September 14, 2020

About the legality and constitutionality of the Section 215 metadata program

(Updated: December 27, 2020)

It was one of the NSA's most controversial activities: the bulk collection of domestic telephone records under the Section 215 program. On September 2, a court of appeal ruled that this violated the Foreign Intelligence Surveillance Act (FISA) and suggested that it may have been unconstitutional under the Fourth Amendment.

Here, I will provide a summary of this court case, United States v. Moalin, summarize the initial legal authority for the Section 215 program and explain on what grounds the court of appeal has now found that it was in violation of the law.

That's followed by a more extensive discussion about whether telephone metadata are protected under the Fourth Amendment of the US Constitution, which shows that the court didn't recognize the difference between extensive data mining and the much more restricted method of contact-chaining as conducted by the NSA.



Slide about the NSA's Section 215 domestic telephone records program, from the keynote
by former NSA director Keith Alexander during the security conference Black Hat USA 2013


United States v. Moalin

The case in which the US Court of Appeals for the Ninth Circuit decided is about four Somali immigrants, Basaaly Saeed Moalin, Ahmed Nasir Taalil Mohamud, Mohamed Mohamud and Issa Doreh, who were found guilty by a San Diego jury in February 2013 on charges of sending money to al-Shabaab, a jihadist terrorist group based in East Africa.

The principal evidence against the four men consisted of a series of recorded calls between Moalin, his co-defendants, and individuals in Somalia, obtained through a wiretap of Moalin's phone. After Snowden revealed the Section 215 program in June 2013, several government officials tried to defend this program by claiming that it had provided information that led to reopening the investigation into Moalin.

Among them was then-FBI Deputy Director Sean Joyce who in a congressional hearing said that "the NSA provided us a telephone number only in San Diego that had indirect contact with an extremist outside the United States." This led to an identification of co-conspirators and enabled the FBI to disrupt their financial support to al-Shabaab.



Three of the four men convicted in 2013
(image: CBS News)


Subsequently, Moalin and his co-defendants argued that the metadata program violated both the Fourth Amendment and the law under which it was authorized. Therefore, the "fruits" of the government's acquisition of Moalin's phone records should therefore have been suppressed.

And indeed, the three-judge panel of the Court of Appeals unanimously found that the bulk collection of telephone records violated the Foreign Intelligence Surveillance Act (FISA) and was possibly unconstitutional under the Fourth Amendment (see below).


No benefit for Moalin

But after carefully reviewing the classified FISA applications and all related classified information, the court was also convinced that the telephone metadata, even if unconstitutional, did not taint the evidence presented by the government.

In other words: the court saw no evidence that Section 215 had provided a lead to reopen the investigation into Moalin and to wiretap him: "To the extent the public statements of government officials created a contrary impression, that impression is inconsistent with the contents of the classified record".

This means that Moalin, who received an 18-year sentence, and one of his co-defendants remain in prison; the two other co-defendants already completed their sentences. Any of them or the government can still seek review from a larger, 11-judge en banc court, but they can also bring the case before the Supreme Court.




Notice of intelligence information

While the Ninth Circuit's ruling on Section 215 has no consequences anymore, another part of the opinion still has: the government has to provide notice to criminal defendants when evidence was obtained from surveillance conducted under FISA and the FISA Amendment Act (FAA). This also applies to surveillance conducted under other foreign intelligence authorities, including Executive Order 12333.

In the Moalin case, the defendants were not notified about the use of intelligence information, but learned about it after the trial from the public statements that government officials made in the wake of the Snowden revelations. The court, however, considered that "information as to whether surveillance other than the metadata collection occurred would not have enabled defendants to assert a successful Fourth Amendment claim."



The Richard H. Chambers building in Pasadena, once a hotel, now one of
the courthouses of the US Court of Appeals for the Ninth Circuit
(photo: Levi Clancy/Wikimedia Commons)


Bulk collection under Section 215

The NSA started its collection of domestic telephone records in October 2001 as part of the President's Surveillance Program (PSP), better known under its classification codename STELLARWIND.

This program was based upon a very controversial legal opinion by Justice Department lawyer John Yoo, arguing that it was justified by the president's wartime powers according to Article Two of the US Constitution.*

After objections raised by Justice Department officials Jack Goldsmith and James Comey, a new legal basis for this collection of telephone metadata was found in Section 215 of the Patriot Act, which was approved in secret by the FISA Court on May 24, 2006.


Unlike the content of phone calls, the associated metadata were not considered constitutionally protected. This because in 1979, the US Supreme Court had ruled that telephone records that have been voluntarily provided to a telecom provider are not protected under the Fourth Amendment of the US Constitution (Smith v. Maryland, also known as the third-party doctrine).



Section from the classified STELLARWIND report, page 16


Violation of the law

Now let's take a closer look at why the Ninth Circuit Court of Appeals considered the Section 215 bulk collection program unlawful.

Section 215 of the Patriot Act amended 50 U.S. Code §1861 and authorized the government to apply to the FISA Court for an "order requiring the production of any tangible things (including books, records, papers, documents, and other items) for an investigation to obtain foreign intelligence information not concerning a United States person or to protect against international terrorism or clandestine intelligence activities."

According to the PCLOB report the government didn't link its FISA Court applications to a single counter-terrorism investigation. Instead, the practice was to "list multiple terrorist organizations [...] and declare that the telephone records being sought are relevant to each of those investigations", which is "little different [...] from simply declaring that they are relevant to counter-terrorism in general."

With this practice the statutory requirement of relevance for "an investigation" became virtually meaningless and therefore the Ninth Circuit ruled that the telephony metadata collection program exceeded the scope of Congress's authorization and violated that particular section of the law.


The intelligence committees

While the NSA's collection of domestic telephone records was not according to how Section 215 was intended, the congressional intelligence committees were aware of it. They had been briefed multiple times about what was actually going on - a practice that (in secret) had also been approved by the FISA Court.*

According to an American legal doctrine, "Congress is presumed to be aware of judicial interpretations of the law". So when Congress reauthorized Section 215 in 2009 and 2011, the government argued that it had also "ratified" the FISA Court's secret interpretation that allowed the NSA's bulk collection.*

However, many members of the intelligence committees choose not to attend such classified briefings, preferring to stay comfortably ignorant not only about how their legislation turned out in practice, but also about how it was interpreted by the FISA Court.*

On May 7, 2015 the Court of Appeals for the Second Circuit had excused this by saying that details about the Section 215 program were actually so hard to access, even for members of the intelligence committees, that no meaningful debate had been possible.

Therefore, this court did not recognize the theory of the implicit ratification of the FISA Court's interpretation and ruled that the bulk collection exceeded the scope of what Congress had authorized under Section 215 of the Patriot Act - the same decision as that of the Ninth Circuit.



Hand-written copy of the proposed Bill of Rights from 1789, cropped to show
just the text that would later be ratified as the Fourth Amendment
(click to enlarge)


Protected under the Fourth Amendment?

Regarding the issue whether the telephone metadata collected under Section 215 were protected under the Fourth Amendment of the US Constitution, the Court of Appeals "stopped just short of saying that the snooping was definitely unconstitutional".*

Instead of a judgement, the court described a range of differences between the use of a simple pen register back in the days of Smith v. Maryland and the present-day capabilities of collecting and analyzing metadata in bulk:
- Nowadays, metadata reveal much more information, like the IMSI and IMEI number and the trunk identifier of a cell phone, telephone calling card numbers, and time and duration of a call.
- The amount of metadata created and collected has increased exponentially, along with the government's ability to analyze it.
- The duration of the collection in this case also vastly exceeds that in Smith v. Maryland: back then the pen register was used for a few days at most, while the NSA collected telephony metadata for years.
- Telephony metadata "as applied to individual telephone subscribers and when collected on an ongoing basis [...] permit something akin to [...] 24-hour surveillance."
- The extremely large number of people from whom the NSA collected telephony metadata enables the data to be aggregated and analyzed in bulk.

Regarding the latter, the court's opinion says:
"A couple of examples illustrate this point: A woman calls her sister at 2:00 a.m. and talks for an hour. The record of that call reveals some of the woman’s personal information, but more is revealed by access to the sister’s call records, which show that the sister called the woman’s husband immediately afterward. Or, a police officer calls his college roommate for the first time in years. Afterward, the roommate calls a suicide hotline.
These are simple examples; in fact, metadata can be combined and analyzed to reveal far more sophisticated information than one or two individuals’ phone records convey. As Amici explain, “it is relatively simple to superimpose our metadata trails onto the trails of everyone within our social group and those of everyone within our contacts’ social groups and quickly paint a picture that can be startlingly detailed"

This is a probably the most common argument against the bulk collection of metadata, but it ignores that there are actually different ways how intelligence agencies use large sets of metadata:

- Contact-chaining:
The full set of data is used in a "shallow" way by only looking which phone numbers (or other kinds of identifiers) are in contact with each other. This results in contact-chains and social network graphs:


- Pattern-of-life analysis:
Only parts of the data set are used to create a deeper insight into the daily life patterns of people of interest (after being identified through contact-chaining for example). Note that this kind of analysis is also conducted for individual people who are subject of targeted interception:



The examples cited by the Court of Appeals refer to the pattern-of-life analysis, while the data collected under Section 215 were only used for contact-chaining (and analyzing the results thereof).* The latter is also mentioned in the court's opinion, but without any further discussion:
"The government was also allowed to search phone numbers within three “hops” of that selector, i.e., the phone numbers directly in contact with a selector, the numbers that had been in contact with those numbers, and the numbers that had been in contact with those numbers."


The NSA's contact chaining method

The contact chaining started with a so-called "seed" - a phone number for which there was a Reasonable, Articulable Suspicion (RAS) that it was associated with a foreign terrorism organization.

This seed number was then entered into the MAINWAY contact chaining system to retrieve all the numbers that had been in contact with the seed - the first "hop". Then, analysts could also retrieve the numbers that had been in contact with the first hop numbers, which makes a second hop from the seed number:



Slide from a declassified NSA training about the Section 215 program
(click to enlarge)


Only for the numbers that showed up in such a two (and sometimes three hop) contact chain, analysts could use a separate tool to retrieve the associated call records which were stored in a different database.

These records included the originating and receiving phone number, the date, time and duration of the call (since 2008 also the IMEI and IMSI numbers of cell phones). The collection of location data was prohibited by the FISA Court, and subscriber information was also not acquired either.

In 2006, NSA analysts saw only one of every four million phone records as a result of the contact-chaining. In 2012, the NSA used 288 phone numbers as a seed for a contact-chaining query, resulting in 6000 phone numbers that analysts actually looked at.

Only such phone numbers of interest were "enriched" with additional information from other sources, like subscriber details, which would then reveal the associated names and things like family relations for example.

When this led to a suspicious American phone number, the NSA passed it on to the FBI for further investigation. There are no indications that the NSA conducted pattern-of-life analysis using the domestic telephone metadata collected under Section 215.



ACLU v. Clapper

The way Section 215 was operated was clearly less intrusive than the examples cited above, but the Ninth Circuit didn't mention this difference. It was discussed though by district judge William H. Pauley III, who summarized the actual practice in the case ACLU v. Clapper already in December 2013:
"First, without additional legal justification - subject to rigorous minimization procedures - the NSA cannot even query the telephony metadata database. Second, when it makes a query, it only learns the telephony metadata of the telephone numbers within three "hops" of the "seed." Third, without resort to additional techniques, the Government does not know who any of the telephone numbers belong to. In other words, all the Government sees is that telephone number A called telephone number B. It does not know who subscribes to telephone numbers A or B."

Accordingly, he ruled that the Section 215 program was lawful (this was overruled by the Court of Appeals for the Second Circuit because of violation of Section 215 of the Patriot Act (see above). For that reason the Second Circuit didn't want to "reach these weighty constitutional issues").


Contact chaining compared to pen register

In a report from last February, the Privacy and Civil Liberties Oversight Board (PCLOB) says that the first hop of the contact chaining process is not much different from what a pen register did: it lists the numbers with which a particular number had been in contact with.

Regarding the second hop, the PCLOB suggests that it's rather the nature than the number of call records that constitutes a Fourth Amendment protection.

Not discussed by district judge Pauley nor by the PCLOB is the subsequent analysis of the full call records associated with the numbers from the contact chains.



Telephone interception equipment that was used in the Netherlands from 1971 to 2003.
The brown device prints the metadata of the calls on a paper slip.
(photo: Wikimedia Commons - click to enlarge)


Apparently, the pen register in the Smith v. Maryland case only provided the phone numbers, but others may have recorded more call details. As of 1979 the Dutch police for example used a "telephone call analyzer" that recorded time and duration of a call, and the phone numbers of the calling and called parties - the same elements as the NSA collected under Section 215.

Therefore, one could argue that these call records are also not protected under the Fourth Amendment, especially when they are from landline phones.

This would be a bit more difficult with the final phase of the NSA's contact chaining process, when the numbers from the contact chains are enriched with information from other sources, including names and other subscriber details.

About the subscriber information one could still say that people provide that to their phone company voluntarily (in the past it was even published in phone books), but enrichment with other kinds of information will likely cross the line of what people see as private.

Based upon this more detailed analysis of the Section 215 program, the contact chaining and the call record analysis seem close enough to a pen register to fall outside the protections of the Fourth Amendment.

For the enrichment that could be different as it comes closer to a pattern-of-life analysis, even when it still doesn't reveal "a vibrant and constantly updating picture of the person’s life" as it was cited in the Ninth Circuit's opinion.


Bulk collection?

A final aspect that has to be taken into account is that protection under the Fourth Amendment also requires recognition by society. The Court of Appeals mentions "the public outcry following the revelation of the metadata collection program" to show that nowadays "several years' worth of telephony metadata collected on an ongoing, daily basis" are regarded as something private.

But the majority of the general public probably never understood that the Section 215 metadata were only used for contact chaining and not for analyzing the database as a whole, by pattern analysis or data mining for example.*

Therefore it's yet another, but still unaddressed question whether there's a reasonable expectation of privacy when metadata are collected in bulk but only an extremely small number of them are picked out for closer examination.


Replacement and termination

For the NSA's Section 215 program these legal questions have no practical impact anymore. In 2015, it was replaced by the USA FREEDOM Act, which ended the bulk collection. Henceforth the NSA had to request the metadata from telephone companies based upon specific and pre-approved selection terms.

Early 2019, the NSA suspended the program and subsequently deleted all the data collected under this authority, "after balancing the program’s relative intelligence value, associated costs, and compliance and data-integrity concerns caused by the unique complexities of using these provider-generated business records for intelligence purposes."



Summary

1. The first time a federal judge ruled about the Section 215 program was on December 16, 2013, when in the case of Klayman v. Obama, district judge Richard J. Leon found that the bulk collection of American telephone records likely violates the Fourth Amendment and granted a preliminary injunction pending appeal.
- On August 28, 2015, this injunction was vacated by the DC Circuit Court of Appeals because the plaintiffs failed to meet the heightened burden of proof which is required for preliminary injunctions.

2. Less than two weeks after judge Leon, another district court came to an opposite decision: on December 27, 2013 judge William H. Pauley III ruled in the case ACLU v. Clapper that the metadata collection did not violate the Fourth Amendment.
- This decision was overturned on May 7, 2015 by the Second Circuit Court of Appeals, which found that the bulk collection exceeded the scope of Section 215 of the Patriot Act. The Court therefore didn't decide on the constitutional aspects.

3. The third and most recent case is United States v. Moalin, in which a jury in San Diego convicted four Somali immigrants based upon evidence that had allegedly been obtained via the Section 215 program.
- On September 2, 2020, the Ninth Circuit Court of Appeals ruled once again that the metadata collection exceeded the scope of Section 215 but stoppped just short of saying that the program was unconstitutional.



Links & sources
- Lawfare: NSA Bulk Phone Data Collection Unlawful, Appeals Court Rules
- Emptywheel: Basaaly Moalin Wins His Appeal — But Gets Nothing
- Politico: Court rules NSA phone snooping illegal — after 7-year delay
- Brennan Center for Justice: A Breakdown of Selected Government Surveillance Programs
- Privacy and Civil Liberties Oversight Board: Report on the Telephone Records Program Conducted under Section 215
- Emptywheel: The Era of Big Pen Register: The Flaw in Jeffrey Miller’s Moalin Decision


No comments:

Post a Comment