On February 7, the Washington, D.C.-based Center for Public Integrity revealed that it had obtained a draft of proposed legislation, officially entitled “The Domestic Security Enhancement Act of 2003” but referred to unofficially, as it made the rounds of Capitol Hill, as “PATRIOT II.”  CPI made a scanned copy of the act available on its website and issued a special report outlining the major provisions of PATRIOT II, including new restrictions on Freedom of Information Act requests regarding suspected terrorists detained by the federal government; similar restrictions on access to any documents filed with the Environmental Protection Agency by companies that use dangerous chemicals, because such documents are required to outline a “worst-case scenario,” which, CPI noted, “the bill’s drafters refer to as ‘a roadmap for terrorists’”; the “creation of a DNA database on ‘suspected terrorists,’ expansively defined to include association with suspected terrorist groups”; the abolition of almost all federal consent decrees entered into by state and local law-enforcement agencies before September 11, 2001, because such decrees, which were ordered by courts as a result of “police spying abuses,” could hamper terrorism investigations; the presumptive denial of pretrial release to those charged with terrorism-related crimes; and the expansion of measures allowing for the expatriation of terrorists.

The public response was swift and stunning.  CPI’s website was swamped with requests for the file; because of the number of measures targeting electronic communications—particularly, such things as encryption of e-mail—and removing restrictions on federal demands for information from private businesses, particularly internet service providers (ISP’s), hundreds of “webloggers” published analyses of the proposed legislation.

Within days, the Department of Justice was claiming that PATRIOT II was merely a working document; within weeks, the proposed legislation was dead, marking perhaps the first major legislative triumph for the denizens of the web.

Many of the elements of PATRIOT II might not have withstood judicial scrutiny.  For instance, in expanding the federal government’s ability to expatriate terrorists, the bill, according to the Justice Department’s section-by-section analysis circulated with the draft, would have made “explicit that the intent to relinquish nationality need not be manifested in words, but can be inferred from conduct”—a stunning reversal of American tradition, which has always required citizens to renounce their citizenship explicitly (by, for instance, accepting citizenship in another country).  The legislation would have amended Section 349(a)(3)(B) of the Immigration and Nationality Act to allow expatriation of anyone “providing material support” to a terrorist organization (as defined by the attorney general—this could include, for instance, registered non-profit organizations in the United States), as long as that person provided such support with the intention of relinquishing nationality.  How, short of an explicit statement, could his intention be determined?  Well, the Immigration and Nationality Act would also be amended to provide that “The voluntary commission or performance of an act described in subsection (a)(3)(A)(i) or (B) [e.g., a donation] shall be prima facie evidence that the act was done with the intention of relinquishing United States nationality.”  Note that the government would not even have to prove that the person realized that he was supporting a terrorist organization.  You gave money to a terrorist organization with the intention of relinquishing your nationality.  How do we know you intended to relinquish your nationality?  You gave money to a terrorist organization . . . Such circular logic would likely have faced a court challenge.

Still, the popular uprising against PATRIOT II illustrated that judicial scrutiny is not the only roadblock that can be thrown in the path of the national-security juggernaut, and the victory encouraged activists to keep an eye out for similar legislation.

They found it in August, when Sen. Orrin Hatch (R-UT) began circulating draft legislation, cosponsored by Senators Jeff Sessions (R-AL), Lindsey Graham (R-SC), John Cornyn (R-TX), and Jon Kyl (R-AZ), entitled the “Vital Interdiction of Criminal Terrorist Organizations Act of 2003”—the VICTORY Act, for short (though you will search in vain for a “Y”).  Besides implying that there is such a thing as a noncriminal terrorist organization, the proposed legislation took as its stated aims (in the titles of its sections) “Combating Narco-Terrorists Who Aid and Support Terrorists or Terrorist Organizations,” “Preventing and Punishing International Money Laundering,” “National Drug Sentencing Reform,” “Protecting Children From Drug Traffickers and Preventing Drug-Related Violent Crime,” and “Providing the Tools Needed to Win the War Against Narco-Terrorism, Drug Traffickers Who Sell to Children, and Violent Drug Traffickers.”

While it is encouraging to see the federal government finally acknowledge the long-standing connection between drug-running and terrorism (particularly Islamic terrorism—both the U.S.-supported mujahideen in Afghanistan and the U.S.-supported Kosovo Liberation Army in the former Yugoslavia financed much of their operations through drugs), “the tools needed to win the war against narco-terrorism” turn out to be essentially the same domestic-surveillance tools that Attorney General John Ashcroft hoped to obtain through PATRIOT II.  (The Justice Department denies that it had any role in drafting Hatch’s legislation; great minds, it appears, just think alike.)

Title V of the VICTORY Act begins by adding drug trafficking to the list of “predicate crimes for authorization of interception of wire, oral, and electronic communications,” and it ends with a directive to the U.S. Sentencing Commission regarding narco-terrorism and drug trafficking, but the weapons wedged in between are useful beyond the drug war.  For instance, Section 505 expands the definition of wiretapping to allow the monitoring (with a court order) of all wireless communications.  Previously, wireless phones and computers were covered and, indeed, are even subject to roving wiretaps; this provision states that “the term ‘wireless’ means the use of electromagnetic waves (rather than some form of wire) to carry a signal over a communication path.”  Under that definition, presumably even wireless keyboards could be monitored and every keystroke recorded—which would provide a remarkable end run around having to obtain a warrant to examine the contents of a computer’s hard drive.  (Ironically, since September 11, the Office of Homeland Security has repeatedly claimed that unsecured wireless access points on computer networks present a potential terrorist danger.)

Many of the VICTORY Act’s measures seem aimed at restricting the civil-libertarian tendencies of certain judges, effectively repealing the Miranda decision and gutting Fourth Amendment prohibitions against unreasonable search and seizure.  For instance, Section 502 states that “A court may not grant a motion to suppress the contents of a wire or oral communication, or evidence derived therefrom, unless the court finds that the violation of this chapter involved bad faith by law enforcement.”

Reviving a measure from the failed PATRIOT II, the VICTORY Act introduces the concept of an “administrative subpoena,” which, as the Washington, D.C.-based Center for Democracy & Technology notes,

is essentially a piece of paper signed by an FBI agent that requires any recipient to disclose any documents (or any other tangible things).  [It] would also compel a person to give testimony, essentially forcing anyone to talk to the FBI.  Administrative subpoenas are issued with no prior judicial, prosecutorial or grand jury approval.

That is just the beginning, however.  Section 504 of the VICTORY Act provides that,

If an administrative subpoena is issued under this section to a provider of an electronic communication service . . . or remote computing service . . . , the Attorney General may


(A) delay notification to the subscriber or customer to whom the record pertains . . . ; and

(B) apply to a court . . . for an order commanding the provider of an electronic communication service or remote computing service, for such period as the court determines appropriate, not to notify any other person [e.g., the customer or subscriber] of the existence of the subpoena or court order.

Similar provisions would apply when administrative subpoenas are issued for financial records.

One of the most disturbing aspects of the VICTORY Act is the extent to which it enlists private citizens in the government’s security work.  Section 504 goes on to state that

Any person, including officers, agents, and employees, who in good faith produce the records or items requested in a subpoena shall not be liable in any court of any State or the United States to any customer or other person for such production or for nondisclosure of that production to the customer, in compliance with the terms of a court order for nondisclosure.

Lawyers may debate at what point an administrative subpoena becomes a warrantless search (though that point would seem to be reached rather quickly when we are dealing with electronic communications), but ISP’s and banks likely will not.  As the Center for Democracy & Technology points out,

Most—if not all—administrative subpoenas for records would be issued to third-party businesses to get information about their customers.  The business has immunity for complying . . . and little incentive to spend its money challenging a subpoena for records that pertain to someone else.  And since the business is prohibited from notifying its customer of the existence of the subpoena, the customer can never exercise his right to challenge the subpoena.

This last measure is similar to provisions found in the Cybersecurity Enhancement Act (CSEA), a section of the Homeland Security Act, which was passed by Congress in 2002.  Before the PATRIOT Act, it was basically illegal for an ISP to divulge information about a customer or his activities online without being presented with a warrant.  The PATRIOT Act, however, allowed an ISP to reveal such information if it had a “reasonable belief” that the information pertained to the commission of a crime.  While that standard was considerably looser than the requirement of a warrant, it still provided some measure of protection, because a customer could sue his ISP for handing over information, and the ISP would then have to prove that it had a “reasonable belief” that the customer had committed, or was going to commit, a crime.  Most ISP’s, of course, would err on the side of caution and continue to insist on being presented with a warrant.

Under the CSEA, however,

A person or entity may divulge the contents of a communication . . . to a Federal, State, or local governmental entity, if the provider, in good faith, believes that an emergency involving danger of death or serious physical injury to any person requires disclosure without delay of communications relating to the emergency.

What constitutes good faith?  In this context, simply believing a federal, state, or local governmental entity when it tells you that the situation is an emergency.  Under the VICTORY Act, an administrative subpoena, signed by the agent who serves it, will function as a “Get Out of Jail Free” card for the ISP.

As we go to press (October 8), the VICTORY Act still has not been introduced into the Senate, even though Senator Hatch was expected to do so in August or September, in conjunction with Attorney General Ashcroft’s nationwide tour to drum up support for extensions to the PATRIOT Act.  With a presidential election year fast approaching, Ashcroft’s tour a failure, and former White House counsel John Dean recently comparing President Bush’s team unfavorably to President Nixon’s, Senator Hatch may have decided that the greatest victory may be no VICTORY at all.