A law the government cites as authority for the bulk collection of millions of Americans’ communications records---Section 215 of the PATRIOT Act---expires unless Congress extends it by Memorial Day weekend.
The Center for Democracy & Technology, and other public interest groups, believes that Sec. 215 should sunset unless it is reformed to stop nationwide surveillance dragnets. What would happen to domestic bulk collection if Sec. 215 sunsets?
The Current Sec. 215: Enabler of Dragnets
Sec. 215 of the PATRIOT Act gives the government power to collect a broad array of records at a very low standard. While Sec. 215 can be used for targeted surveillance in legitimate circumstances, the law has also been warped to justify domestic surveillance on a massive scale.
The Snowden disclosures revealed that the government interprets Sec. 215 to authorize the bulk collection of private records about all Americans. For example, the FBI currently uses Sec. 215 to force major American telecom companies to provide the NSA with the phone call records (who called whom, when, and for how long) of millions of Americans, with no connection to a crime or terrorism, on a daily basis. This program continues to this day.
The Department of Justice has also argued the government can use Sec. 215 to collect in bulk any records showing relationships among people. Such records would include the email logs, cell phone locations, and financial transactions of the entire nation.
The government’s use of Sec. 215 for bulk collection caused a national outcry. Civil society groups and oversight bodies labeled the phone record dragnet program illegal and ineffective in foiling terrorist plots or identifying suspects. The author of the PATRIOT Act, Rep. James Sensenbrenner, stated that Dept. of Justice’s interpretation of Sec. 215 was contrary to Congressional intent (though there is a dispute regarding whether Sensenbrenner was aware of DOJ’s interpretation prior to the Snowden disclosures).
The PATRIOT Act had a built-in protection against abuse of Sec. 215 – Congress scheduled Sec. 215 authority to revert to its pre-PATRIOT state unless reauthorized by June 1, 2015.
Before the PATRIOT Act
Before the PATRIOT Act, the government’s authority to obtain business records for national security surveillance was more focused. The Foreign Intelligence Surveillance Act (FISA), as amended, authorized the government to obtain business records related to travel, lodging and storage. In contrast, Sec. 215 of the PATRIOT Act puts virtually no restriction on the types of records the government may obtain.
In addition, prior to the PATRIOT Act, FISA required that the records sought pertained to a “foreign power” or an “agent of a foreign power,” such as a foreign spy or an international terrorist group. Such individuals were rarely Americans. In contrast, Sec. 215 of the PATRIOT Act only required that the records be relevant to a national security investigation, which made surveillance under Sec. 215 much more likely to sweep up Americans.
Status of Bulk Collection if Sec. 215 Sunsets
If Sec. 215 sunsets, bulk collection programs such as the dragnet of Americans’ phone records could continue for two reasons.
First: The Sec. 215 sunset provision permits surveillance programs for investigations that began before the sunset to remain in place. The government could argue this allows it to continue with existing bulk collection programs to further broad investigations into terrorist groups commenced prior to the sunset – and which could endure indefinitely, regardless of the sunset, since the FBI puts no time limit on full investigations.
Second: Even if Sec. 215 were to sunset, the government could use the FISA pen/trap statute – which has a “relevant to an investigation” standard similar to that in Sec. 215 – for domestic bulk collection. The government cited the FISA pen/trap statute as authority for collection of Americans’ email metadata (who emailed who, when) until 2011, before shutting down the program due to lack of effectiveness and resource constraints. The pen/trap statute does not cover as many types of records as Sec. 215, but pen/trap would include phone and Internet communications. Unlike Sec. 215, the FISA pen/trap statute has no sunset.
Sunset of Sec. 215 would prevent new bulk collection programs under Sec. 215, but would not affect current bulk collection programs under Sec. 215, nor prevent bulk collection programs under the FISA pen/trap statute. From the perspective of the intelligence community, a sunset of Sec. 215 would deprive the government of an evidence-gathering tool with many targeted, legitimate uses other than bulk collection.
Absent Reform, Sec. 215 Should Sunset
The more effective solution is not a sunset of Sec. 215, but reforming both Sec. 215 and the FISA pen/trap statute to prohibit bulk collection. Sen. Leahy’s USA FREEDOM Act 0f 2014 would have achieved this goal while preserving the flexibility intelligence agencies need to provide security, but the bill died in the Senate.
CDT believes the NSA’s bulk collection of phone records under Sec. 215 is illegal, overbroad, and unnecessary. We agree with the Privacy and Civil Liberties Oversight Board that allowing the government to routinely collect communications records of the entire nation “fundamentally shifts the balance of power between the state and its citizens.” If Congress fails to end bulk collection or sunset Sec. 215, the intelligence community can claim that nationwide surveillance dragnets have the implicit approval of the legislature and they will become the new normal. If Congress fails to end bulk collection, there would be little holding back the Executive from undertaking new dragnet programs under Sec. 215 that gobble up vast quantities of personal information in addition to phone call records.
We believe Congress should seek to preserve both privacy and national security by reforming Sec. 215 and the FISA pen/trap statute to prohibit bulk collection. However, without reform, Congress should sunset Sec. 215 and work to rebalance our surveillance laws.
Harley Geiger is Advocacy Director and Senior Counsel at the Center for Democracy & Technology (CDT). He works on issues related to civil liberties and government surveillance, computer crime, and cybersecurity. From 2012-2014, Harley served as Senior Legislative Counsel for U.S. Representative Zoe Lofgren of California. There he was the lead staffer for technology and Internet issues, and was instrumental in helping develop Rep. Lofgren’s Internet freedom agenda, including legislation to reform the Foreign Intelligence Surveillance Act, ECPA, the Computer Fraud and Abuse Act, and copyright laws. Harley worked at CDT from 2008-2012 as Staff Attorney and Senior Policy Counsel, focusing on surveillance, consumer privacy, health information technology, and data security.