Journal of Global Faultlines
ISSN: 2054-2089
Publication details, including instructions for authors:
http://www.keele.ac.uk/journal-globalfaultlines/
Restraining the Surveillance State: A Global Right to Privacy.
Binoy Kampmarka
a
RMIT University, Melbourne, Australia. E-mail: [email protected].
Journal of Global Faultlines/ Volume 2/ Issue 1/ April 2014, pp. 1-16.
Published online: 15 May 2014.
To cite this article:
Binoy Kampmark (2014) ‘Restraining the Surveillance State: A Global Right to
Privacy’, Journal of Global Faultlines, 2(1), 1-16.
PLEASE SCROLL DOWN FOR ARTICLE
Journal of Global Faultlines, 2014
Vol. 2, No. 1, 1-16.
Restraining the Surveillance State: A Global Right to
Privacy
Binoy Kampmark*
Abstract
Edward Snowden’s revelations of massive data collecting surveillance conducted by the U.S.
National Security Agency in June 2013 suggest that Franz Kafka’s vision of a surveillance state
has been globalised. A movement has developed in response to it urging reforms on an
international scale. One feature of this debate lies in the idea of a global right to privacy. A
global right to privacy suggests a global freedom from unjustified, bulk surveillance beyond the
reaches of judicial oversight. While there are international covenants protecting the right to
privacy, opinions on how such a right is enforced differ. This paper examines the nature of such
a privacy right, its universal feasibility, and the arguments against it. It argues that privacy must
keep pace with the technological applications that undermine it.
“[Edward] Snowden’s case has shown the need to protect persons disclosing information on
matters that have implications for human rights, as well as the importance of ensuring respect
for the right or privacy.”
Navi Pillay, UN High Commissioner for Human Rights, Geneva, Jul 12, 2013
In June 5, 2013, The Guardian reported the existence of previously undisclosed global
surveillance programs being undertaken by the U.S. National Security Agency. It proved to the
first of several revelations from former NSA contract employee Edward Snowden about the bulk
nature of the collection being undertaken by the NSA. The first media report disclosed an order
by the Foreign Intelligence Services Court (FISC), dated April 25, 2013, compelling Verizon
Business Network services to prove the NSA “on an ongoing basis… all call detail records or
‘telephony data’ created by Verizon communications (i) between the United States and abroad
or; (ii) wholly within the United States, including local telephone calls.”1
This particular program, compelling telecommunications and technology companies to
surrender data, is termed PRISM, and accounts for 91 percent of the organisation’s traffic
acquired under the Foreign Intelligence Surveillance Act of 1978. 2 Ironically, FISA was passed
“in large measure [as] a response to the revelations that warrantless electronic surveillance in
the name of national security had been seriously abused.”3 The names of other collection and
storage programs deployed by U.S. agencies include Mainway and Marina.4 Other statutory
provisions, including Section 215 of the USA Patriot Act covering telephony data, have been used
to facilitate drag net surveillance.5
*
Dr. Binoy Kampmark was a Commonwealth Scholar at Selwyn College, Cambridge. He lectures at the School of
Global, Urban and Social Studies, RMIT University, Melbourne. He can be contacted at:
{[email protected]}
1
Restraining the Surveillance State: A Global Right to Privacy
Binoy Kampmark
The major British equivalent, also revealed in the Snowden disclosures, is the Tempora
program, which relies on tapping global fibre-optic cables in efforts to “master” the internet. As
noted in the mid-year 2010-11 review of operations by Britain’s Government Communications
Headquarters (GCHQ), “NSA analysts exploit GCHQ metadata for intelligence production,
target development/discovery purposes.”6
The revelations have continued, revealing massive surveillance on the communications
of foreign nationals and American citizens, despite supposed limitations policed by the secret
Foreign Intelligence Surveillance Court. Heads of state, including the German chancellor
Angela Merkel, have also been targets.7 Countries such as Brazil have claimed that such
unlimited eavesdropping constitutes “a breach of international law and an affront” to
sovereignty.8 The untenable defence that began circulating from the Obama administration
was that storing metadata was distinctly different from the operations of massive surveillance.
This was less a case of actual searching of people than collating, gathering and systematising.
Such views show a dramatic reversal from members of Obama’s administration. Vice President
Joe Biden, while senator in 2006, had been highly critical of the record-collecting programs of
the Bush administration. “I can get a pattern about your life that is very, very intrusive.”9
The nature of the revelations has launched an urgent debate about whether universal
safeguards protecting the privacy of individuals are needed. Snowden’s revelations suggest that
Franz Kafka’s vision of a surveillance state has been globalised.10 Soon after Snowden’s
disclosures, the UN High Commissioner for Human Rights, Navi Pillay, observed that
“surveillance without adequate safeguards to protect the right to privacy risk impacting
negatively on the enjoyment of human rights and fundamental freedoms.”11
In November 2013, Kenneth Roth, the executive director of Human Rights Watch,
argued in favour of a global human right of privacy.12 “All [governments] should acknowledge a
global obligation to protect everyone’s privacy, clarify the limits on their own surveillance
practices (including surveillance of people outside their own borders), and ensure they don’t
trade mass surveillance data to evade their own obligations.” Mass surveillance, as opposed to
specific, targeted surveillance, could never been accepted as proportionate.
A global right to privacy suggests a freedom from unjustified, bulk surveillance beyond
the reaches of judicial oversight. “A person under surveillance is no longer free; a society under
surveillance is no longer a democracy,” argues a petition for global privacy signed by over 500
artists and novelists, among them the authors Margaret Atwood, Martin Amis, and Don DeLillo.
“To maintain any validity, our democratic rights must apply in virtual as in real space.” The
authors further demand the “right” that all democratic citizens be entitled to determine “to what
extent their personal data may be legally collected, stored and processed, and by whom; to
obtain information where their data is stored and how it is being used; to obtain the deletion of
their data if it has been illegally collected and stored.”13
The task of this paper is to see how feasible the project for a global privacy right is. For
one, its existence has to be ascertained. For another, its feasibility has to be considered.
Arguments for such a right, and detractors of its scope, are examined. Much of this hinges upon
understandings of exterritorial rules and notions of international community in terms of how
they affect human rights. It is axiomatic that a belief in territorial limitations will restrict privacy
to borders. But such a view fails to account for the increasingly intrusive effects of modern
surveillance technologies, and the necessary expectations that come with that.
2
Journal of Global Faultlines, 2014
Vol. 2, No. 1, 1-16.
What privacy?
There is little doubt that an international body of rules and understanding has developed that
provides security to the person from interference in terms of surveillance and matters of what
is termed “information security”. Numerous countries have enacted, or are in the process of
enacting rules to that effect. 14 But what of the feasibility of finding a global privacy norm,
identifying properties that necessarily go beyond in territorial borders? Does it exist? If so, what
is its character?
The first problem in identifying a global right to privacy lies in its terminology. Is it a
right, or perhaps something else? The term has been accepted as notoriously difficult to define.15
It has been variably described as a right, a condition, a function, a choice, and, or, a need. 16
Solitude, anonymity, intimacy and reserve also feature. 17 Important to the discussion in this
paper is the nature of information about one’s self and control over it. S. E. Wilborn offers a
workable concept of privacy, entailing “freedom from unwarranted and unreasonable intrusions
into activities that society recognises as belonging to the realm of individual autonomy.”18 Roger
Clarke prefers a neater version: “Privacy is the interest that individuals have in sustaining a
‘personal space’, free from interference by other people and organisations.”19
It can be argued that the existence of privacy as a global norm is hard to situate.
Domestically, States exhibit different stresses on what privacy is. It has been argued that the
United States prefers an “economic-technological approach” centred on notions of fair
information practices. Europe prefers a “social values oriented” idea.20 Countries like Canada,
Britain and Australia fall somewhere in between, embracing a quilt work of regulations affecting
both the public and private sector.
Some writers have preferred to see privacy as an “interest” people have, rather than a
right per se.21 Legal theorists such as Wesley Hohfeld would argue that privacy, to be a right,
would have to be possessed either in rem (against the world) or against individuals, as a
contract. 22 Without a correlative legal obligation to observe it, there could be no right of privacy
as such, as it could not be a claimright to begin with. Certainly, much legal authority has come
down in favour of privacy as an enforceable right against the world, rather than a creature of
private property.23
Identifying a legal norm, following the Austrian jurist Hans Kelsen, is one thing, but
finding it does not necessarily make it a law.24 Much of this lies in the concept of whether global
rights are ever possible. For that to be true, some natural law concept is required – in other
words, the existence of transnational rights that situate the human subject at its centre, rather
than the rights of the territorially defined citizen.
Whether privacy is an “interest”, a “right”, or even a “liberty” may well unnecessarily
esoteric, given the increasing body of deliberations at the international level suggesting its
value. We can see that as part of what has been termed the “post-ontological” era of
international law. International lawyers no longer feel the need to justify the existence of
international law, but merely critique its content.25 At the very least, states have shown an
increasing willingness to treat concepts of privacy with varying degrees of seriousness.
International law accepts that a right to privacy exists and should be protected, though
the scope of the right remains the tantalising question. Article 12 of the Universal Declaration
of Human Rights (1948) makes it explicit: “No one shall be subjected to arbitrary interference
with his privacy, family, home or correspondence, nor to attacks upon his honour and
3
Restraining the Surveillance State: A Global Right to Privacy
Binoy Kampmark
reputation. Everyone has the right to the protection of the law against such interference or
attacks.”
The instrument is only declaratory rather than binding, though this would be a
misleading simplification. So called soft law instruments – declarations, international body
deliberations, committee findings – over time, can harden or crystallise into binding, customary
law.26 The UN itself is mindful of fair information practices, setting out guidelines in the
Regulation of Computerised Personal Data Files.27
Article 17 of the International Covenant on Civil and Political Rights (1966), which
replicates the privacy provison of the UDHR, has stronger legal standing. It emphasises positive
obligations on the part of States not to invade a person’s privacy. “The obligations imposed by
this article require the State to adopt legislative and other measures to give effect to the
prohibition against such interferences and attacks as well as to the protection of this right.”28
States are obligated to provide remedies of civil or criminal type for arbitrary invasions of
privacy in the private sector as well.29
The general comments of the Human Rights Committee, the body charged with
implementing the ICCPR, have covered considerable ground as to what privacy might mean. A
few examples are worth citing. One involved the complainants claiming that the Netherlands
had breached the article for not allowing them to change their name. In accepting their
argument, the Committee suggested that “the notion of privacy refers to the sphere of a person’s
life in which he or she can freely express his or her identity, be it by entering into relationships
with others or alone.”30
The ICCPR provision on privacy also proved critical to a finding by the Committee that
the Australian state of Tasmania, and by virtue of that, Australia, were in breach of obligations
under the convention. Nicholas Toonen, resident in Hobart in Tasmania, questioned the
application of two provisions of the Tasmanian Criminal Code criminalising forms of sexual
contact between men, including acts between consenting homosexual men.31 The Committee
was asked to examine whether Toonen had been the “victim of an unlawful or arbitrary
interference with his privacy, contrary to article 17, paragraph 1, and whether he had been
discriminated against in his right to equal protection of the law, contrary to article 26.”32
In the Committee’s view, consensual sexual activity in private was indeed “covered by
the concept of ‘privacy’, and that Mr. Toonen is actually and currently affected by the continued
existence of the Tasmanian laws.”33 Any interference with privacy had to be reasonable – in
other words, proportionate to the end sought and necessary in the circumstances of the case.34
Suggestions that matters of “moral concern” should be deemed entirely domestic matters of a
state were dismissed. To accept that view would curb the Committee’s scope of examination of
statutes that might interference with privacy. Nor could the Tasmanian provisions survive the
reasonableness test, constituting an arbitrary interference with Toonen’s right to privacy under
article 17, paragraph 1. The effect was considerable: the Australian government subsequently
drafted laws invalidating the relevant provisions of the Tasmanian criminal code.
Other documents on privacy have also been influential in developing a large body of
jurisprudence. Article 8 of the European Convention for the Protection of Human Rights and
Fundamental Freedoms has been the most notable example.35 The Organisation for Economic
Cooperation and Development, and the Council of Europe via its Strasbourg principles on
protections on the automatic processing of personal data, have also enacted various guidelines
and protocols.36
4
Journal of Global Faultlines, 2014
Vol. 2, No. 1, 1-16.
Technology and Extraterritoriality
A compelling reason behind a global right to privacy lies in one fundamental interest – coping
with the expansive reach of modern surveillance technologies. This argument is no less strong
for the fact that certain technology companies encourage users to dispense with privacy
altogether, feeling that society has actually abandoned the idea of a private realm.37
That technology has, in effect, gotten ahead of the legal rein is evident in some
conspicuous cases. A fitting example of this is illustrated by surveillance conducted by the
British equivalent of the NSA, GCHQ. Authorised under a wide reading of the Regulation and
Investigatory Powers Act 2000 (Ripa), the organisation has focused on tapping fibre-optic cables
to obtain ever richer pools of data. According to the Snowden’s disclosures, GCHQ has tapped
200 such cables, effectively monitoring 600 million “telephone events” a day.38 Lawyers charged
with investigating GCHQ collection activities, though not in connection with privacy violations,
have issued an advice claiming that the program is illegal.39
In April 2013, the Report of the Special Rapporteur on the promotion and protection of
the right to freedom of opinion and expression had one express focus: to examine “the
implications of States’ surveillance of communications in the exercise of the human rights to
privacy and to freedom of opinion and expression.”40 In the Rapporteur’s view, it was clear that
the march of technology, with its move to low cost mobile communications as opposed to
previous fixed-line methods had “increased opportunities for State surveillance and
interventions into individuals’ private communications.”41 The security imperative is described
– on the basis of intercepting and monitoring communications, states would be able to gather
evidence to prosecute serious crimes and “forestall national security emergencies.”
The problems posed by advances in intrusive technology, one that gallops ahead of the
law, has not eluded judicial scrutiny. This view is stated most impressively in by two American
jurists in 1890. Louis D. Brandeis and Samuel D. Warren noted in the Harvard Law Review that
intrusions into people’s lives – the interest shown by the press, the so called yellow papers, and
the technological advances of the telegraph – had all done their bit to encroach on privacy. “The
press is overstepping in every direction the obvious bounds of propriety and decency. Gossip is
no longer the resource of the idle and the vicious, but has become a trade”.42 Through tight
reasoning and analogy, the jurists decided that grounds for a civil wrong in breaching privacy
might be found.
Restraining the unruly horse of technology, making reference to its potential
invasiveness, is exemplified by American jurisprudence on the subject of the Fourth
Amendment. In the United States, the Fourth Amendment remains the key provision in
creating what is termed a reasonable expectation of privacy. There are two limbs to the
principle: that the person seeking that privacy actually expects it (a subjective element), and the
objective element by which society as whole would find acceptable. The principles were
discussed in the U.S. Supreme Court decision of Katz v United States, which held that a person
who enters a telephone booth, shuts the door, and makes a call, cannot expect his or her call to
be recorded by the government except by warrant.43 The Federal Bureau of Investigation had
eavesdropped on Charles Katz’s call by means of an electronic device attached outside the phone
booth. Importantly, location was held to be irrelevant – the conversation was protected as it
was made with a “reasonable expectation of privacy”. It did not matter that the phone booth
5
Restraining the Surveillance State: A Global Right to Privacy
Binoy Kampmark
was constructed partly of glass, as the government claimed, “so that he was as visible after he
entered it as he would have been if he had remained outside.”44 The act of recording and
listening to Katz constituted a “search and seizure” within the meaning of the amendment.
Similarly, U.S. District Court Judge Richard Leon has observed that the NSA’s dragnet
surveillance program “almost certainly” violates the Fourth Amendment. He was moved enough
to issue a preliminary injunction against it. “I cannot imagine a more ‘indiscriminate’ and
‘arbitrary invasion’ than this systematic and high-tech collection and retention of personal data
on virtually every single citizen for purposes of querying and analysing it without prior judicial
approval.”45
The accent needed on such rights is international precisely because the surveillance
state is global in scope. Borderless rights are required to police borderless state functions. The
concept of a limited citizenship model behind evaluating privacy would be futile rather than
constructive. As David Cole of the Georgetown University Law Centre argues, focus must lie
beyond the limited social contract between U.S. government and its citizens.46 The rights of
non-U.S. citizens to privacy, in other words, extra-territorial rights, matter. “Thus, it’s in our
own interest to identify some reciprocal principles to preserve privacy in the digital age.” 47
Privacy rights are transnational issues, requiring transnational measures of protection.
The force of Cole’s arguments lie in the residual force of natural rights – there are rights
that exist beyond state prescription and are not delimited by borders and concepts of
citizenship. The very idea of human rights is premised on the notion of humanity itself, rather
than the more limiting idea of citizenship. To this end, authorities such as John Gardner suggest
that any study of the nature of law “must begin, in a certain sense, with the central case of law
as morally successful law.”48 There may even be what he terms an “inescapable morality thesis”
at work – the idea that, “Engagement with moral norms is an inescapable part of rational, and
hence human, nature.”49 It would be hard to imagine a privacy regime that, by its nature, is
restricted to territorial considerations, a situation that would prove frustrating, rather than
enabling, of its purpose.
Cole reasons by analogy: “Would we say that the U.S. should be free to torture foreign
nationals, or to commit genocide against foreign nationals, simply because the victims are not
U.S. citizens and part of our social compact? I hope not.”50 Furthermore, not even a strict
contractarian would believe that the signature of a country like the United States to the
International Covenant of Civil and Political Right would have no application to non-Americans.
Ashley Deeks of the Virginia Law School concedes that states can “theoretically” forge
an agreement for new treaty provisions “prohibiting arbitrary interference with the privacy of
anyone in the world”, though it would look significantly different from current arrangements.51
In reality, treaties should not be boxed as being of identical weight and importance – they
perform different functions and should be valued accordingly.52 Those concerning human
rights have been deemed by some legal authorities as being of significantly greater weight than
others. In the words of Lord Steyn in Re McKerr, there is “growing support for the view that
human rights treaties enjoy a special status.”53 This is so much so that “legitimate expectations”
that they be abided by domestically may well be founded.54
6
Journal of Global Faultlines, 2014
Vol. 2, No. 1, 1-16.
Limitations
The idea of an international rights regime focused on the concept of human personhood, rather
than citizenship, is a useful way of approaching the law on privacy. But linking it, at least in
some way, to the idea of natural rights does raise its own set of problems, most notably the
criticism made by legal positivists who see is as more metaphysical than legal. After all, are we
basing it on an idea that is rhetorical “nonsense upon stilts”, to use the famous rebuke of Jeremy
Bentham against natural rights in general?55
An obvious limitation to the scope of a global privacy right lies in the nature of the
international conventions themselves. Certainly, conventions tend to have jurisdictional limits,
a feature inherent in the principle of sovereignty in international law. Human rights
conventions, however, sit in a curious category – they seemingly appeal to universal principles
but struggle with particular applications. As such, even the ICCPR has a limit in scope of
application. Article 2(1) notes that a state’s duty is limited to individuals “within its territory
and subject to its jurisdiction.” That said, this is a view generally held by the U.S. alone, a
position distinct to American policy and jurisprudence. The more accepted view is that the
ICCPR has far broader reach, compelling a state to “respect” and “ensure” rights within its
territory and anywhere it has “effective control” of either territory or persons.56
The parochial judicial view, as Cole rightly notes, has found form in American cases
suggesting that foreign nationals simply do not deserve the same protections offered to U.S.
citizens.57 A famous example remains Demore v Kim58, where the U.S. Supreme Court upheld
the validity of a statute imposing mandatory detention on foreign nationals charged for
deportation for having committed certain crimes. The due process clause was thereby severely
restricted. The narrow reasoning here is significant in the tug of war between various views of
human rights – do the broad universalists win through, or the narrow nationalists who insist on
the principles of the self-interested “non-society” so colourfully described by Philip Allott?59
Little surprise, then, that the latter view should be analogised regarding the challenges posed
by an internationalised regime on privacy.
The corollary of the jurisdictional limits to human treaty obligations is that of the social
contract. Imagining this fictional device is one way to avoid the implications of global or
universal obligations. To accept a global obligation to protect privacy – everybody’s privacy –
concerns such individuals as Benjamin Wittes, Senior Fellow in Governance at the Brookings
Institution. “What does such a global right of privacy look like and how does it interact with
the espionage activities of, say, every country in the world that does foreign espionage?”60 The
nub of Wittes’ argument is that a global right to privacy, or one that also covers non-Americans,
is questionable. It can only rest on the idea of the social compact that binds citizens and rulers.
Similarly, jurist Orin Kerr argues that the citizenship model stems from a specific view of
“governments as having legitimacy because of the consent of the governed, which triggers rights
and obligations to and from its citizens and those in its territorial borders.”61
By such contractual definition, there is no international order that facilitates a global
right to privacy. Cole disagrees. “Neither ground – the social compact or the difficulty of
imagination – seems persuasive for rejecting out of hand a global privacy right.”62 Marko
Milanovic similarly argues with some force that the idea of a social contract grounded in
political philosophy is not the same as interpreting the legal force of “positive legal instruments
such as the U.S. Constitution.” The language of the Constitution itself resists specific reference
7
Restraining the Surveillance State: A Global Right to Privacy
Binoy Kampmark
to non-citizens. The experience of international human rights law is its universal, not
preferential, application. To that end, assuming human rights treaties applied to a particular
interception, “and the intercepting state draws distinctions on the basis of nationality (as many
of them do), this potentially implicates not only the privacy guarantees in the treaties, but also
those on equality and non-discrimination.”63
Wittes’ reasoning bears a striking resemblance to critics of “international community”
and those who argue that the concept is at best ephemeral. At the Tokyo War Crimes Trials
(1946-8), Justice Radhabinod Pal would hold that the very existence of a legal international
community was suspect. For Justice Pal, there was no fixed concept of international community,
and certainly not sufficiently so to suggest the viability of an international norm against war per
se.64 Wittes himself argues that mass surveillance is a norm. Every state does it. Placing the
stress on “targeted surveillance” would be a specious.65 Such a view neatly converges with the
observation of David Kennedy on “the ‘international community’ in which everyone speaks
roughly the same language of missiles and missives, sanctions and sanctimony.”66
A middle ground is taken by Peter Margulies, who argues that, while the U.S. does have
an extraterritorial duty to respect ICCPR rights, the tailored surveillance program of the NSA is
consonant with section 17. Margulies takes a somewhat naïve view about authorisation
protocols in the U.S. (they were all stringent and compliant), and looks for European case law
for the precedent that some surveillance programs can pass muster. It follows, therefore, that
the NSA program of collection under section 702 of FISA is entirely legitimate – after all, other
countries have used similar methods.
To back his argument, Margulies examines the European Court of Human Rights
decision in Weber and Saravia v Germany67 which dealt with phone tapping by the German
Federal Intelligence Service. Features of the program used are similar to those employed in data
mining – the use of “catchwords (Suchbegriffe)” suitable for investigating threats. It suggests
that such programs do have their worth, and prior notice to subjects that they were under
surveillance would not have been productive. What he argues is that reforms to bolster the
current state of affairs would “seal the deal”.68
That said, the ECHR’s judgment comes with a warning. Granting an unfettered power
to conduct surveillance either to the executive arm or judiciary was inadvisably dangerous. The
reason is simple: such procedures to conduct “secret surveillance of communications is not open
to scrutiny by individuals concerned or the public at large”.69 A point that decision makes, and
something Margulies underdoes, are the words of warning that “the law must indicate the scope
of any such discretion conferred on the competent authorities and the manner of its exercise
with sufficient clarity to give the individual adequate protection against arbitrary
interference.”70
The argument that discussions of surveillance and privacy must be matters of a purely
local and domestic character do not measure up to the globalised nature of surveillance
operations. They certainly do not accord well with the idea of international community
discussed by Franck, that “common, conscious system of reciprocity between [their]
constituents” governed by “shared moral imperatives and values.”71 They also ignore the
fundamental challenges that have been created by the digital sphere and debates surrounding
internet governance, something which the U.S. has been conspicuously lagging behind. In so
doing, the risk of a Balkanisation of the internet is genuine.72 The European Union’s justice
commissioner, Viviane Reding, has gone so far as to suggest recently approved new data
8
Journal of Global Faultlines, 2014
Vol. 2, No. 1, 1-16.
protection rules by the European Parliament as “Europe’s declaration of independence.”73 Brazil
has suggested plans to internalise internet traffic through local routing, involving the possibility
of a secure national email service. Brazilian President Dilma Rousseff has announced plans for
grater domestic production of network equipment and an increase in domestic internet
bandwith production.74
Reforms or non-reforms?
A direct response to bringing global surveillance activities within an international privacy
framework has come from the United Nations General Assembly. In November 2013, the UNGA
circulated a consensus resolution on the protection of the right to privacy in the digital age. The
“Right to privacy in the digital age” resolution calls on states to “respect and protect the right to
privacy, including the context of digital communication.” The resolution acknowledged the
argument about necessary surveillance in the name of public security, but argued that “States
must ensure full compliance with their obligations under international human rights law”. 75
States would have to take measures to end violations of “the right to privacy, including in the
context of digital communication”. Its sponsors were both Germany and Brazil, both of whom
had featured prominently in the Snowden revelations as top targets of NSA surveillance.
Specific to the resolution was the negative impact on the exercise and enjoyment of human
rights caused by surveillance, “in particular when carried out on a mass scale”.
The resolution was adopted in December, though it faced opposition from the U.S.
delegation which stuck to the view that privacy was territorially circumscribed.76 While it voted
for the resolution in the end, knowing that by itself, it would prove non-binding, the
oppositional points are worth noting. In response to the “deep concern” regarding human rights
abuses that might arise from extraterritorial surveillance, interception and data collection, the
reservation or “red line” noted how the rights of foreign nationals, in terms of surveillance, were
of little concern to the U.S. “As the text currently reads, it suggests that states have international
human rights obligations to respect the privacy of foreign nationals outside the U.S., which is
not the U.S. view of the ICCPR.”77
For all such aspirations, the greatest reform in terms of structuring a privacy right that
has an extraterritorial significance will have to come from an otherwise reluctant United States.
For one thing, the U.S. refuses to accept that human rights conventions, even the ICCPR, have
extra-territorial applications. In short, the tag “universal” human rights was far from being such.
For all of that, President Barack Obama has at least acknowledged the globalised nature of
modern dragnet surveillance, and the need for global protections that consider the rights of
non-US citizens as well. His recent proposals for reform are worth considering, though fall far
short of de-territorialising privacy.
Infant steps towards accepting a measure of improved oversight have come in the form
of the presidential commission’s recommendations in the December 12 report.78 The
Commission acknowledges that “excessive intelligence collection” can erode privacy and civil
liberties. To that end, the U.S. government “must protect, at once, two different forms of
security: national security and personal privacy.” This involves squaring home and national
security with the security of the Fourth Amendment.
9
Restraining the Surveillance State: A Global Right to Privacy
Binoy Kampmark
In terms of acknowledging a global privacy entitlement, the Commission proved more
cautious. No nation, it stressed, accorded the same rights, privileges, and immunities to its noncitizens. That said, some rights and liberties were universal “such as the international
prohibition on torture.”79 An international right to privacy proved less clear. Its rather mild
conclusion was that “the United States should grant greater privacy protection to non-United
States persons than we do today.”80
But its premise is broadly that of the President and supporters of the NSA: metadata
collection by the NSA has proven to be a legitimate and legal exercise. Collection under Section
702 of FISA has been “responsible” with “relatively few incidents of non-compliance.”81 Despite
that glowing observation, illegalities did occur because of the very scope of the collection that
would capture both domestic and foreign data. As a decision of the FISA court noted, the NSA’s
use of upstream collection had involved the acquisition of multi-communication transactions
(MCTs) which was unauthorised. The continued use of MCTs was prohibited as falling short of
the Fourth Amendment and the requirements of FISA.82
Section 702 of FISA, given its targeting of non-U.S. persons, did raise “the question
whether it sufficiently respects the legitimate privacy interests of such persons.” The
Commission stressed that existing practice did not encourage massive acquisition of the
“communications of masses of ordinary people.” The focus was specific – communications with
a specific “identifier” (email address or phone number) being used to communicate on matters
pertaining to “international terrorism, nuclear proliferation, or hostile cyber activities.” All
branches of government subjected the NSA to oversight in respecting such guidelines. The
Fourth Amendment protections – or their equivalent – could not be said to govern Section 702.
If the section applied to U.S. citizens, it would be a violation. Foreign nationals could claim no
similar protection.83 FISA itself was designed to protect Americans from abuse within their
political system, rather than the rights of foreign citizens.
With that said, the Commission conceded that privacy had been recognised “as a basic
human right that all nations respect.” Distinctions, however, would still be made between U.S.
and non-U.S. citizens. Foreign citizens could still be targeted on the basis of “reasonable belief”,
or without warrant from the Foreign Intelligence Service Court. The U.S. government, after all,
had a “special obligation” to “the people” of the United States. International obligations under
the ICCPR would still be upheld in a manner entirely consonant with that aim, but differences
had to be respected. As a rule of thumb, the Privacy Act of 1974 should be used to apply to nonU.S. persons as US persons.84
In his speech announcing reforms to NSA practices, Obama followed the tenor of the
December report – accepting the premise that the system had to be tweaked to prevent a “rogue”
capture. He admitted that, “Given the unique power of the state, it is not enough for leaders to
say, ‘Trust us, we won’t abuse the data we collect’.”85 He admitted that the bulk collection
program had not been “subject to vigorous public debate.” He did, however, fall short of
discussing a solid privacy right for those outside the United States.
For one, Obama did not accept the argument that a warrant was required for
surveillance of foreign persons overseas. “This is not unique to America”. Guidelines would be
drafted between the intelligence community and the attorney general to limit the duration of
holding personal information and restricting use of such information. Certain protections held
by Americans, in short, would be extended to non-Americans overseas.
10
Journal of Global Faultlines, 2014
Vol. 2, No. 1, 1-16.
For all potential dangers, Obama suggested that the collection of metadata did not
“involve the content of phone calls, or the names of people making calls. Instead, it provides a
record of phone numbers and the times and lengths of calls – meta-data that can be queried if
and when we have a reasonable suspicion that a particular number is linked to a terrorist
organization.”86 Yes, surveillance was being conducted, but appropriately. As an unnamed
source familiar with intelligence community discussions observed on the speech, “Nobody won,
nobody lost. That’s the nature of our government.”87 A long way, then, from any concession to
an international privacy right.
The Presidential Policy Directive 28 or PPD-28 remains even more pertinent than the
88
speech. The directive emphasises the technological supremacy of U.S. capabilities, with the
need to “preserve and continue to develop a robust and technologically advanced signals
intelligence capability to protect our security and that of our partners and allies.”89 A modest
acknowledgment is made, after outlining a range of interests and aims about taking into account
“the legitimate privacy and civil liberties concerns of U.S. citizens and citizens of other
nations.”90 These are framed in the language of policy, rather than the language of rights.
Section 1 detailing principles governing the collection of signals intelligence acknowledges that
privacy and civil liberties will be “integral considerations in the planning of U.S. signals
intelligence activities.” Information will not be collected to suppress dissent, disadvantage
people based on ethnicity, race, gender, sexual orientation or religion. The main premise for
collection will be “to support national and departmental missions”.91
The language of the directive suggests modest reform. Where possible, signals
intelligence activity would be avoided unless necessary. “Signals intelligence activities shall be
tailored as feasible. In determining to collect signals intelligence, the United States shall
consider the availability of other information, including from diplomatic and public sources.
Such appropriate and feasible alternatives to signals intelligence should be prioritized.”92
The directive also imposes limitations on the use of signals intelligence collected in bulk
under section 702 of FISA which will “protect the privacy and civil liberties of all persons,
whatever their nationality an regardless of where they might reside.” When collected, they will
only be used in traditional fashion: combating crime, illicit finance, threats to the U.S. or its
allies, terrorism and espionage threats. Annual reviews on how the bulk data is collected will be
done.93 The storage of such data would also be outsourced – to a third party contractor.94
A notable feature in PPD-28 is the restriction on monitoring foreign citizens, which
might be termed the “Merkel” section after it was revealed the German Chancellor’s phone was
being monitored by the NSA. Section 4 notes a universal, extra-territorial premise: “All persons
should be treated with dignity and respect, regardless of their nationality or whether they might
reside, and all persons have legitimate privacy interests in the handling of their personal
information.” U.S. signals intelligence activities would include safeguards to ensure that transterritorial protection.95
Section 4 also serves to create the machinery by which the U.S. will form a “point of
contact for foreign governments who wish to raise concerns regarding signals intelligence
activities conducted by the United States.”
In the view of executive director of Amnesty International USA Steven W. Hawkins, the
proposals failed to accept “the abusive nature of mass surveillance or put international human
rights standards at the centre of US policy”.96 The directive does not so much curtail surveillance
as simply limit aspects of its reach, attempting to limit the “rogue” enterprise in abusing the use
11
Restraining the Surveillance State: A Global Right to Privacy
Binoy Kampmark
of personal data. Executive Order 12333, which governs the use of electronic surveillance by the
Intelligence community outside the U.S., still affords the President powers to authorise
surveillance programs without judicial review.97 The law on surveillance is still subordinate to
executive discretion.
Congressional critics of the surveillance state, Senators Mark Udall (D-Colo.), Ron
Wyden (D-Ore.) and Martin Heinrich (D-N.M.) considered the move by the president to end
the government’s collection of phone records a “major milestone” but did add that, “The fight
to protect liberty and increase security is far from over”.98 Perhaps unsurprisingly, Congress was
less interested in the extent of privacy protections for non-Americans than Americans
themselves.
Finally, Obama’s address revealed a vital stumbling block in surveillance reform and the
issue of an internationally policed privacy right: his assumption that abuses never took place.
The president, in effect, ignored what the secret FISA court charged with making orders under
the Foreign Surveillance Intelligence Act had found: that the NSA had shown a “poor” record of
compliance. A specific example was provided in a declassified decision concerning an
unwarranted expansion of its bulk acquisition of internet metadata. According to Judge John
Bates, the NSA had engaged in systematic “over collection” and “disregarded the special rules
for disseminating United States person information outside of NSA”.99
At the very least, section 4 of PPD-28 suggests that there is a global expectation to
privacy that cuts across principles of citizenship. That very acknowledgement signals a
departure from traditional legal approaches from the U.S. security establishment. Its practice
will, however, be something else.
Reflections
Jed Rubenfeld argues that questions of privacy should not look to what the law prohibits, but
what it “affirmatively brings about”.100 The views discussed here suggest a battle between
narrowing the scope of privacy – de-territorialising it on the one hand; and confining it to
borders based on citizenship. Such confining efforts have a long history in traditional American
jurisprudence, and suggest a conservatism in reading international human rights law. As Roger
Clarke from the Australian Privacy Foundation convincingly argues, definitions of privacy must
be broad and not rigidly utilitarian. They must move beyond the restrictive notion of “data
protection” and fair information practices.101
As this paper advances, notions of privacy must go even further than that, having resort
to existing international practice, and the universal premise of human rights. Some modest
concessions have been made by the recent NSA reforms proposed by the Obama administration.
Irrespective of nationality, individuals have a legitimate expectation to have their privacy
respected. But such reforms remain modest and heavily governed by nationalist interests.
The normalisation of the surveillance state is the great technological feature of the
twenty first century – no political system has been spared that. Identifying the emerging norm
of privacy, it is suggested, is of vital importance not merely for individual citizens but for the
governments whose powers need to be checked. Technology might be useful, but its use in a
situation free of ethical guidance or legal restraint is not desirable. Brandeis and Warren remain
worthy sages on this point.
12
Journal of Global Faultlines, 2014
Vol. 2, No. 1, 1-16.
ENDNOTES
1
Secondary Order, In re Application of the [FBI] for an Order Requiring the Production of Tangible
Things from Verizon Business Network Services, Inc. on Behalf of MCI Communication Services, Inc.
d/b/a Verizon Business Services, No. BR 13-80 at 2 (FISC Apr. 25, 2013) (attached a Ex. F to Gilligan
Dec.) [Dkt # 25-7]
2
Foreign Intelligence Surveillance Act of 1978, section 702.
3
Cited in Klayman v Obama, Memorandum Opinion, December 16, 2013 [Dkt. #13 (No. 13-0851),
#10 (No. 13-0881)], at 9: https://ecf.dcd.uscourts.gov/cgi-bin/show_public_doc?2013cv0851-48.
4
Barton Gellman, “U.S. Surveillance architecture includes collection of revealing Internet, phone
metadata,” The Washington Post, Jun 16, 2013.
5
Klayman v Obama, Memorandum Opinion.
6
Ewen MacAskill, Julian Borger, Nick Hopkins, Nick Davies and James Ball, “Mastering the
Internet: How GCHQ set out to spy on the World Wide Web,” The Guardian, Jun 22, 2013.
7
Der Spiegel, “Embassy Espionage: The NSA’s Secret Spy Hub in Berlin,” Oct 27, 2013,
http://www.spiegel.de/international/germany/cover-story-how-nsa-spied-on-merkel-cell-phone-fromberlin-embassy-a-930205.html
8
Colum Lynch, “Brazil’s president condemns NSA spying,” Washington Post, Sep 25, 2013.
9
Michael Kelly, “Joe Biden in 2006: Metadata Collection Is ‘Very Intrusive’, We Don’t Know What
NSA Is Doing With Our Data,” Business Insider Australia, Jul 6, 2013,
http://www.businessinsider.com.au/joe-bidens-comments-about-nsa-spying-in-2006-2013-7
10
Reiner Stach, “Death by Data: how Kafka’s The Trial prefigures the nightmare of the modern
surveillance state,” New Statesman, Jan 16, 2014.
11
Office of the High Commissioner for Human Rights, “Mass Surveillance: Pillay urges respect for
right to privacy and protection of individuals revealing human rights violations,” Jul 12, 2013,
http://www.ohchr.org/EN/NewsEvents/Pages/DisplayNews.aspx?NewsID=13534&
12
Kenneth Roth, “NSA: Our Analogue Spying Laws Must Catch Up with the Digital Era,” The
Guardian, Nov 11, 2013.
13
Matthew Taylor and Nick Hopkins, “World’s Leading Authors: State Surveillance of Personal Data
is Theft,” The Guardian, Dec 10, 2013.
14
For examples, see Raghunath Ananthapur, “India’s New Data Protection Legislation,” SCRIPTed 8,
2 (Aug. 2011): 192-203.
15
See K. Gormley, “One Hundred Years of Privacy,” [1992] Wisconsin Law Review 1335, at 1397.
16
The ICCPR, Joseph and Castan eds., 533
17
See J. Michael, “Privacy,” in D. Harris and S. Joseph, eds., The International Covenant on Civil
and Political Rights and United Kingdom Law (Oxford: Clarendon Press, 1995), 333.
18
S. E. Wilborn, “Revisiting the Public/Private Distinction: Employee Monitoring in the Workplace,”
(1998) 32 Georgia Law Review 825, 833; noted in The ICCPR, Joseph and Castan eds., 534.
19
Roger Clarke, “What’s Privacy?” in Justin Healey, ed., Privacy and Information Rights, in Issues in
Society, vol 341 (Thirroul: The Spinney Press, 2012), 4.
20
H. Burkert, Privacy/Data Protection: A German/European Perspective, Proc. 2nd Symposium of the
Max Planck Project Group on the Law of Common Goods and the Computer Science and
Telecommunications Board of the National Research Council, Wood Hole, Mass., June 1999, noted
by Clarke, “What’s Privacy?” 4.
21
W. L. Morison, Report on the Law of Privacy (Sydney: Government Printer, 1973).
22
See Wesley Hohfeld,, Fundamental Legal Conceptions, W. Cook (ed) (New Haven: Yale
University Press, 1919).
23
Louis D. Brandeis and Samuel D. Warren, “The Right to Privacy,” Harvard Law Review 4, 5
(1890), http://faculty.uml.edu/sgallagher/Brandeisprivacy.htm
24
Hans Kelsen, General Theory of Law and State, trans. Anders Wedburg (Cambridge, Mass:
Harvard University Press, 1946), 37; John Gardner, Law as a Leap of Faith (New York: Oxford
University Press, 2012), 178.
13
Restraining the Surveillance State: A Global Right to Privacy
Binoy Kampmark
25
Thomas M. Franck, The Power of Legitimacy Among Nations (New York: Oxford University Press,
1990), 6; Dino Kritsiotis, “Imagining International Community,” European Journal of International
Law 13, 4 (2002): 961-992, 962.
26
D. J. Harris, Cases and Materials on International Law, 5th ed (London: Sweet & Maxwell, 1998),
65; C. M. Chinkin, “The Challenge of Soft Law: Development and Change in International Law,”
International and Comparative Law Quarterly 38 (1989): 850-866, 851.
27
UN General Assembly, Guidelines for the Regulation of Computerized Personal Data Files, 14 Dec
1990, http://www.refworld.org/docid/3ddcafaac.html
28
The International Covenant on Civil and Political Rights: Cases, Materials, and Commentary, 3rd
ed., Sarah Joseph and Melissa Castan, eds. (Oxford: Oxford University Press, 2013) noting HRC
General Comment 16 (16.15), 540.
29
ICCPR, Joseph and Castan, eds., 541.
30
Coeriel and Aurik v The Netherlands (453/91), para 10.1
31
The terms “unnatural sexual intercourse” and “intercourse against nature” formed section 122 of the
Tasmanian Criminal Code as it then stood.
32
Toonen v Australia, para. 8.1
33
Toonen v Australia, para. 8.2
34
Toonen v Australia, para. 8.3.
35
See Tanel Kerikmäe, Protecting Human Rights in the EU: Controversies and Challenges of the
Charter of Fundamental Rights (Dordrecht: Springer, 2013).
36
See OECD Guidelines on the Protection of Privacy and Transborder Flows of Personal Data,
updated 2013,
http://www.oecd.org/internet/ieconomy/oecdguidelinesontheprotectionofprivacyandtransborderflowso
fpersonaldata.htm; Convention for the Protection of Individuals with regard to Automatic Processing
of Personal Data, Strasbourg, 29.1.1981, http://conventions.coe.int/Treaty/en/Treaties/Html/108.htm
37
Emma Barnett, “Facebook’s Mark Zuckerberg says privacy is no longer a ‘social norm’,” The
Telegraph, Jan 11, 2010.
38
Ewen MacAskill, Julian Borger, Nick Hopkins, Nick Davies and James Ball, “GCHQ taps fibreoptic cables for secret access to world’s communications,” The Guardian, Jun 22, 2013.
39
Jemima Stratford and Tim Johnston, In the Matter of State Surveillance, Advice for Tom Watson
MP, Chair of the All Parliamentary Group on Drones, http://www.brickcourt.co.uk/newsattachments/APPG_Final_(2).pdf
40
Report of the Special Rapporteur on the promotion and protection of the right to freedom of opinion
and expression, Frank La Rue, Human Rights Council, Agenda Item 3, A/HRC/23/40 (United
Nations, General Assembly), Distributed 17 April 2013.
41
Report by Frank La Rue, A/HRC/23/40, 3
42
Louis D. Brandeis and Samuel D. Warren, “The Right to Privacy,” Harvard Law Review 4, 5
(1890), http://faculty.uml.edu/sgallagher/Brandeisprivacy.htm
43
Katz v United States, 389 U.S. 347 (1967).
44
Katz v United States, per Justice Stewart.
45
Klayman v Obama, Memorandum Opinion, December 16, 2013 [Dkt. #13 (No. 13-0851), #10 (No.
13-0881)], https://ecf.dcd.uscourts.gov/cgi-bin/show_public_doc?2013cv0851-48
46
David Cole, “We Are All Foreigners: NSA Spying and the Rights of Others,” Just Security, Oct 29
2013, http://justsecurity.org/2013/10/29/foreigners-nsa-spying-rights/
47
David Cole, “We Are All Foreigners: NSA Spying and the Rights of Others,” Just Security, Oct 29
2013, http://justsecurity.org/2013/10/29/foreigners-nsa-spying-rights/
48
Gardner, Law as a Leap of Faith, 175.
49
Gardner, Law as a Leap of Faith, 150.
50
David Cole, “More on the Rights of Others – Ben Wittes’ Failure of Imagination,” Just Security,
November 12, 2013, http://justsecurity.org/2013/11/12/rights-ben-wittes-failure-imagination/
51
Ashley Deeks, “Does the ICCPR Establish an Exterritorial Right to Privacy?” Lawfare, Nov 16,
2013, http://www.lawfareblog.com/2013/11/does-the-iccpr-establish-an-extraterritorial-right-toprivacy/#.Uu8CBzAyZ8F
52
Arnold D. McNair, “The Functions and Differing Legal Character of Treaties,” British Year Book of
International Law 11 (1930): 100-118.
14
Journal of Global Faultlines, 2014
Vol. 2, No. 1, 1-16.
53
Re McKerr [2004] UKHL 12 at 51.
Matthew Groves, “Treaties and Legitimate Expectations – The Rise and Fall of Teoh in Australia,”
Judicial Review 15, 4 (Dec 2010): 323-336.
55
Jeremy Bentham, Anarchical Fallacies; Being an Examination of the Declaration of the Rights
Issued During the French Revolution (1843).
56
See Peter Margulies, “The NSA in Global Perspective: Surveillance, Human Rights and
International Counterterrorism,” Roger Williams Univ. Legal Studies Paper, No. 144 (Jan 23, 2014),
and forthcoming in Fordham Law Review.
57
David Cole, “Are Foreign Nationals Entitled to the Same Constitutional Rights As Citizens?”
Thomas Jefferson Law Review 25 (2003): 367-388.
58
Demore v Kim, 538 U.S. 510 (2003).
59
Philip Allott, International Law and International Revolution: Reconceiving the World (Hull: Hull
University Press, 1989), 10.
60
Benjamin Wittes, “A Global Human Right to Privacy?” Lawfare, Nov 11, 2013,
http://www.lawfareblog.com/2013/11/a-global-human-right-to-privacy/#.UvGfsDAyZ8E
61
Orin Kerr, “A Reply to David Cole on Rights of Foreigners Abroad,” Lawfare, Nov 2, 2013,
http://www.lawfareblog.com/2013/11/a-reply-to-david-cole-on-rights-of-foreignersabroad/#.UvQnZDAyZ8E
62
Cole, “More on the Rights of Others.”
63
Marko Milanovic, “Foreign Surveillance and Human Rights, Part 1: Do Foreigners Deserve
Privacy?” EJIL: Talk!, Nov 25, 2013, http://www.ejiltalk.org/foreign-surveillance-and-human-rightspart-1-do-foreigners-deserve-privacy/
64
Radhabinod Pal, Judgment, in The Tokyo Judgment: The International Military Tribunal for the Far
East (IMTFE) 29 April 1946 – 12 November 1948, B. V. A. Röling and C. F. Rüter eds. (Amsterdam:
University Press Amsterdam, 1977); Richard Minear, Victor’s Justice: The Tokyo War Crimes Trial
(Princeton: Princeton University Press, 1971).
65
Wittes, “A Global Right to Privacy?”
66
David Kennedy, “The Disciplines of International Law and Policy,” Leiden Journal of International
Law 12 (1999): 9-133, 126.
67
Weber and Saravia v Germany (2006) ECHR, Application No. 54934/00,
http://hudoc.echr.coe.int/sites/fra/pages/search.aspx?i=001-76586#{"itemid":["001-76586"]}
68
Margulies, “The NSA in Global Perspective.”
69
Weber and Saravia v Germany, para. 94.
70
Weber and Saravia v Germany, para. 94.
71
Thomas M. Franck, Fairness in International Law and Institutions (Oxford: Clarendon Press,
1995), 10.
72
Ian Brown, “Will NSA revelations lead to the Balkanisation of the Internet? The Guardian, Nov 2,
2013.
73
Viviane Reding, European Commission – Speech/13/845, Oct 22, 2013,
http://europa.eu/rapid/press-release_SPEECH-13-845_en.htm?locale=en
74
Bill Woodcock, “On Internet, Brazil is beating US at its own game,” Al-Jazeera America, Sep 20,
2013, http://america.aljazeera.com/articles/2013/9/20/brazil-internet-dilmarousseffnsa.html
75
United Nations General Assembly, The right to privacy in the digital age, Draft Resolution, Agenda
Item 69(b), 68th Session, Third Committee, Nov 2013,
http://www.hrw.org/sites/default/files/related_material/UNGA_upload_0.pdf
76
UN News Centre, “General Assembly backs right to privacy in digital age,” Dec 19, 2013,
http://www.un.org/apps/news/story.asp?NewsID=46780&Cr=privacy&Cr1#.UvLo1DAyZ8E
77
Right to Privacy in the Digital Age – U.S. Redlines, noted at:
http://columlynch.tumblr.com/post/67588682409/right-to-privacy-in-the-digital-age-u-s
78
Report and Recommendations of The President’s Review Group on Intelligence and
Communications Technologies, Liberty and Security in a Changing World, Dec 12, 2013, available
at: http://s3.documentcloud.org/documents/929267/review-group-exec-summary-and-recs.pdf
79
Liberty and Security in a Changing World, 131.
80
Liberty and Security in a Changing World, 132.
81
Liberty and Security in a Changing World, 141.
15
54
Restraining the Surveillance State: A Global Right to Privacy
Binoy Kampmark
82
In Re DNI/AG 702(g), Docket Number 702(i)-11-01 (FISC October 3, 2011), noted in Liberty and
Security in a Changing World, 141-2.
83
Liberty and Security in a Changing World, 152-3.
84
Liberty and Security in a Changing World, 154-157.
85
Barack Obama, Transcript of President Obama’s Jan 17 speech on NSA reforms, The Washington
Post, Jan 18, 2014, http://www.washingtonpost.com/politics/full-text-of-president-obamas-jan-17speech-on-nsa-reforms/2014/01/17/fa33590a-7f8c-11e3-9556-4a4bf7bcbd84_story.html
86
Obama, Jan 17 speech.
87
Siobhan Gorman, “White House Added Last-Minute Curbs on NSA Before Obama Speech,” Wall
Street Journal, Jan 31, 2014.
88
Office of the Press Secretary, White House, Presidential Policy Directive/PPD-28, Subject: Signals
Intelligence Activities, January 17, 2014, https://fas.org/irp/offdocs/ppd/ppd-28.pdf (herein PPD-28).
89
PPD-28, 1-2.
90
PPD-28, 2.
91
PPD-28, 3.
92
PPD-28, Sec 1(d), 3.
93
PPD-28, 3-4.
94
See, for example, the Request for Information (RFI) form from the Office of the Director of
National Intelligence (DNI), Solicitation Number: ODNI-RFI-13-01, Special Notice, Feb 5, 2014,
https://www.fbo.gov/index?s=opportunity&mode=form&tab=core&id=b4756bf512d4d7a385f765e5a
3fd169d
95
PPD-28, 5.
96
Amnesty International, “Obama recognizes global rights to privacy, still falls far short of
safeguards,” Jan 17, 2014, http://www.amnesty.org/en/news/obama-recognizes-global-rights-privacystill-falls-far-short-safeguards-2014-01-17
97
Executive Order 12333.
98
Michael R. Crittenden, “Lawmakers Welcome Surveillance Changes, but Split Over Scope,” The
Wall Street Journal, Jan 17, 2014.
99
United States Foreign Intelligence Surveillance Court, Memorandum Opinion, Date redacted,
http://www.dni.gov/files/documents/1118/CLEANEDPRTT%202.pdf
100
Jed Rubenfeld, “The Right of Privacy,” Harvard Law Review 102, 4 (Feb., 1989): 737-807.
101
Clarke, “What’s Privacy?” 2; Roger Clarke, Beyond the OECD Guidelines: Privacy Protection for
the 21st Century (Xamac Consultancy, Pty Ltd., Jan. 2000).
16