July 30, 2014

Majority Leader Harry Reid
Minority Leader Mitch McConnell
United States Senate

Speaker John Boehner
Minority Leady Nancy Pelosi
United States House of Representatives

Chairman Patrick J. Leahy
Ranking Member Charles E. Grassley
U.S. Senate Committee on the Judiciary

Chairman Robert W. Goodlatte
Ranking Member John Conyers, Jr.
U.S. House of Representatives Committee on the Judiciary

Chairman Dianne Feinstein
Vice Chairman Saxby Chambliss
U.S. Senate Select Committee on Intelligence

Chairman Mike Rogers
Ranking Member C.A. “Dutch” Ruppersberger
U.S. House Permanent Select Committee on Intelligence

Dear Majority Leader Reid, Minority Leader McConnell, Chairmen Leahy and Feinstein, Ranking Member Grassley, Vice Chairman Chambliss, Speaker Boehner, Minority Leader Pelosi, Chairmen Goodlatte and Rogers, and Ranking Members Conyers and Ruppersberger:

The undersigned civil liberties, human rights, and other public interest organizations write in support of the USA FREEDOM Act (S. 2685), which Senator Leahy reintroduced on July 29. We urge both the Senate and the House to pass it swiftly and without any dilution of its protections.

On June 18, many of the undersigned groups sent a letter to Senate leadership raising serious concerns about the version of the USA FREEDOM Act (H.R. 3661) that passed the House of Representatives in May, and recommending six specific areas for improvement in the Senate bill.[1] The version of the USA FREEDOM Act introduced Tuesday is a substantial improvement upon the House-passed bill, and addresses many of our most significant concerns. While this bill does not include all of the necessary reforms to the government’s surveillance authorities, it is a good first step. Specifically, this version of the USA FREEDOM Act will:

1. Prohibit “bulk” collection. As drafted, S. 2685 will prohibit indiscriminate collection of records under USA PATRIOT Act Section 215 (Section 215) and help curtail other forms of broad or bulky collection as well. It significantly narrows the definition of “specific selection term” as applied to Section 215 orders for call detail records (CDR) and other items, as well as for FISA pen register and trap and trace device orders and National Security Letters (NSLs). Additionally, S. 2685 prohibits large-scale data collections under certain authorities based solely on terms that identify broad geographical regions or name particular Internet or telephone services, and more generally requires the government to narrowly limit its data collection. We understand the intent of these provisions is to put an end to bulk or bulky collection programs, whether the NSA’s phone records program or others. The bill also strengthens minimization requirements that would provide additional post-collection privacy protections in instances where a Section 215 order is likely to return records on more than one individual. While it does not include minimization procedures for pen register and trap and trace device authorities, it does clarify the Foreign Intelligence Surveillance Court’s (FISC) authority to impose stronger privacy procedures and review compliance. These reforms are all significant improvements over H.R. 3361. If faithfully implemented, they should ensure the end of bulk collection of Americans’ personal information under domestic national security surveillance collection authorities, thus achieving the USA FREEDOM Act’s primary stated purpose.

2. Strengthen transparency reporting provisions. This bill makes significant improvements to the level of detail that private companies can include in their transparency reports. It locks in the deal made earlier last year between the Department of Justice and Internet companies that gave the companies two different options for publishing information about the FISA and NSL demands they receive, but improves on it by narrowing the range of numbers in which the companies can report, and by shortening the waiting period to report on surveillance orders directed at new technologies from 2 years to 18 months. The bill also provides two additional options for reporting that were not in the original deal: one option that allows companies to report annually on the national security requests they receive in ranges of 100, the narrowest numerical range of all the different reporting options, and another option that allows companies to be more granular in their reporting about specific surveillance authorities including FISA Amendments Act Section 702 (FISA Section 702), which authorizes the PRISM and “upstream” collection programs that are of particular concern to customers and tech companies alike.

Additional improvements are still needed, such as authorizing companies to report on the number of accounts actually affected by the government demands they receive rather than just those accounts that are targeted. However, the company reporting provisions in S. 2685 are a strong improvement over the House bill, and will help to start informing the public on the impact that these authorities have on American industry and consumers.

S. 2685 also strongly enhances reporting by the government. Whereas H.R. 3661, as passed, merely requires the Director of National Intelligence to report annually the number of “targets” and “orders” for each relevant authority, S. 2685 also requires disclosure of the number of individuals whose communications are collected, including an estimate of the number of U.S. persons. This is a much more meaningful set of numbers. More transparency is needed, as the bill exempts the FBI from key reporting requirements and allows the Director of National Intelligence to use a certification process to avoid the requirement of estimating how many U.S. persons are affected by FISA Section 702. Nonetheless, the bill materially improves the usefulness of government reporting.

3. Strengthen reforms to the FISA Court (FISC) process to provide more accountability. S. 2685 expands advocacy within the FISC by creating Special Advocates who may serve as amici. While not all our concerns with this measure were resolved, S. 2685 clarifies that the Special Advocates’ duty is to advocate for privacy and civil liberties, and includes provisions to facilitate access to all relevant materials and precedent. It also increases access to technical and subject matter experts. Additionally, although some loopholes remain, the bill seeks to limit secret law by requiring the Director of National Intelligence to publicly release either a redacted copy or a summary of any significant FISC decision.

In addition to addressing some of our most pressing concerns as explained above, we are pleased that S. 2685 limits the use of CDRs to counterterrorism purposes, and resolves the threat of implicitly codifying controversial “about” searches under FISA Section 702 by removing that section from the bill. We are also encouraged that this bill does not include any form of a mandatory data retention regime. As we mentioned in our June 18 letter, we strongly oppose any such requirement, as it would threaten privacy and civil liberties, impose unnecessary economic burdens on companies, and create risks to data security.

S. 2685 is a substantial improvement over the House bill. It would meaningfully amend the laws that authorize some of the most deeply concerning domestic records collection programs. We must caution, however, that many of the positive steps included in the bill could be undermined through insufficiently targeted cybersecurity information sharing legislation. We also note that S. 2685 does not address the NSA’s cyber operations or its largest surveillance programs: those taking place under Executive Order 12333 and FISA Section 702. After passing S. 2685, Congress should immediately conduct public oversight and work to reform these authorities, which pose grave threats to privacy, civil liberties, and Internet security.

We support S. 2685 as an important first step toward necessary comprehensive surveillance reform. We urge the Senate and the House to pass it quickly, and without making any amendments that would weaken the important changes described above.

Sincerely,

Access
Advocacy for Principled Action in Government
American Association of Law Libraries
American Civil Liberties Union
American Library Association
Antiwar.com
Arab American Institute
Association of Academic Health Sciences Libraries
Association of Research Libraries
Bill of Rights Defense Committee
Brennan Center for Justice
Campaign for Digital Fourth Amendment Rights
Center for Democracy & Technology
Center for Media and Democracy/The Progressive
Charity & Security Network
Citizen Outreach
Competitive Enterprise Institute
Constitution Alliance
The Constitution Project
Council on American-Islamic Relations
Cyber Privacy Project
Defending Dissent Foundation
DownsizeDC.org, Inc.
Electronic Frontier Foundation
Free Press Action Fund
Freedom of the Press Foundation
FreedomWorks
GenOpp
Government Accountability Project
Human Rights Watch
Liberty Coalition
Media Alliance
Medical Library Association
National Coalition Against Censorship
National Security Counselors
New America’s Open Technology Institute
OpenMedia.org
OpenTheGovernment.org
PEN American Center
Public Knowledge
Republican Liberty Caucus
R Street
Rutherford Institute
TechFreedom
 


[1] Letter from coalition to Senator Reid, et. al, concerning USA FREEDOM Act (H.R. 3361) (June 18, 2014) (on file with author), available at http://www.newamerica.net/sites/newamerica.net/files/program_pages/attachments/CoalitionLetterOnUSAFreedom.pdf