National security wake-up calls do not get louder than the revelation that a Chinese government-linked hacking group, known as Salt Typhoon, successfully penetrated major U.S. telecommunications carriers in 2024.  AT&T and Verizon were among the companies compromised, exposing the communications of Members of Congress, senior officials, and even both major-party presidential candidates.
 
This was not an isolated breach. It followed a 2023 cyberattack in which Chinese state hackers infiltrated Microsoft’s cloud-hosted email systems, compromising accounts at multiple federal agencies, including the Departments of State and Commerce. According to the Cyber Safety Review Board, the attackers downloaded roughly 60,000 emails from the State Department alone. Pilfered correspondence included those of Cabinet-level officials.
 
These events underscore an uncomfortable truth – the Department of Defense and the intelligence community cannot defend the nation with unencrypted communications routed through a handful of vulnerable providers.
 
The good news is that we do not have to accept this status quo. As the House and Senate negotiate the National Defense Authorization Act (NDAA) for Fiscal Year 2026, conferees must retain the Lummis-Wyden amendment, which mandates secure, interoperable, end-to-end-encrypted collaboration tools for the Pentagon.
 
A Pattern of Foreign Infiltration
From defense contractors to cloud service providers, adversarial regimes have repeatedly exploited weak communication infrastructure to spy on U.S. institutions. The Salt Typhoon and Microsoft incidents illustrate how a single breach in a major service can compromise thousands of sensitive conversations. When communication systems lack end-to-end encryption, even one point of failure can expose entire networks to foreign intelligence agencies.
 
What Lummis-Wyden Would Do
This measure requires the Department of War to use only collaboration systems that meet rigorous cybersecurity standards – including true end-to-end encryption that ensures only the sender and intended recipient can read a message, even if servers in between are hacked.
 
Just as importantly, Lummis-Wyden mandates interoperability. Today, the Pentagon is confined to using a small set of proprietary, “walled garden” platforms that block seamless communication across systems. Interoperable standards would allow the Defense Department to adopt superior tools as they emerge, preventing vendor lock-in that traps communications in the domains of single companies, while enhancing long-term resilience of the Pentagon’s digital networks.
 
By promoting interoperability and strong encryption, Lummis-Wyden would open the door to competition, inviting companies to develop more secure, agile, and affordable solutions. America’s defense and intelligence agencies should never be dependent on single-point-of-failure vendors whose systems are ripe targets for global espionage.
 
A Strategic Imperative
From the theft of federal employee records to the infiltration of telecom carriers, the pattern is unmistakable: insecure communications infrastructure is a strategic liability.
 
Passing Lummis-Wyden would do more than patch vulnerabilities: it would redefine what secure collaboration means in the 21st century. It would signal that America prizes both privacy and resilience, and rewards technologies that deliver genuine end-to-end security rather than superficial compliance checkboxes.

​Section 702 of the Foreign Intelligence Surveillance Act is an authority enacted by Congress to allow U.S. intelligence agencies to surveil foreign spies and terrorists. But it has been used in the past by the federal government to extract the communications of millions of Americans.

• Among those who had their privacy violated by Section 702 data were 19,000 donors to a congressional campaign. This authority was also used to spy on a state senator, a state judge, a congressman, and a U.S. senator. If judges and Members of Congress can have their rights violated, imagine how much respect the FBI and other government agencies have for your privacy.

Concerned by this abuse of Section 702 authority, Congress put this surveillance power on a short leash – with the next reauthorization in April 2026.
 
Now Sen. Tom Cotton (R-AR) is reportedly promoting the idea of delaying the next reauthorization of this key surveillance authority for another 18 months. No matter how well-intentioned, this is a bad idea that would derail any meaningful debate on surveillance reform in this and the next Congress.  
 
Such a delay would also remove any leverage Congress has to perform meaningful oversight of an intelligence community that resists accountability at almost every turn.
 
The April 2024 Debate Produced Significant Reforms
 
The last reauthorization demonstrates that the leverage of a hard deadline at a relatively calm time in the legislative calendar yields results.

• In the face of furious lobbying by the intelligence community, surveillance reformers on the Hill managed to leverage the April 2024 hard deadline to require the FBI to provide quarterly reports on the number of Americans targeted under Section 702.

 

• Champions of reform proposed a warrant requirement for the extraction of an American’s communications – an amendment that came within one vote of passing the House. Congress also took the Section 702 debate as an opportunity to end “abouts” data collection, a loose practice that prompted the FISA Court to publicly excoriate the National Security Agency for an “institutional lack of candor” about a “very serious Fourth Amendment issue.”

Finally, Congress shortened the window for the next reauthorization of Section 702 – and its attendant surveillance debate – from five years to just two. This ensured that any new issues that emerged would be tracked by congressional overseers.
 
The Issues Ahead
 
With the next Section 702 reauthorization vote set for April 2026, Congress is beginning once again to treat it as an opportunity to discuss broader surveillance policy.
Emerging questions include:
​

• Why, and under what exact authority, did the FBI surveil the communications of eight senators and one House Member in 2021?

 

• A recent Department of Justice report portrays FBI agents as suffering from anxiety and “audit fatigue” in meeting the requirements of Section 702 reforms. If this is the case, couldn’t their anxiety be relieved by sharing responsibility with judges in the form of warrants?

 

• The FBI, IRS, and other federal agency purchase the digital breadcrumbs we leave online when we communicate or conduct an online search. When, if ever, will Congress get another opportunity to require a warrant for the acquisition of Americans’ personal data?

 

• If the Section 702 debate is scrapped next April, when else will Congress get a chance to review the operations of the “make everyone a spy” provision, a last-minute addition in the 2024 debate that obliges almost all businesses to help the government spy on their customers?

If your answer to the above questions is that these issues can simply be taken up after the 18-month extension, think again.
 
The Crowded Calendar of October 2027
 
The beauty of an April reauthorization is that it falls at a fairly calm time in the legislative calendar. An 18-month delay would bump the Section 702 reauthorization vote and the next surveillance debate into the next Congress, to October 2027, amid the press of business around the end of the budgetary cycle. Such debates would have to compete with a likely continuing resolution and a host of contentious spending measures.
 
There would be no time to debate anything about surveillance. It would just be another “clean” reauthorization – which would suit the advocates of the status quo just fine.
Members should remain firm: Congress agreed to an April 2026 reauthorization debate for Section 702.
 
Let’s keep it that way.

America’s enemies aren’t storming our shores with tanks and planes – they’re breaking into our email, phone, and data systems. And right now, we’re making their job too easy.
 
The U.S. Senate can toughen up America’s defenses by passing the Lummis-Wyden amendment (S. Amdt. 3186) to the 2026 National Defense Authorization Act. This bipartisan fix would finally force the Pentagon to use secure, encrypted communications – and end its costly dependence on a handful of Big Tech vendors.
 
The Scale of Attacks
 
In 2023, Chinese hackers broke into Microsoft-hosted government email accounts, stealing 60,000 messages from the State Department alone. A year later, another Beijing-backed group hacked into AT&T and Verizon, tapping phones of Americans that included presidential candidate Donald Trump and then-Sen. J.D. Vance.
 
But Vance’s conversations were kept safe. How? He relied on Signal, the end-to-end encrypted app that even the hackers couldn’t crack.
 
The obvious takeaway is that without end-to-end encryption, our most sensitive communications are one hack away from the front page of Beijing’s intelligence briefings.
 
The Lummis-Wyden Fixes
 

• Mandates encryption. The Pentagon must be required to use secure, end-to-end encrypted systems whenever possible.

 

• Ends vendor lock-in. No more being trapped inside Microsoft Teams or Google Docs. Interoperability will be the law, so new and better tools can compete.

 

• Saves money and boosts innovation. Opening the market to smaller, nimbler companies means lower costs and stronger security.

 
Why It Matters

Our military today is stuck in walled gardens built by giant tech firms that all too often proved eminently hackable. That’s bad for taxpayers and disastrous for national security. Hackers don’t need to break into every office at the Pentagon – they just need to knock down the door of one weak provider. The Lummis-Wyden amendment puts a lock on those doors.
 
Congress Must Choose Security
 
Congress can keep letting foreign spies read Cabinet-level emails and tap presidential phone calls, or it can finally demand that the Pentagon use the best tools available. This amendment is a wake-up call that we can’t defend the country with outdated software. Encryption and competition would at least give our country a fighting chance to keep China and other bad actors out of our business.
 
PPSA calls on the Senate to pass the Lummis-Wyden Amendment to stop giving hackers the upper hand. This measure will better protect our service members, the American homeland, and the private deliberations of our leaders.

The House today passed the Anti-CBDC (Central Bank Digital Currency) bill, forbidding the Federal Reserve Board from ever establishing a government-issued digital currency.

“The House action was prescient, but not at all premature,” said Bob Goodlatte, PPSA Senior Policy Advisor and former chairman of the House Judiciary Committee. “With an official digital dollar, the government would have been able to surveil every transaction, no matter how small or how personal.

“Such a central bank digital currency would enable mass surveillance of American consumers, and the debanking of any targeted group,” Goodlatte said. “We are grateful to President Trump for issuing an executive order in the early days of his administration to forbid the establishment of such a digital currency which would, the president said, ‘threaten the stability of the financial system, individual privacy, and the sovereignty of the United States.’

“That was a bold and necessary move by the president, but an executive order would not keep a future administration from someday taking us down that road. Such assurance can only come from a law. Today’s victory is a testament to the perseverance of House Majority Whip Rep. Tom Emmer (R-MN) who sponsored and tirelessly advocated for passage of the anti-CBDC bill by the House.
​
“We shouldn’t be tracked by our dollars or our spending. PPSA and our followers urge the Senate to keep the momentum going and get this bill to the president’s desk.”

​Last year brought surveillance reform achingly close to passage. The Fourth Amendment Is Not for Sale Act – which would have forced the government to obtain a warrant before purchasing Americans’ personal data from data brokers – passed the U.S. House but died in the U.S. Senate. A warrant requirement for the review of Americans’ personal data fell short in the House in a tie vote.

Now, we know that these were uphill votes not just because of the intense opposition of federal intelligence agencies, but because the Biden White House had overseen an intense lobbying effort to give the illusion of grassroots opposition from state law enforcement.

To create this illusion, the administration reached out to local and federal law enforcement alike with pre-approved talking points from a Washington lobbying firm, letters to sign, and a list of lawmakers to target.

The efforts involved the misuse of High Intensity Drug Trafficking Areas (HIDTAs). These are hybrid federal-state entities intended to provide coordination and ensure the efficient use of federal funds in fighting organized drug crime. The federal side of this partnership is directly overseen by the White House Office of National Drug Control Policy.

A response to a PPSA Freedom of Information Act (FOIA) request reveals that during the prior 118th Congress, these organizations were repurposed for lobbying Congress. Emails from the Chicago HIDTA piggybacked off efforts from a Capitol Hill lobbying firm and orchestrated all the elements of what would appear to a Member of Congress to be a spontaneous grassroots movement by state law enforcement groups and associations in opposition to popular surveillance reform amendments.

This network of federal agencies working behind the scenes to coordinate this messaging, under the purview of the White House, distorted the debate and abused Congressional trust in sincere-sounding letters to Congressional leaders like Rep. Jim Jordan, Chairman of the House Judiciary Committee, and Rep. Jerry Nadler, Ranking Member. Given that HIDTAs are distribution points for significant amounts of much-needed federal funding, it’s questionable how voluntary the sign-on from state law enforcement groups really was.
​
Perhaps Chairman Jordan and Ranking Member Nadler might want to look into how much federal money might have been spent limiting their oversight. At the very least, the current administration should cut off federal funds for lobbying before the surveillance reform debate begins again next year.

A solemn promise was made on the floor of the U.S. Senate – and by the Congress to the American people – that has been broken. As a result, most businesses and organizations in the United States that offer free Wi-Fi service now have a legal obligation to spy on their tenants and customers for the National Security Agency and keep that spying secret from them forever.
 
In April the U.S. Senate reauthorized FISA Section 702, an authority that allows federal agencies to spy on foreign targets on foreign soil. Facing an eleventh-hour vote, the Senate took Senate Intelligence Committee Chairman Mark Warner (D-VA) at his word that a flaw in the bill would soon be corrected. Accepting that promise, the Senate reauthorized Section 702.
 
That flaw concerns a provision added to the reauthorization that allows the NSA to force businesses that offer internet communications – from the landlords of office complexes that house journalists and political campaigns, to fitness centers, to houses of worship – to make the communications of their customers secretly available. Janitors and cleaning services with access to equipment and thumb-drives in their pockets can now be legally enlisted to spy for the NSA. All this can be done without bothering with niceties like the U.S. Constitution’s Fourth Amendment and its warrant requirement.
 
Sen. Warner acknowledged that this language defining an “electronic communications service provider” was overbroad and promised a fix to narrow it. Though the target category is classified, that fix is widely believed to be narrowing the provision to providers of cloud communications.
 
To be fair to Sen. Warner, it was a few House Republicans who rejected adding the fix to the Intelligence Authorization Act. And it was some Republicans who fought to reject any narrowing of this vast expansion of the American surveillance state, dubbed by many to be the “Make Everyone a Spy” provision. We still remain dismayed and disappointed that the Chairman of the Senate Intelligence Committee could make such a promise and not see to it that it is kept.
 
But Congress can still redeem itself. Surely Members will not want to disappoint constituents as word spreads about the extent and magnitude of this new, limitless domestic surveillance program. Surely they will also want to live up to a solemn promise made to colleagues. This fix can be enacted next year.
 
In the meantime, PPSA will be working with our surveillance reform allies, left and right, to narrow the “Make Everyone a Spy” provision.
 
If Congress chooses not to keep its word, however, the American people will surely grow alarmed and upset over this expansive surveillance. Keep in mind that the House came within one tie-breaking vote of adding a warrant requirement in the reauthorization of Section 702 this year. The Make Everyone a Spy law will now be Exhibit A in making our case for warrants and against the surveillance state.
​

Breitbart recently broke a story that a few recalcitrant House Members are holding up a promised fix to what many referred to as the “Make Everyone a Spy” law.
 
The fix regards an amendment to the reauthorization of FISA Section 702, passed in April, in which pro-surveillance advocates added a requirement that U.S. business owners who offer customers the use of their Wi-Fi and routing equipment be covered as “electronic communication service providers” under the law. This means that any business – your neighborhood fitness center, an office complex that houses journalists, political campaigns, or even a church or other house of worship, as well as a host of other establishments – would face the same requirement as large telecoms to turn over the communications of their customers, no warrant required.
 
This was not meant to happen. As the Senate voted in April to reauthorize FISA Section 702, bipartisan furor erupted over this provision, including leading conservatives in both chambers. Sen. Mark Warner (D-VA), Chairman of the Senate Intelligence Committee, promised his colleagues that the amendment that included this expansive authority would be narrowed to include only one category of business. That category is classified but is widely believed to be data centers that provide cloud computing and storage.
 
With this promise in hand, the Senate voted down an amendment to remove the flawed provision, and immediately passed the reauthorization of Section 702 – all in the belief that the expansive new spy power would soon be curbed.
 
Sen. Warner was true to his word, inserting language into the Senate intelligence bill that narrows the scope of the new measure. Now, in a baffling turn of events, it is the House that is refusing to include the fix in its version of the intelligence bill.
 
Why are some House Members insisting on keeping an authority that allows spying on churchgoers, shoppers, and office workers? Bob Goodlatte, the former chairman of the House Judiciary Committee and PPSA senior policy advisor, told Breitbart News: 
 
“This measure passed because of assurances that this insanely broad authority would be narrowed. The promise of a fix was made and accepted in good faith, but that promise is being trashed by advocates for greater surveillance of our citizens. Unless Congress reverses course, Americans’ data that runs through the Wi-Fi and servers of millions of small businesses, ranging from fitness centers to department stores, small office complexes, as well as churches and other houses of worship, will be fair game for warrantless review. This would truly transform our country into a thorough surveillance state. I can’t imagine the next Congress and new Administration would welcome that.”
 
Surely, giving the deep state free rein to spy on Americans is not in keeping with the philosophy of the incoming Trump administration, the new Republican majority in Congress, or most Democrats.
 
Contact your House Member and say:
 
“Please don’t let this legislative year end without narrowing the Electronic Communication Service Provider standard. Congress must keep its promise to fix the Make Everyone a Spy Law.”

​The nomination of Tulsi Gabbard to serve as Director of National Intelligence promises to be contentious. One thing cannot be disputed: The former Congresswoman from Hawaii and lieutenant-colonel in the U.S. Army Reserve, with experience in Iraq and other dangerous countries, would bring a combination of responsible handling of secrets along with a solid record of surveillance reform.
 
Gabbard voted for the USA RIGHTS Act and other measures that would require warrants for the government to access Americans’ data and to protect personal use of encrypted apps. Rep. Gabbard also filed an amendment to the National Defense Authorization Act in 2019 to prohibit government purchases of body cameras equipped with facial recognition and other biometric devices.
 
In these and many other ways, Gabbard has compiled the record of a surveillance-reform leader. While in Congress, Gabbard served on the Homeland Security, Armed Services, and Foreign Relations Committees. A former Vice-Chair of the DNC, Gabbard made a long journey from being a staunch Democrat to supporting Donald Trump’s presidential campaign. As a private citizen, Gabbard is arguably a victim of surveillance abuse herself.
 
Her record on surveillance reform is enough to send shivers down the backs of officials in the FBI and other intelligence organizations long used to warrantless access to Americans personal information. Not surprisingly, Gabbard is now being attacked in a whisper campaign by nameless sources for being a flake who has taken pro-Russian and pro-Syria positions. Gabbard is articulate in responding to these charges, portraying herself as foreign-policy realist. We hope the Senate will keep an open mind and listen to Tulsi Gabbard’s defense.
 
Above all, we hope the Senate will consider the need to bring balance back to the intelligence community, which often helps itself to the purchased personal data of American citizens without bothering to seek a warrant. As a candidate, Donald Trump promised to reform FISA. Appointing Tulsi Gabbard to lead the intelligence community shows he’s serious about that. The next Director of National Intelligence should be someone who can restore a balance between the need to respect the constitutional rights of Americans and the need to keep America safe.

​The election may have shaken Washington, D.C., like a snow globe in the grip of a paint mixer, but the current Congress still has important business for the lame duck session. For anyone who cares about privacy in this age of surveillance, issue one has to be whether or not Congress will retain the promised fix to what so many call the “make everyone a spy” provision in the National Defense Authorization Act (NDAA).
 
This story goes back to April, when the House Permanent Select Committee on Intelligence slipped into the reauthorization of FISA Section 702 (which authorizes foreign intelligence) a measure to allow the government to secretly enlist almost every kind of U.S. business to spy on their customers. In response to the outcry, carveouts were made that exempted coffee shops, hotels, and a few other business categories. But most businesses – ranging from gyms to dentists’ offices, to commercial landlords with tenants that could include political campaigns or journalists – are required to turn over their customers’ communications that run on ordinary Wi-Fi systems.
 
It is widely believed that this legislation was aimed at cloud computing facilities, which were not previously covered by the relevant law. When the Senate took up reauthorization of Section 702, Intelligence Committee Chairman Mark Warner (D-VA) admitted to his colleagues that the new measure was overbroad, and that he would craft new legislation to fix it. Sen. Warner kept his word and crafted legislation to narrow the provision. Although the nature of this fix is classified, it is widely believed to limit this new surveillance power to cloud computing facilities.
 
The House Intelligence Committee, however, did not adopt that fix. We hear that behind-the-scenes negotiations are taking place, but we cannot report exactly who might be blocking it or why. Suffice it to say that it is far from clear that Congress will ultimately adopt Sen. Warner’s fix.
 
PPSA calls on Speaker Mike Johnson and Senate Minority Leader Mitch McConnell to make it clear that the NDAA will include a provision to narrow the scope of this extreme provision. We must not give the FBI and other government agencies warrantless access to practically all communications that run through any kind of equipment operated by almost any kind of business.
 
Allowing the current law to remain unfixed and unreformed would be a terrible punch in the gut to the American people and the new Congress. The 119th Congress has many surveillance debates scheduled, including one over the reauthorization of Section 702 itself in 2026 – which passed the House with the breaking of a tie vote. It would be a mistake to saddle the new Republican majority and the incoming Trump administration with a broken promise.

​Sen. Rick Scott – former two-term governor of Florida, now re-elected to the Senate by more than 10 points over his most recent challenger – has consistently voted for surveillance reform. Sen. Scott has been a vocal champion of reforming FISA Section 702 – enacted by Congress to authorize surveillance of foreign threats on foreign soil, but often used to collect the communications of Americans. Sen. Scott called FBI Director Christopher Wray on the carpet to tell him that he’s squandering the credibility of a great agency by playing games with Americans’ privacy.
 
Rick Scott has also been a strong supporter of a probable cause warrant requirement before the FBI and other intelligence agencies can review Americans’ personal data and communications. Such principled stands on surveillance reform explain why we gave the Florida senator an “A” rating in our PPSA Scorecard.
 
From Tallahassee to Capitol Hill, Sen. Scott has made winning tough races look easy. We encourage more Members of Congress in both parties to recognize what Sen. Scott demonstrates, that surveillance reform is good politics.

​The incoming Trump administration has an unparalleled opportunity to achieve historic surveillance reform. Donald Trump made campaign pledges to:
 

• Make every Inspector General’s office independent and physically separated from the departments they oversee. This would enhance the objectivity of those who oversee surveillance operations by giving them a bit of distance.

 

• Work to ban federal bureaucrats from taking jobs at the companies they deal with and that they regulate. This measure would help ensure that when surveillance requests are made by government to the private sector, agendas remain clean and separate.

 

• Reform FISA courts. This measure could bring in qualified amici, seasoned experts with high-level security clearances, to provide the court with – to paraphrase Hemingway – built-in, shock-proof, BS detectors.

 

• Ask Congress to establish an independent auditing system to continually monitor our intelligence agencies to ensure they are not spying on our citizens or running disinformation campaigns against the American people. This leads to a sweet spot shared by surveillance reformers of all stripes – the need to impose a warrant requirement on federal agencies, ranging from the FBI to the IRS, that buy the private and intimate data of Americans from third-party data brokers.

 
The Trump agenda on surveillance reform presages monumental and much needed reforms, from Section 702 reform to passage of the Fourth Amendment Is Not For Sale Act by both houses of Congress. The stars are aligning with the incoming administration. The 119th Congress must make the most of this historic opportunity.

​The recent approval of the House Intelligence Committee’s annual intelligence policy bill sets up a critical moment for the ongoing debate over surveillance powers, particularly the controversial FISA Section 702. While the bill does not include a provision to narrow the definition of "electronic communication service providers" (ECSP), this issue will soon come to a head in the House-Senate conference.
 
Rep. Jim Himes (D-CT) signaled his acceptance of Senate Intelligence Chair Mark Warner’s "technical fix," which would narrow the scope of the ECSP definition. Himes said the change “would be totally fine with me,” and that “I always believed that the language was overbroad in the initial amendment…”
 
This change would prevent ordinary businesses—like coffee shops or small offices—from being forced to assist in government surveillance. While Himes expressed he would be "totally fine" with Warner’s proposal, the issue has yet to be fully debated or incorporated into House legislation. We’ve seen efforts at reform falter before, and the final outcome will be determined behind closed doors in the House-Senate conference, where transparency is sorely lacking.
 
As we’ve previously noted, broadening the ECSP definition without clear limitations would create a “Make Everyone a Spy” law, enlisting small businesses into the surveillance apparatus.
 
Moreover, the administration’s reassurance that the law will only be applied to specific providers, based on a classified FISA court decision, is insufficient. History shows that such promises often erode over time, allowing the intelligence community to expand its surveillance reach through legal loopholes. John Wiegmann, the new top lawyer for the Office of the Director of National Intelligence, also supported Warner’s. But as with everything, we want to see the changes in writing in the bill.
 
The closed-room conference between the House and Senate is where these decisions will play out, but the lack of public scrutiny makes it a fraught process. Given past betrayals on surveillance reform, we have ample reason for anxiety. Privacy advocates must remain vigilant and press for real reforms that ensure no further expansion of surveillance powers. The House and Senate need to guarantee that any changes made truly limit the scope of ECSPs and protect Americans from warrantless data collection. PPSA will be monitoring this situation closely as it unfolds.

​An important analysis from Real Clear Investigations probes the extent to which censorship abroad threatens the First Amendment here at home. 
 
Writer Ben Weingarten asks whether foreign demands that domestic media companies operating abroad comply with those nations’ often far more censorial legal requirements will lead in turn to more censorship here at home. The preponderance of the evidence suggests bad news for fans of the First Amendment.
 
Weingarten points specifically to the European Union’s Digital Services Act, which imposes content moderation standards that far exceed what would be considered constitutional in the United States. For example, companies doing business in the EU must combat “illegal content online,” which includes the disfavored rhetoric like “illegal hate speech.”
 
Writes Weingarten:
 
“Platforms also must take ‘risk-based action,’ including undergoing independent audits to combat ‘disinformation or election manipulation’ – with the expectation those measures should be taken in consultation with ‘independent experts and civil society organisations.’ The Commission says these measures are aimed at mitigating ‘systemic issues such as … hoaxes and manipulation during pandemics, harms to vulnerable groups and other emerging societal harms’ driven by ‘harmful’ but not illegal content.”
 
What’s more, investigations pursuant to the DSA can result in fines of up to 6% of annual global revenue, a potential outcome likely to give companies like X and Facebook pause when considering whether to comply with the invasive oversight of European bureaucrats and NGOs serving as arbiters of the appropriate.
 
Then there’s the question of whether social media companies that agree to the EU’s demands are likely to run parallel services – for example, a DSA compliant version of X and another that is consistent with the requirements of the First Amendment.
 
Elon Musk seemed willing to abandon Brazil after that country banned X for failing to de-platform the account of former president Jair Bolsonaro. (Though Musk’s company is now very much back in business there.) But the EU is a much bigger market with a lot more monetizable users.
 
As Weingarten documents, the punishment of media companies abroad for speech that is well within the bounds of the First Amendment is a growing trend – not just in the EU but also in countries like the UK and Australia. And Weingarten reserves no small amount of criticism for the Biden Administration’s silence – and even capitulation – in the face of such foreign censorship.
 
Bills like the No Censors on our Shores Act, which could “punish foreign individuals and entities that promote or engage in the censorship of American speech,” offer one potential solution to foreign censorship creep. So do articles like Weingarten’s, which provide a much-needed diagnosis of our speech-related ailings and failings.

​Sen. Mike Lee (R-UT) is advancing his new Saving Privacy Act to protect Americans’ personal financial information from warrantless snooping by federal agencies.“The current system erodes the privacy rights of citizens, while doing little to effectively catch true financial criminals,” Sen. Lee said. The bill’s co-sponsor, Sen. Rick Scott (R-FL), added: “Big government has no place in law-abiding Americans’ personal finances. It is a massive overreach of the government and a gross violation of their privacy.”
 
Are these two senators paranoid? Or are they reacting to genuine “massive overreach” from a government that already illicitly spies on Americans’ personal finances? Consider what PPSA has reported in the last three years:
 

• A new Security and Exchange Commission program – authorized by no law –

grants 3,000 government employees real-time access to every equity, option trade, and quote from every account of every broker by every investor.
 
“Traditionally, Americans’ financial holdings are kept between them and their broker, not them, their broker, and a massive government database,” state auditors and treasurers wrote in a recent letter to House Speaker Mike Johnson. “The only exception has been legal investigations with a warrant.”
 

• A new “beneficial ownership” requirement is forcing millions of Americans who own small businesses to send all the ownership details of their businesses to the Financial Crimes Enforcement Network (FinCEN) of the U.S. Treasury.
   
  While the government assures lawmakers that strict safeguards are in place – given recent high-profile hacks and deliberate leaking of confidential taxpayer information by an IRS consultant, the possibility of data breaches or political abuse is very real. American history offers many examples of financial information being abused for personal or ideological retribution, from the days of Richard Nixon to those of the IRS’s Lois Lerner.
  ​
• Under the law, a bank must be served with a warrant or subpoena before releasing the details of a customers’ account. No such constitutional niceties are needed to access wire transfers of money. A unit of the Department of Homeland Security accesses bulk data on Americans’ money wire transfers above $500 collected by a non-profit, private-sector organization, the Transaction Record Analysis Center (TRAC).
   
  Sen. Ron Wyden (D-OR) and the ACLU reported that the database of money transfers grew from 75 million records from 14 service businesses in 2017 to 145 million records from 28 companies in 2021. More than 600 law enforcement agencies have access to TRAC’s information, ranging from a sheriff’s office in a small Idaho county to the FBI and the Drug Enforcement Administration, no probable cause warrant needed.

  
TRAC sucks in wire transfers within the United States between American citizens, as well as with those sending or receiving money from abroad. Sen. Wyden told The Wall Street Journal that TRAC lets the government “serve itself an all-you-can-eat buffet of Americans’ personal financial data while bypassing the normal protections for Americans’ privacy.”
 

• In 2022, PPSA reported on the Transparency and Accountability in Service Providers Act that would have enlisted 7.2 million employees of non-bank financial institutions to spy on their customers and report any activity deemed suspicious to the Federal Crimes Enforcement Network (FinCEN).
   
  Though Congress rejected that approach, banks still continuously scrutinize customers’ accounts and send voluminous reports to FinCEN, recording and reporting your financial life to the government without having to bother with warrants or other important safeguards of our privacy required by the Fourth Amendment. Other “financial institutions” are similarly required to make such reports, ranging from pawn shops, to car dealers, to jewelers, to broker-dealers.
  
  
• The Federal Reserve Board is publicly weighing whether or not to ask Congress to allow it to establish a Central Bank Digital Currency (CBDC), replacing paper dollars with government-issued electrons.
   
  Given the hunger that officialdom in Washington, D.C., has shown for pulling in all our financial information – including a serious proposal to record transactions from bank accounts, digital wallets, and apps – the Fed’s balancing of our privacy against surveillance of the currency is troubling. With digital money, government would have in its hands the ability to surveil all transactions, tracing every dollar from recipient to spender. Armed with such power, the government could debank disfavored groups or individuals.

 
Could that actually happen? It did across the border, when the Canadian government used emergency powers to debank truckers engaged in a political protest. At home, the tracking of Americans’ spending is a Fourth Amendment violation that inevitably leads to the degradation of the First Amendment.
 

• The House Judiciary Committee and its Select Subcommittee on the Weaponization of the Federal Government issued a report in March on secretive efforts between federal agencies and U.S. private financial institutions that “show a pattern of financial surveillance aimed at millions of Americans who hold conservative viewpoints or simply express their Second Amendment rights.”
   
  At the heart of this conspiracy is the U.S. Treasury Department’s Financial Crimes Enforcement Network (FinCEN) and the FBI, which oversaw secret investigations with the help of the largest U.S. banks and financial institutions. Law enforcement and private financial institutions shared customers’ confidential information through a web portal that connects the federal government to 650 companies that comprise two-thirds of the U.S. domestic product and 35 million employees.
  
  

Aside from one’s online browsing history, there is little that reveals more about us – our social, romantic, political, and religious lives – than how we spend our money.
 
Sen. Lee’s bill counters this financial surveillance state by repealing many of the reporting requirements of the Bank Secrecy Act. It also repeals the Corporate Transparency Act (which forces small businesses to reveal their ownership), closes the SEC’s database on Americans’ trades, prohibits the creation of a Central Bank Digital Currency, and requires congressional approval before any agency can create a database that collects personally identifiable information of U.S. citizens.
 
Finally, Sen. Lee’s Saving Privacy Act would institute punishments for federal employees who release Americans’ protected financial information, while establishing a private right of action for Americans and financial institutions harmed when their privacy is compromised by the government.
 
The Saving Privacy Act is a landmark bill that deserves to become the basis of debate and action in the next Congress.

​This year, the coalition of surveillance reformers in Washington, D.C., mounted the most spirited, bipartisan campaign in legislative history.
 
The reform coalition fought to require warrants for FISA Section 702, which authorizes the government to surveil foreign threats on foreign soil but is often used to spy on Americans. The House also passed the Fourth Amendment Is Not For Sale Act, which would forbid the warrantless collection of Americans’ personal, digital information.
 
How did we do? The Section 702 fix was lost to a single, tie-breaking vote in the House. The Fourth Amendment Is Not For Sale Act remains stuck behind last-minute business in the Senate.
 
It is easy for surveillance reformers to feel like Sisyphus, rolling legislative stones up Capitol Hill only have them come tumbling back down. But national reformers should take heart from the example set by Utah, which proves that surveillance reform is popular and that reasonable compromises can be set into law.
 
Start with geofence warrants, which use a reverse search technique to pluck the identities of criminal suspects out of pools of data extracted from a given area. The federal Fifth and Fourth Circuit Courts of Appeal have taken starkly opposite views over whether geofence warrants can be allowed. The Fifth Circuit finds them to be inherently unconstitutional. The Fourth Circuit finds them to raise no Fourth Amendment issues at all.
 
Meanwhile, the intrusion of government snooping grows. Google reports that requests for geofence warrants grew by 9,000 in 2019 to 11,500 in 2020. That number is surely much higher today.
 
When the U.S. Supreme Court inevitably wades into this issue to resolve the circuit split, the Justices would well to consider the example set by Utah. Last year, Utah passed HB57, which balances law enforcement’s protection of public safety with the privacy rights of Utahans in law enforcement’s use of geofencing.
 
Leslie Corbly of the Libertas Institute in Utah reports that as a result of this new law, police must now submit requests for geofence data to a judge for a warrant application. This new law also mandates that warrant applications must “include a notification to judges regarding the nature of a geofence search by way of a map or written description showing the size of the virtual geofence.” Results from the search must be specified and reported to the court, including not just the identification of criminal perpetrators, but also people not involved in a crime.
 
Armed with enough information to evaluate the merits of a warrant request, judges remain involved with geofence warrants throughout the process. Finally, state law enforcement agencies must report the number of geofence warrants requested, the number approved by a judge, the number of investigations that used information obtained through a geofence warrant, and the number of electronic devices used for this collection.
 
Mike Maharrey of the Tenth Amendment Center reports that Utah has “chipped away at the surveillance state,” passing laws limiting surveillance of all kinds. These include:
 

• License Plate Readers: In 2013, Utah put modest limits on Automatic License Plate Readers, keeping this data out of the market for digital information and a requirement for a warrant or disclosure order for state police to access it.

 

• Warrants for Data: Utah’s 2014 Electronic Information Privacy Act makes any electronic data obtained by law enforcement without a warrant inadmissible in a criminal trial. In addition to state-collected information, that law imposes the same constraint on data derived from the NSA and super-secret fusion centers. In 2019, Utah expanded this law to ban warrantless access to data stored in the cloud. In 2021, the state again expanded this law to require police to get warrants to search data held by communication service provider networks.

 

• Drones: In 2014, Utah slapped a search warrant requirement on data obtained from a drone. In 2022, the state expanded restrictions on drone surveillance to also include “radar, sonar, infrared, or other remote sensing or detection technology.”

 

• Geofencing: And then in February 2023, Utah passed its limits and warrant requirements on geofencing.

 
Utah demonstrates to Congress and the Supreme Court that we can place limits on surveillance while accepting reasonable access to information agencies need to protect the public. Gary Herbert, a former governor of Utah who signed many of these measures into law, said “Utah is no longer a flyover state.” When it comes to surveillance reform, Utah is a state that should lead the nation.
 
And Utah should be an inspiration to reformers in Congress to keep pushing those boulders all the way to the top of the Hill.

​While partisan control of the U.S. Senate balances on a knife’s edge, also at stake is whether that body will have more surveillance reformers and protectors of privacy, or more defenders of the government surveillance status quo.
 
We find no partisan correlation between the reformers and the defenders. Some of the most liberal/progressive and conservative candidates support reform of government surveillance programs to protect the Fourth Amendment rights of Americans and their privacy. The same diversity exists among those who stoutly defend the government’s supposed “right” to warrantlessly surveil Americans.
 
You can review the PPSA Scorecard to see how your Senators (and Representative) fare in our ratings. We rate candidates on a grading scale from F to A+ (see details below). Here we apply these grades to eight of the closest or most-watched races for the U.S. Senate in 2024. We usually rate only the incumbent in each race because most opponents either have no voting record to score or, if an opponent was previously a Member of Congress, his or her votes are usually too far in the past to be relevant.

​***Not pictured above is Former Rep. Debbie Mucarsel-Powell (D) who scored a D the 116th Congress (2019-2021).

We should note that the last Senate candidate has an exceptionally troubling record on privacy and government surveillance. Rep. Adam Schiff, former House Intelligence Committee Chairman, is now running for the open Senate seat in California and polls show him with a comfortable lead. Should Schiff come to represent all the people of California, we hope he will “see the light” and become an advocate for his constituents’ privacy. 
 
In all races, voters, volunteers and campaign donors select their candidates by their stances on many positions. PPSA hopes that, in the coming election, you will consider your candidates’ stance on vital issues of surveillance and privacy. These include:

• The Fourth Amendment Is Not for Sale Act, a measure that passed the House this year that would restrict government purchasing of Americans’ most sensitive and personal data by data brokers

 

• A commitment to vote for a requirement for warrants when government agencies look at Americans’ personal communications caught up under programs authorized by FISA Section 702. This measure comes up for debate when Section 702 authority faces renewal in 2026.

 

• The House-passed PRESS Act, which would place reasonable limits on the ability of federal prosecutors to rifle through reporters’ notes and expose their sources. Such laws work well in 49 states, balancing the needs of public safety with those of a free society.

 
Again, please refer to our Scorecard for the records of other Members.
 
As the 20th century Chicago columnist Sidney J. Harris observed: “Democracy is the only system that persists in asking the powers that be whether they are the powers that ought to be.”
 
Here are the details of our grading system:
 
“A+” = Members who voted for every major pro-privacy amendment or bill
“A” = Members who voted for privacy on 80 to 99 percent of the votes
“B” = Members who voted for privacy on 60 to 79 percent of the votes
“C” = Members who voted for privacy on 40 to 59 percent of the votes
“D” = Members who voted for privacy on 20 to 39 percent of the votes
“F” = Members who voted for privacy on 0 to 19 percent of the votes

​The year is far from over and the U.S. House of Representatives has already had a banner year on privacy and surveillance reform.
 
The House passed the Fourth Amendment Is Not for Sale Act, which would curb the purchases of Americans’ data by government agencies. It also passed the PRESS Act, which gives reporters and their sources protection from the prying of eyes of prosecutors. Finally, the House came within one vote of passing a measure to require the government to obtain a warrant before accessing Americans’ personal communications caught up in the global trawl of foreign surveillance programs authorized by FISA Section 702.
 
But will the House of the 119th Congress be able to improve on these bold, pro-privacy stands? In our PPSA Scorecard we rate how all representatives (and senators) have voted on pro-privacy amendments or bills. Below are incumbents’ ratings from the 22 closest House races:

​​Here is how evaluated these Members by their votes:

• “A+” = Members who voted for every major pro-privacy amendment or bill
• “A” = Members who voted for privacy on 80 to 99 percent of the votes
• “B” = Members who voted for privacy on 60 to 79 percent of the votes
• “C” = Members who voted for privacy on 40 to 59 percent of the votes
• “D” = Members who voted for privacy on 20 to 39 percent of the votes
• “F” = Members who voted for privacy on 0 to 19 percent of the votes

 
PPSA hopes that in the coming election, you will consider your candidates’ stance on vital issues of surveillance and privacy. Please refer to our Scorecard for the records of other Members. And don’t be shy about expressing your views on privacy and surveillance reform with your candidates.
 
As Abraham Lincoln said: “If the people turn their backs to a fire they will burn their behinds, and they will just have to sit on their blisters.”

​As the 2024 elections loom, legislative progress in Congress will likely come to a crawl before the end of meteorological summer. But some unfinished business deserves our attention, even if it should get pushed out to a lame duck session in late fall or to the agenda of the next Congress.
 
One is a bipartisan proposal now under review that would forbid federal government agencies from strong-arming technology companies into providing encryption keys to break open the private communications of their customers.
 
“Efforts to give the government back-door access around encryption is no different than the government pressuring every locksmith and lock maker to give it an extra key to every home and apartment,” said Erik Jaffe, President of PPSA.
 
Protecting encryption is one of the most important pro-privacy measures Congress could take up now. Millions of consumers have enjoyed end-to-end encryption, from Apple iPhone data to communications apps like Telegram, Signal, and WhatsApp. This makes their communications relatively invulnerable to being opened by an unauthorized person. The Department of Justice has long demanded that companies, Apple especially, provide the government with an encryption key to catch wrong-doers and terrorists.
 
The reality is that encryption protects people from harm. Any encryption backdoor is bound to get out into the wild. Encryption protects the abused spouse from the abuser. It protects children from malicious misuse of their messages. Abroad, it protects dissidents from tyrants and journalists from murderous cartels. At home, it even protects the communications of law enforcement from criminals. The case for encryption is so strong the European Court of Human Rights rejected a Russian law that would have broken encryption because it would violate the human right to privacy. (Let us hope this ruling puts the breaks on recent measures in the UK and the EU to adopt similarly intrusive measures.)
 
Yet the federal government continues to demand that private companies provide a key to their encryption. The State of Nevada’s attorney general went to court to try to force Meta to stop offering encrypted messages on Facebook Messenger on the theory that it will protect users under 18, despite the evidence that breaking encryption exposes children to threats.
 
PPSA urges the House to draft strong legislation protecting encryption, either as a bill or as an amendment. It is time for the people’s representatives to get ahead of the jawboning demands of the government to coerce honest businesses into giving away their customers’ keys.

In 2024, champions of surveillance reform in the House passed the Fourth Amendment Is Not For Sale Act – which would force government agencies to obtain probable cause warrants before collecting Americans’ most sensitive and personal data scraped from apps and sold by data brokers.
 
House passage of this measure creates powerful momentum for this major surveillance reform, in the next Congress if not in this one.
 
Congress also imposed strong reporting and accountability measures on the FBI.
 
The Bureau must now report the number of times it searches, or “queries,” the communications of Americans in FISA Section 702 databases. This reform amendment also allows the leaders of both Houses of Congress and the House and Senate Judiciary and Intelligence Committees to attend hearings of the secret FISA Court – something Jim Jordan, Chairman of the Judiciary Committee, (R-OH) and Ranking Member Jerry Nadler, (D-NY), are publicly planning to do.
 
Congress did reauthorize Section 702, the foreign intelligence surveillance authority, without requiring warrants to examine queries of the communications of Americans caught up in this global data trawl. Even here, however, there were bright spots. The advocates of the intelligence community avoided a warrant requirement for surveillance of Americans by the narrowest margin – the breaking of a tie vote. And champions of reform succeeded in moving the next reauthorization of Section 702 from five years to two years.
 
As a result of this close vote and narrow window, debate is already well underway on ways to improve Section 702.
 
On the negative side, House Intelligence Committee leaders managed to insert into Section 702 reauthorization a measure we called “Make Everyone a Spy” – now law – that requires many businesses with internet-related communications equipment to allow warrantless inspection of customer data. At this writing, efforts are underway to narrow this provision.

Champions of Reform

Throughout this year, many Members stepped forward to take a strong, bold stance for surveillance reform. These include:

• House Judiciary Chairman Jim Jordan, (R-OH) and Ranking Member Jerry Nadler, (D-NY) for shepherding strong legislation through the House Judiciary Committee and for their forceful advocacy for privacy rights.

​

• Rep. Warren Davidson (R-OH), who headed the successful effort to pass the Fourth Amendment Is Not For Sale Act through the House.

 

• Rep. Chip Roy (R-TX), who succeeded in adding the regular reporting requirements on Section 702 inquiries by the FBI.

 

• Rep. Andy Biggs (R-AZ), who stood tall in the House for adding warrants to Section 702 queries and came within one vote of winning.  

​

• Rep. Ben Cline (R-VA), who succeeded in ending collection of surveillance of third-party mentions, or “abouts” information.

Other prominent and diligent House surveillance reformers include:
   

• Rep. Sara Jacobs, (D-CA)

 

• Rep. Tom Massie (R-KT)

 

• Rep. Darrell Issa, (R-CA)

• Rep. Zoe Lofgren, (D-CA)
  

​
In the Senate:

• Sen. Dick Durbin, (D-IL) Chairman of the Judiciary Committee, stood up for warrants for Americans’ private communications.

 

• In this effort Chairman Durbin had the strong, bipartisan support of Sen. Mike Lee (R-UT) and Sen. Ron Wyden (D-OR).

​

• Sen. Rand Paul (R-KY) was a strong advocate for the Senate passage of the Fourth Amendment Is Not For Sale Act.

“Why are House Intelligence Committee Republicans so happy to carry water for the Biden Administration?” This was a question put to us by an incredulous Republican politician. He added: “Why is it that Democrats in the Senate are doing a better job of protecting privacy from the administration and the intelligence community than House Republicans?”
 
Here is what he was getting at: in April, the House Permanent Select Committee on Intelligence slipped into the reauthorization of Section 702 a measure that would allow the government to potentially enlist almost every kind of business to warrantlessly spy on any American’s communications contained in any kind of electronic communications equipment. Now law, this measure could force ordinary businesses – from gyms to dentists’ offices, to commercial landlords with tenants that could include political campaigns or journalists – to turn over their customers’ communications that run on ordinary systems, such as WiFi.
 
For obvious reasons, this came to be known as the new “Make Everyone a Spy” law.
 
In April, when the Senate prepared to reauthorize FISA Section 702, which authorizes surveillance of foreign targets located abroad, Sen. Mark Warner (D-VA) won the votes of his colleagues by frankly admitting that the House language “could have been drafted better.” He promised that the Senate Intelligence Committee would fix it with a narrower definition of covered “electronic communications service providers.”
 
“The idea that you draw it so broad, and then try to exclude things, well, you’re never going to be able to figure out all the possible exceptions,” Warner said in an interview.
 
True to his word, Sen. Warner led his committee to include language in the Intelligence Authorization Act that narrows the definition of a covered electronic communications service provider. The actual language of the amendment, based on an opinion by the secret FISA Court, is classified. But the Warner fix is widely believed by the media to narrow this law to cover cloud computing centers, which did not exist when the governing law, the Electronic Communications Privacy Act, was enacted in 1986 and amended more than 15 years ago. (Under current law, communication companies, like Google and Verizon, are already required to cooperate with the government on data searches for foreign threats.)
 
That fix, however, fails to impress Rep. Mike Turner (R-Ohio) and other leading Members of the House Intelligence Committee. They are avoiding Sen. Warner’s legislation and seem determined to perpetuate the expansive definition of “Make Everyone a Spy” in the House version of the Intelligence Authorization Act.
 
House insiders tell us that it is now up to Speaker Johnson and reform-minded Republicans to ensure that the Warner fix is made in the House legislation. Absent that, civil liberties champions will have to cross our fingers and hope that the fix will be made in a House-Senate conference committee.
​

​If you write legislation but refuse to tell the public what is in it, can it still be considered a law if enacted? Can public laws be redacted, with big black heavy marks through their central provisions?
 
The Senate Intelligence Committee thinks so.
 
These questions arise from a development that forces civil libertarians to look a gift horse in the mouth. Here’s the background: When Congress passed the reauthorization of Section 702 in April, it included an amendment from the House Intelligence Committee that would force “any provider” of a business service to warrantlessly hand over customer information from any electronic device that transmits data, such as routers or free WiFi. Any businessperson could be dragooned into this service and gagged for life to never reveal it.
 
The public outcry about turning your neighborhood Starbucks into a spying operation prompted legislators to exclude coffee shops, hotels, and community centers. But the amendment, adopted by the Senate, was still expansive enough to define gyms, office complexes, dentists, you name it, as “electronic service providers” covered by this law. Many civil libertarians worried that custodial services would be required to swipe data from servers at night. That may sound paranoid, but the law was expansive enough to allow that – and we’ve seen time and again, give the intelligence community an inch and they will take a continent. That’s why this law was quickly labeled the “Make Everyone a Spy” program.
 
Senate Intelligence Chairman Mark Warner won passage of this amendment only by pledging to his colleagues that his committee would narrow the scope of this provision to one intended sector that was the subject of secret opinions from the Foreign Intelligence Surveillance Court. Sen. Warner deserves great credit for keeping his word and acting on it with alacrity. It is widely believed on Capitol Hill that the legislation is aimed at data centers, not everyday businesses. But we cannot be sure because the new amendment’s new, narrowed definition of a category of covered electronic service provider is classified.
 
So, the good news: The Make Everyone a Spy law is being narrowed to a single category. The bad news: We don’t know what that means.
 
Such secret law is a dangerous practice that will lead to pernicious outcomes. If unchallenged, this precedent will be used by the champions of the intelligence community on Capitol Hill to insert a host of secret provisions. Combine secret law with secret opinions from the secret FISA court, and voilà, you have a complete Star Chamber legal system adjacent to the public one.
 
If this still seems hyperbolic, imagine what it would be like to be on the receiving end of a government request to produce customer information, without being presented with a warrant. Your lawyer can ask: Are we a covered entity within the government’s definition? Or is the government overreaching? There would be no answers to these questions because secret law short circuits due process.
 
If this provision is aimed at data centers, as surely the Russians, Chinese, Iranians, and North Koreans know from reading American media, why not reveal that fact? The best outcome would be for the Senate to strip out the secrecy and let us know who is and who is not covered by this law.

​Amnesty International released a report based on interviews with 32 Chinese students, including 12 from Hong Kong, studying in universities in eight countries – from the United States to Belgium, Canada, France, Germany, the Netherlands, Switzerland, and the United Kingdom.
 
Sarah Brooks, Amnesty International’s China Director, said that even when Chinese students study thousands of miles from home, many live in fear. “The Chinese authorities’ assault on human rights activism is playing out in the corridors and classrooms of the many universities that host Chinese and Hong Kong students,” she said.
 
A typical story was told by a student who attended a commemoration of the 1989 Tiananmen Square massacre. She was careful not to share her real name with anyone involved in the protest or to post anything online. Yet, a few hours later she heard from her father in China, who had been grilled by security officials. 
 
Such surveillance could possibly be performed by a quick study of online images. About one-half of Amnesty’s interviewees said they had been photographed or recorded at events by someone present at the protest. The only conclusion to draw from this is that China has enough spies in the United States and Western countries to show up and shadow protest events. Many students said they censor themselves online – even in the classroom – due to the perceived risk their comments and opinions will be reported. One-third of students said they changed the focus of their studies or dropped out of planned academic careers because of this pressure.
 
“Threats made to family members in mainland China included to revoke their passports, get them fired from their jobs, prevent them from receiving promotions and retirement benefits, or even limiting their physical freedom,” Amnesty reports. In some instances, families have been pressured to cut off financial support for their children.
 
More than one-half of the students interviewed said they suffered mental health issues linked to their fears, ranging from stress and trauma to paranoia and depression. One case led to hospitalization.
 
Western universities have been slow to recognize and counter these threats to students. Some academics have even sided with China against dissident students. Amnesty reports that a student was dropped by a Western university researcher on a project after learning that she had participated in a protest critical of China.
 
“The impact of China’s transnational repression poses a serious threat to the free exchange of ideas that is at the heart of academic freedom, and governments and universities must do more to counter it,” Brooks said.
 
Universities need to be fully aware of the threat of surveillance and retaliation against their students from China. The U.S. government must also take countermeasures to stop Chinese surveillance of students in the United States, even if this means expelling diplomats or tracking others who surveil and harass students exercising their right to free speech. We must also be aware of the dangers of purchased or posted data and videos that expose Chinese students to harm.
 
Amnesty’s report is a reminder that that in the United States, it is not just the U.S. federal government that surveils Americans and visitors to our shores.

​There is a mystery at the heart of the recently enacted law that broadens the definition of an “electronic communications service provider” with a duty to carry out secret surveillance at the request of the government.
 
Such compelled surveillance requirements were once focused on major companies, like Verizon, AT&T, and Google. But then came a secret case that led the intelligence community to want to expand the law to cover, well, almost everyone in business. This new law, increasingly known by its moniker “Make Everyone a Spy Act,” can now enlist business owners into copying the communications of their customers and handing them over to the FBI or some other government agency.
 
What prompted the intelligence community to want such a dramatic expansion of covered entities? Senate Intelligence Committee Chairman Mark Warner said on the Senate floor in April:
 
“Now, why has this suddenly now become such an issue? Well, one of those communications providers – remember I talked about clouds, data centers, how these networks come together and how network traffic is intertangled at these data centers? One of these entities that controlled one of those new enterprises that didn’t exist in 2008 said:
​
Well, hold it. You can’t compel us to work with the American government because we don’t technically fit the definition of an electronic communications service provider. And the fact was, the company that raised that claim won in court. So what happened was, the FISA Court said to Congress: You guys need to close this loophole; you need to close this and change this definition.”
 
Yet the new law is insanely broad. It covers “any” service provider with access to communications equipment. The government can now enlist custodial services, landlords, owners of small office complexes, gyms, dentist offices, and small businesses of almost every kind, as government spies. And, as with the larger telecoms and tech companies, these small businesses will be held under a gag order, preventing them from alerting their customers that they’ve been spied on.
 
Worse, because few small business owners have the ability to neatly parse exact threads of communications from their equipment, they will likely just turn over the equipment itself – and every customers’ private data it contains – to the NSA.
 
Little wonder that Sen. Ron Wyden (D-OR) described this sweeping provision as “one of the most dramatic and terrifying expansions of government surveillance authority in history.” Sen. Warner admitted that the provision “could have been drafted better.” He promised that if the Senate passed the bill, he would support a redraft of this law’s language in the next Intelligence Authorization Act or the National Defense Authorization Act. The Senate took him at his word and passed the bill.
 
But how can such a redraft be done without some guidance as to the nature of the case that prompted this new law?
 
Without a public disclosure of the type of service provider at the heart of the case Sen. Warner referred to, Congress cannot effectively narrow the language. The administration must declassify the type of provider in the FISC case to guide Congress in making precise refinements in its narrowing of the law.
 
For that reason, PPSA is joining a host of civil liberties peer organizations – ranging from the American Civil Liberties Union and Brennan Center to the Due Process Institute and FreedomWorks – in an open letter to Attorney General Merrick Garland and Director of National Intelligence Avril Haines urging them to declassify the type of service provider at the heart of the FISC case.
 
The administration issued a written commitment to apply the new definition only to the type of provider at issue in the FISC decision. The recent history of American surveillance shows, however, that such commitments won’t bind future administrations. And time and again, we’ve seen one agency or another in the intelligence community resort to legal sophistry to break its word. 
 
Given that data centers were named by Sen. Warner on the Senate floor and even in a New York Times article, foreign spies are surely aware of the nature of the broad outlines of the case behind this new law. It is hard to imagine a stronger case for discretionary declassification. Disclosure must happen so Congress can curtail this new warrantless surveillance legislation in the narrowest way possible.

​We needed a little perspective before reporting on the historic showdown on the reauthorization of FISA Section 702 that ended on April 19 with a late-night Senate vote. The bottom line: The surveillance reform coalition finally made it to the legislative equivalent of the Super Bowl. We won’t be taking home any Super Bowl rings, but we made a lot of yardage and racked up impressive touchdowns.
 
For years, PPSA has coordinated with a wide array of leading civil liberties organizations across the ideological spectrum toward that key moment. We worked hard and enjoyed the support of our followers in flooding Congress with calls and emails supporting privacy and surveillance reform.
 
So what was the result? We failed to get a warrant requirement for Section 702 data but came within one vote of winning it in the House. There was a lot of good news and new reforms that should not be overlooked. And where the news was bad, there are silver linings that gleam.

• Best of all – and the intelligence community hates this – we succeeded in reducing the deadline for the next reauthorization of Section 702 from five years to two. We also got the date of reauthorization moved from the end of the year, when legislative priorities tend to get lost in the press of late business, to April in even (election) years.

 

• An important reform amendment from Rep. Chip Roy (R-TX) passed. The FBI will now be under a microscope, with quarterly reports to Congress on the number of time the FBI searches, “or queries,” the communications of Americans in Section 702 databases. It also allows the leaders of both Houses of Congress and the House and Senate Judiciary and Intelligence Committees to attend hearings of the secret FISA Court.

 

• The worst event of this round was that the “Make Everyone a Spy” amendment passed. Signed into law by President Biden, this measure allows the government to force a wide range of small businesses to help the NSA in its spying, and it gags them to prevent them from revealing it. This measure passed only after a pinkie promise from Attorney General Merrick Garland to enforce it narrowly. Sen. Mark Warner, Chairman of the Senate Select Committee on Intelligence, said he would support revising the bill’s vague language. Our coalition will closely watch the Department of Justice and take up Sen. Warner’s promise to tighten the language of this amendment. We will hold them to account.

 

• Thanks to an amendment offered by Rep. Ben Cline (R-VA), we permanently ended “abouts” collection – the practice of surveilling Americans who are merely mentioned in a communication.

 

• We secured dozens of reforms of the FISA process for both Section 702 and Title I surveillance, including:

 

• The FBI can no longer rely on press reports or political opposition research to seek surveillance orders from the secret FISA Court.

 

• The numbers of FBI personnel who can make Section 702 queries has been massively reduced, with independent audits of every U.S. person query.

 

• FBI agents who lie to the FISA Court will be fired or suspended without pay. Leaking a secret FISA application will result in 10 years in prison and or a $250,000 fine. FBI personnel who lie to the FISA Court – as FBI lawyer Kevin Clinesmith did when he altered a document about Carter Page and submitted it as evidence – will face 10 years in prison and/or a $250,000 fine.

 

• Soon after the Section 702 debate, the House passed The Fourth Amendment Is Not For Sale Act on a strong bipartisan 219-199 vote. This bill requires the FBI and other federal agencies to obtain a warrant before they can purchase Americans’ personal data, including internet records and location histories. Passage in the House gives a mark of validation to this bill, making it easier for the bill’s Senate champions to enlist their colleagues to support it.

 
We come out of this legislative fracas bloodied but energized. We put together a durable left-right coalition in which House Judiciary Committee Chairman Jim Jordan and Ranking Member Jerry Nadler, as well as the heads of the Freedom and Progressive caucuses, who worked side-by-side. For the first time, our surveillance coalition had the intelligence community and their champions on the run. We lost the warrant provision for Section 702 only by a tie vote. Had every House Member who supported our position been in attendance, we would have won. This bodes well for the next time Section 702 reauthorization comes up.
 
We will be ready.
 
Let’s not forget that a recent bipartisan YouGov poll shows that 80 percent of Americans support warrant requirements. We sense a gathering of momentum – and we look forward to preparing for the next big round in April 2026.