September 7, 2017
Re: FISA Section 702 Reauthorization
The undersigned civil rights, civil liberties, privacy, and government oversight organizations write to urge you to vote “no” on reauthorization of Section 702 of the Foreign Intelligence Surveillance Act if it is not significantly reformed. While Congress had little information on how this program worked when it last voted on this law in 2012, the new disclosures we describe below underscore the need for amendments to better protect privacy and civil liberties.
Many of the undersigned groups have opposed Section 702 since its inception on the grounds that it would permit the government to collect Americans’ international communications without a warrant. Indeed, concerns over the law’s breadth and impact on Americans prompted you to vote against reauthorization in 2012.
Prior to passage of Section 702, the Foreign Intelligence Surveillance Act generally prohibited the government from engaging in electronic surveillance for foreign intelligence purposes absent an individualized order that, among other things, demonstrated that an individual was a “foreign power or agent of a foreign power” (e.g., a member of a foreign government or terrorist group). Section 702 weakened these standards by eliminating the requirement that the government obtain individualized orders from a judge and by permitting the government to target foreigners for broad “foreign intelligence” purposes, which could include something as mundane as collecting information about foreign affairs. Many experts believe these changes permit surveillance that violates the Fourth Amendment and human rights standards.
Since 2012, additional disclosures regarding Section 702 have only amplified these concerns. Specifically, as feared, the government has interpreted Section 702 to allow it to access and use the content of Americans’ communications without a warrant, despite the fact that the law is intended to target only foreigners. Additionally, use of the authority has ballooned, increasing concerns that it reflects a “collect everything” approach that increasingly sweeps up the sensitive information of individuals who pose no threat to national security. Moreover, persistent failures of internal controls and oversight mechanisms have made clear that the law is vulnerable to abuse by government actors who may seek to improperly surveil individuals on the basis of their political views, religion, or nationality, and vulnerable to misuse due to its scope and technical complexity.
Since your last vote, the public has learned:
- Section 702 has been used improperly by the NSA to collect wholly domestic communications. A 2011 FISA court opinion confirmed that while “targeting” foreigners abroad for surveillance, the National Security Agency had knowingly collected communications where both the sender and recipient were people in the United States. The FISA court required corrective action to limit the use of this information, but Sen. Ron Wyden (D-OR) has recently asked the administration to publicly clarify whether the government uses Section 702 for this purpose.
- Section 702 has been used to collect information completely unrelated to its targets. For example, a review of documents provided to the Washington Post found that 90% of the information collected while targeting a foreigner abroad had nothing to do with the target, and included sensitive information like medical records and family photos. Despite being deemed “useless” by analysts, the information was retained.
- The government has failed to comply with its obligation to provide notice in criminal cases where Section 702 is used to criminally prosecute. Prior to 2013, no criminal defendant had ever received notice that Section 702 information was being used against them, even though it turns out that it was. Since that time, following an apparent reexamination in policy, notice was provided in a total of eight cases. This number is suspiciously low given that the intelligence community confirmed it shares criminal evidence unrelated to terrorism with investigators. There are also reports that intelligence is regularly funneled to the Drug Enforcement Administration (DEA), which then uses parallel construction to obscure the source of the evidence. Despite repeated requests, the Department of Justice continues to withhold its legal interpretation of when the law requires disclosure to criminal defendants.
- The intelligence agencies have repeatedly violated court-imposed rules governing the program and withheld such violations from the FISA court. According to only recently declassified opinions of the FISA Court dating as far back as 2009, the National Security Agency (NSA), Federal Bureau of Investigation (FBI), and Central Intelligence Agency (CIA) have repeatedly failed to comply with court ordered privacy and targeting procedures. Indeed, documents released this spring show the NSA did not comply with certain court ordered privacy procedures designed to protect Americans’ information for nearly five years. While the NSA has stopped part of the program that could not be made compliant with the privacy rules in this instance, it has reserved the right to restart those surveillance activities, called upstream “about” collection, even knowing they will certainly pick up domestic and irrelevant communications.
- The NSA and CIA knowingly search for Americans’ communications and metadata in the 702 database tens of thousands of times a year, and though the FBI does not keep track of its searches for Americans’ information, the Privacy and Civil Liberties Oversight Board reports that the FBI conducts such searches routinely. New reports from the DNI confirm that NSA and CIA agents searched through data with known American identifiers like emails and phone numbers well over 35,000 times last year, and that does not account for the FBI’s use or the number of times the CIA searches through metadata pertaining to Americans’ communications. It also does not reflect new changes in the privacy rules that will allow the National Counterterrorism Center access to the data starting this summer, or that will allow intelligence agencies to query communications collected through upstream surveillance, which was prohibited until this summer.
- The administration has reversed course on estimating the number of Americans surveilled under Section 702. Following over a year of briefings with Congressional staff and other stakeholders, the DNI committed to provide an estimate of the number of Americans whose communications were “incidentally” collected under the program, but reneged on this commitment in June of this year. Without this information, members of the public and Congress are denied an understanding of the true impact of Section 702 on Americans’ privacy.
- Rules designed to accurately target foreigners abroad and protect the sensitive information incidentally collected about Americans are full of loopholes and allow the government to keep and use almost everything it collects. The court-approved privacy rules for Section 702 broadly allow the government to collect and keep data so long as it does not have affirmative evidence the target is in the United States or is a US person and they do not make an affirmative determination that the information is unrelated to foreign intelligence. Even if the government knows that information pertains to an American, it can still keep that information for years and use it for purposes that have nothing to do with the foreign intelligence purpose for which the information was collected.
Thus, Section 702 poses serious risks to privacy. Intelligence officials argue that Section 702 is an important foreign intelligence tool. But the question is not simply whether Section 702 yields useful intelligence; it’s whether useful intelligence could be gathered in a manner that intrudes less on the privacy of innocent citizens. The answer to the second question is yes. Critical privacy reforms are both necessary and possible.
With the sunset only 4 months away – and no reform bill introduced at this time – we strongly urge you to call for reform and indicate to congressional and committee leadership that you will not vote to reauthorize 702 without meaningful reform.
Advocacy for Principled Action in Government
American-Arab Anti-Discrimination Committee
American Association of Law Libraries
American Civil Liberties Union
American Library Association
Association of Research Libraries
The Brennan Center
Center for Democracy and Technology
Center for Media and Democracy
The Constitution Project
Defending Rights & Dissent
Electronic Frontier Foundation
Fight for the Future
Friends Committee on National Legislation
Government Information Watch
National Association of Criminal Defense Lawyers
National Coalition Against Censorship
New America’s Open Technology Institute
Project On Government Oversight
Restore the Fourth
 Barton Gellman, Julie Tate and Ashkan Soltani, In NSA-intercepted data, Those Not Targeted Far Outnumber the Foreigners Who Are, Wash. Post, July 5, 2014 at https://www.washingtonpost.com/world/national-security/in-nsa-intercepted-data-those-not-targeted-far-outnumber-the-foreigners-who-are/2014/07/05/8139adf8-045a-11e4-8572-4b1b969b6322_story.html?utm_term=.5c79ec7bc395.
 John Shiffman and Kristina Cooke, US Directs Agents to Cover Up Program Used to Investigate Americans, Reuters, Aug. 5, 2013 at http://www.reuters.com/article/us-dea-sod-idUSBRE97409R20130805.
 Patrick Toomey, ACLU, Why Aren’t Criminal Defendants Getting Notice of Section 702 Surveillance — Again?, Dec. 11, 2015, https://www.justsecurity.org/28256/arent-criminal-defendants-notice-section-702-surveillance-again/.
 FY 2016 Transparency Report at https://icontherecord.tumblr.com/transparency/odni_transparencyreport_cy2016.
 See for example the NSA’s Minimization and Targeting Procedures at https://www.dni.gov/files/documents/icotr/51117/2016-NSA-702-Minimization-Procedures_Mar_30_17.pdf and https://www.dni.gov/files/documents/icotr/51117/2016_NSA_702_Targeting_Procedures_Mar_30_17.pdf; or the FBI’s Minimization and Targeting Procedures at https://www.dni.gov/files/documents/icotr/51117/2016_FBI_Section_702_Minimization_Procedures_Sep_26_2016_part_1_and_part_2_merged.pdf and https://www.dni.gov/files/documents/icotr/51117/2016_FBI_Section_702_Targeting_Procedures_Sep_26_2017.pdf.