Thursday, September 6, 2007

WASHINGTON, DC – Vice Chairman of the Senate Select Committee on Intelligence, U.S. Senator Kit Bond, today stressed the importance of passing comprehensive reform of our nation’s Foreign Intelligence Surveillance Act (FISA).

“It is critical that Congress give our law enforcement and intelligence operators the tools they need to stay ahead of the threats to our homeland,” said Bond. “Congress needs to act and pass a comprehensive legislative fix of FISA.”

Earlier this year the Director of National Intelligence (DNI) Admiral McConnell told Congress that the United States was unable to conduct critical surveillance of foreign terrorists planning to conduct attacks inside the United States because of the outdated FISA law. Bond was the lead sponsor of the legislation to update FISA -- the Protect America Act -- which Congress passed and the President signed into law before the August recess.

Passage of the Protect America Act was essential to national security, but a permanent legislative fix is needed, stressed Bond. The stop-gap legislation passed in July expires in February and did not include comprehensive reform. Bond outlined the next step in updating our nation’s foreign surveillance law in a White Paper distributed to his Senate colleagues today.

Bond’s paper details the key points as Congress moves forward in comprehensive reform to our nation’s foreign intelligence law, including correcting the misinformation about is authorized under the new law. Bond addresses critics’ concerns on a number of issues, including why the legislation is necessary, requiring court approval, and targeting Americans’ communications.

The White Paper is attached and is available on the Senators website at http://www.bond.senate.gov/. ###

FISA Modernization White Paper Senator Christopher S. Bond

Introduction

Given the six-month sunset on the Protect America Act, the Congress needs to act swiftly in a bipartisan manner to develop a bill containing comprehensive Foreign Intelligence Surveillance Act (FISA) modernization provisions. These modernization provisions must address three key areas: (1) targeting foreign persons abroad; (2) FISA streamlining; and (3) carrier liability.

Problem #1—Targeting Foreign Persons Abroad

The Intelligence Community’s declining ability to target foreign persons abroad without a court order has been the primary driver behind the push for FISA modernization. It is, by far, the most complicated of the three problems and requires an understanding of the following subissues: (1) prior court approval; (2) foreign-to-foreign communications; (3) significant contacts with the United States; (4) the definition of “electronic surveillance”; (5) minimization procedures; (6) Section 2.5 of Executive Order 12333; and (7) reporting and auditing requirements. An understanding of these issues allows a more thorough assessment of the various FISA modernization proposals that have been advanced since April 2007.

Prior Court Approval The National Security Agency has been targeting foreign radio communications successfully without prior judicial authorization since its inception in 1952. When FISA was enacted in 1978, nearly all international communications were transmitted via satellite/radio networks. The FISA definition of the term “electronic surveillance” was specifically drafted to exclude the interception of foreign satellite/radio communications of persons outside the United States. “Electronic surveillance” is a legal term of art that is often confusing because it excludes types of electronic surveillance from the technical definition, which in today’s parlance are referred to as “acquisition activities.” Also, FISA contains no geographical restriction on NSA’s ability to conduct its signals intelligence mission against radio communications networks, which means it can acquire radio communications anywhere in the world, including the United States. Thus, as enacted, FISA did not negatively impact NSA’s core ability to collect international communications.

Some recent FISA modernization proposals required prior court approval before an acquisition activity could be initiated against a foreign target overseas. Prior court approval has never been considered desirable or necessary in the context of foreign targets overseas. Moreover, prior judicial review requirements create an inherent risk that gaps in foreign target collection will continue. If the requirements cause too many intelligence resources to be shifted from operational analysis to the FISA application process, then the intelligence gaps will worsen. Conversely, if the court’s scope of review is too narrow, it is likely the Foreign Intelligence Surveillance Court (FISC) would decline to issue an advisory opinion on the legality of the given acquisition activity. Foreign-to-Foreign Communications

A number of proposals purported to solve the problem of targeting foreign persons abroad by including a provision that no court order is required for the electronic surveillance of any communications between persons that are not located within the United States, regardless of whether the communication passes through, or is intercepted within, the United States. Exclusion of foreign-to-foreign communications does not equate to an ability to target foreign persons abroad. The Intelligence Community has been quite clear on this point. NSA lawyers have informed the Congress that there are two main problems with a pure foreign-to-foreign approach. First, it is often not technically possible to identify or separate a target’s foreign-to-foreign communications. This means that NSA would be precluded from collecting any communications in the first instance, because it might inadvertently violate FISA by collecting a call to or from the United States without a court order. Second, in the e-mail context, it is often not possible at the collection phase to determine whether the communication is foreign-to-foreign. Again, NSA would be precluded from collecting any of the target’s e-mail traffic in the first instance, because it might inadvertently violate FISA.

Significant Contacts

A related issue raised in some FISA modernization proposals was a requirement that the government establish guidelines to ensure that FISA electronic surveillance orders are sought on foreign targets outside of the United States when there is reason to believe that a significant number of communications to or from that person involve a person who is in the United States. For operational and legal reasons, the DNI objected to any proposal containing this requirement. The current minimization procedures provide significant protection for any persons in the United States whose communications are incidentally collected. Moreover, if those persons in United States themselves become of investigative interest, then the Intelligence Community will have to seek a FISC electronic surveillance order to target collection on such persons in the United States.

Electronic Surveillance

The DNI has requested that the FISA definition of “electronic surveillance” be modified to allow the targeting of foreign persons abroad, regardless of the communications technology used by the target. This would help clear up some of the “term of art” confusion mentioned earlier. Like the current definition of electronic surveillance with respect to radio communications, a new definition must accomplish the following objectives: (1) the definition should only concern domestic surveillance and exclude the targeting of persons (either U.S. or foreign) located outside the United States; (2) the definition cannot preclude the collection of incidental communications of persons in the United States. To do so would make electronic collection a near impossibility; (3) the definition should prevent any reverse targeting of any person within the United States; and (4) the definition must not contain any geographical restrictions that would prevent the Intelligence Community from using an interception point in the United States to target foreign persons abroad.

Minimization Procedures

The Attorney General has developed different sets of long-standing standard minimization procedures for the FBI, NSA, and CIA. The most relevant minimization procedures for the targeting of foreign persons abroad are found in United States Signals Intelligence Directive (USSID) 18, which has been in effect since at least 1980. These detailed procedures provide significant protections for persons residing within the United States whose communications are collected incidentally during the course of an NSA acquisition activity. Except in emergency situations, these guidelines do not permit the targeting of U.S. persons abroad unless the surveillance is approved by the Attorney General. Thus, the minimization procedures incorporate the long-standing requirement of Section 2.5 of Executive Order 12333. Section 2.5 of Executive Order 12333

During the Congressional debates on the Protect America Act (2007), concerns were raised that the Act could be used to target U.S. citizens abroad. These concerns were based on a reading of certain provisions of the Act in isolation and failed to take into account other provisions which require strict adherence to NSA’s minimization procedures. Under these minimization procedures, NSA may only target a U.S. person abroad for electronic surveillance consistent with the requirements of Section 2.5 of Executive Order 12333 (United States Intelligence Activities). Section 2.5 provides that the Attorney General may authorize electronic surveillance against a U.S. person abroad only upon a probable cause determination that the surveillance is directed against a foreign power or an agent of a foreign power.

The goal of the Protect America Act was to allow the Intelligence Community to collect foreign intelligence information on foreign targets located in foreign countries. There was never any intent to allow the provisions cited by the Act’s critics to be used to target U.S. persons abroad, and the protections of the minimization procedures ensure such intent. To alleviate any concern that FISA modernization is being used as a vehicle to conduct unauthorized electronic surveillance of U.S. persons abroad, it might make sense to incorporate the relevant text of Section 2.5 into any FISA modernization legislation for foreign targeting of U.S. persons—not using a U.S. facility—as the FISC has no jurisdiction to issue a court order. Reporting and Auditing Requirements

A number of the FISA modernization proposals contained reporting requirements and some contained additional auditing requirements. Care must be taken to ensure that such reporting and auditing requirements do not impose unnecessary administrative burdens on the relevant agencies.

Problem #2—FISA Streamlining

On July 22, 2005, the Select Committee on Intelligence released a staff audit of the FISA process. The audit recommended that the contents of FISA applications and court orders for electronic surveillance and physical searches should be modernized and simplified. The ODNI’s April 2007 FISA modernization proposal contained three sections devoted to FISA streamlining. In general, these proposed changes would make the following changes to the application and order requirements for both electronic surveillance and physical search: (1) delete certain requirements in the applications and court orders that have proven to be unnecessary over time; (2) modify requirements to allow for less detailed description of certain items; (3) allow the President to appoint non-Senate confirmed officials to serve as certifying officials; (4) eliminate unnecessary distinctions between foreign power and agent of foreign power applications and orders; and (5) include the Director of the CIA in the list of officials who can request personal review by the Attorney General of a pending FISA application. Ultimately, there is likely to be bipartisan support for most of these changes. While many of these modifications appear to be relatively minor, they will have a positive impact on the workload of the FISC and the Department of Justice’s National Security Division.

Problem #3—Carrier Liability

The issue of retrospective carrier liability must be addressed. There is nearly unanimous agreement that if telecommunications carriers cooperated with the President’s program, as they are alleged to have done so, then they should receive retroactive liability protection. The Chairman and Vice Chairman of the Senate Select Committee on Intelligence (SSCI) have both recognized that full immunity would be necessary not only to protect the companies that may have, allegedly, cooperated in good faith, but to ensure our nation’s secrets regarding methods of surveillance remain classified and are not disclosed in public through civil court cases. I hope that a full immunity carrier liability provision will be included in the SSCI mark of a bipartisan FISA modernization proposal.