The John Marshall Journal of Information Technology & Privacy Law Volume 30 Issue 3 Article 5 Summer 2014 The Problems with PRISM: How A Modern Definition of Privacy Necessarily Protects Privacy Interests in Digital Communications, 30 J. Marshall J. Info. Tech. & Privacy L. 571 (2014) Adam Florek Follow this and additional works at: https://repository.law.uic.edu/jitpl Part of the Computer Law Commons, Internet Law Commons, Privacy Law Commons, and the Science and Technology Law Commons Recommended Citation Adam Florek, The Problems with PRISM: How A Modern Definition of Privacy Necessarily Protects Privacy Interests in Digital Communications, 30 J. Marshall J. Info. Tech. & Privacy L. 571 (2014) https://repository.law.uic.edu/jitpl/vol30/iss3/5 This Comments is brought to you for free and open access by UIC Law Open Access Repository. It has been accepted for inclusion in The John Marshall Journal of Information Technology & Privacy Law by an authorized administrator of UIC Law Open Access Repository. For more information, please contact [email protected]. THE PROBLEMS WITH PRISM: HOW A MODERN DEFINITION OF PRIVACY NECESSARILY PROTECTS PRIVACY INTERESTS IN DIGITAL COMMUNICATIONS ADAM FLOREK* I. INTRODUCTION In June 2013, National Security Agency (NSA) analyst Edward Snowden revealed the existence of clandestine government programs, codenamed PRISM and XKeyscore, designed to collect and aggregate information from numerous service providers into a single searchable database.1 The Guardian reporter Glen Greenwald first described the programs in a series of articles for the British paper, portraying PRISM as an Orwellian program that has infiltrated service providers from Mi- crosoft to Apple, and from Facebook to Google.2 The programs’ directive is to collect usage data and communications directly from the service providers on virtually every aspect of online life.3 It is common knowledge that social media sites collect personal da- ta from their users and in the majority of instances it is the user that is actually providing the information. How else would you be able to * Adam Florek is the former owner-operator of River’s Edge Group, Inc. He re- ceived his B.A. in Political Science from Purdue University in 2010 and is currently pur- suing his J.D. at The John Marshall Law School, expected May 2015. 1. Glenn Greenwald & Ewen MacAskill, NSA Prism Program Taps in to User Data of Apple, Google and Others, THE GUARDIAN (June 6, 2013), http://www.theguardian.com/world/2013/jun/06/us-tech-giants-nsa-data. 2. Id. 3. Glenn Greenwald, XKeyscore: NSA Tool Collects ‘Nearly Everything a User Does on the Internet,’ THE GUARDIAN (July 11, 2013), http://www.theguardian.com/world/2013/jul/31/nsa-top-secret-program-online-data. 571 572 J. INFORMATION TECHNOLOGY & PRIVACY LAW [Vol. XXX connect with your “friends” via Facebook or get technical support from Microsoft? Different sites, however, collect different types of infor- mation from their users. For instance, Google uses user search history to generate targeted ads4 whereas Facebook monitors an individual’s interests and activity to suggest friends and similar interests.5 In contrast, the PRISM program collects far more information. PRISM goes beyond the self-imposed limitations on data collection that private entities such as Google or Facebook adhere to.6 The PRISM program collects “audio and video chats, photographs, e-mails, docu- ments, and connection logs”7 and additional information from Microsoft, Yahoo!, Google, Facebook, PalTalk, YouTube, Skype, AOL, Apple, and other participating service providers.8 The information is allegedly col- lected directly from provider hardware via NSA technology and de- ployed at various private network locations allowing for more intimate access.9 The information, collected in real time, is indexed for analysis and search ability.10 PRISM is authorized under the 2008 Amendments to Section 702 of the Foreign Intelligence Surveillance Act of 1974 (FISA).11 The Act provides the federal government with expanded surveillance powers in connection with intelligence gathering and surveillance on foreign indi- viduals in the digital world.12 However, there are restrictions that ap- pear to prohibit surveillance of American citizens: target(s) must be 4. Privacy & Terms, GOOGLE, http://www.google.com/policies/privacy (last visited May 22, 2014). 5. Data Use Policy, FACEBOOK, https://www.facebook.com/about/privacy/your-info (last visited May 22, 2014). 6. Id. (analyzing their respective privacy policies, Google and Facebook each out- line the information that is collected from the user. For example, Facebook collects in- formation that the user chooses to share with it as well as information other people con- nected to the user choose to share with the user. Though this seems very broad, the specifics are outlined in the Facebook Data Use Policy). 7. Barton Gellman & Laura Poitras, U.S., British Intelligence Mining Data from Nine U.S. Internet Companies in Broad Secret Program, WASH. POST (June 6, 2013), http://www.washingtonpost.com/investigations/us-intelligence-mining-data-from-nine-us- internet-companies-in-broad-secret-program/2013/06/06/3a0c0da8-cebf-11e2-8845- d970ccb04497_story.html. 8. Greenwald & MacAskill, supra note 1. 9. Id. (“[T]he Prism program allows the intelligence services direct access to the companies’ servers. The Prism program allows the NSA, the world's largest surveil- lance organization, to obtain targeted communications without having to request them from the service providers and without having to obtain individual court orders.”). 10. Id. (“With this program, the NSA is able to reach directly into the servers of the participating companies and obtain both stored communications as well as perform real- time collection on targeted users.”). 11. 50 U.S.C. § 1881 (2008). 12. Id.; see also § 1881a(b)(l). 2014] THE PROBLEMS WITH PRISM 573 outside of the United States;13 may not be a U.S. person living abroad;14 and surveillance must be consistent with the Fourth Amendment.15 Surveillance is allowed in the instance where a party is outside of the United States or under certain other circumstances.16 The presence of a data aggregation program, such as PRISM or XKeyscore, raises a number of new and unique legal issues. The right to privacy is a recognized and protected constitutional right. While that right may be circumvented, there are due process mechanisms in place to ensure that the government cannot wantonly invade the privacy of its citizens. PRISM, as it has been portrayed, seems to be in violation of a number of these fundamental privacy rights. Because PRISM and other surveillance programs create a number of privacy concerns, it is doubtful that the current “reasonable expecta- tion”17 doctrine is sufficient to safeguard privacy interests in an increas- ingly monitored society. This Comment will first explore the right to privacy and its evolution from Warren and Brandeis’s “right to be let alone”18 to the modern two prong analysis established by Justice Harlan in Katz v. United States19 and its application to an increasingly techno- logical collection of cases. In Part II, this Comment will discuss the ap- plication of the right to privacy in cyberspace and society’s expectation therein. Part III will explore the impact of surveillance, particularly the NSA’s surveillance programs, on people and social interactions. Fi- nally, this Comment will conclude by advocating for a modernized defi- nition of privacy that affords increased protections to the individual in keeping with society’s expectations and the dismantlement of the NSA’s domestic data collection operations. 13. See § 1881a. 14. Id. 15. Id. 16. Id. 17. Katz v. United States, 389 U.S. 347, 361 (1967) (Harlan, J., concurring) (“[T]he expectation be one that society is prepared to recognize as ‘reasonable.’”). 18. Samuel D. Warren & Louis D. Brandeis, Comment, The Right to Privacy, 4 HARV. L. REV. 193, 193 (1890). 19. Katz, 389 U.S. at 360 (Harlan, J., concurring). 574 J. INFORMATION TECHNOLOGY & PRIVACY LAW [Vol. XXX II. BACKGROUND A. THE PRISM PROGRAM 1. Purpose The need for a comprehensive surveillance program was realized after the terrorist attacks on September 11, 2001.20 The mandate of the PRISM program is to monitor and aggregate foreign communications in an effort to protect American interests from foreign threats.21 The pro- gram is designed to give law enforcement officials an additional avenue to investigate terrorism and to “allow . intelligence professionals to quickly and effectively monitor the communications of terrorists abroad.”22 The 2008 Amendments to FISA provide a more comprehen- sive surveillance program while allegedly safeguarding American liber- ties and addressing the inadequacies and issues of its predecessors.23 2. How Did We Get Here? The History of Post-9/11 Surveillance and its Present Authorization The PRISM program is only the latest iteration of a foreign surveil- lance program under FISA. In the months and years following the ter- rorist attacks of 9/11, the federal government initiated a number of pro- grams and operations to expand the scope of surveillance in an effort to ensure that the events of 9/11 were not repeated. These programs were carried out with varying degrees of success, and met with a wide range of public apprehension.24 President George W. Bush authorized the first of these programs called “Terrorist Surveillance Program,”25 via an Executive Order.26 20. NAT’L COMM. ON TERRORIST ATTACKS UPON THE U.S., U.S. SENATE, THE 9/11 COMMISSION REPORT 1-14, http://www.9-11commission.gov/report/911Report.pdf (last vis- ited Nov. 23, 2013). 21. President George W. Bush, statement upon signing H.R. 6304 (July 10, 2008) (the President, when signing the bill into law said, “The bill I sign today will help us meet our most solemn responsibility: to stop new attacks and to protect our people”).
Details
-
File Typepdf
-
Upload Time-
-
Content LanguagesEnglish
-
Upload UserAnonymous/Not logged-in
-
File Pages37 Page
-
File Size-