Confronted with a few embarrassing assertions in his autobiography, pro-basketball legend Charles Barkley famously protested, “I was misquoted.” Apparently, Representative James Sensenbrenner knows the feeling. The Wisconsin Republican claims to have written the PATRIOT Act. Like the Round Mound of Rebound, though, he seems less than familiar with his handiwork.
Congressman Sensenbrenner purports to be stunned by revelations that the National Security Agency (NSA) has, for years, collected records of phone usage by untold millions of Americans. This was done under the PATRIOT Act’s business-records provision, passed and later reauthorized while Sensenbrenner chaired the House Judiciary Committee. He is thus closely identified with the law and incensed over its use to amass this “metadata” trove. Or is it that he is mortified over publicity about the trove and the ensuing ire it has provoked in some Republican and tea-party precincts?
In such a spot of bother, most politicians would be content to gripe that their legislation is being used in a way they never contemplated. Not Sensenbrenner. He insists that the law is being violated. The PATRIOT Act’s plain terms, he maintains, do not permit the ongoing data collection, period. He therefore accuses both the Justice Department (which began the program under Bush and has expanded it under Obama) and the judges of the FISA Court (the special tribunal created by Congress in the 1978 Foreign Intelligence Surveillance Act) of running roughshod over the strict, clear limitations he says he wrote into the law.
So is Sensenbrenner encouraging you to verify this by reading the law for yourself? Nope. His highly exaggerated claim of PATRIOT Act authorship is a transparent attempt to become the showstopper authority on what the act says. Just take his word for it — no need to check his version against the text.
In truth, the controversial PATRIOT Act had many authors, drawn from both parties, both political branches of government, and both chambers of Congress. Sensenbrenner conceded as much in a recent op-ed he penned for the U.K.’s Guardian — correctly crediting the Bush Justice Department with primary authorship, but noting that many lawmakers got involved in the drafting process, especially during the frenetic aftermath of the 9/11 atrocities.
As I’ve recounted elsewhere in refuting Sensenbrenner’s claims, lawmakers also got a good deal of drafting advice from outside the government. That was especially true in 2005–06, when, largely due to Sensenbrenner’s insistence at the time of PATRIOT’s original passage, several significant provisions were scheduled to sunset. As public debate over the question of reauthorizing PATRIOT heated up, the American Bar Association sponsored exchanges between former government lawyers on the national-security Right, including moi, and our progressive and libertarian counterparts. (See, e.g., this debate between Ohio State law professor Peter Swire and me over the business-records provision — eventually published in a 2005 ABA compendium called Patriot Debates: Experts Debate the USA PATRIOT Act.) I was also involved in a bipartisan working group of former government officials who helped lawmakers work through PATRIOT issues. After months of debate, our group (which eventually included future Obama-administration attorney general Eric Holder, as well as several other Clinton- and Bush-administration veterans) came to a consensus about the need to reauthorize several PATRIOT provisions — very much including the business-records statute.
By recounting this kitchen glutted with chefs, I do not mean to suggest that Sensenbrenner was a tangential figure. The Justice Department was the lead executive agency pushing the bill, and he chaired the committee responsible for Justice Department oversight. Plainly, his support was pivotal — and he is no wallflower. Nevertheless, he now says he not only helped push the measure through but actually wrote it. “I authored the Patriot Act,” he proclaimed in the Guardian. With even less restraint, he repeated the claim Monday night when interviewed on Hannity, my friend Sean Hannity’s prime-time Fox News television program, popular among conservatives.
Sensenbrenner’s authorship claim, implausible enough under the circumstances of the PATRIOT Act’s drafting, is even harder to fathom once his description of the business-records provision is compared with the law Congress actually passed. After agreeing that it was he who “wrote the PATRIOT Act,” Representative Sensenbrenner told Sean (at the 2:30 mark of the interview):
One of the most difficult things in getting the Patriot Act passed was the business-records section of the law, which is called “section 215.” And in order to get the act passed, it was limited. It was limited only to getting the business records of a foreigner, not an American, who was the target of an authorized terrorism investigation.
This is false, through and through.
Section 215 expressly permits the government to obtain the business records of American citizens. Furthermore, it does not require that either foreigners or Americans be “targets” or suspects in a terrorism investigation before their business records may be obtained. It merely requires the executive branch to have reasonable grounds to believe the records are “relevant” in some way to a national-security investigation — not to prove that it has such grounds, but merely to state that such grounds, in the executive’s judgment, exist.
This may sound like a subtle difference, but it is not. We are talking here about the most intensely debated terms in all of the PATRIOT Act, not just its business-records section (which, you may remember, was heatedly fought over in the context of library records). The provision reads the way it does — as anyone who actually wrote it would know — because partisans of the traditional constitutional supremacy of the executive branch in national-defense matters prevailed over progressives and libertarians who wanted to put the judges in charge of intelligence gathering.
Don’t take my word for it — any more than I am taking Representative Sensenbrenner’s. PATRIOT Section 215 is codified in the U.S. Code at Title 50, Section 1861, and is readily accessible online (e.g., here). With respect to the acquisition of business records, including phone-usage records, pertaining to Americans and foreigners, it states in subsection (a)(1):
. . . the Director of the Federal Bureau of Investigation or a designee . . . may make an application for an order requiring the production of any tangible things (including books, records, papers, documents, and other items) for an investigation to obtain foreign intelligence information not concerning a United States person or to protect against international terrorism or clandestine intelligence activities, provided that such investigation of a United States person is not conducted solely upon the basis of activities protected by the first amendment to the Constitution. [Emphasis added.]
As you can see, not only does the business-records provision clearly permit the government to get an American’s business records; it explicitly speaks of authorized investigations that target American citizens (“United States persons” — a category that includes both U.S. nationals and lawful permanent resident aliens).
Let’s parse this subsection. It covers three kinds of authorized investigations: (1) those to obtain foreign intelligence, (2) those to protect against terrorism, and (3) those to protect against clandestine intelligence activities. The first category is the broadest — including all manner of foreign intelligence (e.g., what are those European banks up to?), not just information about hostile threats to our country. So the statute expressly provides that the intelligence must really be foreign — i.e., that it must “not concern[] a United States person.” After all, if the intel sought relates to an American, there is good reason to doubt it is foreign intel.
But the more narrow categories of terrorism and spying (“clandestine intelligence activities”) are markedly different. If intel is sought with a general purpose to protect the nation from these perils, the statute expressly provides that Americans may be investigated — again, not just that their records may be sought, but that they may actually be the targets of the investigation. The only limitation is that the investigators’ interest may not be triggered solely by First Amendment–protected activity. More concretely, an American citizen like the late al-Qaeda operative Anwar al-Awlaki may not be investigated solely based on, say, his political dissent or his religious affiliation. But if informants report to the FBI that he’s been urging violent jihad in a mosque, he may be investigated — he is not immunized by virtue of his U.S. citizenship, anti-American politics, or adherence to Islam.
The presentation of a business-records application to the FISA Court is covered by subsection (b), which directs the FBI to include “a statement of facts showing that there are reasonable grounds to believe that the tangible things sought are relevant to” one of the three types of “authorized investigation” described above (to repeat: general foreign intel, terrorism, and spying). Again, there is no requirement that the person whose records are sought be a target or suspect.
In subsection (b)(2), Congress provided three broad examples of how business records could be “presumptively relevant” to an authorized investigation. These involve records that “pertain to” (i) “a foreign power or an agent of a foreign power”; (ii) “the activities of a suspected agent of a foreign power who is the subject of such authorized investigation”; or (iii) “an individual in contact with, or known to, a suspected agent of a foreign power who is the subject of such authorized investigation.” Notice, however, that the statute frames these as nonexclusive examples of how records could be relevant. Significantly, there is no hard limitation on what the executive branch may deem to be “relevant.”
This is the crux of Representative Sensenbrenner’s dissembling. He and his fellow lawmakers could have tried to draw strict limits, as Sensenbrenner now feigns having done. They could have tried to stipulate that Congress’s three examples were not mere examples (“presumptively relevant”) but were, instead, exclusive guidelines — i.e., that nothing would be considered “relevant” for purposes of acquiring business records unless it pertained to (as in shed light on) the activities of foreign powers and their agents as described above in (i), (ii), and (iii). But they did not do that.
I say they could have “tried to” do it, rather than just done it, because it is by no means certain that the PATRIOT Act would have passed under such conditions. In the heat of today’s metadata controversy, it is hard to put ourselves back in the mindset of PATRIOT’s 2001 enactment and 2006 reauthorization. But let’s try.
The bone of contention back then was not the likelihood or propriety of assembling massive databases relating to Americans who have nothing to do with terrorism. It was over the control of national defense: Should the president or the judiciary have the final say on what is required for our security against foreign threats? In the spirit of the times, national-security conservatives were dominant. Intelligence gathering, traditionally, constitutionally, and for practical reasons, is an executive responsibility. It was highly improbable that any strict limitations effectively shifting control of it to the courts were going to fly. That is why the PATRIOT Act reads as it does. And no one was hoodwinked about that. This was a high-profile, knock-down, drag-out fight that went on for years — in government, academia, and the punditocracy — until PATRIOT was finally reauthorized in March 2006.
Sensenbrenner is disingenuously portraying the debate over the PATRIOT Act as a simple matter of black and white, as if he had been out there at the time saying, “Just go after alien terrorists and leave Americans alone.” Not even close. To draft the PATRIOT Act was to thread a needle that (a) freed the executive branch aggressively to pursue terrorists who insinuate themselves into our society while plotting to kill us, but (b) also enhanced civil-liberties protections.
Here is the salient point today’s revisionist historians miss: Civil-liberties protections were not eviscerated — far from it. They were back-ended, where they would do the most good without stopping the government from collecting — not scrutinizing but just collecting — potentially useful information.
Here, it bears emphasizing, much as it pains libertarians to be reminded, that we are talking about information that is not protected by the Fourth Amendment. We are not talking about the constitutional categories (your person, your home, your private papers and personal effects) in which — absent a few “special needs” recognized in our jurisprudence — the government may not seize property in the first place. When it comes to those Fourth Amendment categories, the government does not get to say, “We’ll take your property but we promise not to look at it unless we have a good reason.” Instead, we are talking about information that is the property of third parties, like phone-usage data maintained by service providers. When it comes to third-party records, the Fourth Amendment allows the government not only to seize but also to scrutinize them without a warrant.
The PATRIOT Act, however, does not. To be sure, its framework gives the FISA Court little power to prevent the executive from collecting potentially relevant information. But after collection, minimization strictures are imposed to restrain the executive from scrutinizing what it has collected.
First of all, what is collected is not even identifiably a particular user’s records unless more is done to put a name on a number. The government must get FISA Court permission, based on individualized suspicion, to review a person’s phone usage. Only an infinitesimal percentage of the records are ever scrutinized — of the millions collected, only 300 were reviewed last year. And records are continuously purged: The government must destroy records within five years. The NSA must report to the court on the program every 30 days, and the court’s authorization orders lapse every 90 days unless the court renews them.
This ongoing judicial review is in addition to continuous congressional oversight — particularly by the judiciary committee on which Sensenbrenner still sits, as well as the intelligence committee. As former vice president Dick Cheney pointed out in a Fox News interview last Sunday, the suddenly controversial NSA programs have been ongoing for a decade. When the programs began, Cheney and intelligence-community higher-ups briefed congressional leaders on what the NSA was up to — and it is hard to imagine that a longtime insider like Sensenbrenner, who claims to have written the law that makes the program possible, was kept in the dark.
Moreover, the judiciary and intelligence committees receive regular reports and briefings, besides having access to the applications and judicial opinions related to the program about which Sensenbrenner, suddenly, claims to be shocked. Indeed, at a Judiciary Committee hearing last week, Sensenbrenner’s longtime senior Democratic counterpart, Jerrold Nadler — while endeavoring to argue that former NSA contractor Edward Snowden had not really done material damage by leaking the program — observed that the record-collection had been common knowledge on Capitol Hill for years:
I don’t understand how national security was breached [by Snowden’s leak]. We knew publicly from 2006 at least, from a report in the USA Today on May 11, 2006, about the — basically the existence of a massive NSA database of . . . metadata from domestic phone calls. That was reported back then. We debated it in this committee and on the floor of the House in connection with the reauthorization I believe in 2012 and in 2008, at least several times, so that was known publicly.
There is nothing illegal or groundbreaking in the NSA’s metadata collection. Congressman Sensenbrenner came close to admitting as much when he told Sean Hannity that “we’re going to have to have some changes in Section 215 and maybe in the law that authorizes the FISA Court to do what it has done.” If government officials were actually violating the law, as Sensenbrenner alleges, there would be no reason to amend it — the problem would be corrupt officials, not the statute he purports to have so carefully written.
PATRIOT’s business-records provision is scheduled to sunset in two years. There is a worthy debate to be had about whether wartime defense measures should outlast a war President Obama proclaims is over (even if the enemy has not gotten the memo), and about whether government has gotten too bloated and untrustworthy to execute national-defense programs that demand efficiency and a degree of trust. Furthermore, regardless of what our lawmakers have long known about the metadata and other NSA programs, the public is genuinely surprised to learn that data about all of us is being collected. The government has not adequately explained why it is necessary to have files on 300 million people in order to track a statistically undetectable sliver of terrorists. Until that explanation is forthcoming, you don’t even get to the matter of whether our law strikes the right balance between security and privacy.
These are serious questions and they cry out for a serious discussion. That discussion is not advanced by exaggerated claims of authorship, error-ridden descriptions of statutory terms, and unfounded accusations of lawlessness. Congressman Sensenbrenner ought to know better.
— Andrew C. McCarthy is a senior fellow at the National Review Institute. He is the author, most recently, of Spring Fever: The Illusion of Islamic Democracy.