FPI Bulletin: Can the Freedom Act Keep America Safe?

June 3, 2015

On Tuesday, President Obama signed into law the USA Freedom Act, after it passed the Senate by a 67-32 vote.  This bill reauthorizes two provisions of the Patriot Act that expired Sunday evening—those that allowed “roving” wire taps across several communication devices employed by a single suspect, and also allowed surveillance of “lone wolf’’ terror suspects with no established links to terrorist organizations.  The Freedom Act also does away with the National Security Agency (NSA)’s collection of telecommunications “metadata,” which was authorized under the purview of Section 215 of the Patriot Act. The demise of Section 215 reflects a poor understanding of the NSA’s metadata program as well as wishful thinking about the replacement program authorized by the Freedom Act.

Last month, House Intelligence Committee member Mike Pompeo (R-KS) attempted to dispel the widespread misconception that the NSA was listening to Americans’ phone calls:

“[The] metadata program permits the federal government to store telephone call data—date and time of call, the calling number (from address) and the called number (to address); and the duration of the call. That’s it. It does not permit the collection of any call content, nor the names of the callers, nor any locational information—none. It then allows for that data to be queried, under court-approved processes and only after providing the court a reasonable articulable suspicion in connection with communications from specific foreign terrorist organizations. There is no data-mining or indiscriminate sifting through the data; every single query conducted is auditable.”

As former CIA Director Michael Hayden and Attorney General Michael Mukasey have further explained, “only 22 people at the NSA are permitted access to metadata,” and they are overseen by the Foreign Intelligence Surveillance Court, the administration, and Congress. The popular image of an all-powerful surveillance state simply does not fit the facts.

Despite extensive oversight, the NSA’s metadata program has been vital to the protection of the United States.  CIA Director John Brennan told CBS that “The tools that the government has used over the last dozen years to keep this country safe are integral to making sure that we're able to stop terrorists in their tracks. The tools that we had under the Patriot Act, those ways that we are able to monitor their activities, really have helped stop attacks.”

Former Deputy CIA Director Michael Morell put a finer point on it when he wrote, “Had the program been in place more than a decade ago, it likely would have prevented 9/11.  And it has the potential to prevent the next 9/11.”

Unwarranted concerns about Section 215 led to its replacement with a new approach that will likely create new hurdles for the effective pursuit of terrorism suspects.

Instead of collecting metadata, which could then be queried with the permission of the FISA court, the government will now have to rely on telecommunication service providers to preserve their own metadata, then provide the government with case-by-case access to metadata for a specific person, account, address, or personal device.  In order to do so, the NSA must receive a warrant from the Foreign Intelligence Surveillance Court on a case-by-case basis.

The first drawback of this new approach is a lack of speed. Instead of being able to search the full set of metadata once given permission by the court, the NSA will now have to reach out to numerous providers and hope they respond with appropriate dispatch. While some of the best known providers, like Verizon and AT&T may become proficient at handling such requests, smaller providers may not have the necessary resources.

In the words of Hayden and Muksaey, “this cumbersome and untried process” would “be more burdensome than what any assistant U.S. attorney must do to get metadata in a routine criminal case, which is simply to aver that the information is needed in connection with a criminal investigation—period.”

Second, it is uncertain that telecommunications providers will retain their metadata for a sufficient period of time.  The Wall Street Journal editorial board noted Tuesday that one service “has already informed the Administration in a policy-statement letter that it is ‘not prepared to commit to voluntarily retain documents for any particular period of time pursuant to the proposed USA Freedom Act if not otherwise required by law.’”  But, as the Journal further notes, “The act requires no such thing.”

Third, there are potential security risks associated with the new approach. When acting on a warrant, the NSA will have to reveal to multiple service providers which individual, account, address, or device they are looking for. While one should expect most firms to treat such information with appropriate sensitivity, there remains the risk that some firms may release that information as a result of either negligence or malfeasance. This could enable suspects to hide their tracks or otherwise elude the authorities.

It is also worth noting that Congress designed the Section 215 metadata program to address a threat—terrorists infiltrating the United States while remaining in contact with associates abroad—that has taken on renewed importance in recent years.  The rise of the Islamic State in Iraq and Syria (ISIS) has attracted 20,000 foreign fighters from across the world, including as many as 3,400 from Western nations.  Intelligence officials fear that these fighters will return to their home countries and carry out attacks at the behest of or in cooperation with ISIS.    

If Congress had reauthorized Section 215, it would have enjoyed strong bipartisan support from the American public. According to a CNN poll taken just before the Senate voted, 61% of Americans said that Congress should renew the law that allows the NSA “to collect and analyze information on the phone calls of most Americans in order to locate suspected terrorists.”

The Freedom Act gives the administration a six-month deadline to implement the new system. During that period, Congress should conduct vigorous oversight to determine whether the new metadata program is ready to be stood up and likely to work smoothly. If it risks compromising the intelligence community’s capability to pursue terrorism suspects, Congress should restore the program that won the support of both the intelligence community and the American public.  

Mission Statement

The Foreign Policy Initiative seeks to promote an active U.S. foreign policy committed to robust support for democratic allies, human rights, a strong American military equipped to meet the challenges of the 21st century, and strengthening America’s global economic competitiveness.
Read More