Justice Department Subpoena of AP Journalists Shows Need to Protect Calling Records
Today the Associated Press reported that the Department of Justice has collected the telephone calling records of many of its reporters and editors. By obtaining these records, the DOJ has struck a terrible blow against the freedom of the press and the ability of reporters to investigate and report the news. As James Madison understood, "a popular government without popular information or the means of acquiring it is but a prologue to a farce or tragedy, or perhaps both." AP had it right when it told Attorney General Holder that it was "a serious interference with AP’s constitutional rights to gather and report the news."
The DOJ's decision to dive deep into these call records also shows the growing need to update our privacy laws to eliminate the outmoded Third Party Doctrine and to recognize that datamining has now reached the point where it no longer makes sense to treat calling records and other metadata related to our communications as if they aren't fully protected by the Constitution.
According to the AP, "the records obtained by the Justice Department listed outgoing calls for the work and personal phone numbers of individual reporters, for general AP office numbers in New York, Washington and Hartford, Conn., and for the main number for the AP in the House of Representatives press gallery." In all it included more than 20 telephone lines from April and May 2012.
While the government has not confirmed, the subpoenas appear to stem from an investigation into a government leak of information to the AP. This is not a sufficient excuse. Imagine if "Deep Throat," the informant critical to Woodward and Bernstein's investigation of the 1972 Watergate burglary, knew that his identity could be obtained through legal process. His career, and perhaps his life, would have been in serious jeopardy, and a cautious individual would have kept silent.
The widespread collection of information, as well as the apparent delay in notifying AP, both appear to be yet another violation the government's own regulations, 28 C.F.R. sec. 50.10. In 2010, the DOJ Inspector General reported on three other violations, involving the Washington Post and New York Times. The regulations require that, "wherever possible" subpoenas of records of the news media should be "directed at material information regarding a limited subject matter, should cover a reasonably limited period of time and should avoid requiring production of a large volume of unpublished material."
None of those limits appear to have been observed here. It seems impossible to imagine how a subpoena for all the records of call to and from AP's main switchboard, for example, is as narrowly tailored as the law required. Importantly, the regulations anticipate negotiation with the news media prior to subpoena, which also didn't occur. And in any event the regulations require notification to the news media within 45 days of any receipt of any information, with another 45 days possible with additional authorization. Since the timeframe of the records is a year ago, it seems likely that the government did not abide by this regulation either. While the regulations do not allow a lawsuit, violations of them can be grounds for discipline for governmental officials.
It is disturbing enough that the government appears to have violated its own regulations for subpoenas to the news media. However, this revelation also shows that we have a severe problem in protecting the privacy of our communications. It is critical to update our privacy laws and our understanding of the Constitution, and reflect the realities of what law enforcement can determine from our records and other metadata about our communications stored with our communications providers, be they phone companies, ISPs or social networks.
First, the third party doctrine is wholely inadequate for protecting privacy in the modern era. Citing this doctrine, the government consistently argues that any information given to a third party—like a phone company—has no Constitutional protection. Here, it's clear that the government was able to get the calling record information, secretly and in large quantities, because it didn't have to go to AP to get it. Instead, it went to the phone companies, who have little incentive to stand up for their customers and who may not have even realized that the information pertained to news media and so was protected by an extra regulation.
Justice Sotomayor recognized the growing problem with the third party doctrine in the recent U.S. v. Jones Supreme Court case, and signaled that it's the time that the Fourth Amendment caselaw be updated:
People disclose the phone numbers that they dial or text to their cellular providers, the URLS that they visit and the e-mail addresses with which they correspond to their Internet service providers, and the books, groceries and medications they purchase to online retailers . . . I would not assume that all information voluntarily disclosed to some member of the public for a limited purpose is, for that reason alone, disentitled to Fourth Amendment protection.
Second, this incident underscores that government access to records—information about our communications and movements over time—does impact our privacy. AP President Pruitt noted: "These records potentially reveal communications with confidential sources across all of the newsgathering activities undertaken by the AP during a two-month period, provide a road map to AP's newsgathering operations, and disclose information about AP's activities and operations that the government has no conceivable right to know." This sentiment was echoed by the Appellate Court in the Jones (then called U.S. v. Maynard) case in the context of GPS information: "A person who knows all of another travels can deduce whether he is a weekly church goer, a heavy drinker, a regular at the gym, an unfaithful husband, an outpatient receiving medical treatment, an associate of particular individuals or political groups and not just one such fact about a person, but all such facts."
Overall, this revelation of government's secret access to huge amounts of calling records as part of its leak investigation should not be such a surprise. The DOJ has long maintained that no one has any privacy interests in their call data records and has also engaged in unprecedented and aggressive prosecutions around government leaks.
But it should sound a wake-up call for the rest of us, including members of Congress and the courts. Government datamining of Americans' calling records and other metadata held by phone companies and ISPs should require more than a mere subpoena and should be protected by more than a hortatory regulation, whether the target is the news media or an ordinary citizen. Whether we get there by legislation or by updating our understanding of the Constitution to reflect the power of datamining to reveal the content of our "papers," we need to get there soon. Because it's clear that the DOJ remains firmly headed in the opposite direction.
Recent DeepLinks Posts
Feb 9, 2016
Feb 9, 2016
Feb 8, 2016
Feb 5, 2016
Feb 3, 2016
- Fair Use and Intellectual Property: Defending the Balance
- Free Speech
- Know Your Rights
- Trade Agreements and Digital Rights
- State-Sponsored Malware
- Abortion Reporting
- Analog Hole
- Anti-Counterfeiting Trade Agreement
- Bloggers' Rights
- Broadcast Flag
- Broadcasting Treaty
- Cell Tracking
- Coders' Rights Project
- Computer Fraud And Abuse Act Reform
- Content Blocking
- Copyright Trolls
- Council of Europe
- Cyber Security Legislation
- Defend Your Right to Repair!
- Development Agenda
- Digital Books
- Digital Radio
- Digital Video
- DMCA Rulemaking
- Do Not Track
- E-Voting Rights
- EFF Europe
- Encrypting the Web
- Export Controls
- FAQs for Lodsys Targets
- File Sharing
- Fixing Copyright? The 2013-2016 Copyright Review Process
- Genetic Information Privacy
- Hollywood v. DVD
- How Patents Hinder Innovation (Graphic)
- International Privacy Standards
- Internet Governance Forum
- Law Enforcement Access
- Legislative Solutions for Patent Reform
- Locational Privacy
- Mandatory Data Retention
- Mandatory National IDs and Biometric Databases
- Mass Surveillance Technologies
- Medical Privacy
- National Security and Medical Information
- National Security Letters
- Net Neutrality
- No Downtime for Free Speech
- NSA Spying
- Offline : Imprisoned Bloggers and Technologists
- Online Behavioral Tracking
- Open Access
- Open Wireless
- Patent Busting Project
- Patent Trolls
- PATRIOT Act
- Pen Trap
- Policy Analysis
- Public Health Reporting and Hospital Discharge Data
- Reading Accessibility
- Real ID
- Search Engines
- Search Incident to Arrest
- Section 230 of the Communications Decency Act
- Social Networks
- SOPA/PIPA: Internet Blacklist Legislation
- Student and Community Organizing
- Student Privacy
- Stupid Patent of the Month
- Surveillance and Human Rights
- Surveillance Drones
- Terms Of (Ab)Use
- Test Your ISP
- The "Six Strikes" Copyright Surveillance Machine
- The Global Network Initiative
- The Law and Medical Privacy
- TPP's Copyright Trap
- Trans-Pacific Partnership Agreement
- Travel Screening
- Trusted Computing
- Video Games