Many journalists may be shocked by Monday’s revelation that the U.S. Department of Justice (DOJ) used a subpoena to obtain phone records for several AP bureaus last year, in a pattern that the New York Times reports, “strongly suggested they are related to a continuing government investigation” into the news organization’s May 2012 reporting on CIA activities in Yemen. In a letter to Attorney General Eric Holder dated May 13, AP President Gary Pruitt characterized the subpoena as “a massive and unprecedented intrusion by the Department of Justice into the newsgathering activities of The Associated Press,” noting that the “records potentially reveal communications with confidential sources across all of the newsgathering activities undertaken by the AP during a two-month period.” Though the AP became aware of the subpoenaed records last Friday, May 10, it is unclear at this time when the subpoena was issued or executed.
That these phone records even could be obtained without the AP’s awareness underscores a key feature of how the law views information related to telephone and other networked communications that can be a dangerous vulnerability for news organizations and independent journalists. While many of us may think of telephone calls as broadly “private,” these and other common communications are inevitably conducted over third-party networks, generating two legally distinct types of data: the “metadata” about the call and the “content” of the call. While the latter is protected under the general “right to privacy” of the Fourth Amendment, the former is not. This so-called “metadata” is considered the property of the network owner, and can therefore be subpoenaed directly from and disclosed by the provider without violating any constitutional protections.
“Under federal law there’s a whole category of metadata called subscriber information that the police can get with a subpoena,” says Hanni Fakhoury, a staff attorney at the Electronic Frontier Foundation who specializes on issues relating to criminal law, privacy and free speech. That metadata can include the name, address, payment method (including credit card number, if applicable), length of service, numbers dialed and call durations related a given account. Apart from one decision to the contrary, a subpoena is also generally sufficient to obtain mobile phone location information, as long as law enforcement can demonstrate that it is “relevant and material to an ongoing criminal investigation.” This detailed location information can act as a digital trace of a mobile phone owner’s movements. Pruitt’s letter indicates that some journalists’ mobile phone records were also seized by the DOJ, though whether they obtained cell-site data is unclear.
Digital technologies do more than just make highly detailed information about our communications retrievable, however. Fakhoury says these same technologies also make it easier for the government to obtain the subpoenas for that information.
“Traditionally to get this type of information the government would have to go to a judge and get a trap and trace order,” says Fakhoury.
“With the switch towards electronic, the information is obtainable: the providers are storing it. You don’t necessarily have to get a pen trap and so you’re taking the judge out of the equation,” Fakhoury says. “It’s not as regulated.”
According to the Code of Federal Regulations, Title 28, Section 50.10, any request to the Attorney General’s office for a subpoena of news media phone records must be substantially based on information from “nonmedia sources” that a crime has taken place or evidence essential to a litigation will result. While the language suggests that a burden of proof similar to that of a warrant should be met before a subpoena for a news agency’s phone records is issued, these guidelines do not have the force of law. “The AP cannot march into court and sue the DOJ,” says Eve Burton, Senior Vice President and General Counsel of Hearst Corporation.