NOTOS

A Terms of Service, or TOS, is a legal agreement most services require a user must sign before they can use the service. It is standard procedure to list what the company will and will not provide, along with expected service usage by the customer. Expected usage is sometimes put into a separate Acceptable Use Policy, or AUP.

But the internet is an interesting service, in that, it is not an actual service. It is a connection of many networks, all provided through various internet service providers, or ISPs. These ISPs provide a buffer between a user and the “internet” and have their own TOS and/or AUP.

So how does the NSA get this data? The simplified explanation is they arrive at an internet service such as Google, Microsoft, Apple, Verizon, AT&T, etc. and provide a legal document stating they must comply with the document to provide access to their users, they cannot tell anyone about the document, and if they don’t comply, “bad things will happen”.

This places a service provider in a unique position. If they comply, they may effectively be violating their own TOS. But if they don’t comply, the government will do “bad things”. It has been recently revealed that this is accomplished by a contractor who, under federal government orders, is to install a splitter on the provider’s network that sends all traffic from their service to the NSA. All on the provider’s dollar and that they must keep it running.

The result is that if the provider complies, they can selectively send (meta)data, otherwise they send all data. Including irrelevant data such as a phone call ordering pizza from the office. As a result, most service providers opt to provide the data so they can filter it before sending it to the NSA.

If the United States had a federally mandated terms of service for accessing the internet, it would effectively remove any legal barrier that a service provider can stand behind by requiring any service provider to send data to the NSA without needing a legal subpoena. Effectively circumventing the 4^th and 5^th amendments without providing any legal floor for a plaintive to stand on if they try to argue against the unwarranted seizure of their data because the TOS grants the NSA, and the government as a whole, that ability.

By preventing institution of a country wide, federally mandated TOS, the NSA and government agencies must go through legal court orders to retrieve said data, and because companies are protective of their information and would want to mitigate potential customer lawsuit, they have a low chance of providing any more than the metadata that a company is willing to provide.

Of course, even with the FISA courts stating that US citizen privacy and the Constitution have been violated by the NSA many times, and the creator of the PATRIOT Act himself stating that the agencies have overstepped their legal obligations under said law. The NSA continues to request and retrieve the data under false pretense of what the PATRIOT Act allows. But, as there is no TOS stating that a US citizen may have their rights infringed at any period of time in the name of security, the law and NSA can be changed to remove the offending collection practices. Though there is always the risk that a new or incumbent politician or lawyer may infact decide to build upon the law and agency to increase what they are allowed to do, on which We the People are entitled and encouraged to remove said person of office and replace them with someone who’s ideology and stances are more in line with the people he or she represents.

It must also be noted that if you are not a US citizen, you may be out of luck. That is, without your own government stepping in to pressure the US Federal Government to reduce the mass data collection that occurs at an even greater rate from non-US citizens. But that is for another blog post.