Elizabeth Goitein on NSA Surveillance

Elizabeth Goitein on NSA Surveillance

General notes:

Announce podcast subscribe at the middle of the show (everyone asks for 5-star reviews, but I think you should just ask for honest feedback)

Main points:

New forms of tech and data sharing require development in fourth amendment law from traditional notions of privacy to encompass privacy in the digital era. See, Carpenter.
Congressional laws are being introduced (Fourth Amendment not for Sale Act) which update the Electronic Communications Privacy Act and close loopholes on government agencies' ability to purchase data directly from data brokers, who receive third party data from apps.

Should FISA be renewed? Opponents say its susceptibility to abuse and its lower standards of probable cause allow for mass surveillance on millions of Americans without their knowledge. Proponents say that intelligence collection in such a broad way is necessary to defend national security interests.


Elizabeth (Liza) Goitein codirects the Brennan Center for Justice’s Liberty & National Security Program and is a Senior Practitioner Fellow at the University of Chicago’s Center for Effective Government.

Goitein is a nationally-recognized expert on presidential emergency powers, government surveillance, and government secrecy. Her writing has been featured in major newspapers and magazines including the New York TimesWashington PostWall Street JournalUSA TodayLos Angeles TimesThe Atlantic Magazine, and The New Republic, and she has appeared frequently on MSNBC, CNN, and NPR. She has testified on several occasions before the Senate and House Judiciary Committees.

Before coming to the Brennan Center, Goitein served as counsel to Senator Russ Feingold, chairman of the Constitution Subcommittee of the Senate Judiciary Committee, and as a trial attorney in the Federal Programs Branch of the Civil Division of the Department of Justice. Goitein graduated from Yale Law School and clerked for the Honorable Michael Daly Hawkins on the U.S. Court of Appeals for the Ninth Circuit.

Goitein is admitted to the bar in the State of Massachusetts. Her practice in Washington, DC, is limited to practice before U.S. courts as provided in DCCA Rule 49(c)(3).


Americans have been partially aware of the NSA’s surveillance of the public thanks to whistleblowers like Edward Snowden. But do they know that their own cell phone carriers and beloved apps are often complicit in these constitutionally questionable breaches of privacy?

The Fourth Amendment guarantees “no unreasonable search and seizure,” but this hasn’t stopped government agencies from prying into our vast stores of personal data such as location information, shopping habits, etc. – all in the name of public safety. It should come as little surprise that tech companies do not discriminate against the government when it comes to selling our data to third parties, and this loophole has been exploited by the NSA and other agencies to create a brand new form of crony capitalism.

This Sunday, I’m joined by Elizabeth (Liza) Goitein, who co-directs the Brennan Center for Justice’s Liberty & National Security Program and is a Senior Practitioner Fellow at the University of Chicago’s Center for Effective Government. Gotein has written a fascinating and frightening article in the Washington Post revealing how technology has rendered previous Supreme Court decisions protecting our privacy moot.

Can we preserve the Fourth Amendment in an age of mass data collection, or have we become so complacent that we are willing to surrender our privacy to Big Tech operating as a proxy for Big Government? Gotein and I will discuss the implications of a Supreme Court decision that was supposed to make this kind of behavior more difficult, and how Senators like Rand Paul are trying to shore up the abuses in the legislature.

Links & Summary

Liza Gotein, April 26, 2021
It turns out that all the government really needs is cash and a data broker.
The government no longer needs to compel the production of location data from Verizon or T-Mobile, because there are innumerable cellphone apps that gather and track precise geolocation coordinates (along with a wealth of other personal data).
On its face, the government’s obtaining location information from data brokers without a warrant would seem to violate Carpenter. The court’s ruling, after all, turned on the sensitivity of the information, not the type of company holding it. But government agencies have interpreted the case to apply only when the government forces a company to turn over data. When the government simply incentivizes the disclosure — by writing a large check — the warrant requirement evaporates. Under this view, the government may constitutionally buy not only the location records of criminal suspects but also entire databases of location information unrelated to any criminal investigation.
Sens. Ron Wyden (D-Ore.) and Rand Paul (R-Ky.) and 18 other senators introduced a bill last week, dubbed “The Fourth Amendment Is Not For Sale Act,” that would end these practices. It would bar law enforcement and intelligence agencies from purchasing Americans’ geolocation data, the content of their communications or other sensitive information from any company that collects them — whether a cellphone company, an app developer or a data broker. The bill could be strengthened. Because it prohibits only data purchases, it leaves a small but important loophole for app developers and data brokers to disclose sensitive data to government agencies without a warrant or payment. There are various reasons profit-seeking companies might make such “gratis” disclosures, such as currying favor to avoid regulation or to obtain government contracts for other services.
Laura Hecht-Felella, March 18, 2021
Today, we are at a jurisprudential inflection point as courts grapple with when and how the Fourth Amendment should apply to the data generated by technologies like cell phones, smart cars, and wearable devices. These technologies — which we rely on for enhanced communication, transportation, and entertainment — create detailed records about our private lives, potentially revealing not only where we have been but also our political viewpoints, consumer preferences, people with whom we have interacted, and more.
In Carpenter, the Court considered how the Fourth Amendment applies to location data generated when cell phones connect to nearby cell towers. The Court ultimately held that when the government demanded seven days of location information from defendant Timothy Carpenter’s cell phone provider without a warrant, it violated the Fourth Amendment.
The Constitution protects against unreasonable searches, which occurs when a person has exhibited an actual (subjective) expectation of privacy and their expectation of privacy is one that society is objectively prepared to recognize as reasonable, and the government invades this privacy. Katz v. United States.

In United States v. Miller (1976) and Smith v. Maryland (1979), the Court codified the third-party doctrine, which stands for the principle that individuals have no legitimate expectation of privacy in information that they voluntarily share with third parties, regardless of The Fourth Amendment.

This doctrine has been significantly eroded by Carpenter's holding. Carpenter called into question the real "voluntariness" of an individual giving up his geolocation data via cellular location site information.

As Justice Kennedy recognized in his dissent, the five factors most relevant to the majority’s opinion are comprehensiveness, intimacy, expense, retrospectivity, and voluntariness.

Synopsis of paper: It is incumbent on courts to preserve the balance of power between the people and the government as enshrined in the Fourth Amendment, which was intended to “place obstacles in the way of a too permeating police surveillance.” This paper argues that Justice Kennedy's five factors comprise the new Katz-Carpenter test, which can be applied to novel technologies and assessing whether they constitute a "search" or not.

Government agencies are engaging in creative legal interpretations and secretly exploiting gaps in the law to buy Americans’ personal information from intermediaries. This practice of buying Americans’ data has become routine, effectively hollowing out both Carpenter and privacy safeguards enacted by Congress.

Data brokers gather information from mobile applications and then sell voluntarily to the Government. This is not prohibited by the Electronic Communications Privacy Act, which only prohibited voluntary disclosures from phone companies and internet service providers, and did not apply to newer application companies.

Since 2017, Immigration and Customs Enforcement and Customs and Border Protection alone paid more than $1 million to Venntel, a company that describes itself as a “pioneer in mobile location information." (Venntel obtains its data from apps, including games and weather apps.)
Adi Robertson, April 21, 2021
The Fourth Amendment Is Not For Sale Act is sponsored by a bipartisan group including Sen. Ron Wyden (D-OR), Sen. Rand Paul (R-KY), and 18 other members of the Senate. The bill would make law enforcement agencies obtain a court order before accessing people’s personal information through third-party brokers — companies that aggregate and sell information like detailed user location data, surreptitiously gathered from smartphone apps or other sources.
Sara Morrison, Dec 2, 2020
Location data purchased from private companies gives government agencies access to potentially enormous amounts of personal data from millions of people who aren’t suspected of or involved in any crimes. While there are few laws regarding private companies’ collection and use of this data, law enforcement typically has to have a warrant and show cause to get this information on its own. Obtaining it through a private vendor with no such restrictions is a way to get around those constraints, and currently a legal gray area.
Byron Tau, June 19, 2020
Byron Tau and James Marson, June 8, 2021
Joseph Cox, March 10, 2021
Jesus Rodriguez, May 20, 2021
April 21, 2021
Joseph Cox April 21, 2021
Jason Kelley, June 2, 2021

Snowden and EFF propose additional technical safeguards to privacy, such as Certbot, a software that keeps data private while in transit from your request to a websites server.

Our fear was primarily scope creep, she explained: from contact tracing to digital credentials, many of these systems already exist, but we must ask, “what are we actually trying to solve here? Are we actually creating more barriers to healthcare?” Contact tracing, for example, must put privacy first and foremost—because making it trustworthy is key to making it effective.

Is EFF, Snowden, and others fighting for privacy and liberty? Or are they essentially just concerned with making sure that corporations and the government can win the public's trust so people more readily accept projects such as vaccine passports and contact tracing?

Charlie Savage, January 22, 2021

Videos & Podcasts

January 8, 2020
The FISA Act expires in March, and The Brennan Center’s Director of Liberty & Nationa… [Gotein] has been studying the use and abuse of this data collection act for many years. In her talks with Jan Miyasaki, she reveals the problem issues and which parts should not be renewed.

This is worth listening to, it is pretty brief.

November 30, 2019

Good debate between Goitein and Jaffer on FISA.

March 24, 2021
January 16, 2020


Related Shows: