Give Now

We must close the loophole that allows law enforcement to buy our personal data without a warrant.

The recent whistleblowing disclosures by Edward Snowden have revealed systemic mass domestic surveillance. The government has justified its programs on the grounds that they are both legal and overseen by a court. But what do the relevant laws actually do?

In a series of blog posts, the Project On Government Oversight will explore the legal framework behind the NSA surveillance programs, the larger problem of secret law, and the protections and incentives that exist (or don’t) for government whistleblowers.

Edward Snowden’s recent whistleblowing disclosures revealed that the National Security Agency (NSA) has been conducting mass electronic surveillance on American citizens. According to the leaked documents, Verizon has been handing over the phone records of millions of customers, the NSA program PRISM has collected information from internet giants such as Apple and Google, and the NSA has been—contrary to prior assurances—conducting blanket domestic surveillance.

These disclosures are not the first to reveal questionable NSA activities. In 2004, whistleblower Thomas Tamm leaked the existence of the NSA warrantless wiretapping program to The New York Times; the government raided his house but ultimately declined to prosecute. In 2006, whistleblower Thomas Drake exposed the existence of a wasteful and failing NSA surveillance program, Trailblazer. Drake was consequently charged under the Espionage Act—a charge that eventually was dropped. According to The Washington Post, there are additional NSA electronic surveillance programs currently in operation.

President Obama and government officials have tried to reassure the American public that the NSA surveillance programs are legal under the PATRIOT Act and the Foreign Intelligence Surveillance Act (FISA). But what do the PATRIOT Act and FISA actually provide? What is the Foreign Intelligence Surveillance Court (FISC) that purportedly authorizes secret surveillance? And what can be done to ensure that our national security programs respect fundamental civil liberties?

The PATRIOT Act

The PATRIOT Act was signed into law by President Bush in October 2001 following the terrorist attacks of September 11, 2001, without substantial debate or amendment. The PATRIOT Act made sweeping changes to a number of existing U.S. laws—including FISA—giving the Department of Justice (DOJ) and the NSA broad and far-reaching powers to conduct electronic surveillance.

Section 215 (codified at 50 U.S.C. § 1861, a part of FISA) allows the FBI to collect “any tangible things (including books, records, papers, documents, and other items)”—broad language that can be read to include almost anything. Indeed, FISC has apparently defined the relevant tangible things to include a phone company’s complete call database.

Ordinarily, the Fourth Amendment requires searches and seizures to be conducted under probable cause, a legal standard defined as the reasonable belief that, more likely than not, the person being searched is engaged in criminal activity. In order to receive authorization to collect the tangible things of U.S. persons, however, the FBI need only demonstrate to FISC that there are “reasonable grounds” that the tangible things are “relevant” to an investigation to protect against international terrorism or clandestine intelligence activities. The FBI must also demonstrate adoption of procedures to minimize the retention and dissemination of U.S. persons’ information (consistent with U.S. intelligence needs). The court must issue the order if the FBI so demonstrates, even if the application lacks probable cause.

Communications collected from U.S. persons must not derive solely from First Amendment activities—for example, collection because the FBI doesn’t like the website you visit or the books you check out of the library—but can derive in part from such actions. In addition, anyone who receives a Section 215 order to turn over tangible things to the government is prohibited from disclosing the warrant or the details of the requested records. Under fairly weak congressional oversight requirements, the Attorney General submits an annual report to Congress detailing the number of requests made, granted, modified, and denied.

FISC cites Section 215 as providing the legal authorization for the collection of telephone metadata. According to the leaked documents, FISC ordered Verizon, pursuant to Section 215, to hand over information related to both communications “between the United States and abroad,” and “wholly within the United States (including local telephone calls).” Evidence suggests that the government has demanded similar information from other telecommunications giants on orders renewed every three months.

Section 215 and fifteen other provisions of the PATRIOT Act were mandated to expire on December 31, 2005. In March 2006, President Bush signed the USA PATRIOT Improvement and Reauthorization Act, which made permanent 14 of the 16 expiring provisions and created a new sunset of December 31, 2009, for Sections 215 and 206 (a provision granting broad wiretap authority, but currently not implicated in the Snowden whistleblowing disclosures). The sunset for Sections 215 and 206 has been extended a number of times—most recently in the PATRIOT Sunsets Extension Act of 2011—each time without substantive change. Sections 215 and 206 will now sunset on June 1, 2015.

The Foreign Intelligence Surveillance Act (FISA)

Congress originally passed FISA in 1978 to establish a system of judicial review over foreign intelligence operations. In 2008—following the 2005 disclosure of NSA warrantless wiretapping—Congress passed the FISA Amendments Act. Title VII, created under the FISA Amendments, established additional procedures for targeting persons outside the U.S. and was set to sunset on December 31, 2012.

Section 702 of Title VII (codified in 2008 at 50 U.S.C. § 1881a) allows the Attorney General and the Director of National Intelligence to jointly authorize a surveillance program targeting persons “reasonably believed to be located outside the United States” for up to one year. The surveillance must collect “foreign intelligence,” defined roughly as information related to national defense, foreign affairs, or the ability to protect against actual or potential attacks, international terrorism, or clandestine intelligence activities.

A Section 702 program must not “intentionally” target U.S. persons, but does not protect communications to and from U.S. persons inadvertently caught up in the surveillance program. In applying for FISC authorization, the government must certify targeting and minimization procedures that will reduce the likelihood of surveilling U.S. persons. As the Constitution Project points out, however, the government does not need to identify particular targets or demonstrate probable cause.

On June 8, 2013, on the heels of the Snowden disclosures, National Intelligence Director James Clapper announced that Section 702 provides the legal justification for the PRISM program. PRISM purportedly allows the government to collect email content, file transfers, stored data, and voice and video chats from Internet companies such as Google, Microsoft, and Apple.

Although FISC must generally authorize the creation of Section 702 programs, a determination of “exigent circumstances” by the Attorney General and the Director of National Intelligence allows the government to implement a surveillance program first and request FISC authorization second. The Attorney General, the Director of National Intelligence, the DOJ Inspector General, and officials from each element of the intelligence community authorized to acquire foreign intelligence information must nevertheless, per Section 702, submit various reports at least once a year to the House and Senate intelligence and judiciary committees. These reports focus primarily on compliance with targeting and minimization procedures and on whether foreign intelligence information has been or will be obtained from the surveillance.

In response to the looming expiration of the FISA Amendments at the end of December 2012, President Obama signed FISA Amendments Act Reauthorization Act of 2012, renewing Title VII provisions through December 31, 2017. The final bill passed without any changes to Section 702.

The Foreign Intelligence Surveillance Court (FISC or FISA Court) and the Foreign Intelligence Surveillance Court of Review (FISCR or FISA Court of Review)

The 1978 FISA created FISC (governed by 50 U.S.C. § 1803) to authorize foreign intelligence surveillance requests. FISC consists of eleven district court judges that must represent at least seven of the eleven U.S. judicial circuits and of which at least three must live within 20 miles of Washington, D.C. FISC is currently composed of eight judges (the other three recently retired or completed their terms) presided over by Judge Reggie B. Walton from the District Court for the District of Columbia.

FISA also created the Foreign Intelligence Surveillance Court of Review (FISCR), which has jurisdiction over the denial by FISC of any government application for surveillance authorization. FISCR generally consists of three judges from the district courts or courts of appeals, but is currently composed of two judges, of whom Judge Morris S. Arnold of the Eighth Circuit presides. Judges on both courts are appointed by the Chief Justice of the Supreme Court and serve seven-year terms.

FISC has general jurisdiction over government requests to conduct electronic surveillance, including applications made under Sections 215 and 702. FISC hearings are secret—almost no opinions are released publically—and considered to be non-adversarial: the government simply presents evidence of minimization procedures and the relevancy of the tangible things to a terrorism investigation (Section 215) or that targeting and minimization procedures exist (Section 702). Out of nearly 34,000 surveillance requests submitted by the government since 1979, FISC has only rejected 11.

Some Proposals for Reform

Although the government claims that the recently revealed surveillance programs are legal under Sections 215 and 702, the legal framework outlined above raises serious constitutional and policy questions regarding our national security programs. In particular, the government’s refusal to reveal FISC opinions and executive branch memos that interpret and apply FISA and the PATRIOT Act create a category of “secret law” that hinders a national debate about how to best design national security policies.

“It is high time that we address the need for more oversight of the government’s national security claims,” said POGO Executive Director Danielle Brian in a statement released Monday. “How can we know if the government has struck the right balance between our security and our rights if its legal interpretations are cloaked in secrecy?”

In 2012, when Congress reauthorized Title VII provisions of the FISA Amendments, Senator Jeff Merkley (D-Ore.), with the support of Senators Mike Lee (R-Utah) and Ron Wyden (D-Ore.), attempted (but failed) to attach an amendment that would have required the government to either declassify or provide summaries of FISC opinions—reforms POGO and its partners support. On June 11, 2013, following the recent revelations, a bipartisan group of eight Senators reintroduced the Merkley measure as the “End Secret Law Act,” which would, if passed, force the Justice Department to unseal or release summaries of FISC rulings unless there is a national security reason to withhold. Representatives Adam Schiff (D-Calif.) and Todd Rokita (R-Ind.) have introduced a companion bill in the House.

In addition, Senator Patrick Leahy (D-Vt.) introduced the FISA Accountability and Privacy Protection Act of 2013 on Monday, cosponsored by Senators Mike Lee (R-Utah), Mark Udall (D-Colo.), Ron Wyden (D-Ore.), Richard Blumenthal (D-Conn.), and Jon Tester (D-Mont.). The bill would narrow the scope of Section 215 orders, sunset the FISA Amendments in June 2015, and mandate inspector general investigations of government surveillance programs. Senator Leahy had attempted to introduce similarlegislation ahead of both the December 2012 FISA Amendments reauthorization and the 2011 PATRIOT Sunsets Extension (the latter with Senator Rand Paul’s (R-Ky.) bipartisan support), but without success. Hopefully the time is now ripe for broader, bipartisan support for these commonsense proposals.

POGO will further explore the problem of “secret law” and what protections (if any) exist for those who blow the whistle on government waste, fraud, and abuse. Stay tuned!