At least, that's what an
AP article by Katherine Shrader would seem to say. The most relevent parts are bolded.
A number of lawyers voiced their surprise Friday that three major telephone companies had agreed to make customer phone records available to the NSA.
Congress made it illegal 20 years ago for telephone companies and computer service providers to turn over to the government records showing who customers had dialed or e-mailed.
"I would not want to be the general counsel of one of these phone companies," said Orin S. Kerr, a law professor at George Washington University and a former Justice Department lawyer who has worked on electronic surveillance.
The law doesn't make it illegal for the government to ask for such records, Kerr said. Rather, it makes it illegal for phone companies to divulge them.
Discussion on the flip
Most certainly the Bush administration acted unethically by requesting this information without a court order, but nothing illegal by it. It would be like the cops asking if they could search your home if they didn't have a warrant, you could say no (like Qwest) and they'd have to come back with a warrent. Or, you could say yes (like those other companies) and let them in.
The only legal problem (I'm not a lawyer, so I'm sure I'll be corrected on this) for the Bush Administration is if they threatened or blackmailed or otherwise retaliated to force the telecommunications companies to do this (like it is suggested in Patriot Daily News Clearinghouse's diary).
For sure AT&T, Verizon, and BellSouth are probably going to face class-action lawsuits, but I'm not really sure we can fault the NSA for making the request. It's not their fault the telecom companies' lawyers signed off on this.
Just for clarification, here is why Qwest decided not to release the records to the NSA:
Nacchio's attorney, Herbert Stern, said from his Newark, N.J., office that his client "concluded that these [NSA] requests violated the privacy requirements of the Telecommunications Act."
I know the article above the fold mentions a law passed 20 years ago, but the only law referenced by name in the article is the Telecommunications Act. So, here's the relevent section of the 1996 Telecommunications Act that was just referenced:
SEC. 702. PRIVACY OF CUSTOMER INFORMATION.
Title II is amended by inserting after section 221 (47 U.S.C.
221) the following new section:
`SEC. 222. PRIVACY OF CUSTOMER INFORMATION.
`(a) IN GENERAL- Every telecommunications carrier has a duty to
protect the confidentiality of proprietary information of, and
relating to, other telecommunication carriers, equipment
manufacturers, and customers, including telecommunication carriers
reselling telecommunications services provided by a
telecommunications carrier.
`(b) CONFIDENTIALITY OF CARRIER INFORMATION- A telecommunications
carrier that receives or obtains proprietary information from
another carrier for purposes of providing any telecommunications
service shall use such information only for such purpose, and shall
not use such information for its own marketing efforts.
`(c) CONFIDENTIALITY OF CUSTOMER PROPRIETARY NETWORK
INFORMATION-
`(1) PRIVACY REQUIREMENTS FOR TELECOMMUNICATIONS CARRIERSExcept
as required by law or with the approval of the customer,
a telecommunications carrier that receives or obtains customer
proprietary network information by virtue of its provision of a
telecommunications service shall only use, disclose, or permit
access to individually identifiable customer proprietary
network information in its provision of (A) the
telecommunications service from which such information is
derived, or (B) services necessary to, or used in, the
provision of such telecommunications service, including the
publishing of directories.
`(2) DISCLOSURE ON REQUEST BY CUSTOMERS- A telecommunications
carrier shall disclose customer proprietary network
information, upon affirmative written request by the customer,
to any person designated by the customer.
`(3) AGGREGATE CUSTOMER INFORMATION- A telecommunications
carrier that receives or obtains customer proprietary network
information by virtue of its provision of a telecommunications
service may use, disclose, or permit access to aggregate
customer information other than for the purposes described in
paragraph (1). A local exchange carrier may use, disclose, or
permit access to aggregate customer information other than for
purposes described in paragraph (1) only if it provides such
aggregate information to other carriers or persons on
reasonable and nondiscriminatory terms and conditions upon
reasonable request therefor.
`(d) EXCEPTIONS- Nothing in this section prohibits a
telecommunications carrier from using, disclosing, or permitting
access to customer proprietary network information obtained from
its customers, either directly or indirectly through its agents--
`(1) to initiate, render, bill, and collect for
telecommunications services;
`(2) to protect the rights or property of the carrier, or to
protect users of those services and other carriers from
fraudulent, abusive, or unlawful use of, or subscription to,
such services; or
`(3) to provide any inbound telemarketing, referral, or
administrative services to the customer for the duration of the
call, if such call was initiated by the customer and the
customer approves of the use of such information to provide
such service.
`(e) SUBSCRIBER LIST INFORMATION- Notwithstanding subsections
(b), (c), and (d), a telecommunications carrier that provides
telephone exchange service shall provide subscriber list
information gathered in its capacity as a provider of such service
on a timely and unbundled basis, under nondiscriminatory and
reasonable rates, terms, and conditions, to any person upon request
for the purpose of publishing directories in any format.
`(f) DEFINITIONS- As used in this section:
`(1) CUSTOMER PROPRIETARY NETWORK INFORMATION- The term
`customer proprietary network information' means--
`(A) information that relates to the quantity, technical
configuration, type, destination, and amount of use of a
telecommunications service subscribed to by any customer of
a telecommunications carrier, and that is made available to
the carrier by the customer solely by virtue of the
carrier-customer relationship; and
`(B) information contained in the bills pertaining to
telephone exchange service or telephone toll service
received by a customer of a carrier;
except that such term does not include subscriber list
information.
`(2) AGGREGATE INFORMATION- The term `aggregate customer
information' means collective data that relates to a group or
category of services or customers, from which individual
customer identities and characteristics have been removed.
`(3) SUBSCRIBER LIST INFORMATION- The term `subscriber list
information' means any information--
`(A) identifying the listed names of subscribers of a
carrier and such subscribers' telephone numbers, addresses,
or primary advertising classifications (as such
classifications are assigned at the time of the
establishment of such service), or any combination of such
listed names, numbers, addresses, or classifications; and
`(B) that the carrier or an affiliate has published,
caused to be published, or accepted for publication in any
directory format.'.
If anyone has any idea what this 20 year old law is, let me know and i'll include it in my diary. Also note, this diary makes no attempt to guess how the data is being used, just that the actual request without a warrant wasn't illegal.
P.S. Please don't hurt me. Just saw something that made me think that not all the blame rests with the NSA.