Ever since Edward Snowden disclosed that the National Security Agency was sweeping up massive amounts of personal data about all of us, without regard to whether we are suspected of terrorist acts or any other wrongdoing, Americans have justifiably expressed concern. Why exactly does the NSA need to know every time I have texted my teenage kids, my wife or my friends? It’s a reasonable question, and the NSA has yet to offer a satisfactory response.
But the questions all too often stop at the border. We demand to know why the agency is collecting “our” data. But what about its collection of “their” data? With respect to foreigners abroad, the law allows the NSA to collect not just metadata—the information about whom they’ve called and when—but much of the content of phone and Internet communications. It need have no reason to believe that an individual is engaged in any kind of terrorist activity. Recent reports, albeit ones denied by the NSA, contend that the agency collected data on tens of millions of French and Spanish citizens in a single thirty-day period. And The New York Times reports that the CIA has been paying AT&T $10 million a year to obtain foreign call data wholly outside any judicially or statutorily authorized program.
As a constitutional matter, the Supreme Court has ruled that the Fourth Amendment does not protect foreigners from searches of their homes (or, presumably, wiretaps) outside the United States. But the same Supreme Court has ruled that the Fourth Amendment offers no protection to Americans for information they share with a third party, including bank records, phone records and, presumably, Internet browsing data and e-mail. Whether such judgments made sense before Al Gore “invented” the Internet, they make little sense today.
The Foreign Intelligence Surveillance Act is similarly premised on the need to protect “United States persons,” meaning citizens and permanent resident aliens. It offers little or no protection for foreigners overseas. Until recently, the NSA conducted electronic surveillance of foreigners via satellite without any statutory limits at all.
In other words, American law protects Americans. Hardly a surprise.
But is it right? Should we be so cavalier about the rights of others? I think not, for at least three reasons. First, we are all foreigners to someone. Right now, the United States has a head start on the technology for sweeping up massive amounts of electronic communications data. But that won’t last long. How would we feel if another nation was routinely collecting and analyzing massive amounts of data about our personal lives? Privacy is infringed whether the snooper is an FBI agent or a member of China’s security service. Given the expanding technological ability to gather information across borders, it is in our interest to think about appropriate limits on that capacity, regardless of what passport a human being holds. The International Covenant on Civil and Political Rights, an international human rights treaty that we and most other nations around the world have signed, protects the privacy of all, not just of US citizens.