One of the most sweeping surveillance statutes ever enacted by Congress is set to expire at the end of this year — creating an important opportunity to rein in America’s sprawling surveillance state.

Section 702 of the Foreign Intelligence Surveillance Act permits the U.S. government to engage in mass, warrantless surveillance of Americans’ international communications, including phone calls, texts, emails, social media messages, and web browsing. The government claims to be pursuing vaguely defined foreign intelligence “targets,” but its targets need not be spies, terrorists, or criminals. They can be virtually any foreigner abroad: journalists, academic researchers, scientists, or businesspeople. And in the course of this surveillance, the government casts a wide net that ensnares the communications of ordinary Americans on a massive scale — in violation of our constitutional rights.

American Civil Liberties Union

Stop Mass Warrantless Surveillance: End Section 702

Section 702 of the Foreign Intelligence Surveillance Act allows for blatant abuses of privacy. Tell your representative it must expire.

As Congress debates the reauthorization of Section 702, it’s vital that we tell our representatives in Congress that we want an end to warrantless mass surveillance. Here’s what you need to know to follow the debate and speak up for your right to privacy.

The government conducts at least two kinds of surveillance under Section 702:

PRISM: The NSA obtains communications — such as international messages, emails, and internet calls — directly from U.S. tech and social media companies like Facebook, Google, Apple, and Microsoft. The government identifies non-U.S. person accounts it wishes to monitor, and then orders the company to disclose all communications and data to and from those accounts, including communications with U.S. persons.

Upstream: Working with companies like AT&T and Verizon, the NSA intercepts and copies Americans’ international internet communications in bulk as they flow into and out of the United States. The NSA then searches for key terms, such as email addresses or phone numbers, that are associated with its hundreds of thousands of foreign targets. Communications determined to be to and from those targets — as well as those that happen to be bundled with them in transit — are retained in NSA databases for further use and analysis.

Critically, while Section 702 does not allow the NSA to target Americans at the outset, vast quantities of our communications are still searched and amassed in government databases simply because we are in touch with people abroad. And this is the bait-and-switch: Although the law allows surveillance of foreigners abroad for “foreign intelligence” purposes, the FBI routinely exploit this rich source of our information by searching those databases to find and examine the communications of individual Americans for use in domestic investigations.

The scale of Section 702 has been growing significantly over time, meaning more and more Americans are caught in this net.

When the government first began releasing statistics, after the Snowden revelations in 2013, it reported having 89,138 targets. By 2021, the government was targeting the communications of a staggering 232,432 individuals, groups, and organizations. Although the government often seeks to portray the surveillance as “targeted” and narrow, the reality is that it takes place on a massive scale.

Indeed, the government reported that in 2011, Section 702 surveillance resulted in the retention of more than 250 million internet communications (a number that does not reflect the far larger quantity of communications whose contents the NSA searched before discarding them). Given the rate at which the number of Section 702 targets is growing, it’s likely that the government today collects over a billion communications under Section 702 each year. But these statistics tell only part of the story. The government has never provided data on the number of Americans who are surveilled under PRISM and Upstream, a number that is surely also increasing. That is a glaring gap in its transparency reports.

Although Congress intended Section 702 to be used for counterterrorism purposes, it’s frequently used today to pursue domestic investigations of all kinds. Both the FBI and CIA have access to some of the raw data produced by this surveillance, and they increasingly use that access to examine the private communications of Americans they are investigating — all without a warrant.

FBI agents routinely run searches looking for information about Americans as part of criminal investigations, including those that have nothing to do with national security. Based on transparency reporting, agents have conducted millions of these U.S. person queries — also known as “backdoor searches” — in recent years. The only limitation on backdoor searches is that they must be “reasonably likely” to retrieve foreign intelligence or evidence of a crime.

The standard for conducting backdoor searches is so low that, without any showing of suspicion, an FBI agent can type in an American’s name, email address, or phone number, and pull up whatever communications the FBI’s Section 702 collection has vacuumed into its databases over the past five years. These searches are a free pass for accessing constitutionally protected communications that would otherwise be off-limits to the FBI, unless it got a warrant.

Evidence that agents have refused to comply with this low bar for conducting searches has piled up. Agents have violated the FBI’s own rules over and over, accessing Americans’ private communications without any legitimate purpose. They have dipped into Section 702 data for information about relatives, potential witnesses and informants, journalists, political commentators, and government officials, including a member of Congress.

The Fourth Amendment guarantees the right to be free from unreasonable searches and seizures. Government agents are required to obtain a warrant to access our emails, online messages, and chats. Large-scale, warrantless surveillance of Americans’ private communications is at odds with this basic constitutional principle.

Section 702 also violates the Constitution by inhibiting freedom of speech and association. The reasonable fear that the U.S. government is spying on communications may deter journalists, lawyers, activists, and others from communicating freely on the Internet. We all have a right to exchange messages with our friends, family, colleagues, and clients abroad without worrying that the government is reading over our shoulder.

Because Section 702 is unconstitutional, the ACLU and others have attempted to challenge it in court. But the courts have failed to protect our constitutional rights. Instead, courts have repeatedly dismissed civil cases challenging Section 702 — citing government claims of secrecy — and have declined to rule on claims in criminal cases that the government’s backdoor searches violate the Fourth Amendment. This year, we brought one of these cases to the Supreme Court, but it refused to consider it.

American Civil Liberties Union

U.S. Supreme Court Declines to Hear Wikimedia Foundation’s Challenge to NSA Mass Surveillance | American Civil Liberties Union

Wikimedia Foundation, ACLU, and Knight Institute Call on Congress to Limit the NSA’s Surveillance of Internet Communications

Given the courts’ inaction, it is up to Congress to stand up for our rights. Fifteen years ago, Congress enacted Section 702. Members of Congress should not vote to renew this law without fundamental reforms to protect Americans’ privacy.

These reforms should include:

1. Putting an end to rampant backdoor searches of Americans by requiring agents to obtain a warrant before searching Section 702 databases for an American’s private information.
2. Narrowing the scope of Section 702 surveillance by imposing stricter rules on who the government can “target,” thereby limiting the number of Americans whose communications are swept up in the course of this spying.
3. Limiting how long the government can retain information collected under Section 702 and how the NSA shares that information with other agencies.
4. Ensuring that the government notifies individuals when Section 702 information is used against them in court and provides those individuals with sufficient information to obtain full and fair court review.
5. Increasing transparency about the number of Americans’ communications searched and collected through Section 702 surveillance.

Beyond reforming Section 702 itself, Congress should also adopt broader safeguards that protect Americans in the face of bulk surveillance and strengthen court oversight when the government engages in spying for intelligence purposes.

Over the next year, the ACLU will be seizing on this moment to press Congress to reclaim our privacy rights. We invite you to join us by sending a message to your representatives now.

The Washington Post reported last month on a conservative Catholic group that spent millions of dollars to buy location data from a private-sector data broker in order to identify gay priests and report them to their bishops. This is a story every American should be aware of — and not just because of how it affected those priests.

You don’t need to share the faith of those facing deeply personal conflicts between their faith and their sexuality to have sympathy for those men, and revulsion at the activists who took it upon themselves to pry into their personal lives out of some twisted homophobic zeal. An excellent 2019 work of reporting in the New York Times explored the anguish and struggles of many such priests.

But neither do you have to be someone facing such a conflict — or any person who needs some private space to grapple with their sexual or gender identity — to worry about the sorry state of privacy that made these vigilante investigations possible.

As a result of Congress’s failure to enact overarching privacy protections, combined with unethical practices by many companies, we’re in a world where location data is collected about a significant proportion of us without our knowledge or permission, and bought and sold by a multibillion-dollar ecosystem of companies that specialize in such data. According to the Post:

One report prepared for bishops says the group’s sources are data brokers who got the information from ad exchanges, which are sites where ads are bought and sold in real time, like a stock market. The group cross-referenced location data from the apps and other details with locations of church residences, workplaces, and seminaries to find clergy who were allegedly active on the apps…

 

Although no names were in the original data from brokers, it included enough identifying details and location pings that the group was able to analyze it for specific locations and narrow down likely people using the apps…

 

The group also focused on devices that spent multiple nights at a rectory, for example, or if a hookup app was used for a certain number of days in a row in some other church building, such as a seminary or an administrative building.

Gay priests are far from the only ones who want to keep elements of their sexual lives private. How many other people could be harmed by the use of location data by various busybodies, moral crusaders, political rivals, or other enemies? Anti-abortion activists are already trying to use private data against those seeking reproductive health care. And think of someone running for office, embroiled in a local homeowner’s association fight, or battling with a neighbor over a zoning law. Any of those people could find themselves subject to such investigations. As the historian Henry Steele Commager once observed, there’s nothing as nasty as a good, local school fight.

And even though few such antagonists are likely to pursue such a strategy, everyone has to worry that somebody will. Aside from any direct harm suffered by the victims of data vigilantes, we are all affected by the chill that comes from living in a society where insufficient legal protections make such things possible. It’s not just the intense harm to the people directly affected, it’s also the more subtle harm to all of us who then become rationally paranoid and must live with that fear.