November 16, 2013 / by emptywheel


The Era of Big Pen Register: The Flaw in Jeffrey Miller’s Moalin Decision

As I noted, on Thursday Judge Jeffrey Miller rejected Basaaly Moalin’s bid for a new trial based on disclosures of the Section 215 dragnet. Miller rejected the bid largely by relying on Smith v. Maryland and subsequent decisions that found no Fourth Amendment protection for pen registers.

But Miller resorts to a bit of a gimmick to dismiss Justice Sonia Sotomayor’s comments in US v. Jones.

Miller notes Sotomayor’s comments. But he points to the 170 year history of the pen register and reasons that because pen register technology is so old, they cannot be described as a “product of the so-called digital revolution,” and therefore cannot raise the kind of new privacy concerns Sotomayor had in mind.

As noted by Defendants, Justice Sotomayor stated that the recent rise of the digital era of cell phones, internet, and email communications may ultimately require a reevaluation of “expectation of privacy in information voluntarily disclosed to third parties.” Id. at 957. Defendants extrapolate from this dicta that the court should recognize that Defendant Moalin had a reasonable expectation of privacy cognizable under the Fourth Amendment that the Government would not collect either individual or aggregated metadata.

The difficulty with Defendants’ argument is twofold. First, the use of pen register-like devices – going back to Samuel Morses’s 1840 telegraph patent – predates the digital era and cannot be considered a product of the digital revolution like the internet or cell phones. See Samuel F.G. Morse, Improvement in the Mode of Communicating Information by Signals by the Application of Electro-Magnetism, U.S. Patent 1647, June 20, 1840, page 4 column 2. In short, pen register-like devices predate the internet era by about 150 years and are not a product of the so-called digital revolution – the basis for the concerns articulated by Justice Sotomayor. [my emphasis]

Now, before I pick this apart, let’s look back at an earlier move Miller made.

In assessing the Section 215 dragnet, Miller did not consider whether the collection of Moalin’s phone records as part of a database of every single American’s phone records was constitutional. Instead, he first considered Moalin’s interest in phone records not involving him, then considered Moalin’s protections in phone records involving him (this may suggest the government found Moalin on a second hop).

Defendants argue that the collection of telephony metadata violated Defendant Moalin’s First and Fourth Amendment rights. At issue are two distinct uses of telephone metadata obtained from Section 215. The first use involves telephony metadata retrieved from communications between third parties, that is, telephone calls not involving Defendants. Clearly, Defendants have no reasonable expectation of privacy to challenge any use of telephony metadata for calls between third parties. See Steagald v. United States, 451 U.S. 204, 219 (1981) (Fourth Amendment rights are personal in nature); Rakas v. Illinois, 439 U.S. 128, 133-34 (1978) (“Fourth Amendment rights are personal rights which, like some other constitutional rights, may not be vicariously asserted.”); United States v. Verdugo-Uriquidez, 494 U.S. 259, 265 (1990) (the term “people” described in the Fourth Amendment are persons who are part of the national community or may be considered as such). As noted in Steagald, “the rights [] conferred by the Fourth Amendment are personal in nature, and cannot bestow vicarious protection on those who do not have a reasonable expectation of privacy in the place to be searched.” 451 U.S. at 219. As individuals other than Defendants were parties to the telephony metadata, Defendants cannot vicariously assert Fourth Amendment rights on behalf of these individuals. To this extent, the court denies the motion for new trial.

The second use of telephony metadata involves communications between individuals in Somalia (or other countries) and Defendant Moalin. The following discusses whether Defendant Moalin, and other Defendants through him, have any reasonable expectation of privacy in telephony metadata between Moalin and third parties, including co-defendants.

In other words, Miller takes Moalin’s phone records out of the context in which they were used. In doing so, he turns an enormous database — very much the product of the “so-called digital revolution” — into two pen registers, 170 year old technology.

That move is all the more problematic given repeated Administration explanations (cited by Moalin’s defense and therefore even Miller in his ruling) that Moalin was only identified through indirect contact with an identified selector (presumed to be Somali warlord Aden Ayro).

That is, Moalin would not have been identified without using the features of the database and NSA’s chaining analysis. Moalin was identified not because a single pen register showed him to be in contact with Aden Ayro, but because a network analysis showed his contacts with someone else appeared to be of sufficient value to constitute a likely tie to Ayro himself. And that two-hop connection served either as the basis to listen to already collected conversations involving Moalin via back door searches or, by itself, the basis for probable cause to wiretap Moalin (I suspect it’s the former, and further suspect they used the fruits of that back door search to get the warrant to tap Moalin directly).

Members of the Administration have assured us, over and over, that this chaining analysis is only possible with a complete haystack. Thus, the entire haystack — the database and data analysis that are the quintessential tool of the “so-called digital revolution” — is the instrument of surveillance, not hundreds of millions of individual pen registers. And yet, in their first victory over a defendant with standing, the judge resorted to a gimmick to render that haystack back into hundreds of millions of pieces of hay again.

Update: This passage, from the Administration White Paper, is inconsistent with Miller’s treatment of the dragnet as two separate pen registers.

Although broad in scope, the telephony metadata collection program meets the “relevance” standard of Section 215 because there are “reasonable grounds to believe” that this category of data, when queried and analyzed consistent with the Court-approved standards, will produce information pertinent to FBI investigations of international terrorism, and because certain analytic tools used to accomplish this objective require the collection and storage of a large volume of telephony metadata. This does not mean that Section 215 authorizes the collection and storage of all types of information in bulk: the relevance of any particular data to investigations of international terrorism depends on all the facts and circumstances. For example, communications metadata is different from many other kinds of records because it is inter-connected and the connections between individual data points, which can be reliably identified only through analysis of a large volume of data, are particularly important to a broad range of investigations of international terrorism. [my emphasis]

Copyright © 2013 emptywheel. All rights reserved.
Originally Posted @