ACLU Challenges Gag Orders Issued To Tech Companies By The DOJ
from the hey,-we-notified-SOMEBODY...-that-counts-for-something dept
The ACLU is hoping to intervene in Microsoft’s legal battle against the government, challenging gag orders attached to warrants and subpoenas issued under the Electronic Communications Privacy Act (ECPA). Microsoft sued the DOJ back in April, arguing for the right to notify customers that their communications and data have been handed over to the government.
Microsoft didn’t have a problem with the government’s gag orders in every case. It’s just that the demand for secrecy accompanied more than half of the ~300 orders per month Microsoft receives. And nearly 70% of those gag orders arrived with no fixed end date.
The ACLU petitioned the court to intervene in the case on its own behalf, citing its position as a Microsoft customer. The DOJ filed a motion to dismiss Microsoft’s lawsuit, hoping the court will find Microsoft has no standing to challenge gag orders on its customers’ behalf. The ACLU is trying to prevent this from happening until the DOJ addresses the issues raised by the ACLU’s (attempted) intervention. In its opposition [PDF] to the DOJ’s motion, the ACLU points out that the government’s “no standing” argument pretty much nullifies any sort of due process for Microsoft customers (including the ACLU) who’ve been targeted by the DOJ’s super-secret warrants, relegating them to a Kafka-esque legal purgatory.
The government attempts to insulate its refusal to provide notice from judicial review, arguing that neither Microsoft nor the ACLU has standing to raise these important constitutional questions. By the government’s logic, Microsoft does not ever have standing to defend its customers’ right to notice, and Microsoft’s customers, including the ACLU, may not defend their own right to notice until after they receive the primary relief they would seek—that is, notice. In the government’s view, the only plaintiffs who have standing to sue for notice are those who have already gotten it, and those deprived of notice forever have no ability to seek a remedy at all. That is not the law.
The hope here is to not only find the open-ended gag orders unconstitutional, but also the law granting this secrecy — the ECPA — unconstitutional as well. The shift from physical “papers” to digital files was addressed by legislators in the worst way possible. The ECPA did away with the notification requirement attached to searches of physical places. When a home or business is searched, the owner or resident is served with a warrant. For electronic communications, a third party is approached. Legislators apparently felt as long as someone was notified, that was good enough — even if that someone isn’t the target of the search warrant.
That’s basically the government’s argument: notice is served to the site of intrusion. If the affected parties don’t actually reside there (but their “papers” do), too bad.
The government’s argument conflates a historical anachronism with a constitutional principle. The government is correct that officers traditionally provided Fourth Amendment notice at the physical site of the intrusion. But that is so because, for the first 175 years of the Fourth Amendment’s application, it was understood to cover primarily physical trespasses. See Katz, 389 U.S. at 353. As a result, notice provided at the site of the intrusion was notice to the individual whose Fourth Amendment rights were at stake. It is no surprise, therefore, that Federal Rule of Criminal Procedure 41 reflects that historical context. Under Rule 41(f), an officer executing a warrant must “give a copy of the warrant and a receipt for the property taken to the person from whom, or from whose premises, the property was taken or leave a copy of the warrant and receipt at the place where the officer took the property.”
The ECPA is the DOJ’s argument committed to paper. Notice only needs to be provided to the third party where communications and documents are held. To ensure the party whose documents/communications are being taken is kept out of the loop, the DOJ takes the wording of the law to heart and ignores the intent behind the Fourth Amendment protections granted to citizens.
The ECPA does not require the government to provide notice when it relies on a warrant, and so the government now routinely searches and seizes individuals’ electronic communications without providing any notice—delayed or otherwise—to those whose private information it has obtained. According to Microsoft’s Complaint, nearly half of the federal demands it has received under ECPA in the last eighteen months were accompanied by gag orders, the majority of which contained no time limit. Accordingly, a substantial portion of the individuals whose electronic communications the government demands from Microsoft receive no notice whatsoever, from either the government or Microsoft.
The law undercuts the Fourth Amendment by preventing those affected from challenging the lawfulness of the search or seeking redress through the judicial system for violations. Gag orders that run indefinitely allow the government to avoid being held accountable for any wrongdoing. In addition, the service of warrants to third parties is done without any meaningful oversight, putting the DOJ in the position of policing itself — something it does with no particular enthusiasm or effectiveness.
Filed Under: doj, ecpa, gag order, standing, subpoena, surveillance, warrants
Companies: aclu, microsoft
Comments on “ACLU Challenges Gag Orders Issued To Tech Companies By The DOJ”
About time!!!
Wonder what took them so long?
O well, we can watch them lose too!
Anyone got popcorn?
To review:
So let’s sum up shall we?
1) The DOJ issues the search and gag orders not to the one who’s ‘papers’ are to be searched, but to a third-party.
2) Included in the order to allow them to search is a gag-order preventing the third-party from notifying the person who’s effects are being searched.
3) The DOJ argues that the third party has no grounds to contest the search, as it’s not their stuff being searched.
4) The person who’s effects are being searched, otherwise known as the only person who has standing to object according to the DOJ, has no possible way to know what’s going on because of the DOJ’s gag order.
5) As such the individual that knows about the search can neither contest it nor inform anyone about it, and the individual that does have standing lacks the knowledge required to contest it in the first place thanks to the gag order.
Oh yeah, I can’t see that being abused at all.
Re: To review:
#2. is a complete breach of 1st Amendment.
#3. is a magical unicorn, because under 3rd party doctrine rules once a private person gives data away it’s no longer theirs or private though it is a fact that just to participate in society every business requires you to sacrifice your privacy. Except it’s your data for the purposes of throwing YOU in jail, but not yours for the purposes of the government getting access to said data since you willingly gave it away.
In short, Americans have asked for regulation against business, and also said they should not be protected by the Constitution, and Government happily used it as a proxy to remove all of our rights. People are too ignorant to even know better, I take that back… they are too ignorant to even recognize it even when it is looking them right in the fucking face! Corruption is so entrenched within this Nation we are not going to recover. There are just too many uncaring citizens still living a good live to stop and help ensure that the good life can persist for them and others.
Re: To review:
No actually this is great news! Now we can FOIA stuff from the government by going to their hosting providers. No need to bother them with the actual warrants or subpoenas either apparently. Since secrete searches are legal in their minds, lets just search through all of their documents and look for whatever is helpful. Fishing expeditions are now in full force. You are welcome America.
Re: To review:
In other words, if you even suspect you might have information the government wants for any purpose, you need to file a federal lawsuit at least once a year, possibly even as much as once a month, to challenge any warrants that may or may not have been served on your data with a third party.
Most of the resulting lawsuits will effectively be frivolous, but discovery is the only way to acquire standing to sue to receive notice, if the DoJ’s view of how the law works is correct.
If you think the courts are congested now, wait until every major corporation needs at least twelve lawsuits in continuous operation in order to generate standing to challenge a warrant.
Perhaps we’ve been looking at all of this wrong… perhaps it is the new mission of the Justice Department.
Find all of the ways the law is broken & ripe for abuse, demonstrate how it is incompatible with the Constitution, & draw attention to it so we get it fixed.
Re: Re:
Unlikely. If that were the goal, the feds wouldn’t withdraw their lawsuit/prosecution the instant it starts looking like the law might be struck down by the courts.
I assume that there is good reason that the Department of Injustice wants gag orders in place. To silence the illicit and immoral behavior of said Department. After all, if they were doing nothing wrong, then they wouldn’t have anything to hide.
Free and open court rooms are one of the best places to look at determining the level of democratic process in a nation. But with secret proceedings, secret evidence, secret analysis, secret law, secret judgement and secret punishments, it has become more than obvious that the US is antithetical to democracy.
Re: Re:
It is only obvious to people with a brain. You are spilling state secrets to U.S. citizens, and Snowden should have taught you that there is a price to pay for that.
Re: Re:
“…secret proceedings, secret evidence, secret analysis, secret law, secret judgement and secret punishments…“
But that’s all legal during times of war, and since the US has secretly declared war on the (1)civilian populations of earth, after 9/11, and rewrote the US constitution to fit the new wartime ‘definitions’ of American law, the USG has given itself the “legal” right to nuke any household on earth for any reason it determines is sufficient grounds for assassination, murder, massacre or just plain mayhem, for the war effort.
Because its at war and wartime rights trump all peace time law.
(1)(terrorists, terrorist sympathizers, drug dealers and users and whistleblowers and most hackers are all civilian occupations)
If one just momentarily assumes that this ‘secret declaration of war’ is in fact true, one will see immediately that it explains all of the unusual and apparently illegal activities of the USG and all of its military and Law Enforcement Minions as well as their nearly universal disdain over public outcry.
They are waging war.
And you are the enemy.
Or rather, legally speaking, the Adversary.
Whenever you hear about how they have ruined the lives of American civilians, incarcerated civilians abroad through extraordinary rendition, or systematically destroyed civilian communications security in order to spy on civilian activity, or use legal gag orders to bypass civilian rights and prevent defense, they are, in their minds, winning this war.
—
If Microsoft and other tech companies were to encrypt customer data with a key handed over to the customer, electronic data would be protected just like paper data in the old days: The warrant would need to be served to the customer to access the data.
Re: Re:
Yup, which is yet another reason why the federal government will attempt to prohibit good quality encryption at all costs.
This could be an argument in favor of people running their own email server in their house — they would always know if there ever was a search warrant.
But by having everything on “the cloud” makes it more like an old-fashioned wiretapping warrant that the people under suspicion never get to know about until the day they’re in the courtroom in handcuffs.
Re: Re:
This could be an argument for that, except that it’s still a pretty dumb argument. The government would just infect the home server with malware, which the secret warrant signed by a secret court would allow, and then the person would be in the same boat with regards to not knowing about the warrant, but a much worse situation regarding an advanced persistent threat touching every other machine on the home network. Given people’s reluctance to update their machines even when nagged with a reminder every hour, how often do you think the forgotten about email server would receive its patches? Big brother likely wouldn’t even have to dig out any 0-days for the occasion.
If you are willing to religiously track security postings, immediately stay up to date on patches, and routinely monitor traffic logs looking for anomalies, then sure, running your own email server is a great idea. If you are hoping for a fire-and-forget appliance you can just plug into your home router, then you are much better off paying someone else to do that work. Otherwise some bored asshat with shodan is likely to pwn your ass.
Re: Re: Re:
Plus, removing the malware — even if you don’t know who put it there — would be construed as evidence tampering, possibly even invoking the Sarbanes-Oxley Act. Depending on how the charges go, that’s either 3-5 years, 5-10 years or 20 year mandatory minimum prison sentences if convicted. Note that conviction does not require any knowledge or intent to commit a crime, the Act is strict liability.
Catch-22
Reminds me a lot of Catch-22.
The government likes to play that game too much.
Here:
– You – Microsoft as third-party – can’t contest the search because you’re not the target.
– You – ACLU as target – can’t contest the search because you don’t – officially – know it happened.
Weeks ago:
– You – John Doe – can’t contest the search because the package was under the name Joe Black (who doesn’t exist, so what?).
– You – John Doe – can be arrested after the search because we know “Joe Black” is a pseudonym and the package really belongs to John Doe.
In both cases, and a lot of others, even if the search is illegal, nobody has standing to contest its validity because the case is built in a way that both removes standing from everyone involved by denying standing (Microsoft, John Doe), knowledge (ACLU) or simple existence (Joe Black)… So much for “due process”.
And, of course, “safeguards” never work.
Most attorneys will not decline to prosecute based on illegal searches.
FISC can’t be trusted to deny a search in the first place.
Re: Catch-22
FISC can’t be trusted to deny a search in the first place.
The only thing FISC can be ‘trusted’ to do is to give the government anything and everything it wants, while whining about how people keep saying they’re nothing but a rubber-stamp ‘court’.
Gag orders … certainly these do not violate the first amendment because corporations are not people my friend.
Re: Re:
Really? Then answer me this: If the gag order is violated, who goes to prison? The corporation or the person who said something prohibited by the gag order?
Corporations may not be real people, but they are made of people. And those people they are made of do have rights.