Friday, September 06, 2013

Legal Consequences of NSA et. al.?

I am a law professor but not a lawyer, and so would like opinions from those who know more than I do about current American law as to the legal consequences of the facts coming out of Snowdon's revelations. For instance ...  .

It appears that U.S. firms deliberately put back doors into the encryption provided by their programs in order to let the NSA access material. If such firms advertised their encryption as secure, are they at risk of suits for damages, possibly class actions on behalf of all customers who bought software whose characteristics had been deliberately misrepresented?

It appears that the DEA has been using information provided by a massive search of phone company records while deliberately misrepresenting at trial the source of their information. If it is arguable that the information was obtained in violation of the Fourth Amendment, does it follow that the prosecution in all such cases failed its legal obligation to provide the defense with relevant facts—in this case about how evidence used in the trial was obtained, information that the defense could have used to argue that such evidence should be excluded? I assume that issue does not arise if it is  clear that the DEA was entitled to the information it got, but does arise even if it is not clear that it wasn't. If it arises, do we end up with a situation similar to what happened in Massachusetts when it was discovered that a large number of drug test results used at trial were fraudulent, hence that a large number of convictions were tainted?

Whether or not the DEA was violating the rights of people whose records were searched, were its agents engaged in multiple acts of perjury and its higher ups in large scale suborning of perjury by deliberately misrepresenting to courts the source of evidence introduced at trial? The usual oath is to tell the truth, the whole truth, and nothing but the truth, which it seems obvious they were not doing. Is it sufficient that they did not make any direct statements that were false, supposing that to be the case?

Is there some way of bringing before the court system the question of whether mass wiretapping by the NSA was or was not constitutional, now that the legal basis for it has been made public? Could someone sue to enjoin them from continuing their activities or to require them to destroy data collected (arguably) illegally? Who would have standing—anyone whose phone data might have been collected? If such a suit succeeded, are there any legal consequences for past activities, civil or criminal?

One obvious problem in this situation is that criminal prosecution is controlled by the state. The Director of National Intelligence has confessed to committing perjury, although not in those words, but there appears to be zero chance that he will be indicted for it. Could federal officials be charged at the state level with violations of state wiretapping laws, supposing there are any? Sued in a civil case?

As should be obvious, I have no clear idea what legal recourse there is if, as seems entirely possible, various parts of the government have been doing things they had no legal right to do. But perhaps someone else does.

12 Comments:

At 4:27 AM, September 06, 2013, Anonymous Anonymous said...

yeah, if you haven't noticed common law is NOT in force. the government allows bits of common law to exist which do not constrain the government. that is why police are NOT liable for murder or property damage yet you will be executed immediately if you try to even film them on the streets.

basically under the current system the only people who can bring the government to court is the government. otherwise government officials have total and absolute immunity.

if someone does something illegal because they were doing it for NSA or CIA the government will just say that these people are immune from prosecution (as they did with verizon and AT&T retroactively in 2004).

all is lost! forget about the courts. the ONLY possibility is if the public does something about it, which they will never do.

 
At 8:21 AM, September 06, 2013, Blogger Patrick Sullivan said...

I'm not a lawyer either, but it seems obvious that the only 'legal penalty' for NSA 'spying' is that any information obtained in that way is inadmissible in a court of law.

 
At 8:53 AM, September 06, 2013, Anonymous Anonymous said...

@Patrick, who cares about a court??? when CIA wants to it just kidnaps the person to a black site in afgan or jordan and kills the person there, alternatively they just drone the target (as well as the near by kindergarden).

if they HAVE to have a trial it will all be secret and the defence will not have access to any of this anyway, and the judge will be told to accept everything the gov prosecuter says.

you people dont get it, there is no "law", law is whatever the guy with the biggest stick says it is, right now that happens to be Obama. he doesnt care what "the law" says, when he needs it he can write his own as long as he got the support of the other gov organs, which he does.

 
At 8:59 AM, September 06, 2013, Anonymous Martin said...

Also an interesting question: now that it is known that large amounts of communication between ordinary citizens have been recorded, can those records be subpoenaed in lawsuits which do not involve terrorism or espionage?

Could a party in, for example, a run-of-the-mill divorce case, ask the judge to order the NSA to turn over any phone calls, e-mails etc involving their spouse, which may have ended up in the snooping dragnet?

 
At 9:52 AM, September 06, 2013, Blogger David Friedman said...

Martin: Interesting question that had not occurred to me.

Patrick: In principle, that isn't true. Violation of FISA was supposed to carry a penalty of up to five years in prison, and I wouldn't be astonished if some of what the NSA has done was similarly criminal.

But I don't think the odds of anyone actually getting prosecuted are very high, for obvious reasons. One interesting possibility is prosecution of federal actors under state law. That actually happened in the Ruby Ridge case. One of the FBI agents was tried but acquitted.

 
At 10:57 AM, September 06, 2013, Anonymous Miko said...

Mathematically speaking, no company should have advertised their cryptosystems as secure, as this hasn't yet been proven for any cryptosystem. The best we've done is showing that certain cryptosystems are as hard as certain other problems that are widely believed to be really hard to solve. (That said, Snowden has said that cryptography is secure when done right, so it's likely that the NSA can't break it in general. The NSA has been trying to push certain forms of elliptic curve based cryptosystems for years, leading me to suspect that they may be less secure.)

The latest reports are a bit vague on how exactly the NSA is dealing with encryption, but my educated guess is that they're likely bypassing it in many cases rather than being good at breaking it. In addition to the PRISM backdoors, they seem to be mainly focused on getting help from within firms rather than from firms themselves, so it's more likely that they've stolen the server keys for popular purveyors of encrypted communication such as Gmail and Facebook.

 
At 11:36 AM, September 06, 2013, Blogger Lex Spoon said...

Let us hope you find some leads on these questions, David. I somehow suspect that the U.S. government will hold itself above the law in these actions, citing national security, but it would be very good to know of any serious efforts to challenge that position. I know that a lot of Americans would be behind such legal action.

@Miko: you are technically correct but are being pedantic. We are not talking about algorithmic weaknesses, but backdoors that were deliberately inserted.

 
At 12:40 PM, September 06, 2013, Blogger Power Child said...

Let's consider the upside-down scenario:

What's the worst thing that could happen, national security-wise, if the NSA was held totally accountable and guilty parties were prosecuted?

Is it crazy to wonder if anyone in the government has thoughtfully and rationally posed this same question?

 
At 4:40 PM, September 06, 2013, Blogger Patrick Sullivan said...

If this is the law you're referring to, David;

http://www.law.cornell.edu/uscode/text/50/1809

I'd say it excludes any prosecution here;

'It is a defense to a prosecution under subsection (a) of this section that the defendant was a law enforcement or investigative officer engaged in the course of his official duties and the electronic surveillance was authorized by and conducted pursuant to a search warrant or court order of a court of competent jurisdiction.'

 
At 7:52 PM, September 07, 2013, Anonymous Anonymous said...

The tragedy of the commons and the collective inaction keeps government criminals sleeping well at night.

 
At 10:32 AM, September 08, 2013, Blogger David Friedman said...

Patrick:

The past FISA issues I was referring to involved a large number of interceptions not authorized by the special court created to authorize such, hence, I think, not protected by that defense.

 
At 10:43 AM, November 01, 2013, Anonymous Boghos L. Artinian said...

The whereabouts and the intentions of every single person must be known at all times on this modern Globe. A central computer can be a good, unbiased 'dictator'. It will not harm anyone going about his business , not breaking the law, or harming others. A person's freedom of movement need not be restricted, nor his freedom of thought and speech.

A chip placed on him at birth will transmit his movements and intentions and record his actions which will not be interfered with unless something is wrong with them. Aren't the cells of the human body controlled by the brain and surveyed by the immune system?

We are the 'cells' of a global super-organism and must accept such constant surveillance if we are to live peacefully with each other and avoid terrorism on the Globe.

Boghos L. Artinian MD

 

Post a Comment

<< Home