The current wiretapping debate in Congress, and the media circus surrounding it, has focused on the expiration of the Protect America Act of 2007 (initially passed last August). The more pressing and oft forgotten issue, however, is the administration’s longstanding violation of the Foreign Intelligence Surveillance Act (FISA).
On December 17, 2005, President Bush revealed that the National Security Agency had been conducting domestic electronic surveillance for at least the four previous years. This so-called “Terrorist Surveillance Program” (TSP) was created to execute wiretaps against United States citizens and residents suspected of contacting foreign terrorist groups. The administration has avoided any substantive discussion of whether the program violates the Fourth Amendment by claiming that the details must remain secret. TSP began, and continues, on the sole authorization of the President. In an alarming violation of U.S. law, this program has allowed the NSA to spy on U.S. citizens without obtaining a warrant.
In order to conduct electronic surveillance operations, the NSA required cooperation from U.S. telecommunications companies. Any telecom companies that provided wiretap access to the NSA without requiring a warrant have violated FISA and exposed themselves to substantial liability.
There are other statutes that can authorize wiretapping of U.S. citizens, such as 18 U.S.C. §§ 2510-2522, which allows federal courts to issue warrants for wiretapping U.S. citizens for law enforcement purposes. However, all of these statutes require the agency requesting the wiretap to obtain a warrant from a federal court. By couching the War on Terror in terms of national security and by designating terrorist organizations as foreign powers, the administration has moved the TSP out of the standard federal court system and into the jurisdiction of FISA.
The FISA Court
Time for some background. The United States Foreign Intelligence Surveillance Court (FISC) is a United States federal court authorized by the FISA legislation. The FISC reviews requests for warrants to conduct electronic surveillance (wiretapping and other similar activities) on foreign entities, but only when there is a substantial likelihood that the surveillance will impact United States persons. Initially, FISA only covered foreign surveillance, such as spying on communists, but under the USA PATRIOT Act of 2001, Congress expanded FISA to include terrorism and terrorist-related activities of either U.S. citizens or foreigners.
When the United States Government Can Wiretap its Own Citizens Under FISA
Normally, it is difficult for the government to authorize wiretapping of its own citizens. Enter FISA § 1802(a), which allows the President, through the Attorney General, to authorize electronic surveillance of foreign powers without a court order. If there is a substantial likelihood of picking up communications of a U.S. citizen, however, the Attorney General must obtain a warrant from the FISA court.
This hurdle is, in effect, a mere formality, because the FISA court approves nearly every application it receives. According to the Electronic Privacy Information Center, the Foreign Intelligence Surveillance Court rejected only five (that’s right, just five) out of more than 20,000 applications between 1979 and 2006. Additionally, the Act allows federal officers to start a wiretap before obtaining a warrant in emergency situations so long as they obtain one retroactively within 72 hours; a provision that allows urgent matters to go through while formalities are left for later.
The repeated failures of the administration to follow these FISA application procedures are at the center of the telecom liability debate. The government could legally wiretap communications originating or terminating in the United States by complying with the Act. What the government cannot do is conduct long-term warrantless wiretapping of American citizens. Warrantless wiretaps violate the Fourth Amendment guarantee of freedom from unreasonable searches, as well as the plain language of FISA.
What the Government Requested of the Telecoms
That’s the legal background, so here’s where it gets juicy. The telecom companies have a powerful ally in the U.S. federal government: officers of the federal government who approved wiretaps without a warrant may face widespread civil or criminal liability if any wrongdoing comes out in court. The law takes abuse of power very seriously, and under 50 U.S.C. § 1809, an agent of the government who monitors an illegal wiretap or uses information obtained from unlawful surveillance can be punished with a fine of $10,000, five years in jail, or both.
It’s currently impossible to determine the extent of the telecom industry’s complicity in warrantless wiretapping activities. The administration has long hedged its statements, saying only that companies like AT&T “allegedly” cooperated with the NSA. However, during an unusual moment of clarity and openness in mid-February of 2008, administration spokeswoman Dana Perino stated that the telecom companies “certainly helped us and they helped us save lives.” Days later, during an interview with Renee Montagne on February 15, 2008, the Director of National Intelligence Michael McConnell stated that the main issue driving the administration’s recent push for FISA reform was liability protection for the private sector. Intense disagreement about whether to grant the telecoms retroactive immunity for participating in illegal spying split the Congress in early February, and resulted in the Protect America Act expiring without a new amendment for FISA being passed.
The reason the government is so worried about telecom immunity is the ongoing lawsuit of Hepting v. AT&T. This lawsuit, filed by the Electronic Frontier Foundation, alleges that AT&T assisted the government in performing illegal electronic surveillance. The administration has an incentive to block the EFF’s lawsuit (and others like it) by asserting “state secrets,” as it’s likely that a trial would reveal evidence of criminal wrongdoing on the part of government officials. Another twist that sets the EFF’s case apart came from former AT&T employee Mark Klein, who provided the EFF attorneys with documents that revealed the installation of a secret room at AT&T’s San Francisco hub in early 2003. These documents purportedly show that the NSA has the ability to copy all of the internet traffic that passes through AT&T’s network. If Klein’s statements are true, and assuming similar installations were conducted at other hubs, the NSA may have examined nearly every communication that has traveled over U.S. networks since 2003. On the other hand, if the complaint is dismissed because a court decides that it poses too great a risk to national security, the incriminating evidence may never see the light of day.
Liability of the Telecom Industry
Here’s where it gets expensive. If the EFF’s suit is allowed to proceed, and it reveals more widespread violations of the FISA laws, what can Americans do about it? FISA provides financial remedies for people who have been illegally wiretapped. Code provision 50 U.S.C. § 1810 imposes civil liability on any person (or entity) for each violation of FISA. Victims of illegal surveillance are entitled to recover $100 for each day they were wiretapped, or actual damages over $1000, whichever is greater. Additionally, FISA provides compensation for attorney’s fees and other costs of litigation. This is good news for private citizens and their lawyers who contemplate facing off against well-funded corporations with truly staggering financial liability at stake.
As you may imagine, one hundred dollars per day, per person adds up over four years. If the Hepting lawsuit is successful, AT&T could face damages of over $36,500 per claimant per year. Nearly every person with a computer or phone in the United States could be impacted. If AT&T is liable to just their own customers, with over 70 million wireless subscribers, one year of warrantless wiretaps could amount to more than two and a half trillion dollars in statutory damages. The recently expired Protect America Act may protect telecom companies from liability for the period between August 2007 through 2008 or 2009, when the final year-long authorizations expire. While it was active, it enabled the Director of National Intelligence or the Attorney General to authorize warrantless acquisition of call records and related information.
The Rule of Law
When faced with accusations of such widespread and systematic disregard for FISA, the administration’s preferred defense appears to involve invoking the “state secrets” privilege as often as possible. The argument claims that merely confirming the existence of the program could give America’s enemies important information about one of the weapons we’re using in the battle against them.
Wiretapping of United States citizens without a warrant is prohibited by law, and both the United States government and the telecommunications companies that enabled it have exposed themselves to both criminal sanctions (50 U.S.C. § 1809) and civil liability (50 U.S.C. § 1810). Unless Congress caves and grants telecoms a free pass on the lawsuits through retroactive immunity legislation (which is currently being debated in the House of Representatives), AT&T and others will face significant penalties.
A democratic government must always maintain a fine balance between security and privacy. Straying too far in either direction invites disaster. If the government is too cautious with the privacy of its citizens, it will be unable to protect them from threats. At the same time, excessive surveillance will inevitably erode the very freedoms that the government strives to protect. Granting retroactive immunity to companies that have violated the law only serves to encourage further transgressions, but enforcing the laws as they currently stand could bankrupt some of the biggest companies in the U.S. No matter which choice the legislature makes, future policy is being written – and corporate America is watching.