A bipartisan group of lawmakers is seeking to impose a significant new restraint on law enforcement’s access to data gathered by the National Security Agency under a powerful authority that enables collection of foreign intelligence on U.S. soil.
The measure, contained in a bill unveiled Wednesday by the House Judiciary Committee, is likely to set up a clash with the Trump administration in the coming weeks, with the legal power set to expire at year’s end. The administration wants the bill to be renewed without change — and permanently.
At the same time, civil liberties groups are arguing for stronger limits.
The law in question is often referred to as Section 702, a portion of the Foreign Intelligence Surveillance Act amended in 2008. Its renewal is the intelligence community’s highest legislative priority this year.
Section 702 “is the single most important operational statute that the NSA has,” NSA general counsel Glenn Gerstell said recently. “There is no replacement for it.”
House members generally agree that the authority is useful and that it should be renewed. But a number of them have one major privacy concern: The law allows the FBI to query the Section 702 database for emails and phone-call transcripts of Americans without first obtaining a warrant.
A range of lawmakers, from tea party Republicans to civil-libertarian Democrats — as well as some former senior intelligence officials — say that the Trump administration should consider the privacy implications of tapping the surveillance database for U.S. citizens’ communications.
The Judiciary Committee’s bill, which would renew Section 702 for six years, would not restrict the query process itself. But the legislation, called the USA Liberty Act, would require the FBI to obtain a warrant to review any communications that are returned in response to a query seeking evidence of a crime. The drafting of the bill was led by the panel’s chairman and vice chairman, Reps. Bob Goodlatte (R-Va.) and John Conyers Jr. (D-Mich.).
The new limit seeks to address lawmakers’ concern that the FBI is able to see communications that agents ordinarily would need a warrant to review, congressional aides said. It would not apply to queries for counterterrorism, counterproliferation or counterespionage purposes, they said.
“It leaves the NSA, CIA and the intelligence arm of the FBI largely untouched,” said one aide who spoke on the condition of anonymity because he was not authorized to comment on the record.
For law enforcement officials, imposing a limit on access as opposed to the query itself is a distinction without a difference.
In July, the head of the FBI's national security branch, Carl Ghattas, told the Lawfare Podcast that the bureau would not risk the authority by using Section 702 on something "that was not of critical national security importance to us." In such cases, he said, a warrant requirement would "have a significantly negative impact on operations" and undermine the ability to find important information that could save lives.
A coalition of civil liberties groups issued a letter Tuesday saying that anything short of a warrant requirement for all queries would “undermine constitutional protections and create an unacceptable loophole to access Americans’ communications in criminal and foreign intelligence investigations alike.”
Michael V. Hayden, who has headed the NSA and the CIA, said that “there are legitimate concerns with how the data is accessed, particularly when using U.S. person selectors” such as phone numbers and email addresses. “I can understand concerns when those selectors are used for law enforcement as opposed to foreign intelligence purposes,” he said. “So my advice to the community is to hear those concerns out and to act accordingly.”
If the FBI wants to read emails for a murder or money-laundering investigation, for instance, “there may be a need to involve the court in one way or another,” Hayden said.
Senior government officials said that as a legal matter, no warrant is required to query data already collected lawfully. At least three federal district courts and the Foreign Intelligence Surveillance Court have agreed with that position. One appeals court has sidestepped the issue, and a second has yet to rule.
Nonetheless, the officials acknowledged, the policy question of whether a warrant requirement is a good idea has not been resolved.
Congress passed Section 702 in 2008 to give the NSA more agility in detecting terrorist threats and to gather information on a host of other foreign intelligence matters. It was a reaction to the outcry over the disclosure of a warrantless surveillance program begun by the George W. Bush administration after the Sept. 11, 2001, terrorist attacks.
Sen. Tom Cotton (R-Ark.) has introduced a bill that would give the administration a clean, permanent reauthorization. But given the political alliance in the House, renewing Section 702 without change is unlikely. And a number of lawmakers in both chambers are likely to insist on an opportunity to revisit the legislation in several years.
Sens. John Cornyn (R-Tex.) and Dianne Feinstein (D-Calif.) are working on Section 702 legislation that does not go as far as the House bill in imposing new limits but does include an expiration date. Sens. Ron Wyden (D-Ore.) and Rand Paul (R-Ky.) are planning to introduce a bill in the coming weeks that goes further than the House bill by requiring a warrant for all queries related to U.S. persons in Section 702 data.
Under the current law, the NSA can target the communications of foreigners overseas if they fall into any of a number of broad, court-approved categories of foreign intelligence. They include counterterrorism, counterproliferation, cybersecurity and foreign powers.
In 2016, the NSA targeted 106,000 such foreigners, working through companies such as Yahoo and Microsoft. All the people the foreign targets corresponded with also had their communications picked up. This is called “incidental” collection.
Some lawmakers, including Conyers and Goodlatte, have been pressing the intelligence community for years to provide even a rough estimate of the number of Americans whose communications are incidentally gathered. Last month, Director of National Intelligence Daniel Coats told Wyden that doing so would “cause serious damage to national security.”
Officials said they operate under strict guidelines and layers of oversight. To query the 702 database using a U.S. person’s email address or phone number, the analyst must document the foreign intelligence reason for the query, and compliance personnel and NSA lawyers must approve the search before it is executed. The Justice Department and the Office of the Director of National Intelligence also review the queries.
That material has proved enormously helpful, officials say, in everything from identifying malicious hackers from foreign governments to determining whether a U.S. company was knowingly about to ship weapons material to a country under sanctions.
Section 702 also has been useful in understanding Russia’s efforts to interfere in the U.S. election last year. In May, NSA Director Michael S. Rogers said that “much of what was in the intelligence community’s assessment” on that effort “was informed by knowledge we gained through 702 authority.”
The House bill also would codify a ban on a subset of Section 702 surveillance that the NSA recently ended voluntarily after the intelligence court raised concerns. It would change the procedure by which U.S. government officials request the “unmasking” of U.S. persons’ identities in foreign intelligence reporting. It would also enhance criminal penalties for the mishandling of classified information and extend whistleblower protections to private contractors working for the intelligence community.
Correction: An earlier version of this article identified Sen. Tom Cotton’s home state as Arizona. He represents Arkansas.