Read the full testimony (pdf)
It is a great pleasure for me to appear once again before this distinguished committee to discuss the latest effort to modify FISA so that it continues to protect both our security and our liberty. This committee has found a way to protect both in the past and I am confident that it can do so again with the cooperation of those concerned about civil liberties and those charged with defending our security.
To assist in that effort, I want to propose a way of thinking about the structure of FISA and review the history of how the two major sets of issues raised by FISA have been treated.
The two major questions are: (1) What electronic communications should the government be able to acquire using procedures different from those mandated for criminal investigations; and (2) what procedures should be put in place so that all concerned groups can know clearly what the rules are and have confidence that the rules are being followed? In making some suggestions for what should be in the legislation I will focus on the second set of questions.
It is important to begin by recalling the pre-FISA world and to understand the pressures which led two administrations, large bi-partisan groups in both houses of the Congress, and many civil libertarians to support the enactment of FISA.
In the period before FISA was enacted in 1978 there were essentially no legislated rules and only the most rudimentary procedures in the executive branch establishing standards for when communications could be acquired. We now know that the FBI conducted surveillance of targets such as the Soviet Ambassador, Martin Luther King, Jr., steel company executives, journalists and government officials, including, I should add in the spirit of full disclosure, me when I worked in the Nixon administration and then as a private citizen. The National Security Agency also acquired copies of telegrams entering and leaving the United States relating to anti-war activists.
The Justice Department did have formal procedures for the Attorney General to approve a warrantless surveillance, but often more informal procedures would be used—perhaps a decision by the Director of the FBI on his own or a request from a White House official to the Director.
Government communication with the telephone company—at the time, AT&T was the only one—could not have been more casual. A designated official of the FBI called a designated official of AT&T and passed on a phone number. Within minutes all of the calls from that number were being routed to the local FBI field office and monitored. The fruits of the surveillance were routed to the officials who requested the surveillance.
The viability of this system came to an end with the Watergate scandals and the resulting revelations of the improper actions of the intelligence community. At the time, there were many leaks or reports of improper surveillance. Government officials were not certain about which surveillance activities were legal and what behavior might subject them to civil or criminal penalties. Many lawsuits were being filed and the legality of the surveillances were being challenged in criminal cases. The phone company was being sued and was beginning to demand clarity as to what its obligations were.
(All this should sound very familiar)
Enactment of FISA
The Ford administration came to the conclusion that it was time to subject this set of activities to the rule of law. Intelligence professionals objected: they were reluctant to submit to formal rules and especially to the requirement that they get prior judicial approval before they could act, unless there was an emergency. They feared that the resulting rules might prevent them from acting as necessary. Civil libertarians were concerned that the rules might authorize surveillance that went beyond the Fourth Amendment or was open to abuse. They feared the court would be a rubber stamp and that the oversight would not be sufficient.
In the end, after multi-hearings in this and other committees, Congress was able to craft a bill that has stood the test of time. The legislation answered both questions—who could be surveilled and with what safeguards—with great clarity and in a way that struck, in my view, the right balance.
It provided that communications of foreign powers or agents of a foreign power could be acquired in the United States for the purpose of collecting foreign intelligence information. No surveillance was permitted of those without connections to foreign powers, including people suspected of leaking information. The basic procedure required approval by the Attorney General and then approval of the FISA court, with periodic re-approvals and supervision by the Court to determine that the rules were being followed. There were also standards for a few limited situations when a surveillance could be started or conducted without a court order. These were carefully delimited and involved emergencies, leased lines, and the Congress declaring war.
AT&T received the clarity that it sought and deserved. The rule, spelled out clearly in several places in the legislation and well understood by all, was this: If AT&T received a copy of a warrant or a certification under the statute, it was required to cooperate. If it did not receive authorization by means outlined in the statute, it was to refuse to cooperate and was to be subjected to state and federal civil and criminal penalties for unlawful acquisition of electronic communications.
Let me say a further word about the certification option since it seems to be a source of some misunderstanding and therefore needs, I will suggest, to be clarified in the current legislation.
Everyone involved in the drafting understood that there was a need to provide great clarity and simplicity to the phone company. The simplest rule would have mandated that the phone company act only with a warrant. However, there clearly were situations where speed or exigency did not permit time for a warrant and a few cases where it was agreed that a warrant should not be necessary. For those cases, the statute provided that the telephone company should cooperate if it received a certification from the Attorney General. However, it was clear from the legislation (or should have been) that the Attorney General could provide a certification only if the specific requirements of FISA had been met and he needed to assure the company that those statutory requirements had been met.
Read the full testimony (pdf)