Foreign Intelligence Surveillance Act

The Foreign Intelligence Surveillance Act of 1978 (FISA,, ) is a United States federal law that establishes procedures for the surveillance and collection of foreign intelligence on domestic soil.

FISA was enacted in response to revelations of widespread privacy violations by the federal government under president Richard Nixon. It requires federal law enforcement and intelligence agencies to obtain authorization for gathering "foreign intelligence information" between "foreign powers" and "agents of foreign powers" suspected of espionage or terrorism. 50 USC §1801(b) "Agent of a foreign power means—

(1) any person other than a United States person, who— (A) acts in the United States as an officer or employee of a foreign power, or as a member of a foreign power as defined in subsection (a)(4), irrespective of whether the person is inside the United States; (B) acts for or on behalf of a foreign power which engages in clandestine intelligence activities in the United States contrary to the interests of the United States, when the circumstances indicate that such person may engage in such activities, or when such person knowingly aids or abets any person in the conduct of such activities or knowingly conspires with any person to engage in such activities; (C) engages in international terrorism or activities in preparation therefore; (D) engages in the international proliferation of weapons of mass destruction, or activities in preparation therefor; or (E) engages in the international proliferation of weapons of mass destruction, or activities in preparation therefor, for or on behalf of a foreign power, or knowingly aids or abets any person in the conduct of such proliferation or activities in preparation therefor, or knowingly conspires with any person to engage in such proliferation or activities in preparation therefor; or (2) any person who— (A) knowingly engages in clandestine intelligence gathering activities for or on behalf of a foreign power, which activities involve or may involve a violation of the criminal statutes of the United States; (B) pursuant to the direction of an intelligence service or network of a foreign power, knowingly engages in any other clandestine intelligence activities for or on behalf of such foreign power, which activities involve or are about to involve a violation of the criminal statutes of the United States; (C) knowingly engages in sabotage or international terrorism, or activities that are in preparation therefor, for or on behalf of a foreign power; (D) knowingly enters the United States under a false or fraudulent identity for or on behalf of a foreign power or, while in the United States, knowingly assumes a false or fraudulent identity for or on behalf of a foreign power; or (E) knowingly aids or abets any person in the conduct of activities described in subparagraph (A), (B), or (C) or knowingly conspires with any person to engage in activities described in subparagraph (A), (B), or (C). The law established the Foreign Intelligence Surveillance Court (FISC) to oversee requests for surveillance warrants.

Although FISA was initially limited to government use of electronic surveillance, subsequent amendments have broadened the law to regulate other intelligence-gathering methods, including physical searches, pen register and trap and trace (PR/TT) devices, and compelling the production of certain types of business records.

FISA has been repeatedly amended since the September 11 attacks, with several added provisions garnering political and public controversy due to privacy concerns.

History and background
The Foreign Intelligence Surveillance Act (FISA) was introduced on May 18, 1977, by Senator Ted Kennedy and was signed into law by President Carter on 25 October 1978. The bill was cosponsored by nine Senators: Birch Bayh, James O. Eastland, Jake Garn, Walter Huddleston, Daniel Inouye, Charles Mathias, John L. McClellan, Gaylord Nelson, and Strom Thurmond.

The FISA resulted from extensive investigations by Senate Committees into the legality of domestic intelligence activities. These investigations were led separately by Sam Ervin and Frank Church in 1978 as a response to President Richard Nixon's usage of federal resources, including law enforcement agencies, to spy on political and activist groups. The law itself was crafted in large part in closed door meetings between legislators and members of the Justice Department. The act was created to provide judicial and congressional oversight of the government's covert surveillance activities of foreign entities and individuals in the United States, while maintaining the secrecy needed to protect national security.

Warrantless domestic wiretapping program
FISA came into public prominence in December 2005 following an article in The New York Times that described a program of warrantless domestic wiretapping ordered by the Bush administration and carried out by the National Security Agency since 2002; a subsequent Bloomberg article suggested this may have already begun by June 2000. Attorney General Alberto Gonzales later confirmed the existence of the program, which was codenamed Stellar Wind.

Without obtaining a FISA warrant, the NSA monitored phone calls, Internet activities, text messages, and other forms of communication involving any party it believed to be outside the U.S., regardless of whether part of the communication took place domestically. The Bush administration initially defended the program as an extension of executive authority; amid public, political, and legal pressure, the program was ended in January 2007 and the government announced it would seek warrants from the Foreign Intelligence Surveillance Court (FISC).

Section 702
Following the controversy over Stellar Wind, Congress later legalized a form of that program in Section 702.

Provisions
The subchapters of FISA provide for:


 * Electronic surveillance
 * Physical searches
 * Pen registers and trap & trace devices for foreign intelligence purposes
 * Access to certain business records for foreign intelligence purposes
 * Reporting requirement

Electronic surveillance
Generally, the statute permits electronic surveillance in two different scenarios.

Without a court order
The President may authorize, through the Attorney General, electronic surveillance without a court order for the period of one year, provided that it is only to acquire foreign intelligence information, that it is solely directed at communications or property controlled exclusively by foreign powers, that there is no substantial likelihood that it will acquire the contents of any communication to which a United States person is a party, and that it be conducted only in accordance with defined minimization procedures.

The code defines "foreign intelligence information" to mean information necessary to protect the United States against actual or potential grave attack, sabotage or international terrorism.

"Foreign powers" means a foreign government, any faction of a foreign nation not substantially composed of U.S. persons, and any entity directed or controlled by a foreign government. The definition also includes groups engaged in international terrorism and foreign political organizations. The sections of FISA authorizing electronic surveillance and physical searches without a court order specifically exclude their application to groups engaged in international terrorism.

A "U.S. person" includes citizens, lawfully admitted permanent resident aliens, and corporations incorporated in the United States.

"Minimization procedures" limit the collection of information concerning United States persons by protecting their identities and requiring a court order to retain the communications for longer than 72 hours. The communications can be retained without court order if there is evidence of a crime. Identification of a US person, known as "unmasking", may also be authorized if an agency believes it is necessary in order to understand the intelligence or believes that the person was committing a crime.

The Attorney General is required to make a certification of these conditions under seal to the Foreign Intelligence Surveillance Court, and report on their compliance to the House Permanent Select Committee on Intelligence and the Senate Select Committee on Intelligence.

Since (a)(1)(A) of this Act specifically limits warrantless surveillance to foreign powers as defined by 50 U.S.C. §1801(a) (1),(2),(3) and omits the definitions contained in 50 U.S.C. §1801(a) (4),(5),(6) the act does not authorize the use of warrantless surveillance on: groups engaged in international terrorism or activities in preparation thereof; foreign-based political organizations, not substantially composed of United States persons; or entities that are directed and controlled by a foreign government or governments. Under FISA, anyone who engages in electronic surveillance except as authorized by statute is subject to both criminal penalties and civil liabilities.

Under 50 U.S.C. § 1811, the President may also authorize warrantless surveillance at the beginning of a war. Specifically, he may authorize such surveillance "for a period not to exceed fifteen calendar days following a declaration of war by the Congress".

With a court order
Alternatively, the government may seek a court order permitting the surveillance using the FIS court. This is called the traditional intelligence collection, because it is "the targeted monitoring of a suspected clandestine operative of a foreign power." Approval of a FISA application requires the court find probable cause that the target of the surveillance be a "foreign power" or an "agent of a foreign power" inside the United States and that the places at which surveillance is requested is used or will be used by that foreign power or its agent. In addition, the court must find that the proposed surveillance meet certain "minimization requirements" for information pertaining to U.S. persons. If the foreign power's suspected agent communicates with Americans, the communications of U.S. citizens are incidentally intercepted even though they are not the targets of the surveillance.

Depending on the type of surveillance, approved orders or extensions of orders may be active for 90 days, 120 days, or a year. FISA warrants require renewal depending on the type of surveillance and type of warrant either every 90 days (if targeting a U.S. person) or 120 days (if targeting a non-U.S. person).

FISA court
The Act created the Foreign Intelligence Surveillance Court (FISC) and enabled it to oversee requests for surveillance warrants by federal law enforcement and intelligence agencies (primarily the Federal Bureau of Investigation and the National Security Agency) against suspected foreign intelligence agents inside the U.S. The court is located within the E. Barrett Prettyman United States Courthouse in Washington, D.C. The court is staffed by eleven judges appointed by the Chief Justice of the United States to serve seven-year terms.

Proceedings before the FISA court are ex parte and non-adversarial. The court hears evidence presented solely by the Department of Justice. There is no provision for a release of information regarding such hearings, or for the record of information actually collected. The USA Freedom Act (Section 402), however, requires the government to declassify and publicly release "to the greatest extent practicable" each order, decision and opinion of the court if it contains a "significant construction or interpretation of law."

FISC meets in secret, and approves or denies requests for search warrants. Only the number of warrants applied for, issued and denied, is reported. In 1980 (the first full year after its inception), it approved 322 warrants. This number has steadily grown to 2,224 warrants in 2006. In the period 1979–2006, a total of 22,990 applications for warrants were made to the Court of which 22,985 were approved (sometimes with modifications; or with the splitting up, or combining, of warrants for legal purposes), and only 5 were definitively rejected.

Denials of FISA applications by the FISC may be appealed to the Foreign Intelligence Surveillance Court of Review. The Court of Review is a three-judge panel. Since its creation, the court has come into session twice: in 2002 and 2008.

Physical searches
In addition to electronic surveillance, FISA permits the "physical search" of the "premises, information, material, or property used exclusively by" a foreign power. The requirements and procedures are nearly identical to those for electronic surveillance.

Telephone metadata
In the 2020 case, United States v. Moalin, the Ninth Circuit Court of Appeals ruled that the federal government violated FISA, and possibly the Fourth Amendment of the U.S. Constitution, when it collected the telephony metadata of millions of Americans.

Remedies for violations
Both the subchapters covering physical searches and electronic surveillance provide for criminal and civil liability for violations of FISA.

Criminal sanctions follows violations of electronic surveillance by intentionally engaging in electronic surveillance under the color of law or through disclosing information known to have been obtained through unauthorized surveillance. The penalties for either act are fines up to US$10,000, up to five years in jail, or both.

In addition, the statute creates a cause of action for private individuals whose communications were unlawfully monitored. The statute permits actual damages of not less than $1,000 or $100 per day. In addition, that statute authorizes punitive damages and an award of attorney's fees. Similar liability is found under the subchapter pertaining to physical searches. In both cases, the statute creates an affirmative defense for law enforcement personnel acting within their official duties and pursuant to a valid court order. Presumably, such a defense is not available to those operating exclusively under presidential authorization.

Before FISA
In 1967, the Supreme Court of the United States held that the requirements of the Fourth Amendment applied equally to electronic surveillance and to physical searches. Katz v. United States, 389 U.S. 347 (1967). The Court did not address whether such requirements apply to issues of national security. Shortly after, in 1972, the Court took up the issue again in United States v. United States District Court, Plamondon, 407 U.S. 297 (1972), where the court held that court approval was required in order for the domestic surveillance to satisfy the Fourth Amendment. Justice Powell wrote that the decision did not address this issue that "may be involved with respect to activities of foreign powers or their agents".

Immediately preceding FISA, a number of courts squarely addressed the issue of "warrantless wiretaps". In both United States v. Brown, 484 F.2d 418 (5th Cir. 1973), and United States v. Butenko, 494 F.2d 593 (3rd Cir. 1974), the courts upheld warrantless wiretaps. In Brown, a U.S. citizen's conversation was captured by a wiretap authorized by the Attorney General for foreign intelligence purposes. In Butenko, the court held a wiretap valid if the primary purpose was for gathering foreign intelligence information.

A plurality opinion in Zweibon v. Mitchell, 516 F.2d 594 (D.C. Cir. 1975), held that a warrant was required for the domestic surveillance of a domestic organization. In this case, the court found that the domestic organization was not a "foreign power or their agent", and "absent exigent circumstances, all warrantless electronic surveillance is unreasonable and therefore unconstitutional."

Post-FISA
There have been very few cases involving the constitutionality of FISA. Two lower court decisions found FISA constitutional. In United States v. Duggan, 743 F.2d 59 (2d Cir. 1984), the defendants were members of the Irish Republican Army. They were convicted for various violations regarding the shipment of explosives and firearms. The court held that there were compelling considerations of national security in the distinction between the treatment of U.S. citizens and non-resident aliens.

In the United States v. Nicholson, 955 F. Supp. 588 (E.D. Va. 1997), the defendant moved to suppress all evidence gathered under a FISA order. The court affirmed the denial of the motion. There, the court flatly rejected claims that FISA violated Due process clause of the Fifth Amendment, Equal protection, Separation of powers, nor the Right to counsel provided by the Sixth Amendment.

However, in a third case, the special review court for FISA, the equivalent of a Circuit Court of Appeals, opined differently. In In re Sealed Case, 310 F.3d 717, 742 (FISA Ct. Rev. 2002), the special court stated "[A]ll the other courts to have decided the issue [have] held that the President did have inherent authority to conduct warrantless searches to obtain foreign intelligence information . ... We take for granted that the President does have that authority and, assuming that is so, FISA could not encroach on the President's constitutional power."

Criticism
K. A. Taipale of the World Policy Institute, James Jay Carafano of The Heritage Foundation, and Philip Bobbitt of Columbia Law School, among others, have argued that FISA may need to be amended to include, among other things, procedures for programmatic approvals, as it may no longer be adequate to address certain foreign intelligence needs and technology developments, including: the transition from circuit-based communications to packet-based communications; the globalization of telecommunication infrastructure; and the development of automated monitoring techniques, including data mining and traffic analysis.

John R. Schmidt, associate attorney general (1994–1997) in the Justice Department under President Bill Clinton, expressed a need for programmatic approval of technology-enabled surveillance programs. He recalled early arguments made by then-Attorney General Edward Levi to the Church Committee that foreign intelligence surveillance legislation should include provisions for programmatically authorizing surveillance programs because of the particular needs of foreign intelligence where "virtually continuous surveillance, which by its nature does not have specifically predetermined targets" may be required. In these situations, "the efficiency of a warrant requirement would be minimal."

In a 2006 opinion, Judge Richard Posner wrote that FISA "retains value as a framework for monitoring the communications of known terrorists, but it is hopeless as a framework for detecting terrorists. [FISA] requires that surveillance be conducted pursuant to warrants based on probable cause to believe that the target of surveillance is a terrorist, when the desperate need is to find out who is a terrorist."

The ACLU considers the FISA Act to be unconstitutional for several reasons including: the law was designed to mainly address terrorism threats, but in fact intercepts communications that have nothing to do with terrorism or criminal activity of any kind; and that "the government can create huge databases that contain information about U.S. persons obtained without warrants and then search these databases at a later point."

USA PATRIOT Act
The Act was amended in 2001 by the USA PATRIOT Act, primarily to include terrorism on behalf of groups that are not specifically backed by a foreign government.

Lone wolf amendment
In 2004, FISA was amended to include a "lone wolf" provision. . A "lone wolf" is a non-U.S. person who engages in or prepares for international terrorism. The provision amended the definition of "foreign power" to permit the FISA courts to issue surveillance and physical search orders without having to find a connection between the "lone wolf" and a foreign government or terrorist group. However, "if the court authorizes such a surveillance or physical search using this new definition of 'agent of a foreign power', the FISC judge has to find, in pertinent part, that, based upon the information provided by the applicant for the order, the target had engaged in or was engaging in international terrorism or activities in preparation therefor".

Terrorist Surveillance Act of 2006
On March 16, 2006, Senators Mike DeWine (R-OH), Lindsey Graham (R-SC), Chuck Hagel (R-NE), and Olympia Snowe (R-ME) introduced the Terrorist Surveillance Act of 2006 (S.2455), under which the President would be given certain additional limited statutory authority to conduct electronic surveillance of suspected terrorists in the United States subject to enhanced Congressional oversight. Also on March 16, 2006, Senator Arlen Specter (R-PA) introduced the National Security Surveillance Act of 2006, which would amend FISA to grant retroactive amnesty for warrantless surveillance conducted under presidential authority and provide FISA court (FISC) jurisdiction to review, authorize, and oversight "electronic surveillance programs". On May 24, 2006, Senator Specter and Senator Dianne Feinstein (D-CA) introduced the Foreign Intelligence Surveillance Improvement and Enhancement Act of 2006 asserting FISA as the exclusive means to conduct foreign intelligence surveillance.

All three competing bills were the subject of Judiciary Committee hearings throughout the summer. On September 13, 2006, the Senate Judiciary Committee voted to approve all three mutually exclusive bills, thus, leaving it to the full Senate to resolve.

On July 18, 2006, U.S. Representative Heather Wilson (R-NM) introduced the Electronic Surveillance Modernization Act. Wilson's bill would give the President the authority to authorize electronic surveillance of international phone calls and e-mail linked specifically to identified terrorist groups immediately following or in anticipation of an armed or terrorist attack on the United States. Surveillance beyond the initial authorized period would require a FISA warrant or a presidential certification to Congress. On September 28, 2006, the House of Representatives passed Wilson's bill and it was referred to the Senate.

Protect America Act of 2007
On July 28, 2007, President Bush called on Congress to pass legislation to reform the FISA in order to ease restrictions on surveillance of terrorist suspects where one party (or both parties) to the communication are located overseas. He asked that Congress pass the legislation before its August 2007 recess. On August 3, 2007, the Senate passed a Republican-sponsored version of FISA (S. 1927) in a vote of 60 to 28. The House followed by passing the bill, 227–183. The Protect America Act of 2007 was then signed into law by George W. Bush on August 5, 2007.

Under the Protect America Act of 2007, communications that begin or end in a foreign country may be wiretapped by the U.S. government without supervision by the FISA Court. The Act removes from the definition of "electronic surveillance" in FISA any surveillance directed at a person reasonably believed to be located outside the United States. As such, surveillance of these communications no longer requires a government application to, and order issuing from, the FISA Court.

The Act provides procedures for the government to "certify" the legality of an acquisition program, for the government to issue directives to providers to provide data or assistance under a particular program, and for the government and recipient of a directive to seek from the FISA Court, respectively, an order to compel provider compliance or relief from an unlawful directive. Providers receive costs and full immunity from civil suits for compliance with any directives issued pursuant to the Act.

A summary of key provisions follows. The Act empowers the Attorney General or Director of National Intelligence ("DNI") to authorize, for up to one year, the acquisition of communications concerning "persons reasonably believed to be outside the United States" if the Attorney General and DNI determine that each of five criteria has been met:


 * There are reasonable procedures in place for determining that the acquisition concerns persons reasonably believed to be located outside the United States;
 * The acquisition does not constitute electronic surveillance (meaning it does not involve solely domestic communications);
 * The acquisition involves obtaining the communications data from or with the assistance of a communications service provider who has access to communications;
 * A significant purpose of the acquisition is to obtain foreign intelligence information; and
 * Minimization procedures outlined in the FISA will be used.

This determination by the Attorney General and DNI must be certified in writing, under oath, and supported by appropriate affidavit(s). If immediate action by the government is required and time does not permit the preparation of a certification, the Attorney General or DNI can direct the acquisition orally, with a certification to follow within 72 hours. The certification is then filed with the FISA Court.

Once the certification is filed with the FISA Court, the Attorney General or DNI can direct a provider to undertake or assist in the undertaking of the acquisition.

If a provider fails to comply with a directive issued by the Attorney General or DNI, the Attorney General may seek an order from the FISA Court compelling compliance with the directive. Failure to obey an order of the FISA Court may be punished as a contempt of court.

Likewise, a person receiving a directive may challenge the legality of that directive by filing a petition with the FISA Court. An initial review must be conducted within 48 hours of the filing to determine whether the petition is frivolous, and a final determination concerning any non-frivolous petitions must be made – in writing – within 72 hours of receipt of the petition.

Determinations of the FISA Court may be appealed to the Foreign Intelligence Court of Appeals, and a petition for a writ of certiorari of a decision from the FICA can be made to the U.S. Supreme Court.

All petitions must be filed under seal.

The Act allows providers to be compensated, at the prevailing rate, for providing assistance as directed by the Attorney General or DNI.

The Act provides explicit immunity from civil suit in any federal or state court for providing any information, facilities, or assistance in accordance with a directive under the Act.

Within 120 days, the Attorney General must submit to the FISA Court for its approval the procedures by which the government will determine that acquisitions authorized by the Act conform with the Act and do not involve purely domestic communications. The FISA Court then will determine whether the procedures comply with the Act. The FISA Court thereafter will enter an order either approving the procedures or directing the government to submit new procedures within 30 days or cease any acquisitions under the government procedures. The government may appeal a ruling of the FISA Court to the FICA and ultimately the Supreme Court.

On a semiannual basis, the Attorney General shall inform the Intelligence and Judiciary Committees of the House and Senate of incidents of noncompliance with a directive issued by the Attorney General or the DNI, incidents of noncompliance with FISA Court-approved procedures by the Intelligence Community, and the number of certifications and directives issued during the reporting period.

The amendments to FISA made by the Act expire 180 days after enactment, except that any order in effect on the date of enactment remains in effect until the date of expiration of such order and such orders can be reauthorized by the FISA Court. The Act expired on February 17, 2008.

Subsequent developments
Legal experts experienced in national security issues are divided on how broadly the new law could be interpreted or applied. Some believe that due to subtle changes in the definitions of terms such as "electronic surveillance", it could empower the government to conduct warrantless physical searches and even seizures of communications and computer devices and their data which belong to U.S. citizens while they are in the United States, if the government contended that those searches and potential seizures were related to its surveillance of parties outside the United States. Intelligence officials, while declining to comment directly on such possibilities, respond that such interpretations are overly broad readings of the act, and unlikely to actually occur.

In a September 10, 2007 address at a symposium on modernizing FISA held at Georgetown University Law Center's National Security Center, Kenneth L. Wainstein, Assistant Attorney General for National Security, argued against the current six-month sunset provision in the Protect America Act of 2007, saying that the broadened surveillance powers the act provides for should be made permanent. Wainstein proposed that internal audits by the Office of the Director of National Intelligence and the National Security Division of the Justice Department, with reporting to select groups of Congressmen, would ensure that the expanded capability would not be abused.

Also on September 10, DNI Mike McConnell testified before the Senate Committee on Homeland Security and Governmental Affairs. He mistakenly claimed that the Protect America Act had helped foil a major terror plot in Germany.

Speaking at National Security Agency headquarters in Fort Meade, Maryland on September 19, 2007, President George W. Bush urged Congress to make the provisions of the Protect America Act permanent. Bush also called for retroactive immunity for telecommunications companies who had cooperated with government surveillance efforts, saying, "It's particularly important for Congress to provide meaningful liability protection to those companies now facing multibillion-dollar lawsuits only because they are believed to have assisted in efforts to defend our nation, following the 9/11 attacks".

On October 4, 2007, the bipartisan Liberty and Security Committee of the Constitution Project, co-chaired by David Keene and David D. Cole, issued its "Statement on the Protect America Act". The Statement urged Congress not to reauthorize the PAA, saying the language of the bill "runs contrary to the tripartite balance of power the Framers envisioned for our constitutional democracy, and poses a serious threat to the very notion of government of the people, by the people and for the people". Some in the legal community have questioned the constitutionality of any legislation that would retroactively immunize telecommunications firms alleged to have cooperated with the government from civil liability for having potentially violated their customers' privacy rights.

In an article appearing in the January/February 2008 issue of the Institute of Electrical and Electronics Engineers journal of Security and Privacy, noted technology experts from academia and the computing industry found significant flaws in the technical implementation of the Protect America Act which they said created serious security risks, including the danger that such a surveillance system could be exploited by unauthorized users, criminally misused by trusted insiders, or abused by the government.

On October 7, 2007, The Washington Post reported that House Democrats planned to introduce alternative legislation which would provide for one-year "umbrella" warrants, and would require the Justice Department Inspector General to audit the use of those warrants and issue quarterly reports to a special FISA court and to Congress. The proposed bill would not include immunity for telecommunications firms facing lawsuits in connection with the administration's NSA warrantless surveillance program. House Democrats said that as long as the administration withholds requested documents explaining the basis for the program that they cannot consider immunity for firms alleged to have facilitated it. On October 10, 2007, comments on the White House South Lawn, President Bush said he would not sign any bill that did not provide retroactive immunity for telecommunications corporations.

On October 18, 2007, the House Democratic leadership put off a vote on the proposed legislation by the full chamber to avoid consideration of a Republican measure that made specific references to Osama bin Laden. At the same time, the Senate Intelligence Committee reportedly reached a compromise with the White House on a different proposal that would give telephone carriers legal immunity for any role they played in the National Security Agency's domestic eavesdropping program approved by President Bush after the Sept. 11 terrorist attacks.

On November 15, 2007, the Senate Judiciary Committee voted 10–9 along party lines to send an alternative measure to the full Senate other than the one the intelligence committee had crafted with the White House.

On the same day, the House of Representatives voted 227–189 to approve a Democratic bill that would expand court oversight of government surveillance inside the United States while denying immunity to telecom companies.

In February 2008, the Senate passed the version of the new FISA that would allow telecom companies immunity. On March 13, 2008, the U.S. House of Representatives held a secret session to discuss related information. On March 14, the House voted 213–197 to approve a bill that would not grant telecom immunity – far short of the 2/3 majority required to override a Presidential veto. The Senate and House bills are compared and contrasted in a June 12, 2008 report from the Congressional Research Service.

On March 13, 2008, the House of Representatives held a secret, closed door meeting to debate changes to the FISA bill.

FISA Amendments Act of 2008
The FISA Amendments Act of 2008 passed by the United States Congress on July 9, 2008. The amendments added a new Title VII to the Act, which was slated to expire at the end of 2012 pending reauthorization; Congress subsequently extended the provision to December 31, 2017. The 2008 amendments gave telecoms immunity, increased the time allotted for warrantless surveillance, and adds provisions for emergency eavesdropping. On June 20, 2008, the House of Representatives passed the amendment with a vote of 293 to 129. It passed in the Senate 69 to 28 on July 9, 2008 after a failed attempt to strike Title II from the bill by Senator Dodd. On July 10, 2008, President Bush signed it into law.

2015 USA Freedom Act
First proposed in response to the disclosures of NSA contractor Edward Snowden, which revealed mass surveillance undertaken by the agency, the USA Freedom Act was intended by its sponsors to provide a "balanced approach" to intelligence gathering. The law restored and modified several provisions of the Patriot Act, overhauled the NSA, and required the U.S. government to undergo standard court procedures in order to gather data regarding suspicious activities.

FISA Amendments Reauthorization Act of 2017
After months of congressional hearings and some public controversy, following a short-term extension of three weeks, Congress passed a six-year extension of the FISA Amendments Act of 2008, which was signed into law in January 2018.

Beginning in late 2016, the government initiate efforts to persuade Congress to extend the surveillance authority in Title VII of the Act, which, pursuant to the 2008 and 2012 amendments, was slated to expire on December 31, 2017. Tom Cotton, a Republican Senator from Arkansas, introduced a bill to permanently extend the provisions of Title VII with no changes, but the bill did not advance, as many in Congress were seeking reforms to address privacy concerns. The U.S. House Committee on the Judiciary introduced an extension bill with significant proposed reforms, as did the U.S. House Permanent Select Committee on Intelligence, but ultimately a version of the extension with less significant reforms was advanced by U.S. Senate Select Committee on Intelligence, and in effect that version, through a complex series of amendments was ultimately enacted into law. The Senate agreed to a House amendment on January 18, 2018, and the President signed the legislation, S. 139, the FISA Amendments Reauthorization Act of 2017 (Public Law 115–118), into law on January 19, 2018.

FISA Section 702 allows the National Security Agency to conduct searches of foreigners' communications without any warrant. The process incidentally collects information from Americans. Section 702 of FISA more specifically "brings under FISC jurisdiction various intelligence-collection programs that target categories of non-Americans outside the United States. These foreigners also communicate with Americans, so the latter are incidentally intercepted." The FISA Amendments Reauthorization Act of 2017 extends Section 702 for six years, to December 31, 2023, and most notably included new restrictions on querying surveillance databases, prohibited the resumption of certain types of collection about a target that were not directly addressed to or from that target, unless Congress approved such collection within 30 days of having been notified of the resumption, and provided for additional reporting by the Executive Branch of surveillance activities. Many privacy and civil liberties advocates argued that the reforms enacted by the extension bill were inadequate, but their arguments were successfully opposed by the government.

The January 2018 law also made unauthorized removal and retention of classified information of the United States government a felony crime punishable by five years imprisonment and/or a fine.

2023 short-term reauthorization
Pursuant to the most recent reauthorization in 2017, Section 702 of FISA was set to expire by the end of 2023. At the beginning of 2023, several Biden administration officials began urging Congress to renew the provision, including National Security Advisor Jake Sullivan, Attorney General Merrick Garland, Director of National Intelligence, Avril Haines, and NSA Director Paul M. Nakasone. Federal authorities and other advocates have argued that Section 702 is critical to national security, whereas critics have reaffirmed ongoing concerns about privacy and civil liberties. Several lawmakers, particularly among House Republicans, have called for any reauthorization to be contingent on several reforms, including limiting the scope of who can be investigated, requiring a warrant for surveillance in all instances, and restricting the amount of time collected data can be stored. According to an expected clarification report on US espionage released on April 21, 2023, the number of times the FBI looked up information about Americans in a repository of information collected under Section 702 of the Foreign Intelligence Surveillance Act in 2022, decreased by more than 95% in 2022. The cuts follow a series of reforms the FBI made in the summer of 2021 to limit database searches for information about Americans who correspond with foreigners under surveillance. On December 14, 2023, Congress passed the National Defense Authorization Act, which included a short-term extension of Section 702 until April 19, 2024.

Reforming Intelligence and Securing America Act of 2024
On April 10, 2024, Donald Trump urged Congress to "kill FISA" based on claims of FBI surveillance during his 2016 presidential campaign, leading libertarian Republicans to join progressive Democrats in opposing Section 702's reauthorization on privacy-related grounds. To secure its passage, House Speaker Mike Johnson reduced the reauthorization to two years, rather than the typical five-year term, to allow Trump to veto a hypothetical 2026 reauthorization if he wins the 2024 presidential election. After Congress rejected various privacy-related amendments to minimize the gap in Section 702 authorization, the Senate approved the bill by a 60-34 vote with bipartisan support, and President Joe Biden signed the two-year reauthorization on April 20, 2024.