INTELLIGENCE-SHARING AGREEMENTS & INTERNATIONAL DATA PROTECTION: AVOIDING A GLOBAL SURVEILLANCE STATE.

• Published date: 22 September 2018
• Author: Taylor, Rachel C.
• Date: 22 September 2018

I. INTRODUCTION

In 2013, the trust between the American public and its government was broken, resulting in "a sea change in the policy landscape related to surveillance." (2) Because of the Snowden disclosures, the American intelligence community was forced into a dialogue with the public and began trading security for domestic legitimacy. (3) However, this conversation is not only of domestic concern. (4) As national security continues to focus on international threats, international solutions and approaches to threats must be implemented. Globally, individual privacy concerns prompted significant movement among data protection rights and legislation post-Snowden. (5) Democratic norms demand transparency and oversight for the intelligence community. (6) While this note touches on citizens' concerns in protecting their data privacy from unchecked national surveillance regimes, its primary focus is in maintaining the integrity of domestic safeguards by pushing against secret intelligence-sharing agreements that sidestep national laws. This note examines legal challenges that dismantle and change the international surveillance framework.

Part II discusses the Five Eyes alliance and intelligence-sharing relationships between states participating in the information-sharing agreement, particularly the United States and the United Kingdom, in a post-Snowden world. Part II also reviews laws within these nations that relate to intelligence-gathering and sharing. Germany is also discussed in Part II, contrasting its role as a Western ally but not as a Five Eyes partner. Part III considers the Privacy Shield and European courts' response to national security justifications in Schrems I. Part IV draws lessons from Schrems I and the European Union's data protection regime, and proposes that American lawmakers and judges take greater responsibility in overseeing the U.S. intelligence community, evinced by the excessive deference these two branches afford to the Executive Branch as an obstacle to democratic governance. Finally, this note concludes by encouraging greater congressional engagement with data protection issues, including national security concerns and government surveillance, given the threat posed by globalized threats to national security.

II. THE FIVE EYES

While the Five Eyes agreement is one of the more famous intelligence-sharing agreements, there are other partnerships and less formal means of collaboration. (7) Often, the exchange of intelligence depends on the health of the relationship between collaborating parties and the historical level of cooperation. (8) All of these intelligence-sharing relationships depend on trust--trusting the veracity of the information, its confidentiality, and the sensitivity with which the receiving party demonstrates in handling the information. (9) Breaches of trust in these intelligence-sharing relationships exacerbate the inherent tensions residing in cooperative espionage. As previously discussed, the impact of the various leaks between the U.S. and its partners have corroded the trust underlying these intelligence-sharing alliances. (11) The greater threat to the status quo surrounding the intelligence community, however, is the onset of litigation that attacks the global infrastructure facilitating the streams of information between allied states. (12) This note discusses the circumvention of states' own domestic protections against unauthorized surveillance and data collection through such agreements.

Governments do not collect information solely for their own local use. Information-sharing between allied states with similar interests and threats is an established practice that should shape the debate around government surveillance. There is potential that information collected in the U.S. will be circulated beyond the American border. In 1946, a series of bilateral intelligence sharing agreements between five English-speaking countries developed into the UKUSA agreement--now known as the Five Eyes alliance. (13) This post-war alliance established a global surveillance infrastructure to observe the world's communications, internationally and domestically. (14) Besides the United States, the four other countries are Australia, United Kingdom, Canada, and New Zealand--nations that are unaffected by the First Amendment. (15) While the crux of these agreements is to collaborate on international crime, there is evidence that these nations' respective intelligence agencies have conducted domestic surveillance circumventing their local, legal safeguards. (16)

A. The United States

In the United States, private technology companies can be forced to provide users' data through National Security Letters ("NSLs") or the Foreign Intelligence Surveillance Act ("FISA") for national security investigations. (17) These orders come with a nondisclosure provision that muzzle the recipient from disclosing that they were forced to pass this information along to the government. (18) FISA orders were created with the passage of Foreign Intelligence Survei llance Act in 1978. (19) The law determined that "non-criminal electronic surveillances within the United States were only permissible for collecting foreign intelligence and/or foreign counterintelligence." (20) For FISA orders, a Foreign Intelligence Surveillance Court judge approves a request after reviewing the intended target and the presented accompanying procedures meant to minimize broad data collection. However, before the request is considered by the FISC judge, the U.S. Department of Justice (DOJ) reviews the agency's request prior to its submission. (21)

The DOJ's application must contain statements that show the targeted individual is a foreign power or an agent of a foreign power, certification from a high-ranking executive branch official detailing that the information to be obtained is foreign intelligence information that cannot be obtained by normal investigative techniques, include information about any previous applications surrounding the target, and list the type of communication or activities to be subject to the surveillance and contain a description of the information sought. (22) Upon approval, court orders can be used to survey targets, access metadata, and other content. (23)

It is critical to note that the only information available to the FISC is what is provided by the DOJ. (24) There is no opponent or adversarial balance to counter the DOJ's presentation. (25) Despite the fact that the court is reviewing information to certify the application meets statute's requirements, this is not enough oversight. The U.S. government's failure to respect individuals' privacy in crossing legal boundaries casts tremendous doubt on the FISC. (26) At the very least, the appearance of fairness is undermined by the Snowden revelations, and the lack of transparency as provided by FISA does little to assuage concerns that surveillance is being conducted as permitted by law.

In a post-Snowden world, knowing the extent of government surveillance and corporate compliance, intelligence sharing between nations threatens the privacy rights of citizens and its transnational neighbors. Distortion of the use of secret government surveillance, shrouded by secret intelligence-sharing agreements, threatens the public debate surrounding national security and individual privacy. This distortion persists on an international scale through the collaboration between national security agencies in the United States and their Five Eyes allies.

In 2017, several leaks plagued the Trump administration in its first year, cracking the foundation of trust among Five Eyes nations. (27) In May 2017, British officials condemned leaks (28) from the investigation surrounding the Manchester bombing, (29) and even temporarily paused the sharing of information with American law enforcement. (30) Earlier that month, President Trump was criticized for reportedly sharing sensitive information about Islamic State in Iraq and Syria (ISIS) operations by another U.S. ally, Israel, with Russia, against their wishes. (31) While the President's actions did not receive any admonition from Israel, (32) the disclosure was seen as a "breach of espionage etiquette" that could discourage American allies from sharing helpful information with the United States. (33) Despite efforts to eliminate these leaks, (34) sensitive information continues to be impermissibly shared. " The impact of these leaks will likely hamper the freer flow of information between these countries that developed after 9/11. (36)

The American reaction to 9/11 involved a shift in foreign policy, which included significant reforms in its intelligence community. (37) The years following the attack and the changes which followed have left an indelible mark on the global fight against terrorism. (38)

The United States and the international community soon recognized that the "old terrorism" of the Cold Era had dissipated, leaving a new sort of threat. (39) In response, Congress developed extensive legislation tackling national security, including international and domestic surveillance. (40) To assist in the fight against terrorism, Congress passed the USA Patriot Act ("Patriot Act") which emboldened the Department of Justice's investigation into 9/11. The Patriot Act contained "the most sweeping expansion of government surveillance authorities" in decades. (42) However, the extent of surveillance was not fully known until a few years later, with the 2013 controversy surrounding Edward Snowden. (43) The information disclosed about the United States' data collection and surveillance programs catalyzed a new focus on privacy concerns among scholars and the public. (44)

The Snowden disclosures uncovered a trove of information regarding the current intelligence-sharing practices of the United States and its foreign partners, including the remaining Five Eyes nations. The leak revealed that Britain's premier spy...