You’ve been warned: a fight over the government’s ability to spy on its own citizens is coming to Congress. Section 702 is up for renewal again in December.
Section 702 grew out of an illegal post-9/11 program called Stellarwind, exposed by NSA whistleblower Tom Drake. It refers to a provision of the Foreign Intelligence Surveillance Act (FISA) that was enacted in 2008. It authorizes the government to collect the communications of non-Americans located outside of the United States for the purpose of obtaining foreign intelligence information. But the program also allows for the incidental collection of information about Americans who may be communicating with the targeted foreigners.
Section 702 was renewed by Congress in 2018 with the passing of the FISA Amendments Reauthorization Act. This reauthorization extended its authority for another six years, through December 31, 2023. Hence the looming fight.
The reauthorization included some modifications to the program, including new reporting requirements and limitations on the use of information obtained under Section 702 in certain types of legal proceedings. The law also included some new privacy protections, such as the requirement for a warrant to search for and use information related to Americans in certain cases. The latter only applies to the FBI, which is required to obtain a court order to review anything that comes up in response to queries using American identifiers that are purely for a criminal investigation with no link to national security. Oh yes, that’s right: Section 702, which was written to stop another 9/11, is used by domestic law enforcement as part of regular police work.
But the most controversial aspect of the law remains the “Three Hops Rule.” If you are speaking with a foreigner outside the US by phone, then that makes everyone else you speak with, American or not, eligible for monitoring. That’s one hop. Everyone they talk to is also eligible — that’s two hops — and so forth to three. The number of people subject to legal surveillance under Section 702 thus grows geometrically every time someone sends an email, like some sick version of the old game Six Degrees of Kevin Bacon. Suddenly the Fourth Amendment’s right to privacy is reduced to dryer lint because no warrants are generally needed and little if any oversight is applied. The scooping up of American communications is referred to as “incidental collection,” even though it is quite purposeful.
The two things — three hops and Section 702 — were never intended to be used together, but they are. Technological advances, primarily the internet and fiberoptic lines, made foreigners’ messages available on domestic US networks; the routing of a communication from Beijing to London passes through America. Since the Reagan years, the NSA, with the help of communications companies, has been able to vacuum up in bulk, without targeting anyone specifically, messages that both originate and terminate abroad as they travel across American networks.
The potential for abuse is underscored by the scale of all this in an age when almost all of our communications are electronic (including phone calls) and when hubs of communication (Google and email providers, most of whom cooperate directly with the government to collect and hand over your data, as exposed by NSA whistleblower Edward Snowden) concentrate more and more of what we say, read, watch, and buy into fewer nodes to tap. In 2021, there were more than 230,000 foreign targets of Section 702 warrantless surveillance (that number was multiplied by the three hops rule, of course).
In contrast, the government obtained FISA court warrants to eavesdrop on only about 300 Americans or noncitizens on domestic soil. Proponents of Section 702 argue that obtaining warrants for all these foreigners would sharply curtail the intelligence the government is able to gather. Applying for court orders requires time and resources, and then there are those nasty legal and evidentiary standards. Because everything is highly classified, absent whistleblowers, public oversight is limited.
One declassified audit showed that the FBI misused the system for routine employment checks and other unauthorized sneak peeks. The FISA court, in an example of what passes as oversight, criticized the FBI for “widespread violations” of rules intended to protect Americans’ privacy, but still signed off on the program’s continuance.
“Section 702 allows mass warrantless surveillance of individuals’ communications, including Americans. It embodies a long history of government overreach and abuse, including the most recent oversight report released in December 2022, which found that the FBI conducted numerous unlawful searches for Americans’ information,” Kathleen McClellan of ExposeFacts.org told The Spectator.
One idea being floated is to separate the collection of raw material from the query process, i.e., actually using the material. A revised Section 702 would continue to allow mass monitoring, but before the NSA or FBI, et al, could search that collected date for Americans by identifier (name, Social Security number, etc.), they would need a warrant to show probable cause. Something like this change might be the key to seeing Section 702 reauthorized, as House Judiciary Committee members focus on civil liberties while members of the Intelligence Subcommittee tend to be more supportive of surveillance powers.
The fearmongering ducks are already being lined up. General Paul Nakasone, head of the NSA and Cyber Command, said 702 powers have helped the government stop planned terrorist plots and cyber espionage campaigns before they happen. “702 provides a critically important capability to the intelligence community as we face rising challenges from China and Russia, as well as threats from terrorism, cyber actors, and others,” Senate Intelligence Chairman Mark Warner claims.
Congress is expected to rely heavily on the advice of the Privacy and Civil Liberties Oversight Board (PCLOB), an independent executive branch agency led by a bipartisan group of five presidentially nominated and Senate-confirmed board members. The Board is examining significant changes to the 702 program.
The Board’s review covers selected focus areas for investigation, including but not necessarily limited to American queries of information collected under Section 702 and “Upstream” collection (data handed over from communication providers). The Oversight Project also includes reviewing the program’s past and projected value and efficacy, as well as the adequacy of existing privacy and civil liberties safeguards. The changes made to Section 702 on the last renewal go-round in 2018 drew from this report, a good indicator that the PCLOB may influence the 2023 renewal process as well.
The bad news is that most of the Fourth Amendment protections of Americans’ privacy disappeared in the aftermath of September 11, all in the name of fighting terrorism. There seems no question that Section 702, one of the Fourth Amendment-busting laws, will be renewed. The hope for civil libertarians and privacy advocates alike in salvaging some rights lies in marginal changes to the law along the line of PCLOB recommendations to limit the use of Americans’ identifiers as query terms and to force NSA and others to disclose more of the extent of the program’s use.
