Skip to main content

The United States of Surveillance: A Review of America’s Mass Surveillance Laws, Programs, and Oversight

Published onDec 14, 2022
The United States of Surveillance: A Review of America’s Mass Surveillance Laws, Programs, and Oversight

After the September 11 attacks, the United States government implemented several programs to safeguard its citizens both at home and abroad. The Global War on Terrorism began, and the power of the United States executive branch grew as it deployed troops and declared war on an enemy operating across the borders of multiple countries. The fight against terrorism, however, was not limited to military deployments in the Middle East. Legislation and legal interpretations, including the USA PATRIOT Act, the Foreign Intelligence Surveillance Act (FISA), and others, granted the executive extraordinary powers to fight a digital surveillance war, not against any one country but rather against various networks of alleged terrorist cells located around the world. Programs implemented after 2001 sought to allow information to flow across various intelligence agencies, while greatly expanding the powers of intelligence gathering. Utilizing the Unitary Executive interpretation of Constitutional power, and with the help of legislation and a secret court, the executive branch of the United States government created a surveillance state that continues to jeopardize the rights American citizens have to privacy, the Fourth Amendment’s protection from unreasonable searches and seizures, and the Sixth Amendment’s rights to be informed when accused of a crime and to face an accuser in court. The pervasive and interlocking network of mass surveillance developing from the War on Terror has grown into a systemic problem for US citizens, with its programs continuing to infringe upon the rights of millions while producing few meaningful results.

The United States of Surveillance is a web-based digital humanities project that uses interactive media and documents to demonstrate how mass surveillance programs in the United States are sanctioned, operated, and used by deconstructing their supporting legal frameworks. This article, which accompanies the digital project, disentangles the juridical intricacies of surveillance to reveal how the current surveillance state systematically threatens the rights of citizens. After briefly introducing relevant surveillance studies scholarship, subsequent sections review pertinent legal frameworks, examples of post-9/11 mass surveillance programs, and relevant case law that helped to shape and maintain the contemporary surveillance state. Ultimately, it demonstrates how the contemporary surveillance state systemically threatens citizens, corporations, and the very fabric of democracy in the United States.

Critical Context

The field of surveillance studies is a “cross-disciplinary initiative to understand the rapidly increasing ways in which personal details are collected, stored, transmitted, checked, and used as means of influencing and managing people and populations” (Lyon, “Surveillance Studies” 1). While the current landscape of scholarly work in surveillance was shaped by post-9/11 policy and programs, academics spent decades developing frameworks allowing researchers to properly define and contextualize surveillance practices. Michel Foucault, a French philosopher who discussed issues of governmental power, surveillance, and control, analyzed shifts in governance strategies over the course of the 18th and 19th centuries, particularly in terms of the prison system and industrialized labour. While Foucault explored historical surveillance apparatuses, other 20th century researchers turned their attention toward developing digital technologies. Surveillance studies scholar James Rule delved into computational administration systems of the post-World War II period, including digital record keeping and storage of personal information. Even before the full implementation of the contemporary surveillance state, scholars predicted—indeed forewarned—how data-driven surveillance could transform society. In 1986, Kenneth Laudon argued that surveillance of computing and telecommunications systems would birth what he called a “dossier society” based on personal data, and, in 1988, Roger Clarke argued that the “generalized suspicion” (503) accompanying mass dataveillance would cause a “denial of due process” (505) leading to a “presumption of guilt” (508).

Today, surveillance studies range over a broad swath of topics including, but not limited to, domestic policing and incarceration practices (e.g., Gary Marx’s Undercover), cybersecurity and digital privacy (e.g., David Lyon’s The Electronic Eye and Ronald Deibert’s Black Code), and the commodification of personal data in consumer culture (e.g., Oscar Gandy’s The Panoptic Sort and Shoshana Zuboff’s The Age of Surveillance Capitalism). This article aligns with that portion of surveillance studies concerned with software, cybersecurity, and digital privacy. Drawing from scholars such as Lyon and Deibert, it explores the implications of post-9/11 policy and technology in terms of greater government control and improved data collection capabilities.

Understanding the Laws

Before examining individual programs, it is important to understand the laws that facilitate the development of mass surveillance programs. Section 702 of FISA stands as the most important piece of legislation sanctioning the existence of US surveillance programs. Section 702 permits the federal government’s “targeting of persons reasonably believed to be located outside the United States to acquire foreign intelligence information” (United States, Congress, House, Foreign Intelligence). While the bill does restrict data collection, stating that programs cannot “intentionally” target US citizens or violate the Fourth Amendment, the law allows intelligence agencies to target foreigners in a way that incidentally collects the data of citizens. The FISA also created the Foreign Intelligence Surveillance Court (FISC), a branch of the US federal courts system tasked with handling classified FISA requests. The FISC, unlike typical federal and local courts, conducts its cases behind the wall of national security and operates ex parte, or without representation or notification to the accused. All transcripts, rulings, and court orders are sealed to the public until the Director of National Intelligence declassifies a document. With a classified designation, FISA cases have the potential to not only circumvent Fifth and Sixth Amendment rights to due process, a public trial, and facing one’s accuser (in the case of citizens), but they can also establish a broad set of hidden legal precedents, which will be discussed below (FISA).

Further understanding the relevance of Section 702 requires placing the provision in conversation with Section 215 of the Patriot Act. Section 215 amends FISA to allow the Federal Bureau of Investigation (FBI), the US’s domestic federal law enforcement and intelligence agency, access to records collected through mass surveillance programs for domestic investigations. Utilizing FISA against US citizens violates the intended purpose of the law and opens the door for warrantless surveillance of domestic citizens. Section 215 then silences anyone required to hand over information obtained through a surveillance program: “no person shall disclose to any other person that the Federal Bureau of Investigation has sought or obtained tangible things under this section” (United States, Congress, House, Uniting and Strengthening). This clause deters people from leaking information, and it provides the government with a prosecutable offense to leverage against whistleblowers. To circumvent this clause of the Patriot Act, some companies use a warrant canary to inform users that they have been served with a warrant for their data. Warrant canaries operate by “providing observers with only a yes/no answer as to whether the government has requested a particular type of information” (Gilens 4). They are typically placed in a company’s terms of service and removal or alteration signals to the public that the company was served with a request for information from the government. Warrant canaries use a “technicality by exploiting a difference in the First Amendment’s protection of compelled silence and coerced lies” (14). In other words, companies may be restricted from stating that they were served with an information request on the grounds of national security, but the removal of a statement is vague enough to not infringe upon the Patriot Act’s silencing order. While some organizations have found loopholes in the law, Section 215 greatly expanded the domestic power of the country’s mass surveillance programs.

Like Section 702 of FISA, Section 215 of the Patriot Act is wrapped in another layer of law, further obscuring the exact reach and mandate of surveillance powers. Significantly, Executive Order (EO) 12333 grants agencies like the FBI or NSA authority to conduct surveillance activity on behalf of the executive branch (United States, Executive Office). The power wielded by the executive branch when conducting surveillance is one of the most robust legal tools available to the government because surveillance conducted at the executive level does not require congressional authorization or judicial oversight. Provided they comply with US law, the executive branch can operate programs free from oversight and beyond the typical checks and balances established in the Constitution. Originally signed in 1981, EO 12333 greatly extended executive authority to conduct surveillance, thus operating in stark contrast to FISA and the Patriot Act, which were both legislated by Congress. Two specific clauses, Part 2.3C and 2.3I, empower the executive branch to conduct its own surveillance programs. Part 2.3C states that the intelligence community (executive agencies) is “authorized to collect, retain or disseminate [...] information obtained in the course of a lawful foreign intelligence, counterintelligence, international narcotics or international terrorism investigation.” Part 2.3I states that the intelligence community is “authorized to collect, retain or disseminate [...] incidentally obtained information that may indicate involvement in activities that may violate federal, state, local or foreign laws” (United States, Executive Office). The executive is the branch of government responsible for collecting intelligence, so Part 2.3C codifies that role. Part 2.3I, however, works in conjunction with the Patriot Act to allow the collection and dissemination of domestic data if it implicates a person in a crime. This theoretically allows any level of law enforcement, via collaboration with the FBI, to access information incidentally collected through foreign surveillance.

While EO 12333 grants sweeping surveillance authority to the executive branch, the president is further empowered to mandate military action and surveillance operations by a particular interpretation of executive authority. This interpretation, known as the Unitary Executive Theory, is the idea that the president controls the entire executive branch. While this may sound normal to Americans, the application and scope of the theory is debated among legal scholars. John Yoo, former Deputy Assistant Attorney General under President George W. Bush, defined the unitary executive as “when [the Constitution] grants the president the executive power, it grants him a reservoir of executive power that’s not specifically set out in the Constitution” (Chang and Yoo). Yoo’s application of the theory, detailed in a memo from his office for the White House Counsel on October 23, 2001, stated that the president “has ample authority to deploy military force against terrorist threats within the United States” (Yoo and Delahunty 1). This can include mobilizing the national guard or using military-grade equipment domestically. For Yoo, the president’s alleged authority went so far as to include “employing electronic surveillance methods more powerful and sophisticated than those available to law enforcement agencies” within the United States (4). The implementation of the Unitary Executive in Yoo’s memo contravenes the Posse Comitatus Act,1 which limits the government’s ability to use the military for domestic law enforcement. The NSA, for example, is an agency within the Department of Defense and employs civilians and military personnel to carry out surveillance operations. The language of the Posse Comitatus Act allows the NSA to operate this way since its staff are not deployed, in the traditional sense, within the United States. This allows the President to utilize military-grade technology and tactics in the collection of domestic or international surveillance data. Granting the president the ability to utilize the military for domestic law enforcement is a dangerous power that could lead to martial law and further expansion of the surveillance state. Though developed in the context of the global War on Terror, Yoo’s memo can be taken from the Department of Justice’s public archive and cited by any future administration to justify the surveillance and use of military force against its citizens.

In addition to legislation and executive orders, the 1979 Supreme Court case Smith v. Maryland offers a final piece of information crucial to understanding mass surveillance in the United States. In Smith v. Maryland, the court ruled that the US federal government, which created a pen registry with a phone provider to learn the numbers dialed by the provider’s clients, did not violate Fourth Amendment protections against unreasonable search and seizure. The case set precedent, now known as the third-party doctrine, stating that people who voluntarily release their information to a third party should not have an “expectation of privacy” and are not entitled to protections under the Fourth Amendment (United States, Supreme Court, Smith v. Maryland 738). This important legal precedent allows the government to obtain data on Americans so long as that data is held by a third party, which occurs every time a user accesses the internet through an internet service provider (ISP) or uses services from a technology company like Facebook, Apple, or Google.

Viewing these individual laws in context with each other reveals a fuller picture of the United States’ current surveillance programs. Section 702 of FISA creates a court where US intelligence agencies can request the power to collect large amounts of information on foreign targets while incidentally collecting the data of citizens. Section 215 of the Patriot Act allows that information to be used domestically. If information incidentally collected under Section 702 indicates a crime, EO 12333 allows federal agencies to collect, retain, and disseminate that information, taking full advantage of the loose wording used in the FISA. Finally, the third-party doctrine states that information obtained by a phone company, bank, or ISP is not protected under the Fourth Amendment. Together, these laws create an intricate and overlapping surveillance network that ensnares foreign and domestic citizens alike. Both Section 702 of FISA and Section 215 of the Patriot Act are now integrated with the United States Code of Laws (USC), taking the form of 50 USC § 1881a and 50 USC § 1861, respectively. What began as an extraordinary measure to defend the United States in a time of crisis turned into a new and legal surveillance state. When used together, these laws test the boundaries of what is considered legal under the Constitution and often depend entirely on a presiding judge’s opinion and interpretation of the law.

Examples of Mass Surveillance Programs

While laws and precedents establish a framework for surveillance operations, executive agencies are responsible for organizing programs and collecting data. Most of the United States’ digital surveillance (known as SIGINT or signals intelligence) operates through programs under the National Security Agency (NSA), with other agencies utilizing the data collected by the NSA’s programs. Edward Snowden’s leaked documents in 2013 highlight several surveillance programs operated by the NSA. Contemporary surveillance scholars, such as Lyon, argue that the revelations made by Edward Snowden provided substantial, irrefutable evidence but revealed “little that was completely new” about surveillance (“The Snowden Stakes” 142). Lyon stated that scholarship in the field predicted the surveillance state, and there was little public understanding of modern practices. Snowden’s leaks served as a “wake-up call to publics still unaware” that governments were conducting mass surveillance of ordinary citizens (143). Still, according to Deibert, post-9/11 surveillance policy created “a far more permissive environment for electronic surveillance and the sharing of information among domestic law enforcement and foreign intelligence” (514). The existence and effectiveness of new surveillance programs are unknown but learning about previously exposed programs can give insight into their current practices. In no particular order, some of the NSA’s known surveillance programs and databases include XKeyscore, PRISM, MYSTIC, FASCIA, and ECHELON.

XKeyscore is a database that focuses on internet activity and logs the “emails, online chats and the browsing histories of millions of individuals” (Greenwald). The analysts using the database need only write a broad justification for a search, which is not reviewed by a court or a supervisor before access to the database is granted. According to Snowden, this would allow anyone with clearance at the NSA to view “nearly everything a typical user does on the internet,” with real-time updates of a user’s activity (Greenwald). Although the NSA would typically require a warrant to specifically target and access the data of citizens, XKeyscore provides the NSA with the capability to target virtually anyone through EO 12333. According to The Guardian, XKeyscore assisted in capturing 300 alleged terrorists by 2008 (Greenwald). It is unclear when the program began, if it exists in the same form today, or what role XKeyscore played in capturing those 300 suspected terrorists. Since XKeyscore focuses on internet-based surveillance, it is logical to assume that the government treats the data as unprivileged information through the third-party doctrine. When a person uses the internet, they provide their ISP with a log of every website they visit, which is often also recorded by a cross-site tracker (a persistent code, usually a cookie, that identifies you when you visit different websites), providing the government with another source to obtain information. Furthermore, users provide their emails, chat history, and other online activity through services like Facebook, Twitter, or even Netflix, allowing these third parties to create records of the user’s activity. If unencrypted, the NSA’s XKeyscore can collate this information into a database, with the ability to search through and find connections in a person’s activity using metadata. In 2021, the Privacy and Civil Liberties Oversight Board, an independent governmental review board, concluded a five-year investigation and released a report on XKeyscore, outlining recommendations on how to improve the program. One board member, Travis LeBlanc, claims that they “failed to adequately investigate or evaluate” the program. LeBlanc states that, even after the program’s exposure in 2013, XKeyscore is based on outdated and “inadequate legal analysis” and “still has no judicial oversight” as it is sanctioned by EO 12333. XKeyscore continues to make “serious compliance infractions,” with hundreds of incidents that “may have involved improper surveillance of Americans’ communications” reported in 2019 (Nakashima).

Another internet-based surveillance program is PRISM, which collects information directly from US technology companies, such as Microsoft, Google, Apple, and many more. The program boasts the ability to collect data “directly from the servers” of large technology companies (Greenwald and MacAskill). Although aimed towards users outside of the United States, Americans may also be surveilled if they communicate with targets outside of the country. Since PRISM was originally intended as a foreign surveillance tool, it was authorized using FISA. The program gives the NSA the capability to collect data on anyone using the service of a company they are monitoring. A slide of the program, leaked by Edward Snowden, shows the program’s capability to collect emails, videos, photos, voice over IP (VoIP, which many cell phone manufacturers now offer as an alternative to cell networked phone calls), and even “special requests” (Greenwald and MacAskill). PRISM allows the NSA direct access to a company’s server, breaking away from the norm of obtaining a search warrant and asking the company for a specific dataset. Both Apple and Google initially denied the government access to their servers. In 2014, however, Apple removed their warrant canary2 from their terms of service, indicating that they were compelled to provide some data to the government (Lecher). Despite the companies’ assurances, the leaked slides from the NSA boast direct access to both companies’ servers, thus implicating each as a collaborator in PRISM’s dragnet.

While XKeyscore and PRISM direct their surveillance efforts toward internet service providers and technology companies, the NSA’s MYSTIC program creates an archive of telephone calls, including metadata and a full record of the call’s contents. According to Edward Snowden, the NSA accessed the content of an unnamed foreign country’s calls for “as long as a month” after the calls occurred. In 2011, two years after the program began, MYSTIC could “record ‘every single conversation nationwide’” and store them for 30-day intervals (Gellman and Soltani, “NSA Surveillance”). Although the program provides the NSA the ability to listen to virtually any phone conversation, analysts only view a fraction of 1% of calls. According to The Washington Post, “most of the conversations collected by RETRO[—the tool behind Mystic’s program—]would be irrelevant to U.S. national security interests” (Gellman and Soltani, “NSA Surveillance”). Unlike PRISM, MYSTIC is not subject to FISA or a FISC mandate. It is instead sanctioned by EO 12333, with authority granted to the executive branch to conduct foreign surveillance. In 2014, President Barack Obama tasked an independent group to review his administration’s surveillance programs, but when they suggested that US data “should nearly always ‘be purged upon detection.’ Obama did not accept that recommendation” (Gellman and Soltani, “NSA Surveillance”). Obama believed that the “capability that this program is designed to meet is preserved” (Ackerman and Roberts). Although MYSTIC was intended for foreign surveillance of telephone users, Section 215 of the Patriot Act allows domestic law enforcement, like the FBI, to obtain a copy of the person’s recorded calls from the NSA’s database. MYSTIC operations potentially contradict a statement Obama made in 2013 when he stated that “nobody is listening to your telephone calls […] what the intelligence community is doing is looking at phone numbers and durations of calls. They are not looking at people’s names and they’re not looking at content” (“President Obama Defends” 00:01:28-00:01:55). Despite Obama’s assurances, as well as the program’s particular focus on foreign telecommunications providers, there is potential for data collection on US citizens if they are in contact with a surveillance target.

Finally, the NSA’s FASCIA program tracks and collects location data of people around the world, including US citizens traveling abroad or who are connected to suspects of interest. The FASCIA program was first brought to light by Edward Snowden through The Washington Post, where an article stated that nearly 5 billion records are collected every day (Gellman and Soltani, “NSA Tracking”). Of those 5 billion records, estimates suggest that only 1% of that data is used. That a mere fraction of the information collected by mass surveillance proves useful demonstrates the ineffectiveness of programs like FASCIA. Terabytes of data are collected every day, with no feasible way of determining how much information is collected on US citizens.

XKeyscore, PRISM, MYSTIC, and FASCIA each collect mass sums of information only to use a small fraction of that data. In the case of FASCIA, terabytes of information are collected every day so the NSA can use 1% of the data. Although the NSA has no direct use for everything collected by their programs, other agencies, like the FBI, can also use the information in their investigations. It is important to note that the mandate given to several of these programs specifies that the information can only be used for foreign targets. Despite this fact, the government operates under the guise of “incidental” collection as a premise for monitoring and retaining the data of US citizens. General Keith Alexander, the Director of the National Security Agency from 2005-2014, testified before Congress in defense of programmatic surveillance, stating that “the information gathered from these programs provided the U.S. government with critical leads to help prevent over 50 potential terrorist events in more than 20 countries around the world” (United States, Congress, House, Permanent Select Committee). While the government continues to insist that programmatic surveillance assists law enforcement officials in preventing terrorist attacks, a 2014 study by the New America Foundation, which analyzed 225 individuals linked to foreign terrorist groups and charged with an act of terrorism in the United States, found that “traditional methods of investigation [...] provided the initial impetus for investigations in the majority of cases” (Bergen et al. 1). The study revealed that the collection of telephone metadata assisted in only 1.8% of cases, while NSA surveillance of persons outside the US assisted in 4.4% of cases (2). The study concluded that “surveillance of American phone metadata has had no discernible impact on preventing acts of terrorism and only the most marginal of impacts on preventing terrorist-related activity” (2). The study proves that the NSA’s programs were not necessary or helpful for preventing most terrorist attacks. Moreover, a 2015 poll by the Pew Research Center found that only 6% of Americans are “‘very confident’ that government agencies can keep their records private and secure” (Madden and Rainie). Many Americans, 65%, believed that “there are not adequate limits on the telephone and internet data that the government collects,” and that number increased to 75% among those who were informed about US surveillance practices (Madden and Rainie).

One way for citizens to protect their data involved instituting end-to-end encryption. Many of the NSA’s data collection programs “involve the placement of interceptors on the large fiber-optic cables connecting the different hubs of the Internet,” reading data directly from internet cables (Bauman et al. 122). End-to-end encryption could prevent this type of surveillance by restricting access to only the sender and receiver of a message—examples include data sent user-to-company, company-to-user, or user-to-user. Theoretically, for data sent over end-to-end encryption, the only method for the government to access a message’s content is for a company to install a “backdoor” into their applications (Michalas).3 This is why, according to a Senior Staff Attorney at the Electronic Frontier Foundation, the NSA “deliberately weakened international encryption standards,” “quietly asked individual companies to insert backdoors into their products to facilitate spying and covertly stockpiled information about security vulnerabilities,” and even “carried out offensive hacking operations such as spoofing Facebook and LinkedIn to perform ‘man-in-the-middle’ attacks4 to insert malware onto targets’ devices” (Kehl and Bankston).

US surveillance agreements with other countries further augments the power of institutions like the NSA. The Five Eyes Network, created through the UKUSA Agreement, combines surveillance programs to share information gathered by the United States, the United Kingdom, Canada, Australia, and New Zealand. Member countries share data collected from a number of surveillance programs, including the NSA’s ECHELON program, which uses “satellite receiver stations and spy satellites [...] alleged to give it the ability to intercept any telephone, fax, Internet or e-mail message sent by any individual and thus to inspect its contents” (Schmid). The UKUSA Agreement spawned from a need for surveillance during the Cold War. The Five Eyes Network allowed member countries to share information and improve intelligence on the Russians. ECHELON was a harbinger for the surveillance state and laid the groundwork for its current programs. A 2001 report by the European Parliament stated that ECHELON posed “threats to privacy and to businesses” (Schmid). Under the UKUSA Agreement, individual member nations can “place their interception systems at each other’s disposal [...] and make joint use of the resulting information.” For example, this allows the United Kingdom to surveil US citizens and then share that information with the US government. The scope and practical use of the Five Eyes Network in domestic data collection is unclear, but governments signed to the UKUSA Agreement possess the ability to collect information on their citizens by leveraging the surveillance networks of other governments. The practice can circumvent a nation’s laws and give victims “no domestic legal protection,” since the surveillance is being carried out by a foreign nation (Schmid).

Relevant Case Law

The legal frameworks and programs outlined above permit and operationalize mass surveillance in alarming ways. However, it is the American court system, which is supposed to provide oversight of these programs, that continuously sanctions and even protects their actions. Moreover, the courts actively set precedents that have fundamentally changed interpretations of the Constitution in favor of a surveillance state. The Foreign Intelligence Surveillance Court (FISC) is the specific part of the judiciary responsible for overseeing surveillance activities, and several declassified documents have underscored how ineffective the court is at checking the power of surveillance programs. It is worth noting that the FISC is not only responsible for approving electronic surveillance. The court’s primary purpose is to review warrants submitted by the government under FISA, which may include physical searches of property owned by foreign agents or governments, the placement of trap and trace devices, and access to business records, in addition to their role in approving surveillance operations (“The Foreign Intelligence”).

The FISA court’s declassified documents show that programs violate the rights of citizens and repeatedly fail to adhere to their own rules. A FISC opinion from the government’s 2011 certification, written by Judge John D. Bates, ruled that the NSA violated the rights of US citizens when it collected emails and other communications between Americans. Bates determined that the “NSA has been acquiring Internet transactions [monitoring to/from communications] since before the [FISA] Court’s approval” (United States, Foreign Intelligence Surveillance Court, Section 702 2011 17). The report also stated that the NSA’s upstream collection program, where the NSA collects information directly from fiber-optic data lines, was “deficient on statutory and constitutional grounds” (2). In addition, Bates expressed concern that the NSA’s program “may contain data that is wholly unrelated to the tasked selector, including the full content of discrete communications that are not to, from, or about the facility tasked for collection” (5). The ruling reveals that the NSA violated US law by collecting data prior to receiving the court's approval. Had the NSA sought approval before the operation, the court implies that it would have denied the request because it involved collecting data unrelated to their named targets.

Data collection infractions and operations, without FISC approval, not only impedes the rights of US citizens but also limits surveillance programs’ abilities to operate effectively. In the same 2011 certification, Bates indicates further frustration at the executive branch’s continued reticence in disclosing the scope of its surveillance programs: “the Court is troubled that the government’s revelations regarding NSA’s acquisition of Internet transactions mark the third instance in less than three years in which the government has disclosed a substantial misrepresentation regarding the scope of a major collection program” (United States, Foreign Intelligence Surveillance Court, Section 702 2011 16). He also added, referring to a previous incident, that the Count’s requirement for adhering to minimization procedure was “‘so frequently and systemically violated that it can fairly be said that [oversight] of the overall…regime has never functioned effectively’” (16). In a 2015 hearing, Amy Jeffress, former Counselor to the Attorney General for National Security, served as the court-appointed amicus curiae to assist in an independent review of the minimization case. Minimization procedures refer to the process intelligence agencies use to prune information before dissemination. Jeffress, in analyzing the FBI’s minimization procedures, stated that the procedures “‘go far beyond the purpose for which the Section 702-acquired information is collected in permitting queries that are unrelated to national security’” (United States, Foreign Intelligence Surveillance Court, Section 702 2015 30). The court “respectfully disagreed” with Jeffress’ opinion, stating that there is no “statutory requirement” that the data collected “serve a solely foreign intelligence national security purpose” (31). The court cited EO 12333, which granted the federal government the power to retain and disseminate Section 702-acquired information when it indicates evidence of a domestic crime. Jeffress argued that “the minimization procedures do not place any restrictions on querying the data using US person identifiers,” and she stated that “each query by FBI personnel [...] is a ‘separate action subject to the Fourth Amendment reasonableness test’” (39–40). Despite Jeffress’s findings, the court ruled in favour of the federal government. Although the Court could not find legal grounds to support Jeffress’s suggestions, it was important to highlight the common expectation versus the hidden laws and precedents that govern the data. Once declassified, the opinion gave significant insight into how surveillance programs are legally justified.

The 2015 ruling established an exception to the Fourth Amendment that was expanded by the Ninth Circuit Court of Appeals in United States v. Mohamud (2016) (United States, Court of Appeals for the Ninth Circuit). United States v. Mohamud involved a complex sting operation by the government to convict Mohamed Osman Mohamud of planning to detonate a bomb in Portland, Oregon. By leveraging the third-party doctrine and turning a blind eye to incidental data collection, the ruling circumscribed the rights of privacy and Fourth Amendment protections. Moreover, eliminating the requirement to obtain a warrant blurs the line between preventing a terrorist attack and infringing upon the rights of citizens. The court stated that “under the third-party doctrine, Mohamud had a reduced expectation of privacy in his communications to third parties” (3). This interpretation, along with the Supreme Court’s rulings in United States v. Kahn5 and United States v. Donovan,6 created a new legal precedent known as the incidental overhear doctrine, which states that “those in contact with a surveillance target can claim no greater rights or protections than the target herself” (Goitein 107). Together the decisions overturned a decades-old legal precedent set forth in Katz v. United States which had expanded the Fourth Amendment’s protections to “what [a person] seeks to preserve as private, even in an area accessible to the public” (United States, Supreme Court 351). United States v. Mohamud shows how courts, other than the FISC, have worked to support the mass surveillance state by overthrowing legal norms and creating new legal doctrine based on surveillance. It also demonstrates how Section 702 data collection acts as a catalyst for major domestic operations.

It is important to note that the government’s querying and data retention practices were not mentioned in Mohamud’s defense, and thus “an argument regarding reasonableness was outside the scope of this court’s review” (United States, Court of Appeals for the Ninth Circuit, United States v. Mohamud 3). This was an unusual addition for the panel to add because it implies another outcome if the defense presented an argument questioning the legality of the government’s practices. In FISC’s 2015 certification, the court wrote that “the Fourth Amendment does not require the government to obtain a warrant to conduct surveillance ‘to obtain foreign intelligence’” (United States, Foreign Intelligence Surveillance Court, Section 702 36).  The court expanded upon the exception to say that it “applies even when a United States person is the target of such a surveillance” (37). The erosion of Constitutional protections, like those guaranteed by the Fourth Amendment, is occurring behind the curtain of national security. Because the ruling pertains to surveillance programs conducted in the name of national security, proceedings are not available for public scrutiny. Instead, rulings like this one must first be declassified, which occurs at the sole discretion of the Director of National Intelligence. The power given to the government in this instance poses a significant threat to the United States: the FISC can use national security to create legal precedents hidden from the public and other courts.

In 2018, a ground-breaking ruling by FISC stated that the FBI’s minimization procedures and batch queries on US citizens violated the FBI’s own minimization procedures and the Fourth Amendment. Yet again, Jeffress joined the court as an amicus curiae, having forewarned the court about this issue in 2015. The court found several problems with the FBI’s minimization procedures. The FBI is one of few US organizations with access to raw, unminimized data, even if they only receive a “small percentage of the total information acquired under Section 702” (United States, Foreign Intelligence Surveillance Court, Section 702 2018 66). The first issue involved the FBI’s use of “exemptions from otherwise applicable requirements for lawful training [and] oversight of [the FBI’s] personnel or systems” (5). These exemptions proved to be “unreasonably broad,” (5), possibly violated the Fourth Amendment and violated FISA’s definition of a minimization procedure. Additionally, the FBI tended to keep records of their search query results, including data like a name or phone number, but the records “would not indicate whether the query term used was associated with a United States person” (5). This practice directly violated a FISA statute that required agencies to “‘include a technical procedure whereby a record is kept of each United States person query term used for a query’” (5). The final issue found with the FBI’s minimization procedures was that the agency “did not require FBI personnel to document the basis for finding that each United States-person query term satisfied the relevant standard” (5). The court asserted that the failure to document the basis for the FBI’s queries was “unreasonable” under FISA’s minimization procedures and “possibly” the Fourth Amendment (5). Given the large number of FBI queries conducted on US citizens, the issues discovered by the court have far-reaching effects. Citizens have an expectation of privacy, and the FBI must provide reasonable cause for searching through a person’s data. Without a justification, there is increased potential for abuse by employees, who could use search results for blackmail and other types of personal, professional, or political gain. In 2017, the National Center for Counterterrorism, CIA, and NSA collectively ran 7500 searches on US persons. In the same period, the FBI ran 3.1 million queries on one system alone although, due to the FBI’s minimization procedures, it is impossible to know how many of those queries were targeting US citizens. The court cited five separate instances of the FBI’s bulk searching and non-compliance with its own minimization procedures, statutes, and the Fourth Amendment. The government cited human error as the reason for these violations, claiming several of the searches were accidental, for improper personal purposes, or due to a lack of understanding of the FBI’s own minimization procedures (71).

In addition to violations of the minimization procedure, the court raised issues with the “‘batch queries” the FBI conducted. The FBI’s own minimization procedure dictates that “‘each query [...] must be reasonably likely to retrieve foreign intelligence information [...] or evidence of a crime’” (United States, Foreign Intelligence Surveillance Court, Section 702 2018 78). Despite this, the government maintained that “an aggregation of individual queries can satisfy the querying standard, even if each individual query in isolation would not be reasonably likely to return foreign-intelligence information or evidence of crime” (78). Until 2018, the FBI ran individual queries in the expectation that they would, en masse, reveal intelligence or evidence, even if each query alone provided no information. For example, if the FBI suspected that an employee of a company intended to commit a crime, but the FBI did not know who that person was, the agency could search for information on all of the company’s employees. It is important to note that these loopholes in the FBI’s minimization procedures, which in turn violated the Fourth Amendment, were brought to the court by Jeffress in 2015 and the court failed to act upon her recommendations. The FISC has repeatedly shown that it is not an effective tool for checking the power of mass surveillance programs. The court’s own declassified documents have highlighted the fact that agencies are unwilling to follow their own rules and yet judges continue to authorize their programs.

Outside of the FISC, there has been some progress towards fixing FISA’s precedents at the federal level. On September 2, 2020, a panel of judges with the United States Court of Appeals for the Ninth Circuit ruled on United States v. Moalin (2020) and “conclude[d] that the government may have violated the Fourth Amendment and did violate FISA when it collected the telephony metadata of millions of Americans” and “confirm[ed] that the Fourth Amendment requires notice to a criminal defendant when the prosecution intends to enter into evidence [...] from surveillance of that defendant conducted pursuant to the government’s foreign intelligence authorities” (7). Earlier, in 2015, the United States Court of Appeals for the Second Circuit ruled on ACLU v. Clapper stating that “the [NSA’s] telephone metadata program exceeds the scope of what Congress has authorized and therefore violates § 215 [of the Patriot Act]” (97). These two cases were the first major steps in combating the legalization of mass surveillance since the public gained knowledge of these programs in Edward Snowden’s 2013 leaks. The courts’ rulings call into question the legality of programmatic surveillance, and they allow future cases to utilize the precedents to challenge state-sponsored mass surveillance.


On numerous occasions, courts have ruled that the United States’ mass surveillance programs violate both the rights of its citizens and the rules that agencies created to govern their activities. Furthermore, studies show that officials use only a fraction of a typical mass surveillance program’s data and, even when that data is utilized, mass surveillance has not been found to be more effective than conventional law enforcement practices. Despite this, the government continues to insist that mass surveillance programs are effective in counteracting terrorist attacks and other threats to national security. The intelligence community’s collection of data has, however, become a systemic problem for the country. By creating interlocking networks of legal authority, these surveillance programs have grown to an extent that surpasses any traditional laws or oversight. While massive surveillance programs like the NSA’s XKeyscore erode US citizens’ expectations of privacy and their Fourth Amendments rights, secret courts establish legal precedents that are closed to public viewing, giving surveillance programs a separate set of governing rules and laws. Additionally, the public only learns about the government’s surveillance activities through whistleblowers and declassified documents. The full scope of the government’s current surveillance practices and capabilities is unknown, but the surveillance apparatus continues to grow, giving the government even more power and control over information.

The complexity of the surveillance state makes it challenging to recognize its impact on individuals. As computer algorithms, mass surveillance programs collect large amounts of data and refuse to differentiate suspects from ordinary citizens. By not protecting citizens who are not the subject of an investigation, mass surveillance turns against democratic justice by assuming guilt and treating all details of a person’s life as suspicious. Aside from Fourth Amendment concerns, mass surveillance also threatens the First Amendment’s freedom of speech protection. Information collected by mass surveillance programs gives the government a method for targeting journalists, persecuting activists and whistleblowers, and profiling and discriminating against minorities. With surveillance capitalism turning user data into a commodity, governments should take steps to secure their citizens’ privacy and rights online. Instead, the United States government created an Orwellian surveillance state that threatens the fabric of its democracy.

Works Cited 

Ackerman, Spencer, and Dan Roberts. “US Government Privacy Board Says NSA Bulk Collection of Phone Data Is Illegal.” The Guardian, 23 Jan. 2014,

Bauman, Zygmunt, Didier Bigo, Paulo Esteves, Elspeth Guild, Vivienne Jabri, David Lyon, R. B. J. Walker. “After Snowden: Rethinking the Impact of Surveillance.” International Political Sociology, vol. 8, no. 2, 2014, pp. 121–144,

Bergen, Peter, et al. “Do NSA’s Bulk Surveillance Programs Stop Terrorists?” New America Foundation, Jan. 2014,

Chang, Alisa, and John Yoo. “Former Deputy Assistant AG Offers Perspective on Unitary Executive Theory.” National Public Radio, 8 May 2019,

Clark, Mitchell. “Here’s How the FBI Managed to Get into the San Bernardino Shooter’s iPhone.” The Verge, 14 Apr. 2021,

Clarke, Roger. “Information Technology and Dataveillance.” Communications of the ACM, vol. 31, no. 5, 1988, pp. 498–512.,

Deibert, Ronald J. Black Code: Surveillance, Privacy, and the Dark Side of the Internet. McClelland and Stewart, 2013.

“The Foreign Intelligence Surveillance Act of 1978 (FISA).” Bureau of Justice Assistance, U.S. Department of Justice,

Foucault, Michel. Discipline and Punish: The Birth of the Prison. Vintage Books, 1979. Gandy, Oscar Jr. The Panoptic Sort: A Political Economy of Personal Information. Westview Press, 1993.

Gellman, Barton, and Ashkan Soltani. “NSA Tracking Cellphone Locations Worldwide, Snowden Documents Show.” The Washington Post, 4 Dec. 2013,

Gellman, Barton, and Ashkan Soltani. “NSA Surveillance Program Reaches ‘into the Past’ to Retrieve, Replay Phone Calls.” The Washington Post, 18 Mar. 2014,

Gilens, Naomi. “The NSA Has Not Been Here: Warrant Canaries as Tools for Transparency in the Wake of the Snowden Disclosures.” Harvard Journal of Law & Review, vol. 28, no. 2, 2015,

Goitein, Elizabeth. “Another Bite Out of Katz: Foreign Intelligence Surveillance and the ‘Incidental Overhead’ Doctrine.” American Criminal Law Review, vol. 55, no. 1, 2018,

Greenwald, Glenn. “XKeyscore: NSA Tool Collects ‘Nearly Everything a User Does on the Internet.’” The Guardian, 31 July 2013,

Greenwald, Glenn, and Ewen MacAskill. “NSA Prism Program Taps in to User Data of Apple, Google and Others.” The Guardian, 7 Jun. 2013,

Kehl, Danielle, and Kevin Bankston. “Opinion: A Year after Snowden, the Real Costs of NSA Surveillance.” CNN, Cable News Network, 4 June 2014,

Laudon, Kenneth C. Dossier Society: Value Choices in the Design of National Information Systems. Columbia University Press, 1986.

Lecher, Colin. “Apple May Have Quietly Signaled That It’s Received a Secret Patriot Act Order.” The Verge, 18 Sep. 2014,

Lyon, David. The Electronic Eye. University of Minnesota Press, 1994.

Lyon, David. “The Snowden Stakes: Challenges for Understanding Surveillance Today.” Surveillance & Society, vol. 13, no. 12, 2015, pp. 139–152,

Lyon, David. “Surveillance Studies: Understanding Visibility, Mobility and the Phenetic Fix.” Surveillance & Society, vol. 1, no. 1, 2002, pp. 1–7,

Madden, Mary, and Lee Rainie. “Americans’ Attitudes about Privacy, Security and Surveillance.” Pew Research Center, 17 Aug. 2020,

Marx, Gary T. Undercover: Police Surveillance in America. University of California Press, 1988.

Michalas, Antonis. “How WhatsApp Encryption Works – and Why There Shouldn’t Be a Backdoor.” The Conversation, 13 Oct. 2021,

Nakashima, Ellen. “NSA Surveillance Program Still Raises Privacy Concerns Years after Exposure, Member of Privacy Watchdog Says.” The Washington Post, WP Company, 29 June 2021,

Obama, Barack. “President Obama Defends N.S.A. Surveillance Programs.” The New York Times, 7 Jun 2013,

Rule, James. Private Lives and Public Surveillance: Social Control in the Computer Age. Schocken Books, 1974.

Schmid, Gerhard. “Report on the Existence of a Global System for the Interception of Private and Commercial Communications (Echelon Interception System).” European Parliament, 11 Jul. 2001,

United States, Congress, House. Foreign Intelligence Surveillance Act of 1978 Amendments Act of 2008., 110th Congress, House Resolution 6304, passed 20 Jun. 2008.

United States, Congress, House, Permanent Select Committee on Intelligence. How Disclosed NSA Programs Protect Americans, and Why Disclosure Aids Our Adversaries. Office of the Director of National Intelligence, 18 Jun. 2013,,-and-why-disclosure-aids-our-adversaries.

United States, Congress, House. Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism (USA PATRIOT Act) Act of 2001., 107th Congress, House Resolution 3162, passed 24 Oct. 2001.

United States, Court of Appeals for the Ninth Circuit. United States v. Moalin. Docket no. 13-50572, 2 Sep. 2020. United States Court of Appeals for the Ninth Circuit,

United States, Court of Appeals for the Ninth Circuit. United States v. Mohamud. Docket no. 14-30217, 5 Dec. 2016. United States Court of Appeals for the Ninth Circuit,

United States, Court of Appeals for the Second Circuit. ACLU v. Clapper. Docket no. 14-42, 7 May 2015. Justia,

United States, Executive Office of the President [Ronald Reagan]. Executive order 12333: United States Intelligence Activities. 4 Dec. 1981. Federal Register, vol. 46, no. 235, 4 Dec. 1981, pp. 200,

United States, Foreign Intelligence Surveillance Court. Section 702 2011 Certification Memorandum Opinion and Order. 3 Oct. 2011. Office of the Director of National Intelligence,

United States, Foreign Intelligence Surveillance Court. Section 702 2015 Certification Memorandum Opinion and Order. 6 Nov. 2015. Office of the Director of National Intelligence,

United States, Foreign Intelligence Surveillance Court. Section 702 2016 Certification Memorandum Opinion and Order. 26 Apr. 2017. Office of the Director of National Intelligence,

United States, Foreign Intelligence Surveillance Court. Section 702 2018 Certification Memorandum Opinion and Order. 18 Oct. 2018. Office of the Director of National Intelligence,

United States, Supreme Court. Katz v. United States. United States Reports, vol. 389, 17 May 1954, pp. 347–374. Library of Congress,

United States, Supreme Court. Smith v. Maryland. United States Reports, vol. 442, 17 May 1954, pp. 735–752. Library of Congress,

Yoo, John, and Robert Delahunty. “Memorandum for Alberto R. Gonzales.” Office of the Deputy Assistant Attorney General, 23 Oct. 2001,

Zuboff, Shoshana. The Age of Surveillance Capitalism: The Fight for the Future at the New Frontier of Power. Profile Books, 2019. 

No comments here
Why not start the discussion?