Before the year ends, Congress must decide whether to reauthorize a section of law national security experts say is vital in rooting out threats but that has become a target for politicians fighting over the so-called “deep state.”
Last week the tension spilled over when senators sparred with FBI and Justice Department officials over everything from the indictment of former President Donald Trump to the alleged Biden family bribery scandal. At the heart of the Judiciary Committee’s oversight hearing was Section 702 of the 1978 Foreign Intelligence Surveillance Act (FISA).
What is Section 702?
After 9/11, President George W. Bush ordered the National Security Administration (NSA) to initiate a highly classified, warrantless surveillance program in the hopes of identifying al-Qaeda links on American soil. The program was technically illegal under FISA, which required the government to obtain a warrant for surveillance that targeted American citizens, but it closed a key gap between national security intelligence and domestic law enforcement that hindered efforts to prevent 9/11.
“We learned a very hard lesson on 9/11. We had a lot of information about the 9/11 hijackers, and they were communicating with terrorists outside the United States who we were surveilling, but we didn’t have a good way to connect what was happening inside the United States with what was happening outside the United States,” says Stewart Baker, a former NSA and Homeland Security official.
In 2008 Congress legalized Bush’s surveillance program by amending FISA to add Section 702, which allows the government to compel U.S.-based communication providers to intercept communications to or from foreign targets—even if that means collecting communications from Americans. The FBI can then search, or “query,” the database of information without a search warrant to assist in ongoing national security investigations or preemptively identify potential attacks.
Current Assistant Attorney General Matthew Olsen called Section 702 “a model piece of legislation” and said it has allowed the FBI to disrupt espionage, kidnapping, and assassination plots. The White House also told reporters ahead of last week’s hearing that Section 702 has been used to help track the smuggling of fentanyl into the U.S. and identify the perpetrators of cyber attacks, including the 2021 Colonial Pipeline hack.
Since Section 702 was written with a “sunset clause,” Congress must reauthorize the law periodically. After months of congressional hearings and a short-term extension in 2017, Congress reauthorized it for six years with a December 31, 2023, expiration date.
Why is Congress hesitant about renewing Section 702?
In both the 2017 reauthorization fight and this year’s, members of Congress have expressed concerns that Section 702 allows the government to collect data from American citizens without a court order—an action some say violates the Fourth Amendment’s prohibition of illegal searches and seizures.
Some of those fears have been realized. According to a Foreign Intelligence Surveillance Court report unsealed last month, the FBI misused the database more than 278,000 times in 2020 and early 2021. Those inappropriate searches included collecting communications from participants in the January 6 attack on the Capitol and 2020 Black Lives Matter protests.
The FBI and the DOJ have also come under heightened scrutiny in recent months, especially from some Republicans who see the agencies as increasingly politicized. A public opinion poll after the FBI search of Trump’s Florida home last August found that almost half of Americans had an unfavorable view of the FBI at the time, and Trump and his allies have ramped up their attacks on the FBI and the DOJ since his June 13 arraignment in federal court.
National security officials emphasized to the Senate Judiciary Committee last week that Section 702 does not allow the use of FISA data to target Americans and recently publicized misuse was mostly unintentional.
Some senators didn’t buy that explanation, but Baker says the rules governing Section 702 data aren’t clear.
“As a way of restricting it, the Justice Department came up with some rules that, to be frank, were very confusing, and they told people, ‘You can’t do this under some circumstances, you can do it under other circumstances,’” Baker says. “And a lot of FBI agents didn’t understand that, because their usual approach to databases of information that the government has collected is, ‘it’s already our information, and we can and should search it whenever we think it might be useful.’”
How has Section 702 been reformed in the past, and what changes are proposed now?
Intelligence officials have implemented several reforms since 2021.
They include requiring mandatory legal reviews for all “batch queries,” or aggregations of individual searches, and a three-strike policy for unintentional query compliance mistakes with escalating consequences ranging up to dismissal. The FBI also changed its search system to a default “opt-in” setting to prevent accidental searches, requiring agents or analysts to affirmatively choose to access the FISA database and provide a written justification when performing searches targeting Americans.
According to a transparency report released in April, FBI queries for information from Americans under Section 702 fell more than 95 percent from 2021 to 2022. An FBI audit published last month also found that the changes reduced noncompliant searches to only 4 percent of all searches, down from 18 percent before the reforms.
“The problems that you’ve cited and that we’ve identified in our reviews of the FBI queries are not acceptable, and I don’t defend them. I’m not here to do that,” Olsen told Sen. Dick Durbin last week. “What I can tell you is that those problems predate the critical remedial measures that were put in place in 2021 and 2022.”
Olsen and FBI Deputy Director Paul Abbate both signaled that the FBI would be open to codifying the recent procedural changes in the new reauthorization bill.
“We’re open to any and all further reforms in working with the committee and members here, and we’re not going to stop until we’ve achieved 100 percent compliance,” Abbate said.
Many politicians and experts see the changes as insufficient, though. The Washington Post last month found that 64 percent of 70 cybersecurity experts surveyed favored making changes to Section 702 in the reauthorization.
While privacy advocates have called for the addition of a warrant requirement for Section 702 queries that target Americans’ data, Olsen said such a barrier is both “not workable and not legally required,” explaining that accessing Section 702 data can help identify potential terrorists in a timely manner and prevent attacks, but those searches would likely not meet the probable cause requirement.
If Republicans are worried about the weaponization of the FBI against Republicans, they should consider expanding the Hatch Act to all government officials with high security clearance to prevent the misuse of classified information to smear political opponents, Baker says.
He added that special rules for high-profile cases could be codified and inspectors general or chief privacy officers could be tasked with enforcing compliance.
“Reforms should do two things: They should address a real problem, and they should try to address the problem in a way that least interferes with our ability to do the kind of intelligence that we need to do to protect people,” he says.