In early June, details on two National Security Agency (NSA) spying programs were leaked to the press. Since then, it seems that every day the public is learning more details about the scope and extent of NSA surveillance of Americans, the man who has leaked this classified information, and the reactions of various government officials. The last time this happened, back in 2005 and 2006 when we learned about warrantless wiretapping by the NSA, the eventual result was that Congress passed legislation – the FISA Amendments Act of 2008 – to legalize the NSA wiretapping program. Despite the initial public outrage over NSA spying, the result was that Congress changed the law to provide even fewer safeguards for Americans’ individual rights. Will the current controversy have the same result? Or can we instead secure enactment of more robust safeguards for privacy and civil liberties?
From the disclosures in the press and the public statements by government officials and tech companies, we can identify at least three troubling legal issues that demand reform.
1. Likely Violations of Section 215 of the Patriot Act:
We now know that under Section 215 of the Patriot Act, the Foreign Intelligence Surveillance Court (FISC) has issued orders directing telephone companies to turn over phone records covering millions of Americans to the NSA. Although these orders do not permit the NSA to listen in on calls or obtain their content, the scope of information covered by these orders is staggering. It shows what numbers are calling each other, the duration of these calls, the frequency with which particular numbers call each other, and unique identifiers for the phone numbers – for all calls, including purely domestic calls between Americans. This information can be highly revealing of the patterns of Americans’ associations.
But most troubling is the fact that there appears to have been no showing that any of these millions of Americans has any connection to terrorism. Even under the relaxed standards for obtaining Section 215 orders under the Patriot Act, the government is supposed to demonstrate that the information sought is relevant to an investigation to protect against international terrorism or espionage. It is difficult to understand how the phone records of millions of Americans who have not been shown to have any terrorist ties meets this standard of relevance.
The Office of the Director of National Intelligence (ODNI) has defended the program by stating that there are important limits and safeguards being applied. Specifically, the ODNI has announced that the FISC has approved procedures under which the NSA will only “query” the database of phone records when they have “reasonable suspicion, based on specific facts, that the particular basis for the query is associated with a foreign terrorist organization.” Under this standard, they report, the call records of fewer than 300 people were actually searched in 2012. But compliance with this “reasonable suspicion” standard is not being assessed by the court – NSA officials apply this rule internally. More importantly, while it may be reassuring to know that the NSA is imposing some internal restraint on its use of this massive database, this restriction does not cure the problem of the initial over-collection of Americans’ phone records.
2. Likely Fourth Amendment Violations Through FISA Amendments Act Surveillance:
We have also heard various descriptions of programs such as PRISM that are conducted under the authority of the FISA Amendments Act of 2008. That act amended the Foreign Intelligence Surveillance Act (FISA) to legalize a form of the NSA warrantless wiretapping program disclosed to the public in 2005 and 2006, and it was just reauthorized by Congress in December 2012. The FISA Amendments Act vastly increased the government’s powers to conduct surveillance of international communications without individualized judicial review.
Unlike the Section 215 surveillance discussed above, the government can collect and review the content of communications under this program, but it is not supposed to collect communications between two U.S. persons (citizens or legal residents) or between two people located within the United States. Thus, when authorized, the collection is more intrusive since it includes content, but it should cover far fewer Americans since it should only authorize collection of international communications.
We know far fewer details about the legal analysis and operational details supporting these surveillance programs, and none of the information reported thus far would necessarily indicate a violation of the FISA Amendments Act. However, the disclosures in the press have outlined very broad surveillance programs, and if the scope is indeed this extensive, the surveillance likely violates Fourth Amendment rights.
The FISA Amendments Act authorizes the government to gather foreign intelligence information through bulk collection of communications. The law does not require the government to identify any particular targets for the surveillance or to provide a rationale for individual targeting decisions. Rather, the government need only provide the FISC with a description of the “targeting” and “minimization” procedures that will be used to decrease the number of U.S. persons whose communications are collected. The departure from traditional Fourth Amendment standards – that searches require warrants based upon a showing of probable cause – is justified by the argument that the targets of programmatic surveillance conducted under the FISA Amendments Act are foreigners located overseas, and thus people who do not have recognized rights under the Fourth Amendment.
Since enactment of the FISA Amendments Act, we have known that the law would permit the collection of communications in which a U.S. person or someone located within the United States was on the other end of a conversation, provided that the target of the collection was indeed a foreigner located abroad. The collection of such communications involving Americans has been described as “incidental,” suggesting that it occurs infrequently. The recent disclosures about the PRISM program and other surveillance under the FISA Amendments Act have shown that it is highly misleading to call these collections “incidental.” While the disclosures have left many unanswered questions, they have illustrated that the scope and extent of communications collected under these programs is extremely broad and the likelihood that the communications involve U.S. persons is very high.
More specifically, press accounts have stated that in assessing whether a surveillance target is foreign, government agents have required that search terms are 51% likely to target foreigners located abroad. If true, this would mean that in up to 49% of cases, Americans or people located in the United States – people with recognized Fourth Amendment rights — could be on both ends of the conversation. We already knew that in the cases where there are legitimately foreign targets – possibly 51% of cases – there could be a U.S. person or person inside the United States on the other end of the conversation. Moreover, according to newly leaked documents, the standards applied by the NSA in assessing whether communications actually involve a U.S. person, provide the agents with a great deal of discretion to err on the side of assuming that a person is a foreigner and that the communications may be retained and used.
Overall, this would all add up to a high potential for collection of conversations – including their content – for vast numbers of Americans. If the surveillance is collecting the content of communications of so many U.S. persons, then the limited review conducted by the FISC under existing law would not be adequate to protect Americans’ Fourth Amendment rights.
3. The Problem of Secret Law:
Above and beyond the likely statutory and constitutional violations that the NSA disclosures have revealed, we must address the problem of “secret law.” It should not have taken a leak of classified information for the public to learn how the government has interpreted Section 215 of the Patriot Act. While it may be necessary to maintain secrecy for any evidence submitted to the secret Foreign Intelligence Surveillance Court to justify such surveillance, the administration’s interpretations of surveillance laws and the standards being applied by the court should be public.
The Constitution Project has long called for disclosure of significant opinions of the FISC and other documents showing the administration’s interpretations of its authority under the surveillance laws. This will permit meaningful public debate and rigorous oversight of government actions. The need for transparency is particular great where the administration’s or the FISC’s interpretation of the law is not readily apparent from the text of the statute. The governing law and legal standards under which the administration operates should be public. Secret law has no place in a democracy.
The Path to Reform:
Will we see any meaningful changes to address any of these problems? It is too soon to say, but there are some encouraging signs.
First, the Privacy and Civil Liberties Oversight Board (PCLOB) has begun a review of the recently revealed surveillance programs as “a top priority.” The PCLOB was created by Congress as an independent agency back in 2007, but it took five years before any members were confirmed to serve on the Board. Fortunately, with last month’s confirmation of the Board’s chair, the PCLOB has finally come into existence and is authorized to operate at full strength. The PCLOB has jurisdiction to review national security programs to ensure that they include adequate safeguards for privacy rights and civil liberties, and the President has stated publicly that he believes the PCLOB can play an important role in assessing these programs. The PCLOB has already met with the President and other government officials and will be holding a public hearing on the programs in early July. The Board has announced that it will produce a public report outlining its conclusions and recommendations on the NSA surveillance programs.
In addition, various bills, including several with bipartisan support, have already been introduced in Congress to address the issues raised by the NSA surveillance programs. The Constitution Project has already announced its support for two bipartisan bills. The Ending Secret Law Act, S. 1130, co-sponsored by Senators Jeff Merkley (D – Ore.) and Mike Lee (R – Utah), would require the Attorney General to declassify significant FISC opinions, and where declassification is not possible, to provide summaries. In the House, the LIBERT-E Act, HR 2399, co-sponsored by Reps. John Conyers (D – Mich.) and Justin Amash (R – Mich.), would tighten the standards for government orders under Section 215 of the Patriot Act and would similarly require disclosures of significant decisions of the FISC.
Much work remains to be done to translate these preliminary efforts into meaningful reform. But hopefully, this time around, we will be able to secure significant changes to the law to ensure that surveillance programs include robust safeguards for privacy rights and civil liberties.
The views expressed in this blog post are not necessarily those of TCP, its committees, or boards.