Margo Schlanger’s article, Intelligence Legalism and the National Security Agency’s Civil Liberties Gap, is an important contribution to both administrative and national security law. She explains in illuminating detail how the NSA, the hub of so much controversial electronic surveillance activity, is not a rogue enterprise, but deeply enmeshed in and committed to a complex regime of legal compliance. The question she poses is why so elaborate a compliance system is seemingly ineffective in advancing civil liberties values more robustly. Her argument is thematically related to an earlier and equally thoughtful paper, Offices of Goodness: Influence Without Authority in Federal Agencies (reviewed here), which likewise explored the difficulties for administrative agencies in honoring overarching values that are relevant to their programs, but which may appear as orthogonal to a particular agency’s specific primary objectives. (Think about the Department of Transportation promoting park land conservation or the Army Corps of Engineers protecting endangered species.)
Professor Schlanger argues that, within the NSA, the applicable legal rules are insufficient to induce a proper balance between the likely security gains from a particular surveillance initiative and the privacy and civil liberties risks and costs entailed in that initiative. Constitutional restrictions won’t produce the optimal balance between costs and benefits because the scope of constitutional rights doesn’t turn on that balance. Policy is not a major factor driving constitutional interpretation concerning the scope of individual privacy rights, especially where courts may not fully grasp the privacy implications of programs under review. (And, of course, private lawsuits are likely to exert little leverage over the intelligence community because the state secrets doctrine will insulate many government practices from effective—or any—judicial challenge.)
Statutes don’t fill the normative gap because the relevant provisions, chiefly embodied in the Foreign Intelligence Surveillance Act (FISA), as amended, are procedural, not substantive. There is no statutory requirement for a careful calibration of surveillance versus privacy.
FISA’s minimization requirements— “rules ‘designed to protect, as far as reasonable, against the acquisition, retention, and dissemination of nonpublic information which is not foreign intelligence information’ that ‘concern[s] unconsenting United States persons’” —do have the impact of subjecting the NSA to a degree of judicial oversight via the Foreign Intelligence Surveillance Court (FISC) that is unusual for a federal agency. These rules, however, are likewise procedural. They do not entail a case-by-case assessment of whether the government is risking more privacy than is necessary to achieve a valid security goal or whether the anticipated privacy and civil liberties risks and costs associated with a particular program are too great to justify the projected set of security gains.
Professor Schlanger’s worry, however, is not simply that law does not do the normative work that ought to accompany the design of surveillance programs. She worries that the ethos of intelligence legalism actually crowds out the normative evaluation that is necessary to achieve optimal surveillance policy. The devotion of so much time and effort and staffing to legal compliance induces a kind of complacency about underlying policy wisdom. She writes: “Legalism legitimates liberty-infringing programs. And its relentless focus on rights and compliance and law (with a definition of law that includes regulation, executive orders, court orders, etc.) has obscured the absence of what should be an additional focus on interests, or balancing, or policy.”
What Professor Schlanger means by intelligence legalism has three elements. First, surveillance planning is governed by substantive rules that are treated as laws demanding compliance, not initiative-by-initiative policy judgment. Second, judicial enforcement of the rules is narrowly limited. There is thus little oversight by authorities who do not feel some kind of deep allegiance to the agency program. Finally, the implementation of the applicable rules empowers lawyers to make the key legitimating decisions, which, in turn, heightens the importance of reasoned justification why proposed courses of action satisfy the procedural rules—but not policy analysis justifying or challenging any particular surveillance initiative. This legal activity, which involves a sizable contingent of lawyers spread among a labyrinth of offices, is most likely, in Schlanger’s judgment, “to move an organization towards [a] kind of nearly symbolic compliance than to effect any more significant constraint on executive activity, particularly with respect to a program important to the President.”
What the intelligence community needs, she argues, is some way of institutionalizing within the executive branch an effective means of insuring that policy makers confront the “Should we?” question, not just the “May we?” question when gathering private information in the name of national security. She reviews and applauds current efforts along these lines, such as the authorization within the NSA, as well as in the Office of Management and Budget and National Security Council staff, of individuals charged with advocating for privacy and civil liberties. She approves recommendations for the conduct of privacy and civil liberties impact assessments for various programs, as well as privacy-and-liberty-focused program reviews by the Intelligence Community’s Inspector General. She is hopeful also for positive impacts if some form of adversarial process were introduced to the FISC, through the creation of some kind of official advocate empowered to challenge the government’s applications for surveillance warrants.
There is yet much more food for thought in Professor Schlanger’s article than can be easily summarized in any brief précis—her lengthy and detailed description of what she calls the NSA’s “compliance and oversight ecosystem” is itself of enormous value. Especially thoughtful, however, is Professor Schlanger’s nuanced analysis of the subtle contextual factors likely to shape the success (or lack of it) of any of the institutional design improvements she champions. She has revealed why, regardless of good intentions, it will be tough to move from “ensuring that the NSA’s activities comply with the rules system that exists” to “assessing,” on an ongoing institutional basis, “whether the rules are appropriate, or whether conduct that is compliant with the rules might nonetheless be ill advised.”