USA Freedom Act Passed by the House Judiciary and Intelligence Committees
Yesterday, the House Judiciary Committee moved to reform the NSA’s controversial bulk data collection via the USA FREEDOM Act (H.R. 3361). The Committee adopted the Manager’s amendment to the bill as well as Representative DelBene’s separate amendment on transparency reporting. Representative Lofgren also introduced several amendments to reform surveillance under section 702 of FISA but all were defeated. Today, the House Intelligence Committee also passed the bill out of committee.
While the main focus of the bill is to end the collection of bulk data, it also contains several other aspects of FISA reform. For example, the bill requires that in order to access call records, the government must identify “specific selectors” for which there is “reasonable, articulable suspicion” that the selector is being used by a foreign power or agent of a foreign power.
The bill goes a step further by adding specific language to Section 215 – the business records provision – that prohibits the government from demanding a tangible thing without providing a specific individual selector such as a phone number or email address. As additional protections against potential abuses, the bill calls for court review of minimization procedures, limited retention of data unrelated to an ongoing investigation (five years), and Inspector General audits.
The bill introduces other FISA reforms, such as limiting the government’s ability to use data collected on U.S. persons for criminal prosecutions, creating a pool of five experts to be available to act as amicus curiae to the FISA court for novel or significant legal decisions, and requiring the Attorney General to conduct declassification reviews on FISA court opinions.
The Rep. DelBene amendment on transparency reporting creates a set of three statutory options that companies who receive national security requests may use for reporting the number of requests received and the number of accounts impacted.
In general, companies who group all types of national security requests together can report in smaller bands of 250 for the number of requests and the number of accounts. Companies who differentiate between National Security Letters, content requests, and non-content requests may report in bands of 500. Companies who wish to further distinguish between the different types of authorities they receive compelling disclosure of content and non-content records for accounts are required to report in bands of 1000. Thus, the more detailed information a company wishes to disclose, the larger the range of numbers it will be required to use for its reporting.
Photo by Nicolas Raymond