The NSA’s System of Secret Law
We now look at the system of secret law that was developed behind a barrier of secrecy to give a legal veneer to the system of mass surveillance that has been created.
The legal story here revolves around a legal doctrine known as the “third-party doctrine,” which arose in a 1976 case called United States v Miller and a 1979 case called Smith v Maryland. Miller involved warrantless access by police to a suspect’s bank records and Smith involved a warrantless tap of a suspect’s phone using a device known as a “pen register.” In both cases the police had information leading them to have probable cause for suspicion that the suspects had committed a crime. Rather than seeking a warrant from a court they sought private records from a third-party provider. In Miller the police obtained bank records from the suspect’s bank and in Smith the police obtained a pen register on the suspect’s phone with the assistance of the phone company.
These became important Fourth Amendment cases, testing the scope of the protection provided by the US Constitution in matters where third party providers hold private records for a person. Miller and Smith both sought to exclude evidence obtained from these sources at their trials, arguing that the police use of their records involved an unreasonable search, in view of the fact that they had not obtained a warrant for obtaining the relevant material. The Supreme Court disagreed, holding in both cases that the suspects did not have a reasonable expectation of privacy in their records. Explaining their decision the court set out the relevant principle as follows:
This Court has held repeatedly that the Fourth Amendment does not prohibit the obtaining of information revealed to a third party and conveyed by him to Government authorities, even if the information is revealed on the assumption that it will be used only for a limited purpose and the confidence placed in the third party will not be betrayed.
These opinions gave rise to a doctrine known as the “third-party doctrine,” essentially allowing that any information communicated to a third party could be obtained by the government without a warrant, without any objection in respect of the Fourth Amendment.
The third-party doctrine is quite a bizarre doctrine, and one which is clearly erroneous. The doctrine asserts that a person can only have a reasonable expectation of privacy in records if those records are not revealed to any third parties, and this purportedly applies regardless of the limited purposes or confidentiality expectations that apply in the relationship with the third party. Clearly this cannot be reconciled with many other contexts, such as where people communicate confidentially with lawyers, doctors, and other fiduciaries. Indeed, it is a quite bizarre logical implication of the third-party doctrine that there is supposedly no reasonable expectation of privacy in sensitive legal or medical information on the basis that it is sometimes disclosed to one’s own lawyer or doctor.
Unsurprisingly, this doctrine has been heavily criticized since its inception. One legal scholar notes that, “[w]hile Smith and the Third Party Doctrine were heavily criticized even before the Internet age, the drumbeat of criticism has intensified.” Some have argued that the doctrine should only extend to cases where the third party is a genuine recipient of information, and not merely a conduit for the transfer of information (as in the case of a phone company). However, even here this would not accord with other contexts where there are clear and reasonable privacy expectations (e.g., dealings with lawyers, doctors, etc.). The more appropriate result would be for the doctrine to be overturned entirely. While communication of information with third parties is certainly a valid factor in determining whether there is a reasonable expectation of privacy, it certainly should not be a disqualifying feature — context is everything.
Despite the absurdity of the third-party doctrine, its existence has not been a major issue for courts until recently, since its application has generally been confined to small instances of police searches, involving cases where there is probable cause for suspicion of a crime. From the 1960s to the 1980s the doctrine was applied in several police cases, but later on the lower courts tended to distinguish the facts from the early cases in ways that would allow them to avoid application of this doctrine. The Supreme Court has not made any further ruling on the doctrine since these original cases, but there were remarks in one of its recent cases suggesting that the doctrine might be reconsidered in the future.
In the past decade, with the advent of broader surveillance methods by the US government, the doctrine has become more far-reaching, and in the case of the NSA, it has spawned an entire system of secret law, purportedly justifying mass warrantless surveillance of the population. Behind the veil of secrecy of a system of secret courts the NSA and the FISA court have gradually developed a string of legal precedents extending the Miller and Smith cases and purporting to give a legal justification to the mass collection of all metadata derived from telecommunications. All of this has taken root on the flimsy basis of these two legal decisions, which were concerned with single instances of police searches of known suspects. From this slippery slope the NSA has successfully argued its case for mass surveillance to the FISA court, without any other parties present.
According to the NSA view, if police can legally install a pen register on a phone without a warrant in a particular case, then surely they ought to be able to hoover up all metadata running through the phone lines, and store it in massive data repositories, ready for access when needed. After all, this is similar in effect to the application of lots and lots of pen registers, all individually lawful, according to the third-party doctrine. If it is lawful to collect the metadata of one man without a warrant, then why not two, or three, or seven billion?
Beyond its reliance on the third-party doctrine as a brace against constitutional prohibition, the NSA has also relied on legislative provisions allowing it to use a special kind of warrant for its surveillance activities. Though we have already noted this in our previous discussion of the secret court system, it is worth highlighting that this forms a crucial part of the system of “secret law” that pervades the NSA operations. Whereas regular warrants issued to police involve the search of a particular specified place pertaining to a specified suspect, the NSA has established the practice of applying to the FISA court for general “procedure-based warrants” allowing the agency to conduct surveillance according to certain procedures, and subject to “minimization procedures.” Unlike individual warrants, these general warrants are not limited to any particular suspect or group of suspects. Instead the warrant allows the NSA full discretion to engage in surveillance on any target it desires, so long as the procedures in the warrant are followed. (Of course, the procedures may also specify the type of target, or a requirement for justification for a particular target.) While the legislative system for these warrants is public knowledge, the warrants themselves have been kept secret from the public.
This situation has prevailed without public knowledge until the leaks by Edward Snowden brought many of these secret judicial rulings into the public domain. At that time it became clear that the NSA had established a system of “secret law” which it used to give a legal veneer to its actions. Obviously this alleged legal justification is a large extension of the surveillance in Miller and Smith, and many scholars have argued that the extension to mass surveillance is not justified by those cases. In the Klayman case Judge Leon found that Smith v Maryland was unhelpful in assessing the mass surveillance program of the NSA, due to changes in the nature of telecommunications and surveillance occurring in the 34 years since the case. In ACLU v Clapper Judge Pauley found that the case established a precedent that allowed the NSA to conduct mass metadata collection. While some have argued that the third-party doctrine provides constitutional cover for the NSA metadata programs, it would be more accurate to say that those programs provide the reductio ad absurdum showing the error of the doctrine, and perhaps also the initial decisions concerning its application.
In the recent cases where the NSA has been challenged on its activities, the agency has repeatedly argued that practical considerations in respect of its surveillance programs should be considered as a reason not to remove people from its databases. (Of course, such arguments have always been made while simultaneously refusing to admit that any particular person is even on their database!) The NSA has argued that its system of mass data retention would be threatened by any orders from courts for them to remove a particular person’s records, since this would create complicated exceptions to its general procedures and systems. This argument effectively invokes the NSA’s view that its activities are sufficiently complex that it should not be burdened by the Rule of Law — that the law should mould itself to NSA activities, rather than the other way around.
The Klayman case has now given judicial weight to the absurdity of the third-party doctrine, and the fact that this doctrine entirely subverts the protection of people against unreasonable searches by their government. According to Judge Leon:
The Fourth Amendment typically requires “a neutral and detached authority be interposed between the police and the public,” and it is offended by “general warrants” and laws that allow searches to be conducted “indiscriminately and without regard to their connection with [a] crime under investigation.” ... I cannot imagine a more “indiscriminate” and “arbitrary invasion” than this systematic and high-tech collection and retention of personal data on virtually every citizen for purposes of querying and analysing it without prior judicial approval.
In the coming years the third-party doctrine, and its application in mass surveillance, may well be retested in the US Supreme Court. This will do much to determine the degree to which the court will act as a legitimizing mechanism for the NSA. However, it will not change the fact that the court has been fully complicit in this system of secret law throughout the period prior to the Snowden leaks.
Although we have been referring to this prevailing regime as a system of “secret law,” it is important to note that it is, in truth, a program of secret lawlessness. Indeed, the very notion of “secret law” is oxymoronic, suggesting that people may legitimately be ruled by principles of law established behind closed-doors and kept hidden from them. The operations of the secretive FISA court has allowed the NSA to cloak its lawless activities in the mantle of judicial oversight, even as judges within the secret court gave secret rulings complaining of the misrepresentations and malpractice of the agency. The Supreme Court has aided and abetted this process, by preventing any challenge to the constitutional legitimacy of the programs.
From a libertarian perspective, it might be regarded as tiresome and irrelevant to analyze doctrines of “positive law” put forward by the government’s own legal instruments. Of what interest are constitutions and legislation written by the State to assert its own power? After all, such “positive law” is merely a system of commands of the sovereign government, prone to expand and justify its powers. But even here, the positive law is of interest, since it is alleged to constraint the actions of governments, and is used to justify the power of government. It is part of the government’s claim to legitimacy that it operates according to the Rule of Law.
In view of this, it is interesting and instructive to see that, even by its own legal standards, created by its own institutions, governments still act in a lawless fashion. As with other governments, the US government exists in a precarious balancing act — attempting to expand its own power without constraint, while at the same time play-acting that it is subject to the Rule of Law. This has been particularly evident in the operations of the NSA, which has gradually implemented a regime of mass surveillance behind a wall of secret courts, secret evidence, and secret law.
 For discussion of various criticisms see Stephenson, S.E. (2011) “The Timely Demise of the Fourth Amendment Third Party Doctrine.” Iowa Law Review 96.
 Tolson, M. (2011) “Automation and the Fourth Amendment.” Iowa Law Review 96, p. 585. Italicization of case name added.
 Henderson, S.E. (2005) “Nothing new under the sun? A technologically rational doctrine of Fourth Amendment protection.” Mercer Law Review 56, pp. 507, 524-528.
 Harper, J. (2013) “If you think that Smith v Maryland permits mass surveillance, you haven’t read Smith v Maryland”. CATO at Liberty, 20 August 2013.
 For discussion of “positive law” as a command system, see O’Neill, B. (2012) “Natural law and the liberal (libertarian) society.” Journal of Peace, Freedom and Prosperity 1, pp. 29-50.