Defenders of the surveillance status quo argue that the FBI and other agencies must be allowed to perform warrantless “defensive surveillance” of Americans’ communications to defend us against foreign cyberattacks. Civil libertarians respond that there is no “defensive exception” in the Fourth Amendment of the U.S. Constitution, which requires probable cause warrants before our communications can be monitored.
 
Left out of this debate, until now, is the practical effect of removing warrantless defensive surveillance. Do actual cyber experts agree that it would be a disaster?
 
Now, thanks to Tim Starks of The Washington Post, we know the answer to that question. The Post conducted a survey of “a group of high-level digital security experts from across government, the private sector and security research community.”
 
That survey asked these experts what Congress should do about Section 702 of the Foreign Intelligence Surveillance Act, the authority that enables the surveillance of foreigners on foreign soil, but which federal agencies have used to eavesdrop on Americans’ communications without a warrant. They asked:
 
Should Congress not reauthorize Section 702 this year, allowing this authority to expire? Or reauthorize it without changes? Or make changes to the law as the price of reauthorization?
 
Only 16 percent of respondents said that privacy violations under Section 702 justify scrapping the authority entirely. These respondents include the highly respected Sascha Meinrath of The X-Lab think tank.
 
“Antiquated frameworks like Section 702 have led to rampant unconstitutional surveillance of millions of innocent Americans,” The Post quoted Meinrath. “Section 702 does not function as intended and needs to be sunset in favor of a completely new surveillance-oversight framework that ensures meaningful transparency to Congress and individual accountability for violating the law.”
 
An opposite view comes from the leaders of federal law enforcement and intelligence agencies that Section 702 should be reauthorized without any changes. Only 20 percent of the cyber experts agreed with this position.
 
The rest – 64 percent – responded that Section 702 should be reauthorized with some changes. Some worried that the current form of Section 702 could gum up U.S. negotiations with the EU to secure a data privacy agreement. But many respondents advocate adding a warrant requirement when querying Americans’ communications.
 
Imagine that: requiring a federal statute to adhere to the Fourth Amendment of the U.S. Constitution. More than six out of ten cyber experts agree!

Some champions of the reauthorization of Section 702 without changes have tried to spin proposed reforms of this authority to be a hobbyhorse of conservatives angered about the FBI’s baseless investigation of Trump campaign aide Carter Page.
 
But liberals and progressives are also becoming equally passionate about “reform or die.”
 
Late last week we reported that the FBI used Section 702 to conduct warrantless and illicit searches of Americans 278,000 times – and that some of the victims of these warrantless searches were protestors angered by the killing of George Floyd.
 
We quoted House Judiciary Chairman Jim Jordan (R-OH) and Ranking Member Jerry Nadler (D-NY) about their outrage over this revelation from an unsealed court document. Rep. Nadler noted that the FBI has repeatedly broken its promises, declaring: “Without significant changes to the law to prevent this abuse, I will oppose the reauthorization of this authority.”
 
Now the Chairman of the Senate Judiciary Committee, Sen. Dick Durbin (D-Ill), has weighed in. He tweeted:
 
Section 702 of FISA exists to protect America from foreign threats.
 
Instead, it has been abused again and again to spy on Americans.
 
This authority should not be renewed without significant reforms to safeguard Americans’ privacy and constitutional rights.
 
How direct – how simple – how inarguable.
 
When the chairmen of both the House and Senate Judiciary Committees, and the Ranking Member of the House Committee, insist on reform or nothing, surveillance hawks on the Hill would be wise to prepare for major concessions. The first of them should be to include a warrant requirement whenever an American’s 702 information is surveilled.

The FBI just completed one of the worst weeks in its history.
 
On Monday, Special Counsel John Durham came out with a detailed and scathing report that showed unmistakable bias by the FBI in using discredited allegations, paid for by a political campaign, to hoodwink the secret Foreign Intelligence Surveillance Court into allowing the agency to investigate presidential candidate Donald Trump. While the Durham report has been generally dismissed by major media and most on the left (with some notable exceptions), Republicans are hopping mad.
 
Now an unsealed court document shows that the FBI illicitly used Section 702 of FISA more than 278,000 times to delve into data meant to authorize the surveillance of foreigners on foreign soil – and Americans who “incidentally” get caught up in communications with those targeted foreigners.
 
Who were the FBI’s targets? They included activists arrested protesting the police killing of George Floyd. The FBI freely dipped into Section 702 to search the communications and digital trails of 133 people – presumably all Americans – for George Floyd-related demonstrations. Redactions make it unclear what, if any, nexus to foreign influence the FBI was looking for.
 
But wait, as they say in the ShamWow commercial, there’s more!
 
This same authority was used to run queries on 23,132 Americans to see if their presence at the Jan. 6, 2021, U.S. Capitol riot had any connection to foreign influence. The release from FISA Court Judge Rudolph Contreras stated that there was no reason to believe foreign powers were involved.
 
Still more!
 
The FBI conducted 656 queries of FISA information to do background checks on informants. Between 2016 and 2020, the FBI also used this foreign intelligence authority to conduct background searches on “police homicide reports, including victims, next-of-kin, witnesses, and suspects.”
 
Remember, this is an authority designed by Congress to catch foreign terrorists and spies.
 
Finally, the FBI conducted a batch query of 19,000 donors to a congressional campaign believed to be a target of foreign influence. Only eight identifiers had sufficient ties to “foreign influence activities” to meet FISA standards.
 
While expressing relief at recent procedural changes at the FBI, Judge Contreras wrote: “Nonetheless, compliance problems with querying of Section 702 information have proven to be persistent and widespread. If they are not substantially mitigated by these recent measures, it may become necessary to consider other responses, such as substantially limiting the number of FBI personnel with access to unminimized Section 702 information.”
 
Or Congress could just reform Section 702 to require warrants whenever the communications of Americans are searched. Alienated conservatives, progressives and civil libertarians, and their champions on the Hill now have more than enough reason to make it happen.
 
Jim Jordan (R-OH), Chairman of the House Judiciary Committee, tweeted in response to this Friday afternoon revelation: “Chris Wray told us we can sleep well at night because of the FBI’s so-called FISA reforms. But it just keeps getting worse.”
 
Ranking Member Rep. Jerry Nadler (D-NY) put out a statement: “The FBI says that they have instituted new procedures to make this kind of abuse impossible. They have made that promise before. Without significant changes to the law to prevent this abuse, I will oppose the reauthorization of this authority.”
 
It looks like the stars are aligning for Section 702 reform this year.

​Section 702 of the Foreign Intelligence Surveillance Act – the authority that allows the FBI and other agencies to review Americans’ communications “incidentally” collected in foreign surveillance – is set to expire Dec. 31. And the intelligence community and its champions on Capitol Hill are pulling out all the stops to ensure that reauthorization happens with little or no change.
 
Their message is that personal and national security will be at risk if we entertain any surveillance reforms. Otherwise, curtailing the federal government’s power to review our personal information opens the door to cybercriminals, human traffickers, and fentanyl dealers, while making us all stooges of the People’s Republic of China.
 
These smashmouth tactics show just how panicked the surveillance lobby is becoming. They can see that for the first time in almost a half-century an unprecedented coalition of conservatives and liberals have come together for surveillance reform. From Rep. Darin LaHood (R-IL), who leads the 702 working group in the House, to Rep. Jerry Nadler (D-NY), Ranking Member of the House Judiciary Committee, Members of Congress are concerned about the widespread potential for the FBI and other agencies to abuse Section 702 data. This authority was crafted by Congress to authorize foreign surveillance but is used by the FBI as a warrantless “backdoor search” of Americans.
 
“Under an authority as powerful as Section 702, even if the intelligence agencies are not targeting us directly, the government is sweeping up records of our banking, our meetings, our education, and our simplest human interactions,” Rep. Nadler said.
 
Rep. LaHood, who favors reauthorization and recently revealed that he himself was surveilled by the FBI, is adamant that a “clean” – or unamended – version of 702 is not acceptable.
 
Thus the emergence of this left-right coalition for Section 702 reform has the intelligence community in full lobbying mode. Officials who rarely appear in public are suddenly coming out of the shadows to make public statements and appearances.
 
For example, Tonya Ugoretz, assistant director of the FBI’s directorate of intelligence, spoke at a recent Aspen Institute conference. She addressed a proposal advanced by Travis LeBlanc, who sits on the watchdog Privacy and Civil Liberties Oversight Board, for a warrant requirement for Americans under Section 702. “In most instances, it would likely be impossible to meet the probable cause standard,” she said.
 
Poor Fourth Amendment, which has no cyber carveout for probable cause warrants. Yes, the Fourth Amendment is part of the U.S. Constitution. But it is just too unwieldy and inconvenient to be incorporated in some form or fashion into Section 702. Sorry.
 
Another strategy of the intelligence community and its Hill champions seems to be to go on the offensive with messaging bills. These bills are aimed at underscoring how much we need government regulation of encryption, social media, and surveillance to protect us from the vilest crimes and worst threats to our civilization.
 
For example, the Cooper Davis Act would require social media, private messaging services and cloud providers to report users’ discussions about illegal drug sales to the Drug Enforcement Administration, which would then be free to share it with other agencies. This bill is being sold as a counter to America’s out-of-control fentanyl and opioid epidemic.
 
The Electronic Frontier Foundation notes that Cooper Davis would “result in a host of inaccurate reports and in companies sweeping up innocent conversations, including conversations about past drug use or treatment.” We would add that DEA would likely be inundated with a lot of old Cheech & Chong routines. It is unlikely, however, that actual fentanyl dealers will get caught posting: “Hey, buy discount fentanyl here.”
 
Another example is the Restrict Act, which would grant the U.S. Secretary of Commerce sweeping powers to protect Americans from being exploited by China and other hostile nations. It is a study in overkill. It empowers the Secretary to “identify, deter, disrupt, prevent, prohibit, investigate, or otherwise mitigate” speech regarding “federal elections” and “national security.” If enacted into law, the Restrict Act would transform the Commerce Secretary into yet another surveillance authority and a national speech czar.
 
Yet another overkill bill is the EARN IT Act, which would impose criminal or civil liability on encryption services, holding that the mere use of encryption is evidence that a service is reckless or negligent in identifying child sexual abuse material. Forget that encryption is used by billions of people around the planet to protect their privacy. EARN IT would steamroll over the rights of millions of Americans who use encryption to protect themselves from cyberthieves, trolls, stalkers, and other threats, while arguably backfiring in actually protecting children by undermining prosecutions.
 
None of these bills is likely to pass. All of them underscore the argument of the intelligence community that any reform is too risky for children, national security, and health, as well as keeping us safe from China.
 
There are signs this rhetorical overkill is not working. Even Sen. Mark Warner (D-VA), who chairs the Senate Select Committee on Intelligence, is saying, “I’m open to reforms” of Section 702.
 
PPSA believes it is well within our country’s ability to do a better job of protecting children, defeating drug traffickers, and deterring China without resorting to warrantless surveillance of Americans. With sensible reforms, we can protect both our safety and our civil liberties.

​Friday’s government report on surveillance from the Office of the Director of National Intelligence (ODNI) shows that the number of times the FBI searched for Americans’ data in the Section 702 database fell by 95 percent from 2021 to 2022.
 
This proves, the FBI claims, that its “culture of compliance” and reformation of its internal processes are working. Agents must now affirmatively opt-in to Section 702, whereas before, the FBI says, they could bumble into using Section 702 data without fully realizing it.
 
In terms of raw numbers, the FBI searched the Section 702 database almost 120,000 times last year, down from around 3 million such searches in 2021. And almost all of those 120,000 queries were to seek out connections between Americans’ communications and foreign spies and security threats. Slightly different definitions yield 200,000 as the number of such queries, but still a significant drop from 3 million.
 
Civil liberties advocates and their champions on the Hill are not impressed.
 
As Congress faces the reauthorization of Section 702 of the Foreign Intelligence Surveillance Act, Members from both parties continue to insist that statutory reforms be made in Section 702 to compel FBI compliance with the Fourth Amendment requirement for a probable cause warrant.
 
The FBI has been caught in the past using these surveillance tools for purely domestic crimes, ranging from bribery to health care fraud, that clearly should have required a warrant. FBI agents have delved into Section 702-derived information to do background checks on journalists, community leaders, religious communities, and activists, and at least one Member of Congress, Rep. Darin LaHood (R-Ill).
 
Perhaps this explains why Rep. LaHood, with House Permanent Select Committee on Intelligence Chairman Rep. Mike Turner (R-OH), issued a cool response to the ODNI report:
 
“While there was a sharp decline in U.S. person queries from December 2021 to November 2022, it is incumbent upon Congress, not the Executive Branch, to codify reforms to FISA Section 702.”
 
Translation: FBI, we still don’t trust you – Congress is going to have to enact rules to make you adhere to the Fourth Amendment’s requirement for a probable cause warrant.
 
It’s easy to see why. If the FBI’s programmatic change to opt-in is what made the difference, then either the great majority of queries before changes were made to the FBI system were unlawful – likely many millions of unlawful searches – or the FBI is willing to forgo a huge number of lawful queries for the sake of compliance. If you buy the FBI’s arguments, they are doing this despite the bureau’s often dire warnings that any pullback would result in massive risks to national security and public safety.
 
So which is it?
 
“Is 200,000 warrantless queries better than 3.4 million warrantless queries?” Elizabeth Goitein of the Brennan Center for Justice’s liberty and national security program told The Washington Post. “When you ask the question, you get a sense of how warped the universe we’re in is – that somehow 200,000 warrantless searches a year are an acceptable number.”
 
We add that it’s as if the residents of cities the size of Montgomery, Alabama, or Tacoma, Washington, were illegally surveilled. Does that sound like something to celebrate?
 
The FBI responds that many of its searches are conducted to protect victims from cybercrimes. But there is, Goitein says, no “victim exception” to the Fourth Amendment. “They are basically admitting that they’re searching Americans’ communications and most private, personal information without probable cause.”
 
All of which begs the question – if you think there’s a crime, why not obtain a criminal search warrant?
 
Worse, Congress and the public are left to look at this latest report through a glass, darkly. The FBI is not transparent in its methodology. It does not give a full accounting of the rules by which it catalogs and lists its searches. If the Drug Enforcement Administration runs a query and shares what it learns about an American citizen with the FBI, is that counted under these rules? How does the FBI count batch queries (multiple queries under a common justification) over one-offs?
 
Only Congress can dispel the murkiness by demanding answers. And as it does, expect to see even more reasons for statutory reforms as the precondition for the reauthorization of Section 702.

​Happy World Press Freedom Day! If you are a journalist heading out to do an interview, please be careful in your movements, your digital security, and the protection of your sources. In some countries, you might want to check under your car before starting the ignition.
 
But be advised that even these safety measures may not be enough to protect you.
 
Like many declarations of the United Nations, the 30th anniversary of World Press Freedom Day is observed in the breach in many UN member countries. The UN Secretary General Antonio Guterres said that the number of journalists killed in 2022 was 50 percent higher than the previous year. UNESCO reports that in all, 86 journalists were killed last year.
 
That’s a reporter killed every four days.
 
In Mexico, where many journalists have been murdered, the government and the cartels are the most prolific users of Pegasus, surveillance software that can transform any smartphone into a comprehensive 24/7 surveillance device. This spyware reveals one’s texts, emails, images, and calendar, while turning a smartphone’s microphone and camera against its owner. The New York Times reports that Mexico’s federal spy agency has “targeted more cellphones with the spyware than any other government agency in the world.”
 
And, of course, criminal actors have full use of this technology in much of the world. Cartels used Pegasus to track down journalist Cecilio Pineda Birto hours after he accused the state police force and local politicians of conspiring with violent criminals. He was gunned down while waiting for his car to come out of a carwash. Twenty-six Mexican journalists were targets of interest by a buyer of this technology in recent years.
 
This is in keeping with Secretary Guterres’ statement that “90 percent of the journalists killed” are “covering local issues, human rights violation, corruption, illegal mining, environment problems.” He added that many of the killers “are not only state actors, they are organized crime, drug lords, environmental criminals.”
 
In some parts of the world, the line between state actors and thuggery is nonexistent. Witness the ordeal of Evan Gershkovich of The Wall Street Journal, arrested on specious charges of being an American spy by the judicial puppets of the Vladimir Putin regime. Or Jimmy Lai, the Hong Kong publisher who bravely defied the Chinese Communist Party and has disappeared behind bars.
 
In other parts of the world, journalists are intimidated by online attacks and loose libel laws that keep journalists legally and psychologically intimidated.
 
Throughout, the marriage of increasingly potent surveillance technology and illiberal regimes is making the practice of journalism more difficult. This is true even in the United States. A Texas journalist was arrested for – get this – “misuse of official information.” A Wall Street Journal reporter in Arizona was arrested for doing man-on-the-street interviews.
 
The press can often come at the truth with a slant or a sensational angle. The press can just get a story wrong. But the free and open practice of journalism is in the long run the only way for a free society to self-correct and sift out the truth. As the founders insisted, freedom of the press safeguards society against official corruption, malfeasance, and the lawless exercise of power.
 
Now the free practice of journalism globally, and even at home, can be compromised by powerful spyware. It is also threatened by our government’s possession of our communications and online activity through Section 702 of the Foreign Intelligence Surveillance Act, as well as the bulk purchase of Americans’ digital information from data brokers.
 
While 49 U.S. states have press shield laws, there is no federal law that protects the notes and sources of a journalist from being seized by a federal prosecutor. All the more reason to celebrate World Press Freedom in America by asking Congress to get behind the PRESS Act, which would extend these basic protections to the federal government.

​A House subcommittee hearing today demonstrated widespread, bipartisan recognition of the need to reform Section 702 of the Foreign Intelligence Surveillance Act (FISA).
 
Both the Chairman and Ranking Member of the full House Judiciary Committee – Rep. Jim Jordan (R-OH) and Rep. Jerry Nadler (D-NY) – called for their committee colleagues to lead bipartisan reforms to prevent further, significant abuses of this authority. Jordan, looking over his shoulder to Rep. Nadler, highlighted “the fact that we can get bipartisan on protecting civil liberties.”
 
Subcommittee chairman Andy Biggs (R-AZ) had earlier opened the hearing by saying Section 702 reform requires a “rare bipartisan effort.” Rep. Jerry Nadler (D-NY) agreed bipartisan action is needed. He complained about the government “keeping us in the dark” on the numbers of warrantlessly collected data of Americans. The result of this secrecy, he said, is the backdoor surveillance of Americans that “is neither hypothetical nor rare.”
 
Sharon Bradford Franklin, chair of the independent watchdog of the independent agency that protects civil liberties in government counterterrorism programs, spelled out three specific reforms. Even the title of the hearing, “Fixing FISA: How a Law Designed to Protect Americans Has Been Weaponized Against Them,” was telling. It set the tenor of skeptical and substantive questions from representatives from both parties.
 
By the end, it was clear that the push for Section 702 reform is strong and accelerating.
 
Franklin, Chair of the Private and Civil Liberties Oversight Board (PCLOB), noted that Section 702 – because it aims to collect the data of foreigners presumed to be located abroad – does not need to observe the Fourth Amendment requirement for a probable cause warrant. Nevertheless, Americans’ communications get “incidentally” caught up in this surveillance.
 
“The term incidental makes it sound like a small amount, but we don’t actually know the scope of this collection,” Franklin said. “The government argues it is not feasible to calculate a meaningful number.”
 
“They won’t tell us,” Chairman Jordan said sharply. “No idea how many Americans are pulled into incidental collection – the FBI won’t tell us.” He later fired a warning shot, “How about we put the FBI out of this business altogether?”
 
There was widespread recognition among committee members that the FBI is withholding any suggestion of the magnitude of incidental collection. This was a perfect set-up for Franklin to make the first of her three recommendations.

• “I believe an estimate that involves some margin of error can still be meaningful and helpful to Congress as you assess what safeguards are needed under Section 702.”

 
Franklin then turned to how Section 702 – an authority designed by Congress to permit the surveillance of foreigners – has become a method by which the government can warrantlessly surveil Americans.
 
“No judge ever reviews analysts’ targeting procedures,” she said, because they target foreigners who do not enjoy U.S. constitutional protections. Thus, she said, there is no judicial review on the front-end of the process. Nor, because the authority is ostensibly about foreigners, is there a warrant “requirement at the backend to establish probable cause or obtain permission from a federal judge,” even when Americans become the target of 702 surveillance.
 
This is what, Franklin said, privacy advocates mean by Section 702 enabling “backdoor searches.” She noted the FBI has recently released a set of reforms and improvements to its FISA process. These include changing default settings in the FBI’s query system so agents must affirmatively opt in to have their queries run through 702 data and establishing special approvals for sensitive queries such as those involving elected officials, members of the media, academia, and religious leaders.
 
“These reforms are welcome,” Franklin said, “but I do not believe these changes are sufficient to address the privacy threats posed by these warrantless searches seeking information about specific Americans.”

• “I urge you to incorporate a requirement for FISA Court review of U.S. person query terms, to ensure protection of Americans’ Fourth Amendment rights.”

 
Third and finally, Franklin addressed the issue of “abouts” information – collecting references from third parties about an American. In 2018, Congress suspended the collection of “abouts” data, but the current law allows the government to restart the practice at will. This is dangerous, she said, because it allows the government to “acquire communications extensively between people about whom the government had no prior suspicion, or even knowledge of their existence, based entirely on what is contained within the contents of their communications.”

• Franklin told Congress it should eliminate any ability for the government to return to “abouts” data collection because it contains such “unique privacy risks.”

 
Franklin’s testimony was a good summation of the issues at stake in Section 702, as well as her recommendations.
 
Rep. Laurel Lee (R-FL) noted the call to require amici – legal experts in civil liberties – to advise the secret FISA court whenever it considers surveillance requests from the government that involve Americans’ fundamental freedoms in politics, religion, and journalism.
 
Department of Justice Inspector General Michael Horowitz seemed to agree. He responded that in the secret hearings, “agents never face a challenge or a cross examination” unlike an ordinary criminal trial. Facing cross-examination by a privacy advocate, Inspector Horowitz said, “focuses the mind.”
 
The lasting impact of the hearing will likely be Franklin’s three recommendations – to get the government to produce an estimate of incidental collection of Americans communications, to involve FISA court review of the query terms for Americans, and to remove the ability of the government to return to the collection of “abouts” information.

Watch the full hearing: 

The spokespersons of the intelligence community promise in hearings, when asked about multiplying reports of lawless surveillance of the American people, that they intend to adhere to a “culture of compliance.”
 
But compliance with what?
 
A glimpse into official thinking can be seen in internal documents recently released by the FBI that give guidance to agents searching the vast oceans of data swept up under the authority of the Foreign Intelligence Surveillance Act (FISA). It includes procedures for reviewing Americans’ communications collected without a warrant under Section 702, the authority devised for surveilling foreigners abroad. It details the ways in which agents can, under rules established by the secret FISA Court, search these records for evidence of a crime not relating to national security, even though the primary purpose Congress crafted FISA and Section 702 was to catch foreign terrorists and spies.
 
This workaround rests on the fact that with the global integration of communications, it is impossible to sweep up large amounts of communications without “incidentally” sweeping up the communications of Americans. The culture of compliance at the FBI is about compliance with its own internal rules. These documents demonstrate the extent to which queries about U.S. persons Section 702 data – performed more than 200,000 times last year alone – have become the FBI’s honeypot for domestic surveillance.
 
That is why 702 information has been used in investigating purely domestic crimes and investigations, from bribery to health care fraud – hardly matters of national security.
 
These documents show the extent to which the FBI has elaborate rules in place to sanitize the ways agents access this information to obtain Americans’ communications in a domestic criminal investigation. But you will search this document in vain for mention of the words “privacy,” “warrants,” and “Fourth Amendment.”
 
How’s that for an idea – a culture of compliance with the U.S. Constitution?