Security
Headlines
HeadlinesLatestCVEs

Headline

Congress Clashes Over the Future of America’s Section 702 Spy Program

Competing bills moving through the House of Representatives both reauthorize Section 702 surveillance—but they pave very different paths forward for Americans’ privacy and civil liberties.

Wired
#redis#intel#auth#sap

Two surveillance bills are barreling their way through the US House of Representatives this week. Both claim to achieve roughly the same goal: Enact sweeping reforms and save a dying surveillance program beleaguered by “persistent and widespread” abuse.

Under this program, Section 702, the US government collects hundreds of millions of phone calls, emails, and text messages each year. An inestimable chunk belongs to American citizens, permanent residents, and others in the United States neither suspected nor accused of any crime.

While both bills would extend the program’s life, only one of them can credibly lay claim to the title of reform. Legislation introduced last week by Representative Andy Biggs in the House Judiciary Committee would require the Federal Bureau of Investigation (FBI) to obtain warrants before accessing the communications of Americans collected under Section 702. The second bill, introduced by the House Intelligence Committee, contains no equivalent protection.

The House Judiciary Committee’s Protect Liberty and End Warrantless Surveillance Act (PLEWSA, unfortunately) secures a glaring loophole in US law that helps police and intelligence agencies buy their way around the Fourth Amendment by paying US companies for information that they’d otherwise demand a warrant to disclose. The House Intelligence Committee’s bill—the FISA Reform and Reauthorization Act, or FRRA—does nothing to address this privacy threat.

What the FRRA does appear to do, despite its name, is explode the number of companies the US government may compel to cooperate with wiretaps under Section 702. That was the assessment on Friday of Marc Zwillinger, amicus curiae to the Foreign Intelligence Surveillance Court of Review (FISCR). “These changes would vastly widen the scope of businesses, entities, and their affiliates who are eligible to be compelled to assist 702 surveillance,” Zwillinger wrote in an article with Steve Lane, a former Justice Department (DOJ) attorney.

Section 702 currently allows the government to compel a class of companies called “electronic communications providers” to collect communications. If the FRRA becomes law, according to Zwillinger, that category would be greatly expanded to include a slew of new businesses, including “data centers, colocation providers, business landlords, and shared workspaces,” as well as, he says, “hotels where guests connect to the internet.”

Congressional sources tell WIRED that officials at the DOJ, Department of Defense, and National Security Agency have been placing urgent calls directly to House lawmakers to oppose the PLEWSA and advance the FRRA—an effort, the sources say, being coordinated by White House advisers. Privately, some Democrats have been urged to help kill the “Jim Jordan bill,” an aide said, explaining the apparent jab is meant to frame an entirely bipartisan bill as an extreme Republican measure. (Jordan, the aide noted, is not the bill’s author and did not introduce it.) Regardless, a major chunk of the PLEWSA was cannibalized from privacy legislation with a record of broad bipartisan support, and particularly in the Senate, where top Democrat Chuck Schumer has previously lent his name to a bill banning police and intelligence agencies from buying people’s personal data.

The PLEWSA likewise exited the House Judiciary Committee last week with broad bipartisan support from both Jordan, the Republican chair, and Jerrold Nadler, its ranking Democrat.

Section 702 surveillance begins with monitoring the communications of foreigners believed to be located outside of the United States. Under these conditions, the US government can ignore most constitutional protections, wiretapping nearly any individual it deems likely to possess—or likely to possess in the future—information of intelligence value.

Correspondence between foreign targets and their lawyers, doctors, religious leaders, wives, husbands, and children are all open for collection, a fact that would not change if every one of them were a US citizen. Whatever calls, emails, or texts are intercepted as a result of targeting a foreigner under 702 are legally permissible, or “incidental,” in spy agency parlance.

Once that information is legally in the government’s possession, the use of it is subject to a different set of legal doctrines, many of which ignore the novel circumstances under which it was initially seized. A federal appeals court in 2021 described the “two-step” process by which communications may be seized under 702 and only years later dug up for an entirely different reason. The process on the whole is constitutional, it said, so long as each step “independently complies with the Fourth Amendment.” Under this logic, the FBI has been permitted to treat the private communications of Americans—secretly obtained during foreign surveillance—as roughly the equivalent of information it stumbles across in plain view.

How often Americans are targeted by Section 702 surveillance is a question that the government says it genuinely can’t answer. It does, however, disapprove of using the word “target” to describe Americans whose calls and texts are intercepted by US spies.

Congressional sources opposed to the FRRA, the House Intelligence Committee’s bill, say it reflects a deference toward executive power that has become customary among House and Senate intelligence staff. In arguing that constant experience has never shown secret agencies to be predisposed to self-restraint, a senior aide pointed to the case of an intelligence analyst caught abusing 702 data for “online dating” purposes last year. It had recently been confirmed, they said, that the analyst had not been fired.

“The Intelligence Committee’s ‘FISA Reform and Reauthorization Act’ may have the word ‘reform’ in its name, but the bill’s text proves otherwise,” says Representative Zoe Lofgren. “Congress must not green-light another major surveillance reauthorization without enacting surveillance reform measures that curb abuses and protect Americans’ civil liberties."

Talking points obtained by WIRED that were being circulated over the weekend by critics of the PLEWSA bill’s deeper reforms allude to the “grave damage” it poses to national security. Supporters of the FRRA bill have dubiously credited the 702 with halting “another 9/11.” But the PLEWSA bill strikes an appreciable balance between privacy and security for a surveillance authority aimed at foiling tier-one threats. It contains clear caveats to help the government advance investigations of cybercrime and exigencies for most immediate, violent threats.

Sources say both the PLEWSA and the FRRA could receive a floor vote as early as Tuesday under rarely prescribed Queen-of-the-Hill rules—meaning, in short, that the bill with the greatest number of supporters might ultimately carry the day.

Wired: Latest News

The Worst Hacks of 2024