But many others believe that the manner in which the law has been written allows U.S spy agencies to intercept, with little oversight, phone calls and other electronic communications that may involve innocent U.S. citizens. Though the original FISA applied only to people based outside the U.S., the amended act also gives the government broad power to monitor communications between people in the U.S. and residents of other countries who are alleged to pose a risk to national security.
Various advocacy groups, including the Electronic Privacy Information Center, the Electronic Frontier Foundation (EFF) and the Center for Democracy and Technology (CDT) have expressed concern that government agencies are using the law to justify extensive surveillance of both foreign nationals and millions of Americans.
Several lawmakers too have expressed concerns over the lack of transparency in how the law is being used and have asked for more oversight.
The law has also garnered considerable attention in the European Union where privacy authorities have expressed concern over how it will affect European businesses that have their data hosted with U.S. cloud providers.
In a report released last fall before the law was reauthorized, European data regulators warned of how the law specifically targeted data of non-US individuals located outside the U.S. The scope of the surveillance authorized under the amended act goes beyond the interception of communications and covers any data in cloud environments as well, the report cautioned.
FISA "can be seen categorically as a much graver risk to EU data sovereignty than other laws hitherto considered by EU policy makers," the report said.
This article, Spy court OK'd all U.S. wiretap requests it received in 2012, was originally published at Computerworld.com.
Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at @jaivijayan or subscribe to Jaikumar's RSS feed. His e-mail address is firstname.lastname@example.org.