The U.S. Department of Justice is playing a dirty game in its effort to get its hands on email and web visit data on American citizens.
In theory, the gambit is part of a probe of the “development, planning, advertisement, and organization of a violent riot” on Inauguration Day.
But the government’s digital fishing exhibition is not limited to violent demonstrators. It’s aimed at over a million people who visited the www.disruptj20.org website.
This violates their First and Fourth amendment rights, according to lawyers for DreamHost, the web hosting service fighting the DOJ in court.
Many probably did not even attend the protestors--not that there would have been anything wrong if they had: They would have been exercising their constitutional rights. Yet they could now face harassment and exposure.
Last month, The DOJ asked the Washington, DC Superior Court to order DreamHost to comply with a wide-ranging search warrant pertaining to the disruptj20.org site.
This would have amounted to handing over roughly “1.3 million visitor IP addresses to the government, in addition to contact information, email content, and photos of thousands of visitors to the website,” wrote a broad coalition of groups that support DreamHost in a letter to Attorney General Jeff Sessions.
Then the DOJ backed off — a bit. In a revised filing, driven by “mounting public pressure,” as DreamHost alleged, it dropped its request for visitor logs, and for any data subject to the Privacy Protection Act. And it reduced the time frame to the period between July 2016 through Inauguration day.
The DOJ denied that it wanted email data, claiming that it was “unaware that DreamHost maintains ‘emails associated with the Website, including of emails of third parties.”
The DreamHost team promptly answered that ”this assertion is inconsistent with the underlying record.”
In their letter to Sessions, the coalition wrote that “the warrant the government now seeks would still force DreamHost to disclose the IP addresses and content of email inquiries and comments submitted from numerous private email accounts associated with the website, not limited to information related to the individuals under investigation.”
The danger? That “the information yielded by this demand could allow the government to identify individuals engaged in constitutionally protected speech and dissent, as well as members of the news media and the public who simply participated in meetings or communicated with organizers whose email accounts are affiliated with the J20 website,” the coalition argues.
In a court filing, the attorneys add that “each email address is associated with a separate user, with a separate login and password. The government, however, has not contended that any of these specific email addresses belong to any persons who had any involvement in the January 20th riot. “
Despite that eloquent plea, the Superior Court approved the altered DOJ request last week. We assume this isn't the end of it,.
So much for the revised warrant.
Dig back into the murky history of direct marketing, and you’ll find several attempts by the government to use personal data for enforcement. Most of them were laughable.
For example, there was a scheme in which the IRS bought marketing data from an unnamed supplier. The logic was that if people lived in an affluent zip code, their tax returns better reflect that prosperity.
It didn’t work, and it led to a national uproar. The IRS had to back off.
Then there was the attempt to use mailing lists to uncover draft-age males. That blew up when some teenage boys signed up for free birthday ice cream sundaes under multiple names.
The ice cream birthday list was rented to the Selective Service, and the boys received draft registration notices under every one of those assumed names.
Ah, such innocent times.
What emerged from these episodes was the belief that marketing lists should not be used for enforcement. The group then known as the Direct Marketing Association took a strong stand on it
Later, a consensus developed among businesses and consumers that digital information in general is sacrosanct when it comes to the government.
Granted, this principle was eroded after 9/11. As former President Bill Clinton said, it should have been possible to head off the attackers based on behavior patterns they showed as documented in commercial databases.
That was easy to say in hindsight. As with any search warrant, however, there has to be what lawyers call 'particularity,' or specific probable cause.
Historically, consumers’ privacy fears have been largely focused on companies. As this and other cases prove, it’s the government that should concern them -- and we’re not just talking about the Trump administration, but about government in general.
So we’ll let the coalition sum it up.
“The Justice Department’s actions in this case conflicted with core American values. Americans have a right to organize and assemble without fear of surveillance; they have a right to privacy; they have a right to dissent; and they have a right to petition their government without fear of persecution.”
It concludes: “Even in its prosecutorial role -- especially in its prosecutorial role -- the Justice Department should seek to uphold, not undermine, these constitutional protections. “
Thanks to DreamHost, Google, Microsoft and all other companies fighting such incursions.