The law giving authority for United States spy agencies to collect American citizen's phone data en masse has now expired after the senate failed to come to an agreement on the new law.
The Patriot Act, which previously gave spy agencies such powers expired at midnight last night and the Senate did not vote in favour of the Freedom Act, new legislation backed by the White House, giving spy agencies such powers.
It is likely that legislation permitting new forms of data collection will be approved in the next free days. The Freedom Act would have imposed greater controls following the revelations made by Edward Snowden regarding the extent of data collection in the US.
What does this mean?
The failure to agree on the new law means that security services in the US at present cannot bulk collect phone records of Americans, monitor 'lone wolf' terror suspects or carry out roving wiretaps of terror suspects. They may however continue to gather information related to any foreign intelligence investigations.
However, legal analysts have also speculated that there may be avenues to continue collect information lawfully, for example using older and more vague legal provisions or 'grandfather clauses' id required.
The National Surveillance Agency (NSA), the body responsible for the majority of surveillance programmes, stopped collecting the relevant data at 19:59 GMT on Sunday.
Read More > Privacy Law Guides
Is bulk data collection legal in the USA?
Bulk data collection is a highly controversial issue, particularly following the phone surveillance revelations by Edward Snowden in June 2013, demonstrating the extent of bulk data collection. Following this revelation, a federal judge in ruled that mass collection may be unconstitutional which was then contradicted by a judge in New York, who rule that is was legal and not unconstitutional, however the government took steps to end bulk data collection.
The issue surrounding bulk data collection is that is contravenes the right to privacy which is a right enshrined in the US constitution an in the UK under the Human Rights Act, and European Convention on Human Rights.
Whilst there may be moves to change or end bulk data collection, spying and intelligence gathering will remain. We take a look at the ways in which government agencies in the UK and the US spy and when their methods will be legally compliant.
How does the US government spy?
The documents leaked by whistleblower Edward Snowden indicate that the US government has undertaken mass surveillance operations all over the world, in co-operation with UK counterpart GCHQ. The methods used are outlined below.
Accessing internet company data - The information revealed that the NSA may have had access to many major technology companies including access to the servers of nine internet businesses including Facebook, Google, Microsoft and Yahoo. This allowed them to track online communication as part of a surveillance program known as 'Prism'. The program gave the NSA and GCHQ access to email, chat logs, stored data, voice traffic, file transfers and social networking data.
Tapping fibre optic cables - Leaked documents from GCHQ revealed that the UK was tapping fibre-optic cables that carry global communications and was then sharing the data with the NSA. GCHQ was able to access 200 fibre-optic cables, meaning it had the capacity to monitor up to 600 million communications every day. The information was then allegedly stored for up to 30 days allowing for it to be sifted and analysed. GCHQ did not make comment on such claims but however said that their compliance with the law was "scrupulous".
In order to satisfy legal requirements, the measures taken by GCHQ must be necessary and proportionate to what they are trying to achieve.
Eavesdropping on phones - It was previously reported in German that the US had bugged German Chancellor Angela Merkel's phone for more than a decade, as well as monitoring
millions of telephone calls made by German and French citizens, and phone calls of the presidents of Mexico and Brazil.
In the UK, the police, customs officers or security intelligence services, are permitted to tap telephones for reasons relating to national security, serious crime or the economic well-being of the UK. In order to do so, they must gain a warrant from the Home Secretary.
Text message information gathering - In January 2014, it was reported that the NSA collected and stored almost 200 million text messages per day from all over the world.
NSA programmes codenamed "Dishfire" and "Prefer" gathered location information, contacts and financial data from text messages, including automated texts, such as roaming charge alerts. This was an untargeted collection of data, as opposed to collecting information from surveillance targets. However the NSA stated that the Dishfire program stored only "lawfully collected SMS data" and that any implication that collection of the data was "arbitrary and unconstrained is false". Again, in order to be lawful data collection must be proportionate and necessary.
GCHQ is not allowed to search through the content of messages without being granted a warrant from the Home Secretary. However, the contents are stored rather than deleted or "minimized" from the database and lawyers from GCHQ ascertained that analysts were able to see who UK phone numbers had been texting, and search for them in the database of collected information.
The GCHQ for Dishfire says:
"In contrast to [most] GCHQ equivalents, DISHFIRE contains a large volume of unselected SMS traffic," it states (emphasis original). "This makes it particularly useful for the development of new targets, since it is possible to examine the content of messages sent months or even years before the target was known to be of interest."
Analysts must be careful when searching the content as these searches could be successful, but may not be legal without a warrant.
It will be interesting to see how the US proceeds with the creation or limitation of powers of the NSA to collect, analyse and store data and whether this will be a continuing area of contention in the US government.
Read More > Privacy Law Guides
Follow us on Social