Foreign Intelligence Surveillance Act Reform
- EPIC Obtains Secret Attorney General Reports on Electronic Surveillance: As a result of an FOIA lawsuit, EPIC has obtained copies of the Attorney General Reports on the government's electronic surveillance activities. These reports have been submitted to Congress every six months since 2001 but have never before been disclosed to the public. These reports include new details about government collection of telephone and Internet records. The reports include the number of US persons targeted for "Pen Register" surveillance under the Foreign Intelligence Surveillance Act. The reports also contain noncompliance incidents and significant foreign intelligence court opinions, but those details have been withheld by the Justice Department. The documents obtained by EPIC also show that the Justice Department told Congress that the collection of telephone subscriber information would decrease, even after the section 215 bulk collection program began. The case is EPIC v. Dept. of Justice, No. 13-961. For more information, see EPIC v. DOJ - FISA Pen Registers and EPIC: FISA Stats. (Mar. 19, 2014)
- In FOIA Lawsuit, EPIC Obtains Secret Reports on Data Collection: In a Freedom of Information Act lawsuit, EPIC has obtained reports that detail the number of times the Surveillance Court authorized the use of techniques that gather the telephone numbers and metadata of phone customers and Internet users. The previously secret reports obtained by EPIC cover the period between 2000 and 2013. The reports reveal a dramatic increase in the use of these techniques in 2004 and then a significant reduction in 2008, likely the consequence of a shift to other investigative techniques. The documents show that nearly all applications to the Surveillance Court were approved without modifications. In 2013, EPIC petitioned the Supreme Court to end the bulk telephone record collection program. Former members of the Church Committee and dozens of legal scholars supported the EPIC petition. For more information see: EPIC v. Department of Justice - Pen Register Reports, EPIC: Foreign Intelligence Surveillance Court Orders 1979-2012, and In re EPIC. (Mar. 3, 2014)
- Federal Communications Commission Seeks Public Comment to Protect Phone Record Privacy: The Federal Communications Commission has invited public comments on a petition requesting the FCC to rule that the sale of consumer phone records to the government is a violation of the federal Communications Act. EPIC joined the petition, which was organized by Public Knowledge. In 2013, EPIC urged the FCC to determine whether AT&T violated the Communications Act when it sold private consumer call detail information to the Drug Enforcement Administration and Central Intelligence Agency. In 2013 EPIC also wrote to the FCC to explain that Verizon had likely violated the Communications Act when it disclosed telephone records to the NSA. Public comments on the petition are due January 17, 2014 and reply comments are due February 3, 2014. For more information, see EPIC: CPNI (Customer Proprietary Network Information), and EPIC: Foreign Intelligence Surveillance Act. (Jan. 7, 2014)
- Senate Confirms Judge Wald for Privacy Oversight Board: The Senate confirmed the reappointment of Judge Patricia M. Wald to the Privacy and Civil Liberties Oversight Board. Judge Wald's current term was set to expire next month, but President Obama re-nominated her on March 21, 2013. Last year, EPIC recommended that the Oversight Board, consistent with its mandate, pursue a broad agenda, including (1) suspension of the Fusion Center Program ; (2) limiting closed-circuit television surveillance; (3) eliminating the use of body scanners; (4) establishing privacy regulations for drones; (5) improving Information Sharing Environment (ISE) and Suspicious Activity Reporting (SARS) Standards; and (6) Privacy Act adherence. More recently, EPIC addressed the Board at a workshop on NSA Surveillance. And in response to a public rulemaking, EPIC also provided extensive comments on a proposed rule governing the Board's Freedom of Information Act practices. The Board adopted nearly all of EPIC's recommendations on transparency. For more information, See EPIC: Foreign Intelligence Surveillance Act and EPIC: Open Government. (Dec. 13, 2013)
- Presidential Task Force to Recommend Changes at NSA : The Review Group on Intelligence and Communications Technologies, established to recommend surveillance reforms, will send a final report to the President this Sunday. According to one news article, the task force will recommend putting a civilian leader in charge of NSA, separating out the code-breaking "Information Assurance Directorate," and splitting the U.S. Cyber Command off into a separate military unit. The Review Group will also recommend new limits on the NSA’s ability to search telephone call records, proposing that telephone records be stored with a third party rather than the NSA. The group will also recommend safeguards for the data of European citizens, and restrictions on the use of National Security Letters. Earlier this year, EPIC filed a petition with the U.S. Supreme Court, supported by legal scholars and former members of the Church Committee, arguing that the NSA bulk collection program was unlawful. For more information, see EPIC: Foreign Intelligence Surveillance Act, EPIC: Foreign Intelligence Surveillance Act Reform, and EPIC: In re EPIC. (Dec. 13, 2013)
- EPIC Supports Petition Urging FCC to Protect Phone Record Privacy: EPIC has joined a petition to the Federal Communications Commission, organized by Public Knowledge, that asks the FCC to rule that the sale of consumer phone records to the government is a violation of the federal Communications Act. Last month, EPIC urged the FCC to determine whether AT&T violated the Communications Act when it sold private consumer call detail information to the Drug Enforcement Administration and Central Intelligence Agency. And in June, following the initial Snowden disclosure, EPIC wrote to the FCC to explain that Verizon had likely violated the Communications Act when it disclosed telephone records to the NSA. EPIC has also long supported the FCC's consumer privacy enforcement authority, filing amicus briefs in significant cases, including US West v. FCC and NCTA v. FCC, to defend the agency’s privacy regulations. For more information, see EPIC: CPNI (Customer Proprietary Network Information), EPIC: Foreign Intelligence Surveillance Act. (Dec. 11, 2013)
- EPIC Asks Federal Court to Require Immediate Release of Government Surveillance Reports: EPIC has filed a Freedom of Information Act lawsuit for the reports that detail the NSA's collection of call record information from US telephone companies. Citing the Department of Justice's failure to comply with EPIC original EPIC's FOIA Request and the urgency to inform the public, EPIC has also filed a motion for a preliminary injunction, asking a federal judge to rule within 20 days on EPIC’s legal claims. EPIC is seeking the reports that the Justice Department has routinely prepared for Congress but never made available to the public. The Foreign Intelligence Surveillance Court, relying on these reports, has approved the bulk, suspicionless collection of Internet and e-mail data, which is now widely debated. For more information, see EPIC: EPIC v. DOJ (Pen Register / Trap and Trace). (Dec. 9, 2013)
- EPIC Urges FCC to Investigate AT&T’s Practice of Selling Consumer Phone Records: In a letter to Federal Communications Commission Chairman Tom Wheeler, EPIC urged the FCC to determine whether AT&T violated the Communications Act when it sold private consumer call detail information to the Drug Enforcement Administration and Central Intelligence Agency. EPIC's letter follows an earlier letter where EPIC asked the FCC to resolve whether Verizon violated the Communications Act when it released consumer call detail information to the National Security Agency. EPIC's letter also informed the Commission that the National Association of Regulatory Utility Commissioners has issued a draft resolution underscoring the crucial role of the FCC in protecting consumer information. For more information, see EPIC: In re EPIC and EPIC: Foreign Intelligence Surveillance Act. (Nov. 18, 2013)
- Leahy and Sensenbrenner Introduce USA FREEDOM Act: The Democratic Chair of the Senate Judiciary Committee and the Republican author of the Patriot Act have introduced the USA FREEDOM Act, which would reform the Foreign Intelligence Surveillance Act and limit NSA surveillance activities. A bi-partisan coalition, including 17 Senators and 70 Members of Congress, have joined as original co-sponsors. Key provisions of the FREEDOM Act increase transparency of intelligence activities, prevent end-runs around the FISA Court, and improve public reporting. In 2012 EPIC testified before the House Judiciary Committee about the need to reform FISA and to improve oversight of the FISA court. The FREEDOM Act also ends the controversial bulk phone records collection program. EPIC has brought a challenge in the Supreme Court to the phone records program, explaining that it is unlawful under current law. For more information, see EPIC: In re EPIC and EPIC - Foreign Intelligence Surveillance Act. (Oct. 29, 2013)
- Government Responds to EPIC's Supreme Court Challenge of NSA Telephone Record Program: The Solicitor General has filed a response to EPIC's challenge to the NSA's telephone record collection program. In July, EPIC petitioned the Supreme Court to vacate the order of the Foreign Intelligence Surveillance Court that requires Verizon to turn over all telephone records to the NSA. EPIC argued that the Intelligence Court exceeded its legal authority and could not compel a telephone company to disclose so much personal information unrelated to a foreign intelligence investigation. Legal scholars and former Members of Congress filed briefs in support of EPIC's petition, including privacy and national security scholars, constitutional scholars, federal courts scholars, and members of the Church Committee. Congressman James Sensenbrenner, the primary author of the Patriot Act, has said that the telephone records collection program was never authorized by Section 215. For more information, see In re EPIC. (Oct. 14, 2013)
Recent debates over the scope and legality of foreign intelligence surveillance relate to two key provisions of the Foreign Intelligence Surveillance Act ("FISA"). These provisions were added and subsequently amended in the decade following the attacks of September 11, 2001. The first is the business records provision, which was established in the USA PATRIOT Act, Section 215. The second is the provision outlining procedures for targeting certain persons outside the United States other than United States persons, added by Section 702 of the FISA Amendments Act of 2008 ("FAA"). Both of these provisions expanded the scope of foreign intelligence surveillance that can be conducted within the United States.
As new details have emerged about the FBI and NSA's domestic intelligence-gathering practices, it has become clear that the current system does not provide sufficient transparency to ensure public oversight and trust. There are three main problems with the current system that have allowed this to occur: the development of a secret body of constitutional and statutory law by the FISC, structural limitations on judicial review of FISA surveillance, and rules inhibiting Congress’ ability to facilitate public oversight. As a result, important questions about the scope and nature of surveillance activity have remained unanswered and the public has been left in the dark.
Stop Unlawful Collection of Domestic Telephone Records
Over the last two months, top administration officials including the Director of National Intelligence have acknowledged the NSA's telephone metadata program, which involves the collection of a majority of call records in the United States. EPIC and others have argued that the FISC simply lacks the authority to grant an order for all domestic call detail records from Verizon or any other communications provider. Under the relevant FISA provision, the court is authorized to issue an order compelling production of business records if it finds that they are "relevant to an authorized investigation" of international terrorism. The FISC is not authorized to compel a service provider to produce, on an ongoing basis, the call detail records of millions of innocent Americans, which are irrelevant to any national security investigation. The NSA's domestic metadata surveillance program is unlawful under the FISA.
Last month, in response to the unlawful FISC order, EPIC filed a petition for a Writ of Mandamus in the U.S. Supreme Court, seeking to vacate the order and find that the FISC exceeded its statutory authority. Four groups of leading privacy and constitutional scholars then filed amicus curiae briefs in support of the EPIC Mandamus Petition, and the Solicitor General indicated that he will be filing a response. Legal experts agree that this bulk collection of Americans' telephone records exceeds the limitations of Section 215, that it undermines the Congressional intent of the FISA, that it is contrary to the purposes of the Fourth Amendment, and that the Supreme Court has the authority to issue the relief that EPIC seeks.
The current domestic metadata surveillance program is unlawful and should be discontinued.
Enable Public Oversight of Surveillance Programs
At present, the FISA grants broad surveillance authority with little to no public oversight. Section 702 of the FISA Amendments Act of 2008 ("FAA"), which was reauthorized on December 30, 2012, grants the Attorney General and the Director of National Intelligence broad authority to conduct surveillance targeted at persons reasonably believed to be outside the United States. The FISC has found that surveillance conducted under Section 702 directives acquires tens of thousands of "wholly domestic" communications each year. Given the significance of this intrusion into Fourth Amendment-protected communications, it is necessary to establish public oversight of these programs by requiring detailed annual reports.
Soon after the passage of the USA PATRIOT Act, which amended various FISA provisions, a special committee of the American Bar Association undertook an evaluation of the expanded use of FISA and made recommendations to ensure effective privacy safeguards. The ABA recommended an "annual statistical report on FISA investigations," comparable to the annual Wiretap Report published by the Administrative Office of the United States Courts. EPIC recently emphasized the need for such a report given the broad scope of surveillance authorized by the FAA. Each year, EPIC and other organizations closely review the wiretap report released by the administrative office, which provides a comprehensive overview of the cost, duration, and effectiveness of surveillance authorized under Title III. The wiretap report is a critical document that allows the public to evaluate the effectiveness of surveillance conducted in criminal investigations.
In contrast with the wiretap report, the annual FISA letter sent by the Attorney General provides very little useful information about the use of intelligence authorities. The letter recites the number of applications made by the government for electronic surveillance, physical searches, and access to certain business records as well as the requests made by the Federal Bureau of Investigation pursuant to the National Security Letter authorities. The letter also notes the number of applications for electronic surveillance withdrawn by the government, modified by the FISC, or denied by the FISC in whole or in part. Importantly, the letter does not provide any context about the scope of business records collected under Section 215 or any information about the number of directives issued pursuant to Section 702.
Administration officials should publish more information about current surveillance programs, including details about their use, effectiveness, and their impact on the privacy of U.S. persons.
Publish All Significant FISC Opinions
The FISC has jurisdiction to "hear applications for and grant orders approving electronic surveillance" and "physical search[es]" for the "purpose of obtaining foreign intelligence information" on foreign nationals within the United States. The FISC also has the authority to grant applications for pen/trap surveillance and orders compelling the production of business records. Applications to the FISC are secret and its hearings are non-adversarial and ex parte. In addition, FISC opinions are classified and there is no requirement that they be declassified and published. As a result of FISC's review of Section 702 targeting and minimization procedures, the court is now ruling on important and novel Fourth Amendment issues. This new body of secret constitutional and statutory law makes it difficult for the public to fully evaluate the scope and impact of the intelligence surveillance programs.
EPIC has previously proposed amendments to the FISC's rules that would increase transparency and reporting of court opinions. In comments to the FISC in 2010, EPIC urged the Court to regularly publish its orders, opinions, or decisions. "In order to fully understand how FISA is being interpreted by the Court and to determine whether the Court has been an objective check to an overzealous government, the public and Congress need access to the Court's rulings." While facts, sources, or methods may be properly classified, legal analysis and judicial opinions should be shared with the public. Secret law is contrary to values and needs of democratic government.
The publication of significant FISC opinions, including those already provided to congressional intelligence and judiciary committees, should be mandatory and subject to a prompt declassification process.
Make the FISC More Adversarial
In addition to the proposals discussed above, EPIC also supports the creation of a &"special advocate" to bring adversarial proceedings to the FISC. President Obama has endorsed the creation of a FISC adversary that argues in favor of civil liberties and in the public interest, and prominent members of Congress have already introduced relevant legislation.
- In re EPIC, S.Ct. No. 13-58 (Jul. 8, 2013)(seeking a writ of mandamus to vacate the order of the FISC requiring production of all Verizon telephone records).
- Testimony of EPIC Executive Director Marc Rotenberg, Hearing on the FISA Amendments Act of 2008 before the Subcommittee on Crime, Terrorism, and Homeland Security of the House Committee on the Judiciary (2012).
- EPIC Comments to the Foreign Intelligence Surveillance Court's "Proposed Amended Rules" (2010).
- American Bar Association, Section on Individual Rights and Responsibilities, FISA Oversight Resolution (Feb. 10, 2003).
- ACLU, How the NSA's Surveillance Procedures Threaten American's Privacy (June 21, 2013).
- EPIC: FISA
- Mass Surveillance in America: A Timeline of Loosening Laws and Practices, ProPublica (June 7, 2013).
- NSA Surveillance Lawsuit Tracker, ProPublica (2013).
- Office of the Director of National Intelligence, IC on the Record
- U.S. Plans Reports on Secret Court Orders to Telecom Providers, Alina Selyukh, Reuters (Aug. 29, 2013)
- DNI to Release Surveillance Request Data, Tony Romm, Politico (Aug. 29, 2013)