The FBI relied on controversial provisions of the Patriot Act to collect records of people who visited certain websites without obtaining warrants.
According to reporting in the New York Times, the authority the U.S. government invoked traces back to Section 215 of the Patriot Act. That provision, along with two other surveillance-related authorities, expired earlier this year, so it can only be lawfully applied to investigations that were already active before the lapse.
The data gathered included logs indicating who visited specific web pages. Federal investigators stopped short of collecting search query content, interpreting the law as requiring a warrant to obtain that more sensitive information.
Section 215 was enacted after the September 11 attacks to give investigators the power to obtain business records relevant to national security inquiries. Because the statute has lapsed, its use is now limited to existing matters that began while it was still in force.
Patrick Toomey, Senior Staff Attorney with the ACLU’s National Security Project, warned about the privacy implications:
“Our web-browsing records are windows into some of the most sensitive information about our lives — revealing everything from our political views to potential medical conditions. The FBI should not be collecting this information without a warrant.
If Congress considers reviving Section 215 at all, it must prohibit the government from abusing this surveillance law to track the web-browsing activities of people in the United States.”
Public concern over potential abuses of Section 215 is not new. Civil liberties advocates raised alarms during the Bush administration about how the law could be used to sidestep ordinary legal safeguards.
The provision returned to public attention in 2013 when Edward Snowden revealed classified details about how the National Security Agency had used Section 215 for bulk collection of phone records and other surveillance activities.
Officials later shut down the NSA’s phone-records program after finding it unlawful and intrusive on Americans’ privacy, and after critics said it had produced little useful intelligence.
In the recent political debate, the Trump administration pushed to renew Section 215 indefinitely. Democratic lawmakers sought stricter safeguards to protect civil liberties while preserving intelligence agencies’ ability to investigate legitimate foreign threats and serious criminal activity.
House Speaker Nancy Pelosi tasked Representative Adam B. Schiff, chair of the House Intelligence Committee, and Representative Zoe Lofgren, a privacy advocate, to negotiate a narrower version of the Wyden-Daines amendment. That amendment aimed to bar warrantless collection of Americans’ web-browsing and search data but fell one vote short of the 60-vote threshold in the Senate.
The bipartisan effort by Wyden and Daines to block the government from secret warrantless surveillance of Web browsing and search data failed despite getting 59 votes, ***one vote shy*** of the 60-vote threshold set by the Senate.
37 voted no; 4 missed the vote.
— Steven Dennis (@StevenTDennis) May 13, 2020
Critics said the language in the new renewal proposal risked allowing the collection of Americans’ data in investigations focused on foreign threats, even if that collection was not the intended goal. President Trump urged Republicans to oppose the bill.
With negotiations paused, Section 215 remains expired for now. Any effort to revive or revise the authority will take place under the incoming Biden administration.
(Image Credit: FBI by Dave Newman under CC BY 2.0 license)
Interested in hearing industry leaders discuss subjects like this? Attend the co-located 5G Expo, IoT Tech Expo, Blockchain Expo, AI & Big Data Expo, and Cyber Security & Cloud Expo World Series, which hold upcoming events in Silicon Valley, London, and Amsterdam.