From the Congressional Research Service via Federation of American Scientists
Recent attention concerning National Security Agency (NSA) surveillance pertains to unauthorized disclosures of two different intelligence collection programs. Since these programs were publicly disclosed over the course of two days in June, there has been confusion about what information is being collected and what authorities the NSA is acting under. This report clarifies the differences between the two programs and identifies potential issues that may help Members of Congress assess legislative proposals pertaining to NSA surveillance authorities.
One program collects in bulk the phone records—specifically the number that was dialed from, the number that was dialed to, and the date and duration of the call—of customers of Verizon Wireless and possibly other U.S. telephone service providers. It does not collect the content of the calls or the identity of callers. The data are collected pursuant to Section 215 of the USA PATRIOT ACT, which amended the Foreign Intelligence Surveillance Act (FISA) of 1978....
The other program collects the electronic communications, including content, of foreign targets overseas whose communications flow through American networks. The Director of National Intelligence has acknowledged that data are collected pursuant to Section 702 of FISA. As described, the program may not intentionally target any person known at the time of acquisition to be located in the United States, which is prohibited by Section 702. Beyond that, the scope of the intelligence collection, the type of information collected and companies involved, and the way in which it is collected remain unclear. Section 702 was added by the FISA Amendments Act of 2008. Prior to the enactment of Section 702, FISA only permitted sustained domestic electronic surveillance or access to domestic electronically stored communications after the issuance of a FISC order that was specific to the target.