Would be to fortify the protections, the Privacy Protections for americans in the law but the law has evolved and exactly the opposite direction and indeed since 9 11 there has been a sea change in the law. If you back up a few decades following the church committees revelations in 1970s there was a series of laws and policies put in place that establish a kind of golden rule. Intelligence agencies could not collect information on americans from within the United States without some individualized factbased suspicion of wrongdoing. Now the purpose and the effect of this rule was to constrain the abuses that had come before it. In the past 14 years a cardinal principle has been utterly jettisoned from the law. So lets talk about the three legal authorities that we know of under which mass surveillance is currently occurring. The first is section 215 of the patriot act. This is the provision that allows the government to get a fisa court order Compelling Companies to turn over Business Records in foreign intelligence investigations. And these are records like phone records, financial records, Hotel Records, and the like. Before 9 11, the government had to demonstrate to the fisa court that the subject of these records was a foreign power or an agent of a foreign power. That is defined in the case of an american in a way that necessarily involves some element of criminal activity. Congress amended the law through the patriot act so that the government doesnt have to show anything about the subject of the records, rather the government just has to show that the records themselves are relevant to the investigation. Now relevance as we all know is a very low standard. This still seems to preserve some level of individualized review. But in fact as we now know the fisa court interpreted this provision to allow the bulk collection of essentially all americans telephone records on the bizarre theory that millions and millions of totally irrelevant records can be considered relevant if there are some relevant records buried within them. Now this is a very dangerous interpretation because there are a lot of other Information Collection statutes out there that use the relevant standard. So who knows how theyre going to be interpreted in the future. With this program, we have moved from individualized suspicion of likely criminality to no individualized showing of anything. The Second Program is section 702 of the fisa amendments act which relates to the collection of communications content, phone calls and emails, between americans and foreigners overseas. Until quite recently, just a few years ago, if the government wanted to collect such communications, it had to show probable cause to the fisa court that the target of the communication im sorry, the target of the surveillance was a foreign power or its agent. And again if the target was an american, it had to involve some level of criminality. This was for surveillance occurring within the United States. Thats what the government had to show. In 2007 and again in 2008 congress amended the law to get rid of any requirement for an individualized court order when the government acting within the United States collects communications between an american and a foreign target for foreign intelligence purposes. Moreover the target no longer has to be a foreign power or an agent of a foreign power. The target only has to be any foreigner abroad. The role of the fisa court is limited to approving the broad procedures for targeting which is how the government figures out whether the target is actually a foreigner overseas. Not so easy in the digital era. And minimization. Which has been construed to mean that the information about the american on one end of the communication should be deleted or masked or thrown away after some period of time, which is usually five years. It could be more. And theres a laundry list of exceptions to allow information about americans to be retained and used. So again we have moved from essentially something that was very much like a warrant to a mass collection with no suspicion of wrongdoing. Finally there is the collection of signals intelligence. Thats communications and metadata that occurs from overseas under executive order 12333. This is by far the most expansive of the governments foreign Intelligence Surveillance authorities. Its also kind of a different bucket from the other two because there was never a golden rule here. There was never any individualized suspicion required because this was supposedly surveillance of foreigners overseas and these people supposedly have no Constitutional Rights so no court involvement. The executive order basically allowed agencies to collect foreign intelligence which was defined, which is defined as pretty much any information about any foreign person or any foreign entity and they can do so without any judicial involvement. There is a provision in the executive order for minimization of u. S. Person information. Again minimization means that, in theory, the information is disposed of in some way. In fact, it is kept for years or more, and theres a long list of exceptions for keeping and using this information. So the change in this area has been less about the legal constraints because they are for never that many constraints but more the practical constraints. Once upon a time there were limits on data storage and limits on analytical capacity, computer analytics such that you know, collecting all of the phone calls going in and out of a particular country and storing them for 30 days was neither possible nor really worthwhile because you couldnt analyze all that stuff. That is clearly no longer the case. It is happening. And then the other change in this area is that the distinction, this legal distinction between collecting information at home, and collecting information overseas has really become legal fiction given the way that digital data is transmitted and stored. This notion that americans have no constitutional interest at stake when the nsa taps into data centers in europe and therefore no court has to be involved, really doesnt make any sense anymore. So i think i will stop there. [ inaudible ] major technological changes and relaxation at the same time of some of the legal limitations in collection. I want to turn to eric and ask about the business implications. What are the resulting perceptions around the world . What are the implications for u. S. Business and what is the response then . And has it been adequate . Thank you. First off i wanted to note you can see in my bio, but i also have a background in government, and i worked at the state Attorney Generals Office in new york, the federal trade commission, and then at the computer crime section of the department of justice as a computer crime prosecutor so i have a pretty good background in the electronic surveillance laws, at least on the criminal side. But i also need to start out by coming back to the point that joseph was raising about the impact on companies and an example that pertained to my company. Clearly we are facing a difficult challenge with regard to striking the right balance with regard to the powers of the government has, the transparency around the use of those powers, being able to have a dialogue about what powers the government ought to have, really requires transparency as a starting point because if we dont know whats being done you cant effectively evaluate whether or not the powers have been granted properly, used properly. At cisco we dont view privacy and security as a zerosum game. They are clearly connected. At the same time we dont view Economic Growth as being something that is separate from National Security. They are intertwined. Economic growth should be a core value that is considered when we are figuring out what we want to be able to enable our government to do with regard to National Security and Economic Growth depends on trust. Its hard to quantify damage, but i think if you look at some of the examples that we have talked about that you see significant expenditures by u. S. Companies that can serve as a pretty good proxy for measuring the scope of the problem. You see litigation that has been brought by Companies Like twitter and yahoo to push back on surveillance requests. You see microsoft filing a lawsuit or engaging in litigation with the u. S. Attorneys office in new york over data thats stored in ireland. And you see a very large range of Companies Joining in to that litigation in support of the position, including not only cisco but ebay, hp, ibm, sales force, verizon, at t, the government of ireland. So that gives you a pretty good sense of the scope of the concerns. And then you also see Companies Making efforts to build data centers in a way that allow for localization putting data closer to their customers. Some of that may be based on performance but some of that is based on satisfying concerns that customers might have about where the data is stored and what laws are used to protect that data. That is all expensive. Trust has clearly been impacted for Companies Across the Technology Industry including cisco. We have dedicated engineers as joseph mentioned whose job it is to engineer our products and services with security in mind. And to build security in and to deliver those products in the way that we intend them. At some point there are things that we dont control. There are points where we deliver the product to our customers. The customers operate those products inside their networks. They have to maintain those things and so there are a number of different places where attacks can happen and we are talking essentially about nationstate to nationstate attacks. Those are highly sophisticated wellresourced, and in order to be able to address them and to figure out whether or not they are beyond the pale of what we as citizens are willing to accept, we really need as a dialogue that takes place between governments. We need to have some new rules of the road and we need to have a conversation between those governments about what normal behaviors are acceptable and which ones are not because the scope and the sophistication of the actors in the space are greater than the resources of any particular technology company. Thank you. I want to turn to catherine. We have been talking a lot about Foreign Surveillance. And these vast intelligence collection programs. But were also seeing some real significant changes in the realm of ordinary Law Enforcement. So, catherine, im hoping that you can talk to us a little bit about that, as well. Sure. First of all, thanks so much for having me. Im a huge fan of nacdl. When i was an aclu attorney the nacdl was a frequent comrade in arms working on many privacy issues. They were a client of mine, we represented them, challenging the governments policy of engaging in purely suspicionless searches of laptops and other devices at the international border. We cocounselled some cases together dealing with the Supreme Courts decision in United States versus jones, does attaching a gps device to a car require a warrant. So im particularly honored to be able to come here and speak at a conversation organized by people who are out there doing so much good work. So, yeah, weve heard a lot about these large National Security programs. But when i was at the aclu and now at berkeley one of my primary concerns is okay, right, most peoples everyday interactions with Law Enforcement actually happens at the local level, and so to what extent are National Security programs spilling over and affecting National Local policing, as well, which can happen in a number of ways. Sometimes individuals who are being prosecuted for say a drug crime may be have been incidentally swept up in one of the big National Security programs. But i think its important to remember another big post9 11 push that occurred. Which was there is a great emphasis on the need to focus on homegrown terrorism, and as a result to gather more information about what was happening at the local level. Weve seen the creation of very large pots of money that exists for the purpose of allowing local Law Enforcement agencies to acquire technologies at little or no cost. They have names like the Port SecurityGrant Program, operation stone garden. At first it might not be why something called the Port SecurityGrant Program would result in the expansion of, you know, why seattle, for instance, purchased this surveillance drone using money from the Port SecurityGrant Program. But it turns out that most urban areas are also the port areas similarly the operation stone garden, which is justified as a border program, you know, many states have borders and at least water borders. So a lot of these programs created post9 11 are used to purchase Surveillance Technology that gets upused in local policing. It happens for a second reason which is that the same technologies that may capture evidence of someone related to terrorism, are exactly the type of technologies that would be used in local Law Enforcement agencies. For more routine crimes. One of the things that was so striking recently was a story out of tacoma, washington, which acquired a stingray device, which is a technology that can be used, it replicates a cell phone tower and it can be used to track the location of a cell phone without having to go through the carrier. The way that device was presented to the city council was that as a device capable of locating improvised explosive devices. But when people filed foia public records requests to say how has this device actually been used it turned the it had never been used in such a way. It was primarily used in prosecuting drug crimes. So first of all the post9 11 pots of money are often fizzling surveillance at the local if. Second of all the same broad technological changes, the ability to collect, store, analyze and share information at unprecedented rates have also made surveillance at the local level more expansive. Im sure criminal defense lawyers see this all the time in their cases in some respects. Its pretty well understood that cell phone tracking is a common Law Enforcement technique. Its amazing to me today that there are still so few opinions on this point about whether the government needs a warrant based on probable cause to gather either realtime or historical cell tracking information. But at least we now know about the technique. Automatic license plate readers are common. Then theres technologies that are just around the corner, drones and increase expansion of facial recognition which i think people at the local level are also going to have to start dealing with and these things will crop up routinely in criminal investigations. So i want to allow for a more dynamic discussion, so i wont say too much else. But i think theres a double problem here, right . First of all, many of the use of these technologies have been shrouded in secrecy. Criminal Defense Attorneys cant file suppression motions when they dont know that the evidence was gathered in a way that might be amenable to that. A lot of the secrecy has been deliberate. The government made a strategic decision not to disclose that it was using stingrays and, instead, filed orders with courts, seeking authorization to use them in a less than probable cause standard in some cases, probable cause and others, that made them look like generic requests to use other surveillance technologies. So first of all, we have to find a way to combat the secrecy. And second of all, we have to come up with an organized strategy for sharing materials and briefs on how to actually craft arguments that judges will listen to about these technologies. Thank you. I want to come back to a talk about this whole conference is about the Fourth Amendment and we often turn to the Fourth Amendment as a way to regulate all of these Foreign Surveillance and the kind of surveillance techniques were seeing in ordinary Law Enforcement. So how effective is the Fourth Amendment in this area . What are the limits . I can talk about how effective it is in these nation foreign intelligence programs and maybe catherine has some thoughts about their effective with some of these local strategies. When it comes to the collection of communications, phone calls, emails and the like, there are a couple of potential limitations on the Fourth Amendment in this context. And why its not, i would say, sufficiently protective. The first is something called foreign intelligence exception. As all criminal attorneys know, the Fourth Amendment means that when the government conducts a search on an american it needs a warrant unless the search falls into one of several established exceptions to the warrant requirement. Such as for example a search incident to arrest. In the 1970s four circuit courts or appeals courts held that the government did not need a warrant to collect foreign intelligence information. But these courts but very strict limits on the exception. For example the target of the surveillance had to be a foreign power or its agent. There was one circuit court, the d. C. Circuit, that refused to recognize a foreign intelligence exception. The fisa court has recognized an exception but has absolutely discarded all of the limits that the other circuit courts so carefully crafted. The Supreme Court has not weighed in. Hasnt said whether or not there is a foreign intelligence exception, let alone now broad it is. So theres really a lot of uncertainty in the law in that area. Another possible limitation on the Fourth Amendment at least an argument that is made, is that foreigners overseas have no Fourth Amendment rights so the government doesnt need a warrant to gather their collection im sorry, their communications. Once you are collecting someones communications you are permitted to collect the communications by definition if anyone theyre talking to and you need no additional process to do that. That is not, in fact, the rule. There have been some Court Rulings in cases where there was a warrant at the beginning of the collection and where there were very, very strict requirements for getting rid of any information that fell outside what was identified in the warrant. And in those cases the courts held that the government did not need to get a warrant for each individual person with whom the target was communicating. That does not map onto a situation where the initial collection involves no warrant and theyre very lax min hiation minimization requirements. So these first two potential exceptions as you can tell under skeptical of but they are problematic. Then theres the Fourth Amendment and metadata. So the fisa court held that the bulk collection of americans telephone records did not constitute a search under the Fourth Amendment because information about who we call, when we call them, how long we talk to them, is information that we have shared with a third party. Thats the telephone company. And as we all know by now the something called the thirdparty doctrine which says that any information that you voluntarily disclosed to a third party, you do not have a reasonable expectation of privacy in that information. This doctrine which came about in the late 1970s has come under attack recently and is unlikely to survive. It simply does not square with the realities of life in the digital era. Each one of us leaves a trail of digital exhaust about a mile wide. The emails that we share with our Internet Service providers, the Text Messages we share with our mobile phone companies, the Financial Data that we share with atms, the location data we are sharing with cell towers that surround us. These forced disclosure to the companies that provide services to us really should not be equated with a voluntary disclosure to the entire world, including the nsa. So those are the issues. That concept of the Third Party Doctrine actually plays right into the litigation over the warrant with microsoft for the data thats stored in ireland that cisco and many other companies have been supportive of. The reason is because the governments position is that, that they can demand access to the information that is stored in a foreign data center by subpoenaing a company that has headquarters or principle place of business in the United States. And so they essentially treat the records that belong to the customers as being records that belong to the provider. And pertain to the customer. This is an important distinction that elizabeth was just touching upon. So you turn back to the decision in the sixth circuit from 2010, and it holds that the electronic communication privacy act to the extent that it would allow the government to gain access to the kinds of indications with something less than award is unconstitutional. And the position that the companys in the litigation are taking essentially is that not only do you need a warrant in order to gain access to the information but that warrants our territorial. And that they have application within the boundaries of the United States. And the goal is not to block access to use government to gain information they need in the course of lawfully authorized investigation but to establish a modernized framework and to avoid putting companies in the middle of conflicting legal regimes where it might be required to produce the information in one country and against the law to produce it in another. Coming back to the notion of the Third Party Doctrine, though, that its my view that the record that cloudbased providers are holding when youre talking about the contents of the communications, thats fundamentally different than i mean i think theres a fair point that the whole doctrine might not hold. But that theres is a fundamental difference between the records of the transactions, and the contents of the communications themselves. If youre talking about a bank record, the bank cannot transfer the money unless it knows what account its coming from and where its going to. So in a sense the governments argument is that the information about the transfer belongs to the bank. But when youre talking about the data that is stored in your cloudbased account, i would argue that that is a different level, that there is metadata information that pertains to the storage of information and the transference of it but the content of the communication require a warrant. It rises to give a level of Privacy Protection and clearly we believe that the warrants should not have applications beyond the United States. If the government wants to gain access to the information that is stored in a data center that is in ireland they should go through ireland and make their request that way. Can i just previously respond to that . I think the distinction between content thats held by third parties and metadata thats held by third parties makes a little too much of suggests a sort of difference in kind that i think is not necessarily there. The metadata itself, and this has been shown in a number of ways especially since the snowden disclosures is equally revealing of the personal information that is being that is part of the communication sometimes as the content itself. An example would be if someone calls a suicide hotline and hangs up. You know, repeatedly. There is zero content to that call. Zero content. But the metadata tells you everything you need to know, and its incredibly personal and incredibly private and that is information that belongs to the person who made the call. It is true that the Company Generates the record. It is a ministerial act generating that record reflecting the private act of the person. I think im going to solicit a comment during the question and answer are perhaps the question from mike price of the Brennan Center who is studying this exact subject but for now i will just sort of put a pin in that. One more response there . Sure. I think there are good policy arguments for the point that elizabeth is making but in the law there is currently distinction between in my view, a more clear distinction between the contents of communication and the metadata. So for instance, we come back to a bank record. The bank has to be able to document for antiMoney Laundering purposes that is has transferred money in certain ways and kept certain records. There is you can, i think, make a fair policy argument that a certain level metadata does create a picture that is invasive to the point that it should be treated like contents of communications. But we do have in the current law reflected a greater deal of Privacy Protection for the contents of communication. And the argument that im making is not to say that youre wrong about the invasiveness of collecting metadata. And maybe that it should be treated in a different way, but at least insofar as the current law is written, we would argue that the governments perspective that they should be able to treat the contents of Communications Like something that they can demand with a subpoena that can be domesticated back into the United States and turned over to them, is incorrect. That because were talking about the contents of communications, because of the level of privacy there, that this is a territorial demand and therefore they need to go through the proper government channels in order to be able to route that request. I want to turn to catherine and let her talk a little bit about the Fourth Amendment implications. Maybe talk a little bit about the public view doctrine and the plain view doctrine, as well. Sure. I want to make one thing thats sort of implicit explicit and thats the role that Edward Snowden has in bringing us all to the here today. Ive been working on these issues for a long time. It was extremely unusual even five years ago let alone 10 years ago to have major american corporations speaking out in favor of greater Data Security protections, at least publicly. That is not the fault of the corporations but it is to suggest that because of his disclosures it has redesigned the landscape such as that now it gives the Major Internet Companies some cover to take steps to protect their privacy whereas before they wouldve just been hammered by the government for being on the side of the terroristic and i think we owe Edward Snowden a debt of gratitude for many things. But that is certainly one of them because the unfortunate reality is that the lobbying power of organizations like the aclu and the National Association of i dont even know if the aclu has one. But the people on this side of the Civil Liberties community compared to what, you know, facebook and twitter and google can accomplish. Unfortunately theres a disbalance there and we should take our allies where we can find them. I do want to talk a little bit about the original question you asked which is how useful is the Fourth Amendment in this. And i feel really substantially more optimistic after the Supreme Courts decision in riley. Because it was the first time the court officially recognized that there is a meaningful difference between digital data and the types of data used to just carry around with you. Ive experienced this firsthand in my practice. I would be arguing these cases about can the government search your laptop at the border. The governments argument always was we can search your wallet at the border. This is simply no different and if you dont want to be searched you can leave this stuff at home. I think the Supreme Court in riley by recognizing the fact that people carry these devices with them wherever they go, they contain vast quantities of information that are quantitatively and qualitatively different found that that justified the application of a heightened standard. I think that is game changing. I agree also that the thirdparty doctrine is a major issue. Riley is useful particularly to the extent the government is engaged in surveillance directly itself but given how cheap and how much Surveillance Technology is proliferating, private parties will gather this information. So unless there is at least some barrier on the government obtaining the data from the private parties, in the form of changing the Third Party Doctrine, theres riley wont be useful, right, unless we can win that. The other thing i wanted to mention was this issue of Fourth Amendment remedies is huge. I was listening to the nacdl president Theodore Simon talk about like winning on, you know, exclusionary rule issues which has almost been unheard of, right, in my legal career, unfortunately, right . Ill tell you quickly tell you the sad story of my last aclu case which is something Peter Goldberg in the nacdl participated and also the centers was very helpful. We got this great decision from the Third Circuit court of Appeals Holding when you attach a gps to a car you need a warrant based on probable cause. Which is an invitation for an enbank decision and then what we got was a decision not even reaching the gps attachment Fourth Amendment question, but just holding that regardless, right, the good faith exception to the exclusionary rule means that the police the evidence wasnt going to be suppressed. Right . So here we are many years now after jones, and we have like very few Court Rulings on what seems to be a relatively and basic straightforward question which is whether you need a warrant to attach a gps device. I do think the other major question is privacy in public. The alito opinion in jones give some suggestion that the Fourth Amendment gives protection to at least prolonged surveillance of individuals movements in public because theres something about the aggregate of that information that is more invasive than the individual pieces. Thats a huge question that comes to things like automatic license plate reader data being collected. I dont know if you saw this but last week there was a story it got given by the Oakland Police department 4. 2 million points of alpr data that that city had gathered through a public records act request. So if you want to go see what this stuff looks like apparently you can just do a public records act request for it. They didnt release the actual data base i think out of privacy concerns. But the point is there are these data bases that are sitting out there and if we dont have any greater protection from public movements, merely because they happen in public, then thats going to be another area where the Fourth Amendment falls short. Thanks. So, joseph, i want to turn back to you and ask very implicit in all of this and we all know under the Fourth Amendment doctrine and our foreign Intelligence Surveillance team there is a distinction between how we treat u. S. Persons, u. S. Citizens, u. S. Legal permanent residents, and those present in the United States and how we treat nonu. S. Persons, noncitizens lacking sufficient voluntary connections to the United States who are outside of the United States. So making that determination requires an ability to distinguish on two axis. On location and on identity. My question for you is how feasible is that as a technological matter . Does the technology match the legal distinctions we have here . Its tough. The first thing i should say is catherine, check todays washington post. Youll be horrified to see that there is a program being disclosed that dhs is essentially going to contract with a third party license plate reader Data Base Company to be able to search willynilly this stuff for the past five years of essentially all of americans car travel with very protections. I encourage you to check that out. Back to the question, determined both location and identity. It can be very hard to do this. And you can see this in some of the documents disclosed by the Edward Snowden 702 targeting documents. But before i get into that what i often do, and my passion lies in translating some of the technical reality to things that lawyers, media and regular people can understand. Physical geography is something we deal with every day. How did you get here . Maybe not the easiest place to get to in d. C. But its a wonderful place to be when we do get here, right . Network geography, if you permit me to sort of take some Artistic License there, sort of the topology or the geography of the internet is much more different. It changes every second. And so, for example, sending a signal from your building to someone who may be in the building across the street may go like an extremely crazy way. Its not just going to like walk across the street so to speak or go through wires that are embedded across the street. It may leave the country. That may be the best way to get your information quickly and timely with whatever quality demands you have. If youre making a voice call, they want to make sure thats engineered very well so you dont have to turn into a gloried walkie talkie and say hi, how you doing . Over. Im doing okay, over. Thats not how we want to interact in life. At least thats not how i want to interact in life. Political and geographic borders so to speak dont map very well onto the Network Geography except for certain choke points like going across large bodies of water and stuff like that. So if you look at the 702 targeting procedures it sort of this extremely strange way of giving guidance in how you do this stuff and analysts to the fisa court and stuff like that. They focus on determining if any lead of Source Information that they have in their vast quantities of data can sort of indicate someone is not on u. S. Soil. And once theyve made that determination, they use a bunch of ways to do this. For example did the communication come through a link that is facing an ocean where theres a bunch of Foreign Countries on the other side . Thats one of the kind of things they do. Unfortunately, as i just pointed out, that may be the network trying to route your stuff as well as you can. You may use a vpn product. Lots of businesses and lawyers, if you dont know what this is, please come talk to me. Because youve got to use these things. A vpn essentially tunnels your traffic in a highly encrypted little pipe up through another server before it goes to the rest of the network. And those can very easily be in other countries. I use a product that will allow me to exit from 100 plus countries for whatever reason. I do a lot of testing and stuff. So you know trying to use these sort of technical analogs as proxies where someone is actually located is sort of a losing game. Only then do they get to the identity portion. Only then do they get to this person may be overseas but weve got to be sure theyre not a u. S. Person or do we have any evidence this is a nonu. S. Person . And so, in those kinds of cases, they essentially assume they could target someone unless they have some type of information that points to them being a u. S. Person. So we dont know how this works. And, in fact, i would love to do technical analyses of this stuff. Getting back to catherines sort of two point boomboom kind of analysis. That here, you know, what you see in some of this stuff, even when it gets down to domestic criminal Law Enforcement stuff. You see the fbi or somebody, you know, seeking an order to put whats called a Network Exploitation device or a computer and internet protocol and address verifier. They never say what theyre doing to install the software. And inevitably it involves social engineering trying to send you emails that you errantly click on because you think its from a trusted friend. Or poking through your browser to undermine your entire stuff. Its a very, very strained way of doing this kind of stuff which points to the fact that this is how the network and Digital Technologies have evolved. We want them to do very specific outcome related things. We didnt design the internet to identify everyone and thats a very good thing. There are very powerful ways if you are careful to be anonymous on line. Ill stop there. Can i add one thing . Which is that, and joe alluded to this. The rules for targeting and for minimization allow the government to assume that if it has no information about where the person is or what the nationality is that that person is a nonu. S. Citizen overseas. So that is a default that the government has literally no information. That is a pretty big incentive for the government not to do its Due Diligence to try to figure out where the person is. It also doesnt strike me necessarily that the lack of any information whatsoever is the equivalent of a reasonable belief that someone is a foreigner overseas which is what this statute requires. I should also real quick say theres some really strange pieces from a technical perspective of the minimization guidelines. For example, anything that is enciphered or reasonably believed to hold secret content you can keep indefinitely with no minimization whatsoever. 30 of the net right now is encrypted. Its going to be, im doing my best and a lot of us are doing our best to make sure thats 100. Maybe not exactly 100 but were getting as close as we can and the federal government is going to which is really interesting, u. S. Federal government has a plan to essentially strongly encrypt all web Services Within two years. Which is really cool to some of us. Anyway, the point there is, you know, the fact that were going to be able to collect encrypted information and do stuff with it indefinitely means that, one, you eventually encompass most of the stuff we transacted on the internet. So this is sort of a relic of the past. It also means encryption is something that sort of rots, it ages poorly. We find flaws and stuff regularly. The fact they can keep the stuff and just wait for some sort of flaw to allow them to get full access to the underlying communications is totally unacceptable. Im hoping to be able to work constructively. We have some work on this im previewing right now. I hope we can work constructively to sort of amend those things to recognize that maybe ten years is better for that kind of stuff and maybe you shouldnt have a default to collect all the stuff. You need some other sort of information, some other lead or something to really maybe its not probable cause. I dont know what it is, but its not just the fact that its encrypted which is a relic when encryption really meant that you were doing something interesting, rather than what we do every day. So liza, you started out by talking about how at least it was 702 collection and other foreign intelligence programs. Weve moved away from this idea of a target thats collected only based on finding a probable cause which still exists in ordinary Law Enforcement activities in the United States. And so were also seeing this infiltration of foreign intelligence information being used in Law Enforcement for Law Enforcement purposes and in criminal cases. Im hoping you can talk a little bit about what limits if any are in place and whether theyre effective in dealing with this use of foreign intelligence information in criminal cases . I spoke earlier about the rulings of courts of appeals in the 1970s, that there was a foreign intelligence exception. And the very strict limits those courts put on that exception. And the reason for those limits was to make sure that the foreign intelligence exception wasnt used as an end run around the warrant requirement in ordinary criminal cases. One of the most important limits that the courts put on the exception was that the primary purpose of collection has to be acquiring foreign intelligence. That limitation was incorporated into the fisa, into the foreign Intelligence Surveillance act back in 1978. That limitation was jettisoned by congress in the patriot act and now foreign intelligence collection only has to be a significant purpose of the collection, which means that the primary purpose can be gathering evidence for a domestic criminal prosecution. On its face the statute provides some protection here in that it prohibits the government from deliberately targeting a particular known person in the United States. Particular known u. S. Person. Because, of course, if the government were targeting a particular known u. S. Person for surveillance for criminal prosecution purposes it would need a warrant. Heres how that looks in practice. The government certifies to the fisa court would have no interest in any particular known u. S. Person, collects the data, then runs searches on the data using the names, phone numbers and email accounts of particular known u. S. Persons. This is called backdoor searches. The nsa and the cia did approximately 2,000 of these searches in 2013. According to the privacy and Civil Liberties oversight board, the fbi does these searches routinely. Routinely searches databases containing section 702 data when it investigates americans or even performs assessments. Which means no factual basis for suspicion at all. So you know warrantless surveillance. Warrantless foreign Intelligence Surveillance has absolutely become a domestic Law Enforcement tool. Catherine, i dont know if you have anything to add or if youre seeing if this is a concern youre seeing in some of your cases as well, youve seen . I think that is a concern. I think we sort of in how we sketched this out previously we see two concerns, right . The large Data Collection programs being data culled and being used in prosecutions and other sort of technological trends driving mass collection by local government agencies, as well because its just not that expense i any any more. I want to get each of the panelists a chance to talk about what they see as the Biggest Challenges going toward. So im going to let them go down the line and do that. Then im going to open it up to questions and remind our audience that you can email questions to nacdlquestions gmail. Com. We will get through hopefully as many of them as possible, probably not all of them. I guess the biggest challenge i see, theres a ton of big challenges but the biggest challenge for my perspective who works for lawyers all the time is giving you information you can use to reason about some of these things. Theres two challenges. One is knowing what they are doing which is difficult to know especially through powerpoint decks and fist filings. Those are not what they used to make decisions and help others do that but also, for example, just to pick one out off the top my head im working on right now, in terms of information sharing and domestic cybersecurity its very hard to sort of teach lawyers how Network Operations and Network Security works. Its not impossible and were going to do but its the kind of thing where theres sets of ways of talking of information that we just have really built up over the years and were going to need to invest in so to speak and have like little Network Security for lawyers or Network Security, not for dummies will for people and may not understand how this stuff works. We can do and say things like gee, do want to share that information . The stuff we used to defend ourselves, theres no liability associated, theres no ecpa stuff or whatever related to that in the sense that it doesnt contain that stuff that would prohibit you from sharing this. Its very hard to sort of talk about that in a way that sort of bridges the technologist sort of lawyer gap and thats one of my big challenges. I see several challenges. I think one of the primary ones is convincing the public of the threat. I think a lot of people think i share all my information with google anyway. But theres a big difference in the stakes of sharing all your information with google and sharing all your information with the nsa. The potential for abuse when the government collects this much information on everyone is real. And i think its only a matter of time before that potential starts to be realized in ways that people can see and can feel. I think its part of american exceptionalism that people think that their government, our government would never use it National Security powers against the people. Although other governments do it all the time. And our own government did it for decades. Another challenge is that Technology Just moves so quickly and Public Opinion moves more slowly and the law even more slowly than that. So by the time the law catches up, it can be sort of de facto too late. So right now we now have an entire intelligence establishment whose central function is to maintain and use vast data bases of information gathered through mass surveillance. Changing this is going to be, as its not just going to be about changing the law at this point in the game. Going to be about breaking down and redefining institutions. There are very powerful institutional forces arrayed against that kind of change. And were seeing that now. I would say that we have an important case going on right now regarding im sorry we have an important debate going on regarding the usa freedom act and the scope of the authorities of the u. S. Government to collect metadata information and to target communications of people in the United States that are communicating with people overseas. What the scope of those authorities are, how oversight should be conducted, what amount of transparency should be required of the government and permitted of the companies that are impacted by that. But i also think that theres a broader debate that weve had trouble focusing on which relates to the scope of authorities that take place outside of the particular statutes that we have. And those are the ones that are most directly impacting trust in technology that is built by u. S. Companies and our ability to sell the technology around the world. I mentioned before the concept of having new rules of the road. And the issues that i would flag are many of the ones that you see in the Intelligence Review Group report. The initial messaging they came out of the administration focused on the fact that the programs that are authorized by 215 and 702 only relate to, you know, the purpose of foreign intelligence collection is to focus on people who are not u. S. Persons. And given that the vast majority of u. S. Technology companies are already selling. The biggest part of their market share and certainly the future of their growth is around the world. That gave little comfort. Youve seen the administration evolve some of its messaging. Theyve put out the document which talks about the rights of farm persons versus u. S. And yet, you see the government taking positions in litigation that i mentioned before with regard to the warrant for data thats stored outside the United States that goes to this issue of trust and impacts the ability of people around the world to lay claim and protect their own privacy and to guard against access to government agencies. I would say, among the recommendations Intelligence Review Group report you saw some movement by the administration there. Michael daniel did a blog last year that talked about bias towards disclosing information about vulnerabilities. To companies that might be impacted by them. We still know little about the operation of this policy. There was a lawsuit by the aclu, how the policy works. That was blocked. It would be useful not only for americans and for people around the world, but also for the government to have more information about what this process is, where in the government decisions are made, which would give us more certainty about the weighing of the different impacts that go along with different decisions like that and what factors would be used in determining when exceptions are made. Potentially, theres a good story there that the administration has been, but they continue to be caught up in concerns about what level of disclosure theyre willing to make around the processes. So i think those are the top challenges that i see. For far too long, the government, executives specifically, has been able to engage in extremely aggressive surveillance programs with little Public Knowledge and with real harms as a result. I think one of the most striking things was after Edward Snowden revealed the 215 program, the americans telephone metadata, listening to president obama say dont worry, its just the meta data, and besides, everyone approved it, really fell flat because there hadnt been public debate. And the public i think the jury is still out on how that program is ultimately going to fair. It has at the very least, its a significant debate. I think thats the broad thing where as a lot of this stuff has been going on in secret for too long and its had really damaging consequences. Were at the National Criminal defense lawyers, so to make this practical, it makes it hard to file appropriate suppression methods. If you dont know what technology is being used. I think the sting ray example is the best one of that and have been used for at least a decade. And none the less, its really only been in the last few years that people have been aware of how widespread this is criminal and this crim in al defense bar has made Great Strides in filing appropriate suppression methods. I want to point out one useful resource, which is that the aclu of Northern California published a report on the u. S. Of sting rays, but its geared towards criminal Defense Attorneys. Heres how you can make a good guess about whether the secret technology was used in your case, right, then here are some things you can do if you want to try to get criminal discovery through rule 16 about this sort of technology. So, you know, i think theres sort of many pressure points. I think criminal Defense Attorneys have a role to play. I think also, im optimistic and looking at frank from the aclu of virginia while im saying this, im optimistic about what can happen at the local level. Right . The federal government may be largely bought into this stuff, but i think weve seen bills at the state level. Virginia has been active there, but seattle and tacoma both passed really innovative laws essentially saying to their local Law Enforcement, if you want to apply our technology, you have to come to the city council beforehand, right, and tell us about it because what happens now because federal Grant Programs make money available to local Police Departments d those those particular bottle bills those two cities passed unfortunately have some serious flaws, but again, the aclu put out a model which is quite useful if people want to follow these ordnances. Surveillance notification ordinances. Which are sort of knew neutral on the technology, but the city council is trying to assert some control. By saying you have to tell us if your going to use this technology. And you know, im, im really broadly in favor of that because while i dont want to minimize the fact that the government has legitimate National Interest in certain areas, by the time the problem is that you know, other cities cant even know what their police department, i think the secrecy has gone too far. I just want to make one more point for optimism to echo what we just heard. I do think there are a fair number of really important decisions weve seen that have been challenged by the government and that the trend in the courts is clearly towards finding more things to be within the realm of reasonable expectation of privacy. When the worshack decision came out in 2010, i think there was a fair amount of expectation the government was going to challenge and to obtain information that was more than 180 days old without a warrant. We have not seen that happen and over time, first google then followed by pretty much every major provider of email Cloud Based Services in the country, the demand has been made that the u. S. Government produce warrants before contents will be turned over and that is effectively the law of the land, even though that is not how statute the currently written. The department of justice has over time, conceded the point in testimony before congress that the 180day rule was arbitrary, doesnt make sense, should be updated. Weve had difficulty getting that across the finish line in terms of codifying the change, but know, the jones case again was a principle i think that for many years was accepted that if the government was just observing things that were happening on the streets, automating that through technology would not create additional concerns that would require warrant and the courts have held otherwise. Then the riley decision that we heard about before holds not only very interesting points about cell phones themselves and the contents of what they hold, but i believe its in Justice Roberts part of the opinion, a reference to the notion that these devices are connected to the cloud and that that might create additional concerns, but the phones themselves obviously hold so much more information than when the original doctrine was developed that my phone has 64 gigabyte of memory and probably exceeds some of the computers that might be in the room. The technologys changing. The courts, the law is clearly not keeping pace with the law of the technology, but there are i think positive trends in courts with regard to the development of 4th Amendment Law that we should be fairly happy about. I would agree with that. The only one point that i just want to make is that i think the reason why the government is pushing back harder against warshack and against where things are going with email content is because the government can get 95 of what it needs through meta data. Great. Id like to open it up for questions. On the note of optimism, i also encourage folks here to look at ppd 28, not whether or not it has real significance, its a real step forward in the government providing rights to noncitizens as well. Theres a lot to be pessimistic about, but theres notes of optimism, too, so with that, id like to invite you up for questions. Theres a microphone on each part of the room. Please ask questions. This is not a chance to make speeches. Please come forward and ask your questions. Another reminder for those watching, you can send a question to nacdl questions. And thats at gmail. Com. And well answer your questions. Hi, thank you to all of you. Catherine, i want to ask you, you ticked off some of the local surveillance capacity thats out there. Can you give us a more comprehensive list of what local Law Enforcement is able to do in terms of collecting data images and all the rest on folks . Thanks, good to see you, too. Why dont i start off o brainstorming session, then other people can jump in. Theres automatic license plate readers which can snap photographs of every passing car. Local Law Enforcement agencies can install these themselves, on patrol cars or on highway overpasses. They can also purchase access to large private data bases. There are repo men who attach these to their cars and go around snapping photographs. Pictures get put in these data bases, with millions of information, whether getting access to those at all. Ariel surveillance is very interesting, although i think it is in some sense, overhyped what can be done now. It had a lot of potential. Manned helicopters extremely expensive and not many local Law Enforcement agencies own them. Drones are cheap and the little ones arent that sophisticated. But what i think is really fascinating is the possibility of ariel surveillance, the idea that you could fly something over a city. I dont know if youve seen the dem on administrations, but you could sort of see individuals Walking Around the streets and trap cars, so i think thats really fascinating. Cell phone data can be obtained. This is location data stretching back for as long as the mobile phone carrier wants to keep it. Text messages, browsing history. It can be records of phone calls people have dialed. Right. Everything you do on social media, this is really depressing. Im trying to be as comprehensible as possible. As im listening, just tryinging to be as comprehensive as possible. There are circumstances in which you can get access to day to on peoples facebook or other accounts. We all know of people who share more there than perhaps would be wise. There is the story in maine of the guy who was, who posted his, you know, marijuana photographs on facebook, but didnt realize a friend of his friend was a cop and then got busted this way. Thats not a great example, pu theres a lot of data. If your car has an inboard navigation system, it may be possible, its unclear, theres one interesting federal Court Decision to track you through that and maybe even automate the microphone if thats possible. And obviously, theres surveillance cameras in a lot of different locations. What else is on the list . Absolutely. Im going to be more forward thinking in the sense that a lot of this stuff you see on there, ariel surveillance platforms, has previously existed, so the kind of fun technical toys theyre putting on Surveillance Drones are pretty striking. So things like you can think of as laser ranging, it can see through foilage because the leaves move and it can tell you whats behind things like leaves. Theres synthetic anture radar, which can look through thin materials like your drapes and your blinds and stuff like that. Talk about and theres like the kylo things, infrared. There is also sphere cal lens platforms. These can take pixel images on a regular basis of an area where its looking. These are give you the able thety to basically see features from a pretty high Vantage Point at like you know, foot to inch or few centimeter kinds of resolutions in a highly time sensitive way. This stuff is, some of it is not available to people operating current types of ariel surveillance platforms, but its not going to be a lot of time before thats demanded for whatever reason to use these. In these kind of contexts. I would add bio metrics and fingerprint scanners. Theres also what can be done with this data, you have ariel surveillance, you have this videos, facial recognition technology. Fingerprints can be captured from incredibly large distances because you can, the images are so precisely can blow them up and get your fingerprints so you can identify all these blurs on the video feed and then you know, rocks. I dont know if anybody read about this, but the military, when it was withdrawing from villages in afghanistan, would leave rocks that had cameras in them that had 20year batteries. Why cant i get one of those for my phone . 20 year batteries. Just record continuously and feed it back. Those are now at the border, so, you know, beware of rocks. Its just incredible. Its anything, everything. And remote biometrics like facial recognition is very, very powerful. Theres things you dont know about. Side face and gait, how you walk, those two combinations together are extremely identifiable. Unless youre wearing something that obscures that and often, theres mask laws, a great paper on this talking about the kkk intimidating people meant theres a loft states that have laws saying you cant wear masks except halloween and other holidays. So you cant protect yourself from that kind of stuff. And to mask your gait, you have to have a ministry of silly walks to make sure they cant profile your silly walk. Im reading, taking questions from email. We got one from ma whos asking about it being reducktive to compile all meta data as being equivalent to underlying content or accessibility of many systems used by carriers and other collectors, huge range among health participants, creating meta data barrier. To iehrin operability. I dont know what that is, maybe you do. I dont. But i think the point of the question is isnt there different degrees . Isnt it a lot to say theyre equivalent to personal identifying information . Absolutely. Thats not a very sorry, its not a very profound found statement. The, you can record meta data about anything. Some is not going to be interesting or useful for what you want to use it for. The trick is the inference capable of data we know about is extremely powerful. For example, a science paper about four weeks ago showed that with a large body of 30 million financial transactions, it was sufficient to identify a single individual by observing four transactions of theirs and if in by trying to mung it a little bit, they were able to protect individuals in that data set much more. Its just saying that stuff, you need to protect it more robustly than you might think and certainly, the temperature of this room is the type of meta data, doesnt reveal a lot about whos in it specifically. It may sort of map on to how much fun were having and other kinds of things. Sir. Mike bryce from the Brennan Center. Ill take you up on your offer please frame your comment in the form of a question. I will. I will couch my comment in the form of a question. So here it goes. On the meta data versus content issue. Youre correct. But the current state of the law draws this distinction between content and meta data. As we started to tease out, meta data can be really, really important if not more so than content. If i send an fyi to a group of supporters, maybe theres not much there in terms of content, but you have an entire membership list. Or given enough meta data, you dont really need content. Content is difficult. It requires sophistication to analyze. Meta datas really easy. You can put it into an al go ridge, and the more you have, it seems like content becomes less and less important. I think it was maik Michael Hayden that said we kill people based on meta data. Whether the panel compels that sort of distension or whether its something we have gravted on to it and can reverse. Well, as most people here probably know, the Fourth Amendment has been interpreted in different ways and at different times in our countrys history and has really struggled to keep up with technology and has generally lagged for a long time. In 1927, the Supreme Court ruled theres no Fourth Amendment expectation of right of privacy in a phone call because the government didnt have to intrude on your property in any way and it wasnt until 1967 that the Supreme Court revisited this. They said, well okay, privacy isnt just in your privacy. It can be, it fl lows the person, not the property and it can be in a phone call if you go into a phone booth and close the door. So we have seen many doctrines have changed over time to match the technology and the challenge for you know, all these Brilliant Minds here, this is something were trying to do at the Brennan Center, is to try to figure out approaches to the Fourth Amendment going forward. These doctrines are, many are going to go by the wayside. I truly believe based on the signals from the Supreme Court that the thirdparty doctrine will not last, so what will replace it . That challenges to find an enduring vision of the Fourth Amendment that wont go by the wayside the next time theres a new technology. Thats not easy to do, but it should be possible and should incorporate meta data that do impinge on a reasonable expectation of privacy. Its much harder to protect meta data. Not all meta daya. A lot of that is used to protect information or something in the middle that if you remove that, we wouldnt be able to do those communications. Theres that kind of an angle where weve gotten better, were doing pretty good. I was a little pessimistic, but were doing pretty good. En crypting the metadata, you get shuffling, tour, an anonymous browsing tool where you just route through a bunch of ways and there are certain things you cant do. Its hard to have real time voice and video calling because its just bouncing around the world. I dont think that the, i dont have a copy in front, but i dont think the word meta data is in the Fourth Amendment, and so, no, but my point there is that the concepts change. I think even the concept of what we consider to be meta data and will continue to change. Assemblages of data as the jones case may implicate the Fourth Amendment over time. We also have to recognize there is this element in the test that we use that relates to what people expect and expectations change, too. So, this is something thats going to evolve hopefully and i think its one of the reasons its so important for the courts to engage. Because i dont think there is any hope that the law, much less the constitution, is going to move at the pace that we require in order to protect what we need. And i would just add, while i agree with everything that liza said about the evolution of the Fourth Amendment, im side more are eric on my views of whats likely to happen with the Third Party Doctrine. I am skeptical the Supreme Courts going to overrule the third part yi cases. I think it will attempt to limit them and one way is by making this content, noncontent distinction. Content distinction. Thank you. Yes, im going to read a couple of these. I know time is winding up. I dont know if you want to take a few questions and then go back to the panel. Sure. One is from robert ger. I may have said that wrong. He said you mentioned the use of internet geography is a challenge. What other aspects like ad networks would further undermine the aspects of users. Is it being shared for domestic casesly Law Enforcement. A question from will carson have on subpoenas, et cetera and the last question i think was directed at catherine, but she talked about having raised the concern is it accurate that the zone still exists and the Fourth Amendment protections are not granted to americans on their technological devices. Im assuming she means at border and entry points and she adds yes further efforts being made in these areas. Why dont i take those three because that was a lot. Ill just punt and say, send me an email, we could have a phone call. Theres a lot of things that people dont understand or have intuitive feelings for where the technical reality doesnt match well. So, for example, people tend to think encryption is about hiding things, but its also about making sure you cant hide things in transit. You can also reach our website https with the s being secured. We have engineered that, its extremely hard to exploit anyone. Maybe were not so much of a destination, if you do that, we have one little advertiser, this is something ive been working on, we pull in a thirdparty element that is not encrypted, thats an avenue for someone to inject malicious software. And exploit all of the people involved in that conversation. Unfortunately, i have a long list of things i could talk about. Its probably not a good use of our time. Maybe i should write something to that. Send me an email and we can have a longer conversation. On the Constitution Free zone question. I want to separate out two concepts. There is this idea that the government has extraordinary powers. Not only at the border, but some distance inland in order to exercise its border authority. There is a separate government policy for customs and border and i. C. E. Protections in which the government asserts that at ports of entry themselves at the border, it can search peoples cell phones and laptops and other devices with no suspicion whatsoever. That they contain evidence of a Law Violation or to serve the customs authority, but i have not heard of that particularly authority being aplied outside of a purported entry itself. Theres a caveat they will sometimes take your laptop and the border and transport it and then search it. But they do the seizing at the border. Sir. Rob from aclu of virginia. Assuming that the Supreme Court largely leaves the Third Party Doctrine in place, it seems like it would be necessary to amend the state institutions. Is anyone up here aware of language that would in effect overrule the Third Party Doctrine in a state constitution and how could you do that . Im not aware of any attempt to do that. I think you know, probably i have to confess, i mean sort of my focus on a lot of these issues are national and i dont think a state obviously a state constitutions not going to protect people from the federal government coming in performing surveillance and picking up meta data. Its not going to protect against bulk phone records under section 215. So, but it is interesting. At the state level, we are seeing this legislation and license plate leaders and all of that. Im not aware of any efforts to amend state constitutions. I suppose its just easier to get legislation than a constitutional amendment at the state level, so thats where the efforts have been put. With regard to that idea of pursuing three state bills, we are seeing a number of states where there are proposes that Say Something like obviously they cant control federal authorities, but they will say Police Agencies that are part of the state or local governments of this state cannot just seek to obtain the Contents Communications without a warrant. So, you could, i think in theory, define with regard to the authorities of the state and local Police Agencies their ability to demand various types of data, including metadata, with warrants and that might be and just to clarify one thing. I dont think the Supreme Court is going to say, okay, no more Third Party Doctrine. You have absolute reasonable expectation of privacy in everything you share with everyone. I dont think thats whats going to happen. I think we have very, very strong signals. Not just from Justice Sotomayor concurrence in jones, but even from riley when Justice Roberts was talking about the things that made a cell phone so private. The information we put into apps. Information that is necessarily shared with third parties and clearly, there was an implicit recognition that that privacy was there despite having shared this information with third parties, so i dont see how the, that doctrine can continue to exist in its current form. I shouldnt say its current form, but the fisa courts but in the fisa courts interpretation of it. Ill just say quickly, i love whats going on at the state level when it comes to privacy. Virginia and in particular the aclu of virginia has been at the forefront of a lot of that. Weve been reading about your work on stingrays, for example. I think that state oh, yeah. I think that state constitutions are some of the most exciting places to go. Id be happy to work with you or talk to you about that offline. I dont actually think its that difficult. Just a little tricky because if the state constitution doesnt mention the Third Party Doctrine its tricky to figure out how to reject its application in worked. But its very interesting. A lot of states Supreme Courts have rejected elements of the thirdparty doctrine in their holdings. I think theres a lot there you can build off of. And i would like to say i really like this because i think its an alternative view. It can create a workable alternative right out in the world to the federal regime. It may not address the National Security issues. It could address at least a lot of the local Law Enforcement issues. I think showing you can have an alternative system that protects, what we should all acknowledge are incredibly legitimate Law Enforcement needs while also safeguarding Civil Liberties is really useful. So ive been very excited by what ive seen coming out of the state level and i think its imminently doable. Last question. Jumana. I have a dual question. And one is in his words from jim too lazy to stand up harper who is asking the panel to prognosticate on the likely outcome and significance of city of los angeles versus patel which is a Fourth Amendment challenge to a City Ordinance making Hotel Records amenable to Law Enforcement seizure on demand. And the last question is do you from jonathan yoon, do you see the normative inquiry playing a role in changing the thirdparty doctrine . What types of compromise can be made that protects privacy but also permits Law Enforcement to conduct investigations . So are you asking for speculation on the outcome of that case . Hes going to have to send another email. Lets see. So its Hotel Records. So its a little tricky in a sense. Because its not its different from a situation like phone records where you can where you can draw inferences about associations very, very differently. So that would not be my pick for the case that should eventually go to the Supreme Court on the Third Party Records doctrine. I dont know. Honestly, i dont know. I couldnt predict the outcome of that. Sorry. Does anyone want to take the question about normative implications of rejection of the thirdparty doctrine . Its hard to get away from normative implications of all of this. The idea that there is a normative idea to all of this is hard to sustain. And thats bound up in it. Part of that question asked about whether or not its possible to both modify or reject the thirdparty doctrine and also retain respect for Law Enforcement needs. And i just want to i think everyone here knows this but i want to remind everybody that rejection of the thirdparty doctrine doesnt mean the government cant get access to the information. It just means the government needs a warrant to get access to the probable cause findings. But if you come back to the example i gave you before about bank records, we do have separate regulatory obligations with regard to Money Laundering. So that might be a place where the in order to prevent Money Laundering that you do have to have maybe different rules. I think the overall point is that we need to dig a little deeper with regard to certain types of metadata and then make decisions about whether or not the metadata itself or aggregation of that data or combination with other types of data create concerns that we would want to elevate the protections surrounding them. But i dont think its going to be a cut and dried formula youre going to use. With that i want to thank the outstanding panel for a really interesting conversation and all of you for being here as well. [ applause ] the cspan tour visit literary and Historic Sites hearing from authors on cspan 2s book tv. This month with congress on summer recess, the tour is on cspan every day at 6 00 p. M. Eastern. Today t literary life of st. Augustine, florida. The oldest european settlement in the United States. Well hear about friars who settled the area and the popular vacation spot and the Civil Rights Movement in florida. In 1945, 70 years ago, allied forces liberated the nazi survivors remember their time in the camps and how they persevered. Some of their stories tonight on American History tv. At 8 00 p. M. , an interview with leslie swift. At 8 10, considerate klein talks of escaping germany and returning to the u. S. As an interrogator in 1945 and helping to liberate holocaust survivors. At 9 05, spending the war in the u. S. Ghetto before being sent on a death march in 1945. At 11 00 p. M. , mayor addler reported to auschwitz. Its coming up tonight on American History tv on cspan 3. This labor day weekend, three days of politics, books and American History. On a full day of special programs on cspan, here are a few features for labor daymond beginning at 10 00 a. M. Pros and cons of big data and Civil Liberties. Later this evening, a debate on how to reduce poverty between president obama and the president of the American Enterprise institute, arthur brooks. At 8 00, mark cuban on leadership skills. Beginning saturday at 10 00 on cspan 2s book tv. We are live at the capitol for the 15th annual special featuring coky roberts and jose joseph. Sunday at noon, a live threehour conversation on indepth with former second lady and enterprise student, lynne cheney. Later at 9 00 on after words, kathryn edin talks about how families are surviving on no income and labor daymond, beginning at 11 45 eastern, authors like eric loomis, ann colter and others share political issues. On cspan 3, saturday evening at 8 00, lectures in history. Boise State University professor explains how chemical agents used in the korean and vietnam wars created long term damage to people and the environment. Sunday afternoon at 4 00 on real america. Crowded out, the 1958 educational film addressing overcrowded schools following the post world war ii baby boom. Later, our interview with billionaire david rubenstein. Get the complete schedule online. Gathered in the u. S. Rotunda to honor Jack Nicklaus. He received the gold medal for contributions to golf and his service in the community and the nation. Ladies and gentlemen, please welcome our honored guests, members of the house of the United States house of representatives and the speaker of the United States house of representatives. [ applause ] ladies and gentlemen, the speaker of the United States house of representatives, the honorable, john boehner. Ladies and gentlemen, good afternoon. Welcome to the United States capital. A special thank you to the ohio state marching band for being here. I guess they have more time on their hands after the round of 32. Oh. Speaking of the buckeyes, pursuant to hr 2203, we will present a gold medal to Jack Nicklaus for his service to the nation, providing excellence, good sportsmanship and fill ant pi. It goes back to 1776. The first recipient of this gold medal was then general George Washington. What makes this awarddc american is that anyone can win it, whether you are an architect, innovator, a humanitarian or even someone who played golf. The goal is, of course, all of these things. Today, we thank him with the highest honor we can bestou. We are honored to be here with the king, arnold palmer. He is here with his wife. [ applause ] jim, the commissioner of the pga tour, the voice of golf, mr. Jim nantz and many members of the golf community. Join me in recognizing mrs. Barbara nicklaus. [ applause ] ladies and gentlemen, please stand for the presentation of the colors, a performance of our National Anthem and the retiring of the colors. Hut, hut, hut. Hut, hut, hut. Hut, hut, hut. Hut, hut, hut. Hut, hut, hut. Hut, hut, hut. Halt. Hut, hut, hut. Hut, hut, hut. Ladies and gentlemen, please remain standing as reverend dr. Tom mullins gives the invocation. Let us pray. Our heavenly father, as our founding father George Washington declares, we are to always acknowledge the providence and the blessing and favor of the almighty god over our nation. We thank you for your blessing that has been with us throughout all these years. We honor those who sacrifice to preserve our freedom. We pray for your protection of men and women battling and preserving that freedom around the world today. We thank you for the honor to be here, to honor a man, a true champion, a man of true character, a man of great courage, a man who has made a commitment of his life to excellence in all that he does. And a man who has great compassion and has brought everyone along with him on this journey and added great value to their lives. May your blessing be upon Jack Nicklaus today, we pray, and may he continue to serve as a great inspiration to all of us and a role model for our nation. Father, we continue to play that we will be one nation under god, indy visible with liberty and justice for all. We ask your blessing upon this ceremony today, in the name of the father and of the son and the holy spirit we pray, amen. Please be seated. Ladies and gentlemen, cbs sports commentator, mr. Jim nantz. [ applause ] thank you. That is the first time i have ever been applauded in the capitol. It felt good, too. Hello, friends, distinguished guests. What a special day this is. And im not going to hold back because i know i speak on behalf of millions of americans, millions of people around the world and i get the chance to say that i love Jack Nicklaus and i love Jack Nicklaus family. I first met jack back in 1985. He had designed a course in park city, utah and as part of the promotion for the opening of the course, i was, at that time, a local sports commentator. I was asked to be Jack Nicklaus caddy for a day. That day, under my stewardship [ laughter ] Jack Nicklaus did something he probably never did any other time in his career. He had a birdiefree round of golf. 17 pars in a threeput bogey 73 thanks to his caddy. For the record, this was a man who birdied the first hole of his major championship career, 1957, toledo, ohio, u. S. Open at