The previous chapter examined how algorithmic outputs enter the courtroom and what legal standards govern their admissibility. This chapter steps back to the earlier stage — before the courtroom, before the investigation, before any identified suspect — to examine the legal architecture of mass surveillance: the collection and automated analysis of population-scale data streams in order to identify persons of interest.
That is the logical endpoint of the transformation that the preceding modules have documented. COMPAS and the PSA operate on identified defendants. Clearview AI generates candidate matches from identified probe images. Predictive policing targets identified geographic areas. Mass surveillance systems, by contrast, begin with no suspect and no specific target. They begin with data — communications content, metadata, location signals, behavioral patterns — and use algorithmic tools to produce suspects from that data. The constitutional and regulatory questions that system raises are the most structurally consequential of any examined in this book.
I. The structural shift: from targeted to population-level surveillance
U.S. Constitution, Amendment IV Foreign Intelligence Surveillance Act of 1978, 50 U.S.C. § 1801 et seq.
For most of the twentieth century, government surveillance followed a model constrained by human limitations. Investigators had to identify a target, obtain legal authorization, and deploy resources — telephone wiretaps, mail interception, physical surveillance — against specific individuals. Each operation consumed time and required judicial approval. Surveillance was therefore exceptional rather than routine.
Artificial intelligence has changed that structure along two dimensions simultaneously. First, it has eliminated the human bottleneck in data analysis: machine learning systems can process volumes of communication data that no human analyst could examine. Second, it has inverted the investigative sequence: instead of starting with a suspect and collecting evidence, these systems start with data and produce suspect candidates algorithmically. The result is a model often described as bulk interception combined with automated analysis — the collection of population-scale data followed by algorithmic triage.
For lawyers, the constitutional significance of that inversion is direct. Most Fourth Amendment doctrine was built around the traditional model, in which individualized suspicion preceded collection. Where collection precedes suspicion — where the government first acquires data about everyone and then uses algorithms to identify persons of interest — the doctrinal framework requires significant extension to reach the problem.
II. The US legal framework: FISA, Section 702, and the pending reauthorization
Foreign Intelligence Surveillance Act of 1978, 50 U.S.C. § 1801 et seq. Foreign Intelligence Surveillance Act, Section 702, 50 U.S.C. § 1881a Reforming Intelligence and Securing America Act, Pub. L. No. 118-49, 138 Stat. 862 (April 20, 2024)
The Foreign Intelligence Surveillance Act, enacted in 1978 in response to documented executive branch surveillance abuses, established the Foreign Intelligence Surveillance Court as a specialized judicial body to oversee intelligence-related surveillance applications. The statute created a framework in which the government must seek judicial authorization before conducting electronic surveillance of identified persons within the United States for foreign intelligence purposes — a requirement that distinguished it from traditional law enforcement surveillance but still retained individual targeting as the baseline.
Section 702 of FISA, enacted through the FISA Amendments Act of 2008 and codified at 50 U.S.C. § 1881a, fundamentally altered that baseline for surveillance of non-US persons abroad. Section 702 permits US intelligence agencies — principally the NSA, CIA, and FBI — to collect communications of non-US persons believed to be located outside the United States without obtaining individualized warrants. The FISA Court authorizes Section 702 collection through annual certifications covering categories of foreign intelligence targets, rather than through individualized applications for specific persons. The government does not have to seek court authorization for every individual it targets under those certifications.
The inevitable consequence of that structure is what practitioners call incidental collection: when non-US persons communicate with US persons, those communications — and the US person’s end — are collected as part of the authorized surveillance. Those incidentally collected communications can then be queried by law enforcement agencies using US person identifiers. The warrant requirement that would otherwise govern collection of US persons’ communications is bypassed through the Section 702 architecture.
Section 702 is subject to statutory sunset provisions requiring periodic congressional reauthorization. The most recent reauthorization — the Reforming Intelligence and Securing America Act, Pub. L. No. 118-49, enacted on April 20, 2024 — extended Section 702 for two years and enacted several amendments. RISAA prohibited FBI queries designed solely to find evidence of criminal activity, absent a threat to life or serious bodily harm; required written justification and supervisor approval for queries; and expanded the definition of electronic communication service provider to encompass entities that have access to equipment used to transmit or store electronic communications — a provision critics argued significantly extended warrantless surveillance to new categories of entities. Section 702 will sunset on April 20, 2026, absent further congressional action. At the time this chapter was written, reauthorization hearings were underway and the outcome remained uncertain.
That sunset is not merely a policy fact. It is a litigation fact. A criminal defendant whose case rests on evidence derived from Section 702 collection has a direct interest in whether the authority under which that evidence was obtained was lawfully reauthorized, whether the specific collection complied with RISAA’s querying restrictions, and whether the incidental collection was handled in accordance with the minimization procedures approved by the FISA Court.
III. The third-party doctrine and its limits
Smith v. Maryland, 442 U.S. 735 (1979) United States v. Miller, 425 U.S. 435 (1976) Carpenter v. United States, 585 U.S. 296 (2018)
The third-party doctrine, developed in Smith v. Maryland, 442 U.S. 735 (1979), and United States v. Miller, 425 U.S. 435 (1976), established that individuals have no reasonable expectation of privacy under the Fourth Amendment in information they voluntarily disclose to third parties. In Smith, the Court held that telephone call records — numbers dialed, not content — held by the telephone company were not protected because the user had voluntarily conveyed that information to the carrier. In Miller, the Court held that bank records were similarly unprotected.
Artificial intelligence dramatically amplifies the legal consequences of that doctrine. Virtually every digital activity generates metadata held by third parties: GPS location coordinates logged by mobile carriers, financial transaction records held by banks and payment processors, internet browsing history retained by service providers, communications metadata stored by platform operators. If the government can access and analyze these datasets through machine learning systems without individualized warrants — because the data is held by third parties — the result is the capacity to reconstruct comprehensive behavioral profiles of individuals without touching the Fourth Amendment at all.
Carpenter v. United States, 585 U.S. 296 (2018), as established in Chapter 24, established that obtaining 127 days of historical cell-site location information required a warrant because the data revealed the whole of a person’s physical movements. Chief Justice Roberts’s opinion recognized that the traditional third-party doctrine, developed for discrete and limited record disclosures, does not translate automatically to digital data that is generated automatically, comprehensively, and without any meaningful act of voluntary disclosure by the user. The Carpenter majority expressly declined to disturb Smith and Miller, and declined to define the precise contours of its holding, leaving the outer boundary of the third-party doctrine’s erosion for future cases. What Carpenter established is the principle: that digital aggregation at scale can constitute a Fourth Amendment search even when each data point, considered individually, would not.
Applied to AI-assisted mass surveillance, the Carpenter principle supports Fourth Amendment challenges to government programs that use machine learning to aggregate, correlate, and analyze metadata from multiple third-party sources without individualized warrants. The argument is not that each metadata type is independently protected — Carpenter did not hold that — but that the algorithmic combination of multiple streams of third-party-held data, producing a comprehensive behavioral profile, crosses the threshold Carpenter identified: the point at which the government’s surveillance power becomes qualitatively different from what any person could have understood they were exposing to third parties.
That argument has not been definitively resolved by the Supreme Court. But it is preserved, available, and supported by the Carpenter majority’s own reasoning about the nature of digital data.
IV. The EU framework: ECHR Article 8 and AI Act Article 5
European Convention on Human Rights, Article 8 Big Brother Watch and Others v. The United Kingdom [2021] ECHR 439 (Grand Chamber, May 25, 2021) EU AI Act, Regulation (EU) 2024/1689, Article 5(1)(d)
European law approaches mass surveillance through two overlapping frameworks: the European Convention on Human Rights and the EU AI Act.
ECHR Article 8. The European Court of Human Rights addressed bulk interception comprehensively in Big Brother Watch and Others v. The United Kingdom, Grand Chamber, May 25, 2021 [2021] ECHR 439 — the first major ECtHR ruling on mass surveillance since the 2013 Snowden revelations. The judgment’s central holding is more nuanced than it is sometimes described. The Grand Chamber confirmed that bulk interception regimes do not violate Article 8 per se and that contracting states enjoy a wide margin of appreciation in deciding what surveillance measures are necessary to protect national security. The violation the Court found was procedural rather than substantive: the UK’s then-operative regime under the Regulation of Investigatory Powers Act 2000 lacked sufficient independent oversight of the selectors and search criteria used to filter intercepted communications and lacked adequate safeguards applicable to the selection of related communications data for examination. Those deficiencies rendered the program incompatible with the requirement that surveillance be necessary in a democratic society — not because bulk interception is categorically impermissible, but because this bulk interception regime lacked the safeguards that make it so.
The legal significance for mass surveillance generally is that Big Brother Watch establishes a floor of procedural requirements, not a prohibition. A bulk interception regime that is authorized by law with sufficient precision, subject to independent authorization, scoped by subject matter rather than unlimited in its selectors, and subject to meaningful oversight and ex post facto review can satisfy Article 8 under the Grand Chamber’s framework. A regime that lacks any of those structural elements — as the UK’s RIPA regime did in 2013 — cannot.
AI Act Article 5. The EU AI Act’s contribution to the mass surveillance framework is found in Article 5(1)(d) of Regulation (EU) 2024/1689, which prohibits AI systems used to assess or predict the risk of natural persons committing criminal offences based solely on profiling or on personality traits and characteristics, and in Article 5(1)(e), which prohibits untargeted scraping of facial images to create or expand recognition databases. These provisions, effective February 2, 2025, address specific automated surveillance techniques that the Big Brother Watch framework does not directly reach: not bulk interception itself, but the algorithmic profiling and biometric indexing that increasingly accompany it.
The structural difference between the EU and US approaches is worth stating precisely. In the US, legal challenges to mass surveillance are primarily reactive — a defendant whose prosecution rests on surveillance-derived evidence raises Fourth Amendment challenges in the course of the criminal proceeding. In the EU, legal challenges can be proactive — a surveillance system that violates Article 8 ECHR or Article 5 of the AI Act is subject to regulatory action before any prosecution is built on its output.
V. The national security exception revisited
As established in Chapter 15
Chapter 15 examined the national security exception in detail — the carve-out under EU AI Act Article 2(3) and TEU Article 4(2) for national security activities, and the parallel state secrets and FISA § 1806(f) frameworks in US law. That analysis applies directly to the mass surveillance context. Both the FISA Section 702 architecture and the bulk interception regimes examined in Big Brother Watch operate in the space where national security authority is broadest and judicial oversight is most limited.
For criminal defense lawyers, the practical consequence is the one established in Chapter 15: the national security designation does not eliminate the constitutional or human rights analysis, but it significantly limits the procedural tools available to challenge the underlying collection. Where Section 702-derived evidence reaches a criminal prosecution — through the incidental collection and backdoor search mechanism — the defense must challenge the evidence at the point where it enters the criminal proceeding, not at the point of collection. That means challenging whether the evidence was disclosed in accordance with FISA § 1806(c)’s notice requirements, whether the specific queries used to identify the defendant complied with RISAA’s restrictions, and whether the minimization procedures that govern how incidentally collected US person information is handled were followed.
VI. Practical litigation tools
Foreign Intelligence Surveillance Act, 50 U.S.C. § 1806(c) and (f) U.S. Constitution, Amendments I and IV
When a criminal prosecution rests on evidence derived from mass surveillance, several procedural tools are available.
FISA § 1806(c) requires the government to notify defendants when it intends to use or disclose information obtained through FISA-authorized surveillance. That notice obligation is the defense’s entry point: without it, the defense cannot challenge the surveillance. Where notice has been given, the defense may move to suppress FISA-derived evidence, and the court — in camera and ex parte if necessary — may review the FISA materials to determine whether the surveillance was lawfully authorized and conducted in accordance with the statute and applicable procedures.
The Fourth Amendment suppression motion is available where the collection departed from the authorized framework in ways that would constitute an unlawful search. The Carpenter argument — that algorithmic aggregation of third-party metadata at scale constitutes a search requiring individualized authorization — is available where the collection methodology extends beyond what the FISA Court’s certification authorized.
First Amendment considerations arise where surveillance targets communications associated with political, religious, or journalistic activity. Big Brother Watch identified those categories as requiring heightened procedural safeguards under Article 10 ECHR; a parallel argument under the First Amendment’s protection of associational and expressive activity is available in domestic criminal proceedings.
Next: Chapter 31 — Rectification in criminal proceedings: Brady v. Maryland and the GDPR Article 16 framework.
Leave a Reply