A federal court has ruled that the National Security Agency's metadata surveillance program, which collected information on at least 80 percent of all the phone calls made or received by Americans, was not authorized by the PATRIOT Act and therefore illegal.
A unanimous opinion issued by the three judges of the 2nd Circuit Court of Appeals, based in New York, said that while section 215 of the PATRIOT Act authorized the agency to gather data on information relevant to the investigation of potential terrorist threats, that power did not extend to the wholesale "bulk collection" of metadata.
"The records demanded are not those of suspects under investigation, or of people or businesses that have contact with such subjects," the decision reads. "They extend to every record that exists, and indeed to records that do not yet exist."
The existence of the NSA's database was made known to the public in 2013, after NSA contractor Edward Snowden leaked a court order in which Verizon was ordered to turn over the metadata on calls over its network to the NSA.
The metadata program did not extend to the surveillance of the audio of calls made by Americans, but the NSA has developed technology that can transcribe tapped-conversations made outside of the United States.
The judges wrote that were the court to rule in the government's favor, there would be virtually no limits on the types of information the NSA could conceivably collect, including financial information and medical records.
No injunction was issued that ordered the immediate halt of the metadata program because the section of the PATRIOT Act, which authorizes the data collection is set to expire in June.
"Allowing the program to remain in place for a few weeks while Congress decides whether and under what conditions it should continue is a lesser intrusion on appellants' privacy than they faced at the time this litigation began," the decision reads.
Recently, the House passed a bill that would revise and renew the PATRIOT Act, allowing the NSA's surveillance programs to remain largely in place, save for the controversial telephone metadata program, called the USA Freedom Act.
Obama has called the Senate to pass the Freedom Act, where it has faced resistance from GOP senators because of the elimination of the metadata program.
"The NSA doesn't sell data, your grocery story does," said Sen. Richard Burr (R-N.C.), according to the Hill. "But I don't hear anyone complaining about the grocery store's discount card, because you get a discount."
Senate Majority Leader Mitch McConnell (R-Ky.) said that letting section 215 expire would pose a grave national security risk because the telecom companies, and not the NSA, would be storing the metadata, which the agency could only access on court orders.
Diminished but Not Dismantled
The USA Freedom Act has presented a dilemma for many privacy advocacy groups, who see the reform as a step in the right direction, but not nearly enough to rein in the NSA's intrusive surveillance apparatus.
In addition to eliminating the bulk metadata collection program, the Freedom Act would bring more transparency to the Foreign Intelligence Surveillance Court (FISC) by declassifying certain documents where novel interpretations of the law are made.
FISC, with its 99.97 percent rate of approving ex parte requests, has been accused of being a rubber-stamp for security agencies.
Some of those privacy advocacy groups have begrudgingly accepted the Freedom Act as the best available option, but others have dismissed the legislation as a distraction to pacify the political maelstrom surrounding the NSA.
"It's like rearranging the chairs on the deck of the Titanic," said Becky Bond, vice president of CREDO Mobile, in a statement. "As a telecom that can be compelled to participate in unconstitutional government surveillance, we can tell you that the latest version of the USA FREEDOM Act is just a diversion to take the heat off our out-of-control surveillance state."
Even if section 215 of the PATRIOT Act were to expire, the NSA could still fall back on other legal maneuvers to continue its telephone metadata program, if only in attenuated form.
Section 214 of the Act, known as the pen/trap statute, has been interpreted by FISA to authorize metadata programs similar to the telephone metadata program.
"From 2004 to 2011, the FISC consistently approved a nearly identical metadata program under Section 214," wrote Jonathan Mayer, a legal researcher at Stanford, on his blog in November.
Outside of legal restrictions from the courts and Congress, actions taken by private companies have gradually curtailed the NSA's surveillance programs, with companies like Yahoo having already encrypted its email network so that they're more difficult for the NSA to harvest from Yahoo's data centers.