CDT Issue Brief: Debunking Myths & Fixing FISA Section 702 Backdoor Search Loophole
This issue brief debunks misconceptions about the “backdoor search loophole” to FISA Section 702 and offers a remedy to fix it. The backdoor search loophole is one of the most serious problems with FISA Section 702 – it enables the government to coopt a warrantless surveillance authority meant to focus on foreigners abroad and use it to deliberately seek out Americans’ communications for generalized domestic surveillance.
Myth: FISA Section 702 is distinct from other components of FISA because it affects foreigners but not Americans.
Reality: FISA Section 702 significantly impacts Americans and, because of the backdoor search loophole, is regularly used to seek out and review Americans’ communications that were collected without a warrant.
Even though FISA Section 702 limits surveillance targets to foreigners located abroad, it is inevitable and expected that many Americans’ private communications will be swept in. This occurs via “incidental collection” — whenever Americans speak with a foreign target, their communications are subject to warrantless surveillance. And because the scale of permissible targets is incredibly broad (targets need not have any suspected ties to foreign powers, security threats, or malicious activities), Americans speaking with innocent foreigners abroad such as friends, family, and business associates will have their communications collected.
The government can — and frequently does — query databases of FISA Section 702-acquired communications to deliberately seek out these Americans’ conversations absent judicial oversight or suspicion of wrongdoing by exploiting the backdoor search loophole.
Myth: U.S. person queries are not a “backdoor search loophole” because the practice involves review of communications already in the government’s possession.
Reality: U.S. person queries have the same effect as a search of Americans’ communications and records, but the process circumvents the protections that the Bill of Rights dictates a search should entail.
The intelligence community claims that U.S. person queries do not constitute a “search” because the process applies to data already in the government’s possession. But that argument ignores the key problem: U.S. person queries are “backdoor searches” because they have the same effect as a direct search — government officials deliberately seeking out, reviewing, and using U.S. persons’ private communications — without ever going through the checks and rules required for upfront searches. Individuals face the same harm to their privacy rights, but without any of the protections.
The backdoor search loophole is dangerous because it undercuts a critical Constitutional safeguard: When the government deliberately seeks to read an American’s communications, it must do so based on strong suspicion of wrongdoing (specifically, probable cause) and with judicial approval. These limits are key to preventing abuse, mishandling of intimate personal information, and using “shortcuts” in investigations to facilitate selective prosecutions of dissidents, political enemies, and marginalized groups.
Myth: FISA Section 702 is only used to respond to national security priorities such as counterterrorism, cybersecurity threats, and covert activities of foreign powers.
Reality: FISA Section 702-acquired communications are used for standard domestic law enforcement investigations as well as to seek out the private communications of Americans with no ties to misconduct.
FISA Section 702 was created to respond to international security threats; today the government also highlights its use for priorities such as cybersecurity. But warrantless backdoor searches of Americans are used for an array of domestic law enforcement activities totally disconnected from national security such as health care fraud, bribery, and public corruption.
Even more troublingly, FISA Section 702 also is used to seek out the private communications of Americans in no way suspected of wrongdoing. Some examples of how the government has used FISA Section 702 data include U.S. person queries of:
- A U.S. Congressperson
- Journalists
- A “local political party”
- Current and former U.S. government officials
- Individuals applying to work in local law enforcement
- College students participating in a “Collegiate Academy” program
- Relatives of an FBI official performing queries
- Political commentators
- Victims who reported crimes to the FBI
- Business, religious, and community leaders who applied to participate in the FBI’s “Citizens Academy” program
- Law enforcement sources
- Workers conducting maintenance at FBI offices
For some of these backdoor searches, “the [intelligence analyst] struggled to articulate a ‘reasonable belief’ that the queries would return foreign intelligence information or evidence of a crime,” or a compliance assessment determined there was no reasonable basis to believe the queries would return such information.
Myth: There are already meaningful restrictions on how the government can conduct U.S. person queries, and prior problems stem from isolated incidents rather than systematic loopholes that need to be closed.
Reality: Current limits on U.S. person queries are riddled with exceptions that subsume the rule, and these vague standards will continue to facilitate improper efforts to seek out Americans’ communications. The only way to fix the backdoor search loophole is to have a consistent warrant requirement.
The warrant requirement that Congress established during the last FISA Section 702 reauthorization is narrow and flawed. It requires warrants only for queries made “in connection with a predicated criminal investigation,” leaving no restrictions on conducting backdoor searches for “assessments.” This means that situations where the FBI has the least suspicion of wrongdoing are those in which it has the most power to conduct U.S. person queries without oversight. Further, the warrant requirement does not apply to any queries that “relate to national security” or might mitigate “a threat to life or serious bodily harm.” These categories are overbroad and undefined in statute, giving the FBI immense flexibility to claim queries have some nexus to either category.
These exceptions permit mass U.S. person querying, including of the sensitive categories of individuals listed above. The convoluted nature of these rules has also bred a culture of noncompliance, with the FISA Court stating FBI has “conducted a large number of suspicionless queries,” engaged in “widespread violations of the querying standard,” and displayed “a misunderstanding of the querying standard — or indifference to it.” The way to prevent abuse of backdoor searches and improper treatment of Americans’ private communications is to have a strict and consistent warrant rule. Congress should not reauthorize FISA Section 702 without establishing a rule that all U.S. person queries of Section 702-acquired data must be predicated on probable cause (either that the query will return evidence of criminal wrongdoing or that the applicable person is an agent of a foreign power) and approved by the FISA Court.
For more information, please contact Jake Laperruque, Deputy Director of CDT’s Freedom, Security & Technology Project, at [email protected], or Project Director Greg Nojeim at [email protected].
Endnotes
[1] Memorandum Opinion and Order (FISA Ct. Nov. 18, 2020) available at https://perma.cc/8U2N-5GYP (hereinafter FISA Court 2020 Opinion).
[2] For details, see, Office of the Director of National Intelligence, 22nd Semiannual Assessment of Compliance with Procedures and Guidelines Issued Pursuant to Section 702 of the Foreign Intelligence Surveillance Act (August 2021), https://perma.cc/JB3J-NXWP (hereinafter 22nd FISA Section 702 Compliance Report); see also, Office of the Director of National Intelligence, 24th Semiannual Assessment of Compliance with Procedures and Guidelines Issued Pursuant to Section 702 of the Foreign Intelligence Surveillance Act (December 2021), https://perma.cc/E76T-RKBG (hereinafter 24th FISA Section 702 Compliance Report); see also, FISA Court 2020 Opinion.
[3] 22nd FISA Section 702 Compliance Report; 24th FISA Section 702 Compliance Report.
[4] FISA Court 2020 Opinion; see also, Memorandum Opinion and Order (FISA Ct. Oct. 18, 2018) available at https://perma.cc/9CSR-63QM; see also, Memorandum Opinion and Order (FISA Ct. Dec. 6, 2019) available at https://perma.cc/FTJ7-LDLG.
