Corporate Counsel
The Metropolitan
®
www.metrocorpcounsel.com
Volume 13, No. 7
© 2005 The Metropolitan Corporate Counsel, Inc.
July 2005
Project: Homeland Security – Law Firms
Renewing The USA Patriot Act –
What Every Business Should Know
Michael D. Ricciuti
KIRKPATRICK & LOCKHART
NICHOLSON GRAHAM LLP
In the wake of September 11, Congress
passed the USA PATRIOT Act (described in
this article as “the Act”). Among other things,
the Act changed how the government investigates two types of cases – intelligence cases
involving terrorism or espionage, and traditional criminal cases involving all manner of
alleged violations of federal criminal law. In
critical part, the Act provided new tools for
investigators in both types of investigations
and established a new information-sharing
approach in terrorism matters, a fundamental
change in practice.
Since the Act was passed, it has generated
intense controversy. That conflict has reignited, as several of the Act’s sections, scheduled to expire (or “sunset”) on December 31,
2005, are under review in Congress. Business
should keep an eye on the debate over three of
these Sections of the Act, which changed the
government’s investigative scheme in ways
that may affect almost any company. Two of
these provisions concern the manner by which
the government can demand information from
business – Section 209, authorizing criminal
courts to issue search warrants for voice mail
messages, and Section 215, expanding the
power of the Foreign Intelligence Surveillance
Act Court (“the FISA Court”) to order business to produce documents and tangible
things. One other section provided new rights
to business – Section 217, which allows a business which is victimized by a computer hacker
Michael Ricciuti is a Partner in the Boston
office of Kirkpatrick & Lockhart Nicholson
Graham LLP, and is a former federal prosecutor and Chief of the Anti-Terrorism and
National Security Section in the U.S. Attorney’s office in Boston.
Michael D. Ricciuti
to request law enforcement help to monitor the
hacker’s communications over the compromised computer. This article discusses all
three of these provisions and reviews their
place in the federal investigatory system.
1. Section 209: Voice Mail Messages
Prior to the Act, it was difficult for law
enforcement officers to seize voice mail messages left on cellular telephones or landlines.
This was because voice mail were treated like
live telephone calls. Monitoring of live telephone calls is recognized under federal law as
a very serious intrusion into privacy – and is
thus subject to very stringent procedures.
Including voice mail messages in this category
made discovery of them extraordinarily difficult.
Some brief background may be helpful.
Criminal investigators have several investigative tools at their disposal. One way of categorizing them is in terms of the level of
privacy intrusion they entail. Records of historical activity which do not reveal the substance of communications – for example,
telephone toll records – receive a low level of
protection from seizure. Agents typically
obtain this information with Grand Jury subpoenas, which are easily obtained from federal
prosecutors without judicial approval. Governmental intrusion into locations where there
is an expectation of privacy – a residence or
post office box, for instance – represents a far
more significant privacy intrusion. Investigators typically must obtain a warrant to search
these locations. Search warrant applications
are relatively short, can be obtained quickly if
necessary, and are usually submitted to federal
magistrate judges.
Government wiretapping – monitoring private “wire communications” (telephone calls,
Internet chats) in real time – is a special case.
Because this surveillance is extremely invasive, the law places more significant demands
on investigators to justify wiretaps than apply
in the case of a search warrant. To obtain a
wiretap order – known as a “Title III” order,
named for the section of the Omnibus Crime
Control and Safe Streets Act of 1968 which
created these procedures – investigators must,
among other things, make a more detailed
showing of probable cause than is required for
a search warrant and must also show that normal investigative techniques (e.g., subpoenas
and search warrants) have failed in achieving
the goals of the investigation, appear unlikely
to succeed, or would be too dangerous to even
try. Criminal agents and federal prosecutors
must also obtain approval to seek a wiretap
from the local agency supervisors and U.S.
Attorney supervisors, as well as to supervisors
at agency headquarters and the Justice Department in Washington. Ultimately, a wiretap
application and supporting documentation –
often comprising a hundred pages or more – is
presented to a federal district court judge for
approval.
As this description suggests, the process for
obtaining a wiretap is demanding and slow.
Prior to the Act, voice mail messages were
treated like live telephone calls, and could only
be accessed under the cumbersome Title III
procedures. In contrast, law enforcement offi-
Please email the author at mricciuti@klng.com with questions about this article.
Volume 13, No. 7
© 2005 The Metropolitan Corporate Counsel, Inc.
cers could seize tapes found in answering
machines with search warrants, and could
seize email messages with search warrants or,
in some cases, court orders, all without highlevel approval.
The Act treats voice mail messages like
answering machine tapes, and allows
investigators to obtain voice mails with search
warrants. Not surprisingly, the Justice Department is seeking to extend this ability, emphasizing the speed of the search warrant
procedure, a particularly important attribute in
seizing easily-deleted voice mails. Critics of
this section contend that Section 209 improperly reduces the privacy of voice mail messages. If they prevail, the cumbersome Title
III procedure will again govern the seizure of
voice mails.
2. Section 215 – FISA Orders
For Records And Tangible Things
Plainly the most controversial of the Act’s
provisions, Section 215 expanded the FISA
court’s authority to issue orders to business for
records and tangible things in certain international terrorism or spying cases. To understand how these orders are used, and the nature
of the debate regarding them, the federal intelligence gathering system must be explored
briefly.
Both before and after the Act, the government pursued two types of investigations in
international terrorism or espionage cases –
criminal investigations and intelligence investigations. With some exceptions, criminal terrorism and spying investigations are
conducted just like other criminal investigations, with the ultimate goal being the indictment and prosecution of defendants.
Intelligence investigations have different goals
and use a different set of tools. These cases
often rely on classified information, and seek
to protect national security by gathering foreign intelligence information about foreign
powers (like foreign countries or international
terrorist groups) or agents of foreign powers
(spies or terrorists). Criminal prosecution is
not necessarily a goal of these investigations.
Indeed, because of the sensitivity of these
cases, public prosecutions and trials of spies or
terrorists pose significant obstacles.
Although intelligence investigators use
some of the same investigative techniques as
criminal investigators, the process by which
these tools are brought to bear is quite different. Take, for instance, a wiretap. Like a criminal investigator, an intelligence investigator
can obtain a wiretap for intelligence purposes,
but only from the FISA Court in Washington.
Created pursuant to the Foreign Intelligence
Surveillance Act of 1978, the FISA court is
staffed by seven regular federal district court
judges appointed to serve part-time by the
Chief Justice of the Supreme Court. It reviews
FISA wiretap applications. These applications
are classified and must be approved at the
highest levels of the FBI and Department of
Justice before submission to the FISA court.
Applications for a FISA wiretap are extraordinarily detailed, like a Title III application.
They must show, among other things, that the
requested wiretap is targeted at a foreign
power or an agent of a foreign power; that a
significant purpose of the wiretap is to obtain
foreign intelligence; and the information cannot reasonably be obtained by normal investigative techniques.
The FISA court can also authorize the
seizure of certain business records for foreign
intelligence purposes. Such orders are classified, and recipients of them cannot disclose “to
any ....person...that the [FBI] has sought or
obtained” materials using them. Prior to the
Act, these orders were limited in scope. Only
records, and not tangible items, could be the
subject of an order; only common carriers (car
and truck rental companies), public accommodation facilities (hotels or motels), and physical storage facilities could be served with such
orders; and the FISA court had to find “specific and articulable facts” that the person to
whom the records pertained was a foreign
power or agent of a foreign power.
Section 215 changed each of these three
limitations. Section 215 brought tangible
items within the scope of a FISA order;
expanded the universe of recipients of such
orders to include all manner of businesses; and
eliminated the specific and articulable facts
requirement. Under the Act and a subsequent
further amendment, FISA orders are currently
available if they are “sought for an authorized
investigation ... to obtain foreign intelligence
information not concerning a United States
person [essentially a citizen, lawful permanent
resident, or American corporation] or to protect against international terrorism” or spying,
so long as any investigation of a United States
person is not based solely on protected First
Amendment activity.
Section 215 has been the subject of intense
dispute. One of the frequently-made arguments against this Section is the fear that it
could be used to obtain user records from public libraries reflecting patrons’ reading habits.
Although Section 215 makes no mention of
libraries, there is little dispute that a FISA
order under Section 215 could be directed to a
public library under appropriate facts. Even
though the Department of Justice has not
requested an order directed at a library, this
debate goes on.
One important issue is not disputed, however. Both sides agree that the recipient of a
FISA order can disclose it to his or her attorney and challenge the order in court. Attorney
General Alberto Gonzales has indicated that
the law on this point is not as clear as it could
be, and that the Justice Department would support technical amendments to eliminate this
ambiguity.
Were this provision to sunset, the Department would revert to using FISA orders as previously limited, and would rely more heavily
on “national security letters” (NSLs). NSLs
July 2005
are written requests for information in intelligence cases. Previously, they could be used to
obtain business records from banks, credit
reporting agencies and communications carriers. Recent laws permit NSLs to be served on
credit card companies, car dealers, real estate
agencies, stock brokers, jewelers and other
businesses which often deal in significant
amounts of cash. Whether these will be adequate for the Justice Department promises to be
a matter of strong dispute in Congress.
3. Section 217: Computer Trespassers
Section 217 allows the government to monitor and intercept the communications of a
computer trespasser over a protected computer.
The Section defines a computer trespasser as
someone who has unauthorized access to the
computer and excludes someone with a contractual relationship with the service provider.
A protected computer is, in essence, a government computer or one used in or affecting
interstate or foreign commerce. With the
advent of the Internet, this Section casts a
broad net.
Under the Act, the government is authorized to monitor the communications of a computer hacker if four requirements are met: (1)
the operator of the protected computer authorizes it; (2) the investigator (a person acting
under color of law) is lawfully engaged in an
investigation; (3) the investigator has reasonable grounds to believe the contents of the
hacker’s communications will be relevant to
the investigation; and (4) only the communications to and from the hacker are intercepted.
A computer trespasser has no reasonable
expectation of privacy in his communications
over the hacked system, so that monitoring of
the hacker’s communications does not violate
the Fourth Amendment. Nevertheless, critics
of the Section claim that it allows the government and computer operator to determine
whom to surveil, perhaps without any notice to
the alleged trespasser. The Department
responds by noting that Section 217 gives computer operators the same rights as a landowner
when confronting a trespasser – the right to call
in the government and help identify and expel
the trespasser – and only permits, and does not
require, a computer operator to ask for governmental help. Prior to the Act, it was unclear
they could do so. If this provision sunsets, that
lack of clarity will return.
4. Conclusion
Whether these provisions are renewed
makes a difference to business. With the focus
on terrorism and national security, business
increasingly should expect to receive search
warrants or FISA orders in these cases. And
with the explosion in computer hacking crime,
business also should increasingly expect to
respond to these crimes. Business thus should
be aware of its rights and obligations in these
cases, and how Congress changes them – or
doesn’t – in the coming months.