The Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism act, also know as the USA PATRIOT act, was enacted by Congress on October 26, 2001. 1 It was passed in direct response to the September 11, 2001 terrorist attacks on the World Trade Center and the Pentagon. Its stated purpose is "to deter and punish terrorist acts in the United States and around the world, to enhance law enforcement investigatory tools, and for other purposes." 2 It made law several proposals the federal law enforcement agencies had wanted for some time, but had not been able to get enacted. 3 The act has provisions that affect Internet usage and computer security, as well as providing law enforcement officials with greater authority to monitor e-mail and Web site visits. 4 It permits pen register and trap and trace orders for electronic communications, and allows authorities to intercept communications to and from a trespasser within a computer system. 5 However, privacy rights advocates, such as the American Civil Liberties Union (ACLU), the Center for Democracy and Technology (CDT), and Electronic Frontier Foundation (EFF) are concerned that in an effort to track down international terrorists that the American citizen's privacy may be threatened. Privacy is one of the foundations of democracy. 6 Balancing privacy issues with national security concerns is major component of the debate about electronic surveillance. This act may have given the Executive Branch broad discretionary powers that "are not needed in the fight against terrorism and serve only to infringe on American's fundamental liberties." 7 Several of the provisions are subject to the act's "sunset provision," in that they will expire on December 31, 2005. However, some of the more troubling provisions will remain in force indefinitely.
This paper is primarily concerned with the USA PATRIOT act and its affect on Internet use and privacy concerns. These issues are addressed in the second part of the act, which is concerned with enhanced surveillance procedures. This paper will focus on the most controversial of these provisions. First, though, a little background information may help to understand the issues around the USA PATRIOT act.
Back to Table of ContentsSome background information will help one to understand why the act was passed and why there has been such uproar about the act from concerned citizen groups. There were a couple of acts that passed before the USA PATRIOT act that had a direct bearing on it. Other pertinent knowledge concerns the Fourth Amendment of the Constitution. The Foreign Intelligence Surveillance Act of 1978 (FISA) established a special court for reviewing applications for electronic surveillance, in order to require federal officers to come under judicial supervision for their domestic security surveillance activities. Applications had to establish that the target was either a foreign power or agent of a foreign power. 8 This act in effect says that if law enforcement believes a 'hostile foreign power' is behind a criminal activity, then the Fourth Amendment does not apply to the investigation. 9 The Electronic Communications Privacy Act of 1986 (ECPA) is considered the wiretapping act for the internet. 10 The act is supposed to protect the privacy of communications, but there are exceptions, such as law enforcement officers acting within the law and possessing authorization in the form of a subpoena, warrant or court order. 11 It also permitted the delay in notification of the target of the search of the electronic communication. 12 The Fourth Amendment to the Constitution of the United States established the protection of individual privacy from unwarranted governmental intrusion. This Amendment protects the rights of Americans while online, as well as in their homes and cars. 13
Back to Table of ContentsSection 206 modernizes the FISA wiretap authority by giving federal officials permission to have a single wire tap legally "roam" from device to device. 14 That way, the person or entity is tapped, not just a specific phone or computer. The roving tap authority encompasses voice mail or e-mail from several different Internet accounts. 15 However, the person or entity does not even have to be named in the order, something that concerns the Electronic Frontier Foundation. 16 Also, roving surveillance is highly invasive, another privacy concern. 17
Back to Table of ContentsSection 210 has to do with the information that law enforcement officials may obtain from ISPs or remote computing services regarding a customer of those services. 18 Now, the government may have access to a customer's means and source of payment, as well as Internet session times, durations, and IP addresses. Again, this is a privacy concern since much more information can be obtained about an individual than with a simple telephone wiretap. This section is not subject to the sunset provision.
Back to Table of ContentsSection 212 allows Internet Service Providers (ISPs) to give records or other information to a law enforcement agency, but not content of communications, pertaining to a customer if the ISP believes there is immediate danger of death or serious physical injury. It requires them to give the records (with out content) under certain conditions, and the ISP may give the contents of communications if it reasonably believes that it is an emergency situation involving danger of death or serious physical injury. 19 This is an expansion of the EPCA. 20 However, the EFF for one has raised questions about how content of e-mails will be separated from the non-content information, since e-mail consists of packets of data that contain both content and non-content information. 21
Back to Table of ContentsSection 213 gives authority to the government to delay notice of the execution of a warrant. 22 This section expanded power granted by the ECPA to the government to include delaying the notice of any physical or electronic search if notification of the search would have an adverse effect on the investigation. This would allow the government to more opportunity to act clandestinely in the investigation of terrorist. 23 Some have called these warrants "sneak-and-peek," and there could be a problem with the Fourth Amendment rights, which provides for notice to a searched person. 24
Back to Table of ContentsSection 215 prohibits an individual or organization from revealing that it has given records to the federal government, following a USA PATRIOT act investigation. 25 This means that an ISP, business, or even library with Internet access can be made to turn over records about clients, but cannot tell the clients that this has been done. The person who has been investigated will never be told that he has been under scrutiny, even if there is never any evidence of his wrongdoing. 26 U.S. Senator Lisa Murkowski (R-Alaska) has introduced legislation that would limit the FBI's authority to review personal information, including library and Internet records, unless a judge agrees that there is probable criminal activity involved. 27 The ACLU filed a lawsuit against the Patriot Act in July, 2003, specifically because of Section 215, claiming that it violated the Constitution's First, Fourth, and Fifth Amendments. 28 The Justice Department counters that the scope of the act is narrow, respects the First Amendment rights, and can not be used to investigate everyday crimes or domestic terrorism. 29 This section is the main reason that the American Library Association objects to the USA PATRIOT act, since these "rules and guidelines increase the likelihood that library users, including their use of computers to browse the Web and access e-mail, may be under government surveillance without their knowledge or consent," causing a loss of individual privacy. 30 However, in September 2003, the Justice Department finally declassified a report on activities associated with Section 215, and although federal agents had visited about 50 libraries, Section 215 has never been used relating to the production of business records. 31 This provision will sunset in December 2005.
Back to Table of ContentsSection 216 of the USA PATRIOT Act concerns pen register and trap and trace statute (the pen/trap statute). 32 The pen register is used to collect non-content bearing information associated with communications. Historically, it had been used for tapping telephones as a kind of secret "caller id." 33 Now, however, it is permitted to use devices to trace communications on the Internet. 34 Carnivore is a software program, also known as DCS 1000, which can be installed by the FBI on the equipment of an Internet Service Provider (ISP) to monitor the Internet activity of a suspect. There are concerns about the privacy of other users of the ISP, whose e-mails and web browsing might also be recorded by the government. 35 Installation of pen/trap devices such as Carnivore may obtain any non-content information, which includes IP addresses, port numbers, and the To and From information in an e-mail header. Agents cannot intercept the subject line or the body of an email. 36 However, privacy advocates question how the subject line and content can be excluded from the pen/trap. 37 "A URL, unlike a phone number, provides detailed information about the content a person is obtaining." 38 This section is not subject to the sunset provision.
Back to Table of ContentsSection 217 defines the term "computer trespassers" to mean anyone who accesses a protected computer (any computer connected to the Internet) without authorization. 39 It allows law enforcement agencies to intercept the wire or electronic communications of a computer trespasser. The USA PATRIOT Act does not tie computer trespass to terrorism, per se, but it does allow federal law enforcement officials to come when called by the computer's owner, without any additional authorization. 40 Critics say that this section should be "amended to require court authorization for monitoring of individual users that exceeds forty-eight hours in duration." 41
Back to Table of ContentsSection 220 allows nationwide warrants for e-mail, in order to speed up investigations by not having to obtain warrants in distant jurisdictions. 42 This amends the ECPA to allow a single court to have jurisdiction over the offense. 43 Privacy advocates have questioned this, claiming that this change is "inconsistent with the Fourth Amendment's requirement that a warrant specify the place to be searched." 44
Back to Table of ContentsThe USA PATRIOT act has some good points and several questionable points. It is an effort to reduce procedural hurdles to government surveillance authority, in order to facilitate the fight against foreign terrorism in America. Congress has updated laws to accommodate changes in technology. Federal authorities say that the act has enabled them to dismantle several terrorist cell operating in the United States. 45 However, there are some legitimate concerns about privacy rights and the Constitutional rights of American citizens, in particular as applied to the Fourth Amendment. Since virtually anything could be construed to be a threat to national security, the government can use the USA PATRIOT act to spread surveillance information more broadly than it did in the past. 46 The ALA, ACLU, and EFF are among the national organizations concerned about this act, and they charge "the law is too invasive and may violate Constitutional guarantees against unreasonable search and seizure." 47 They are continually watching and questioning, in order to preserve our American rights and freedoms. The most troubling of parts of the USA PATRIOT act are Section 215 and Section 216, with Section 215 subject to the sunset provision. Also of concern is the so called Patriot Act II, which would seem to be an extension of the USA PATRIOT act, providing for the continuation of some of the Sections due to expire in December 2005.
Back to Table of Contents1. Collins, Jeffery G. Questions and Answers About the USA Patriot Act.
U.S. Department of Justice, July 30, 2003.
Accessed October 19, 2003. Available from
http://www.usdoj.gov/usao/mie/ctu/FAQ_Patriot.htm
Back
2. "USA Patriot Act." 2001. Accessed October 19, 2003.
Available from
http://frwebgate.access.gpo.gov/cgi-bin/getdoc.cgi?dbname=107_cong_bills&docid=f:h3162enr.txt.pdf
Back
3. Ronald L. Plesser, James J. Halpert, Emilio W. Cividanes. "USA Patriot Act for Internet
and Communications Companies." The Computer & Internet Lawyer v 19, no. i3 (March 2002): p1.
Back
4. Marcia S. Smith, Jeffery W. Seifert, Glenn J. McLoughlin, John Dimitry Moteff.
The Internet and the USA Patriot Act: Potential Implications for Electronic Privacy,
Security, Commerce, and Government. Congressional Research Service:Library of Congress,
March 4, 2002. Accessed October 19, 2003. Available from
http://www.epic.org/privacy/terrorism/usapatriot/RL31289.pdf
Back
5. Doyle, Charles. The USA Patriot Act: A Legal Ananlysis. Congressional Research Service: Library of Congress,
April 15, 2002. Accessed October 20, 2003. Available from
http://www.fas.org/irp/crs/RL31377.pdf
Back
/p>
6. Marcia S. Smith, Jeffery W. Seifert, Glenn J. McLoughlin, John Dimitry Moteff.
The Internet and the USA Patriot Act: Potential Implications for Electronic Privacy,
Security, Commerce, and Government. Congressional Research Service:Library of Congress,
March 4, 2002. Accessed October 19, 2003. Available from
http://www.epic.org/privacy/terrorism/usapatriot/RL31289.pdf
Back
7. Center for Democracy and Technology. What's Wrong with the Patriot Act and How to Fix It.
Center for Democracy and Technology, October 2003. Accessed October 19, 2003.
Available from
http://www.cdt.org/security/usapatriot/brochure.pdf
Back
8. Henderson, Nathan C. The Patriot Act's Impact on the Government's Ability to Conduct
Electronic Surveillance of Ongoing Domestic Communications. Duke Law Journal, Duke University School
of Law, October 2002, Vol 52:179. Accessed October 19, 2003.
Available from
http://www.law.duke.edu/shell/cite.pl?52+Duke+L.+J.+179
Back
9. Mitrano, Tracy. Taking the Mystique out of the USA-Patriot Act: Information, Process and Protocol.
Cornell University: Office of Information Technologies, May 14, 2002. Accessed October 19, 2003.
Available from
http://www.cit.cornell.edu/oit/PatriotAct/article.html
Back
12. Department of Justice. Field Guidance on New Authorities (Redacted)
Enacted in the 2001 Anti-Terrorism Legislation. Department of Justice,
Accessed October 19, 2003. Available from
http://www.epic.org/privacy/terrorism/DOJ_guidance.pdf
Back
13. Kevin DiGregory, Deputy Assistant Attorney General. Before the Subcommittee on the Constitution on
the Fourth Amendment and the Internet. United States Department of Justice, April 6, 2000.
Accessed October 19, 2003. Available from
http://www.usdoj.gov/criminal/cybercrime/inter4th.htm
Back
14. Podesta, John. USA Patriot Act, the Good, the Bad, and the Sunset.
winter 2002. American Bar Association, Accessed October 19, 2003.
Available from
http://www.abanet.org/irr/hr/winter02/podesta.html
Back
15. Ronald L. Plesser, James J. Halpert, Emilio W. Cividanes. "USA Patriot Act for Internet
and Communications Companies." The Computer & Internet Lawyer v 19, no. i3 (March 2002): p1.
Back
16. Electronic Frontier Foundation. Eff Analysis of the
Provisions of the USA Patriot Act That Relate to Online Activities.
Electronic Frontier Foundation, October 31, 2001. Accessed October 19, 2003.
Available from
http://www.eff.org/Privacy/Surveillance/Terrorism/20011031_eff_usa_patriot_analysis.html
Back
17. Henderson, Nathan C. The Patriot Act's Impact on the Government's Ability to Conduct
Electronic Surveillance of Ongoing Domestic Communications. Duke Law Journal, Duke University School
of Law, October 2002, Vol 52:179. Accessed October 19, 2003.
Available from
http://www.law.duke.edu/shell/cite.pl?52+Duke+L.+J.+179
Back
18. Marcia S. Smith, Jeffery W. Seifert, Glenn J. McLoughlin, John Dimitry Moteff.
The Internet and the USA Patriot Act: Potential Implications for Electronic Privacy,
Security, Commerce, and Government. Congressional Research Service:Library of Congress,
March 4, 2002. Accessed October 19, 2003. Available from
http://www.epic.org/privacy/terrorism/usapatriot/RL31289.pdf
Back
20. Department of Justice. Field Guidance on New Authorities (Redacted)
Enacted in the 2001 Anti-Terrorism Legislation. Department of Justice,
Accessed October 19, 2003. Available from
http://www.epic.org/privacy/terrorism/DOJ_guidance.pdf
Back
21. Electronic Frontier Foundation. Eff Analysis of the
Provisions of the USA Patriot Act That Relate to Online Activities.
Electronic Frontier Foundation, October 31, 2001. Accessed October 19, 2003.
Available from
http://www.eff.org/Privacy/Surveillance/Terrorism/20011031_eff_usa_patriot_analysis.html
Back
22. Department of Justice. Field Guidance on New Authorities (Redacted)
Enacted in the 2001 Anti-Terrorism Legislation. Department of Justice,
Accessed October 19, 2003. Available from
http://www.epic.org/privacy/terrorism/DOJ_guidance.pdf
Back
23. Podesta, John. USA Patriot Act, the Good, the Bad, and the Sunset.
winter 2002. American Bar Association, Accessed October 19, 2003.
Available from
http://www.abanet.org/irr/hr/winter02/podesta.html
Back
24. Electronic Frontier Foundation. Eff Analysis of the
Provisions of the USA Patriot Act That Relate to Online Activities.
Electronic Frontier Foundation, October 31, 2001. Accessed October 19, 2003.
Available from
http://www.eff.org/Privacy/Surveillance/Terrorism/20011031_eff_usa_patriot_analysis.html
Back
25. Wallace, Bill. Revisiting the Patriot Act. PC World, September 11, 2003
Accessed October 19, 2003. Available from
http://www.infoworld.com/article/03/09/11/HNpatriot_1.html?security
Back
28. Bohn, Kevin. ACLU Files Lawsuit against Patriot Act. CNN Washington Bureau, July 30, 2003
Accessed October 19, 2003. Available from
http://www.cnn.com/2003/LAW/07/30/patriot.act/
Back
30. American Library Association. Resolution on the USA Patriot Act and Measures That
Infringe on the Rights of Library Users. Council of the American Library Association, January 29, 2003.
Accessed October 19, 2003.
Available from
http://www.ala.org/Template.cfm?Section=IF_Resolutions&Template=/ContentManagement/ContentDisplay.cfm&ContentID=11891
Back
31. American Library Association. In Wake of Declassified Report,
Ala Renews Call for Legislative Amendments to Patriot Act. American Library Association, September 18, 2003.
Accessed October 19, 2003.
Available from
http://www.ala.org/Content/ContentGroups/Press_Releases2/Press_Releases_2003_September/ALA_renews_call_for_legislative_amendments_to_Patriot_Act.htm
Back
32. Department of Justice. Field Guidance on New Authorities (Redacted)
Enacted in the 2001 Anti-Terrorism Legislation. Department of Justice,
Accessed October 19, 2003. Available from
http://www.epic.org/privacy/terrorism/DOJ_guidance.pdf
Back
33. Glasner, Joanna. DOJ Net Surveillance under Fire. Wired News, June 10, 2003. Accessed October 20, 2003.
Available from
http://www.wired.com/news/privacy/0,1848,59150,00.html
Back
34. Department of Justice. Field Guidance on New Authorities (Redacted)
Enacted in the 2001 Anti-Terrorism Legislation. Department of Justice,
Accessed October 19, 2003. Available from
http://www.epic.org/privacy/terrorism/DOJ_guidance.pdf
Back
35. Marcia S. Smith, Jeffery W. Seifert, Glenn J. McLoughlin, John Dimitry Moteff.
The Internet and the USA Patriot Act: Potential Implications for Electronic Privacy,
Security, Commerce, and Government. Congressional Research Service:Library of Congress,
March 4, 2002. Accessed October 19, 2003. Available from
http://www.epic.org/privacy/terrorism/usapatriot/RL31289.pdf
Back
36. Department of Justice. Field Guidance on New Authorities (Redacted)
Enacted in the 2001 Anti-Terrorism Legislation. Department of Justice,
Accessed October 19, 2003. Available from
http://www.epic.org/privacy/terrorism/DOJ_guidance.pdf
Back
37. Electronic Frontier Foundation. Eff Analysis of the
Provisions of the USA Patriot Act That Relate to Online Activities.
Electronic Frontier Foundation, October 31, 2001. Accessed October 19, 2003.
Available from
http://www.eff.org/Privacy/Surveillance/Terrorism/20011031_eff_usa_patriot_analysis.html
Back
38. Glasner, Joanna. DOJ Net Surveillance under Fire. Wired News, June 10, 2003. Accessed October 20, 2003.
Available from
http://www.wired.com/news/privacy/0,1848,59150,00.html
Back
39. Marcia S. Smith, Jeffery W. Seifert, Glenn J. McLoughlin, John Dimitry Moteff.
The Internet and the USA Patriot Act: Potential Implications for Electronic Privacy,
Security, Commerce, and Government. Congressional Research Service:Library of Congress,
March 4, 2002. Accessed October 19, 2003. Available from
http://www.epic.org/privacy/terrorism/usapatriot/RL31289.pdf
Back
40. Mitrano, Tracy. Taking the Mystique out of the USA-Patriot Act: Information, Process and Protocol.
Cornell University: Office of Information Technologies, May 14, 2002. Accessed October 19, 2003.
Available from
http://www.cit.cornell.edu/oit/PatriotAct/article.html
Back
41. Podesta, John. USA Patriot Act, the Good, the Bad, and the Sunset.
winter 2002. American Bar Association, Accessed October 19, 2003.
Available from
http://www.abanet.org/irr/hr/winter02/podesta.html
Back
42. Department of Justice. Field Guidance on New Authorities (Redacted)
Enacted in the 2001 Anti-Terrorism Legislation. Department of Justice,
Accessed October 19, 2003. Available from
http://www.epic.org/privacy/terrorism/DOJ_guidance.pdf
Back
43. Ronald L. Plesser, James J. Halpert, Emilio W. Cividanes. "USA Patriot Act for Internet
and Communications Companies." The Computer & Internet Lawyer v 19, no. i3 (March 2002): p1.
Back
44. Henderson, Nathan C. The Patriot Act's Impact on the Government's Ability to Conduct
Electronic Surveillance of Ongoing Domestic Communications. Duke Law Journal, Duke University School
of Law, October 2002, Vol 52:179. Accessed October 19, 2003.
Available from
http://www.law.duke.edu/shell/cite.pl?52+Duke+L.+J.+179
Back
45. Wallace, Bill. Revisiting the Patriot Act. PC World, September 11, 2003
Accessed October 19, 2003. Available from
http://www.infoworld.com/article/03/09/11/HNpatriot_1.html?security
Back
46. Henderson, Nathan C. The Patriot Act's Impact on the Government's Ability to Conduct
Electronic Surveillance of Ongoing Domestic Communications. Duke Law Journal, Duke University School
of Law, October 2002, Vol 52:179. Accessed October 19, 2003.
Available from
http://www.law.duke.edu/shell/cite.pl?52+Duke+L.+J.+179
Back
47. Wallace, Bill. Revisiting the Patriot Act. PC World, September 11, 2003
Accessed October 19, 2003. Available from
http://www.infoworld.com/article/03/09/11/HNpatriot_1.html?security
Back
Questions or comments? Please email me at charp1[at]utk.edu
Back to Table of Contents,