FBI Misused Patriot Act On U.S. Citizens, Internal Probe Finds
Several of the probes requested were for non-U.S. residents although their files stated that the targets were believed to be legally residing in the United States.
The FBI abused the USA Patriot Act to illegally obtain personal information about U.S. citizens and request information from telecom and financial businesses, according to a government report released Friday.
An audit by the U.S. Department of Justice's Office of Inspector General found agents improperly used national security letters to gain telephone subscriber information from specific institutions, including telecom carriers, banks, and credit card companies. Some of the letters were signed by people who were not authorized to sign them, according to the report. The probe also said the FBI had sought subpoenas for phone billing records when it had not and collected personal information not associated with any investigation.
In addition to overstepping its authority, the FBI misreported its use of the letters while improperly documenting justification and frequency of use, according to the 199-page report titled A Review Of The Federal Bureau Of Investigation's Use Of National Security Letters.
Speaking before the International Association of Privacy Professionals Privacy Summit in Washington on Friday, Attorney General Alberto Gonzales commented that he was deeply concerned about what has been revealed in the inspector general's report.
"Failure to adequately protect information privacy is a failure to do our jobs," Gonzales said. "And although I believe the kinds of errors we saw here were due to questionable judgment or lack or attention, not intentional wrongdoing, I want to be very clear: There is no excuse for the mistakes that have been made, and we are going to make things right as quickly as possible."
Members of Congress immediately announced plans to hold hearings, as well as plans to introduce legislation that would rein in federal investigators' powers.
The Patriot Act of 2001 expanded FBI agents' power to request information from Internet service providers, telecommunications companies, banks, and other institutions using what it calls national security letters to follow up on suspicions of terrorism or espionage. The documents are used by the FBI instead of the traditional subpoena process, which requires agents to obtain written permission from a judge.
In 2000, the FBI issued 8,500 national security letter requests for information. In 2003, it issued 39,000. In 2004, it issued 56,000. The number declined slightly after that, to 47,000 in 2005, the most recent year tracked in the report. The report pointed out that many letters contain more than one request for information.
The number of letters focusing on people inside the United States increased from about 39% of all letters in 2003 to about 53% in 2005. However, inspectors said they found 17% more letters and 22% more requests for letters in FBI files than had been recorded in the databases they reviewed.
The FBI databases had also indicated in several cases that the targets of investigator's probes were non-U.S. residents, although the files stated that the targets were believed to be legally residing in the United States.
The public report redacted percentages that focused on telephone billing records, subscriber information, and e-mail information but stated that the majority of requests related to phone and e-mail activities and records.
Roughly three-quarters of the letters sprang from instances of suspected terrorism, and about one-quarter targeted instances of suspected espionage. The FBI does not have to meet traditional thresholds for providing evidence to justify gathering personal information through national security letters, but it is required to comply with federal laws relating to privacy as well as its own internal policies. It is also required to record and report on its overall use of the letters.
While the report points out that the FBI has made some changes to improve controls, it also states that investigators outside the FBI have been able to access some of the information because of improper data storage.
The report received an immediate reaction from both political parties in Congress. Sen. Patrick Leahy, D-Vt., joined Sen. Arlen Specter, R-Pa., to call for a thorough investigation.
"National security letters are a powerful tool, and when they are misused they can do great harm to innocent people," Leahy said. "The government expects Americans to follow the law, but the American people also have a right to expect that the government follows the law."
Leahy said that reporting requirements Congress added to the Patriot Act should prevent the violations from continuing, but he will hold hearings to find out more about past violations.
The Business of Going DigitalDigital business isn't about changing code; it's about changing what legacy sales, distribution, customer service, and product groups do in the new digital age. It's about bringing big data analytics, mobile, social, marketing automation, cloud computing, and the app economy together to launch new products and services. We're seeing new titles in this digital revolution, new responsibilities, new business models, and major shifts in technology spending.
What The Business Really Thinks Of IT: 3 Hard TruthsThey say perception is reality. If so, many in-house IT departments have reason to worry. InformationWeek's IT Perception Survey seeks to quantify how IT thinks it's doing versus how the business views IT's performance in delivering services - and, more important, powering innovation. The news isn't great.