Published by The Lawfare Institute
in Cooperation With
You can always tell when it’s time to reauthorize a portion of the Foreign Intelligence Surveillance Act (FISA) because Congress starts wringing its hands about some aspect of the law. FISA is a law that Capitol Hill loves to hate and hates to love. One minute it’s a critical foreign intelligence tool vital to protecting America’s national security from foreign adversaries and terrorist organizations. The next it sanctions broad-sweeping, unconstitutional surveillance programs that are deployed indiscriminately, not to identify spies and terrorists, but to systematically monitor Americans’ communications.
Little credit—and little attention—is given to FISA tools when they succeed in preventing a terror plot, even a plot carried out by an American. For instance, despite the recent obsession with privacy concerns surrounding incidental collection, the use of such collection to investigate Mohamed Osman Mohamud’s 2010 plot to bomb Portland’s annual Christmas tree lighting ceremony has gone largely unnoticed by Congress.
But when terror attacks are successfully carried out on U.S. soil, such as those in Boston, San Bernardino, and Orlando, Congress is quick to question why they weren’t prevented, what intelligence was lacking, and what additional intelligence tools are needed to make sure it doesn't happen again. Congress wants the FBI and other intelligence agencies to identify and disrupt all terror plots and espionage, including those carried out by Americans, but it struggles with whether and to what extent our intelligence tools should be used against its own constituents.
In the month since President Trump’s now infamous tweet accusing President Obama of personally wiretapping him, an odd phenomenon has been occurring on Capitol Hill. Democratic members, typically more vocal opponents of FISA’s perceived intrusion on American’s privacy, including incidental collection, have been noticeably mum about the alleged incidental collection of Trump campaign and transition staff communications. Republicans, on the other hand, are suddenly queasy about FISA’s treatment of U.S. person communications, even those lawfully collected and properly masked.
When it comes to FISA, Congress has a knack for turning the mundane into the extraordinary; for turning routine intelligence-gathering into unsanctioned abuses of power. In 2005, it was the belief that the FISA business records provision was being used to collect library records for the purpose of monitoring the reading habits of innocent Americans. This actually came to be known as the “library” provision. Such was the outrage that Congress added a provision to the law requiring the FBI Director, Deputy Director, or Executive Assistant Director for National Security to approve any business records application seeking library circulation records, library patron lists, book sales records, and other records Congress deemed sensitive. Given that business records applications must be vetted by DOJ and approved by the FISC, this non-delegable, senior-level FBI approval was of little consequence. It also turns out the widespread fear of abuse of this authority to monitor America’s reading habits was unfounded. A subsequent audit by the DOJ Inspector General of business records orders between 2002 and 2005 found that no orders were obtained for library records.
When Congress revisited the PATRIOT Act in 2011, little attention was paid to the library provision. The bogeyman that year was instead FISA “roving” authority. Coined “John Doe” warrants by critics, roving orders were portrayed as broad-sweeping, unconstitutional surveillance orders that did not require an identified target or facility and could be used to surveil entire neighborhoods. In fact, this long-standing criminal investigative tool was added to FISA to allow the government to continue surveillance without seeking a new order when the target switches phones or email accounts. With little mention, Congress reauthorized roving authority again in 2013 as part of the USA Freedom Act.
Thanks to the ongoing controversy surrounding Russian election interference, presidential tweets, and late night visits to the White House, this year’s monster in the closet is the incidental collection and unmasking of U.S. person communications. Even before President Trump’s March 4th tweets and Chairman Nunes’s pronouncement two weeks ago suggesting members of the Trump transition team were improperly surveiled, some members of Congress were already leery of incidental collection. Several members expressed their concerns and queried witnesses about the metes and bounds of incidental collection at a March 1st House Judiciary Committee hearing.
With terms like incidental collection and “unmasking,” it’s easy to see why members of Congress would become suspicious of FISA surveillance. FISA terminology has often gotten in the way of explaining the fundamentals of intelligence gathering. These terms aren’t used to describe criminal surveillance but the concepts are similar. If you communicate with someone who is under FISA surveillance, your portion of the conversation is also collected. Then the minimization procedures kick in. If you’re not engaging in a crime or your identity is not necessary to understand the intelligence, then intelligence reports are supposed to disguise your identity.
Despite its name, incidental collection is not accidental collection. Congress fully anticipated it, designed FISA to specifically allow for it, and mandated procedures to limit the dissemination, retention, and use of incidentally-collected U.S. person communications.
The inclusion of unmasked, incidentally-collected Trump transition communications in intelligence reports is not, in and of itself, noteworthy. Likewise, the absence of references to Russia or Russian officials in intelligence reports does not equate to a lack of foreign intelligence or render the surveillance unlawful. However, should evidence come to light that the Obama administration improperly unmasked and disseminated incidentally-collected Trump transition communications for political purposes—that’s a different story. Then, perhaps, additional minimization procedures are in order (off the top of my head, I’m thinking prohibiting White House staff from requesting the unmasking of U.S. persons).
Congress has about nine months left to decide how it feels about the FISA Amendments Act. But I suspect Capitol Hill’s on-again, off-again romance with FISA will continue beyond this reauthorization.