The Senate Intelligence Committee has passed a bill from Dianne Feinstein (D-CA) that will ostensibly reform the NSA's surveillance. But the bill, which passed 11-4, is largely aimed at preempting more substantial legislation while making minor changes to the agency's mass collection of American call records. Called the FISA Improvements Act, it prohibits bulk collection of phone metadata, except under certain circumstances — which aren't much different to the rules under which the NSA already operates.
The bill, which has been summarized at Feinstein's site, wouldn't substantially change the existing procedure for collecting data. The "improvements" instead appear to be in who can make queries. It calls to limit the number of people who can authorize a query, and says that the NSA must keep a record whenever it examines information with "reasonable articulated suspicion" (an existing standard in the agency.) These must be presented to the FISA Court, which will be able to order the destruction of reviewed data it doesn't think meet the standards (as has already happened after a FISC review.) It would also limit the number of "hops," or numbers connected to the original query, that the NSA can analyze (the agency has previously said it stops at three hops.)
Feinstein's bill could further codify a controversial program
Feinstein's bill also introduces more oversight, at least on paper. Every year, the NSA would have to release the total number of queries it made of the metadata system, along with how many led to a court order or a formal FBI investigation. The policy for intelligence collection abroad under an executive order would have to be reviewed every five years, and the FISA Court can call in outside parties to help examine specific cases. Practically speaking, though, it would also codify the NSA's ability to perform bulk collection of phone records — something it currently does under a somewhat vague interpretation of the FISA Amendments Act's Section 215.
What appears to be the most extreme part of the legislation isn't actually aimed at the NSA itself at all. Instead, it would establish criminal penalties of up to ten years for people who willfully access unauthorized information. If enforced, that would be a sharp change from the punishments described in an earlier document: most people who accessed unauthorized information were either demoted or stripped of security clearance, and several retired instead of facing other disciplinary action. But those cases, at least based on the NSA's releases, are relatively few, and the change would establish yet another law to allow the prosecution of whistleblowers like Edward Snowden.
The FISA Improvements Act stands in opposition to Senator Patrick Leahy's (D-VT) USA FREEDOM Act. Leahy's bill would require the NSA to establish that information was "relevant and material to an authorized investigation into international terrorism or clandestine intelligence activities" before collecting it, essentially banning the bulk court orders currently sent to telecoms. It would also set the FISA Amendments Act to expire in 2015 rather than 2017, giving opponents a chance to vote it down within the next two years. The bill, introduced two days ago, remains in committee.