RGS Recommendations for 2025 FISA Reauthorization

Washington, DC – As U.S.-based companies that provide consumer and enterprise technology, products, and services to customers around the globe, we appreciate the priority the 118th Congress placed on conducting oversight of Section 702 of the Foreign Intelligence Surveillance Act (FISA), and the reforms that were adopted in the Reforming Intelligence and Securing America Act (RISAA).

The Reform Government Surveillance (RGS) coalition has long advocated for Congress to codify the intelligence community’s policy ban on “about” collections. RGS was pleased to see this reform codified last Congress. RGS also applauds reforms signed into law to increase amici participation in FISA court proceedings, and transparency measures that include setting a declassification timeline for Foreign Intelligence Surveillance Court (FISC) documents to six months. 

The 119th Congress will have the opportunity to review and continue to refine Section 702.

RGS recommends improvements related to the scope of entities subject to Sec. 702, collection of data, transparency, retention of data, and oversight. These refinements would continue to protect the privacy of the people who use our services.

Collection

Reauthorization legislation should codify both legitimate objectives and prohibited uses for Signals Intelligence (SIGINT) collection that are already being implemented by the U.S. government, with the imprimatur of the FISC through Executive Order 14086. This can help to reassure all those who use our services that they are receiving these protections under U.S. law.

Transparency

RGS recommends Congress amend FISA to add another reporting option allowing companies to report, with greater granularity, the volume of national security demands they receive in certain circumstances. At the moment, companies are only able to report, on a six month delay, the number of FISA requests and national security letters they receive and the number of user accounts those demands reference in bands that vary between 250-1000. 

The changes should also include narrowing the bands regarding permissible reporting and removing the bands altogether after a certain threshold is met, consistent with national security. 

Retention

Data collected under Section 702 should be purged after three, rather than the current five, years of retention with limited exceptions. This minimization effort would help ensure that information, particularly personal information, is only retained for as long as necessary to fulfill a national security purpose.

Covered Providers

RISAA contained a provision that expands the scope of entities subject to Section 702 by changing the definition of electronic communications service providers. Supporters of the provision contended it was a necessary response to two FISC rulings that Section 702 did not apply to a certain service offering. In the public versions of the opinions, the FISC redacted discussion of the service at issue. Supporters of the provision have not made a public case that Section 702 surveillance authority should be extended to cover a category of services that are not already covered. Absent a public debate about its need, its scope, and its impact, this provision should sunset and not be reauthorized in 2026.

Oversight

Lastly, RGS supports the existence and mission of the Privacy and Civil Liberties Oversight Board (PCLOB). PCLOB is an independent agency providing oversight and advice on a range of privacy and security matters. PCLOB currently has four vacancies. RGS encourages the Trump Administration and Congress to continue to invest in PCLOB. RGS urges a speedy nomination process and Senate approval of four new members to maintain a quorum.

###