Putting Fisa into practice
Putting Fisa into practiceAfter months of negotiations and wrangling, the blogosphere is exploding with commentary pro and con over the recent
passage of the Foreign Intelligence Surveillance Act of 2008 (Fisa). Critics of the act have focused on several
issues: the retroactive civil and criminal immunity granted to telecommunications corporations for compliance with
executive requests that arrived without court orders; the more restricted certification process for the reviewing
Fisa court; the broader "dragnet" broadband authorisation for information; and the expanded reporting time granted
the government. Defenders of the legislation emphasise the clear statement that Fisa is the "exclusive means" for
intercepting electronic communications; increased congressional oversight; the enhanced protections for Americans
living overseas; and the new enhanced role of the inspector general to review the government's actions.
As expected, each side contends that the other's justifications are flawed and miss the mark. This debate becomes
highly technical, in which the trees obscure the forest. The controversy is further fuelled by the fact that the
presumed Democratic presidential nominee, Barack Obama, reversed his original position in opposition to the act and
voted for it, while Hillary Clinton, the defeated Democratic hopeful, continued to oppose the act. The Republican
candidate, John McCain, was a strong supporter of the act. Hence the evocative language of the blog postings -
"shameless capitulation", "false compromise" and "betrayal".
Regardless of where one breaks on the issues, there appears to be a consensus that Fisa needed to be modernised to
account for the new technologies and developments in the communications arena. The "old" Fisa of 1978 was written
for a world of phones, routers and telegraphs with limited traffic capacities and specific locations whereby one
could clearly delineate foreign and domestic. The brave new world of web-based communications has revolutionised
technical mechanisms, delivery modes, locations, storage banks and volume. The lapsing stop-gap Protect America Act,
the limited fix to Fisa, recognised that something new was needed.
Knowable individualised surveillance versus general broadband collection is an essential part of the debate – who
will authorise the broadband collection, by what standards, and who will review the authorisation and monitor the
分页标题#e#
collection? This is often referred to as the "minimisation" issue - in short how and who will keep the executive
accountable. As David Kris, a former associate deputy attorney general who has written extensively on national
security issues and surveillance, has pointed out: "Fisa has three essential substantive requirements: first, a
target that is a foreign power or an agent of a foreign power; second, a facility being used by that target; and
third, minimisation. To satisfy these requirements without sacrificing speed and agility, it is necessary to
identify the broadest possible target and facility, which will yield the broadest possible authorisation order,
which will require the fewest possible court orders for the most surveillance."
These facilities or international gateway switches have enormous amounts of data and traffic. But the status of the
origin of the communication, the nationality of the communicator and storage location of the data challenged the old
Fisa categories of target and facility. What are domestic-to-domestic versus international-to-domestic versus
international-to-international communications? Imagine an American traveller who lends his iPhone to a French friend
to make a call from Germany to his friend in Yemen. (This call would now require a Fisa warrant if the American was
a target.)
The Bush administration, confronted with the problem of identifying the nationality of the communicator, the
location of the communicator, the place of the "facility" and volume of the data, chose to ignore the old Fisa. It
asserted executive presidential prerogative to use the foreign power/foreign origin of the communication to assert
that it did not need a Fisa warrant to secure the data from the owners of the international gateway switches and
stored data banks. The potential threat, the administration reasoned, warranted swift action.
The next step was to use "filters" or "data searches" to find the communication network needle in the haystack.
Under the minimisation doctrine and the new act, the government is to "minimise the acquisition and retention, and
prohibit the dissemination, of non-publicly available information concerning unconsenting United States persons."
But if the data is "foreign intelligence information" or is "evidence of a crime which has been, is being, or is
分页标题#e#
about to be committed," it can be retained and acted upon. This has raised concerns in the civil liberty community.
How much information will these sweeps gather up?
The new Fisa is an attempt to bring back accountability and review of governmental action in this complex technical
area of electronic surveillance in the digital age. But as this brief review has highlighted it is the technology
that has made obsolete so many of the categories of the old Fisa. The concept of US citizen is harder to determine
in this interconnected world of mobile communications and storage capacities. The modern world is creating enormous
data banks of information controlled by the private sector. The government is only a warrant or a subpoena away from
this vast ocean of information on its citizens and visitors. All governments are wrestling with the problem of how,
under the rule of law, information should be obtained, searched, protected and not be the subject of governmental
abuse. The new Fisa statue is the most recent attempt to resolve these problems but many questions remain to be
answered as the intelligence community begins to "operationalise" the new rules.
The data is there in the private sector. Technology allows for more extensive and detailed searches. The goal is to
prevent the threats, and the government is being held accountable for failures. As one can see, the Fisa debate is
about technology, modern surveillance, executive accountability, the erosion of citizenship as a shield to
government intrusion and what privacy means in the new age. Congress has entered the fray again with more review,
the IGs are part of the process and the Fisa court has its authority reinstated. The hope is that more judicial
review will provide enough accountability. But a new president will have to see if the framework is adequate.
页:
[1]