Since June 2013, we have seen unprecedented security breaches and disclosures relating to American electronic surveillance. The nearly daily drip, and occasional gush, of once-secret policy and operational information makes it possible to analyze and understand National Security Agency (NSA) activities, including the organizations and processes inside and outside the NSA that are supposed to safeguard Americans’ civil liberties as the agency goes about its intelligence-gathering business. Some have suggested that what we have learned is that the NSA is running wild, lawlessly flouting legal constraints on its behavior. This assessment is unfair. In fact, the picture that emerges from both the release of documents leaked from the agency by Edward Snowden and official disclosures is of an agency committed to legal compliance, although both minor and major noncompliance is nonetheless frequent. A large surveillance compliance apparatus is currently staffed by hundreds of people in both the executive and judicial branches. This infrastructure implements and enforces a complex system of rules, not flawlessly but with real attention and care. Where an authoritative lawgiver has announced rights or rights-protecting procedures, the compliance apparatus works—to real, though not perfect effect—to effectuate those rights and to follow those procedures.
Of course errors, small and large, occur. But even if perfect compliance could be achieved, it is too paltry a goal. A good oversight system needs its institutions not just to support and enforce compliance but also to design good rules. Yet the offices that make up the NSA’s compliance system were, until recently, nearly entirely compliance offices, not policy offices; they worked to improve compliance with existing rules, but not to consider the pros and cons of more individually protective rules and try to increase privacy or civil liberties where the cost of doing so is acceptable. The NSA we learn about from the Snowden leaks thought of civil liberties and privacy only in compliance terms. That is, they have asked only “Can we (legally) do X?” and not “Should we do X?”
This preference for the can question over the should question is part and parcel, I argue, of a phenomenon I label “intelligence legalism,” whose three crucial and simultaneous features are imposition of substantive rules given the status of law rather than policy; some limited court enforcement of those rules; and empowerment of lawyers. Intelligence legalism has been a useful corrective to the lawlessness that characterized surveillance prior to intelligence reform, in the late 1970s. But I argue that it gives systematically insufficient weight to individual liberty, and that its relentless focus on rights and compliance and law has obscured the absence of what should be an additional focus on interests, or balancing, or policy.
To strengthen civil liberties, more laws may be useful, but they are not enough. Additional attention should be directed both within the NSA and by its overseers to surveillance policy, weighing the security gains from surveillance against the privacy and civil liberties risks and costs. The attention will not be a panacea, but it can play a useful role in filling the civil liberties gap that intelligence legalism creates. As one way of bringing that attention to bear, we need more—and more empowered—insiders who are attuned to civil liberties.
In most activities of government, outside scrutiny and accountability can promote good policy. In the secret world of the intelligence community, however, these methods are largely unavailable—there is simply too much the public does not, and cannot, know. That is why it is important to designate in-house officials to prioritize privacy and civil liberties—values that otherwise lack advocates within the intelligence community’s governance structure. Such officials have recently been placed within the NSA and in the president’s national security staff; new public advocates in the Foreign Intelligence Surveillance Court (often referred to as the FISA Court) are being asked to play a similar role.
Insider civil liberties offices face twin dangers: impotence on the one hand, and capture or assimilation on the other. Begin with impotence: Any internal governmental office whose mission is to constrainits agency (I have in other work given such shops the generic title “Offices of Goodness”) runs the risk of losing influence and being ignored, whether by being excluded from internal processes or by having its attempted contributions rebuffed. Institutional design should take account of these difficulties. So for example, it is vital that the NSA’s civil liberties office have a mandate from the NSA’s director that includes a stable set of situations in which it can gain access and opportunity to comment without needing sharper elbows than it is likely to have.
Other types of institutionalized access also can bolster insider civil liberties offices’ influence. For example, at NSA, perhaps the agency could be required to report every year to its civil liberties office how, precisely, each type of surveillance authority that touches American citizens and residents has contributed to the NSA’s foreign intelligence mission—intelligence requirements satisfied, leads generated, and so on. The office could use those reports to do an annual assessment of the costs and benefits of various programs for the NSA’s director. This could be shared with Congress and perhaps even in some limited form with the public. And certainly, one would want to ensure that the new office receives notice and an opportunity to comment on all changes that potentially affect privacy or civil liberties. Processes like these would legitimate the new office’s inquiries and its recommendation role, protecting it from accusations by NSA personnel of self-aggrandizement.
These all address the problem of impotence; but what about capture? The danger that accompanies all the access that insider civil liberties staffers have is a special kind of administrative capture—not, as the term usually indicates, by outsiders, but by colleagues. For example, the more involved in NSA decision-making the civil liberties office is, the more pressure it will get to go along, to ratify whatever program is being discussed.
What counters that pressure, if anything, is the new officials’ commitment to their assigned values—to privacy and to civil liberties. Maintaining commitment means resisting both collegial and careerist pressures, born of normal desires to get along with colleagues and to earn their approbation. This can be countered by multipronged efforts by those officials and staffers to maintain ties to a professional privacy and civil liberties community that can serve as a highly salient reference group. Such efforts should include a combination of hiring, networking, and fostering of career paths that value privacy and civil liberties expertise and commitment.
The development of intelligence legalism has been a major and salutary change in American governance over the past 35 years. Rights enunciation and compliance serve crucial rule-of-law values, and also sometimes further civil liberties. And yet they are insufficient to ensure appropriate civil liberties policy.
In his 2014 opinion for the Supreme Court in Riley v. California, holding that, absent exigent circumstances, the Fourth Amendment forbids warrantless searches of cell phones, Chief Justice John Roberts Jr. poked some mild fun at internal government processes as sufficient safeguards of constitutional rights. “[T]he Founders did not fight a revolution to gain the right to government agency protocols,” he wrote. But he continued, and I agree, that such protocols are nonetheless “[p]robably a good idea.”
In this post-Snowden moment, Congress can and should protect Americans’ privacy and civil liberties by clamping down on bulk surveillance, creating legal rules that can then be enforced by the courts and the intelligence community’s large compliance bureaucracy. But Congress and the president should not be limited by intelligence legalism. They should also follow the quite different strategy of amplifying voices inside the surveillance state who will give attention in internal deliberations and agency operations to civil liberties and privacy interests. Institutional design is important; civil liberties offices need deliberate and careful arrangements to safeguard their influence and commitment. If civil liberties and privacy officials inside the NSA, at the White House, and at the FISA Court can walk the tightrope of maintaining both influence and commitment, they might well make a difference—both in debates we now know about and others that remain secret. And they may help create documents useful for public oversight, too, flagging issues for congressional overseers and creating reports subject to public disclosure.
Intelligence legalism has proven unequal to the task of opposing the “collect everything” mindset. We need to add civil libertarians inside the surveillance state to nurture its civil liberties ecology. If that ecology doesn’t improve, the next big leak, in five or ten or twenty years, may reveal invasions of Americans’ privacy that dwarf anything we have heard about so far.
Margo Schlanger, the Henry M. Butzel Professor of Law, is a leading authority on civil rights issues and civil and criminal detention and is the founder and director of the Civil Rights Litigation Clearinghouse at the Law School. She has served as the presidentially appointed officer for civil rights and civil liberties, and as counsel to the secretary, at the U.S. Department of Homeland Security.