Editor’s Note: This is part of a multi-part series on the FISA Section 702 reauthorization and reform debate.
This year, Congress is debating whether, and with what conditions, to reauthorize Section 702 of the Foreign Intelligence Surveillance Act, a provision of law that permits the U.S. Government to collect communications of specific foreign individuals physically located outside the United States. That debate has understandably centered on the important ways in which the government has used information collected thanks to 702 to protect Americans against terrorism, espionage, and cyberattacks, weighed against the privacy implications of the collection program and questions about its oversight. To date, however, one crucial benefit of 702 collection has been overlooked – how 702 information helps prevent sensitive U.S. technology from ending up in the hands of our adversaries abroad, including Russia and the People’s Republic of China. The critical nature of 702 to these defining threats of our era underscores how essential it is that this law be reauthorized before it otherwise lapses in December.
In 2006, the Office of the Director of National Intelligence published the Intelligence Community’s first Annual Threat Assessment, cataloguing our country’s most pressing national security threats. Not surprisingly, the 2006 report began with the threat of terrorism posed by non-state actors like al-Qaeda. In that report, analysis of the threat posed by Russia didn’t begin until page 16, and the discussion of China didn’t appear until page 20. As you can imagine, this year’s report is quite different. For 2023, the Annual Threat Assessment leads with the threat posed by nation-state actors: China, Russia, Iran, and North Korea. A major reason that these nation-state actors now come first is their relentless push to use advances in technology to surpass us militarily. They seek to acquire sensitive U.S. technology to advance their military capabilities – with their ultimate goal being to shift the world’s balance of power in their favor.
It is critical we ensure that these advanced technologies work for, not against, democracy and security. Technologies like hypersonics, quantum computing, and artificial intelligence have the potential to reshape the geopolitical landscape. Experts assess that, eventually, quantum computing will enable the country that sufficiently develops the technology first to create unbreakable encryption. And, at the same time, it will allow that country to break all existing encryption, revealing the world’s most sensitive national security communications. Imagine if the country to get there first is one of the four listed in this year’s Annual Threat Assessment.
As the Assistant Secretary for Export Enforcement at the U.S. Department of Commerce, I lead a team of law enforcement agents and analysts dedicated to keeping our country’s most sensitive technology out of the world’s most dangerous hands. Our enforcement authorities are broad, allowing us to bring both criminal charges (with our colleagues at the Department of Justice) and administrative enforcement actions (with our Commerce Department lawyers). We also nominate parties involved in activities contrary to the national security or foreign policy interests of the United States to a restricted parties list, called the “Entity List,” which hinders their ability to obtain sensitive U.S. components. Our tools are a direct match for confronting what has become one of our country’s most pressing national security challenges.
Our efforts to combat this threat depend on our access to information obtained on our adversaries, including—critically—information collected thanks to Section 702. Our analysts rely heavily on such information in our work – to craft Entity List nominations, to cut leads to our law enforcement agents across the country, and to evaluate which foreign companies should be chosen for inspection by one of our Export Control Officers stationed abroad in the form of “end-use checks.” We have used specific 702-derived information to disrupt illicit procurement networks, select companies for end-use checks overseas, and inform our licensing process. We have also used it to prevent adversaries from obtaining desired technologies and to add foreign parties to our Entity List.
And we need to maintain our access to that information in the future, especially now that we and DOJ have established the Disruptive Technology Strike Force. The mission of the Strike Force is to target illicit actors, protect supply chains, and prevent critical technology from being acquired by authoritarian regimes and hostile nation-states. In May, we announced our first five cases, which involved a wide range of technology exploitation efforts, from alleged procurement networks created to help the Russian military and intelligence services obtain sensitive U.S. technology, to defendants allegedly stealing source code from U.S. technology companies to market it to Chinese competitors.
The questions of what safeguards are appropriate to prevent misuse of the powerful and effective tool that 702 collection represents are important ones. Congress will hear from numerous stakeholders on how best to strike a proper balance, one that protects legitimate privacy interests while at the same time permits appropriate use of 702 to protect our national security. Indeed, our Administration has already proposed key reforms that could be turned into law in this year’s reauthorization of 702 that would strengthen the guardrails for this critical tool while preserving its essential insights for national security. As someone who wakes up every day thinking about how best to prevent our country’s adversaries from obtaining our country’s sensitive technology, I know this – our continued access to 702-derived information is critical. The rate of technological advancement is accelerating, not slowing. The risk that advanced technology will be misused by our adversaries to shift the balance of power in the world is increasing, not diminishing. That’s why this would be exactly the wrong time to take away an essential tool that helps us to protect that technology and safeguard our national security.