You're talking about the right "against unreasonable searches and seizures" ?
It's not clear whether "the people" means the people of the United States, or everyone, since the Constitution usually says "citizens" or "persons". So it could apply only to US citizens. If that's the case, the NSA doesn't know if it's data about a citizen or not, and once it figures that out the data gets dumped.
If it should apply to everyone, then we have to define what is reasonable. Is it reasonable to capture all available information in the hope that it cracks open a lead? That's the current argument.
If you intentionally use SSL, Tor, PGP, or any other privacy tool, do you have an expectation of privacy?
This is an important argument. If you send a letter in an envelope, you expect that it will remain unopened until it gets to the recipient, and society generally agrees. If you send a postcard, you have no expectation of privacy. If you are convinced that all mail is private because sealed letters are private, you have an expectation of privacy. But most of society would see that no such expectation is legitimate.
If you use HTTP or POP or some instant messenger, all without encryption, you may *expect* privacy even though you are sending data to third parties, and it might get copied, and not just moved. Society in general would agree that people would expect it to be private - but if they knew how the internet works, they would probably change their minds.
If you use Tor, you obviously expect privacy, and society would agree. But here's the tricky part. The exit node has unencrypted data. Considering that some data includes IP addresses inside the packets, not just in the TCP or UDP headers, you are not always as anonymous as you think.
Now, if knowing the technical details makes you change your expectation of privacy, do you really have an expectation of privacy? There are lots of people who are prosecuted based on social media like FaceBook. They expected privacy, and obviously are just idiots.
Phone records and backing information has been "knowingly exposed" to a third party, even if you expect them to keep it to themselves. Police can just ask for those, and the phone company or bank can just hand the information over. They can refuse, but do so infrequently from what I can tell.
When you use HTTP, you may not consider your ISP, the hosting provider, or any intermediate hops, and society as a whole may expect privacy there, not knowing the technical details. When you use Tor, however, it is reasonable to assume that you know a little about it, at least enough to know why you want to use it.
The front page of the Tor project leads you to believe you are perfectly safe. The "Learn more" link shows red links that are "in the clear". Because Tor is an "anonymizing" solution, it never makes the claim that your information will never be revealed - only the source of it.
If an exit node can save every bit of data that goes in and out, do you really have an expectation of privacy? Or have you exposed information to a third party, which removes that expectation? I would argue that the ignorant masses would agree that HTTP does have an expectation, while the more informed Tor users knowingly give information to a third party, removing that expectation. Tor users retain an expectation of anonymity, which has nothing to do with the fourth amendment.
For the record, I believe that siphoning all Tor data is not what the founding fathers intended. But a legal challenge will only cement it in case law, eventually. Especially since the policy is to dump data that is essentially inside the US only. We don't have to trust them - they are interested in foreign data.
It is unlikely that a US citizen would have standing to bring a lawsuit to even challenge this. Once they know they have US data, it becomes uninteresting. Until then, they don't know that's what they have, and you are unlikely to be able to prove that you were harmed without identifying your data, which involves you revealing your *identity* to the NSA, defeating the purpose of anonymizing. If you have standing to sue, you would have to be using Tor for the sole purpose of having your data captured so you have standing to complain about exactly what you knew would happen - removing your expectation of privacy.