NSA encryption and big data
This article was written by Peter Toren, attorney with Weisbrod Matteis & Copley PLLC
The revelations by Edward Snowden about the NSA’s collection of “metadata” on every phone call that is made in the U.S. has led to concerns about whether the government should be collecting this type of information and whether there are adequate safeguards as to when and how the government may be permitted to use the information. Putting aside the host of legal and security issues associated with this program, most Americans are probably still not aware that the five largest tech companies – Google, Facebook, Apple, Amazon, and Yahoo – collect information that contains far more personal details, and is available to the government for the asking. While the exact types of data collected differs somewhat amongst these tech giants, nearly all collect ad clicks, browser information, email addresses, IP addresses, phone numbers, search queries and more. The companies aren’t stealing this information but are obtaining it without cost from users, who either don’t care or haven’t taken the time to read the privacy policies which give companies free access to this information.
Perhaps what is equally disturbing about the companies’ unfettered use of the information is the very limited legal protection given to such information. The primary and most important federal privacy law in the United States, the Stored Communications Act (SCA), was originally enacted in 1986 to govern the privacy of computer network communications and grants Internet users a set of statutory privacy rights that limit the government’s power to access a person’s communications and records. However, it does not cover certain things like search queries, for example. In other words, search records, like whether a person visited a website for alcohol or drug addiction centers, can be disclosed to the government without even a subpoena.
Moreover, while standing alone, each of the types of data may only pose a limited threat to an individual’s privacy. But by combining them, a precise, comprehensive record of a person’s public movements come to light, reflecting a wealth of detail about familial, political, professional, religious, and sexual associations that can be stored and mined years into the future, not only by the companies but by the government as well. For example, if the search query for drug addiction or alcohol treatment is combined with ad clicks and phone numbers, a much more complete profile of the user is generated which is freely available to the government. Because the information can be acquired by the government at little or no cost, there is no monetary restraint on the information collected by the government. This can lead to the government having access to a substantial quantum of information about any person whom the government wishes and may alter the relationship between citizen and government in a way that is inimical to democratic.
James Madison, the principal author of the Bill of Rights, is reported to have observed, “Since the general civilization of mankind, I believe there are more instances of the abridgement of freedom by the people by gradual and silent encroachments by those in power than by violent and sudden usurpations.” Indeed, this data that can be freely obtained by the government at virtually no cost is just the type of “gradual and silent encroachment” into the very details of our lives that we as a society must be vigilant to prevent. Congress should carefully consider whether there should be limits on whether the government can obtain this information and how the information can be obtained. It is too important an issue for the government to decide without the knowledge and consent of the American public.
For other viewpoints on this topic, check out this week’s episode of the Wait, What? podcast, where the guys talk about government surveillance programs.
Peter Toren’s practice has a strong focus on patent, trademark, copyright, and trade secret cases as well as other complex commercial disputes. He is the author of Intellectual Property & Computer Crimes (Law Journal Press), which has been updated twice a year since first being published in 2003, and has been described as a “must have desk reference.” Toren served as a federal prosecutor with the Computer Crime & Intellectual Property Section of the United States Department of Justice where he handled a number of high profile cases involving criminal copyright, trademark and trade secret matters, including one of the first cases ever prosecuted under the Economic Espionage Act.