Last week's revelations about the scope of the National Security Agency's surveillance shocked many Americans, who learned that the top-secret agency was keeping records on literally every time they picked up the phone -- recording who they called, for how long, and their location when they called. But the concern was not limited to Americans. Edward Snowden's leaks also disclosed that the NSA had put in place the technology to sweep up large amounts of foreigners' phone calls, emails, social networking, and Internet usage. Citizens abroad immediately began objecting that their rights were being infringed by this U.S. program.
The U.S. response on both fronts is that no rights have been violated. On the domestic front, the Obama administration notes that the Supreme Court long ago ruled that Americans have no Fourth Amendment protection in the phone numbers they call, because when they pick up the phone they necessarily share that information with their phone provider for billing purposes. They therefore assume the risk that the phone company will turn around and give the information to the government. As such, the Court ruled, they have no reasonable expectation of privacy vis-à-vis the government obtaining that information from the phone provider. This "third-party disclosure" rule has largely eviscerated Fourth Amendment protection in the digital age, because virtually everything we do shares information with a third party these days. When we browse the Internet, dial a phone number, make a credit or debit card purchase, use EZ Pass on the highway, send an email, or carry a cellphone, we are necessarily sharing information with our "service providers." Under the Supreme Court's rule, we have no constitutional protection against the government getting that information from those providers. And with that information, the government can construct a picture of our private lives more intimate than even our family members have.
But this is not the only loophole in privacy protections. The Supreme Court has also ruled that the Fourth Amendment does not extend to searches of foreigners overseas. The Court announced that rule in a case involving a search of a Mexican's home in Mexico. But as with the third-party disclosure rule, the digital age transforms this principle into a massive loophole. Because of modern communications technology and computer capabilities, we can now sweep up and analyze massive amounts of electronic communications. The NSA could monitor every phone call, email, and Internet search in Pakistan, Afghanistan, the United Kingdom, or Canada without any constitutional checks whatsoever.
Why should Americans care? Because what's sauce for the goose is sauce for the gander. In international relations, reciprocity is a core principle. If we can monitor British citizens' emails and Internet use without meaningful legal limits, why should the British be restrained in their monitoring of our emails and Internet usage? And once a foreign government has obtained such information about our private activities, no law prohibits it from sharing that information with our government. As long as our government did not instigate the acquisition of the information, there is no bar under U.S. law on our government getting it from another government and using it against us.
Again, the modern era makes all of this much more feasible. Electronic communications travel around the world on cables that often pass through many different countries. In this sense, our communications are only as protected as they are in the least protective jurisdiction through which they pass -- and one generally cannot even know through which countries one's communications are likely to pass.
Developments in communications technology have brought the world closer together and have put a previously unimaginable wealth of information at our fingertips. This is all to the good. But those same developments have created the potential for vast loopholes in our privacy protections. Without constitutional constraint, the U.S. government can obtain from private companies data about our daily digital habits that can reveal what doctors we see, what magazines and websites we read, where we travel, and with whom we associate on a 24/7 basis. And computers make it possible to collect and analyze that data for "suspicious" behavior. And because foreign nationals abroad enjoy no protections whatsoever, Americans are likely to be fair game to foreign government surveillance operations directed at us.
What's needed is a comprehensive reevaluation of how to preserve privacy in the globalized digital age. Citizens should be free to use the Internet and maintain their privacy from unreasonable incursions. Governments must be free to conduct searches of online activity, to be sure, but those searches in the virtual world should be guided by the same principles that we have long lived with in the real world: Namely, the government should not intrude on private communications unless it has some particularized basis for suspicion. Sweeping dragnets of every American's phone use, or of every Pakistani's email traffic, are neither necessary nor justified.
To achieve these ends will require the concerted efforts of Congress and the Supreme Court, both of which can and should shore up protections for online communications. But in the long term, what is needed is a global understanding of the values of privacy and the importance of enforceable limits on surveillance. The globalized world offers untold opportunities for information sharing and communications across national borders. But it also presents untold risks from foreign government surveillance, cybercrime, and hacking. Striking the right balance between privacy and security on a global scale, and with respect to information routinely shared with private third parties, will not be easy. But the vast loopholes that exist today, exploited by the NSA, cannot be the right answer. We all have an interest in ensuring that developments in technology do not render privacy as outmoded as the eight-track player.