Hints That the FISCR Plaintiff Is an Email Provider

I’ve said in the last two threads on the FISCR opinion that the plaintiff is an email provider. Here’s why I believe that to be true.

On February 29, 2008, the Computer & Communications Industry Association wrote the Members of the House (which was then considering its own amendments to FISA, distinct from those that had been already passed in the Senate), lobbying against retroactive immunity. CCIA, recall, is the trade group for a bunch of tech companies, including email providers Yahoo, Microsoft, and Google. That letter reads:

The Computer & Communications Industry Association (CCIA) strongly opposes S. 2248, the “FISA Amendments Act of 2007,” as passed by the Senate on February 12, 2008. CCIA believes that this bill should not provide retroactive immunity to corporations that may have participated in violations of federal law. CCIA represents an industry that is called upon for cooperation and assistance in law enforcement. To act with speed in times of crisis, our industry needs clear rules, not vague promises that the U.S. Government can be relied upon to paper over Constitutional transgressions after the fact. !!

CCIA dismisses with contempt the manufactured hysteria that industry will not aid the United States Government when the law is clear. As a representative of industry, I find that suggestion insulting. To imply that our industry would refuse assistance under established law is an affront to the civic integrity of businesses that have consistently cooperated unquestioningly with legal requests for information. This also conflates the separate questions of blanket retroactive immunity for violations of law, and prospective immunity, the latter of which we strongly support.

Therefore, CCIA urges you to reject S. 2248. America will be safer if the lines are bright. The perpetual promise of bestowing amnesty for any and all misdeeds committed in the name of security will condemn us to the uncertainty and dubious legalities of the past. Let that not be our future as well. [my emphasis]

On February 29, 2008, at a time when the plaintiff in this case was almost certainly actively pursuing the case (I’ll do a review of timing in a later post), the trade association for the country’s biggest free email providers was lobbying:

  • Against retroactive immunity for those companies participated in violations of federal law, suggesting that the trade organization believed earlier cooperation was clearly illegal
  • For prospective immunity, which had been included in PAA and was included in every FISA amendment ever contemplated, suggesting that association members intended to cooperate going forward
  • For "bright lines" describing the requirements for cooperation with the government, suggesting that association members cared first and foremost about the clarity of the law and believed the law, in the past, had not been clear

If that doesn’t, by itself, convince you that a member of the CCIA was the company objecting to the government’s byzantine assault on the Fourth Amendment, in discussions I had about this letter with a number of people, I learned that there were hints of an email provider fighting orders in the FISA courts.

I believe this suit is the rumored suit.

In other words, when you read the opinion and see the concerns about particularity, understand that we’re almost certainly talking about email servers, and not phone calls among individuals. 

    • LabDancer says:

      “Cloud sourcing”, among other things, is the term used to describe the technological approach used, for example, when you perform a ‘google’ search. As far as I – far from a computer geek – understand, Google didn’t so come up with the concept as it applied it in a distinctive way. The idea with ‘cloud sourced’ searching is that when you perform a search with it, you are not activating a search of a mainframe, or at least not by itself, but instead some mass of connected smaller processors, which don’t even have to be located on a single determinable site.

      I’ve seen statements on behalf of Google that imply, albeit admitting the oversimplification, that the search process set up by Google ‘may’ actually recruit your own desktop’s or laptop’s processor to ’spread the task’, ’share the load’. It seems to me – again: far from a ‘copter head on such – that to some extent it ‘must’, because it IS recruiting your own machine’s processor, by definition, since the search is initiated on it. The secondary implication is that when some other individual, at home or at work or seated at Starbucks, is conducting her or his Google search, your own machine’s processor is available to be ‘recruited’ for the filling of that person’s ‘request’. [I don’t buy that strictly as implied, but the idea of such ‘recruitment’ strikes me as a pretty useful means by which Google can defend against claims of their having invaded your privacy, which of course they’re doing – with your permission, right up front – in order to track your usage on the toobz, to show to advertisers & to pay sites their share of ad revenue.]

      As to gmail, Google [& for all I know Yahoo at some point, possibly before them, as well as Microsoft from some point after both], the original set of claims for it included that you’re not automatically storing content & related data on your machine, as you would be with Outlook & a lot of other programs with partnerships with or provided by ISPs who came to the area from years in the telephone biz or from a position in the cable biz. In many of those simply opening an email automatically saves it, or some representation of it, on your machine. In the case of gmail, for one, the basic design requires the user who clicks on a message to read it, to initiate a further step in actually downloading it onto one’s machine.

      Instead, as Google regularly & routinely reminds its gmail users, there’s what’s for your purposes an unlimited amount of storage space for your gmail messages, off your machine, stored ‘in the clouds’, & available for you to retrieve, on your machine, or anyone’s, anywhere.

      This all might seem a bit odd to those here without any practical experience with law enforcement in recent years, in which it’s become SOP for police or the FBI or whoever the investigators are, to physically seize a suspect’s or an arrested person’s processor, and, as was discussed an awful lot on the threads back some months with the legal actions by CREW and the National Security Archive, use now readily available technology to replicate or ‘take a picture’ of everything downloaded.

      But with cloud-sourcing, the same ‘picture’ isn’t available to law enforcement by that route. And that has presented some concerns to law enforcement – & in the case of BushCo, more like something to be overcome, as usual, by hook or crook, reflexively the latter.

      With email in general, currently [and has been for a while] available to anyone, if they take the time, to figure out the general location from which a message is sent, or at which it is accepted, and the actual processor from which the message is sent or on which it is accepted – though there are also a number of limitations, such as people choosing to route their email through a ‘clearing’ site [increasingly less of a problem as more home computers and home-based businesses come online, but with those who’ve been online since the early 1990s for instance there’s still a big percentage that from back in the earlier days of smaller, local services just continue with those].

      But in addition to those limitations, the cloud-sourcers don’t actually ‘receive’ or ’store’ individual messages in any way comparable to Outlook et al, but instead what the user is doing by ’signing in’ with her or his password is ‘aggregating’ and/or ‘re-aggregating’, more like the result of googling.

      The only keys are the user name & the password. Google stresses the password is private, and your only assurance of security. The government wanted our passwords, and Google, prominently, resisted. That’s part of why I think the Petitioner here is very likely Google.

        • LabDancer says:

          Another reason I second Ms E Wheel’s deduction is that, recent tho it is, we should remember what it was the BCA was doing – or more precisely was NOT doing – before the PAA 2007 – in turn leading to one of, if not the, most controversial aspects of the FAA 2008 – which was getting voice calls & emails by cooperation from their ‘private partners’ among the telcos – who could singly or cooperatively re-direct all our voice calls & emails, but none of whom would have our gmail passwords [I don’t know about hotmail & others.].

          Those folks [excepting out the one provider whose big guy got prosecuted] it appears would had been perfectly happy to dump the whole contents of the truck whereever the government wanted for a number of years, & some if not all [again excepting that one provider] seem very likely to have seen & enjoyed the extended benefits of such cooperation, to the point of establishing subsidiary concerns or partnering in subs for the larger sausage factory DNI McConnell has been setting up.

  1. Palli says:

    what is cloud-sourcing?
    is this the jist of the comment: an internet email supplier who has already complied is in court to get better definition of its responsibility to federal requests?

  2. MadDog says:

    On February 29, 2008, at a time when the plaintiff in this case was almost certainly actively pursuing the case…

    I’d agree with you here, but is there really such a thing as a plaintiff in FISA court cases?

    As far as I understood things, the only arguing party allowed in FISA and FISC hearings is the Federal Government.

    Legal eagles, correct me if I misstating reality here.

    • MadDog says:

      No problemo!

      Which gets to the underlying issue of just how a non-govermental 3rd party gets to argue their case against the Feds.

      I think Professor Turley is on to something when he said on Rachel Maddow’s show that the FISA/FISC courts are unconstitutional.

      It certainly does not accord itself with the definition of an adversarial proceeding.

      Who speaks for EW’s email provider?