This weekend, we learned that the U.S. government last month demanded records associated with the Twitter accounts of several supporters of WikiLeaks—including American citizens and an elected member of Iceland’s parliament. As the New York Times observes, the only remarkable thing about the government’s request is that we’re learning about it, thanks to efforts by Twitter’s legal team to have the order unsealed. It seems a virtual certainty that companies like Facebook and Google have received similar demands.
Most news reports are misleadingly describing the order [PDF] as a “subpoena” when in actuality it’s a judicially-authorized order under 18 U.S.C §2703(d), colloquially known (to electronic surveillance geeks) as a “D-order.” Computer security researcher Chris Soghoian has a helpful rundown on the section and what it’s invocation entails, while those who really want to explore the legal labyrinth that is the Stored Communications Act should consult legal scholar Orin Kerr’s excellent 2004 paper on the topic.
As the Times argues in a news analysis today, this is one more reminder that our federal electronic surveillance laws, which date from 1986, are in dire need of an update. Most people assume their online communications enjoy the same Fourth Amendment protection as traditional dead-tree-based correspondence, but the statutory language allows the contents of “electronic communications” to be obtained using those D-orders if they’re older than 180 days or have already been “opened” by the recipient. Unlike traditional search warrants, which require investigators to establish “probable cause,” D-orders are issued on the mere basis of “specific facts” demonstrating that the information sought is “relevant” to a legitimate investigation. Fortunately, an appellate court has recently ruled that part of the law unconstitutional—making it clear that the Fourth Amendment does indeed apply to email… a mere 24 years after the original passage of the law.
Forget updating the law. REPEAL IT.