Looks like there may be more culpibility on the telco end. step on up and collect yr damages...
Questions and Answers on Potential Telco Liability
A
previous post laid out the reasons why the telcos appear to face enormous liability for handing stored phone records to the NSA. In sum, the Stored Communications Act (SCA) prohibits handing over the records, and it provides at least $1,000 in damages per customer for violations. For 50 million or more customers, that leads to big damages indeed.
This post responds to the legal questions and comments that we’ve seen so far. We still don’t see any decent legal defense against liability, and that may be why Qwest refused to go along with the NSA demands:
1. Isn’t the conduct covered under another part of the SCA? Maybe. If the phone companies “voluntarily” gave the records to the NSA, then 18 U.S.C. 2702(c) applies. If the phone companies were required to turn over the records, such as through a court order, then Section 2703(c) applies. The bottom line is the same - none of the exceptions apply, and liability exists.
2. What about the emergency exception? Section 2702 has an exception for “an emergency involving immediate danger of death or serious physical injury.” Other emergency exceptions in the wiretap laws have time frames such as 72 hours, giving time for the government to get a court order. This exception won’t cover the NSA program, which is now going on five years.
3. Does the SCA apply to phone records? Yes. The rules apply to an “electronic communications service,” which includes both phone and e-mail communications.
4. Does it matter that the telcos took out customer names and addresses? No. Phone numbers themselves are treated as personally identifiable information in American law, such as under the federal Privacy Act. The reason is that the NSA can instantly match the phone numbers back to subscribers using widely available services. It won’t work for the telcos to say: “We temporarily took out customer names, knowing that the NSA could put them back in moments later.”
5. Did the government use National Security Letters instead? Not according to the facts in the USA Today story, which says that the NSA asked for the data. The FBI does have the power to ask for phone calling records using NSLs, which are secret subpoenas issued without a court order. The NSA doesn’t have authority to issue NSLs, though. Even if the FBI issued an NSL on behalf of NSA, it would likely be unlawful. An NSL can ask only for records relevant to “an authorized investigation to protect against international terrorism or clandestine intelligence activities.” An “investigation” is ordinarily a narrowly-defined specific investigation, generally of one or a few suspects. It stretches the statute beyond the limit to say one “investigation” can be for all the phone calls made by all Americans. The telcos get off the hook only if they turned over the records “in good faith” that it was legal - using one NSL to get all the calls in the country is not a “good faith” read of the statute.
In short, we still don’t see any legal defense to this enormous liability of the telcos.
–
Peter Swire http://www.thinkprogreess.org