A Quick Guide to the Laws Governing NSA Surveillance

September 19, 2013

By Elizabeth

As we’ve shared in previous posts, the AALL Government Relations Office (GRO) has been working closely with key allies on Capitol Hill to support several Congressional efforts for greater transparency, privacy protections, and government oversight in the wake of the recent revelations about the National Security Agency’s (NSA) domestic surveillance programs.

We now know the NSA gathers intelligence under Section 702 of the FISA Amendment Act, and declassified court opinions show the NSA gathers tens of thousands of “domestic communications” by and from Americans in its normal gathering of foreign communications. Under Section 215 of the USA PATRIOT Act, the NSA also performs bulk collection of telephone metadata.

What are the differences between Sections 702 and 215 and how are they being used to conduct surveillance? While we haven’t learned much about the FISC’s legal interpretation of these two key provisions, here’s a brief guide to what we do know: 

Section 702

Title VII, Section 702 of the Foreign Intelligence Surveillance Act (FISA), “Procedures for targeting certain persons outside the United States other than United States persons” (50 USC § 1881a)

  • Allows for targeting of communications of foreign persons located abroad for foreign intelligence purposes
  • Must have appropriate and documented foreign intelligence purpose for the acquisition and foreign target must be reasonably believed to be outside the United States
  • Cannot be used to intentionally target any U.S. citizen, or any other U.S. person, or to intentionally target any person known to be in the United States; cannot be used to target a person outside the United States if the purpose is to acquire information from a person inside the United States
  • Subject to annual review of “certifications” jointly submitted by U.S. Attorney General and Director of National Security which define the categories of foreign actors that may be targets and include specific targeting and minimization procedures
  • Department of Justice and Office of the Director of National Intelligence conduct on-site reviews of targeting, minimization, and dissemination decisions at least every 60 days

Section 215

Section 215 of the USA PATRIOT Act of 2001, which amended Title V, Section 501 of the Foreign Intelligence Surveillance Act (FISA), “Access to Certain Business Records for Foreign Intelligence and International Terrorism Investigations” (50 USC § 1861)

  • Used to justify collection of telephone metadata; does not acquire content communication, the identity of any party to communication, or any cell-site locational information
  • Metadata stored in repositories within secure networks, must be uniquely marked, and can only be accessed by a limited number of authorized personnel; metadata not reviewed and minimized must be destroyed within 5 years
  • Metadata may be queried only when there is reasonable suspicion, based on specific and articulated facts, that identifier used as basis for query is associated with specific foreign terrorist organizations; basis must be documented in writing in advance
  • Government must file report describing  implementation of the program to FISC every 30 days, including application the Reasonable Articulable Suspicion (RAS) standard, number of approved queries and the number of instances that query results that contain U.S. person information were shared outside of NSA
  •  FISC reviews and must reauthorize the program every 90 days

Stayed tuned to the Blawg for the updates on our efforts and visit our 113th Congress Bill Tracking Chart for the latest progress on pending legislation.

House Oversight Hearing is Renewed Call for Records Management

September 11, 2013

By Elizabeth

Yesterday, the House Oversight and Government Reform Committee (HOGR) again turned its focus to federal records and transparency laws in a hearing titled “Preventing Violations of Federal Transparency Laws.”  Witnesses included four current and former senior administration officials who have been publicly linked to compliance problems for their use of personal or nonofficial email accounts to conduct official business. Archivist of the United States David Ferriero also testified.

The hearing raised important questions about agency compliance with the Federal Records Act and Presidential Records Act, especially in light of President Obama’s 2011 Memorandum on Managing Government Records and subsequent Managing Government Records Directive to modernize records management policies and practices in the digital age. The Directive requires agencies to transition to electronic recordkeeping “to ensure transparency, efficiency and accountability” and sets forth concrete steps and actions for agencies to take under a broad timeline. It also requires that records officers obtain additional training and establishes a formal records management occupational series to raise the profile of records managers.

The recently released 2012 agency Records Management Self-Assessments (RMSA) show some progress in meeting the Directive deadlines; while the majority of agencies still score in the Moderate to High Risk categories for compliance with statutory and regulatory records management requirements, the National Records and Archives Administration (NARA) reports that there is movement upward in scores within these categories. Agencies have increased their permanent electronic records transfer activity using NARA’s the Electronic Records Archives, and many agency records management staff now report participating in the design and development of electronic systems. More than two-thirds of agencies report taking steps to improve the integrity and usability of electronic records, including designating an agency official at the assistant secretary level to take responsibility for records management. Still, agencies’ approaches to preserving their official electronic records are inconsistent at best.

In his testimony, former White House Chief Technology Officer Andrew McLaughlin wrote, “Government recordkeeping now confronts an era in which employees have a vastly expanded, and expanding, menu of personal and social communication channels.”  With personal email addresses, social networking sites, and the ability—or necessity— to work from home on nights and weekends, agency staffs are facing new questions about proper recordkeeping in the digital age. Many of the witnesses in yesterday’s hearing pointed to a lack of training on proper recordkeeping practices and cited technological challenges for their misconduct. Ferriero recognized the “challenges we all face in managing the vast and growing numbers of email records” in his testimony and appealed for a new “culture around records” with agency compliance becoming a top priority.

HOGR has reported favorably two bills (H.R. 1233 and H.R. 1234) introduced by Ranking Member Elijah Cummings (D-Md.) to update the Federal Records Act and Presidential Records Act and promulgate regulations governing federal agency preservation of electronic messages. AALL has long been concerned about the lack of adequate records management, particularly of electronic records, and urges Congress to support these bills. We commend the Obama administration and NARA for taking proactive steps to fix a broken and oft-neglected records management system, but urge a renewed focus on full agency compliance.

September Washington E-Bulletin

September 4, 2013

The September issue of the Washington E-Bulletin is now available on AALLNET.


Vol. 2013, Issue 09





%d bloggers like this: