Congress Is About to Renew Mass Surveillance With Zero Reforms

In 29 days, one of the most powerful surveillance authorities in American history will either expire or be renewed. Section 702 of the Foreign Intelligence Surveillance Act allows U.S. intelligence agencies to collect the communications of foreign targets without a warrant. In practice, it also sweeps up enormous volumes of Americans' emails, phone calls, and text messages when those communications cross paths with foreign targets.

Congress has the opportunity to add safeguards. Instead, House Speaker Mike Johnson confirmed that leadership plans to move a "clean extension" for at least 18 months, renewing the program exactly as it exists today without a single reform.

What Section 702 Actually Does

Section 702 authorizes the NSA to compel internet service providers and email platforms to hand over communications of foreign intelligence targets located outside the United States. The data collected includes emails, instant messages, voice calls, and any digital communication that passes through American infrastructure.

The problem is scope. Because the internet routes traffic through shared infrastructure, collecting a foreign target's communications inevitably captures messages from Americans who communicate with that target, or whose messages simply transit the same servers. This "incidental collection" creates a vast database of American communications that the FBI, CIA, and NSA can search without obtaining a warrant.

The scale is not hypothetical. The FBI's warrantless searches of this database jumped 35% last year, with documented searches targeting peaceful protesters, federal and state lawmakers, Congressional staff, thousands of campaign donors, journalists, and a judge who reported civil rights violations by local police.

The Reforms Congress Is Skipping

Three reform bills sit before Congress right now: the SAFE Act, PLEWSA, and GSRA. None is perfect, but all are significantly better than the status quo. Here is what a clean extension leaves on the table:

• No warrant requirement for American data: During the 2024 reauthorization debate, an amendment requiring warrants before searching Americans' communications failed by a single vote: 212 to 212 in the House. That reform is still not included.
• No fix for the data broker loophole: Intelligence agencies can currently buy Americans' location data, web browsing history, and communications metadata from commercial data brokers, bypassing the warrant process entirely. The FBI confirmed it buys location data without warrants, and a clean extension does nothing to close this backdoor.
• No limits on compelled assistance: The 2024 Reforming Intelligence and Securing America Act (RISAA) expanded the definition of "electronic communications service provider" to include a much larger group of companies and individuals who can be forced to assist with surveillance. Data centers, cloud providers, and potentially any business that operates networking equipment could be compelled to cooperate. This expansion remains untouched.

Why the Clean Extension Is Happening

Senator Tom Cotton, chair of the Senate Intelligence Committee, has argued that an 18 month clean extension provides time to assess whether the 56 reform measures included in RISAA are working. The current administration supports this position, framing it as continuity during a period of elevated threats, particularly citing the ongoing military operations against Iran.

Privacy advocates counter that this argument has been recycled every time Section 702 comes up for reauthorization. The program was first authorized in 2008, and in the 18 years since, Congress has never added a warrant requirement for American data. Each extension kicks the same reforms further down the road.

What This Means for Your Communications

If you send emails to anyone outside the United States, your messages can be collected under Section 702. If you use a cloud email provider that routes traffic through American data centers, your communications may be swept up regardless of where you are. The FBI can then search that database for your messages without a warrant, without notifying you, and without judicial oversight in most cases.

The data broker loophole makes this worse. Even if the government cannot directly collect your domestic communications under Section 702, it can purchase your location data, browsing history, and communication patterns from commercial brokers who harvested it from apps on your phone. The practical result is comprehensive surveillance that technically complies with the letter of the law while violating its spirit.

What You Can Do Before April 20

The EFF and other civil liberties organizations are urging Americans to contact their representatives before the vote. Here is what matters:

• Call your representatives: Tell them you oppose a clean extension and support the SAFE Act or similar reform legislation that includes a warrant requirement
• Use encrypted communications: End to end encrypted email and messaging services like Signal and ProtonMail protect the content of your messages even if they are collected under Section 702
• Minimize your data broker footprint: Opt out of data brokers that sell your information to reduce what the government can purchase through the data broker loophole
• Block email tracking: Tracking pixels in marketing emails confirm your identity, location, and reading habits. This data can end up in broker databases that are accessible to intelligence agencies

Section 702 was designed to target foreign intelligence threats. But without a warrant requirement, it has become a tool for domestic surveillance of Americans who are not suspected of any crime. The April 20 deadline is the last chance to change that before the program is locked in for another 18 months. For context on how dramatically government data requests have scaled, see our analysis of the 770% surge in Big Tech data disclosures.