The problem with the government's handling of surveillance since Sept. 11, 2001, comes down to the choice of the naked machine over the blob machine.
In 2002, the Transportation Safety Administration had to pick between two airport screening technologies: one that showed graphic images of a passenger's naked body and one that represented the body as a nondescript blob, with arrows pointing to the areas that required secondary screening. Because both technologies promised the same amount of security, while one also protected privacy, you would think the choice between them would be a no-brainer. In fact, both the Bush and the Obama administrations supported the wide deployment of the naked machine over the blob machine.
It took a political protest -- represented by the Patrick Henry of the anti-body-scanner movement, the gentleman who in 2010 exclaimed to a TSA agent, "Don't touch my junk" -- to persuade the Obama administration and Congress to reconsider. This year, the TSA removed the invasive technology from major airports and replaced it with more privacy-protective machines.
Yet we remain unnecessarily exposed. Repeatedly, our government has chosen technologies, policies and laws that reveal innocent information without making us demonstrably safer. The massive telephone and Internet surveillance programs disclosed last month are the most recent examples. But the tendency goes back at least as far as the USA Patriot Act, passed in the anxious weeks after Sept. 11, 2001, with only one dissenting vote in the Senate.
Defenders of the Patriot Act say it has prevented terrorism. But a better Patriot Act might have avoided national scandals over not only airport scanners and phone metadata but also wiretapping and library records. A better law could have dispensed with the "trust us" mentality and mitigated the erosion of trust in government. It could have put us in a better position to detect terrorism and other serious crimes without threatening privacy.
Here's what some of the most controversial passages of the Patriot Act should have said from the start -- and how they could be amended.
Section 215 and records searches Before the Patriot Act, the government could conduct warrantless surveillance only to seize a limited set of records, such as business records, and only when the target was a suspected spy, terrorist or "agent of a foreign power." Section 215 broadened the exception to warrant requirements dramatically, allowing the government to seize from anyone "any tangible things" -- that is, any data, including emails, financial records and travel itineraries -- arguably relevant to a terrorism investigation, regardless of whether the target is a suspected terrorist.
Now, even Patriot Act sponsor Rep. Jim Sensenbrenner, R-Wis., argues that Section 215 should be revised. As Sensenbrenner suggests, it should be amended to require a warrant, or "specific and articulable facts" giving reason to believe that someone is an "agent of a foreign power," before the seizure of phone records or any other private data. That would avoid the hoovering of information and focus surveillance on suspicious targets.
The director of national intelligence has suggested that the secret Foreign Intelligence Surveillance Court has already imposed a version of this requirement on the government. But fundamental constitutional protections should be enacted by Congress, not imposed in secret by unaccountable judges.
Section 218 and foreign intelligence surveillance While Section 215 deals with data held by citizens and noncitizens alike, Section 218 covers foreign intelligence searches targeting noncitizens. Before the Patriot Act, such searches -- authorized by that secret court -- were allowed only in the small category of cases whose "primary purpose" was to gather intelligence about terrorism suspects.
Section 218 lowered the bar, allowing those secret searches whenever a "significant purpose" is intelligence-gathering and whenever the evidence might be relevant to a terrorism investigation. This more relaxed standard was expanded by the 2008 FISA Amendments Act, which retroactively authorized President George W. Bush's warrantless wiretapping program by allowing the NSA warrantless access to the data of Americans communicating with overseas "targets" as long as the conversations allegedly dealt with "foreign intelligence information." In the PRISM surveillance program, the government insists that its algorithms can filter out the data of U.S. citizens not related to "foreign intelligence information" with 51 percent accuracy -- but this imprecise assurance is not enough to protect Fourth Amendment values.
To satisfy the Constitution, Congress should amend Section 218 by restoring the requirement that the "primary purpose" of foreign intelligence surveillance searches is to gather information related to particular terrorism suspects. The law should require foreign intelligence surveillance judges to review the content of individual surveillance applications, rather than simply the targeting and minimization procedures. It should prevent the government from amassing and sharing huge databases of private information collected through programmatic surveillance, regardless of whether the targets are at home or abroad. And Congress should limit foreign intelligence surveillance to communications related to terrorism, not "foreign affairs," broadly defined.
Sections 411 and 412, detention and deportation The most controversial treatment of non-U.S. citizens after Sept. 11 -- indefinite detention at Guantanamo -- initially occurred without congressional authorization. After the Supreme Court repudiated the Bush administration's claim that it could detain alleged enemy combatants on its own say-so, Congress authorized the detention and trial of enemy combatants in military tribunals.
Still, the Patriot Act itself explicitly expanded the government's power over noncitizens in several ways. Section 411 allows the government to deport noncitizens who associate with terrorists, even unknowingly. And Section 412 allows the attorney general to detain foreigners if he has "reasonable grounds to believe" that they threaten national security.
This essentially imposes guilt by association, even if you're not aware that you're associating with terrorists. And it threatens the liberty of both citizens and foreigners in an age when any international call or email might involve someone connected to terrorism through six degrees of separation. Congress should tighten the standards for deportation, detention and surveillance so that neither citizens nor noncitizens can be targeted in any way for unknowing association of any kind.
Twelve years after the Patriot Act was passed, we've learned that cutting constitutional corners is both unnecessary and counterproductive. By ensuring that the courts and Congress review all requests for mass surveillance, foreign and domestic, these amendments could cure the defects of the Patriot Act while preserving its benefits. In other words, Congress can, like the blob machine, protect privacy and security at the same time.
Jeffrey Rosen is president of the National Constitution Center in Philadelphia and a law professor at George Washington University. He wrote this for The Washington Post.