945 F.3d 641

2d Cir.

2019

BACKGROUND

I. Allegations and Initial Proceedings

A. Initial Proceedings

B. Disclosure of Section 702 Surveillance, Withdrawal of Plea, and Motion to Suppress

II. Section 702 Surveillance4

A. "Targeting"

B. Collection

1. PRISM and Upstream Collection

2. Incidental and Inadvertent Collection

C. "Minimization"

D. Retention and Dissemination

E. Storage and Querying

III. The District Court's Denial of Hasbajrami's Suppression Motion

IV. Further Proceedings at the District Court

V. Proceedings on Appeal

DISCUSSION

I. "Incidental" Collection

A. No Warrant was Required

B. Incidental Collection of E-mails under Section 702 is Reasonable

II. "Inadvertent" Collection

III. Querying

IV. Hasbajrami's Conditional Plea and Resolution of the Motion to Suppress

CONCLUSION

Notes

UNITED STATES OF AMERICA v. AGRON HASBAJRAMI

Docket No. 15-2684-L; 17-2669-CON

UNITED STATES COURT OF APPEALS FOR THE SECOND CIRCUIT

Decided: December 18, 2019

August Term, 2018; Argued: August 27, 2018

LYNCH, CARNEY, and DRONEY, Circuit Judges.

UNITED STATES OF AMERICA, Appellee, - v. - AGRON HASBAJRAMI, Defendant-Appellant.

Before: LYNCH, CARNEY, and DRONEY, Circuit Judges.

Agron Hasbajrami was arrested at John F. Kennedy International Airport in September 2011 and charged with attempting to provide material support to a terrorist organization. After he pleaded guilty, the government disclosed, for the first time, that certain evidence involved in Hasbajrami‘s arrest and prosecution had been derived from information obtained by the government without a warrant pursuant to its warrantless surveillance program under Section 702 of the FISA Amendments Act of 2008. Hasbajrami then withdrew his initial plea and moved to suppress any fruits of the Section 702 surveillance. The district court (Gleeson, then-J.) denied the motion to suppress and Hasbajrami again pleaded guilty, this time pursuant to a conditional guilty plea that allowed him to appeal the district court‘s ruling denying his motion to suppress.

He now appeals, arguing inter alia that the warrantless surveillance and the collection of his communications violated the Fourth Amendment. We conclude that the collection of the communications of United States persons incidental to the lawful surveillance of non-United States persons located abroad does not violate the Fourth Amendment and that, to the extent that the government‘s inadvertent targeting of a United States person led to collection of Hasbajrami‘s communications, he was not harmed by that collection. [REDACTED] Because there is insufficient information in either the classified or the public record in this case to permit us to determine whether any such querying was reasonable, and therefore permissible under the Fourth Amendment, we REMAND the case to the district court for further proceedings consistent with this opinion.

MICHAEL K. BACHRACH, Law Office of Michael K. Bachrach, New York, NY, Joshua L. Dratel, Joshua L. Dratel, P.C., New York, NY, and Steve Zissou, Steve Zissou & Associates, Bayside, NY, for Defendant-Appellant Agron Hasbajrami.

SETH D. DUCHARME, David C. James, Saritha Komatireddy, Assistant United States Attorneys, Joseph F. Palmer, Attorney, National Security Division, United States Department of Justice for Richard P. Donoghue, United States District Attorney for the Eastern District of New York, Brooklyn, NY, for the United States of America.

PATRICK TOOMEY and Ashley Gorski, American Civil Liberties Foundation, New York, NY, Mark Rumold and Andrew Crocker, Electronic Frontier Foundation, San Francisco, CA, Amici Curiae American Civil Liberties Union and Electronic Frontier Foundation.

GERARD E. LYNCH, Circuit Judge:

This case concerns the Fourth Amendment implications of the government‘s increasing technological capacity for electronic surveillance in foreign intelligence and terrorism investigations, and the balance our constitutional system requires between national security and individual privacy.

On September 6, 2011, Defendant-Appellant Agron Hasbajrami (“Hasbajrami“) was arrested as he attempted to board a flight to Turkey at John F. Kennedy International Airport in Queens, New York. His luggage contained a tent, boots, and cold-weather gear. The government, which had collected Hasbajrami‘s electronic communications, charged him with attempting to provide material support to a terrorist organization, alleging that he intended to travel to the Federally Administered Tribal Area of Pakistan, where he expected to join a terrorist organization, receive training, and ultimately fight “against U.S. forces and others in Afghanistan and Pakistan.” App‘x at 44. During the course of the prosecution, the government disclosed that it had collected some of its evidence under the Foreign Intelligence Surveillance Act of 1978 (“FISA“), Pub. L. No. 95-511, 92 Stat. 1783 (1978), codified at 50 U.S.C. § 1801 et seq., and that it intended to introduce FISA-derived evidence at any eventual trial. Faced with the evidence, including his own incriminating communications, Hasbajrami ultimately pleaded guilty to attempting to provide material support to terrorists in violation of 18 U.S.C. § 2339A. He was sentenced to 180 months in prison.

Hasbajrami was already serving his sentence when the government provided him with a supplemental letter disclosing, for the first time, that some of the evidence it had previously disclosed from FISA surveillance was itself the fruit of earlier information obtained without a warrant pursuant to Section 702 of the FISA Amendments Act (“Section 702“), Pub. L. No. 110-261, 122 Stat. 2436 (2008), codified at 50 U.S.C. § 1881a.

It is that Section 702-derived evidence — primarily electronic communications between Hasbajrami and individuals without ties to the United States and located abroad — that is at issue in this appeal. Following the disclosure of Section 702 surveillance, the district court (John Gleeson, then-J.) permitted Hasbajrami to withdraw his plea; Hasbajrami subsequently moved to suppress all evidence seized by the government under its Section 702 programs, as well as any fruits of that surveillance, including the evidence obtained pursuant to FISA warrants and inculpatory statements Hasbajrami made upon arrest. The district court denied the motion to suppress, and Hasbajrami again pleaded guilty, reserving his right to appeal the district court‘s denial of his suppression motion.

The vast majority of Section 702 surveillance at issue here involves information the government collected about Hasbajrami incidental to its surveillance of other individuals without ties to the United States and located abroad. [REDACTED]¹

In light of that disclosure, and the evidence in the public and classified record, we reach three principal conclusions:

First, the “incidental collection” of communications (that is, the collection of the communications of individuals in the United States acquired in the course of the surveillance of individuals without ties to the United States and located abroad) is permissible under the Fourth Amendment. We therefore conclude, in agreement with the district court, that, at least insofar as the record available to the district court is concerned, the vast majority of the evidence detailed in the record was lawfully collected.

Second, the “inadvertent collection” of communications of those located within the United States (that is, the acquisition of communications accidentally collected because an intelligence agency mistakenly believes that an individual is a non-United States person located abroad and therefore targets that individual‘s e-mail address under its Section 702 authority) raises novel constitutional questions. We do not reach those questions today because we are satisfied that, to the extent such accidental collection occurred in this case, any information thus acquired did not taint the investigation or prosecution of Hasbajrami.

Third, querying databases of stored information derived from Section 702-acquired surveillance also raises novel and difficult questions. Querying, depending on the particulars of a given case (such as what databases are queried, for what purpose, and under what circumstances), could violate the Fourth Amendment, and thus require the suppression of evidence; therefore, a district court must ensure that any such querying was reasonable. But no information about any queries conducted as to Hasbajrami was provided to the district court, and the information provided to us on this subject is too sparse to reach a conclusion as to the reasonableness of any such queries conducted as to Hasbajrami.

Given these conclusions, further proceedings are necessary to determine (a) what (if any) evidence relevant to Hasbajrami was obtained by the government by querying databases, (b) whether any such querying violated the Fourth Amendment and, if so, (c) whether any such violation tainted other lawfully collected evidence. We therefore REMAND the case to the district court for further proceedings consistent with this opinion.

BACKGROUND

This appeal concerns the legal status of evidence of Hasbajrami‘s electronic communications with individuals located abroad, which was collected by the government without a warrant pursuant to the government‘s authority under Section 702. The background to this appeal may be easily summarized: Hasbajrami sought to suppress evidence the government acquired under Section 702, arguing that the government had violated his Fourth Amendment rights when it seized his communications without a warrant, and that those communications, and any information that the government later collected as the fruit of that initial warrantless surveillance, should therefore be suppressed. The district court declined to suppress the evidence, and Hasbajrami pleaded guilty while reserving his right to appeal the district court‘s decision.

But our disposition of the case turns in part on the particulars of how Section 702-acquired surveillance was used in Hasbajrami‘s prosecution; a fuller accounting of the facts of Hasbajrami‘s case and the nature of Section 702 surveillance is therefore necessary. First, we begin by describing Hasbajrami‘s arrest and the initial proceedings in which he pleaded guilty, the subsequent disclosure of Section 702 surveillance, Hasbajrami‘s withdrawal of his guilty plea, and his subsequent motion to suppress. Second, we describe in broad terms the operation of Section 702 surveillance. Third, we turn to the district court‘s discussion of the use of Section 702 evidence (that it was aware of) in this case, and its denial of the suppression motion. Finally, we describe the proceedings at the district court following its denial of the suppression motion, and the proceedings on appeal.

I. Allegations and Initial Proceedings

The conduct underlying Hasbajrami‘s prosecution occurred primarily between April and August, 2011. During that time, Hasbajrami communicated by e-mail with “Individual #1,” a non-American located abroad, who Hasbajrami believed was associated with a terrorist organization. In those e-mails, Hasbajrami discussed his interest in the group‘s terrorist operations, and Individual #1 instructed Hasbajrami how he could smuggle himself into Pakistan to join the organization. Individual #1 also detailed means by which Hasbajrami could send money to him and how Hasbajrami could contact him once he reached Pakistan. In discussing his plans to join Individual #1 in Pakistan, Hasbajrami also described his arrangements for traveling to Turkey, and his concern that his projected route from there to Pakistan might have been compromised.

Following an investigation by the agents of the Federal Bureau of Investigation‘s Joint Terrorism Task Force, Hasbajrami was arrested as he was about to board a flight to Istanbul, Turkey. His luggage contained a tent, boots, and cold-weather gear. Upon arrest, Hasbajrami made certain inculpatory statements.

A. Initial Proceedings

Hasbajrami was indicted on September 8, 2011, and charged with one count of providing material support to terrorist organizations. At the same time, and as required by statute, the government gave notice that it “intend[ed] to offer into evidence, or otherwise use or disclose in any proceedings ... information obtained or derived from electronic surveillance and physical searches conducted pursuant to [FISA].” See Notice of Intent to Use Foreign Intelligence Surveillance Act Information, United States v. Hasbajrami, 1:11-cr-623 (E.D.N.Y. filed Sept. 13, 2011), ECF No. 9.

In discovery, Hasbajrami was provided with evidence of his communications obtained pursuant to traditional FISA warrants,² and he

eventually pleaded guilty on April 12, 2012, to one count of providing material support to terrorists. He was sentenced to 180 months’ imprisonment.

B. Disclosure of Section 702 Surveillance, Withdrawal of Plea, and Motion to Suppress

After Hasbajrami‘s initial plea and sentencing, and while Hasbajrami was serving his sentence, the government disclosed that it had collected Hasbajrami‘s communications under Section 702 of the FAA.³ In a letter sent to Hasbajrami in February 2014, the government stated that “based on a recent determination,” it had concluded that the information obtained from FISA surveillance that the government had already disclosed “was itself also derived from other collection pursuant to Title VII of FISA [i.e., Section 702] as to which you were aggrieved.” App‘x at 31. The government stated that “certain evidence and information ... that the government intended to offer into evidence or otherwise use or disclose

in proceedings in this case was derived from acquisition of foreign intelligence information conducted pursuant to the FAA.” Id.

In response to that disclosure, Hasbajrami sought leave to withdraw his plea. The district court granted that motion, finding that Hasbajrami had “specifically asked [his counsel] about whether warrantless wiretaps had played a role in his case. After [counsel] informed him that such wiretaps were not part of the evidence, he was more willing to plead guilty. Thus, Hasbajrami seems to have been misled about a fact he considered important in deciding how to plead.” App‘x at 39. Furthermore, the government‘s misleading notice, according to the district court, prevented Hasbajrami from knowing that he could challenge the evidence against him on the grounds that Section 702 was unconstitutional. The court concluded that, prior to the letter disclosing Section 702 surveillance, Hasbajrami “was not sufficiently informed about the facts” to have “made an intelligent decision about whether to plead guilty[.] When the government provided FISA notice without FAA notice, Hasbajrami was misled about an important aspect of his case.” App‘x at 38. Accordingly, the court allowed him to withdraw the plea and reopened the case.

Hasbajrami then moved to suppress “the fruits of all warrantless FAA surveillance,” the motion that is at issue in this appeal. See Omnibus Motions at 8-9, United States v. Hasbajrami, 1:11-cr-623 (E.D.N.Y. filed Nov. 26, 2014), ECF No. 92 (“Suppression Motion“). He described what he sought to suppress, “the fruits of all warrantless FAA surveillance,” as including:

all evidence and information derived as a result of Title VII warrantless FAA surveillance;
all evidence and information “obtained or derived from Title I and Title III FISA collection ... [that was] itself also derived from other collection pursuant to Title VII” of the FAA;
Hasbajrami‘s custodial statements; and
Any other evidence and information that the Government could not have obtained in this case through an independent source.

Id.

To properly understand the scope of Hasbajrami‘s motion, however, it is necessary to describe the statutory framework underpinning Section 702 surveillance and the way in which the program operates in practice.

II. Section 702 Surveillance⁴

In order to ensure national security, the United States maintains several programs aimed at the surveillance of those who pose threats to its safety. These programs each draw on a wide variety of authority, including executive orders, statutory provisions, and agency procedures and guidance. See generally Diana Lee, Paulina Perlin & Joe Schottenfeld, Gathering Intelligence: Drifting Meaning and

the Modern Surveillance Apparatus, 10 J. of Nat‘l Sec. L. & Pol‘y 77 (2019) (describing several separate authorities for surveillance, including FISA and Section 702, each with separate operating standards). Hasbajrami‘s appeal specifically implicates the government‘s statutory authority under FISA, first enacted in 1978, and more specifically the amendments to FISA, including Section 702, enacted in 2008.⁵

FISA was first enacted in response to revelations about the government‘s electronic surveillance of the domestic communications of United States citizens. See David S. Kris & J. Douglas Wilson, National Security Investigations and Prosecutions § 3:7 (“Kris & Wilson“). “Traditional FISA” surveillance, as surveillance under the FISA has come to be known following the enactment of the FAA in 2008, governed surveillance inside the United States, in the context only of national security investigations rather than domestic criminal prosecutions. See id. § 4:2. For those national security investigations, FISA established procedures governing the collection of information derived from

electronic surveillance, physical searches, “pen/trap” surveillance, and tangible things production orders, and the use of information so obtained. See id. § 4:5.

In order to initiate traditional FISA surveillance, the government must submit an application to a court demonstrating that there is “probable cause to believe that ‘the target of the electronic surveillance is a foreign power or agent of a foreign power,’ and that each of the specific ‘facilities or places at which the electronic surveillance is directed is being used, or is about to be used, by a foreign power or an agent of a foreign power.‘” See Clapper, 568 U.S. at 403 (quoting FISA § 105(a)(3)). FISA applications are reviewed by two specialized courts: the Foreign Intelligence Surveillance Court (“FISC“) and the Foreign Intelligence Surveillance Court of Review (“FISCR“), both composed of Article III federal judges assigned to their role by the Chief Justice of the United States. See id.; Kris & Wilson § 5:1 (describing jurisdiction of FISC and FISCR). Applications are submitted under oath by a federal officer and must describe, among other things, whom the government wishes to search or surveil, the place or things to be searched or surveilled, the sort of information the government expects to gather, and the existence and nature of any prior FISA applications targeting the individual. See generally Kris & Wilson § 6:2.

Traditional FISA had some limitations, however. Because each application required a court order, which in turn required probable cause, the government believed “that, after September 11, 2001, [FISA‘s] requirements unduly restrict[ed the] speed and agility” with which the government could detect and respond to terrorist threats. See id. § 16:2 (internal quotation marks omitted). Additionally, the advent of e-mail “clearly expanded traditional FISA‘s reach.” Id. § 16:6. Communications, such as phone calls, between two individuals without ties to the United States and located abroad were outside the purview of FISA, and any collection of such communications that occurred would not be constrained by its procedures. Id. But as such communication increasingly came to be conducted by e-mail, many of those e-mails would ultimately be stored on servers within the United States, and thus “the government could not conduct warrantless surveillance in the U.S. of stored e-mail messages exchanged between two parties located abroad” without following the procedures laid out in FISA. Id.

First enacted in 2008, Section 702 was intended to address some of FISA‘s perceived limitations.⁶ Section 702 allows the Attorney General (“AG“) and

Director of National Intelligence (“DNI“) to “authorize jointly ... the targeting of persons reasonably believed to be located outside the United States to acquire foreign intelligence information.” 50 U.S.C. § 1881a(a).⁷ That targeting is primarily executed by compelling electronic service providers, including internet service providers and companies that maintain the communications infrastructure, to “immediately provide the Government with all information, facilities, or assistance necessary to accomplish the acquisition [of communications of an individual or his or her account] in a manner that will protect the secrecy of the acquisition and produce a minimum of interference with the services that such electronic communication service provider is providing to the target of the acquisition.” 50 U.S.C. § 1881a(i)(1)(A).

Following public revelations of the program, Congress passed the Protect America Act (“PAA“), Pub. L. No. 110-55, 121 Stat. 552 (2007), which for a limited period of time allowed the government to use surveillance procedures similar to those contained in the FAA. See In re Directives, 551 F.3d 1004, 1006-07 (FISA Ct. Rev. 2008). The PAA expired on February 16, 2008. See id. at 1006 n.1.

Section 702 differs from traditional FISA procedures in several key respects. First, Section 702 does not require a probable cause determination before undertaking surveillance. Clapper, 568 U.S. at 404. Second, Section 702 “does not require the Government to specify [in a FISA application] the nature and location of each of the particular facilities or places at which the electronic surveillance will occur.” Id. Instead, as detailed below, the FISC approves Section 702 procedures in advance, targeting non-United States persons located abroad as a category, and the government does not have to return to the FISC to seek approval before it undertakes surveillance of any specific individual or his or her accounts under those Section 702 procedures. See Kris & Wilson § 17:17.

In short, under the FAA and Section 702 the government may compel service providers located in the United States to provide e-mails or other electronic communications to, from, or about individuals the government believes are (a) not United States persons and (b) located abroad.⁸ Both under the

statutory scheme and in practice, Section 702 surveillance unfolds in several different steps, each with different implications for this Court‘s review. The first step is what the statute and intelligence community refers to as “targeting,” followed by collection, “minimization,” retention and storage, and, finally, dissemination and querying.⁹ We will discuss each step in turn.

A. “Targeting”

Targeting generally refers to the decision to surveil an individual or his or her channels of electronic communications, such as an e-mail address. The government may not “intentionally target” for Section 702 surveillance anyone located in the United States or a “United States person” outside the United States. 50 U.S.C. §§ 1881a(b)(1), (3). Nor may it target a non-United States person “if the purpose of such acquisition is to target a particular, known person reasonably believed to be in the United States.” 50 U.S.C. § 1881a(b)(2).

The precise mechanisms each agency must follow to target communications are not specified by the statute. Instead, Section 702 requires the AG and the DNI to adopt targeting procedures each year that will govern how the program functions at each agency tasked with Section 702 surveillance. See 50 U.S.C. §§ 1881a(a), (d). While labelled targeting procedures, the procedures are just as much about who is not to be targeted under Section 702 (that is, how to prevent acquisition of the communications of those in the United States or who are United States persons) as about setting out who is to be targeted. In this opinion, our concern with “targeting” is with the procedures designed to protect the constitutional privacy rights of Americans and comply with the Fourth Amendment inside the United States, and not with the obviously confidential procedures and criteria by which United States intelligence agencies decide which non-United States persons located abroad are appropriate objects of surveillance.

The targeting procedures are supposed to ensure that any authorized acquisition is “limited to targeting persons reasonably believed to be located outside the United States” and to “prevent the intentional acquisition of any communication as to which the sender and all intended recipients are known at the time of the acquisition to be located in the United States.” 50 U.S.C. § 1881a(d)(1). Targeting procedures are also subject to the limitations related to targeting United States persons outlined above. 50 U.S.C. § 1881a(b). The NSA and the FBI each develop targeting procedures tailored to the agency‘s particular mission and purpose in using Section 702-acquired information. PCLOB Report at 41-43, 47.

Once the required procedures have been formulated, the DNI and AG must seek approval of their proposed targeting procedures from the FISC. 50 U.S.C. § 1881a(d)(2). The FISC reviews the proposed standards for compliance with both statutory and constitutional requirements. See, e.g., In re Proceedings Required by 702(i) of FISA Amendments Act of 2008, No. MISC 08-01, 2008 WL 9487946, at *5 (FISA Ct. Aug 27, 2008); Redacted, 2011 WL 10945618 at *1 (FISA Ct. Oct. 3, 2011) (“Bates Decision“). In contrast to traditional domestic search warrants and FISA warrants, which authorize searches or seizures of specific persons, places, or things based on individualized probable cause, judicial review of Section 702 functions as a form of programmatic pre-clearance. “[T]he Court is required to consider whether the targeting . . . procedures adopted by the Government meet the requirements of the statute and . . . are consistent with the Fourth Amendment. The Court is not required, in the course of this Section 702(i) review, to reach beyond the Government‘s procedures and conduct a facial review of the constitutionality of the statute.” In re Proceedings, 2008 WL 9487946, at *5; see also PCLOB at 26-31 (describing judicial review proceedings under Section 702).

Once its procedures are approved by the FISC, an agency can begin surveilling individuals it seeks to target. The NSA “initiates all Section 702 targeting, and thus makes all initial decisions pursuant to its targeting procedures.” PCLOB Report at 42. According to the PCLOB, the CIA and the FBI can “‘nominate’ targets to the NSA for Section 702 targeting” but the NSA is required to “make the determination whether to initiate targeting.” Id.

Section 702 surveillance usually begins when an agency “tasks” a specific “selector” or “facility,” usually an e-mail address or telephone number. See id. at 32. Much information about the targeting standards used by the NSA remains classified, but generally “[i]f they are to fulfill their purposes . . . [the targeting procedures submitted to the FISC for approval] should contain a description of factors that in isolation or combination justify a reasonable belief that the target is abroad.” Kris & Wilson § 17:7. According to one commentator, the NSA “has created a presumption of non-U.S. person status,” assuming “that the individual is a non-U.S. person” if the agency does not know its target is a United States person. See Donohue, Section 702 at 158.

B. Collection

Once an account or facility such as an e-mail address has been targeted, the intelligence agencies may then begin to collect information related to that particular address. Such information includes e-mails to and from a given account, or information “about” a given account.

1. PRISM and Upstream Collection

The NSA operates two separate types of collection programs which collect different types of information. These two programs have come to be labelled PRISM collection and upstream collection.

Under PRISM, the FBI (on behalf of the NSA) sends “selectors” (for instance, an e-mail address) to internet service providers (“ISPs“), based in the United States. The ISPs are then required to provide communications sent to or from that selector to the NSA. See PCLOB Report at 33-34. PRISM, therefore, collects only the e-mails a given user sends from his or her account, and the e-mails he or she receives from others through that account. Id. at 34. Collection and review of such material happens roughly in real time, or close to real time. In other words, the collected e-mails are not simply swept into a database for use at some unspecified future time when the database is queried, but are monitored and analyzed at or near the time of their collection. In that regard, the interception and review of electronic communications under PRISM resembles a traditional domestic law enforcement wiretap.

Upstream collection is broader. Instead of compelling information from an ISP, the NSA instead compels information from “the providers that control the telecommunications backbone over which communications transit.” PCLOB Report at 35. Upstream fills a gap in PRISM surveillance. Id. If, for instance, an individual that the NSA sought to target maintained his or her e-mail account with a foreign internet service provider, that e-mail address would be out of reach of the PRISM program. In that situation, the NSA could use upstream collection to collect traffic to that account as it traversed the backbone. Id. Upstream collection is broader than PRISM, in that it captures not only conversations to and from a given e-mail address, but also communications “about” that address (i.e., a conversation between two parties not themselves targeted that happens to mention whatever the tasked term is). See id. at 37-38.

One key difference between PRISM and upstream collection is that PRISM collects individual communications, while upstream collects whole “multi-communication transactions,” or “MCTs.” Id. at 39. “An Internet transaction refers to any set of data that travels across the Internet together such that it may be understood by a device on the Internet.” Id. Thus, a transaction might contain a single discrete communication (e.g., a single e-mail), or it could contain “multiple discrete communications,” and “[i]f a single discrete communication within an MCT is to, from, or about a Section 702-tasked selector, and at least one end of the transaction is foreign, the NSA will acquire the entire MCT” under upstream collection. Id. The result is a “greater likelihood” that upstream collection will “result in the acquisition of wholly domestic communications and extraneous U.S. person information.” Id. at 41. The NSA is the only agency that receives upstream collection; the CIA and the FBI are not provided with information obtained in this manner and do not store it in their databases. Id. at 54.

2. Incidental and Inadvertent Collection

As detailed above, the statute primarily authorizes agencies like the NSA to collect the e-mails of “non-United States persons” located abroad. But even if the government scrupulously follows the procedures intended to restrict collection of communications to and from persons with ties to the United States, the agencies might still end up collecting information about United States persons or those located in the United States, or communications sent to or from a United States person or an individual located in the United States.

Collection may sweep up those individuals’ e-mails in two ways, conventionally referred to as “incidental collection” and “inadvertent collection.” First, collection might be “incidental.” PCLOB Report at 114. Incidental collection occurs when a non-targeted individual (a United States person or someone in the United States) communicates with a targeted non-United States person located abroad. Such collection would occur under PRISM, for instance, if the NSA has targeted the e-mail address of a non-United States person in another country, and a United States person e-mails that targeted individual. An ISP would be required to provide the NSA with any such e-mails as part of its compliance with a Section 702 directive targeting the non-United States party to the communication.

Second, collection might be “inadvertent.” Id. at 116. Inadvertent collection occurs when the NSA reasonably believes that it is targeting a non-United States person located abroad, or does not have enough information to determine whether an individual e-mail address or other communications facility is being used by a United States person or accessed from within the United States, and therefore presumes that the account is controlled by a foreigner outside the United States. The collection is characterized as “inadvertent” when the agency learns that the person controlling the account is a United States person after it has already acquired some of the person‘s communications. In essence, inadvertent collection occurs when the NSA targets United States persons or individuals located within the United States in error: the agency thought it was targeting a foreign individual abroad, but the targeted person was in fact a United States person or an individual located in the United States.

C. “Minimization”

In general terms, minimization describes the manner in which the government processes communications after they have been collected and seeks to provide safeguards against the misuse of Section 702 information. See PCLOB Report at 50. The 2011 Minimization Procedures, which have been declassified, apply “to the acquisition, retention, use, and dissemination of non-publicly available information concerning unconsenting United States persons that is acquired by targeting non-United States persons reasonably believed to be located outside the United States.” See Minimization Procedures Used by the National Security Agency in Connection with Acquisitions of Foreign Intelligence Information Pursuant to Section 702 of the Foreign Intelligence Surveillance Act of 1978, As Amended § 1, National Security Agency (Oct. 31, 2011), https://www.dni.gov/files/documents/Minimization%20Procedures%20Used%20By%20NSA%20In%20Connection%20With%20FISA%20Section%20702.pdf (“NSA 2011 Minimization Procedures“).¹⁰

As with their targeting procedures, the NSA, FBI, and CIA must seek yearly approval of their minimization procedures from the FISC. 50 U.S.C. § 1881a(e)(2). Section 702 requires that each agency also adopt procedures that prohibit the disclosure of information about United States persons in a manner that identifies them, unless that identity is necessary to understand the intelligence information. See 50 U.S.C. § 1881a(e)(1) (cross-referencing 50 U.S.C. §§ 1821(4) and 1801(h)); see also Kris & Wilson § 9:1. By statute, the procedures must ensure “that nonpublicly available information, which is not foreign intelligence information . . . shall not be disseminated in a manner that identifies any United States person, without such person‘s consent, unless such person‘s identity is necessary to understand foreign intelligence information or assess its importance.” 50 U.S.C. § 1801(h)(2).

Minimization procedures seek to “balance the government‘s need to acquire, retain, and disseminate foreign intelligence information, against the countervailing privacy interests of U.S. persons.” Kris & Wilson § 9:1; PCLOB Report at 50 (“Minimization procedures are best understood as a set of controls on data to balance privacy and national security interests.“). The meaning of the term as used in the FISA context is subtly different from what it means in the more familiar context of court-authorized domestic electronic surveillance by law enforcement agencies under traditional domestic wiretaps. In the latter context, minimization procedures generally involve stopping the monitoring of communications that can be determined in real time to be non-evidentiary. In the context of Section 702 surveillance, the information subject to minimization has already been collected. After review, it is either retained or destroyed; information is “minimized” by non-retention. NSA analysts are instructed to “exercise reasonable judgment in determining whether information acquired must be minimized and will destroy inadvertently acquired communications of or concerning a United States person at the earliest practicable point in the processing cycle at which such communication can be identified either: as clearly not relevant to the authorized purpose of the acquisition (e.g., the communication does not contain foreign intelligence information); or, as not containing evidence of a crime which may be disseminated under these procedures.”¹¹ NSA 2011 Minimization Procedure § 3(b)(1).

After an NSA analyst reviews an individual e-mail communication, he or she will decide if the information warrants retention in the NSA‘s databases and/or dissemination to other agencies. The analyst will determine if “it is a domestic or foreign communication to, from, or about a target and is reasonably believed to contain foreign intelligence information or evidence of a crime.” Id. § 3(b)(4). Communications fitting this description will thus be retained and processed; information not involving foreign intelligence information or evidence of a crime will be destroyed unless it meets one of several exceptions, such as when “the communication contains information pertaining to a threat of serious harm to life or property.” Id. § 5(4).

When an e-mail or other communication is processed and retained, the information will be scanned and stored. Information that “do[es] not meet the retention standards . . . and . . . [is] known to contain communications of or concerning United States persons” will be “destroyed upon recognition.” Id. § 3(c)(1). If a target moves to the United States, or if the NSA uncovers information that the target is a United States person, “acquisition from that person will be terminated without delay.” Id. § 3(d)(1).

“[D]omestic communications” — all communications that do not have “at least one communicant outside the United States,” id. § 2(e), “will be promptly destroyed,” except under certain conditions. Id. § 5. Such conditions include if a communication is “reasonably believed to contain significant foreign intelligence information,” which may be provided to the FBI (which in turn may disseminate information “in accordance with its minimization procedures“). Id. § 5(1). Information that is “reasonably believed to contain evidence of a crime that has been, is being, or is about to be committed” may be “disseminated (including United States person identities) to appropriate Federal law enforcement agencies.” Id. § 5(2).

D. Retention and Dissemination

As addressed above, the minimization procedures also govern the ultimate retention of surveillance materials and the “reporting of acquired information outside of [the] intelligence agency” that collects the information. PCLOB Report at 64. The minimization procedures treat retention and dissemination in similar ways: the NSA, for instance, may retain communications “in generally the same situations where the NSA is permitted to disseminate . . . these communications” to other agencies. Id. at 62.

The retention and dissemination of information gathered under the FAA is also governed by the same restrictions that apply to traditional FISA. Id. at 64. Additional protections generally apply if the NSA, for instance, seeks to disseminate Section 702 information containing the identity of a United States person. The NSA will then “mask” the identity, deleting any identifying information unless certain exceptions apply. These exceptions include when “the U.S. person‘s identity is necessary to understand foreign intelligence information, or the communication contains evidence of a crime and is being disseminated to law enforcement authorities.” Id. at 65.

Agencies relying on NSA reporting may request that the identity of a United States person be unmasked. Id. The NSA may provide that information if at least one additional criterion is met, including when “the identity of the United States person is necessary to understand foreign intelligence information” or the information “indicates that the United States person” is an “agent of a foreign power” or the “target of intelligence activities of a foreign power.” NSA 2011 Minimization Procedure § 6(b). Agencies may also request that information about a given e-mail address or facility be forwarded on a regular basis.

E. Storage and Querying

Once communications are collected and retained or disseminated, each agency may establish databases to store those communications in its possession, and may query those stored communications to identify information of interest in connection with a particular investigation or agency function.

The NSA, CIA, and FBI each maintain separate databases containing Section 702 information on which the agencies rely for their own purposes. PCLOB Report at 55-56. According to the PCLOB, the NSA, for instance, “often stores data acquired from multiple legal authorities in a single data repository.” PCLOB at 55. The agency then “tags” the sources for each piece of information, and “has systems that prevent an analyst from accessing or querying data acquired under a legal authority for which the analyst does not have the requisite training.”¹² Id. at 55-56. The CIA limits access to databases that contain Section 702-acquired information to only those agents who have had the requisite training. Id. at 55. And the FBI “stores electronic data obtained from traditional FISA electronic surveillance and physical searches . . . in the same repositories as the FBI stores Section 702-acquired data.” Id. at 59. An agent without requisite training would see whether a piece of Section 702-acquired information was responsive to her query, but she would not be able to view the actual underlying material without clearance. Id.

“Data is frequently reviewed through queries, which identify communications that have particular characteristics specified in the query, such as containing a particular name or having been sent to or from a particular e-mail address.” Id. at 127. Colloquially, the parties (and those engaged in policy debates about the program) have referred to this querying capability as “backdoor searches.”

Originally, the minimization procedures precluded analysts from searching terms associated with United States persons. See Classified Supplemental App‘x at 121-22 [REDACTED] In April 2011, the government sought approval for new minimization procedures that allowed the querying of terms related to United States persons. See Bates Decision, 2011 WL 10945618 at *7-8. The FISC ultimately approved the new procedures in October 2011 (i.e., after Hasbajrami‘s arrest) because they were “designed to yield foreign intelligence information.” Id. at *7. Querying, the court stated, “should not be problematic in a collection that is focused on non-United States persons located outside the United States and that, in the aggregate, is less likely to result in the acquisition of nonpublic information regarding non-consenting United States persons.” Id.

In a June 2014 letter to Senator Wyden, Deirdre Walsh, Director of Legislative Affairs for the Office of the Director of National Intelligence, stated that each of the three agencies allowed querying. The NSA could query Section 702-acquired information if it had a “reasonable basis to expect the query will return foreign intelligence,” as could the CIA and the FBI. See Response to Question from the 5 June 2014 Hearing, Letter from Deirdre Walsh, Director of Legislative Affairs, to Senator Ron Wyden (June 27, 2014) (“Walsh Letter“); see also PCLOB Report at 57-58. The FBI is also allowed to query its own databases in such a way that these queries are “designed to find and extract evidence of a crime.” Walsh Letter at 2. The FBI also will query previously acquired information from a variety of sources, including Section 702 when it “opens new national security investigations.” Id. at 3.

Recently, and after the time period at issue in this case, Congress enacted the FISA Amendments Reauthorization Act of 2017, Pub. L. No. 115-118, 132 Stat. 3 (2018), codified at 50 U.S.C. § 1881a. The act amended the FAA to require the agencies to develop “querying procedures” alongside their targeting and minimization procedures and seek approval of all three sets of procedures yearly from the FISC. Congress also amended the FAA to require a court order in most cases where the FBI seeks to “access the contents of communications . . . that were retrieved pursuant to a query made using a United States person query term that was not designed to find and extract foreign intelligence information.” 50 U.S.C. § 1881a(f)(2)(A). Such querying standards were not in place when the surveillance at issue here occurred.

III. The District Court‘s Denial of Hasbajrami‘s Suppression Motion

As noted above, Hasbajrami moved to suppress “the fruits of all warrantless FAA surveillance.” See Suppression Motion at 8. He also moved for discovery of the FISA and Section 702 information relevant to his case.

After the district court reviewed the relevant materials ex parte and in camera, it denied the suppression motion. See United States v. Hasbajrami, No. 1:11-cr-623, 2016 WL 1029500 (E.D.N.Y. Feb. 18, 2016) (“Suppression Decision“).¹³ It treated the suppression motion as an as-applied challenge to the Section 702 surveillance used to support the government‘s initial application to the FISC, primarily addressing the issue of collection. Id. at *7. First, after noting the distinction between PRISM and upstream collection, the court concluded that “[n]one of the Section 702 communications used in Title I and Title II FISA applications targeting the agent of the foreign power were ‘about’ communications” and therefore “the constitutionality of upstream collection [was] not at issue” in Hasbajrami‘s case. Id. at *6-7.

The district court then turned to PRISM collection. Summarizing precedent, the court noted that the Fourth Amendment “does not constrain the government from collecting the communications of non-U.S. individuals targeted by Section 702 surveillance.” Id. at *7. Although Hasbajrami was a legal permanent resident located in the United States, the court found that it was “non-U.S. persons who were the targets of Section 702 surveillance” and that Hasbajrami‘s e-mails were collected incidentally to the surveillance of individuals the court described as “legitimate targets of Section 702 surveillance.” Id. The court concluded that the incidental interception of the communications of individuals in the United States was constitutional because the surveillance was “lawful in the first place — whether it is the domestic surveillance of U.S. persons pursuant to a warrant or the warrantless surveillance of non-U.S. persons who are abroad — [and therefore] the incidental interception of non-targeted U.S. persons’ communications with the targeted persons is also lawful.” Id. at *9.

The court did not address whether any inadvertent collection related to Hasbajrami. It also did not address the specifics of any querying as applied to Hasbajrami in particular, and there does not appear to have been any fact-finding regarding the querying of previously-collected communications with identifiers related to Hasbajrami. Instead, the parties had raised querying within the context of whether the minimization procedures were reasonable, and the government argued that it was permitted to query whatever data it had lawfully collected even if it used identifiers it knew were associated with United States persons. See Gov‘t Mem. of Law at 71, United States v. Hasbajrami, 1:11-cr-623 (E.D.N.Y. filed Dec. 23, 2014), ECF No. 97. To the extent that the district court considered querying, then, it appeared to adopt the government‘s position, stating in a footnote:

That the government is able to query information obtained under the PRISM program, i.e. lawfully-obtained communications that were to or from legitimate targets, does not render the minimization procedures inadequate, as amici contend . . . . Here, once the government learned that the target was potentially

an agent of a foreign power, the government sought orders from the FISC for electronic surveillance and physical searches pursuant to Title I and Title III of FISA targeting an agent of a foreign power .... I agree with the government that “[i]t would be perverse to authorize the unrestricted review of lawfully collected information but then [] restrict the targeted review of the same information in response to tailored inquiries.” Gov‘t Br. at 71-72.

Suppression Decision, 2016 WL 1029500 at *12 n.20.

As for Hasbajrami‘s request to provide discovery to properly-cleared defense counsel, the district court concluded that disclosure was unnecessary. Id. at *14. Instead, its review was “relatively straightforward and not complex” and the district court was “able to evaluate the legality of the challenged surveillance without concluding that due process first warranted disclosure.” Id. at *14 (citing United States v. Abu-Jihaad, 630 F.3d 102, 129 (2d Cir. 2010)).

IV. Further Proceedings at the District Court

The district court denied the motion to suppress in a text order dated February 20, 2015. The order stated that “[a]n opinion [would] follow,” but that the motion would be denied as to “the fruits of the FAA surveillance, including the defendant‘s post-arrest statements.” App‘x at 16. The court noted that it would hold a conference and “inquire of the government whether it intends to offer once again the charge bargain that was previously accepted by the defendant, and whether it has considered the prospect of allowing the defendant to enter such a plea pursuant to Rule 11(a)(2), reserving his right to seek appellate review of [the district court‘s] denial of the motion to suppress evidence.” Id.

The parties prepared for trial, but Hasbajrami in due course again pleaded guilty, this time to a two-count Superseding Information, which charged him with providing and attempting to provide material support to terrorists. According to the terms of the agreement, Hasbajrami:

[A]gree[d] not to file an appeal or otherwise challenge . . . the conviction or sentence in the event that the Court imposes a term of imprisonment of 180 months or below, with the sole and limited exception that, pursuant to Federal Rule of Criminal Procedure 11(a)(2), the defendant may appeal the District Court‘s February 20, 2015 denial of his motion to suppress evidence that was obtained or derived from surveillance conducted pursuant to the FISA Amendments Act of 2008, 50 U.S.C. §§ 1881a et seq.

App‘x at 48. Hasbajrami also consented to his removal, after serving his sentence, from the United States. The district court sentenced Hasbajrami to a term of 180 months’ imprisonment on Count One and 12 months’ imprisonment on Count Two, each to run consecutively.

On March 8, 2016 — more than one year after it denied the motion — the district court issued a redacted opinion on the public docket explaining its reasons for denying suppression. Hasbajrami requested that the full decision be released to his cleared defense counsel, so that he might better prepare his appeal. The court (Dora L. Irizarry, C.J.)¹⁴ held that FISA required redaction and that “Defendant‘s counsel are not entitled to view the Unredacted Opinion because releasing it would reveal classified foreign intelligence information and circumvent FISA . . . .” United States v. Hasbajrami, 1:11-cr-623, 2017 WL 3610595 at *3 (E.D.N.Y. April 6, 2017).

V. Proceedings on Appeal

Hasbajrami timely filed two notices of appeal. The first addressed the district court‘s denial of Hasbajrami‘s motion to suppress; the second addressed the district court‘s decision to deny Hasbajrami‘s counsel access to the unredacted and unmodified version of the suppression ruling. Both appeals were consolidated and argument was heard by this Court on August 27, 2018.

At oral argument, the government was unable to represent whether or not identifiers related to Hasbajrami had been used in querying previously-acquired Section 702 surveillance databases. This Court therefore ordered the government to “identify[] the record evidence that supports the proposed factual inference that it conducted no queries or backdoor searches of Section 702 material with regard to Hasbajrami before or leading to the FISA court‘s issuance of Title I and Title III warrants with respect to Hasbajrami.” Order, United States v. Hasbajrami, Nos. 15-2684, 17-2669 (2d Cir. Sept. 4, 2018), ECF No. 203.

Both parties filed supplemental briefing, including an additional classified brief from the government (which was posted, heavily redacted, on the public docket for this appeal).

DISCUSSION

Hasbajrami primarily raises an as-applied challenge to the constitutionality of warrantless collection and review of his communications under Section 702.¹⁵ As the PCLOB notes, judicial review of Section 702 surveillance presents particular challenges because the program:

entails many separate decisions to monitor large numbers of individuals, resulting in the annual collection of hundreds of millions of communications of different types, obtained through a variety of methods, pursuant to multiple foreign intelligence imperatives, and involving four intelligence agencies that each have their own rules governing how they may handle and use the communications that are acquired.

PCLOB Report at 86. In other words, review is difficult because we must consider those individual “separate decisions” within the context of the program as a whole.¹⁶

In this case, it is undisputed that the government possessed ample evidence obtained from surveillance authorized by a FISA warrant to convict Hasbajrami. The evidence that formed the basis for that warrant however, was obtained as a result of warrantless Section 702 surveillance of non-United States persons located abroad. Thus, the primary issue, affecting the bulk of the evidence against Hasbajrami, is whether the incidental collection of the communications of United States persons, without a warrant, violates the Fourth Amendment. We conclude, as did the district court, that such collection is lawful. But that is not the only action involving Section 702 surveillance at issue here.

We must also address inadvertent collection, storage and querying, as each of these issues is raised by the record.

The record is sufficient to permit us to answer the principal question before us: we conclude that the district court correctly held that the incidental collection in this case, and the government‘s use of the information thus collected, was lawful. The record also permits us to conclude that, even assuming that inadvertent collection of the communications of United States persons may in some circumstances violate the Constitution, the effect of any such collection in this case was harmless beyond a reasonable doubt. The absence of evidence in the record regarding [REDACTED], however, prevents us from determining the reasonableness of any such querying [REDACTED] prior to the FISC‘s probable-cause finding, and from fully understanding how if at all the results of such querying affected the subsequent conduct of the investigation. As a result, we must remand for further proceedings and fact-finding by the district court.

I. “Incidental” Collection

The primary type of Section 702 collection we must address here involves “incidental” collection. The government was “targeting,” within the meaning of Section 702, the accounts of individuals located abroad who were reasonably believed to be agents of terrorist organizations. In collecting communications from those accounts, the government collected e-mails between Hasbajrami and [REDACTED]. In reviewing Hasbajrami‘s suppression motion, the district court focused on this incidental collection, ultimately concluding that a warrant was not required and the government‘s actions were reasonable.

On appeal, Hasbajrami and the amici argue that the Fourth Amendment bars the incidental collection of e-mails of individuals, like Hasbajrami, located in the United States. First, they argue that surveillance of individuals in the United States is per se unreasonable if it is conducted without a warrant. They also focus on the specific attributes of warrants — the particularity requirement, the need for a neutral judicial forum and a finding of probable cause — and argue that Section 702, the targeting and minimization procedures, and FISC oversight do not provide a substitute procedure sufficient to satisfy the Fourth Amendment. According to Hasbajrami, the broad scope of Section 702‘s surveillance and the government‘s failure to seek a warrant or its equivalent render the program unconstitutional as applied to him and therefore requires the suppression of evidence acquired under the program.

We disagree. In addressing the issues before us, we adopt an approach similar to that employed by the United States Court of Appeals for the Ninth Circuit in United States v. Mohamud, 843 F.3d 420 (9th Cir. 2016). We must first decide whether a warrant is required for the government‘s incidental collection of the communications of United States persons. We conclude that a warrant is not required for such collection. But “[e]ven if a warrant is not required, a search is not beyond Fourth Amendment scrutiny; for it must be reasonable in its scope and manner of execution.” Maryland v. King, 569 U.S. 435, 448 (2013); see also Mohamud, 843 F.3d at 441. We further conclude that the incidental collection of Hasbajrami‘s e-mails was reasonable.

A. No Warrant was Required

We conclude that a warrant is not required based on two well-established principles of Fourth Amendment law. First, the Fourth Amendment does not apply extraterritorially to the surveillance of persons abroad, including United States citizens. Second, law enforcement officers do not need to seek an additional warrant or probable cause determination to continue surveillance when, in the course of executing a warrant or engaging in other lawful search activities, they come upon evidence of other criminal activity outside the scope of the warrant or the rationale justifying the search, or the participation of individuals not the subject of that initial warrant or search.

Notes

This opinion has been reviewed by appropriate intelligence agencies for the purpose of redacting material that includes or references classified information. After an initial redaction, the panel met ex parte with representatives of those agencies in order to discuss potential substitutions or modified phrasing that would minimize the need for redaction, and the possibility that certain information referenced in the opinion could be declassified, thus further reducing the need for redaction. That meeting was transcribed for the record, and the transcript (which is itself classified) will be preserved as part of the record of this appeal in the custody of a Classified Information Security Officer with the Department of Justice‘s Litigation Security Group. The meeting was extremely productive, and has resulted in a modest number of changes of wording that do not affect the substance of the opinion, and a significant reduction in the amount of redacted material. It is of course regrettable that any part of an opinion disposing of a criminal appeal is unavailable for public inspection. However, we have neither the authority, nor the expertise, nor the inclination to overrule classification decisions made by the relevant executive branch agencies. We respect the need for such classification of sensitive national security information, and appreciate the cooperation of the agencies in the effort to limit the need for modifications and redactions.

As detailed below, this opinion will use “traditional FISA” to describe FISA surveillance that was authorized by statute prior to the enactment of Section 702. The FISA Amendments Act will be referred to as the “FAA,” of which Section 702 is one part.

The government‘s provision of notice in this case was likely in response the Solicitor General‘s assertion, at oral argument before the Supreme Court in , that prosecutors would provide notice to defendants in cases where evidence was derived from Section 702 surveillance. See Charlie Savage, Door May Open Challenge to Secret Wiretaps, N.Y.Times (Oct. 17, 2013), at A3. While the government‘s policy prior to was not to provide notice of Section 702 surveillance, it began reviewing cases and providing supplemental notice in 2013. Id.

The purpose of this section is to provide the general background necessary to understand the parties’ arguments and it is not intended to provide a comprehensive description of the way in which each agency implements Section 702 surveillance. Additionally, as detailed below, each agency must seek approval of its Section 702 procedures each year, including changes in operation. Our intention is thus only to describe the program in broad terms. We note, moreover, that many Section 702 procedures remain highly classified, including the specific procedures under which the collection of Hasbajrami‘s communications would likely have taken place. Our discussion here is drawn from declassified public sources and in large part from the report on Section 702 surveillance produced by the Privacy and Civil Liberties Oversight Board. See Privacy and Civil Liberties Oversight Board, Report on the Surveillance Program Operated Pursuant to Section 702 of the Foreign Intelligence Surveillance Act (July 2, 2014), https://www.pclob.gov/library/702-Report.pdf (“PCLOB Report“). The PCLOB is an independent agency within the executive branch, authorized by statute, inter alia, to “analyze and review actions the executive branch takes” and “ensure that liberty concerns are appropriately considered” in the government‘s development and implementation of anti-terrorism programs. See 42 U.S.C. § 2000ee(c). The PCLOB is composed of five members, appointed by the President and confirmed by the Senate. Id. § 2000ee(h). Accordingly, we discuss the program, and changes in its operation over time, only to the extent that the details are (a) relevant and (b) public.

While Section 702 was first enacted in 2008, the fact that any e-mails tied to Americans were sometimes collected under its authority was not made public until June 2013, when “two classified [National Security Agency (“NSA“)] collection programs were first reported by the press based on unauthorized disclosures of classified documents by Edward Snowden, a contractor for the NSA.” PCLOB Report at 1.

President George W. Bush initially authorized the NSA “to conduct warrantless wiretapping of telephone and e-mail communications where one party to the communication was located outside the United States” and one party was believed to be a member of a terrorist organization. See .

Like other sections of the FISA, Section 702‘s definition of “United States person” includes lawful permanent residents (such as Hasbajrami). See 50 U.S.C. § 1801(i) (defining “United States person” to be a “citizen of the United States, an alien lawfully admitted for permanent residence” or certain unincorporated associations or corporations with ties to the United States).

The FAA also contains two sections, Sections 703 and 704, that address the direct targeting of individual United States persons outside the United States for electronic surveillance. See Laura K. Donohue, Section 702 and the Collection of International Telephone and Internet Content, 38 Harv. J.L. & Pub. Pol‘y 117, 142-44 (2015). The procedures followed “generally reflect the structure employed by traditional FISA with regard to electronic surveillance and physical search.” at 143. These sections are codified at 50 U.S.C. §§ 1881b and 1881c, and are not at issue in this appeal.

Some of these terms, such as collection, are terms of art, but their use is not necessarily uniform across the various government agencies or for different forms of surveillance. See, e.g., Lee, Perlin & Schottenfeld, Gathering Intelligence at 95 (highlighting “definitional variances” for terms like collection, acquisition, and targeting across the various surveillance programs). For the purposes of providing background to Hasbajrami‘s case, we define the terms primarily as each is used by the PCLOB.

These minimization procedures were submitted to the FISC for approval after Hasbajrami‘s arrest, and therefore did not govern the operation of Section 702 during the time period relevant here.

It is not clear whether the minimization procedures’ use of “inadvertent” here is intended broadly to invoke the word‘s plain meaning, or is used as a term of art to apply the provision only to communications acquired as a result of “inadvertent collection,” as defined above, where a United States person has been erroneously targeted.

Each agency with access to Section 702 data provides training to personnel regarding the proper use of Section 702 material, as well as the agency‘s minimization procedures. See PCLOB Report at 53-54. The exact training procedures and who is trained may vary by agency.

As addressed below, the district court announced its decision on February 15, 2015, in a text order on the docket, issued without an opinion. The redacted opinion was issued on the public docket in March 2016.

By this point, the case had been transferred to Chief Judge Irizarry following Judge Gleeson‘s resignation.

Hasbajrami also raises an alternative statutory argument, arguing that suppression was warranted because he claims the surveillance did not comply with the requirements of Section 702 itself. The Court has carefully considered the argument, in light of the classified record, and finds it without merit.

When reviewing a district court‘s denial of a motion to suppress evidence, we review the court‘s legal determinations de novo and its factual findings for clear error. . The issues on appeal are legal, and therefore our review here is de novo.

The “incidental overhear” doctrine is closely related to the “plain view” doctrine applied in connection with physical searches. See, e.g., (describing plain view doctrine and noting that “[t]he doctrine serves to supplement the prior justification — whether it be a warrant . . . , hot pursuit, search incident to lawful arrest, or some other legitimate reason for being present unconnected with a search directed against the accused — and permits the warrantless seizure.“).

The same reasoning defeats any argument that such monitoring should be limited to the acquisition of foreign intelligence, and that communications collected for that purpose should not be made available to domestic law enforcement agencies. There is little point in having intelligence agencies collect information abroad if those agencies are not able to share what they learn with domestic law enforcement when the information they acquire points to ongoing or impending criminal activities inside our borders.

Of course, if the government wishes to expand the investigation to monitor the communications of the newly discovered United States-connected suspect, it would be required to obtain a conventional Title III or traditional FISA warrant [REDACTED]

The considerations might be different if the storage involved data responsive to a warrant and retained for the purpose of a domestic criminal prosecution. This Court, sitting en banc, considered similar issues in , although we ultimately did not need to decide them.

On November 14, 2019, Hasbajrami filed a Rule 28(j) letter alerting this Court to three recently declassified opinions from the FISC and FISCR. See ; Redacted (FISA Ct. Sep. 4, 2019); . Based on our review, we do not believe that these opinions substantively affect our decision because, even to the extent that their approach differs from ours, they are not binding on this Court. Since we are remanding for the district court to further assess this issue with the benefit of a more complete record, we decline to engage further at this time. We did not find it necessary to review the unredacted versions of these opinions in reaching this conclusion and, therefore, Hasbajrami‘s request for access to the unredacted versions of these opinions is DENIED.

The Advisory Committee also considered Fed. R. Crim. P. 11(h)‘s harmless error calculus to apply, but it noted that, without full factual development, invocation of the harmless error rule would be difficult. The Committee noted, however, that “relatively few appellate decisions result in affirmance upon [harmless error]. Thus it will only rarely be true that the conditional plea device will cause an appellate court to consider constitutional questions which could otherwise have been avoided by invocation of the doctrine of harmless error.” Fed. R. Crim. P. 11, advisory committee‘s notes to 1983 amendments.

The government has argued before this Court that the good faith exception would apply. Because of the incomplete record here, we take no position as to whether the exception applies.

Hasbajrami argues on appeal that his due process rights would be violated if he is not provided with an unredacted or unmodified version of the district court‘s order. He concedes, however, that the argument would be rendered moot if this Court reverses on either constitutional or statutory grounds. After reviewing the minor redactions, we conclude that the limited information redacted from the district court‘s opinion could not have substantially affected Hasbajrami‘s due process rights in this appeal. In any event, we undertook de novo review and we are satisfied that the limited redactions in the portions of this opinion relating to the district court‘s rulings do not require disclosure to the defense at this time. We therefore deny Hasbajrami‘s request to unseal or to disclose to the defense team the redacted portions of the district court opinion. As addressed above, however, the district court remains free to consider, in the

unknown

first instance, what if any classified material, including the government‘s Rule 28(j) letter and the redacted portions of this opinion relating to querying, should be provided to properly-cleared defense counsel on remand, consistent with the requirements of CIPA and FISA. We therefore DENY Hasbajrami‘s February 8, 2019 motion for disclosure of the government‘s Rule 28(j) letter, without prejudice to renewal before the district court on remand.

Read the detailed case summary