EPIC v. NSD (Section 702 Query Report)

Top News


In Freedom of Information Act lawsuit EPIC v. NSD, EPIC is seeking the public release of a report of the U.S. Government detailing the FBI's search through Americans' data collected using a foreign intelligence surveillance statute.

FBI warrantless searches of communications acquired using Section 702 to pursue routine criminal investigation of U.S. persons - often referred to as "backdoor searches" - are among the most contested federal activities carried out under the Foreign Intelligence Surveillance Act (“FISA”). Section 702 was enacted to authorize certain electronic surveillance of foreign communications without probable cause. Section 702 requires that the target of an investigation is a non-U.S. person located outside the U.S. §1881a(a-b). However, the FBI’s searches these communications, obtained under Section 702, for information about the private activities of Americans. So far, there has been no opportunity for a defendant or other individual to challenge this practice in court and questions remain about the Constitutionality of these warrantless searches.

Congress is now considering proposals to limit the practice. To inform this public debate, EPIC seeks a government report, mandated by the Foreign Intelligence Surveillance Court (“FISC”), concerning FBI use of 702 authority for criminal investigatory purposes concerning a U.S. person. The report required by the FISC, sought by EPIC, arose because of concerns about the possible misuse of Section 702 authority by the FBI.

Section 702 of the FISA Amendments Act

The Foreign Intelligence Surveillance Act of 1978 (“FISA”) was enacted to authorize and regulate surveillance of electronic communications for foreign intelligence purposes. In 2008, Congress amended the FISA to authorize electronic surveillance of certain foreign communications of non-U.S. persons located abroad, with the assistance of communications service providers in the United States. This provision is commonly referred to as Section 702

The rules for carrying out Section 702 surveillance depart significantly from the rules concerning domestic electronic surveillance. Surveillance orders under Section 702 are not subject to any prior or individualized approval by a court. Instead, the FISC conducts an annual “programmatic” review of the procedures for compliance with the statutory requirements. The FISC reviews the “targeting” procedures (procedures “reasonably designed” to ensure collection is “limited to targeting persons reasonably believed to be outside” of the U.S. and prevent “intentional” collection of entirely domestic communications) the “minimization” procedures (procedures “reasonably designed” to minimize the acquisition and retention, and prohibit the dissemination of U.S. persons information), and certifications of the Attorney General and the Director of National Intelligence that these procedures meet the statutory requirements. Unlike other provisions of the FISA, the government is not required to demonstrate “probable cause,” establish that a target is an agent of a foreign power or engaged in criminal activity, or identify the specific places or facilities that will be monitored.Section 702 prohibits the targeting of United States persons and persons inside the United States for surveillance. (stating that “acquisition…may not intentionally target any person known to be located in the United States… may not intentionally target a United States person… outside the United States,” and more)

The Government has conceded that a significant amount of U.S. persons’ communications are collected under Section 702 surveillance programs. While the Intelligence Community will not release statistics on the number of Americans whose communications are collected under 702 programs, the “NSA acquires more than two hundred and fifty million Internet communications every year using Section 702, so even if U.S. communications make up a small fraction of that total, the number of U.S. communications being collected is potentially quite large.”

Backdoor Searches Raise Concerns about Compliance with Fourth Amendment Standards

Under the DOJ’s existing policy, federal agents can search communications collected under Section 702 for information about Americans, even when this information could not lawfully be targeted at the front end. They can do so with few limitations. As described by a coalition of civil liberties organizations, "The government conducts these searches in broadly defined “foreign intelligence” investigations that may have no nexus to national security, in criminal investigations that bear no relation to the underlying purpose of collection, and even in the pre-assessment phase of investigations where there are no facts to believe someone has committed a criminal act."For instance, in 2016 there were over 5,000 government queries using search terms concerning known U.S. persons to retrieve the minimized contents of communications and 30,355 queries concerning a known U.S. person of metadata obtained under 702.

Report to the FISC on 2016 FBI Backdoor Searches

At issue in this case is a FISC-mandated government report about searches of Section 702 data conducted for purely domestic, criminal investigatory purposes where the FBI received and reviewed information about a U.S. personIn July 2015, the U.S. government sought reauthorization of the Section 702 certifications, including associated targeting and minimization procedures, from the Foreign Intelligence Surveillance Court. Because the case presented novel legal issues, the Court appointed an amicus to assist the Court's evaluation of the statutory and constitutional questions, including concerns about the validity of the FBI "backdoor searches." Amicus Amy Jefress raised concerns about these procedures’ compliance with the FISA and also concluded that, without further safeguards, the procedures were inconsistent with the Fourth Amendment.

While FISC ultimately approved the FBI’s Section 702 minimization procedures in a November 6, 2015 Memorandum Opinion and Order. Nonetheless, to monitor the FBI's backdoor searches the FISC required the government to submit reports to the Court "concerning each instance after December 4, 2015, in which FBI personnel receive and review Section 702-acquired information that the FBI identifies as concerning a United States person in response to a query that is not designed to find and extract foreign intelligence information." The report has to include a description of the information, how it will be used, the query terms used, and the reasons the query is consistent with applicable procedures.

EPIC's Interest

Prompt disclosure of this NSD report is critical for the public debate about the pending reauthorization of Section 702. As renewal of Section 702 is now pending before Congress, the public has a right to know why the FBI may obtain the private communications of Americans for ordinary criminal investigations without a warrant.

The FBI’s query and use Section 702 data in routine criminal investigations entirely unrelated to national security without a warrant - or even an individualized court order - raises concerns about compliance with Fourth Amendment standards.

EPIC has pursued similar FOIA cases involving the use of FISA authorities. previously sued the DOJ for the Bureau's release of pen register reports - reports prepared for Congressional oversight committees, summarize significant FISA Court decisions and include the total number of FISA applications filed by the government and the number of U.S. persons targeted for surveillance. As a result of EPIC's request and lawsuit, the Department of Justice has released hundreds of pages of materials related to the governments FISA applications and FISC proceedings. EPIC also recently participated as amicus curiae in Data Protection Commissioner v. Facebook, which involves privacy protections for transAtlantic data transfers, including concerns surrounding U.S. surveillance authorities like Section 702.

FOIA Documents

Legal Documents

U.S. District Court for the District of Columbia (No.17-2274)

  • Document Reprocessing



Share this page:

Defend Privacy. Support EPIC.
US Needs a Data Protection Agency
2020 Election Security