• Tag Archives 4th Amendment
  • Congress, Remember the 4th Amendment? It’s Time to Stop the U.S.-UK Agreement.

    Unless Congress stops it, foreign police will soon be able to collect and search data on the servers of U.S. Internet companies. They’ll be able to do it without a probable cause warrant, or any oversight from a U.S. judge. This is all happening because of a new law enforcement deal between the U.S. and the United Kingdom. And while it seeks to exclude purely domestic correspondence between U.S. citizens and residents, plenty of Americans’ data will get swept up when they communicate with targeted individuals located abroad.

    This is all happening because, for the first time, the U.S. executive branch is flexing its power to enter into law enforcement agreements under the CLOUD Act. We’ve been strongly opposed to this law since it was introduced last year. The recently signed deal between the U.S. Department of Justice and the U.K. Home Office will allow U.K. police easy access to data held by American companies, regardless of where the data is stored. These U.K. data requests, including demands to collect real-time communications, do not need to meet the standards set by U.S. privacy laws or the 4th Amendment. Similarly, the deal will allow U.S. police to grab information held by British companies without following U.K. privacy laws.

    This deal, negotiated by American and British law enforcement behind closed doors and without public input, will deal a hammer blow to the legal rights of citizens and residents of both countries. And the damage won’t stop there. The U.S.-U.K. Cloud Act Agreement may well become a model for further bilateral deals with other foreign governments and the United States. Earlier this month, Australian law enforcement agencies began negotiating their own deal to directly access private information held by U.S. Internet companies.

    There’s still one possible path to put the brakes on this disastrous U.S.-UK deal: Congress can introduce a joint resolution of disapproval of the agreement within 180 days. This week, EFF has joined 19 other privacy, civil liberties, and human rights organizations to publish a joint letter explaining why Congress must take action to resist this deal.

    No Prior Judicial Authorization

    In the U.S., the standard for when law enforcement can collect stored communications content is clear: police need to get a warrant, based on probable cause. If police want to wiretap an active conversation, they have to satisfy an even higher standard, sometimes called a “super warrant,” that limits both the timing and use of a wiretap. Perhaps most importantly, stored communications warrants and wiretap warrants have to be signed by a U.S. judge, which adds an extra layer of review to whether privacy standards are met. At EFF, a core part of our work is insisting on the importance of a warrant in many different scenarios.

    Judicial authorization is a critical step in the U.S. warrant process. When police search people’s private homes, offices, or devices, they must justify why the search for specific evidence outweighs the presumption that individuals remain free from government intrusion. Judicial authorization acts as a safeguard between citizens and law enforcement. Further, history has shown that police can and will abuse their powers for intimidation, or even personal gain. In colonial times, the British military used general warrants to search through colonists’ houses and seize property—actions that helped fuel a revolution, and formed the basis for the 4th Amendment to the U.S. Constitution.

    Incredibly, the DOJ has just thrown those rights away. Instead of relying on probable cause, the new agreement uses an untested privacy standard that says that orders must be based on a “reasonable justification based on articulable and credible facts, particularity, legality, and severity.” No judge in any country has decided what this means.

    Furthermore, it’s debatable whether UK law even satisfies that standard. As our coalition letter states, “U.K. law on the production of stored content data and live wiretaps do not raise to the standards in the U.S.-U.K. Agreement and indeed at points may be weaker, emphasizing the need for strong safeguards to be written into CLOUD Act Agreements.”

    That’s why we believe any agreement should include prior judicial authorization. The current deal just says that the U.K. must have “review or oversight” by an independent authority. Oversight is much different than prior judicial authorization. That means when a U.S. tech software company is asked to hand over communications and other sensitive data to UK police, the police don’t have to go to an impartial third-party to first review and see if the request complies with the U.S.-UK agreement. This takes away an important check before data is turned over to make sure that privacy rights are not harmed. Importantly, this hurts the rights of non-U.S. people as well because it takes away protections and recourse under U.S. domestic privacy laws.

    No Required Notice to People Under Surveillance

    The U.S.-UK agreement also doesn’t create safeguards the provide notice to the target of a law enforcement order, or any other affected people.

    Without notice, a person won’t be aware that they are under foreign surveillance, won’t be able to hire a lawyer, and won’t be able to examine the evidence against them. Further, the agreement allows U.K. police to request U.S.-based data under U.K. law. People subject to unlawful surveillance won’t be able to exercise legal or constitutional rights they have under U.S. law.

    Unfair and Unequal “Minimization” Procedures

    National police agencies are trying to soft-pedal their demand for this new power by pointing out that it won’t be applied to U.S. persons. But foreign police will be getting Americans’ data. First of all, U.K. police will inevitably scoop up the information of Americans who have been in contact with foreigners who are the official subjects of U.K. police requests. That’s why there are mandatory “minimization” procedures to make sure U.K. police don’t get too much data about U.S. persons, or distribute it too widely.

    As for U.K. citizens and residents, what happens to their data under this agreement isn’t clear.  When U.S. police go to British information providers, there are no clear requirements for how the U.S. should even perform minimization. The only requirement on the U.S. is that the agreement be reciprocal, including limitations on targeting people within British territory. But that doesn’t mean that the U.S. won’t still get information about U.K. persons, as long as they’re in communication with a non-U.K. target—just as U.K. police will get from the U.S.

    U.K. Police Can Secretly Gather Evidence to Pursue Low-Level Crimes 

    U.S. Attorney General William Barr has claimed that offering extraordinary access to foreign police is the right thing to do because of the awful crimes they’re pursuing, citing terrorism and crimes against children.

    However, the deal will allow U.K. police to comb through the data of U.S. companies for relatively low-level crimes, including fraud, assault, and simple theft. The only justification U.K. police will have to come up with is that they’re investigating a crime that holds at least a three-year prison sentence in their own country. They could even be investigating acts that aren’t crimes in the U.S. Again, the same holds true for U.S. law enforcement gathering information held in the U.K.—there’s no requirement that a similar crime exists in both countries. It’s worth noting that under U.K. law, a 10-year sentence can also be handed down for criminal copyright infringement.

    No Safeguards for Free Expression

    Under the current system, if a foreign law enforcement agent wants access to protected information in the U.S., both the DOJ and a judge will review the request to make sure it doesn’t violate human rights, or U.S. laws like the First Amendment. This review is a part of the long-standing mutual legal assistance process that lets governments access data stored in other territories, but with procedural safeguards. Under this agreement, there won’t even be a cursory review. In some situations, U.S. authorities won’t even be notified about the foreign agent’s request.

    The CLOUD Act and U.S.-U.K. agreement specifically say that foreign governments shouldn’t be allowed to file requests that “impinge freedom of speech.” But “freedom of speech” has a different meaning in U.S. and in UK law. The U.K. has several laws that potentially violate article 19 of the International Covenant on Civil and Political Rights, as we pointed out last year in a letter signed by EFF and other free expression organizations.

    Under this agreement, it will be up to U.S. tech companies to challenge requests that aren’t compatible with human rights or free speech. As we have seen time and time again, tech companies are not in the best position to understand the nuance of free speech law.

    Congress didn’t give proper thought to the CLOUD Act when it passed last year, and it let fundamental U.S. privacy and speech protections fall to the wayside. Now, Congress shouldn’t double down on its mistake by letting an executive agreement negotiated behind closed doors pass through its halls without review. The 180-day clock is already ticking to protect our privacy. Congress should initiate a joint resolution of disapproval of the U.S.-U.K. agreement, as soon as possible.

    Source: Congress, Remember the 4th Amendment? It’s Time to Stop the U.S.-UK Agreement. | Electronic Frontier Foundation

  • Why It’s Time to Revisit the 1970 Federal Requirement to Report Cash Transactions Exceeding $10,000

    Many readers will know that the Currency and Foreign Transactions Reporting Act of 1970 requires that financial institutions must keep records of cash transactions summing to more than $10,000 in one day and report suspicious transactions to the federal government. In addition, people coming into the United States from foreign countries (including US citizens) must declare cash or other negotiable instruments they are bringing into the country if the amount exceeds $10,000.

    Monitoring large holdings of cash and cash transactions provides a way for the government to identify people who may be engaging in illegal activity. These reporting requirements open the potential for government to abuse them, especially because of civil asset forfeiture laws that allow governments to confiscate assets without proof of any wrongdoing and require the owners of the assets to prove they were not associated with any illegal activity to get their assets back. That’s an important point, but not my point here.

    One aspect of this requirement is that because the limit is stated as a dollar amount ($10,000), inflation lowers the real value of that limit year after year. Adjusting for inflation, $10,000 in 1970, when the Act was passed, would be $65,000 today. As inflation continues, the reporting requirement continues to shrink in terms of real purchasing power.

    Inflation and the 4th Amendment

    At today’s current inflation rate of 2.5 percent, the value of a dollar will fall by half in 29 years. If inflation picks up beyond that, it will take less time for the value of a dollar to decline by half. As time goes on, more and more cash transactions will be covered under the Act, enabling the government to monitor even more of our financial activities.

    Back in 1970 when the Act required reporting of cash transactions in excess of $65,000 in today’s prices, you can imagine people not objecting, thinking that there would be little reason to be holding that much cash. But there are some good reasons to have more than $10,000 in cash, and as inflation makes that number even smaller, more people and more transactions will be captured by government reporting requirements.

    I’m not an attorney, but it appears to me the Act violates the Fourth Amendment, which states in part, “The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated…” The Act constitutes what appears to me to be an unreasonable search.

    Could a legal challenge be possible? If, when the Act passed, it required reporting of cash transactions exceeding $65,000 in today’s dollars, it appears that one could claim that, even if that was reasonable, the $10,000 limit today is not.

    Setting aside any legal issues, one hidden cost of inflation is that it makes an increasingly large share of cash holdings and transactions subject to government surveillance.

    Reprinted from the Independent Institute.

    Randall G. Holcombe

    Randall G. Holcombe is Research Fellow at The Independent Institute, DeVoe Moore Professor of Economics at Florida State University, past President of the Public Choice Society, and past President of the Society for the Development of Austrian Economics. His many books include Housing America (edited with Benjamin Powell) and Writing Off Ideas.

    This article was originally published on FEE.org. Read the original article.

  • Local Cops Can Skirt State Limits on Surveillance By Joining Federal Task Forces

    By joining joint law enforcement task forces run by the federal government, local cops can often ignore stringent state and local laws governing surveillance and engage in warrantless spying.

    It’s well-known that a federal program known as “Equitable Sharing” allows local prosecutors and police to bypass more restrictive state asset forfeiture laws by passing cases off to the federal government through a process known as adoption. A Department of Justice directive issued last summer by Attorney General Jeff Sessions reiterates full support for the equitable sharing program, directs federal law enforcement agencies to aggressively utilize it, and sets the stage to expand it in the future.

    Through the adoption process, local police claim cases are federal in nature to justify transferring them to federal jurisdiction. Under these arrangements, state officials simply hand cases over to a federal agency, participate in the case, and then receive up to 80 percent of the proceeds.

    Participation in federal joint law enforcement task forces gives state and local police a similar means to circumvent restrictive state surveillance laws and conduct warrantless spying with immunity.

    How Local Cops Can Ignore Local Laws

    When state or local law enforcement officers join a federal joint task force, they are deputized as federal agents. As a result, they can operate under the exact same parameters as an FBI or DEA agent. That means they are no longer bound by state laws governing surveillance. In practice, this allows local cops to ignore state laws as they collect information on people in their communities.

    For instance, last year, Illinois passed the most restrictive law on cell site simulators in the country. Commonly referred to as “stingrays,” these devices essentially spoof cell phone towers, tricking any device within range into connecting to the stingray instead of the tower. This allows law enforcement to sweep up communications content, as well as locate and track the person in possession of a specific phone or other electronic device.

    Under the Illinois law, police must get a warrant before using a stingray to track an individual’s location in most situations, and they are barred from using the devices to access data on electronic devices or listen to conversations. But an Illinois police officer serving on a joint task force can ignore the warrant requirement and deploy a stingray despite the state law.

    According to a report by the Century Foundation, Joint Terrorism Task Forces (JTTFs) are particularly invasive due to their broad and sweeping mandate to “prevent terrorism.”

    The War on Terror Expands Law Enforcement’s Reach

    Prior to 9/11, there were about 30 JTTFs scattered around the US. Today, more than 180 such task forces operate all across the US. According to memoranda of understanding (MOUs) obtained by the ACLU, state and local law enforcement officers assigned to JTTFs follow federal rules for intelligence gathering.

    According to the New Century report, these JTTFs also allow state and local cops to operate in