Editor’s note: this post is a preview of ideas raised in an upcoming article by the author, Intelligence Legalism and the National Security Agency’s Civil Liberties Gap, set to appear in the Harvard National Security Journal in coming months.
In my post on Wednesday, I shined a light on the massive system of law and law-like rules, and the lawyers empowered by them, that has come to dominate the United States Intelligence Community—a system that I call “intelligence legalism.” This system was created in the 1970s to curb abuses by the nation’s spies. Today I argue that it will never be equal to the task.
In total, hundreds of people spend all or most of their workdays on IC compliance and oversight. These overseers and the IC agencies consistently examine the legalistic “can” question: “Can we (lawfully) do X?” By contrast, those same institutions have until recently devoted little attention to the non-legalistic “should” question: “Should we do X?” President Obama himself has in recent months recognized that this is a problem, responding to a question about surveillance at a press conference, “Just because we can do something doesn’t mean we necessarily should.”
I agree. Legalism prioritizes rule-following; it focuses on “rules” and “rights” rather than “policy” and “interests.” Once something acquires the status of a “right,” it functions as a trump. Under intelligence legalism, if a civil liberties interest is not important enough to trump security—that is, it is not deemed a legally protected “right”—that interest gets little or even no weight. As a result, legalism may actually obstruct what should be the dispositive policy question: Does harm to civil liberties and privacy caused by proposed intelligence programs outweigh any security gains?
Law’s limited ambition
Consider, first, the Constitution, as interpreted by the courts. Those who answer charges of surveillance abuse by emphasizing the constitutionality of the contested conduct—which is to say, nearly every federal official who has defended the NSA in recent months—are essentially arguing that constitutional law sets not individual rights minimums, but rather the correct civil liberties policy. The problem is that to assume “constitutional” and “good” are the same is to mistake the role of constitutional law. The distance between “constitutional” and “good” is a matter of both method and purpose. Methodologically, many of the constitutional considerations—precedent, text, framers’ intent, and so on—are irrelevant to policy evaluation. Courts may also “lack the institutional capacity to easily grasp the privacy implications of new technologies they encounter,” as Orin Kerr has argued. But even when courts include policy analysis in their decision-making, constitutional decisions at least purport to be more about “can” than about “should.” That is why Fourth Amendment caselaw, notwithstanding its policy-heavy reasonableness inquiry, is formulated to give the government a good deal of leeway—both for mistakes and for differences of opinion. Indeed, it to be expected that courts are likely to err on the side of non-intervention in constitutional cases. Declaring something to be a “right” ups the stakes considerably, closing off partial solutions. So courts are, at the margins, understandably reluctant to so declare.
What about non-constitutional law?
Might statutory law—which can then be implemented via intelligence legalism—be the best way to fill whatever liberty gap remains after constitutional adjudication? FISA, for example, imposes a probable cause requirement for domestic surveillance for foreign intelligence purposes, as the Supreme Court hinted in the Keith case might someday be required as a matter of constitutional law. But that’s it, substantively.
Optimal policy requires calibration of privacy and surveillance—surveillance should be conducted only when its security benefits outweigh its privacy infringement. FISA includes no such constraint. To be sure, FISA directs the NSA to minimize infringements on “unconsenting United States persons”—but only insofar as such minimization is “consistent with the need of the United States to obtain, produce, and disseminate foreign intelligence information.” Thus, FISA categorically gives security more weight than liberty; its text directs that any foreign intelligence “need” can trump privacy.
You may be thinking that the Congress that enacted FISA chose to put a thumb on the scale for security because it believed FISA’s trump card for security constituted optimal policy. In other words, perhaps the 1978 Congress saw FISA as closing whatever civil liberties gap it thought needed closing. The historical record suggests otherwise. Reformers in the 1970s made clear that they didn’t intend for congressional protection of civil liberties against surveillance to end with FISA. Rather, the Church Committee’s view was that on top of FISA, executive-congressional disclosure would facilitate future interventions to minimize the prospective use of liberty-infringing techniques.
Congressional disclosure has not in practice fulfilled these hopes. A lack of legislative expertise and the usually low political salience of intelligence—both themselves rooted in secrecy—have meant that post-FISA congressional interventions have not played much of a role in protecting civil liberties. Perhaps the Snowden disclosures have shifted the political economy enough for Congress to pass a rights-protective measure in response, but that is still hypothetical. Besides, even if Congress does update surveillance rules to be more liberty-protective, such an action will only temporarily align “can” with the reformers’ ideas about “should” and only for high-salience issues. For issues that have not made it into the press, or for issues in the future, there will always be a disjunction between what is legal and what even members of Congress would find to be, on full and public consideration, appropriate policy. Areas of surveillance practice that have not so far leaked—or in which executive practice changes—will persist, and therefore so will a civil liberties gap.
Next in rank after the Constitution and statutes come executive orders. One of Executive Order 12333’s purposes is to fill the civil liberties gap left by constitutional and statutory law. The order expressly states: “Set forth below are certain general principles that, in addition to and consistent with applicable laws, are intended to achieve the proper balance between the acquisition of essential information and protection of individual interests.”
But 12333 cannot live up to that goal. For one thing, its status as an executive order renders it both less visible and more easily weakened. More important, even if 12333 adequately covered civil liberties interests in 1980, it—along with its associated AG Guidelines—is now out of date. Unsurprisingly, given the generally low visibility of intelligence matters, there was until the Snowden disclosures little appetite to update either 12333 or other sources of executive self-regulation to address new challenges to liberty. Despite the enormous changes that have taken place in the scope of surveillance since 1980 and the advent of “big data” methods, there have been no substantive liberty-protecting changes ever made to the order. Some procedural protections have been added, and notable efforts to weaken the protection of U.S. Person information were fended off. But instead of substantive protections that might be useful in light of technological changes, all that has been added since 1980 is language swearing fealty to laws that were already binding: “The United States Government has a solemn obligation, and shall continue in the conduct of intelligence activities under this order, to protect fully the legal rights of all United States persons, including freedoms, civil liberties, and privacy rights guaranteed by Federal law.”
Lawyers Are Not Civil Libertarians
Putting substantive law to one side, the effect of intelligence legalism within the IC is to allocate much decision-making to lawyers instead of policymakers and other practitioners. A growing shelf of articles and books document and even celebrate the lawyers who now populate the military, the CIA, and the Department of Justice’s National Security Division. Might all these lawyers push the intelligence enterprise toward appropriate balancing of liberty and security, even in the absence of specific law or doctrine declaring that as the required outcome? I doubt it. The emerging evidence suggests that IC counsel are implementers of two major sets of values—fiduciary/counselor, and rule of law—but not civil liberties. Tocqueville’s much older observations about lawyers remain apropos–not of all lawyers, but of the legal profession most generally:
“If they prize freedom much, they generally value legality still more. They are less afraid of tyranny than of arbitrary power, and provided the legislature undertakes of itself to deprive men of their independence, they are not dissatisfied.”
And when lawyers are given a say in policy, their legal sign-off frequently stands in as sufficient justification for the policy. To quote Jack Goldsmith, describing the Bush administration’s aggressive stance on a variety of national security topics, the role of lawyers was part of why “‘What should we do?’ . . . often collapsed into ‘What can we lawfully do?’”
Bandwidth and Legitimation
Theorists and observers in a variety of fields have developed the broad critique that law and its concomitant rights orientation may have the counterintuitive impact of decreasing the welfare of rightsholders—or, in a more modest version of the point, may ameliorate some set of harms but undermine more ambitious efforts. Focusing particularly on litigation, they argue that it is inherently a timid enterprise, and yet it crowds out other more muscular policy approaches.
At the NSA, rights occupy the “liberty” field because of a mundane factor: attention bandwidth. After all, even large organizations have limited capacity. NSA’s legal compliance is such an enormous task that little room remains for more conceptual weighing of interests and options. Of the dozen-plus offices that do compliance or civil liberties work, just two—the Civil Liberties and Privacy Office at the NSA, and the Privacy and Civil Liberties Oversight Board—are currently playing a policy rather than strictly a compliance role. They are also, not coincidentally, the newest and smallest.
I think that this bandwidth issue is also driven by a more conceptual, less practical, factor: that rights talk hides the necessity of policy judgments and, by its purity, diverts attention from that messier field. Morton Horwitz explains the point:
A . . . troubling aspect of rights discourse is that its focus on fundamental, inherent, inalienable or natural rights is a way of obscuring or distorting the reality of the social construction of rights and duties. It shifts discussion away from the always disputable issue of what is or is not socially desirable. Rights discourse . . . wishes us to believe instead that the recognition of rights is not a question of social choice at all, as if in the normative and constitutional realm rights have the same force as the law of gravity.
By comparison with judicially enforceable rights, other methods of advancing individual liberty look feeble, contingent, jury-rigged. An accusation of illegality becomes the required first bid for any policy discussion, and a refutation of that accusation ends play. This dynamic is very much in evidence in the response to the Privacy and Civil Liberties Oversight Board’s (PCLOB) report on FISA Section 702. When the PCLOB declined to opine that Section 702 surveillance is illegal, its report found little traction. Rights discourse stunts needed policy discourse.
In addition, judicial review legitimates the American surveillance system. That is why surveillance proponents immediately point to court supervision when they want to suggest that everything is fine. Court involvement is offered as evidence of both legality and appropriateness; indeed, the two are conceptually merged. My point is not that FISA Court legitimation is phony. In fact, judicial review has real if limited effects on the system. Yet the oversight gain carries with it a cost; the existence of judicial review makes political change more difficult. The point is not that law accomplishes nothing for its purported beneficiaries. If that were true, it could not legitimate. But gains from rights may—and in the surveillance situation clearly do—make gains from politics less available.
To sum up, neither the Constitution nor FISA aims to optimally balance security and liberty—and well-understood difficulties in congressional intelligence oversight mean that new statutes are unlikely to fill that gap. Likewise the existing foundational Executive Order, 12333, is at the very least out-of-date. Accordingly, intelligence legalism and its compliance mindset, cannot achieve optimal policy. Its concomitant empowerment of lawyers is real and important, but does not deputize a pro-civil-liberties force. Indeed, legalism actually both crowds out the consideration of policy and interests (as opposed to law and rights), and legitimates the surveillance state, making it less susceptible to policy reform.
Are there, then, non-legalistic reforms that could play a productive part? I address that question in an essay, forthcoming in the journal Democracy, examining proposals for amplifying pro-civil-liberties voices inside the IC.