Section 702 of the Foreign Intelligence Surveillance Act expires April 20, 2026, and Congress has no consensus on what replaces it. The deeper problem is that AI surveillance tools have already outpaced the law, operating in a legal void the 2008 statute never addressed.
AI Surveillance Outpaced the Law
Here is what changed since 702 was written in 2008: everything about how data gets processed.
The core problem breaks into three layers. First, AI-driven systems now cross-reference communications, metadata, and behavioral signals simultaneously, processing orders of magnitude more data than 2008-era systems ever touched. Second, the “incidental collection” loophole, originally a minor edge case, now sweeps up vast volumes of U.S. person data when AI casts wider analytical nets. Third, and most critically: FISA regulates collection. It says nothing about AI-generated analysis of that collected data. An algorithm building a behavioral profile of a U.S. person from incidentally collected fragments operates in a legal void.
The statute was not designed to fail. It was designed for a world where human analysts manually queried databases. AI did not stretch 702. It rendered the statute’s core assumptions functionally obsolete.
Civil Liberties Groups Play Offense
The expiration handed privacy advocates their strongest legislative position in years. The bipartisan Government Surveillance Reform Act of 2026 requires warrants for viewing Americans’ incidentally collected data and blocks agencies from purchasing data that would otherwise require a warrant. That last provision closes the commercial data broker loophole that intelligence agencies have used to sidestep Fourth Amendment constraints. Three bipartisan Senate working groups have now convened specifically to draft AI surveillance frameworks, representing more legislative energy on this issue than the previous five years combined.
