Four years after the passage of the USA FREEDOM Act, Section 215 of the Foreign Intelligence Surveillance Act (FISA) and its related “lone wolf” and “roving wiretap” provisions are back up for reauthorization. Section 215 is best known for being the portion of law used to justify the dragnet, warrantless mass collection of tens of millions of Americans’ phone call data, as revealed in 2013 by Edward Snowden. Although the USA FREEDOM Act of 2015 did make some substantial advances in curbing warrantless mass surveillance of Americans, disclosures over the intervening four years have borne out concerns that it was an incomplete reform.
USA FREEDOM did formally render the NSA’s blanket collection of Americans’ cell phone metadata illegal in that intelligence agencies could not simply grab the data en masse and store it for themselves. Instead, it established a Call Detail Records (CDR) process by which agencies could submit queries to the communications providers and get them to return (supposedly) only the relevant data. However, the new law also codified the practice of collecting information two “hops” (degrees of connection) from the targeted individuals or groups, which many civil liberties advocates warned would necessarily lead to millions of totally innocent Americans’ data still being swept up by the government.
Sure enough, as a 2019 report demonstrated, the government collected 434 million American phone call records in 2018 alone, associated with over 19 million unique phone numbers. The NSA was continuously fed with data on Americans that it was not legally authorized to collect and eventually was required to delete all data collected under the CDR program (although a 2019 Inspector General report revealed that not all of the inappropriate data was, in fact, deleted). Finally, it was reported that the agency had closed down CDR collection altogether, a report that was later confirmed by outgoing Director of National Intelligence Dan Coats.
As demonstrated in a recent report released collaboratively by FreedomWorks Foundation and the Demand Progress Education Fund, the NSA has been in nearly constant violation of laws protecting Americans’ rights to due process and privacy since the USA PATRIOT Act was passed in 2001. Meanwhile, the intelligence community has yet to claim or demonstrate any significant benefit from this program that has infringed on the 4th Amendment rights of much of the American population. Yet, both former DNI Coats and the White House have called for all of Section 215 to be reauthorized as-is – possibly permanently.
In addition to the more notorious call records collection, Section 215 also oversees the collection of other business records. We know far less about the collection that occurs under this section, as the only report the NSA is required to give of this section is of “unique identifiers used to communicate information”. Yet this portion of Section 215 specifically contemplates the collection of types of records such as medical files, gun purchases, and even call detail records again. Congress should demand more disclosure of the types of searches done under the business records section and the extent of the collection taking place.
The incredibly frequent violations that we already know of under Section 215 accentuate the wisdom of requiring that such programs be periodically reauthorized, so that Congress might hopefully conduct a robust review of what might be done better. It is our hope that the fast-approaching December 15 sunset date will provide just such an opportunity to further strengthen legal protections against warrantless mass surveillance, and to strengthen transparency and oversight over these powerful programs.
In particular, reforms we would hope to see in any reauthorization bill include:
- Requiring a warrant in order to target US persons with a FISA order, as well as to access intelligence data incidentally collected on Americans during a foreign intelligence surveillance operation. This warrant ought to demand a probable cause standard.
- Requiring the government to use "minimization standards" for data collected on US persons (in other words, to delete it within a set period of time) if determined to be not directly related to a foreign intelligence investigation.
- Removing the authority for the CDR program. The NSA has already shut it down and has neither demonstrated its efficacy or that it can be run without resulting in massive surveillance of American citizens. Removing the CDR program should be considered an item of routine housecleaning rather than a significant reform.
- Codifying that surveillance under Section 215 cannot be approved on the basis of 1st Amendment-protected activities, such as peaceably assembling and protesting or engaging in journalism. Currently, surveillance is prevented if “solely” based on such activities, but this appears to have left serious latitude for still potentially surveilling reporters or political movements, which can have a chilling effect on free speech.
- Accelerating the publication of FISA court and Office of Legal Counsel (OLC) opinions that significantly affect policies governing surveillance under Section 215 and related provisions. Congress and the American people cannot make an informed decision about the limits on government surveillance authorities if they don’t even know how the limits of those authorities are being interpreted.
- Restricting the collection of geolocation data under the business records section of Section 215. Such a prohibition already exists under the call detail records section specifically, and could simply be applied to the business records section. This same geolocation restriction should also be applied to the Pen Register/Trap and Trace authorities under FISA.
- Removing the FBI’s exemption from reporting requirements under the USA Freedom Act. It is unclear why the FBI was given this transparency carve-out, but given its domestic law enforcement focus, knowing how often and to what extent the FBI uses these authorities is crucial from a civil liberties perspective. Further transparency is needed with respect to whether and how frequently federal law enforcement – FBI and DHS – query data collected under Section 215 for criminal purposes.
- Requiring that the government provide notice to criminal defendants in instances where data collected under Section 215 is used in their case. This is a basic due process requirement – the counsel in a case cannot construct a proper defense if they do not even know what information the government has against their client. Measures should also be taken to prevent "parallel construction", where the government conceals the origin of evidence found using classified surveillance programs by re-collecting the evidence by other means.
- Increasing the involvement of an amicus curiae who is appointed to represent the civil liberties of an American being targeted for surveillance (who can obviously not represent themselves).
These reforms would go a long way towards restoring our ability to properly watch our watchmen balance their ability to spot foreign threats to national security with the natural rights of citizens to protection against undue search and seizure. The Safeguarding American’s Private Records Act, which FreedomWorks has endorsed, addresses most of these needed reforms to some extent, and would be a huge win for the Fourth Amendment.
For further information about Section 215 and the need for reform, visit Section215.org.
[Note: this blog has been updated, most recently in February 2020]