The former chief judge of the Foreign Intelligence Surveillance Act court said Monday that judges of the secretive US court, whose workings have been a concern to EU privacy advocates and judges, frequently push back on surveillance requests by US intelligence agencies, requiring them to modify their tracking requests.
The former chief judge of the Foreign Intelligence Surveillance Act court said Monday that the US court, whose workings have been a concern to EU privacy advocates and judges, is not a “rubber stamp” for the tracking requests of US intelligence agencies.The 11 federal judges appointed by the Chief Judge of the US Supreme Court frequently push back on intelligence agency requests to gather data about espionage or terrorism suspects, said US District Judge James Boasberg, a former FISA court presiding judge, in a rare public discussion of the court at a leading privacy conference* in Washington.
FISA court judges require intelligence agencies to modify or pare back about one in five data requests, said Boasberg, who is currently the chief judge of the US District Court for the District of Columbia.
“I think that — and the big criticism ... when I joined the court, was that it was a rubber stamp,” Boasberg said, adding that wasn’t true.
“We look carefully at the applications. We modify that if there's not enough explanation — ‘How do we know that target is going to use this computer, as opposed to his wife?’ ‘How do we know that this wasn't an innocent contact?’ ‘Give us more information,’” Boasberg said. “So, the statistics are that about 20 percent of applications are required to be modified before they are approved.”
The proceedings of the FISA court have been an issue in the ongoing legal challenges to the commercial trans-Atlantic data transfers of Europeans’ personal data to servers in the United States, with worries about privacy violations by US intelligence agencies driving much of the legal opposition in Europe.
In the “Schrems II” decision in 2020**, EU judges said that US law doesn’t provide an “adequate” level of personal data protection in line with the EU’s own rules, mainly because it doesn’t restrict US intelligence authorities’ access to transferred data and fails to ensure effective remedies for individuals whose data are transferred. The court thus invalidated the main EU-US data-transfer mechanism, known as Privacy Shield (see here).
The trans-Atlantic data transfer system that replaced Privacy Shield, the EU-US Data Privacy Framework (see here), created a new court within the US Department of Justice to provide redress to Europeans’ privacy complaints or violations.
Boasberg has recently been in the public limelight like few other federal judges, including overseeing the US Federal Trade Commission’s antitrust case against Meta Platforms (see here) and a battle with President Donald Trump over an immigration issue for which the president said he should be impeached. The episode forced John Roberts, the chief justice of the US Supreme Court, to issue a statement in Boasberg’s defense.
Boasberg served on the FISA court from 2014 to 2021, taking over as presiding judge at the start of 2000.
“I think it's a whole lot less secret than it was,” Boasberg said of the FISA court, noting that it now has a website that lists the current 11 judges who serve on it (see here).
“In my time on the court, there were more opinions published than had been previously,” Boasberg said. But he added that most rulings of the court are basic decisions about whether to grant a specific surveillance request from an intelligence agency.
“If the government comes to me and says, ‘We want to surveil this guy because we think he's a spy,’ they submit all the material, and I'm just signing off. I'm not writing an opinion explaining, yes, there's probable cause,” Boasberg said. “And so it's not much there to be published.
Following the Schrems II decision in 2020, the European Data Protection Board said in draft recommendations that supplementary measures are “especially needed” when a country’s law “imposes on the data importer obligations which are contrary to the safeguards” of the transfer tool that the exporter has chosen.
An example of such an obligation is Section 702 of FISA, which allows US authorities to target persons located outside the US, though they can only target US citizens abroad or a person located in the US with the approval of the FISA court.
“It's really on programmatic surveillance that the government might be engaging in, or under Section 702, that the judges will end up writing opinions,” Boasberg said. “And again, I think more have been published than was the case previously.”
Boasberg spoke on a panel with US District Judge Allison Burroughs of the District of Massachusetts about privacy and AI issues in the federal courts — one of the rare times when federal judges talk about privacy issues in a public setting, though they did not discuss individual cases.
Both judges agreed that technology is running far ahead of the ability of US laws to regulate it.
The law “is not keeping up. It never has kept up, and it never will keep up,” Burroughs said.
One example Burroughs noted is pen register laws, which allowed law enforcement or intelligence services to monitor the number a person was dialing on a landline telephone.
“There's no specific legislation on cell site locators. So you're taking the pen register statute and trying to extrapolate to cell sites,” she said. “If you put a location device on somebody's car, is that a search? Is it not a search? The back of your car is accessible to the public, right? So if you stick a locator on that, is that a search? Maybe it's not a search, but it is a huge invasion of somebody's privacy to see where their car goes, right?”
“You talk about statutes being outpaced by the law; what's the basis of all this search and surveillance in the first place?” Boasberg said. “The Fourth Amendment, and you know when that was written.”
*IAPP Global Summit 2026: Privacy-AI Governance, Washington, DC, March 30-April 2, 2026.
**Corrected at 22:02 GMT on March 30, 2026: Corrects date of Schrems II decsion. It was 2020, not 2000.
Please email editors@mlex.com to contact the editorial staff regarding this story, or to submit the names of lawyers and advisers.