(MintPress) – New reports are demonstrating the extent of which the federal government is relying on social networking websites to follow the accounts of users that show “suspicious” activity. And because there are few laws regulating the government’s use of the Internet as an investigative tool, a majority of the online surveillance against individuals is done without a legal warrant, which has resulted in a 600 percent increase in certain surveillance requests. The American Civil Liberties Union (ACLU) has spearheaded the efforts to shed light on the real-time online spying, having already sued the government to fulfill its Freedom of Information Act (FOIA) request.
In one FOIA report, United States Department of Justice (DOJ) usage of social network surveillance and email providers increased 80 percent from 2010 to 2011. Officials followed users on sites such as Facebook, Twitter and Google+, extracting information such as who they communicated with, their “Likes,” “shares” and “+1s.” Documents show that in 2010, 922 “live intercepts” of social networking and email information were carried out. That figure ballooned to 1,661 in 2011, demonstrating the government’s growing affinity for its capability to follow consumers’ social networking activity.
While the ACLU earned a victory in its exposing of the expanding practice, Christopher Soghoian, principal technologist with the ACLU’s Speech, Privacy and Technology Project, said the governments reach with the Internet and mobile devices is unlikely comprehensible at this point.
“This is a very invasive surveillance technology,” Soghoian told CNET. “We don’t have a feel for how broadly it’s being used.”
Unchallenged tactics
According to the ACLU, the federal government is able to comb through social networking profiles without a warrant by justifying its actions with the Electronic Communications Privacy Act of 1986 (ECPA). Under the decade’s old provision, the government was able to detail what phone numbers were being dialed. But as technology rapidly evolved, authorities still used the legislation as a means of following electronic communications, even though communication has evolved drastically.
The ACLU argues that targeted surveillance without a warrant is unconstitutional and would not hold up in court if it were formally challenged. The organization noted that the government can have open access to your location, what you search for and what you purchase over the Internet simply by hiding behind the dated legislation.
“The Founding Fathers recognized that citizens in a democracy need privacy for their ‘persons, houses, papers, and effects.’ That remains as true as ever; today’s citizens deserve no less protection just because their ‘papers and effects’ might be stored electronically,” the ACLU wrote. “Online privacy law shouldn’t be older than the Web, and Americans shouldn’t have to choose between new technology and privacy.”
In a technological sense, the DOJ implements two tactics to trace online and email activity: Pen registers and trap-and-trace. Pen registers are able to compile real-time information of outbound telephone and internet communications, such as phone numbers dialed and the sender and recipient of an e-mail message. A trap-and-trace aggregates the same information, but for inbound communications. Neither method is capable of extracting the content of the communication.
When a pen register or trap-and-trace is executed, it creates an “original order” within the government database as a form of recordkeeping. When the ACLU obtained the records of surveillance, it found that only 5,683 original orders were carried out in 2001. But those requests grew exponentially, as 2011 showed 37,616 original orders – over a 600 percent increase in the span of a decade.
Legislation like the Patriot Act, written after the terrorist attacks of 9/11, gives access to the content of online and telephone interactions. But pen registers and trap-and-trace are non-content tactics, which have little oversight and have not been challenged, creating a grey area with little limitation.
“Because these surveillance powers are not used to capture telephone conversations or the bodies of emails, they are classified as ‘non-content’ surveillance tools, as opposed to tools that collect ‘content,’ like wiretaps,” the ACLU noted. “This means that the legal standard that law enforcement agencies must meet before using pen registers is lower than it is for wiretaps and other content-collecting technology.”
Pushing back
In August, New York Democratic Congressman Jerrold Nadler introduced legislation that would amend the ECPA to improve reporting requirements of pen register and trap-and-trace of government agencies using the tactics. A provision of the bill would also require a warrant to look at real-time communications and full compliance with the Federal Rules of Criminal Procedure.
“Congressman Nadler’s bill is an opportunity to apply meaningful oversight to the government’s rapidly increasing use of a highly invasive surveillance power,” the ACLU said. “These reforms are critical to protect our privacy and maintain an open and transparent government.”
In a more broad-sweeping technological bill, California Democrat Rep. Zoe Lofgren introduced legislation that would require police and authorities to obtain warrants when looking to access email or track cell phone location and usage. But the DOJ has already scoffed at the bill, saying it would impede on its ability to follow through quickly with investigations because it would have to spend time applying for warrants.
Currently, there are few standards that have to be met to carry out a pen register or trap-and-trace, which simply involves police telling a court that either of the tactics would benefit their investigation, with little formality at all. The Electronic Frontier Foundation (EFF) says the relative ease in carrying out a pen register investigation makes it equally as threatening as the Patriot Act, even though it produces smaller amounts of content.
“Court authorization for a pen/trap tap is much easier to get than a wiretap order,” the EFF wrote. “We don’t know how many pen/trap orders get issued every year – unfortunately, there is no annual report on pen/trap surveillance like there is for wiretapping – but we have heard unofficial numbers that reach into the many tens of thousands. Therefore, the risk of being subjected to pen/trap surveillance is higher than the risk of being wiretapped.”