The United States Senate is poised to vote on legislation this week that, for the next two years at least, could dramatically expand the number of businesses that the US government can force to eavesdrop on Americans without a warrant.
Some of the nation’s top legal experts on a controversial US spy program argue that the legislation, known as the Reforming Intelligence and Securing America Act (RISAA), would enhance the US government’s spy powers, forcing a variety of new businesses to secretly eavesdrop on Americans’ overseas calls, texts, and email messages.
Those experts include a handful of attorneys who’ve had the rare opportunity to appear before the US government’s secret surveillance court.
The Section 702 program, authorized under the Foreign Intelligence Surveillance Act, or FISA, was established more than a decade ago to legalize the government’s practice of forcing major telecommunications companies to eavesdrop on overseas calls in the wake of the September 11, 2001, terrorist attacks.
On the one hand, the government claims that the program is designed to exclusively target foreign citizens who are physically located abroad; on the other, the government has fiercely defended its ability to access wiretaps of Americans’ emails and phone conversations, often years after the fact and in cases unrelated to the reasons the wiretaps were ordered in the first place.
The 702 program works by compelling the cooperation of US businesses defined by the government as “electronic communications service providers”—traditionally phone and email providers such as AT&T and Google. Members of the House Intelligence Committee, whose leaders today largely serve as lobbyists for the US intelligence community in Congress, have been working to expand the definition of that term, enabling the government to force new categories of businesses to eavesdrop on the government’s behalf.
Marc Zwillinger, a private attorney who has twice appeared before the FISA Court of Review (FISCR), wrote last week that the RISAA legislation expands the definition of “electronic communications service provider” (ECSR) to include data centers and commercial landlords; businesses, he says, that “merely have access to communications equipment in their physical space.” According to Zwillinger, RISAA may also ensnare anyone “with access to such facilities and equipment, including delivery personnel, cleaning contractors, and utilities providers.”
Zwillinger had earlier criticized the ECSR language this year, leading House lawmakers to amend the text to explicitly exclude certain types of businesses, including hotels.
Zwillinger noted in response that the need for those exclusions is proof enough that the text is overly broad; an exception that merely serves to prove that the rule exists: “The breadth of the new definition is obvious from the fact that the drafters felt compelled to exclude such ordinary places such as senior centers, hotels, and coffee shops,” he wrote. “But for these specific exceptions, the scope of the new definition would cover them—and scores of businesses that did not receive a specific exemption remain within its purview.”
This analysis quickly flooded inboxes on Capitol Hill last week, with some Hill staffers and privacy experts quietly dubbing the ECSR language the “Stasi amendment,” a reference to the East German secret police force notorious for infiltrating industry and forcing German citizens to spy on one another.
