US Surveillance - Max Fang's Notes

# US Surveillance ### "Secretive [[FISA]] court" cited in [[Google VPN#Blog post by ProtonVPN]] ### [[ProtonVPN]] blog post https://protonvpn.com/blog/privacy-company-us-problem/ The [[Foreign Intelligence Surveillance Act of 1978]] was passed in response to the Watergate abuses of government surveillance. It created a special secret tribunal that decides whether to approve government wiretaps, data collection, and other requests for covert surveillance. The 2016 battle between Apple and the FBI over decrypting the San Bernadino shooter’s iPhone is an example of the type of case the FISA court usually hears. Experts speculate the FBI made the debate public after Apple refused to comply with a sealed court request. The secrecy surrounding these courts makes effective oversight difficult. Critics claim that the FISA courts act as rubber stamps for authorities, pointing to the fact that between the court’s creation in 1978 and 2014, FISA court judges approved 33,942 surveillance applications while only rejecting 11 and modifying 504. The 2015 Freedom Act introduced reforms that increased transparency into court deliberations and rulings, but the majority of applications are still approved. The FISA courts are the sole arbiters of what constitutes a legitimate surveillance target. They are the only institutional check that keeps the NSA and the FBI from violating your privacy during investigations. So it is concerning to say the least to see the court side so overwhelmingly with law enforcement. ### National Security Letters FISA court rulings at least pay lip service to the idea of judicial review. National security letters (NSLs), on the other hand, are secret subpoenas which do not require court approval of any kind. An FBI agent simply needs to clear an internal FBI standard before they can issue a letter. With national security letters, the FBI can compel organizations to turn over vast amounts of personal data and metadata without a warrant. This includes every record associated with the customer’s account. These letters are almost always served in secrecy and they come with indefinite gag orders that bans any discussion of the NSL and its investigation. There is evidence that the FBI has repeatedly abused NSLs to demand information that it cannot legally obtain, such as browsing data and email content. This should not be surprising. The secrecy and lack of supervision that surrounds national security letters invites such overreach. Even if they do not keep records of a user’s online activity, a VPN could be compelled by a NSL to share the user’s screen name, email, and payment details and begin collecting logs. The user and the general public would never know.