Over Easy: Hands Off My Metadata!
Are you still hearing, “But they’re just collecting metadata!” when the subject of the NSA’s rampant collection of information about us comes up? There is no such thing as “just metadata.” With enough different data points, your life becomes an open book that a variety of government agencies can examine at will. “Just metadata” is a big lie that supports the surveillance state, and makes a mockery of our expectation of privacy under the Fourth Amendment.
Last week the ACLU of Northern California Technology and Civil Liberties Project released Metadata: Piecing Together a Privacy Solution, a policy paper that explains some reasons why lawmakers originally decided to give metadata less protection than content, why those reasons are no longer valid, and what we can do to address the problem.
Keep in mind that metadata is information generated as you use technology. For phone calls, metadata includes the phone number of callers, serial numbers of phones involved, time and duration of call, and location of each participant. For emails, metadata includes (among other technical information) the sender’s and recipient’s name and email address, the sender’s IP address, the subject of the email, and the date, time and time zone. For Google searches (Google is so dominant in search engines that “to Google” has become a verb), metadata includes not only search queries and results but also pages you visit from those results. We generate metadata every time we use technology, and mostly we are blissfully unaware of it.
The introductory paragraphs of the policy paper paint a chilling scenario:
Imagine bringing a date home for dinner. You put the laptop away and mute your phone. You prepare a gourmet home-cooked meal for two, queue up a selection of romantic songs and pick out a movie to watch after dinner. As the evening winds down, your heart races a bit as you go in for a kiss and wonder how your night will end.
Now imagine that someone is monitoring each and every event of your evening. Oh, don’t worry, they’re not actually watching you or listening in on your conversation. They just know who you emailed or called just before you put your computer away. They know what you bought for dinner and how you prepared it. They know who came over, where he or she came from and how long he or she stayed. They know what time you started the movie and which songs you listened to. They even know what time you turned off the lights — and whether or not the music was still playing when you did. And they know all of this without ever getting a search warrant.
The ACLU report describes just how much metadata reveals about a person, a fact that government agencies know quite well but don’t want to admit to the public. The entire report is eye-opening and well worth reading, especially by anyone who still buys into the NSA’s attempt to deflect scrutiny by claiming they are “just collecting metadata.”
The report proposes five strong principles to guide the protection of metadata (abbreviated here):
? Protect Sensitive Information Regardless of Form
In order to adequately protect individual privacy, legal protections must apply to all sensitive personal information, regardless of the type or category of that information. This is the only way to produce a forward-looking regime that is capable of keeping pace with the rapid evolution of technology.
? Protect Sensitive Information Regardless of Possessor or Storage Location
The idea of robust privacy protections for metadata is fundamentally inconsistent with the third party doctrine. While there are various types of metadata that individuals generate and retain on their own device or otherwise in their possession, the overwhelming majority of metadata is created or captured by third parties.
? Protect Sensitive Information Derived from Data Aggregation
Comprehensive protection of metadata must also take into account the fact that large sets of data can reveal sensitive information that cannot be inferred from any specific element in that set. This means that privacy protections need to apply not only to data directly collected from an individual but also to any inferences or derivative information generated through the analysis of that data.
? Provide Tools and Guidance for Law Enforcement Access to Metadata
Comprehensive privacy protections for metadata are not feasible if the protections they provide render effective enforcement of the law impossible. Thus, such efforts must meet two criteria. First, they must provide law enforcement with the tools necessary to protect the public. Second, they must provide law enforcement with the guidance necessary to comply with the requirements of the law.
? Ensure Appropriate Transparency and Oversight
Finally, as the NSA fiasco has illustrated, privacy law’s impact will be muted if government agencies are allowed to conduct surveillance in secret based on their own interpretation of their authority. As a result, the President’s Review Group on Intelligence and Communications Technology has specifically endorsed greater transparency about any ongoing surveillance programs, including metadata aggregation and analysis. Any future data privacy regime must inform the public as much as possible about any planned or ongoing efforts to collect information about individuals.
The report concludes:
There is no longer any justification for treating metadata as inherently less sensitive and less deserving of privacy protection than communication contents. Instead, we need a modern privacy regime that protects information based on its sensitivity, not its form. As the President’s committee report noted, this requires rethinking the role of metadata in society and reexamining — and ultimately rejecting — legal rules based on the outdated distinction between content and metadata.
Photo by nathanmac87, used under Creative Commons license