We now all know that the call records of millions of Americans are handed over to the government on an ongoing basis by the nation's phone providers under a secret order by the Foreign Intelligence Surveillance Court (FISC). This "metadata" -- which includes who called who and when, as well as the duration of calls -- can be incredibly revealing, illuminating intimate details of our daily lives.
But how did the phone records of all Americans become relevant to a terrorism investigation? It all goes back to changes to the law made in the PATRIOT Act and subsequent interpretations of the law by FISC that go far beyond what Congress had in mind when the PATRIOT Act was passed.
The provision in question is often referred to as Section 215. Before the PATRIOT Act, this was a narrowly scoped law used to obtain certain business records pertaining to a spy or terrorist. The PATRIOT Act transformed this law into a sweeping statute that allowed collection of "any tangible thing" about anybody. All the government needs to show is that there are reasonable grounds to believe that the tangible things sought are relevant to terrorism or intelligence investigations. Even then, when the PATRIOT Act was passed, few imagined that "any tangible thing" could be interpreted to mean the phone records of everyone in the U.S. This is fantastically broad. As Rep. Jim Sensenbrenner (R-WI), who originally introduced the PATRIOT Act in 2001, recently wrote:
The released FISA order requires daily productions of the details of every call that every American makes, as well as calls made by foreigners to or from the United States. Congress intended to allow the intelligence communities to access targeted information for specific investigations. How can every call that every American makes or receives be relevant to a specific investigation?
What is more, FISC has approved an interpretation of the law that permits orders for prospective records -- that is "tangible things" that don't yet exist. According to this court order, Verizon must disclose its customers' call records "on an ongoing basis" for 90 days in the future. Other phone companies are likely being asked to do the same. But prospective surveillance is not something Congress ever contemplated during the PATRIOT Act debate.
Significantly, Congress did give the FBI authority to obtain future call records in what is known as the pen register statute, which requires "particularity." This means attributes, such as a particular phone number, must be specified before a call record can be collected. This focuses prospective surveillance on a target, thereby shielding everyone else. Particularity is an element of every prospective electronic surveillance authority, whether criminal or intelligence-related. But there is no particularity requirement in Section 215.
So what happens after the government collects all of our phone records? Does it then have to go back to the court and make a factual showing that it meets a statutory standard in order to get permission to access the phone records of a specific American? Not as the government sees it. It is the NSA -- not Congress -- that sets the standard that must be met, and it is an NSA agent -- not the Foreign Intelligence Surveillance Court -- who decides whether that standard has been met.
In short, your phone records became relevant to a terrorism investigation because the NSA said so.
This should not be. Members of Congress, including Sen. Patrick Leahy (D-VT), the powerful chairman of the Judiciary Committee, have introduced bipartisan legislation to restore some of the checks and balances on surveillance authority that the PATRIOT Act removed. The path forward is clear, but it is not yet clear whether Congress will take it, or instead buy into the NSA's "trust us" mantra.