Written Briefs
The FBI Should Require a Search Warrant
Elizabeth GoiteinSection 702 of the Foreign Intelligence Surveillance Act authorizes warrantless surveillance and therefore may only be targeted at foreigners outside the United States. Over the past 15 years, however, it has become a rich source of warrantless access to Americans’ communications and a powerful domestic spying tool. Congress should put an end to this misuse of the law by requiring the FBI to obtain a warrant or FISA Title I order before searching data obtained under Section 702 for Americans’ communications. [1]
Section 702 was enacted after 9/11 to give the government greater powers to monitor suspected foreign terrorists. It authorizes the government to target almost any foreign person or entity abroad and collect their communications without obtaining any individualized court order. The Foreign Intelligence Surveillance Court (“FISA Court”) approves general procedures for the surveillance, but it has no role in approving individual targets. There are nearly a quarter of a million targets under Section 702.
Although the targets of surveillance must be foreigners abroad, Americans communicate with foreigners, and so the surveillance inevitably sweeps in enormous volumes of Americans’ communications. The government refers to this collection as “incidental.” Were it otherwise—i.e., if the government intended to eavesdrop on these Americans—the government would have to obtain either a warrant (in a criminal investigation) or a FISA Title I order (in a foreign intelligence investigation; such orders are issued by the FISA Court if the government can show probable cause that the American is an agent of a foreign power).
To prevent the government from using Section 702 as an end-run around these constitutional and statutory requirements, Congress required the government to (1) “minimize” the retention and use of this “incidentally” acquired information, and (2) certify annually that it is not using Section 702 to access the communications of particular, known Americans (which would constitute “reverse targeting”).
Despite these protections, the FBI routinely combs through Section 702 data for the express purpose of finding and reviewing Americans’ phone calls, text messages, and emails. In other words, having obtained the data without a warrant by certifying that its intent is not to access the communications of particular, known Americans, the government—once the data is in its hands—regularly runs searches for the communications of particular, known Americans. As I have noted many times, this is a bait and switch that drives a massive hole through the Fourth Amendment. In 2022 alone, the FBI conducted more than 200,000 of these “backdoor searches” (as they are commonly known). [2]
In most cases, the only substantive restriction on these searches is a FISA Court-approved rule that each search must be “reasonably likely” to return foreign intelligence or evidence of a crime. That’s an extremely low bar, and yet, according to the FISA Court, the FBI has engaged in “persistent and widespread violations” of this rule. These violations have included alarming abuses, such as searches for the communications of 141 Black Lives Matter protesters, more than 19,000 donors to a congressional campaign, two members of Congress, and multiple U.S. government officials, journalists, and political commentators, among many others.
After these abuses came to light, the FBI made several changes to its internal procedures in an attempt to bring the bureau into compliance. But those changes proved insufficient. Since their implementation, the government has continued to report FBI violations at a rate of approximately 4,000 per year. And these violations continue to include shocking abuses, such as searches for the communications of a U.S. senator, a state senator, and a state court judge who contacted the FBI to report civil rights violations by a local police chief.
The constitutionality of backdoor searches is unsettled. The FISA Court, which is notoriously deferential to the government, has upheld them, and four district courts have followed the FISA Court’s lead. But the only federal appellate court to squarely address the issue rejected the government’s argument that the warrantless searches are lawful because the information was lawfully collected. A unanimous panel of the Second Circuit noted that, under prevailing case law, “lawful collection alone is not always enough to justify a future search.” The panel held that backdoor searches require a separate Fourth Amendment analysis, and it remanded the case to the district court to perform that analysis. That case is still pending.
Regardless of what the courts ultimately hold, however, Congress has the right and responsibility to protect Americans’ privacy. It should do so by requiring the FBI to obtain a warrant or FISA Title I order before accessing Americans’ communications obtained under Section 702. This notion is neither new nor radical. In 2013, a panel of experts appointed by President Obama—including former acting CIA director Michael Morrell and President George W. Bush’s chief counterterrorism advisor, Richard A. Clarke—unanimously recommended this measure. The House has twice passed such a requirement. And it is the primary reform in the Protect Liberty and End Warrantless Surveillance Act, which passed through the House Judiciary Committee in December by a remarkable bipartisan vote of 35-2.
Requiring a warrant to access Americans’ communications would leave untouched the core of Section 702: the ability to monitor foreign threats. That is where the value of this program overwhelmingly lies. The administration has made a strong case that the collection and review of foreigners’ communications is a critical national security tool. By contrast, according to the Privacy and Civil Liberties Oversight Board, the administration has provided scant evidence of the value of warrantless backdoor searches. It has cited only a handful of cases in which such searches were useful—mostly for the purpose of identifying potential victims of malign foreign activities. In these cases, as the PCLOB chair noted, the government could have obtained the potential victim’s consent or cited exigent circumstances. “Consent” and “exigent circumstances” are among the exceptions to the Fourth Amendment’s warrant requirement that are expressly incorporated into Protect Liberty and End Warrantless Surveillance Act.
In short, requiring the FBI to obtain a warrant or FISA Title I order for backdoor searches is the only way to end documented abuses and vindicate Americans’ constitutional rights while protecting national security.
Footnotes
1 - I also believe the warrant requirement should apply to other agencies that receive and search Section 702 data, but that goes beyond the scope of this argument.
2 - The Office of the Director of National Intelligence has also provided a “de-duplicated” figure of 119,383, which represents the number of unique identifiers used in the searches. The lower number, however, would exclude instances of the same American being subject to multiple searches — e.g., if a person’s communications are searched by different FBI personnel for independent reasons, or on multiple occasions over the course of an investigation to find any new communications — even though each query would represent a distinct privacy intrusion.
The FBI Should Not Require a Search Warrant
Glenn GerstellRequiring the Federal Bureau of Investigation to get a court order before it looks at its own legally acquired information is not just unnecessary, but also and more importantly, dangerous to our national security.
The Facts
Under Section 702 of the Foreign Intelligence Surveillance Act, about 3% of the surveillance targets – approximately 7,900 foreigners [1] and no Americans – were relevant to what the FBI calls a “fully predicated national security investigation” (basically the most serious type of formal investigation). The emails and other communications of only those targets were sent to the FBI for inclusion in its Section 702 computer database. [2] If it has a “specific factual basis” to believe an American individual or entity is the victim or otherwise related to that national security investigation, the FBI can search or “query” that database for that American’s name, email or other identifying information. [3]
Critics have labeled this querying “warrantless surveillance” – but that wrongly insinuates that a warrant might otherwise be legally required. Moreover, querying is not surveillance [4] -- no new communication is being acquired by the government; no behavior is being newly monitored; the government is simply looking at something it lawfully obtained and put in its files. Another myth is that Section 702 allows the FBI to scour vast troves of Americans’ emails to their loved ones, their medical providers, or their religious advisers. [5] None of this is true.
No Court Has Ever Said A Warrant Is Required
Every court to have expressly ruled on whether a warrant is needed for the FBI to query its 702 database for Americans’ information has said there is no such requirement. There is a clear judicial consensus on the point. Indeed, the court most familiar with the specialized nature of these queries, the Foreign Intelligence Surveillance Court (FISC), explicitly rejected any such requirement in separate reviews in 2015, 2018, 2022 and 2023. After noting that two federal district courts had similarly declined to impose a warrant requirement, one Court of Appeals reexamined this issue and stated that the act of querying should entail a separate Fourth Amendment analysis that might trigger a warrant requirement in some situations. But recognizing it did not have enough facts, it declined to rule on the question.[6] Tellingly, the last two reviews of the issue by the FISC afforded it the opportunity to explicitly consider the Court of Appeals discussion, and after reviewing amicus briefs on the very point, it declined both times to follow the Court of Appeals’ analysis.
Requiring a Warrant Requirement Won’t Advance Americans’ Privacy
Americans’ privacy is not being invaded in any meaningful way by FBI queries, even without a warrant. The only emails and communications of an American that are ever included in the FBI’s 702 database are those directly to or from a foreign national security targets. While the number of Americans in contact with ISIS recruiters, Chinese spies or other foreign national security targets under Section 702 is unknown, it must surely be a miniscule fraction of the population.
Recognizing that a warrant is not legally required but still seeking some compromise, a split Privacy and Civil Liberties Oversight Board proposed that after the FBI determined there was a hit in the 702 database, it should obtain a FISC order based on a showing of likely foreign intelligence information (the current standard) before it could access the content. That is mostly privacy theater: A FISC judge is highly unlikely to disbelieve an affidavit that on its face asserts that a query is reasonably likely to retrieve foreign intelligence information.
Yet a more dangerous problem would be created if a new, higher standard for queries was imposed, such as probable cause to believe that the American is an agent of a foreign power or that evidence of a crime will be revealed. That would indeed have the effect of shielding many emails from the FBI, since an agent would rarely be able to establish probable cause at the early stages of an investigation – exactly the point at which the 702 database is used, to find initial connections. But the Bureau would miss opportunities to uncover Americans who might be the victims or targets of foreign espionage or blackmail efforts, or Americans who are engaging with overseas narco-terrorists, for example.
Requiring a Warrant Requirement Won’t Advance Americans’ Privacy
Section 702 has proven vital to defending American companies and individuals from foreign cyberattacks; apparently about half of all FBI queries are cyber-related. A warrant requirement would be devastating to those efforts. In an ongoing cyberattack, queries must often be run within hours, and would rarely reveal the content of Americans’ emails or other communications. Yet requiring a warrant, which would take days to obtain, would render tardy queries useless, and advance no privacy interest at all, since no personal communications content would be involved. The most likely beneficiary of any warrant requirement: a foreign ransomware gang.
Warrant Requirement Will Endanger National Security andTurn Back the Clock on Counterterrorism Efforts
Imposing a requirement to obtain a warrant in the preliminary stages of an investigation -- precisely when the 702 database is most useful [7] – is contrary to the fundamental recommendations of national commissions on 9/11 and Ft. Hood terrorist attacks, which urged federal authorities to quickly “connect the dots” by looking at all information in the hands of the government.
The logistics and volume of requiring a warrant would be a major impediment to that objective. Preparation of an affidavit, internal review, judicial consideration and final issuance of a warrant would consume critical resources and take days or weeks, and might not even be possible if probable cause needed to be established.
A Better Solution Is Available
To ensure that past abuses in FBI querying are not repeated, Congress is now considering a combination of increased oversight, stricter approvals, more audits, restrictions on the number of personnel who conduct queries, and greater training. A thoughtful and tailored approach will provide better safeguards for cybersecurity and national security and Americans’ privacy.
It makes no sense to hobble the universally recognized effectiveness of the Section 702 program with a gratuitous warrant requirement, which will trivially affect the privacy of a tiny group of Americans but endanger the security of all Americans.
Footnotes
1 - For the 12-month period ended February 2023, the most recent such period publicly available
2 - I also believe there should be no warrant requirement for the other agencies that receive and search Section 702 data, but that goes beyond the scope of this argument.
3 - Congress is likely, in one form or another, to eliminate the FBI’s ability to search the database for evidence solely of domestic crimes. This is almost never done anyway, but it makes sense to preclude this type of query, given the foreign intelligence rationale for Section 702
4 - An often-quoted advocate for a warrant requirement claimed that “Section 702 has become a go-to domestic spying tool for the FBI.”
5 - Three members of the Privacy and Civil Liberties Oversight Board ominously noted that “Americans’ communications captured through surveillance can include discussions of political and religious views, personal financial information, mental and physical health information, and other sensitive data.” Undeniably true, but misleading. It would seem unlikely that such sensitive information would be communicated by Americans to foreign national security targets. And if such information was communicated to foreign adversaries, overseas terrorists, international cybercriminals and the like, there arguably is a heightened national security rationale to learn more about such connections, which should outweigh individual privacy concerns in balancing interests to meet the reasonableness test of the Fourth Amendment.
The court stated: “What kinds of querying, subject to what limitations, under what procedures, are reasonable within the meaning of the Fourth Amendment, and when (if ever) such querying of one or more databases, maintained by an agency of the United States for information about a United States person, might require a warrant, are difficult and sensitive questions. We do not purport to answer them here, or even to canvass all of the considerations that may prove relevant or the various types of querying that may raise distinct problems.” US v. Hasbajrami, 945 F.3d 641 at 672-673 (2019) (emphasis added).
The President’s Intelligence Advisory Board recently noted that “U.S. person queries are necessary in order to identify foreign threats to the homeland….A U.S. person query serves as a preliminary exploratory tool to retrieve the most basic data needed to determine whether there is either a threat to a U.S. person or the nefarious involvement of a U.S. person.”
Oral Arguments
Amicus Briefs
Note from the Editor: The Federalist Society takes no positions on particular legal and public policy matters. Any expressions of opinion are those of the author. To join the debate, please email us at [email protected].