At the end of 2017, one of the NSA’s most important legal powers is set to expire. Section 702 of the FISA Amendments Act gives the director of national intelligence and attorney general the authority to target anyone outside the US for surveillance, but that authority has to be reauthorized by Congress every few years. With old congressional allies like Dianne Feinstein newly skeptical of the NSA — and President Trump openly feuding with the intelligence community — surveillance reformers are seeing their best chance in years to make real changes to the US surveillance apparatus.

And yet, just two months away from the renewal deadline, the options for reform are already narrowing. There are three bills working their way through Congress (there’s a good comparison here), but one of them takes reauthorization as a chance to expand, not curtail, the NSA’s power. After a closed-door markup, the Senate Intelligence Committee released a reauthorization bill this morning that would codify backdoor searches, along with the “about” collection that the NSA supposedly discontinued earlier this year. Even where reformers can make progress, they’re limited to specific collection and search practices, and seriously hindered by NSA secrecy.

WHAT’S AT STAKE IN 702 REAUTHORIZATION Backdoor searches Intentionally or not, the NSA collects a lot of messages sent to and from US citizens — and right now, it’s allowed to search that database for US citizens with just a rubber stamp from the FISA court. But two of the three 702 renewal proposals would tighten that process, requiring a judicial warrant for any query involving US citizens. “About” collection In theory, the NSA collects information in order to monitor foreign intelligence targets, not Americans. But for years, the agency collected emails and other communications that sent between US citizens that were about a target. (Say, if you sent your friend wrote an email that mentioned Osama bin Laden.) The Goodlatte-Conyers and Wyden-Paul bills make the practice explicitly illegal, although another sponsored by Burr would open the door for that collection to start up again. Target notification Groups like the ACLU have been trying for years to challenge the NSA in court, but without clear proof that a person was targeted, it’s been extremely difficult to prove standing. According to the existing 702 language, the NSA has to provide notice to targets any time their information is used in a proceeding, but those notifications have been extremely rare in practice. If a stronger requirement makes it into law, it would give reformers a powerful new tool for reining in the NSA.

The broad problem is a familiar one: the NSA is using foreign surveillance systems to spy on Americans. The FISA Act was meant for targeting non-US citizens, just like the NSA was meant to collect foreign intelligence — but those restrictions have become almost meaningless. As the NSA sweeps up emails and web traffic in bulk, countless Americans end up in the agency database. (Literally countless: the NSA refuses to give Congress even a broad estimate.) All that’s needed to search the database is a rubber stamp approval from the FISA court.

In the years since the Snowden leaks, researchers have started to map out the various loopholes that let it happen — and figure out how to close them where possible. It’s an exhausting list: upstream collection (i.e., cable tapping) and downstream collection (i.e., PRISM), along with backdoor searches and frontdoor searches. Some surveillance is justified under the FISA Amendments Act (specifically section 702), but the Patriot Act is cited by others (specifically section 215), and in the background is executive order 12333, a pre-internet directive that’s become a kind of catchall for surveillance authorization.

In most cases, the end result is the same: more data for the NSA. “It’s become this kabuki dance of surveillance,” says Thomas Drake, a former NSA executive who has become one the agency’s fiercest critics. “Which mask do we wear today? Which authority are we going to use?”

One of the main targets for reform is the practice known as a backdoor search. Even though US citizens aren’t supposed to be targeted for collection, there are no restrictions on searching the NSA’s database for US communications that have already been swept up. Once you’ve found that data, there are few restrictions on sharing it with the FBI and other law enforcement, who can admit it into evidence in court at their own discretion. The result is a clear path for using NSA surveillance to prosecute everyday domestic crimes — all without a warrant.

Elizabeth Goitein, who co-directs the Brennan Center’s Liberty and National Security program, says the practice stands out as a clear violation of the Fourth Amendment’s warrant requirement. “The two things that make section 702 constitutional, according to the courts, are that the government has a foreign intelligence purpose for the collection and that its only targets are foreigners are overseas,” Goitein says. “So allowing the government to go looking for Americans communications to use against them in cases that have nothing to do with foreign intelligence is insane.”

If reformers like Goitein have made progress on reining in the NSA, it’s because they’ve known what to look for — but that information is still in short supply. Three years after the Snowden leaks, the NSA still refuses to give the most basic information about its systems for collection and search, even in classified briefings to Congress. For six years, Sen. Ron Wyden (D-OR) has been asking the NSA for an estimate of the number of Americans swept up in what the agency calls “incidental collection,” a request that was echoed by Rep. Bob Goodlatte (R-VA) asked earlier this year. Neither member has gotten an answer, and questions about the number of backdoor searches have been met with the same silence.

“One of the frustrating things is that Congress is being asked to vote on this authority in the dark,” says the Neema Singh Guliani, who issued similar requests with the ACLU. “We don’t have basic information on these programs. And when I say ‘we,’ that’s not just the public, but also members of Congress.”

That secrecy puts reform efforts in a difficult place. Like the Patriot Act renewal in 2015, this year’s fight over 702 will close the NSA’s most egregious legal loopholes, but even the best scenario leaves other loopholes open. Even worse, it’s likely there are other techniques and legal habits that have never been seen outside NSA headquarters. Is the NSA using the FISA court to compel companies to help break their own encryption, as some have suggested? We don’t have any hard evidence that it’s happening, but with similar provisions popping up in a recent bill, it’s hard to dismiss. Unless the NSA starts opening up to Congress, it might take another Snowden to know for sure.

“We don’t have the necessary transparency to know if it’s true,” says Goitein. “If such a thing were to happen, how would we know?”