Three Provisions of PATRIOT Act Expired

Published On June 2, 2015 | By Abby Liebeskind | Uncategorized

Despite threats of impending doom, Congress has allowed three provisions of the USA PATRIOT Act to expire, marking the first surveillance rollback in the post 9/11 era. While we can expect legislation that will re-implement at least some of the expired authorities, let’s look at what has lapsed in the meantime:

1. Business Records (Section 215)

The government has relied on Section 215 authority to engage in bulk collection of records from telecommunications providers—a practice the Second Circuit recently held unlawfully exceed the statutory authority. Section 215’s expiration, however, does not guarantee this activity has ceased. With the sunset, the law has now reverted to the 2010 version of the Foreign Intelligence Surveillance Act (FISA), which provides that any foreign intelligence investigation that started before the sunset occurred, or any investigations of offenses beginning before the sunset date, can still continue. Arguably this grandfather clause could allow the government to continue using the Section 215 investigative powers, but anonymous sources within the administration have stated that this clause would not be sufficient to continue the bulk metadata collection program.

Section 215’s expiration stripped the government of its ability to compel production of “any tangible things (including books, records, papers, documents and other items)” pursuant to a business records order, and the government is now limited to orders requesting records from “a common carrier, public accommodation facility, physical storage facility, or vehicle rental facility”, pursuant to pre-PATRIOT Act law.

2. Roving Wiretaps (Section 206)

Section 206 added a “roving wiretap” provision to FISA, which allowed the government to apply for an order from the FISC requiring third parties to assist with electronic surveillance even when the government does not know which third party will be required to assist with the interception. If the government provided specific facts that the target of surveillance may take actions that could “thwart[] the identification of a specified [third party]” in an application, the FISC would issue an order requiring unspecified third parties to assist with the interception (50 U.S.C. 1805(c)(2)(B)). In practice, a Section 206 order could be served upon multiple third party providers as the target moves between services or as the government identifies which services are being used by the target. The government was not required to identify the target of the roving wiretap, but rather “specifically describe” the target (a lower burden than required for non-roving FISA wiretaps). Since this authority expired the government will have to use FISA orders that specifically name the third party required to assist with the interception.

The Wiretap Act, which governs the use of wiretaps in criminal investigations, has included an analogous roving provision (18 U.S.C. 2518(11)) since 1986, which remains valid. This roving wiretap authority was used only 16 times in 2013, out of 3,576 authorized intercept orders (the most recent year for which statistics are available).

3. Lone Wolf (Section 6001 of the Intelligence Reform and Terrorism Prevention Act of 2004)

One of the threshold limitations on the government’s ability to obtain orders from the FISC which authorize electronic surveillance or physical searches is the requirement that the non-US person being targeted is a “foreign power” or an “agent of a foreign power.” A 2004 amendment to FISA expanded the definition of “agent of a foreign power” to include “any person other than a United States person who … engages in international terrorism or activities in preparation therefore…” (50 U.S.C. 1801(b)(1)(C)). For orders sought under this “lone wolf” provision, the government was not required to demonstrate a nexus between the target of the order and a foreign power or international terrorist group, but rather had to demonstrate to the FISC that the target engaged in (or continued to engage in) international terrorism or activities preparing for such terrorism. According to the New York Times, this provision was never used.

 

About The Author

Abby’s practice focuses on the legal issues that companies face related to user data and the obligations that arise under ECPA, FISA, the DMCA, and similar foreign laws; she also has experience with child exploitation matters. She frequently advises clients on how to respond to requests for user data or electronic surveillance from domestic and foreign law enforcement, as well as content take-down requests and third party requests in civil litigation. Abby also assists clients as they establish law enforcement compliance programs and transparency reporting.

Comments