Search and surveillance has always been a part of criminal investigation and to keep things from going too far, searches generally require warrants. That’s how it works in the physical world, and for the most part, that’s how it works in the cyberworld too. There’s one big difference though: In the real world, police sometimes come to your door with the warrant, letting you know something is up; whereas in cyberland searches and surveillance are secret by default. As such, many of those surveilled in investigations that never turn into cases will never know they were being watched. U.S. Magistrate Judge Stephen Smith sees this as a problem.
It’s not just that fact, but rather a lack of transparency that’s concerning Smith, who’s tackled the subject in a new paper “Gagged, Sealed & Delivered.” The fact that suspects in a case are being watched and searched without their knowledge isn’t the problem — that’s a practice that’s very important to many investigations and for which there is plenty of precedent — the issue is that the searches that don’t wind up yielding results never come to light.
Most of these orders are issued under the Electronic Communications Privacy Act, which provides plenty of ways to make sure that actions taken under it can be kept fairly secret for a long time — pretty much indefinitely. Smith explains the problem this way in his paper:
“Through a potent mix of indefinite sealing, nondisclosure (i.e., gagging), and delayed-notice provisions, ECPA surveillance orders all but vanish into a legal void. It is as if they were written in invisible ink—legible to the phone companies and Internet service providers who execute them, yet imperceptible to unsuspecting targets, the general public, and even other arms of government, most notably Congress and the appellate courts.”
This general inability for appellate courts to get an idea of how these sorts of orders are really being used is especially troubling when you put it up against the number of these orders that are probably being filed each year. By extrapolating some numbers, Smith estimates that around 30,000 sealed surveillance orders were issued under the ECPA in 2006, and you can bet the number has gone up since then. Smith also estimates, based on some limited information from the Department of Justice, that these surviellence orders wind up keeping an eye on law-abiding citizens far more often than criminals.
That’s not to say that online searches shouldn’t be legal or that the entire process should be immediately transparent. Instead, Smith suggests, more data should be made available after the fact; instead of vanishing into legal limbo, these surveillance orders should be widely and pubicly accessible once the investigations in question are over.
In the meantime, the practice of only unsealing searches that lead to a criminal investigation creates something of a confirmation bias and makes it very difficult to ensure that the searches that don’t lead to a criminal proceeding aren’t the result of ECPA abuse. Hopefully Smith’s concerns don’t fall on deaf ears because after all, if things are bad, wouldn’t you at least like to know about it?
(via Ars Technica)
