One of the peripheral issues getting attention from people able to tear their gaze away from the salacious details of the Petraeus 'sex scandal' is the questions it raises about online privacy in this post-Patriot Act era. This case has set off alarms for privacy advocates.
“There should be an investigation not of the personal behavior of General Petraeus and General Allen, but of what surveillance powers the F.B.I. used to look into their private lives,” Anthony D. Romero, executive director of the American Civil Liberties Union, said in an interview. “This is a textbook example of the blurring of lines between the private and the public.”
As the Washington Post
summarizes the issue
The FBI started its case in June with a collection of five e-mails, a few hundred kilobytes of data at most.
By the time the probe exploded into public view earlier this month, the FBI was sitting on a mountain of data containing the private communications — and intimate secrets — of a CIA director and a U.S. war commander. What the bureau didn’t have — and apparently still doesn’t — is evidence of a crime.
How that happened and what it means for privacy and national security are questions that have induced shudders in Washington and a queasy new understanding of the FBI’s comprehensive access to the digital trails left by even top officials.
The ACLU
describes some of the techniques used by the FBI that led to David Petraeus resigning from the CIA
The Wall Street Journal similarly revealed that “agents spent weeks piecing together who may have sent [the emails]. They used metadata footprints left by the emails to determine what locations they were sent from. They matched the places, including hotels, where Ms. Broadwell was during the times the emails were sent.” NBC added further details, revealing that “it took agents a while to figure out the source. They did that by finding out where the messages were sent from—which cities, which Wi-Fi locations in hotels. That gave them names, which they then checked against guest lists from other cities and hotels, looking for common names.”
And warns us about the threats to our privacy this incident exposes
While the details of this investigation that have leaked thus far provide us all a fascinating glimpse into the usually sensitive methods used by FBI agents, this should also serve as a warning, by demonstrating the extent to which the government can pierce the veil of communications anonymity without ever having to obtain a search warrant or other court order from a neutral judge.
[...]
There is no independent review, no check against abuse, and further, the target of the subpoena will often never learn that the government obtained data (unless charges are filed, or, as in this particular case, government officials eagerly leak details of the investigation to the press). Unfortunately, our existing surveillance laws really only protect the “what” being communicated; the government’s powers to determine “who” communicated remain largely unchecked.
The American Prospect lays out the
disturbing facts:
But even if we leave the violations of Petraeus's privacy aside as a special case, the revelations that ended his CIA career are still disturbing. There is almost certainly no justification for the email accounts of Paula Broadwell—which revealed her affair with Petraeus—to have been examined by the FBI in the first place. If initial reports are correct, Broadwell's emails to Jill Kelley were paranoid and catty but did not rise to any plausible legal standard of threat or harassment. The FBI investigation seems to have proceeded based on the personal and political agendas of the FBI agent who fielded Kelley's complaint, not any credible evidence of criminal activity on the part of Broadwell.
The fishing expedition into Broadwell's emails should, on its face, be considered a violation of the Fourth Amendment—while the FBI apparently had a search warrant, it's hard to see how this warrant was obtained with the "probable cause" the Constitution requires.
But the real scandal here is what's currently considered to be legal. After a 180-day period has elapsed, private emails are currently considered public and require only a subpeona to a provider to be accessed. Even worse, the government contends that even inside the 180-day window opened emails carry no expectation of privacy. As Adam Serwer of Mother Jones puts it, "If you think the feds need a warrant to start looking at your email, you're dead wrong." The standards created by the The Electronic Communications Privacy Act from a time when most emails were downloaded rather than stored on a third-party server remain in place. In the current technological context, these standards are privacy shredding.
Peter Maass at ProPublica takes a different approach to the question of whether this very high profile case will be the catalyst for our (non-existent) privacy laws to be reexamined, and reminds us of the origin of the
Video Privacy Protection Act passed in Congress in 1988, after the failed
nomination to the Supreme Court of Robert Bork. A reporter obtained Bork's rental list from his local video store, provided by the store manager and while it contained nothing salacious it was the catalyst needed to pass privacy protections. Maass makes the point that the Privacy Act was passed only when there was harm to a Washington elite, as there is now in the Petraeus affair. Fearing that they themselves could thus be ensnared knowing that even the director of the CIA doesn't have privacy may finally be the
necessary catalyst to enact privacy laws.
Will the scandal surrounding David Petraeus, General John Allen, Paula Broadwell, Jill Kelley, and a shirtless F.B.I. agent turn into the same sort of eureka moment that Congress experienced when Bork was, as the saying now goes, "borked"?
Until now, Congress has not stood in the way of the expanding surveillance, mainly because it was justified as part of the effort to prevent another 9/11. But the Petraeus case shows that among the people who have the most to lose from unchecked surveillance are the people who thought they would benefit from it—government elites who allocate the funding and make the laws and operate the bureaucracy of surveillance. Perhaps they will start worrying a bit more about becoming the next Petraeus or Bork. Our legislators, who are not all angels, now have real skin in the game, so to speak.
The NY Times puts this scandal in perspective:
In the meantime, however, there has been a cascade of unintended consequences. What began as a private, and far from momentous, conflict between two women, Ms. Kelley and Paula Broadwell, Mr. Petraeus’s biographer and the reported author of the harassing e-mails, has had incalculable public costs.
The C.I.A. is suddenly without a permanent director at a time of urgent intelligence challenges in Syria, Iran, Libya and beyond. The leader of the American-led effort to prevent a Taliban takeover in Afghanistan is distracted, at the least, by an inquiry into his e-mail exchanges with Ms. Kelley by the Defense Department’s inspector general.
Will this disastrous scandal and downfall of the head of the CIA be what it finally takes for our self-serving and fossilized Congress to take notice and act on citizens' privacy? We can only hope.