Why Metadata Is Shaping The Future of Privacy
This week, IT jargon entered the national conversation. Over the last few days, we've learned that the United States government has been collecting phone records on all Verizon customers since at least April, and probably a lot longer. A secret court order obtained by the Guardian confirmed what many civil liberties watchdogs have suspected for years. The National Security Agency is amassing phone records on millions of Americans in bulk, regardless of suspicion.
Additional reports have also unearthed a clandestine national security program that has been mining the personal online content of millions of Americans since 2007.
Privacy defenders are fuming. But lawmakers like Sen. Dianne Feinstein (D-Calif.) have defended the surveillance by saying that government agents are only gathering "metadata." As the chair of the Senate's Intelligence committee, Feinstein insisted "there is no content involved" in the government's phone call surveillance.
But what exactly is metadata? What can the government learn from it? And why has the term suddenly appeared at the center of so many debates on the future of privacy? To get answers on those questions, I called Pam Dixon, director of the San Diego-based think tank World Privacy Forum.
"Metadata, very simply put, is everything around the conversation but not including the conversation," says Dixon. "For example, the phone numbers of both parties. Where you were when you made the call and where that person who you called was. How long your call was. When you called them."
Put another way: No, the government can't eavesdrop on your late-night pizza delivery orders. They'd need a warrant for that. But metadata gives them access to nearly everything else, like your location, your number, and how long the conversation lasted. They can use that information to paint a very detailed picture of your life.
We know for sure that Verizon records have been hauled in for the last three months, and probably a lot longer. Senator Feinstein admitted as much when she told MSNBC, "There is nothing new in this program. The fact of the matter is, that this was a routine three-month approval under seal that was leaked."
"The way that the FISA court collected this information is through what's called a business records provision," says Dixon. In the wake of the Patriot Act, this so-called transactional information is not protected as private information. That's why metadata is such a significant term — if separates what the government can and can't obtain without a warrant. Dixon thinks the terms currently attached to metadata, words like "business" and "transactional," are misnomers. "These are actually very personal records."
Dixon says we should get used to hearing the word metadata. Going forward, the question of what is and what isn't metadata will shape American privacy law. "That exact question is under discussion by some of the best minds in privacy," says Dixon.
In fact, the line between non-private metadata and content protected by the Fourth Amendment is already forming important distinctions in another facet of the government's surveillance program. On Thursday, The Washington Post revealed that the NSA has also been tapping into the servers of giant tech companies like Google, Apple, and Facebook since 2007. That probing, undertaken by a previously covert NSA program called PRISM, is different from the Verizon case because it accesses actual content, like emails and online search histories, not just the metadata.
"Metadata is a very important thing to watch out for," says Dixon. Government officials say that sifting through metadata helps them track down terrorists and foil potential attacks. They insist that this information doesn't breech any one person's privacy. But Dixon thinks metadata gives government agents more than enough clues to hone in on specific individuals. She says, "It is absolute computer child's play."