ACLU sues over NSA phone records program
Published: June 11, 2013 09:16PM
Updated: June 11, 2013 05:18PM
This photo provided by The Guardian Newspaper in London shows Edward Snowden, who worked as a contract employee at the National Security Agency, on Sunday, June 9, 2013, in Hong Kong. The Guardian identified Snowden as a source for its reports on intelligence programs after he asked the newspaper to do so on Sunday. (AP Photo/The Guardian)

New York • The American Civil Liberties Union on Tuesday filed a lawsuit against the Obama administration over its “dragnet” collection of logs of domestic phone calls, contending that the once-secret program - whose existence was exposed by a former National Security Agency contractor last week - is illegal and asking a judge to both stop it and order the records purged.

The lawsuit, filed in New York, could set up an eventual Supreme Court test. It could also focus attention on this disclosure amid the larger heap of top secret surveillance matters that were disclosed by Edward J. Snowden, a former NSA contractor who came forward on Sunday to say he was the source of a series of disclosures by The Guardian and The Washington Post.

The program “gives the government a comprehensive record of our associations and public movements, revealing a wealth of detail about our familial, political, professional, religious and intimate associations,” the complaint says, adding that it “is likely to have a chilling effect on whistle-blowers and others who would otherwise contact” the ACLU for legal assistance.

The Justice Department did not respond immediately.

The ACLU has frequently assisted other plaintiffs in challenges against national security policies, but the government has generally persuaded courts to dismiss such lawsuits without any ruling on the legal merits after arguing that litigation over any classified program would reveal state secrets or that the plaintiffs could not prove they were personally affected and so lacked standing to sue.

This case may be different. The government has now declassified the existence of the program on domestic call record “metadata.” And the ACLU itself is a customer of Verizon Business Network Services - the subsidiary of Verizon Communications that was the recipient of a secret court order for all its domestic calling records - which it says gives it direct standing to bring the lawsuit.

The call logging program is keeping a record of “metadata” from domestic phone calls, including which numbers were dialed and received, from which location, and the time and duration of the communication, officials have said.

The program began as part of the Bush administration’s post-9/11 programs of surveillance without warrants, and, it is now known, it has continued since 2006 with the blessing of a national security court, which has ruled in still-secret legal opinions that such bulk surveillance was authorized by a section of the Patriot Act that allows the FBI to obtain “business records” if they are relevant to a counterterrorism investigation.

Congress never openly voted to authorize the NSA to collect logs of hundreds of millions of domestic phone calls, but the administration notes that some lawmakers were briefed on the program. Some members of Congress have backed it as a useful counterterrorism tool, while others have denounced it.

“The administration claims authority to sift through details of our private lives because the Patriot Act says that it can,” wrote Rep. Jim Sensenbrenner, R-Wis. “I disagree. I authored the Patriot Act, and this is an abuse of that law.”

Over the weekend, in hope of preventing a backlash, James R. Clapper, the director of national intelligence, also disclosed details about privacy protections built into the program. Among them, officials may access the database only if they can meet a legal justification - “reasonable suspicion, based on specific facts, that the particular basis for the query is associated with a foreign terrorist organization.” To deter abuse, queries are audited under the oversight of judges on a national security court.

Timothy Edgar, who recently left the government after serving as a privacy and civil liberties official on intelligence matters in both the Bush and Obama administrations and who worked on building safeguards into the phone log program, said the notion underlying the limits was that people’s privacy is not invaded by having their records collected and stored in government computers, but only when a human extracts and examines them.

“When you have important reasons why that collection needs to take place on a scale that is much larger than case-by-case or individual obtaining of records, then one of the ways you try to deal with the privacy issue is you think carefully about having a set of safeguards that basically say ‘OK, yes, this has major privacy implications, but what can we do on the back end to address those?’” he said.

Still, even with such restrictions, privacy advocates say the mere existence of the database will inevitably erode the sense of living in a free society: From now on, whenever Americans pick up a phone, before dialing they now face the consideration of whether they want the record of that call to go into the government’s permanent files.

Moreover, while use of the database may currently be limited to terrorism, history has shown that new powers granted to the government for one purpose often end up being applied to others. An expanded search warrant authority that Congress granted in the Patriot Act justified by the Sept. 11 attacks, for example, was used far more often in routine investigations like suspected drug, fraud, tax, weapons and extortion offenses.

Executive branch officials and lawmakers who support the program have hinted in public that some terrorist plots have been foiled and intelligence leads have been identified by using the database. In private conversations, they have also explained how it is used: Investigators start with a specific phone number that is already believed to be linked to terrorism, and scrutinize the ring of people who have called that number - and other people who in turn called those in the first ring, and so on - in an effort to identify any co-conspirators.

Still, that kind of analysis may generally be performed without keeping a wholesale library of call records, since investigators can instead use retail-scale subpoenas to obtain relevant calling logs from telephone companies. Sens. Ron Wyden of Oregon and Mark Udall of Colorado, two Democrats on the Senate Intelligence Committee who issued cryptic warnings about the program before its existence was revealed and who have examined it in classified hearings, have claimed that the evidence is thin that the program provided uniquely available intelligence.

But supporters of the program privately say the database’s existence is about more than convenience and speed. They say it can also help in searching for networks of terrorists who may be taking steps to shield their communications with one another, for instance by using different phone lines; if calls are going to and from a different number at the same address or cellphone towers as the number that is known to be suspicious, for example, having the comprehensive database may be helpful in a way that subpoenas for specific numbers cannot match.

It remains unclear, however, whether there have been any real-world instances in which a terrorist network that tried to evade detection was identified in that way, and so the existence of the database prevented an attack that otherwise would have occurred, or whether that advantage is to date only theoretical.

A 1979 ruling over a small-scale collection of calling “metadata,” Smith v. Maryland, held that such records were not protected by the Fourth Amendment since people have revealed such information to phone companies and so have no reasonable expectation of privacy. However, in a 2012 case involving GPS trackers placed by the police on cars, the Supreme Court suggested that the automated collection of people’s public movements may raise Fourth Amendment privacy issues in a way that nonbulk surveillance does not.