-- By AndrewTaub - 06 Jan 2018
With continued Senate Committee investigations in the mid-1970s into whether certain domestic intelligence activities were legal, the Foreign Intelligence Surveillance Act (FISA) was enacted in 1978. Through FISA, Congress wanted to establish judicial and congressional oversight of foreign intelligence surveillance activities and ensured secrecy when monitoring potential national security threats by establishing the Foreign Intelligence Surveillance Court (FISC), a special Federal court that holds nonpublic sessions to consider issuing search warrants.
In 1994, the Communications Assistance for Law Enforcement Act (CALEA) was enacted in response to concerns that the development in electronic communications was making authorized surveillance increasingly challenging for law enforcement agencies.2 CALEA requires that telecommunications carriers and equipment manufacturers design their equipment, facilities, and services to ensure that they have the necessary surveillance capabilities to comply with legal requests for information.
By 2008, foreign intelligence targets outside of the U.S. were using communications services which were provided by U.S. ISPs. When FISA was enacted in 1978, the capabilities of electronic surveillance were based on technology of that time, so Congress amended FISA in 2008 and enacted Section 702 of FISA which “facilitates the acquisition of foreign intelligence information concerning non-U.S. persons located outside the United States.”3 Under this method, investigators could exercise much broader discretion on the number of foreign persons they could acquire information about.
While the government’s intent is to serve as a central authority, detect bad actors, and uphold justice, such laws inherently contend and knock against privacy over time. As Ann Bartow writes: “In many instances, privacy is threatened not by singular egregious acts, but by a slow series of relatively minor acts which gradually begin to add up.” Indeed, a central theme for why the U.S. needs to access information is the defense of its national security and capturing criminal behavior. But as a result of striving for greater safety, the government makes itself stronger and better at accessing private information at the expense of privacy and without concurrently seeking to equally strengthen data privacy and arm the individual with improved rights, especially when such Acts are not rolled back and the authority remains constant and certainly increases further. At the core of this is breeding fear that privacy is more of a means to conceal negative, harmful acts and behavior, rather than a fundamental right to protect.
What has developed over the years is a way for the U.S. Government to more broadly, and secretly, exercise its authority. This is harmful to data privacy when there is no mechanism of disclosure for how that data is being accessed and privacy being harmed. While not perfect, reforms should, for example, limit how surveillance searches are conducted and impose strict transparency measures. Indeed, Congress should consider deauthorizing old programs to break the practice of mending problematic, existing law and instead establish new legislation focused on strengthening the rights of data owners, rather than just the government’s.
I don't understand the effort yet. Data privacy laws, if we are talking about the subject of the course and your last essay, are not surveillance statutes describing government powers, but regulations affecting private parties. Those are not the subject of this draft. One could talk about the efforts of the 1970s (such as FERPA) and the non-regulatory vacuum of the present that corresponds to the presence of the GDPR in the EU. But that would not have anything to do with FISA or the PATRIOT Act. If the point was to shift to government listening, treating the statutes as standing on their own does not suffice either. The constitutional issues surely need some discussion. That's why, from my point of view, it's a different course.
For the purposes of improvement, I think the question is whether to change the packaging to suit the product, or the other way round. If you want to write an essay about surveillance, we can treat the history more as given, and come to the idea you want to propose about where to go from now. If you are writing about privacy and "data owners," on the other hand, a different legal background—such as the one I was suggesting in my comments on the first draft of the first essay—would be more helpful to discuss.
Note: TWiki has strict formatting rules for preference declarations. Make sure you preserve the three spaces, asterisk, and extra space at the beginning of these lines. If you wish to give access to any other users simply add them to the comma separated ALLOWTOPICVIEW list.