FISA Follies

01/22/2008 09:42 pm ET | Updated May 25, 2011

I have been following stories about the Foreign Intelligence Surveillance Act since 2002 when it first emerged as a factor in the investigations into the Sept. 11 attacks.

Back then the Bush administration claimed that FISA was outmoded and ineffective in combating 21st-century terrorist threats. It has fought political battles, apparently to improve the way FISA works, in order to make the law into a more flexible tool.

But what if this view is incorrect?

I believe the Bush people are far too canny to risk actually meddling with the foremost national security law on the books, one that had worked effectively for 22-odd years before the Sept. 11 attacks. But what those officials did see was an opportunity to blame FISA for their own failings and to strenuously argue for it to be reformed. This has had the predictable effect of hitting all the liberal hot buttons, and at the same time pumping up Bush's base of support in the country.

These staged battles between right and left have occurred several times since 9/11, notably in 2002 with a struggle between the administration and the FISA court itself over changes made by the U.S.A. Patriot Act. And it has been happening again over the past 12 months.

To recap: Early last year the Bush administration said it would make its controversial NSA warrantless wiretapping program conform to FISA, although it was unclear how this would be done. After this, the administration discovered a flaw in FISA that supposedly inhibited intelligence investigations. An unnamed official complained to the N.Y. Times that this was so serious a problem that up to 75% of foreign terrorist communications were not being intercepted.

In May a U.S. soldier, Spc. Alex Jimenez, and two comrades were abducted in Iraq. Their story was used by the administration and its allies to support Bush's call for FISA reform. The New York Post wrote a story in October about Jimenez, attributed to an unnamed congressional staffer, that told of a delay in the search for Jimenez's captors: Because phone or email communications between insurgents in Iraq might be routed through the United States, a warrant under FISA was required before those communications could be intercepted, and NSA lawyers' preparation of an application under FISA had delayed the search for a whole day. I wrote a story in the Village Voice, published Oct. 31 (which I will e-mail to you from the Voice website), questioning the Post's account of the supposed delay. A month earlier the Web site Talking Points Memo had published a similar story about a delay in the search for U.S. soldiers in Iraq, caused by legal hurdles associated with FISA, only the assertion had been made by Admiral Mike McConnell, Director of National Intelligence, in congressional testimony. TPM also questioned the account of the delay.)

The government's anxiety about a problem with FISA sprang from a supposed ruling last year by the FISA court, which normally only considers applications for warrants to intercept the communications of or physically search suspected spies or terrorists. The media accepted at face value that this court ruling and the problem the ruling identified were real, adding up to more than just some fanciful administration spin. A New York Times editorial, "Spies, Lies and FISA," October 14, stated "This year, the administration found an actual problem with FISA: It requires a warrant to eavesdrop on communications between foreigners that go through computers in the United States." The Associated Press, in an Aug. 3 article that focused on the delay in the search for the missing soldiers, wrote "Normally, warrants wouldn't be needed to eavesdrop on foreigners in Iraq or elsewhere. However, the Bush administration believes the government must obtain legal approval to listen in on foreign suspects when their conversations cross into the extensive U.S. communications network."

But I think I can show that the Bush administration's assertions were untrue.

First of all, the idea that communications within a foreign country are routinely routed through American hubs is almost certainly false. Furthermore, there is nothing in FISA to suggest that, were such communications routed through America, they would thereby come under FISA. The carefully worded definitions of the various kinds of electronic surveillance covered by the law do not leave any doubt about this -- whether or not the actual interception happens here or in another country.

I asked several telecommunications experts about the claim that calls between two foreigners in a foreign country would be routed through the United States; none had heard of such a thing. One expert had set up a communications system in Iraq after the 2003 invasion; he was extremely skeptical: "I would be very surprised if a local cell call -- an 'in-country' call -- would be routed way out there and then back again. The only reason I can see is if I'm hitting a Kuwaiti tower--but even then it would be going through a CO [central office, which is jargon for the switching station that connects caller with recipient] in Kuwait and coming back to Iraq," he said.

Other experts were equally doubtful that calls between two subscribers in a foreign country would be routed through the United States; one government official said, "There's no indication of that."

A reporter for a high tech magazine and a spokesman for a major phone company both agreed that one barrier would be cost: it costs a lot to take a call thousands of miles. My T-Mobile service would charge me $2.99 a minute to call Iraq; why on earth would one of the local carriers operating in Iraq arrange things so that a call between, say, Baghdad and Erbil goes to the United States and back? Nobody I asked could come up with a possible reason why in-country calls would go so far afield.

There's a page on the FCC Web site that contains annual reports of U.S. phone companies' dollar receipts and payments for international calls, country by country, including calls "transiting" the United States. These reports are required under Title 47 of the Code of Federal Regulations (47CFR43.61). The FCC site defines calls that transit the United States as those calls that originate in one country and terminate in a third country. The payment to U.S. carriers for calls transiting the United States from Iraq in 2005 (the latest available data) was in any case only $198. Other Arab countries and Iran also racked up small sums in payments for transiting traffic.

An expert with long experience of international telecommunications said he had asked several colleagues if they had heard about calls between two people in a foreign country that were routed through the United States, and none them had, nor could any of them imagine why such a thing would happen, he said. "I asked the question of a bunch of people. They were curious where I'd heard about this. It struck them as odd. People were struggling to figure out why somebody might want to do that."

I have studied FISA: There is simply nothing in it that could be interpreted as requiring a warrant to intercept calls made between two non-U.S. persons outside the United States (non-U.S. persons are people who are neither U.S. citizens nor permanent residents), even if those communications came through the U.S., whether or not the interception took place outside the United States.

The 1978 law, which is subtitled "Electronic Surveillance Within the United States for Foreign Intelligence Purposes," defines "electronic surveillance" in four brief paragraphs. Some commentators and editorial writers have suggested that modern telecommunications technology has made FISA obsolete; National Review, for example, published an editorial titled "Fixing FISA," which stated "But FISA's structure harks back to an era of analogue communications technology that has been steamrolled by the telecom revolution...As evolving technology makes our enemies more efficient and deadly, FISA leaves us sclerotic and vulnerable."

But it's hard to see how evolving technologies really make that much of a difference to FISA. Electronic communications today still fall into one of the two categories that existed when FISA was written: wire or radio. Cell phone calls are radio calls, unless they go from tower to cable, in which case they become wire communications. The FISA definition of "wire" is broad enough to include modern fiber-optic cables. Internet communications travel down the same wires or as radio waves in the same way that voice communications do.

Thus FISA's four paragraphs that define "electronic surveillance" easily fit the landscape of current telecommunications technology. It is clear from a careful reading of the four paragraphs that the interception of foreign-to foreign communications outside the United States does not constitute "electronic surveillance" under FISA, and so is not restricted by FISA. Yet the Bush administration leaked the information that the FISA court ruled early last year that those communications nonetheless did require a warrant under the law if they passed through the United States. The reasoning of the court is unknown because the decision has not been published, but presumably the judgment reflected a decision that if communications come through the U.S. they become no different than conversations within the U.S. as far as FISA is concerned. But this makes little sense: FISA defines electronic surveillance in terms of the intended targets and where they are located, because its purpose is to respect suspects' 4th Amendment rights, if they enjoy those rights, and the U.S. Constitution does not extend to non-citizens abroad (a Justice Dept. spokesman recently confirmed this in a New York Times article).

On July 31, House Republican leader John Boehner revealed the court ruling to Fox News's Neil Cavuto: "There's been a ruling, over the last four or five months, that prohibits the ability of our intelligence services and our counterintelligence people from listening in to two terrorists in other parts of the world where the communication could come through the United States." The quote comes from the Web site of a group called Citizens for Responsibility and Ethics in Washington, which filed a complaint with the Dept. of Justice asking for Boehner to be investigated for leaking classified information.

Boehner went on to tell Cavuto that it was the Democrats' fault that this problem had not been fixed: "The Democrats have known about this for months. We have had private conversations, we have had public conversations that this needs to be fixed. And Republicans are not going to leave this week until this problem is addressed."

The result was the Protect America Act, passed quickly over the following few days and signed by President Bush on August 5, a Sunday.

But what about that FISA court ruling? Was it real, or just another piece of Bush subterfuge like, for example, the invention of a heroic death in Afghanistan for former football great Pat Tillman?

I looked in vain for some evidence of the FISA court's ruling in current rules governing the operations of U.S. military intelligence.

A 1997 article about FISA, published in "The Army Lawyer," makes clear that the military must comply with FISA when launching an investigation that would come under its jurisdiction, for example if the target is an officer in this country suspected of spying. But the article clarifies questions about the reach of FISA. It does not apply, for example, when an investigation requires surveillance abroad of persons who are not U.S. persons -- when the target is neither a U.S. citizen nor a permanent resident. In those situations the guide for military intelligence officers is not FISA at all, but rules set down in "Army Regulation 381-10, U.S. Army Intelligence Activities." Renewed last May, AR 381-10 makes clear that surveillance on non-U.S. persons abroad can be approved by many officers on the ground in the country or region where the surveillance is needed.

This regulation, available on the Web, became effective June 3, 2007, two months before passage of the Protect America Act.

There is one page of AR 381-10 headed "Summary of Change." The page lists changes, for example to computer trespassing rules and rules governing physical searches of non-U.S. persons outside the United States. But none of the changes listed on that page deals with the communications between non-U.S. persons outside the country that might be routed through the United States.

Why doesn't this military intelligence regulation reflect the court ruling that President Bush and his Republican allies pointed to as the reason Congress needed to reform FISA, using the tragic fate of Specialist Jimenez as an illustration of how the FISA court ruling could foul up the process of getting surveillance on some bad guys in Iraq?

I emailed a U.S. Army press officer in Baghdad to ask why AR 381-10 was not sufficient, by itself, to authorize electronic surveillance to track Jimenez's captors last May. He replied, declining to comment.

The reason I believe that the Protect America Act did not, contrary to what James Risen reported in the Times, broaden wiretapping authority under FISA, is that the Act states, first, that the acquisition of foreign intelligence information authorized by the PAA "does not constitute electronic surveillance." Since electronic surveillance, in the generic sense, is precisely what the law is about, this must be a reference to FISA's four paragraphs defining electronic surveillance. What the PAA says here seems to mean that it authorizes only electronic surveillance that falls outside FISA's purview; in other words, PAA says that it does not authorize any electronic surveillance, without a warrant, that already requires a warrant under FISA.

Secondly, the PAA states that minimization procedures, as defined in FISA, which were designed to prevent the retention of information on U.S. persons that is not foreign intelligence information, remain in force. This is the safeguard against innocent Americans being wiretapped. It simply states that if an American citizen or permanent resident is wiretapped and that conversation concerns a planned act of espionage or terrorism, the conversation can be retained; otherwise, it must be discarded. Ironically, the PAA, by applying these minimization procedures, which were and are a part of FISA, to communications that were never covered by FISA, actually increases the protections for U.S. persons whose conversations might be picked up.