Mystery Company Told NSA Spies: Get a Warrant or Get Lost
In a first-of-its-kind revelation, a declassified document shows a firm fighting off the signature mass surveillance authority of America’s biggest spy agency.
An unknown U.S. technology company secretly refused to comply with the National Security Agency’s most cherished surveillance authority, a newly declassified document shows.
Instead, the company—not identified in a highly unusual order from the secret Foreign Intelligence Surveillance Court—told the NSA, in effect: get a warrant or get lost.
It’s the first known time that a company did not comply with the NSA’s exercise of its powers under a highly controversial legal authority known as Section 702. Section 702, which is the subject of a white-knuckle fight in Congress over its reauthorization before expiration in December, is the legal underpinning of the NSA’s infamous PRISM program, which takes vast quantities of user communications from participating companies.
According to the heavily redacted court ruling, the unnamed company appears to have resisted PRISM, on the grounds that cooperation would “implicate its own First and Fourth Amendment rights.” It told the world’s most powerful surveillance agency to come back with a warrant.
A warrant is necessary, the company contended, for “all surveillance conducted on the servers of a U.S.-based provider, regardless of whether the target of surveillance is a U.S. person or a non-U.S. person, and regardless of where that person is located when they use the service, because the communications of U.S. persons will be collected as part of such surveillance.”
In other words, the company argued, the NSA’s Section 702 powers inevitably violate the Fourth Amendment, since industrial-strength surveillance ostensibly focused on foreigners will inevitably collect communications from Americans. The company’s solution: a warrant, please.
The contention so alarmed Barack Obama administration’s that it asked the Court to order the company’s compliance – the first time, surveillance experts said, the government is known to have clashed with a service provider over an assertion of its Section 702 powers.
Noncompliance with secret, warrantless government surveillance has a real price. The only other confirmed time in which a provider has resisted the NSA came in 2007, when Yahoo rebuffed the government’s demand for customer data under the precursor to Section 702, known as the Protect America Act. Documents declassified in 2014 showed that the government threatened Yahoo with a $250,000 for every day of noncompliance. Yahoo ultimately began cooperation with PRISM in March 2008 after losing secret-court appeals.
The FISA Court did not view the 2014 case any more favorably.
Judge Rosemary Collyer sided with the NSA on every particular. Collyer found that the NSA’s internal procedures about focusing its 702 collection targets on non-Americans reasonably believed to be overseas – despite the fact that Americans’ communications data is nevertheless “incidentally” collected in the process – obviated the company’s resistance.
Collyer called the tech firm’s fears of unreasonable surveillance “arguendo,” writing, “the mere fact that there is some potential for error is not a sufficient reason to invalidate the surveillance.” Without a “showing of misconduct by the government,” she found, “a presumption of regularity applies.” That would be a hard burden for a tech firm to meet, considering the issue was secret surveillance.
However, her FISA Court colleague John Bates had already found in 2011 that the NSA had surpassed the limits of its mass data collection as it had described the procedures to the court. And in 2016, two years after the now-revealed surveillance fight, the NSA revealed to the court that it had violated the revamped post-2011 rules it agreed to with the court. The judge who signed off on modified rules for 702 collection was, ironically, Collyer, in a ruling savaged by independent journalist Marcy Wheeler.
Ashley Gorski, an attorney with the ACLU – which acquired the document in a freedom-of-information lawsuit – took issue with Collyer’s fateful 2014 finding that the NSA was owed the benefit of the doubt.
““Given the litany of NSA compliance violations known to the [FISA Court] even back in 2014, the court’s insistence that a ‘presumption of regularity’ should apply to the NSA’s spying is deeply problematic,” Gorski said.
“This challenge to the government’s warrantless spying under Section 702 underscores just how controversial this mass surveillance program really is, and why it must be significantly reformed. The anonymous tech company that brought this challenge should be commended for defending its users’ privacy, and other companies must do the same by fighting for critical reforms in the courts and in Congress.”