Overview: Reforming FISA
By William C. Banks, Marion E. (Spike) Bowman, & John Shenefield
It is widely understood that the dynamics that led to the enactment of the Foreign Intelligence Surveillance Act (FISA) in 1978 were unique, and that the inter-branch compromises reached then authorized the means for electronic collection of foreign intelligence that served the nation well for many years. It is also generally agreed that changes in technology, threats, and law raise questions about whether there should be significant changes in the existing framework for conducting electronic surveillance under FISA.
On the one hand, counterintelligence and terrorist targets are communicating in ways that make FISA unwieldy, with the location of the target often difficult or impossible to determine. Collection inside the United States is now often the best or only way to acquire even foreign-to-foreign communications. On the other hand, more Americans than ever are engaged in international communications and there is far greater intelligence interest in communications to and from Americans. Both circumstances increase the likelihood that the government will be intercepting communications of innocent Americans, raising questions about the adequacy of the FISA safeguards.
Once the Terrorist Surveillance Program (TSP) was reported in December 2005, the steps taken by the Bush administration, the Foreign Intelligence Surveillance Court (FISC), and Congress to prescribe lawful processes for conducting electronic surveillance sufficient to meet threats and account for modern technologies have been piecemeal and have failed to consider the broader context in which FISA now operates. After enactment of the short-term Protect America Act in 2007, the FISA Amendments Act of 2008 (FAA) ultimately failed to address these broader issues and many members of Congress, including the leadership in the House and Senate, made it clear that this would not be the last word on FISA.
The 2008 provisions for judicial review, minimization, and congressional oversight contain some ambiguities, and their utility remains to be tested. Likewise, the authorization of data collection not directed at a target (“incidental” collection) or accompanied by safeguards may be an inevitable byproduct of surveillance, but the discretion granted is uncontrolled in the statute. In addition, the predicate standards (“persons reasonably believed to be located outside the United States. . .”) remain controversial, in relation to the Fourth Amendment and as policy.
Yet the major shortcomings of the amended FISA are more fundamental. First, the legislation follows the 30-year FISA model of focusing on targets and their location for the purposes of authorizing and conditioning surveillance and data collection. As David Kris and others have noted, it is not possible to tell reliably in many cases where an individual is when a communication is made. Because so much in FISA as amended stands or falls based on the location determination, the scheme lacks coherence. Moreover, as noted, rules for dealing with “incidentally collected” U.S. person information were developed when America’s primary national security focus was overseas. The current focus on calls coming into and out of the United States may require some adjustments in managing the risk of acquiring communications of innocent Americans.
The key question regarding programmatic surveillance not adequately addressed in the FAA is how the government can best ensure that it is able to access the communications of those who wish to do us harm while appropriately safeguarding the privacy of law-abiding persons inside the United States.
Second, whatever one thinks of the constitutionality or policy value of the programmatic surveillance authorized by the FAA, the legislation fails to prescribe processes for what happens next with the data that are collected through the approved program. On what bases, subject to which criteria, and according to what processes and accountability mechanisms do officials determine to look more closely at individualized pieces of the traffic? Although the traditional FISA processes remain available, the practice under the FAA and going forward is that executive officials exercise discretion to probe further when patterns or key words are found in the collected data.
Workshops: Contributions to FISA Reform
Washington, DC | May 2, 2014
Discussions & Video
- Panel 1: Why Do We Conduct Foreign Intelligence Surveillance? Including an introduction by William C. Banks.
Moderator: Harvey Rishikof, Director of Cybersecurity and the Law, The iSchool, Drexel University and Chair, ABA Standing Committee on Law and National Security Advisory Committee.
- Panel 2: Making the Trade-Offs Between Surveillance and Civil Liberties.
Moderator: John Shenefield, Counsel, Morgan Lewis.
- Panel 3: Prospects for Reform—Title 1, 215, 702, FISC.
Moderator: Peter Raven-Hansen, Glen Earl Weston Research Professor of Law, George Washington Law School.
- William Banks, Director, INSCT
- Steven Bradbury, Partner, Dechert LLP
- Joel Brenner, Principal, Joel Brenner LLC
- Laura Donohue, Director, Center on National Security and the Law, Georgetown Law
- Orin Kerr, Fred C. Stevenson Research Professor of Law, George Washington Law School
- Robert Litt, General Counsel, Office of the Director of National Intelligence
- Kate Martin, Director, Center for National Security Studies
- Peter Raven-Hansen, Glen Earl Weston Research Professor of Law, George Washington Law School
- Julian Sanchez, Research Fellow, Cato Institute
- John Shenefield, Counsel, Morgan Lewis
- Judge Patricia Wald, Former Chief Judge, US Court of Appeals, District of Columbia
Washington, DC | June 25, 2010
The sponsors convened an invited group of experts on June 25, 2010, for a structured workshop on the future of FISA. The high-level group of participants addressed some of the issues areas below:
- How and why did implementation of traditional FISA mechanisms become so complex and unwieldy? What are the costs of the complexity of the FISA mechanisms? Consider the performance of DOJ and the FISC in adhering to statutory requirements. Are there redundancies or superfluous requirements that should be eliminated or revised?
- Assess the threshold definitions in FISA, e.g., “electronic surveillance.” How did the change in wire surveillance operations requiring the use of facilities in the United States affect the utility of FISA mechanisms? How did e-mail and other advancing technologies expand the reach of traditional FISA? The digital age means that government will be able to acquire more and more information about individuals and their activities. What benefits and drawbacks has digitization brought to FISA structures and processes?
- Review the probable cause and related predicates for surveillance – what are the key problems? Who applies the predicate standards, through what processes, and at what point in an investigation?
- Reconsider the targeting and location problems – what could substitute as triggers for lawful surveillance? Could nationality/U.S. person status serve that purpose? If nationality is, like location, sometimes difficult to determine, what other criteria could substitute for location?
- How can FISA better manage the follow-up from the initial data collection – who decides and on what basis to monitor an individual or group’s calls or e-mails once initial traffic is collected? How can minimization and oversight be improved? What kinds of controls can be set to improve procedures and correct errors?
- How may the FISA mechanisms and processes be made more transparent to the public, consistent with demands for security and privacy?
- What lessons for FISA reform may be learned from other nations’ experiences with electronic surveillance and its regulation?
- Next steps — Setting the architecture for reconstruction – what kinds of amendments will respond to the problems identified?
The June 2010 discussion, while informative and insightful, raised several difficult overarching questions. By any measure, the architecture that ably supported FISA thirty or more years ago has been stretched thin by digitization and other changes. As a result, one question was whether the statute now on the books can realistically be amended to make it legally coherent. Several ideas were ventured at our session last June that may deserve further attention. If amendment is not realistic, the second question is whether it might perhaps be preferable to start over on a clean state to draft a foreign intelligence/ national security electronic surveillance statute.
Meanwhile, swiftly, the Congress was required to begin examining the question of whether, and if so, on what terms, to extend the provisions of the Patriot Act dealing with roving wiretaps, business records and the “lone wolf” authorization. That legislative activity carried on through the spring of 2011, culminating in the extension of the provisions to the middle of 2015.
In the course of the winter and the spring, the SCOLANS FISA Reform steering committee (Banks, Bowman, Shenefield, Spaulding, Rishikof) reflected on how the Task Force might most usefully contribute to the FISA reform debate: how, in other words, we might assist the reform effort.
In the course of that reflection, we wrestled with the central question: should we try the “clean slate” approach or instead work with the statute, such as it is, now on the books. It is fair to say that even those of us who favored the more modest approach of developing amendments to the current FISA had no objection to the blue sky approach, but they doubted that starting afresh, no matter how intellectually satisfying, would be helpful in the real world where legislators actually cast votes.
On the other hand, it would no doubt be useful to go back to “first principles” as a way of informing the more pragmatic effort, reminding us of the history of FISA and the values and objectives embedded in the original statute. And the exercise would certainly be interesting because it would provide an intellectually rigorous baseline check point against which to measure the more limited reform package.
We will establish two separate groups, each working on one of the two approaches (although there could of course be overlap in membership between the two groups). The objective would be to have each group debate and discuss the relevant issues and draft proposals (with commentary). We would then convene a workshop as a way of test-marketing both approaches.
The groups will consider the Communications Assistance for Law Enforcement Act (CALEA) and the Electronic Communications Privacy Act (EPCA) and the issues raised by those laws to the extent relevant. And both groups inevitably will have to think through the nature of the content sought to be gained and attendant constitutional sensitivities; the use of location as a proxy for those whose communications would be subject to surveillance, and the level of constitutional protection; the use of a “probable cause”-type trigger in various situations; the optimal legal support for programmatic surveillance, including substantive review such as audits or reports; and minimization, retention, sharing and other authorized use issues.
300 Dineen Hall | 950 Irving Avenue
SU College of Law, Syracuse NY 13244
firstname.lastname@example.org | 315.443.2284