Feeds

Wiretapping, FISA, and the NSA

I always feel like somebody's watching me..

Internet Security Threat Report 2014

The Foreign Intelligence Surveillance Act (FISA)

Nevertheless, the executive branch has another mechanism for obtaining court orders to intercept communications (including email) if the government doesn't believe that it has evidence of a crime. The Foreign Intelligence Surveillance Act allows the government to get an interception or seizure order (or a secret search warrant) by proving to a special super-secret court that the purpose of the surveillance is to obtain foreign intelligence, including (as amended by the USA Patriot Act) intelligence about terrorism.

FISA orders are directed at interceptions of "US Persons", meaning US citizens or permanent resident aliens, or US corporations. Thus, if a US person is the target of the surveillance, FISA, by its terms, applies. If the US person is not the target, but is otherwise intercepted, the surveillance is OK as long as there are appropriate minimizations procedures in place.

Prior to the enactment of FISA, domestic wiretaps were routinely done for "national security purposes" under nothing more than Presidential authority. Presidents from Roosevelt to Nixon ordered domestic wiretaps to protect national security. Indeed, prior to the enactment of the FISA statute, there used to be an exception in the wiretap criminal statute that provided, "[n]othing contained in this [statute] shall limit the constitutional power of the President to take such measures as he deems necessary to protect the Nation against actual or potential attack or other hostile acts of a foreign power, to obtain foreign intelligence information deemed essential to the security of the United States, or to protect national security information against foreign intelligence activities..." The Nixon administration used this exception to conduct surveillance and interception without warrants on a host of domestic "subversive" groups. When this was revealed, Congress stepped in to limit the abuses by giving the President a mechanism for conducting foreign intelligence (and now terrorism) investigations by passing the Foreign Intelligence Surveillance Act (FISA).

FISA and Presidential power

With the enactment of the FISA statute, this provision was changed to essentially read that FISA now "shall be the exclusive means by which electronic surveillance and the interception of domestic wire, oral, and electronic communications may be conducted." Thirty-three years ago, the US Government tried to rely on pure Presidential power to engage in domestic surveillance of domestic subversive groups without a warrant. US Supreme Court rejected the government's contention that the courts were not prepared to deal with the sensitive classified information, could not make informed decisions about the threats to national security, and that the President had independent authority to order these wiretaps without the Courts. Even if the wiretaps were "reasonable" the Supreme court opined, they violated the Fourth Amendment. Shortly thereafter, the same court found that even the Attorney General could be held liable for authorizing these "national security" wiretaps in that case against a group planning to bomb bridges and tunnels. It was this precedent - establishing that a government official's immunity for ordering such illegal wiretaps is only limited - that Supreme Court nominee Samuel Alito sought to reverse when he was advising the Reagan Administration's Justice Department.

Internet Security Threat Report 2014

More from The Register

next story
I'll be back (and forward): Hollywood's time travel tribulations
Quick, call the Time Cops to sort out this paradox!
Musicians sue UK.gov over 'zero pay' copyright fix
Everyone else in Europe compensates us - why can't you?
Megaupload overlord Kim Dotcom: The US HAS RADICALISED ME!
Now my lawyers have bailed 'cos I'm 'OFFICIALLY' BROKE
MI6 oversight report on Lee Rigby murder: US web giants offer 'safe haven for TERRORISM'
PM urged to 'prioritise issue' after Facebook hindsight find
BT said to have pulled patent-infringing boxes from DSL network
Take your license demand and stick it in your ASSIA
Right to be forgotten should apply to Google.com too: EU
And hey - no need to tell the website you've de-listed. That'll make it easier ...
prev story

Whitepapers

Driving business with continuous operational intelligence
Introducing an innovative approach offered by ExtraHop for producing continuous operational intelligence.
Why CIOs should rethink endpoint data protection in the age of mobility
Assessing trends in data protection, specifically with respect to mobile devices, BYOD, and remote employees.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Protecting against web application threats using SSL
SSL encryption can protect server‐to‐server communications, client devices, cloud resources, and other endpoints in order to help prevent the risk of data loss and losing customer trust.