What would you do if you had to vote in Congress on a crucial national security program, when you also knew that the FBI had systematically ignored privacy safeguards in the program for years? That was the choice that Congress faced in April, when it ultimately decided to reauthorize Section 702 of the Foreign Intelligence Surveillance Act, known as FISA.
Section 702 originally became law in 2008, when a great deal of previously “foreign” surveillance had shifted to the United States. In the old days, the National Security Agency carried out its communications surveillance overseas, such as keeping an eye on China or the Soviet Union. By 2008, however, the most important national security surveillance was often obtained within the U.S., such as when emails came through the United States as part of internet traffic.
Section 702 addressed this mix of foreign and domestic data gathering. Under court-approved procedures, it allows the government to gather communications, but only where the target of the surveillance is a foreign person who is outside of the U.S. Although no court approval is needed when the NSA intercepts communications overseas, Section 702 requires court-approved safeguards when the information gathering occurs in the U.S.
Privacy violations
NSA surveillance triggered headlines in 2013 when the revelations by former agency contractor Edward Snowden showed that the amount and type of government surveillance had grown far beyond what even experts realized after the terrorist attacks of Sept. 11, 2001. I was honored to be named by President Barack Obama to a special Review Group on Intelligence and Communications Technologies in 2013 to propose surveillance reforms. Our report was one of the sources for the USA Freedom Act of 2015, the biggest set of privacy reforms for surveillance since FISA was created in 1978.
Even after these reforms, however, two types of problems cast doubt on how the FBI in particular was using its FISA authorities. First, the FBI was not following the procedures required by the courts for accessing information about Americans in the Section 702 databases. As a result, the FBI conducted over 3 million searches of Americans’ email and other records in 2021. After a public furor and changed policies, that number dropped to 119,383 in 2022.
Second, during the 2016 campaign, the FBI began an investigation into whether people associated with the Trump campaign were coordinating activities with the government of Russia, as part of what became known as the Crossfire Hurricane investigation. Although the Department of Justice Inspector General Michael Horowitz found “no evidence that the FBI consulted” with any political officials in opening its investigation, he found significant violations in FISA applications. These included submitting legal documents to judges…