Friday, 12 September 2014

NSA to Yahoo: Give Us Data or Pay $250K a Day

Written by 

A quarter-million dollars a day: That’s how much the U.S. government was prepared to extract from Yahoo as long as the Internet giant balked at handing its users’ e-mail messages over to the National Security Agency (NSA), previously secret court documents released Thursday show.

The documents, which were unsealed by the Foreign Intelligence Surveillance Court of Review (FISC-R) at Yahoo’s request, “outline a secret and ultimately unsuccessful legal battle by Yahoo to resist the government’s demands,” according to the Washington Post. As a result of its defeat at the hands of a secret court that almost invariably sides with the government, Yahoo was forced to begin supplying data to the NSA’s PRISM surveillance program.

That, in turn, opened the floodgates for massive collection of electronic data by the federal government. As the New York Times reported in 2013, shortly after PRISM was exposed by former NSA contractor Edward Snowden, “The decision has had lasting repercussions for the dozens of companies that store troves of their users’ personal information and receive these national security requests — it puts them on notice that they need not even try to test their legality.” Indeed, “seven other Internet companies” ultimately were coerced into giving the NSA what it wanted, according to the paper.

The companies have long insisted that they were unwilling participants in PRISM, but they have had difficulty proving it because their cases were sealed and they were forbidden to discuss them publicly. The release of the roughly 1,500 pages of documents in the Yahoo case — an action that is “extremely rare,” Yahoo general counsel Ron Bell noted in a blog post — largely vindicates the tech company’s claims.

“The released documents underscore how we had to fight every step of the way to challenge the U.S. Government’s surveillance efforts,” Bell wrote.

The trouble started when Congress passed and President George W. Bush signed “the Protect America Act of 2007, which allowed the government to collect data on people it ‘reasonably believed’ to be outside of the United States at the time without getting an individual search warrant for each target,” reported the Post. “That law has since lapsed but became the foundation for the FISA Amendments Act of 2008, which created the legal authority for many of the NSA programs later revealed by Snowden.”

Yahoo was served with an order for data shortly after the Protect America Act became law. That order required Yahoo to turn over not just communications records, also known as metadata, but the actual content of “certain types of communications while those communications are in transmission,” according to a February 2008 government filing. It did not require a search warrant for each individual under surveillance as demanded by the Fourth Amendment. And while the order targeted people who were supposedly outside the United States, the government admitted in its filing that there would be “incidental collection” of Americans’ data as well, but it claimed there were “stringent minimization procedures to protect the privacy interests of United States persons.”

Yahoo “refused to comply with what we viewed as unconstitutional and overbroad surveillance and challenged the U.S. Government’s authority,” Bell stated.

The company’s case was heard by the Foreign Intelligence Surveillance Court (FISC), a court that meets in secret and keeps all its proceedings under wraps unless it deigns to reveal them to the public.

In one of its filings, Yahoo argued that the case was “of tremendous national importance. The issues at stake in this litigation are the most serious issues that this Nation faces today — to what extent must the privacy rights guaranteed by the United States Constitution yield to protect our national security.”

The FISC, not surprisingly, ruled in favor of the government. Yahoo appealed but was forced to begin turning over the requested data under the threat of $250,000 in fines for each day it failed to comply. The FISC-R, which heard the appeal, upheld the lower court’s ruling, labeling Yahoo’s concerns “overblown.”

“Notwithstanding the parade of horribles trotted out by the petitioner, it has presented no evidence of any actual harm, any egregious risk of error, or any broad potential for abuse,” the court wrote in August 2008.

“Where the government has instituted several layers of serviceable safeguards to protect individuals against unwarranted harms and to minimize incidental intrusions,” the court added, “its efforts to protect national security should not be frustrated by the courts.”

Although the 2008 ruling had been released that same year, it “was so heavily redacted that observers were unable to discern what company was involved, what the stakes were and how the court had wrestled with many of the issues involved,” observed the Post. The latest release, while still incomplete, provides much greater insight into the details of the case and demonstrates the extreme deference shown to the government by the FISC and FISC-R — hardly a shock given that their entire raison d’être is to provide a legal fig leaf for the government’s nakedly unconstitutional activities.

The FISC ruling remains classified, but Bell said that Yahoo is trying to get the court to release materials from that case as well.

“We consider this an important win for transparency,” he wrote, “and hope that these records help promote informed discussion about the relationship between privacy, due process, and intelligence gathering.”

Please review our Comment Policy before posting a comment

Affiliates and Friends

Social Media