U.S. Government Should Apply 'Reasonableness' When Collecting Surveillance Data, Says ODNI's Litt
When the federal government acquires digital data through surveillance, it should "eliminate the preliminary analysis of whether someone has a reasonable expectation of privacy in the data and proceed directly to the issue of whether the collection is reasonable," said Robert Litt, general counsel for the Office of the Director of National Intelligence (ODNI), during an American Bar Association luncheon Tuesday. Speaking on the Fourth Amendment in the digital age, Litt addressed the furor over the past couple of years, citing a couple of court cases involving the NSA's discontinued bulk telephony metadata collection program and another surveillance program that involves copying Internet traffic.
Sign up for a free preview to unlock the rest of this article
Export Compliance Daily combines U.S. export control news, foreign border import regulation and policy developments into a single daily information service that reliably informs its trade professional readers about important current issues affecting their operations.
In an era when vast amounts of data flow through Internet switches and where cars, appliances and "even light bulbs" are connected to the Internet, Litt said it's too difficult to "parse out" the information in which people have a reasonable expectation of privacy. "Rather, I think we should simply accept that any time the government acquires digital data, it implicates Fourth Amendment uses," he said. The Fourth Amendment protects against unreasonable searches and seizures. He said the law should focus on determining what's unreasonable rather than what is a search. "Before the privacy advocates start popping the champagne corks, I want to be clear that I think the inquiry into reasonableness should focus on actual harms rather than theoretical ones, that it should involve a realistic assessment of privacy interests and governmental need," he said.
Litt said courts, in evaluating reasonableness, should look across the government's entire activity from the upfront data collection to the backend use and retention restrictions and transparency, but acknowledged that approach would challenge the current legal system. "We would be abandoning the set of fixed rules and a volume of case law that have guided law enforcement and the courts for a half a century for a less predictable analysis. I think it’s time that we stop trying to hammer 21st century pegs into 20th century holes," he said. Technology is changing so rapidly that it's difficult for the legal system to keep pace, said Litt. Applying the general standard of reasonableness to assess the legality of the government's collection of digital data is a better way "to hit that constantly moving target than trying to define more specific rules and then constantly being overtaken by new technologies," he said.
Litt said many criticized the discontinued bulk metadata collection program, saying it didn't stop a terrorist attack (see 1511300028), but he said that's the wrong way to measure. "You don’t get rid of a fire insurance policy which has never paid off because your house has never burned down yet,” he said. Similarly, he said Section 702 of the Foreign Intelligence Surveillance Act (FISA) Amendments Act (see 1602010016) was authorized to allow data collection for important counterterrorism purposes. Congress, not courts, is in the best position to articulate the rules and it will have opportunities to discuss this over the next year, said Litt, saying Section 702 is expiring at the end of 2017. He said maybe it's "too much to hope in the current political environment that Congress could have a dispassionate, comprehensive discussion," but it's something the executive branch would welcome.
There are protections to ensure government doesn't overreach, including agencies, congressional committees, FISA courts and the independent Privacy and Civil Liberties Oversight Board, Litt said. The more eyes on a particular activity, the less likely it would be abused, he said. Technology also helps through secure servers and software that can track queries, he said. This combination of oversight and technology has worked so effectively that there wasn't a single intentional violation, though Litt conceded mistakes were discovered, reported and remedied.
Litt said the intelligence community and law enforcement need to do better being transparent. This doesn't mean revealing specific methods, targets or surveillance and specific information that's collected. "But if we don’t discuss what we’re doing and how we’re regulating it even in general terms, we cede the field to those who are hostile to intelligence activities," he said. James Clapper, director of national intelligence, developed several principles of transparency that are being internalized, said Litt, but, in response to a question, acknowledged implementation has been slow.
Responding to a question about encryption and "going dark" (see 1504290055), Litt said some people think that's not happening because there are other ways to obtain information, which is "unquestionably true." But he said government is also rapidly losing a valuable source of information and that will have "serious consequences for both national security and law enforcement." He said agencies don't want a back door but want to use courts to gain access to encrypted information. He later said the technology industry hasn't really tried to find solutions, if there are any, to help agencies get access to the data.