Foreign Policy Research Institute A Nation Must Think Before it Acts Congress Skirmishes Over FISA Section 702: Will It Preserve the Intelligence Community’s “Crown Jewel” or Neuter It?
Congress Skirmishes Over FISA Section 702: Will It Preserve the Intelligence Community’s “Crown Jewel” or Neuter It?

Congress Skirmishes Over FISA Section 702: Will It Preserve the Intelligence Community’s “Crown Jewel” or Neuter It?

Since first passed by Congress in 2008, the intelligence collection program conducted under Section 702 of the Foreign Intelligence Surveillance Act (FISA)[1] has expanded to become arguably the most significant collection tool available to the U.S. Intelligence Community. Just last week, in a letter delivered to the congressional leadership of both parties and to the heads of the Judiciary and Intelligence Committees in both chambers, seven former intelligence officials including three former Directors of National Intelligence (DNI), a former Attorney General, and Michael Hayden, the only man to have been appointed director of both the Central Intelligence Agency (CIA) and the National Security Agency (NSA), implored Congress to reauthorize Section 702 advising that “[w]e have personally reported to our Presidents – Republicans and Democratic – and to the Congress details of plots disrupted based on information from Section 702.”[2] Described as the “crown jewel” of the Intelligence Community’s surveillance authorities, the reauthorization of Section 702 without material change has been designated by the current Attorney General and DNI as the Intelligence Community’s “top legislative priority.”[3]

Originally approved by Congress as part of the FISA Amendments Act of 2008, and then reauthorized in 2012, legislative authority for the Section 702 collection program (“Section 702 Program”) expires on December 31, 2017. Despite its virtually unmatched pedigree as a foreign intelligence tool and the unqualified support of those who best know that pedigree, the renewal of Section 702 is hardly assured; providing a dispiriting example of what happens in Congress when right-wing libertarians and left-wing civil liberties activists manage to find a common target for their ire. The result: a legislative squeeze play by these unlikely allies focused on neutering the Section 702 Program secure in the knowledge that those charged with protecting the national security will acquiesce to their “reforms” rather than risk the Program’s complete lapse. Unless the majority of legislators distance themselves from these two fringes, the outcome may well be a dangerous and flawed security policy masquerading as reform. Fortunately, there is still time for prudence to produce the outcome that best preserves the balance between the nation’s security interests and individual liberty, but, recent events confirm that the path to such an outcome will require careful navigation.

Earlier this month, the “USA Liberty Act of 2017” (USA Liberty Act)[4] was introduced in the House Judiciary Committee. This bill extends (through September 30, 2023) the collection authority found in Section 702, albeit with a series of new restrictions and reporting requirements that are flawed for the reasons explained in my commentary on that bill published earlier in the Foreign Policy Research Institute’s (FPRI’s) E-Notes.[5] As I noted at that time, there was no indication that the USA Liberty Act enjoyed any particular legislative support from either the House Intelligence Committee or the Senate committees principally responsible for intelligence oversight.

As if on cue, the skirmishing over the renewal of Section 702 emerged into full public view last week with the introduction of two more bills addressing the extension of this FISA collection program. Both new bills were introduced by members of the Senate Intelligence Committee, but their stark differences suggest that the controversial debate over extending Section 702 is likely to continue well into the autumn, perhaps pushing up against the December 31, 2017 sunset date that looms over this critical intelligence collection program.[6]

The two Senate bills were both reported as being introduced on October 23. Senator Richard Burr, chairman of the Senate Intelligence Committee, introduced the proposed “FISA Amendments Reauthorization Act of 2017” (FISA Reauthorization Act), a title that sounds almost quotidian compared to the “Uniting and Strengthening America by Reforming and Improving the Government’s High-Tech Surveillance Act of 2017” (USA Rights Act)[7] that was introduced the same day by Burr’s Intelligence Committee colleague, Senator Ron Wyden. Viewed on a continuum, Burr’s bill would leave the operation of the Section 702 Program largely unchanged, while Wyden’s legislation would drastically limit and alter the manner in which the Section 702 Program is currently conducted.[8]

The FISA Reauthorization Act renews the Section 702 Program’s collection authority for eight years (through December 31, 2025). Like every piece of Section 702-related legislation introduced thus far, Burr’s bill would codify the ban on “about” acquisitions,[9] a collection that the NSA, the agency principally responsible for operation of the Section 702 Program, ceased in March of this year. Other than barring “about” collection (and then creating a byzantine protocol to be followed should the executive branch seek to renew this form of collection), the FISA Reauthorization Act proposes the following changes to the statute in its current form:

  • imposes several new requirements that expand upon existing disclosure provisions found in current Section 702 legislation,
  • refines the list of criminal proceedings in which Section 702-derived information can be used,[10] and
  • requires that the Attorney General and the DNI adopt procedures for use in querying[11] the unminimized data collected pursuant to authorized Section 702 acquisitions while also mandating that those procedures include a technical process to record all queries that use a known U.S. person identifier.

A separate provision in the bill also would require that the FBI now report to the Foreign Intelligence Surveillance Court (FISC) all queries of Section 702 data that return information concerning a known U.S. person.[12] The FISC is charged with reviewing these FBI queries for “consistency with the Fourth Amendment.” Any information retrieved in response to a query found by the FISC not to be consistent with the Fourth Amendment cannot be used in any court proceeding. The FISC is charged with reporting to Congress at least annually on its reviews of FBI queries specifying the number of FBI submissions reviewed by the FISC and the number of those submissions that the court determined were not consistent with the Fourth Amendment.[13]

In terms of collection authority, the FISA Reauthorization Act essentially permits the Section 702 Program to continue in its current form in all material respects.[14] Except for the new requirements relating to FBI querying of the Section 702 database, this bill is, in terms of operational effect, the “clean” reauthorization sought for Section 702 by the Attorney General and the DNI, and it was reported out of the Senate Intelligence Committee on a 12-3 vote on October 24.

But a favorable endorsement from the Senate Intelligence Committee hardly assures that the FISA Reauthorization Act will become law because the USA Rights Act is supported by a strange cast of bedfellows. The curious consortium joining as co-sponsors of the bill includes Sens. Heller (NV), Paul (KY), and Lee (UT), all of whom received scores above 0.70 (where 1.0 represents the most conservative score) from GovTrack, an independent, nonpartisan congressional tracking service, in its 2015 “Ideology Score.” Concomitantly, the consortium also counts Sens. Baldwin (WI), Sanders (VT), and Warren (MA) as co-sponsors, whose GovTrack “Ideology Scores” were 0.07, 0.04, and 0.00, respectively. Despite the myriad problems facing the nation, these Senate confederates can apparently unite in communion only where the effort is to neutralize America’s most important intelligence collection program. If the USA Rights Act represents their version of what Section 702 should look like, the Program’s utility and effectiveness could be seriously compromised in the coming legislative battle. This proposed legislation is a paradigm of responding to imagined risks rather than genuine abuses, and then producing a flawed statute to “correct” those misperceived risks. Enacted in its current form, the USA Rights Act would neuter important intelligence advantages now provided by Section 702 while also injecting ill-advised and unnecessary changes into the entire structure of FISA. How does the USA Rights Act manage to create such a mess? Let us count the ways.

A Dangerously Poor “Fix” for the “Back Door” Search

As with the USA Liberty Act introduced earlier this month in the House Judiciary Committee, the USA Rights Act professes to end “back door’’ searches.[15] As I noted in commenting on the USA Liberty Act,[16] “back door” searches are a particular bête noire of Section 702 critics, and Senator Wyden has been an outspoken critic since Section 702 was first passed by Congress in 2008. But, while the House bill (the USA Liberty Act) addresses the “back door” issue by at least focusing on the arguably relevant question; i.e., whether Section 702-acquired data can be queried to find evidence of a crime,[17] the USA Rights Act completely oversteps with a prophylactic ban on all queries of Section 702 data where the query is intended to find communications “of or about a particular United States person or a person inside the United States” whether or not the underlying query is directed to producing foreign intelligence or not. If enacted, this seismic change would substantially undermine the utility of the Section 702 Program, particularly in the area of counterterrorism.

Critics like Senator Wyden persistently describe the “back door” search as a Fourth Amendment concern, but no court that has considered the issue agrees with this characterization. Remember, the communications that are being queried here already have been legally collected.[18] Yes, that collection is “incidental” to the targeting of a foreigner, but such incidental collection is lawful precisely because the target is a foreigner, located abroad, with no Fourth Amendment rights. Courts considering the question have concluded that once these communications have been lawfully collected, a subsequent querying of the database containing those communications is not a separate “search” for purposes of the Fourth Amendment. Thus, elevating the “back door” search question to one of constitutional dimension is an exaggeration.

One should also be precise about exactly what type of U.S. person communications are acquired in a Section 702 surveillance. We are talking about the incidental acquisition of those communications of U.S. persons to or from foreigners located abroad who use communication selectors[19] that, because of the reasonable likelihood that those communication selectors are used to transmit foreign intelligence information satisfying one or more criteria contained within a Section 702 certification approved by the FISC, have been properly targeted for collection pursuant to targeting procedures that also have been reviewed and approved by the FISC. Subsequent retention, use, and dissemination of any information derived from these incidentally collected communications are governed by minimization procedures also reviewed and approved by the FISC. Thus, far from being the surveillance dragnet depicted by critics, the universe of U.S. person communications acquired and retained in the Section 702 database consists only of those to or from that subset of U.S. persons who communicate with a corresponding subset of foreigners located abroad whose activities have satisfied the targeting requirements of the Section 702 Program.

Here is the practical effect of what the USA Rights Act would do: a foreigner located abroad and properly targeted pursuant to a FISC-approved Section 702 certification communicates via email with “a person inside the United States” (not necessarily even a “United States person,” as defined in FISA). The email between these communicants is lawfully acquired by the NSA under Section 702 authority, and it discusses terrorist activities while mentioning a number of other individuals who also are in the United States, without specifically indicating the role, if any, played by these other persons. The USA Rights Act would prohibit an analyst from querying the Section 702 database using the names of any of these “person[s] inside the United States” in an effort to develop further foreign intelligence information on this possible terrorist ring.

Moving one step further: assume that the names mentioned in this email include those of certain U.S. persons without specifying the role of these U.S. persons in connection with the potential terrorist activities discussed in the email. Current NSA Minimization Procedures used with the Section 702 Program permit an analyst to query the database using a U.S. person identifier after a written statement of facts establishes that the use of such identifier as a selection term is reasonably likely to return foreign intelligence information.[20] In this circumstance, a properly constructed query using a U.S. person identifier based on a name identified in this email might produce other communications elaborating on terrorist plans, or on the size or composition of the group involved in this terrorist activity, or of the times they communicate, or even of the identity of other participants.

Such analytical queries are the essence of counterterrorism work: the difficult process of assembling the pieces of the intelligence mosaic to effectively combat a furtive foe making every effort to preserve anonymity. In both the situations described above, however, the USA Rights Act would ban any query that is intended to find either the communications of those U.S. persons identified in the email or, more remarkably, even a query that is constructed “to find communications of or about . . . a person inside the United States”—whether legally or not.[21]

The example offered above speaks for itself. The “solution” the USA Rights Act offers to the “back door” search issue is dangerous overkill: it prohibits Section 702 database queries employing U.S. person identifiers even where used solely to retrieve important foreign intelligence. By contrast, the FISA Reauthorization Act prudently addresses this “back door” search issue by focusing on FBI queries of Section 702 data undertaken for law enforcement purposes.[22] Those queries that return information concerning a known U.S. person must be submitted to the FISC for review, and, if the FISC finds a query is not consistent with the Fourth Amendment, the information retrieved by that query cannot be used in any court proceeding. This “suppression” remedy affords precisely the same relief available in more “traditional” litigation settings. Nothing in the operational history of the Section 702 Program provides any basis for circumscribing the utility of the Program in the clumsy fashion proposed in the USA Rights Act. Its solution for the “back door” search is an inept remedy adrift in search of a non-existent problem, and its adoption would unnecessarily endanger national security.

Meddling … Simply for the Sake of Meddling

Multiple sections of the USA Rights Act are notable either for their needless redundancy or their misguided impact. Section 3 of the bill proposes to prohibit “reverse targeting.” This is the practice where the communications of a person outside the United States are targeted when the purpose of the surveillance is actually directed to acquiring the communications of a person who is in the United States. This is improper—and it is already specifically prohibited by Section 702.[23] In an uncanny display of fine parsing, the USA Rights Act assures that such reverse targeting will be prohibited not only where the purpose of the surveillance is to reverse target, but also where a significant purpose of the surveillance is to reverse target. How such a distinction is to be drawn in the real world of foreign intelligence surveillance is explained nowhere in the USA Rights Act but, presumably, we should all feel safer with this distinction as the law of the land.

Section 4 of the proposed bill also codifies the ban on “about” collection that is similarly found in the FISA Reauthorization Act. As noted earlier, the NSA terminated “about” collection earlier this year.

In Section 5 of the USA Rights Bill, there is a ban on the collection of communications that are entirely domestic. Current NSA Minimization Procedures require that domestic communications (i.e., communications without any communicant located outside of the United States) “be promptly destroyed upon recognition” unless the Director of NSA specifically determines, in writing, on a communication-by-communication basis that retention of that communication meets one of four specific criteria (e.g., “significant foreign intelligence information;” “evidence of crime;” “information necessary to understand or assess a communications security vulnerability;” or “imminent threat of serious harm to life or property”). Consequently, the ban on collection of domestic communications found in the USA Rights Act is, once again, largely redundant with the way in which the Section 702 Program is currently conducted.

Still another redundancy is found in the USA Rights Act’s requirement that directives to electronic communication service providers now be approved by the FISC before any assistance can be demanded of the provider. As written, FISA contemplates that the Attorney General and the DNI can direct a provider to furnish all information, facilities, and assistance necessary to effectuate a Section 702 acquisition, while already affording the provider the right to challenge any such directive in the FISC.[24] By law, the provider is protected against any liability relating to the assistance provided.

The USA Rights Act would change this logical process. Instead, the Attorney General and DNI would now be prohibited from requesting assistance from any electronic communication service provider without first demonstrating to the FISC that the assistance sought is “necessary,” “narrowly tailored,” and “would not pose an undue burden on the electronic communication service provider.”[25] Of course, no legislative guidance is provided as to what might pose “an undue burden.” More to the point, the USA Rights Act takes another facet of the Section 702 process, inverts that process as currently used, and thereby invites fractious collateral litigation that will serve only to delay the implementation of important foreign intelligence collection efforts. In a business where timeliness and efficiency often represent the difference between success and failure, and where failure can have catastrophic consequences, the deliberate creation of needless impediments to efficiency is dangerously short-sighted.

Section 7 of the USA Rights Act “reforms” the Privacy and Civil Liberties Oversight Board (PCLOB) by broadening its authority to review foreign intelligence activities including receiving and acting upon whistleblower complaints from employees or contractors of the intelligence community. Of course, as with so many other aspects of the USA Rights Act, this is redundancy piled on redundancy. There are copious federal laws applicable to the agencies of the Intelligence Community that already provide whistleblower protections.[26] Moreover, the PCLOB is a particularly unfit vehicle for the task of acting upon whistleblower complaints given that it is an organizational shell with only one serving member and four vacancies. Consequently, assigning any task of consequence to a group that needs to have two members appointed by the president and confirmed by the Senate before it even gains its statutory quorum suggests a congressional obtuseness that belies a genuine interest in accomplishing the assigned task.

These same realities show a complete absence of logic in the mandate that the Attorney General “fully inform the PCLOB about any activities carried out by the Government under the Foreign Intelligence Surveillance Act of 1978.” Are the sponsors of the USA Rights Act serious? Bear in mind that the statutory qualifications for appointment to the PCLOB require no particular expertise in FISA, electronic surveillance more generally, or counterterrorism; but, they do require an “expertise in civil liberties and privacy.”[27] There is simply no wisdom to be found in requiring that some of the nation’s most sensitive foreign intelligence secrets be “fully” shared with a “board” that has one body, four empty chairs, and no organizational expertise in FISA or the activities conducted under its authority.

Order in the (FISA) Court?

The USA Freedom Act introduced amici curiae counsel into the FISA approval process in 2015. Subsequently, the FISC has appointed six individuals to serve in this capacity, and FISA currently provides the FISC with the discretion to determine when these individuals are appointed to “assist [the] court in the consideration of any order or review that, in the opinion of the court, presents a novel or significant interpretation of the law, unless the court issues a finding that such appointment is not appropriate.”[28]

The USA Rights Act now proposes to circumscribe the judicial discretion to appoint amici counsel and mandate their appointment whenever the FISC is considering a Section 702 certification. No explanation is offered, and it is difficult to discern one, that justifies this mandated intrusion into the conduct of FISA judicial proceedings.

Judicial oversight has been an integral part of the statutory construct of FISA from its inception in 1978. Throughout that time, both the FISC and, later, the Foreign Intelligence Surveillance Court of Review (FISCR) have been populated by federal judges chosen by the Chief Justice of the United States. It would be hard to find an argument with any substance that has been advanced in opposition to this procedure during the four decades FISA has been in existence—until the USA Rights Act.

Section 9 of the bill seeks a complete reformation of the manner in which the FISC and FISCR are constituted. Currently, FISA provides that the FISC be comprised of 11 district court judges designated by the Chief Justice. Similarly, the FISCR is composed of three judges chosen by the Chief Justice. The Chief Justice, of course, is nominated by the president, confirmed by the Senate, and is the highest ranking judicial official in the country.

The USA Rights Act would jettison this coherent process, expand the FISC to 13 judges, and pass the initiative for choosing those judges from the Chief Justice to the thirteen chief judges of the federal courts of appeal.[29] Now, no disrespect intended, but the position of chief judge in a federal judicial circuit is neither permanent nor merit-based; these simply are the most senior of the judges in their particular circuit who happen to be under 65 and have not yet served as chief judge at the time the position falls open. Not exactly the sort of substantive selection criteria that assures any particular proficiency regarding FISA; and most Americans would be hard-pressed to identify any one of the currently serving chief judges across the 13 judicial circuits in the country. It is onto these anonymous jurists that the USA Rights Act would now confer the task of designating those who become FISC judges.

Compounding this perplexing convolution of the designation process used for FISC judges is another favorite legislative encroachment—the ordering of a study and, of course, yet another report. The subject this time—whether those appointed as judges of the FISC and the FISCR—are “diverse and representative.” Yet, the proposed bill is silent on whether the diversity sought is racial, gender, age, political affiliation, or some combination of these and other characteristics. What is clear is that the available literature reveals no source of any substance ever hinting that there is a diversity problem with either the FISC or the FISCR. And so, another “fix” is provided to another illusory problem.

Creating a Senseless Legal Standard that Endangers Us All

Unnecessary tinkering with the mechanism for designating FISA judges is annoyingly meddlesome, but it will not necessarily leave us all more exposed to the dangers of terrorism. This is not true of the short-sighted proposal found in Section 11 of the USA Rights Act. Perhaps no provision in this legislation is more inexplicable than its promotion of a legal claim available to anyone who “(A) has a reasonable basis to believe that the person’s communications will be acquired under [Section 702], and (B) has taken objectively reasonable steps to avoid surveillance under [Section 702].”[30]

It is hard to exaggerate just how foolishly mistaken this concept is. Recall that the universe of U.S. persons whose communications have any chance of being incidentally collected during a Section 702 surveillance consists only of that subset of U.S. persons communicating with a foreigner located abroad who is a Section 702 target by virtue of satisfying the collection criteria for foreign intelligence information contained in a FISC-approved Section 702 certification. Under the USA Rights Act, all those foreign targets would now be effectively immunized from collection because NSA would face potential litigation with any U.S. person who regularly communicates with these foreign targets—and do so with the claimant already having been gifted an “injury in fact” presumption conferred by the USA Rights Act. Yes, I realize that, technically, the USA Rights Act furnishes this presumption only to those whose “profession . . .  requires the person regularly to communicate foreign intelligence information” to these foreigners abroad; but, since the NSA is targeting the foreigner and not the U.S. person it cannot know until after it has acquired a communication whether another communicant thereto meets the criteria for “injury” by virtue of the communication having been intercepted. Consequently, the NSA will have little choice but to forego collecting important foreign intelligence information on virtually every foreign target because it will never know, in advance, who is communicating with that target and whether that collection will expose it to liability to an aggrieved person under the USA Rights Act’s new “injury in fact” standard. The loss of valuable foreign intelligence will be immediate and palpable.

There is actually an “object lesson” demonstrating the critical problem created by the USA Rights Act’s proposed legal standard for “injury” arising from Section 702 surveillance. In Wikimedia v. National Security Agency,[31] the challenge is that Section 702 collection “chills” the exercise of Wikimedia’s First Amendment rights because their foreign “sources” will hesitate to communicate if they believe that the NSA is collecting their communications. Setting aside the subjective concerns of these “sources,” objectively, such collection is possible only if, as noted above, the “sources” are also Section 702 “targets” properly identified through the application of the NSA’s targeting procedures pursuant to an appropriate FISC-approved certification. To be targets, such “sources” are necessarily foreigners located abroad who will use the tasked communication selectors to transmit or receive foreign intelligence information necessary to the national security of the U.S. or the conduct of the nation’s foreign affairs.

No logical reading of the First or Fourth Amendments would immunize legitimate foreign intelligence targets from Section 702 surveillance simply because Wikimedia views them as “sources.” Such a misguidedly perverse outcome essentially subordinates the conduct of U.S. foreign intelligence operations to the news gathering decisions made by Wikimedia and other media entities. Yet, this is precisely what the USA Rights Act would accomplish—the Wikimedia position fits squarely into the niche created by the bill which allows those like Wikimedia, who regularly communicate foreign intelligence information to foreigners located outside the U.S., to claim what would now be accepted as a legally cognizable injury when the same foreign intelligence information is collected in a lawful Section 702 surveillance.

Simply re-reading that last paragraph ought to convince any reader of the absurdity of this proposed feature of the USA Rights Act. It is no exaggeration to say that if this part of this bill becomes law it will go a long way towards effectively dismantling the most important intelligence collection tool available to the U.S. government.

Still More Meddling

What has been described so far is damage enough wrought by a single piece of misguided legislation, but there is more in the USA Rights Act:

  • reporting requirements demanding ever more statistics on the operation of the Section 702 Program,
  • retroactive application of the requirement that decisions of the FISC be declassified and released to the fullest extent practicable,
  • a requirement that the DNI now annually publish a description of “the subject matter of certifications provided under Section 702.” This effectively compels the DNI to wrestle with how to reveal for public consumption sensitive targeting details without compromising ongoing collection operations, and
  • limiting the extension of Section 702 to four years (as opposed to the 8-year extension provided by the FISA Reauthorization Act).

Wrapping Up

The antipathy which its critics hold for Section 702 assured that its reauthorization would be fiercely debated, but the competing bills now pending further action in Congress clearly show that the future of this critical intelligence collection program is uncertain. The FISA Reauthorization Act would largely provide the “clean” renewal of Section 702 sought by the Intelligence Community. The USA Liberty Act would impose unnecessary restrictions on the future functioning of Section 702,[32] but this legislation now looks tame compared to the USA Rights Act which, if enacted, would substantively eviscerate the Section 702 Program as currently conducted.

These are the stakes in the debate that, one way or the other, must reach a final decision on renewal by December 31, 2017. The clock is indeed ticking, and it’s getting closer to midnight every day.

[1] Section 702 of FISA allows the Attorney General and the Director of National Intelligence (DNI) to jointly authorize the targeting, without an individualized warrant, of non-U.S. persons located outside the United States to acquire foreign intelligence information.

[2] “Ex-U.S. spy chiefs urge Congress to renew internet surveillance law,” Reuters, Oct. 23, 2017.

[3] “Jeff Sessions urges Congress to reauthorize FISA ‘promptly,’” Washington Examiner, Sept. 12, 2017.

[4] USA Liberty Act, H.R. 3989, 115th Congress (2017).

[5] “What’s to be Found in the ‘USA Liberty Act,’” FPRI E-Notes, Oct. 20, 2017.

[6] A full discussion and analysis of FISA Section 702 and the surveillance program operated under its authority appears in “The Clock is Ticking: Why Congress Needs to Renew America’s Most Important Intelligence Collection Program” published in FPRI E-Notes, Sept. 29, 2017.

[7] USA Rights Act, S. 1997, 115th Congress (2017). A companion bill to the USA Rights Act was introduced in the House by Reps. Zoe Lofgren and Ted Poe.

[8] The USA Liberty Act introduced in the House resides somewhere between the two Senate bills in terms of its impact on current Section 702 operations; albeit with several material and problematic changes that are discussed in my October 20, 2017 E-Notes commentary. By way of comparison, an open letter from the ACLU describes the provisions of the USA Rights Act as “significantly more robust than those contained in the House’s USA Liberty Act.” See, (Oct.24, 2017).

[9] In Section 702 parlance, an “about” communication is one that includes the tasked email address in the text or body of an email even though the email is between two persons who are not themselves targets. In the case of “about” communications, acquisition may include communications that are neither to nor from a target but, instead, where a particular selector tasked for collection happens to be included in the body of the communication.

[10] The USA Rights Act similarly limits those criminal proceedings in which Section 702-derived information may be used in evidence.

[11] “Query” is now defined in the FISA Reauthorization Act as “any instance in which data the Government has already acquired is searched using a specific term or terms for the purpose of discovering or retrieving unminimized content or metadata.” FISA Amendments Reauthorization Act of 2017, S. 2010, 115th Congress (2017).

[12] The required report from the FBI to the FISC must include: the query used, the information retrieved in response to the query, and a justification for executing the query. FISA Amendments Reauthorization Act of 2017, S. 2010, 115th Cong. (2017).

[13] FISA Amendments Reauthorization Act of 2017, S. 2010, 115th Congress (2017).

[14] As noted earlier, a description of the current operation of the Section 702 Program can be found in “The Clock is Ticking: Why Congress Needs to Renew America’s Most Important Intelligence Collection Program,” FPRI E-Notes, Sept. 29, 2017. But for the new reporting mandate regarding FBI queries, the FISA Reauthorization Act would leave the Program’s operations substantively unchanged.

[15] The “full summary” accompanying the USA Rights Act claims that the bill will “End Back Door Searches.”

[16] “What’s to be Found in the ‘USA Liberty Act,’” FPRI E-Notes, Oct. 20, 2017.

[17] In those circumstances where the Section 702 database is queried by analysts seeking evidence of a crime (as opposed to foreign intelligence information), the USA Liberty Act would require that an order, based upon probable cause, first be obtained from the FISC.

[18] This is confirmed by looking to the definition of “query” supplied in the FISA Reauthorization Act, to wit: “any instance in which data the Government has already acquired is searched using a specific term or terms for the purpose of discovering or retrieving unminimized content or metadata.” FISA Reauthorization Act of 2017, S. 2010, 115th Congress (2017).

[19] “Communication selectors” are specific communications facilities used by a target such as telephone exchanges or email addresses.

[20] Those same NSA Minimization Procedures require multiple pre- and post-query levels of review with respect to the use of any U.S. person identifier as a selection term.

[21] In using the term “person inside the United States,” the USA Rights Act draws no distinction as to whether such person is in the United States legally or not.

[22] As noted in “What’s to be Found in the ‘USA Liberty Act’” (FPRI E-Notes, Oct. 20, 2017), when the “back door” search issue is properly framed as a search of Section 702 data for evidence of a crime, such a construction is not one that significantly impacts the operation of the Section 702 Program as conducted by the NSA. The NSA’s principal mission is to conduct signals intelligence activities to produce foreign intelligence for consumption by other members of the Intelligence Community. The NSA’s FISC-approved minimization procedures relating to Section 702 collection require that queries of unminimized Section 702 communications using U.S. person identifiers be “reasonably likely to return foreign intelligence information, as defined in FISA.” Those minimization procedures do not authorize queries using U.S. person identifiers for the purpose of producing “evidence of a crime.” Consequently, properly framed as a law enforcement issue, the “back door” search primarily impacts the FBI, and the FISA Reauthorization Act prudently treats it accordingly.

Conversely, the overly broad “back door” search “remedy” advanced in the USA Rights Act categorically bans all queries of Section 702 data designed to retrieve communications “of or about a particular U.S. person or a person located inside the United States” whether or not the underlying query is directed to producing foreign intelligence information, as opposed to evidence of a crime. As should be apparent from the example provided, the excessive breadth of this “remedy” would adversely impact the NSA’s efforts to produce foreign intelligence information.

[23] 50 U.S.C. §1881a(b)(2).

[24] 50 U.S.C. §1881a(h).

[25] USA Rights Act, S. 1997, 115th Congress, Sec. 14 (2017).

[26] See, e.g., Whistleblower Protection Act of 1989 and the Whistleblower Protection Enhancement Act of 2012.

[27] 42 U.S.C. §2000ee(h)(2).

[28] Pub. L. No. 114-23 (2015); 50 U.S.C. §1881a(i).

[29] For the FISCR, the appointment process would now require that any judge designated by the Chief Justice receive the approval of five justices of the U.S. Supreme Court.

[30] USA Rights Act, S. 1997, 115th Cong., Sec. 11 (2017).

[31] 857 F.3d 193 (4th Cir. 2017).

[32] See, “What’s to be Found in the ‘USA Liberty Act,’” FPRI E-Notes, Oct. 20, 2017.