National Security Surveillance on U.S. Soil Dropped Again in 2021, Report Says



WASHINGTON — Court-approved national security surveillance on domestic soil fell for the third straight year in 2021, extending a trend that has coincided with the decline of the Islamic State, the rise of the Covid-19 pandemic and the tightening of procedures after the F.B.I.’s botching of wiretap applications in the Trump-Russia investigation.

There were 376 targets of court-approved wiretaps and physical search orders under the Foreign Intelligence Surveillance Act, or FISA, in 2021, according to declassified data in a new report by the Office of the Director of National Intelligence. The report estimated that of those, about 309 were foreigners on domestic soil, and about 67 were U.S. citizens, American companies or lawful permanent residents.

The total number of targets was the lowest yet in the nine years the office has released annual reports disclosing figures about the government’s use of national security surveillance powers. As recently as 2018, there had been about 1,833 targets of FISA orders. In 2019, that figure dropped to about 1,059, and in 2020, there were about 451.

The Office of the Director of National Intelligence began issuing annual reports about its use of surveillance powers after the fallout from the 2013 leaks by the former N.S.A. contractor Edward J. Snowden. His disclosures prompted a broad public debate about the scope and limits of government monitoring of communications and data for national security reasons.

In a briefing with reporters on Friday, Benjamin T. Huebner, the chief civil liberties, privacy and transparency officer at the intelligence director’s office, said that no one factor explained the fluctuations in FISA numbers. But, he said, the reduction in travel during the pandemic and changing terrorism threats worldwide contributed to the decline.

“The Covid-19 pandemic likely influenced target behavior — as it did last year — and those changes were one of the factors influencing the numbers this year,” Mr. Huebner said, adding that the drop could also be partly attributed “to the changing nature of the threat from certain international terrorism groups during this time period.”

Senior law enforcement officials expressed uncertainty about whether the fallout from a 2019 inspector general report uncovering flaws in FISA applications to wiretap a former Trump campaign adviser with ties to Russia had been a factor. The problems prompted the government to impose new bureaucratic requirements to ensure applications are accurate, but officials said no one had studied whether F.B.I. agents were now more reluctant to use FISA.

At the same time, the new report showed that the National Security Agency’s use of its warrantless surveillance powers, under a provision known as Section 702 of the FISA Amendments Act, reached a new high. Under the provision, eavesdropping on foreigners abroad who use American-based providers like Google and AT&T is allowed without requiring individualized court orders.

There were about 232,000 targets of so-called 702 surveillance in 2021, the report said — the largest such number yet in the report’s history. That resumed a steady climb in such targets, which had dipped slightly, to about 203,000, in 2020 — the first year of the pandemic — from the previous high of 205,000 in 2019.

One of the debates that flared up around the Snowden leaks was the issue of communications involving Americans that the government collects without a warrant as an incidental byproduct of its foreign intelligence surveillance. For example, if a foreigner abroad who is targeted by the warrantless surveillance program communicates with an American, the government will collect that American’s emails to and from the foreign target.

This year, for the first time, the report included some information about a question that members of Congress have long asked: how often the F.B.I. has searched its 702 surveillance repository using the identifiers of Americans, like their names, phone numbers and addresses.

The F.B.I. has long said its systems were not set up to provide an accurate count, but this year’s report provided a stab at it. Still, the figure’s significance was murky.

Specifically, the report said that F.B.I. analysts had queried the repository using an American’s identifier fewer than about 3.4 million times from December 2020 to November 2021. That is up from fewer than about 1.3 million during the previous 12-month period.

The meaning of those numbers is clouded, however, because of how the F.B.I. compiled them. A batch query that used 100 identifiers as search terms, only one of which was that of an American, would count 100 times. A search for information about a single American target, using 10 email addresses and phone numbers associated with that target, would count 10 times. Repeating such a query would make all those numbers count anew.

A senior F.B.I. official at the briefing also said that the increase to about 3.4 million from 1.3 million over the two-year period stemmed from a single investigation: In early 2021, the official said, intelligence arose suggesting that Russian hackers were trying to compromise some type of U.S. critical infrastructure that the official declined to identify.

Agents, the officials said, assembled a pool of 1.9 million identifiers associated with that type of infrastructure and then ran large batch queries of the F.B.I.’s 702 repository to see if it contained any information that might help identify the Russian hackers’ specific targets so the government could warn them. The official declined to say more about that inquiry.

The ability of government officials to search for Americans’ communications swept up without a warrant in the 702 program has been a matter of recurring controversy. While analysts at agencies like the C.I.A. and the N.S.A. are permitted to query the repository using Americans’ identifiers only for foreign intelligence purposes, the F.B.I. can also do so for criminal inquiries.

Privacy and civil liberties advocates call that practice the “backdoor search loophole,” since it enables the government to read private messages of Americans that it collected without a warrant. In early 2018, when Congress reauthorized a 2008 law that legalized the warrantless surveillance program, lawmakers required the F.B.I. to obtain a court order before looking at any material that came up in response to such a query for a purely criminal investigation.

The F.B.I. has never sought such an order, however. This year’s report said overseers identified — and reported as compliance incidents to the Foreign Intelligence Surveillance Court — four occasions in 2021 when agents had looked at such material without the required order. That had been a problem in previous years, too.

A senior F.B.I. official said in the briefing that the four incidents stemmed from confusion by the agents about whether their query was connected to an open criminal investigation in another office, or a misunderstanding over whether the query was related only to evidence of a crime or if it had a foreign-intelligence purpose as well.