NSA Needs to Get Smart on Section 702 Compliance

A report released on Monday by the National Security Agency offers vague, tantalizing revelations of improper treatment of Americans’ privacy in searches conducted under Section 702 of the Foreign Intelligence Surveillance Act (FISA), an authority that allows the government to spy on foreigners.
 
The incidental collection of Americans’ personal communication in Section 702 surveillance “queries” has long been a matter of deep concern among civil liberties organizations. This has been especially true when political appointees have asked NSA to reveal, or “unmask,” the identities of Americans caught up in given communications.
 
In its semi-annual report to Congress, NSA reports that in its use of “selectors” or identifiers of U.S. persons it “did not always follow NSA procedural and policy requirements.” NSA reported that its searches of U.S. persons “was not documented with consistency.” The report said that a software tool meant to prevent the processing of queries of U.S. persons failed in certain cases.
 
The NSA’s Office of Inspector General reports the system meant to ensure that such queries comply with FISA’s legal procedures is dysfunctional. A new system is being installed. But OIG reports that “until this system control is implemented, the Agency will be at risk for performing queries that do not comply with NSA’s FISA Section 702 authority.”
 
NSA promises that it has in place “multiple processes to aid in ensuring query compliance” until it has that new system in place by June.
 
Got that?
 
As we read it, NSA is saying that its adherence to FISA’s Section 702 procedures has been spotty, that it is working to fix these shortcomings, and will soon have a system in place to make sure it is compliant with the law.
 
Congress should ask questions. Among them:
 
How long had these errors been going on?
 
How many Americans have been improperly searched?
 
Were any of these Americans subsequently unmasked?
 
Congress should take this report as a sign that a vigorous debate is needed about how FISA is actually working before Section 702 comes up for reauthorization in 2023. A good place to begin would be to require NSA to explain in detail what’s behind its veil of obfuscating language.