A Click Away From Conviction

June 11, 2013

With the recent disclosures of the mind-blowing extent of the government’s electronic surveillance via the PRISM program, many news outlets have expressed concern that this information might be used for illicit purposes. Now that the NSA has easy access to everyone’s emails, chats, Skype calls, texts and Google searches, what if a disgruntled employee decides to dump a bunch of embarrassing content onto Reddit? What of the possibility of blackmailing political opponents, a la CoIntelPro?

While these are certainly valid concerns, we should also be concerned about the potential for entirely legal abuse of this information. Any of your emails, chats, and searches that may have been mopped up in a PRISM dragnet may well constitute admissible evidence against you for crimes that have nothing to do with terrorism or foreign intelligence.

Think about whether you’ve ever emailed, uploaded or downloaded anything that might implicate you in any kind of crime. You almost certainly have. Ever downloaded a single song or television show? Has anyone ever uploaded a picture of you, perhaps, partaking of a certain illegal substance? Ever emailed anyone about that one gig you decided not to declare on your taxes? Ever linked to anything someone else improvidently exposed on the internet? Are you a government employee who might have accessed information freely available on the internet?

But of course, these activities only pose an issue if you actually get caught up in a PRISM dragnet, and what are the chances of that?

Higher than you think. In order for your communications to be fair game for PRISM data collection under the Foreign Intelligence Surveillance Act (FISA), the NSA and FBI need only have a 51% confidence that you’re not a “U.S. person,” i.e. a citizen or green card holder. How do they know whether you’re a U.S. person? By “statistical correlations of various search terms.” Punch some words into a computer, and it’ll decide whether there’s a 51% chance you’re a foreigner. Of course, it’s not difficult to think of ways such algorithms could go wrong (not to mention the fact that non-U.S. persons are also well within their rights to be upset about PRISM).

Even if no computer finds you 51% likely to be a foreigner you can still find all of your late night tweets and drunken status updates sucked up in PRISM because you’re “two hops” away from a likely foreigner–i.e., you’ve been in touch with someone who’s been in touch with someone who is probably not a U.S. person.

What if that guy you Facebook friended last weekend once sent an email to some girl he met at Starbucks who once donated to an overseas charity? Is that enough? We’ll probably never know, since the entire program continues to be shrouded in extreme secrecy.

In exchange for the all-but-unfettered right to trawl through our emails, the government is required by FISA to “minimize” the potential harm to U.S. Citizens and green card holders by not “disseminating” or retaining data collected on U.S. persons. That is, unless that data constitutes “evidence of a crime which has been, is being, or is about to be committed and that is to be retained or disseminated for law enforcement purposes.” In that case, the government is actually required to have procedures in place to allow saving of that data.

It’s important to understand that the law does not define the type of crime for which evidence can be retained, because that means the government is arguably well within the bounds of law should it decide to retain every illegal download, every snapchat between consenting foolhardy teenagers, any reference to having smoked a joint over the weekend or done a line at a club, every passing reference to a tax dodge and on and on.

Not only can it keep the information, it can probably use it in a case against you. The federal government certainly appears to think FISA-obtained evidence is admissible in domestic criminal prosecutions. On the government’s Federal Law Enforcement Training Centers (FLETC) website, Jim McAdams, described as “Senior Instructor in the Legal Division,” answered questions about FISA collected evidence as follows:

[Alison] HEALEY [from the FLETC Legal Division]: We’ve noted that FISA is used for national security purposes. It seemed like FISA was meant to be separate from criminal law enforcement. Now you’re saying that a foreign intelligence investigation may uncover criminal activity and, if it does, the people who commit the crimes may be prosecuted?

McADAMS: Absolutely. … [F]oreign intelligence investigations may overlap with criminal investigations. For example, I am aware of a case a decade or more ago where a FISA surveillance recorded the two individuals who were the targets of the surveillance as they murdered their daughter. The FISA surveillance was found to be lawful, so as long as certain procedures were followed and the defendants were notified, the government could use the FISA-obtained information at the murder trial.

HEALEY: So you’re saying that evidence of a domestic crime, lawfully acquired from a FISA surveillance or search, may be used in a criminal prosecution regardless of whether agents expected to learn about the crime?

McADAMS: That’s correct. In some respects, it’s similar to plain view. The plain view doctrine states that if an officer is lawfully on the premises and sees evidence of a crime, the officer can investigate, even if that evidence has nothing to do with the officer’s reason for being there. Similarly, if agents lawfully conducting FISA surveillance discover evidence of a crime, they may use it to prosecute for that offense. It does not matter whether they thought they would hear evidence of the crime or not.

While the Supreme Court has yet to decide on the admissibility of evidence obtained under FISA, lower courts have been quite clear: so long as the government wasn’t snooping for the sole purpose of uncovering a domestic crime–so long as obtaining “foreign intelligence” was at least part of the original rationale for the surveillance — any evidence of domestic crimes that happens to be uncovered is admissible.

In 2011, the Third Circuit Court of Appeals held that “the government’s use of FISA-derived evidence in its case against defendants was lawful” in a domestic criminal case. The Court relied on the fact that the 2008 FISA Amendments Act clarified that “national security” had to be “a significant purpose” of the investigation, rather than the “primary purpose” of the investigation in order for the surveillance to be lawful. The Court held, “[a]ligning with all of the other courts of appeals that have considered this issue,” that FISA was constitutional under the Fourth Amendment.

The court went further, holding that even if FISA (and programs like PRISM which it authorizes) is later deemed to be unconstitutional and is overturned, all the information thus far collected is still admissible evidence because the evidence was obtained based on “objectively reasonable reliance on a duly authorized statute.”

So don’t be surprised if, in the uproar surrounding PRISM’s disclosure, the amount of information collected suddenly skyrockets in anticipation that the program may later be deemed unconstitutional. According to the Third Circuit, even if the Act is eventually overturned, everything collected up until the ruling will be admissible. Unless the Supreme Court or Congress intervenes, there is virtually nothing we can do to claw back our private communications and prevent them from being used against us.

Worse, because FISA court orders are top secret, no one will ever be able to challenge the FISA order which got them into trouble in the first place. If you’re being prosecuted for downloading a Game of Thrones episode, you aren’t even entitled to know what you got you on PRISM’s radar in the first place–who are you “two hops” away from? You’re not even entitled to know whether you are, in fact, two hops away from any target, or whether the NSA (or FBI) simply screwed up. It’s so secret, in other words, that it can’t be challenged.

In an era where pretty much everyone is engaged in something illegal, we’ve now potentially all hung ourselves out to dry by emailing our friends and calling our spouses, by uploading photographs, or merely clicking on this or googling that. In a world where everyone is probably guilty of something–and the government may well have admissible evidence of it–we are all at the mercy and whim of law enforcement.

Privacy isn’t just about being free from embarrassment or potential blackmail, it’s also about being free from the fear that your every private communication might be used against you in an actual court of law.

Christine Clarke is an employment lawyer at Beranbaum Menken LLP in New York City. She has published in Slate and writes an employment law blog at Wage Against the Machine. She’s a regular contributor to the LOTL blog.