Privacy and the Patriot Act

Along with the Guantanamo Bay detention facility and the Bush administration’s illegal eavesdropping on U.S. citizens, the USA Patriot Act came to symbolize the excesses of the post-9/11 war on terrorism. Now, as it weighs the extension of three expiring provisions, the Democratic-controlled Congress has an opportunity to restore key privacy protections that were forgotten in the aftermath of the attacks.

Earlier this month, the Senate Judiciary Committee approved a bill to renew the provisions and sent it to the Senate floor. Unfortunately, though the bill is an improvement over current law, it still falls short. The full Senate and House, where an extension bill was introduced last week, can do better.

The USA Patriot Act, supported by members of Congress from both parties and signed by President George W. Bush only 6 1/2 weeks after 9/11, is formally known as the Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act of 2001. The grandiose title, like the law’s hasty enactment, reflected the national resolve to do something, anything, to prevent a repeat of 9/11.

Some parts of the original act were relatively uncontroversial, including those permitting the CIA and the FBI to share information more freely and allowing investigators to seek warrants for “roving wiretaps” targeted at individuals rather than telephone numbers. Others, however, unjustifiably eroded privacy rights. Particularly troubling were rules governing the acquisition of financial and other records that allowed investigators to conduct fishing expeditions -- as long as the documents were deemed “relevant” to a search for terrorists.

In December, three provisions of the Patriot Act are set to expire: those dealing with roving wiretaps and the acquisition of records, and another (added in 2004) that allows surveillance of what are known as “lone wolf” terrorist suspects. All three extensions strike us as reasonable, though in one case further privacy protections are essential.

In the era of disposable cellphones, it makes sense for investigators, with a court order, to be able to listen in on a targeted suspect’s calls regardless of where he is. And roving wiretaps long have been used in criminal investigations.

More problematic is the provision allowing court orders for business records and other “tangible things” -- popularly known as the “library records” provision because of fears that investigators would monitor the reading habits of citizens (even though the law doesn’t mention library records specifically). The Judiciary Committee bill explicitly makes it harder to obtain library records and requires investigators to show a court that the material sought is reasonably likely to be relevant to an intelligence investigation. Under current law, by contrast, a judge is supposed to presume that the materials are relevant. Even with that refinement, “relevance to an investigation” is too loose a standard for a court order. As Sens. Russell D. Feingold (D-Wis.) and Richard J. Durbin (D-Ill.) proposed, the bill should be revised to require a tighter connection to a particular foreign agent or terrorist.

Finally, the bill would extend the lone wolf provision, under which investigators can seek a warrant to spy on a suspected terrorist even if he is not affiliated with a foreign power or organized terrorist group. Critics argue that this provision -- which the Obama administration says has never been employed -- is unnecessary because any suspected terrorist acting alone could be investigated under criminal laws. True, but the collection of foreign intelligence had previously been subject to rules different from those of a criminal investigation. On balance, the committee was right to extend this provision. Not every foreign terrorist is a card-carrying member of Al Qaeda and thus is not always so easily spotted and monitored.

The Patriot Act’s greatest threat to personal privacy lies not in any of the provisions set to expire but in the law’s expansion of the use of national security letters, subpoenas that allow the FBI to obtain records without a warrant. In 2008, the FBI issued 24,744 letters involving the records of 7,225 people. Not surprisingly, there have been abuses. In 2007, after an investigation of four FBI offices, the Justice Department’s inspector general found irregularities in 22% of documents related to the issuance of national security letters. Last year, he found that the FBI had made “significant progress” in correcting violations.

Even so, the criteria for issuing the letters are too vague. At present, the government must merely certify that the information sought is relevant to an authorized investigation. The bill approved by the Judiciary Committee would increase the burden on the government slightly by requiring a written statement of specific facts demonstrating relevance. A narrower amendment by Feingold and Durbin -- which would have required issuance of national security letters to be related to a suspected foreign agent or terrorist or a possible confederate -- was rejected by the committee. It should be added on the Senate floor or in an eventual conference with the House.

The other problem with national security letters is that the companies or other institutions that receive them are not allowed to reveal that fact publicly, though they can appeal them in a closed hearing in federal District Court. Feingold proposed that the government certify that disclosure of the request would result in serious harm, and that the gag be lifted in a year’s time unless the government presented new evidence that secrecy was necessary. The final version of the Patriot Act extension legislation should include those safeguards.

The committee also approved new limits on “sneak and peek” searches of a property conducted in the absence of the owner or resident. Currently, the targets of such searches must be informed within 30 days after the search; the committee reduced that to seven days.

It’s easy amid this welter of technical provisions to lose sight of the overarching question: To what degree can invasions of privacy be justified by the need to investigate and prevent acts of terrorism? In the aftermath of 9/11, both Congress and the executive branch needlessly cut legal corners. It’s time to make amends.