Mount appeals to block warrantless mass data collection

New legislation is needed to prevent state, local and federal law enforcement and intelligence agencies from surveilling large swathes of the US population without a warrant, panelists said at a recent federal hearing.

Fourth Amendment privacy protections require law enforcement to obtain a warrant before searching individuals’ personal records — and that definition should include their digital fingerprints, said Brett Tolman, executive director of Right on Crime, a group that advocates for “conservative criminal justice solutions”. “Such requirements should prevent law enforcement from collecting large collections of data on large populations without first establishing probable cause,” he said.

But agencies repeatedly fail to get permission to collect data themselves and instead buy it from data brokers — essentially, a loophole, said panelist Bob Goodlatte, senior policy adviser for the group. nonpartisan advocacy Project for Privacy and Surveillance Accountability.


“Agencies ranging from the Defense Intelligence Agency to the IRS, likely to the FBI and CIA, are buying the personal data of millions of Americans that they would otherwise have to obtain a warrant to obtain,” Goodlatte said.

Brokers sell vast compilations of data which may include details such as employment history, home addresses, voting records, etc. York Law School.

Such practices can open the door to invasions of privacy and wrongful arrests.

Rep. Jamie Raskin (D-MD) summarized the calls to ban law enforcement from making such purchases:

“It’s basically the meta-tech equivalent of saying, if the government can’t get into your house without a search warrant, they can’t pay someone who breaks into or gains access to your house. by a kind of duplicity. [like] saying they are carpenters.

“IT INVITES TO ABUSE”

Panelists and House Representatives from both parties said the government buying collections and analyzes of resident data without first establishing probable cause is unjustifiable and allows governments to subjugate particular demographic groups and political parties. to excessive surveillance and arrests.

“It invites abuse, especially the targeting of individuals or groups based on race, religion, or political activity,” said Elizabeth Goitein, senior director of the Freedom and National Security Program at the Brennan Center for Justice. .

The discussion took place against the backdrop of the Dobbs decision, which raised concerns that states criminalizing abortion would track anyone considering the procedure by collecting data from residents’ web searches, vintage apps and information. geolocation of mobile phones. And warrantless tracking and data collection can affect people across all ideological and political divides, Goodlatte said, noting that the government might as well be monitoring people visiting gun shops.

Purchases of police data are also causing concern in the courtroom, according to Rebecca Wexler, assistant professor of law and co-director of the Berkeley Center for Law and Technology. Current practices may tip the scales against criminal justice defendants. That’s in part because law enforcement and defense often have less information about potentially game-changing flaws and biases in data collected by third parties, which causes them to miss context that could potentially be misleading. invalidate the evidence.

A LEGISLATIVE FIX?

Many panelists recommended passing a federal privacy law limiting how and when private companies collect all that personal data in the first place. But it’s a bigger task, and lawmakers should also come up with a faster, targeted solution: Passing the Fourth Amendment law isn’t for sale, panelists said. This measure would require the government to follow the spirit of the existing rules, fill in the gaps and update policies to better reflect modern realities.

The law would prohibit law enforcement and intelligence agencies from purchasing customer and subscriber records or illegally collected information. And if the agencies nevertheless violate this rule, they will be prohibited from using this information as evidence in court or other proceedings.

The law also limits the government’s ability to force companies to hand over this data. He says that if governments – under current law – needed a court order to obtain certain records from a provider of electronic communications or remote computing services, they would also need a court order. court to obtain these recordings from a third party. This means that agents who fail to get a judge’s approval to compel a telecommunications company to share records cannot simply turn around and force that information out of a data broker to which the telecommunications sold the recordings – unless agents first get the all-clear from a judge.

“The government can’t get records from companies like Facebook and Google without a court order. Why should data brokers be treated differently? said Goodlatte.

Sarah Lamdan speaks at the hearing

EXISTING RULES

Goodlatte said there was nothing wrong with agencies collecting personal data on suspects, as long as they followed the rules and showed probable cause first. The warrant-seeking process requires agencies to justify why they want the data, which helps detect situations where unconscious or conscious bias – not an actual need – leads to the search for data on a particular group. Goitein said.

Speakers like Rep. Andy Biggs (R-AZ) also worry about the type of data government box obtain warrants. He cited a 2019 incident in which police in Gainesville, Florida used a warrant to compel Google to share data on all devices near the site of a break-in. This led them to mistakenly suspect a resident, as Google had tracked his phone past the house on his usual bike route.

FALSE JUSTICE?

Criminal defense attorneys have the right to see evidence the other side has gathered that could exonerate the accused. For example, defendants need to know if quality control errors make the data unreliable and if the software used to collect the data is biased or have other issues, Wexler said. The government also generally cannot introduce illegally obtained evidence, and Wexler said defendants should know whether the data was collected “in violation of a privacy law, or through breach of contract, or unlawful hacking.” , she said.

But police buying information from data brokers are unlikely to know its limitations or how it was collected.

“When law enforcement buys data from intermediaries, uses private biometric databases, or licenses surveillance software from private companies, officers can ignore data flaws,” Wexler said.

Defendants cannot uncover such context by cross-examining the police, if the officers simply know nothing about the practices of their data brokers. Another hurdle: Companies are unlikely to voluntarily share information about their product, and defendants have limited abilities to compel them through subpoenas, Wexler said. Some surveillance technology vendors also only sell to law enforcement, preventing criminal defense from purchasing copies of the tools to test their accuracy.

Leveling the playing field between prosecution and defense may require policies that strengthen the subpoena powers of the criminal defense, Wexler said.

WHAT IS “VOLUNTARY”?

Laws crafted in the technological climate of the 1970s say residents cannot be expected to keep information private if they “voluntarily” share it – such as personal details shared with a bank when opening a bank. account. But panelists say the interpretation of “volunteer” needs to be updated to match today’s realities.

A lot of personal data collected about people is not something they really give up voluntarily, in an age where full participation in society requires driving the roads with license plate readers and using cell phones. that follow users closely, Lamdan said.

Additionally, users of the app and other digital services may not be able to give truly informed consent on data sharing. Company policies can be misleading, and customers who knowingly share information with a particular company have no control over whether and to whom that company then resells the data, Goitein said.

Users are also often told that their data is “anonymous,” but that veil of privacy can easily be shattered when data brokers buy the records and combine them with other details, Lamdan said. And even customers trying to opt out can’t escape companies that create profiles on them based on information collected from associates’ friends, families and online activities.

The Supreme Court appeared to nod to some of these concerns in a 2018 ruling that police needed warrants to seize certain cellphone records revealing their location. The court held that phone owners had to be satisfied that their personal movements were private and that they were not actively choosing to share that data.

Comments are closed.