4 ways Congress can provide stronger privacy protections

Every year since Edward Snowden first revealed to the world the scope of the NSA and FBI’s surveillance programs, Americans have demand more privacy protections from the government. Just this week, a Reuters poll found that, depending on the type of communication, about 75 percent of respondents are unwilling to give up their privacy in order to increase national security.

Reuters asked the same question just after the Snowden leaks began and at the height of the public backlash against the NSA. Compared to that June 2013 poll, responses favoring privacy have increased by eight percent. Congress and the Executive Branch are going to have to grapple with Americans growing demands for more robust protections of their right to privacy. On four issues in particular, they can and should deliver.

Reform section 702 of the FISA Amendments Act

{mosads}The one issue Congress will have no choice but to address is how to reform Section 702 of the FISA Amendments Act, which will expire at the end of this year absent absent Congressional action. Recent stories of President Trump and his advisors’ communications being swept up in FISA surveillance — whether conducted under Section 702 or traditional FISA authorities — have both Congress and the public concerned. We’ve seen first-hand that incidental collection happens a lot, that no one is protected from it, and that protections to minimize collection and control use and dissemination of information that is collected are wholly inadequate.

Congress needs to pass a reform bill that limits large-scale surveillance under Section 702 by narrowing the scope of collection to only the information that is needed to protect against national security threats and espionage. It must also ensure that Americans’ are protected if they are still the subjects of incidental collection by limiting how their information can be used, and by prohibiting warrantless backdoor searches for their communications.

Pass the Protecting Data at the Border Act

A second way that Congress can beef up Americans’ privacy protections is by passing bipartisan, bicameral bill introduced by Senators Wyden (D-Ore.) and Paul (R-Ky.) and Congressmen Polis (D- Colo.) and Farenthold (R-Texas), the Protecting Data at the Border Act. Their bill would require that the government obtain a warrant before searching an American’s device at the border. Today, the government asserts the right to warrantlessly search an individual’s devices at or within 100 miles of the US border, an area that encompasses two-thirds of the US population, and which the ACLU has dubbed an illegal constitution-free zone. When an American travels internationally, she risks the  privacy and the security of her devices.

While these warrantless border searches have been going on for over a decade, the frequency has recently skyrocketed, going from less than 5,000 searches in 2015 to almost 25,000 in 2016. In 2017, those numbers are projected to grow even more. Indeed, in February alone, Customs and Border Patrol (CBP) agents searched 5,000 people’s devices, the vast majority of which belonged to Muslims. With this explosion of warrantless device searches, the threat to Americans’ Constitutional rights at the border has never been greater; nor has the need for the Protecting Data at the Border Act.

Put a stop to the encryption backdoor debate

Congress could also reassure Americans that it is committed to protecting their right to privacy by putting an end to the debate about encryption backdoors. What FBI Director Comey proposes would not only threaten privacy, it would also impose incalculable costs to our security and our economy. These costs would be incurred in spite of the fact that encryption backdoors would fail to solve the FBI’s “Going Dark” problem since anyone who wanted to could access unbreakable encryption from any one of the hundreds of open-source or foreign developed products available on the internet.

Congress should make clear, once and for all, that no matter how persistently Director Comey pushes for a solution to this problem, it will not pass a law to guarantee law enforcement access to all encrypted devices and communications services at the expense of every American’s security and privacy. Congress can drive this message home by getting to the important work of creating a legal framework for government hacking that addresses concerns which were exacerbated or unaddressed by recent changes to Federal Rules of Criminal Procedure 41, and by establishing requirements for the disclosure of government-held zero-day vulnerabilities.

Pass the Email Privacy Act

Finally, the lowest hanging fruit is for the Senate to pass the Email Privacy Act which closes a legal loophole that allows the FBI to access the content of Americans’ communications that are more than 180 days old. The House has already unanimously passed this bill twice, so now the Senate needs to step up to the plate and pass the bill without attaching any poison pill amendments, like it attempted to do last year. By failing to pass this bill, the Senate would essentially be thumbing its nose at the sixth circuit court of appeals which adopted the view that the content of Americans’ communications are deserving of fourth amendment warrant protections, irrespective of how old they are.

Rarely is Congress’ path forward on a legislative agenda so clearly laid out, but this is one of those times. This is a four-point plan that will give constituents nationwide what they been asking for more and more each year: stronger privacy protections from government.

Robyn Greene ia the policy counsel and government affairs lead for New America’s Open Technology Institute specializing in issues concerning surveillance and cybersecurity. She helps to research and develop policies to protect individuals’ privacy, secure the Internet, and fuel the development of and access to emerging technologies.  

The views expressed by contributors are their own and are not the views of The Hill.