An independent watchdog agency that investigates the nation’s security programs unanimously urged Congress in a report made public on Thursday to reauthorize an expiring and much-debated law that allows warrantless surveillance of targeted foreigners even when they are communicating with or about Americans.
At the same time, the five-member Privacy and Civil Liberties Oversight Board agreed that the program poses a threat to Americans’ privacy and suggested imposing new limits on it. But its members split along party lines about a proposed remedy: requiring that a court be involved before analysts can deliberately look at Americans’ intercepted communications.
The partisan disagreement over how to place checks on the program may complicate the impact in Congress of the report on the law, known as Section 702, which must be reauthorized by the House and the Senate this year if it is to remain in effect.
The board is an independent agency within the executive branch that Congress established several years after the terrorist attacks of Sept. 11, 2001, amid concerns over how to balance national security against civil liberties as the nation intensified its efforts to gather intelligence about terrorist threats. Three of its current members were chosen by Democrats and two by Republicans.
Section 702 allows the government to collect — from U.S. firms like Google and without a warrant — the communications of targeted foreigners. That authority, which grew out of the Bush administration’s post-Sept. 11 warrantless surveillance program, will expire at the end of December unless lawmakers extend the law.
Congress previously reauthorized the law in 2012 and 2018. But it faces an uncertain fate this cycle. A faction of hard-right Republicans are opposing it in alignment with former President Donald J. Trump’s hostility to the “deep state,” joining forces with liberal-leaning civil liberties advocates who have long had concerns about how Section 702 allows the government to scoop up some communications of Americans without a warrant and make it available to intelligence and law-enforcement officials.
All five members of the board concurred that it would make the United States less safe to let the program die, and all five called for privacy-minded reforms to it without agreeing on what those reforms should be.
“Section 702 is valuable in supporting U.S. government efforts to counter foreign threats from actors outside the United States, such as terrorism, weapons proliferation and cyberthreats,” the Democratic members in the majority concluded in the main report, which was sent to lawmakers on Wednesday.
“At the same time, the risk of overbroad government collection of communications under Section 702 and subsequent government use of that information is very real and can cause harm, at varying degrees,” they said. They added that “these privacy and civil liberties risks can be reduced while preserving the program’s value in protecting Americans’ security.”
The two Republicans in the minority expressed similar views but voted against the majority’s report in its entirety and filed their own statement — essentially a rival report.
The government may collect emails and other data under Section 702 to gather intelligence about foreign governments, terrorism and the proliferation of weapons of mass destruction. It places the raw intercepts in repositories where intelligence analysts — including at the C.I.A., F.B.I. and N.S.A. — can query them in search of information relevant to their work.
Much of the controversy around the program has centered on the ability of the intelligence analysts to use Americans’ identifiers — like names, phone numbers or email addresses — as query terms, since that sometimes results in reading private messages sent to or from Americans that were gathered without warrants.
F.B.I. officials have repeatedly violated standards about querying for Americans’ information. The bureau instituted further limits in 2021 and 2022.
The board’s Democratic majority recommended that when intelligence analysts query for Americans’ information and get hits, the government should have to get the approval of the Foreign Intelligence Surveillance Court before reading the results. To win approval, the query would have to be deemed “reasonably likely” to retrieve foreign intelligence or evidence of a crime.
Two members of the Democratic majority fully backed that idea: Edward W. Felten and Travis LeBlanc. A third — the chairwoman, Sharon Bradford Franklin — wrote separately that she wanted a higher “probable cause” standard for court approval, essentially matching the standard to obtain a wiretap order.
The two Republicans, Beth A. Williams and Richard E. DiZinno, also called for pre-access reviews when it comes to hits on queries for Americans. But they portrayed the idea of stopping an investigation to seek court review as deeply unwise. They argued that supervisors within agencies could handle such reviews.
That puts Biden administration officials — who have opposed proposals to require individualized court review of queries involving Americans’ identifiers, arguing that it would cause delays and overwhelm the system — closer to the Republicans on the board than to the Democrats.
In a statement, the White House’s National Security Council thanked the board and highlighted the consensus that Congress should reauthorize Section 702, but it also criticized the majority’s court-approval recommendation. The idea would be “operationally unworkable and would blind us to information already in our holdings that, often, must be acted upon in time-sensitive ways in order to prevent lethal plotting on U.S. soil, the recruitment of spies by hostile actors, the hacking of U.S. companies and more,” the council said.
The new report contained a lengthy section about how Section 702 works, with some newly declassified facts and other details, including metrics showing that its use has been growing.
One disclosure related to the use of Section 702 information as evidence in criminal trials. The law requires the government to notify defendants when it intends to do so in some circumstances, and the report said that had happened nine times. None appear to involve evidence that had been identified via a query for an American’s identifier, it said.
Another disclosure could be used to assess the costs to taxpayers and benefits of Section 702. The report said that in 2022, nearly 20 percent of all National Security Agency reporting came from the program, and that the program accounted for less than 4 percent of the N.S.A.’s budget for collection activities. (The overall figure is apparently still classified.)
The report also contained some new details about specific ways Section 702 has been used. It said, for example, that using the program in 2022, the F.B.I. had discovered that state-supported hackers had infiltrated the computer systems of several domestic utilities. The bureau was “able to warn the systems’ operators, help them expel the hackers from their systems and monitor other infrastructure for further victims,” it said.
It also said that when a planned terrorist attack on a U.S. facility in the Middle East was disrupted in 2020, information acquired through Section 702 helped identify the cell’s members and was a “critical, unique collection method” because they were traveling through several countries.
And the report said that Section 702 had contributed to the February 2022 U.S. military operation that resulted in the death of the leader of ISIS. Specifically, it said, information from the program showed that he was in Syria, which “provided military planners and senior policymakers confidence in their decision to send U.S. troops on the mission.”