Several key provisions of the USA PATRIOT Act, enacted in the wake of 9/11, have afforded the government considerable access to electronic communications records. Some of them expire at the end of May, and their future is mired in uncertainty. It remains to be seen whether the Senate and the Congress will reauthorize them, allow those provisions to lapse, or seek reform.
The USA PATRIOT Act has sailed through previous renewals with comparatively little trouble. What has changed since passage of the earlier authorizing legislation is a significant increase in public awareness and understanding of the true scope of the intelligence community's surveillance authorities. Section 215 and related provisions were sunsetted, and will expire at the end of May if not authorized in some fashion. This will thus be the first real test of the level of Congressional support for the PATRIOT Act since the Snowden revelations two years ago. This test also comes after a U.S. Appeals Court ruled a few weeks ago that the government's interpretation of the law, which permitted the collection of bulk phone and electronic records, was illegal.
In the many months since the first Snowden revelations, much ink has been spilled on the significant privacy and civil liberties implications of the government's mass surveillance programs for people around the world, including U.S. citizens. In the American context, mass collection of electronic metadata in NSA databases clearly has harmful privacy and speech implications. It should not be as simple as querying a database for the government to peruse our communications or to build mosaics out of the most intimate details of our lives -- regardless of the stated motivation.
Economically, we have seen significant adverse consequences for American technology companies compelled to supply the NSA with user data. There have been widespread international calls for burdensome data localization legislation, boycotting of U.S. firms at both consumer and enterprise levels, and efforts to increase foreign control of backbone Internet services and policy -- all the result of a perception that the American companies are willingly complicit in the NSA's dragnet programs. The damage wrought by the government's overreach to the fundamental trust between tech companies and their users will be difficult to reverse, but it must start with reform of the mass surveillance programs and improved transparency and oversight.
Fortunately, the Senate now has an opportunity to speak definitively on the future of the NSA's mass collection of metadata. A broad coalition of civil liberties groups, technology companies, and trade associations, including my own, have publicly agreed the USA FREEDOM Act is the right first step on the path towards reforming the U.S. government's surveillance practices.
The USA FREEDOM Act ends the government's bulk collection of call records and includes substantial oversight and transparency mechanisms designed to ensure that domestic surveillance agencies and programs are held accountable. At its core, the bill requires government access to call data for intelligence purposes to be targeted and limited, rather than all-encompassing. USA FREEDOM also provides for a civil liberties advocate to appear before the secret FISA courts that authorize surveillance programs. Lastly, the bill allows companies that receive data requests from the NSA to combat misperceptions by reporting the kind and quantity of those requests with more detail, while respecting national security concerns over excessive disclosure.
When dealing with secret law and intelligence authorities, there are inherent risks for overreach, as recognized in the recent appellate court decision regarding the bulk call records collection program. Pressure for, perhaps well-intentioned, but expansive interpretations of limited authorities are inevitable when law is made in the shadows. As such, there can never be enough light shed on such processes. While the USA FREEDOM Act does much to improve public oversight over the government's surveillance authorities, we would welcome further legislative efforts to strengthen the bill's transparency provisions and collection limitations.
Notably, because the USA FREEDOM Act's primary goal is to provide reform and address privacy and civil liberties concerns, it explicitly does not include a mandate that companies retain user data for surveillance purposes. Such a requirement, if included by amendment or otherwise, would necessarily undermine the bill's reforms and pose further privacy and security risks to the public given the considerable secrecy surrounding surveillance practices.
The United States must set an example in reforming its mass surveillance programs. The longer they remain intact, the greater the opportunity for other governments to cite them as justification for even more invasive programs with fewer checks and balances. Every day we wait leads to further erosions of civil liberties worldwide, and deepens the gulf between the tech industry and its users -- with serious economic consequences.
The Senate should pass the USA FREEDOM Act and take a critical first step toward preserving the public's civil liberties and restoring trust in both the tech sector and the U.S. government. That trust is necessary for both innovation and the sustained health of the Internet and all it offers citizens and businesses around the world.
