The News
Recent changes by the Federal Bureau of Investigation appear to have significantly improved compliance with rules limiting when agents may access communications intercepted under the Foreign Intelligence Surveillance Act, according to data from the bureau’s auditing office.
In the year before the changes were enacted, about 18 percent of queries, or database searches, lacked sufficient justification or were improperly defined, according to the office’s survey of a sampling. In a nine-month period after the changes, about 4 percent failed to comply with rules, the bureau said.
The study scrutinized queries of intercept data collected under two different programs. The first, traditional FISA intercepts, involves individual court orders that approve targeting people on domestic soil under a 1978 law. The second, so-called Section 702 intercepts, involves the warrantless surveillance of foreigners abroad under amendments to FISA that Congress enacted in 2008.
Why It Matters
The F.B.I. is trying to persuade Congress that it can be trusted with national-security surveillance powers. In 2019, an inspector general found that the F.B.I. had botched applications to obtain FISA orders from a court targeting a former adviser to the 2016 Trump campaign, Carter A. Page, during the Russia investigation.
The reason for its push is that Section 702 is set to expire at the end of 2023 unless Congress enacts new legislation to extend it. Lawmakers renewed it in 2012 and 2018, but it is expected to face steeper hurdles this cycle. Civil-liberties advocates who have long disliked the law have been joined this time by Republicans who share former President Donald J. Trump’s hostility to the F.B.I. and surveillance.
While Section 702 surveillance is different from the type of FISA that the F.B.I. used to get court orders to eavesdrop on Mr. Page, lawmakers have conflated the two.
Background
After the inspector general’s findings in 2019, the F.B.I. under the Trump administration instituted several changes, including by creating an Office of Internal Auditing.
Around the same time, the Foreign Intelligence Surveillance Court was scolding the F.B.I. over findings that officials had violated limits on when agents may query Section 702 intercepts about Americans. They can only do so when there is a reason to believe the search will return foreign intelligence or evidence of a crime, but had sometimes done so for other purposes, like vetting maintenance workers for bureau facilities.
In 2021, the bureau further changed its FISA practices ahead of the expected legislative fight over extending Section 702. For one, its computer systems now exclude both types of raw FISA information by default when agents are searching various databases, unless they choose to include them. It also bolstered training about the rules.
A report last month said the number of identifiers of Americans — like a name or email address — used by the F.B.I. to query the Section 702 repository fell sharply as a result, from nearly three million in 2021 to 119,383 last year.
The new report, based on samples of certain categories, suggested that the rate of problematic queries of both types of FISA intercepts has also dropped sharply.
In a background briefing with reporters, a senior F.B.I. adviser, speaking on the condition of anonymity, characterized the report as “important and significant.” But some privacy advocates who want Congress to impose a warrant requirement before the F.B.I. may query Americans’ information in the Section 702 repository expressed skepticism that the recent changes went far enough.
Elizabeth Goitein of the Brennan Center for Justice at New York University School of Law said that given the large total number of queries for Americans’ information, even a 4 percent failure to meet the standards means a “a shocking number of violations.”
What’s Next
The senior F.B.I. adviser also said the bureau intended to go further. The auditors made 11 recommendations to Christopher A. Wray, the F.B.I. director, who ordered the bureau to comply, the official said.
The changes include requiring F.B.I. officials to keep a contemporaneous record of why each query they make complies with standards, and to develop a system for continuous auditing of such queries.
In the meantime, as members of Congress debate whether to enact legislation extending Section 702, they are also weighing whether to also impose new limits on either or both types of FISA surveillance.
