Senate leaders of both parties are urging their colleagues to renew an expiring warrantless surveillance law before it lapses at midnight on Friday, as advocates of the law have argued that any expiration would mean going blind on a key source of counterterrorism information and other foreign intelligence.
That deadline adds pressure to senators not to vote for any amendments to the version of the bill that the House passed last week, since any changes would force the legislation to go back to the House rather than swiftly arriving on President Biden’s desk.
But the suggestion that the tool itself would simply lapse on April 19 is significantly misleading. A national security court this month granted a request from the government that allows the program to operate for another year, even if the law, known as Section 702, expires. Still, it is true that such an expiration could lead to smaller gaps in collecting some messages.
Here is a closer look.
What is Section 702?
It is a law that authorizes the government to collect, without a warrant and from U.S. companies like AT&T and Google, messages of foreigners abroad who are targeted for intelligence or counterterrorism purposes.
The idea is that in the internet era, foreigners’ communications are often handled by domestic companies. But it is controversial because the government also sweeps up messages of Americans to and from those foreign targets.
The law traces back to a warrantless wiretapping program that President George W. Bush secretly created after the terrorist attacks of Sept. 11, 2001. It violated the Foreign Intelligence Surveillance Act, or FISA, which requires warrants for national security wiretapping on domestic soil.
After the program came to light, Congress in 2007 legalized a form of it in a short-lived law called the Protect America Act. Lawmakers enacted Section 702 the next year, carving out a more enduring exception to FISA. Congress extended Section 702 in 2012 and 2018. It is now set to expire again.
What are the proposals before the Senate?
The House bill would tighten some controls on Section 702, while extending it for another two years. The bill would also expand the program in several ways, including by allowing it to be used to scrutinize foreign drug cartels.
While Senator Chuck Schumer, Democrat of New York and the majority leader, has not yet announced the details, it appears likely that before voting on that bill, the Senate will consider several proposed amendments sought by surveillance skeptics and reform-minded lawmakers.
Among them will probably be a proposal to bar officials from searching the repository of messages collected under Section 702 for the content of communications by Americans unless the government first obtains a warrant. Privacy advocates have long sought such a change, while national security officials strongly oppose it, saying it would cripple the program. A similar amendment in the House failed in a 212-to-212 tie vote.
Another possible amendment would remove an enigmatically worded provision the House added to the bill that expands the type of service providers that can be compelled to participate in the program. The provision is aimed at certain data centers for cloud computing that the FISA court ruled in 2022 fell outside the current definition of what services the statute covers, according to people familiar with the matter.
Privacy advocates have warned that it is too broadly worded, leaving open the potential for abuses. On Thursday, the Justice Department sent a letter to Congress committing to using the expanded definition “exclusively to cover the type of service provider at issue” in the 2022 litigation and pledging to report to Congress every six months about its use. The letter also said “the number of technology companies providing this service is extremely small.”
The Senate could also vote on a proposal to bar the government from purchasing personal information about Americans from third-party data brokers that it would need a warrant to obtain directly from a company. The House on Wednesday voted to approve a stand-alone bill containing that measure, called the Fourth Amendment is Not For Sale Act.
Why would the program continue if its law has expired?
Congress wrote into the 2008 law a provision ensuring that the government would not be abruptly cut off from using the Section 702 program.
The program operates under certifications issued each year by the Foreign Intelligence Surveillance Court, and the government directs communications companies to participate in it. Crucially, the provision, Section 404(b), says that despite anything else in the statute, these orders or directives “shall continue in effect” until their expiration dates.
Because the FISA court issued a round of certifications this month that expire next April 4, this provision appears to mean that the Section 702 program can lawfully keep operating until then, even if Congress allows the underlying statute to lapse in the meantime.
Has this theory been legally tested?
Yes.
In April 2008, the presiding judge of the FISA court at the time, Reggie B. Walton, ruled that a similar provision in Section 702’s precursor law, the Protect America Act, meant that a directive to Yahoo still had legal force after the act itself had expired — and that the court could still compel Yahoo to comply with it.
It is clear, Judge Walton wrote, “that, even after that expiration date, the challenged directives ‘remain in effect until their expiration.’”
That August, a panel of three federal appeals court judges upheld Judge Walton’s ruling. Those precedents suggest the FISA court would rule the same way about Section 702.
Does that mean there is no risk of a gap in collecting communications?
No.
While the overall program would continue, if the statute’s lapse prompts a particular provider to balk at cooperating, there could be at least a temporary pause in collection from that entity, according to a senior Justice Department official.
The matter would end up in court, as happened with Yahoo in 2008. Even if the government ultimately prevailed, there could be a gap in collection of communications from that company. It is not clear how swiftly the court would resolve such a case.
What kind of dispute does the Justice Department think it could win?
The department believes it could win a dispute in which a program participant balks at continuing to fully cooperate after the statute lapses.
Under some iterations of this scenario, a company might stop turning over all communications of targeted foreign users. Or it might keep turning over those the government had ordered it to target before the lapse but balk at adding any new ones.
The senior Justice Department official said the agency was confident that the government would prevail before the FISA court in such a fight, citing the Yahoo precedent. The official, who spoke on the condition of anonymity to discuss a legally sensitive topic, also noted that the directives are explicitly written to anticipate that the government would provide new targets over time.
What might the government not be allowed to do?
The government may be prohibited from forcing a new service to start participating in the program.
While major communications companies already participate, new internet-based communication services regularly emerge. When agencies learn that a suspected adversary is using a service that is not part of the program, the government directs it to join the program. According to the Justice Department official, this happens multiple times a year.
If the provider balks, the matter goes to the FISA court. But since the provision centers on allowing orders that were already in effect to continue until they themselves expire, it is not clear that the executive branch or the court would have the power to issue new orders to a new service.