FISA stands for Foreign Intelligence Surveillance Act.
That first word, “foreign,” is an important distinction, because the secretive courts signing off on the NSA’s surveillance schemes are supposed to be dealing with surveillance overseas, and explicitly not surveillance of ordinary Americans.
Yet that’s not the way it’s worked out, and more revelations about the NSA’s scandalously overbroad operations have emerged showing that despite repeated denials from officials the NSA has and continues to routinely surveil Americans’ online communications.
The latest revelation from the Wall Street Journal is that the NSA has the capability to surveil roughly 75% of all Internet traffic within the United States, despite not really being authorized to do so. Most of the surveillance involves computer programs parsing your data and then keeping it if the programs figure it’s interesting enough.
Far from the violations being rare cases where the NSA accidentally scoops up internal communications it thought might’ve been external, as the White House has falsely claimed, much of the infrastructure for this surveillance is not placed at the points where foreign cables enter the country, but is happening across Middle America, where the overwhelming bulk of the communications is domestic, and searched anyhow.
Even the pretense of “oversight” of these programs is taking a huge hit today with the revelation of documents showing the NSA improperly collected Americans’ emails starting in 2008, but that the FISA courts didn’t even hear about it until 2011, ruling it “unconstitutional.”
The documents are so heavily redacted that there’s no indication the NSA stopped even after a court order to do so, and other revelations about the schemes to collect Americans’ emails suggest it long predated 2008, and involved a lot of programs other than the one FISA just happened to learn about.
Surveillance on any minor pretext is the order of the day for the NSA, with one of the particularly scandalous revelations involving the 2002 Winter Olympics. Even though there was no evidence of a plot, the NSA collected literally all emails and text messages sent in the area around Salt Lake City for the six months leading up to the Olympics, seemingly just for the heck of it.
Once again, it’s important to point out that “foreign” part of the FISA acronym, and that the NSA is supposed to be collecting intelligence abroad, not just rummaging through the emails of every high school student in Metro Salt Lake City on a whim.
The NSA is getting around these very specific legal limitations in a number of ways, many times by just ignoring them outright, but sometimes by forcing telecom companies to do the rummaging for them so that they can argue the NSA didn’t “directly” touch all that data, even though it was all searched on their behalf.
The major telecoms involved in the scheme, including Verizon, are mostly refusing to comment on the matter, and the fact is that the court orders usually preclude them from confirming their involvement at any rate. Still most seem to be operating under the assumption that there are no hard and fast rules about what Internet content they can ransack, and are just doing whatever they’re asked.
All of this was clearly a recipe for disaster, and it’s probably not surprising that disaster is exactly what we’ve ended up with. The NSA can brush off several years of overt violation of the Constitution and law as a “mistake,” but faces no repercussions for that mistake, and is never really forced to correct it in any real, verifiable way.