Mediaboss Marketing

One of several service providers to sue the government over its gag orders, Microsoft received some good news from a federal judge in its lawsuit against the DOJ. Microsoft is challenging gag orders attached to demands for data and communications, which the DOJ orders is statutorily-supported by the Electronic Communications Privacy Act (ECPA) and, if not, by supposed national security concerns.

As Microsoft pointed out in its lawsuit, the government rarely justifies its secrecy demands and frequently issues gag orders with no endpoint. Microsoft received nearly 2,800 of these gag-ordered requests over an 18-month period, with over two-thirds of them demanding silence indefinitely.

The good news is a federal judge has (partially) waved away the DOJ's motion to dismiss and will allow Microsoft to proceed with its lawsuit, as Politico's Josh Gerstein reports.

U.S, District Court Judge James Robart issued a 47-page opinion [PDF] Thursday allowing Microsoft to proceed with a lawsuit claiming a First Amendment violation when the government restricts internet providers from notifying subscribers about requests for their data.

"The orders at issue here are more analogous to permanent injunctions preventing speech from taking place before it occurs," Robart wrote. "The court concludes that Microsoft has alleged sufficient facts that when taken as true state a claim that certain provisions of Section 2705(b) fail strict scrutiny review and violate the First Amendment."

Section 2705(b) refers to the Stored Communications Act, which allows the government demand notice be withheld under certain circumstances, unless otherwise forbidden to by another section of the same law (Section 2703). Microsoft is looking to have both sections declared unconstitutional, especially given the severe upheaval the communications landscape has undergone in the thirty years since the law was passed.

Microsoft contends that Section 2705(b) is unconstitutional facially and as applied because it violates the First Amendment right of a business to talk to [the businesss] customers and to discuss how the government conducts its investigations. Specifically, Microsoft contends that Section 2705(b) is overbroad, imposes impermissible prior restraints on speech, imposes impermissible content-based restrictions on speech, and improperly inhibits the publics right to access search warrants. Microsoft also alleges that Sections 2705(b) and 2703 are unconstitutional facially and as applied because they violate the Fourth Amendment right of people and businesses . . . to know if the government searches or seizes their property.

Microsoft contends that the statutes are facially invalid because they allow the government to (1) forgo notifying individuals of searches and seizures, and (2) obtain secrecy orders that prohibit providers from telling customers when the government has accessed their private information without constitutionally sufficient proof and without sufficient tailoring.

The DOJ argued Microsoft didn't have standing to bring this complaint, as its Fourth Amendment rights aren't implicated. Only its customers' are. But the court points out that, if nothing else, the company does have standing to pursue its claims of First Amendment violations.

The court finds that Microsoft has sufficiently alleged an injury-in-fact and a likelihood of future injury. Microsoft alleges an invasion of its legally protected interest in speaking about government investigations due to indefinite nondisclosure orders issued pursuant to Section 2705(b)... The court concludes that Section 2705(b) orders that indefinitely prevent Microsoft from speaking about government investigations implicate Microsofts First Amendment rights.

The court goes on to point out that frequent use of indefinite gag orders certainly appears to be unconstitutional, given that they act as a "forever" application of prior restraint.

The court also concludes that Microsoft's assertions of further civil injuries aren't speculative, as the DOJ claimed. Judge Robart points to the government's own actions as evidence of continued harm to Microsoft's civil liberties.

Microsoft bolsters its prediction by alleging that over a 20-month period preceding this lawsuit, the Government sought and obtained 3,250 ordersat least 4504 of which accompanied search warrantsthat contained indefinite nondisclosure provisions. In addition, Microsoft alleges that in this District alone, it has received at least 63 such orders since September 2014. Because these orders have been frequent and issued recently, the Government will likely continue to seek and obtain them. Accordingly, Microsofts fears of similar injuries in the future are not merely speculative.

Unfortunately, the court won't grant Microsoft the standing to represent its users for Fourth Amendment purposes. Judge Robart points to a whole bunch of precedential decisions declaring otherwise, but at least takes a bit of time to discuss how denying Microsoft this opportunity likely means denying several of its users any sort of redress.

The court acknowledges the difficult situation this doctrine creates for customers subject to government searches and seizures under Sections 2703 and 2705(b). As Microsoft alleges, the indefinite nondisclosure orders allowed under Section 2705(b) mean that some customers may never know that the government has obtained information in which those customers have a reasonable expectation of privacy... For this reason, some of Microsofts customers will be practically unable to vindicate their own Fourth Amendment rights.

Expect the government to make heavy use of its "national security" mantra as it defends itself in this case. Those magic words have allowed all sorts of civil liberties violations in the past and still tend to move courts to the government's side when deployed in DOJ motions. If the court does side with Microsoft when this is all said and done, it's likely the remedy won't be a restriction on gag orders, but more likely something analogous to the rules that now govern National Security Letters -- periodic review of gag orders by the government and better avenues for raising challenges for companies affected. Then again, the court could simply punt it back to legislators and push them to fix the 30-year-old law whose dubious constitutionality is the source of numerous lawsuits against the federal government.

Continue reading here:
Court Says Microsoft Can Sue Government Over First Amendment-Violating Gag Orders - Techdirt

Balefire9 | Dreamstime.comOnce again, legislation that would give American citizens better privacy protections for their emails has passed the House of Representatives, but we're going to have to see what happens in the Senate.

The Email Privacy Act aims to correct a flaw in federal Electronic Communications Privacy Act of 1986. Passed in the relatively early days of home computer use, it established a policy that private electronic communications held by third parties that were more than 180 days old could be accessed by law enforcement and government investigators without the need for a warrant. A subpoena delivered to the communication provider was enough. A law this old obviously preceded the arrival and dominance of private email communications, and tech privacy activists and tech companies have been pushing for reform. The way the system stands now can result in people having their old private communications searched and read by authorities without the citizen's knowledge.

The Email Privacy Act fixes some of these problems, though it doesn't fully resolve the controversy Under the act, officials will need to get actual warrants to access emails and online communications, which provides at least a little more judicial oversight. But the warrants are to the providers, not to the actual people who wrote and sent the communications. It will be up to companies to decide whether to pass along the news of the warrant to customers. Neema Singh Guliani, legislative counsel for the American Civil Liberties Union, says that this is a flaw with the legislation. The original version of the bill required that government provide notice. Without that rule, the third-party provider can resist the warrant if they choose to, but the actual customer probably might not even know.

"If you don't have notice, you really can't effectively [challenge the warrant]," Singh Guliani said. The bill does permit third-party providers to let customers know about the administration of warrants, but also allows for the government to delay this information for 180 days under a handful of exceptionsif the target is a flight risk or may destroy evidence or otherwise compromise the investigation. And while some major tech and communication companies have fought back against orders to pass along data or to keep searches secret, Singh Guliani says we shouldn't have to be "reliant on the business practices of providers that can change over time to make sure people get the full protection of the Fourth Amendment."

Still, the compromise bill is better than the current rules. No representative voted against it last session of Congress, and it passed again yesterday by a voice vote. But while the bill enjoys popular bipartisan support in the House, the last attempt to get it passed hit disaster in the Senate. Senators attempted to meddle with the wording of the bill to weaken it or add other unrelated regulations. Sen. John Cornyn (R-Texas) attempted to add an amendment to expand the surveillance reach of secretive National Security Letters. Sponsoring senators ended up yanking the legislation from consideration.

The Senate sponsors last session were Mike Lee (R-Utah) and Patrick Leahy (D-Vermont). A representative from Sen. Lee's office said that he intends to co-sponsor the Senate version of the bill again this year, but it has not yet been introduced. This could be the first legislative test of whether increased privacy protections can make its way to and through a presidential administration openly hostile to limits on any sort of investigative or law enforcement authority (as we saw earlier today). President Donald Trump is hardly alone and he's not responsible for its previous problems, but it's nevertheless legislation that should not be struggling at all.

And a little bit of self-promotion: I'll be leading a panel discussion on the Fourth Amendment, tech privacy, and Congressional lawmaking in this March's South by Southwest (SXSW) conference. Singh Guliani will be one of our panelists. Check out the details here if you find yourself in Austin on March 10. Efforts like the Email Privacy Act will be part of the discussion.

Read more:
Will Your Old Emails Finally Get Fourth Amendment Protections? - Reason (blog)

Tomorrow at 9:00 a.m., the Joint Committee on the Judiciary will hold a meeting to decide whether the committee isgoingto hearHouse Bill 6200.Introduced by state Representatives Caroline Simmons (D-144), William Tong (D-147), and Daniel J. Fox (D-148), HB 6200 would require a person openly carrying a firearm to display their permit immediately upon demand by law enforcement. Please contact the members of the Joint Committee on Judiciary and urge them not to hear this bill!Please click the Take Action button below to contact the committee members!

It is legal to openly carry a handgun in Connecticut so long as the person has a valid Permit to Carry. Connecticut State Police Training Bulletin 2013-01 states that personnel shouldNOTarrest a properly permitted individual merely for publicly carrying a hand gun or firearm in plain view absent exigent circumstances. Examples of these exigent circumstances are a Breach of Peace situation or the person is under the influence of intoxicating liquor/drugs.

Under the Fourth Amendment, as affirmed by the U.S. Supreme Court in Terry v. Ohio nearly half a century ago, police officers can stop and briefly detain a person to investigate only if they have a reasonable suspicion, supported by articulable facts that criminal activity is occurring. This is why Connecticut law should require that officers must have a reasonable suspicion that a crime is being committed before they can request proof of a permit.

This proposed bill is the equivalent of allowing the police to stop a motorist to demand their drivers license solely because they are driving. Law-abiding people carry firearms for self-defense. They shouldn't be treated as being engaged in criminal activity simply because they are choosing to openly exercise their constitutional Right to Keep and Bear Arms.

Link:
Connecticut: Anti-Gun Bill which Violates Fourth Amendment Heads to Committee - NRA ILA

A federal magistrate judge handed down an opinion this afternoon, In re Search Warrant No. 16-960-M-01 to Google, ordering Google to comply with a search warrant to produce foreign-stored emails. The magistrate judge disagrees with the U.S. Court of Appeals for the 2nd Circuits Microsoft Ireland warrant case, recently denied rehearing by an evenly divided court. Although the new decision is only a single opinion by a single magistrate judge, the decision shows that the Justice Department is asking judges outside the Second Circuit to reject the Second Circuits ruling and that at least one judge has agreed.

The new case involves two routine Stored Communications Act warrants served on Google for the contents of emails. Google responded with the emails that it knows were stored inside the United States, but it refused to turn over emails that could be outside the United States. Because Google breaks up its emails and the network might distribute them anywhere in the world, Google cant know where many emails are located and declined to produce them under the Second Circuits Microsoft case.

The government moved to compel Google to produce all of the emails within the scope of the warrant. Magistrate Judge Thomas J. Rueter ruled that Google has to comply with the warrant in full because the conduct relevant to the SCAs focus will occur in the United States even for the data that is retrieved from outside the United States:

That is, the invasions of privacy will occur in the United States; the searches of the electronic data disclosed by Google pursuant to the warrants will occur in the United States when the FBI reviews the copies of the requested data in Pennsylvania. These cases, therefore, involve a permissible domestic application of the SCA, even if other conduct (the electronic transfer of data) occurs abroad.

The court reasoned that when a network provider is ordered to retrieve information from abroad, that copying of information abroad and sending back to the United States does not count as a Fourth Amendment search or seizure outside the United States:

This court agrees with the Second Circuits reliance upon Fourth Amendment principles, but respectfully disagrees with the Second Circuits analysis regarding the location of the seizure and the invasion of privacy. The crux of the issue before the court is as follows: assuming the focus of the Act is on privacy concerns, where do the invasions of privacy take place? To make that determination, the court must analyze where the seizures, if any, occur and where the searches of user data take place. This requires the court to examine relevant Fourth Amendment precedent.

According to the court, there was no seizure abroad:

Electronically transferring data from a server in a foreign country to Googles data center in California does not amount to a seizure because there is no meaningful interference with the account holders possessory interest in the user data. Indeed, according to the Stipulation entered into by Google and the Government, Google regularly transfers user data from one data center to another without the customers knowledge. Such transfers do not interfere with the customers access or possessory interest in the user data. Even if the transfer interferes with the account owners control over his information, this interference is de minimis and temporary. See Jacobsen, 466 U.S. at 125-26 (holding that permanent destruction of small portion of property for testing a de minimis intrusion on possessory interest); United States v. Hoang, 486 F.3d 1156, 1162 (9th Cir. 2007) ([N]o seizure occurs if a package is detained in a manner that does not significantly interfere with its timely delivery in the normal course of business.), cert. denied, 552 U.S. 1144 (2008).

Further, there was no search abroad:

When Google produces the electronic data in accordance with the search warrants and the Government views it, the actual invasion of the account holders privacy- the searches will occur in the United States. Even though the retrieval of the electronic data by Google from its multiple data centers abroad has the potential for an invasion of privacy, the actual infringement of privacy occurs at the time of disclosure in the United States.

Because the search and seizure occurred in the United States, not abroad, the relevant privacy invasion was domestic and a domestic warrant could order it.

The court also argued that this outcome was needed to avoid absurd results. Because Google does not know where the emails are located, and yet Google has configured its network in a way that emails can only be accessed from California, applying the Second Circuits reasoning would lead to the absurd result that the information would be completely immune from legal process. The court presents that as a ground to distinguish the Microsoft case on its facts, see Footnote 17, but I think its more fair to say its a reason the court rejects the Second Circuits reasoning:

[I]f the court were to adopt Googles interpretation of the Microsoft decision and apply such a rationale to the case at bar, it would be impossible for the Government to obtain the sought-after user data through existing MLAT channels. In contrast, under this courts interpretation, Google will gather the requested undisclosed data on its computers in California, copy the data in California, and send the data to law enforcement agents in the United States, who will then conduct their searches in the United States.

Here are two thoughts on the new decision.

1) Although I think the Second Circuits opinion is deeply flawed the more I think of it, the more I think my argument in this post has to be correct I dont think the reasoning of this decision works. The issue in this case is statutory, not constitutional. Even if you accept the (wrong) framing of the issue as being whether the SCA applies outside the United States, the answer has to come from what Congress focused on, not where the constitutional privacy interest may or may not be.

Where you place the Fourth Amendment search or seizure strikes me as irrelevant to the extraterritorial focus of the statute. Remember, when the SCA was enacted in 1986, there was good reason to think emails werent covered by the Fourth Amendment at all. That was part of the reason the SCA was enacted. The SCA created Fourth Amendment-like rights by statute because it wasnt clear if the Fourth Amendment applied. If that thinking was right, then there was no constitutional privacy focus in the SCA at all. It was all a statutory right, not a constitutional one. I dont think it works to conduct a Fourth Amendment analysis 31 years later and then to say that, based on the Fourth Amendment inquiry today, the real interest Congress was regulating is deemed to be domestic so the statute applies. This is about what Congress did in 1986, not how the Fourth Amendment should be interpreted in 2017.

2) Even accepting the courts framing, I dont think its right that no seizure occurred abroad. As I see it, copying Fourth Amendment-protected files seizes them under the Fourth Amendment when copying occurs without human observation and interrupts the stream of possession or transmission (Orin S. Kerr, Fourth Amendment Seizures of Computer Data, 119 Yale L.J. 700, 700 (2010)). That test is satisfied here when the information was copied. The court suggests that bringing a file back to the United States is not a seizure because Google moves data around all the time and this interference is de minimis and temporary. I dont think that works. Google is a private company not regulated by the Fourth Amendment, so whether it moves around data is irrelevant. And I dont see what is de minimis and temporary about the government ordering Google to make a copy of your email pursuant to a court order. It certainly may be a reasonable seizure, but I think its still a Fourth Amendment seizure.

Stay tuned, as always.

Oh, and full disclosure: In the past, I have done some legal work for Google. And way back when, I did even more legal work for the United States. Obviously I have no involvement in this litigation, and I am writing entirely in my personal capacity.

Read the original:
Google must turn over foreign-stored emails pursuant to a warrant, court rules - Washington Post

National Review

Was That Search Illegal? Sometimes, Neil Gorsuch Ruled It Was New York Times Although Judge Gorsuch has a decidedly conservative record on the bench, by at least one measure his view of the Fourth Amendment's protections against unreasonable searches he has been relatively moderate, according to legal scholars and a ... Trump's Supreme Court pick Neil Gorsuch has a solid record of defending the Fourth AmendmentRare.us Here's what you need to know about SCOTUS nominee Neil Gorsuch.Reason (blog) Neil Gorsuch & the Police: What Are His Views on Law Enforcement Issues?Heavy.com Slate Magazine -The Atlantic -National Review all 5,657 news articles »

Read the rest here:
Was That Search Illegal? Sometimes, Neil Gorsuch Ruled It Was - New York Times