• Establishes standards and procedures for electronic surveillance that collects foreign intelligence
within the U.S. FISA orders can issue when foreign intelligence gathering is a significant purpose
of the investigation.
• Orders issue from a special court of federal district court judges, the Foreign Intelligence
Surveillance Court (FISC).
• FISA authorizes wiretap orders, pen register, and trap and trace orders (for phone numbers,
email addresses, and other addressing and routing info) and orders for video surveillance
• Entities that receive FISA orders to produce records generally cannot disclose the fact of the
order to targets of the investigation. There is generally no disclosure after the fact to the target
of a FISA wiretap as there is for law enforcement wiretaps.
• Section 702 refers to a provision in the FISA Amendments Act which revised FISA
o Applies to a collection of electronic communications of targeted individuals for listed
foreign intelligence purposes
o Must annually approve certifications by the director of national intelligence and the
attorney general setting the terms for section 702 surveillance. To target the
communications of any person, the gov must have a foreign intelligence purpose to
conduct the collection and a reasonable belief that the person is a non-U.S citizen
located outside the U.S
o Two surveillance programs:
▪ PRISM: collection, acting under a section 702 court order, the government sends a judicially approved and judicially supervised directive requiring collection of certain selectors such as an email address. The company’s lawyers have the opportunity to challenge the request
▪ Upstream: targets Internet based communications as they pass through physical Internet infrastructure located w/in the U.S. Designed to only acquire Internet communications that contain a tasked selector. Emails and other transactions that make it through the filters are stored for access by the NSA, while info that does not make it through the filters is never accessed by the NSA or anyone else.
• Section 217 permits, but does not require, the owner or operator of a computer system to
provide such access in defined circumstances. For computer trespassers, law enforcement can
now perform interceptions if:
o The owner or operator of the protected computer authorizes the interception of the
computer trespasser’s communications on the protected computer
o The person acting under color of law is lawfully engaged in an investigation
o The person acting under color of law has reasonable grounds to believe that the
contents of the computer trespasser’s communications will be relevant to the
investigation
o Such interception does not require communications other than those transmitted
• Expanded definition of pen register/trap and trace beyond telephone numbers to include
dialing, routing, addressing, or signaling info
• Section 215: provides that a federal court order can require the production of any tangible thing
for defined foreign intelligence and anti-terrorism investigations
o Disclosure is permitted to the persons necessary to comply with the order and to an
attorney
• Expanded the use of National Security Letters
o Included strict rules against disclosing that an org had received an NSL
o 2006 amendment said that recipients are bound to the confidentiality only if there is a
finding by the requesting agency of interference with criminal or counterterrorism
investigation or for other listed purposes
o Recipients could petition the court to modify or end the secrecy requirement
o As of 2015, the FBI now presumptively terminates NSL secrecy for an individual order
when an investigation closes, or no more than three years after the opening of a full
investigation
• Set new rules for national security investigations prohibiting the use of pen register/trap and
trace orders for bulk collection and restricting their use to circumstances where there were
specific selectors such as an email address or telephone number.
• Ended bulk collection of Section 215 PATRIOT ACT
• Permits the federal gov to share unclassified technical data with companies about how networks
have been attacked and how successful defenses against such attacks have been carried out.
CISA encourages companies to voluntarily share the same info with gov
• Company’s release of info about cyber threat indicators and defensive measures receive certain
protections
o Limitations on liability
o Non-waiver of privileges
o Exemption from FOIA disclosure
• Provisions:
o Authorization for a company to share or receive cyber threat indicators or defensive
measures
o Requirement for company to remove personal info before sharing
o Sharing info with federal gov does not waive privileges (no similar provision for sharing
with state/local gov)
o Share info exempt from federal and state FOIA laws
o Prohibition on gov using shared info to regulate or take enforcement actions against
lawful activities
o Authorization for company’s monitoring and operating defensive measures
o Protection from liability for monitoring activities