How Much Difference Would The Proposed Immunity Deal Make?:
Writing on the proposed deal to grant the telecom companies immunity in the lawsuits filed against them for working with the intelligence agencies, lawprof Michael Dorf suggests this analogy:
Suppose an FBI agent approached a generally law-abiding citizen that I'll call "Shmerizon," and the following conversation ensued.
FBI Agent: I'd like you to whack Shmarlos the Shmackal. He's a terrorist.
Shmerizon: By whack, you mean . . . .
FBI Agent: You know what I mean.
Shmerizon: Uhm, isn't that illegal?
FBI Agent: I'm with the government. If I tell you to do this in the interest of national security, it's not illegal. Understand?
  Shmerizon proceeds to kill Shmarlos, even though another citizen, Shmest, when presented with the same demand, refused to act without a court order. Now suppose that instead of prosecuting Shmerizon for murder, and without denying that what Shmerizon did was clearly illegal at the time notwithstanding the FBI Agent's statements, the government decides that Shermizon should be given retroactive immunity for the murder because he shouldn't be punished for helping out his government in time of need. Even assuming one finds Shmerizon's plight sympathetic, shouldn't the most minimal commitment to notions of government regularity require that any immunity for Shmerizon be coupled with some form of accountability on the part of the FBI Agent or his superiors who asked that Shmerizon commit murder?
  Is the only difference between this situation and the actual current proposal for immunity for the phone companies that violated FISA the fact that we think that murder, even of a bad guy like Shmarlos the Shmackal, is properly illegal, while President Bush and many in Congress think that FISA's restrictions were not just unwise but so grossly unwise as to vindicate anyone who ignored them?
  The answer to Michael's question is "no," and I think Michael's framing reveals a common misunderstanding about the proposed immunity deal. The telephone companies' liability turns out to be pretty different from the oft-debated question of whether the "Terrorist Surveillance Program" was legal. As a result, I think the immunity agreement is not quite the outrage many people in the blogosphere seem to think it is. To see why, we need to get a bit into the weeds of the surveillance statutes (oh goody!, you're thinking), but I hope it will be worth it to understand what's going on.

  Let's start with the lawsuits involving the so-called Terrorist Surveillance Program, the warrantless wiretapping program disclosed by the New York Times in December 2005. These lawsuits have long had a major hurdle, the existence of 18 U.S.C. 2511(2)(a)(ii)(B), a provision exempting the phone companies from liability for warantless monitoring if the Attorney General gives them a certification concluding such monitoring is legal. Here's what it says:
Notwithstanding any other law, providers of wire or electronic communication service, their officers, employees, and agents, landlords, custodians, or other persons, are authorized to provide information, facilities, or technical assistance to persons authorized by law to intercept wire, oral, or electronic communications or to conduct electronic surveillance, as defined in section 101 of the Foreign Intelligence Surveillance Act of 1978, if such provider, its officers, employees, or agents, landlord, custodian, or other specified person, has been provided with— . . . a certification in writing by . . . the Attorney General of the United States that no warrant or court order is required by law, that all statutory requirements have been met, and that the specified assistance is required[.]
  Under this exception, the phone companies are "off the hook" (so to speak) if they received the proper certification. Once they have the certification, they can help the government without triggering any liability. (In case you're wondering, I believe "persons authorized by law" means government agents, not persons doing something that in fact turns out to be lawful.) That's a really important exception, as press reports have indicated recently that the government did in fact provide the phone companies with a certification signed by the AG that no warrant or court order was required. (Unfortunately I don't have a link, because the clearest statement of this was something I heard on NPR a few days ago; I couldn't find the link to a good report on it, but I can search more if others doubt that there was in fact a certification.)

  Given 18 U.S.C. 2511(2)(a)(ii)(B), I think immunity for the lawsuits against the telcos has very different stakes than just the legality of the TSP. Assuming the accuracy of the press reports stating that there was a certification, Congress has already explicitly provided immunity for the telephone companies in these sorts of circumstances. The role of the immunity agreement is just to cut the litigation short that would prove the point.

  Consider how the lawsuits might play out without an immunity deal. The key item for discovery is of course the certification, which presumably explains the program and states the AG's conclusion (whether correct or not, and presumably without any reasoning) that the program is legal. The plaintiffs will say that they need to see the actual certification because they don't know if what the phone companies did is consistent with it; the government and the telcos will say that the state secrets privilege blocks the certification's disclosure. Assuming the certification explains the parameter of the program, that will surely be correct. Then the trial judge has to figure out if he can determine if the program actually did fit within the parameters of the certification, although he can't very well allow discovery into the program without once again running into the state secrets privilege. So presumably down the road the judge concludes he has to dismiss the claim under the state secrets privilege, and then the lawsuit spends another 5 years bouncing around the appellate courts until other courts agree. And then multiply that by all the other lawsuits, all of which presumably lead to the same outcome.

  We don't know all the facts, obviously, and maybe I'm just missing something obvious. But if I'm in the right ballpark, it seems to me that immunity agreement just cuts short the litigation that should end up being dismissed anyway without new legislation.

  My sense is that the proposed immunity agreement would have a more significant role with lawsuits involving the NSA Call Records program, the program involving voluntary disclosure of non-content records. A certification isn't enough here, because the disclosure of non-content records is not covered by 18 U.S.C. 2511(2)(a)(ii)(B). Here the key statute is the Stored Communications Act, which (to simplify things a bit — details here and here) bases liability on the provider's good faith belief that there was an emergency that allowed the disclosure.

  The immunity language in the proposed statute is limited to cases in which the telco was "described in a written request or directive from the Attorney General or the head of an element of the intelligence community (or the deputy of such person) to the electronic communication service provider indicating that the activity was (I) authorized by the President; and (II) determined to be lawful." If I had to guess, I would guess that the head of the NSA or the AG or someone wrote a written request to the phone companies asking them to participate and disclose their call records, and explaining that they thought there was an emergency that authorized the disclosure. The phone company lawyers presumably determined that on the basis of the government's request they had a good faith belief that there was in fact an emergency.

  If I'm right about this, the effect of the immunity deal would be to cut short the inquiry into the individual telephone companies' good faith in disclosing the records. I don't know exactly how you determine the good faith of a corporate entity, but presumably that requires some sort of hearing into the minds of the key decisionmakers. I suppose they would have to take the stand and testify as to what they were thinking, and a jury would have to say if the thought the corporate bigwigs had a good faith belief (and therefore there was no liability) or lacked such a belief (in which case the liability could go a long way toward bankrupting the telcos).

  If I'm right about this, I think the impact of an immunity deal would be to (a) cut short TSP litigation that won't be going anywhere anyway, and (b) to block the telcos from being subject to a "bet the company" lawsuit hinging on their good faith. I think there are arguments for or against the immunity in light of these stakes. But I don't think it's a case of immunizing the telephone companies for a blatantly illegal act, as Professor Dorf suggests with his analogy to a hypothetical murder.

  UPDATE: It occurs to me that the call records litigation would also raise major state secrets problems if the government officials told the telco folks some important details of investigations in order to persuade them that there was a real emergency justifying disclosure. If the NSA said something like, "we're tracking the following attacks, and we foiled this one and we need your help with that one" then those details would be highly relevant to show the telcos' good faith. That means you can't really get to the officials' good faith without getting into the details (in open court) of what the government told the telcos.