How Government Surveillance and Big Tech Erase Your Privacy Rights

By MLFA’s Criminal Defense Department 

“Surveillance is the business model of the internet.” – Bruce Schneier 

Imagine if every email or text message you ever sent had a police officer copied on it. What messages would you regret sending? Would you even text the same people anymore? Unfortunately, in today’s technological world, an officer is indeed listening to every conversation and reading every message. But this officer is not a person—it’s the United States government. 

Without our knowledge, tech companies have been collecting data on nearly every action we take on the internet, and this massive amount of data is accessible to the U.S. government for surveillance purposes under a law called FISA (the Foreign Intelligence Surveillance Act). By violating privacy and exploiting ethically gray data practices, the federal government, in partnership with tech companies, has the means to monitor our every move online. This has been particularly impactful on Muslim-Americans as these invasions of privacy have been used by the government to pursue unjust national security prosecutions. For Muslim-Americans, the government’s overreach and intrusion into our personal lives has resulted in serious discrimination and persecution. Tech companies’ erosion of American privacy rights will only exacerbate these problems.  

Why Does Our Privacy Matter? 

Privacy, to many, can seem like an abstract concept. Many believe a lack of privacy and increased surveillance is a small price to pay for increased security. Others advocate privacy as the highest priority in all circumstances. In the recent FISA update, however, there emerged a concerning notion that those who prioritized privacy and opposed government surveillance have something to hide. This ideology is a dangerous and blind idea for two reasons.  

First, even if individuals have nothing to hide, it doesn’t change the fact that someone else looking at your private conversations is uncomfortable. It follows the same idea that members of society generally don’t go home from work every day and stand in front of their living room windows naked. Just because these individuals don’t bare their bodies for the world to see doesn’t mean they all have bombs strapped to their chest under their clothes. Rather, it means that privacy is one of the building blocks of society and it is valued because it’s ours.  

Second, even if something is not immediately incriminating, FISA can be used as the basis to build a criminal case against those that hold unpopular political opinions or vulnerable minority populations. In the past decade, MLFA’s Criminal Defense department has noticed an alarming trend of counterterrorism sting operations against young, mentally ill or neurodivergent, Muslim-American children. This extremely vulnerable group of individuals typically comes to the attention of law enforcement through an online presence that voices support for unpopular political opinions, assumingly through FISA-sponsored surveillance. Often, emboldened by the false anonymity the internet provides, young teenagers will leave comments that may seem violent or alarming, but in reality, are just teenagers having fun. Unfortunately for young Muslim-Americans, federal law enforcement rarely shares this view, and these actions often spark the beginnings of a counterterrorism sting operation 

For example, an unpopular political opinion in 2024 may be supporting Palestinian liberation. In some past cases, unpopular opinions may have also been supporting a conservative view of Islam or Islamic ideology. In many cases, it is also evident that, emboldened by the false anonymity the internet provides, users will leave comments that are alarming to those that don’t support that ideology. 

In a recent case from Colorado, a young, autistic teenager was approached by four separate online undercover informants who befriended the teenager and after three years of encouraging him, three years of a resounding lack of any intervention, and three years of waiting for the teenager to turn eighteen, the FBI arrested him ten days after his eighteenth birthday. This reveals the pattern that the government’s use of FISA puts vulnerable populations at a risk of being victimized. 

Government Access to Your Data Through FISA 

How does the government gain access to data if tech companies aren’t owned by the government?  

Everyone that encounters the internet (which, in the twenty-first century, is almost everyone on the planet), assumably uses tech platforms. These tech platforms, like Instagram or Google, all have parent companies that collect data on their users, despite any data privacy concerns these practices raise. The federal government has taken advantage of these blatant data privacy violations through the Foreign Intelligence Surveillance Act (FISA). Under this surveillance law, the government is granted full-range permission to access data, where it is available. That means if there are messages sent over iMessage that are available to Apple, they are also fully available to the federal government to access and read. Boiled down, FISA means that the safety of a user’s data relies entirely on what practices and platforms the user chooses to adhere to.  

Additionally, with the recent FISA update in April 2024, federal law enforcement may now be able to access data that is stored on a businesses’ servers. For example, if one user in Washington D.C. sends a message to another user in London using a restaurant’s Wi-Fi signal, law enforcement now has the authority to demand that the Wi-Fi provider provide them with access to the London user’s stored data.  

Which of your Information is Being Collected? 

The main Big Tech companies that collect user data are Amazon, Apple, Alphabet (i.e. Google services), Microsoft, and Meta (Facebook, Instagram, etc.). In particular, Meta, who made $117.9 billion USD in 2021, makes 97.5% of its revenue from advertising. The type of advertising that Meta engages in isn’t like the typical ads you see on YouTube while watching a video. Instead, Meta’s entire business model is built from collecting user data. From birth dates to phone numbers to personal messages to public comments, Meta uses it all to generate user data that can be resold to data brokers or advertising agencies. Essentially, by using Meta’s free services on Facebook and Instagram or any of their other platforms, your private information as the consumer is being converted into a multi-billion dollar generating product, all without you knowing.  

While Meta is the leader in collecting data, the other Big Tech companies that dominate our everyday lives follow similar practices. Alphabet’s Google is the most dominant search engine on the market, and it is also known as one of, if not the most, significant data miner because each search a user makes is essentially raw user data. Amazon stores even more sensitive information like credit card information and Social Security numbers. The bottom line is that you, as the consumer, have traded in your right to privacy as a product that funnels billions of dollars into the pockets of Big Tech CEOs and executives.  

Who Controls Your Information? 

Each tech company that collects user data stores it in large storage centers or in cloud storage. For example, if a user who searches for “Coffee Shops in Miami, Florida” uses Google Maps, Google collects the data associated with that user’s search and stores it in either cloud or a storage center. Depending on the technological platform utilized, there is data collected on nearly every single action a user takes that involves the internet. This means that every time a user uses Apple Maps to drive to a destination or searches for an account on Instagram, the data associated with each action is stored and the parent company has access to that data.  

There is a small caveat to this rule in that applications that are end-to-end encrypted (Signal, Telegram, etc.) provide the parent companies with limited ability to access a users’ data. End-to-end encryption, simplified, is the process that enables the data associated with an action (ex: a message) to remain entirely private. Even if using an end-to-end encrypted platform, there are also other secondary platforms that collect data, like the server being used to send a message. For example, if a user in California sends a message on Signal to a user in Texas, the engineers and executives at Signal are not able to see the message content because they physically don’t have the technology to access it. However, if the user using Signal in Texas has an iPhone and they back up their messages on their iCloud account, the message content can be accessible by Apple, but not by Signal, because Apple is not end-to-end encrypted and backing up data allows Apple access to the data associated with those messages.  

Ultimately, privacy on the internet is almost entirely dependent on the choices a user makes surrounding data privacy. If a user with an iPhone wants to ensure data privacy but uses text messages to send messages they intend to be private, unfortunately, the user has inadvertently chosen to provide Apple with access to their data and signed away their right to privacy.  

The Government is Working with Big Tech to Violate Your Privacy 

Because tech companies record data on every single action you take online, the federal government is working with Big Tech to take advantage of the inordinate amounts of data they possess.  

Through FISA, the federal government has turned tech companies and arbitrary businesses into proxy resources through which to surveil individuals. Essentially, they have backdoored themselves into the entire internet. It’s as if every time you send a text message, a copy of that message is sent to your phone company’s servers, but another copy of that message is also sent to the US government. In every conversation you ever have, you’re not just talking to whoever is on the other end of the receiving message. Unbeknownst to you, Big Tech and the federal government are also receiving your messages.  

Nothing is Private, But You Can Try to Make It 

Tech companies can gain access to your communications and user information unless the platforms you use are end-to-end encrypted. It is also essential to maintain safe cyber practices, like always updating one’s phone and apps, refraining from using public Wi-Fi, and practicing a healthy amount of skepticism. Essentially, if you want to be private, you must make the conscious decision to uphold privacy, but remember your communications are only as private as the people you’re communicating with. Because in today’s technological world, privacy is not the default. Surveillance is.  

Next Steps 

There isn’t much that can be done to protect ones privacy, other than using safer and more secure platforms of communication. That can be inconvenient and give a false sense of privacy for many American Muslims. But where surveillance of Muslim Americans is the default, your constitutional right to privacy doesn’t lie in the Constitution or the courts. It is your own responsibility. Educate yourself about your Fourth Amendment rights. 

 

This is the second article in an ongoing series on FISA by MLFA’s Criminal Defense Department. Read the first article here.