United States District Court, D. Maryland
MEMORANDUM OPINION
T.S.
EILIS, UNITED STATES DISTRICT JUDGE
Plaintiff,
Wikimedia Foundation ("Wikimedia"), [1] challenges the
legality of the National Security Agency's
("NSA") Upstream surveillance data gathering
efforts, one of a series of recent cases challenging the
constitutionality of the NSA's surveillance
programs.[2] According to the Director of National
Intelligence ("DM"), Upstream surveillance is a
surveillance program authorized pursuant to § 702 of the
Foreign Intelligence Surveillance Act ("FISA") that
involves the targeted collection of non-U.S. persons'
international Internet communications by the
NSA.[3]Wikimedia alleges that the NSA has
intercepted, copied, and collected Wikimedia's Internet
communications pursuant to the Upstream surveillance program
and that such interception, duplication, and collection
exceeds the NSA's authority under FISA and violates
Wikimedia's rights under the First and Fourth Amendments
of the Constitution.
At
issue in this matter is defendants' motion for summary
judgment. Defendants argue that judgment must be entered in
their favor because Wikimedia, the only remaining plaintiff,
lacks Article III standing. Defendants also argue that even
if a genuine dispute of material fact exists as to
Wikimedia's standing, the state secrets doctrine
precludes further litigation of Wikimedia's standing, and
thus requires entry of judgment in defendants' favor.
Before
analyzing the parties' arguments on the issue of Article
III standing and the state secrets doctrine, however, it is
important to address briefly three topics: (i) the definition
of Upstream surveillance and the statutory authority for the
NSA's Upstream surveillance program, (ii) the procedural
history of this case, and (iii) the undisputed factual record
developed by the parties. After addressing these three
preliminary topics, which frame all of the analysis that
follows, the pertinent summary judgment standard is set
forth, and the parties' arguments are analyzed under that
standard. For the reasons that follow, Wikimedia has failed
to establish that it has Article III standing sufficient to
survive summary judgment, and further litigation of this
matter is precluded by the state secrets doctrine.
Accordingly, this case must be dismissed, and judgment must
be entered in favor of defendants.
I.
To
begin with, it is necessary to define Upstream surveillance,
the NSA program at issue in this litigation, and to clarify
what is meant by the term Upstream surveillance as that term
is used in this litigation. The NSA conducts Upstream
surveillance pursuant to § 702 of FISA, 50 U.S.C. §
1881a. The government has acknowledged that it conducts
§ 702 surveillance through two programs, namely the
Upstream and PRISM programs.[4] In PRISM surveillance, the
government acquires communications directly from a United
States-based Internet Service Provider ("ISP").
See PCLOB 702 Report, at 33. In contrast, the
acquisition of communications via Upstream surveillance does
not occur "with the compelled assistance of the United
States ISPs, but instead with the compelled assistance... of
the providers that control the telecommunications backbone
over which communications transit."[5] Id. at
35. Thus, Upstream collection, unlike PRISM collection,
"does not occur at the local telephone company or email
provider with whom the targeted person interacts."
Id. Instead, the collection of communications for
Upstream surveillance "occurs 'upstream' in the
flow of communications between communication service
providers." Id. Only the Upstream surveillance
program is at issue in this case.
As
noted, the government contends that its Upstream surveillance
program is conducted pursuant to FISA § 702.
Specifically, § 702 permits the Attorney General and the
DNI to authorize jointly, for up to one year,
foreign-intelligence surveillance targeted at non-U.S.
persons located abroad, [6] if the Foreign Intelligence
Surveillance Court ("FISC")[7] approves the
government's written certification demonstrating that the
intended surveillance complies with statutory
requirements.[8] To approve such a certification, the FISC
must determine that the government's targeting procedures
are reasonably designed:
(i) to ensure that acquisition "is limited to targeting
persons reasonably believed to be located outside the United
States," 50 U.S.C. § 1881a(j)(2)(B)(i);
(ii) to prevent the intentional acquisition of wholly
domestic communications, id §
1881aG)(2)(B)(ii);
(iii) to "minimize the acquisition and retention, and
prohibit the dissemination, of nonpublicly available
information concerning unconsenting United States persons
consistent with the need of the United States to obtain,
produce, and disseminate foreign-intelligence
information," id § 1801(h)(1); see
id § 1881aG)(2)(C); and
(iv) to ensure that the procedures "are consistent
with...the [F]ourth [A]mendment," id §
1881a(j)(3)(A).[9]
In
effect, FISC approval of government surveillance pursuant to
§ 702 means that the FISC has found that the
surveillance comports with the statutory requirements and the
Constitution.
The
recent release of public reports and declassification of some
FISC opinions have revealed additional details regarding the
collection of communications pursuant to § 702. After
the FISC approves a § 702 certification, the NSA
designates "targets," which are non-U.S. persons
located outside the United States who are reasonably believed
to possess or receive, or are likely to communicate,
foreign-intelligence information designated in the
certification.[10] The NSA then attempts to identify
"selectors," namely the specific means by which the
targets communicate, such as email addresses or telephone
numbers.[11] Importantly, selectors cannot be key
words (e.g., "bomb") or targets' names
(e.g., "Bin Laden"); rather, selectors
must be specific communication identifiers.[12] The
government then may issue a § 702 directive to a U.S.
telecommunications service provider requiring it to assist
the government in acquiring communications involving those
selectors.[13]
As for
the actual collection of communications containing these
targeted selectors, the government has described the Upstream
surveillance collection process as follows:
[C]ertain Internet transactions transiting the Internet
backbone network(s) of certain electronic communication
service provider(s) are filtered for the purpose of excluding
wholly domestic communications[, ] and are then scanned to
identify for acquisition those transactions [that contain
communications] to or from... persons targeted in accordance
with the applicable NSA targeting procedures; only those
transactions that pass through both the filtering and the
scanning are ingested into Government databases.
Defs.'
Br. 4 (quoting Pub. Decl. of Daniel R. Coats, Director of
National Intelligence, ¶ 15, ECF No.
138-2).[14] Thus, the Upstream surveillance
collection process involves three steps-(1) filtering, (2)
scanning, and (3) ingesting. As this description shows,
although the government has disclosed some information about
Upstream surveillance in declassified documents and
unclassified reports, most technical details of the Upstream
surveillance process remain classified. Wikimedia Found,
v. Nat'l Sec. Agency, 857 F.3d 193, 202 (4th Cir.
2017) (citing Jewel v. Nat'l Sec. Agency, 810
F.3d 622, 627 (9th Cir. 2015)).
II.
With
this statutory framework and definition of Upstream
surveillance in mind, it is appropriate to turn to the
procedural history of this case. On June 22, 2015, Wikimedia,
along with eight other organizations, [15] filed the
Amended Complaint in this suit, challenging the legality of
the NSA's Upstream surveillance program. The Amended
Complaint alleges that Upstream surveillance (i) exceeds the
scope of the government's authority under § 702,
(ii) violates Article III, (iii) violates the First
Amendment, and (iv) violates the Fourth Amendment and
requests (i) a declaration that Upstream surveillance
violates the Constitution and § 702 and (ii) an order
permanently enjoining the NSA from conducting Upstream
surveillance. On August 6, 2015, defendants moved to dismiss
the Amended Complaint, arguing that plaintiffs lacked Article
III standing. On October 23, 2015, defendants' motion was
granted on the ground that plaintiffs' allegations were
too speculative to establish Article III standing.
Wikimedia Found. v. Nat'l Sec. Agency,
143 F.Supp.3d 344, 356 (D. Md. 2015), aff'd in part,
vacated in part, and remanded by, 857 F.3d 193 (4th Cir.
2017).
Thereafter,
plaintiffs appealed, and the Fourth Circuit affirmed in part,
vacated in part, and remanded the case for further
consideration. Wikimedia Found., 857 F.3d at 200.
Specifically, the Fourth Circuit vacated the finding that
Wikimedia lacked standing, but affirmed the finding that the
other plaintiffs lacked standing. Id. The Fourth
Circuit concluded that Wikimedia had established standing
sufficient to survive a facial challenge to the Amended
Complaint based on the "Wikimedia Allegation",
namely the allegation "that the sheer volume of
[Wikimedia's] communications makes it virtually certain
that the NSA has intercepted, copied, and reviewed at least
some of [Wikimedia's] communications[, ]" "even
if the NSA conducts Upstream surveillance on only a single
[I]nternet [backbone] link." Id. at 202, 209
(internal quotation marks and citation omitted). Three
factual allegations, accepted as true as required at the
motion to dismiss stage, made the Wikimedia Allegation
plausible: (i) "Wikimedia's communications almost
certainly traverse every international [Internet] backbone
link connecting the United States with the rest of the
world[J" (ii) "the NSA has confirmed that it
conducts Upstream surveillance at more than one point along
the [I]nternet backbone[J" and (iii) "the
government, for technical reasons[, ]... must be copying and
reviewing all the international text-based communications
that travel across a given [Internet backbone] link upon
which it has installed surveillance equipment."
Id. at 210-11 (internal quotation marks and
citations omitted).
Importantly,
the Fourth Circuit rejected the "Dragnet
Allegation", that is the allegation "that[, ] in
the course of conducting Upstream surveillance[, ] the NSA is
intercepting, copying, and reviewing substantially all
text-based communications entering and leaving the United
States, including" those of the nine plaintiffs.
Id. at 202 (internal quotation marks and citation
omitted). Plaintiffs alleged the following facts in support
of the Dragnet Allegation: (i) "the NSA has a strong
incentive to intercept communications at as many [Internet]
backbone chokepoints as possible, and indeed must be doing so
at many different [Internet] backbone chokepoints," (ii)
"the technical rules governing online communications
make this conclusion especially true," and (iii) "a
New York Times article asserts that the NSA is
temporarily copying and then sifting through the contents of
what is apparently most e-mails and other text-based
communications that cross the [U.S.] border."
Id. at 213 (internal quotation marks and citations
omitted). The Fourth Circuit concluded that the Dragnet
Allegation failed to establish standing because it did
"not contain enough well-pleaded facts entitled to the
presumption of truth." Id. at 200. As such,
although Wikimedia pled sufficient facts to establish
standing at the motion to dismiss stage, the other plaintiffs
did not. Id. at 200. Thus, Wikimedia is the only
remaining plaintiff.
On
remand, an Order issued on October 3, 2017 directing the
parties to conduct a limited five-month period of
jurisdictional discovery. See ECF Nos. 117, 123.
Both sides took depositions and served requests for written
discovery and production of documents. Defendants objected to
53 of Wikimedia's 84 discovery requests on the ground
that responses to the requests would reveal classified
information protected by the common law state secrets
privilege and related statutory privileges. Thereafter, the
DNI formally asserted the state secrets privilege and the
statutory privilege set forth in 50 U.S.C. §
3024(i)(1).[16] Defendants stated that the information
Wikimedia sought, if disclosed, reasonably could be expected
to result in exceptionally grave damage to U.S. national
security.[17] Wikimedia subsequently moved to compel
production of the documents. On August 20, 2018, an Order and
Memorandum Opinion issued, concluding that defendants
satisfied the procedural requirements necessary to invoke the
state secrets privilege, that the information sought to be
protected qualified as privileged under the state secrets
doctrine, and that therefore, Wikimedia's motion to
compel must be denied. Wikimedia Found. v. Nat'l
Sec. Agency, 335 F.Supp.3d 772, 790 (D. Md. 2018).
Accordingly, the parties continued jurisdictional discovery,
limited to information not protected by the state secrets
privilege.
Defendants
now seek summary judgment on the ground that Wikimedia lacks
Article III standing to contest the legality of the NSA's
Upstream surveillance program, or alternatively, that if
there is a genuine issue of material fact as to the three
essential elements of the Wikimedia Allegation articulated in
the Fourth Circuit's remand order, the state secrets
doctrine operates to preclude further litigation of
Wikimedia's standing and thus requires entry of judgment
in defendants' favor.
III.
Summary
judgment is appropriate only where there are no genuine
disputes of material fact. Rule 56, Fed.R.Civ.P. Accordingly,
the material facts as to which no genuine dispute exists must
first be identified. Defendants set out their statement of
material facts in their brief in support of summary judgment,
as required by the local rules. Plaintiff, in addition to
responding to defendants' statement of material facts as
required by the local rules, also offered their own separate
statement of material facts in their brief in opposition to
summary judgment. Neither the local rules of the District of
Maryland nor the Eastern District of Virginia require
plaintiff, as the non-moving party, to set forth a statement
of material facts. See generally D. Md. Local Rules;
E.D. Va. Local Civ. R. 56(B). In the interest of
completeness, however, and because each party has responded
to the other party's statement of material facts, all
facts, and disputes as to those facts, have been considered
in deriving from the record the following undisputed material
facts.
1. The
Internet is a global collection of networks, large and small,
interconnected by a set of routers.[18] Together, these large and
small networks function as a single, large virtual network,
on which any device connected to the network can communicate
with any other connected device.
2. To
communicate over the Internet, an individual user connects
with the network of a local Internet Service Provider
("ISP"), either directly (typically for a monthly
fee) or indirectly through an organization (e.g., a
place of business, an Internet cafe). In turn, the local
ISP's network connects to the networks of larger regional
and national ISPs, the largest of which are called "Tier
1" telecommunication service providers (e.g.,
AT&T, Century Link, Cogent, Verizon).
3. Tier
1 providers and other large carriers maintain high-capacity
terrestrial fiber-optic networks, known generally as Internet
"backbone" networks, that use long-haul terrestrial
cables to link large metropolitan areas across a nation or
region. Data travel across these cables in the form of
optical signals, or pulses of light.
4. The
Internet backbone also includes transoceanic cables linking
North and South America with each other and with Europe,
Asia, the Middle East, and Africa. These undersea cables
reach shore at points known as cable landing stations, from
which they are linked to the terrestrial telecommunications
network.
5. Tier
1 providers and other large carriers typically connect
separate legs of their own networks using high-capacity
switches. To allow users of different providers' networks
to communicate with one another, Tier 1 providers and other
large carriers typically interconnect their networks using
high-capacity routers.[19]
6.
Generally speaking, to send a communication on the Internet,
the transmitting device (e.g., a personal computer,
a cell phone) first converts the communication into one or
more small bundles of data called "packets,"
configured according to globally accepted
protocols.[20]
7. When
a communication is broken into separate packets, each packet
includes (i) a "header," which consists of the
routing, addressing, and other technical information required
to facilitate the packets' travel from its source to its
intended destination, and (ii) a "pay load," which
consists of a portion of the contents of the communication
being transmitted.
8. A
packet's header contains three relevant pieces of address
and routing information: (i) the packet's source and
destination Internet Protocol ("IP") addresses;
(ii) the source and destination ports; and (iii) protocol
numbers.
9. IP
addresses, which are included in packet headers, are unique
numeric identifiers assigned to particular computers,
devices, or systems connected to the Internet.[21] IP addresses
are used to direct data back and forth between one computer
(or other online device) and another online device. IP
addresses may be analogized to the destination and return
addresses on a mailing envelope.
10. The
IP addresses of entities with a large, fixed presence on the
Internet do not change and are publicly
accessible.[22]
11.
Port numbers, which are also included in packet headers, are
used to identify communications of different kinds
(e.g., webpage requests, or email) so that servers
hosting multiple communications services (e.g., a
website and an email service) can distinguish packets
destined for one service from those meant for another. Port
numbers for common applications, like web-browsing and email,
are assigned in a common industry registry maintained by the
IANA. Whereas IP addresses can be analogized to the street
address on a letter, port numbers are roughly analogous to
the apartment numbers at a multi-unit dwelling.
12.
Protocol numbers, which are also included in packet headers,
are used by receiving devices to determine the appropriate
method of interpreting data (e.g., HTTP, TCP/IP). A
protocol defines the actions taken upon the transmission
and/or receipt of a message or other transmission. Protocols
are also assigned numbers maintained in a common industry
registry maintained by the IANA.
13.
After a communication has been broken into packets by the
transmitting device, specialized computers called routers and
switches ensure that the packets travel an appropriate path
across the Internet to their destination IP address.
14.
Each router or switch through which a packet transits scans
the packet's header information, including its
destination IP address, and determines which direction (path)
the packet should follow next in order to reach its intended
destination. The router or switch operates somewhat similarly
to Google Maps, updating the fastest route to take between a
user's starting point and his or her destination.
15.
When packets transmitting a communication arrive at the
receiving computer, smartphone, or other online device, the
receiving device reassembles the packets into the original
communication, such as a webpage or email.
16.
Traffic "mirroring" is a technical term for a
process by which a router or switch, in addition to
determining where on the Internet each packet should be
forwarded next, can also identify certain packets to be
copied ("mirrored") and divert the designated
copies off-network for separate processing. In other words,
traffic mirroring can create a copy of all communications, or
a subset of all communications, passing through a router or
switch without interrupting the flow of those communications.
17.
Traffic mirroring is accomplished by programming routers and
switches with access control lists ("ACLs") to
determine whether packets will be copied and collected at a
certain link (the "interface") between the router
or switch and another device. The criteria used in the ACL
can include a packet's source or destination IP address,
the port number, the protocol numbers, or other information
contained in a packet header.
18. The
router or switch examines the header information of each
packet it processes, and compares it to the ACL for each
interface, to determine which interfaces the packet may or
may not pass through without mirroring (copying).
19.
Tier 1 providers and other smaller service providers employ
traffic mirroring in the normal course of their operations
for such purposes as monitoring traffic load, conducting
quality-control processes, and rejecting unwanted traffic.
20. At
any link on the Internet where surveillance may be conducted,
traffic mirroring with ACLs can be used in several ways to
make only certain packets available for inspection by a
collecting entity.[23]
21. To
conduct traffic mirroring, an interface (a fiber-optic link)
would have to be established between the router or switch
directing traffic at the selected location and the separate
equipment used by the collecting entity (hereinafter, the
"collector interface").
22.
After the collector interface is established, communications
traffic passing through the carrier's router or switch to
the collector's equipment can be filtered by
"whitelisting" or "blacklisting"
techniques. "Whitelisting" or
"blacklisting" involves configuring an ACL to allow
only packets meeting the ACL's criteria to be copied and
passed through the collector interface to the collector's
equipment.
23. For
example, the collector could configure an ACL containing a
"whitelist" of specific IP addresses of interest.
When the router or switch examines the header information of
each packet it processes, it would then, (i) as usual,
forward a copy of the packet toward its intended destination,
(ii) perhaps forward additional copies through other
interfaces, per the carrier's routine business practices,
and (iii) if, and only if, the packet header contains a
source or destination IP address on the whitelist, create an
additional copy of the packet, and forward it through the
collector interface into the collector's possession and
control. In other words, packets containing IP addresses on
the whitelist would be copied and sent through to the
collector's equipment. Packets not meeting the whitelist
criteria would not be copied for, or made available to, the
collector's equipment for any purpose.
24.
Blacklisting, conversely, involves configuring an ACL to
allow all packets to be copied to the collector interface
except those matching the ACL's criteria. With a
blacklist, the router or switch would examine each packet
header and (i) as usual, forward a copy of the packet toward
its intended destination, (ii) perhaps forward additional
copies through other interfaces, per the carrier's
routine business practices, and (iii) create an additional
copy of every packet and forward it through the collector
interface into the collector's possession and control,
except for those packets with source or destination
IP addresses on the blacklist. In other words, if the router
or switch finds that a packet header contains a source or
destination IP address on the blacklist, an additional copy
of that packet is not created or forwarded through the
collector interface.
25.
Whitelisting and blacklisting techniques can also be used to
limit mirroring to particular sources of traffic, such as
only cables used by specific carriers, or only cables linked
to specific countries or regions.
26. In
addition, ACLs can be configured to whitelist or blacklist
particular types of communication based on their port or
protocol numbers, such as email communications or
communications from accessing websites.
27.
Wikimedia operates twelve free-knowledge projects on the
Internet, including Wikipedia. Wikipedia, a free-access, free
content encyclopedia, is one of the top ten most-visited
websites in the world. In 2017, Wikipedia's website
received visits from more than 1 billion unique devices each
month.
28.
Wikimedia engages in more than a trillion international
Internet communications each year, with individuals in every
country on the planet. This includes communications between
foreign users and Wikimedia's U.S.-based servers, and
communications between U.S. users and Wikimedia's
foreign-based servers.
29.
Wikimedia has identified three categories of its
international Internet communications that it contends are
subjected to Upstream surveillance collection by the NSA: (i)
communications with its community members[24]
("Category 1"), (ii) internal "log"
communications ("Category 2"), and (iii) the
electronic communications of Wikimedia's staff
("Category 3").
30.
Category 1 consists of communications with and among
Wikimedia's community members, including requests from
foreign and domestic users to view or download content from
Wikimedia websites, and email communications sent from
foreign users to Wikimedia servers.[25] All of these
communications were directed to the public IP address ranges
assigned to and used by Wikimedia.
31.
Category 2 consists of internal log communications
transmitted from Wikimedia's servers in the Netherlands
to its servers in the United States. These communications are
encrypted and received at one of the same public IP address
ranges as Wikimedia's communications in Category
l.[26]
32.
Category 3 consists of communications by Wikimedia's
staff using various protocols, some of which are encrypted,
some of which are not. These communications, like those in
Categories 1 and 2, are sent and received from the public IP
address ranges assigned to and used by
Wikimedia.[27]
33. The
total volume of Wikimedia's international Internet
communications exceeds the number of cables transporting
Internet communications between the U.S. and other countries.
Moreover, Wikimedia's communications are broadly
distributed, with users in every country in the world.
34. It
is "virtually certain" that Wikimedia's
communications traverse every cable carrying public Internet
traffic that connects the U.S. to other countries.
35. The
government has described Upstream surveillance as involving
three steps. First, "certain Internet transactions
transiting the Internet backbone network(s) of certain
electronic communication service provider(s) are filtered for
the purpose of excluding wholly domestic
communications." Second, these Internet transactions
"are then scanned to identify for acquisition those
transactions [that contain communications] to or from ...
persons targeted in accordance with the applicable NSA
targeting procedures." And third, "those
transactions that pass through both the filtering and the
scanning are ingested into Government
databases."[28]
36.
Prior to April 2017, Upstream surveillance involved
"about" collection (i.e., a communication
containing a reference in the communication's text to a
selector tasked for acquisition under § 702).
"About" communications were not necessarily sent to
or from the user of a § 702 tasked-selector.
37. The
statement-the "NSA will acquire a wholly domestic
'about' communication if the transaction containing
the communication is routed through an international Internet
link being monitored by NSA or is routed through a foreign
server"-was accurate as of October 3,
2011.[29]
IV.
Summary
judgment is appropriate when there is "no genuine issue
as to any material fact" and based on those undisputed
facts the moving party "is entitled to judgment as a
matter of law." Celotex Corp. v. Catrett,477U.S. 317, 322 (1986). To serve as a bar to summary
judgment, facts must be "material," which means
that the disputed fact "might affect the outcome of the
suit under the governing law." Anderson v. Liberty
Lobby, Inc.,477 U.S. 242, 248 (1986). Where a party
"fails to make a showing sufficient to establish the
existence of an element essential to that party's case,
and on which that party will bear ...