American Civil Liberties Union v. Clapper
- Privacy Oversight Board Releases Report on EO 12333: The Privacy and Civil Liberties Oversight Board released its report on Executive Order 12333, which provides broad legal authority for data collection. The Oversight Board conducted three deep-dives into 12333-related counterterrorism activities—two on classified CIA programs and one on NSA’s XKEYSCORE. XKEYSCORE is a tool used to search data collected under Executive Order 12333 that was revealed by the Snowden revelations. The report lacks specifics on the 12333 programs the Board reviewed, but according to the Board the focus was on programs that either likely collected US persons information, targeted US persons, or occurred in the US. The report also does not indicate the specific advice or recommendations the Board provided, but it does reveal that many intelligence agencies were using guidelines to protect US persons that had not been updated since the 1980s or were never implemented as required by 12333. EPIC previously urged the Oversight Board to conduct a review of 12333. (Apr. 2, 2021)
- Intelligence Director Releases Report on Signals Intelligence Reform: The Director of National Intelligence released a final progress report from the Obama administration on signals intelligence reform. The DNI report detailed the agency's efforts under Presidential Policy Directive 28 to increase transparency and accountability. Clapper also highlighted the Privacy and Civil Liberties Oversight Board's oversight role and stated that transparency is "difficult, but also, in my view, essential." The DNI stated, "The IC routinely provides the Board with the information and access it requests to carry out its oversight duties." The report also notes implementation of the Freedom Act, which prohibits the bulk collection of domestic telephone records. EPIC has supported enhanced transparency for the Intelligence Community and filed a Supreme Court petition to end the bulk data collection program. (Jan. 24, 2017)
- Government Breaches Continue, Hacker Compromises more than 130,000 Navy Records: In the latest government data breach, the Navy reported that a hacker gathered the personal data of more than 130,000 current and former sailors from a laptop that belonged to a government contractor. Government security vulnerabilities are on the rise. In 2015, the records of more than 21 million federal workers, friends and family members were breached. In 2016, EPIC urged candidates for office to focus on "data protection." EPIC has warned that inaccurate, insecure, and overbroad government databases pose a risks to the safety of Americans. Earlier this year, EPIC urged the Dept. of Defense and Dept. of Homeland Security to drop proposals to expand government databases that lacked adequate privacy safeguards. (Nov. 29, 2016)
- EPIC Urges OMB to Strengthen Privacy Act Safeguards: EPIC has submitted comments on Circular A-108, guidelines proposed by the Office of Management and Budget for federal agency compliance with the Privacy Act. EPIC warned that agencies frequently misuse exceptions to the Privacy Act to circumvent important safeguards required by law. EPIC urged the OMB to "strengthen its guidance on federal agency implementation of the Privacy Act" and to limit the 'routine use' exemption. EPIC regularly comments on privacy safeguards for federal databases and has urged Congress to modernize the Privacy Act. (Nov. 7, 2016)
- White House Begins Shutdown of Bulk Collection Program: According to media reports, the Administration has decided not to renew the legal authority for the NSA’s telephone record collection program. EPIC and a coalition of privacy organizations had urged the President to end the program, which he said he would do in 2014. In 2013, EPIC filed a petition in the US Supreme Court, supported by technical experts, legal scholars, and former members of the Church Committee, arguing that the program was unlawful. The Senate is expected to take up the USA Freedom Act on May 31, the day before key provisions of the Patriot Act expire. (May. 27, 2015)
- House Passes Surveillance Reform Bill, Deadline Looms for Senate: The House of Representatives has passed the USA Freedom Act of 2015. The bill would end the NSA's controversial domestic telephone record collection program--a program the Second Circuit Court of Appeals recently ruled was unlawful. The Freedom Act would also establish new transparency requirements for the Foreign Intelligence Court, recommended by EPIC in testimony before the House Judiciary Committee in 2012. EPIC also opposed renewal of the NSA's Section 215 orders and petitioned the Supreme Court to suspend the program. The Senate is expected to take up the bill before the June 1 expiration of Section 215 of the Patriot Act. (May. 14, 2015)
- EPIC Publishes 2015 FOIA Gallery: In celebration of Sunshine Week, EPIC has created a "FOIA Gallery" of its most significant open government cases from the past year. EPIC obtained documents about the Army's surveillance blimps over Washington, the NSA's domestic surveillance authority, the FBI's formerly secret surveillance reports, the CIA's surveillance of Congress, and license plate readers. EPIC also obtained significant court judgments in cases against the FBI concerning the Next Generation Identification system and the "Stingray" cellphone surveillance technique. EPIC published the first FOIA Gallery in 2001. (Mar. 16, 2015)
- President Discusses Surveillance Reform, Bulk Collection Continues: Today President Obama outlined new steps on surveillance reforms. The Director of National Intelligence also released a privacy framework for non-US persons and revised agency guidelines on data collection. Last year, the President committed to end the bulk collection of American's phone records and increase oversight of intelligence gathering. But the President has not ended the bulk collection program despite the absence of evidence that the program is effective. In 2013 EPIC, joined by dozens of legal experts, petitioned the Supreme Court to find the program unlawful. (Feb. 3, 2015)
- National Security Agency Violates Defense Department Privacy Rules: The Defense Department has issued a regulation for all Privacy Programs within the agency, including the National Security Agency's. EPIC urged the Department to require the NSA to comply with the Privacy Act, which permits individuals to know about government databases and to inspect their records held by federal agencies. The DoD responded that the NSA complies with the Privacy Act. However, the NSA fails to describe the databases it maintains, which contain telephone numbers, email addresses, and social media information of U.S. citizens, in violation of the Privacy Act. (Jan. 28, 2015)
- Senate Hears from Privacy Oversight Board, NSA "Metadata" Program is Ineffective: At a Senate Judiciary Committee hearing today, members of the Privacy and Civil Liberties Oversight Board discussed their review of the Section 215 program, concerning the collection of telephone records on US telephone customers. The Privacy Civil Liberties Board 238 page report found that the program was not effective and had not prevented any terrorist incidents. Recent reports also indicate that only 30% of phone records are actually collected, calling into question the value of the "metadata" program. Senate Judiciary Chairman Patrick Leahy stated that "the administration has not demonstrated" that the program "is uniquely valuable to justify the massive intrusion upon American's privacy." The President recently announced that the current bulk collection program would end and announced a transition process, requiring judicial approval of queries, prior to the expiration of the current authority on March 28. For more information, see EPIC: NSA Verizon Phone Record Monitoring. (Feb. 12, 2014)
- Obama Announces End of NSA Telephone Record Collection Program: In a widely anticipated speech (video) on reform of the NSA, President Obama announced he would end the NSA telephone record collection program, first requiring a court order for all queries and then ending the NSA massive record request prior to the next renewal. EPIC, legal scholars, the President’s Review Group, and sponsors of the USA FREEDOM Act, including Senator Patrick Leahy and Senator Ron Wyden had urged the President to take this step. The President also said that the Administration would move to implement “a majority of the recommendations” made by the Review Group. The President announced several other reform measures, including a public advocate for the Foreign Intelligence Surveillance Court, new privacy rights for non-US citizens, more transparency for data collection, a narrowed focus on foreign data collection, greater oversight of signals intelligence, a new Privacy Coordinator at the White House, and a new panel to look closely at privacy and “Big Data.” Still, the President may not have gone far enough to address the scope of NSA programs, the privacy rights of those outside the US, and the need to ensure stronger technical safeguards for Internet stability and reliability. The President also did not indicate whether the U.S. would move to ratify the Council of Europe Privacy Convention or seek legislation to enact the Consumer Privacy Bill of Rights. For more information, see White House Fact Sheet (Jan. 18, 2014)
Second Circuit Strikes Down the NSA Telephone Metadata Program
On May 7, 2015, the U.S. Court of Appeals for the Second Circuit reversed a lower court decision and held that the "bulk telephone metadata program is not authorized by [Section] 215" of the USA PATRIOT Act. The court first rejected the Government's argument that the ACLU and other plaintiffs lacked "standing" to bring the case under Article III of the U.S. Constitution. The court found that the plaintiffs in this case "need not speculate that the government has collected, or may in the future collect, their call records. To the contrary, the government’s own orders demonstrate that appellants’ call records are indeed among those collected as part of the telephone metadata program." The court then rejected the Government's argument that judicial review of the NSA program was precluded by law, finding that Congress "did not intend to preclude targets of [Section] 215 orders . . . from bringing suit" and found that the plaintiffs could challenge the program under the Administrative Procedure Act. Finally, the court rejected the Government's argument that the NSA metadata collection was authorized under Section 215 of the USA PATRIOT Act, which allows the FBI to apply to the Foreign Intelligence Surveillance Court for an order requiring the production of records or "tangible things" that are "relevant to an authorized investigation." Specifically, the court rejected the Government's interpretation of the term "relevant" to include all domestic telephone records. The court found that "such an expansive concept of 'relevance' is unprecedented and unwarranted" under the law, and would not be equivalent to the permissible scope of a subpoena in the grand jury context. The court also rejected the argument that Congress "implicitly" endorsed this broad interpretation of the term "relevance" when it reauthorized the provision in 2010 and 2011. The court declined to rule on the Fourth and First Amendment issues because it found the program was not authorized by the statute.
Factual and Legal Background
On June 6, 2013, the Guardian published an article revealing an April 2013 Foreign Intelligence Surveillance Court (FISC) court order that required Verizon to turn over—on an ongoing, daily basis—the call detail records (or “metadata”) collected by Verizon for all communications wholly within the United States and between the United States and abroad. The order relied on Section 215 of the 2001 USA PATRIOT Act, which modified part of the Foreign Intelligence Surveillance Act (FISA) (codified at 50 U.S.C. § 1861). Section 215 allows the government to request a court order for “any tangible things (including books, records, papers, documents, and other items)” concerning a United States person as long as the “tangible things” are “relevant to an authorized investigation . . . protect[ing] against international terrorism or clandestine intelligence activities.” § 1861(a)(1), (b)(2)(A). (A “U.S. person” means both U.S. citizens and persons inside U.S. territory.) Subsequent congressional statements confirmed that the government has been collecting telephone metadata from all major telecommunications carriers for the past seven years.
In response, the American Civil Liberties Union (ACLU) and the New York Civil Liberties Union (NYCLU) filed suit in the Southern District of New York in June 2013. The ACLU and NYCLU claimed standing—their ability to sue as a result of sufficient connection to and harm caused by the law being challenged—as current and former Verizon customers. They challenged the legality of the Verizon order on three grounds: First, the ACLU and NYCLU asserted that the call detail records of all Americans cannot possible be “relevant to an authorized investigation” under Section 215, and that Congress never authorized the ongoing, prospective collection of records not yet in existence. Second, the ACLU and NYCLU argued that the bulk collection of metadata is a warrantless and unreasonable search that violates the Fourth Amendment’s right to privacy. Finally, they argued that the bulk collection program violates the First Amendment’s protections for free speech and association.
The government moved to dismiss the complaint, arguing that (a) the ACLU and NYCLU lacked standing, (b) Congress had precluded the ability for targets of Section 215 to obtain judicial review, (c) the bulk metadata collection program is authorized under Section 215, (d) the ACLU and NYCLU have no Fourth Amendment privacy interest in their metadata, and (e) the lawful collection of metadata under the Fourth Amendment for purposes unrelated to the suppression of free speech or association does not violate the First Amendment.
On December 27, 2013, Judge William H. Pauley granted the government’s motion to dismiss and upheld the bulk metadata collection program as lawful. The court first found that the ACLU and NYCLU had standing by having “alleged an actual injury grounded in the Government's collection of metadata related to its telephone calls.” ACLU v. Clapper, 959 F. Supp. 2d 724, 738 (S.D.N.Y. 2013). The judge then dismissed their statutory claims, determining that Congress had not intended for targets of the Section 215 programs to sue for judicial review. Id. at 742. Even if the ACLU and NYCLU could sue, the court held that Section 215 authorized the bulk collection of telephone metadata because the government’s ability to use the data requires the collection of all telephone records, making bulk collection “relevant to an authorized investigation.” Id.at 742
Regarding the constitutional claims, the court held that although the ACLU and NYCLU have standing to challenge the constitutionality of Section 215 orders, they voluntarily conveyed the telephone metadata to Verizon and do not retain a reasonable expectation of privacy, making the collection of telephone metadata not subject to Fourth Amendment protections (a doctrine first established in Smith v. Maryland, 442 U.S. 735, 745-46 (1979). Id.at 752. Finally, the court held that bulk collection will not chill First Amendment freedom of association because the government’s actual use of ACLU metadata is highly speculative. Id.at 753-54.
The ACLU filed an appeal to the Second Circuit.
On July 8, 2013, EPIC petitioned the Supreme Court to halt the disclosure of the telephone records of millions of Americans, arguing that FISC did not have statutory authority to compel Verizon to turn over all domestic telephone metadata to the National Security Administration (NSA). EPIC sought a writ of mandamus, a form of relief appropriate when a lower court has exceeded its lawful authority and when the party has no other adequate means to attain relief. Because FISC and Foreign Intelligence Surveillance Court of Review are the only courts with jurisdiction to hear petitions related to FISA, and because only the government or recipients of a FISC order can challenge a FISC order, EPIC lacked any other adequate means to dispute the legality of the Verizon court order and obtain relief.
Challenging the asserting that all telephone records are “relevant to an authorized investigation,” EPIC argued that, “to define the scope of the records sought as ‘everything’ nullifies the relevance limitation in the statute. If law enforcement has ‘everything,’ there will always be some subset of ‘everything’ that is relevant to something. At that level of breadth, the relevance requirement becomes meaningless.” On November 18, 2013, the Supreme Court declined to hear EPIC's writ of mandamus without comment.
United States Court of Appeals for the Second Circuit
- Opinion (May 7, 2015)
- Concurring Opinion (May 7, 2015)
- ACLU Appeal Reply Brief
- Government Appeal Brief
- ACLU Appeal Brief
United States District Court for the Southern District of New York
- Opinion of the Court, ACLU v. Clapper, 959 F. Supp. 2d 724 (S.D.N.Y. 2013)
- Government Reply in Support of Motion to Dismiss
- ACLU Reply in Support of Motion for Preliminary Injunction
- ACLU Memorandum in Opposition to Motion to Dismiss
- Government Memorandum in Opposition to Preliminary Injunction
- ACLU Motion for Preliminary Injunction
- Government Motion to Dismiss
- ACLU Complaint
- EPIC: Foreign Intelligence Surveillance Act (FISA)
- EPIC: Foreign Intelligence Surveillance Court (FISC)
- EPIC: USA PATRIOT Act
- EPIC: In re EPIC
- EPIC: Klayman v. Obama
- Federal Cases
- Klayman v. Obama, 957 F. Supp. 2d 1 (D.D.C. 2013)
- Smith v. Maryland, 442 U.S. 735 (1979)
- United States v. Miller, 425 U.S. 435 (1976)
Relevant Law Review Articles, Reports, and Books
- Privacy and Civil Liberties Oversight Board, Report on the Telephone Records Program Conducted under Section 215 of the USA PATRIOT Act and on the Operations of the Foreign Intelligence Surveillance Court (Jan. 23, 2014)
- The President’s Review Group On Intelligence & Communications Technologies, Liberty And Security In A Changing World (Dec. 12, 2013)
- Spencer Ackerman, NSA Reform Bill Finds Few Allies Before Senate Intelligence Committee The Guardian, (June 5, 2014).
- The NSA Files, The Guardian (last visited June 10, 2014).
- Dan Roberts, Congressional Duo Launch NSA Overhaul Bill And Urge 'Meaningful Reform', The Guardian (Oct, 29, 2013).
- James Bamford, They Know Much More than You Think, N.Y. Review of Books (Aug. 15, 2013).
- Charlie Savage, A.C.L.U. Files Lawsuit Seeking to Stop the Collection of Domestic Phone Logs, N.Y. Times (June 11, 2013)
Share this page:
Subscribe to the EPIC Alert
The EPIC Alert is a biweekly newsletter highlighting emerging privacy issues.