The House just voted to pass the USA FREEDOM Act, which reauthorizes and alters Section 215 of the PATRIOT Act, with a vote of 338 to 88. It’s being depicted as a landslide in favor of reform. It is, sadly, anything but. This is why.
Last week’s ruling by the 2nd Circuit fundamentally changed the Congressional debate. Senator McConnell, the Majority Leader, had been pushing for a straight reauthorization of Section 215 of the PATRIOT Act. But the 2nd Circuit ruling said, among much else, that if Congress did a straight reauthorization of the same language, then their ruling that mass metadata surveillance was unlawful would still stand. In other words, straight reauthorization will no longer get surveillance defenders what they want. So, as the next best thing, the administration and the intelligence committees swung behind the USA FREEDOM Act. This Act would impose token limits on how much they can collect with a single request, but would modernize intelligence collection for a world where much communication is not an actual phone call. As a compromise between moderate surveillance reformers and the intelligence community, it actually offers a lot that the intelligence community likes. So it looks much better to them at this point than straight reauthorization (=no mass metadata surveillance under Section 215) or straight sunset (=no mass metadata surveillance under Section 215).
In a week of devastating disclosures about government surveillance, here’s one ray of light.
The ACLU of Massachusetts reports the Massachusetts Supreme Judicial Court‘s verdict in Commonwealth v. Rousseau. In separate trials, John Rousseau and Michael Dreslinski were each convicted of four charges relating to a spree of burning and vandalizing properties. As part of their case, law enforcement had obtained a warrant to place a GPS tracker on Dreslinski’s truck for 15 days, which was then renewed twice. Two issues came up: whether GPS tracking needed a warrant anyway, and whether Rousseau had standing to challenge the warrant as he had no property interest in Dreslinski’s car.
It’s not usually our dealio here at Digital Fourth to weigh in on federal digital rights, because terrific organizations like EFF, Fight for the Future, Demand Progress and the ACLU generally do that heavy lifting for us. But so much has happened regarding prosecutions under the Computer Fraud and Abuse Act that it’s worth focusing on what this law is, why it’s in such a mess, and what can usefully be done about it.
When originally passed way back in 1986, the intent of the CFAA was to ban hacking. This kind of hacking:
In other words, what they were concerned about was access to “Federal interest computers”, namely computers belonging to the government, or at certain designated utilities like nuclear power stations or financial institutions. Now, however, the law covers pretty much any computer held by anyone.