William E. Binney (right) with colleagues Thomas A. Drake and J. Kirk Wiebe
Table of Contents
“On the basis of the documents that I have reviewed, I can advise the Court that the allegations in the Plaintiff’s complaint are true and correct: Defendants are intercepting, accessing and storing Schuchardt’s private communications, without a warrant.” ~ William Binney, Schuchardt v. President of the United States, 2:14-cv-00705-CB (Binney Aff., July 04, 2017)
“The NSA’s current theory of surveillance can be described as “the needle and the haystack” approach. Under this approach, the NSA deems it necessary to acquire and monitor all information . . . on the internet. This includes full content of e-mail, text messages, web search queries, and documents stored online by cloud providers, such as Dropbox. In order to find the proverbial “needle in the haystack,” it is necessary to first collect the haystack.” ~William Binney, Schuchardt v. President of the United States, 2:14-cv-00705-CB (Binney Aff., July 04, 2017)
[Note from Catherine Austin Fitts: When speaking with him this fall, Bill Binney described four litigation efforts to hold the NSA accountable and affidavits that he had provided in two of these cases. I asked attorneys Michele Ferri and Jonathan Lurie if they would provide case summaries and primary documents, including Bill’s affidavits for publication. This will make it easier for officials, attorneys, reporters, researchers and citizens to appreciate and support private efforts to enforce with respect to the NSA.]
The last decade has seen a number of revelations as to the sheer breadth and intrusiveness of NSA surveillance programs. From William Binney’s testimony on NSA datamining during his 30 plus year career with the NSA to Edward Snowden blowing the whistle on the PRISM program, the information that has come to light has given rise to numerous lawsuits against the NSA and emboldened existing actions. The American Civil Liberties Union (“ACLU”), the Electronic Frontier Foundation (“EFF”), and a number of private citizens have brought lawsuits against the NSA and the U.S. government with the goal of recovering for potential violations of the Fourth Amendment and more.
As you might expect from lawsuits over secret surveillance programs, these lawsuits have moved extremely slowly; facing difficulties in producing specific enough evidence to create standing and overcoming government privilege such as the state secrets program. Many of the lawsuits simply fizzled out in the face of such a protracted and expensive legal battle or have simply been tossed out after motions to dismiss. However, several of these cases, some nearly a decade old now, have produced real changes in how private citizens can bring suits against the government and the NSA over surveillance. Some are even ongoing and may yet see even greater results.
Over the last decade, the lawsuits which have garnered the most noteworthy results and public attention include: ACLU v. Clapper, Jewel v. NSA, Schuchardt v. NSA, and Valdez v. NSA. This article will take a deep dive into the details of these cases and the change they have produced and how they have stood on each other’s shoulders–starting with the oldest of these cases, Jewel v. NSA.
II. Jewel v. NSA
Jewel was initially brought nearly a decade ago on September 18, 2008.i While it is still ongoing, it is one of the few cases related to constitutional violations based on NSA surveillance to successfully withstood challenges of standing and reached discovery.ii This has involved a number of rulings which dealt with and helped explain how state secret privilege is handled in regards to standing.
This class action lawsuit was supported and filed by the Electronic Frontier Foundationiii on behalf of Carolyn Jewel as well as other similarly situated AT&T customers targeted by the NSA in what the lawsuit alleges to be a dragnet surveillance program in violation of the plaintiff’s First and Fourth Amendment rights, as well as the Wiretap Act, the Stored Communications Act, and the Foreign Intelligence Surveillance Act (FISA). iv
A. Procedural History
As mentioned, the case is ongoing. However, it has already seen a number of twists and turns. Initially dismissed on January 21, 2010,v that dismissal was reversed on appeal by the 9th Circuit Appeals Court on December 29, 2011,vi although the claims were pared down to the constitutional issues of First and Fourth Amendment violations.vii The case developed more as the public learned more about NSA surveillance. For instance, in 2013 the court ordered the government to explain the impact of the Snowden revelations on the lawsuit.viii The case has also seen a temporary restraining order placed on the government after it appeared they were destroying evidence. ix This issue has resurfaced more recently as the plaintiffs have asked the court to enforce this temporary restraining order after it came to light that the government had continued destroying evidence regardless of the order. x
The most current ruling on the case, however, has pared down the claims fairly substantially. On February 10th, 2015, the U.S. District Court for the Northern District of California dismissed Fourth Amendment claims related to the NSA Upstream program, stating that these challenges would necessitate “impermissible disclosure of state secret information” and ruling that the plaintiffs did not have standing for these claims.xi This eliminated Fourth Amendment claims related to the NSA’s largest programs for intercepting phone and internet traffic.xii While this cuts a large portion of Jewel’s Fourth Amendment claims, it does not eliminate all of Jewel’s claims or even their Fourth Amendment claims regarding other types of NSA surveillance. This ruling was appealed, but the 9th Circuit Appeals court refused to hear the appeal based on how intertwined the issues of the appeal were with unresolved issues at the district court level. xiii
Finally, on November 28th, 2015, the judge in the case expressed his extreme shock that the case–nearing the decade mark–had not yet even reached the discovery phase. This led to motions to dissolve the long discovery stay on the case and, on February 19th, 2016, the judge in the case removed the stay and discovery began.xiv Since this point, the case has been a battle over what evidence is privileged or should be provided under seal, with the most recent ruling dealing with the government’s motion to file under seal being granted on Halloween of this year.xv
B. Facts of the Case
Ms. Carolyn Jewel’s class action primarily deals with challenging NSA surveillance programs, comparing them to dragnet surveillance.xvi We’ll discuss the legal history of dragnet surveillance and the Fourth Amendment in the legal discussion the case below. However, for those unfamiliar with the term itself, dragnet surveillance can be understood using the image of a fishing ship dragging nets along the sea bottom to find a specific type of fish–they may catch the fish they are looking for but they’ll catch a heck of a lot of other things as well. When it comes to dragnet as used by law enforcement, it generally refers to blocking out an area or category (such as race, gender, or age) and investigating every person within that area and/or category. While we’ll discuss it more below, suffice it say dragnet surveillance has an over half century history of being treated as unconstitutional search and seizure in violation of the Fourth Amendment. xvii
We know now, in much greater depth than when the case first began, the types of surveillance the NSA practices. However, in their initial complaint Jewel focused not on PRISM or other later revealed surveillance programs, they instead targeted what they described as unauthorized surveillance of telephone and internet activity–outside the procedures of the Foreign Intelligence Surveillance Act (FISA)–under the Terrorist Surveillance Program or TSP. xviii The TSP program was publicly acknowledged by the government in 2005.xix The plaintiffs alleged that the surveillance was done in concert with large telecommunications companies such as AT&T.
More specifically, the plaintiffs alleged that the NSA created a nationwide network of communications surveillance and used them to acquire the content of at least portions of domestic and international text messages, instant messages, web communications, phone calls, emails, etc. They also accused the NSA and the government of getting customer records relating to who was called, how long conversations were, and more from telecommunications providers. According to the plaintiffs, this was all beyond the scope of the FISA and without authorization from the Foreign Intelligence Surveillance Court (FISC). xx
The plaintiffs described this surveillance as a sort of dragnet.xxi While the NSA argued that the TSP surveillance was specifically targeting Al Qaeda members, even at the time of the plaintiff’s complaint, the government had acknowledged that TSP was only one part of a larger surveillance program.xxii The plaintiffs argued that there was little to no targeting involved in the programs. Instead alleging that the government was, as in a dragnet, targeting nearly every American who uses a phone system or the internet–including that of the plaintiffs.xxiii They cited the testimony of an AT&T technician, Mark Klein, that a specific AT&T facility in San Francisco was used by the NSA to set up and maintain a surveillance operation on phone and internet communications.xxiv This AT&T employee was apparently required to help maintain this surveillance equipment. The Jewel lawsuit alleges similar stations were set up across the nation and could be used to acquire information on up to half of all AT&T (and some non-AT&T) traffic. xxv
These factual assertions were later supported by the sworn affidavit of William Binney, a former NSA employee of over 30 years.xxvi He swore that he participated in a program known internally at the NSA as “Thin Thread.xxvii ” The sheer amount of communications over the internet posed an enormous difficulty for NSA surveillance. With this in mind, Thin Thread was created as an automated program to monitor international and domestic communications. Thin Thread was originally designed such that data was encrypted and privacy of U.S. citizens protected until a warrant was received. However, after the 9/11 attacks the priorities of the NSA changed. They began to implement something known as the President’s Surveillance Program (PSP). Mr. Binney was told by many who worked with him on Thin Thread that the new PSP program did nothing to protect privacy of U.S. citizens or wait for warrants.xxviii Ultimately, this led to Binney resigning from the NSA in 2001 over issues with the lack of respect for constitutional rights.xxix While not directly involved in future programs, Binney was able to use his experience to determine that the infrastructure for NSA surveillance that was in place targeted a large portion of domestic communications, partially using intercept centers set up in cooperation with telecommunications companies such as AT&T.xxx He also testified that recent construction of enormous data storage facilities (in the realm of about 5 zettabytesxxxi –about 10 to the 12th exponent larger than the gigabytes you usually measure a computer by) indicated that it was unlikely that the NSA was being targeted in its data collection.xxxii This supported the assertions of a dragnet approach to data collection.xxxiii Binney also cited testimony from FBI Director Mueller that discussed access to past emails on the part of the government, something that requires them to collect those emails in the first place.xxxiv
The defendants’ primary response to the claims in Jewel was an argument that the information necessary to litigate plaintiff’s claims was subject to and excluded from use by the “state’s secrets privilege” and other related privileges and that their cases should be dismissed. Plaintiffs responded that Congress displaced the “state’s secret privilege” in electronic surveillance actions when it enacted FISA. Let’s take a look at the underlying law here and the most important rulings from the case–the dismissals and appeals.
C. Dragnet and the Fourth Amendment
We’ve talked quite a bit about dragnet surveillance and the Fourth Amendment, and it is helpful to look at its legal history. A dragnet approach to surveillance has been confirmed to violate the Fourth Amendment by the Supreme Court.xxxv However, in order to be true dragnet there has to be a suspicionless search. Where an articulable reasonable suspicion exists for all those questioned, it is unlikely to be a constitutional violation. What’s more, even without suspicion, courts have allowed dragnet style questioning so long as it is done with additional precautions such as advising the people involved in the dragnet that they may decline questioning.xxxvi When it comes to terrorism, there have been rulings suggesting that a general invocation of a specific terrorist threat, without a showing of what threat might be mitigated, would still be an unconstitutional dragnet. xxxvii
D. State Secrets Privilege
State secrets privilege (SSP) is a privilege, first recognized in the 1953 Supreme Court case U.S. v. Reynolds, which may be invoked when there is “a reasonable danger’ that disclosure [of evidence] will ‘expose military matters which, in the interest of national security, should not be divulged.xxxviii ” Invocation of SSP must come from “the head of the department which has control over the matter, after actual personal consideration of that office.xxxix ” Where properly invoked, the government is allowed to–as with most types of privilege–exempt privileged evidence from discovery.
In more recent years, the government has used SSP as a basis to dismiss some cases brought against it. Essentially, where a case’s claims would require SSP evidence to support, the government argues–as in Jewel–that the necessity of SSP to create a claim means that a plaintiff is incapable of sufficiently supporting their pled claims so as to attain standing to sue.
Courts have been mixed in their support of this argument. Specifically, a 2006 case on the same TSP program–targeting telecommunications companies–was not dismissed on SSP grounds where the some of the subject matter was public and not a state secret and SSP would not bar the telecommunications companies themselves from talking about whether their assistance with TSP was authorized by the government. xl
As you’ve seen above, FISA is a law that substantially factors into the Jewel case. FISA itself is a law passed in 1978. However, it has been substantially amended since its passage–especially after 9/11. For this case, and the cases discussed in this report, the most important factors of FISA are its provisions on electronic surveillance, the creation of specific statutory causes of action, and the creation of the Foreign Intelligence Surveillance Court (FISC). xli
FISA allows the President to authorize electronic surveillance without a court order for a period of up to a year, but only where it targets only foreign communications and has no substantial likelihood to target a domestic person or party.xlii FISA also allows temporary warrantless surveillance in certain situations such as the lead up to war. FISA allows warranted or court approved surveillance so long as there is probably cause that the target is foreign or an agent of a foreign power. Most importantly, after the 2005 surveillance revelations discussed above, section 702 was added to FISA adding additional limitations on authorized surveillance including: not intentionally targeting people in the U.S., not targeting somebody reasonably believed to be outside the U.S. if the purpose of that surveillance is to target somebody in the U.S., target a U.S. person or party currently outside the U.S., surveil any communication in which the sender and all known recipients are in the U.S. These rules were accompanied by an additional catch-all which says all surveillance under FISA must follow the Fourth Amendment. xliii
All FISA surveillance is subject to minimization procedure requirements, steps to protect identities and limitations on how long communications can be held on to. xliv
The FISC is a court created by the FISA which oversees surveillance warrants, approving surveillance where necessary. xlv
The law also creates a cause of action for individuals whose communications are unlawfully monitored–offering damages of $1000 or $100 per day in addition to attorney’s fees and punitive damages. xlvi
FISA also provides some guidance on how evidentiary issues related to cases brought alleging FISA violations. For instance, (1806(f)) says: “Whenever any motion or request is made by an aggrieved person…the United States District Court shall . . . notwithstanding any other law . . . review in camera and ex party the applications, order and such other materials relating to the surveillance as may be necessary to determine whether the surveillance of the aggrieved person was lawfully authorized and conducted.” xlvii
In 2008, FISA was amended so as to provide some additional protections to telecommunications companies–offering immunity to suit in certain situations where the company provided assistance at the behest of the President or somebody from the intelligence community. This immunity only applied to actions taken between 9/11 and January 17, 2007. xlviii
F. Important Standing Rulings from Jewel
Jewel has been dismissed two different times, first in whole and then in part. These dismissals, and their subsequent appeals rulings, have offered insight in the interactions between general standing rules, SSP, and FISA.
G. Initial Dismissal and Appeal–General Standing
The initial 2010 dismissal was, at least facially, based on basic standing principles requiring a specialized grievance in order to allow a lawsuit. The district court felt that the case should be dismissed because the “group of plaintiffs/purported class representatives [had not] alleged an injury that [was] sufficiently particular to those plaintiffs or to a distinct group to which those plaintiffs belong; rather, the harm alleged [was] a generalized grievance shared in substantially equal measure by all or a large class of citizens.” In the court’s mind the damages of being surveilled were “[I]njuries that are shared and generalized —— such as the right to have the government act in accordance with the law —— are not sufficient to support standing.” xlix
This ruling likely came as surprise to the Jewel plaintiffs, as it came fairly shortly after a case known as Hepting–dealing with a class of plaintiffs suing AT&T over surveillance–had seen a ruling rejecting a similar argument for lack of standing in fairly similar circumstances.l The district court distinguished the two cases however, arguing that Jewel did not seek damages so much as an attempt to address “alleged misfeasance by the executive branch of the United States. li” The court discussed this misfeasance as something suffered by the entire country, thus making the interest of the plaintiffs–at least with their facts alleged–no more substantial than anybody else.lii The court’s dismissal ruling felt that this meant the issue was better addressed in the political arena as opposed to the courts. Importantly, as part of their consideration, the district court said that “cases in which plaintiffs sue the government in order to stop or expose constitutional or other transgressions by government officials present special standing considerations. A citizen may not gain standing by claiming a right to have the government follow the law.”liii
The plaintiffs’ appeal was ruled on in 2011 and the district court’s dismissal was overturned. Looking at the detailed factual claims of Jewel, the 9th Circuit Appeals Court felt that there was enough evidence that the class plaintiffs were targeted for surveillance and thus suffered a concrete injury.liv
The Appeals Court, as opposed to the higher standard used below, used standard standing requirements. “Article III gives the federal courts jurisdiction over only ‘cases and controversies.’lv“. The oft-cited Lujan v. Defenders of Wildlife (“Lujan”) restates the three requirements that must be met for Article III standing: (1) an injury in fact that (2) is fairly traceable to the challenged conduct and (3) has some likelihood of redressability.”lvi With the facts alleged, the appeals court felt that there was enough to show an injury to the plaintiffs. The Appeals Court ruled that the district court had erred in applying heightened standards of standing just because the case involved government officials in the national security context. This ruling had two important parts. First, it means that national security implications on their own do not heighten standing requirements. Second, it holds that a set of plausible circumstances that you have been targeted for surveillance is sufficient to make a particularized grievance. lvii
This second part is intertwined with a further ruling in the case. A large part of why the Court felt there was a concrete injury was that the claims check the boxes of the statutes under which the Jewel plaintiffs sought relief–FISA, the ECPA Wiretap provisions, and the Store Communications Act. This approach was part and parcel of their next ruling–that there was no political question in the case making it inappropriate for judicial resolution.lviii
The district court treated the case as if it was seeking to address the entire issue of unauthorized surveillance in the United States. However, the case dealt with statutory claims–statutes created by Congress as a political answer to the larger issue the district court dismissed as a political question. There was certainly a political backdrop to the case as the surveillance scandal was and is a highly politicized issue. However, the issue at hand had already been addressed at a political level by creating the causes of action in Jewel–landing the issue firmly in the realm of the courts.lix
What the Appeals Court did not address, which became the central controversy of the case for years to come, was whether the claims in Jewel could survive SSP. lx
H. Second Partial Dismissal–State Secrets Privilege
Two years after the appeals court remanded Jewel for analysis on SSP, the case saw a ruling on the issue in 2013–another dismissal. This partial dismissal refused to support the use of SSP as a sword to dismiss cases where the claims require evidence where there is a reasonable danger of exposing military matters which, in the interest of national security, should not be divulged.lxi As discussed above, this was a more aggressive interpretation of SSP than had been generally been accepted when the case was initially brought.
In discussing where SSP currently stood, the district court described two applications of the privilege–barring the introduction of evidence or, where the subject matter of the lawsuit itself is a state secret, dismissing the case altogether.lxii The latter situation occurs when the SSP requires the removal of enough evidence that a plaintiff cannot make a prima facie case or prevents the defendant from raising a defense.lxiii
The Jewel plaintiffs have made it clear that they were a bit surprised by this ruling, especially given that the bulk of the surveillance program in question was public when they brought the case–never mind a decade later. However, the district court broke down its reasoning as to SSP. There are three steps to an SSP analysis. First, the court determines whether the procedural requirements of invoking SSP have been satisfied. The privilege must be asserted by the head of the government department with control over the potentially privileged matter and must be made after serious consideration as opposed to as a matter of rote. Next, the court decides if the information in question is actually privileged. This requires a balancing of national security interests and the public interest in an open court system. Finally, the court decides whether the privilege can be a simple evidentiary matter or if it requires dismissal.lxiv
While much of the program was public at this point, the court determined that there was enough of it that was still classified–and disclosure of those classified matters would severely jeopardize national security–that SSP applied. So much so that the plaintiffs could not form a prima facie case and the defendants could not mount a defense. However, by itself SSP was not enough as at least some of the privilege has been statutorily preempted by FISA and other statutes.lxv This led to the next issue the court addressed, how much of SSP is preempted?
SSP is in fact preempted by FISA. “Section 1806(f) of FISA displaces the state secrets privilege in cases in which electronic surveillance yields potentially sensitive evidence by providing secure procedures under which courts can consider national security evidence that the application of the state secrets privilege would otherwise summarily exclude.”lxvi This applies regardless of any other law. This means that courts need to take private looks (in camera or ex parte) at evidence in FISA, Wiretap Act, and Electronic Privacy Protection Act cases in order to avoid an SSP issue. However, what wasn’t waived in this case was sovereign immunity.lxvii
To put it simply sovereign immunity protects the government and its agencies from lawsuits unless the government consents to be sued. This sovereign immunity is frequently waived as part of federal statutes creating causes of action.lxviii The Stored Communications Act and the Wiretap Act include such waivers and the Jewel plaintiffs claims under these statutes are supported. However, the waiver in FISA is much more limited and–according to the district court–cannot be interpreted to include the claims in Jewel. What’s more, the waivers for SCA and the Wiretap Act are limited to claims for damages under those acts–based on Congress deleting waiver terms for declaratory and injunctive relief the court determined that all non-damages claims couldn’t stick.lxix
This led to two very substantial rulings. First, SSP does not apply in these types of cases because it has been statutorily preempted. However, all claims under FISA and all claims for anything other than damages were dismissed.lxx
I. Third Dismissal and Appeal- Fourth Amendment Claims and Upstream
In 2015, the most recent substantial ruling on the case once again limited the claims brought by the Jewel plaintiffs. This ruling granted summary judgment against the plaintiffs Fourth Amendment claims as they related to the interception of internet communications.lxxi
Much of the basis for the ruling was not available do to its apparent confidential nature. However, the court ruled that the details of the Upstream data collection program were subject to SSP and required dismissal of these claims because, without this evidence, the plaintiffs had insufficient evidence to make a prima facie case. In making this determination, the court ruled that while there was enough for a concrete injury in the evidence provided there was not enough evidence–and could not be enough evidence without revealing SSP information–to establish that the Upstream program worked the way the plaintiffs said it did. Apparently, confidential SSP information revealed to the court showed that Upstream did not work as the plaintiff’s experts said it should.lxxii
This ruling was appealed, but the Appeals Court quickly refused to hear the issue due to how intertwined the issues were with remaining issues in the case.lxxiii
III. ACLU v. Clapper
In the wake of The Guardian’s publication of the Snowden disclosures, the ACLU lxxiv filed suit against the NSA in ACLU v. Clapperlxxv. The ACLU alleged the bulk metadata collection program was unconstitutional under the First and Fourth Amendments of the Constitution. While the district court was unconvinced and dismissed the case, the 2nd Circuit Court of Appeals disagreed, determined the bulk metadata collection was unauthorized by the Patriot Act, and remanded the case back to district court.
Similar to the ‘dragnets’ of Jewel discussed above, Clapper focused on the government’s bulk metadata collection disclosed in the leaked documents published by The Guardian in 2013. However, unlike in Jewel, the scope of these collections was greater, and the collection itself was, at least on paper, authorized by a FISC order, under section 215 of the Patriot Act.
The metadata the government collected did “not include the voice content of telephone conversations. Rather, they include details about telephone calls, including, for example, the length of a call, the phone number from which the call was made, and the phone number called.”lxxvi The leaked FISC order “directed Verizon Business Network Services, Inc . . . to produce to the NSA “on an ongoing daily basis . . . all call detail records or ‘telephony metadata’ created by Verizon for communications (i) between the United States and abroad; or (ii) wholly within the United States, including local telephone calls.” lxxvii
B. Procedural History
The ACLU originally filed suit in the Southern District of New York on June 11th, 2013.lxxviii The complaint asked the court to declare the metadata program exceeded the authority granted by section 215 of the Patriot Act, violates the First and Fourth Amendment to the U.S. Constitution, to permanently enjoin the program, and to order defendants to purge all data collected by the program.lxxix
The district court dismissed the case on December 28th, 2013, and the ACLU appealed in the 2nd Circuit Court of Appeals.lxxx The 2nd Circuit reviewed the decision de novo, disagreed in part, vacated the decision and remanded the case back to the district court.lxxxi
The ACLU also requested the 2nd Circuit grant a preliminary injunction against the continuing bulk collection program but their motion for an injunction was reviewed under the abuse of discretion standard, and was denied on the grounds that Congress already established a 180-day transitional period to close the program.lxxxii
C. Standing and Preclusion
The Court reviewed the standing of the ACLU to sue de novo, and concluded the appellants did have standing to sue, as the district court properly ruled.lxxxiii The appellants were able to show “the government’s own orders demonstrate that appellants’ call records are indeed among those collected as part of the telephone metadata program.”lxxxiv The Court ruled “The Fourth Amendment protects against unreasonable searches and seizures . . . Whether or not such claims prevail on the merits, appellants surely have standing to allege injury from the collection, and maintenance in a government database, of records relating to them.”lxxxv
Furthermore, the Court ruled appellants had standing for their First Amendment claims as well, writing “when the government collects appellants’ metadata, appellants’ members’ interests in keeping their associations and contacts private are implicated, and any potential “chilling effect” is created at that point. Appellants have therefore alleged a concrete, fairly traceable, and redressable injury sufficient to confer standing to assert their First Amendment claims as Well.” lxxxvi
The appeals court next turned to the issue of whether or not judicial review was precluded by statute.lxxxvii While the government argued section 215 impliedly limits judicial review to FISC and excludes article III courts, the appeals court disagreed. The Court explained that judicial review is authorized except when precluded, and there is a strong presumption against preclusion and for allowing review.lxxxviii To rebut the presumption requires “a showing of clear and convincing evidence of a contrary legislative intent’” can rebut the presumption that Congress intended that an action be subject to judicial review . . . and may be overcome by specific language or specific legislative history that is a reliable indicator of congressional intent.” lxxxix
The Court concluded “the government relies on bits and shards of inapplicable statutes, inconclusive legislative history, and inferences from silence in an effort to find an implied revocation of the APA’s authorization of challenges to government actions. That is not enough to overcome the strong presumption of the general command of the APA against such implied preclusion.” xc
D. Statutory Authorization
The first issue the Court addressed was whether or not the Patriot Act’s section 215 actual provided the authority to conduct bulk metadata collection of this scope.xci As far as subject matter, the statute authorized any things for an investigation against terrorism or clandestine intelligence activities.xcii However, a statement of facts showing “the records be relevant to an authorized investigation (other than a threat assessment)” must be presented to FISC in order to gain that authority.xciii While the Court agreed that congress contemplated a somewhat broad standard of relevance, similar to the standard of grand juries,xciv the “creation of a historical repository of information” via bulk aggregation is not how the scope and relevance of grand jury subpoenas are generally discussed.xcv
Instead, the Court expressed that “[t]he sheer volume of information sought is staggering; while search warrants and subpoenas for business records may encompass large volumes of paper documents or electronic data, the most expansive of such evidentiary demands are dwarfed by the volume of records obtained pursuant to the orders in question here” and includes “[t]he metadata concerning every telephone call made or received in the United States using the services of the recipient service provider are demanded, for an indefinite period extending into the future.” xcvi
Furthermore, in analyzing the text of the statute, the Court reasoned that “[i]n limiting the use of § 215 to “investigations” rather than “threat assessments,” then, Congress clearly meant to prevent § 215 orders from being issued where the FBI, without any particular, defined information that would permit the initiation of even a preliminary investigation, sought to conduct an inquiry in order to identify a potential threat in advance.” xcvii
Therefore, the Court concluded “that to allow the government to collect phone records only because they may become relevant to a possible authorized investigation in the future fails even the permissive “relevance” test. Just as “the grand jury’s subpoena power is not unlimited,” United States v. Calandra, 414 U.S. 338, 346 (1974), § 215’s power cannot be interpreted in a way that defies any meaningful limit. Put another way, we agree with appellants that the government’s argument is “irreconcilable with the statute’s plain text.”” xcviii
E. Constitutional Issues
In addition to the issue of statutory authorization discussed above, the ACLU argued the bulk metadata collection cannot be authorized because it violates the Fourth Amendment and breaches the appellants’ expectation of privacy.xcix In response, the government argued there was no expectation of privacy, nor privacy rights in records that were willingly handed to third-parties like Verizon.c
Somewhat unfortunately, the Court declined to opine directly on the constitutional issues at hand. While the Court acknowledged the weight of the constitutional issues brought by the advent of modern technology and dragnet surveillance, they decided the first appeal based on the lack of statutory authorization.ci
The Court does note, however, that the implications do weigh on their decision, and indicate that congress is an appropriate entity to resolve those questions at the time of their decision.cii The Court explained that “[a] congressional judgment as to what is “reasonable” under current circumstances would carry weight,”ciii and “a full debate by Congress of the appropriateness of a program such as that now operated by the government may result in the approval of a program with greater safeguards for privacy, or with other limitations, that are not now in place and that could alter or even moot the issues presented by appellants.” civ
F. Preliminary Injunction
Indeed, shortly after the first appeals decision in Clapper, Congress allowed the Patriot Act to expire and replaced it with the USA Freedom Act of 2015.cv The new act allowed collection of call data under “certain “additional requirements,” including a “reasonable, articulable suspicion that such specific selection term is associated with a foreign power . . . or an agent of a foreign power engaged in international terrorism or activities in preparation therefor.”cvi It is intended to restore meaningful limits to the past data collection.cvii The amendments had a 180 day grace period before going into effect.
By amending the relevant statutes in the USA Freedom Act, and giving a 180 day grace period, the 2nd circuit considered congress to have authorized continued bulk data collection for the 180 day transitory period.cviii
Additionally, the court once again declined to address the constitutional issues, reasoning they “should not meddle with Congress’s considered decision regarding the transition away from bulk telephone metadata collection . . . and should not, decide such momentous constitutional issues based on a request for such narrow and temporary relief.” cix
IV. Elliot Schuchardt v. President and NSA
Schuchardt is quite a bit newer than Clapper or Jewel. It was only filed in June 2014.cx It is still ongoing and deals which the surveillance of U.S. citizens–one attorney named Elliot Schuchardt in particular–by the NSA through services of companies such as Google, Yahoo, Facebook, Dropbox, and Verizon–focusing on collection of metadata and content for electronic communications. Schuchardt incorporates a class comprised of users of these services into his lawsuit.cxi
A. Procedural History
The class action itself was dismissed back in 2015cxii , although the dismissal was reversed in May of 2016.cxiii Since then, the case has seen an attempt at joiner but has been for the most part slow moving.
The initial complaint included a number of serious allegations, primarily Fourth and First Amendment violations with some statutory violations and civil torts thrown in. The case is seeking both money damages and injunctive relief.cxiv
The first allegation deals with Fourth Amendment violations through bulk email collection by the NSA. The complaint alleged that since 2006, the government had been collecting private emails through Yahoo. Since 2009, collecting content and metadata from Gmail accounts and search history through the Google search engine. They also allege that the government had been collecting email and instant messages through Facebook since 2009. Since 2013, they allege that the government has been collecting metadata and contents from things stored in the Dropbox cloud.cxv
This obviously encompassed an enormous amount of private data, and the government is alleged to have taken without authorization. The suit points to the PRISM program to support its allegations that the government collected and stored this information.cxvi
Their other Fourth Amendment allegations also deal with bulk collection of metadata, but more dealing with tracking phone calls and phone metadata. Their allegations say that since 2008 the government had been collecting cell phone metadata through Verizon Communications. This included duration and frequency of calls.cxvii
Based on these same situations, Schuchardt alleged First Amendment violations arguing that by monitoring all communications the government is stifling his ability to freely express himself.cxviii
The remainder of the allegations include intrusion and invasion of privacy, violations of FISA, and more general civil liability.cxix
B. Facts of the Case
Elliot Schuchardt himself is an attorney out of Pennsylvania. For the most part, the facts rely on the NSA surveillance programs discussed above which were revealed to the public–PRISM, PSP, etc. It also relies on many of the facts alleged and cases discussed above. Like Jewel, it points to the testimony of the AT&T technician Mark Klein as well as the affidavit of William Binney on NSA practices from that case. The case points to another NSA employee’s affidavits, Thomas Drake, who spoke on how NSA employees confided in him that the PSP did not include privacy protections and illegally collects electronic communications via U.S. intercept centers such as those run by AT&T and Verizon. The case also pointed to a third former-NSA employee, Kirk Wiebe. Mr. Wiebe echoed the affidavit of Mr. Binney, supporting his allegations. The case further supported its allegations of surveillance with Snowden’s famous revelations.cxxii
Beyond relying on his previous affidavits, Mr. Binney also offered a separate affidavit personalized to Schuchardt’s case. The affidavit confirms Mr. Binney’s belief that the assertions in the lawsuit are true and correct and that, based on the documents provided by Edward Snowden, it is likely that the NSA continues to collect content and metadata from electronic communications. Most importantly, Binney’s affidavit states that it the government is collecting Schuchardt’s private communications without a warrant–both the metadata and the full content. The affidavit alleges that the collections are done within the U.S. The affidavit is accompanied by evidence in the form of leaked documents, especially those from Snowden. According to Mr. Binney, this level of collection is unnecessary, morally wrong, and–by token of the sheer scope of what is collected–not particularly useful and consume the vast majority of NSA resources to begin to review. Finally, the affidavit describes a better way of going about such surveillance–creating social networks based on relationships in metadata and targeting suspicious individuals within these networks based on specific criteria.cxxiii
The case also cited the testimony of Lavabit owner Ladar Levinson on a 2013 NSA surveillance demand. According to Levinson, the NSA demanded that he let them install a device allowing full access to the contents of all his user’s emails. Levinson states he eventually shut down the email service in response to these requests.cxxiv
Specific to Schuchardt, the attorney alleges that this collection included the privileged communications between Schuchardt and his clients–the allegations supported by Mr. Binney’s affidavit.cxxv
C. Important Holdings in the Case
At this point, the case is ongoing and has seen very little actual movement in the last several years–although the government has brought yet another motion to dismiss in the last few years. However, this doesn’t mean there is nothing to learn from this case. The motion to dismiss and subsequent reversal on appeal synthesize the decisions in the above discussed cases, providing a more comprehensive picture of how standing might be treated in these cases in a more recent lawsuit.
D. Original Dismissal
The dismissal in 2015 started by framing the background of FISA we discussed above, the initial implications and the expansions in power since 9/11. However, the decision to dismiss once again revolved around standing.cxxvi
The government’s argument in this case basically boiled down to an argument that Schuchardt did not have standing because he only alleges that the NSA collects the data of all U.S. citizens as opposed to his specifically and, more to the point, they argued he didn’t plausibly allege that they had ever collected his data specifically.cxxvii
In deciding this, the district court looked to the cases of the past decade or so–Clapper v. Amnesty International, Jewel, and Klayman v. Obama. In Amnesty the court gave standing to plaintiffs where they actually showed that their call records were among those collected as part of an NSA telephone metadata collection program. The court stated: “[Plaintiffs’] alleged injury requires no speculation whatsoever as to how events will unfold under § 215 – [plaintiffs’] records (among those of numerous others) have been targeted for seizure by the government; the government has used the challenged statute to effect that seizure; the orders have been approved by the FISC; and the records have been collected.”cxxviii
In Jewel, as we’ve seen, the appeals court ended up granting standing. In their review of the case, the Schuchardt court attributed this to the highly specific allegations regarding the data collection operation–citing a specific AT&T facility in San Francisco which would have targeted her data.cxxix
In Klayman, a case challenging bulk data collection through Verizon facilities, the court initially granted standing based simply on the sheer scope of the government’s data collection efforts.cxxx However, on appeal, the court was split on the standing issue. One judge said that the plaintiffs had barely fulfilled the requirements of standing via its specific evidence that the metadata collection targeted Verizon services. Another judge felt that the evidence might be too speculative for standing, but still recommended the case move forward to discovery. The final judge suggested that a specific allegation of collection from the plaintiffs themselves was required for standing.cxxxi
Relying on the previous cases and this last judge in Klayman, the district court ruled that the thread tying these cases together was the ability to allege that they themselves were targeted with some degree of particularity. They argued that this particularity was necessary for standing and that a bare allegation that the scope of the program implies that data was taken is not enough. Since Schuchardt primarily relied on the breadth of the surveillance, with no evidence beyond this as to being himself targeted, he did not have standing to sue. What’s more, the court ruled that the heightened interest in protecting the secrets of clients did not create standing to sue. With this taken together, the district court dismissed the case.cxxxii
E. Reversal on Appeals
The district court’s decision was reversed in 2016, but the reversal was quite narrow–specifically dealing with whether Schuchardt was sufficiently pleaded to grant standing to sue on a Fourth Amendment claim.cxxxiii This is far different from being enough to prove a case and only requires that enough facts be pled to create a plausible case for a Fourth Amendment violation. The Third Circuit Appeals Court specifically did not address whether Schuchardt’s claim merited moving on to discovery, especially in light of potential SSP. This left the door open to future dismissal or summary judgment.cxxxiv
The Appeals Court ruled that the combination of facts pled in this case create a plausible enough case to support his claim. First, the alleged facts indicate that the NSA captures essentially all email sent by U.S. citizens. This is especially supported by the details of the PRISM program and Lavasoft’s allegations that the NSA requested access to the contents of all its users’ email. The court ruled this plausibly supported the premise that the NSA had a nationwide dragnet accessing essentially all emails. The details of the PRISM project’s scope also supported a dragnet surveillance program targeting substantially all citizens. Finally, the fact that Schuchardt alleged that his email used services confirmed to be targeted by the NSA was enough to plausibly argue that he himself had been targeted. This ruling does not seem to remove the requirement for evidence that the plaintiff themselves has been targeted for surveillance. However, it does imply that the sheer scope–and an allegation that you are within that scope–is sufficient. An assertion supported by other fairly recent rulings.cxxxv
While Clapper v. Amnesty, did not accept standing in the face of a “speculative chain of possibilities” the issue with standing was imminence and traceability of the injury–essentially a problem with speculating about injuries that may yet occur. Here, however, Schuchardt has allegedly already been injured via the seizure of his emails. The fact that the dismissal was not a summary judgment but a jurisdictional challenge meant Schuchardt faced a lower evidentiary standard than in Clapper v. Amnesty.cxxxvi
V. Valdez v. National Security Agency
The final, and newest case we are discussing is Valdez v. National Security Agency,cxxxvii which is being litigated by the former mayor of Salt Lake City, Rocky Anderson. Mary Josephine Valdez and her fellow plaintiffs alleged various statutory and constitutional violations by the Defendants, which occurred from 2001 through 2013,cxxxviii including references to the bulk metadata collection at issue in Clapper.
However, Plaintiffs’ allegations focus on the 2002 Salt Lake City Olympics, where they allege Defendants collected
“email, text message, and telephone communications within designated geographical areas, including Salt Lake City, Utah, and the areas including and in the vicinity of all Olympic venues. . . [including] interception and key-word spotting analysis of the contents of every text message and email sent and received and information reflecting the time and length of, and telephone numbers involved in, every telephone conversation involving any person within the areas subjected to the blanket surveillance.”cxxxix
The Plaintiffs allege their data was collected as part of that operation.cxl
B. Procedural History
Plaintiff’s filed their complaint on August 18th, 2015. The complaint alleges violations of the First and Fourth Amendments of the U.S. Constitution, Utah State Constitution Article 1 § 14, FISA (50 U.S.C. § 1809), The Wiretap Act (18 U.S.C. § 2511), The Stored Communications Act (18 U.S.C. § 2703), The Privacy Act (5 U.S.C. § 552a, Communication Abuse (Utah Code § 76-9-403), and The Administrative Procedure Act (5 U.S.C. 701).cxli
On December 18th, 2015, defendants filed a motion to dismiss the case for lack of jurisdiction. They denied Plaintiffs’ allegations regarding the surveillance of the Olympics, and argued the Plaintiffs did not show facts sufficient to backup their claims. The Court determined the pleading stage was too early to determine the plausibility of Plaintiffs allegations, and concluded the allegations were sufficiently well plead to proceed to discovery. Consequently, Defendants’ motion to dismiss was denied on January 10th, 2017.cxlii
On February 10th, 2016, Plaintiffs filed an amended complaint.cxliii The amended complaint withdrew “claims for damages and prospective injunctive relief against the NSA, and withdrew their claims against the FBI. . .” cxliv The remaining defendants were the NSA, George W. Bush, Michael v. Hayden, Richard B. Cheney, and David Addington.
On February 21st, 2017, Defendants filed an answer to the amended complaint, denying most of Plaintiffs’ allegations, and admitting to various statements that were already a matter of public record.cxlv
On March 3rd, 2017, Defendants filed a motion requesting judgment on the pleadings. They reiterated their arguments from their earlier motion to dismiss, but accompanied this motion with Declaration by Wayne Murphy, NSA Director of Operations, and challenged the allegations as a “factual matter.” Defendants once again stated the NSA did not conduct “indiscriminate “blanket” surveillance of all electronic communications sent or received in Salt Lake City or the vicinity of the 2002 Winter Olympic venues, whether during the 2002 Winter Olympic Games or otherwise.cxlvi
C. Current Status
The case is currently ongoing. According to the latest scheduling order, the parties are due to complete discovery by March 23rd, 2018, and Plaintiffs must file their motion to oppose the NSA’s motion for judgement on the pleadings by May 22nd, 2018.cxlvii
VI. About Us
This article was written and edited by Michele Ferri and Jonathan Lurie of The Law Offices of Lurie and Ferri for use by the Solari Report. Michele Ferri and Jonathan Lurie and both practicing attorneys out of California. The Law Offices of Lurie and Ferri focus on working with start-up businesses as well as on intellectual property and business law issues. They can be found at http://www.lflawoffices.com/ or contacted at firstname.lastname@example.org.
VII. Footnotes and Document Links
iv supra note i.
xiv Jewel et. al. v. National Security Agency et. al, 4:08-cv-04373 (Order Granting as Modified 335 Stip. to Modify Briefing Schedule and Hearing Date on Plaint Motions to Dissolve Discovery Stay, N.D. Cal 2016).
xvi supra note i at
xvii Osborn v. United States, 385 US 323 at 353 (1966).
xviii See supra note i.
xxii See supra note iv at 2-3.
xxiv See supra note i.
xxvi See (Binney Aff., July 2, 2012).
xxvii id. at 2.
xxviii See id.
xxix See id.
xxx See id. at 3-4.
xxxi Binney estimated the facility processed about 5 zettabyes (1021 bytes) over 5 years. Other sources reported the facility processed around a yottabyte (1024 bytes).
xxxii See id. at 5.
xxxiii See id.
xxxiv See id.
xxxiv See supra note xvi.
xxxvi Florida v. Bostick, 111 S. Ct. at 2394 (1991).
xxxvii Stauber v. City of New York, 1:03-cv-09163 (2004, S.D.N.Y.).
xxxviii U.S. v. Reynolds, 345 U.S. 1 at 10 (1953).
xxxix id at 8.
xl Hepting v AT&T Corp, 439 F Supp 2d 974 (ND Cal 2006).
xli See P.L. 95-511.
xlii See id.
xliii See id.
xliv See id.
xlv See id.
xlvi See id.
xlvii See id.
xlviii FISA Amendments Act of 2008, Pub L No 110-261, 122 Stat 2436 (FISAAA), codified at 50 USC §1885a.
xlix supra note iv (citing Seegers v Gonzales, 396 F3d 1248, 1253 (DC Cir 2005)).
l See supra note xxxviii.
li supra note iv.
lii See id.
liii See id. (citing Ex parte Levitt, 302 US 633 (1937)).
liv See supra note v.
lv Whitmore v. Arkansas, 495 U.S. 149, 154–55, 110 S.Ct. 1717, 109 L.Ed.2d 135 (1990)
lvi supra note v (citing Lujan v. Defenders of Wildlife, 504 U.S. 555, 560–61, 112 S.Ct. 2130, 119 L.Ed.2d 351 (1992)).
lvii See id.
lviii See id.
lix See id. (citing Japan Whaling Ass’n v. Am. Cetacean Soc., 478 U.S. 221, 230, 106 S.Ct. 2860, 92 L.Ed.2d 166 (1986)).
lx See id.
lxi See Jewel et. al. v. National Security Agency et. al, 4:08-cv-04373 (Order on Motion for Partial Summary Judgment) (citing United States v. Reynolds, 345 U.S. 1, 10 (1953)).
lxii See id. (citing ACLU v. National Security Agency, 493 F.3d 644, 650 n.2 (6th Cir. 2007)).
lxiii See id. (citing Kasza v. Browner, 133 F.3d 1159, 1166 (9th Cir. 1998)).
lxiv See id.
lxv See id.
lxvi supra note xxxix.
lxvii See id.
lxviii See supra note lix.
lxix See id.
lxx See id.
lxxi See supra note x.
lxxii See id.
lxxiii See Jewel. et. al. v. National Security Agency et. al, 4:08-cv-04373 (9th Cir. 2015).
lxxvi Id. at 8.
lxxvii Id. at 13.
lxxx ACLU v. Clapper, 785 F.3d 787
lxxxiii ACLU v. Clapper, 785 F.3d 787 at 25.
lxxxiv Id. at 27.
lxxxv Id. at 28.
lxxxvi Id. at 32.
lxxxvii Id. at 33.
lxxxviii Id. at 34.
xc Id. at 52.
xci See id. at 53.
xcii See id. at 53-54.
xciii Id. at 54.
xciv See id. at 56-57.
xcv Id. at 58-59.
xcvi Id. at 60-61.
xcvii Id. at 71.
xcviii Id. at 75.
xcix See id. at 53, 83.
c See id. at 83.
ci See id. at 83-90.
cii See id. at 90.
ciii Id. at 90.
civ Id. at 92.
cv ACLU v. Clapper, 14‐42‐cv (2nd Cir. October 29, 2015 Order), at 5.
cvi Id. at 7.
cvii See id. at 8.
cviii See id. at 8-9.
cix Id. at 23.
cx Schuchardt v. President of the United States, 2:14-cv-00705-CB (Complaint, 2014).
cxi See id.
cxiv supra note cvii
cxv See id.
cxvi See id.
cxvii See id.
cxviii See id.
cxix See id.
cxxiii See supra note cx.
cxxiv See supra note cxix.
cxxv See id.
cxxvi See Schuchardt v. President of the United States, 2:14-cv-00705-CB (Order Granting Motion to Dismiss, Sep 30, 2015).
cxxvii See id.
cxxviii See id. (citing Clapper, 785 F.3d 787, 801-802 (2d Cir. 2015)).
cxix See id.
cxxx See id. (citing Klayman v. Obama, 957 F.Supp.2d at 26-27).
cxxxi See id.
cxxxii See id.
cxxxiii See Schuchardt v. President 839 F.3d 336 (2016).
cxxxiv See id.
cxxxv See id. (citing Klayman, 800 F.3d at 559 (opinion of Brown, J.) (permitting the inference that the bulk telephone metadata program under Section 215 encompassed the plaintiff’s communications in light of facts alleging “the government’s efforts to ‘create a comprehensive metadata database.)).
cxxxvi See id.
cxxxvii Valdez v. National Security Agency, District Court of Utah, 2:15-cv-00584-RJS-DBP.
cxxxix Id. at 6.
cxl See id. at 11.
cxliii See Valdez v. National Security Agency, (Plaintiff’s Amended Complaint).
cxlvi See Valdez v. National Security Agency, (Defendant National Security Agency’s Motion and Supporting Memorandum for Judgment on The Pleadings) at 7.