The Privacy and Civil Liberties Oversight Board, an independent agency charged with ensuring that the federal government’s counterterrorism efforts respect Americans’ civil liberties, recently issued a major report on one of the government’s primary surveillance authorities. The board members highlighted the ways in which Section 702 of the Foreign Intelligence Surveillance Act has been used to spy on Americans and recommended that Congress implement substantial reforms if it chooses to reauthorize the controversial law when it expires at the end of this year. The report vindicates privacy, civil liberties, and civil rights advocates, who have long argued that surveillance reforms are both necessary and practical — conclusions that the board explicitly endorsed.
Section 702 allows the government to collect the communications of non-Americans located abroad without a warrant, but the surveillance inevitably sweeps in Americans’ communications too because Americans communicate with people overseas. Despite Congress’s mandate to “minimize” the retention and use of Americans’ information, intelligence officials routinely search through the data obtained under Section 702 to find Americans’ phone calls, text messages, and emails. Officials may perform these “backdoor searches” whenever they reasonably believe the search will return foreign intelligence — or, in the case of the FBI, evidence of a crime — and they did so more than 200,000 times last year alone. The volume of these searches, along with what the FISA Court has referred to as the government’s “persistent and widespread” violations of the rules that govern them, have caused bipartisan outrage in Congress, with lawmakers vowing not to reauthorize Section 702 without “significant reforms.”
In addition to discussing previously disclosed abuses of Section 702, such as improper queries for 141 racial justice protesters and for members of Congress, the board’s report sheds new light on the ways in which Section 702 has been misused to spy on Americans. According to the report, National Security Agency analysts used a Section 702 database for personal reasons, such as to obtain information about a “potential tenant of a rental property owned by the analysts” and about “two individuals that [an] analyst had met through an online dating service.”
Egregious as these violations are, they are dwarfed in scale by the baseless “batch” backdoor searches by FBI employees, such as queries using 1,600 identifiers “relating to all individuals who had flown through an airport during a particular date range and who were either traveling to or returning from a foreign country” or 2,000 “noncompliant” backdoor searches for “the names and dates of birth of individuals who were registered competitors [in] an athletic event.”
Indeed, the board identified batch backdoor searches of this sort as a persistent source of compliance violations. The report noted multiple batch queries that were incorrectly identified as containing no Americans. In reality, tens of thousands of Americans were included in the searches. Errors of this magnitude, which were discovered during a partial audit of the FBI’s use of Section 702, indicate that the abuses we know about may only be the tip of the iceberg.
These flagrant violations of Americans’ privacy rights are bad enough on their own. But the report also calls into question whether this routine spying on Americans has produced a significant amount of useful information. As the board explained, the government provided “little justification . . . on the relative value of the close to 5 million [backdoor] searches conducted by the FBI from 2019 to 2022.” Indeed, the board noted that the FBI — despite ample opportunity and incentive — “identified few cases in which a [backdoor search] provided unique value . . . or otherwise advance[ed] a criminal investigation.”
The board did acknowledge that so-called “defensive” queries — performed for the purpose of identifying potential victims of foreign cyberattacks — had provided useful information. But it rejected the notion that requiring individualized judicial approval would interfere with such queries. As noted by the board’s chair, “in the strongest examples offered by the FBI, such as the ‘victim’ or ‘defensive’ query examples . . . the government would likely be able to meet the probable cause standard or one of the exceptions contemplated in Recommendation 3” — that is, where exigent circumstances exist or where the government has obtained the consent of the potential victim.
Privacy advocates have consistently noted that intelligence officials have provided no evidence that popular reforms to protect Americans’ privacy rights — such as a warrant requirement for backdoor searches — would compromise Section 702’s value as an intelligence tool. That the board, with its extensive access to classified information not available to the public, reached the same conclusion confirms that reforms would not endanger Americans.
Unsurprisingly, therefore, the board voted 3–2 to urge Congress to adopt many of the reforms to Section 702 long recommended by privacy groups. Among these are individualized court review before intelligence agencies can review the results of backdoor searches of Section 702–derived information and narrowing the scope of Section 702 surveillance. Additionally, the board suggested strengthening judicial oversight of Section 702 by buttressing the role of amici curiae, attorneys appointed to provide a perspective other than that of the government in the secretive FISA Court, and by requiring the government to declassify FISA Court opinions more quickly.
Each of these reforms would substantially increase privacy protections for Americans without compromising national security. Requiring individualized court review before intelligence officials could access the results of backdoor searches would significantly reduce the government’s abuses of Section 702. Some of the most glaring misuses of the law, such as the backdoor searches for 19,000 donors to a congressional campaign, for a state court judge who reported civil rights violations to the FBI, and for two men of “Middle Eastern descent” based on a witness’s report that they were loading cleaning supplies into a truck, could have been prevented if national security employees were required to explain the bases for the searches to a judge.
Notably, the board rejected arguments from the Biden administration and other supporters of the status quo that a probable cause standard for backdoor searches — the same standard intelligence and law enforcement agencies must satisfy when they want to obtain Americans’ private communications in most other circumstances — would be unworkable. While the board itself recommended codifying the existing standard (that a search be reasonably likely to return foreign intelligence or evidence of a crime), a majority of its members made clear that they “would also support” a probable cause standard for any query conducted at least in part to find evidence of a crime.
Narrowing the scope of surveillance would ensure that national security agencies could only spy on people who are likely to have information of intelligence value. This would minimize the chances of innocent Americans’ communications being collected “incidentally.” Moreover, it would benefit American businesses by making it easier for them to comply with European data privacy laws when transferring EU citizens’ data to the United States, thus minimizing the risk that they will be subject to billion-dollar fines for ordinary business practices.
Strengthening the role of amici would help hold the government accountable by ensuring that the benefits of our adversarial legal process are applied to court proceedings related to Section 702.
The board’s recommendation would require the FISA Court to appoint amici in any significant or sensitive proceedings related to Section 702. It would further ensure public accountability by requiring the government to declassify FISA Court opinions within 180 days, preventing the intelligence officials from warping public debate by delaying the release of embarrassing information.
The board’s report is a valuable explication of the problems with Section 702, and Congress should take its recommended reforms seriously. But any attempt to fix the problems with Section 702 must also address other surveillance authorities that can similarly be abused to spy on Americans. As the board explained, Executive Order 12333 or other surveillance authorities may sometimes be used to obtain information similar to what can be obtained under Section 702, and with even fewer privacy safeguards. If Congress limits itself to reforming Section 702, it will find itself playing surveillance whack-a-mole as intelligence agencies exploit other legal loopholes to obtain Americans’ sensitive information.
That is why the Brennan Center and 30 other privacy, civil liberties, and civil rights organizations have proposed comprehensive surveillance reforms that would fix Section 702, rein in excessive surveillance under Executive Order 12333, strengthen judicial oversight of intelligence agencies, and close the data broker loophole that allows the government to evade legal privacy protections by buying sensitive information from data brokers. As the oversight board’s report makes clear, Congress has a once-in-a-generation opportunity to protect Americans’ privacy from abusive government surveillance. It must take it.
