Government investigators now face a few more hurdles when seeking reporters' records.
The U.S. Department of Justice on Friday published new guidelines intended to limit government access to journalists' records, unless the records at issue belong to a journalist facing a criminal investigation.
The guidelines arise from a directive from President Obama in May that instructed the DOJ to review the use of law enforcement tools, such as subpoenas and warrants, for obtaining information from members of the media.
"The Department of Justice is firmly committed to ensuring our nation's security, and protecting the American people, while at the same time safeguarding the freedom of the press," said Attorney General Eric Holder in a statement. "These revised guidelines will help ensure the proper balance is struck when pursuing investigations into unauthorized disclosures."
In theory, journalists and their records are protected by the First Amendment guarantee that Congress shall make no law abridging the freedom of the press and the Fourth Amendment guarantee against unreasonable searches and seizures, not to mention the Privacy Protection Act of 1980 and other laws. But at a time when the scope of privacy law can be altered by secret legal interpretation, it's perhaps unsurprising that privacy protections have not protected reporters as well as media organizations would like.
The revisions to the Department of Justice's News Media Policies follow widespread criticism of the government's aggressive investigation of leaks, including a 2009 security leak inquiry that cast Fox News reporter James Rosen as a co-conspirator in the disclosure of secret information, and a separate leak investigation for which the government obtained the records of more than 20 phone lines used by Associated Press reporters.
The government obtained access to Rosen's Google Gmail account through a search warrant granted on the basis of an FBI agent's affidavit. As revealed by the Washington Post, the affidavit compared Rosen's reporting to spying, stating that Rosen sought government information through flattery from his source, Stephen Jin-Woo Kim, who at the time was a State Department analyst and has since been indicted for espionage.
"Much like an intelligence officer would run an [sic] clandestine intelligence source, the Reporter instructed Mr. Kim on a covert communications plan..." the agent's affidavit states, a view that media organizations decried as an attempt to criminalize reporting.
In May, following reports about the targeting of Rosen, Bruce Brow, executive director of Reporters Committee for Freedom of the Press, condemned the government's tactics. "The Justice Department's decision to treat routine news gathering efforts as evidence of criminality is extremely troubling and corrodes time-honored understandings between the public and the government about the role of the free press," he said in a statement.
The Justice Department's new guidelines do not completely preclude the possibility that the government will seek and obtain access to reporters' records and communications, but they do add some bureaucratic speed bumps that should make seizing reporters' data more unusual.
The rules make it harder to obtain emails and other communications data by making them subject to the same legal standards as phone records.
The rules call for media organizations to receive advance notice if investigators seek a reporter's records, except in circumstances when notification could be expected to cause substantial harm to the integrity of the investigation. Previously, advance notification would only be offered if the attorney general determined such notification would not be harmful. So henceforth, notice is intended to be the norm rather than the exception.
The maximum notification delay allowed will drop from 90 to 45 days, though the attorney general will retain the right to extend that period an additional 45 days.
In cases where the DOJ is asked to investigate the leak of national security information, the rules require the Director of National Intelligence to certify that the leak caused significant harm to national security before reporters' records can be sought. As an additional safeguard, the Department of Justice's Criminal Division Office of Enforcement will review all requests to obtain information from members of the media.
The DOJ will also establish an internal News Media Review Committee, to evaluate investigatory requests to obtain reporters' information, and a News Media Dialogue Group, to engage with the press on this issue. The agency intends to implement written guidance and training requirements for U.S. attorneys.
Finally, the rules call for the DOJ and other administration officials to find ways in which security-leak cases can be handled internally by intelligence agencies, such as clearance revocation and individual sanctions, in order to avoid magnifying unauthorized disclosures through public hearings and legal action.
One thing not made clear in the DOJ's revised guidelines is just who qualifies as "member of the news media" in an era when everyone with an Internet account can commit an act of journalism.
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Digital Transformation Myths & TruthsTransformation is on every IT organization's to-do list, but effectively transforming IT means a major shift in technology as well as business models and culture. In this IT Trend Report, we examine some of the misconceptions of digital transformation and look at steps you can take to succeed technically and culturally.