The Drug Enforcement Administration of Ohio expressed its interest in conducting surveillance on seven WhatsApp users in July of the last year. They sought permission from the judge to use ‘Pen register and trap and trace’ devices. Though they will not be able to access the details of the message, they can access the information like the numbers used for the conversation, the duration, and IP address, which will be providing a sort of location detail used in the process.
During the investigation, it was found that almost no reasons were necessary to be given by DEA for intruding the installed app. Now, this was possible because, according to American Law, the government is not questionable by the judge for their action.
Pen Register is a surveillance app that lacks transparency and is privacy-endangering. And this is the very app used by the authorities on Facebook and its associated messaging app for any such undertaking.
In the case of Ohio, the government said there are three levels of verification before the access. These are the identity of the enforcement officer or the attorney, the identity-check of the agency making the request, and, last but not least, the proof from the applicant that the surveillance and hence the information gathered is necessary for the concerned investigation done by the agency. But the question arises as there is no proper detailing of the investigation conducted.
Criticizing the law
Privacy experts have opined that during an age where spy apps like Pegasus are invading privacy, the above-mentioned law needs quick and proper updates. A law where even Feds remain answerable for their spying on WhatsApp.
The Pen Registration Act under the Electronic Communications Privacy Act of 1986 claims, according to the Fourth Amendment, that the rules of the law do not apply for such surveillance, and thus their investigations need not be questionable. Critics have argued that this law, which was actually established to safeguard citizens’ privacy from unreasonable searches, is inadequate.
According to Jennifer Granick, the surveillance and cyber security counsel of the American Civil Liberties Union (ACLU), “If that is all the government needs to inform the court, then what is the point of having a statutory standard in the first place? It is doing no work at all.
We knew that the certification standard was abysmally low, but I thought that at the very least the government was respectful enough to tell the court what is going on so that it could ask questions and exercise moral suasion. It’s a short step between saying that you don’t have to do anything beyond reciting boilerplate text, and actually refusing to do anything other than recite boilerplate text.”
Situations when the government becomes liable for explanation
Though in special instances, the government does give a detailing of the reasons for their probe, this happens only when the agency is in need of more information from the telecom or internet company. An exemplar incident happened in Missouri. When the police were trying to track down a fugitive accused in drug dealing, apart from just the surveillance conducted by the agency in Facebook, a request was made to the latter for the account holder’s user name and address.
This latter way of extracting information needed the agency to provide the judge with ‘specific and articulable facts.’ This clarification proved that the information extricated was indeed necessary for the investigation to proceed further.
Conclusion
Many privacy-focused non-profits, along with ACLU, have time and again fought for the alteration of the prevailing law. One that will compel the government to give full explanations and proofs for any surveillance performed upon them.
Besides, as Pen registers are the main tool that the government uses to track down all devices, the existing outdated law (created when these devices were in vogue) needs to be modified with greater insight into people’s privacy.