By Lawrence Wilson
The law authorizing warrantless searches of data on U.S. citizens by the federal government has been so consistently abused that it must be either thoroughly revised or allowed to expire this year, surveillance and privacy advocates say.
“A law designed to provide tools to collect foreign intelligence and prevent terrorist attacks has been warped into a domestic spy tool that has been used millions of times over the past three years to target Americans,” said Chair Andy Biggs (R-Ariz.) said at a July 14 hearing of the House Judiciary Subcommittee on Crime and Federal Government Surveillance.
The hearing examined whether the law—Section 702 of the Federal Intelligence Surveillance Act of 1978 (FISA)—should be revised to prevent future abuses or allowed to sunset.
Witnesses testifying before the subcommittee and the members themselves appeared unanimous in thinking that Congress must take some action on Section 702 to protect the privacy of U.S. citizens.
FISA prescribes procedures for the collection of information by the federal government on U.S. soil.
After the 9/11 attacks, the law was amended through the Patriot Act to guard against the threat of terrorism in the digital age. It was later amended in response to the 2005 revelation of the Stellar Wind operation, a domestic surveillance operation.
Those amendments established a Federal Intelligence Surveillance Court in 2007, and the addition of Section 702 in 2008 to authorize targeted electronic surveillance of overseas subjects.
That includes the collection of phone calls, text messages, and emails of foreign nationals overseas—even if those communications involve a U.S. citizen—and the data can then be searched by U.S. agencies in connection with national security investigations.
Under rules approved by the FISC, any search of that data involving a U.S. citizen must be for the purpose of retrieving foreign intelligence information or evidence of a crime, be reasonably designed to avoid unnecessarily retrieving information not related to the purpose and be justified by a specific factual basis.
Those rules have often been violated.
“We know that the National Security Agency and Department of Justice have repeatedly reported the unauthorized use of backdoor searches of the 702 database.
“And, as a release from the Brennan Center pointed out, internal oversight measures, hailed as robust, failed to prevent flagrant abuses, including 133 warrantless searches aimed at Black Lives Matter protesters and 19,000 searches for communications to a single congressional campaign,” said ranking member Sheila Jackson Lee (D-Texas).
In 2021, the FISC found “widespread violations” of the rules. Those violations included searches for the communications of government officials, journalists, political commentators, and a member of Congress.
FBI Director Christopher Wray implemented procedural changes for FISA queries in 2021 and 2022, which provided a 90 percent improvement in compliance.
“The bureau is implementing further measures both to keep improving our compliance and to hold our personnel accountable for misuse of Section 702 and other FISA provisions—including through an escalating scheme for employee discipline, culminating in possible dismissal,” Mr. Wray told the House Judiciary Committee on July 12.
That’s not good enough for Rep. Jerrold Nadler (D-N.Y.), ranking member of the full Judiciary Committee.
“Chairman Biggs and I agree on very little, but here is one place we agree,” Mr. Nadler said at the subcommittee hearing. “Whatever we think of the last administration, whatever we think of the current administration, we cannot count on the next administration to get this right.
“We have to build a Section 702 regime that fully respects our privacy no matter who’s in charge. Not 90 percent. All of our privacy.”
Amend or Abandon?
One option for dealing with the law would be to allow it to sunset. Rep. Matt Gaetz (R-Fla.) favored that option. “The patient is not saveable,” Mr. Gaetz.
Jonathan Turley, a professor at George Washington University Law School, said that was a viable option.
“The question is whether Congress feels that these abuses are so serious that you want to use a rule that ‘If you abuse it, you lose it,’ Mr. Turley said.
He noted that federal agencies have a history of promising to improve compliance without making meaningful changes.
Yet most speakers appeared to favor some version of reform rather than abandonment.
Mr. Nadler, who has never voted to renew Section 702, said he would entertain the possibility of doing so if the privacy issues could be adequately addressed.
Gene Schaerr, general counsel at Project for Privacy and Surveillance Accountability and a former White House counsel, advised against allowing Section 702 to sunset.
“You then have a statutory vacuum, which the Executive Branch loves,” Mr. Schaerr said.
If there is no law prohibiting an action, a president is likely to claim the authority to act, he explained.
“And of course, they tend to read presidential authority broadly,” he said.
One point of agreement was that Congress must do something other than simply reauthorize the law in its current form.
“We will act. Congress must act,” Ms. Jackson Lee said.
The first order of business would be to insert a requirement that a warrant be obtained before searching the government’s vast digital warehouse of information, according to Elizabeth Goitein, senior director of the Brennan Center for Justice and Liberty.
“The starting point for any conversation about reauthorizing Section 702 must be a requirement that the government obtain a Title I order or a warrant before searching Section 702 data for Americans’ communications,” Ms. Goitein said.
That requirement would severely limit the FBI’s ability to respond rapidly to security threats, Mr. Wray said in his earlier testimony before the Judiciary Committee.
“A warrant requirement would amount to a de facto ban on queries involving U.S. citizens because query applications either would not meet the legal standard to win court approval; or because, when the standard could be met, it would be so only after the expenditure of scarce resources, the submission and review of a lengthy legal filing, and the passage of significant time—which, in the world of rapidly evolving threats, the government often doesn’t have,” Mr. Wray said.
Other proposed changes to Section 702 include strengthening oversight of federal agencies.
“Any surveillance of Americans should be subject to have adequate mechanisms in both Congress and the judiciary,” Mr. Schaerr said.
Currently, the review of 702 compliance does not involve Congress and is conducted only retrospectively.
“Traditional oversight is not good enough because it always looks backward after the damage has been done,” said Phil Kiko, former chief of staff and general counsel for the House Judiciary Committee.
“When an agency abuses statutory construct, whether intentionally or through malfeasance or through negligence, there need to be consequences for bad behavior. The lack of any consequences for these abuses compounds the lack of trust,” Mr Kiko said.
The law must also be amended to address the use of data U.S. citizens purchased by the federal government that it would not otherwise be entitled to have without a search warrant, Ms. Goitein said.
“FISA appears to require the government to obtain a court order to collect American cellphone location information,” she said. “But the government can, and does, obtain access to vast databases of this highly sensitive information by purchasing it from data brokers.”
Congress reauthorized Section 702 for six years in January 2018. It will expire on Dec. 31 without congressional action.