There is a major issue within the use of the FISA-702 authority that must be immediately understood. A silo problem that is not being discussed within Congress as the potential for FISA-702 reauthorization is looming.
I’m setting aside my opinion of the entire process in order to just outline the facts as they appear. I am not in support of any of this FISA process; nor do I support the baseline premise of the NSA database capturing the private electronic communication of Americans, which I do not believe is legislatively authorized to exist.
The Office of the Director of National Intelligence (ODNI) recently released the 2023 FISC opinion on FISA-702 activity as reported by the NSA, FBI and to a lesser extent CIA and NCTC [REPORT HERE].
In this report, the Foreign Intelligence Surveillance Court (FISC) is reviewing legal compliance by the NSA and FBI in accessing the NSA database that houses the private electronic records, metadata, of every American. This is the core of the FISA-702 authorization, where 702 indicates an American citizen protected from illegal searches and seizures by the Fourth Amendment.
The NSA database contains the private electronic data (metadata) of every single American – including emails, text messages, social media posts, instant messages, direct messages, phone calls, geolocation identifiers, purchases by electronic funds, banking records and any keystroke any American person puts into any electronic device for any reason. [A big issue here is the use of Two-Factor Authentication (2FA) but that’s for a different article.]
The 2023 FISC report reviews the action of the FBI and NSA to ensure compliance with rules and restrictions in the search of this database.
The NSA and FBI report violations of the process to the FISA Court; this is somewhat of an honor system. You may have heard FBI Director Christopher Wray recently saying they have reduced the number of unauthorized searches of this database by 80%. The FBI has presumably tightened up the rules and restrictions on who and how this database can be searched.
The ODNI release only covers the compliance of the NSA and FBI (and the CIA and NCTC) to the FISA-702 rules. The CIA and NCTC are foreign mission authority only, therefore they should never even be involved in searching American citizens.
FISA-702 is not supposed to apply to the Central Intelligence Agency (CIA) and/or National Counterterrorism Center (NCTC), because they are not supposed to be looking at American citizen data directly. If the CIA or NCTC want to search the database for records of Americans, they are supposed to turn over their predicate intelligence (a foreign subject in contact with an American citizen, so they want depth on the American citizen) for determination by the FBI or NSA, who then conduct the search. At least that’s the way it’s supposed to work.
The FISC review covers the results of the NSA and FBI as reported to the FISA Court. The congressional oversight process looks at this FISC review as part of the reauthorization process. The FISC report is legislatively required to be conducted and released as part of this compliance review prior to Congress considering reauthorization. Congress may legislatively change the 702 rules prior to reauthorization or negate the 702 authorities completely, by not reauthorizing it.
Congress (House and Senate) weighs the FISC review heavily.
Here’s the issue. There are exponentially more violations taking place than are contained in the reporting from the NSA and FBI to the FISA Court. The FISC is only seeing one small part of the overall compliance picture. There are way more violations taking place than the court is aware of.
This is a silo issue, where the court is isolated in a silo without receiving information from the Dept of Justice (another silo). How do we know this?
Because the Dept of Justice Office of Inspector General (DOJ-OIG) reviews the entire U.S. government as part of the new, Trump initiated, OIG oversight of the DOJ National Security Division (DOJ-NSD).
Inspector General Michael Horowitz doesn’t just look at the FBI or NSA using the database; the OIG looks at the entire government and who has access to this NSA database to perform searches. There is a massive disparity between the number of unauthorized searches conducted and self-reported by the NSA and FBI silos, when compared to the whole of government. The FISA Court only hears about the NSA/FBI violations, not the unauthorized searches conducted outside the NSA/FBI by people who have access to this database.
How big is the disparity? HUGE!
Office of Inspector General Michael Horowitz testified April 27, 2023, that more than 3.4 million search queries into the NSA database took place between Dec. 1st, 2020 and Nov. 30th, 2021, by government officials and/or contractors working on behalf of the federal government. These search queries were based on authorizations related to the Foreign Intelligence Surveillance Act (FISA).
Within his congressional testimony, OIG Horowitz stated, “Approximately 30% of those 3.4 million search queries were noncompliant,” that is outside the rules and regulations that govern warrantless searches. The government calls these “non-compliant searches.” Additionally, IG Horowitz also stated that somewhere north of “10,000 federal employees have access to conduct these searches of the NSA database.”
While DOJ-OIG Horowitz is looking at the entire government, he reports these violations only into the silo of the Dept of Justice. Horowitz does not report his findings to the FISA Court. The violations by Horowitz, in this example over a million illegal or “noncompliant” searches, is reported internally to the DOJ (Main Justice). The DOJ (an information silo) does not turn these findings over to the FISA Court (another information silo).
As a result, the FISC opinion of the database compliance audit is only reached with a limited perspective on the totality of the violations taking place within government.
As a result, the FISC report does not contain discussion of the violations discovered by IG Horowitz.
As a result, the House Permanent Select Committee on Intelligence (HPSCI) and Senate Select Committee on Intelligence (SSCI) do not debate the FISA-702 reauthorization with the fulsome scale of the jaw dropping abuse of the database outlined by IG Michael Horowitz. FISA-702 reauthorization is debated in congress based on the 2023 FISC report which does not include the Horowitz review.
The 2023 FISC report is a compliance review of a very limited subset of database search queries, and only includes those done by the NSA and FBI.
Why is this only just now coming to light?
Simple answer, despite the DOJ National Security Department creation in the first year of President Obama’s term (2009 by AG Eric Holder), the Inspector General was never permitted oversight.
Despite his requests, the IG office was blocked by the DOJ-NSD for the entire Obama term in office. In 2015 the OIG again requested oversight, and it was Sally Yates who responded with a lengthy 58-page legal explanation saying essentially, ‘nope – not allowed.’ (PDF HERE) All of the DOJ is subject to oversight – except the NSD. The claimed justification was “national security,” and the information was too sensitive.
It was not until 2017, when President Trump and AG Jeff Sessions took office, that IG Michael Horowitz was granted oversight into the DOJ-NSD. With this oversight authority Horowitz first started his review of the FISA application used against Carter Page (2017/2018). Then, using the problems discovered within the Page FISA application, the IG expanded the review to the entire FISA application process in the entire DOJ (2019). The initial review of the process was horrible {SEE HERE} resulting in a major report of criticism [SEE HERE] in late 2021.
From there, in late 2021 IG Horowitz began the very first compliance review, outside of the limitations of the NSA/FBI self-reporting, and looked at the totality of the FISA-702 process as it was used to access the database from December 2020 to December 2021. His first full report was generated only a few months ago, and the IG testified to Congress. [LINK]
None of the FISA-702 reauthorizations, that have taken place between origination to today, have ever included a review of the entire government access, until Horowitz testified in late April.
More than 3.4 million search queries into the NSA database took place between Dec. 1st, 2020, and Nov. 30th, 2021, by government officials and/or contractors working on behalf of the federal government. This number is much, much larger than the search queries produced by NSA/FBI review to the FISA Court.
Additionally, as noted by IG Horowitz around 10,000 federal employees have access to conduct these searches of the NSA database, and his review of the searches revealed that 30% of them, that’s over a million, were noncompliant.
ACTION: At the very least, we immediately need to contact our congressional representatives and senators and inform them the FISA-702 reauthorization cannot be appropriately debated, considered or reviewed, without the FISA Court first receiving the information from the DOJ Inspector General review of the FISA-702 process. No FISC opinion is worth anything when it is based on a minimal subset of the actual violations that factually take place. This is at a minimum!
The FISC silo must receive the violation information from the silo at the DOJ.
I’ll have more on this, but for now this point is super important.