"This is really a bill which, if enacted into law, will be [a longer] step in the direction of stopping terrorism than any other we have had before this Congress in a long time," one of the bill's sponsors declared. The legislation authorized broad surveillance of financial transactions, bypassing the Fourth Amendment's normal protections against "unreasonable searches and seizures" by requiring businesses to collect and share information with the government. After the measure passed and was signed into law, the debate was far from over. The American Civil Liberties Union and other critics continued to rail against the law as an unnecessary breach of privacy.
"Under the act and regulations the reports go forward to the investigative or prosecuting agency...without notice to the customer," one civil libertarian wrote. "Delivery of the records without the requisite hearing of probable cause breaches the Fourth Amendment....I am not yet ready to agree that America is so possessed with evil that we must level all constitutional barriers to give our civil authorities the tools to catch terrorists."
But times have changed, one of the law's defenders countered. "While an act conferring such broad authority over transactions such as these might well surprise or even shock those who lived in an earlier era," he wrote, "the latter did not...live to see the heavy utilization of our domestic banking system by the minions of organized terrorism as well as by millions of legitimate businessmen." The author did not "think it was strange or irrational that Congress, having its attention called to what appeared to be serious and organized efforts to avoid detection of terrorist activity, should have legislated to rectify the situation."
These may sound like the arguments for and against the USA PATRIOT Act, passed immediately after the attacks of September 11, 2001. But they concern another piece of legislation, the Bank Secrecy Act (BSA) of 1970. The only change I made to these decades-old quotes was to substitute the word terrorist for criminal and terrorism for crime.
The congressman was Wright Patman, the populist Texas Democrat who pushed through the bill on the premise that it would help fight drug trafficking, tax evasion, and other crimes, including the then-prohibited ownership of gold as a commodity. The civil libertarian was Supreme Court Justice William O. Douglas. In the 1974 case California Bankers Association v. Shultz, Douglas wrote a dissent, joined by Justices William Brennan and Thurgood Marshall, concluding that the Bank Secrecy Act violated the Fourth Amendment. The final quote is from William Rehnquist, now the Court's chief justice, who wrote the majority opinion upholding the law.
Needle in a Haystack
The reason the arguments sound familiar is that the BSA set the precedent for much of the PATRIOT Act, not to mention government fishing expeditions such as the Pentagon's aborted Total Information Awareness program. The law authorized the government to require bank reports of all transactions over a dollar value set by the Treasury Department, even if there is no reason to suspect a criminal connection. For the first time, in the words of the U.S. District Court for the Northern District of California, "the government claim[ed] the legal right to maintain routine surveillance, without summons, subpoena, or warrant, over the details of citizens' financial transactions."
The district court struck down the BSA's reporting requirement, but its decision was reversed by the Supreme Court. In a complicated majority opinion, Rehnquist said that banks, as businesses, don't have the same Fourth Amendment rights as individuals. The opinion relied on the many post-New Deal cases that minimized economic liberties, including one that said "corporations can claim no equality with individuals in the enjoyment of a right to privacy." In this and in a subsequent BSA case, U.S. v. Miller (1976), the Court ruled that a bank's customers generally lack standing to challenge the law.
Law enforcement agencies thus found a convenient end run around the Fourth Amendment. They can access the details of a bank customer's transactions from the Treasury Department's Financial Crimes Enforcement Network (FinCEN) without showing probable cause -- or any evidence at all. That is why the PATRIOT Act's defenders argue that the law is not a radical departure from what the government already had the power to do. Writing in the Summer 2003 issue of City Journal, the Manhattan Institute's Heather Mac Donald accuses the PATRIOT Act's opponents of trying to "invent new rights," because it has long been the case that "there is no Fourth Amendment privacy right in records or other items disclosed to third parties."
While Mac Donald may be partly right about the case law, she overlooks two important questions. One is whether surveillance programs like FinCEN are consistent with the principles of a free society. The other is how effective they've been: Have we gotten more security during the last 30 years in exchange for the privacy we've sacrificed? Looking specifically at the BSA and other bank surveillance measures, prominent experts in law enforcement, national security, and technology say the answer is no. The record of FinCEN, the agency that was charged with tracking terrorist financing prior to 9/11, seems to vindicate their arguments. The lack of success with the financial information that the government has long been collecting does not bode well for more-ambitious data dredging plans. Indeed, experience suggests that piling up more data could make it harder to zero in on terrorists.
"I consider all these measures to be highly counterproductive," says John Yoder, director of the Justice Department's Asset Forfeiture Office in the Reagan administration. "It costs more to enforce and regulate them than the benefits that are received. You're getting so much data on people who are absolutely legitimate and who are doing nothing wrong. There's just so much paperwork out there that it's really not a targeted effort. You have investigators running around chasing innocent people, trying to find something that they're doing wrong, rather than targeting real criminals."
The paperwork is indeed massive. Even before the PATRIOT Act, banks sent more than 12 million transaction reports to the government in 2000 alone. In a 2000 report for the Competitive Enterprise Institute, economist Lawrence Lindsey, who later became head of the Bush administration's National Economic Council, calculated that banks file more than 100,000 reports on innocent customers for every money laundering conviction. Oliver "Buck" Revell, a highly decorated 30-year veteran of the FBI who supervised the bureau's counterterrorism division in the 1980s and '90s, agrees that the sheer volume of data generated by these measures can overwhelm law enforcement efforts. "You can be buried in an avalanche of information," Revell says. "The total volume of activity makes it very difficult to track and trace any type of specific information....It's virtually impossible to look at millions and millions of CTRs [currency transaction reports] and make any sense out of them if you don't have some prior intelligence as to what might be occurring."
Yoder argues that the information overload from bank surveillance contributed to the intelligence failure before the September 11 attacks. "We already had so much information that we weren't really focusing on the right stuff," he says. "What good does it do to gather more paperwork when you're already so awash in paperwork that you're not paying attention to your own currently existing intelligence gathering system?"
While it did not cite the BSA directly, the recently published Joint Congressional Inquiry report on intelligence lapses before 9/11 did find that law enforcement and intelligence agencies faced a "huge volume of intelligence reporting," within which were "various threads and pieces of information that, at least in retrospect, are relevant and significant." The report concluded that "although relevant information...was available to the Intelligence Community prior to September 11, 2001, the Community too often failed to focus on that information and consider and appreciate its collective significance in terms of a probable terrorist attack." This was partly because analysts were trying to find a needle in a very large haystack of data created by laws like the BSA.