Bloomberg’s Annie Bang is reporting on new research commissioned by Swiss-based privacy company Proton. Over the last decade, the government has shown an increasing appetite for user data from companies like Apple, Alphabet, and Meta, with the number of requests increasing 770 percent.

That’s a lot – and it’s a bipartisan habit. As Proton’s Edward Shone told Bloomberg, “This isn’t a blue or red thing – this isn’t a sort of Trump or Biden or Obama thing. It has gone up consistently.”

And that massive increase is just in “standard” requests that are routinely disclosed. The number of requests balloons even more – nearly doubles, in fact – when requests made under the Foreign Intelligence Surveillance Act (FISA) are factored in.

Most of those FISA requests are likely warrantless – obtained via “backdoor” authority granted by the addition of Section 702 in 2008. Instead of being approved by judges, they are batched together and rubber-stamped – meaning no case is made, and there is no showing of probable cause. The Fourth Amendment is bypassed entirely.

Requests for Americans’ data, in just this one slice of the U.S. government’s digital surveillance, adds up to 6.7 million user accounts disclosed over an eleven-year period. It is little wonder, then, that Americans simply do not trust the government with their data.

As FISA and Section 702 come up for renewal this month, urge your representative in the House to support Rep. Andy Biggs’ Protect Liberty Act. Common-sense reforms like these would bring privacy guardrails to Section 702 that would prevent its continued (and obviously growing) abuse as a tool for agencies like the FBI to spy on American citizens without justification.

But the new research by Proton drives home the fact that this isn’t just an FBI problem – it’s a systemic, wide-ranging “government overreach” problem powered by technology. “In many ways, the U.S. government has effectively outsourced its surveillance to Big Tech companies and data brokers,” wrote Proton’s Richie Koch.

Big Tech offers, here and there, end-to-end encryption for users’ communications, from Signal to Apple’s iMessage. But encryption is far from a standard practice. As Elena Constantinescu wrote in describing Proton’s latest report, “Big Tech has repeatedly shown little interest in offering that kind of protection, let alone making it the default, across the services where people store their most sensitive information.” Case in point: Bloomberg noted that Meta just announced the removal of end-to-end encryption for Instagram chats.

Constantinescu is right that privacy begins with tech companies’ designs for their communication services. She writes: “Privacy is a matter of architecture, not just policy.”
​
As the government demands more data, strong and ubiquitous encryption would create less data for government to request or access without a warrant. It is time for Silicon Valley to draw a new set of privacy-forward blueprints that start with a Fourth Amendment foundation.

Congress made a solemn promise on surveillance reform to the American people in public, only to break it in private. As a result, the “Make Everyone a Spy” provision allows the government to conscript office-space providers – including those who rent space to media organizations, law firms, and political campaigns – into enabling warrantless surveillance through their buildings’ internet networks. Even churches and other houses of worship can be targeted.
 
As the House debates the reauthorization of Section 702, PPSA and our followers call on House leadership to deliver on this very public promise to narrow the provisions of a loophole in the definition of government electronic communications service providers (ECSP) in Section 702 of the Foreign Intelligence Surveillance Act.
How We Got Here
 
When FISA Section 702 was reauthorized in 2024, it included a provision that was intended to allow the government to compel the cooperation of one particular type of company, believed to be providers of cloud computing, to respond to requests for data for national security purposes. The broad language of this provision, however, allows the National Security Agency to secretly demand access to communications equipment from almost every U.S. business or non-profit organization.
During the Senate debate on this intelligence legislation in 2024, key lawmakers admitted that their draft language was overly broad. They insisted there was no time to fix it, but assured their colleagues that after passage they would work to narrow the ECSP language, making a “technical fix” to ensure that only appropriate entities could be compelled to assist in surveillance. House Intelligence Committee leaders indicated openness to that correction, calling it “totally fine.” 
 
As the U.S. House of Representatives once again moves forward on the next reauthorization of Section 702, that promised fix has been ignored by both houses of Congress for two years.
 
Basic Liberties at Stake
The ability to surveil foreign threats is vital to protecting the homeland and the American people. But PPSA is firm in the conviction that we can have robust surveillance of terrorist and cybersecurity threats without allowing our government to regularly spy on the American people – especially with massive databases supercharged by AI.
For that reason, we ask House leadership to embrace several key reforms.
 
·      First, warrants must be required before Americans’ communications, swept up in NSA’s global trawl, can be accessed by the government.
 
·      Second, the secret FISA courts should be required to rely on qualified amici – civil liberties experts with high-level security clearances – to represent the larger constitutional concerns of the American people in sensitive cases.
 
·      Third, the House should close the “data broker loophole” that allows government agencies to sidestep the Fourth Amendment by buying Americans’ search histories, geolocation histories, and communications from shady, third-party data brokers.
 
·      One more obvious reform is the one already promised: The House must address the “Make Everyone a Spy” provision before reauthorizing Section 702.
 
It is unconscionable that the NSA can conscript vast swaths of American businesses and non-profit organizations that provide ordinary services, such as Wi-Fi, into a domestic spying operation on customers, tenants, and congregants.
 
This ability of the government to spy on media, law firms, political organizations, and religious groups trashes both the First and Fourth Amendments. This is more than a failure in legislative oversight. It is a breach of trust.
 
Just as bad, when combined with other unresolved problems, such as Section 702’s warrantless “backdoor searches,” and the government’s purchase of sensitive personal data by a dozen government agencies, Congress has set the stage for a genuine American surveillance state.
 
Fortunately, the House has no lack of solutions. Bipartisan proposals – from Rep. Andy Biggs’s Protect Liberty and End Warrantless Surveillance Act to the Government Surveillance Reform Act, sponsored by Rep. Warren Davidson and Rep. Zoe Lofgren – contain language that would narrow the ECSP definition.
 
Since Senate leaders did not deliver the ECSP fix earlier in their own chamber, the responsibility now falls squarely on the House. Leadership should not move forward with any intelligence package that ignores this commitment or relies on vague assurances that reforms will come “later,” behind closed doors.
 
Anything less would confirm the worst suspicions of the American people – that when it comes to surveillance, a promised reform is always just one vote away, one that never quite arrives.
 
Click here to tell House Speaker Mike Johnson to drop any attempt at a clean reauthorization of FISA Section 702 that rejects reasonable domestic surveillance reforms.

​It was a lot like the Battle of the Alamo – except this time, the defenders won.
 
In the wee hours of Friday morning, a coalition of 20 Republicans and 208 Democrats stopped House leadership from ramming through a reauthorization of FISA Section 702 weighed down by a disingenuous “reform” proposal. That proposal would have expanded the American surveillance state while weakening Americans’ privacy.
 
Worse, it would have punted the next reauthorization five years into the future. A surveillance authority created to track foreign threats – but too often used to conduct warrantless searches of Americans – would not have faced meaningful congressional scrutiny again until 2031.
 
That matters because Section 702 reauthorization is Congress’s only real chance to confront:

• The backdoor inspection of Americans’ private communications without a warrant

 

• The purchase and warrantless use of Americans’ most sensitive digital data from shady third-party brokers

 

• The “make everyone a spy” provision, which allows the NSA to compel access to Americans’ communications from businesses, landlords, and even houses of worship that provide Wi-Fi for their customers, congregants, tenants, and patrons

 
At a time of breakneck technological change – supercharged by AI – a five-year vacation from oversight might as well be a century.
 
Throughout the night, PPSA stayed on offense, providing Members of Congress with clear, fact-driven analysis.

As we pointed out to House Members, the bill’s biggest weakness was its overreach. House leadership tried to sell “reform” while pushing a five-year extension – an overreach that backfired.
 
Members were especially troubled by a Trojan Horse provision dressed up as a “warrant” requirement. In reality, it offered no protection for the vast number of everyday law-abiding Americans whose communications are swept up incidentally in foreign intelligence collection and then searched and reviewed by government agencies without any kind of judicial warrant.
 
Under that language, the FBI could still conduct backdoor searches of Americans’ communications with no evidence of wrongdoing – let alone probable cause.
 
The amendment also ignored the domestic surveillance practices of the NSA, CIA, and National Counterterrorism Center – agencies that collectively conduct thousands of backdoor searches each year. The NSA, in particular, has a long track record of violating the rules governing those searches.
 
Then came the giveaway clause. Buried in the text was a provision stating that “nothing in this subsection shall be construed to limit the authority of the Government under any applicable law or the Constitution …”
 
That’s not reform. That’s a disclaimer.
 
In short, the proposed cure was worse than the disease – especially because it failed to require a warrant before querying Americans’ communications in the Section 702 database.
 
But this fight isn’t over. The House has only kicked the can a few days down the road. The next vote is expected very soon.
 
PPSA will continue to arm Members with the facts – exposing phony reforms and warning against the dangers of locking in five years of largely unchecked surveillance. We’ll also keep you informed as the intelligence community and its allies on Capitol Hill roll out the next round of curveball proposals.
 
The good news: a majority of the House is holding firm for real reform, including a warrant requirement that actually protects Americans.
 
With your support – especially your calls and emails to House Members – PPSA will keep fighting to protect your privacy.

​At the eleventh hour – as the House prepares to vote on a “clean” reauthorization of Section 702 of the Foreign Intelligence Surveillance Act (FISA), which would exclude any reform amendments – a revelation from a secret court has disclosed major compliance problems directly related to Americans’ constitutional rights.

FISA Section 702 is a legal authority that allows U.S. government agencies to surveil foreign targets on foreign soil, but has been used by the government to spy on Americans’ texts, phone calls, and emails. The FBI, CIA, NSA, and National Counterterrorism Center conduct thousands of these warrantless “backdoor” searches each year.

In August 2024, it was revealed that the FBI was using a querying tool that allowed it to access Americans’ communications without adhering to the procedures Congress had just passed in the Reforming Intelligence and Securing America Act (RISAA). These searches evaded RISAA procedures meant to prevent abuses, such as obtaining approval for backdoor searches from in-house lawyers or supervisors, and recording the reasons for the search for internal audits.
The Department of Justice claimed to have fixed these violations in early 2025 and to have discontinued the use of that querying tool.

Yet a few days ago, the secret Foreign Intelligence Surveillance Court (FISC) found that the violations are in fact ongoing. We cannot be sure of the exact details, since the court’s opinion is classified. The New York Times, however, reported that the use of data-filtering tools to perform queries or searches of Americans’ information is:
​

• A problem “across the intelligence community”  

 

• Being conducted by the FBI through “another tool” with the same functionality as the discontinued querying tool.

This should be enough to settle the debate about stiff-arming consideration of more effective reforms. House Members must reject calls for a clean reauthorization and send a clear signal to the intelligence community that Congress will no longer tolerate its shell games.

Nor should House Members be panicked by the phony claim that failure to reauthorize Section 702 will result in America’s security apparatus going dark. While the statute expires on April 20, the FISC’s current surveillance orders remain in effect until spring 2027.

The reform amendments before the House would require warrants before the government can search the communications of Americans, as mandated by the Fourth Amendment. However, they all contain robust exceptions for emergencies, cybersecurity attacks, and metadata.
​
The House should not let itself be stampeded into a rushed vote. We have the time to debate reasonable reforms that will protect Americans from terrorists, while also protecting our constitutional rights from government overreach.

​“Does the NSA collect any type of data at all on millions or hundreds of millions of Americans?”

That was the question Sen. Ron Wyden (D-OR) put to then-Director of National Intelligence James Clapper in an open hearing in 2013.

“No sir,” Director Clapper responded, then qualified his statement by saying, “not wittingly.”
It has since been proven – and is a matter of government record – that the NSA’s global trawl of data has pulled in the communications of Americans by the millions over the last five years. Quite a record for a surveillance authority enacted by Congress to surveil foreign targets on foreign soil.

See for yourself the misuse of this authority revealed in a rare public scolding of the FBI by the secret FISA Court over “widespread violations” of Americans’ privacy with Section 702 data. Or look at the revelations issued by that court of specific instances of how the FBI misused warrantless Section 702 material against U.S. political figures. It is widely reported that the FBI has freely helped itself to Section 702 data, searching the data of more than 19,000 congressional donors, a state judge, and Members of Congress.

The Hunter Biden Laptop Deceit

In 2016, former Director Clapper was joined by former CIA Director John Brennan, former NSA General Counsel Glenn Gerstell, and former NSA Deputy Director Richard Ledgett, along with almost 50 other former senior intelligence officials in signing a letter released just before the 2020 election. They chimed in on a New York Post story about the contents of a laptop owned by Joe Biden’s son, Hunter.

This time, the Fibbing Four solemnly told the American people that the contents of the Hunter Biden laptop had “all the classic earmarks of a Russian intelligence operation.” The FBI later determined that the emails and contents of the laptop were “not tampered with or manipulated.” Even The New York Times was forced to report that the laptop and its contents were genuine.

The irony is that former intelligence officials, abusing their continued access to classified information to skew a national election, is about the most Russian thing they could do.

Misinformation About Reform Legislation

Now Director Clapper, and his Hunter Biden colleagues Brennan, Gerstell, and Ledgett, have fired off another letter. This one is directed at Congress telling Members not to allow any reform amendments to the Foreign Intelligence Surveillance Act authority, Section 702, because that would degrade the government’s ability to protect Americans.

“If Congress fails to authorize Section 702, history may judge the lapse of Section 702 authorities as one of the worst intelligence failures of our time,” they write, joined by enough of their colleagues to get the number of signatories up to around 50. “As Members of Congress know, we face sophisticated threats from China, Russia, Iran, and North Korea, including the real possibility of devastating cyber-attacks and state-sponsored terrorism directed at Americans.”

These are, of course, real and active threats. But the Fibbing Four gloss over the fact that all of the reform proposals being proposed in Congress contain exceptions for “exigent circumstances.” These exceptions would allow intelligence agencies to react to time-sensitive emergencies, such as the so-called “ticking time bomb” scenario. These reform proposals also contain exceptions for cybersecurity and warrantless searches of metadata, requiring court approval only to examine the content of Americans’ communications.

Fool Me Once…

The good news is that Congress is getting wise to such shenanigans just before every vote. Before the last Section 702 reauthorization two years ago, the champions of the intelligence community put out a cryptic story about “a serious national security threat” that turned out to be theoretical, not imminent, reports about “Russian space nukes.”

Our advice to Congress is to look at the plain language of the reform legislation that allows the intelligence community to continue to defend America – while upholding our constitutional rights as well.
​
We can defend America and obey the Constitution at the same time. Don’t let anyone tell you otherwise.

​The American Prospect reports that statements made by Rep. Jim Himes (D-CT), Ranking Member of the House Permanent Select Committee on Intelligence, are raising the question of how well Members of Congress understand the surveillance authorities they oversee.

​“I am not aware of any NSA purchases of U.S. person data,” Rep. Himes is quoted as saying in a virtual town hall last week. “And because their targets, by law, are exclusively foreign, they … have no reason and no business buying American data.”

​
​We agree with the last part of that statement. If only the first part were true.
 
In a letter sent in 2023 in response to a query from Sen. Ron Wyden (D-OR), then-NSA Director Gen. Paul Nakasone wrote: “NSA acquires various types of CAI (commercially available information) for foreign intelligence, cybersecurity, and other authorized mission purposes, to include enhancing its signals intelligence (SIGINT) and cybersecurity missions. This may include information associated with electronic devices being
used outside and, in certain cases, inside the United States.”
 
Charlie Savage of The New York Times summarized the letter’s content thusly, “The National Security Agency buys certain logs related to Americans’ domestic internet activities from commercial data brokers.” This characterization was under the headline, “N.S.A. Buys Americans’ Internet Data Without Warrants, Letter Says.”
 
Rep. Himes also said that AI “has absolutely nothing to do with 702. Nothing. Full stop.”
 
The American Prospect reports that the Department of Justice’s National Security Division (NSD) budget justification shows that NSD “worked closely” with the intelligence community “to discuss new AI tools that are involved in processing or analyzing FISA-acquired information.”
 
All of which suggests that before the House debates the reauthorization of FISA Section 702 – a program that authorizes foreign surveillance on foreign soil but has often been used to warrantlessly spy on Americans on U.S soil – a deeper discussion with civil liberties groups and a robust House debate are warranted.
 
In facing the looming Section 702 debate, Members of the House need to hear from all sides of the surveillance debate – not just the approved line from the executive branch intelligence agencies.

​As Congress prepares to debate the reauthorization of FISA Section 702, lawmakers should understand one simple fact: Americans do not trust the government with their data. A new poll shows that 74 percent of Americans are concerned about the privacy and security of their personal data in government hands.
 
The poll, released last week by the Center for Democracy & Technology (CDT), shows that 79 percent of respondents agreed that: “Congress should use its authority to hold the government accountable when it ignores privacy laws.”
 
“People want their privacy protected,” said CDT’s Elizabeth Laird, “and bipartisan majorities want their elected leaders to do something about it. Lawmakers who ignore privacy are significantly out of step with their constituents.”
 
The high level of public concern about the warrantless access by government agencies to Americans’ data – at the heart of the Section 702 debate – was consistent regardless of respondents’ political affiliation or age group. The survey also revealed specific concerns about how that data is used – and misused:
 
68 percent are concerned about personal data being shared with law enforcement across the federal, state, and local levels
 
67 percent are concerned about personal data being shared with the Department of Homeland Security
 
83 percent are concerned about a breach of a government database exposing their personal data
 
73 percent agree that, without privacy laws, government agencies would track and monitor anyone they choose
 
44 percent say they would forgo government benefits rather than risk misuse of their personal data
 
These numbers are a warning. Poll after poll has shown that Americans across the political spectrum are deeply uneasy about how the government collects, searches, and uses their data. That concern is especially acute when it comes to warrantless searches of Americans’ communications under Section 702 – so-called “backdoor searches” that bypass the Fourth Amendment.
 
Nor are these fears hypothetical. From millions of warrantless queries in recent years to the government’s routine purchase of Americans’ data from brokers, the gap between surveillance authorities and constitutional protections has become impossible to ignore. If “trust is the lifeblood of democracy,” then these findings suggest that America is running dangerously low.
 
Congress now faces a choice. It can once again rush through a “clean” reauthorization of Section 702, ignoring both public opinion and constitutional concerns. Or it can act – by requiring warrants for searches of Americans’ communications, closing the data broker loophole, and imposing real oversight.
 
Fortunately, the path forward is clear:
 
—Reform Section 702.
 
—Restore the warrant requirement.
 
—Rebuild public trust.

​As the April 20 expiration of FISA Section 702 approaches, a familiar script is playing out on Capitol Hill. Members are warned that any delay in reauthorizing Section 702 – which enables U.S. intelligence agencies to surveil foreign threats – risks allowing a terrorist attack to unfold on American soil.

This “you will have blood on your hands” argument is not just wrong. It is a cynical ploy to short-circuit a debate that Congress owes the American people, one that would in no way endanger national security.

Here is the reality: Letting the statutory authority of Section 702 lapse does NOT mean America’s surveillance goes dark. Surveillance continues under Section 702 certifications issued by the Foreign Intelligence Surveillance Court, which remain valid until their expiration – currently extending to March 2027.

This is not speculation. It is how this law works. As The New York Times has reported, legal directives to communications providers “shall continue in effect” under existing court authorizations.

Yet lawmakers are again being told by the intelligence community to act immediately or risk catastrophe. This fear-based messaging has become routine, repeatedly stampeding Congress into reauthorizing Section 702 without strong reforms to protect Americans’ privacy.

Enacted by Congress to target foreign threats abroad, Section 702 has been used to conduct millions of warrantless searches of Americans’ communications – peaking at 3.4 million in 2021. These are the predictable results of allowing the government to conduct “backdoor searches” without a warrant.

In 2024, a bipartisan amendment to require warrants for searches of Americans’ communications failed in a 212–212 tie in the House. That vote showed how close meaningful reform is – if lawmakers are given the time to pursue it.

Supporters of a “clean” extension – one without any reform amendments – are once again promising a debate on reforms later. Such promised reform debates never arrive. Recent history gives no reason to believe that this time will be different.

Congress has time to debate well beyond April 20. It has time to patiently consider reforms, such as adding a warrant requirement before 702-derived communications of Americans can be inspected.
​
The choice for Congress is not between national security and civil liberties. It is between rubber-stamping a flawed surveillance authority and doing the hard work of fixing it for their constituents.

Why does PPSA oppose a “clean” extension – without any changes or reforms – of the scandal-ridden Section 702 of the Foreign Intelligence Surveillance Act (FISA)? Recent history shows how much is at stake when the U.S. House votes in April on whether to reauthorize this surveillance authority, and why Congress must allow time for significant debate and reforms.

Section 702 was enacted by Congress to enable U.S. intelligence agencies to surveil foreign threats on foreign soil. The intelligence community maintains that the communications of Americans are swept up in the National Security Agency’s global trawl only “incidentally.”

Patrick Eddington, a former CIA officer now a Cato Institute policy analyst, writes that the rub is that “the practice is not incidental but a predictable, systematic, and – from the government’s perspective – valuable byproduct of the program.”

Here are some examples of what “incidental” looks like:

• The FBI in 2021 conducted more than 3 million warrantless searches of Americans’ communications under Section 702. This was an astonishing abuse of a surveillance power that Congress designed for foreign surveillance, not warrantless surveillance of Americans.

 

• The FBI, in violation of its own rules, illegally searched for the communications of 19,000 donors to a congressional campaign, of multiple U.S. government officials, of journalists, of political commentators, of a local political party, of people who came to the FBI to perform repairs, of victims who approached the FBI to report crimes, of business, religious, and community leaders who applied to participate in the FBI’s “Citizens Academy,” of college students participating in a “Collegiate Academy,” of police officer candidates, of colleagues and relatives of FBI agents, and of Black Lives Matter and January 6 protesters.

 

• Some of the most egregious improper queries occurred after the FBI implemented new rules to curb abuses. In April 2023, a FISC opinion revealed that the FBI in 2022 dipped into Section 702 data to warrantlessly spy on a U.S. Senator, a state senator, and a state judge.

 

• Just last week, the FBI admitted that it has resumed collecting Americans’ location data and movements – where we go and potentially those we meet with – by purchasing that data from third-party data brokers. Though this is not a Section 702-authorized program, it is a clear sign of the hunger the government has for collecting our data without a warrant.

Three evils emerge from what has become a routine domestic surveillance program.

• The first evil is that warrantless surveillance of Americans – which completely sidesteps the Constitution’s Fourth Amendment requirement for a probable cause warrant – gives the FBI a “backdoor search” loophole. By conducting fishing expeditions, the FBI can develop predicates for investigating Americans outside of constitutional boundaries.

The intelligence community objects to this characterization, stoutly maintaining that Section 702 is not directed at Americans. To quote Eddington again:

“The Foreign Intelligence Surveillance Court (FISC) and multiple congressional oversight reports have documented thousands of such searches annually, many involving wholly domestic criminal investigations with no foreign intelligence nexus.”

• The second evil is where this data can go. Once Americans’ data is collected by surveillance programs authorized by Section 702, it can be held for years. With a recent move by the Trump administration to tear down long-standing data silos between the agencies, this information could soon be at the fingertips of dozens of federal agencies, including the IRS, the Department of Homeland Security, and the ATF.

 

• The third evil is the ability of AI to quickly turn vast amounts of data from domestic surveillance into actionable intelligence against Americans.

PPSA agrees that Section 702 is an important authority, needed to keep Americans safe from foreign threats. We also believe that we can protect civil liberties and national security at the same time. There is no reason for Members of Congress to be panicked by a needless legislative game of chicken.
​
Defenders of civil liberties should stand together to test the value of various reform amendments in the crucible of a much-needed open debate.

Talk of a “clean reauthorization” of Section 702 of the Foreign Intelligence Surveillance Act (FISA) is growing on Capitol Hill. But as Washington starts to dream of an easy vote that includes no surveillance reforms, the American people are not having it.
 
FISA Section 702 is an authority enacted by Congress to enable the surveillance of foreign threats on foreign soil, but it has often been used by the FBI in recent years to spy on the communications of millions of Americans. Included in that debate is concern over the way in which a dozen federal agencies – ranging from the FBI to the IRS – are purchasing Americans’ personal information from shady third-party data brokers.
 
A new poll commissioned by Demand Progress shows that Americans are paying attention to this threat to privacy – and they don’t like what they see.

• Only 12 percent of voters, including 17 percent of Republicans and eight percent of Independents, believe Congress should renew surveillance and monitoring activities without reforms.

 

• Some 37 percent of voters, including a plurality of 41 percent of Republicans, think FISA should only be reauthorized if it contains restrictions on government purchases of our personal data.

 

• Another 37 percent don’t want the program reauthorized at all.

The poll also shows that the recent dust-up between the Pentagon and AI company Anthropic is focusing the public’s attention on the potential for the government to use artificial intelligence to drive the surveillance of the American people to unprecedented levels.
 
This is especially true as the administration works to dismantle long-standing information silos and remove safeguards that once limited the sharing of Americans’ private data between agencies – from the Department of Homeland Security to the FBI and the IRS.
 
AI surveillance, with data collected under Section 702, could allow government employees across the federal bureaucracy to run warrantless searches of Americans’ private communications. Combined with the vast amounts of Americans’ personal data that federal agencies purchase from third-party data brokers, AI-run surveillance programs will have truly frightening reach.
 
The poll also shows that Americans are watching the AI debate and that a majority see it as a threat to privacy.
​

• Sixty-six percent of voters – including 76 percent of Independents and 52 percent of Republicans – believe the government should not be able to force AI companies to grant unrestricted access to analyze Americans’ personal data.

Before Congress embraces a comfortable conformity on a “clean” reauthorization of Section 702 or any other surveillance authority, Members would do well to pay attention to the rising alarm over surveillance among their constituents.

The Government Surveillance Reform Act (GSRA), which would stop federal agencies from buying Americans’ most personal data from shady data brokers while reforming Section 702 of the Foreign Intelligence Surveillance Act (FISA), was reintroduced on Thursday with strong bipartisan and bicameral support.

Sens. Mike Lee (R-UT) and Ron Wyden (D-OR), and Reps. Warren Davidson (R-OH) and Zoe Lofgren (D-CA) are the sponsors of the GSRA, which balances comprehensive surveillance reform with national security.

“It leaves in place the authorities needed to protect the American people from foreign threats, while reforming what Senator Lee calls ‘illegal government spying’ directed at Americans,” said Bob Goodlatte, former Chairman of the House Judiciary Committee and now Senior Policy Advisor to PPSA.

Cosponsors of the bill include Sens. Cynthia Lummis (R-WY) and Elizabeth Warren (D-MA), and Reps. Sara Jacobs (D-CA) and Pramila Jayapal (D-WA).

Among its many reforms, the GRSA:

Closes the backdoor search loophole: By requiring a warrant for the government to inspect Section 702 information, the bill stops federal agents from fishing through warrantlessly obtained data to generate suspicions about Americans.

Ends reverses targeting: It prohibits the use of foreign surveillance as a pretext to gather data on Americans.

Closes the data broker loophole: The bill bans the practice of federal agencies buying some of our most personal information from data brokers without a warrant.

Repeals the “Make Everyone a Spy” provision: The bill repeals a controversial 2024 provision that allows the government to force millions of Americans and companies to secretly spy on its behalf.

Updates privacy protections for AI and other modern technologies: The bill’s warrant requirement extends to Americans’ location information, web browsing data, search and chatbot records, and the wealth of data collected by modern vehicles.

Expands the use of amici in the secret FISA courts: The bill mandates increased use of amici curiae – experts in privacy and civil liberties – to represent the civil rights of the American people in sensitive cases before secret courts that have no adversarial process. It also provides these advisors to the court with full access to all relevant information needed to do their job.

“It has been said that the Government Surveillance Reform Act is the most balanced and comprehensive surveillance reform bill in almost half a century,” Bob Goodlatte said. “It enjoys deep bipartisan and bicameral support because many Members of Congress are alarmed by the abusive and pervasive surveillance of the American people.
​
“This well-crafted legislation must be included in the reauthorization of FISA Section 702 in April.”

​“National security and civil liberties are not mutually exclusive,” said Rep. Andy Biggs (R-AZ). “We can give our intelligence professionals the tools they need to target foreign threats while ensuring that Americans are not subjected to unconstitutional surveillance.”
 
Rep. Biggs last week underscored that philosophy by reintroducing the Protect Liberty and End Warrantless Surveillance Act. His bill would bring powerful reforms to Section 702, which authorizes federal intelligence agencies to spy on foreign targets on foreign soil but has often been used by the FBI to spy on Americans. This authority must be reauthorized by April 20 or expire.
 
Among its many provisions, the Protect Liberty Act would:
 

• Require a warrant before information collected under Section 702 could be used to inspect the communications of people inside the United States.

 

• Bar the government from purchasing or obtaining Americans’ personal digital data – a practice currently carried out by more than a dozen federal agencies, from the FBI to the IRS.

 

• Sunset the “Make Everyone a Spy” provision slipped into the last reauthorization that requires virtually every business or house of worship to secretly facilitate spying on its customers and congregants.

 

• Require the secret FISA courts to appoint legal experts (amici curiae) with security clearances to represent the civil liberties of the American people.

 

• Reauthorize Section 702 for two years from this April, ensuring that the next reauthorization does not arise during a budget or election season, when Congress will be too busy to take a careful look at how this authority has worked and how it might need to be adjusted.

 
Despite talk on the Hill of a “clean” reauthorization of Section 702, Rep. Biggs’ bill should get the attention of civil liberties champions across the ideological spectrum, from the House Freedom Caucus to Demand Progress.
 
Polls show that vast majorities of Americans in both parties are deeply concerned about government agencies that treat privacy as a luxury and the Fourth Amendment as a nuisance.
 
“The Protect Liberty Act is the most important government surveillance reform measure in several generations – protecting Americans’ constitutional rights while leaving in place important authorities to keep the American people safe from foreign threats,” said Bob Goodlatte, former Chairman of the House Judiciary Committee and Senior Policy Advisor to PPSA.
​
“FISA Section 702 was enacted by Congress to enable the surveillance of foreign threats on foreign soil, but has been used in recent years by the FBI for domestic spying,” Goodlatte said. “It has been abused to spy on millions of Americans, including judges, sitting Members of Congress, 19,000 donors to a congressional campaign, and countless others.
 
“PPSA commends Subcommittee Chairman Andy Biggs for bringing this reform into the debate over the reauthorization of Section 702,” Goodlatte said. “We are hopeful that Republicans and Democrats on the House Judiciary Committee will once again pass it and that President Trump will sign it into law."

Rep. Jim Jordan, Chairman of the House Judiciary Committee, and Rep. Brian Mast, Chairman of the House Foreign Affairs Committee, are urging the United Kingdom Home Secretary to reveal details of a secret order to Apple that may kill encryption for Americans and Apple customers around the world.

The secret order involves Apple’s Advanced Data Protection, which offers customers end-to-end encryption so strong that even Apple itself does not have the ability to break it. As a result, journalists and their sources, women and their children hiding from stalkers, dissidents around the world, businesses communicating about proprietary products, and people who simply value their privacy, all rely on Apple’s ADP to protect their communications.

In February 2025, the UK Home Office – roughly equivalent to the U.S. Department of Homeland Security – issued a Technical Capability Notice (TCN) to Apple demanding access to end-to-end encrypted data stored in Apple’s iCloud. In order to be able to continue to serve Britons with other products and services, and to protect customers’ privacy, Apple was forced to comply with the law by disabling ADP for 35 million iPhone users in the UK.

This had the additional unfortunate effect of depriving Americans and people from around the world of the ability to privately communicate with UK Apple customers – including with other Americans inside the UK.

The UK’s Gag Order – an American Company Cannot Talk to Its Government

“However, it remains unclear whether this action satisfies the UK’s demands, particularly as the order reportedly extends to data of users outside the UK, including American citizens,” Jordan and Mast wrote in a letter to Home Secretary Shabana Mahmood.

Such an order is not only in violation of the Clarifying Lawful Overseas Use of Data (CLOUD) Act, which authorizes the U.S. to enter into data-sharing agreements with the UK and a few other countries, but prohibits orders that require providers to decrypt data. Incredibly, the UK government’s TCN imposes a gag order on Apple that makes it a criminal violation for this American company to petition or even discuss the order with the U.S. Department of Justice.

The “Bare Details” of the TCN Are Not Enough

Since then, a tribunal in the UK rejected the idea that “the revelation of the bare details of the case would be damaging to the public interest or prejudicial to national security.”

Late last year, the Investigatory Powers Commissioner, which advises Prime Minister Keir Starmer, agreed with the tribunal’s ruling, saying that disclosure of some details about the TCN is necessary for “a mature and informed public debate.” Yet no such briefing is in the works, which is why the chairmen are now making a direct request to UK Home Secretary Mahmood to provide a briefing that would spell out the terms of the TCN to the committees by March 11.

What’s more, the committees need more than the “bare details” of the TCN to ensure that the actions of the UK government are within the terms of the CLOUD Act. Otherwise, how could Chairmen Jordan and Mast ascertain if the order weakens “the security, privacy, and constitutional rights of American citizens”? PPSA applauds the chairmen for taking this stand for the right of Americans.

The U.S. Can Suspend the CLOUD Act Agreement with the UK

Bob Goodlatte, former Chairman of the House Judiciary Committee and PPSA Senior Policy Advisor, who helped lead the passage of the CLOUD Act in 2018, is pointing to a way out if the UK does not respond to Jordan and Mast.

In a letter to Attorney General Pam Bondi on Dec. 12, Goodlatte noted that the CLOUD Act was intended to streamline cross-border cooperation, but “was never intended by Congress to be leveraged by a foreign partner to compel any form of ‘backdoor’ access or other types of decryption assistance.”
​

• Goodlatte noted that the CLOUD Act anticipated the danger that a foreign partner would try to exploit the goodwill of the United States. “Accordingly,” Goodlatte wrote to the attorney general, I urge the Department of Justice to invoke Article 12.3 and suspend the Agreement unless and until the UK withdraws its use of TCNs.”

The letter from Chairmen Jordan and Mast did not invoke the possibility of taking this strong action. But Home Secretary Mahmood would be wise to realize that this is likely a step the Trump administration and Congress will take if the British government continues to remain resistant to American concerns.

The FBI calls them “assessments.” Americans experience them as investigations. 
 
A new Government Accountability Office (GAO) report suggests that many supposedly preliminary inquiries function as probes in waiting – particularly when they involve politics, journalism, or religion. According to the report, posted by the Cato Institute, more than 1,000 individuals and organizations have been subjected to preliminary assessments for investigation, a scope that should trigger immediate congressional concern. (Hat tip to Cato’s Patrick Eddington.)
 
The most alarming category involves so-called “Sensitive Investigative Matters,” or SIM assessments. These are FBI inquiries potentially into political campaigns and candidates, elected officials, journalists, religious leaders, or any other Americans engaged in core First Amendment activities. If any government scrutiny demands transparency and restraint, it is surveillance that begins with our rights to freedom of speech, belief, and association.
 
The GAO found that the FBI converted 48 percent of SIM assessments into Preliminary or Full Investigations. Eddington reports that these sensitive cases were 3.5 percentage times more likely to escalate than ordinary assessments – a statistical red flag for anyone told these probes are narrow, cautious, or exceptional.
 
Eddington writes:
 
“That’s especially alarming since, under Preliminary or Full Investigations, the agents running the case can employ wiretaps or other extremely intrusive and clandestine investigative techniques.”
 
Those tools – from electronic surveillance to confidential informants and covert collection – once deployed, are difficult to unwind. That is why Congress must demand answers before, not after, it reauthorizes Section 702 of the Foreign Intelligence Surveillance Act, which expires in April.
 
Before granting renewed surveillance authority, lawmakers should require the FBI to disclose whether SIM assessments have targeted:
​

• Members of Congress

 

• Political candidates and parties

 

• News organizations, think tanks, and NGOs

 

• News reporters and opinion journalists

 

• Churches, temples, and mosques.

At a minimum, the Bureau should provide the relevant oversight committees – especially the House Judiciary Committee – with a full accounting of past SIM targets and the total number of assessments elevated into full investigations. Congress should also ask who authorized these escalations. Were investigative decisions influenced by political appointees? 
 
Two questions cut to the core of our concerns about protecting civil liberties. Why are First Amendment-sensitive assessments more likely to escalate than ordinary cases? And was Section 702 data – intended for foreign intelligence collection abroad but routinely used for warrantless “backdoor” searches of Americans – part of the analytical process driving these decisions?
 
The Founders knew the danger of unchecked investigations aimed at political and religious dissent. They rebelled against general warrants that allowed agents of the Crown to search first and justify later. SIM assessments risk reviving that same model – quiet surveillance justified by internal labels rather than public law.
 
Surveillance powers are easy to grant and hard to retract. Congress should not renew them without first understanding how existing authorities have been used against Americans exercising our most basic freedoms.
 
Congress should make it clear: No answers. No reauthorizations.

​When photographers zoomed in on Attorney General Bondi during her recent House Judiciary Committee testimony, they captured her holding a printout titled “Jayapal Pramila Search History.” The Department of Justice (DOJ) staff appear to have been tracking what Members of Congress searched for in the unredacted Epstein files, including the searches of Rep. Pramila Jayapal (D-WA).
 
This is just the latest sign that the DOJ needs to embrace congressional oversight, not treat it as a nuisance to be watched closely and managed. House Speaker Mike Johnson responded: “I don’t think it’s appropriate for anybody to be tracking that.” Rep. Nancy Mace (R-SC) called it “creepy.”
 
Here’s the backstory: Earlier in the week, Members of Congress had been given access to unredacted versions of the files in a designated DOJ office building. Once under the roof of the executive branch, Members of Congress were surveilled and their queries recorded. DOJ showed a contempt for the oversight function of Congress that is becoming a hallmark of that department under Democratic as well as Republican administrations.
 
Consider that Biden’s outgoing team at Justice – unhappy with the decision by Congress in 2024 to reassert its oversight authority by allowing Members to attend FISA court proceedings – crafted an absurd set of lengthy and onerous restrictions that effectively neutered this law. President Trump’s DOJ has continued these restrictions, despite Bondi mentioning the need for FISA reform in her confirmation testimony. These restrictions allow a DOJ bureaucrat to evict Members from the two FISA courts at will. They also block senators and representatives from discussing what they heard in court with each other, an absurd restriction that effectively transforms a form of congressional oversight into a gag order for Congress.
 
Sens. Chuck Grassley (R-IA) and Dick Durbin (D-IL) complained to Attorney General Bondi about these ridiculous restrictions to FISA court access in a protest letter sent last November. And the senators recently gave the former general counsel of the National Security Agency the same message: Section 702 of the Foreign Intelligence Surveillance Act has its place as a national security and intelligence tool, warned Grassley, but “constant congressional oversight and vigilance is also essential to ensure that this authority is exercised responsibly,” lest its use as a domestic spying tool continue unchecked.
 
Similarly, telling Members of Congress that they can search the unredacted Epstein files – as stipulated by law – but then secretly keeping tabs on their queries is not a guardrail, as a DOJ spokesperson tried to claim (“DOJ logs all searches made on its systems to protect against the release of victim information.”) Why, then, did the department provide the Attorney General with talking points to take into her hearing that outlined the search histories of Members of Congress?
 
This is just one more sign that Congress must reassert its authority and make it clear to DOJ that it is the one that oversees, not the one that is overseen.

​The recent Senate Judiciary Committee hearing on the “review and reform” of the Foreign Intelligence Surveillance Act (FISA) yielded some fireworks and surprises that herald a robust and rowdy debate to come.

One FISA authority, Section 702, is due to sunset in April. As the Section 702 renewal debate heats up, that authority – enacted by Congress to enable spying on foreign targets on foreign soil without the need for a warrant or court order – will come under intense scrutiny for being used by the government in recent years to warrantlessly access millions of Americans’ private communications.

But a host of other surveillance authorities will also be debated. Liza Goitein of the Brennan Center for Justice told the committee:

“Section 702 is part of an ecosystem of often overlapping surveillance authorities, and when one avenue is closed off, the government can often turn to another or exploit gaps in that network to conduct surveillance with no statutory authority at all.”

One of these gaps is the “data broker loophole.” This is the routine practice of multiple federal law enforcement and intelligence agencies – including the FBI, the IRS, and the Department of Homeland Security – purchasing Americans’ private digital data from data brokers. Once purchased, agencies assert a right to examine Americans’ data without a warrant.

Adam Schiff’s Tough Questions About the Data Broker Loophole

In the hearing, Sen. Adam Schiff (D-CA) asked Goitein (see the 1:30 mark) about how “law enforcement and intelligence agencies might circumvent the requirements of the Fourth Amendment by acquiring information from third-party data brokers.”

Sen. Schiff highlighted the disingenuousness of the intelligence community and its workaround for the Electronic Communications Privacy Act, which prohibits direct sales of Americans’ personal data by telecoms to government agencies. But telecoms are allowed sell Americans’ personal information to data brokers for commercial purposes. Federal agencies exploit this loophole by claiming that there is nothing to prevent them from also purchasing Americans’ data from those brokers.

Liza Goitein made it clear that such “gaps” in the surveillance “ecosystem” should be very much a part of the Section 702 debate. “And the gap I am most worried about is this data broker loophole. Federal agencies are buying their way around constitutional and statutory requirements on a routine basis.”

Sen. Josh Hawley took a different tack, focusing on a contradiction in the government’s lenient definition of what qualifies as a search of an American’s communication.

Josh Hawley Schools Surveillance Advocate

“You said that Section 702 cannot be used to target Americans,” Sen. Josh Hawley (R-MO) (see the 1:27 mark) said to Adam Klein, Director of the Strauss Center at the University of Texas at Austin. “But that’s cold comfort, isn’t it” he said, “to those subject to 278,000 improper searches – United States persons that we were talking about – in 2022 alone?”

“I mean, sure, the statute doesn’t permit them to be targeted, but when they have their personal information directly queried or improperly searched, what’s the difference?”

Klein responded that Americans should take comfort from the fact that Section 702 is meant to target foreigners overseas, not Americans.

Hawley fired back:

“As someone who had his cellphone tapped, improperly, by the United States government, by the way, why would I feel any better if I am told, ‘the U.S. government improperly queried your personal information … but don’t worry, they weren’t going after you, in the first instance. They just happened to have all of your stuff and then they look into them because there are no effective constraints on them. Why is that a good thing?”

Klein pivoted to the issue of surveillance of Members of Congress, whom he said had “a heightened expectation of safeguards in this area.”

Hawley cut him off to ask why this expectation doesn’t also protect journalists or Americans who merely travel overseas or have family overseas. Hawley said the government effectively says, “Oh, don’t worry, you weren’t targeted. I mean you were effectively targeted.”

Sen. Hawley highlighted the contradiction in how the search of an American person’s data is not treated as a separate Fourth Amendment event. On one hand, Hawley said, the government promises not to target Americans. On the other hand, it searches Americans’ data.

“You can’t have it both ways,” Sen. Hawley said, adding, “That looks an awful lot like a search and seizure under Fourth Amendment.”
​
When Sens. Hawley and Schiff – at opposite ends of the political spectrum – pose such tough questions, it is clear that the emerging bipartisan surveillance debate in Congress is going to heat up.

​Stewart Baker, former general counsel of the National Security Agency, opened his testimony before the Senate Judiciary Committee last week with a startling, if somewhat insolent, proposal.

Baker’s proposal came at the beginning of that hearing on the “review and reform of the Foreign Intelligence Surveillance Act,” which centered around FISA Section 702. This is an authority enacted by Congress to enable spying on foreign targets on foreign soil without the need for a warrant or court order. Yet it has been used in recent years to enable warrantless government access to millions of Americans’ private communications.

Section 702 sunsets in April 2026 after the last reauthorization in April 2024. The reauthorization debate now beginning on Capitol Hill is being used to explore not just Section 702, but many other surveillance authorities associated with it as well.

“It’s time to say – let’s stop putting a sunset on 702,” Baker said. “It is only putting our most valuable security tool up for grabs every couple of years and then praying that there is enough bipartisan spirit in the Congress to do what needs to be done.”

This flew in the face of remarks by Chairman Chuck Grassley (R-IA) and Ranking Member Dick Durbin (D-IL).

Sen. Grassley said that while Section 702 is an “essential national security and intelligence tool,” he believes that “constant Congressional oversight and vigilance is also essential to ensure that this authority is exercised responsibly.”

The chairman also expressed concern about FISA’s “reach” and said there is “still more work to be done.”

To underscore this point, Sen. Grassley reminded the committee that he and Sen. Durbin have complained that an oversight measure passed into law in 2024 is being blocked by the Department of Justice.

That law allows senators and staff members with high levels of security clearance to attend hearings of the Foreign Intelligence Surveillance courts. But an onerous set of restrictions imposed by the Justice Department under the Biden administration and continued by the Trump administration has made it impossible for Members of Congress to attend the hearings with staff – or even to discuss them with anyone, whether cleared staff or other senators.

That is not a guardrail. It is a gag order.

The Justice Department also asserts a right to remove senators and Members of Congress at will. This is peculiar, given that the right to remove people from a courtroom is normally exercised by the presiding judge, not a functionary from the executive branch.

Ranking Member Sen. Durbin echoed the chairman on their “responsibility to conduct oversight” of Section 702. “For years the government has used it as a domestic spying tool to collect millions, maybe billions, of Americans’ private communications.”

Sen. Durbin added that the government has been:

“Reading our text messages and emails, and listening to our phone calls, all without a warrant requirement of the Fourth Amendment … Section 702 has been abused to spy on business and religious leaders, political parties, Members of Congress, campaign donors, journalists, and political protesters of all stripes.”

The intelligence community has long played clever word games with Section 702 to enable such warrantless domestic spying. And when federal agencies are called out on their domestic spying, more often than not they fail to respond to their putative overseers on the Hill or to innumerable Freedom of Information Act (FOIA) requests filed by PPSA and other civil liberties organizations.

Consider the letter of protest Sen. Grassley and Sen. Durbin sent in November to Attorney General Pam Bondi asking her to stop those executive branch restrictions on congressional oversight at the FISA court hearings.

Three months have passed and Attorney General Bondi has yet to respond to the Chairman and Ranking Member of the Senate Judiciary Committee.
​
Could we have a better example of why senators believe Congress must use sunsetting and other robust measures to try to compel oversight of an intelligence community that refuses to answer even basic questions?

​At a Senate Intelligence Committee hearing today (see 54:25), Sen. Ron Wyden (D-OR) probed Lt. Gen. Joshua Rudd – nominated to lead the National Security Agency – on whether he would obey the Fourth Amendment’s requirement for a probable cause warrant before surveilling the communications of American citizens in programs authorized by Section 702 of the Foreign Intelligence Surveillance Act.
 
That authority was enacted by Congress to enable the surveillance of foreign terrorists and spies on foreign soil. The National Security Agency’s trawl of global communications has since become a resource for U.S. intelligence agencies to routinely spy on the communications of American citizens and other “U.S. persons” on American soil.
 
Given that Congress is beginning to debate whether to continue the risk Section 702 poses to Americans’ privacy – with a vote on its reauthorization in April – you might think that Lt. Gen. Rudd would have a good grasp of the background on this issue, if not an actual opinion.
 
The hearing revealed that he has neither.
 
In response to Sen. Wyden’s questions, Lt. Gen. Rudd replied with non-answers. Worse, he admitted that he really didn’t understand the privacy issues at the heart of the looming Section 702 debate.
 
Sen. Wyden framed his questions with a quote from Benjamin Franklin, who wrote: “Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety.” Sen. Wyden said that he sees “striking that balance” between safety and liberty as “essential.”
 
The senator then asked: “General, if you are directed to target people in the United States for surveillance, will you insist that there will be a judicial warrant?”
 
General Rudd replied: “What I can tell you, senator, is that if confirmed I will absolutely commit to executing the foreign intelligence mission of the NSA in accordance with the authorities it has been given and within all applicable laws.”
 
Sen. Wyden came back: “That is about as vague as anything I’ve heard on the subject. And it seems to me that unfamiliarity with basic constitutional rights is not something that can be accepted in this position. It’s so crucial. I continue to believe that what I described for you is not mutually exclusive. Smart policies give you security and liberty. Not so smart policies give you less of both.”
 
Sen. Wyden again asked whether Lt. Gen. Rudd could give us some insight into his thinking. Rudd gave another boilerplate non-answer answer.
 
Sen. Wyden asked: “Do you believe that U.S. person searches of Section 702 collection should require a warrant except in emergencies, which has been largely the position of those who would like to find some common ground as we go forward?”
 
General Rudd replied: “Senator that’s a topic I’d need to look into, and get a better understanding of, and give you a more fulsome and complete answer on that one.”
 
An informed officer might have turned the tables on the senator and noted that a warrant requirement is set to be debated and voted on by Congress in April. He could then have sat back and added, “I will execute whatever laws you, Senator Wyden, and your colleagues pass.”
 
But Lt. Gen. Rudd did not know to do that. Instead, he revealed he wasn’t even conversant with the issue. Not a good look at the hearing – and not very reassuring for the American people.

​If you’ve read Rick Atkinson’s prize-winning books on the American Revolution or watched Ken Burns’ documentaries on that founding event, you know how deeply Americans have always valued privacy. The Revolution itself was sparked, in part, by outrage over the British Crown’s use of “general warrants” – sweeping authorities that allowed the King’s agents to ransack homes, warehouses, offices, and ships at dock in search of anything they deemed suspicious.

Now, nearly 250 years after the Declaration of Independence, London is at it again.

This time, the British government is executing a plan to override the security and encryption protections built into U.S. technology products – exposing the private data of Americans, and potentially users around the world, beginning with Apple devices.

The CLOUD Act — and a Deal Gone Wrong

PPSA Senior Policy Advisor Bob Goodlatte knows this territory well. A former congressman from Virginia and Chairman of the House Judiciary Committee, Goodlatte helped lead passage in 2018 of the Clarifying Lawful Overseas Use of Data Act, better known as the CLOUD Act.

The CLOUD Act allows the United States and trusted foreign partners to enter into data-sharing agreements, enabling law enforcement to seek data through warrants or subpoenas regardless of where that data is stored. But Congress paired this authority with firm guardrails to protect privacy, civil liberties, and the rule of law.

One of those agreements – the U.S.–UK Data Access Agreement (DAA) – has now veered sharply off course.

“I am deeply troubled by how the United Kingdom has taken advantage of our goodwill,” Goodlatte wrote in a letter sent late last week to Attorney General Pam Bondi.

Britain’s Abuse of Surveillance Powers

At issue is the UK’s use of so-called Technical Capabilities Notices, or TCNs, issued under the UK Investigatory Powers Act. These secret orders can compel U.S. technology companies to weaken, delay, or suspend the deployment of essential security features, including end-to-end encryption.

“The threat to Americans’ privacy from these measures is real,” Goodlatte warned, whether the UK’s actions affect U.S. companies’ global products or are limited to services offered in Britain. Even in the latter case, he explained, the consequences are profound: increased risk of global surveillance, compromised digital infrastructure, and a direct assault on the protections Congress demanded when it approved the agreement.

Approval Rights and Gag Orders on U.S. Companies

Goodlatte also pointed to a particularly alarming requirement: U.S. companies must notify the British government before rolling out security upgrades – precisely the kind of foreign leverage Congress explicitly sought to prevent.

The CLOUD Act’s promise of streamlined cross-border cooperation, he wrote, “was never intended by Congress to be leveraged by a foreign partner to compel any form of ‘backdoor’ access or other types of decryption assistance.”

Even worse, UK policy reportedly imposes gag orders that prevent U.S. companies, starting with Apple, from disclosing this interference even to the U.S. government itself.

The Only Remedy: Suspend the Agreement

The CLOUD Act anticipated this scenario. Under the DAA, the United States may suspend or terminate the agreement when a partner government’s laws or practices materially undermine its privacy and civil liberties commitments.

“Accordingly,” Goodlatte wrote, “I urge the Department of Justice to invoke Article 12.3 and suspend the Agreement unless and until the UK withdraws its use of TCNs.”

During passage of the CLOUD Act, Goodlatte insisted on strong congressional oversight of the law’s implementation. Now, he is calling on the Justice Department to enforce the deal’s terms – and protect Americans from a digital revival of the general warrants our founders fought to abolish.
​
Expect sitting Members of Congress to take up that call as well.

​On Thursday, December 11 at 9 a.m. (ET), Gene Schaerr, PPSA’s General Counsel, will testify before the House Judiciary Committee – examining the growth of the surveillance state and how Congress can rein it in.

​You will hear:
 

• How the government continues to use Section 702 – a legal authority designed by Congress to surveil foreign threats on foreign soil – to conduct “backdoor searches” of Americans on American soil.

 

• How federal agencies routinely purchase Americans’ sensitive personal digital information, giving the government warrantless access to electronic records, web-browsing activities, transaction and purchase records, online searches, and other data that can be more personal and intimate than a diary.

 

• How a new authority obligates providers of office space for media outlets, law firms, and political campaigns to facilitate warrantless surveillance of their tenants. Even houses of worship are vulnerable to being asked to spy on their congregants.

 

• How the secret surveillance court continues to grant some requests to monitor Americans without meaningful review by experts in civil liberties.

 
Other witnesses will include:
 

• Brett Tolman, Former U.S. Attorney, District of Utah; Executive Director, Right on Crime

 

• James Czerniawski, Head of Emerging Technology Policy, Consumer Choice Center

 

• Liza Goitein, Senior Director, Liberty & National Security, Brennan Center for Justice

 
Again, watch it live at 9 a.m. (ET) on Thursday, Dec. 11, or catch the replay at your convenience.

​Several years ago, Michael Horowitz, Inspector General of the Department of Justice, issued a scathing report detailing the errors of omission and commission in the FBI’s secret surveillance of then-presidential candidate Donald Trump in 2016. Since then, the FBI has been caught collecting the metadata of U.S. Senators’ phones, as well as warrantlessly extracting data on political donors, Members of Congress, and a state judge – targets in both parties.

The FBI’s political surveillance was so out of control that by 2023 the chair of the House Progressive Caucus and the former chair of the House Freedom Caucus teamed up to publicly warn of the chilling effect of FBI spying on the political process.

On Wednesday, Rep. Elise Stefanik (R-NY) secured the inclusion of a provision reining in the FBI in the annual National Defense Authorization Act (NDAA). It is a measure, in her words, that would require “Congressional disclosure when the FBI opens counterintelligence investigations into presidential and federal candidates seeking office.”
​
Given the lack of trust that now exists between the parties, Stefanik’s provision should attract support from both sides of the aisle in the Senate and when the NDAA goes to a conference committee. Even the FBI should welcome it, ensuring that any investigations of candidates are above board and discreetly disclosed to congressional overseers.

​Those who live by surveillance cry by surveillance.
 
We wonder how many times politicians on both sides of the aisle will have to get slammed by the very government spying practices they’ve supported before this lesson sinks in.
 
Case in point: Rep. Eric Swalwell (D-CA). Last week, he filed a lawsuit against Bill Pulte, President Trump’s director of the Federal Housing Finance Agency, for accessing and leaking private mortgage records in retaliation for political speech.
 
Pulte has issued criminal referrals to the Department of Justice (DOJ) against Swalwell, New York Attorney General Letitia James, Sen. Adam Schiff (D-CA), and Federal Reserve Governor Lisa Cook on the basis of alleged mortgage fraud. A federal judge dismissed the charges against James, while President Trump used the allegation against Cook to fire her from the Federal Reserve Board (she remains in her job while the Supreme Court reviews the case).
 
Rep. Swalwell’s lawsuit makes an important point:
 
“Pulte’s brazen practice of obtaining confidential mortgage records from Fannie Mae and/or Freddie Mac and then using them as a basis for referring individual homeowners to DOJ for prosecution is unprecedented and unlawful.”
 
We cannot think of any prior use of private mortgage applications to harass political opponents (at least one of them, James, is arguably guilty of using lawfare herself to harass Donald Trump).
 
Pulte’s actions appear to be a flagrant violation of the Privacy Act of 1974, which governs how the government can and cannot handle Americans’ private information. The law, as Swalwell notes, “explicitly forbids federal agencies from disclosing – or even transmitting to other agencies – sensitive information about any individual for any purpose not explicitly authorized by law.”
 
Congress passed the Privacy Act to prevent the creation of a federal database that would create comprehensive dossiers on every American, something we’ve warned is now being attempted. The law specifically forbids agencies from freely sharing Americans’ confidential data gathered for one purpose (such as IRS tax collection), for another purpose (an FBI investigation). Agencies must issue written request justifying any such information sharing.
 
Pulte is anything but transparent.
 
“I’m not going to explain our sources and methods, where we get tips from, who are whistleblowers,” Pulte told the media. This mindset is in keeping with the corrupting spread of the best practices of the intelligence-surveillance state playbook. Today, it is the federal housing agency. We shouldn’t be surprised if tomorrow such “sources and methods” thinking trickles down to federal poultry inspections.
 
Meanwhile, we remain dry-eyed over Rep. Swalwell’s plight.
 
As a member of the House Judiciary Committee, Swalwell argued against – and voted against – the Protect Liberty and End Warrantless Surveillance Act. This bill would have reformed Section 702 of the Foreign Intelligence Surveillance Act by requiring a warrant before the government could access U.S. citizens’ data collected through programs enacted to surveil foreign threats on foreign soil.
 
The Protect Liberty Act would have ended the government practice of using a foreign database to conduct “backdoor searches” on Americans… not unlike, say, a regulatory agency pulling a political opponent’s private mortgage application. The principle of mutually assured payback is something to keep in mind when lawmakers again debate the provisions of Section 702 in April.

​Today, the House Judiciary Committee did something too rare in Washington – it unanimously passed a meaningful privacy reform. By voice vote, Republicans and Democrats joined together to approve the Non-Disclosure Order (NDO) Fairness Act, a bill that reins in one of the most abused secrecy powers in federal law.

Credit for this privacy victory goes to Rep. Scott Fitzgerald (R-WI) and Rep. Jerry Nadler (D-NY), as well as Chairman Jim Jordan (R-OH) and Ranking Member Jamie Raskin (D-MD). Their leadership moved this bill out of committee. It is now up to the full House to pass this measure and send it to the Senate.

The bill’s reform is sorely needed. Under current law, prosecutors can secretly dig through your phone records, emails, and other data – and then slap your telecom provider with a gag order forbidding it from ever telling you that your privacy has been violated. These nondisclosure orders can last indefinitely, leaving Americans in the dark that someone has sifted through their personal communications.

The NDO Fairness Act changes that.

It puts reasonable limits on gag orders, and forces prosecutors to justify any extension. It also requires courts to explain in writing why continued secrecy is necessary – whether to protect an investigation, safeguard a vulnerable person, or address a real national security concern. The NDO Fairness Act makes sunlight the default, not the exception.

The House has, of course, passed the NDO Fairness Act before, only to watch it stall in the Senate. But the politics are shifting.

Senators are furious after learning that Special Counsel Jack Smith secretly subpoenaed the communications of eight senators. They were justifiably upset, but their response was misguided. The Senate quietly added a provision to the recent short-term funding bill giving senators the exclusive right to sue the federal government for up to $500,000 for privacy violations.

Americans don’t need a special carveout for elected officials. They need a law that protects everyone.

The NDO Fairness Act does exactly that.
​
It closes a major privacy loophole without hindering legitimate investigations, striking a balance between public safety and the Fourth Amendment rights of all Americans. The House and Senate now have a chance to fix this problem the right way – by advancing a bill that protects the people who sent them to Washington, not just themselves.

​When it was recently revealed that Special Counsel Jack Smith used a grand jury subpoena to secretly access the phone records of eight U.S. Senators and one Member of the House, we were outraged.

We quoted Chief Justice John Roberts in Carpenter v. United States (2018) that “this Court has never held that the Government may subpoena third parties for records in which the subject has a reasonable expectation of privacy.”

We’ve also stood fast by the principle that a right is only a right if it has a remedy, which necessarily includes the ability to sue government officials who violate your constitutional rights.

Concerning the spying on Members of Congress, we wrote: “Senators, like everyone else, deserve a reasonable expectation that their phone records are private.”

Why, then, are so many House Republicans and Democrats up in arms about a last-minute provision stuck into the short-term funding bill that President Trump signed on Wednesday night? That provision, now law, allows individual senators to be awarded up to $500,000 in retroactive lawsuits against the government if their data was sought or obtained without them being notified.

Executive branch surveillance of senators is concerning because it directly impacts the independence of the legislative branch, the functioning of democracy, and thus ultimately the rights of us all. But does this have to mean that the rest of us should be treated as chopped liver?

Think about it:
​

• You cannot sue or in any way impede the dozen federal agencies – ranging from the FBI to the IRS and Department of Homeland Security – for purchasing your most sensitive personal digital data and examining it without a warrant.

 

• You cannot sue if the National Security Agency uses the “Make Everyone a Spy” law to ask your gym, office landlord, or church to hand over records of your communications carried by free Wi-Fi systems.

 

• You cannot sue if a federal prosecutor makes a similar intrusion into your phone logs but keeps it secret with a Non-Disclosure Order (NDO).

Only U.S. senators can sue for being improperly surveilled. And the money they can collect now they can stick right into their bank accounts. The Senate in the last Congress refused to join the House in passing the NDO Fairness Act, which would have restricted the government’s currently unlimited ability to issue gag orders to digital and telecom companies to prevent them from telling you that your records have been accessed.

About this last-minute Senate maneuver, Rep. Chip Roy (R-TX) said, “There’s going to be a lot of people, if they look and understand this, are going to see it as self-serving, self-dealing kind of stuff.”

As we approach next year’s reauthorization of FISA Section 702 – a surveillance authority enacted by Congress for foreign surveillance – Congress will have a golden opportunity to debate a number of reforms that can protect the rights of constituents.
​
Remember us?