Modernizing the Foreign Intelligence Surveillance Act

The following is part of the Series on Counterterrorism and American Statutory Law, a joint project of the Brookings Institution, the Georgetown University Law Center, and the Hoover Institution


In December 2005, the New York Times reported, and President Bush confirmed, that the National Security Agency (NSA) had been conducting electronic surveillance of international communications, to or from the United States, without obeying the Foreign Intelligence Surveillance Act of 1978 (FISA). The disclosure ignited a wildfire of political and legal controversy, which continues to generate heat, if not light, today.

Almost immediately after the surveillance was revealed, Congress responded in its oversight and lawmaking capacities, demanding information from the executive branch, and holding hearings on several bills. The Bush Administration used those hearings to make the case for “FISA modernization” – statutory amendments that would, at a minimum, change the law to authorize explicitly what NSA had been doing since the fall of 2001. The government’s central claim was that 30 years of technological change had artificially enlarged FISA’s scope; the amendments it proposed were designed to restore the statute’s original balance.

The policy questions began to crystallize in spring 2007, when the Bush Administration proposed a comprehensive set of legislative amendments, known as the FISA Modernization Act, and the Senate Intelligence Committee held an open hearing on the proposal. That summer, with the Modernization Act still pending in Congress, the Administration made a hard push for a more limited set of changes to FISA, which became law in August 2007 as the Protect America Act (PAA).

Although narrower than the Modernization Act, the PAA still made substantial changes to FISA. Where FISA previously regulated surveillance in the United States of wire communications into or out of this country, and surveillance of stored e-mail in this country (even if sent between persons located abroad), the PAA provides that FISA does not apply to any surveillance “directed at a person reasonably believed to be located outside of the United States,” regardless of where the surveillance occurs. It was, and is, a very significant statute, albeit with a relatively short lifespan due to its sunset provision.

Congress began considering replacements for the PAA almost immediately after it was enacted. By October 2007, the House of Representatives had drafted the Responsible Surveillance that is Overseen, Reviewed and Effective (RESTORE) Act, and the Senate Intelligence Committee had approved the FISA Amendments Act of 2007 (FAA). As of this writing, however, neither bill has reached the floor of either House of Congress.