​If you’ve read Rick Atkinson’s prize-winning books on the American Revolution or watched Ken Burns’ documentaries on that founding event, you know how deeply Americans have always valued privacy. The Revolution itself was sparked, in part, by outrage over the British Crown’s use of “general warrants” – sweeping authorities that allowed the King’s agents to ransack homes, warehouses, offices, and ships at dock in search of anything they deemed suspicious.

Now, nearly 250 years after the Declaration of Independence, London is at it again.

This time, the British government is executing a plan to override the security and encryption protections built into U.S. technology products – exposing the private data of Americans, and potentially users around the world, beginning with Apple devices.

The CLOUD Act — and a Deal Gone Wrong

PPSA Senior Policy Advisor Bob Goodlatte knows this territory well. A former congressman from Virginia and Chairman of the House Judiciary Committee, Goodlatte helped lead passage in 2018 of the Clarifying Lawful Overseas Use of Data Act, better known as the CLOUD Act.

The CLOUD Act allows the United States and trusted foreign partners to enter into data-sharing agreements, enabling law enforcement to seek data through warrants or subpoenas regardless of where that data is stored. But Congress paired this authority with firm guardrails to protect privacy, civil liberties, and the rule of law.

One of those agreements – the U.S.–UK Data Access Agreement (DAA) – has now veered sharply off course.

“I am deeply troubled by how the United Kingdom has taken advantage of our goodwill,” Goodlatte wrote in a letter sent late last week to Attorney General Pam Bondi.

Britain’s Abuse of Surveillance Powers

At issue is the UK’s use of so-called Technical Capabilities Notices, or TCNs, issued under the UK Investigatory Powers Act. These secret orders can compel U.S. technology companies to weaken, delay, or suspend the deployment of essential security features, including end-to-end encryption.

“The threat to Americans’ privacy from these measures is real,” Goodlatte warned, whether the UK’s actions affect U.S. companies’ global products or are limited to services offered in Britain. Even in the latter case, he explained, the consequences are profound: increased risk of global surveillance, compromised digital infrastructure, and a direct assault on the protections Congress demanded when it approved the agreement.

Approval Rights and Gag Orders on U.S. Companies

Goodlatte also pointed to a particularly alarming requirement: U.S. companies must notify the British government before rolling out security upgrades – precisely the kind of foreign leverage Congress explicitly sought to prevent.

The CLOUD Act’s promise of streamlined cross-border cooperation, he wrote, “was never intended by Congress to be leveraged by a foreign partner to compel any form of ‘backdoor’ access or other types of decryption assistance.”

Even worse, UK policy reportedly imposes gag orders that prevent U.S. companies, starting with Apple, from disclosing this interference even to the U.S. government itself.

The Only Remedy: Suspend the Agreement

The CLOUD Act anticipated this scenario. Under the DAA, the United States may suspend or terminate the agreement when a partner government’s laws or practices materially undermine its privacy and civil liberties commitments.

“Accordingly,” Goodlatte wrote, “I urge the Department of Justice to invoke Article 12.3 and suspend the Agreement unless and until the UK withdraws its use of TCNs.”

During passage of the CLOUD Act, Goodlatte insisted on strong congressional oversight of the law’s implementation. Now, he is calling on the Justice Department to enforce the deal’s terms – and protect Americans from a digital revival of the general warrants our founders fought to abolish.
​
Expect sitting Members of Congress to take up that call as well.

​On Thursday, December 11 at 9 a.m. (ET), Gene Schaerr, PPSA’s General Counsel, will testify before the House Judiciary Committee – examining the growth of the surveillance state and how Congress can rein it in.

​You will hear:
 

• How the government continues to use Section 702 – a legal authority designed by Congress to surveil foreign threats on foreign soil – to conduct “backdoor searches” of Americans on American soil.

 

• How federal agencies routinely purchase Americans’ sensitive personal digital information, giving the government warrantless access to electronic records, web-browsing activities, transaction and purchase records, online searches, and other data that can be more personal and intimate than a diary.

 

• How a new authority obligates providers of office space for media outlets, law firms, and political campaigns to facilitate warrantless surveillance of their tenants. Even houses of worship are vulnerable to being asked to spy on their congregants.

 

• How the secret surveillance court continues to grant some requests to monitor Americans without meaningful review by experts in civil liberties.

 
Other witnesses will include:
 

• Brett Tolman, Former U.S. Attorney, District of Utah; Executive Director, Right on Crime

 

• James Czerniawski, Head of Emerging Technology Policy, Consumer Choice Center

 

• Liza Goitein, Senior Director, Liberty & National Security, Brennan Center for Justice

 
Again, watch it live at 9 a.m. (ET) on Thursday, Dec. 11, or catch the replay at your convenience.

​Several years ago, Michael Horowitz, Inspector General of the Department of Justice, issued a scathing report detailing the errors of omission and commission in the FBI’s secret surveillance of then-presidential candidate Donald Trump in 2016. Since then, the FBI has been caught collecting the metadata of U.S. Senators’ phones, as well as warrantlessly extracting data on political donors, Members of Congress, and a state judge – targets in both parties.

The FBI’s political surveillance was so out of control that by 2023 the chair of the House Progressive Caucus and the former chair of the House Freedom Caucus teamed up to publicly warn of the chilling effect of FBI spying on the political process.

On Wednesday, Rep. Elise Stefanik (R-NY) secured the inclusion of a provision reining in the FBI in the annual National Defense Authorization Act (NDAA). It is a measure, in her words, that would require “Congressional disclosure when the FBI opens counterintelligence investigations into presidential and federal candidates seeking office.”
​
Given the lack of trust that now exists between the parties, Stefanik’s provision should attract support from both sides of the aisle in the Senate and when the NDAA goes to a conference committee. Even the FBI should welcome it, ensuring that any investigations of candidates are above board and discreetly disclosed to congressional overseers.

​Those who live by surveillance cry by surveillance.
 
We wonder how many times politicians on both sides of the aisle will have to get slammed by the very government spying practices they’ve supported before this lesson sinks in.
 
Case in point: Rep. Eric Swalwell (D-CA). Last week, he filed a lawsuit against Bill Pulte, President Trump’s director of the Federal Housing Finance Agency, for accessing and leaking private mortgage records in retaliation for political speech.
 
Pulte has issued criminal referrals to the Department of Justice (DOJ) against Swalwell, New York Attorney General Letitia James, Sen. Adam Schiff (D-CA), and Federal Reserve Governor Lisa Cook on the basis of alleged mortgage fraud. A federal judge dismissed the charges against James, while President Trump used the allegation against Cook to fire her from the Federal Reserve Board (she remains in her job while the Supreme Court reviews the case).
 
Rep. Swalwell’s lawsuit makes an important point:
 
“Pulte’s brazen practice of obtaining confidential mortgage records from Fannie Mae and/or Freddie Mac and then using them as a basis for referring individual homeowners to DOJ for prosecution is unprecedented and unlawful.”
 
We cannot think of any prior use of private mortgage applications to harass political opponents (at least one of them, James, is arguably guilty of using lawfare herself to harass Donald Trump).
 
Pulte’s actions appear to be a flagrant violation of the Privacy Act of 1974, which governs how the government can and cannot handle Americans’ private information. The law, as Swalwell notes, “explicitly forbids federal agencies from disclosing – or even transmitting to other agencies – sensitive information about any individual for any purpose not explicitly authorized by law.”
 
Congress passed the Privacy Act to prevent the creation of a federal database that would create comprehensive dossiers on every American, something we’ve warned is now being attempted. The law specifically forbids agencies from freely sharing Americans’ confidential data gathered for one purpose (such as IRS tax collection), for another purpose (an FBI investigation). Agencies must issue written request justifying any such information sharing.
 
Pulte is anything but transparent.
 
“I’m not going to explain our sources and methods, where we get tips from, who are whistleblowers,” Pulte told the media. This mindset is in keeping with the corrupting spread of the best practices of the intelligence-surveillance state playbook. Today, it is the federal housing agency. We shouldn’t be surprised if tomorrow such “sources and methods” thinking trickles down to federal poultry inspections.
 
Meanwhile, we remain dry-eyed over Rep. Swalwell’s plight.
 
As a member of the House Judiciary Committee, Swalwell argued against – and voted against – the Protect Liberty and End Warrantless Surveillance Act. This bill would have reformed Section 702 of the Foreign Intelligence Surveillance Act by requiring a warrant before the government could access U.S. citizens’ data collected through programs enacted to surveil foreign threats on foreign soil.
 
The Protect Liberty Act would have ended the government practice of using a foreign database to conduct “backdoor searches” on Americans… not unlike, say, a regulatory agency pulling a political opponent’s private mortgage application. The principle of mutually assured payback is something to keep in mind when lawmakers again debate the provisions of Section 702 in April.

​Today, the House Judiciary Committee did something too rare in Washington – it unanimously passed a meaningful privacy reform. By voice vote, Republicans and Democrats joined together to approve the Non-Disclosure Order (NDO) Fairness Act, a bill that reins in one of the most abused secrecy powers in federal law.

Credit for this privacy victory goes to Rep. Scott Fitzgerald (R-WI) and Rep. Jerry Nadler (D-NY), as well as Chairman Jim Jordan (R-OH) and Ranking Member Jamie Raskin (D-MD). Their leadership moved this bill out of committee. It is now up to the full House to pass this measure and send it to the Senate.

The bill’s reform is sorely needed. Under current law, prosecutors can secretly dig through your phone records, emails, and other data – and then slap your telecom provider with a gag order forbidding it from ever telling you that your privacy has been violated. These nondisclosure orders can last indefinitely, leaving Americans in the dark that someone has sifted through their personal communications.

The NDO Fairness Act changes that.

It puts reasonable limits on gag orders, and forces prosecutors to justify any extension. It also requires courts to explain in writing why continued secrecy is necessary – whether to protect an investigation, safeguard a vulnerable person, or address a real national security concern. The NDO Fairness Act makes sunlight the default, not the exception.

The House has, of course, passed the NDO Fairness Act before, only to watch it stall in the Senate. But the politics are shifting.

Senators are furious after learning that Special Counsel Jack Smith secretly subpoenaed the communications of eight senators. They were justifiably upset, but their response was misguided. The Senate quietly added a provision to the recent short-term funding bill giving senators the exclusive right to sue the federal government for up to $500,000 for privacy violations.

Americans don’t need a special carveout for elected officials. They need a law that protects everyone.

The NDO Fairness Act does exactly that.
​
It closes a major privacy loophole without hindering legitimate investigations, striking a balance between public safety and the Fourth Amendment rights of all Americans. The House and Senate now have a chance to fix this problem the right way – by advancing a bill that protects the people who sent them to Washington, not just themselves.

​When it was recently revealed that Special Counsel Jack Smith used a grand jury subpoena to secretly access the phone records of eight U.S. Senators and one Member of the House, we were outraged.

We quoted Chief Justice John Roberts in Carpenter v. United States (2018) that “this Court has never held that the Government may subpoena third parties for records in which the subject has a reasonable expectation of privacy.”

We’ve also stood fast by the principle that a right is only a right if it has a remedy, which necessarily includes the ability to sue government officials who violate your constitutional rights.

Concerning the spying on Members of Congress, we wrote: “Senators, like everyone else, deserve a reasonable expectation that their phone records are private.”

Why, then, are so many House Republicans and Democrats up in arms about a last-minute provision stuck into the short-term funding bill that President Trump signed on Wednesday night? That provision, now law, allows individual senators to be awarded up to $500,000 in retroactive lawsuits against the government if their data was sought or obtained without them being notified.

Executive branch surveillance of senators is concerning because it directly impacts the independence of the legislative branch, the functioning of democracy, and thus ultimately the rights of us all. But does this have to mean that the rest of us should be treated as chopped liver?

Think about it:
​

• You cannot sue or in any way impede the dozen federal agencies – ranging from the FBI to the IRS and Department of Homeland Security – for purchasing your most sensitive personal digital data and examining it without a warrant.

 

• You cannot sue if the National Security Agency uses the “Make Everyone a Spy” law to ask your gym, office landlord, or church to hand over records of your communications carried by free Wi-Fi systems.

 

• You cannot sue if a federal prosecutor makes a similar intrusion into your phone logs but keeps it secret with a Non-Disclosure Order (NDO).

Only U.S. senators can sue for being improperly surveilled. And the money they can collect now they can stick right into their bank accounts. The Senate in the last Congress refused to join the House in passing the NDO Fairness Act, which would have restricted the government’s currently unlimited ability to issue gag orders to digital and telecom companies to prevent them from telling you that your records have been accessed.

About this last-minute Senate maneuver, Rep. Chip Roy (R-TX) said, “There’s going to be a lot of people, if they look and understand this, are going to see it as self-serving, self-dealing kind of stuff.”

As we approach next year’s reauthorization of FISA Section 702 – a surveillance authority enacted by Congress for foreign surveillance – Congress will have a golden opportunity to debate a number of reforms that can protect the rights of constituents.
​
Remember us?

The Foreign Intelligence Surveillance Court (FISC) and Foreign Intelligence Surveillance Court of Review (FISCR) are anomalies in American law – secret courts. For decades, they issued secret rulings that created novel interpretations of law that the American people were not allowed to know. They remain to this day one-sided courts in which only the government gets to present its case for why it has a valid intelligence reason to spy on people inside the United States.

Little wonder, then, that 99 percent of the government’s requests to spy on “U.S. persons” are granted by FISC. The one provision that allows FISC judges to bring in outside civil liberties experts, or amici, for advice was not used when the court four times permitted the FBI to spy on a presidential campaign and transition. The Department of Justice also failed to inform the court that a rash of applications for surveillance were actually for Members of Congress and staffers who had oversight responsibility for – you guessed it – the Department of Justice.

To bring oversight to this court and to ensure it is not, in fact, a potted plant, Congress in April 2024 passed the Reforming Intelligence and Securing America Act (RISAA). Among RISAA’s provisions was one that allowed select Members of Congress and designated staff to attend and conduct oversight of FISC proceedings.  

Now Senate Judiciary Committee Chairman Chuck Grassley (R-IA) and Ranking Member Dick Durbin (D-IL) have fired off a letter accusing the Department of Justice (DOJ) of derailing this process and curbing oversight.

They write that in the waning days of the Biden administration, DOJ “implemented a policy that requires Members of Congress and their staff to agree to a series of arbitrary and inappropriate procedures before being allowed to attend FISC proceedings, which the Trump Administration has maintained.”

Some of DOJ’s policies and procedures include:

• Prohibiting Members of Congress from sharing information with other Members of Congress and members of their staff;

 

• Restricting Members of Congress from requesting information or documentation from participants of FISC proceedings;

 

• Allowing DOJ staff to remove congressional observers, including Members of Congress, from FISC proceedings at any time and at the sole discretion of DOJ;
• Allowing only a limited number of congressional observers to attend FISC proceedings at any one time;

 

• Prohibiting designated staff from attending the same FISC proceeding as their specified Member of Congress; and

 

• Prohibiting notetaking during proceedings, despite congressional staff’s ability to maintain classified notebooks.

These restrictive rules are idiotic. The objections write themselves.

If Members of Congress cannot talk to anyone else about what they learn – including their staff members who have clearance – what is the point of observing the court proceedings?

Why can’t a Member of Congress and his or her cleared staffer attend together?

Why is the Department of Justice allowed to remove Members of Congress? Isn’t removing people from a courtroom up to a judge?

Above all, how can oversight be conducted if the overseers must promise forever after to forget what they heard and never mention it again – to anyone?

This is all part of a familiar pattern: Congress passes a bold reform that reins in an intelligence community practice. Then the intelligence community parses words and creates new standards out of thin air that geld the new attempt at oversight.

The good news is that RISAA and its provision for congressional attendance of FISC hearings passed only because of leverage provided by the April 2024 reauthorization debate about FISA Section 702, an authority that governs surveillance of foreign spies on foreign soil. The next Section 702 reauthorization debate is set to occur next April.

Congress should make it clear that the Department of Justice must pull back these onerous provisions as one of many preconditions for Section 702 reauthorization.
​
The easiest path to reform would be if President Trump – himself a target of illicit surveillance rubber-stamped by FISC – ordered the Department of Justice to roll back these severe limits on congressional oversight.

National security wake-up calls do not get louder than the revelation that a Chinese government-linked hacking group, known as Salt Typhoon, successfully penetrated major U.S. telecommunications carriers in 2024.  AT&T and Verizon were among the companies compromised, exposing the communications of Members of Congress, senior officials, and even both major-party presidential candidates.
 
This was not an isolated breach. It followed a 2023 cyberattack in which Chinese state hackers infiltrated Microsoft’s cloud-hosted email systems, compromising accounts at multiple federal agencies, including the Departments of State and Commerce. According to the Cyber Safety Review Board, the attackers downloaded roughly 60,000 emails from the State Department alone. Pilfered correspondence included those of Cabinet-level officials.
 
These events underscore an uncomfortable truth – the Department of Defense and the intelligence community cannot defend the nation with unencrypted communications routed through a handful of vulnerable providers.
 
The good news is that we do not have to accept this status quo. As the House and Senate negotiate the National Defense Authorization Act (NDAA) for Fiscal Year 2026, conferees must retain the Lummis-Wyden amendment, which mandates secure, interoperable, end-to-end-encrypted collaboration tools for the Pentagon.
 
A Pattern of Foreign Infiltration
From defense contractors to cloud service providers, adversarial regimes have repeatedly exploited weak communication infrastructure to spy on U.S. institutions. The Salt Typhoon and Microsoft incidents illustrate how a single breach in a major service can compromise thousands of sensitive conversations. When communication systems lack end-to-end encryption, even one point of failure can expose entire networks to foreign intelligence agencies.
 
What Lummis-Wyden Would Do
This measure requires the Department of War to use only collaboration systems that meet rigorous cybersecurity standards – including true end-to-end encryption that ensures only the sender and intended recipient can read a message, even if servers in between are hacked.
 
Just as importantly, Lummis-Wyden mandates interoperability. Today, the Pentagon is confined to using a small set of proprietary, “walled garden” platforms that block seamless communication across systems. Interoperable standards would allow the Defense Department to adopt superior tools as they emerge, preventing vendor lock-in that traps communications in the domains of single companies, while enhancing long-term resilience of the Pentagon’s digital networks.
 
By promoting interoperability and strong encryption, Lummis-Wyden would open the door to competition, inviting companies to develop more secure, agile, and affordable solutions. America’s defense and intelligence agencies should never be dependent on single-point-of-failure vendors whose systems are ripe targets for global espionage.
 
A Strategic Imperative
From the theft of federal employee records to the infiltration of telecom carriers, the pattern is unmistakable: insecure communications infrastructure is a strategic liability.
 
Passing Lummis-Wyden would do more than patch vulnerabilities: it would redefine what secure collaboration means in the 21st century. It would signal that America prizes both privacy and resilience, and rewards technologies that deliver genuine end-to-end security rather than superficial compliance checkboxes.

​Outrage, the currency of our times, is being minted at a furious rate over Special Counsel Jack Smith’s use of grand jury subpoenas to spy on the telephone metadata records of eight senators and one congressman around the time of the Jan. 6th 2021 assault on the U.S. Capitol.

One statement of majestic and appropriate outrage – the gold standard, if you will – came from Sen. Rand Paul (who was not among those surveilled). He wrote in Breitbart:

“Our Founding Fathers objected to general warrants that allowed soldiers to go from house to house searching homes of American colonists, [and] I think they would be equally horrified by a government that goes from phone to phone collecting data on all Americans.”

Then there is Sen. Lindsey Graham, one of the targets of Smith’s surveillance, who shouted (rhetorically, starting at 2:35) at Attorney General Pam Bondi, “Can you tell me why my phone records, when I’m the Chairman of the Judiciary Committee, were sought by the Jack Smith agents, why did they ask to know who I called and what I was doing from January 4th to the 7th, can you tell me that?”

It's a good question.

David Corn, writing in the progressive Mother Jones, had his own angle of outrage – that President Trump “incited a violent assault on the Capitol, and for hours – as cops were being beaten and Democratic and Republican legislators were being threatened – did nothing in the hope this domestic terrorism would benefit him and allow him to stay in power …

“Should that not have been thoroughly investigated?”

Another good question.

Here’s our take. Yes, after the trashing of the U.S. Capitol, savage beatings of Capitol police, and the erection of a gallows to “hang Mike Pence,” it would have been astonishing for the government not to investigate. But when the executive branch spies on the metadata of Members of Congress – data that can yield a wealth of private information – you would expect a special prosecutor, appointed by one president to investigate his predecessor and likely future opponent, to dot all “i’s” and cross all “t’s.”

Instead of adhering to a strict constitutional standard, Jack Smith predicated his surveillance of U.S. senators and a representative on a subpoena issued by a grand jury. Such a panel, as New York Chief Judge Sol Wachtler famously said, would gladly indict a ham sandwich if that was what the prosecution wanted.

In his Breitbart piece, Sen. Paul quotes Chief Justice John Roberts when the Supreme Court held in Carpenter v. United States (2018) that geolocation from cellphone metadata was a privacy interest protected by the Fourth Amendment. Justice Roberts, for the majority, wrote, “this Court has never held that the Government may subpoena third parties for records in which the subject has a reasonable expectation of privacy.”

Senators, like everyone else, deserve a reasonable expectation that their phone records are private. Of course, senators – also, like everyone else – are not exempt from lawful investigations. But when one branch investigates another – when one political party investigates its opponents – is it too much to ask that the government respect the Fourth Amendment? If Jack Smith had a good reason to surveil nine Members of Congress, he should have made his case for probable cause before a neutral magistrate and obtained a warrant – as the Constitution requires.
​
That Smith instead chose to slather two pieces of bread with mustard and add a slice of ham indicates (mixed metaphor alert) that he was on nothing more than a fishing expedition. When politics intersect with criminal law, prosecutors must adhere to the most rigorous standards. That is in keeping with the character of an exceptional nation. We must not lose it.

​Section 702 of the Foreign Intelligence Surveillance Act is an authority enacted by Congress to allow U.S. intelligence agencies to surveil foreign spies and terrorists. But it has been used in the past by the federal government to extract the communications of millions of Americans.

• Among those who had their privacy violated by Section 702 data were 19,000 donors to a congressional campaign. This authority was also used to spy on a state senator, a state judge, a congressman, and a U.S. senator. If judges and Members of Congress can have their rights violated, imagine how much respect the FBI and other government agencies have for your privacy.

Concerned by this abuse of Section 702 authority, Congress put this surveillance power on a short leash – with the next reauthorization in April 2026.
 
Now Sen. Tom Cotton (R-AR) is reportedly promoting the idea of delaying the next reauthorization of this key surveillance authority for another 18 months. No matter how well-intentioned, this is a bad idea that would derail any meaningful debate on surveillance reform in this and the next Congress.  
 
Such a delay would also remove any leverage Congress has to perform meaningful oversight of an intelligence community that resists accountability at almost every turn.
 
The April 2024 Debate Produced Significant Reforms
 
The last reauthorization demonstrates that the leverage of a hard deadline at a relatively calm time in the legislative calendar yields results.

• In the face of furious lobbying by the intelligence community, surveillance reformers on the Hill managed to leverage the April 2024 hard deadline to require the FBI to provide quarterly reports on the number of Americans targeted under Section 702.

 

• Champions of reform proposed a warrant requirement for the extraction of an American’s communications – an amendment that came within one vote of passing the House. Congress also took the Section 702 debate as an opportunity to end “abouts” data collection, a loose practice that prompted the FISA Court to publicly excoriate the National Security Agency for an “institutional lack of candor” about a “very serious Fourth Amendment issue.”

Finally, Congress shortened the window for the next reauthorization of Section 702 – and its attendant surveillance debate – from five years to just two. This ensured that any new issues that emerged would be tracked by congressional overseers.
 
The Issues Ahead
 
With the next Section 702 reauthorization vote set for April 2026, Congress is beginning once again to treat it as an opportunity to discuss broader surveillance policy.
Emerging questions include:
​

• Why, and under what exact authority, did the FBI surveil the communications of eight senators and one House Member in 2021?

 

• A recent Department of Justice report portrays FBI agents as suffering from anxiety and “audit fatigue” in meeting the requirements of Section 702 reforms. If this is the case, couldn’t their anxiety be relieved by sharing responsibility with judges in the form of warrants?

 

• The FBI, IRS, and other federal agency purchase the digital breadcrumbs we leave online when we communicate or conduct an online search. When, if ever, will Congress get another opportunity to require a warrant for the acquisition of Americans’ personal data?

 

• If the Section 702 debate is scrapped next April, when else will Congress get a chance to review the operations of the “make everyone a spy” provision, a last-minute addition in the 2024 debate that obliges almost all businesses to help the government spy on their customers?

If your answer to the above questions is that these issues can simply be taken up after the 18-month extension, think again.
 
The Crowded Calendar of October 2027
 
The beauty of an April reauthorization is that it falls at a fairly calm time in the legislative calendar. An 18-month delay would bump the Section 702 reauthorization vote and the next surveillance debate into the next Congress, to October 2027, amid the press of business around the end of the budgetary cycle. Such debates would have to compete with a likely continuing resolution and a host of contentious spending measures.
 
There would be no time to debate anything about surveillance. It would just be another “clean” reauthorization – which would suit the advocates of the status quo just fine.
Members should remain firm: Congress agreed to an April 2026 reauthorization debate for Section 702.
 
Let’s keep it that way.

“Just because you’re paranoid doesn’t mean they aren’t after you,” says Yossarian, Joseph Heller’s terrified bomber pilot in Catch-22. The same could now be said by eight U.S. Senators and one U.S. House Member – all Republicans – who were secretly spied upon by the FBI during the Biden administration.
​
For five years now, the Project for Privacy and Surveillance Accountability has filed Freedom of Information Act (FOIA) requests demanding records from the FBI and other intelligence agencies about the possible surveillance of Members of Congress. We used every legal avenue – from FOIA requests to lawsuits – to compel the FBI, the Department of Justice, the Office of the Director of National Intelligence (ODNI), the National Security Agency, and the Department of State to disclose documents about the possible surveillance of Members of Congress with oversight responsibility over this intelligence community.

In short, we wanted to know if the FBI and other agencies were “overseeing” their ostensible overseers in Congress.

The government’s only response was the flippant use of the “Glomar response,” a court-created doctrine in which an agency can issue a “neither confirm nor deny” answer. In one instance, a response from ODNI came back within four business days, unprecedented speed for the bureaucracy. The Glomar response was originally created to protect a super-secret CIA project to retrieve a sunken Soviet nuclear submarine. Now it is being used to hide domestic spying.

At the time, Gene Schaerr, PPSA general counsel, responded: “The government doesn’t want to even entertain our question. What do they have to hide?”

Now we know at least part of what the government has to hide.

The FBI in 2023 analyzed the phone records of Sen. Lindsey Graham (R-SC), Sen. Bill Hagerty (R-TN), Sen. Josh Hawley (R-MO), Sen. Dan Sullivan (R-AK), Sen. Tommy Tuberville (R-AL), Sen. Ron Johnson (R-WI), Sen. Cynthia Lummis (R-WY), Sen. Marsha Blackburn (R-TN), and Rep. Mike Kelly (R-PA).

Among them we count three sitting members of the Senate Judiciary Committee, charged with oversight of the FBI, as being targeted by Bureau surveillance.

What was the FBI up to? The FBI document states it “conducted preliminary toll analysis on limited toll records,” meaning it secured and analyzed calls made by these Members in relation to their votes on whether to certify the 2020 presidential election results. The FBI’s analyses were based on metadata – who called whom and when. As research from Stanford University has shown, such seemingly innocuous records can yield “surprisingly sensitive personal information” about the likely contents of those calls.

That is one reason why Sen. Chuck Grassley, Chairman of the Senate Judiciary Committee, called this a “weaponization by federal law enforcement under Biden” that was “arguably worse than Watergate.”

We predict this is just the tip of the iceberg. The ease with which the FBI surveilled prominent Members of Congress hints at the underlying reasons for which PPSA’s queries have been batted away so consistently by the intelligence community. We believe that time will reveal that there is more – much more – evidence of the intelligence community accessing the private communications of Congress.

Next year Congress will hold a debate over the reauthorization of Section 702 of the Foreign Intelligence Surveillance Act. It should be clear to all Members that the FBI can’t be trusted. We need reforms across the board, from ending the abuse of Section 702 as a source of warrantless domestic surveillance, to ending government data purchases.

America’s enemies aren’t storming our shores with tanks and planes – they’re breaking into our email, phone, and data systems. And right now, we’re making their job too easy.
 
The U.S. Senate can toughen up America’s defenses by passing the Lummis-Wyden amendment (S. Amdt. 3186) to the 2026 National Defense Authorization Act. This bipartisan fix would finally force the Pentagon to use secure, encrypted communications – and end its costly dependence on a handful of Big Tech vendors.
 
The Scale of Attacks
 
In 2023, Chinese hackers broke into Microsoft-hosted government email accounts, stealing 60,000 messages from the State Department alone. A year later, another Beijing-backed group hacked into AT&T and Verizon, tapping phones of Americans that included presidential candidate Donald Trump and then-Sen. J.D. Vance.
 
But Vance’s conversations were kept safe. How? He relied on Signal, the end-to-end encrypted app that even the hackers couldn’t crack.
 
The obvious takeaway is that without end-to-end encryption, our most sensitive communications are one hack away from the front page of Beijing’s intelligence briefings.
 
The Lummis-Wyden Fixes
 

• Mandates encryption. The Pentagon must be required to use secure, end-to-end encrypted systems whenever possible.

 

• Ends vendor lock-in. No more being trapped inside Microsoft Teams or Google Docs. Interoperability will be the law, so new and better tools can compete.

 

• Saves money and boosts innovation. Opening the market to smaller, nimbler companies means lower costs and stronger security.

 
Why It Matters

Our military today is stuck in walled gardens built by giant tech firms that all too often proved eminently hackable. That’s bad for taxpayers and disastrous for national security. Hackers don’t need to break into every office at the Pentagon – they just need to knock down the door of one weak provider. The Lummis-Wyden amendment puts a lock on those doors.
 
Congress Must Choose Security
 
Congress can keep letting foreign spies read Cabinet-level emails and tap presidential phone calls, or it can finally demand that the Pentagon use the best tools available. This amendment is a wake-up call that we can’t defend the country with outdated software. Encryption and competition would at least give our country a fighting chance to keep China and other bad actors out of our business.
 
PPSA calls on the Senate to pass the Lummis-Wyden Amendment to stop giving hackers the upper hand. This measure will better protect our service members, the American homeland, and the private deliberations of our leaders.

Last week the House Judiciary Subcommittee on Crime and Federal Government Surveillance held a hearing on AI and crime and something remarkable happened: Everyone agreed:

1. The administration’s desired moratorium on state AI regulation is a bad idea, and
   ​
   
2. Existing criminal statutes everywhere need to be retrofitted to include AI-based offenses.

As for the first area of agreement, there was a collective sense that the country dodged a bullet last week when the Senate removed the moratorium from the budget bill and the House declined to reinstate it. Regarding the second issue, the consensus was clear: Buckle up. We have work to do.

Perhaps getting to work should start with persuading Members of Congress to show up at AI hearings. Other than the Chair and Ranking Member, only three of ten regular members were present. Those who did attend, however, heard from witnesses who, in combined testimony that ran 77 pages, struck similar chords:

1. Criminals can use AI impersonation to do things we’ve scarcely imagined.
   
   
2. AI is removing the technical barriers to crime. In the hands of industrious criminals, said witness Zara Perumal of Overwatch Data, “AI agents can learn by doing,” meaning the criminals themselves no longer have to be technical experts. “AI is removing human bottlenecks. It’s not just enhancing traditional fraud – it’s creating entirely new categories of criminal threat,” agreed Ari Redbord of TRM Labs. Just imagine, as one of the witnesses portended, “child abuse at scale.”
   
   
3. Law and policy are late to the party. For example, “Artificial Intelligence” isn’t even a category on the drop-down menu of the National Conference of State Legislatures. Overall, a handful of states have passed a few random measures, while hundreds of initiatives either failed or remain pending. As for the federal government, forget it. The administration’s recent moratorium attempt proved that the attitude du jour is recklessly laissez-faire. Which is exactly why subcommittee chair Andy Biggs (R-AZ) needed to call this hearing and promisingly referred to it as the first of many.
   
   
4. When it comes to fighting AI-powered crime, the best offense is a good defense. Given that the proverbial cats and genies are already out of their respective bags and bottles, it’s time to “shift the technical advantage to the defenders,” said Perumal.

Oregon and California, for example, intend to repurpose existing laws to include AI abuses. Some from-scratch legislation is also emerging, like Texas’ Responsible AI Governance Act and Tennessee’s ELVIS Act.

While most of the discussion centered on how criminals can misuse AI, we should not forget how it may be misused by our own government, which has a voracious appetite for our purchased data. AI is the critical ingredient to turn all that raw personal data into a working surveillance state.

The ACLU’s Cody Venzke reminded everyone not to overlook the Swiss Army Knife of our democracy – the Bill of Rights, especially the First and Fourth Amendments. Such protections, Venzke said, do not lose their power “simply because a new tool such as artificial intelligence was used.” They are both our sword and shield against criminals and government surveillance abuse, especially in the age of AI.

The House today passed the Anti-CBDC (Central Bank Digital Currency) bill, forbidding the Federal Reserve Board from ever establishing a government-issued digital currency.

“The House action was prescient, but not at all premature,” said Bob Goodlatte, PPSA Senior Policy Advisor and former chairman of the House Judiciary Committee. “With an official digital dollar, the government would have been able to surveil every transaction, no matter how small or how personal.

“Such a central bank digital currency would enable mass surveillance of American consumers, and the debanking of any targeted group,” Goodlatte said. “We are grateful to President Trump for issuing an executive order in the early days of his administration to forbid the establishment of such a digital currency which would, the president said, ‘threaten the stability of the financial system, individual privacy, and the sovereignty of the United States.’

“That was a bold and necessary move by the president, but an executive order would not keep a future administration from someday taking us down that road. Such assurance can only come from a law. Today’s victory is a testament to the perseverance of House Majority Whip Rep. Tom Emmer (R-MN) who sponsored and tirelessly advocated for passage of the anti-CBDC bill by the House.
​
“We shouldn’t be tracked by our dollars or our spending. PPSA and our followers urge the Senate to keep the momentum going and get this bill to the president’s desk.”

The CLOUD Act of 2018 is a framework for working with U.S. tech companies to share digital data with other governments. This law and basis for international agreements was a reasonable concession to allow these companies to do business around the world. But the agreement has gone off the rails because of the United Kingdom’s astonishing attempt to force Apple to break end-to-end encryption so they can access the data of all Apple users stored in the cloud.

Rather than violate the privacy of its users, Apple has stood by its customers and withdrawn encrypted iCloud storage from the UK altogether.

The House Judiciary’s Subcommittee on Crime and Federal Government Surveillance was already skeptical about that agreement, but appalled when the British government used it to secretly order Apple to provide that unfettered, backdoor access to all the cloud content uploaded by every Apple user on the planet. It was an unprecedented request, and an unexpected one from a fellow democracy.

• In the two years the agreement has been in effect, the UK issued more than 20,000 requests to U.S. service providers. The bulk of those requests included wiretapping surveillance.

 

• In comparison, the United States issued a mere 63 requests to British providers, mostly for stored data.

 

• Compare the UK’s 20,000 requests to the 4,507 wiretap orders of U.S. federal and state law enforcement agencies in criminal cases in two years. The United States has five times the population of the U.K., but only issues about one-fourth the number of such orders.

In April, members of the House Judiciary Committee asked Attorney General Pam Bondi to terminate the U.K. agreement. As extreme as that sounds, PPSA supports that proposal as the best way to persuade Britain to back off an unreasonable position. In the worst-case scenario, no agreement would be better than comprehensive violation of Americans’ privacy.
Undeterred, the subcommittee convened a recent hearing entitled “Foreign Influence On Americans’ Data Through The CLOUD Act.” Greg Nojeim from the Center for Democracy & Technology was an invited witness. If one had to name a single theme to his powerful testimony, it would come down to one word: “dangerous.”

Subcommittee Chairman Andy Biggs used the same word, declaring the secretive British demand of Apple “sets a dangerous precedent and if not stopped now could lead to future orders by other countries.” Ranking Judiciary Committee Member Jamie Raskin struck a similar chord: “Forcing companies to circumvent their own encrypted services in the name of security is the beginning of a dangerous, slippery slope.”

In short, the hearing demonstrated that the CLOUD Act has been abused by a foreign government that does not respect privacy and civil liberties or anything remotely like the Fourth Amendment to our Constitution. It needs serious new guardrails, beginning with new rules to address its failure to protect encryption. Expert witness Susan Landau of Tufts University warned the subcommittee that the U.K. appeared to be undermining encryption as a concept. A U.S.-led coalition of international intelligence agencies, she observed, recently called for maximizing the use of encryption to the point of making it a foundational feature of cybersecurity. Yet Britain conspicuously demurred.

• Rep. Biggs said: “Efforts to weaken, or even breaking, encryption makes us all less secure. The U.S.-U.K. relationship must be built on trust. If the U.K. is trying to undermine this foundation of cybersecurity, it is breaching that trust.” Once pried opened, he cautioned, “It's impossible to limit a back door [around encryption] to just the good guys.”

 

• Rep. Raskin warned that issues with the CLOUD Act itself are emblematic of larger privacy issues. “None of these issues exists in a vacuum. All government surveillance curtails all citizens’ liberties.” To which witness Richard Salgado added, “If there's still a real debate about whether security should yield to government surveillance, it doesn't belong behind closed doors in a foreign country … the debate belongs in public before the United States Congress.”

That debate will likely become intense between now and next spring when Congress takes up the reauthorization of Section 702 of FISA, the Foreign Intelligence Surveillance Act. Judiciary Chairman Jim Jordan indicated as much when he used his opening remarks to tout the “good work” the Committee has ahead of it in preparing to evaluate and reform Section 702.

Later in the hearing, Chairman Jordan returned to the looming importance of the Section 702 debate, asking each of the witnesses in turn a version of the question, “Should the United States government have to get a warrant before they search the 702 database on an American?”

All agreed without hesitation.

“Wow!” declared Rep. Jordan in response. “This is amazing! We all think we should follow the Constitution and require a warrant if you're going to go search Americans’ data.”
​
Rep. Raskin nodded along. And that’s as bipartisan as it gets.

​Last year brought surveillance reform achingly close to passage. The Fourth Amendment Is Not for Sale Act – which would have forced the government to obtain a warrant before purchasing Americans’ personal data from data brokers – passed the U.S. House but died in the U.S. Senate. A warrant requirement for the review of Americans’ personal data fell short in the House in a tie vote.

Now, we know that these were uphill votes not just because of the intense opposition of federal intelligence agencies, but because the Biden White House had overseen an intense lobbying effort to give the illusion of grassroots opposition from state law enforcement.

To create this illusion, the administration reached out to local and federal law enforcement alike with pre-approved talking points from a Washington lobbying firm, letters to sign, and a list of lawmakers to target.

The efforts involved the misuse of High Intensity Drug Trafficking Areas (HIDTAs). These are hybrid federal-state entities intended to provide coordination and ensure the efficient use of federal funds in fighting organized drug crime. The federal side of this partnership is directly overseen by the White House Office of National Drug Control Policy.

A response to a PPSA Freedom of Information Act (FOIA) request reveals that during the prior 118th Congress, these organizations were repurposed for lobbying Congress. Emails from the Chicago HIDTA piggybacked off efforts from a Capitol Hill lobbying firm and orchestrated all the elements of what would appear to a Member of Congress to be a spontaneous grassroots movement by state law enforcement groups and associations in opposition to popular surveillance reform amendments.

This network of federal agencies working behind the scenes to coordinate this messaging, under the purview of the White House, distorted the debate and abused Congressional trust in sincere-sounding letters to Congressional leaders like Rep. Jim Jordan, Chairman of the House Judiciary Committee, and Rep. Jerry Nadler, Ranking Member. Given that HIDTAs are distribution points for significant amounts of much-needed federal funding, it’s questionable how voluntary the sign-on from state law enforcement groups really was.
​
Perhaps Chairman Jordan and Ranking Member Nadler might want to look into how much federal money might have been spent limiting their oversight. At the very least, the current administration should cut off federal funds for lobbying before the surveillance reform debate begins again next year.

​Perhaps you had other things to do during last week’s House Judiciary hearing, “A Continued Pattern of Government Surveillance of U.S. Citizens.” So here’s a summary: The Judiciary’s Subcommittee on Crime and Federal Government Surveillance brought together witnesses from across the political spectrum (including PPSA’s own Gene Schaerr) to identify potential solutions to the ongoing (and growing) problem of Fourth Amendment abuse by government entities.
 
At the heart of the discussion was the need to import probable cause warrants – the key requirement of the Constitution’s Fourth Amendment – to the practice of federal agencies freely accessing our international communications, as well as our personal, digital data.
 
Witnesses effectively rebutted the fearmongering campaign by the intelligence community to convince us that a warrant requirement for federal surveillance of American citizens is too onerous, and too dangerous to entertain. But the most effective remarks came from a Member of the committee.
 
Rep. Brad Knott (R-NC), a former U.S. Attorney for the Eastern District of North Carolina, addressed the issue of warrant requirements with the assurance of a former federal prosecutor. He spoke of what it took for him to get permission to “flip the switch” on some of the most “intrusive” forms of wiretapping American citizens.
 
“So you have to demonstrate necessity,” Rep. Knott said. “You have to demonstrate why other techniques are futile … the rigor we had to exercise was very important … it kept the internal investigators accountable.”
 
Rep. Knott said the warrant process made sure investigations were “open and honest.” Investigators knew “that their actions were going to be subject to pen and paper. They were going to be subject to judicial review … and opposing counsel.”
 
Given the clarity and accountability added by warrants, Rep. Knott added:
 
“It’s amazing to me that there’s so much resistance to the warrant requirement alone.”
 
Throughout the 90-minute hearing, Members and witnesses stressed one thing:
 
The countdown clock is ticking on what may be our last, best chance at meaningful reform – including the adoption of a warrant requirement for U.S. citizens when Section 702 of the Foreign Intelligence Surveillance Act (FISA) comes up for renewal next year (it’s due to sunset in April 2026).
 
Section 702 is the legal authority that allows federal intelligence agencies to spy on foreign targets on foreign soil. But it also “incidentally” picks up the international communications of Americans, which can then be warrantlessly inspected by the FBI and other agencies.
 
Section 702 got a lot of airtime at the hearing and was frequently linked with the words “loophole” and “backdoor.” The Reforming Intelligence and Securing America Act (RISAA) of 2024 attempted to fix Section 702 – and did add some useful reforms – but it also left a loophole in which the FBI and others attempt to justify warrantless backdoor searches on Americans’ private communications.
 
For the FBI in particular, this has become the go-to means to warrantlessly develop domestic leads.
 
“Three million times they did [backdoor searches] in 2021,” lamented Judiciary Chairman Jim Jordan (R-OH). Or, as James Czerniawski of Americans for Progress, put it: “Time and time again we have caught the intelligence community with their hand in the constitutional cookie jar.”
 
Members and witnesses alike also addressed a privacy crisis even greater than Section 702 – the routine purchases made by federal agencies of Americans’ private digital information from data brokers.
 
ACLU’s Kia Hamadanchy reminded the subcommittee that the kind of data that can be bought and sold would be, in the words of a former CIA deputy director, “top secret” sensitive if gathered by traditional intelligence means. It would have to be kept “in a safe,” not in a database.
 
The hearing also got at what many consider the underlying issue driving the new era of surveillance. Namely, the acknowledgment that we increasingly live not in one world, but two – our physical reality and its digital twin. But unlike our world, the laws governing how the Fourth Amendment should be applied in the digital context are largely unwritten. In other words, said Rep. Andy Biggs (R-AZ), it’s the “Wild West.”
 
And Ranking Member Rep. Jamie Raskin (D-MD) added, “New technologies make it a lot harder to reign in government intrusion in the lives of the people.” The unwitting result? “We live in a modern, albeit consensual, surveillance state,” declared Phil Kiko, principal at Williams & Jensen and former Judiciary counsel.
 
With any luck, things might be different a year from now when FISA is up for renewal, thanks to a U.S. District Court ruling in January.
 
“To countenance this practice,” of warrantless surveillance, wrote the court, “would convert Section 702 into … a tool for law enforcement to run ‘backdoor searches’ that circumvent the Fourth Amendment.”
 
That legal precedent didn’t exist when the last Congress debated FISA reforms. Emboldened by this landmark decision, Reps. Jordan and Raskin are pledging to once again work together in a bipartisan spirit to win this fight. Their continuing partnership captures the spirit of the subcommittee’s hearing and should give reformers a renewed sense of hope.

​House Members asked leading civil liberties experts to testify this morning on the “continued pattern of government surveillance of American citizens.” Gene Schaerr, PPSA general counsel, testified before the Subcommittee on Crime and Government Surveillance, setting out the dimensions of the federal government’s spying on Americans. He also spoke optimistically that Congress can rein in these practices. Here’s an excerpt from his written statement:
 
“We have seen under administrations of both parties the expansion of myriad forms of privacy-destroying technologies and practices – elements of an emerging American surveillance state being knitted together before our eyes.
 
“Like the proverbial frog unaware that it is slowly being boiled alive, Americans are being progressively trapped in a system of national surveillance. This is not happening because federal agencies are run by tyrants. The men and women in the intelligence community are passionate about their mission to protect the American people and our homeland. But in their zeal to execute their important mission, they are rapidly creating the elements of a pervasive American surveillance state. And astonishingly fast changes in technology are helping build this surveillance state before our laws can catch up to keep it within the constraints of our Constitution.
 
“At airports, at malls, on the streets, we are identified and tracked by our faces. Cellsite simulators in geofenced areas ping our phones to follow our movements. Our automobiles keep a record of every place we drive. Our digital devices at international terminals are subject to having all their contents downloaded and inspected without a warrant. Moreover, thanks to purchases of Americans’ digital information from data brokers, federal agencies ranging from the FBI to the IRS, Department of Homeland Security, and the Department of Defense, routinely access, without a warrant, digital information far more personal than what can be gathered by hand or found in a diary.  To top it off, we also face the routine collection of Americans’ communications ‘incidentally’ caught up in the global data trawl of programs authorized by Section 702, and in the past few years alone the FBI has conducted hundreds of thousands of warrantless searches of the Section 702 database specifically looking for Americans’ communications. 
 
“The end result is that the government is now able to collect and search through vast amounts of Americans’ communications and other personal data with ineffective statutory limits and limited congressional oversight. The personal data thus obtained reveals much about our health, mental health, and personal relations. Worse, all this data generated from myriad sources can then be woven together by the instant power of artificial intelligence to comprehensively track where we go, who we meet with, what we say or share in private, and what we believe. As a result, federal agencies are capable of generating comprehensive political, religious, romantic, health, and personal dossiers on every American from information gathered without a warrant. 
 
“This is as about as far from the Founders’ vision of the Fourth Amendment as one can imagine. Revulsion at government surveillance runs deep in our DNA as a nation; indeed, it was one of the main factors that led to our revolt against British rule and, later, to our Bill of Rights. Agents of the Crown could break into a warehouse or a home to inspect bills of lading or a secret political document, but they couldn’t access anything close to the wealth of private information contained in our digital lives today.
 
“Month by month, it is harder to square this emerging surveillance state with the ‘consent of the governed’ concept articulated in the Declaration of Independence and embodied in Article I of the Constitution. The Founders believed that American citizens should not be subject to surveillance by their own government without their consent – in the form of a statute duly enacted by their representatives in Congress. They should not be subject to surveillance at the whim of any executive official, none of whom has authority to consent to surveillance on their behalf …
 
“In the face of a surveillance state growing at breakneck speed, this Committee has shown leadership and a sense of urgency that matches the moment. We don’t have to supinely accept the erosion of all privacy. We don’t have to trust that government agents and future administrations will always use these awesome powers solely for national security. These technologies simply offer too much power to trust that future guardians will not be tempted to misuse them, as they have done in the past.
 
“In short, you have shown that you can protect both the constitutional rights of your constituents and also keep them safe from foreign and domestic threats. I urge you to uphold the Constitution by once again advancing – and persuading your fellow Members to adopt – a warrant requirement for both government-purchased data and data collected under Section 702.”
 
You can read Gene Schaerr’s full testimony here, and watch the full hearing here.

​Washington seemed to have reached a tipping point last week in the surveillance reform debate. Reformers are taking heart from the receptivity of the Trump Administration and its nominees to surveillance reform, while defenders of the surveillance status quo are doubling down on the untenable position of opposing all reform.
 
Those defenders likely agree with The Wall Street Journal, whose editorial board found the removal of Rep. Mike Turner, Chairman of the House Intelligence Committee, a “bad message about the need for public honesty about threats to U.S. security.” In confirmation hearings of Trump nominees several senators created a false dichotomy when describing the fate of Section 702 – the Foreign Intelligence Surveillance Act authority that allows federal agencies to spy on foreign threats on foreign soil, but abused to spy on many Americans in domestic cases. The choice these champions of the intelligence community offered was between two extremes. One would be to let Section 702’s authority lapse when it comes up for renewal in 2026. The other would be to leave it in place, unchanged. In other words, they are saying our only choice is to either expose the American homeland to terrorists or loyally affirm the surveillance status quo.
 
But something else happened last week as well. Nuance and more openness to debate seemed to be breaking through the noise, and not a minute too soon.
 
While the new House Intelligence Chairman Rick Crawford (R-AR) is not known as a surveillance reformer, civil liberties groups are hopeful he will allow a balanced debate to take place. We look forward to Chairman Crawford listening to our objections about the government’s abuses of Section 702 and the separate expansion of “electronic communications service providers” with a legal duty to engage in domestic spying. Chairman Crawford surely knows that many on the Hill are still smarting from the way some colleagues strong-armed them into blocking a promised fix to a law mandating that virtually every business, organization and house of worship with free Wi-Fi be obligated to spy on their customers for the NSA.
 
Chairman Crawford will also be told that reformers are pushing back on Section 702, not because we want to protect foreigners – who have no Fourth Amendment rights – but because we want to protect American citizens from warrantless FBI surveillance in ordinary domestic investigations. Consider that as recently as 2022, the FBI had accessed the communications of Americans garnered via Section 702 more than 200,000 times. President Trump, having been victimized himself through another FISA authority during the Carter Page affair, seems to be nominating Cabinet officers who agree that the FBI has been out-of-control.
 
Sen. Mike Lee (R-UT) made this clear when he was interviewed by Laura Ingraham on Fox News to discuss the confirmation testimony of Pam Bondi, President Trump’s AG nominee. Sen. Lee said of Bondi:
 
“She understands the Fourth Amendment. She understands that the U.S. government can’t go after your personal effects, your papers, your private communications, without a warrant … backdoor warrantless searches under FISA 702 have become a problem.
 
“We’re told over and over again by FBI Directors and attorneys general, ‘Don’t worry about it. These aren’t the [violations] you’re looking for. We have procedures to handle this.’ And they’re lying. Pam Bondi went on record today, saying ‘We shouldn’t do that.’ And I am thrilled that she did.”
 
The dust is still settling from an earthquake election, the replacement of a House Intelligence Committee chairman, and a likely attorney general affirming that the backdoor search loophole of Section 702 must be addressed. Perhaps now we can have a mature discussion about surveillance reform.
 
If we do, Congress can add guardrails to Section 702 to end the FBI’s warrantless surveillance of Americans while keeping a strong national security tool that protects the American homeland. Perhaps the stars are lining up for a deal.

A solemn promise was made on the floor of the U.S. Senate – and by the Congress to the American people – that has been broken. As a result, most businesses and organizations in the United States that offer free Wi-Fi service now have a legal obligation to spy on their tenants and customers for the National Security Agency and keep that spying secret from them forever.
 
In April the U.S. Senate reauthorized FISA Section 702, an authority that allows federal agencies to spy on foreign targets on foreign soil. Facing an eleventh-hour vote, the Senate took Senate Intelligence Committee Chairman Mark Warner (D-VA) at his word that a flaw in the bill would soon be corrected. Accepting that promise, the Senate reauthorized Section 702.
 
That flaw concerns a provision added to the reauthorization that allows the NSA to force businesses that offer internet communications – from the landlords of office complexes that house journalists and political campaigns, to fitness centers, to houses of worship – to make the communications of their customers secretly available. Janitors and cleaning services with access to equipment and thumb-drives in their pockets can now be legally enlisted to spy for the NSA. All this can be done without bothering with niceties like the U.S. Constitution’s Fourth Amendment and its warrant requirement.
 
Sen. Warner acknowledged that this language defining an “electronic communications service provider” was overbroad and promised a fix to narrow it. Though the target category is classified, that fix is widely believed to be narrowing the provision to providers of cloud communications.
 
To be fair to Sen. Warner, it was a few House Republicans who rejected adding the fix to the Intelligence Authorization Act. And it was some Republicans who fought to reject any narrowing of this vast expansion of the American surveillance state, dubbed by many to be the “Make Everyone a Spy” provision. We still remain dismayed and disappointed that the Chairman of the Senate Intelligence Committee could make such a promise and not see to it that it is kept.
 
But Congress can still redeem itself. Surely Members will not want to disappoint constituents as word spreads about the extent and magnitude of this new, limitless domestic surveillance program. Surely they will also want to live up to a solemn promise made to colleagues. This fix can be enacted next year.
 
In the meantime, PPSA will be working with our surveillance reform allies, left and right, to narrow the “Make Everyone a Spy” provision.
 
If Congress chooses not to keep its word, however, the American people will surely grow alarmed and upset over this expansive surveillance. Keep in mind that the House came within one tie-breaking vote of adding a warrant requirement in the reauthorization of Section 702 this year. The Make Everyone a Spy law will now be Exhibit A in making our case for warrants and against the surveillance state.
​

​The first reactions to a report issued last week by Department of Justice Inspector General Michael Horowitz centered on the man-bites-dog irony of the Justice Department having spied on the nominee to head the FBI, Kash Patel. The underlying story is far bigger and as significant as any other of recent surveillance scandals – Horowitz revealed that the government’s lawyers failed to inform a judge in the secret FISA Court that their applications for surveillance were to spy on Members of Congress and senior congressional aides on committees that oversee the Department of Justice.
 
It’s as if you asked a friend if you could borrow her car to go to the store but forget to tell her that the store is in Mexico. Justice Department prosecutors showed just about that level of mendacity in 2017 when they sought communications of Members of Congress, including then-House Intelligence Committee Chairman, Rep. Adam Schiff (D-CA), and Rep. Erik Swalwell (D-CA), 20 Democratic staffers, as well as Patel and 19 other Republican staffers.
 
The intent of the request was to reveal if there was cause-and-effect between their emails and journalists at The Washington Post, The New York Times, and CNN, who wrote stories in those outlets based on a classified leak of “Top Secret/Sensitive Compartmentalized” documents. As it turned out, no crimes or leaks were discovered. Horowitz reveals that DOJ obtained 40 Non-Disclosure Orders forcing communications providers to secretly provide the records of Members of Congress and staffers, with some of the search orders extended up to four years – even though the request involved leaks around the same time frame in 2017.
 
Horowitz concludes:
 

• “The Department’s decision to compel the production of non-content communications records of Members of Congress and congressional staffers implicated the constitutional rights and authorities of a co-equal branch of government ...

 

• The Justice Department’s actions “risks chilling Congress’s ability to conduct oversight of the executive branch because it exposes congressional officials to having their records reviewed by the Department solely for conducting Congress’s constitutionally authorized oversight duties and creating, at a minimum, the appearance of inappropriate interference by the executive branch in legitimate oversight activity by the legislative branch.”

 
The Justice Department’s policy did not, at that time, have an internal policy governing the compelled acquisition of congressional communication records from third-parties. Perhaps feeling the heat from outraged Members of Congress, Justice established the requirement in future applications to inform the Justice Department’s Public Integrity Section and a U.S. attorney before surveilling Members of Congress and their staffers in this way. Horowitz found that process insufficient, calling on a new policy that requires the informing of the Attorney General or the Deputy Attorney General.
 
Concerning the surveillance of journalists, Horowitz found that the Justice Department did not comply with all of its internal provisions. For example, a committee dedicated to applications for media surveillance was not convened, as required by Justice Department policy. That policy also required informing the Director of National Intelligence, which the Justice Department did not do in at least one instance.
 
PPSA believes the intelligence agencies are surveilling Congress in many other ways. That is why we have sued not just the Department of Justice, but also the NSA, the FBI, the CIA, and the State Department to learn if these agencies are surveilling current and former Members of Congress with oversight responsibilities over those very agencies.
 
If the intelligence community is surveilling Members of Congress on the Intelligence and Judiciary Committees, then it is a case of the overseen overseeing the overseers. This danger is made much worse by House policies, where relatively few House staffers have security clearances that would allow them to help their bosses keep the intelligence agencies in check.
 
We hope at a minimum that the House will widen staffer clearances, as the Senate has done, to assist in greater oversight of these agencies. We especially hope that incoming President Trump will have his people dig into the practice of surveilling Members of Congress and bring it to light.

Breitbart recently broke a story that a few recalcitrant House Members are holding up a promised fix to what many referred to as the “Make Everyone a Spy” law.
 
The fix regards an amendment to the reauthorization of FISA Section 702, passed in April, in which pro-surveillance advocates added a requirement that U.S. business owners who offer customers the use of their Wi-Fi and routing equipment be covered as “electronic communication service providers” under the law. This means that any business – your neighborhood fitness center, an office complex that houses journalists, political campaigns, or even a church or other house of worship, as well as a host of other establishments – would face the same requirement as large telecoms to turn over the communications of their customers, no warrant required.
 
This was not meant to happen. As the Senate voted in April to reauthorize FISA Section 702, bipartisan furor erupted over this provision, including leading conservatives in both chambers. Sen. Mark Warner (D-VA), Chairman of the Senate Intelligence Committee, promised his colleagues that the amendment that included this expansive authority would be narrowed to include only one category of business. That category is classified but is widely believed to be data centers that provide cloud computing and storage.
 
With this promise in hand, the Senate voted down an amendment to remove the flawed provision, and immediately passed the reauthorization of Section 702 – all in the belief that the expansive new spy power would soon be curbed.
 
Sen. Warner was true to his word, inserting language into the Senate intelligence bill that narrows the scope of the new measure. Now, in a baffling turn of events, it is the House that is refusing to include the fix in its version of the intelligence bill.
 
Why are some House Members insisting on keeping an authority that allows spying on churchgoers, shoppers, and office workers? Bob Goodlatte, the former chairman of the House Judiciary Committee and PPSA senior policy advisor, told Breitbart News: 
 
“This measure passed because of assurances that this insanely broad authority would be narrowed. The promise of a fix was made and accepted in good faith, but that promise is being trashed by advocates for greater surveillance of our citizens. Unless Congress reverses course, Americans’ data that runs through the Wi-Fi and servers of millions of small businesses, ranging from fitness centers to department stores, small office complexes, as well as churches and other houses of worship, will be fair game for warrantless review. This would truly transform our country into a thorough surveillance state. I can’t imagine the next Congress and new Administration would welcome that.”
 
Surely, giving the deep state free rein to spy on Americans is not in keeping with the philosophy of the incoming Trump administration, the new Republican majority in Congress, or most Democrats.
 
Contact your House Member and say:
 
“Please don’t let this legislative year end without narrowing the Electronic Communication Service Provider standard. Congress must keep its promise to fix the Make Everyone a Spy Law.”

​The election may have shaken Washington, D.C., like a snow globe in the grip of a paint mixer, but the current Congress still has important business for the lame duck session. For anyone who cares about privacy in this age of surveillance, issue one has to be whether or not Congress will retain the promised fix to what so many call the “make everyone a spy” provision in the National Defense Authorization Act (NDAA).
 
This story goes back to April, when the House Permanent Select Committee on Intelligence slipped into the reauthorization of FISA Section 702 (which authorizes foreign intelligence) a measure to allow the government to secretly enlist almost every kind of U.S. business to spy on their customers. In response to the outcry, carveouts were made that exempted coffee shops, hotels, and a few other business categories. But most businesses – ranging from gyms to dentists’ offices, to commercial landlords with tenants that could include political campaigns or journalists – are required to turn over their customers’ communications that run on ordinary Wi-Fi systems.
 
It is widely believed that this legislation was aimed at cloud computing facilities, which were not previously covered by the relevant law. When the Senate took up reauthorization of Section 702, Intelligence Committee Chairman Mark Warner (D-VA) admitted to his colleagues that the new measure was overbroad, and that he would craft new legislation to fix it. Sen. Warner kept his word and crafted legislation to narrow the provision. Although the nature of this fix is classified, it is widely believed to limit this new surveillance power to cloud computing facilities.
 
The House Intelligence Committee, however, did not adopt that fix. We hear that behind-the-scenes negotiations are taking place, but we cannot report exactly who might be blocking it or why. Suffice it to say that it is far from clear that Congress will ultimately adopt Sen. Warner’s fix.
 
PPSA calls on Speaker Mike Johnson and Senate Minority Leader Mitch McConnell to make it clear that the NDAA will include a provision to narrow the scope of this extreme provision. We must not give the FBI and other government agencies warrantless access to practically all communications that run through any kind of equipment operated by almost any kind of business.
 
Allowing the current law to remain unfixed and unreformed would be a terrible punch in the gut to the American people and the new Congress. The 119th Congress has many surveillance debates scheduled, including one over the reauthorization of Section 702 itself in 2026 – which passed the House with the breaking of a tie vote. It would be a mistake to saddle the new Republican majority and the incoming Trump administration with a broken promise.

​Sen. Rick Scott – former two-term governor of Florida, now re-elected to the Senate by more than 10 points over his most recent challenger – has consistently voted for surveillance reform. Sen. Scott has been a vocal champion of reforming FISA Section 702 – enacted by Congress to authorize surveillance of foreign threats on foreign soil, but often used to collect the communications of Americans. Sen. Scott called FBI Director Christopher Wray on the carpet to tell him that he’s squandering the credibility of a great agency by playing games with Americans’ privacy.
 
Rick Scott has also been a strong supporter of a probable cause warrant requirement before the FBI and other intelligence agencies can review Americans’ personal data and communications. Such principled stands on surveillance reform explain why we gave the Florida senator an “A” rating in our PPSA Scorecard.
 
From Tallahassee to Capitol Hill, Sen. Scott has made winning tough races look easy. We encourage more Members of Congress in both parties to recognize what Sen. Scott demonstrates, that surveillance reform is good politics.