November 4, 2015 / by emptywheel

 

The FISA Court’s Uncelebrated Good Points

I’m working on a post responding to this post from Chelsea Manning calling to abolish the FISA Court. Spoiler alert: I largely agree with her, but I think the question is not that simple.

As background to that post, I wanted to shift the focus from a common perception of the FISC — that it is a rubber stamp that approves all requests — to a better measure of the FISC — the multiple ways it has tried to rein in the Executive. I think the FISC has, at times, been better at doing so than often given credit for. But as I’ll show in my larger post, those efforts have had limited success.

Minimization procedures

The primary tool the FISC uses is in policing the Executive is minimization procedures approved by the court. Royce Lamberth unsuccessfully tried to use minimization procedures to limit the use of FISA-collected data in prosecutions (and also, tools for investigation, such as informants). Reggie Walton was far more successful at using and expanding very detailed limits on the phone — and later, the Internet — dragnet to force the government to stop treating domestically collected dragnet data under its own EO 12333 rules and start treating it under the more stringent FISC-imposed rules. He even shut down the Internet dragnet in fall (probably October 30) 2009 because it did not abide by limits imposed 5 years earlier by Colleen Kollar-Kotelly.

There was also a long-running discussion (that involved several briefs in 2006 and 2009, and a change in FISC procedure in 2010) about what to do with Post Cut Through Dialed Digits (those things you type in after a call or Internet session has been connected) collected under pen registers. It appears that FISC permitted (and probably still permits) the collection of that data under FISA (that was not permitted under Title III pen registers), but required the data get minimized afterwards, and for a period over collected data got sequestered.

Perhaps the most important use of minimization procedures, however, came when Internet companies stopped complying with NSLs requiring data in 2009, forcing the government to use Section 215 orders to obtain the data. By all appearances, the FISC imposed and reviewed compliance of minimization procedures until FBI, more than 7 years after being required to, finally adopted minimization procedures for Section 215. This surely resulted in a lot less innocent person data being collected and retained than under NSL collection. Note that this probably imposed a higher standard of review on this bulky collection of data than what existed at magistrate courts, though some magistrates started trying to impose what are probably similar requirements in 2014.

Such oversight provides one place where USA Freedom Act is a clear regression from what is (today, anyway) in place. Under current rules, when the government submits an application retroactively for an emergency search of the dragnet, the court can require the government to destroy any data that should not have been collected. Under USAF, the Attorney General will police such things under a scheme that does not envision destroying improperly collected data at all, and even invites the parallel construction of it.

First Amendment review

The FISC has also had some amount — perhaps significant — success in making the Executive use a more restrictive First Amendment review than it otherwise would have. Kollar-Kotelly independently imposed a First Amendment review on the Internet dragnet in 2004. First Amendment reviews were implicated in the phone dragnet changes Walton pushed in 2009. And it appears that in the government’s first uses of the emergency provision for the phone dragnet, it may have bypassed First Amendment review — at least, that’s the most logical explanation for why FISC explicitly added a First Amendment review to the emergency provision last year. While I can’t prove this with available data, I strongly suspect more stringent First Amendment reviews explain the drop in dragnet searches every time the FISC increased its scrutiny of selectors.

In most FISA surveillance, there is supposed to be a prohibition on targeting someone for their First Amendment protected activities. Yet given the number of times FISC has had to police that, it seems that the Executive uses a much weaker standard of First Amendment review than the FISC. Which should be a particularly big concern for National Security Letters, as they ordinarily get no court review (one of the NSL challenges that has been dismissed seemed to raise First Amendment concerns).

Notice of magistrate decisions

On at least two occasions, the FISC has taken notice of and required briefing after magistrate judges found a practice also used under FISA to require a higher standard of evidence. One was the 2009 PCTDD discussion mentioned above. The other was the use of combined orders to get phone records and location data. And while the latter probably resulted in other ways the Executive could use FISA to obtain location data, it suggests the FISC has paid close attention to issues being debated in magistrate courts (though that may have more to do with the integrity of then National Security Assistant Attorney General David Kris than the FISC itself; I don’t have high confidence it is still happening). To the extent this occurs, it is more likely that FISA practices will all adjust to new standards of technology than traditional courts, given that other magistrates will continue to approve questionable orders and warrants long after a few individually object, and given that an individual objection isn’t always made public.

Dissemination limits

Finally, the FISC has limited Executive action by limiting the use and dissemination of certain kinds of information. During Stellar Wind, Lamberth and Kollar-Kotelly attempted to limit or at least know which data came from Stellar Wind, thereby limiting its use for further FISA warrants (though it’s not clear how successful that was). The known details of dragnet minimization procedures included limits on dissemination (which were routinely violated until the FISC expanded them).

More recently John Bates twice pointed to FISA Section 1809(a)(2) to limit the government’s use of data collected outside of legal guidelines. He did so first in 2010 when he limited the government’s use of illegally collected Internet metadata. He used it again in 2011 when he used it to limit the government’s access to illegally collected upstream content. However, I think it likely that after both instances, the NSA took its toys and went elsewhere for part of the relevant collection, in the first case to SPCMA analysis on EO 12333 collected Internet metadata, and in the second to CISA (though just for cyber applications). So long as the FISC unquestioningly accepts EO 12333 evidence to support individual warrants and programmatic certificates, the government can always move collection away from FISC review.

Moreover, with USAF, Congress partly eliminated this tool as a retroactive control on upstream collection; it authorized the use of data collected improperly if the FISC subsequently approved retention of it under new minimization procedures.

These tools have been of varying degrees of usefulness. But FISC has tried to wield them, often in places where all but a few Title III courts were not making similar efforts. Indeed, there are a few collection practices where the FISC probably imposed a higher standard than TIII courts, and probably many more where FISC review reined in collection that didn’t have such review.

Copyright © 2015 emptywheel. All rights reserved.
Originally Posted @ https://www.emptywheel.net/2015/11/04/the-fisa-courts-uncelebrated-good-points/