in on a conversation, metadata reveals private information—sometimes more than would be revealed by content.
We offer some examples where metadata is more revealing in our brief: people can “donate to charities by sending a text message…The metadata about these texts reveals that the subscriber has donated to a specific charity or cause, while the content of the message contains at most a donation amount.” Similarly, “an hour-long call at 3 A.M. to a suicide prevention hotline” could be very revealing. In fact, even a single piece of metadata could reflect an individual’s political or religious associations or mental health issues.
Consider a short-term study at Stanford that analyzed only a few months of telephony metadata from just 546 people focused partly on individual calls. The researchers found many calls that even in isolation could be revealing, such as a call to a political campaign, noting: “Many organizations have a narrow purpose, such that an individual call gives rise to sensitive inferences.” The study found “numerous calls within our dataset that give rise to these sorts of straightforward inferences.”
By contrast, the government is collecting huge amounts of metadata—by conservative estimates at least billions of call records. And as the Stanford study showed, these records are exponentially revealing in the aggregate: “A pattern of calls will often, of course, reveal more than individual call records. During our analysis, we encountered a number of patterns that were highly indicative of sensitive activities or traits.”
As important as the sensitivity of the information here is the fact that the potential sensitivity is exactly why the government wants the information. The government has emphasized repeatedly, in speeches and in legal briefs that it needs to collect so much metadata specifically so that it can analyze complete (or at least very big) datasets. That makes sense, since as we point out in our brief, this aggregation provides context and information to metadata, and allows analysts to create “social graphs” that map webs of relationships between individuals and groups. In fact, aggregated metadata could allow an analyst to determine “the membership, structure, or participants in organizations and movements like the NAACP, the Tea Party, or Occupy Wall Street . . .”
To compound the privacy invasion, metadata is highly structured, making it ideal for the kind of analysis that reveals highly personal information. It’s easier to review than the content of communications. And since the government’s argument is that all metadata is unprotected, it’s important not to consider it in a vacuum. As we note, metadata “is truly ubiquitous, created through the innumerable and near-continuous digital transactions and interactions attendant to modern life.”
The “Third Party Doctrine” is Not Controlling
After trying to convince the court that metadata just isn’t that revealing, the government says that the Fourth Amendment also doesn’t apply because we “voluntarily” turn over the numbers we dial to telephone companies—as if this wasn’t just an artifact of how the phones work and instead was some kind of individual choice we make. Because of this, the government argues, the situation is governed by the “third party doctrine,” the idea that people have no expectation of privacy in information they entrust to others.
That argument is almost as tired as the metadata claim and ignores the realities of modern life. The third-party doctrine comes from a 1979 Supreme Court case, Smith v. Maryland, which involved the collection of the phone numbers dialed by a criminal suspect over the course of three days using a rudimentary pen register. And as Judge Leon said in his opinion in the lower court:
“the Court in Smith was not confronted with the NSA’s Bulk Telephony Metadata Program. Nor could the Court in 1979 ever have imagined how the citizens of 2013 would interact with their phones.”
Judge Leon hits the nail on the head. As we point out, the issue in Klayman is not limited to collection of the numbers dialed by one individual suspected of criminal wrongdoing, over a very short period of time. The issue here is bulk collection—and sophisticated analysis—of the detailed telephone records of millions of people suspected of nothing at all.
We emphasize five significant points of difference in our brief:
- Scale: The program collects data for all or nearly all Americans, rather than one individual suspected of a serious crime.
- Duration: The current program captures years of data, while the pen register in Smith captured data for only three days
- Changes in telephone use: Use of the telephone has changed dramatically since 1979, when telephones were largely stationary devices shared among a number of users, with one number per household or organization. Today, as landline usage dwindles, mobile phones have become personal, not shared, devices that many people carry constantly with them and use dozens, if not hundreds, of times per day.
- Information collected: The phone records in this case include whether the call was completed, its duration, and other information rather than simply which numbers were being dialed, as in Smith.
- Individualized suspicion: The program does not collect information based on individualized suspicion of any sort, much less individualized suspicion of a crime.
These differences mean that it’s just not credible to try to cram the government’s gigantic, revealing telephone records collection into the narrow box of the Smith line of cases. As our brief notes, that's “a result unimaginable when Smith was decided and certainly not considered by the Court.”
In short, both the government’s metadata argument and its third-party doctrine argument are wrongly applied to massive telephone record collection. Moreover, both ask the court to ignore how we live today, with our “papers and effects” stored with third parties and metadata trailing our every move. Yet even with technological changes, we can and do have reasonable expectations that this information will remain private. We look forward to the court’s careful consideration of these and other points on Tuesday.