Sobriety checkpoints and mandatory drug testing of student athletes and railroad workers are among the legal precedents justifying the U.S. government's now-defunct and court-approved secret email metadata dragnet surveillance program, according to documents the authorities released late Monday.
The thousands of pages of records the President Barack Obama administration unveiled include the nation's first opinion from a secret tribunal authorizing the government to obtain data from the "to," "from," "cc," and "bcc" fields of all emails "to thwart terrorist attacks."
"This concern clearly involves national security interests beyond the normal need for law enforcement and is at least as compelling as other governmental interests that have been held to justify searches in the absence of individualized suspicion," Judge Colleen Kollar-Kotelly, then the presiding judge of the Foreign Intelligence Surveillance Court, wrote in an opinion (.pdf) believed dated in 2004.
(The 87-page opinion is heavily redacted, including its date. But parsed with other documents in the data dump, experts believe the opinion is dated July 2004. Because the opinion is repeatedly blacked out, it is unclear whether the order authorizes broader internet data collection.)
The President George W. Bush administration first implemented the program shortly after the 2001 terror attacks. But it wasn't until 2004 that the administration sought authorization from the secret court after being faced with threats of resignation from senior officials. Those officials include James Comey, then the deputy attorney general who is now the FBI chief.
Rights lawyers blasted the decision, saying there was no legal basis for the secret court, formed in 1978 to assist the government in obtaining foreign intelligence, to approve the program.
"These documents show that the government asked the FISC for permission to collect information far beyond what was authorized by the statute and the court acquiesced," said Elizabeth Goitein, co-director at the Brennan Center.
The government stopped the internet-collection program in 2011 "for operational and resource reasons," the authorities said. Along the way, another secret court opinion chastised the program for its "systemic overcollection" of data and provided "no comprehensive explanation of how so substantial an overcollection occurred." (Documents leaked by NSA whistleblower Edward Snowden show that the government has been siphoning data from Yahoo and Google as it transits from one of their data centers to the other.)
The government released the records in response to a Freedom of Information Act lawsuit brought by the American Civil Liberties Union and others.
"We think this is the foundational opinion for the bulk collection of Americans' metadata," said Patrick Toomey, an ACLU attorney.
To be sure, Supreme Court rulings related to drunken driving, student athletes and railway officials weren't the only legal precedent Kollar-Kotelly cited.
She noted a 1979 decision, involving a purse snatching, that concluded that Americans had no expectation of privacy in information stored with third parties in a case concerning a mugger's telephone calling records.
"The same analysis applies to the meta data involved in this application. Users of e-mail (REDACTED) voluntarily expose addressing information for communications they send and receive to communications service providers. Having done so, they lack any legitimate expectation of privacy in such information for Fourth Amendment purposes," Kollar-Kotelly wrote, adding in a footnote that "this is the first application presented to this Court" seeking such metadata.
What's more, she said, "Whether a large number for persons are otherwise affected by the government's conduct is irrelevant."
She sided with the NSA's plea for bulk collection. "NSA asserts that more precisely targeted forms of collection against known accounts would tend to screen out the 'unknowns' that NSA wants to discover, so that NSA needs bulk collection in order to identify unknown (REDACTED) communications."
The opinion did not name the "communications services providers" ordered to participate in the program to capture the data with so-called "pen registers and trap and trace devices." But she did say that "The raw volume of the proposed collection is enormous."
The order noted that "specified persons" are required "to furnish the NSA with any information, facilities, or technical assistance necessary to accomplish the installation and operation of pen registers and trap and trace devices in such a manner as will protect their secrecy."
What's more, the opinion says, "each specified person shall not disclose the existence of the investigation or of the pen registers and trap and trace devices to any person, unless or until ordered by the Court, and shall maintain all records concerning the pen registers and trap and trace devices, or the aid furnished to the NSA, under the security procedures approved by the Attorney General."
Companies are under a gag order and cannot reveal if they have received such orders. Many of the top internet companies like Google, Yahoo and Microsoft are urging the government to allow them to publicly say how many secret court orders they have gotten and to detail how many accounts were affected.
One company that likely furnished some type of data was AT&T. A former technician for the company said in 2003 he saw a secret NSA room being built in an AT&T San Francisco switching center connected to the internet's backbone.
The declarations of Mark Klein were part of a federal lawsuit brought by the Electronic Frontier Foundation accusing AT&T of illegally funneling electronic communications to the NSA without probable cause warrants. The case grew to include all the nation's telecommunications providers.
But, in the end, Congress in 2008 granted legal immunity to any companies compelled to participate in the program. A San Francisco federal judge dismissed the case shortly after.
Another form of bulk data collection not covered in the opinion concerns telephone metadata. The government first asked the court in 2006 to authorize orders for phone companies to forward to the NSA the phone numbers of both parties involved in all calls, the International Mobile Subscriber Identity (IMSI) number for mobile callers, calling card numbers used in the call, and the time and duration of the calls.
That program, too, commenced in the wake of the 2001 terror attacks, under orders from the Bush administration.
Both the e-mail and the phone metadata programs are based on language in the Patriot Act allowing the secret court to authorize records collection if the request is based on an "authorized" investigation.
Details of the programs were a closely guarded secret until this summer before Snowden began leaking documents to the media disclosing them.
The Electronic Privacy Information Center immediately asked the Supreme Court to halt the phone-metadata program, saying metadata for every call made to and from the United States couldn't conceivably be relevant to an investigation.
Without comment, the Supreme Court rejected that case Monday.
At least three other lawsuits challenging the program are in the lower courts, and are years away from being resolved.
