WeVote

Bill

Bill

S 4280

SAFE Act

119th Congress Introduced by Cory Booker and 11 co-sponsors

Strengthens privacy and accountability for 702 surveillance by mandating audits, tighter query controls, and more oversight to protect U.S. persons' data.

Read the second time. Placed on Senate Legislative Calendar under General Orders. Calendar No. 371.
0
WeVote Research Nonpartisan
Bill Summary · S 4280

Summary of Bill S.4280 (SAFE Act) — 119th Congress

Title: Security And Freedom Enhancement Act of 2026 (SAFE Act)

Purpose
- Reauthorize and reform authorities under the Foreign Intelligence Surveillance Act of 1978 (FISA) with enhanced transparency, oversight, and protections for United States persons and privacy.
- Increase congressional and independent oversight of FISA activities, tighten targeting rules, and improve accountability for agencies, particularly the FBI.
- Extend Title VII authorities temporarily and set new sunset timelines for certain changes.

Key Provisions and Changes

Title I — Protections for United States Persons Whose Communications Are Collected Under Section 702
- Sec. 101. Query Procedure Reform
- Mandatory audits of U.S. person queries conducted by the FBI for each 180-day period, with results due to Congress within 30 days of audit completion; if delayed, DOJ must brief Congress.
- Redesigns and expands the query definition and access controls, including special protections and approvals for sensitive queries.
- Establishes stricter requirements for pre-query justification, training, and recordkeeping of queries.
- Prohibits warrantless access to U.S. persons’ communications contents obtained via 702, with several narrow exceptions (emergency authorizations, exculpatory exceptions, consent, defensive cybersecurity, or litigation-related purposes). Any such access must be limited, reported, and not used in prosecutions beyond defined purposes unless authorized.
- Requires affirmative election to include 702 information in queries for systems storing unminimized data.
- Sec. 102. Annual Reports
- FBI and ODNI must annually report: total covered queries, number of times contents were accessed, number of orders granted, exceptions used, batch queries, and cross-agency query usage.
- Publicly release much of the annual report (with possible classified annex).
- Sec. 103. Accountability for FBI Queries
- Creates an FBI accountability framework for incidents involving queries, including centralized incident tracking, escalating disciplinary actions, and referral to the Office of Professional Responsibility.
- Requires an initial report within 180 days of enactment and annual disciplinary action reports.
- Sec. 104. Prohibition on Reverse Targeting
- Prohibits targeting U.S. persons or persons reasonably believed to be in the United States at acquisition time; strengthens non-targeting protections outside the U.S.
- Sec. 105. FISA Court Review of Targeting Decisions
- Adds a random sampling of targeting decisions and written justifications to FISA Court review, using a Court-approved sampling methodology.
- Sec. 106. Sunset of Changes to ECS Provider Definition
- Sets December 31, 2026 as a sunset date for certain definitional changes related to electronic communication service providers.
- Sec. 107. Limitation on Directives to Covered ECS Providers
- Limits directives to covered electronic service providers to those appropriate to the type of service; requires declassification review and public disclosure where appropriate.
- Sec. 108. Extension of Title VII; Expiration Dates
- Extends timing for certain FISA Title VII authorities and aligns expiration dates to 2028 for related provisions.

Title II — Additional Reforms Relating to FISA Activities
- Sec. 201–206
- Requires disclosure of information in applications, including exculpatory information, and collection-related attestations.
- Adds accuracy procedures for certifications used in FISA applications; requires documentation and auditing of factual assertions and prior relationships with targets.
- Tightens penalties for willful or knowing violations of FISA procedures (criminal penalties).
- Limits civil immunity for providers and clarifies circumstances under which government-assisted actions may be pursued, including parallel construction prohibitions.
- Adds “derived from” concept to prevent evading disclosure obligations and requires guidance on its application.
- Sets policy directions for handling information obtained under Title VII and related authorities.

Title III — Proceedings Before FISA Court and Other Courts
- Sec. 301. FISA Court Reform
- Expands appointment of amicus curiae with privacy/security expertise to advise the court on novel interpretations, sensitive matters, or programmatic surveillance.
- Sec. 302–303. Public Disclosure and Contempt Powers
- Requires more public disclosures of opinions and enhances contempt powers for FISC/FISC-R.
- Technical amendments to align contempt and procedural tools.

Title IV — Independent Executive Branch Oversight
- Sec. 401. Periodic Audits by the Inspector General
- Requires periodic OIG audits of FISA compliance (implied within overall oversight framework).

Title V — Protections for US Persons Whose Sensitive Information Is Purchased
- Sec. 501–505
- Adds protections around data held by data brokers and intermediaries; limits on acquisition and use of sensitive U.S. person data.
- Establishes consistency of privacy protections across data purchases and demands data handling standards for intermediaries.

Title VI — Transparency
- Sec. 601–602
- Enhanced DNI reporting to Congress; requires notification to Congress of unauthorized disclosures.

Title VII — Limited Delays in Implementation
- Sec. 701
- Provides limited delays in implementing SAFE Act provisions where necessary.

Sunset/Effective Dates
- Several provisions include sunset mechanics (e.g., 702(i) changes) and a general effective date timeline.
- A major sunset of certain business records provisions is extended with a 180-day transition window.

Who Would Be Affected
- Federal agencies with access to 702 data (especially FBI and DOJ).
- Foreign Intelligence Surveillance Court and its review processes.
- Congressional intelligence committees and judiciary committees.
- Data providers, data brokers, and electronic communications service providers.
- U.S. persons whose communications or metadata are collected under 702.

Procedural and Timeline Highlights
- 180-day audit cycles for queries; 90-day window for audit completion post-period, plus 30 days for congressional submission.
- Annual public reporting, with possible classified annexes.
- 180-day initial report for FBI Section 710 accountability procedures; annual updates thereafter.
- Sunset provisions taking effect around December 31, 2026 for certain definitions; extended extension of Title VII authorities through 2028.
- Declassification reviews required within 180 days for directives to ECS providers.

Bottom Line
- The SAFE Act seeks to strengthen privacy protections for U.S. persons, enhance transparency and accountability of 702/Title VII authorities, expand FISA Court oversight and participation (amicus), and tighten integration between intelligence needs and civil liberties. It introduces mandatory audits, detailed reporting, stricter querying controls, limitations on warrantless access, and comprehensive agency procedures to ensure compliance.

Compiled from official sources — confirm details with the bill’s official record.

Sign in to ask a question.