For more than seven months, the Trump administration has been unlawfully detaining an American citizen in Iraq. Rather than charge him with a crime or set him free, the government wants to transfer him, involuntarily, to a third country. The ACLU is going to court on Thursday to stop the transfer and fight the government’s dangerous claims that it has the authority to violate an American’s constitutional rights.

The Trump administration claims that the citizen, who was detained in September by Kurdish forces in Syria and transferred to U.S. custody, is a fighter for ISIS — an allegation he denies. The ACLU began representing him in January after a federal court ordered the government to allow us unmonitored access to him. This came after the government insisted, over several months, that it did not need to respect the man’s wishes to challenge his detention or to speak with a lawyer.

After reports emerged that the government was seeking to send the man to Saudi Arabia, Judge Tanya Chutkan of the federal district court in Washington, D.C., ruled in late January that the government must provide notice 72 hours before any transfer. On Monday night, the government filed that notice under seal, with a redacted version made public yesterday. (The public notice redacts the name of the destination country.)

In response, the ACLU immediately filed a challenge to the transfer announcement, with a hearing scheduled for Thursday.

The case has raised high-stakes questions about the extent of the government’s legal authority to wage war and, by extension, detain citizens as “enemy combatants.” The Trump administration wrongly claims that various legal sources give it that power.

First, it alleges that the 2001 Authorization for Use of Military Force, passed in the days after 9/11, gives it the authority to detain ISIS suspects. That statute, however, extends to those responsible for the 9/11 attacks — namely al-Qaida and the Taliban. ISIS didn’t exist at the time, and today it is openly at war with al-Qaida.

The government also claims that a subsequent AUMF, passed in 2002 to authorize the war against Saddam Hussein in Iraq, justifies the detention of our client. By that logic, the government claims it has the authority to indefinitely wage war against anyone it deems a threat in Iraq.

Lastly, the government says that the president’s commander-in-chief authority to detain U.S. citizens gives the military the right to detain the man. That is an evidently dangerous claim that seeks a carte blanche to suspend citizens’ due process rights — anytime, anywhere — by simply invoking national security.

Why the U.S. War on ISIS Is Illegal

The fact that the government has no authority to detain ISIS members also means that its incorrect allegations against our client are irrelevant. Before this case, no court had considered the legitimacy of the government’s claims that it is authorized to use force against ISIS. However, rather than wait for a ruling, the government prefers to wash its hands of the matter by illegally and forcibly rendering him to another country.

As shown by the recent missile strikes against Syria, this administration does not seem interested in following the rules when it comes to military action. It isn’t surprising that a government that claims it can wage war and detain citizens without limits would want to avoid a court decision that might rein it in. But we aren’t going to allow it a free pass.

Since the search last week of the office, home, hotel room, and safe deposit box of Michael Cohen, President Trump’s personal attorney, lots of lawyers have been squaring off about an important legal issue that rarely gets banner-headline billing: How does the government, armed with a warrant for a criminal suspect’s digital files, go about sorting through those files in a way that ensures that constitutional and legal rights are not violated?

The risks of wrongful privacy invasions are too great to leave to the prosecutors when the government seizes digital data. Such files should be reviewed in the first instance by a neutral party, or “special master,” appointed by and answerable to the court, to ensure that the prosecutors and investigators get the evidence they are authorized to look for. They should not be allowed to roam widely through digital files that may contain terabytes of private information.

Cohen has claimed that because he is an attorney — for Trump and others — some of the seized files may be entirely off-limits to the government because they are protected by the attorney–client privilege. President Trump’s lawyers have made similar arguments. Both have asked the court to allow their legal teams to have the first cut at the seized files in order to review them for privilege, and then to produce the remainder to the government or a special master. The government has countered that the court should allow a so-called “taint team,” made up of prosecutors who are not assigned to the case and who are technically walled off from those working on the case, to do the sorting. The court is now considering the parties’ arguments and is expected to rule quickly.

How the court decides this issue is not just of interest to Trump and Cohen, but to everyone. As we continue our march into an ever-more-digital world, how the Fourth Amendment adapts to account for major changes in how we store our “papers” and other constitutionally protected materials will significantly shape our society’s notions of privacy, justice, fairness, and government power. We’ve always had concerns about government overreach in criminal investigations, and those concerns are heightened when prosecutors and police can seize massive amounts of data — the equivalent of every file in your office, your photo albums, your diaries, your personal letters, the contents of your dresser drawers, and more, all at once.

The Cohen case has so far been seen through the lens of the attorney–client privilege. Invoking the attorney–client privilege is not an absolute shield from being subject to government search warrants. However, the fact that the search yielded so many electronic devices makes this an issue of even broader constitutional importance. According to Cohen’s attorney, in addition to 10 boxes of paper documents, the government seized more than a dozen of Cohen’s electronic devices in its search of his office, home, hotel room, and safe deposit box.

As the government’s lawyer, Thomas McKay, conceded in court on Monday, the “real volume” of material will come from electronic files. That’s because a single large hard drive could contain libraries’ worth of stuff. And the immense storage capacities of digital drives, computers, and phones mean that all of the information covered by a given warrant will reside alongside a great deal of other information that the government has no justification to have at all.

This state of affairs creates a serious risk — as in any case involving the seizure of digital information — that the government might see files or other information that were never covered by the original warrant. Under the Fourth Amendment, a warrant must be based on two important elements: probable cause that evidence of a crime will be found, and particularity — the principle requiring a warrant to be tailored to the target of the search and the materials it is expected to yield. These constitutional requirements ensure that the government only takes what it has good reason to access.

When the government executes a search warrant, it sometimes stumbles into things it never anticipated finding. When such things are incriminating and are located in “plain view” — meaning that they are encountered by law enforcement during the reasonable execution of a lawful search — the government is entitled to seize them. For example, if government agents execute a warrant to seize a rifle in your apartment and they unexpectedly find drugs in your guitar case, the drugs are fair game, since the rifle might have been stored there. But if the government is searching for a rifle and finds drugs in your spice box, it generally won’t be allowed to charge you for possessing them, because looking for a rifle in a spice box is not reasonable.

While the “plain view” doctrine might make some sense when the search involves physical objects, searches of digital files present serious challenges to it. For example, the government can’t always search a hard drive for photographs without opening Microsoft Word documents, since photographs could be saved inside such files. As a result, a full-blown “plain view” doctrine as applied to a search of a computer or smartphone could mean that even a narrow warrant for very particular items could end up allowing the government to search the whole computer or phone, and seize anything incriminating it finds there.

Unless they are limited by specific court instructions, the use of government-staffed “taint teams” would not solve this problem. After all, such teams still work for the government, and may seek to exploit the plain view doctrine, or seek a new warrant for information they come across in the sorting process (based on information it never had a right to have in the first place). A special master — or, perhaps, a magistrate judge — appointed by a neutral district court judge would ensure that an independent party plays the role of filter, and that the actual search is strictly limited by the bounds of the warrant.

That is why, in various cases, the ACLU has argued that courts should appoint special masters to review seized digital material in these kinds of situations. Having a non-governmental party determine whether each document’s seizure has been individually supported by a valid warrant ensures that digital searches remain tailored to evidence for which the government has probable cause (and, as in the Cohen case, are not subject to a valid claim of attorney-client or other privilege). The procedure ensures that when unforeseen issues arise — for example, claims by third parties that some of the seized information is actually theirs — the government does not automatically gain access to information to which it will ultimately not be entitled. (Here, for example, the lawyer for Stormy Daniels, whom Cohen paid $130,000 in 2016, has claimed that his client may have a strong privacy interest in some of the seized material.)

In a 2010 case involving a government search of records related to drug testing of Major League Baseball players, the Ninth Circuit Court of Appeals explained that “the process of segregating electronic data that is seizable from that which is not must not become a vehicle for the government to gain access to data which it has no probable cause to collect.” In a concurring opinion, five judges of that court suggested that before obtaining warrants to conduct digital searches, the government should forswear entirely any reliance on the plain-view doctrine in order to ensure strict compliance with the Fourth Amendment.

In the Cohen case, because the government obtained a warrant for some of the seized material, the Trump–Cohen proposal to have a “first cut” of what the government has seized would seem to be an end-run around what a court already authorized. But the government’s plea to use its own “taint team,” in part because it is more “efficient,” would pose serious risks in the other direction. At yesterday’s hearing, Judge Kimba Wood explained that she has “faith in the Southern District U.S. Attorney’s office,” emphasizing that “their integrity is unimpeachable.” But how to manage searches of digital information, like any other evidence, is not a matter of expediency or any party’s good faith — it’s a matter of ensuring that the government complies with the Constitution.

That was apparently not lost on Judge Wood, who told the parties that she was considering ordering the use of a special master in the Cohen investigation. She should — not least because if she does, she will be ensuring that anyone subject to a seizure of electronic devices will have a prominent example to point to when claiming these constitutional protections in the future.

Forbes has an article today about a company that is creating its own database of photos of allegedly dangerous people so that its customers can use face recognition to alert them to their presence. It’s not something I’d heard about before, but once I saw this product it instantly expanded my thinking about the role that face recognition may play in our society. And not in a good way.

The company, Terrogence, describes the product, called Face-Int, as “a massive and growing database of annotated faces and face data, highly suitable for advanced biometric security applications.” The company says that it:

actively monitors and collects online profiles and facial images of terrorists, criminals, and other individuals believed to pose a threat to aviation security, immigration and national security. The Face-Int database houses the profiles of thousands of suspects harvested from such online sources as YouTube, Facebook and open and closed forums all over the globe. It represents facial extractions from over 35,000 videos and photos retrieved online portraying such activities as terrorist training camps, motivational videos and actual terrorist attacks….

When exported to a biometric system, the Face-Int™ database allows for face captured images to be cross-referenced with existing profiles, so that suspects can be identified and apprehended within minutes of on-camera detection.

Forbes could not establish whether any agency is currently using this database, though it found that the company behind it definitely has contracts with U.S. government agencies for other products. But let’s assume that the company has not built this product without a single client. What are we to think of it?

To begin with, as a privatized watch list this product raises all the same issues as our troubled government watch list programs. We at the ACLU have been fighting agencies for years over the profound civil liberties problems with watch lists: people being put on the lists without being told why or given the chance to see the information behind their listing, the lack of an effective means to challenge placement and get off the list, and the absence of transparency over how the lists are being used or shared. The Terrogence database takes all of the due process and other fairness problems with government watch lists and adds another whole layer: private involvement.

This company represents an example of the widely noted trend of the privatization of intelligence — the strange, ideologically driven intrusion of private companies into the basic functions of our intelligence establishment, which accelerated during the Bush years after 9/11. The privatization of watchlisting raises questions about the extent to which such companies:

• Are insulated from even the limited and inadequate checks and balances that apply to government agencies, such as the Freedom of Information Act (FOIA) and Congress’s “power of the purse.”
• May be incentivized by the profit motive to engage in additional wrongdoing that government agencies, for all the abuses they already commit, would not be tempted by.
• May exploit their corporate status to help government agencies evade checks and balances that apply to the government but not corporations, such as the Fourth Amendment and the Privacy Act.

How, especially without FOIA, will we know how companies are compiling these databases, what kind of judgments they’re making about people, what data those judgments are based on, and how accurate that data is? What processes, if any, will such companies establish to hear appeals? Anyone who has had their Facebook account suspended or needed to appeal a decision made by a large tech company knows that these companies’ appeals procedures are highly inadequate and often leave users helpless and infuriated. Meaningful due process requires human time and attention and costs money, and companies don’t like to spend money.

So, insofar as this database is part of the national security establishment, there are a lot of problems with that. But the company also talks about including photos of “criminals” in its database, and Forbes reports that the company is:

also involved in other, more political endeavors. One ex-staffer, in describing her role as a Terrogence analyst, said [on LinkedIn that] she’d “conducted public perception management operations on behalf of foreign and domestic governmental clients,” and used “open source intelligence practices and social media engineering methods to investigate political and social groups.”

And that brings us firmly into the domestic sphere.

Where will this take us?

Whatever this particular company is doing right now, it’s easy to imagine that we could see an entire marketplace emerge of private, quasi-vigilante companies crafting blacklists of all kinds.

• Companies could come to peddle photo watch lists incorporating confirmed international terrorists, suspected local shoplifters, and anything in between.
• Vendors could sell such products to an expanding base of clients, down to and including the proprietors of local corner shops to plug in to their behind-the-counter surveillance cameras.
• Databases might draw on mug shot databases, for example, to sell photo blacklists that purport to sound alerts when anybody convicted of a violent crime enters the scene. Or a sex offender, or, for that matter, anybody with a criminal record at all. Or anybody that some proprietary algorithm has decided is worth warning about.
• Such a marketplace would inevitably encompass databases with varying degrees of quality, responsibility, or political, racial, ethnic, and/or religious bias. They might sell databases of labor organizers to anti-union companies or of corporate critics to companies that are the target of consumer, environmental, animal-rights, or any other stripe of activism. Anti-immigrant vigilante groups might even compile photo databases of undocumented immigrants.

Already we know that private companies in the “risk mitigation” market for banks are compiling private terrorist watch lists. At least a few major retailers are compiling their own photo blacklists and hooking them up to their in-store surveillance cameras. We know that stores are starting to compile and share not-always-accurate blacklists of accused shoplifters and other “troublemakers,” without formal due process protections. Get in a dispute with a clerk after rude treatment or fraudulent service by a store? You might find yourself thrown on one of these watch lists by an angry employee, and it’s not clear what you could do about it. Landlords are building similar lists.

Face recognition raises the stakes of existing problems with these growing systems. What happens if private companies begin regularly scraping photos from increasingly plentiful sources, including surveillance cameras and combining those photos with personal information in order to make judgments about people  —  whether it’s “Are you a terrorist” or “Are you a corporate critic,” — or anything else? Such a business model would:

• Expose everybody to the risk of being misidentified. Companies, in order to brag about how many tens of thousands of photos they’ve collected, have an incentive to draw photos from a wide variety of sources, including surveillance videos that might not be very high quality. In addition, studies have shown that face recognition can be less accurate in trying to identify people of color.
• Expose everybody to the risk of being misjudged. Photos of people’s faces are only half of what companies would be offering under this model. The other half is information about them: that you are allegedly a terrorist, shoplifter, an activist, or whatever other list a company is selling. That could range from detailed information (correct or erroneous) about you that pops up when you appear in front of somebody’s surveillance camera — or simply the fact that you are included on such a list.
• Make people very hesitant to publicly post photos of themselves online. It might only take a few incidents of unfortunate, highly publicized mistakes (of any kind) before people start to become self-conscious about allowing photos of themselves to be published in places where they can be scraped by any dodgy outfit selling face-photo blacklists of who-knows-what nature.

Speaking of scraping, it’s important to note the role that the world’s largest collection of facial photographs could play here: Facebook’s. At the ACLU we have consistently pushed for the company to give individuals control over whether their profile picture is made public or not. In his testimony before Congress last week, Mark Zuckerberg made clear that the company wants to keep profile pictures classified as “public information” outside of any user control options. That leaves them vulnerable to automated collection by this kind of industry.                                                      

Finally, let me note the very long history of private companies and government agencies working together to create databases and watch lists about people in the United States. During the labor, civil rights, antiwar, and other social justice movements of the 20th century, there were a number of private databases created by shady collections of right-wing vigilantes and super-patriots who took it upon themselves to compile dossiers on progressive activists. These private databases, such as the San Diego Research Library and the Western Goals Foundation, were often shared with police and government agencies and thus took on quasi-official roles in the efforts of police “intelligence” arms to combat those progressive movements, while remaining outside the normal checks and balances of government.

As cameras and face recognition technology continue to proliferate in American life, the prospect of a market for these kinds of databases is a reminder that face recognition threatens to bring some sweeping changes to the nature of public life. I don’t know how likely it is that this phenomenon of private face-photo blacklists will become a big part of that impact, but the notion is a frightening one, which should serve as an urgent warning to policymakers about the need for privacy protections when it comes to face recognition.