You are viewing an archived webpage. The information on this page may be out of date. Learn about EPIC's recent work at epic.org.

Foreign Intelligence Surveillance Act Reform

Top News

Background

Recent debates over the scope and legality of foreign intelligence surveillance relate to two key provisions of the Foreign Intelligence Surveillance Act ("FISA"). These provisions were added and subsequently amended in the decade following the attacks of September 11, 2001. The first is the business records provision, which was established in the USA PATRIOT Act, Section 215. The second is the provision outlining procedures for targeting certain persons outside the United States other than United States persons, added by Section 702 of the FISA Amendments Act of 2008 ("FAA"). Both of these provisions expanded the scope of foreign intelligence surveillance that can be conducted within the United States.

As new details have emerged about the FBI and NSA's domestic intelligence-gathering practices, it has become clear that the current system does not provide sufficient transparency to ensure public oversight and trust. There are three main problems with the current system that have allowed this to occur: the development of a secret body of constitutional and statutory law by the FISC, structural limitations on judicial review of FISA surveillance, and rules inhibiting Congress’ ability to facilitate public oversight. As a result, important questions about the scope and nature of surveillance activity have remained unanswered and the public has been left in the dark.

Recent FISA Legislation

Section 215 Reform

Three important FISA provisions were scheduled to expire on March 15, 2020:

  • The “business records” provision, 50 U.S.C. § 1861,
  • The “roving wiretaps” provision, 50 U.S.C. § 1805(c)(2)(B), and
  • The “lone wolf” provision, 50 U.S.C. § 1801(b)(1)(C).
  • The business records provision comes from Section 215 of the USA PATRIOT Act. On March 15, 2020, Section 215 expired, along with the other two provisions. A week before the law expired, the House passed H.R. 6172 (described above). The bill would have extended Section 215 for three more years and modest reformed Section 215. It prohibited the FBI from seeking authorization of: (1) call detail records (CDRs); (2) a “tangible thing under circumstances in which a person has a reasonably expectation of privacy” without a warrant; and (3) CSLI or GPS information. In an emergency situation, the Attorney General can treat the product of CSLI or GPS information as electronic surveillance, rather than business records. The bill also limited retention of “tangible things, and information therein” to five years, with a few exceptions requiring certification describing the need to extend retention beyond that limit.

    Senators Wyden and Daines amended the bill when it reached the Senate, limiting Section 215. The one-sentence Wyden-Daines amendment would add that “An application under [Section 215] may not seek an order authorizing or requiring the production of internet web browsing information or internet search history information.” This language expressly excluded U.S. persons’ internet browsing and online history information from the broad business records category. FISA surveillance of such information would require a warrant (and probable cause) if the amendment was adopted. Unfortunately, the simple amendment failed to reach the 60-vote threshold for adoption by a single vote; the two senators who were not present and did not vote likely would have voted in favor.

    Senator McConnell offered his own amendment that significantly pared back the Wyden-Daines amendment. It would have allowed applications under Section 215 to authorize or require internet surveillance, so long as the information sought did not contain communications content. This version “essentially restates and reifies the existing, somewhat confusing, state of affairs” under Section 215, since courts have failed to reach a consensus on what counts as communications “content,” and the Supreme Court has yet to decide the issue.

    Section 215 has currently lapsed. However, Section 215’s expiration clause allows the intelligence community to continue to use the law for on-going investigations as of mid-March or to investigate “offenses or potential offenses” that occurred prior to the sunset. And, although Section 215 has nominally expired, that does not prevent Congress from trying to reauthorize the law again.

    As EPIC keeps track of future reauthorization attempts, it will be helpful to understand the somewhat complicated timeline of events leading to Section 215’s sunset in March 2020 and Congress’s subsequent attempts to reauthorize it in May 2020.

  • March 11: H.R. 6172 passed the House on a bipartisan 278-136 vote; DOJ issued a Statement of Administration Policy in support of the bill
  • March 12: The President threatens to veto the bill
  • March 15: Section 215 expires
  • March 26: Senators leave the Capital after passing the coronavirus relief bill
  • March 31: DOJ Inspector General (IG) releases interim report on systemic abuses in FISA process, following December 2019 report on the “Crossfire Hurricane” investigation
  • May 14: Senate adopts the Lee-Leahy amendment, passes the revised bill 80-14
  • May 20: Reps. Lofgren and Davidson urge House leaders to allow a vote on an amendment, styled on the Wyden-Daines amendment which failed to pass
  • May 26: Rep. Lofgren announced an agreed-upon text which would prohibit warrantless collection of internet search and browsing data of U.S. persons; Sen. Wyden pulled his support arguing it was too narrow; President Trump encouraged Republican House members to vote against FISA reauthorization; DOJ formally announced its opposition to the bill ; House Minority Leader Rep. Pelosi announced she would not seek to negotiate with Senate Republicans to resolve differences
  • May 28: House Democratic leadership canceled a vote on the Senate-amended version of H.R. 6172
  • Proposed Reforms to the FISA Amicus Process

    The USA FREEDOM Act of 2015 established a process for appointing independent amici curiae (“friends of the court”) for orders before the FISC that “present[] a novel or significant interpretation of the law,” unless the court finds that an appointment is not appropriate. FISA amici serve an important role in the FISA courts. The FISC and FISCR consider FISA applications in secret in the interest of protecting national security, and from their creation in 1978 until the passage of the FREEDOM Act, the courts mainly heard from government attorneys presenting their applications in ex parte proceedings. Following the Snowden leaks of the summer of 2013, the FREEDOM Act sought to provide additional safeguards to assure the increasingly-critical public that FISA review was accurate and skeptical of government applications. For instance, the Act specified that one of the duties of appointed amici is to provide “legal arguments that advance the protection of individual privacy and civil liberties,” among others.

    In 2017, Congress extended the FISA Amendments Act of 2008 (which includes Section 702) for six more years. The FISA Reauthorization Act provided amici compensation but did not otherwise change the role. As of May 14, 2020, the FISC had only appointed amici about sixteen times since the 2015 Act passed. The FISA courts had not appointed an amicus in any case involving an individual surveillance application, and it failed to appoint amici in at least four cases where it seemed required to do so.

    By contrast in early 2020, Congress considered the USA FREEDOM Reauthorization Act of 2020, which would strengthen the amici role by fixing many of the deficiencies described above. The original House bill, H.R. 6172, expanded the category of cases which must involve amici to include any case which raised First Amendment concerns. The bill would also grant amici access to information that would help them build their cases, and it would empower them to recommend that a FISA court matter be certified for appeal.

    The House passed that bill on March 11, 2020, and on May 14, the Senate passed the same bill with the addition of the Lee-Leahy amendment. Senators Lee and Leahy’s amendment, the USA FREEDOM Extension and Amici Reform Act, would briefly extend certain FISA authorities set to expire while significantly reforming the amicus process. Under the proposed revision, an amicus would act as a more aggressive advocate for civil liberties. Specifically, the amendment would require:

  • The FISA courts to disclose when decisions and opinions involved amicus curiae;
  • An appointed amicus with expertise in privacy and civil liberties; and
  • The FISC to appoint an amicus curiae in cases involving a “sensitive investigative matter” defined as involving a public official, candidate, religious/political organization, or news media within the U.S., or a matter the FISC deems of a similar sensitive nature.
  • Under the amendment, amici could go beyond raising general privacy arguments to specifically raising “legal arguments regarding any colorable privacy or civil liberties interest of any aggrieved United States person.” Amicus review would be warranted beyond cases raising First Amendment concerns, including when the application “presents a request for approval of a new program, a new technology, or a new use of existing technology,” “presents a request for reauthorization of programmatic surveillance,” and “otherwise presents novel or significant civil liberties issues.” Amici would also be able to certify questions of law for appeal to FISCR or certiorari to the Supreme Court. Amici would be able to access all court documents needed, including any relevant decisions and precedents which the government relied on in its application and legal arguments.

    Although the 2020 Reauthorization Act failed to pass into law, both the House bill and the Senate version with the Lee-Leahy amendment strengthened the amicus process in important ways. Under both bills, amici would have more opportunities to participate in FISA cases, more access to the documents and information they need to support their arguments, and they would be able to seek appellate review of FISC and FISCR decisions. Under the Lee-Leahy amendment, amici would be able to present legal arguments raising possible privacy concerns of U.S. persons impacted by FISA surveillance applications. Amici were also required to have privacy and civil liberties expertise. And, importantly for transparency, FISA courts would need to disclose publicly when they sought the input of an amicus.

    Overview of the EPIC's FISA Reform Proposals

    Stop Unlawful Collection of Domestic Telephone Records

    Top administration officials including the Director of National Intelligence have acknowledged the NSA's telephone metadata program, which involves the collection of a majority of call records in the United States. EPIC and others have argued that the FISC simply lacks the authority to grant an order for all domestic call detail records from Verizon or any other communications provider. Under the relevant FISA provision, the court is authorized to issue an order compelling production of business records if it finds that they are "relevant to an authorized investigation" of international terrorism. The FISC is not authorized to compel a service provider to produce, on an ongoing basis, the call detail records of millions of innocent Americans, which are irrelevant to any national security investigation. The NSA's domestic metadata surveillance program is unlawful under the FISA.

    In response to the unlawful FISC order, EPIC filed a petition for a Writ of Mandamus in the U.S. Supreme Court, seeking to vacate the order and find that the FISC exceeded its statutory authority. Four groups of leading privacy and constitutional scholars then filed amicus curiae briefs in support of the EPIC Mandamus Petition, and the Solicitor General indicated that he will be filing a response. Legal experts agree that this bulk collection of Americans' telephone records exceeds the limitations of Section 215, that it undermines the Congressional intent of the FISA, that it is contrary to the purposes of the Fourth Amendment, and that the Supreme Court has the authority to issue the relief that EPIC seeks.

    The current domestic metadata surveillance program is unlawful and should be discontinued.

    Enable Public Oversight of Surveillance Programs

    At present, the FISA grants broad surveillance authority with little to no public oversight. Section 702 of the FISA Amendments Act of 2008 ("FAA"), which was reauthorized on December 30, 2012, grants the Attorney General and the Director of National Intelligence broad authority to conduct surveillance targeted at persons reasonably believed to be outside the United States. The FISC has found that surveillance conducted under Section 702 directives acquires tens of thousands of "wholly domestic" communications each year. Given the significance of this intrusion into Fourth Amendment-protected communications, it is necessary to establish public oversight of these programs by requiring detailed annual reports.

    Soon after the passage of the USA PATRIOT Act, which amended various FISA provisions, a special committee of the American Bar Association undertook an evaluation of the expanded use of FISA and made recommendations to ensure effective privacy safeguards. The ABA recommended an "annual statistical report on FISA investigations," comparable to the annual Wiretap Report published by the Administrative Office of the United States Courts. EPIC recently emphasized the need for such a report given the broad scope of surveillance authorized by the FAA. Each year, EPIC and other organizations closely review the wiretap report released by the administrative office, which provides a comprehensive overview of the cost, duration, and effectiveness of surveillance authorized under Title III. The wiretap report is a critical document that allows the public to evaluate the effectiveness of surveillance conducted in criminal investigations.

    In contrast with the wiretap report, the annual FISA letter sent by the Attorney General provides very little useful information about the use of intelligence authorities. The letter recites the number of applications made by the government for electronic surveillance, physical searches, and access to certain business records as well as the requests made by the Federal Bureau of Investigation pursuant to the National Security Letter authorities. The letter also notes the number of applications for electronic surveillance withdrawn by the government, modified by the FISC, or denied by the FISC in whole or in part. Importantly, the letter does not provide any context about the scope of business records collected under Section 215 or any information about the number of directives issued pursuant to Section 702.

    Administration officials should publish more information about current surveillance programs, including details about their use, effectiveness, and their impact on the privacy of U.S. persons.

    Publish All Significant FISC Opinions

    The FISC has jurisdiction to "hear applications for and grant orders approving electronic surveillance" and "physical search[es]" for the "purpose of obtaining foreign intelligence information" on foreign nationals within the United States. The FISC also has the authority to grant applications for pen/trap surveillance and orders compelling the production of business records. Applications to the FISC are secret and its hearings are non-adversarial and ex parte. In addition, FISC opinions are classified and there is no requirement that they be declassified and published. As a result of FISC's review of Section 702 targeting and minimization procedures, the court is now ruling on important and novel Fourth Amendment issues. This new body of secret constitutional and statutory law makes it difficult for the public to fully evaluate the scope and impact of the intelligence surveillance programs.

    EPIC has previously proposed amendments to the FISC's rules that would increase transparency and reporting of court opinions. In comments to the FISC in 2010, EPIC urged the Court to regularly publish its orders, opinions, or decisions. "In order to fully understand how FISA is being interpreted by the Court and to determine whether the Court has been an objective check to an overzealous government, the public and Congress need access to the Court's rulings." While facts, sources, or methods may be properly classified, legal analysis and judicial opinions should be shared with the public. Secret law is contrary to values and needs of democratic government.

    The publication of significant FISC opinions, including those already provided to congressional intelligence and judiciary committees, should be mandatory and subject to a prompt declassification process.

    Make the FISC More Adversarial

    In addition to the proposals discussed above, EPIC also supports the creation of a &"special advocate" to bring adversarial proceedings to the FISC. President Obama has endorsed the creation of a FISC adversary that argues in favor of civil liberties and in the public interest, and prominent members of Congress have already introduced relevant legislation.

    Resources

    Passed Legislation

    Share this page:

    Defend Privacy. Support EPIC.
    US Needs a Data Protection Agency
    2020 Election Security