Monday, August 06, 2007

FISA Update

So they finally passed something. Most conservatives are still angry about what it took to get us there. I guess I'm not particularly surprised, but for the more moderate, at least it got done.
The crux of the problem is this: Earlier this year, a judge with the special federal intelligence court charged with overseeing FISA ruled part of the Bush administration's terrorist surveillance efforts in effect since 2001 to be illegal (the Bush administration had operated the program separately from FISA, but that changed after the existence of the surveillance program was leaked by the New York Times.) The practical result of this ruling was to block the National Security Agency's efforts to collect information gathered from foreign telephone calls, e-mails and faxes which are routed through fiberoptic connections in the United States. Back in 1978 when Congress passed FISA, telephone calls from Pakistan to Egypt or from Afghanistan to Great Britain weren't routed through servers in this country; today, the odds are such messages would come through the United States. The failure to modernize the law has two primary perverse results: 1) the NSA cuts back on surveillance of terrorist targets, and 2) phone companies become reluctant to respond to intelligence agencies' requests for help for fear of lawsuits from "privacy rights" advocates.
NRO also points out that FISA really is constitutionally questionable.
That task has never been more vital than it is today, when transnational terror networks, seeking access to weapons of enormous power, vow to attack us after killing nearly 3,000 Americans. Yet our defense is hindered by an improvident and outdated legislative scheme, the 1978 Foreign Intelligence Surveillance Act. FISA was an overreaction to Nixon-era abuses, which included employing the CIA to conduct domestic spying on the administration’s political enemies. FISA purports to require that the president, before monitoring foreign communications, satisfy a federal court (specially created by FISA) that there is probable cause to believe the surveillance target is an “agent of a foreign power.”

We say “purports” because FISA is of dubious constitutionality. Foreign-intelligence collection is a plenary executive responsibility that judges are neither constitutionally authorized nor competent to oversee. Further, most of the targets of such surveillance are “non-U.S. persons” — a technical term meaning neither American citizens nor permanent resident aliens. “Probable cause” is a standard intended to prevent domestic law enforcement from breaching, by search or arrest, the privacy rights of American citizens. Most non-Americans, and especially aliens situated overseas, have no constitutional right to, and no expectation of, privacy from monitoring by U.S. intelligence agencies.
I've read some on the topic with the latest agitation, and I still don't see where those who see this as carte blanche for the government to spy on the US citizen get their ideas.

I think Orin Kerr has a good (and brief) review of the legislation.
So what does the legislation do? As I see it, there are three key parts of the new legislation. The first change is a clarification that FISA warrants are not needed for "surveillance directed at a person reasonably believed to be located outside of the United States." That is, if the government is monitoring someone outside the United States from a telecom switch in the U.S., it can listen in on the person's calls and read their e-mails without obtaining a FISA warrant first. The Fourth Amendment may still require reasonableness in this setting when one or more people on the call of e-mail are inside the U.S. or are United States citizens, but there is no statutory warrant requirement.

The second change is a requirement of a formal authorization of a program to do such monitoring. The Director of National Intelligence and the AG have to approve a program (for up to one year) reasonably designed to be limited to the monitoring of persons outside the United States. Those procedures have to be submitted to the FISA court, which then reviews whether the Executive's conclusion that the procedures are reasonably designed to only pick up the communications of people reasonably believed to be outside the U.S. is "clearly erroneous." If the conclusion is clearly erroneous, the court sends them back and tells the Executive to try again. The government can also appeal that determination to the FISA Court of Review and if needed the Supreme Court. I'm not exactly sure, but my sense is that this is a one-size-fits-all order; that is, the one authorization covers all the providers.

The third change -- and probably the most important, albeit something that a lot of people will overlook -- is that ISPs and telcos have to comply with the program. They will get compensation for their time and effort "at the prevailing rate," and they can challenge the legality of the program in the FISA court, but they can't opt out of the program if it is held to be legal. In effect, the government's certification of the program is akin to a court order; it makes the program mandatory instead of optional. So long as the program passes legal muster, the providers have to go along with it; if they refuse to cooperate, the FISA Court can hold them in contempt. (Note that the providers can't be held civilly liable for their mandatory participation in the program, either.)
Read the rest.

No comments: