The PATRIOT Act has threatened our privacy rights since Congress rushed to pass it after the 9/11 attacks. We still lack necessary privacy protections despite surveillance reforms passed in the years since. With three of the most problematic provisions set to expire on March 15, People For the American Way and allied organizations argue that it’s time for Congress to put in place meaningful privacy safeguards. The Safeguarding Americans’ Private Records Act is a critical starting point, and we’re urging members of Congress to cosponsor this legislation. You can download our coalition letter here.

Dear Representatives and Senators,

The undersigned organizations represent tens of millions of constituents from across the country and the political spectrum. We write to endorse the Safeguarding Americans’ Private Records Act of 2020 (SAPRA) and urge your office to cosponsor this important piece of legislation. The bill would significantly reform the Foreign Intelligence Surveillance Act (FISA), including Section 215 of the USA PATRIOT Act/USA FREEDOM Act (50 U.S.C. § 1861). As Congress debates reauthorization of the three surveillance authorities scheduled to sunset on March 15, 2020, it is critical that it take this opportunity to enact substantial reforms.

The PATRIOT Act has posed a threat to Americans’ privacy rights since it was rushed through Congress in the days following the 9/11 attacks. That was over 18 years ago, but it has since been used to conduct surveillance resulting in some of the worst privacy abuses in our nation’s history. Past reform efforts, including the USA FREEDOM Act, have still left intrusive and discriminatory surveillance systems in place that lack necessary protections for individual rights. The Safeguarding Americans’ Private Records Act offers critical safeguards to protect people in the United States from overbroad surveillance.

Background

The USA PATRIOT Act of 2001 provided intelligence agencies with overly broad powers to engage in surveillance. In addition, these agencies have been repeatedly caught unlawfully surveilling innocent people in the United States at a staggering scale.¹ In 2015, Congress enacted the USA FREEDOM Act in an effort to rein in the government’s surveillance practices. This included replacing the bulk phone records program that the National Security Agency (NSA) had operated illegally for many years.²

Specifically, the USA FREEDOM Act added new subsections to Section 215—which has for many years allowed the government to collect business records (such as financial records)—to create a new authority permitting the collection of Call Detail Records (CDRs). This Section 215 CDR program is narrower than the former bulk program, but still permits overly broad and privacy-invasive collection of phone records. Among other concerns, the replacement program still permits surveillance to span “two hops” from the intended target, implicating millions of people who were never even suspected of wrongdoing.³ In 2018, under this current Section 215 CDR program, the government still collected over 434 million records relating to over 19 million phone identifiers, despite having only 11 targets.⁴

The government recently shuttered the CDR program due to admittedly unlawful over-collection of records,⁵ however its statutory authority remains in place.⁶ Like its predecessors, the Section 215 CDR program was never shown to offer meaningful intelligence value and was repeatedly misused.⁷ SAPRA would eliminate this dangerous authority for good.

Problems with FISA are not exclusive to the CDR program. Late last year, the FISA Court found stunning misuses of Section 702, reflecting “fundamental misunderstandings” about the lawful use of that authority.⁸ And the recently released Department of Justice Inspector General’s report found significant problems in both the FISA application process and the supervision of that process, including a previously unknown instance of an FBI lawyer altering an email in a way that made further surveillance of Carter Page more likely.⁹ The instances of abuse uncovered are all the more worrisome given that the Page investigation was certain to be among the most closely scrutinized in modern history.

The Safeguarding Americans’ Private Records Act would put in place critical safeguards to improve FISA and protect privacy rights

The Safeguarding Americans’ Private Records Act would take the critical first step of repealing the statutory authority for the shuttered Section 215 CDR Program, which is a necessary but not alone sufficient reform to include in any reauthorization bill.¹⁰ This legislation has earned our support, and deserves yours, because that repeal is packaged with other reforms that significantly amend traditional Section 215 orders and other intelligence collection laws to:

• Protect sensitive location information with a warrant standard, clarifying that the Constitutional standards established by the Supreme Court’s decision in Carpenter v. United States also apply in the FISA context;
• Protect internet browsing and search history with a warrant standard;
• Ensure Section 215 cannot be used to warrantlessly acquire information that would require a warrant in the criminal context;
• Require Section 215 be used only for records that directly or indirectly relate to an agent of a foreign power or suspected agent of a foreign power;
• Require the government to demonstrate to the FISA Court that there are reasonable grounds for gagging the recipient of a Section 215 order;
• Prohibit the indefinite retention of irrelevant records;
• Permit the FISA Court to review the government’s compliance with minimization procedures, which govern the retention and dissemination of collected information and are critical to the privacy of people in the United States;
• Strengthen the government’s transparency obligations, including around how many people in the United States are surveilled under Section 215, how many people in the United States are spied on pursuant to Section 702 through the “backdoor search loophole,” and how many warrants are obtained using Section 215 information;
• Limit the use of Section 215 information in court to cases involving national security;
• Provide notice to defendants against whom the government seeks to use Section 215 information and prohibit the laundering of evidence through “parallel construction”;
• Investigate the use of First Amendment-protected activities, race, ethnicity, national origin, and religious affiliation in Section 215 applications;
• Strengthen the Privacy and Civil Liberties Oversight Board;
• Reform the FISA Court by increasing oversight of proceedings and decisions, including by strengthening the amicus curiae role and increasing transparency;
• Establish sunsets for four National Security Letter authorities that permit collection of information on a very low standard; and
• Establish FISA as the exclusive means for the collection of Americans’ communications records from United States providers for intelligence purposes to ensure intelligence agencies do not circumvent the privacy protections in FISA.

Despite this robust set of reforms, the Safeguarding Americans’ Private Records Act does not fix a number of other problems with FISA. It does not, for instance, prohibit “backdoor searches” under Section 702, a loophole that poses a dangerous threat to Americans’ privacy by allowing the government to search through communications collected under Section 702 of FISA seeking information about Americans without a warrant. Further, it reauthorizes the so-called “lone wolf” authority, which has never been used and should be repealed just like the Section 215 CDR program. However, while the Safeguarding Americans’ Private Records Act does not address every long-standing privacy concern within FISA, it nonetheless provides substantial reform, and we urge your support.

Absent major reforms, such as those contained in the Safeguarding Americans’ Private Records Act, Congress should not reauthorize Section 215, or either the roving wiretap or lone wolf authorities.