The Just Security Podcast

Toward a Goldilocks Deal on FISA 702 Surveillance Reform

December 05, 2023 Just Security Episode 49
Toward a Goldilocks Deal on FISA 702 Surveillance Reform
The Just Security Podcast
More Info
The Just Security Podcast
Toward a Goldilocks Deal on FISA 702 Surveillance Reform
Dec 05, 2023 Episode 49
Just Security

On Monday, Dec. 4, 2023, the Reiss Center on Law and Security at NYU Law and Just Security co-hosted an expert discussion entitled “Toward a Goldilocks Deal on Section 702 Surveillance Reform.” 

This Podcast episode is the audio from that discussion, which was co-moderated by Senior Counsel at Perkins Coie LLP and former Justice Department counterespionage prosecutor and FISA oversight attorney David Aaron and Just Security Co-Editor-in-Chief and former Deputy Legal Adviser to the National Security Council and Special Assistant to the President Tess Bridgeman.

The panelists were: Elizabeth (Liza) Goitein the Senior Director of the Liberty & National Security Program at the Brennan Center for Justice; Andrew McCabe the Former Acting Director and Deputy Director at the Federal Bureau of Investigation; and Mary McCord the Executive Director of the Institute for Constitutional Advocacy and Protection at Georgetown University Law Center. 

Show Notes: 

Show Notes Transcript

On Monday, Dec. 4, 2023, the Reiss Center on Law and Security at NYU Law and Just Security co-hosted an expert discussion entitled “Toward a Goldilocks Deal on Section 702 Surveillance Reform.” 

This Podcast episode is the audio from that discussion, which was co-moderated by Senior Counsel at Perkins Coie LLP and former Justice Department counterespionage prosecutor and FISA oversight attorney David Aaron and Just Security Co-Editor-in-Chief and former Deputy Legal Adviser to the National Security Council and Special Assistant to the President Tess Bridgeman.

The panelists were: Elizabeth (Liza) Goitein the Senior Director of the Liberty & National Security Program at the Brennan Center for Justice; Andrew McCabe the Former Acting Director and Deputy Director at the Federal Bureau of Investigation; and Mary McCord the Executive Director of the Institute for Constitutional Advocacy and Protection at Georgetown University Law Center. 

Show Notes: 

Paras Shah: Hello and welcome to a special episode of the Just Security Podcast. I’m your host, Paras Shah. On Monday, December 4, 2023, the Reiss Center on Law and Security at NYU School of Law and Just Security co-hosted an expert discussion entitled “Toward a Goldilocks Deal on Section 702 Surveillance Reform.” 


You can read all of Just Security’s coverage of Section 702 of the Foreign Intelligence Surveillance Act, including analysis from many of our experts, on our website. 


If you enjoyed this episode, please give us a five-star rating on Apple Podcasts or wherever you listen. We hope you enjoy the discussion.


Tess Bridgeman: Hello and welcome to our panel event and podcast, “Toward a Goldilocks Deal on Section 702 Surveillance Reform.” This event is co-hosted by the Reiss Center on Law and Security and Just Security, here at NYU Law. I'm one of your co-moderators, Tess Bridgman. I'm Co-Editor-in-Chief at Just Security and Senior Fellow and Visiting Scholar at the Reiss Center. In the Obama Administration, I served in the State Department, and at the National Security Council, as Deputy Legal Advisor to the National Security Council.


I'll be co-moderating with David Aaron, senior Counsel at Perkins Coie, who previously practiced in the U.S. Department of Justice and brings a wealth of experience as a former counter espionage and FISA oversight attorney.


So, as many of you know, Section 702 is a critical national security authority, which is set to expire at the end of the month unless Congress reauthorizes the program. Critics of the program have long pointed to the ability of U.S. intelligence and law enforcement agencies to search the vast database of communications gathered using Section 702 foreign intelligence authorities for information on U.S. persons without first obtaining a warrant, as well as a documented history of other abuses by the FBI in particular. 


The program's defenders argue that it is an irreplaceable tool for countering a range of threats, from terrorism to cyberattacks, that it is aimed squarely at collecting information on foreigners located abroad, and that it is subject to incredibly robust oversight and transparency frameworks, from front end approval through to back-end audits.


We're fortunate to be joined by a phenomenal panel today of experts and practitioners to discuss the prospects for 702 reauthorization, as well as a number of serious proposals for reform and reauthorization that are now under consideration on Capitol Hill. And I'll turn it over to David.


David Aaron: Well, thank you, and thank you for having me. You know that either you've made it, or at least there's a perception that you've made it, when you have a panel like this, and a co-moderator like this. Very happy to be here, and thankful.


I'll introduce our panel. We have Liza Goitein, who's the Senior Director of the Liberty and National Security Program at the Brennan Center for Justice.


We have Andy McCabe, former Acting Director and Deputy Director of the Federal Bureau of Investigation, and Mary McCord, who's the Executive Director at the Institute for Constitutional Advocacy and Protection at Georgetown University Law Center, and the former Acting Assistant Attorney General in charge of NSD. Thank you, guys, for being here.


Probably, it's a good idea to start out by level setting and just talking a little bit about what Section 702 is, how it's used, and particularly, how it's used by the FBI, because I think that's where a lot of the current discussion and debate are happening Andy, if you don't mind, can you give us a brief walkthrough of how the FBI uses Section 702?


Andy McCabe: Sure, David, and thanks very much for including me today in this super important conversation about what is arguably the most significant national security tool in the intelligence community. 


So just for kind of level setting purposes, of course, 702 is that section of the FISA Act which allows the intelligence community to conduct warrantless surveillance on foreign persons who are located in foreign places for the purpose of collecting foreign intelligence. Targets are nominated to that list. I think, as of current disclosures, the community currently has about 250,000 targets on that list. I may be off by a few 1,000 here or there, but nevertheless, you get the idea. So, it's a broad, broad-based program in which communications information is collected. 


The FBI is entitled, or I should say, has access to a much smaller percentage of that collection. Nevertheless, it's still a significant amount of material, and the Bureau uses this tool most, and most effectively, at the very, very beginnings of an investigation or an inquiry that's not even an investigation yet. Typically, what the FBI does is, once they receive information from any source that you might imagine — it could be an established informant of the organization, it could be a foreign government, it could be a partner in the intelligence community or foreign law enforcement or intelligence agency, what have you —that an individual or a selector, a phone number or an email address, is involved in a terrorist activity or an espionage activity, or maybe proliferation of weapons of mass destruction or malicious cyber activity, you take that information right at the very beginning, and try to vet what you've been given. Try to see if there is information, you know, if you're over the threshold to begin kind of a legitimate, robust investigation. And the first thing you do, of course, is run what you've been given against the holdings that you already have, that data that you retain and access lawfully with complaint information. 


So, this being able to query 702 gives the Bureau a heads up at the very incipient stages of their inquiry as to whether or not the person or the selector they're working with is connected in any way to foreign terrorists or foreign spies, or people who have been targeted under 702 authority.  Those people could be overseas, or, of course, as we know, they could be people here in the United States who are connected to those foreign individuals. I think I can't say early in the investigation enough, because it's really my main point here. At that moment it is very common — maybe the majority of the time — you don't really know if the person or the number that you're looking at that, you're running through the data set, is a U.S. person, someone here in the United States, or someone anywhere in the world who has legal status here, or whether that facility, that phone number or email is being used by a U.S. person. And in order to determine just that fact, you would have to conduct a significant amount, potentially significant amount of investigative activity just to determine that.


So that has broad based implications for whether or not you can make these very important decisions about the information you've been given quickly, in a context to be relevant and effective, and also how you're utilizing your resources to make these very early determinations in the inquiry. So I'll stop there for a minute and happy to take other questions. 


David: Sure. Thank you. And so you really describe the role of querying Section 702 information, information that's already been collected under that foreign intelligence process. In terms of the actual front end collection, can you talk a little bit about what an FBI agent might do in order, if the FBI wanted to collect information, if they wanted to target someone in order to acquire foreign intelligence information?


Andy: Sure. So that happens pretty much at the opposite end of, or once you're far into, a full investigation, and you've developed your own information to indicate that the person that you're looking at falls within the parameters of 702 collection. So, let's say it's a terrorist investigation, and you're conducting, you know, you're looking into an individual who's thought of being, you know, who's based overseas and is thought to be engaging in terrorist activity there, targeting Americans, what have you. There is a nomination process. You can submit that information and your request to include that person in 702 collection to NSA, and that’s of course, that's a determination ultimately made by the NSA whether that person's added to the list or not. So, the FBI doesn't control who's on there, but we can nominate targets as appropriate.


David: Thank you. So, when we talk about queries, we're talking about queries of information collected through that process of determining whether someone is appropriate to be targeted. There's information collected based on targeting of selectors, and then that information resides somewhere that can later be queried. Is that a fair way of putting it?


Andy: Well, they're two kind of separate channels there, David. So, you at the very beginning of an inquiry, you don't know what you're working with. And so, you're going to take that selector — let's say somebody gives you an email address —and you're going to run it through all the data sets that we have, right? We want to know, did that email come up in a criminal case in a prior FBI investigation or a prior national security case. If it's a name, does that person have a criminal record? We might query our intelligence partners in the community, see if that person or that selector is known to them for whatever reason. And one of the many data sets that the Bureau can query against is 702 collection. So early on in the investigation and the inquiry, you can understand whether or not the person you're looking at, or the selector that's being used, is in contact with someone who's already being targeted overseas as a target of overseas. 


David: Got it. I think — sorry, go ahead, Liza. 


Elizabeth Goitein: If I could just jump into clarify, that second process that Andy was talking about — I think I’m frozen — which is to, where you actually go to the court and you get an order from the court showing probable cause, that the person is an agent of a foreign power, and then you can conduct surveillance of them — that’s under Title I of FISA. U.S. person queries are, the way that term is used, is queries of information collected under Section 702 of FISA. That’s a very different process where there is no individualized order from the court at all. So, just to clarify. 


David: I mean, it's good to get terminology squared away across the board. I think when we talk about 702 targeting, I think we can all agree we're talking about targeting that is done based on targeting procedures that were approved by the court, but not individual orders that were approved by the court. So, there's the front-end targeting process through which information is acquired, if, you know, from targets who meet those procedures, and then queries are separate from targeting. Queries are of the information that has been collected through targeting. Fair enough? Great! Alright! I think we're done. 


No, alright. So, I think now what we need to do is step back, and we'll look at, you know, with the impending expiration of the latest iteration of the FISA Amendments Act, what are the big problems to solve, and if we can think of what the big problems are, we can frame our conversation for today. Obviously, the impending sunset, the impending expiration of Section 702, that's a problem for some people, and we'll talk about that. You know, there is a provision in the reauthorization that allows some of the authority to continue after the statute itself expires, but that doesn't go on forever, so that clearly is a problem that needs to be addressed, and we'll talk about that.


As some in the audience might have picked up through the nuances of the prior discussion, the question of U.S. person queries — under what circumstances should the FBI or other agencies be able to query already collected information, for information of or about United States persons? What should the process for that be? What should the permissible uses of information that is discovered that way be?


There’ve also been accounts in the news media and declassified documents from the FISA court, or the FISC, as you'll hear us accidentally call it a few times, issues regarding compliance. The different agencies, including the FBI, are subject to many procedures in their use of FISA, all different stripes of FISA, and compliance issues that are discovered are reported to the court. We'll talk about what is the nature of those compliance issues, is there anything that should be done to reduce the number of them, or the nature of them, and what that might be. 


But related to this kind of legal or implementation issues are also big issues outside of the law itself. We've seen an erosion of public confidence to some degree in the FISA system and the agencies that implement FISA. The political support that in my experience was always there in the middle every time these authorities came up for renewal seems to be fracturing. And we also see an increasing role of privacy concerns coming from outside the United States having an impact. 


So, while we'll talk about these kind of FISA specific, within the law, within the process, potential changes or issues, I think we also need to be thinking about it in terms of not just what's strictly legal or constitutional, but what is required to maintain or rebuild that public confidence and the political consensus. So, I'll ask the most important question of the day of each of our panelists, starting with Liza. Am I asking the right questions? Have I identified the right topics, or is there anything else that we should add to the list?


Elizabeth: Well, I would add some privacy issues that actually go beyond the four corners of Section 702. And the reason for that is that 702 is part of a vast ecosystem of often overlapping surveillance authorities, and so, if you tinker with one set of authorities but not the other, then the government can shift its surveillance practices to other authorities, or exploit gaps in the law to conduct surveillance without any statutory authority at all. So, I think the conversation needs to be broader than 702. 


On 702, I'd say the key issue is this question of backdoor searches, or U.S. person queries, and those are very controversial for two reasons. The first reason is simply that they are warrant lists, that they give the government warrantless access to Americans communications. So, this program authorizes warrantless surveillance, and so it can only be targeted at foreigners overseas. But of course, it sweeps in Americans communications because Americans communicate with foreigners. And if the government's intent were to spy on those Americans, it would have to get a warrant.


So, to prevent the government from using 702 as an end run around the Fourth Amendment, Congress required the government to minimize the retention and use of Americans’ communications and to certify on an annual basis that it's not using Section 702 to spy on Americans. And these back door searches are kind of the opposite of that. These are situations in which the government, having certified to the FISA court that it is not trying to access Americans’ communications, once it actually gets the data, it runs electronic searches for the express purpose of finding and reviewing Americans’ phone calls, text messages and emails. And that's a bait and switch that drives a hole through the protections of the Fourth Amendment.


And you know, the FBI conducted 200,000 of these warrantless searches in 2022 alone, so that makes it pretty clear that what was intended to be a solely foreign focused spying authority has, in fact, become a domestic spying tool. That's the first controversy. 


The second controversy is all of the abuses that we have seen with these warrantless searches, including searches for the communications of Black Lives Matter protesters, members of Congress, a local political party, a state court judge, journalists, and in one case, more than 19,000 contributors to a congressional campaign. So needless to say, those abuses have made this an incredibly controversial part of the program.


David: Well, thank you. Mary, just to make sure we've scoped the issues appropriately, anything to add to the list that we just discussed?


Mary McCord: Well, I think that, you know, even though I know we're here today to talk primarily about FISA Section 702 reauthorization, I think that what's happened, especially with some of the controversies over the last couple of years about the FBI's use of FISA, is that there's been a conflation in the public perception between other aspects of FISA, like Title I warrants and abuses, or, you know, “abuses” of the 702 U.S. person querying. 


So, for example, you know, there was a lot of public discourse both because of Office of Inspector General memos coming out, as well as cleared, declassified FISA court opinions coming out, as well as congressional inquiries into the FISA Title I of Carter Page during the 2016 campaign, Carter Page, being associated with the Trump campaign. 


And certainly, it was revealed later, through all of these Inspector General memos and other investigations, that some information that really should have been provided to the Department of Justice, and ultimately to the to the FISA court, Foreign Intelligence Surveillance Court, in approving those Title I devices had not been supplied. And I think, you know, that became a huge hotbed political issue for obvious reasons given who Carter Page was in his connection to a presidential candidate. And I'm not really here to debate, you know, where mistakes were made, or how it could have been done differently. But there's no question that that led, I think, to a lot of public perception that the FBI, potentially the intelligence community, Department of Justice was using FISA for political means, which has engendered some of this loss of faith in these intelligence authorities, which, as Andy said at the outsight, are really critical authorities, both by Title I, Section 702, and other intelligence authorities are really critical, not only in our battle against foreign terrorism, but also against other foreign malign influences, whether it is, you know, cyber-related crimes, hacking into, you know, our critical infrastructure, into our election systems, into private companies’ own information without their no knowledge, whether it is recruitment of foreign agents or of agents from Americans by foreign governments, and whether it is unwilling, sort of use of Americans by foreign governments, winning, of course, on the part of the foreign government, but not the person who maybe is in contact.


 So, there's really important reasons for Section 702, as well as Title I. And I think part of the part of what we're seeing now in the controversy over — and I'm not trying to detract from Liza’s points about U.S. persons queries, I have some different views about those than Liza has — but I just think, in general, this has become much more of a hotbed topic because of some of these political issues that have come up in the past, and that's why I think what we also are seeing when we're looking at some of the bills that have been proposed is not just 702 reform, but also reforms related to other aspects of FISA collection.


David: Thank you. And Andy, I'll give you a chance. Any other macro issues to contribute to the conversation today?


Andy: No, I think if we could sort through about 30% of all those we'd be doing really good, really solid work. No, I think that that describes the universe that we should look at pretty well.


Tess: Great. So, let's jump in because we've all been seeing this sunset coming and talking about 702, and other parts of FISA has come up a couple of times now, you know, for a while. And now that the sunset is upon us, we actually have bills that would address various aspects of these things, so we can have the meaty conversation I think many of us have been wanting to have for a while that really asks, is there a Goldilocks solution? Is there such thing as a compromise that can get through Capitol Hill, and what are the trade-offs at stake with those? And I think, having diagnosed the problem is a great way to start. 


Just to frame that out a little bit further, I think we identified — and Liza helpfully, I think, laid this out with her comments — both issues that have been raised with permissible uses of the program that are completely lawful in terms of the current statutory framework, and problems that seem to sound more in compliance, in or non-compliance, we should say, with the framework as it stands. I think we may have disagreement over the import of those compliance incidents and the causes of them. But I think we all recognize that there are compliance concerns, and that's something that's driving a few, at least, of the proposals that we're seeing on the table. 


So, keeping that in mind, we want to address both. What should the permissible uses be? What should the front-end framework look like? And then, how to deal with compliance problems? We have to kind of hold both of those as we as we talk through what's percolating on Capitol Hill. So, without further ado, maybe if I can turn back to you, Liza, to start because you did recently write a thorough overview piece for us at Just Security about one of the big bills, the Government Surveillance Reform Act or GSRA. And I mean big, literally. This bill tackles a lot more than Section 702, but can you give us a brief overview of the main parts of that bill that impact 702 implementation and maybe also compare some of those provisions with some of the other takes? We have a bill coming out of Senator Warner in particular, a number of proposals floating around that are going to have to become part of a compromise. So, if you could talk us through what those components are, and in particular, from your perspective of what would be rights enhancing out of those proposals?


Elizabeth: Yeah, I'd be happy to. And it's interesting that you flagged the issue as being what should be permissible, and then how you deal with some of the compliance problems, because I think the solution to — and they are separate issues, you're right — and I think the solution to them is the same, which is that there should be a requirement that the government obtain a warrant, or a Title I order under FISA, when it wants to search these communications obtained under Section 702 for an American’s communications. I mean to me, that makes a lot of sense, because, again, the whole reason that these communications were obtained without a warrant was because the government certified that it wasn't targeting Americans. So, if the government decides it wants to focus on an American and look at their communications, it should have to go back and get the word that it skipped at the front end.


There is a provision to do that in the Government Surveillance Reform Act. It has exceptions. It has exceptions for when a person consents to the search, which may sound a little crazy, but in fact, one of the stated uses of these backdoor searches is to identify potential victims, and in that case you could very well get someone's consent. There's an exception for emergency circumstances, for the life and safety, where the life and safety of these subjects might be in jeopardy or of any person. There's an exception for a certain type of cyber security defensive query. So, if the search is to try to find malware that's embedded in Americans communications, there's an exception for that. 


And the warrant requirement would not apply to metadata. So, we often hear the government saying, we want to know who foreigners are talking to, or who these foreign targets are talking to in the United States, you know, if there's a particular person you can run their information and find out whether they're in contact with a foreign target. But what the government can't do is actually read an Americans’ communications without getting a warrant. I would say that's the main Section 702 fix in that bill. 


By contrast, the Senate and House Intelligence Committee proposals require restrictions. In one case it's a warrant. In the other case it's a complete prohibition on U.S. person queries in a subcategory of cases, and that's queries that are seeking evidence of a crime only, which means that there is absolutely no intent in there to find foreign intelligence. That sounds like a compromise. In practice, it is carefully designed to do approximately nothing looking like it's doing something because those queries are so rare. They're vanishingly rare, because the FBI always labels its queries as having some foreign intelligence purpose when it's clearing the 702 databases. So, last year there were 16 cases out of 200,000 queries. There were 16 cases in which the FBI accessed Section 702 data as a result of an evidence of a crime only query, so that's really meaningless. It's a meaningless change. 


Beyond that, the House and Senate bills mostly just codify changes that the FBI has already made to its procedures. I don't know if we'll have a chance to talk about those changes later. If so, I'll leave it there for now. If not, I can talk about them now. But, the bottom line is those changes haven't stopped the abuses, and they haven't stopped the violations there. They have proven already to be inadequate. So again, codifying the status quo is not the solution in this case.


Tess: The numbers have gone way down, though, if I'm right. Maybe it would be a good idea to just hear your perspective before we turn to the others about those FBI procedures, what their codification would do and why that isn't a sufficient starting point at least.


Elizabeth: Yeah. So, these procedures are, you know, good ideas. And it's mind boggling that it took 15 years into the program for the FBI to put them in place. They are, you know, more robust training, requirement requirements, supervisory approval for certain sensitive queries. 


The most basic one — which again, is baffling, why it wasn't in place before — is that FBI agents have to opt in to seeing Section 702 data when they run a query over all of the FBI's data. These, according to the government, these changes have reduced the rate of non-compliance with the FBI's own sort of internal standard to about 2 percent, and that certainly sounds good until you do the math because 2 percent of 200,000 queries a year is 4,000 queries every year that violate the FBI's own low standard for these searches, and we know that these queries are continuing to include abuses. 


So, the latest FISA Court opinion went into some recent searches by FBI agents since these changes were put in place that baselessly search for the communications of a U.S. Senator, a state Senator, and a state court judge who contacted the FBI to report civil rights violations by a local police chief. So, this is clearly not the solution.


Tess: So, from your perspective, and I don't want to put words in your mouth here, but I'm just going to try to summarize by saying, the warrant requirement for U.S. person searches is really key in your view as a protective measure. I think there is debate about whether that would be required or prudential for Fourth Amendment purposes. From your writing, I think I can accurately summarize that you think it would be required, and it's certainly —


Elizabeth: I don't want to misrepresent because I would say the courts are very much up in the air on that question. So, I'm not saying there's definitive Supreme Court precedent at all. Part of the reason we need Congress to act is because the case lies very much in flux on this point. But I think constitutional principles, and especially the way the case law is starting to emerge on some of these electronic searches of electronic data, point in the direction of requiring a warrant for these searches.


Tess: Yeah, helpful clarification. It's certainly not settled in terms of the jurisprudence. And the other thing that just I would, I would add in summary, is that a number of these other reforms from your perspective are basically window dressing, either because they don't get at the real problem from a numbers perspective, or because, even if implemented, because we have a track record now, seeing as the FBI has been implementing these procedures itself, at least for some period of time now, it does not, in your view, solve the whole problem.


So, starting there I'd love to turn, Andy, to you first, to talk through what you think the warrant requirement would do in practice, whether you think a warrant requirement is something that the FBI could live with if it had the kinds of exceptions, or something similar to the exceptions that are in the GSRA, and kind of give us a flavor for what you think it would look like if there were one of these requirements in practice.


Andy: Sure. So, that's a lot to chew on right off the bat. So, you know, this is a, is there a Goldilocks solution here. Absolutely there is. But we're in the middle of a very large sliding scale of steps that we could take, and it's important that we understand the impact on operational effectiveness that some of those changes will make. I mean, you could say, you could go all the way to one end and say the FBI shouldn't have access to this data at all. I think that would be a horrible result. I don't think that anybody supports that, but that seems to be kind of the far end of the Goldilocks solution. Or you could say, leave it, leave it alone, clean, we go forward, no changes to what's happening. We're totally comfortable with the state of affairs of 702. I don't think anybody would make that claim either. So, we got to land somewhere in the middle. 


Before I get into the impact of the warrant, I just, I feel like it's necessary to set a little bit of perspective on how we got to this place, and that is in the transformation of the FBI and the rest of the intelligence community in the wake of 9/11 when very quickly, we were rightfully held responsible for basically connecting the dots. Right? We have the dots. We collect the dots. We have to connect them to understand what sort of threats that America currently faces so we can mitigate those threats and stop attacks from happening. So that's how, 15 years ago, we got to a place where you had to opt out. I didn't even know there was an opt out option. 


702 access, because we had lawful access to 702, it was one of the many datasets that were considered essential tools, essential to search against at the very beginning of an investigation or an inquiry. So, you know, ruling that out was something that was unheard of in that immediate post 9/11 world. And I’m not suggesting that everything in that world was done perfectly and we should go back to that. I'm just trying to explain like, that's how we started with this process of confederated searches. That was the gold standard. We should look at everything we have, that everything that could be relevant to an investigation that we had predicated and we're conducting. So that's what happened. I think that the current status of opt in is one of those essential reforms, that I think it's great that the FBI has done that, I think that moves us to a very different place on the on the sliding scale and a place that we should be. 


So, let's talk about warrants. A warrant requirement to search the data set would be completely unworkable for the FBI — doesn't really change the tool instrumentally for any of the rest of the intelligence community's use of it, but for the FBI, it's our responsibility to deal with, to investigate U.S. per, to deal with U.S. per information, that sort of thing. It would be essentially impossible. And the reason is, you don't know enough to collect probable cause — probable cause, whether in the FISA standard or a traditional, almost Title III standard — you wouldn't know enough to be able to go in front of the federal judge or FISA court judge and make that argument for probable cause at that point when you're vetting information that you know very little about. And, in fact, to pursue that, you'd have to have conducted an investigation to simply determine, first, whether or not the information you had belonged to an U.S. per, and, second, what that person had been up to, whether or not there was probable cause to believe they were in danger of foreign power, or engaged in criminal activity, what have you. So, you're almost putting the cart before the horse and saying, we want you to do more investigation of these people who you know little about before you can search the data that's currently in your own holdings.


I think — not my favorite resolution, not my favorite approach, this I don’t believe the warrant requirement is necessary. I don't think that's the solution that works for the FBI. I totally understand why other people are more comfortable with that. The halfway has been, which would be, you can search the data set with presumed U.S. per information, and you have to get a search, or you have to get a warrant from the, or I don’t know, sub warrant, not quite a warrant, different standard from the FISA court to look at a positive hit.


That certainly would impose a much, much lesser burden, and be it less of an impediment to the operational pace that is necessary to protect America. But, still, you are putting roadblocks in between the organization responsible for stopping those things from happening. You're putting roadblocks in between their ability to see what they already lawfully have. So, I know this is not a new explanation of where law enforcement would fall out on this issue, but it is perennially this core problem with the warrant requirement. So, when you think about that sliding scale, if I were still running the FBI, if there are bargains I had to make to continue access to 702 as a critical component of protecting the country, a warrant requirement is not a bargain I would make.


Tess: That's super helpful, and it's helpful to to have walked through kind of how we got here in the post 9/11 era. And I think, as you're pointing out, there are a series of essential reforms that were made following that initial radical set of changes that have brought us to the current day. 


I do want to come back on one point, and this is for any of you who may know this, I think the procedures that have been put in place recently mean that in practice, FBI agents using the database do already, at least in some cases, have to know whether a query pertains to a U.S. person which may not have been the case in the past. But if any of you — 

Elizabeth: That’s right. They have to already, they have to identify whether the query pertains to U.S. person. That's part of the record keeping requirement now. So that's already happening. 


Tess: And that's new as of the last couple of years?


Elizabeth: That’s right, yeah.


Tess: So, another interesting test case of, kind of, you know, how putting these things in place does or doesn't change the utility —


Elizabeth: And, and, that has not brought the system to its knees. So, a lot of these claims about how burdensome these procedures will be, originally, the FBI said, we can't do that. We can't track whether they’re U.S. persons or not. 


Andy: Well, not to their knees, maybe not to their knees. But we've gone from what, 2.9 million to 119,000 queries in less than a year. I know some people might think that's a good thing, others not so much, but it's no question that everything you do has an impact on how the tool is being used sometimes for better, sometimes not.


Tess: Mary, do you want to come in on this question of, kind of, you know, do any of the currently proposed bills give us a Goldilocks, or what you think we should be driving towards? And then, I think there's more to hash out on some of what was just raised, and I'll turn it over to you, David, to bring us to that. But I just want to give you a chance, Mary, to come in on this question.


Mary: Sure. I guess I have a couple of thoughts, you know, in addition to Andy's point about, you know, some of the resources in terms of the FBI that would be required for a warrant requirement, I think we also have to think about the FISC itself. And I am actually one of the designated FISA amicus panel right now. There are 5 of us on the legal panel. There are additional technical experts, and that's critically important. I'm happy to talk about that later.

And resources should not govern a constitutional question, I understand that. But just to, you know, foot stomp the resource issue, I mean, there are a panel of judges, Article III judges who are assigned to the FISA court for terms. Three are local, others are not. They come here to Washington, DC for one-week intervals. 


There is a staff of attorneys that help those judges prepare for the FISA applications that they will be reviewing during their week of service in DC. They may appoint amicus when they think that, when there's a novel issue or an issue that they think or is otherwise appropriate for advocates to weigh in, but a warrant requirement would — they already have a significant burden when they come to Washington for their weeks of service. A warrant requirement would require, probably, maybe at least three times as many judges, maybe more, being appointed to that court, certainly many, many more staff attorneys being appointed that court, and frankly the Department of Justice within the Office of Intelligence, where they work with the FBI on the actual FISA applications. 


And granted, you know, these are normally — now we're talking about Title I’s and the 702 certifications, because right now they don't have to go to the court for U.S. person queries, but I think you would require, you know, a huge influx of resources in terms of attorneys to actually do that. Again, that shouldn't necessarily govern the constitutional issue, but that's sort of my second point. 


I guess I do quarrel with the fact that these are somehow backdoor searches that should always require a warrant. I mean, I think there are definitely cases, and I think that's why we're seeing carbs at carveouts for things like a U.S. person that is solely for purposes of gathering evidence of a crime. That's why you see Sissy's bill saying, you can't even do that anymore. Others say you need to get a warrant. I think that many of us who come from the national security community would be willing to forego the use of 702 for non-national security related crimes. 


Liza says, well, that's nothing because there's only 16 or so of those out of 200,000, but it's not nothing when you talk about the Constitution, because the Supreme Court has said, you know, that when we are talking about foreign intelligence, the warrant requirement is different from, what's reasonable is different from the warrant requirement that we think of in a traditional probable cause warrant under the Fourth Amendment. And so, what you know one of the things Congress did after that case, the Keith case is, they enacted FISA, and these have required, you know, had different requirements, even a FISA warrant — as we've been discussing the probable cause for our FISA warrant is completely different from the probable cause for a regular criminal warrant. 


So, I think the question, then, is from a constitutional perspective, what is required, what is reasonable under the Fourth Amendment when we're talking about collection, that is for foreign intelligence purposes. It may also relate to national security related crimes, but if we carve up non national security related crimes, I think we are squarely in this area where the Supreme Court has acknowledged something less than a traditional probable cause for evidence of a crime warrant is required. And so, and we know right now that I think every court that is reviewed whether a warrant is required for U.S. person queries has rejected that. 


I take Liza’s point. There's various arguments that can be made, to continue to make that in flux, but I think that, as we, the term backdoor is loaded and loaded for a reason, I mean, you know Lisa and others who advocate that we need to have a full blown warrant for all U.S. person queries, there's a reason they use that term. I just don't think it's particularly fair recounting of kind of what the Constitution requires. 


Liza: I'm going to have to jump in there, I'm so sorry. The Supreme Court in Keith said that a warrant is required in national security cases, but it can look a little bit different. So, Congress went and passed Title I of FISA to create that kind of different warrant, and all we're saying is, do a Congress said. Get a Title I order, if it's a foreign intelligence investigation, get a Title I order. That's the kind of warrant the Supreme Court was talking about in Keith. That's what Congress passed. So, what I, what we're advocating is completely consistent with Keith, and how you've described that part of the case law, when it comes to court oversight or review of U.S. person queries, it is not the case that every court has said that those are constitutional. There, some courts have. But there are Four appellate court judges who rejected the government's argument for why these are constitutional. They said, that’s not the right standard to apply, this is the right standard. The right standard is that U.S. person queries are a separate Fourth Amendment event, and a unanimous panel of the second circuit remanded to the District Court to do that analysis, which hasn't happened yet. So, there are four appellate court judges who expressed deep constitutional concerns, and that is still playing out right now in the courts. They did not uphold warrantless backdoor searches.


Tess: And, to be fair, I'm not sure that Mary was arguing anything that's terribly different from that in terms of the case law, and I think where we were agreeing is that it does matter whether the actual purpose is a foreign intelligence purpose, right? I think —


Liza: Absolutely that matters, but that also argues in favor of a type of warrant, which is a Title I order. And Mary did say that all the courts who have looked at this have rejected the idea that a warrant is required. So, I really did need to correct that, because that's not quite accurate. 


Mary: I'm not going to — I could take issue, but I think we need to move on, so.


Tess: Yeah, and one of the things that we want to move on to, actually is, what are some of the other ways to slice and dice this, that I think, David has queued up to come in on. So I'm going to turn over to you, David, on that.


David: Thank you, thank you. So yeah, when I when I think about this, I think about a couple of early experiences in my own career, one, writing FISA applications, which were edited and reviewed and approved on their way to the Attorney General, on their way to the FBI director, and they required a lot of high-level signatures. Senate-confirmed officials — either the FBI director or someone similar elsewhere in the intelligence community — and I compare that to my earlier experience in night court in Manhattan, getting search warrants, which was a bit more of a streamlined process.


And Andy, I mean, understanding that the probable cause standard applies, and you need a sufficient factual showing to make out probable cause in either of those situations. Is there, does it really have to be a full FISA application? Does it really have to be to one of the FISA judges? Or could it be something that still establishes the requisite legal standard, but is done pursuing to a more streamlined process, and maybe even goes to a magistrate judge like a Rule 41 warrant would? Would that get you into this car?


Andy: Alright, so couple of things there. One, could it be outside the FISC, essentially, is what you're what you're asking? My answer to that would be a resounding no, simply because each of these squares, you're talking about national security cases, and the, you know, should be all of them, national security cases. The standard federal courts, much like your night court experience in Manhattan, are not equipped to deal with the information that we would have to provide to that judge or magistrate judge. You know, you couldn't possibly take that sort of risk with highly classified material, much of which is coming to you from other intelligence organizations or foreign governments, there’s all kinds of third party rules, and so I don't think that would work. 


Could it go to a judge, some, like a magistrate judge on the FISA court? I don't think anybody would have an issue with that, but I think you'd have to, as Mary alluded to, you'd have to increase the FISA court resources enormously to be able to handle the volume. That's number one.


Number two, in terms of the burden, the time and the effort and the people, I think you got to think about it more like a Title I FISA request, because that's really what you're talking about. At that point, you're talking about making some version of a, you know, of a FISA request, a probable cause standard in a FISA request, so would it have to be quite as elaborate as the FISA applications that you wrote? Maybe not, but probably close. My own significant experience with those packages and signing them as deputy directors, they don't tend to get smaller over time. So, I think, could it happen in the FISA context? I think the answer is, yes, that's possible, but not without a massive infusion of resources, or a diminishment in the Bureau's capability to do the work that they need to do.


David: Mary, any process changes that you think might reduce that impact, or is it, a FISA is a FISA is a FISA, and if we impose a warrant requirement, we're stuck with the full weight of that machinery?


Mary: I mean, part of this is just practical logistics, right? The FISA court in DC has, you know, made almost to the entire third floor of the courthouse into a sensitive, you know, department information facility, right? And that's where the judge does their work. That's where all of the employees of the FISA court do their work. That's where the government comes and submits its applications, that's where the amicus, when I do my work there, I have to go. I can't work from home, I can't work from my office. I have to go and work there. 


So, other federal courts, even if you could get judges adequately trained for these things, there's just the practical problem of, they don't all have access to good SCIFs. Now, and we know this like, if you just think about the Mar-a-Lago prosecution in the southern district of Florida, Miami has a SCIF, but like the small court where Judge Cannon practices doesn't have a SCIF. So just as a plain old, you know, logistics matter, I think it poses challenges. 


It's also it, you know, when judges get appointed to the FISC for a term, they go through an orientation, right? They go through a training process, and that's not just by a bunch of DOJ attorneys and who come in and talk to them. They have some of the amicus come, and several amicus have never been DOJ national security attorneys. They come, you know, from backgrounds of essentially pushing back against government authority, and those are part of the people who are part in these training programs. 


And you really do, I mean, FISA’s like a whole, I mean, I was a criminal prosecutor for a long time before I ever dealt with FISA. It was like a whole new world I had to learn about, and that's the way it is for judges. So, just because you're used to Title 41 criminal warrant search warrants in your, you know, in a vast number of criminal cases doesn't mean you're just readily able to consider everything that needs to be considered when we're talking about a U.S. person query or a Title I FISA any or anything else.


David: So, it sounds like one thing we do all agree on is that a query warrant would have to be a Title I-ish warrant before the FISC if there were such a requirement. 


Elizabeth: May I — I feel less strongly on that point. It's mostly going to be Title I, because it'll be almost entirely for intelligence-based queries. So yes, I mean, it would make sense. They would go to the FISA court, I mean, I'm a little less strongly opposed to sort of spreading a wealth a little bit, and maybe involving some magistrate judges at the district court level. I don't know that that's really that much part of the conversation. I think that the burden on the FISA court, and the resources issue may be a little bit overstated here, and the reason I say that is because, as Andy told us, these queries, for the most part, are done at the very earliest stages of the investigation before the FBI has hardly any information at all, and before they have enough information to even open an investigation. There's no probable cause. 


And the FBI, in the vast majority of these cases, the FBI isn't going to submit an application for a Title I order if it has so little information, so, and in the cases where the FBI does have probable cause to submit an application, it's probably already, very well might already, have gotten a Title I order, right? Because, they're probable cause, they're probably pretty interested in that person. So, I don't think the additional burden beyond what already takes place to get Title Orders is — there’ll be some, but it's not going to be could be quite as high as I think it's often portrayed.


Andy: I think you're right about that, and I think you're right about the way that you think about if the Bureau has the information, they would need to get a Title I FISA, order they would. That's been my perspective on this all along. But what you're what you're proposing is that, in the raft of those queries, in which you have very little information to work with but you're trying to figure out that very important preliminary question, is the person I am now looking into connected to a foreign terrorist or a foreign spy? You just wouldn't know.


Elizabeth: Well, there might be other ways to know. For example, you can run the metadata query like, I said, without getting worried. That could tell you a lot. There are certainly other investigative techniques you could use. But the idea that you can read an American's emails when you have very little information about them, let alone probable cause, that to me is completely contrary to what the Fourth Amendment stands for.


Tess: And I think what we're kind of zooming in on here is this question, again, of going to the front-end issue of permissible uses, right? So, we're not now talking about compliance problems. We're talking about, what should this tool be used for? I think one of the things that I've heard particularly from government attorneys defending the program is that courts have, in fact, upheld and should uphold the idea that information that is lawfully within the government's possession, that they have collected pursuant to, you know, court blessed procedures, that are Fourth  Amendment compliant as it, you know, as a front end collection matter, should be able to be searched pursuant to all of these other procedures that have been set up, and if they are not searched, that that is the government essentially leaving very important information potentially in these foreign intelligence cases, so let's hive off evidence of crime cases for a minute, leaving that information on the table, so to speak, or leaving the government in the dark, might be another way to put it. 


So, you know, one of the things that I think is kind of tricky and lurking under all of this is, what does it mean for something to have foreign intelligence value when it comes to an investigation that involves U.S. people? That's, I think, a question that we haven't talked about much. I'm wondering if Mary or Andy wants to come in on that, just to give us a flavor for what kinds of cases we're talking about here where there is a foreign intelligence, you know, an issue of foreign intelligence value. But then the question, I think, will be whether, in fact, the cases that matter we would be able to solve either getting a warrant with all the process that entails, or if there is true exigency in some of these cases, applying the exception?

So, I guess the question is, what kind of is the flavor of cases we're talking about? Why do they matter, assuming we are really concerned about cases with foreign intelligence nexus? And for that subset of cases that I think we all think is important, including when they involve U.S. persons, why not — assuming we can up the resources of the court, etc. — why not get that warrant unless it is truly exigent?


Mary: I think Andy would be better to me on the scope, but then I can come in after Andy on some of the ramifications.


Andy: Sure. So, I guess, you know, it's always kind of my go to, because it's within the majority of my experience on the national security side and the FBI's counter-terrorism cases. And, you know, access to 702 was an essential tool in vetting, counter-terrorism investigation, especially with the FBI's approach of leaving no lead uncovered. You have the responsibility to thoroughly vet every piece of information that comes in literally 24 hours a day, and to say the vast majority of those inquiries don't turn out to stop an active plot would be an understatement, right? You have, you do a ton of work to find the one case that is connected, and that is why 702 is so incredibly important. 


The question that 702 can answer for you is arguably the most important question you have in counter-terrorism work, and that is, is this person here? Yes, I get it, an U.S. person, and are they connected to a foreign terrorist who's actively plotting against the United States? And I guess that, you know, probably the easiest example I can point to is a case that we worked, in which the target was the bombing of the New York City subway system, and Najibullah Zazi was infamously in a hotel in the Denver Colorado area, working on the manufacture of explosives, and he couldn't remember the right combinations of ingredients that he had been taught while he was in Pakistan, being trained by al Qaeda. So, he reached out via email to his bomb trainer and asked a kind of coded question about some of those materials. And it was that email exchange that was picked up ultimately by an intelligence partner that was available to us through 702 that started the investigation, started our awareness of that plot. 


And when Zazi, not long after, got in his car and drove to from Denver to New York with gallon or more of what would be TATP explosives to be used in the subway system, we would not have known that that activity was going on, because we weren't looking at Najibullah Zazi here in the United States at that point. 


So, you know, counter-terrorism is a game of lots of work for very, very few rewards, but those rewards are absolutely essential to keeping people alive and keeping the country safe. And so, it's hard to understand that balance and what I'm sure looks to many people like an overly aggressive access to electronically collected information, when you ask practitioners of counter-terrorism,  is it worth it to stop the one plot that might save thousands of lives riding the subways in New York? You know, our answer is, yes, I get it. We have a very unique perspective. But that's essentially what we're talking about.


Mary: Yeah. And you know, in addition to obviously the counter-terrorism examples that Andy was mentioning, you know, we have so many other examples, and I guess Liza might say those would fall within the exceptions of the GSRA bill, which I have not studied in nearly the detail that that Liza has.


But, you know, there's so many other things also that the FBI is looking for, things that we talked about early on about, you know, victims of cyber intrusions, other types of national security crimes, people who are being targeted for either recruitment or just targeted for information that they might inadvertently provide. And, you know, being able to provide defense briefings to those people, certainly consent is not always going to work, because you can't reach out to somebody if you don't know whether they're a target or a suspect themselves. You just know that there's contact here, right? So, you've got to be able to do something before you reach out and seek consent to do that search. 


So, some of those exceptions I don't think would always work, but I guess that the point I would emphasize, having listened to this discussion thus far, is, what it feels like, the warrant requirement would essentially be doing is put the wall back up that was what was purposefully taken down after 9/11, and again after Fort Hood, when, you know, those looking into intelligence failures before Fort Hood also felt like there were more reasons to be able to sort of share information through FISA collection, throughout the intelligence community and the national security community, including those who are looking at criminal activity. 


Again, I would carve out, and I think many national security professionals, would carve out of that crimes that are not related to national security. But so many national security related crimes, I mean they by nature going to involve foreign intelligence information. Well, I shouldn't say that, because I think we have a whole other area of domestic extremist violence that does not involve foreign intelligence information that is, from my perspective, still a national security issue. But we're not talking about that here when for the most part, unless there are connections to foreign intelligence, which there could be, even when it comes to domestic extremist balance. But you've got to have that foreign intelligence collection. 


So, I think that you know, as we talk about this, and I think, as Congress debates that, that's what we really have to be thinking about when we're thinking about what kind of additional requirements, and some of the examples I gave you just would not be able to make by Title I PC, when you don't have any reason to have probable cause to know that the person is an agent of a foreign power, when you're just trying to figure out if he's being recruited or targeted, or is the suspect, nor would you yet have probable cause that you would find evidence of a crime. So, there's things that would be missed. 


Tess: There's a gap. Yeah, there's a gap. That's a really helpful lay down. I want to let Liza come in on this briefly, and realizing that we're running short on time, I want to let David then turn to another area that we wanted to make sure to talk about, which is potential internal reforms within the DOJ, and kind of what those might do or wouldn't do. But, Liza, do you want to come out in on this —


Elizabeth: Sure, I'll try to be quick. The Zazi case did not involve a U.S. person query. The Zazi case, these emails were discovered because the FBI was reviewing the foreign targets’ emails and came across Zazi in those emails. None of the proposals like in the GSRA or any of the other proposals I've heard would prevent the FBI from making use of information that it came across when reviewing a foreign target’s emails, and that way it is completely different from the wall. 


But with the Fourth Amendment can't tolerate is collecting all of this information without a warrant, with the intent of mining it, going and searching for Americans’ communications. That's a very different matter. And, you know, the government has, so the government has never cited any instance in which a U.S. person query was helpful in discovering a terrorist plot. It's never even claimed that U.S. person queries have ever been helpful in identifying terrorist plots. It has given some examples of situations in which U.S. person queries were useful, mostly in identifying potential victims of foreign plots. And if you look at each of these examples, it appears in each case, that the government either had probable cause or could have gotten consent or invoke the exigent circumstances exception.


Tess: Yeah. So, I think we're talking about 2 different kinds of cases, the developing plot case, and the kinds of cases that Mary was talking about where there does seem to be a real gap, which is, when you're actually trying to figure out, what is that foreign intelligence nexus? Is someone being recruited? Are they a victim? And that's a different fact pattern. And I think it's important to keep those separate. David, over to you for the next area we wanted to make sure we cover.


David: Sure, thanks. And yeah, we haven't talked a whole lot about the traditional FISA, the electronic surveillance and physical search that's conducted under individualized warrants supported by probable cause statements. But, you know, some of the proposals that have accompanied some of the 702 reform proposals have had to do with that process. And it's good to bear those in mind, some of them have to do with importing the concept of Brady information into the FISA process. And for anyone who's listening and not, you know, terribly familiar with all that, lawyers in general have a duty of candor to a tribunal that's enhanced when you're in an ex parte situation. But the Brady obligation in a criminal case goes arguably much further than that. Prosecutors, particularly in national security, have to search government holdings under some circumstances to see if there's any information that could be exculpatory for the defendant, that could cut against their theory of guilt.


What do you think of importing, or in some fashion a similar obligation, into the FISA application process for Title I and physical search FISAs?


Mary: I think that really, it should be treated very much, you know, with the mindset of the way criminal prosecutors have to think about Brady. I mean, and I've talked about this before, I think that the revelations, sort of, after the Office of Inspector General investigations in the last few years have sort of been like a Brady moment for the IC. Like, you just can't leave things out of that application that the judge needs to know when determining whether there is probable cause to approve that Title I application, or, you know, whether it directly undercuts the probable cause or just impeaches, for example, a government source who maybe the government's relying on in that particular application. 


And you know, post the prosecution of Senator Stevens, was a big Brady moment for the Department of Justice. It completely revamped. I was in the department at the time, it, I mean, we took our, I thought we took our Brady obligations pretty seriously before that, but it completely revamped how critical and important it was in ways like mandatory training every year, courts implementing, in some cases, local rules and other cases just standing orders in their court rooms and, you know, putting new deadlines on the disclosure of Brady information, all kinds of scrutiny and training into what is a prosecution team, how far and wide do you have to look to try to find any kind of information in the prosecution team's holdings that could be useful to the defense. 


And that's, I think, what the Woods Procedures, at least for Title I, were supposed to do, which was to make sure that in that file that supports any FISA application, that there is a sourcing for every fact that is in the file, and that that's in the application, and that there's also any information, all information about confidential sources who have been used to provide the information that's being included in the application. The Inspector General's reports have shown that there were compliance issues across multiple field offices with complying with those Woods Procedures. So, I think that needs a culture change. What happened post the Stevens investigation was a culture change, new guidance, coming from the Deputy Attorney General, not just the trainings, but just, you know, really, you know, heavy across the board emphasis coming straight from leadership with the department, as well as from judges pushing on it in court that changed the culture. And now it's less, it's less about, oh, that might be a little bit exculpatory, but I think, you know, I can explain it away. And I'm not suggesting prosecutors thought that way, but I think the mental set can kind of be, that's not that important, I can rationalize why, that's not in that important. Now it's like, give it over, give it over, give it over, and that's the way it should, be in my, you know, in my opinion, for your applications to the court. It’s a different circumstance, but the culture’s just got to be, good, bad, or ugly. You put it in the application. 


David: I think the red flag is, if it’s something you’d rather not turn over, that means you have to turn it over. So, Andy, from a process side, I mean, what are now referred to as the accuracy procedures, formally known as the Woods procedures. Mr. Woods, whose first name I won't disclose, spent decades living that down. You know, it can be very cumbersome to comply with the accuracy procedures, and to review compliance with those. What, what would the operational effect be of an additional obligation to search for and disclose, for lack of a better way to put it, Brady-ish information in the FISA context?


Andy: You know, I think Mary described it well as a change of culture. And I think that, if we learned anything from the IG investigations of the Carter Page FISAs, it's that we were wildly overconfident in a system that was already greatly burdened, right? We didn't suffer for lack of requirements and lack of process and lack of, as you said earlier in the webinar, you know, high level signatures and approvals from people all at both sides of the street, from DOJ to FBI. But nevertheless, the compliance with those processes at the most elemental level was just not what, you know, what we thought it was. We thought that, having checked all the boxes, by the time the package reached the Director’s office meant that everything was perfect underneath. And clearly it wasn't in those FISAs. 


So, I think we need to have that same sort of cultural change here. I, you know, honestly, I get it. Two percent of 200,000 queries is still a very big number. On the other hand, the bureau is, I think, reasonably pleased with the fact that they're running a 2% noncompliance rate right now. There is no acceptable non-compliance rate. But at the same time, there is no organization of 37,000 people that's going to have a hundred percent compliance. And I don't think that the solution for this is creating new, more intricate webs of accountability traps. I don't, I don't think that that's where, that's how you get to get to better compliance performance. I think you get there by that sort of cultural change that Mary talked about. And it's not just training, because we all know everyone in every work environment is bombarded with training requirements every day. Some of them work, some of them don't. It's part, that is one necessary piece, but it's not the entire thing, I think. 


It all comes back to how, in the FBI's case, how bureau leadership talks about and messages and communicates to the workforce, particularly national security workforce, their responsibilities, their constitutional responsibilities when they're dealing with information and particularly classified information and information in the FISA context. So, that's kind of a squishy answer. But I don't think that there's a checklist that's going to get us to where we all want to be. It’s a process that's going to take a lot of time, probably slower improvement than anyone would like, but nevertheless, consistent improvement over time.


Tess: Oh, sorry I just if I can, David, I'm realizing that we only have 3 min left. So, if I can ask each of you in a minute, if you can, to give us what you think, based on this discussion, the Goldilocks solution looks like going farther than you're comfortable with. So, for each of you, if you were recognizing you're going to leave something on the table that you want, what is the compromise that you hope Congress will come to in this reauthorization season? Maybe I can start with you, Liza?


Elizabeth: Yeah, I mean, we didn't really get into this, but to me the warrant requirement that we're seeing in the GSRW and that others are proposing is a compromise. It's a compromise, not because I would say there should be no searches whatsoever, and there certainly are members of Congress who want to see Section 702 sunset. So, in that sense a warrant is a compromise. But also, I think that for, regardless of the type of information that's being queried, so if metadata is being queried, if other types of information are being queried that don't have the full protections of the Fourth Amendment, the government should still be required to follow whatever legal process it would have had to follow to collect that information upfront, if they had been upfront about the fact that they're actually trying to access an American's record. 


So, if it's communications data, they wouldn't have to get a warrant — sorry communications metadata — they wouldn't have to get a warrant, but they should have to make a showing of relevance. and get a relevance order right? That's how metadata is usually acquired. So, I would have gone further than the GSRA, which only applies to communications content, the warrant requirement, and other types of information, like geolocation data that is protected by the Fourth Amendment.


So, I know you all don't think a warrant requirement is a compromise. Honestly, for me it is, and I would not be comfortable compromising any further. There are other parts of 702 where I would compromise before I would compromise on the warrant.


Tess: Yeah, okay, over to you, Mary.


Mary: So, I guess, you know, if it's not been clear, I don't really like the warrant requirement. I don't think it's necessary under the Fourth Amendment for the purposes we've been talking about. However, I do think if there were robust enough exceptions to cover some of the things that I think have to be done for national security purposes that were part of the whole reason behind 702, and that just simply don't fit into the bucket of being able to show probably cause under either FISA Title I or traditional criminal tests, but are nevertheless important for our national security, if those could be, you know, not subject to that requirement, I would feel more comfortable. What that would do is really, I think, limit the warrant requirement, and then the question is, what are we talking about having to be proved in that warrant requirement to a smaller subset? But, the parameters of all that would leave a lot to be worked out before I could get to any real comfort level, I think.


Tess: Yeah. And to you, Andy, what would, if you were still running the FBI, and you had to make a bargain because you're not going to get everything you want, what would that bargain look like? And if it's one that's capable of passing through Capitol Hill, all the better.


Andy: Yeah, whether it's capable of passing through Capitol Hill, I have no idea, you're far beyond my expertise there. I think the warrant requirement, I mean, no surprises here. That's an operational compromise that I wouldn't be comfortable making. Making the bargain, and to me it is a bargain on the evidence of a crime searches. I think if something has to go away from this capacity, I think that's the one that hurts the bureau least. It does cost them something in terms of their connect the dots capability, but nevertheless, I think most people would say that that was worth keeping the tool live. 


I also think there are opportunities to add processes of review relevance, review, call it what you want, whether that's inside the FBI or at DOJ to run queries that are, I don't know how you, you know, there's all kinds of different, million different ways that you could identify certain queries that had to be subjected to a higher degree of independent review before those queries were green lit and whether that would require the, you know, building a new process, a new office that's capable of responding to agents and analysts and supervisors requests on a real time basis. I think that's something that should be explored. Having people who are not invested in the case, and the outcome of the investigation, taking a hard look at the facts and the reasons for the query is, I feel like, a good idea. Lot of details would have to be worked out to get that done. But that's, I think, it's probably worth the effort.


Tess: Very helpful note to think through other forms of oversight and and really, you know, having a rigorous front-end process that could actually go a long way. I think that's a great thing to interject. 


If I had a crystal ball, I suppose I'd say we're probably looking at a short-term extension, while Congress figures out what this Goldilocks looks like and whether it's something between what Liza describes as already being a compromise in the GSRA, or what Andy and Mary describe as already being a compromise in the Sissy proposal remains to be seen. But thank you all for giving everyone who's working on this on the Hill, and everyone who's interested in the broader public, so much really kind of helpful insight and experience to think through as they try to find that solution. And we also want to thank David, my co-moderator, and of course, Just Security and RCLS for hosting us today. Thanks, everyone. Take care.