Warrantless searches surge as online privacy dwindles

Not only are warrantless searches exploding in number, the boundaries of warrants themselves are expanding

Warrantless searches surge as online privacy dwindles

The government's use of warrantless searches and secret requests for information is exploding, and recent court actions have greatly expanded the reach of legal searches. The digital age is presenting challenges to our Fourth and Fifth Amendment constitutional rights in ways the Founding Fathers could never have foreseen.

A transparency report released this week from the Office of the Director of National Intelligence (DNI) -- the president's appointee who manages the U.S. spy agencies -- shows warrantless searches on Americans doubled between 2013 and 2015. That's a conservative estimate, too.

The intelligence community vacuums up millions of communications from Internet backbones running in and out of the United States, as well as information collected by tech giants like Google, Facebook, Apple, Microsoft, YouTube, and others. That data is contained in a massive NSA database approved under Section 702 of the Foreign Intelligence Surveillance Act (hence known as the 702 database).

More Americans subject to warrantless searches

The NSA is ostensibly authorized by Section 702 to target "each non-U.S. person reasonably believed to be located outside the United States who possesses, or who is likely to communicate or receive, foreign intelligence information." But the DNI report showed the number of NSA queries using "search terms concerning a known U.S. person" went from 2,100 in 2013 to 4,672 last year.

"The number of backdoor searches doubling since last reported shows that warrantless Section 702 surveillance is a significant and growing problem for Americans," Jake Laperruque, privacy fellow at the Constitution Project, told The Intercept.

Searches of Americans' metadata -- information about who's talking to who, rather than specific content searches -- also exploded. In 2013 the NSA conducted approximately 9,500 queries on Americans' metadata, while the DNI reported 23,800 such searches in 2015.

These figures don't include statistics about searches conducted by the CIA or FBI. While the 702 database was ostensibly created to track foreign security risks, the Foreign Intelligence Surveillance Court (FISC) has ruled that because the database only "incidentally" collected information about Americans, the FBI can conduct as many warrantless searches as it wants.

The warrantless searches we don't know about

The USA Freedom Act surveillance reforms passed last year exempt the FBI from having to disclose how often it searches the 702 database, and the agency has never released estimates. "There is every reason to believe the number of FBI queries far exceeds those of the CIA and NSA," the Project on Government Oversight wrote last year.

Lawmakers like Senator Ron Wyden and Representative Thomas Massie have denounced these kinds of "backdoor" searches on Americans. "If intelligence officials are deliberately searching for and reading the communications of specific Americans, the Constitution requires a warrant," Wyden said.

Lawmakers have been asking -- fruitlessly -- for years for more details about the FBI's activities. Next year the surveillance programs authorized under Section 702 -- namely, PRISM and Upstream -- will be up for renewal in Congress. Fourteen members of the House Judiciary Committee sent a letter to Director of National Intelligence James Clapper last month, asking for at least a rough estimate of how many "United States persons are subject to Section 702 surveillance on an annual basis."

The Fourth Amendment: Kiss it good-bye

The DNI report also identified that 48,642 requests for information, known as National Security Letters, were made to American companies. The companies are forbidden to talk about these requests, which are made without a court order.

"To many, what has been made legal is a severe violation of American's constitutional rights, from the right to privacy to the requirement for due cause for government intrusion to the Fourth Amendment prohibition against unreasonable search and seizure," InfoWorld's Galen Gruman writes.

Microsoft last month sued the government over the gag order that prohibits Microsoft from notifying customers -- even long after the fact -- when their data has been accessed. The company claimed that not only were the Fourth Amendment rights of its customers being violated, but also Microsoft's First Amendment right to speak to its customers.

Warrants without borders

On top of all that warrantless snooping, the FBI now has a license to legally hack into computers anywhere in the country -- and perhaps the world. The Supreme Court approved a controversial change to criminal procedures last week that allows a judge to issue a warrant to remotely hack into computers whose locations are concealed using anonymity technology. Previously, judges could only issue a warrant for the FBI to employ "network investigative techniques" on a computer located within their jurisdiction.

"There are serious ongoing problems with government hacking that this change will only exacerbate. So much of this is in the dark," Joseph Lorenzo Hall, chief technologist for Center for Democracy and Technology, told TechCrunch

The new rules even allow the FBI to hack into computers of people it knows are innocent of wrongdoing.

"Let's say [the FBI] is trying to track a botnet or whatever, some type of cyber crime. [The FBI] can get a search warrant to go after 10 or 20 or 50 computers," Neema Singh Guliani, legislative counsel for the American Civil Liberties Union, told Gizmodo. "This new rule allows one judge to say 'yeah, here's a search warrant, go after those 50 computers and those computers can belong to victims [of cyber crime].'"

As Gizmodo says, "The new rule would allow the FBI to infect innocent people's computer with malware in order to investigate cybercrime -- even if their only connection to the crime is that they're the victims. What could go wrong?"

Google and privacy advocates oppose the rule change and argue it infringes Americans' Fourth Amendment rights against unreasonable searches. Civil liberties groups like Open Technology Institute are calling on Congress to block the changes before they take effect on Dec. 1.

"The Justice Department is now trying to quietly circumvent the legislative process by pushing for a change in court rules, pretending that its government hacking proposal is a mere procedural formality rather than the massive change to the law that it really is," said OTI Director Kevin Bankston.

Senator Wyden says he plans to introduce legislation to reverse the change. "One warrant from one judge can, in effect, reach millions of computers," Wyden said. "This is really a big issue when you're talking about expanding the government's hacking and surveillance authority."

There goes the Fifth Amendment as well

The FBI's fight to force Apple to break into the San Bernardino terrorist's iPhone ended in a draw, but federal officials won a different kind of encryption battle last week in Los Angeles. Authorities obtained a search warrant that compelled the girlfriend of an alleged gang member to offer up her fingerprint to unlock her iPhone.

Susan Brenner, a law professor at the University of Dayton, told the Los Angeles Times that the act of compelling a person in custody to press her finger against a phone breached Fifth Amendment protections against self-incrimination. It forced the defendant to testify; by moving her finger and unlocking the phone, she authenticated its contents, Brenner said. "Much of [the contents of that phone] will be about her, and a lot of that could be incriminating."

All in all, it hasn't been a good couple of weeks in the fight to preserve privacy in the digital age.

Copyright © 2016 IDG Communications, Inc.

How to choose a low-code development platform