Thursday, March 21, 2013

CISPA and Surveillance Culture: Who Has the First Amendment Right Against Whom?

Guest Blogger

Anjali Dalal

For those of you who missed it, CISPA’s back.

This week, a number of public interest groups including the ACLU, CDT and EFF are engaged in a week of action to defeat the Cyber Intelligence Sharing and Protection Act (CISPA). I have a number of problems with CISPA, which I discussed at length a year ago, here and here, when the bill was on the floor of the House the first time around. The intervening year hasn’t led to significant changes in the language of the bill, so my concerns still stand.

However, a year later, what I find more troubling then the text of CISPA itself is the fact that it’s back. Last year, despite considerable efforts by public interest groups, CISPA passed the House with a vote of 248-168. Because of privacy and civil liberties concerns, the White House made it clear that the President would veto CISPA were it to make it to his desk, and the bill died in the Senate. This year, recognizing that passing a cybersecurity bill is a major priority on both sides of the aisle, House Republicans reintroduced CISPA, though without any modifications to the relevant language. One year later, the negotiation between civil liberties and national security still begins with an opening move that all but zeroes out the points in the civil liberties column.

Why is this? Why is it okay to be so unbalanced when it comes to the balance between civil liberties and national security? In a recent article in TechCrunch, Gregory Ferenstein discussed the different reactions of the Internet community to SOPA/PIPA versus CISPA. In the article, Ferenstein interviewed Alexis Ohanian, the founder of Reddit and a well-known Internet activist. Ohanian explained that the government "shutting down things we love" is a more compelling call to action than the "obliteration of 4th Amendment rights to privacy online." His point was that people react differently to perceived barriers to information access than they do to perceived privacy violations that affect the way we interact with, consume or share information.
There may be a kernel of truth to this. If civic activism is any indication, it seems to be more of an anathema for the government to shutdown Reddit for allegedly supporting internet piracy then it is for the government to engage in systematic surveillance of the people it governs. And this may be because people are in fact seriously concerned about our national security and are actively making a decision to allow incursions on their individual rights in order to allow the government to better serve our collective need. But, frankly, I’m suspicious of this argument. I think there’s been a cultural shift in the balance between civil liberties and national security that has happened quietly, under our noses, and because we have not fought back, it’s been assumed that we have implicitly agreed to the shift.

For example, 40 years ago, the Attorney General prohibited FBI agents from attending public meetings (political, religious or otherwise) undercover, unless it was pursuant to an open investigation, because of the potential encroachment such behavior might have on our freedom of assembly. By 1983, the Attorney General allowed such surveillance but limited the FBI’s authority in two ways: first, any such undercover activity that threatened to influence the free exercise of First Amendment-protected rights needed to be approved by FBI Headquarters and second, the FBI was required to notify the Department of Justice of the action. By 2003, the FBI was authorized to engage in public surveillance of gatherings and meetings without any such checks or balances. In defense of the change, Attorney General Ashcroft argued that "FBI investigators cannot surf the web the way you or I can. Nor can they simply walk into a public event or a public place to observe ongoing activities….These restrictions are a competitive advantage for terrorists who skillfully utilize sophisticated techniques and modern computer systems to compile information for targeting and attacking innocent Americans."

Bringing us to what feels like a complete 180 degree shift, a few weeks ago, an Ohio Court of Appeals decided that it was legal for the Trumbull County Children Services Board to require attendees of its public meetings to sign in before being admitted to the meetings. Without passing judgment on the specifics of the case itself, it is alarming to note that there is more government oversight of citizens attending public meetings run by the government than of government officials attending public meetings run by private organizations. It at least begs the question: who’s got the First Amendment right against whom?
This is the state of surveillance in the United States. Bruce Schneier has called it a "surveillance culture," as have I. In this culture, it’s as if the exception to the rule has become the rule and this systemic change has happened without any of the conversations and compromises that generally come along with fundamental shifts in the way we balance free speech with national security. In an article I’m working on, I’ve suggested that administrative agencies operating in isolation, avoiding all checks and balances, have fed the growth of this surveillance culture.

Maybe the answer to my original question of "Why?" is that we move in fifty-year pendulum-like swings and our current situation is right on track. In 1924, the FBI underwent its first major reform when J. Edgar Hoover was appointed Director of the FBI in the wake of the Teapot Dome scandal, in order to clean house, abolish the Bureau’s first domestic intelligence program and limit the agency to investigations of violations of law. Fifty years later, in 1975, the Church Committee published a report on the government’s surveillance practices, which had reached new levels due in part to the leadership of J. Edgar Hoover. A period of reform followed the publication of the report, which famously found that "[t]oo many people have been spied upon by too many Government agencies and too much information has been collected."
We are fast approaching our fifty-year mark, and there is some hope that the pendulum may indeed swing back. District Court judge Susan Illston recently held the government’s use of national security letters to be unconstitutional and D.C. Circuit judge Merrick Garland ruled that the CIA must disclose at least some details about its drone program. However, these are small steps and ones that may not yield much fruit.
During this week’s call to action around CISPA, it would be well worth taking a moment to also consider the culture that has allowed us to get to a place where CISPA is given an audience, not once, but twice.

Anjali Dalal is a Resident Fellow at the Information Society Project at Yale Law School. You can reach her by e-mail at anjali.dalal at

Older Posts
Newer Posts