Wednesday, December 18, 2013

State Stopped Snooping

In a data-rich world, the collection, organization, and interpretation of that data has become an industry...and also a means of spying on you.  As discussed at no short length by U.S. and International press, the National Security Agency has, among other things, collected data on incoming and outgoing calls, e-mail address/contact lists, and even used decryption keys allegedly stolen from private companies to check in on financial transactions and "secure" e-mails.

In sum, your electronic privacy is nil.

On Monday, a United States District Court Judge Richard Leon ruled that NSA bulk telephone spying is unconstitutional and in breach of "that degree of privacy" intended to be protected by the Fourth Amendment.  The enforcement of Judge Leon's ruling will be suspended pending completion of the full appellate process.  Considering that this entire suit could be thrown out at any level of the judiciary due to the Government's argument that the NSA exists outside of judicial review drastically shortens the projected life-span of this bold decision.

Some states have inquired into what remedies may be available to them to protect their citizens from NSA spying.  A lawmaker in Arizona will be introducing legislation "that would prohibit state and local law enforcement agencies from extending any kind of support to the NSA. The measure would also bar state-owned utility companies from providing electricity or water supplies to any NSA facilities that might be set up in Arizona."  A similar measure is being advocated for in Utah.

As concerned as we all may be by NSA spying, I believe we set an even more uncomfortable precedent by encouraging states to use their control over utilities to create policy.  Quite frankly, I find that terrifying.

Nevertheless, there may be federalist interest in pushing back against the central authority.  For most privacy laws passed at both the state and federal level, including health information and the protection of your financial data, the more protective law governs.  As far as I am aware, there are no laws explicitly protecting private information relinquished to corporate entities, whether that be Verizon, Google, or Citibank.  If a law were passed at the state level implementing such protections, private actors working within state borders would have a legal conflict between complying with state or federal law (to the extent they have any say in what data is pulled from their servers).  Rather than attacking the law directly, the conflict of state and federal law would create a federal question that must be decided by the courts and cannot be exempted from review.

As announced recently at a Columbia Democratic Club meeting, I think you can expect to see legislation introduced in the General Assembly this session setting the groundwork for this type of challenge.  It may be just what we need to have a full hearing on what electronic privacy we are entitled to and what goes too far.

That's all for today.  Have a great Wednesday doing what you love!