Modernize FISA, But Don't Hobble American Intelligence Operations

Report Homeland Security

Modernize FISA, But Don't Hobble American Intelligence Operations

October 16, 2007 10 min read Download Report

Authors: Brian Walsh and Todd Gaziano

The House of Representatives would hamstring the wartime intelligence gathering of the United States if it passes the incorrectly named "Responsible Electronic Surveillance that is Overseen, Reviewed, and Effective Act of 2007," or RESTORE Act (H.R. 3773). Will Representatives who support the bill accept responsibility when the intelligence gap created by the bill results in a failure to detect another terrorist attack on America soil? This is no rhetorical question. The bill would impose a Byzantine and unprecedentedly burdensome intelligence regime on those charged with protecting Americans from international terrorists and substantially impede the ability of the executive branch to gather intelligence on terrorist threats. Lawmakers who support H.R. 3773 should be required to clearly stake their careers on its effectiveness.

The RESTORE Act is remarkable primarily for what its supporters do not address. They provide little or no information on the following points:

  • Why Congress would depart from the recommendations of the 9/11 Commission by making it more difficult and cumbersome to gather intelligence on Islamic terrorists;
  • Whether there was any actual harm (rather than psychic harm that supposedly results from potential surveillance) to any American citizens as a result of five years of intelligence gathering on foreign terrorists since 9/11 and, if so, what that supposed harm was;
  • Why Congress believes it has the constitutional authority, with or without a court's assistance, to micromanage decisions about which potential foreign enemies to gather information on, when that power is constitutionally vested in the commander in chief;
  • Why no previous President--Jimmy Carter, Ronald Reagan, George H.W. Bush, or Bill Clinton--has ever conceded that FISA or any other regulatory regime crafted by Congress is the sole means by which a President may collect intelligence for national security purposes; or
  • Why Americans should entrust to Congress and congressional staff members a database containing information on every American whose name is mentioned as part of a national security investigation.

The Administration is right to threaten a presidential veto of the RESTORE Act if it is not fundamentally changed. The Act is unwise as a matter of constitutional law and policy. The current Administration has gone much further than any previous administration in safeguarding American civil liberties. Yet hyperbolic privacy activists never acknowledge this and refuse to accept sensible minimization procedures to provide further anonymity of information that might incidentally be collected on persons within the United States. Congress should expand and make permanent the FISA reforms in the Protect America Act and not hobble America's wartime intelligence-gathering abilities.

What Harm Is Being Remedied?

Privacy absolutists have to date been unable to point to any actual harm that individual Americans have suffered because of information collected as part of the Terrorist Surveillance Program (TSP) and similar foreign intelligence programs since 9/11. They can point to no Americans who have been convicted unjustly, or even prosecuted unjustly, based on information obtained through the TSP in violation of their statutory or constitutional rights.

When the Foreign Intelligence Surveillance Act (FISA) was enacted in 1978, Congress was at least responding to some actual evidence of abuses of warrantless electronic surveillance of average Americans who were not threatening national security at a time when the United States was not in an actual (or "shooting") war. J. Edgar Hoover's FBI had, among other abuses, conducted electronic surveillance of American citizens whose only apparent wrongdoing was that they were considered to be among Nixon's enemies. It thus made sense to require court supervision of domestic electronic surveillance of Americans who were not supporting foreign enemies in an actual shooting war.

1978 was also near the height of the Cold War. The agents of America's enemies were predominately embassy staff members and other officials of Soviet and Soviet-affiliated states. FISA permitted electronic surveillance of these potential enemy agents within the United States without traditional warrants but with the involvement of a new Foreign Intelligence Surveillance Court. Two important distinctions are relevant to today's debate over modernizing FISA: (1) The original law did not impose any restrictions on the then-current means of intercepting foreign agents' communications abroad, and (2) the number of potential Cold War agents in America covered by FISA was quite small compared to the number of potential soldiers and saboteurs in a traditional shooting war.

In short, acts of war on American soil by foreign agents were not among the significant threats confronting the nation in 1978. FISA was crafted for the Cold War, not for today's world of secretive networks of foreign soldiers on U.S. soil planning acts of terrorism against Americans. FISA's restrictions on domestic surveillance were designed to prevent Watergate-like abuses, not to hinder the executive branch's ability to gather intelligence about wartime enemies planning to kill Americans.

After the attacks of September 11, Congress enacted an Authorization for the Use of Military Force (AUMF) that set a very different tone. Congress wisely authorized the President to use all necessary force to defeat the terrorist entities and their allies with whom we were now at war. This is a real shooting war, as is demonstrated by continued military combat in Afghanistan; by bombings in London, Madrid, Asia, and the Middle East; and by the many foiled plots around the globe. When at war, it is a paramount duty of the military to locate, track, and intercept the communications of enemies--never an easy task. President Bush assumed that grave responsibility, as has every commander in chief during wartime. Using the National Security Agency (itself a military agency) and following standard military protocols, he has engaged in the traditional tasks of military intelligence. Thus has been the duty of military commanders since time immemorial.

Although the President's authority to use the military units Congress funds to engage in traditional military intelligence duties flows from the Constitution, it is not inconsistent with any statute either. To the extent that the old FISA regime would have presented difficulties in foreign intelligence gathering, the AUMF removed most such statutory constraints. Notwithstanding his constitutional authority, the President sought and received additional statutory authority in August with passage of the Protect America Act to avoid constitutional questions and activist court rulings.

With these laws in place, the President has undertaken his intelligence duties responsibly. The worst that proponents of legislation like the RESTORE Act can point to are hypothetical abuses of information obtained through the Terrorist Surveillance Program or incidental intrusions on non-specific, amorphous privacies.

But most of today's privacy activists are absolutists. They believe that every governmental access of information that they would prefer to keep private is an injury that must be justified by a compelling governmental interest, subjected to court supervision (such as a warrant process), or both. Their rhetoric asserts-- incorrectly and misleadingly--that these privacy rights are enshrined in the Constitution, but the Supreme Court has repeatedly rejected the notion that the Fourth Amendment includes the generalized, amorphous "right to privacy" they favor.

Because the Constitution does not include any such right, constitutional rhetoric should not be used to cloak attempts to create such a right by statute. Decisions to create new statutory rights are merely policy preferences. Only when they are acknowledged as such can they be honestly and productively discussed.

The RESTORE Act and the Intelligence Gap

The contrast could not be starker between the nebulous, hypothetical harms that privacy absolutists assert could result from the incidental collection of information through electronic surveillance programs and the concrete harms that could result from the lack of robust foreign intelligence-gathering programs to detect and prevent acts of domestic terrorism. U.S. intelligence systems have improved in the past five years, but foreign enemies show an alarming ability to adapt to these advances. There is little reason to doubt that foreign terrorists would use a weapon of mass destruction on American soil if they could do so. The only question is whether the United States will be able to detect and foil such plots in the future.

The shortcomings that led to pre-9/11 intelligence failures have been well documented, and the RESTORE Act would only make such problems worse. The highly regarded, bipartisan commission that Congress charged with investigating the events and causes of the September 11 attacks--the 9/11 Commission--identified major gaps in U.S. intelligence-gathering on terrorist activities. The 9/11 Commission determined that the effectiveness of U.S. intelligence-gathering was hamstrung by a "[l]ack of common standards and practices across the foreign-domestic divide."[1] The Commission recommended that intelligence and information-gathering procedures "should provide incentives for sharing, to restore a better balance between security and shared knowledge" regardless of whether such information "is collected in Pakistan or Texas."[2]

The RESTORE Act would actually widen the "foreign-domestic divide" identified by the 9/11 Commission by reducing the sharing of information within the U.S. intelligence community. The RESTORE Act would multiply the difficulties involved in collecting information about foreigners engaged in terrorist activities who happen to communicate with persons within the United States or who are themselves "U.S. persons." This is despite the fact that the category of "U.S. persons" defined by FISA[3] would include an alien who has legal residency in the United States only because he fraudulently obtained a U.S. visa in order to carry out terrorist activities within the United States. At the time of the September 11 attacks, all of the Islamic terrorists who murdered Americans were arguably "U.S. persons."

Need for Modernization

The House of Representatives passed the Protect America Act of 2007 (PAA) on August 4, 2007, and the President signed it into law the next day. Despite the disclaimers by Members of Congress who want to create a more restrictive regime for gathering intelligence on terrorists, the PAA passed because it had bipartisan support and because Director of National Intelligence (DNI) Mike McConnell spoke personally with approximately 260 Members. He explained why the PAA was necessary to remedy the damage caused by an unprecedented and seemingly erroneous decision by the Foreign Intelligence Surveillance Court in May of this year.[4] The decision opened an intelligence gap by effectively requiring the federal government, for the first time ever, to obtain a FISA warrant for any surveillance of persons located overseas if their electronic communications (e.g., emails, cell-phone calls, and text messages) might possibly be routed through the United States.

Because most of the world's largest telecommunications and Internet service providers are located in the United States, this would have required a FISA warrant for surveillance of potentially every person located overseas. No one could know in advance whether any communication by a person located outside the United States might end up being routed through the United States. DNI McConnell disclosed that thousands of individuals overseas are being monitored for terrorist activities. Obtaining approval for each intercept would be nearly impossible.

Each FISA application requires approximately 200 person-hours of government attorneys' and other intelligence officials' time for each telephone number intercepted. Only about 100 persons are being monitored in the United States, but this alone requires the equivalent of full-time service of ten government attorneys or other intelligence officials just to prepare the FISA applications.[5] Thousands of persons outside of the United States are being monitored for terrorism-related activities. For every thousand, 100 government officials would have to spend a year working fulltime to prepare all of the FISA applications. This is not the formula for a nimble and effective international intelligence regime.

Putting the RESTORE Act's manpower demands aside, it is highly unlikely that the FISA court would approve every application. It is human nature for judges who have been tasked with second-guessing intelligence intercepts to resist the notion that they are mere rubber stamps. Yet these are traditional foreign intelligence intercepts, undertaken during war, that no court has the constitutional authority to review. Furthermore, judges may not have the expertise. Military intelligence officers themselves often do not know the value of individual intercepts until months or years later, and ordinary federal judges are far less suited to make that kind of determination. The intelligence gaps that would be imposed on America's intelligence gathering if the PAA were repealed or replaced are enormous and would make the task of detecting and preventing terrorism even harder than it is today. America's enemies must rejoice over their prospects when they read proposals such as the RESTORE Act.

Members of Congress who now publicly express regret about their vote to enact the Protect America Act should trust their original instincts rather than be swayed by unfounded hypothetical harms or the potential for partisan gain. A bipartisan majority recognized in August that if Congress failed to act, it would expose tens of thousands of Americans to a heightened risk of injury and death at the hands of terrorists. Unfortunately, the sky-is-falling rhetoric of privacy absolutists seems to have swayed some Members since. The FISA "fix" they propose is pure window dressing. It is calculated to provide political cover if the resulting intelligence gap does result in another terrorist attack on U.S. soil. But it fails to do the sensible thing: close the intelligence gap.


The Protect America Act wisely exempts intelligence gathering targeted at persons not on U.S. soil. This makes perfect sense because constitutional protections were never intended to extend to intelligence gathering for national security purposes to persons located outside of the United States. It relies on the same minimization procedures that have always applied to reduce the intrusion on the privacy interests of Americans who (whether wittingly or unwittingly) communicate with suspected terrorists or other enemy soldiers.

Congress should make the Protect America Act permanent and enhance its provisions to provide retroactive and permanent liability protection to American businesses that cooperate with reasonable intelligence requests. The House of Representatives should not impose unconstitutional restrictions on the ability of the executive branch to carry out one of its primary, constitutionally mandated functions: protecting Americans from acts of war by foreign enemies.

Todd Gaziano is the Director of, and Brian W. Walsh is Senior Legal Research Fellow in, the Center for Legal and Judicial Studies at The Heritage Foundation.

[1]The 9/11 Comm'n Report: Final Report of the Nat'l Comm'n on Terrorist Attacks Upon the United States 409 (2004).

[2]Id. at 417.

[3]See 50 U.S.C. ยง 1801(i).

[4]Although this secret court decision was never released, it seems erroneous based on news reports citing officials who have reviewed it. The conclusions these officials have drawn from their review are the only available public source for evaluating the decision's merits, and the decision thus may have had the effect of chilling more intelligence gathering conduct than its holding necessarily required.

[5]This estimate assumes that a workweek is at least 40 hours and that each government attorney or other intelligence official spends all of his or her time working on nothing other than FISA applications.


Brian Walsh
Brian Walsh

Former Senior Legal Research Fellow

Todd Gaziano

Former Director, Center for Legal & Judicial Studies