This Monday the Office of the Director of National Intelligence (ODNI) declassified a set of documents related to Section 702 of the Foreign Intelligence Surveillance Act (FISA), the law’s warrantless surveillance provision. Section 702 authorizes the government to engage in surveillance absent any court approval or suspicion of wrongdoing, but only to target non-U.S. persons located outside the United States, and only for foreign intelligence purposes.
Most important of the newly released documents was a November 2020 FISA Court opinion that approved minor revisions to targeting and minimization guidelines, but also detailed shocking problems with the FBI’s use of Section 702 for U.S. person queries and domestic law enforcement.
Here are three key takeaways from the new opinion:
1. Warrantless FISA surveillance is creeping into domestic life and policing
The most disturbing aspect of the FISA Court opinion was the discovery of dozens of FBI queries “conducted in support of predicated criminal investigations” that accessed Section 702-acquired information. The court described a wide array of domestic law enforcement issues these queries acquired from warrantless surveillance under Section 702: health-care fraud, organized crime, gang violence, domestic terrorism, public corruption, and bribery.
These investigations are wholly separate from the foreign intelligence purpose that Section 702 is purportedly designed for and intended to be limited to. These law enforcement queries returning Section 702-acquired information refute a principal claim that its defenders make to justify circumventing warrant rules: that by directing surveillance at targets outside the United States, domestic law enforcement would not be swept in. And they show how serious the threat is that Section 702 could be exploited as a loophole for warrantless surveillance in domestic policing.
The court also offered details on compliance problems that demonstrate how broadly warrantless FISA surveillance can reach into the United States. During a four-month period in 2019, an FBI official conducted more than 100 background checks that returned Section 702-acquired information, but this was not deep dive research into individuals with suspected foreign ties. Rather, they were “business, religious, civic, and community leaders” applying to the FBI’s Citizen Academy program, individuals conducting maintenance services at field offices, and crime victims.
These examples—drawn from a limited set of oversight reviews, and therefore likely composing just a small sample of the problem—show that warrantless FISA surveillance inevitably bleeds into domestic affairs. This is especially worrisome because the limits meant to stop it from being coopted for domestic policing are woefully inadequate.
2. Half measures attempting to deal with the backdoor search loophole have failed
Another key takeaway of the November 2020 opinion is the failure of a supposed safeguard from the 2018 reauthorization of Section 702: the partial attempt to close the backdoor search loophole by requiring court approval for the government to access the results of queries centered on U.S. persons that return Section 702-acquired information, but only for queries conducted entirely for law enforcement purposes.
We now have years of evidence showing this mish-mash approach results in frequent noncompliance. According to the newly released opinion, the FBI never sought the legally required court approval for wholly domestic law enforcement queries because lax system settings permitted improper access to Section 702-acquired information. These problems follow a host of improper U.S. person queries described in an October 2018 opinion, focused on massive “batch queries.”
Yet despite this long-running pattern that the FISA Court describes as “widespread violations of the querying standard” with “similar violations of Section 702(f)(2) likely hav[ing] occurred across the [FBI],” the court continued to approve the FBI’s querying procedures and capabilities. It’s tempting to say the court acted as shocked—shocked!—as Captain Renault discovering gambling at Rick’s bar in Casablanca, but at least he made a show of shutting down Rick’s for a day. Without consequences, it’s unlikely the FBI will have strong incentive to diligently avoid similar largescale compliance violations going forward.
But even if we did expect the frequent compliance problems to be remedied, the newly declassified opinion shows the current court approval requirements are woefully inadequate. Notably, it describes FBI queries pulling up Section 702-acquired information related to “transnational organized crime, violent gangs, [and] domestic terrorism involving racially motivated violent extremists.” One query related to domestic terrorism alone “returned 33 Section 702-acquired products.”
The 2018 law’s court approval requirement contains two separate loopholes that allow the FBI to continue gathering this type of information absent court approval. First, the law only applies to queries “in connection with a predicated criminal investigation.” This means broad searches could be permitted so long as they are early-stage assessments, rather than to bolster investigations already under way.
Second, the law allows law enforcement queries to freely access Section 702-acquired information whenever the FBI believes the results “could assist in mitigating or eliminating a threat to life or serious bodily harm” (50 USC 1881a(f)(2)(E)). Given how broad this exception is, the FBI could throw queries for organized crime, gangs, and domestic terrorism (or even all violent crime) into this category as a blanket policy. And while the government certainly needs to do more to combat the growing threat of white supremacists and domestic terrorism, warrantless surveillance is not an acceptable response.
3. The ODNI Transparency Report is significantly undercounting U.S. person queries
The December 2020 FISA Court opinion makes clear that the ODNI’s annual transparency report has not been accurately portraying the scale of FBI law enforcement queries yielding Section 702-acquired information. Last year’s report, released in April 2020, states there were six instances of FBI law enforcement queries yielding Section 702 data in 2018, and just one instance in 2019.
This is simply incompatible with the FISA Court’s description of dozens of such queries from the past year, and seems to drastically misrepresent how common the phenomenon of Section 702-acquired information flowing into law enforcement queries can be.
Hopefully ODNI will correct the record in its next report. However, the 2020 report also amended a previous undercount of this category for the 2018 numbers, and its updated numbers failed to account for how broadly “batch queries” could pull in U.S. persons’ information. These transparency reports were designed—in large part based on requirements in the USA FREEDOM Act—to keep the public apprised of how broadly FISA surveillance was impacting Americans’ privacy. If the current reporting structure is consistently failing to do that, Congress should institute more strict requirements.
It’s also worth noting what the pattern of law enforcement queries returning Section 702-acquired information indicates for past conduct. Data on these queries has only been reported—albeit inaccurately—since 2017, because the FBI previously argued it was incapable of labeling and counting them, a claim that allowed the Bureau to secure an exemption in the USA FREEDOM Act’s reporting requirement established for queries by other agencies. But given that dozens of law enforcement queries were discovered across a short period of time through a limited review, it’s likely this issue has occurred regularly across the past decade. If Congress had accurate data on how common law enforcement queries returning Section 702-acquired information were during previous legislative debates on this issue, the restrictions it imposed might have been stricter. Given what we now know, Congress should create a statutory reporting requirement for all FBI queries centered on U.S. persons that return Section 702-acquired information, with this number divided into categories based on whether the query was conducted for foreign intelligence purposes, law enforcement purposes, or a combination.