Intelligence Surveillance & Privacy

FBI Director Christopher Wray Defends FISA Section 702

Vanessa Sauter
Tuesday, October 17, 2017, 10:50 AM

On Friday, FBI Director Christopher Wray delivered a speech at the Heritage Foundation concerning FISA Section 702. The following is his speech as delivered:

Published by The Lawfare Institute
in Cooperation With
Brookings

On Friday, FBI Director Christopher Wray delivered a speech at the Heritage Foundation concerning FISA Section 702. The following is his speech as delivered:

Thanks, David and thanks to the Heritage Foundation for putting on this whole program so that we can have a better and more informed discussion about FISA, Section 702, which I think is sorely needed. I'm very happy to be here this morning and I'm extremely fired up to be back in public service at the FBI. As David says, I think I still qualify as new. I still feel new, and I've spent the first two months trying to get up to speed on a lot of things, including Section 702 and the reauthorization effort.

I've also seen the enormous strides that the Bureau has made in transforming our work in the new reality—I still think of it as new, post-9/11. Following the 9/11 attacks, the Bureau and its partners in the intelligence community and elsewhere systematically worked to tear down walls that had prohibited or dangerously inhibited critical sharing of intelligence across our programs. I know that because I was there. I was there in the days before 9/11, I was in the FBI Headquarters on the days of the attack themselves, and I was there for the four years afterwards.

The fact that we have not suffered another 9/11-scale attack is not just luck. It is the product of an enormous amount of very, very hard work and diligence by thousands of professionals. Most importantly, it’s a product of teamwork and information sharing and dot-connecting by those professionals in the post-9/11, post-wall world with dot-connecting made possible, especially by tools like Section 702.

Unfortunately, some of the potential amendments that we’ve heard about as part of this reauthorization discussion strike me as eerily similar to essentially rebuilding walls like we had before 9/11. It’s like watching well-intentioned people start positioning bricks back in the walls again, perhaps growing complacent from the fact that we haven’t had another attack.

So what I’d like to try to do in my brief remarks today—and then obviously, I’d like to have a discussion—is talk first about the current threat landscape, which has evolved and changed since 9/11. Second, the value of Section 702 and helping us stay ahead of those threats. Third, some clarification about what the 702 program is and what the 702 program is not. Last, I want to talk about some of the potential real world practical impact of some of the proposed changes in the 702 program. So, let me start with the current threat landscape.

When I left public service in 2005, we were still very much focused on the 9/11-style attacks, the kind of terrorist threat posed by al Qaeda and groups like that. That threat remains, but since coming back, I’ve learned very quickly how much the threats have changed and diversified. We now face a serious and constantly evolving threat landscape where travel and technology have blurred the lines between foreign and domestic threats. We still have enemies who are plotting the kind of elaborate mass casualty attacks that we suffered on 9/11—attacks that might take months or even years to plot and plan. But that’s not all.

New technologies now allow ISIS and others to recruit, radicalize, and direct people worldwide much more easily and more remotely than ever before, including right here in the U.S. Homegrown violent extremists or lone actors who self-radicalize at home with little warning also continue to be a major concern. We worry that terrorists and others are going to be using, as we’ve seen in Europe, crude but agile methods of attack, from vehicles to drones—attacks that can be planned much more leanly and with fewer participants and executed in a matter of days or even hours instead of weeks or months.

So overall, what that means is we now have a greater volume of arguably more compact threats and much less time to detect and disrupt any one of those potential attacks. We have a much shorter flash to bang, as the professionals would describe it. So, that’s a very thumbnail description of the threat landscape. That volume of threats combined with fewer dots within each one of those threats to connect and much shorter and tighter time windows in which to detect them and connect them puts a huge, huge and obvious premium on agility. One of the things that I’ve also learned since coming back is the tremendous value of the 702 program for just that purpose. That is that agility.

As most of you know, after the 9/11 attacks, our government worked very hard to figure out why we had failed before 9/11 to connect the dots. That’s a phrase that should be familiar to everyone in the audience. As the 9/11 Commission found, a major problem was our inability to take seemingly disparate pieces of information held by different parts of our government—or even sometimes within the same agency—and to integrate those different pieces into a coherent picture. Since then, through a lot of hard work and a lot of motivation by a lot of professionals, we’ve succeeded in changing that dynamic.

The value of Section 702 is that it gives us the lawful ability to connect those dots between foreign threats and homeland targets using information that is already within FBI holdings. I want to make sure people understand that. When you hear about the FBI conducting queries, what they’re doing is doing database checks against databases of information the FBI already has, has already lawfully obtained. So, query, database check, lawfully obtained information we already have. That’s what we’re talking about. That information in our databases gives us the agility we need to stay ahead of those threats.

There’s been some discussion about limiting the FBI’s ability to access that database, accessing its 702 collection, which, I’m telling you now, would create a serious risk to the American public. Every day, the Bureau—across the country and, indeed, across the world—receives tips and leads from lots and lots of different sources: from the public, from other agencies, from state and local law-enforcement, from our international partners. The tips and the leads are flooding in hourly. That’s the good news. The American people rightly expect that we’re going to take every one of those tips and leads seriously and figure out whether that nugget, that fragment of information, represents something innocuous or whether that’s the key flag of the next attack.

To do that, to separate the wheat from the chaff, to figure out which ones are innocuous and which ones are the indication of something really serious at that early stage with that short time window I was describing, we’ve got to be able to connect the dots from the different pieces were getting and figure out whether that nugget fits in with something else we have elsewhere that causes that aha moment that’s so important. The queries of the FBI databases, including the 702 database, is the first step in connecting those dots.

Those queries help us better understand the information, again, that we’ve already lawfully collected from a variety of sources through Section 702 and a lot of other means by allowing us to cross-reference the information. That’s what helps us prioritize and work the threats rather than just randomly working one-off cases. The only way we can do that is by being able to search our data when we get a tip or a lead. So, for that reason, at that early and critical stage, Section 702 is one of the most important tools that we have.

So let me be clear. Obstacles to conducting those database queries will put the American public at greater risk. Obstacles to allowing us to conducting those queries will put the American public at greater risk. They’re going to do that because it will either delay us when time is of the essence in conducting those queries, or worse, in a lot of instances, prevent us from being able to look at all. That’s going to blind us to information that is already lawfully in our possession.

So let me talk a little bit about what 702 is and what it is not. There are a lot of misconceptions out there, and I’m hoping that our discussion afterwards will help us go into a little bit more detail about some of these. But let me just briefly make a few basic points. First, what Section 702 is: Section 702 is a law that has been passed not once but twice by Congress with strong bipartisan support— first in 2008 and then reauthorized in 2012. Section 702 is constitutional, lawful, and consistent with the Fourth Amendment. Every court to consider the 702 program, including the Ninth Circuit, has found that.

A lot of those court holdings, as well as the privacy and civil liberties oversight board, have specifically concluded that those queries I was just describing, the FBI’s queries, that practice itself is consistent both with FISA and with the Constitution. So what that means is all this debate about potentially tinkering with 702, it’s not the Constitution that’s requiring that. That’s not driven by the Constitution. The courts have uniformly held that both the program and the way it’s being executed are constitutional. So a straight reauthorization of 702 would be fully consistent with the Constitution, including the Fourth Amendment. So: bipartisan support, fully constitutional.

What else is 702? Section 702 is, as I’ve described, an essential foreign intelligence collection program for the entire intelligence community, including the FBI. But it is a target authority. By that, I mean that the collection is only focused on specific selectors, like a particular e-mail address. Then one last point about what Section 702 is: It is subject to rigorous oversight. Oversight by not just one, not just two, but all three branches of government. I will tell you from a practical perspective, that oversight is demanding. It can be painstaking. It’s certainly resource intensive. But we want to make sure that the program is working the way it should be. So we take that oversight seriously, and we respect that and embrace that.

But that brings me to what Section 702 is not: It is not bulk collection of anybody, not even foreign persons. We in the U.S. government can’t cast a broad net to collect information indiscriminately, and Section 702 doesn’t provide for that. It does not permit targeting surveillance on U.S. persons anywhere in the world, whether they’re here or abroad. It doesn’t even allow targeting of just any foreigner abroad. Even with foreigners there has to be a reasonable expectation that the target will receive or communicate specific types of foreign intelligence information.

The NSA, and you’ve heard from Admiral Rogers already, is the lead agency for the targeting part. One thing you might find reassuring is that the FBI only receives collection for a very small percentage of what the NSA does. So, it’s about 4.3 percent of the targets that are under NSA collection. But that 4.3 percent is unbelievably valuable and important to our mission. So let me be clear here. When we run our queries that I’ve been describing, we’re running those against just a fraction of NSA collection and the NSA collection itself is not bulk collection. We can get NSA collection only for targets that are relevant to ongoing full national security investigations.

So let me close by making clear that this is not an abstract or theoretical debate that we’re having about this tool. This has real-world consequences. Just to give one example, a tip under 702 from the NSA that was crucial in helping the FBI stop an attack on the New York City subway system in 2009. Just stop and process what a successful attack on the New York subway system would look like, feel like, sound like. 702 helped us prevent that.

Take a different kind of example. 702 helped us reveal the terrorist propaganda of an ISIS member, a guy named Shawn Parson, and identified additional members of his network. He was using social media to radicalize and recruit actors for ISIS. Part of his network was encouraging followers online to carry out attacks in Western Europe and right here in the homeland in the U.S. He was even posting the names and addresses of American service members. I just want to quote from his postings in case there’s anybody who missed understands the seriousness of this.

I’m quoting from him: “Kill them in their own lands. Behead then in their own homes. Stab them to death as they walk their streets thinking they are safe.” These are real-world consequences. Those are American servicemen and servicewomen he’s talking about there, and Section 702 helped us break that network, identify the people he was in contact with. So given these kinds of potential consequences, I am, as you might imagine, very concerned about some of the kinds of proposals being discussed in this reauthorization debate. Any material change to the FBI’s use of Section 702 would severely inhibit our ability to keep the American people safe.

I think back to the time that I was in government before on 9/11, right before 9/11, right after 9/11. I think about how hard dedicated men and women throughout the intelligence community worked to try to tear down the walls that had prevented us from connecting all the information that might have been able to prevent those attacks. As I said at the beginning, listening to this debate right now, watching some of the potential ideas that are being floated strikes me as eerily similar to people, well-intentioned, starting to put bricks into a wall. Normally, the idea of imposing more restrictions on our ability at the FBI to do our jobs would be based on some kind of constitutional challenge. That’s not the case here. As I said at the beginning, every court to consider this program has upheld its constitutionality. So it’s not because of the Constitution. But why else might somebody want to impose restrictions? Maybe in the past there have been times when government has abused its power. So maybe that’s a reason to have restrictions. But there’s been no evidence of any kind of abuse of power under Section 702, despite all the oversight I mentioned before, with three branches of government and quite a few years of experience now.

So the proposed changes to Section 702 that you’re hearing about are not based on a need to somehow make this statute constitutional, either as written or as applied. As I’ve noted, it already is. These are policy changes—policy changes based on personal views that people have, again, well-intentioned views, and I respect that, on privacy. But as you can tell, my views are different. I think our responsibility, our role, my duty, the duty of the people at the FBI and in the intelligence community, is that we owe it to the American people to use the full extent of our authorities that are consistent with the Fourth Amendment, and that we shouldn’t be creating gaps and limitations in those authorities simply for policy reasons.

One of the experiences I had in my prior time in government was meeting with the family members of the victims of 9/11. I am not going to look the families of future victims in the eye and tell them that there were things, there was more that we could have done that was fully constitutional, fully within our legal authorities, but that we simply chose not to. I think Americans rightly expect us to use all of the available information that we have and all the tools that we have that are consistent with the Constitution to combat the threats that we face as a country. The FBI has made enormous strides since 9/11 to make sure that it’s doing just that.

So I urge—I implore—Congress to reauthorize Section 702 in its current form so that we can keep using one of the most valuable tools that we have in our toolbox to keep America safe. Thank you for having me here today.


Vanessa Sauter is a program associate in the Cybersecurity & Technology Program at the Aspen Institute. She was previously an associate editor at Lawfare and received her bachelor's degree from Columbia University in 2016.

Subscribe to Lawfare