When Laws Trump the Constitution: Why Americans Should Care About FISA Mass Surveillance

The US government has just voted to extend FISA mass surveillance laws by another six years. Find out how this means you can be spied on for merely mentioning a suspicious word and what you can do about it.

FISA Mass Surveillance - Why Is This A Problem
Phil Muncaster
By Phil Muncaster

In America there are few things more sacred than the Constitution. Yet the governing principles on which the United States was founded have been subverted and overruled by a succession of administrations of both political colors, under the pretense of fighting terrorism and other ‘foreign’ threats. It is done in the form of Section 702 of FISA — a law few Americans have probably heard of.

Yet it’s being used to monitor, collect and search US citizens’ communications on a mass scale, with little regard for their Fourth Amendment privacy rights. And the House of Representatives has just voted to renew it for another six years, expanding the powers given to the NSA and other agencies.

Once this FISA data is collected, it can be kept on file for as long as the authorities deem fit and searched for evidence of criminal behavior. So, the question is: how comfortable are you with the government poring over your most intimate secrets to see if you’ve broken the law? They might unearth something in your past you’d long forgotten about.

What is FISA?

The main villain of this piece is S702 of FISA – the Foreign Intelligence Surveillance Amendments Act. Designed to protect the US from foreign threats, it gives the authorities the power to eavesdrop without a warrant on non-US citizens “reasonably believed to be located outside the United States”.

In a post-9/11 world, most Americans would be fine with that. But what happens if you communicate with someone deemed a ‘suspect’? Those communications will also be swept up in the same dragnet search and stored away. By comms we mean emails, texts, phone calls, video chats, social messaging and even browsing history — all pulled from strategic locations on the internet ‘backbone’ or service providers like Google, Apple and Microsoft.

It gets worse. Once this data is collected, it can then be stored indefinitely and other agencies like the FBI are allowed to search it for evidence of criminal activity. These have been described as “backdoor searches” because they allow the authorities a loophole to bypass the Constitution.

The Council on Foreign Relations had the following:

“[The FBI] can collect, analyse, and disseminate the data, even if it relates to highly sensitive personal matters such as sexual conduct; political activities (including ‘discussions with Members of Congress and their staff’); consulting with clergy; and psychiatric and medical appointments. In 2014 the PCLOB reported that the FBI frequently uses this power without registering its queries, making it impossible to track how often the FBI searches Americans’ communications without a warrant — a statement the Director of National Intelligence later verified.”

Is this the kind of thing you’d be comfortable with?

Unfortunately, it doesn’t end there. To be caught up in this surveillance dragnet, ordinary Americans don’t just need to be communicating with an arbitrary foreign ‘suspect’, who most likely has him/herself done nothing wrong. If the current renewal of FISA is passed, it will allow the government to restart so-called “about” data collection. This means that two Americans merely talking about ISIS could have their comms saved and searched because they had the misfortune to mention a keyword which triggered an alarm, according to reports.

Simply mentioning a suspicious word can trigger storage and search of your communications

Because of the secrecy of the operation, it’s hard to put a figure on exactly how many Americans have had their data swept up needlessly by FISA, but millions are thought to be affected.

Why should you care?

It’s pretty obvious why this would be a gross invasion of privacy. We live our daily lives in the digital world. Our emails, chats, browsing history and online messages hold our most personal secrets — things we may not even want our close friends and family to know. Why would we want government agencies snooping on them in a misguided attempt to stop terrorists?

Then comes the really scary bit. You may assume that you’ve done nothing wrong, so you’ve nothing to fear from a law enforcement point of view. But as we’ve highlighted previously, the average American commits three crimes a day without knowing it. So now, would you be comfortable with the authorities searching this treasure trove of personal information for evidence of crimes?

Do you really want the authorities snooping through your every communication?

That’s not to mention what happens if this data falls into the wrong hands. The government hasn’t been the most careful custodian of our personal data, as major breaches have shown in the past. In fact, it’s compromised highly sensitive citizen data on hundreds of millions of Americans over the years. What are the chances that your most sensitive personal details end up in the hands of a cyber-criminal? Blackmail is becoming an increasingly popular cybercrime tactic to extort money from innocent netizens.

Let down by lawmakers

Our lawmakers have let us down. The House voted 256-163 in favor of renewing FISA for another six years, potentially restarting “about” searches and failing to add in any amendments which would require law enforcers to seek warrants before they search the surveillance database. As the EFF argues:

“The bill’s narrow warrant requirement runs the Fourth Amendment through a fun-house mirror, flipping its intentions and providing protections only after a search has been made.”

A USA Rights Act — which would have closed the backdoor search loophole, ended “about” searches for good and reauthorized Section 702 for only four years — was voted down 183-233, with 55 Democrats voting against.

The truth is that none of the FISA amendments proposed in the USA Rights Act would have impaired the valuable job intelligence agencies do in protecting the US from foreign threats. But they would have protected ordinary Americans. The government knows this.

Even President Trump tweeted his dislike of FISA before the House vote, before hastily revising his opinions after a tap on the shoulder from House Speaker Paul Ryan.

What you can do about it?

So in the meantime, how can you prevent your communications getting swept up into a dragnet database which could be searched at any point in the future by the government? First, a word of warning from Privacy International.

“We get nervous when advice focuses solely on the security of devices, or end points, which leaves users vulnerable in other ways,” Policy Officer Lucy Purdon told PrivacyCentral. “Cyber security is a collective responsibility and requires more than using tools to protect individual security, which just puts a sticking plaster over much wider problems.”

While protecting your privacy is about more than just device security, there are some tools that can help

However, she also explained that “encryption is essential to connecting securely and privately”. The good news is that there are a few tools out there which will help Americans stay under the radar. Here are a few tips:

  • Consider end-to-end encrypted apps such as WhatsApp, Signal and iMessage – with the caveat that both parties need to use them for their conversations to stay hidden
  • Never use SMS as these messages can be intercepted and read
  • Don’t use unencrypted messaging apps or any with an optional encrypted mode as you might forget to turn it on
  • If you still need to use email, PGP is still the gold-standard for encryption, although it can be challenging for non-techies to master. ProtonMail could be a more straightforward alternative
  • Consider using the Tor browser to disguise your web activity
  • A VPN can also hide your web browsing, although for extra peace of mind, don’t choose a company located in the US or UK
  • Think: minimize the information you share online and the number of apps and services you use. The more info you put out there, the bigger the target you represent

Many of the above steps won’t help if you’re explicitly targeted by the likes of the FBI or NSA. But that’s not likely for the majority of American netizens. We’re simply talking about ways you can minimize your data and secrets from ending up in a mass, searchable government database. We live in a world of diminishing privacy protections, so it pays to stay smart and know your options.