Fall 2016

Cover story image of a wire fraying

Tension: Privacy vs. National Security in the Digital Age

By Katie Vloet

Cindy Cohn, ’89
Cindy Cohn, ’89

The Day That Changed Everything

Cindy Cohn, ’89, was in her office at the Electronic Frontier Foundation (EFF), interviewing a job candidate, when a staff member knocked on her door. Cohn initially said she couldn’t step away from the interview, but her colleague persisted. It was June 5, 2013—the day that would change everything.

Cohn and her colleagues huddled around a computer monitor in the EFF office in San Francisco as the story unfolded; The Guardian newspaper had published an article saying that the National Security Agency (NSA) was collecting telephone records of millions of U.S. customers of Verizon. So began a series of news stories based on leaked information; the leaker would turn out to be Edward Snowden, and the documents he released would bolster the arguments EFF had been making about warrantless surveillance of U.S. citizens.

For the previous seven years, Cohn—as the legal director of EFF and later its executive director—had been serving as counsel in a case initially filed against AT&T that evolved into Jewel v. National Security Agency. In that case, EFF says it “is suing the NSA and other government agencies on behalf of AT&T customers to stop the illegal, unconstitutional, and ongoing dragnet surveillance of their communications and communications records.” Other cases followed, as EFF became one of the go-to organizations for individuals and groups that sought legal representation in digital-rights suits against telecommunications carriers and the government.

“We were slowly making our way through the courts,” Cohn says, noting that many people (including some judges) initially didn’t believe the government was engaged in warrantless surveillance. “I think Mr. Snowden has done a tremendous favor for Americans in terms of being able to make informed decisions. We’ve got a stake in this. It’s our data. … After 2013, people began to get what was happening, and that certainly helped support the arguments we had been making since 2006.”

The way that Jewel v. NSA has progressed—with more momentum in the past couple of years than in the first several—illustrates this evolution as it has played out in the courtroom. While some rulings through the years have favored the government, others, including one earlier this year, have gone EFF’s way. In February 2016, EFF won a significant victory when the Hon. Jeffrey White of the U.S. District Court for the Northern District of California authorized EFF, on behalf of the plaintiffs, to conduct discovery against the NSA. EFF had been barred from doing so since the case was filed in 2008, “which meant that the government was able to prevent us from requesting important information about how these programs worked,” Cohn says. The ruling marked the first time a party has been allowed to gather factual evidence from the NSA in a case involving the agency’s warrantless surveillance.

Cohn’s involvement in these cases puts her at the center of a critical national debate and discussion about the proper balance between national security and individual privacy. Michigan Law alumni are prominent on all sides of the conversation and legal battles surrounding the proper role of surveillance in the digital age, and one alumnus is even at the midpoint of the debate, as he pushes for more transparency and civil liberties from within the federal intelligence sphere.

For Cohn and EFF, the legal battles are expected to continue for many years. Recent successes fuel them throughout the long journey. In addition to Jewel, EFF has filed another case against the NSA on behalf of the First Unitarian Church of Los Angeles and 22 other organizations raising right-of association concerns; another, where EFF is working in conjunction with the ACLU, is brought on behalf of a woman in Idaho who is challenging bulk collection of phone records; and EFF also appears as amicus curiae in several other cases involving bulk collection of Internet and phone data.

The stakes, Cohn says, have never been higher.

“We have two problems: The NSA is doing too much, and it’s doing it too secretly,” she says. “Unless we can fix both of those problems, I think we’re in danger of losing our democracy.”

Daniel Gallington, LLM ’73
Daniel Gallington, LLM ’73

Government Officials: Finding the Proper Balance

Or, perhaps, our democracy works precisely because of the government’s efforts to create a balance between national security and individual privacy.

So says Alexander W. Joel, ’87, chief of the Office of Civil Liberties, Privacy, and Transparency in the Office of the Director of National Intelligence. That lengthy job title means that it is Joel’s job to help ensure that an appropriate middle ground is achieved between the two priorities.

“It’s fair to say that the intelligence community that I have grown to know over my years doing this job is very much committed to doing the right thing,” says Joel, who has been in his current job for 11 years and previously worked in the general counsel’s office in the CIA. “By that we mean both the national security mission that is expected of us, as well as protecting people’s individual liberties and operating in a way that would make Americans proud.”

Joel uses the metaphor of a scale to explain what he and others who work in civil-liberties positions in intelligence agencies aim to achieve. “We’re trying to give equal weight to both sides of the scale,” Joel says. They ask what is the intended result of a particular intelligence measure, as well as what impacts it may have and what needs to happen to restrain the activity to make sure individual privacy remains intact. “The answer is, let’s not choose one—national security or privacy,” Joel says. While there “are obviously tensions” between the two priorities, he says, they can and do coexist.

Joel is just one of the Michigan Law alumni working in the upper ranks of the federal government on issues that involve gathering data and other information as a means of protecting U.S. citizens. Chief among those is Benjamin C. Mizer, ’02, the principal deputy assistant attorney general for the Civil Division of the Department of Justice. While he cannot speak publicly about these issues because of ongoing litigation, by the nature of his job he has become one of the leading defenders of the government’s point of view.

Someone who can more openly address the government’s perspective is Mizer and Joel’s boss, President Obama. He has made impassioned remarks about why U.S. intelligence officials must have access to some telephone and computer data as a way of keeping citizens safe. For instance, after 14 people were killed in San Bernardino, California, in December 2015, the FBI tried to compel Apple to create new software that would enable the FBI to unlock the iPhone of one of the shooters. If phones and other devices are made to be impenetrable, he said, “how do we apprehend the child pornographer? How do we solve or disrupt a terrorist plot?”

He also has spoken more broadly about national security issues. “All of us value our privacy, and this is a society that is built on a Constitution and a Bill of Rights and a healthy skepticism about overreaching government power,” President Obama said during a conversation at the South By Southwest Interactive Festival in March 2016. “The Snowden issue vastly overstated” the risks to U.S. citizens when it comes to surveillance, Obama said, but he added that they did reveal “excesses” in surveillance overseas, many of which have been curtailed in the years since.

“We’re going to have to make some decisions about how we balance these respective risks,” President Obama said. “I anguish a lot over the decisions we make in terms of how we keep this country safe. … [But] this notion that somehow our data is different and can be walled off from those other trade-offs we make, I believe is incorrect.”

After the Snowden documents were released, many changes took place in the collection of data—either by the decision of the Obama administration, because of congressional action, or due to court rulings. In 2015, Congress passed the USA FREEDOM Act, which called for the government to end its bulk collection of phone records under Section 215 of the PATRIOT Act. It also increased the transparency of the Federal Intelligence Surveillance Court, or FISA Court, and established a panel of amicus curiae to present the court with legal arguments that advance the protection of individual privacy and civil liberties. Many people and organizations from within and outside the government are critical of the FREEDOM Act—mostly for not doing enough to protect individual privacy, though for some critics it doesn’t do enough to safeguard national security. But others believe it strikes the right balance and further advances a checks-and-balances process that means all branches of the government have some oversight.

“The court is working hard to get it right, the Congress is working hard to get it right, the administration is working hard to get it right,” says Jeffrey Smith, ’71, who heads Arnold & Porter LLP’s national security practice. He is a former general counsel of the CIA and currently serves on the Department of Defense Legal Policy Advisory Board. Smith also has worked in the Pentagon, the State Department, and the U.S. Senate, so his perspective is based on vast and diverse experience. “In terms of the big picture, the congressional oversight system works quite well. I’m very comfortable that we’re doing the right thing,” Smith says. “Electronic surveillance is probably the single most important source on what our adversaries are doing that could cause us great harm.”

He adds that the public may not understand the limited reach of the data-gathering conducted by the NSA and other agencies. “Edward Snowden said he was able to tap any phone in the country that he wanted to. That’s just not true. He said a lot of things that just aren’t true,” Smith says. “He also disclosed detailed information on U.S. collection of foreign government communications. I don’t know what the consequences are of his disclosure” in terms of losing sources and compromising U.S. citizens. “As we used to say at the CIA: ‘Never do anything that would give a KGB officer a medal,’” he says, referring to Snowden’s actions as “treacherous.”

Daniel Gallington, LLM ’73, was in the Pentagon on Sept. 11, 2001, when terrorists slammed a plane into the building, around the corner from his E Ring office. He stayed around the clock in the burning building for several days, working as the special assistant for policy to Secretary of Defense Donald Rumsfeld. That experience—along with decades in the intelligence sector—ensure that national security is often at the top of his mind.

Perhaps it is not surprising, then, that Gallington co-signed a letter to President Obama calling the release of documents by Edward Snowden an act that has done “grievous harm” to U.S. national security. The letter also said that Section 215 of the U.S. Code, which governs intelligence collection inside the United States, is indispensable in keeping Americans safe from terrorism. “The National Security Agency should continue to store the data, under existing tight controls and oversight,” the 2014 letter stated.

Gallington points out that the public-opinion pendulum swings toward national security during wars and after attacks such as Sept. 11. “Our nation and society abhor surveillance. But when we’re threatened or we’re at war, we don’t look the other way; we just swallow hard and say there are some things we’re going to have to do to keep us from being blown up,” says Gallington, who also served in a senior national security policy position in the Department of Justice and as bipartisan general counsel for the U.S. Senate Select Committee on Intelligence.

Still, Gallington emphasizes how important it is for civil-liberties organizations to be part of the conversation. “I used to call the ACLU as witnesses in the Senate, and I’ve worked with them for years,” he says. “They give articulation to the silence of the people who are represented here.”

“As the Pentagon was burning, we were debating what was our authority to interrogate a person.”


Jeffrey Smith, ’71
Jeffrey Smith, ’71

Smith offers historical perspective about the initial creation of the FISA Court to discuss both why it is necessary and how it is outdated. The court was authorized under the Foreign Intelligence Surveillance Act (FISA) of 1978 to oversee requests for surveillance warrants against foreign spies inside the United States. The court was designed to address abuses that congressional investigations had uncovered, notably the NSA, CIA, and FBI conducting wiretapping operations without judicial oversight.

Necessary? Yes, Smith says, just as much today as it was in 1978. The problem is the evolution of communications technology, and a lack of evolution of the laws to keep up with it. “It has grown over time as technology has changed, but the law is still way behind,” he says. “I continue to think that there have to be ways of finding new technologies that can balance these two competing interests [national security and individual privacy] so that we don’t have to give up one for the sake of the other.”

Smith also was part of a process 40 years ago that led to oversight of intelligence activities still in place today. As a lawyer with the State Department in the 1970s, he worked with the Senate Select Committee to Study Governmental Operations with Respect to Intelligence Activities, known as the Church Committee, which recommended an elaborate series of laws and regulations to oversee the conduct of U.S. intelligence activities. Based on these recommendations, President Ford issued Executive Order 11905, later replaced in 1981 by President Reagan’s Executive Order 12333, which the American intelligence community has utilized as a document authorizing the expansion of data collection activities.

EFF, the ACLU, and other organizations still see the bulk collection of data as an unacceptable invasion of individual privacy, even with the post-Snowden modifications. And they worry about content gathered with programs such as PRISM and Upstream, which collect large swaths of Internet data. While those programs do not directly target people in the United States, content from Americans’ communication does get picked up through the program; Cohn points to a Washington Post analysis of collected information that revealed that nine out of 10 account holders “were not the intended surveillance targets but were caught in a net the agency had cast for somebody else.” But many who work in the intelligence field contend that government agencies do a good job of not overstepping. They also point out that the United States is unique in its willingness to have such conversations about civil liberties in relation to national security interests.

“We’re not perfect, but I have never doubted that the intelligence professionals I work with have always tried to figure out what the right thing is to do,” Joel says. “With enough transparency, my hope is that the American people will see” that he and his colleagues work hard to keep the public safe with as little treading on individual privacy as possible.

“We’re the good guys,” he adds, “and we’re trying to do the right thing.”

A sketch drawing of Alexander W. Joel, ’87.
Alexander W. Joel, ’87

Not an Issue of Right vs. Left

This debate represents an oddity in current societal issues in the United States: It does not divide along party lines or between liberals and conservatives. The Obama administration has continued many George W. Bush-era policies. Many of the government staffers making day-to-day decisions have worked for Democratic and Republican presidents. And litigants against the NSA include organizations at the left of the spectrum (ACLU, EFF) and the right (Judicial Watch).

“Certainly the Obama administration has taken a more restrained approach to some aspects than the Bush administration, but in some cases has continued or expanded” the previous administration’s programs and efforts, says Hugh Handeyside, ’07, staff attorney in the ACLU’s National Security Project. “It’s not something that can be indexed to a particular political party or ideology. Every administration seems to defer to national security concerns.”

Joel, from the Office of the Director of National Intelligence, points out that he and many of his colleagues in the intelligence community are career civil servants. Unlike presidential appointees, they stay in their jobs from one administration to the next and are not necessarily divided by party lines. “There’s a lot of continuity,” he says.

Gallington, too, worked for Democrats (including former Attorney General Janet Reno) and Republicans (including former Defense Secretary Donald Rumsfeld). Gallington also points out that the real tensions are not between political parties, but rather between the president and Congress. “Congress would say that FISA is the exclusive means by which a president can order the collection of digital information. But when I was at the Justice Department, we would say FISA is a legal way that the government can collect digital information. Big difference,” he says. One notable example of the latter philosophy is President Georege W. Bush’s Terrorist Surveillance Program, under which the NSA was authorized by executive order to monitor phone calls, Internet activity, and other communication involving people believed to be outside of the United States—even if part of the communication lay within the United States. The Bush administration, under public pressure, said in 2007 that it had stopped the program and returned to a system in which the FISA Court reviewed surveillance requests. The following year, Congress passed the FISA Amendments Act of 2008, which relaxed some of the original FISA Court requirements. “They amended FISA to allow what the president had been doing anyway,” Gallington says.

Meanwhile, more recent efforts in Congress, such as the passage of the FREEDOM Act, have drawn widespread bipartisan support. Those who haven’t always supported such national-security-oriented legislation include left-leaning Democrats and libertarian-leaning Republicans such as U.S. Rep. Justin Amash, ’05, of Michigan. He and Democratic Rep. John Conyers of Michigan proposed an amendment to the 2014 National Defense Authorization Act that would have de-funded the NSA bulk-collection program. The measure was narrowly defeated—but, notably, the Aye votes were split between Democrats and Republicans, as were the Nay votes.

One thing that everyone quoted in this article agrees on, regardless of their place of employment or their political leanings: We don’t have to choose national security or individual privacy. This is not a binary issue.

“We push back on reducing the question to whether we should be safe or we should be free. We think you should be safe and free,” says the ACLU’s Handeyside. “Freedom and security are actually quite complementary.”

“Privacy and national security are not mutually exclusive,” says Smith, the former CIA general counsel. “You can do both. You can design systems in such a way that privacy is protected, but at the same time we can look for information that is critical to national security.”

If I’m Not Doing Anything Wrong, Should I Care About Government Surveillance?

Civil libertarians hear that question often. And they respond: Yes, you absolutely should be worried about the bulk collection of data, even if you are a law-abiding citizen with nothing to hide from the government. “First, the government does make mistakes. They easily misconstrue statements or associations,” says Handeyside. “Innocent people are targets of investigations quite frequently. It’s not true that just because you have nothing to hide you won’t necessarily become the target of investigations or surveillance.”

Additionally, he says, the existence of surveillance leads people to edit themselves. “Surveillance causes self-censorship. That can include self-censorship of discourse that is so critical to a vibrant democracy,” he says. And while many of us believe that we have nothing to hide, we may not know what is happening with other people in our communications networks. “People don’t realize how far their contacts and associations really go. They may be connected with someone the government is interested in. The government is interpreting its authority very broadly.”

Cohn echoes many of those same messages, and she adds that we shouldn’t think of this in terms of individual privacy alone. “It is necessary for a functioning democracy for people to have conversations and voice opinions that may be unpopular at the time,” she says. “Someone once had to turn to someone else and say, ‘I don’t think slavery is a very good idea.’ That conversation would not have happened if the government could be listening in.”

It is just as important for people to be able to discuss political and societal issues of today, without fear of the government having access to what they are saying, Cohn says—though many in the intelligence community would counter that the government for the most part isn’t gathering the content of people’s phone conversations in the United States, just the data about who/when/where. But, of course, simply knowing who you talk to, when, and how often can reveal much about the content of your communications.

“In my lifetime,” Cohn points out, “it was not a safe thing to say that gay people should be able to marry. If the only things you can say are what the government in power wants you to say, social change really doesn’t happen.

“Yes, individual rights are important, but to me, the democratic values are as important or even more so.”

Hugh Handeyside, ’07
Hugh Handeyside, ’07

Does Surveillance Work?

For better or worse, and with modifications along the way, the United States has established a process for gathering data about individuals’ phone calls. This is done with the stated goal of protecting U.S. citizens from people who may want to do us harm, say the officials who support such data collection. But that raises the question: Does it work? Are we safer because of bulk collection of telephone data?

Indeed, the answers to this question vary dramatically, depending on whom you ask. “The collection of phone records was done at significant damage to our privacy. When the information was finally revealed and the government had to come clean, it was demonstrated that there wasn’t a single terrorist act stopped, which surprised even me,” Cohn says. “The program that got implemented in the name of national security didn’t make us any safer.”

Handeyside agrees that “bulk surveillance programs have not been demonstrated to be effective. The government is leaning very heavily into the realm of prevention and stopping violence or terrorism before it happens. To some extent, that’s understandable. The Department of Justice and the FBI aren’t just there to punish someone after the fact,” Handeyside says. The problem, he argues, is that there is no single pathway or “conveyor belt” that leads to acts of terror. With no empirical way to identify terrorists ahead of time, “they end up using protected speech or religion as proxies and disproportionately target minority communities, especially Muslims and people of Arab heritage.”

Many in the intelligence community have a far different perspective. Senior officials in the Obama administration have said the bulk collection of phone data is one tool that helps them to learn about and stop terrorist attacks. Others say data collection has helped to prevent actions by foreign nationals who want to harm people in the United States, even if specific terrorist plots haven’t been uncovered. “It isn’t just about terrorism,” Smith says. “It’s also about the development of weapons of mass destruction. Much of what we learned about Iran, for instance, we acquired through electronic surveillance.”

Bulk data collection must be allowed to continue because it is a vital and singular tool, Smith says. “The vast powers of the United States to collect and analyze information are not designed to satisfy some prurient interest. They are designed to protect us against people who want to kill Americans, to find spies in our own midst, to find people who are making weapons of mass destruction.

“Imagine you’re the president of the United States and you wake up every day saying, ‘could I have done more to prevent another 9/11?’” Smith says. “You want to have this tool at your disposal.”


ACLU and EFF Suits Involving Government Surveillance

Some of the key cases in which the ACLU and EFF have sued the federal government in relation to the wiretapping program.

ACLU v. National Security Agency (NSA)

In 2006, in the first federal challenge ever argued against the NSA’s “warrantless wiretapping program,” the ACLU defeated the Bush administration when a district court declared the program unconstitutional. But in July 2007, the Sixth Circuit overturned that decision. The ACLU asked the Supreme Court of the United States to consider the ruling, but in February 2008, the Court declined to review the challenge.

United States v. Muhtorov

In January 2014, the ACLU joined a challenge to the FISA Amendments Act’s (FAA) constitutionality in United States v. Muhtorov, on behalf of the first criminal defendant to receive notice that he was surveilled under the FAA. The ACLU argues that the FAA violates both the Fourth Amendment and Article III of the Constitution because it permits the government to intercept the international communications of U.S. residents without obtaining a warrant or any kind of individualized court review.

Jewel v. NSA

A judge in 2015 upheld a part of the government program against a Fourth Amendment claim. But in February 2016, the same judge—the Hon. Jeffrey White of the U.S. District Court for the Northern District of California—authorized EFF to conduct discovery against NSA on several statutory claims.

First Unitarian v. NSA

In 2013, EFF filed a lawsuit in another case based on the recently published Foreign Intelligence Surveillance Court court order requiring Verizon to turn over to the NSA all customer phone records. This metadata, especially when collected in bulk and aggregated, allows the government to track the associations of various political and religious organizations— in violation of the First Amendment right to association, EFF contends.

Klayman v. Obama

In a case in which EFF appeared as amicus curiae, a federal judge ordered in 2015 that the NSA must cease collecting telephone records of an individual and his business. The case involves a conservative activist challenging the legality of bulk collection of phone and Internet metadata.

Smith v. Obama 

In September 2014, EFF and the ACLU joined the legal team for Anna Smith, an Idaho emergency neonatal nurse, in her challenge of the government’s bulk collection of the telephone records of millions of Americans. This case argues that the program violated her Fourth Amendment rights by collecting details about her familial, political, professional, religious, and intimate associations. The case focuses on challenging the applicability of the third-party doctrine—that is, the idea that people have no expectation of privacy in information they entrust to others. The case was dismissed in U.S. District Court, but Smith is appealing to the Court of Appeals for the Ninth Circuit.