Skip to Content

Government Surveillance

Wolf In Sheep’s Clothing: A Planned Amendment to This Week’s Vote Would Be the Largest Expansion of FISA in Over 15 Years

This week the House is set to vote on legislation to renew Section 702 of the Foreign Intelligence Surveillance Act (“FISA 702”), along with a set of amendments. One of these amendments — put forward by House Intelligence Committee leads Mike Turner and Jim Himes — would expand warrantless FISA surveillance dramatically: While falsely billing itself as a minor definitional tweak, in reality the amendment would be the largest expansion of FISA since Section 702 was created in 2008. It could be used to enlist an array of sensitive facilities — such as offices for nonprofits, political campaigns, and news organizations — to serve as hubs for warrantless surveillance. 

Last December the House Intelligence Committee pushed a plan to expand the definition of “electronic communication service provider” in their FISA 702 bill, a measure CDT and others warned was a “Trojan Horse ” to dramatically expand warrantless surveillance. Now they are attempting to resurrect this problematic proposal as an amendment. The text is largely similar: It expands the types of entities that are subject to FISA 702 orders to include entities with mere access to the equipment on which such communications are stored or transmitted. We sounded the alarm on how this expansion would pull in a huge array of businesses that have no experience in communications management, from hotels to AirBNB hosts to even coffee shops. The Intelligence Committee has responded to this (and validated the legitimacy of the concern) by adding exceptions to the amendment: It does not apply to entities that are public accommodation facilities, dwellings, community facilities, or food service establishments as defined in certain provisions of US Code.

But despite the amendment boosters’ claim that it is just  “narrowly updating the definition of electronic communication service provider,” the new text still makes a huge array of entities subject to FISA 702 orders, notably, commercial rentals and business landlords. This means the owner of any commercial building or facility that maintains internet services could be subject to FISA 702 orders, forcing them to help vacuum up communications of tenants such as:

  • News media headquarters and journalists offices
  • Nonprofit and grassroots advocacy organizations’ offices
  • Field offices for Members of Congress as well as state and local lawmakers
  • Political campaigns’ headquarters and local offices 
  • Lawyers’ offices

This is alarming because not only are these exactly the type of sensitive entities for which warrantless surveillance is most dangerous, they are many of the exact types of entities that have been subject to prior FISA 702 abuse: journalists, protesters, lawmakers, and campaign donors have all been subject to improper US person queries in recent years.

Further, because commercial real estate facilities and business landlords typically have no experience in accessing and routing communications — or receiving and responding to communication surveillance orders — this new form of surveillance would be especially vulnerable to errors and over-collection. Compounding this issue is the possibility that it will encompass Upstream collection, in which the government demands access to the entire stream of communications data, rather than obtaining only the communications to and from surveillance targets. Forcing commercial real estate entities with no experience in surveillance demands and that typically do not even access communications to comply with FISA 702 orders is a recipe for disaster.

In addition to recklessly opening Pandora’s Box in terms of its impact on commercial real estate facilities, the amendment seems laser focused on dramatically expanding surveillance  to cloud storage services and data centers providing server rental services. This in itself would be a colossal expansion of FISA 702, creating new privacy and civil liberties risks at precisely the time when Congress should be focused on enacting safeguards and stopping impropriety. It would also deal a major blow to the global competitiveness of US businesses, which will have much more difficulty in convincing customers that they can be safe stewards of sensitive data.

Congress has a critical opportunity this week to reform FISA 702, and end the litany of abuse that has been documented in recent years. This amendment pulls us in the opposite direction, compounding problems by expanding warrantless surveillance when it needs to be reined in.