Ever since Edward Snowden disclosed that the National Security Agency was sweeping up massive amounts of personal data about all of us, without regard to whether we are suspected of terrorist acts or any other wrongdoing, Americans have justifiably expressed concern. Why exactly does the NSA need to know every time I have texted my teenage kids, my wife or my friends? It’s a reasonable question, and the NSA has yet to offer a satisfactory response.
But the questions all too often stop at the border. We demand to know why the agency is collecting “our” data. But what about its collection of “their” data? With respect to foreigners abroad, the law allows the NSA to collect not just metadata—the information about whom they’ve called and when—but much of the content of phone and Internet communications. It need have no reason to believe that an individual is engaged in any kind of terrorist activity. Recent reports, albeit ones denied by the NSA, contend that the agency collected data on tens of millions of French and Spanish citizens in a single thirty-day period. And The New York Times reports that the CIA has been paying AT&T $10 million a year to obtain foreign call data wholly outside any judicially or statutorily authorized program.
As a constitutional matter, the Supreme Court has ruled that the Fourth Amendment does not protect foreigners from searches of their homes (or, presumably, wiretaps) outside the United States. But the same Supreme Court has ruled that the Fourth Amendment offers no protection to Americans for information they share with a third party, including bank records, phone records and, presumably, Internet browsing data and e-mail. Whether such judgments made sense before Al Gore “invented” the Internet, they make little sense today.
The Foreign Intelligence Surveillance Act is similarly premised on the need to protect “United States persons,” meaning citizens and permanent resident aliens. It offers little or no protection for foreigners overseas. Until recently, the NSA conducted electronic surveillance of foreigners via satellite without any statutory limits at all.
In other words, American law protects Americans. Hardly a surprise.
But is it right? Should we be so cavalier about the rights of others? I think not, for at least three reasons. First, we are all foreigners to someone. Right now, the United States has a head start on the technology for sweeping up massive amounts of electronic communications data. But that won’t last long. How would we feel if another nation was routinely collecting and analyzing massive amounts of data about our personal lives? Privacy is infringed whether the snooper is an FBI agent or a member of China’s security service. Given the expanding technological ability to gather information across borders, it is in our interest to think about appropriate limits on that capacity, regardless of what passport a human being holds. The International Covenant on Civil and Political Rights, an international human rights treaty that we and most other nations around the world have signed, protects the privacy of all, not just of US citizens.
Second, the space in which private communications take place is increasingly transnational. Through the Internet, it is as easy to read The Guardian or listen to the BBC as it is to read The Nation or listen to NPR. It is as easy to Skype or e-mail with friends in Brussels or Hong Kong as with your neighbors down the street. As a result, we increasingly engage in international communications. Must we give up our privacy simply because the world we inhabit online crosses national boundaries?
Third, as the recent controversy surrounding German Chancellor Angela Merkel’s cellphone illustrates, listening in on other people’s private affairs can have substantial blowback effects. The Europeans have been seized with this issue since the first disclosures about the NSA’s spying on them and their leaders. The Brazilians are similarly enraged. And who can blame them? That anger will undoubtedly interfere with efforts to cooperate with these countries on a host of fronts, but especially on counterterrorism. And we desperately need international cooperation if we are to protect ourselves from global terrorist threats.
Some scoff and ask: What’s the big deal? Countries have always spied on each other. That’s what spies are for, after all. But the technological capacities now available make James Bond’s seem quaint. It is one thing for countries to monitor each other’s embassies, or to send spies out to gather information on particular targets of concern. But it is another thing altogether to vacuum up vast quantities of data about millions of entirely innocent civilians, in the hope that this might help us, at some undetermined future point, to identify a bad guy.
Europe is pressing for a kind of “no spying on allies” agreement, along the lines that we already have with Britain and some of its Commonwealth partners. That would be a start. But if we are to preserve privacy in the digital age, we need to begin asking why it is that we are so insistent on protecting our own privacy, but not the privacy of others. Unless we insist that privacy knows no borders, we will soon have no privacy left to protect.
Zoë Carpenter examined the NSA spying scandal after the revelation of the agency's phone-tapping of the German head of state.