The Truth About FISA - Section 702 Explained
Did you know that the FBI is the only federal agency that can use FISA to identify evidence of a crime?
FISA, which stands for the Foreign Intelligence Surveillance Act, is a term that’s often mentioned on Twitter and other news sources, particularly after Congress voted on reauthorizing Section 702 in April of this year. But there’s also been a lot of confusion surrounding FISA and the various FISA provisions themselves. Just what is FISA Section 702 and how, exactly, does it really work? How is it differentiated from the other provisions of the FISA Act and why has it been abused so often by the federal government?
Unfortunately, as we’ll later see, abuses of the FISA system by the government are only getting worse. And there’s no reason to expect there will be any improvement. In our opinion, the FISA system is broken beyond repair. But first a FISA explainer.
There are three general types of FISA surveillance: Title I FISA Surveillance – the Traditional FISA surveillance of persons within the United States. Title III FISA Surveillance – Traditional FISA surveillance of places and property within the United States and Title VII FISA Surveillance – which allows intelligence gathering on non-U.S. citizens outside the U.S. without a specific warrant - commonly referred to as Section 702 surveillance.
It was this last category, Title VII FISA surveillance, that was recently reauthorized by Congress. But it’s also worth having a basic understanding of the other provisions of FISA as well. Once you have a grasp of the whole, the specifics, although complicated, make more sense.
FISA Title I and III provisions relate to the conduct of electronic surveillance and physical searches for foreign intelligence purposes of persons, facilities, or property inside the United States. FISA Title I provides for electronic surveillance of persons within the United States and FISA Title III provides for physical searches of premises or property within the United States.
Both FISA Title I and Title III surveillance require there be probable cause to believe the proposed target is a foreign power - or an agent of a foreign power - and that the facility (which can even be a phone number) or place is – or is about to be – used by that target. FISA Title I and III surveillance require formal approval from the Foreign Intelligence Surveillance Court or FISC – also known as the FISA Court.
Carter Page, a U.S. citizen, was surveilled under FISA Title I. The FBI used the Steele Dossier to portray Page as “an agent of a foreign power” – specifically Russia – to the FISA Court. As a result of this abuse of the FISA Court, the FBI obtained one initial FISA warrant on Carter Page and three subsequent renewals from the FISA Court. The original House Memo that was issued by Devin Nunes in early 2018 specifically noted that Page’s FISA order was not under Title VII of the Foreign Intelligence Surveillance Act – which is how we first knew Page had been surveilled under FISA Title I.
But although these cases draw the most attention and are the highest profile, it’s actually Title VII of the FISA Act that provides for the most common type of FISA surveillance - Surveillance under Section 702. Once again, it’s this segment of the FISA provisions that Congress recently reauthorized.
Unlike FISA Title I and III, which pertain to specific, court-ordered surveillance on US soil, Title VII or Section 702 permits the government to target foreign persons located outside the United States for surveillance - specifically for the purpose of acquiring foreign intelligence information. Broad oversight of Section 702 collection is still technically conducted by the FISA Court, which reviews the government’s Section 702 certifications, targeting procedures and minimization procedures for compliance with statutory and Fourth Amendment requirements.
But it’s the DOJ’s powerful National Security Division - known as the NSD - that maintains oversight of the Intelligence Agencies (such as the FBI) that use Section 702 authority. The NSD and the Office of the Director of National Intelligence or ODNI jointly conduct reviews of the Intelligence Agencies Section 702 activities every 60 days. The NSD – with notice to the ODNI – is required to report any incidents of Agency noncompliance or misconduct to the FISA Court. Annual Reports are also submitted to Congress.
Unlike Title I and Title III FISA surveillance, Section 702 collection is not subject to individual formal FISA Court approvals. Due to the extremely high frequency of collection, instead of issuing individual court orders, the FISA Court, or FISC, approves annual certifications submitted by the Attorney General and the Director of National Intelligence that specify categories of foreign intelligence information the government is authorized to acquire pursuant to Section 702.
Some of the generalized requirements for Section 702 collection: All acquisitions must be consistent with the Fourth Amendment. A significant purpose of any acquisition must be to obtain foreign intelligence information. The government may not intentionally target a U.S. person anywhere in the world. The government also cannot intentionally target any person known at the time of acquisition to be in the United States – FISA Title I and III are to be used for any domestic surveillance.
The government is also forbidden from targeting someone located outside the United States for the purpose of targeting a particular, known person in this country or any U.S. person - a process known as reverse targeting. Additionally, the government may not target for acquisition “any communication as to which the sender and all intended recipients are known at the time of the acquisition” to be in the United States. Finally, Section 702 should not involve bulk collection and – in theory – should not result in “mass” surveillance.
Minimization procedures are intended to protect any U.S. person information that is incidentally acquired in the course of Section 702 collection, including who may receive such information and how it is handled. Minimization procedures are intended to restrict the ability of analysts to query the databases that hold “raw” Section 702 data where information identifying a U.S. person has not yet been minimized for permanent retention.
Most Section 702 collection involves the government acquiring data from the company providing the electronic communication service to the user – known as downstream collection. In downstream surveillance, U.S. intelligence agencies go directly to companies like Google and Facebook and force the companies to turn over communications to and from identified selectors. The companies are then prohibited from telling their users that their data has been turned over to the government.
However, some of NSA’s Section 702 collection has been obtained via “upstream” collection, in which the NSA obtains communications directly from the Internet backbone, with the compelled assistance of companies that maintain those networks. In simple parlance, upstream surveillance means the NSA effectively taps into the high capacity fiber optic cables that carry Internet traffic and copy all of the data flowing through those cables. The agency is then supposed to filter out any communications that are “wholly domestic” – communications between Americans located in the U.S.
Generally, queries of raw content are only permitted if they are reasonably designed to identify foreign intelligence information, although there’s one gigantic caveat - the FBI may also conduct such queries to identify evidence of a crime. More on this shortly. Despite supposed protections, the FBI’s ability to access the NSA’s database using U.S. person search queries is a major area of concern and many abuses have been previously identified.
In a 2017 FISC Ruling, FISA Judge Rosemary Collyer repeatedly called out the FBI stating that she was deeply “concerned about the FBI’s apparent disregard of minimization rules and whether the FBI may be engaging in similar disclosures of raw Section 702 information that have not been reported.” The Court Ruling made clear that Judge Collyer believed the FBI was the primary culprit in misusing raw FISA data and violating procedures supposedly safeguarding that data.
We’ve long known that the FBI has routinely misused Section 702 to spy directly on Americans. For example, the FBI was recently cited by the FISA court for, among many other violations, illegally using section 702 surveillance to collect information on individuals associated with January 6th. The FBI’s ongoing misuse of section 702 information was so “persistent and widespread” that the court noted "It may become necessary to consider other responses, such as substantially limiting the number of FBI personnel with access to unminimized section 702 information.”
To make matters worse, the FBI has an added power of surveillance that’s unavailable to other three-letter agencies - one that it routinely misuses. As a 2022 DNI Report notes, the “FBI is the only intelligence agency with Section 702 querying procedures” that allow for searches that are “reasonably likely to retrieve evidence of a crime.” This is an extraordinarily wide, and dangerous, allowance for an already politicized FBI.
Indeed, a recently Declassified FISA Court ruling from 2022 noted that across the FBI, there have been queries of raw or unredacted FISA information “without a factual basis to believe the search was likely to return either foreign intelligence information or evidence of a crime.” In one instance, an FBI analyst ran thousands of “queries of individuals suspected of involvement in the January 6th 2021 Capital breach.” In another violation, an FBI official ran “approximately 23,132 separate queries” regarding the January 6th events.
The FBI claimed that they viewed the situation “as a threat to National Security” as justification for the searches. But the NSD disagreed, concluding that these searches by the FBI were illegal. In their 2022 report, the FISA Court stated that an audit by the NSD found there were “In excess of 278,000 non-compliant FBI queries of raw FISA acquired information.” But the reality is that things are far worse than even these numbers suggest.
The 2022 DNI Report revealed that the FBI performed up to 3.4 MILLION U.S. person queries of Section 702 data in 2021 alone. By contrast, the CIA and NSA combined ran less than 4,000 searches. The DNI Report failed to even mention how many of these searches by the FBI were “done in error.” Fortunately, Matt Gaetz asked this question during last year’s testimony by DOJ Inspector General Michael Horowitz, who responded by saying he believed the error rate was “around 30 percent.”
As Gaetz noted, this amounts to more than one million illegal searches. Gaetz then asked Horowitz how many people in the FBI could perform these “backdoor searches.” Horowitz wasn’t sure how many people actually had access to the systems, but when Gaetz told Horowitz he believed the number was in excess of 10,000 FBI officials who had access, Horowitz said he didn’t disagree with Gaetz’s assessment.
The huge number of access points, along with the number of people who have access to the system, is one of the big problems with Section 702. And it’s not a new one. In the 2017 FISA Court ruling Judge Collyer stated that “the government still had not ascertained the full range of systems that might have been used to conduct improper U.S.-person queries.” In other words, the government still didn’t know or understand the full range of access to raw FISA data.
Collyer later revealed that “On March 17, 2017, the government reported that NSA was still attempting to identify all systems that store upstream data and all tools used to query such data.” The truth is that nobody really knows how many access points there are - and how many people have access to these system entry points. The problem has only worsened as the Intelligence Community Complex has grown.