The FBI’s Electronic Surveillance Violations
The Washington Post reports that the FBI engaged in severe violations of the Electronic Communications Privacy Act between 2002 and 2006:
The FBI illegally collected more than 2,000 U.S. telephone call records between 2002 and 2006 by invoking terrorism emergencies that did not exist or simply persuading phone companies to provide records, according to internal bureau memos and interviews. FBI officials issued approvals after the fact to justify their actions.
E-mails obtained by The Washington Post detail how counterterrorism officials inside FBI headquarters did not follow their own procedures that were put in place to protect civil liberties. The stream of urgent requests for phone records also overwhelmed the FBI communications analysis unit with work that ultimately was not connected to imminent threats.
A Justice Department inspector general’s report due out this month is expected to conclude that the FBI frequently violated the law with its emergency requests, bureau officials confirmed.
ECPA allows the FBI to issue National Security Letters (NSLs) to obtain information from communications service providers. I’ve criticized NSLs in the past for providing too minimal a protection of privacy: “A NSL is a demand letter issued to a particular entity or organization to turn over various record and data pertaining to individuals. They do not require probable cause, a warrant, or even judicial oversight. They also come with a gag order, preventing the recipient of the letter from disclosing that the letter was ever issued. Compliance is mandatory.”
Apparently, the FBI found NSLs to be too cumbersome because they required an open case, so they devised a work-around. According to the Washington Post:
The USA Patriot Act expanded the use of national security letters by letting lower-level officials outside Washington approve them and allowing them in wider circumstances. But the letters still required the FBI to link a request to an open terrorism case before records could be sought.
Shortly after the Patriot Act was passed in October 2001, FBI senior managers devised their own system for gathering records in terrorism emergencies.
A new device called an “exigent circumstances letter” was authorized. It allowed a supervisor to declare an emergency and get the records, then issue a national security letter after the fact.
Over at the Volokh Conspiracy, Orin Kerr has a thoughtful post about the issue. He posits some circumstances in which the FBI may have not been violating the law, and his theories seem plausible to me since we need more facts. Nevertheless, at this point, I’m growing tired of giving the government the benefit of the doubt. These problems are indicative of a general trend in various government agencies during the Bush Administration to either concoct various end-runs around the law or ignore it entirely.
The lessons of the aftermath of September 11th indicate the following: (1) the existing electronic surveillance laws were poorly understood; (2) these laws were not as nimble and pro-security as many Executive Branch officials would have liked; (3) despite various provisions in these laws to protect privacy, they were often ignored or not adequately followed.
There’s clearly a larger problem at play here — our electronic surveillance laws aren’t working very well if the goal is to keep the government under control during times of crisis (when these laws are most fervently needed).