The USA FREEDOM Reauthorization Act is A Good First Step, But Congress Must Do More to Reform FISA
* An update on this legislation can be found here. *
Yesterday, House Judiciary Committee Chairman Jerry Nadler (D-NY) introduced The USA Freedom Reauthorization Act of 2020, a bill that would reauthorize intelligence surveillance authorities due to sunset March 15, 2020, reform one of them, and make several important changes to the Foreign Intelligence Surveillance Act (FISA) to protect privacy and enhance transparency and oversight. Most importantly, the bill deletes the statutory authorization for the controversial Section 215 Call Detail Records (CDR) program. If it passes, this would be the first time in memory that Congress has revoked a statutorily authorized intelligence surveillance program. The bill also requires full probable cause orders to obtain in the intelligence context any information for which a warrant is required in the criminal context. It also reauthorizes until December 2023 the Section 215 “traditional business records provision,” the roving intelligence wiretaps authority, and the lone wolf amendment to the Foreign Intelligence Surveillance Act (FISA) definition of agent of a foreign power.
While the bill contains important reforms, it lacks a number of other needed reforms, including those that would address the problems identified in Inspector General Michael Horowitz’s investigation into the use of FISA authorities to surveil Carter Page, then a campaign advisor to presidential candidate Donald Trump. The bill is scheduled for mark up tomorrow [February 26, 2020] at the House Judiciary Committee (HJC).
The Reforms In The Bill
The Authorization for the CDR Program is Removed
The USA Freedom Reauthorization Act strips the authorization for the National Security Agency’s (NSA) CDR program from Section 215. A CDR is a record of a phone call or text message that reveals who contacted whom, when, and in the case of a phone call, for how long they spoke. The CDR program replaced the bulk telephony metadata program famously disclosed in 2013 by Edward Snowden with a more narrowly tailored version. However, even after that reform the CDR program was operated unlawfully (by the NSA’s own admission) and at great cost to privacy. In 2018, there were only 14 orders issued under this program for the CDR’s of only 11 targets of surveillance. But, those orders generated the collection of 434,238,543 CDR’s in 2018 alone. The intelligence community (IC) has failed to identify a single instance in which the program revealed a terrorist plot. The program has been such a disaster the NSA voluntarily shut it down “after balancing the program’s relative intelligence value, associated costs, and compliance and data integrity concerns.” As we wrote last August, the program continued to permit the mass collection of phone records, failed to be operated lawfully, and was unnecessary to stop terrorism. Despite failing to demonstrate the program’s necessity, the White House requested that the program be permanently reauthorized. This demand was met with skepticism during both the Senate and House Judiciary Committee hearings. We are pleased that the HJC’s bill strips the authority for the program.
This reform has good prospects for success because it has appeared in other important FISA reform bills. In November 2019, Sen. Richard Burr (R-NC) and Sen. Mark Warner (D-VA), the chair and ranking member of the Senate Select Committee on Intelligence, respectively, introduced S. 2939, the Protecting Against International Terrorism Act, a bill that would “terminate” the CDR program. Additionally, Sen. Ron Wyden (D-Ore) and Sen. Steve Daines (R-MT), and Reps. Zoe Lofgren (D-CA), Warren Davidson (R-OH), and Pramila Jayapal (D-WA) introduced the Safeguarding Americans’ Private Records Act, which would among other reforms, revoke the authority for the CDR program.
Section 215 Cannot Be Used To Collect Information Subject To the Warrant Requirement
The bill prohibits the government from using Section 215 to collect any “tangible thing” that would require a search warrant in the context of a criminal investigation. This is responsive to the concern that the IC may be using Section 215 orders to collect constitutionally protected information under a low standard akin to mere relevance to an investigation. For example, in 2018 the Supreme Court in Carpenter v. United States held that the government must get a warrant prior to accessing seven days or more of historical cell-site location information. Sen. Wyden asked the Intelligence Community if Section 215 orders were being used to collect location information about Americans’ phones in the wake of Carpenter. The IC responded that since Carpenter, Section 215 orders were not being used to gather such location information, but that neither the IC nor the Department of Justice had reached a legal conclusion as to whether or not such activity was prohibited. When asked about this matter in the House and Senate hearings, the IC witnesses insisted on answering in a closed session. These responses demonstrate the need for this clarification.
If this reform is adopted, it will go beyond protecting location information. Communications content is likewise protected by the warrant requirement, so it would also be off limits for purposes of Section 215 orders. Search history also enjoys such protection. Application to other sensitive records such as web browsing history is unclear. Perhaps most important, at least with respect to Section 215: the provision means that any decision by the Foreign Intelligence Surveillance Court (FISC) or the Foreign Intelligence Surveillance Court of Review (FISCR) that intelligence surveillance enjoys an exception from the Fourth Amendment’s warrant requirement is effectively nullified in the Section 215 context. This provision of law would require a full probable cause determination for information protected by the warrant requirement in criminal investigations even if the Fourth Amendment does not protect it on account of the surveillance being conducted in the intelligence context.
The Role of the FISC Amicus is Expanded
In light of the fact that Section 215 was secretly interpreted to permit the bulk collection of Americans’ telephony metadata, the USA Freedom Act required that the Foreign Intelligence Surveillance Court appoint an amicus to provide the government with an independent perspective in cases that raise novel or significant legal issues. This bill would expand the category of cases in which an amicus is appointed to include those matters that present significant concerns with respect to the activities of a United States person that are protected by the First Amendment to the Constitution. This bill also strengthens the role of the amici by granting them access to the information they need to make the strongest case possible, and also gives them the power to recommend a matter for appeal to the Foreign Intelligence Surveillance Court of Review and the Supreme Court.
Increased Transparency About How the Government Wields Its Authority
The USA Freedom Act required that significant or novel FISC or FISCR opinions be published to ensure that the government is not operating on the basis of secret law. However, there was no deadline for the government to meet, and it sometimes delayed for many months the publication of important decisions. This bill would prospectively put the government on a 6 month shot clock to release such opinions and compel the IC to finish a review of prior unreleased opinions within a year. Additionally, the USA Freedom Act requires the IC to publish annual transparency reports detailing how it uses it surveillance authorities including the types of orders used, and the number of individuals and records affected by such use.
The IC has long resisted efforts to provide the public an accounting of how many U.S. persons are impacted by Section 702 surveillance, which is limited to targeting non-U.S. persons reasonably believed to be abroad. This bill will require the FBI to report the number of search terms and the number of queries of FISA material “reasonably likely to identify a United States person.” Requiring such disclosure has been a long standing priority of the privacy and civil liberties community. Finally, the Privacy and Civil Liberties Oversight Board will be tasked to craft a public report on the extent to which decisions to authorize FISA surveillance is informed by protected classes or First Amendment protected activities.
The Missed Opportunities
While the bill contains significant reforms, Congress should supplement the bill with additional reforms, including some contained in the Safeguarding Americans’ Private Records Act. Without such reforms, it will miss an important opportunity to address the problems with FISA identified in Inspector General Michael Horowitz’s report, Review of Four FISA Applications and Other Aspects of the FBI’s Crossfire Hurricane Investigation. The Horowitz report identified a litany of omissions, errors and misrepresentations in the applications for FISA surveillance of Trump campaign advisor Carter Page.
In December 2019 Republicans on the House Permanent Select Committee on Intelligence including Chairman Devin Nunes (D-CA) introduced H.R. 5396 FISA Improvements Act of 2019, which includes a number of proposed reforms responsive to some of the issues highlighted by Horowtiz’s report. For example, Section 2(b) of that bill would require the government to identify information in its FISA applications that has not been substantiated and explain to the FISC the origin of the information, the means used to collect it, the steps taken to verify it, whether the information was used in other proceedings, and the extent to which it is necessary to prove probable cause. Section 2(a)(1) of that bill would require the FISC to appoint an amicus whenever an identifiable United States person was the target of surveillance. If the FISC objects to such a requirement, it could be qualified in the same manner as is already in the statute for the other “mandatory” amicus provision, “… unless the court issues a finding that such appointment is not appropriate.”
The bill would also call for the amici to assess the sufficiency of the evidence presented by the government and to make a recommendation as to whether the probable cause requirement had been met. It would additionally require there to be a written record of all communications between the government and the FISC regarding a particular matter before the FISC.
The Center for Democracy & Technology encourages the House Judiciary Committee to seriously consider these reforms. They would introduce further safeguards into a secretive process that the Horowitz Report has given all Americans reason to be skeptical of. Moreover, if some are adopted, it would be more likely that a substantive bipartisan intelligence reform bill would actually emerge from the House Judiciary Committee and from the House floor, with better prospects in the Senate than a partisan bill would have.
Conclusion
The USA Freedom Reauthorization Act builds on the reform effort started by the USA Freedom Act. We are pleased to see many important provisions included in the bill, including the stripping of the CDR program’s statutory authority and the limitations on the use of 215 orders to obtain information protected by the warrant requirement in criminal cases. However, we encourage the HJC to advance additional needed reforms during markup.
