Section 702: Why Do We Need It?

Section 702 of the Foreign Intelligence Surveillance Act allows the National Security Agency (NSA), Central Intelligence Agency (CIA), Federal Bureau of Investigation (FBI), and National Counterterrorism Center (NCTC) to collect communications between foreigners overseas. Those last two words are the most important: The program only allows the Intelligence Community to read the communications of non-U.S. persons who are outside the borders of the United States. Congress must decide by April 30 whether to renew the program again, let it lapse, or make sweeping, potentially dangerous reforms to this longstanding authority, including adding a requirement for a warrant before a search. The right answer is a straightforward reauthorization that allows full evaluation of recent reforms before making additional changes.

Q1: How did Section 702 become one of the United States’ most valuable intelligence tools?

A1: Lawmakers first established Section 702 in 2008, when it was clear that terrorist groups outside the United States were using U.S.-based telecoms infrastructure to communicate. This was an accident—and a benefit—to U.S. innovation and excellence in the IT sphere. Even terrorist groups recognized that U.S. companies provided the best email services.

Lawmakers decided that those communications are a legitimate target for U.S. intelligence agencies like the NSA, even though they passed through infrastructure in the United States. In the era of internet-based communications, there were no borders to electronic transmission. However, lawmakers also recognized that U.S. citizens, who are protected from intelligence surveillance, were using those same pipes and could not be distinguished from foreign sources—no one adds their citizenship to their email address.

Thus, Congress wanted additional oversight on the collection. They wanted extra protections in place to protect the communications of U.S. citizens. For example, they specifically moved away from “bulk” data collection and instead required that Section 702 users already have a specific email address or phone number to search the collection in a laser-targeted way.

With these protections in place, the program has been hugely impactful. It has prevented terror attacks; it has also thwarted international criminal groups, Russian cyberattacks, Chinese spies, and fentanyl trafficking. FBI has used its ability to run searches to warn victims of cybercrimes and targets of espionage. As George Croner wrote in a recent piece:

During the last reauthorization debate in the 2023–2024 cycle, the government reported that this single collection asset supported 60 [percent] of the articles in the President’s Daily Brief; that 70 [percent] of the CIA’s illicit synthetic drug disruptions with foreign partners stemmed from Section 702 data; that 70 [percent] of the CIA’s successful weapons and counterproliferation disruption derived from Section 702 data; and, that 100 [percent] of the president’s intelligence priorities topics reported on by NSA were supported by Section 702–derived intelligence.

Congress—with the support of presidents from both parties—renewed the program in 2012, 2018, and 2024. When President Donald Trump signed the 2018 renewal during his first term, he said he would have preferred to make Section 702 permanent. This year, he has supported a clean reauthorization of the program, saying Section 702 is “one of the reasons we have had such tremendous SUCCESS on the battlefield.” In other words, the government wants to extend it, as is, for several years. This is the right policy. The last round of reforms has honed compliance, and FBI has proven it can use the program responsibly.

Q2: If the program is so effective, why is it so controversial?

A2: The program’s critics say it is an overreach of government authority and puts the privacy rights of U.S. persons at risk. They argue that U.S. persons’ data gets collected alongside that of foreign entities. For example, if foreigners outside the United States are communicating with U.S. persons, those communications turn up in the queries as well. Congress understood this risk when it created the program. The same piece by Croner puts it this way: “Congress has always recognized that ‘it is simply not possible to collect intelligence on the communications of a party of interest without also collecting information about the people with whom, or about whom, that party communicates including, in some cases, non-targeted U.S. persons.’”

That collection, once lawfully collected in U.S. government systems, can provide key insights for foreign threats that pass into the domestic space. One of the findings of the 9/11 Commission was that foreign intelligence agencies knew part of the picture, and FBI knew part of the picture, but they had failed to connect the dots across the seams in U.S. authorities. Section 702 solves that problem: FBI now knows what vector a terrorist might be using to execute a plot inside the United States. For non-terrorism applications, FBI also knows who the victims of a hacking crime might be, or who might be the target of a Chinese intelligence operation. They can use that information to alert victims, now even more often than they catch terrorists.

Critics want a high bar for FBI access to this data and suggest severely restricting FBI’s ability to run these searches by requiring a warrant before the search.

Q3: Why is a warrant unnecessary for a search?

A3: Critics of Section 702 suggest that a query of Section 702 data is a “search” under the Fourth Amendment. However, this reading of the law is wrong. The government is not required to obtain a warrant to read information it already lawfully owns. To use a noncommunications analogy, if FBI is investigating a person for tax fraud, they do not need a warrant to get his tax returns from the Internal Revenue Service. Those forms already belong to the government, and they were lawfully obtained. The U.S. Foreign Intelligence Surveillance Court (FISA Court) has held four times that an FBI query of Section 702 is not a separate Fourth Amendment event from the original collection, which was legal. The appeals court upheld those findings.

In addition, the courts have concluded that a “foreign intelligence exception applies to the Fourth Amendment’s warrant requirement because (a) the national security purpose behind the surveillance transcends ordinary law enforcement purpose, and (b) there is a high degree of probability that a warrant requirement would hinder the government’s ability to collect time-sensitive information impeding vital national security interests.” 

Separate from being not legally necessary, Section 702 warrants are also impractical. FBI needs probable cause to get a warrant. Probable cause comes when you have evidence of a crime, and FBI only knows that a person might be involved in espionage or terrorism if they find their communications in a Section 702 collection. By that rationale, if FBI collects an email from a known terrorist in Syria, and that Syrian terrorist is emailing a person in California, FBI cannot search for additional communication between the two of them without a warrant. FBI will not get the warrant because an email is not enough to create probable cause. It is an investigative dead end.

The question comes down to weighing which risk is more palatable. This is a hard choice, because information is imperfect and the stakes are high. On the one hand is a risk that an American is being victimized by a malevolent actor or that a terrorist plot is underway. On the other hand is the risk that a number of Americans’ privacy rights are infringed upon. But how many? Millions? Thousands? Glenn Gerstell has attempted to deduce a number: In 2025, FBI ran 7,413 queries of Section 702 data. Of those queries, only about a quarter, or around 2,000, actually returned a result. Even if each of those queries was regarding a distinct U.S. person, which is highly unlikely, that means fewer people’s emails were exposed to FBI in an entire year than died in one day on 9/11. Gerstell makes the strong argument that “When Congress weighs bolting a deeply questionable warrant requirement onto one of the nation’s most important national security statutes, it should keep in mind how many people would potentially be afforded such a ‘protection’ and what exactly the benefit would be.”

Q4: What are some recent enacted reforms to Section 702?

A4: Even the staunchest proponents of Section 702 are still eager to see it comply with the highest ethical standards. After concerns emerged in 2021 that FBI had made mistakes in the administration of the program, the bureau enacted internal reforms to more strictly adhere to requirements. The Reforming Intelligence and Securing America Act (RISAA) codified many of these reforms, piling on top of those enacted in 2018. These were meant to enhance oversight, make it harder for FBI to make mistakes in querying, and train agents extensively on the requirements of the program. Further, RISAA prohibited FBI from querying Section 702 data for criminal purposes only, requiring instead that there be a national security nexus to the crime, and it required an FBI attorney or supervisor to approve every search as narrowly tailored and justified. That justification also needed to be written, for better tracking of trendlines, and after the search, FBI and the Department of Justice (DOJ)’s National Security Division lawyers must audit every search to ensure compliance. Of all the surveillance capabilities in the U.S. government, that is an extraordinary level of oversight and restriction.

Q5: What other reform ideas are out there, and would they work?

A5: Despite the enormous success of the RISAA reforms, some are calling for more. Additional tweaks are harder and harder to come by; much like slicing salami, the cuts can only get so thin before you slice your own finger. Ideas below are big changes that would have a significant downside but would further limit the potential for U.S. persons’ information to emerge:

1. Cut FBI out of accessing Section 702 data: This is a nuclear option. It would prevent a law enforcement agency from seeing U.S. persons’ data via this collection stream, but it would also severely restrict FBI’s ability to disrupt plots or notify victims of cybercrimes. CIA, NSA, and NCTC would maintain their access, but only with their foreign-facing mandate.
2. Order a temporary FBI stand down while Congress commissions a six-month deep dive study: A commission could use congressional oversight power to explore FBI’s querying procedures and their requirements for access to the program’s data. They could report back and let Congress decide whether further action is warranted.
3. Establish a Blue Ribbon Congressional Commission on a wholly new version of Section 702: RISAA mandates a commission, and there has been some movement on this front. For instance, Senate Majority Leader John Thune, Senate Minority Leader Chuck Schumer, and House Minority Leader Hakeem Jeffries each appointed their respective members between April 2025 and March 2026. As a result, the commission now has a quorum and can begin its work
4. Appoint a Section 702 “librarian” to manage the flow of all information through FBI: This approach would ensure that only true Section 702 experts with full knowledge of the rules can access the data. However, it would slow down FBI’s capability to explore connections between foreign threats and U.S. actors. The librarian would ensure that any FBI agent requesting data has followed all necessary procedures and could also be the keeper of the statistics on queries, results, and successful disruptions or notifications. This is only slightly different from the current requirement for lawyer or supervisor approval of a search; it would be one central authority rather than a distributed authority.
5. Restrict FBI searches to victim notification only: Congress could further restrict FBI’s searches to one purpose: identifying victims. This would allow searches to determine the scope of a cyber breach or the intent of a foreign intelligence officer seeking to recruit a new asset. Drawing this distinction would likely be difficult in practice.

One counterproductive idea is to identify every U.S. person who has appeared in a Section 702 search. NSA or FBI would need to find every email address or phone number and match it to a specific person, then figure out whether that person is a resident of the United States, likely by identifying where they live. From a relatively anonymous email address in a database, FBI has now dug up a name and an address. This is not a useful exercise—it is a far more massive invasion of privacy than the original search.

This provision of the FISA law has—unnecessarily—become a political issue. Those who continue to push for reform of the program rarely do so because they want to fix it; rather, they want to be a hero to a certain constituency that zealously demands limited government power. What this group does not realize is that Section 702 is already severely restricted. Their time would be better spent on other issues that represent far worse abuses. The Section 702 program offers minimal risk in exchange for maximum national security benefit, with robust oversight established over 18 years. Throwing out that progress would leave the United States vulnerable to both privacy invasions and hostile acts.

Emily Harding is director of the Intelligence, National Security, and Technology Program and vice president of the Defense and Security Department at the Center for Strategic and International Studies.