The Single Branch Theory of Oversight

Carrie Cordero made a fairly astonishing claim in her response to my focus on the SA’s theft from Google and Yahoo fiber overseas. She claims that that and other documents showing how the NSA double dips from PRISM producers, collecting content domestically under Section 702 and collecting it internationally under Executive Order 12333, shows “the [FISA Amendments Act] has been implemented consistently with how it was described in the public record of legislative text and Congressional hearings that took place up to its passage in 2008.” Cordero would have you believe that the Administration made it clear it intended to continue to steal data from American providers even after having been given Congressionally authorized access to it.

She is right on one count, though she doesn’t spell out how in her reply. From the very first debates over amendments to FISA in 2007, members of Congress – especially Senator Dianne Feinstein and then Senator Russ Feingold – raised concerns that the Executive Branch would simply bypass the law if it wanted to. And while then Director of National Intelligence (and now Booz Allen Hamilton Vice Chairman) Mike McConnell assured the Senators “the effort to modernize would prevent an operational necessity to do it a different way” (seemingly providing assurances the Intelligence Community would not bypass the FISA process as they have), McConnell and others, including Keith Alexander, kept repeating that “Article II is Article II.”

That is, throughout the FISA amendment process, the intelligence community was quite honest that it did not believe itself to be bound by the laws passed by Congress; they explicitly reserved the authority to simply go overseas to bypass limits and oversight imposed by Congress.

That’s why the 800 words Cordero used to describe the oversight exercised by the FISA Court and Congress as part of the FISA process really describe something that is – as Julian Sanchez argued – decorative. So long as the intelligence community does bypass those authorities to carry out the same collection overseas (they definitely do that with content, and appear to do that with metadata), the oversight of other branches is a mere indulgence from the Executive, made all the weaker because both branches are aware that the Executive will bypass their oversight if the oversight is deemed overly strict.

The reaction towards the Privacy and Civil Liberties Oversight Board’s report on the phone dragnet – which listed a number of ways the program did not comply with the law – is instructive on what happens when an entity tries to exercise real oversight. Before the report, Congress discussed giving PCLOB subpoena power, a role in the FISC advocate process, and expanded review of NSA’s activities. All those plans have been forgotten in the wake of PCLOB actually daring to review the letter of the law, as they had previously informed Congress they would do.

NSA arbitraging of the jurisdiction of FISA may or may not be legal – perhaps one day the Supreme Court will decide. But, legal or not, it undermines the effectiveness of the three-branch oversight that itself covers just a small part of the NSA’s spying.

Also from this issue

Lead Essay

  • One year after the Edward Snowden NSA revelations, Julian Sanchez reviews what we know and where the public policy debate now stands. He finds that we know incomparably more about telephone and Internet surveillance, and that this knowledge has provoked a significant backlash: The American public, tech companies, and foreign publics and governments have all come increasingly to demand reform. A real debate is underway today, one as we have never seen before. In particular, we now ask the question: What are the consequences of misusing the system, and, if misuse ever arrives, will it then be too late to do anything about it?

Response Essays

  • Benjamin Wittes argues that the NSA is indeed powerful, perhaps disturbingly so. But what matters most are the legal restraints and authorizations for these programs’ use. Wittes rejects the idea that the United States should unilaterally disarm itself in an international cyber arms race; he would prefer to discuss the specific contours of the rules for digital surveillance. Much as the Fourth Amendment has successfully restrained conventional police, constitutional and legal safeguards should be adequate to protect us from the NSA.

  • Carrie Cordero reviews the legal safeguards under which the NSA acts. She finds that they are in general adequate, and that subverting them would require either a large-scale conspiracy or massive incompetence by our elected officials. The NSA’s programs target foreigners, who have no constitutional protections, and not U.S. citizens. The agency’s self-reported legal noncompliance rate is exceptionally low, and members of Congress, who have access to classified information about the NSA, have in general signaled their unconcern. While discussion of safeguards can be useful, these safeguards are well in place and generally functioning as they should be.

  • Marcy Wheeler describes how the overseas storage of U.S. persons’ data provides a means of conducting domestic surveillance: In general, the lack of clear national boundaries on the Internet profoundly compromises all those laws drafted with national boundaries in mind. In particular, the oversight that would ordinarily apply to domestic surveillance fails when U.S. persons’ data can be mined overseas. The fallout of this and other surveillance operations has been costly to the U.S. economy, which depends on the high-tech sector. Much damage has also been done to U.S. soft power abroad, in that foreigners are much less apt to trust either the U.S. government or U.S. corporations. Lastly, the security benefits so far appear to have been negligible.