The decision did not uphold the constitutionality of the Protect America Act in all cases, but rather approved the Act only as it was applied to one company.  The court declined to consider whether the PAA or any of its provisions were constitutional on their face or whether abuses had occurred or could occur in different contexts.  As the court stated, it “may not speculate about the validity of the law as it might be applied in different ways or on different facts.”  Instead, the court ruled solely on the constitutionality of the directives, issued pursuant to the PAA, to one company.

The decision placed the burden of proof on the company to identify problems related to the implementation of the law, information to which the company did not have access.  The court upheld the constitutionality of the PAA, as applied, without the benefit of an effective adversarial process.  The court concluded that “[t]he record supports the government.  Notwithstanding the parade of horribles trotted out by the petitioner, it has presented no evidence of any actual harm, any egregious risk of error, or any broad potential for abuse in the circumstances of the instant case.”  However, the company did not have access to all relevant information, including problems related to the implementation of the PAA.  Senator Feingold, who has repeatedly raised concerns about the implementation of the PAA and its successor, the FISA Amendments Act (“FAA”), in classified communications with the Director of National Intelligence and the Attorney General, has stated that the court’s analysis would have been fundamentally altered had the company had access to this information and been able to bring it before the court.

In the absence of specific complaints from the company, the court relied on the good faith of the government.  As the court concluded, “[w]ithout something more than a purely speculative set of imaginings, we cannot infer that the purpose of the directives (and, thus, of the surveillance) is other than their stated purpose… The petitioner suggests that, by placing discretion entirely in the hands of the Executive Branch without prior judicial involvement, the procedures cede to that Branch overly broad power that invites abuse.  But this is little more than a lament about the risk that government officials will not operate in good faith.”  One example of the court’s deference to the government concerns minimization procedures, which require the government to limit the dissemination of information about Americans that it collects in the course of its surveillance.  Because the company did not raise concerns about minimization, the court “s[aw] no reason to question the adequacy of the minimization protocol.”  And yet, the existence of adequate minimization procedures, as applied in this case, was central to the court’s constitutional analysis. 

The decision points to the importance of congressional action to defend the rights and privacy of Americans and ensure checks and balances.  By limiting its review of the PAA to its application to one company, and by effectively requiring evidence from the company to which the company does not have access, the court underscored the need for statutory protections.  Members of Congress have access to critical information related to problems in the implementation of the PAA and the FAA – problems that can be addressed through amendments to the FAA.  Congress also has the responsibility to anticipate the potential for abuse and put in place privacy and civil liberty protections and a system of checks and balances, including adequate oversight by the court itself.