American Civil Liberties Union v. Clapper

959 F. Supp. 2d 724 (2013)

Facts

Prior to the September 11th attacks, the National Security Agency (NSA) intercepted seven calls made by hijacker Khalid al-Mihdhar, who was living in San Diego, California, to an al-Qaeda safe house in Yemen. The NSA intercepted those calls using overseas signals intelligence capabilities that could not capture al-Mihdhar's telephone number identifier. Without that identifier, NSA analysts concluded mistakenly that al-Mihdhar was overseas and not in the United States. Telephony metadata would have furnished the missing information and might have permitted the NSA to notify the Federal Bureau of Investigation (FBI) of the fact that al-Mihdhar was calling the Yemeni safe house from inside the United States. D launched a number of counter-measures, including a bulk telephony metadata collection program-a wide net that could find and isolate contacts among suspected terrorists in an ocean of seemingly disconnected data. Each time someone in the United States makes or receives a telephone call, the telecommunications provider makes a record of when, to what telephone number the call was placed, and how long it lasted. The NSA collects that telephony metadata. If plumbed, such data can reveal a rich profile of every individual as well as a comprehensive record of people's associations with one another. The question for this Court is whether D's bulk telephony metadata program is lawful. Ps brought this action challenging the legality of the NSA's telephony metadata collection program. Congress enacted the Foreign Intelligence Surveillance Act of 1978 (FISA). FISA requires the Government to obtain warrants or court orders for certain foreign intelligence surveillance activities and created the FISC to review those applications and grant them if appropriate. The FISC is composed of Article III judges. FISC proceedings are secret. Congress created a secret court that operates in a secret environment to provide judicial oversight of secret Government activities. Congress has long appreciated the Executive's paramount need to keep matters of national security secret. FISC is an exception to the presumption of openness and transparency-in matters of national security, the Government must be able to keep its means and methods secret from its enemies. In 1998, Congress amended FISA to allow for orders directing common carriers, public accommodation facilities, storage facilities, and vehicle rental facilities to provide business records to the Government. After the September 11th attacks, Congress expanded the Government's authority to obtain additional records. Section 215 allows the Government to obtain an order 'requiring the production of any tangible things (including books, records, papers, documents, and other items),' eliminating the restrictions on the types of businesses that can be served with such orders and the requirement that the target be a foreign power or their agent. The Government invoked this authority to collect virtually all call detail records or 'telephony metadata.' Bulk telephony metadata collection under FISA is subject to extensive oversight by all three branches of government. It is monitored by the Department of Justice, the Intelligence Community, the FISC, and Congress. To collect bulk telephony metadata, the Executive must first seek judicial approval from the FISC. Then, on a semi-annual basis, it must provide reports to the Permanent Select Committee on Intelligence of the House of Representatives, the Select Committee on Intelligence of the Senate, and the Committees on the Judiciary of the House of Representatives and the Senate. Those reports must include: (1) a summary of significant legal interpretations of section 215 involving matters before the FISC; and (2) copies of all decisions, orders, or opinions of the FISC that include significant construction or interpretation of section 215. 50 U.S.C. § 1871(c). Since the initiation of the program, a number of compliance and implementation issues were discovered and self-reported by the Government to the FISC and Congress. In August 2013, FISC Judge Eagan noted, '[t]he Court is aware that in prior years there have been incidents of non-compliance with respect to the NSA's handling of produced information. Through oversight by this Court over a period of months, those issues were resolved.' Congress has renewed section 215 seven times. In 2006, Congress amended section 215 to require the Government to provide 'a statement of facts showing that there are reasonable grounds to believe that the tangible things sought are relevant to an authorized investigation.' Congress has renewed section 215 seven times. In 2006, Congress amended section 215 to require the Government to provide 'a statement of facts showing that there are reasonable grounds to believe that the tangible things sought are relevant to an authorized investigation.' On June 5, 2013, The Guardian published a then-classified FISC 'Secondary Order' directing Verizon Business Network Services to provide the NSA 'on an ongoing daily basis . . . all call detail records or 'telephony metadata'' for all telephone calls on its network from April 25, 2013, to July 19, 2013. 'Telephony metadata' includes, as to each call, the telephone numbers that placed and received the call, the date, time, and duration of the call, and other session-identifying information (for example, International Mobile Subscriber Identity number, International Mobile station Equipment Identity number, et cetera), trunk identifier, and any telephone calling card number. It does not include the content of any call, the name, address, or financial information of parties to the call, or any cell site location information. The Government acknowledged that since May 2006, it has collected this information for substantially every telephone call in the United States, including calls between the United States and a foreign country and calls entirely within the United States. There are supposed to be restrictions on how and when the data may be accessed and reviewed. The NSA may access the metadata to further a terrorism investigation only by 'querying' the database with a telephone number, or 'identifier,' that is associated with a foreign terrorist organization. Before the database may be queried, a high-ranking NSA official or one of twenty specially-authorized officials must determine there is 'reasonable articulable suspicion' that the identifier is associated with an international terrorist organization that is the subject of an FBI investigation. The 'reasonable articulable suspicion' requirement ensures an 'ordered and controlled' query and prevents general data browsing. 'Only a very small percentage of the total data collected is ever reviewed by intelligence analysts.' Because each query obtains information for contact numbers up to three hops out from the seed, the total number of responsive records was 'substantially larger than 300, but . . . still a very small percentage of the total volume of metadata records.' Between May 2006 and May 2009, the NSA provided the FBI and other agencies with 277 reports containing approximately 2,900 telephone numbers. Ps filed this lawsuit on June 11, 2013. Ps assert that 'their' telephone records 'could readily be used to identify those who contact Ps . . . and is likely to have a chilling effect.' Ps' seek a declaratory judgment that the NSA's metadata collection exceeds the authority granted by section 215 and violates the First and Fourth Amendments, and it also seeks a permanent injunction enjoining the Government from continuing the collection