There are two primary types of electronic surveillance – Title III and FISA.
Title III of The Omnibus Crime Control and Safe Streets Act of 1968 (Wiretap Act) is directed towards U.S. Citizens.
Title III (not to be confused with FISA Title III) requires Federal, state and, other government officials to obtain judicial authorization for intercepting “wire, oral, and electronic” communications such as telephone conversations and e-mails. It also regulates the use and disclosure of information obtained through authorized wiretapping.
A primary condition for granting Title III surveillance is probable cause to believe the target has committed, is committing, or is about to commit an enumerated crime.
There must also be probable cause to believe that communications concerning the offense will be obtained by surveillance, probable cause to believe that facilities to be surveilled are being used in connection with the offense, and;
Normal investigative techniques have been tried and failed – or appear unlikely to succeed if tried.
FISA Surveillance is a bit more complicated. Which makes FISA more susceptible to manipulation and abuse.
Some FISA terms:
- FISA – Foreign Intelligence Surveillance Act of 1978.
- FISC – Foreign Intelligence Surveillance Court – synonymous with FISA Court.
- FISA Title I – Electronic surveillance of persons within the United States.
- FISA Title III – Physical searches of premises or property within the United States.
- Title VII – Surveillance of Foreign Persons outside the United States. Contains Section 702. Title VII is effectively synonymous with Section 702.
- Section 702 – Subsection of Title VII – Procedures for surveillance of Foreign Persons outside the United States. Section 702 is effectively synonymous with Title VII.
- Incidental Collection – U.S. Citizen caught up in the process of Foreign Surveillance.
- “To” or “From” – A search query based on communications “To” and/or “From” surveillance target.
- “About” – A search query based on communications containing a reference “About” surveillance target – but is not “To” or “From” target.
There are three general types of FISA surveillance:
- Title I FISA Surveillance – known as Traditional FISA surveillance.
- Title III FISA Surveillance – known as Traditional FISA surveillance.
- Title VII FISA Surveillance – commonly referred to as Section 702 surveillance.
FISA Title I and III provisions relate to the conduct of electronic surveillance and physical searches for foreign intelligence purposes of persons, facilities, or property inside the United States.
- FISA Title I provides for electronic surveillance of persons within the United States.
- FISA Title III provides for physical searches of premises or property within the United States.
FISA Title I and Title III surveillance require there be probable cause to believe the proposed target is a foreign power or an agent of a foreign power and that the facility (can be a phone number) or place is – or is about to be – used by that target.
FISA Title I and III surveillance require formal approval from the Foreign Intelligence Surveillance Court (FISC) – also known as the FISA Court.
Carter Page, a U.S. citizen, was surveilled under FISA Title I. The FBI used the Steel Dossier to portray Page as “an agent of a foreign power” – specifically Russia – to the FISA Court.
The FBI obtained one initial FISA warrant on Carter Page and three subsequent renewals from the FISA Court.
Title VII of the FISA Act provides for the most common type of FISA surveillance.
Surveillance under Section 702.
Section 702 permits the government to target for surveillance foreign persons located outside the United States for the purpose of acquiring foreign intelligence information.
Oversight of Section 702 collection is conducted by the FISA Court, which reviews the government’s Section 702 certifications, targeting procedures and minimization procedures for compliance with statutory and Fourth Amendment requirements.
The DOJ’s National Security Division (NSD) maintains oversight of the Intelligence Agencies (such as the FBI) use of Section 702 authority. The NSD and the Office of the Director of National Intelligence (ODNI) jointly conduct reviews of the Intelligence Agencies Section 702 activities every 60 days.
The NSD – with notice to the ODNI – is required to report any incidents of Agency noncompliance or misconduct to the FISA Court.
Unlike Title I and Title III FISA surveillance, Section 702 collection is not subject to individual formal FISA Court approvals.
Due to frequency of collection, instead of issuing individual court orders, the FISC approves annual certifications submitted by the Attorney General and the Director of National Intelligence that specify categories of foreign intelligence information the government is authorized to acquire pursuant to Section 702.
Some generalized requirements:
- All acquisitions must be consistent with the Fourth Amendment.
- A significant purpose of any acquisition must be to obtain foreign intelligence information.
- The government may not intentionally target a U.S. person anywhere in the world.
- The government may not intentionally target any person known at the time of acquisition to be in the United States – FISA Title I and III are to be used.
- The government may not target someone located outside the United States for the purpose of targeting a particular, known person in this country or any U.S. person (reverse targeting).
- The government may not target for acquisition “any communication as to which the sender and all intended recipients are known at the time of the acquisition” to be in the United States.
- Section 702 should not involve bulk collection and – in theory – should not result in “mass” surveillance.
The Attorney General and the Director of National Intelligence must also certify that Intelligence Community elements will follow targeting procedures and minimization procedures that are approved by the FISC as part of the annual certification.
In practice, these annual certifications are the responsibility of the National Security Division.
Targeting procedures are designed to ensure that only foreign persons located outside the U.S. are targeted for foreign intelligence collection purposes. Minimization procedures are intended to protect any U.S. person information that is incidentally acquired in the course of Section 702 collection.
A foreign person who has been targeted for collection under FISA Section 702 may communicate with, or discuss information concerning, a U.S. person. This is considered “incidental” collection as the U.S. person was not the target of collection.
FISC approved minimization procedures regulate the retention and dissemination of information concerning U.S. Persons, including who may receive such information and how it is handled.
The government’s minimization procedures are intended to restrict the ability of analysts to query the databases that hold “raw” Section 702 information (i.e., where information identifying a U.S. person has not yet been minimized for permanent retention) using an identifier, such as a name or telephone number, that is associated with a U.S. person.
Generally, queries of raw content are only permitted if they are reasonably designed to identify foreign intelligence information, although the FBI may also conduct such queries to identify evidence of a crime.
The Department of Justice and Office of the Director of National Intelligence are required to review the Intelligence Agencies’ U.S. person queries of content to ensure the query satisfies the legal standard. Any Agency violations must be reported to the FISA Court.
In practice, the DOJ’s National Security Division has primary responsibility for review and oversight of Intelligence Agencies use of Section 702 data.
Despite supposed protections, the FBI’s ability to access the NSA’s database using U.S. person search queries is a major area of concern and abuses have been previously identified.
Data collected ‘incidentally” on U.S. Citizens is generally not destroyed. When the U.S. government targets someone abroad, it is not required to discard the incidentally collected communications of U.S. persons if authorities conclude that those conversations constitute foreign intelligence. Instead it is “minimized”.
Querying databases containing Section 702 information does not result in any new acquisition of data; it is instead an examination or re-examination of previously acquired information.
Most Section 702 collection involves the government acquiring data from the company providing the electronic communication service to the user – known as downstream collection.
In downstream surveillance, U.S. intelligence agencies go directly to companies like Google and Facebook and force the companies to turn over communications to and from identified selectors. The companies are then prohibited from telling their users that their data has been turned over to the government.
However, some of NSA’s Section 702 collection has been obtained via “upstream” collection, in which the NSA obtains communications directly from the Internet backbone, with the compelled assistance of companies that maintain those networks.
In simple parlance, upstream surveillance means the NSA effectively taps into the high capacity fiber optic cables that carry Internet traffic and copy all of the data flowing through those cables.
The agency is then supposed to filter out any communications that are “wholly domestic” – communications between Americans located in the U.S.
Once the NSA has supposedly filtered out the domestic communications, the NSA can then search the data using “To”, “From” or “About” queries on a target of Section 702 collection.
“About” queries are particularly worrisome.
They occur when the target is neither the sender nor the recipient of the collected communication – but the target’s tasked selector, such as an email address, is being passed between two other communicants.
“About” queries were halted by NSA Director Mike Rogers on October 20, 2017. This was formally announced on April 28, 2017:
NSA has decided that its Section 702 foreign intelligence surveillance activities will no longer include any upstream internet communications that are solely “about” a foreign intelligence target. Instead, this surveillance will now be limited to only those communications that are directly “to” or “from” a foreign intelligence target.
As part of this curtailment, NSA will delete the vast majority of previously acquired upstream internet communications as soon as practicable.
It’s likely that “About” queries will be reinstated in the relatively near future – after additional “safeguards” are put in place.
The U.S. Supreme Court has held that the Fourth Amendment protection against unreasonable search and seizure extends to the interception of communications and applies to all conversations where an individual has a reasonable expectation of privacy.
Which is why these supposed safeguards are in place.
FISA surveillance has provided meaningful intelligence – but it has also produced meaningful abuses. Information lies within the NSA Database, subject to simple queries.
This post is not meant to be an examination or critique of the legal or ethical justifications for FISA surveillance.
It’s the result of what was originally intended to be a much smaller discussion – contained within a related article – that grew long enough to stand as its own piece.
It is intended to be explanatory in nature and serve as a backdrop to understanding the real FISA abuses that occurred between November 2015 and April 18, 2016.
I originally explored FISA violations by the FBI in The Uncovering – Section 702 “About” Queries & Independent Contractors.
A FISA Q&A from the DNI can be found here.