Congress Intelligence Surveillance & Privacy

Assessing the Review Group Recommendations: Part I

Benjamin Wittes
Wednesday, December 25, 2013, 2:00 PM
The report of the President’s Review Group on NSA matters has already received widespread attention, some of it high altitude, some of it more granular. It’s an ambitious document, both conceptually and in the sheer number of recommendations it makes---some of which contemplate reforms of great significance. In this set of posts, I want to assess the pros and cons of each and every one of the group's 46 recommendations, which to my mind are a very mixed bag and of wildly differing merit.

Published by The Lawfare Institute
in Cooperation With
Brookings

The report of the President’s Review Group on NSA matters has already received widespread attention, some of it high altitude, some of it more granular. It’s an ambitious document, both conceptually and in the sheer number of recommendations it makes---some of which contemplate reforms of great significance. In this set of posts, I want to assess the pros and cons of each and every one of the group's 46 recommendations, which to my mind are a very mixed bag and of wildly differing merit. Some of the recommendations are sensible and helpful and should be embraced by the administration as useful reforms. Others are grand-sounding but ultimately inconsequential and should either be embraced rhetorically and then allowed to wither on the bureaucratic vine or just ignored. Some are downright bad ideas that should be actively rejected. My purpose in these posts is to separate the good from the bad, and both from the unimportant. I will try to look both at the likelihood of each recommendation’s being adopted and also whether I believe, on balance, each represents a sound idea that should be adopted. I’m going to proceed in roughly the same order as did the Review Group itself, starting with the recommendations of Chapter III, which deal with acquisition of tangible things and metadata both under Section 215 and using national security letters. (Chapters I and II deal with high-altitude principles and do not make specific recommendations). Chapter III contains the Review Group’s first 11 recommendations---the first three of which I will consider in this post. The chapter begins by suggesting changes both to Section 215 collection of ordinary business records (Recommendation #1) and to the FBI’s national security letters authorities (Recommendations #2). These changes are designed both to tighten and harmonize the substantive scope of the collection authority and to clarify that it must be a judge who makes the relevant findings---not NSA or the FBI. The idea is to make both national security letters and 215 orders more like grand jury subpoenas, only with the judicial review taking place before the documents issue instead of when a recipient challenges them. In the case of national security letters, the goal (Recommendation #3) is also to impose the same oversight, minimization, and retention standards that currently govern 215 orders. The attraction of this approach is threefold: in conjunction with one another, these recommendations would impose greater uniformity of standards for the collection of similar types of data. They would modestly raise the standards for this sort of collection. And they would impose a layer of judicial oversight before the collection takes place. From a civil liberties point of view, these would be big and important changes. Is this a good idea? The merits, at least to my mind, differ between 215 and national security letters. Leaving aside the bulk metadata program for a moment, I think they would probably be healthy, and entirely manageable, changes with respect to 215. Section 215 orders are, after all, comparatively rare. A modest adjustment to the standard would, therefore, not create a great deal of additional burden for those situations in which they do occur. Judicial review of these orders is already taking place prior to their issuance, so the impact would largely be felt in the FISC’s substantive authority---as proposed by the Review Group---to review orders for reasonableness “in focus, scope, and breadth” and for whether “the particular information sought” is relevant to the investigation. Again bracketing for the moment the question of bulk metadata, which the Review Group treats in subsequent recommendations, this would---I suspect---have relatively little operational impact and have modestly salutary effects on public confidence. Whether the administration embraces it will depend, I suspect, on how the administration comes down on bulk metadata issues---and whether it regards the routine 215 use as severable from the bulk metadata question. For my part, I think it's worth severing the two questions, and that the Review Group's proposal for routine 215 orders makes a lot of sense. By contrast, the operational impact of the Review Groups recommendations with respect to national security letters, as the report acknowledges, would be far greater. National security letters are exceedingly common. They issue at the rate of roughly 60 per day, the Review Group reports. They involve the collection of basic investigative building blocks. So creating prior judicial review of each one of them---save in emergency situations---would be no small step, either for the FBI or for the judiciary. The Review Group acknowledges that prior judicial review would pose “a serious logistical challenge” and that “It is not realistic to expect the FISC, as currently constituted, to handle that burden.” And it thus suggests either “a significant expansion in the number of FISC judges,” the addition of magistrate judges to handle NSLs, or allowing other courts to handle NSL requests. The group also acknowledges that the “transition to this procedure will take some time, planning, and resources, and that it would represent a significant change.” My instinct is that the civil liberties benefits here would not exceed the operational costs and the logistical difficulties. I also think there are principled differences between 215 orders and national security letters that justify different treatment in law. National security letters, after all, cover only specific categories of data: telephone toll and subscriber records, email subscriber records, and banking and credit card data, for example. By contrast, Section 215 allows the subpoena-like collection of any tangible thing relevant to the investigation. I’m sympathetic to the idea of reforming aspects of national security letters---particularly the gag orders that generally accompany them. But I doubt that prior judicial review is plausible here on a systematic basis. And I suspect the FBI and the Justice Department will fight it tooth and nail, and that the Obama administration will thus find itself unable to embrace this reform.

Benjamin Wittes is editor in chief of Lawfare and a Senior Fellow in Governance Studies at the Brookings Institution. He is the author of several books.

Subscribe to Lawfare