For years, unbeknownst to the American people, a top-secret government program overseen by the National Security Agency collected and stored "metadata" about nearly all U.S. telephone calls — including who called whom, when, and from where. Last week, some two years after the public learned of this mass surveillance, a strong majority in Congress voted to end it, stripping the government of its authority under the 2001 PATRIOT Act to engage in indiscriminate domestic surveillance. President Obama immediately signed the legislation, called the USA FREEDOM Act.
Congress and the president made the right decision. Although purported to protect Americans from terrorists, the NSA's surveillance program proved useless as a security measure. Meanwhile, the NSA's activities undermined Americans' trust in the technology and telecom companies whose services and networks they use on a daily basis. And the program arguably violated federal law — a federal appeals court held last month that Congress never authorized the NSA to collect domestic telephone records in bulk to begin with.
Worrying about phone records might seem quaint in 2015, when most of us increasingly rely on e-mail, Facebook, or even Snapchat to communicate. But the NSA also collected Internet metadata, including e-mail to/from lines and potentially Web addresses, until a couple of years ago, using the same authority under which it collected phone metadata. The NSA put its domestic bulk Internet surveillance on hold a few years ago due to "operational and resource constraints," but until the USA FREEDOM Act was enacted last week, the agency could have resumed spying on innocent Americans' e-mails at any time.
Despite the program's demise, the feds can still get data about terror suspects from companies. Instead of searching a database housed inside the NSA, however, authorities will simply need to show specific, articulable facts demonstrating that searching a phone or Internet company's database is necessary for a particular investigation. This individualized, suspicion-based approach is how U.S. law enforcement has long operated.
Our Founders didn't trust government authorities with unfettered access to citizens' private information, even if it made it easier to identify and punish wrongdoers. Nowadays, we should trust our government even less, given how much conduct lawmakers have criminalized.
Fortunately, the Fourth Amendment to the U.S. Constitution protects our right to be "secure" in our "persons, houses, papers, and effects, against unreasonable searches and seizures." But even if the Constitution doesn't protect our metadata, as some legal scholars argue, Congress still can and should limit the authority of law enforcement to indiscriminately sweep up Americans' private records.
What about terrorist threats? Perhaps if the NSA's surveillance programs were uniquely effective in averting massive loss of life, the public might seriously consider the tradeoff that supporters of bulk data collection seem willing to make. Yet experts from across the political spectrum have deemed the NSA's program ineffective, including a group set up by the president to review the program and a majority of the U.S. Privacy and Civil Liberties Oversight Board. Even with access to classified details to which the American people may not be privy, these bodies found little evidence supporting claims that mass domestic surveillance has actually prevented a serious attack or enabled the government to bring any terrorists to justice.
Moreover, when Congress passed the PATRIOT Act in the hope of preventing another September 11-style terrorist attack, it seems lawmakers never intended or realized the legislation they approved would allow the NSA's bulk collection program. Rep. Jim Sensenbrenner (R., Wis.), a key PATRIOT Act architect, said that the bill never aimed to authorize the suspicionless surveillance of Americans' Internet and telephone records. Last month, the U.S. Court of Appeals for the Second Circuit agreed.
Now that the USA FREEDOM Act is the law of the land, the NSA's bulk surveillance program is winding down. But this doesn't mean Congress's work to protect Americans' privacy from government overreach is over. We still know too little about many other troubling programs, such as "backdoor" NSA searches and the Drug Enforcement Administration's surveillance of phone calls to and from the U.S. And Congress has yet to enact legislation to require domestic law enforcement to get a warrant before forcing an e-mail or storage provider to divulge the actual content of a user's communications.
Still, with last week's promising vote, the tide has turned in favor of limiting the federal government's power to spy on innocent Americans. For Congress, it's a trend worth pursuing.