Congress Intelligence Surveillance & Privacy

Reform Section 702 to Maintain Fourth Amendment Principles

Peter Swire, Richard Clarke
Thursday, October 19, 2017, 2:02 PM

Lawfare editors Susan Hennessey and Benjamin Wittes recently criticized efforts to reform Section 702 of FISA before it expires at the end of 2017. Based on our own experience with Section 702, we respectfully disagree. There are compelling reasons to reform Section 702, notably the principles of the Fourth Amendment.

The U.S. Capitol (Source: Noclip, Wikipedia)

Published by The Lawfare Institute
in Cooperation With
Brookings

Lawfare editors Susan Hennessey and Benjamin Wittes recently criticized efforts to reform Section 702 of FISA before it expires at the end of 2017. Based on our own experience with Section 702, we respectfully disagree. There are compelling reasons to reform Section 702, notably the principles of the Fourth Amendment. This post highlights three areas where reforms are clearly indicated: the so-called “backdoor” or “incidental” searches, the “about” collection under Section 702, and common-sense reforms to the Privacy and Civil Liberties Oversight Board (PCLOB).

Our own view of Section 702 was formed when we were two of five members of the 2013 Review Group on Intelligence and Communications Technology, convened by President Obama in the wake of the Snowden revelations. Many of our recommendations have now become law, notably in the 2015 USA Freedom Act. For Section 702, based on review of classified materials, our recommendation 12 highlighted the problems with what public debate has since labeled “backdoor searches” under Section 702.

The problematic searches happen like this. Section 702 applies to foreign intelligence searches carried out in the United States of the content of communications, including emails, texts, and social network communications. The searches cannot be targeted at “U.S. persons,” who are U.S. citizens or permanent residents. Instead, they must be targeted at non-U.S. persons who are outside of the United States.

Here’s where the problem comes in. Suppose a foreign intelligence search is properly targeted at a non-U.S. person who is out of the country, such as in France or Pakistan. That target quite easily can send an email or otherwise communicate with someone inside of the U.S. At that moment, the full content of the U.S. person’s communications with that person get included in the surveillance authorized by Section 702. Ordinarily, the government needs a search warrant to gain the full content of communications of a U.S. person (or someone temporarily in the U.S.). Now, due to the happenstance that the U.S. person communicated with someone outside of the country, the content of communications become available to the government.

After reviewing the evidence available to us, the Review Group found that Section 702 is often an important asset to our national security. We also found, though, that necessary safeguards had not been included for these incidental or “backdoor” collections of communications content. Our principal recommendation was stated in a recent Washington Post op-ed by Review Group members former top CIA official Michael Morrell and legal scholar Geoffrey Stone: “The government should no longer be permitted to search the data collected under Section 702 without a warrant when seeking information about U.S. citizens and legal permanent residents.”

Our recommendation upholds the principles of the Fourth Amendment as applied to the content of communications. For law enforcement investigations, the police must get a search warrant, signed by a judge, that there is probable cause of a crime. For foreign intelligence investigations, the government must get a search warrant, signed by a judge in the Foreign Intelligence Surveillance Court (FISC), that there is probable cause that the individual is an agent of a foreign power.

Our understanding of the draft bill headed for markup in the Senate Intelligence Committee is that it currently fails even to address this crucial issue. The House Judiciary discussion draft on Section 702 partially but incompletely addresses the concerns about searches of incidentally collected communications of U.S. persons. Under current practice, law enforcement and foreign intelligence agents can “query” a large set of databases, including incidental 702 collection, when they are investigating a U.S. person. Under the House draft, these queries about U.S. persons can continue. If the query turns up a hit from incidental 702 collection, then law enforcement must get a warrant before accessing the content of the U.S. person communications. For foreign intelligence purposes, no warrant is needed to gain access to U.S. persons communications, although there would be senior Department of Justice sign-off.

The Review Group recommendation, and the position of civil liberties groups now, is that it should take either a law enforcement or FISA judicial order to query the database. If Congress decides to permit the queries to continue, however, then there should at least be a judge involved before there is access to the contents of U.S. person communications. For the House draft bill to satisfy this standard, it should be updated to include a requirement to obtain a FISA order for foreign intelligence investigations, to accompany the probable cause court order for criminal investigations. Otherwise, it appears that the government could access the U.S. person communications without a warrant, and later build on that information for use in a criminal prosecution.

These same Fourth Amendment principles apply to a second topic of reform, “about” collection under Section 702. Under current law, Section 702 is used as authority for intercepting communications that are “to” or “from” a target, such as that person in France or Pakistan. The statute also authorizes communications that are “about” a target, such as an email that mentions the email address or phone number of the target. Earlier this year, however, the FISC found that the minimization techniques used for “about” collection did not adequately protect the communications of U.S. persons.

As with incidental collection, “about” collection creates situations where the government can access the content of U.S. persons’ communications, without a warrant. FISA searches are carried out within the United States. They target non-U.S. persons abroad, but “about” collection in many cases has swept in contents of communications of U.S. persons, notably under the Upstream program. In such cases, the Fourth Amendment norm is to have a warrant approved by a judge. The House bill appropriately provides a statutory basis to keep the current non-use of “about” collection in place, but we understand that the current Senate bill does not.

A third topic, addressed in part in the House discussion draft, would improve the administration of the PCLOB. The discussion draft enables the Board to carry on ordinary business when there is no chairman, the situation today until nominee Adam Klein is confirmed. Notably, under current law, the Board cannot hire any employees until a new Chairman is confirmed—imagine a company that cannot hire any employees while a CEO search is underway! We urge the Congress to consult with the PCLOB on other needed reforms. For instance, under current law, the four Board members who are not Chairman face a strict limit on the number of hours they can work for the Board—they are prohibited from volunteering to work extra hours on important Board business.

In conclusion, Congress is considering sensible reforms to ensure that Fourth Amendment warrant requirements apply to incidental and “about” collection. We agree with Hennessey and Wittes that Section 702 authorities are important to our national security. But the unanimous opinion of the Review Group stands since 2013: Judges should approve Fourth Amendment search warrants before searching the communications of Americans.


Peter Swire is the J.Z. Liang Chair in the Georgia Tech School of Cybersecurity and Privacy, and Professor of Law and Ethics in the Georgia Tech Scheller College of Business. He is Senior Counsel to Alston & Bird LLP, and Research Director of the Cross-Border Data Forum. He served as one of five members of President Obama’s Review Group on Intelligence and Communications Technology.
Dick Clarke is CEO of Good Harbor LLC, a boutique cyber security/risk management consultancy. Clarke has served in the White House, the Pentagon, the Intelligence Community, and the State Department. He was an Assistant Secretary of State for Political Military Affairs in the first Bush administration and Deputy Assistant Secretary of State for Intelligence under President Ronald Reagan.

Subscribe to Lawfare