The following report on the FBI’s use of national security letters (NSL) from 2007-2009 was released in August by the Department of Justice.
A Review of the Federal Bureau of Investigation’s Use of National Security Letters: Assessment of Progress in Implementing Recommendations and Examination of Use in 2007 through 2009
- 232 pages
- August 2014
This review is a follow-up to three previous OIG reports concerning the FBI’s use of national security letter authorities. In our first and second NSL reports, issued in March 2007 and March 2008, the OIG found repeated instances of the FBI’s misuse of NSL authorities during 2003 through 2006. During our first NSL review we also discovered the FBI’s practice of issuing exigent letters and using other informal methods to obtain telephone records, instead of using NSLs or other legal process. We addressed these practices in a separate report issued in January 2010.
In this follow-up review, the OIG examined three topic areas. First, we assessed the current status of the FBI and the Department’s implementation of the recommendations made in our prior NSL reports, which covered the FBI’s use of NSLs during calendar years 2003 through 2006. Second, we examined the FBI’s use of NSLs during calendar years 2007, 2008, and 2009. This examination included an assessment of whether corrective measures taken by the FBI and the Department in response to the findings and recommendations of our first and second NSL reports resulted in improved compliance with NSL requirements. Third, we examined the current status of the FBI and the Department’s efforts to implement the recommendations made in our prior Exigent Letters Report.
We concluded that the FBI and the Department have devoted considerable resources toward implementing the recommendations made in our past reports and taking additional measures to improve the FBI’s compliance with NSL requirements. Our review demonstrated that these efforts have resulted in substantial improvement in NSL compliance.
We believe that the corrective measures that have had the greatest impact on the FBI’s compliance with NSL authorities are the development and consolidation of NSL policy and guidance in the Comprehensive NSL Guidance EC and later the DIOG; the mandatory training provided to NSL users and approvers; the implementation of the NSL subsystem; and the periodic inspections of NSL use by the FBI Inspection Division and the national security review teams.
We determined that the FBI and the Department have fully implemented 23 of 28 recommendations from our first and second NSL reports by creating new internal controls, providing guidance and training to FBI personnel, establishing new record-keeping practices, and conducting periodic reviews of NSL usage.
Nevertheless, five recommendations from our first and second NSL reports require additional effort and attention from the FBI to address the accuracy of information entered into the NSL subsystem and the FBI’s record-keeping practices. We will consider whether to close these recommendations after the FBI provides additional information or takes the additional steps described in more detail in Chapter Two.
Our review found that during 2007 through 2009 the FBI issued significantly fewer NSL requests than during 2003 through 2006. During 2007 through 2009, the FBI issued 111,144 NSL requests, with an annual average of 37,048. By comparison, the FBI issued approximately 51,051 NSLs per year between 2004 and 2006, and approximately 48,125 NSL requests per year between 2003 and 2006. The factors that may have contributed to the decrease in the FBI’s NSL use during 2007 through 2009 are not self-evident from the data we reviewed, though a few people at the FBI told us that because of increased scrutiny on NSL use agents employed alternative investigative tools when possible. The Department’s most recent semiannual classified reports to Congress indicate that the FBI’s use of NSLs returned to historically typical numbers after 2009.
We found that the vast majority of NSL requests issued during 2007 through 2009 sought telephone and electronic records under the ECPA. We also found that the FBI issued a majority of its NSL requests in furtherance of counterterrorism investigations and a significant number in furtherance of counterintelligence investigations. The FBI issued substantially fewer requests in furtherance of foreign computer intrusion cyber investigations.
Well more than half of the FBI’s NSL requests in 2007 through 2009 were generated from investigations of U.S. persons: 12,818, or 64 percent, in 2007; 18,447, or 74 percent, in 2008; and 13,515, or 63 percent, in 2009. This data indicates that the shift reported in our second NSL review toward more NSL requests generated from investigations of U.S. persons as compared to non-U.S. persons- from 39 percent in 2003 to 57 percent in 2006- continued in 2007 through 2009.