Utah’s Step-By-Step Strategy Against the Surveillance State
By: Mike Maharrey
When it comes to political activism, a lot of people think they have to accomplish everything all at once. They propose or demand what amounts to little more than an “all or nothing” strategy, but that’s actually the worst approach.
As Thomas Jefferson wrote in 1790, “The ground of liberty is to be gained by inches …We must be contented to secure the liberty we can get from time to time, And eternally press forward for what is yet to get.”
The American Revolutionaries certainly understood this first-hand. In response to the hated Townshend Acts, John Dickinson penned the most widely-read documents on American liberty until publication of Thomas Paine’s Common Sense in January, 1776.
The “Penman of the Revolution” signed off the first of his twelve Letters from a Farmer in Pennsylvania with an important maxim – Small things grow great by concord.
Dickinson wrote, and the colonists understood, that each step forward for liberty was essential, because, as Jefferson emphasized years later, “It takes time to persuade men to do even what is for their own good.”
When working to advance liberty against what is again the largest government in history, most people ignore – or are just completely unaware of – this essential strategic advice from the Founders.
For instance, when taking on the surveillance state, these all-or-nothing strategists think they have to dismantle everything from drone surveillance to license plate tracking, the NSA and FBI, and everything else – all in one piece of legislation. Any attempt to narrow the focus of a bill to something more likely to actually pass elicits cries of “compromise” or accusations of “watering down” the legislation.
The problem is it’s almost impossible to pass sweeping legislation that addresses every aspect of anything, much less something as massive and complex as the ever-growing national surveillance state.
Success against the largest government in history requires more than tough rhetoric or big talking in social media posts. It requires an incredibly good strategy – a step-by-step approach.
The national surveillance state has been growing in size and scope for decades. We won’t cut it back down to size in a day by passing a single bill.
Anyone promising you one is either lying to you, or more likely – has never made an effort beyond posting something online about how anything less than their idea is a “waste of time.”
Think about it.
If you were starving, you wouldn’t turn down a slice of bread just because it wasn’t the whole loaf. You’d eat the slice and then continue looking for more.
This is exactly the approach Utah has taken to push back against the surveillance state.
For more than a decade, starting in 2013, the Utah legislature has incrementally built some of the most robust privacy protections in the country with a step-by-step approach. Over that time, Utah chipped away at the surveillance state, passing at least eight separate laws limiting surveillance.
In 2013, the Automatic License Plate Reader System Act was signed into law, putting some modest limits on the government use of license plate readers, as well as sharing of captured plate data
In 2014, the Electronic Information Privacy Act was signed into law, making any electronic data obtained by law enforcement without a warrant inadmissible in a criminal proceeding. This includes information collected by Utah law enforcement, along with data gathered by the NSA and shared through the super secret Special Operations Division (SOD) or fusion centers. It also prohibits Utah law enforcement from obtaining phone location data without a warrant.
That same year, the state also restricted warrantless drone surveillance. Under the law, law enforcement agencies in Utah may not “obtain, receive, or use data acquired through an unmanned aerial vehicle unless the data is obtained pursuant to a search warrant or in accordance with judicially recognized exceptions to warrant requirements.” It also requires state government agencies to report drone use to the public.
In 2019, the state expanded the Electronic Information Privacy Act to ban warrantless access to data stored in the “cloud.”
In 2021, the state expanded the Electronic Information Privacy Act yet again to require police to get a warrant before accessing communication service provider networks.
Then in 2022, the state expanded restrictions on drone surveillance to also include “radar, sonar, infrared, or other remote sensing or detection technology.”
In 2023, Utah enacted a law limiting warrantless geofence location tracking and requiring detailed reporting on geofence warrants. The law requires police to get a warrant before obtaining reverse-location information for electronic devices within a geofence or by using cell cite records in most situations.
In effect, the passage of HB57 limits a process called “geofencing.” This technique allows police to search broad geographical areas and identify every electronic device in the area. They can then take that data and determine the identity of individuals near a given place at a given time. In practice, police use Google location data to engage in massive fishing expeditions and subject hundreds, if not thousands, of innocent people to police location tracking.
Most recently, in 2024, Utah placed some limits on warrantless biometric surveillance. The law prohibits government entities, including law enforcement agencies, from obtaining biometric surveillance information without a warrant and a publicly available written policy outlining the agency’s use of such biometric surveillance.
Biometric surveillance is defined as “the analysis of surveillance information using biometric software to identify an individual’s identity or location using the individual’s physical attributes or manner.”
This includes iris scans, voice recognition, heart rate scanners, software that analyzes a person’s gait or distinctive movements, etc. The law explicitly excludes facial recognition from the definition of biometric surveillance.
This progression demonstrates the effectiveness of Jefferson’s “inch by inch” strategy in action. The License Plate Reader Act passed in 2013, and the Electronic Privacy Act passed in 2014 were both relatively limited. They left much of the surveillance state intact. But they created a foundation that grassroots privacy advocates built on over time.
Individually, each of these small steps chipped away at government surveillance in Utah – inch by inch. Taken together, they provide people in Utah with some of the most robust privacy protections on the state level in these United States.
It’s impossible to deny the success of this step-by-step approach. There are far fewer avenues for warrantless surveillance in Utah today than there was in 2013.
Of course, there is still a lot more work to do, more steps to take, and more inches to be gained.
The legislature needs to strengthen all the restrictions passed in previous years, such as more robust limits on facial recognition surveillance and the use of license plate readers. It needs to withdraw support for the Utah Statewide Information and Analysis Center (SIAC), which is one of about 80 fusion centers located throughout the U.S. that facilitate spying on everybody.
It needs to ban the provisioning of resources to the NSA at the massive Bluffdale Data Center – and plenty more.
But what they do have that they didn’t in 2013 – is a much stronger foundation to build on.
As Samuel Adams put it, “Instead of sitting down satisfied with the efforts we have already made, which is the wish of our enemies, the necessity of the times, more than ever, calls for our utmost circumspection, deliberation, fortitude and perseverance.”