[House Hearing, 110 Congress]
[From the U.S. Government Publishing Office]
THE INSPECTOR GENERAL'S INDEPENDENT REPORT ON THE FBI'S USE OF NATIONAL
SECURITY LETTERS
=======================================================================
HEARING
BEFORE THE
COMMITTEE ON THE JUDICIARY
HOUSE OF REPRESENTATIVES
ONE HUNDRED TENTH CONGRESS
FIRST SESSION
__________
MARCH 20, 2007
__________
Serial No. 110-21
__________
Printed for the use of the Committee on the Judiciary
Available via the World Wide Web: http://judiciary.house.gov
______
U.S. GOVERNMENT PRINTING OFFICE
34-175 WASHINGTON : 2007
_____________________________________________________________________________
For Sale by the Superintendent of Documents, U.S. Government Printing Office
Internet: bookstore.gpo.gov Phone: toll free (866) 512-1800; (202) 512�091800
Fax: (202) 512�092250 Mail: Stop SSOP, Washington, DC 20402�090001
COMMITTEE ON THE JUDICIARY
JOHN CONYERS, Jr., Michigan, Chairman
HOWARD L. BERMAN, California LAMAR SMITH, Texas
RICK BOUCHER, Virginia F. JAMES SENSENBRENNER, Jr.,
JERROLD NADLER, New York Wisconsin
ROBERT C. SCOTT, Virginia HOWARD COBLE, North Carolina
MELVIN L. WATT, North Carolina ELTON GALLEGLY, California
ZOE LOFGREN, California BOB GOODLATTE, Virginia
SHEILA JACKSON LEE, Texas STEVE CHABOT, Ohio
MAXINE WATERS, California DANIEL E. LUNGREN, California
MARTIN T. MEEHAN, Massachusetts CHRIS CANNON, Utah
WILLIAM D. DELAHUNT, Massachusetts RIC KELLER, Florida
ROBERT WEXLER, Florida DARRELL ISSA, California
LINDA T. SANCHEZ, California MIKE PENCE, Indiana
STEVE COHEN, Tennessee J. RANDY FORBES, Virginia
HANK JOHNSON, Georgia STEVE KING, Iowa
LUIS V. GUTIERREZ, Illinois TOM FEENEY, Florida
BRAD SHERMAN, California TRENT FRANKS, Arizona
ANTHONY D. WEINER, New York LOUIE GOHMERT, Texas
ADAM B. SCHIFF, California JIM JORDAN, Ohio
ARTUR DAVIS, Alabama
DEBBIE WASSERMAN SCHULTZ, Florida
KEITH ELLISON, Minnesota
[Vacant]
Perry Apelbaum, Staff Director and Chief Counsel
Joseph Gibson, Minority Chief Counsel
C O N T E N T S
----------
MARCH 20, 2007
OPENING STATEMENT
Page
The Honorable John Conyers, Jr., a Representative in Congress
from the State of Michigan, and Chairman, Committee on the
Judiciary...................................................... 1
The Honorable Lamar Smith, a Representative in Congress from the
State of Texas, and Ranking Member, Committee on the Judiciary. 2
The Honorable Jerrold Nadler, a Representative in Congress from
the State of New York, and Member, Committee on the Judiciary.. 4
The Honorable Trent Franks, a Representative in Congress from the
State of Arizona, and Member, Committee on the Judiciary....... 5
The Honorable Robert C. Scott, a Representative in Congress from
the State of Virginia, and Member, Committee on the Judiciary.. 6
The Honorable J. Randy Forbes, a Representative in Congress from
the State of Virginia, and Member, Committee on the Judiciary.. 6
WITNESSES
Mr. Glenn A. Fine, Inspector General, U.S. Department of Justice
Oral Testimony................................................. 7
Prepared Statement............................................. 10
Ms. Valerie Caproni, General Counsel, Federal Bureau of
Investigation
Oral Testimony................................................. 215
Prepared Statement............................................. 219
APPENDIX
Material Submitted for the Hearing Record
Prepared Statement of the Honorable Sheila Jackson Lee, a
Representative in Congress from the State of Texas, and Member,
Committee on the Judiciary..................................... 272
Prepared Statement of the Honorable Linda T. Sanchez, a
Representative in Congress from the State of California, and
Member, Committee on the Judiciary............................. 279
Response to Post-hearing questions from Glenn A. Fine, Inspector
General, U.S. Department of Justice............................ 281
Post-hearing questions posed to Valerie Caproni, General Counsel,
Federal Bureau of Investigation, from Chairman John Conyers,
Jr............................................................. 286
Letter from Richard C. Powers, Assistant Director, Office of
Congressional Affairs, Federal Bureau of Investigation......... 289
Prepared Statement of Caroline Frederickson, Director, Washington
Legislative Office, American Civil Liberties Union (ACLU)...... 290
Letter requesting additional information submitted to Valerie
Caproni, General Counsel, Federal Bureau of Investigation...... 295
Press release by the Department of Justice from March 9, 2007,
submitted by the Honorable Howard Coble, a Represenative in
Congress from the State of North Carolina, and Member,
Committee on the Judiciary..................................... 297
Article entitled ``Official Alerted F.B.I. to Rules Abuse 2 Year
Ago, Lawyer Says,'' The New York Times, submitted by the
Honorable John Conyers, Jr..................................... 299
THE INSPECTOR GENERAL'S INDEPENDENT REPORT ON THE FBI'S USE OF NATIONAL
SECURITY LETTERS
----------
TUESDAY, MARCH 20, 2007
House of Representatives,
Committee on the Judiciary,
Washington, DC.
The Committee met, pursuant to notice, at 9:40 a.m., in
Room 2141, Rayburn House Office Building, the Honorable John
Conyers, Jr. (Chairman of the Committee) presiding.
Present: Representatives Conyers, Berman, Boucher, Nadler,
Scott, Watt, Lofgren, Jackson Lee, Waters, Delahunt, Sanchez,
Cohen, Johnson, Schiff, Davis, Wasserman Schultz, Ellison,
Smith, Sensenbrenner, Coble, Goodlatte, Chabot, Lungren,
Keller, Issa, Forbes, King, Feeney, Franks, and Gohmert.
Staff Present: Perry Apelbaum, General Counsel and Staff
Director; Robert Reed, Oversight Counsel; Joseph Gibson,
Minority Chief Counsel; Caroline Lynch, Minority Counsel; Ameer
Gopalani, Majority Counsel.
Mr. Conyers. Good morning. The Committee will come to
order.
We are here for a hearing on the Inspector General's
Independent Report on the FBI's Use of National Security
Letters.
Nearly 6 years ago, in the immediate aftermath of September
11th, the Department of Justice told us that they needed
significantly enhanced authority, while promising the Members
of this Committee in no uncertain terms that these new tools
would be carefully and appropriately used. Two years ago, when
the PATRIOT Act was reauthorized, they promised us there was
not a single instance in which the law had been abused.
Now, to underscore the importance of the reasons that we
are holding this hearing, many of us remember the times in the
past when the power of our Government has been abused. One war
led to the suspension of Habeas Corpus; in another war, the
notorious Palma raids; in World War II, the internment of
Japanese Americans; in the Vietnam War, secret spying and enemy
lists. In my view, we are now in a period where we risk a
continuation of these deplorable acts and effect genuine harm
to the Constitution and to the rule of law.
One week ago, the Inspector General told us that the exact
opposite was true of the promise that had been made that there
was not a single instance, when the PATRIOT Act was being
reauthorized, that the law had been abused.
One tool in particular, the National Security Letters,
essentially secret subpoenas issued without any court review,
was used repeatedly to invade the privacy of law-abiding
Americans outside the law and proper legal process. This was a
serious breach of trust. The Department had converted this tool
into a handy shortcut to illegally gather vast amounts of
private information while at the same time significantly
underreporting its activities to Congress. We learned that the
number of National Security Letter requests had increased from
8,500 in the year 2000 to in excess of 143,000 from the 3-year
period between 2003 and 2005. The Department of Justice
consistently provided inaccurate information to Congress
concerning the National Security Letters, failing to identify
at least 4,600 security letter requests to us. The security
letters were routinely issued without proper authorization and
outside statutory and regulatory requirements.
The Inspector General found that more than 60 percent of
the investigatory files they looked at included one or more
violations of FBI policy; but worse, the Inspector General
found even more widespread abuses concerning the so-called
Exigent Letters: that is, emergency requests for telephone and
other data. An Exigent Letter, as opposed to a National
Security Letter is meant to obtain information in an extreme
emergency like a kidnapping when the Bureau has already sought
subpoenas for the requested information. But the FBI issued
these letters in nonemergencies as a means to bypass the
requirements of the National Security Letter procedure, and so,
as if it were not troubling enough, in many instances, the
Bureau attempted to issue after the fact National Security
Letters to cover their tracks on their use of Exigent Letters.
The Inspector General specifically found that the Exigent
Letters were ordinarily issued when there was no emergency
present and very often when there was not even a pending
investigation. More often than not, the letters were issued
based on promises that subpoenas were in the process of being
issued, when that was not the case and even though some
subpoenas were never issued at all.
The Federal Bureau of Investigation made numerous factual
misstatements in the letters which were frequently issued in
violation of the statute as well as the Attorney General and
FBI guidelines. The recordkeeping was so poor that it was
impossible for the IG to document how and why all of these
problems occurred, and what disturbs me most is that the abuse
and misuse of these security letters is not an isolated
instance. It appears to be a part of a pattern in which the
Department of Justice has violated not only our trust but the
very laws which they are charged with enforcing, and so from
the approval of the notorious torture memos to warrantless,
illegal surveillance to the wrongful smearing of able U.S.
Attorneys, this Department of Justice has squandered its
reputation for independence and integrity. The Attorney General
needs to understand that with power comes responsibility and
with authority must come accountability.
I would like now to turn to the distinguished gentleman
from Texas, the Ranking Member of this Committee, Mr. Lamar
Smith.
Mr. Smith. Thank you, Mr. Chairman.
Mr. Chairman, I appreciate your holding this hearing on the
Inspector General's report on the FBI's use of National
Security Letters. The Inspector General should be commended for
conducting a thorough audit as directed by Congress and the
PATRIOT Act reauthorization. The report raises concerns as to
the FBI's internal recordkeeping and guidelines for the use of
NSLs and terrorism and espionage investigations. It is clear
from the report that these deficiencies are the result of the
poor implementation and administration of National Security
Letter authority. In other words, the problem is enforcement of
the law, not the law itself. Timely corrected measures by the
FBI and effective oversight by the Justice Department and
Congress will ensure proper use of this important law.
The Inspector General's report found that the FBI's
database for tracking NSLs significantly underestimated the
number of NSL requests, resulting in inaccurate reports to
Congress on the FBI's use of NSLs. From 2003 to 2005, the FBI
issued a total of 143,074 NSLs. This compares to 739 Exigent
Letters to three telephone companies issued contrary to
national security investigation guidelines. The Exigent Letters
represent 1/200th of the National Security Letters issued.
Although the use of these unauthorized letters is
disconcerting, the FBI discontinued this practice last year.
The Inspector General makes two other very important findings.
First, there is no evidence that anyone at the FBI intended
to violate the law or internal policy. This is a significant
finding because it confirms that FBI agents acted in good faith
and sought to comply with the law even as they worked under
severe time constraints and with an urgent desire to thwart
terrorist activities.
Second, as detailed by the Inspector General, NSLs are a
critical tool in fighting terrorism and in keeping our country
safe. The information acquired through NSLs is valuable to
international terrorism and espionage investigations and has
allowed the FBI and intelligence agencies to identify
terrorists and spies, the sources of their financing and their
plans to attack or harm our national security.
In addition, the FBI shares important information gathered
through NSLs with other intelligence agencies, joint terrorism
task forces and State and local law enforcement agencies. To do
their job, the FBI must be able to collect important
information about suspected terrorist and spies while complying
with the law and freely share such information with key
partners.
In response to extensive oversight efforts conducted last
Congress, the PATRIOT Reauthorization Act added critical new
safeguards. For instance, an NSL recipient can challenge the
request in court. Nondisclosure orders require supervisory
approval, and the recipient may disclose the NSL to an
attorney. I applaud the Administration's response to the
Inspector General's report and expect the Administration to
follow through on its promise to act quickly to remedy the
deficiencies identified by the Inspector General.
Mr. Chairman, on September 11, 2001, the United States was
attacked. More than 3,000 people lost their lives. Members of
Congress overwhelmingly approved important new counterterrorism
tools for our Nation's law enforcement personnel and updated
existing authorities to meet the terrorist threat. We must
continue to demonstrate responsible leadership on the NSLs and
other important national security issues. Of course, we need to
be vigilant to make sure these problems are fixed, that the
Inspector General's recommendations are implemented and that
our civil liberties and privacy are protected.
Mr. Chairman, I yield back the balance of my time.
Mr. Conyers. I thank the gentleman for his statement.
I would like now to recognize the Chairman of the
Constitution Subcommittee, Jerry Nadler, for 2\1/2\ minutes.
Mr. Nadler. I thank the Chairman. I would like to thank
Chairman Conyers for holding this important hearing on the FBI
abuses of National Security Letters.
We are here today in response to the Department of Justice
Inspector General report that found widespread abuses of the
FBI's authority to issue National Security Letters. An NSL can
be issued to a third party such as a health insurance company
or an Internet service provider, ordering them to reveal all of
their information about you and your transactions, and the
third party is prohibited from telling you or anyone else about
the order. That is the so-called ``gag order provision'' so you
cannot object to an NSL directed at your information in court
as you could to a subpoena, because you do not know about it
and the third party may have no interest in going to court to
protect your rights or your privacy.
While last year's reauthorization of the PATRIOT Act did
make some changes to the NSL provisions, these changes were
essentially meaningless. For example, the court is now
authorized to modify and set aside the gag order only if it
finds there is no reason to believe that disclosure would
endanger national security, diplomatic relations or anyone's
life or safety, but the court must accept the Government's
assertion of harm as conclusive, so this protection is
meaningless.
Some of us had predicted that the unrestricted authority of
the FBI to issue NSLs would be abused, and unfortunately, our
worst fears have now been realized. The IG's NSLs have been
used by the FBI to collect and retain private information about
American citizens who are not reasonably suspected of being
involved in terrorism. During the last Congress, we predicted
that unchecked power would lead to rampant abuse. That is why I
proposed the Stop Self-Authorized Secret Searches Act 2 years
ago. This bill would have restored some pre-PATRIOT Act
provisions that an NSL could not be issued unless the FBI made
a factual, individualized showing that the records sought
pertained to a suspected terrorist or spy. It would have given
the recipient of a National Security Letter an opportunity to
obtain legal counsel, the right to challenge the letter and the
nondisclosure requirement, a real right to challenge it. It
would have given notice to the target of the NSL if the
Government later seeks to use the records obtained from the NSL
against him or her in a subsequent proceeding. It would have
given the target an opportunity to receive legal counsel and
challenge the use of those records.
The bill would also have authorized the FBI to obtain
documents that it legitimately needs while protecting the
privacy of law-abiding American citizens.
The abuses by the DOJ and by the FBI have proven that these
legislative fixes are a necessary check on the investigatory
power. We do not trust Government always to be run by angels,
especially not this Administration. It is not enough to mandate
that the FBI fix internal management problems in recordkeeping
because the statute itself authorizes the unchecked selection
of information on innocent Americans. Congress must act now to
fix the statute authorizing the abuses revealed in the IG
report and to hold those responsible for these abuses and
violations accountable.
Thank you. I yield back.
Mr. Conyers. Thank you.
The Chair recognizes the distinguished gentleman from
Arizona, the Ranking minority Member of the Constitution
Subcommittee, Trent Franks, for 2\1/2\ minutes.
Mr. Franks. Well, thank you, Mr. Chairman.
Mr. Chairman, today our task is a vital one, to check and
balance our sister branch of Government through oversight and
to ensure citizens' rights are being properly safeguarded.
Today's subject is somewhat delicate because we must all walk a
fine line. In our great and critical responsibility to prevent
jihadist attacks upon American citizens, we must also be
careful to strike the proper balance between vigilance and
fighting the enemy on the one side of the scales and the
preservation of citizens' rights on the other.
The report of the Inspector General's that we review today
is hopeful. We see that, while there are human imperfections in
the FBI's operation, there is an overall finding that the FBI
is, indeed, carrying out its duties responsibly, there being no
evidence of any intentional or deliberate act to violate the
law. The NSLs are performing their vital function as a valuable
tool in national security investigations.
To put today's hearing in perspective, we should keep in
mind that the issuance of NSLs under the PATRIOT Act is a
relatively new process given that the PATRIOT Act is only a few
years old and that this new use of NSLs will necessarily
require a careful examination of their best and most
appropriate use in this early period. Certainly, we will have
to work out the kinks given that we are most likely in the
business of fighting terror for a long time to come.
While the FBI's practices have had their shortcomings, it
appears that these are problems that can be easily resolved,
and this is good news. Many of the issues that we must review
today are administrative in nature and, to some extent,
unavoidable. Government is a human institution, and it is
therefore by definition imperfect. Those of us who have run
corporations know that a perfect audit is a very rare
occurrence, particularly on the first go-around.
Most businesses do internal audits, perhaps many, many
internal audits, to discover where human judgment has fallen
short and where to improve before being audited by an outside
source. This is an arduous but necessary task and one that I
hope we do well here today and prospectively. The FBI has vowed
that it will make all of the adjustments that Mr. Gonzalez and
Ms. Caproni have recommended. We look forward to the
realization of this goal.
With that, I thank the witnesses for joining us today, and
we look forward to hearing your testimony.
Thank you, Mr. Chairman.
Mr. Conyers. Thank you.
The Chair recognizes the distinguished gentleman from
Virginia, Bobby Scott, Chairman of the Crime Subcommittee, for
2\1/2\ minutes.
Mr. Scott. Thank you, Mr. Chairman.
Mr. Chairman, we all believe that it is important to be
aggressive in fighting terrorism and also aggressive in
maintaining privacy and freedoms, and I do not believe we
should operate on the premise that we always have to give up
freedom in order to obtain security, but for us to provide
appropriate oversight we have to have accurate information.
Unfortunately, there are indications that we have received
clearly inaccurate reports after the significant use of secret,
invasive processes that do not appear to be necessary to
advance terrorism-related investigations. Whether it is a
secret NSA wiretapping in violation of the FISA law or the
inappropriate use of the National Security Letters, we are
discovering that what is actually occurring is quite different
from what we were being told, and we cannot evaluate the
ongoing need for NSA letters without accurate information.
There is also a clear indication of intentional misuse of
the word ``exigent'' letters to telephone companies as
emergency information when in fact no emergency existed.
Somebody obviously knew that was a problem that would affect
reports to Congress and oversight boards, and we need to find
out who these people are. With these disturbing indications,
Mr. Chairman, I hope the testimony of the witnesses today will
reveal who is responsible for these abuses and who should be
held accountable for false reports to Congress.
Thank you, Mr. Chairman. I yield back.
Mr. Conyers. Thank you so much.
Another Virginian, the Ranking minority Member of the Crime
Subcommittee, Mr. Randy Forbes.
Mr. Forbes. Mr. Chairman, I would like to thank you and the
Ranking Member, Congressman Smith, for holding this important
hearing today, and also for our witnesses for being here.
You know, the subject matter of this hearing makes for
great theater, but when the show is over we have the task of
finding the facts and making sure the proper balance is struck
and implemented to protect our citizens. That we will do, and
hopefully, we will do it without the negativism and the
emotionalism that seems so prevailing in public policy today.
Pounding our fists makes great sound bites, but does not stop
terrorists or protect the privacy rights of our citizens.
It is clear that National Security Letters are important
tools in international terrorism and espionage investigations
conducted by the FBI. The Inspector General's report, which
details the audit of 77 case files in four field offices, shows
a disturbing pattern. In 60 percent of those cases, the FBI's
files were found to be in violation of the FBI's internal
control policies for issuing National Security Letters. While
the audit conducted concluded that there was no evidence of any
intentional or deliberate act to violate the law, it is also
clear that changes need to be made to the FBI's procedures so
that they reflect the scope and intent of the law rather than
the evolution of general practice.
I look forward to hearing from the FBI about what
procedures were in place during the time of the Inspector
General's audit and how, given the inadequacies identified by
the Inspector General, the FBI plans to correct these.
Mr. Chairman, I yield back the balance of my time.
Mr. Conyers. Thank you.
All other opening statements will be included in the
record.
Mr. Glenn A. Fine, Inspector General at the Department of
Justice, a post held since he was confirmed by the Senate on
December 15, 2000. Mr. Fine has worked for the Department's
Office of Inspector General in a variety of capacities since
January 1995. He has had several years in private practice and
has also served as an Assistant United States Attorney in
Washington, D.C.
We are also privileged to have with us the General Counsel
of the Federal Bureau of Investigation, Ms. Valerie Caproni, a
position she has held since August 2003. Prior to that, Ms.
Caproni served as an Assistant United States Attorney in the
Eastern District of New York, as a supervisor at the Securities
and Exchange Commission and has also worked in private
practice.
All of your statements will be made a part of the record in
their entirety, and we will have a 5-minute time for each of
you, and we ask Inspector General Glenn A. Fine to begin our
testimony.
Welcome to the Committee.
TESTIMONY OF GLENN A. FINE, INSPECTOR GENERAL,
U.S. DEPARTMENT OF JUSTICE
Mr. Fine. Mr. Chairman, Congressman Smith and Members of
the Committee on the Judiciary, thank you for inviting me to
testify about two reports issued by the Department of Justice
Office of the Inspector General regarding the FBI's use of
National Security Letters and its use of section 215 orders to
obtain business records.
The PATRIOT Reauthorization Act required the OIG to examine
the FBI's use of these authorities, and on March 9th we issued
reports detailing our findings. Today, I will summarize the key
findings from our reviews, focusing my comments on the National
Security Letter report.
Under five statutory provisions, the FBI can use National
Security Letters (NSLs), to obtain without review by a court
records such as customer information from telephone companies,
Internet service providers, financial institutions, and
consumer credit companies. Although most of the statutory
provisions regarding NSLs existed prior to the enactment of the
PATRIOT Act, the Act significantly broadened the FBI's
authority to use NSLs in two primary ways.
First, it eliminated the requirement that the information
sought must pertain to a foreign power or an agent of a foreign
power and substituted the standard that the information
requested must be relevant to or sought for an investigation to
protect against international terrorism or espionage.
Second, the PATRIOT Act significantly expanded approval
authority for NSLs beyond a limited number of FBI headquarters
officials to the heads of all FBI field offices. Our review
examined the FBI's use of NSLs from 2003 through 2005. The OIG
will conduct another review examining the FBI's use of NSLs in
2006, which we are required to issue by the end of this year.
In sum, our review found widespread and serious misuse of
the FBI's National Security Letter authorities. In many
instances, the FBI's misuse violated NSL statutes, Attorney
General guidelines, or the FBI's own internal policies. We also
found that the FBI did not provide adequate guidance, adequate
controls, or adequate training on the use of these sensitive
authorities. Before describing the main findings of our report,
however, I believe it is important to provide context for these
findings.
First, we recognize the significant challenges the FBI was
facing during the period covered by our review. After the
September 11th terrorist attacks, the FBI implemented major
organizational changes while responding to continuing terrorist
threats and conducting many counterterrorism investigations,
both internationally and domestically.
Second, it is also important to recognize that in most but
not all of the cases we examined, the FBI was seeking
information that it could have obtained properly through
National Security Letters if it had followed applicable
statutes, guidelines and internal policies.
Third, we did not find that the FBI employees sought to
intentionally misuse NSLs or sought information that they knew
they were not entitled to obtain. Instead, we believe the
misuses and the problems we found generally were the product of
mistakes, carelessness, confusion, sloppiness, lack of
training, lack of adequate guidance, and lack of adequate
oversight. I do not believe that any of my observations,
however, excuses the FBI's misuse of National Security Letters.
When the PATRIOT Act enabled the FBI to obtain sensitive
information through NSLs on a much larger scale, the FBI should
have established sufficient controls and oversight to ensure
the proper use of those authorities. The FBI did not do so. The
FBI's failures, in my view, were serious and unacceptable.
I would now like to highlight our review's main findings.
Our review found that after enactment of the PATRIOT Act the
FBI's use of National Security Letters increased dramatically.
In 2000, the last full year prior to the passage of the PATRIOT
Act, the FBI issued approximately 8,500 NSL requests. After the
PATRIOT Act, the number of NSL requests increased to
approximately 39,000 in 2003, approximately 56,000 in 2004, and
approximately 47,000 in 2005. In total, during the 3-year
period, the FBI issued more than 143,000 NSL requests. However,
we believe that these numbers, which are based on information
from the FBI's database, significantly understate the total
number of NSL requests. During our file reviews in four FBI
field offices, we found additional NSL requests in the files
than were contained in the FBI database. In addition, many NSL
requests were not included in the Department's reports to
Congress.
Our review also attempted to assess the effectiveness of
National Security Letters. NSLs have various uses, including to
develop links of subjects of FBI investigations and other
individuals and to provide leads and evidence to allow FBI
agents to initiate or close investigations. Many FBI
headquarters and field personnel, from agents in the field to
senior officials, told the OIG that NSLs are indispensable
investigative tools in counterterrorism and counterintelligence
investigations, and they provided us with examples and evidence
of the importance to these investigations.
The OIG review also examined whether there were any
improper or illegal uses of NSL authorities. From 2003 through
2005, the FBI identified 26 possible intelligence violations
involving its use of NSLs. We visited four FBI field offices
and reviewed a sample of 77 investigative case files and 293
NSLs. We found 22 possible violations that had not been
identified or reported by the FBI. We have no reason to believe
that the number of violations we identified in the field
offices was skewed or disproportionate to the number of
violations in other files. This suggests that the large number
of NSL-related violations throughout the FBI have not been
identified or reported by FBI personnel.
In one of the most troubling findings, we determined that
the FBI improperly obtained telephone toll billing records and
subscriber information from three telephone companies pursuant
to over 700 so-called Exigent Letters. These letters generally
were signed by personnel in the Communications Analysis Unit
(CAU), a unit of the Counterterrorism Division in the FBI
Headquarters. The Exigent Letters were based on a form letter
used by the FBI's New York Field Division in the criminal
investigations related to the September 11th attacks.
Our review found that the FBI sometimes used these Exigent
Letters in nonemergency circumstances. In addition, the FBI
failed to ensure that there were authorized investigations to
which the requests could be tied. The Exigent Letters also
inaccurately represented that the FBI had already requested
subpoenas for the information when in fact it had not. The FBI
also failed to ensure that NSLs were issued promptly to
telephone companies after the Exigent Letters were sent.
Rather, in many instances, after obtaining records from the
telephone companies, the FBI issued National Security Letters
months after the fact to cover the information obtained.
We concluded that the FBI's use of these Exigent Letters
inappropriately circumvented the requirements of the NSL
statute and violated Attorney General guidelines and FBI
policies. In response to our report, we believe that the
Department and the FBI are taking our findings seriously. The
FBI concurred with all of our recommendations, and the
Department's National Security Division will be actively
engaged in oversight of the FBI's use of NSLs.
In addition, the FBI's Inspection Division has initiated
audits of a sample of NSLs issued by each of its 56 field
offices. The FBI is also conducting a special investigation on
the use of Exigent Letters to determine how and why the
problems occurred. The OIG will continue to review the FBI's
use of National Security Letters. In addition to issuing a
second report on the use of NSLs in 2006, we intend to monitor
the actions that the FBI and the Department are taking to
address the problems we found in that review.
Finally, I want to note that the FBI and the Department
cooperated fully with our reviews, agreed to declassify
information in the report, and appears to be committed to
addressing the problems we identified. We believe that
significant efforts are necessary to ensure that the FBI's use
of National Security Letters is conducted in full accord with
the statutes, Attorney General guidelines, and FBI policy.
That concludes my testimony, and I will be pleased to
answer any questions.
[The prepared statement of Mr. Fine follows:]
Prepared Statement of Glenn A. Fine
Mr. Chairman, Mr. Smith, and members of the Committee on the
Judiciary:
Thank you for inviting me to testify about two recent reports
issued by the Department of Justice Office of the Inspector General
(OIG) regarding the Federal Bureau of Investigation's (FBI) use of
national security letters and the FBI's use of Section 215 orders to
obtain business records. In the Patriot Reauthorization Act, enacted in
2006, Congress directed the OIG to examine the FBI's use of these two
important authorities. The reviews were directed to examine, among
other things, the number of times these authorities were used, the
importance of the information obtained, how the information was
utilized, any improper or illegal uses of these authorities, and other
noteworthy facts or circumstances related to their use.
On March 9, 2007, we issued separate reports on the FBI's use of
national security letters and Section 215 orders. We publicly released
two unclassified reports, with only limited information redacted
(blacked out) which the Department or the FBI considered to be
classified. We also provided to Congress, including this Committee,
copies of the full classified reports that contain some additional
classified information on the FBI's use of the two authorities.
However, the OIG's main findings and conclusions are included in the
unclassified versions that were publicly released.
In this written statement, I will summarize the key findings from
our reports, focusing most of my comments on the national security
letters report. I will first provide brief background on national
security letters and how we conducted our review. I will then provide a
few observations to put our findings in context. Next, I will highlight
the main findings of our national security letter report. After that, I
will briefly summarize our report on the FBI's use of Section 215
orders to obtain business records.
I. THE OIG'S NATIONAL SECURITY LETTER REPORT
A. Background on National Security Letters
Under five statutory provisions, the FBI can use national security
letters (NSLs) to obtain--without a court order or any review by a
court--records such as customer information from telephone companies,
Internet service providers, financial institutions, and consumer credit
companies. Most of these statutory provisions regarding NSLs existed
prior to enactment of the USA PATRIOT Act (Patriot Act) in October
2001. Prior to the Patriot Act, the FBI could obtain information using
a national security letter only if it had ``specific and articulable
facts giving reason to believe that the customer or entity whose
records are sought [was] a foreign power or agent of a foreign power.''
In addition, NSLs could only be issued by a limited number of senior
FBI Headquarters officials.
The Patriot Act significantly broadened the FBI's authority to use
NSLs by both lowering the threshold standard for issuing them and by
expanding the number of FBI officials who could sign the letters.
First, the Patriot Act eliminated the requirement that the information
sought must pertain to a foreign power or an agent of a foreign power.
Instead, it substituted the lower threshold standard that the
information requested must be relevant to or sought for an
investigation to protect against international terrorism or espionage.
Consequently, the Patriot Act authorized the FBI to issue national
security letters to request information about persons other than the
subjects of FBI national security investigations, so long as the
requested information is relevant to an authorized national security
investigation.
In addition, the Patriot Act permitted Special Agents in Charge of
the FBI's 56 field offices to sign national security letters, which
significantly expanded approval authority beyond a limited number of
FBI Headquarters officials. Finally, the Patriot Act added a new
authority allowing NSLs to be used to obtain consumer full credit
reports in international terrorism investigations.
B. The OIG Review
As directed by the Patriot Reauthorization Act, the OIG's report
examined the FBI's use of national security letters during the time
period from 2003 through 2005. As required by the Reauthorization Act,
the OIG will conduct another review examining the use of NSLs in 2006,
which we are required to issue by the end of this year.
During our review, a team of OIG staff conducted interviews of over
100 FBI and Department of Justice employees, including personnel at FBI
Headquarters, the FBI Office of the General Counsel (OGC), FBI
Counterterrorism and Counterintelligence Divisions, FBI personnel in
four field divisions, and officials in the Department's Criminal
Division.
In addition, the OIG reviewed a sample of FBI case files that
contained national security letters at four FBI field divisions:
Chicago, New York, Philadelphia, and San Francisco. These field
divisions were selected from among the eight FBI field divisions that
issued the most NSL requests during the review period. During our field
work at the four field divisions, we examined a sample of 77
investigative case files that contained 293 national security letters.
An investigative case file can contain a large number of documents, and
some of the case files we reviewed consisted of the equivalent of 20 or
30 boxes of documents. We used a judgmental sample in selecting which
files to review and included in our sample both counterterrorism and
counterintelligence cases, cases in which the NSLs were issued during
preliminary investigations and full investigations, and opened and
closed FBI cases.
The OIG also analyzed the FBI OGC's national security letter
tracking database, which the FBI uses for collecting information to
compile the Department's required reports to Congress on NSL usage.
Finally, we distributed an e-mail questionnaire to the
counterintelligence and counterterrorism squads in the FBI's 56 field
divisions in an effort to determine the types of analytical products
the FBI developed based on NSLs, the manner in which NSL-derived
information was disseminated, and the occasions when such information
was provided to law enforcement authorities for use in criminal
proceedings.
C. Findings of the OIG Review
Our review found widespread and serious misuse of the FBI's
national security letter authorities. In many instances, the FBI's
misuse of national security letters violated NSL statutes, Attorney
General Guidelines, or the FBI's own internal policies. We also found
that the FBI did not provide adequate guidance, adequate controls, or
adequate training on the use of these sensitive authorities. In many
respects, the FBI's oversight of the use of NSL authorities expanded by
the Patriot Act was inconsistent and insufficient.
1. Background to OIG Findings
However, before detailing the main findings of our report, I
believe it is important to provide context for these findings and also
to note what our review did not find.
First, in evaluating the FBI's misuse of national security letters,
it is important to recognize the significant challenges the FBI was
facing during the period covered by our review. After the September 11
terrorist attacks, the FBI implemented major organizational changes to
prevent additional terrorist attacks in the United States. These
changes included overhauling and expanding its counterterrorism
operations, expanding its intelligence capabilities, attempting to
upgrade its information technology systems, and seeking to improve
coordination with state and local law enforcement agencies. These
changes occurred while the FBI and its Counterterrorism Division had to
respond to continuing terrorist threats and conduct many
counterterrorism investigations, both internationally and domestically.
Second, it is important to recognize that in most--but not all--of
the cases we examined in this review, the FBI was seeking information
that it could have obtained properly through national security letters
if it had followed applicable statutes, guidelines, and internal
policies.
Third, national security letters are important tools that can
provide critical evidence in counterterrorism and counterintelligence
investigations. Many Headquarters and field personnel--from agents to
senior officials--believe these tools are indispensable to the FBI's
mission to detect and deter terrorism and espionage.
Fourth, we did not find that that FBI agents sought to
intentionally misuse the national security letters or sought
information that they knew they were not entitled to obtain through the
letters. Instead, we believe the misuses and the problems we found were
the product of mistakes, carelessness, confusion, sloppiness, lack of
training, lack of adequate guidance, and lack of adequate oversight.
Yet, I do not believe that any of these observations excuse the
FBI's widespread and serious misuse of its national security letter
authorities. When the Patriot Act enabled the FBI to obtain sensitive
information through NSLs on a much larger scale, the FBI should have
established sufficient controls and oversight to ensure the proper use
of these authorities. The FBI did not do so. The FBI's failures, in my
view, were serious and unacceptable.
I would now like to highlight our review's main findings, which are
detailed in the OIG's 126-page report.
2. OIG Findings
Our review found that, after enactment of the Patriot Act, the
FBI's use of national security letters increased dramatically. In 2000,
the last full year prior to passage of the Patriot Act, the FBI issued
approximately 8,500 NSL requests. It is important to note that one
national security letter may request information about multiple
telephone numbers or e-mail addresses. Because the FBI's semiannual
classified reports to Congress provide the number of requests rather
than the number of letters, we also focused on the total number of
requests.
After the Patriot Act, the number of NSL requests issued by the FBI
increased to approximately 39,000 in 2003, approximately 56,000 in
2004, and approximately 47,000 in 2005. In total, during the 3-year
period covered by our review, the FBI issued more than 143,000 NSL
requests.
However, we believe that these numbers, which are based on
information from the FBI's database, understate the total number of NSL
requests issued by the FBI. During our review, we found that the FBI
database used to track these requests is inaccurate and does not
include all NSL requests.
First, when we compared information from the database to the
documents contained in investigative case files in the 4 FBI field
offices that we visited, we found approximately 17 percent more NSL
letters and 22 percent more NSL requests in the case files than we
could find in the FBI database. In addition, we determined that many
NSL requests were not included in the Department's reports to Congress
because of the FBI's delays in entering NSL information into its
database. We also found problems and incorrect data entries in the
database that caused NSLs to be excluded from the Department's reports
to Congress.
Therefore, based on shortcomings in the FBI's NSL database and its
reporting processes, we concluded that the Department's semiannual
classified reports to Congress on NSL usage were inaccurate and
significantly understated the total number of NSL requests during the
review period.
Our report also provides breakdowns on the types of NSLs used by
the FBI. We determined that, overall, approximately 73 percent of the
total number of NSL requests were used in counterterrorism
investigations and 26 percent in counterintelligence cases.
In addition, our review found that the percentage of NSL requests
that related to investigations of U.S. persons increased from about 39
percent of all NSL requests in 2003 to about 53 percent in 2005.
As directed by the Patriot Reauthorization Act, our review
attempted to assess the effectiveness of national security letters.
NSLs have various uses, including to develop evidence to support
applications for orders issued under the Foreign Intelligence
Surveillance Act (FISA), develop links between subjects of FBI
investigations and other individuals, provide leads and evidence to
allow FBI agents to initiate or close investigations, and corroborate
information obtained by other investigative methods. FBI personnel told
the OIG that NSLs are indispensable investigative tools in many
counterterrorism and counterintelligence investigations, and they
provided us with examples and evidence of their importance to these
investigations.
We determined that information obtained from NSLs is also used in
FBI analytical intelligence products that are shared within the FBI and
with DOJ components, Joint Terrorism Task Forces, other federal
agencies, and other members of the intelligence community.
In addition, information obtained from NSLs is stored in FBI
databases such as its Automated Case Support system and its
Investigative Data Warehouse. However, because information is not
tagged or identified in FBI files or databases as derived from NSLs, we
could not determine the number of times that NSLs were used in such
analytical products, shared with other agencies, or used in criminal
cases.
As also directed by the Patriot Reauthorization Act, the OIG review
examined whether there were any ``improper or illegal uses'' of NSL
authorities. We found that from 2003 through 2005, the FBI identified
26 possible intelligence violations involving its use of NSLs, 19 of
which the FBI reported to the President's Intelligence Oversight Board
(IOB). Of the 26 possible violations, 22 were the result of FBI errors,
while 4 were caused by mistakes made by recipients of the NSLs.
These possible violations included the issuance of NSLs without
proper authorization, improper requests under the statutes cited in the
NSLs, and unauthorized collection of telephone or Internet e-mail
transactional records. For example, in three of these matters the FBI
obtained the information without issuing national security letters. One
of these three matters involved receipt of information when there was
no open national security investigation. In another matter, the FBI
issued national security letters seeking consumer full credit reports
in a counterintelligence investigation, which the NSL statutes do not
permit. In other matters, the NSL recipient provided more information
than was requested in the NSL, or provided information on the wrong
person, either due to FBI typographical errors or errors by the
recipients of NSLs.
In addition to the possible violations reported by the FBI, we
reviewed FBI case files in four field offices to determine if there
were unreported violations of NSL authorities, Attorney General
Guidelines, or internal FBI policies governing the approval and use of
NSLs. Our review of 293 national security letters in 77 files found 22
possible violations that had not been identified or reported by the
FBI.
The violations we found fell into three categories: improper
authorization for the NSL, improper requests under the pertinent
national security letter statutes, and unauthorized collections.
Examples of the violations we identified include issuing NSLs for
consumer full credit reports in a counterintelligence case, which is
not statutorily permitted; issuing an NSL for a consumer full credit
report when the FBI Special Agent in Charge had approved an NSL for
more limited credit information under a different NSL authority;
issuing an NSL when the investigation had lapsed; and obtaining
telephone toll billing records for periods in excess of the time period
requested in the NSL due to third-party errors.
Thus, it is significant that in the limited file review we
conducted of 77 investigative files in 4 FBI field offices, we
identified nearly as many NSL-related violations (22) as the total
number of possible violations that the FBI had identified (26) in
reports from all FBI Headquarters and field divisions over the entire
3-year period. Moreover, 17 of the 77 files we reviewed, or 22 percent,
had 1 or more violations.
We have no reason to believe that the number of violations we
identified in the four field offices we visited was skewed or
disproportionate to the number of possible violations in other files.
This suggests that a large number of NSL-related violations throughout
the FBI have not been identified or reported by FBI personnel.
Our examination of the violations we identified did not reveal
deliberate or intentional violations of the NSL statutes, the Attorney
General Guidelines, or FBI policy. We believe that some of these
violations demonstrated FBI agents' confusion and unfamiliarity with
the constraints on national security letter authorities. We also
believe that many of the violations occurred because FBI personnel do
not consistently cross check the NSL approval documentation with the
proposed NSLs, or verify upon receipt that the information supplied by
the recipient matches the request. Other violations demonstrated
inadequate supervision over use of these authorities.
We examined the FBI investigative files in the four field offices
to determine whether FBI case agents and supervisors had adhered to FBI
policies designed to ensure appropriate supervisory review of the use
of NSL authorities. We found that 60 percent of the investigative files
we examined contained one or more violations of FBI internal policies
relating to national security letters. These included failures to
document supervisory review of NSL approval memoranda and failures to
include in NSL approval memoranda required information, such as the
authorizing statute, the status of the investigative subject, or the
number or types of records requested.
In another finding, our review determined that the FBI Headquarters
Counterterrorism Division generated over 300 NSLs exclusively from
``control files'' rather than from ``investigative files,'' in
violation of FBI policy. When NSLs are issued from control files, the
NSL documentation does not indicate whether the NSLs are issued in
authorized investigations or whether the information sought in the NSLs
is relevant to those investigations. This documentation is necessary to
establish compliance with NSL statutes, Attorney General Guidelines,
and FBI policies.
In addition, we found that the FBI had no policy requiring the
retention of signed copies of national security letters. As a result,
we were unable to conduct a comprehensive audit of the FBI's compliance
with its internal control policies and the statutory certifications
required for NSLs.
In one of the most troubling findings, we determined that from 2003
through 2005 the FBI improperly obtained telephone toll billing records
and subscriber information from 3 telephone companies pursuant to over
700 so-called ``exigent letters.'' These letters generally were signed
by personnel in the Communications Analysis Unit (CAU), a unit of the
Counterterrorism Division in FBI Headquarters, and were based on a form
letter used by the FBI's New York Field Division in the criminal
investigations related to the September 11 attacks. The exigent letters
signed by the CAU typically stated:
Due to exigent circumstances, it is requested that records for
the attached list of telephone numbers be provided. Subpoenas
requesting this information have been submitted to the U.S.
Attorney's Office who will process and serve them formally to
[information redacted] as expeditiously as possible.
These letters were signed by CAU Unit Chiefs, CAU special agents, and
subordinate personnel, none of whom were delegated authority to sign
NSLs.
Our review found that that the FBI sometimes used these exigent
letters in non-emergency circumstances. In addition, the FBI failed to
ensure that there were duly authorized investigations to which the
requests could be tied. The exigent letters also inaccurately
represented that the FBI had already requested subpoenas for the
information when, in fact, it had not. The FBI also failed to ensure
that NSLs were issued promptly to the telephone companies after the
exigent letters were sent. Rather, in many instances, after obtaining
records from the telephone companies the FBI issued national security
letters many months after the fact to ``cover'' the information
obtained.
As our report describes, we were not convinced by the legal
justifications offered by the FBI during our review for the FBI's
acquisition of telephone toll billing records and subscriber
information in response to the exigent letters without first issuing
NSLs. The first justification offered was the need to reconcile the
strict requirements of the NSL statute with the FBI's mission to
prevent terrorist attacks. While the FBI's counterterrorism mission may
require streamlined procedures to ensure the timely receipt of
information in genuine emergencies, the FBI needs to address the
problem by expediting the issuance of national security letters or by
seeking legislative modification to the voluntary emergency disclosure
provision in the Electronic Communications Privacy Act (ECPA), not
through these exigent letters. Moreover, the FBI's justification for
the exigent letters was undercut because they were used in non-
emergency circumstances, not followed in many instances within a
reasonable time by the issuance of NSLs, and not catalogued in a
fashion that would enable FBI managers or anyone else to review the
practice or the predication required by the NSL statute.
In sum, we concluded that the FBI's use of these letters
inappropriately circumvented the requirements of the NSL statute, and
violated Attorney General Guidelines and FBI policies.
As directed by the Patriot Reauthorization Act, our report also
describes several other ``noteworthy facts or circumstances'' we
identified in the review. For example, we found that the FBI did not
provide clear guidance describing how FBI case agents and supervisors
should apply the Attorney General Guidelines' requirement to use the
``least intrusive collection techniques feasible'' during national
security investigations to the use and sequencing of national security
letters. In addition, we saw indications that some FBI lawyers in field
offices were reluctant to provide an independent review of NSL requests
because these lawyers report to senior field office managers who
already had approved the underlying investigations.
D. Recommendations
To help the FBI address these significant findings, the OIG made a
series of recommendations, including that the FBI improve its database
to ensure that it captures timely, complete, and accurate data on NSLs;
that the FBI take steps to ensure that it uses NSLs in full accord with
the requirements of national security letter authorities; and that the
FBI issue additional guidance to field offices that will assist in
identifying possible violations arising from use of NSLs. The FBI
concurred with all of the recommendations and agreed to implement
corrective action.
We believe that the Department and the FBI are taking the findings
of the report seriously. In addition to concurring with all our
recommendations, the FBI and the Department have informed us that they
are taking additional steps to address the problems detailed in the
report. For example, the FBI's Inspection Division has initiated audits
of a sample of NSLs issued by each of its 56 field offices. It is also
conducting a special inspection of the exigent letters sent by the
Counterterrorism Division to three telephone companies to determine how
and why that occurred.
The FBI's Office of the General Counsel is also consolidating its
guidance on NSLs, providing additional guidance and training to its
field-based Chief Division Counsel on their role in approving NSLs, and
working to develop a new web-based NSL tracking database.
In addition to the FBI's efforts, we have been told that the
Department's National Security Division will be actively engaged in
oversight of the FBI's use of NSL authorities.
As required by the Patriot Reauthorization Act, the OIG will
continue to review the FBI's use of national security letters. We are
required by the Act to issue another report by the end of this year on
the FBI's use of NSLs in 2006. In addition, we intend to monitor the
actions that the FBI and the Department have taken and are taking to
address the problems we found in our first review.
II. THE OIG'S SECTION 215 REPORT
In the last section of my statement, I want to summarize briefly
the OIG's second report, which examined the FBI's use of Section 215
orders to obtain business records. Section 215 of the Patriot Act
allows the FBI to seek an order from the FISA Court to obtain ``any
tangible thing,'' including books, records, and other items, from any
business, organization, or entity provided the item or items are for an
authorized investigation to protect against international terrorism or
clandestine intelligence activities.
Section 215 of the Patriot Act did not create new investigative
authority, but instead significantly expanded existing authority found
in FISA by broadening the types of records that could be obtained and
by lowering the evidentiary threshold to obtain a Section 215 order for
business records. Public concerns about the scope of this expanded
Section 215 authority centered on the ability of the FBI to obtain
library records, and many public commentators began to refer to Section
215 as the ``library provision.''
Our review found that the FBI and the Department's Office of
Intelligence Policy and Review (OIPR) submitted to the FISA Court two
different kinds of applications for Section 215 orders: ``pure''
Section 215 applications and ``combination'' Section 215 applications.
A ``pure'' Section 215 application is a term used to refer to a Section
215 application for any tangible item which is not associated with an
application for any other FISA authority. A ``combination'' Section 215
application is a term used to refer to a Section 215 request that was
added to a FISA application for pen register/trap and trace orders,
which identify incoming and outgoing telephone numbers called on a
particular line. In a combination order, the Section 215 request was
added to the pen register/trap and trace application in order to obtain
subscriber information related to the telephone numbers.
We found that from 2002 through 2005 the Department, on behalf of
the FBI, submitted to the FISA Court a total of 21 pure Section 215
applications and 141 combination Section 215 applications.
We found that the first pure Section 215 order was approved by the
FISA Court in spring 2004, more than 2 years after enactment of the
Patriot Act. The FISA Court approved six more pure Section 215
applications that year, for a total of seven in 2004. The FISA Court
approved 14 pure Section 215 applications in 2005.
Examples of the types of business records that were obtained
through pure Section 215 orders include driver's license records,
public accommodations records, apartment records, and credit card
records.
We also determined that the FBI did not obtain Section 215 orders
for any library records from 2002 through 2005 (the time period covered
by our review). The few applications for Section 215 orders for library
records that were initiated in the FBI during this period were
withdrawn while undergoing the review process within the FBI and the
Department. None were submitted to the FISA Court.
With respect to how information from Section 215 orders was used,
we found no instance where the information obtained from a Section 215
order resulted in a major case development such as disruption of a
terrorist plot. We also found that very little of the information
obtained in response to Section 215 orders has been disseminated to
intelligence agencies outside the DOJ.
However, FBI personnel told us they believe that the kind of
intelligence gathered from Section 215 orders is essential to national
security investigations. They also stated that the importance of the
information is sometimes not known until much later in an
investigation, when the information is linked to some other piece of
intelligence. FBI officials and Department attorneys also stated that
they believe Section 215 authority is useful because it is the only
compulsory process for certain kinds of records that cannot be obtained
through alternative means.
We did not identify any instances involving ``improper or illegal
use'' of a pure Section 215 order. We did find problems with two
combination Section 215 orders. In one instance, the FBI inadvertently
collected information from a telephone number that no longer belonged
to the target of the investigation. In another instance, the FBI
received information from a telephone that was no longer connected to
the subject because of a mistake by the telephone company.
We also found that the FBI has not used Section 215 orders as
effectively as it could have because of legal, bureaucratic, or other
impediments to obtaining these orders. For example, after passage of
the Patriot Act in October 2001, neither the Department nor the FBI
issued implementing procedures or guidance with respect to the
expansion of Section 215 authority for a long period of time. In
addition, we found significant delays within the FBI and the Department
in processing requests for Section 215 orders. We also determined
through our interviews that FBI field offices do not fully understand
Section 215 orders or the process for obtaining them.
III. CONCLUSION
In sum, our review of national security letters revealed that, in
various ways, the FBI violated the national security letter statutes,
Attorney General Guidelines, or FBI internal policies governing their
use. While we did not find that the violations were deliberate, we
believe the misuses were widespread and serious.
Finally, I also want to note that the FBI and the Department
cooperated fully with our review. In addition, the FBI and the
Department agreed to declassify important aspects of the report to
permit a full and fair airing of the issues we describe in the report.
They have also acknowledged the problems we found and have not
attempted to cover up the deficiencies. The FBI and the Department also
appear to be taking the findings of the report seriously, and appear
committed to correcting the problems we identified.
We believe that these serious and ongoing efforts are necessary to
ensure that the FBI's use of national security letter authorities to
obtain sensitive information is conducted in full accord with the NSL
statutes, Attorney General Guidelines, and FBI policies.
That concludes my testimony, and I would be pleased to answer any
questions.
ATTACHMENT
Mr. Conyers. Thank you, Attorney General.
Will the person in the back row, standing up, please sit
down or leave this Committee room?
I am now pleased to welcome the General Counsel for the
Federal Bureau of Investigation, Ms. Valerie Caproni.
Welcome to our Committee.
TESTIMONY OF VALERIE CAPRONI, GENERAL COUNSEL, FEDERAL BUREAU
OF INVESTIGATION
Ms. Caproni. Thank you. Good morning.
Mr. Chairman, Ranking Member Smith and Members of the
Committee, it is my pleasure to appear before you today to
discuss the recent report by the Department of Justice Office
of Inspector General regarding the FBI's use of National
Security Letters. I have submitted a detailed written
statement, and in the interest of time, I will stress only a
few points.
The IG's report is a fair report that acknowledges the
importance of National Security Letters to the ability of the
FBI to keep the country safe and the difficult environment in
which our employees have been working since 9/11. The IG found
no deliberate or intentional misuse of the National Security
Letter authorities, AG guidelines or FBI policy. Nevertheless,
the IG review identified several areas of inadequate auditing
and oversight of these vital investigative tools as well as
processes that were simply inappropriate.
The FBI fully supports each of the IG's recommendations and
have implemented other remedial steps not proposed by the IG.
Collectively, these reforms will ensure full compliance with
both the letter and the spirit of the law.
NSLs generally permit us to obtain the basic building
blocks of an investigation from third party businesses. Unlike
grand jury subpoenas used in criminal cases, however, National
Security Letter authority comes from several distinct statutes,
and they have very specific rules that accompany them.
The NSL authority used most frequently by the FBI is that
provided by the Electronic Communications Privacy Act, or ECPA.
Through an ECPA NSL, the FBI can obtain subscriber information
for telephone and electronic communications and can obtain toll
billing information and electronic communication transaction
records. Significantly, the FBI cannot obtain the content of
communications through an ECPA NSL. That requires a court
order. ECPA NSLs are, by far, the most common NSL that we use.
Pursuant to the Right to Financial Privacy Act and the Fair
Credit Reporting Act, we also have the authority to issue
different types of National Security Letters. The authority to
issue an NSL lies at a senior level within the FBI. It can only
be issued by an official who ranks not lower than Special Agent
in Charge or Deputy Assistant Director. All such officials are
career Government employees, and before an NSL can be issued
such employees must certify that the information sought is
relevant to an authorized national security investigation.
As directed by Congress in connection with the IG's report,
we endeavor to declassify as much information as possible in
order to maximize the transparency of our use of this important
national security tool. To that end, for the first time the
public has a real sense of the frequency with which the FBI
uses National Security Letters. In the period covered by the
report, the number of NSL requests--that is, not letters.
Remember that one letter can have multiple requests--has ranged
from approximately 40,000 to 60,000 per year, and we have
requested information on fewer than 20,000 persons per year.
For a variety of reasons that will be discussed below, those
numbers are not exact. Nevertheless, for the first time, the
public can get a sense of the order of magnitude of these
requests.
There are three findings by the IG that were particularly
disturbing to me, and it is those three findings that I wish to
address at some length this morning: First, inaccurate
reporting to Congress, second, the use of so-called Exigent
Letters and, third, violations of law and policy with respect
to the usage of NSLs.
I am particularly distressed by the fact that the IG found
significant inaccuracies in the numbers that we report to
Congress. The responsibility to gather the data for
congressional reporting lies with my division, and we did not
do an acceptable job. The processes we put in place for
tabulating NSLs were inadequate, and we had no auditing process
in place to catch errors. Although we realized we had a problem
prior to the IG's report and were working on a technological
solution, that realization came later than it should have, and
for that I bear responsibility.
At some point several years before I arrived at the FBI,
our process for congressional reporting shifted from a totally
manual process to a stand-alone database. While the OGC
database was a giant technological step forward from 3x5 index
cards, it quickly became an unacceptable system given the
increase in our use of National Security Letters since 9/11.
The OGC database is not electronically connected to ACS, the
system from which we derive the data. Instead, there is a
manual interface between ACS and the database. An OGC employee
is responsible for taking every NSL lead that is sent to OGC
and manually entering the information into our database. Nearly
a dozen fields must be manually entered, including the file
number of the case in which the NSL was issued, which is
typically at least 15 digits and letters. Needless to say,
human error creeps in.
Approximately a year ago when we were unable to tick and
tie numbers in the database to previously reported numbers, we
recognized that our technology was woefully inadequate. We
began at that point to develop an automated system to improve
our ability to collect this data. That system, in addition to
improving data collection, will automatically prevent many of
the errors in NSLs that we will discuss today by automating
much of the work associated with preparing NSLs. The system
will also allow us to automatically ensure that required
reporting data is accurately collected. The NSL system is being
designed so that the FBI employee requesting an NSL will enter
data only once.
For example, an agent or an analyst who wishes to get
telephone toll billing records will only have to tell the
system that he is seeking an ECPA NSL for toll records and type
the telephone number once. The system will then automatically
populate the appropriate fields in the NSL in the authorizing
electronic communication. The system will ensure that the two
documents match exactly, and it will minimize the opportunity
for transcription errors that gave rise to unauthorized
collections.
Agents and analysts will still be required to provide the
narrative necessary to explain why the NSL is being sought, the
factual basis for making the determination that the information
is relevant to an appropriately predicated national security
investigation and the factual basis for any determination that
the NSL should include a nondisclosure provision.
We are optimistic that we will be able to pilot the system
this summer and roll it out to all of the field offices by the
end of the year. At that point, I will be much more confident
that in the future the data we provide to Congress is as
accurate as humanly possible. In the meantime, we are taking
several steps to correct the numbers we have previously
reported. We have discussed our methodology with the IG, and we
will offer him the opportunity to review our work. We are
striving to have the corrected reports to Congress as soon as
possible.
The next significant finding of the IG I would like to
discuss this morning involves the use within one unit at
headquarters of so-called Exigent Letters. These letters, which
numbered in excess of 700, were provided to telephone companies
with requests for toll billing information. All of the letters
stated that there were exigent circumstances, and many stated
the Federal grand jury subpoenas had been requested for the
records even though in fact no such requests for grand jury
subpoenas had been made.
From an audit and an internal control perspective, the FBI
did not document the nature of the emergency circumstances, did
not keep copies of all of the Exigent Letters it provided to
the telephone companies and did not keep records to track
whether it had subsequently provided further legal process.
Moreover, some employees told the IG that there was not always
an emergency relating to the documents that were sought.
OGC has been working with the affected unit to attempt to
reconcile the documentation and to ensure that any telephone
record that we have in an FBI database was obtained because it
was relevant to an authorized investigation and that the
appropriate legal process has now been provided. If we are
unable to determine the investigation to which a number
relates, it will be removed from our database, and the records
will be destroyed.
The IG rightfully objected to the FBI's obtaining telephone
records with a letter that stated that a Federal grand jury
subpoena had been requested when that was untrue. It is unclear
why that happened. The Director has ordered a special
inspection in order to better understand the full scope of
internal control failures and to make sure that, in fact, every
record obtained pursuant to a so-called Exigent Letter has been
appropriately connected to a national security investigation.
That review will also determine whether the practice discussed
by the IG existed anywhere other than in the headquarters unit
identified in the report.
In response to the obvious internal control lapses this
situation highlights, changes have already been made to ensure
that this situation does not recur. Any agent who needs to
obtain ECPA-protected records on an emergency basis must do so
pursuant to 18 USC, section 2702. Section 2702 permits a
carrier to provide information regarding its customers to the
Government if the provider believes in good faith that there is
a life or death type emergency that requires disclosure of the
records. By FBI policy, a request for disclosure pursuant to
that provision generally must be in writing and must clearly
state that the disclosure without legal process is at the
provider's option. The emergency must also be documented to our
files so that the use of the letter can be audited. The policy
allows for oral requests, but any oral requests have to be
approved and documented to the file.
The IG also examined the misuse of NSLs that had been
reported and some that had not as part of the IOB process. As
this Committee knows, pursuant to executive order, the
President has an Intelligence Oversight Board that receives
from the intelligence community the reports of intelligence
activities that the agency believes may have been unlawful or
contrary to executive order or presidential directive.
The IG found that from 2003 to 2005 the FBI had self-
reported 26 potential violations involving NSL authorities. The
IG also found, however, a number of potential IOBs in the files
it examined that had not been reported to OGC for adjudication.
Although press accounts of this report have implied that the IG
found massive abuses of the NSL authorities, a careful read of
the report does not bear out the headlines. The IG examined 293
NSLs, a reasonably small, non-random sample. We do not suggest
that the sample was not a fair sample but only point out that
it is questionable from a statistical standpoint to attempt to
extrapolate from a very small sample to an entire population.
Of the 293 NSLs the IG examined, 22 were judged to have a
potential unreported violation associated with them. Of that 7
percent, 10, or almost 50 percent of that group, were third
party errors. That is, the NSL recipient provided the FBI with
information that we did not seek. Only 12 of the NSLs examined,
or 4 percent of the total group, had mistakes that the IG
rightfully attributes to the FBI.
Examining the 12 potential errors that were attributable to
the FBI reveals a continuum of seriousness relative to the
potential impact of individual rights. Four of them, or just
over 1 percent of the sample, were unquestionably serious
violations. Specifically, two of the violations involved
obtaining full credit reports and counterintelligence
investigations, which is not statutorily authorized. One
involved issuing a National Security Letter when the
authorization for the investigation to which it related had
lapsed, and one involved issuing an NSL for information that
was arguably content and, therefore, not available pursuant to
NSL. The remaining eight potential errors involved lack of
attention to detail and did not involve the FBI's seeking or
obtaining any information to which it was not entitled.
We do not excuse lack of attention to detail, and I have
admonished the lawyers in the field who review NSLs that they
must be careful so that they can avoid this sort of error, but
we do believe that such mistakes pose different challenges and
risks than seeking information to which you are not entitled.
In short, approximately 1 percent of the NSLs examined by
the IG had significant errors that were attributable to FBI
actions and that had not been but should have been reported as
potential IOB violations. A 1-percent error rate is not
acceptable, and we have taken steps to reduce it. Those steps
are discussed at length in my written testimony, and I will not
repeat them here.
But among the steps I do want to mention is that the
Director has ordered a special inspection of all field offices'
use of National Security Letters, an inspection that began on
Friday. We offer to fully brief the Committee on the results of
that inspection when it is complete. Several of the actions we
are taking involve changes to FBI rules and policy. Rules will,
of course, only eliminate errors if they are followed. The IG's
report has painfully demonstrated for us that, while we are
good at establishing policy and setting rules, we are not as
good as we must be at establishing internal controls and
auditing functions to make sure that the rules are followed.
The full parameters of an FBI compliance program have not
been set, and the inspection that is currently underway will
clearly influence the parameters of the program. In short
order, however, the FBI will establish a vigorous,
multidisciplinary compliance program that assures as well as
any compliance program can that our employees faithfully adhere
to all of our rules and policies, particularly those that are
designed to protect privacy and civil liberties.
The FBI is acutely aware that the only way we can achieve
our mission of keeping the country safe is if we are trusted by
all segments of the American public. With events like the
London terror attack of 2 years ago, we are all worried about
the risk of a catastrophic attack from homegrown terrorists.
Our single best defense against such an attack is the eyes and
ears of all Americans, but particularly in those segments of
the population in which the risk of radicalization is at its
highest. We need people in those communities to call us when
they hear or see something that looks amiss. We know that we
reduce the probability of that call immeasurably if we lose the
confidence of any part of the American public.
Mr. Conyers. Counsel, can you wind down at this point?
Ms. Caproni. Yes, sir.
We will put into place a compliance program to maximize the
probability that we do not lose the confidence of the American
public by dint of the sort of errors highlighted in this
report.
I appreciate the opportunity to appear before the Committee
and look forward to answering your questions.
Thank you.
[The prepared statement of Ms. Caproni follows:]
Prepared Statement of Valerie Caproni
Good morning Mr. Chairman, Ranking Member Smith, and Members of the
Committee. It is my pleasure to appear before you today to discuss the
recent report by Department of Justice's Office of the Inspector
General (OIG) regarding the FBI's use of national security letters
(NSLs). The OIG's report is a fair report that acknowledges the
importance of NSLs to the ability of the FBI to conduct the national
security investigations that are essential to keeping the country safe.
Importantly, the OIG found no deliberate or intentional misuse of the
national security letter authorities, Attorney General Guidelines or
FBI policy. Nevertheless, the OIG review identified several areas of
inadequate auditing and oversight of these vital investigative tools,
as well as processes that were inappropriate. Although not
intentionally, we fell short in our obligations to report to Congress
on the frequency with which we use this tool and in the internal
controls we put into place to make sure that it was used only in accord
with the letter of the law. Director Mueller concluded from the OIG's
findings that we must redouble our efforts to ensure that there is no
repetition of the mistakes of the past in the use of these authorities
and I share his commitment. I would also like to acknowledge the role
of Congress and the effectiveness of congressional oversight in
surfacing the deficiencies raised in this audit, which was called for
in the USA PATRIOT Improvement and Reauthorization Act. The report made
ten recommendations in response to the findings, designed to provide
both the necessary controls over the issuance of NSLs and the creation
and maintenance of accurate records. The FBI fully supports each
recommendation and concurs with the Inspector General that, when
implemented, these reforms will ensure full compliance with both the
letter and the spirit of the authorities entrusted to the Bureau.
NATIONAL SECURITY LETTERS
National Security Letters generally permit us to obtain the same
sort of documents from third party businesses that prosecutors and
agents obtain in criminal investigations with grand jury subpoenas.
Unlike grand jury subpoenas, however, NSL authority comes through
several distinct statutes and they have specific rules that accompany
them. NSLs have been instrumental in breaking up cells like the
``Portland Seven,'' the ``Lackawanna Six,'' and the ``Northern Virginia
Jihad.'' Through the use of NSLs, the FBI has traced sources of
terrorist funding, established telephone linkages that resulted in
further investigation and arrests, and arrested suspicious associates
with deadly weapons and explosives. NSLs allow the FBI to link
terrorists together financially, and pinpoint cells and operatives by
following the money.
The NSL authority used most frequently by the FBI is that provided
by the Electronic Communications Privacy Act (ECPA). Through an ECPA
NSL, the FBI can obtain subscriber information for telephones and
electronic communications and can obtain toll billing information and
electronic communication transaction records. Significantly, the FBI
cannot obtain the content of communications through an ECPA NSL.
Although the exact numbers of ECPA NSLs remains classified, it is the
most common NSL authority used.
Pursuant to the Right to Financial Privacy Act (RFPA), the FBI also
has the authority to issue NSLs for financial records from a financial
institution. RFPA NSLs are used commonly in connection with
investigations of potential terror financing.
Pursuant to the Fair Credit Reporting Act, the FBI has the
authority to issue three different, but related, types of NSLs to
credit reporting agencies: an NSL pursuant to 15 U.S.C. 1681u(a) for
the names of financial institutions with which the subject has or has
had an account; an NSL pursuant to 15 U.S.C. 1681u(b) for consumer
identifying information (name, address, former addresses, employment
and former employment); an NSL pursuant to 15 U.S.C. 1681v for a full
credit report. Of all the FBI's NSL authorities, only the last of the
FCRA authorities is restricted to use only in international terrorism
cases.
Finally, the FBI has the authority to issue NSLs pursuant to the
National Security Act in the course of investigations of improper
disclosure of classified information by government employees.
For the first 3 types of NSLs (ECPA, RFPA, FCRA) the NSL must
include a certification by an authorized FBI employee that the material
is being sought for an authorized national security investigation. That
certification is slightly different in the case of a FCRA NSL for a
full credit report, where the certification required is that the
information is relevant to an international terrorism investigation.
The authority to issue an NSL lies at a senior level within the
FBI. An NSL can be issued only by an official who ranks not lower than
Special Agent in Charge or Deputy Assistant Director. All such
officials are career government employees who are members of the Senior
Executive Service. Procedurally, an agent or analyst seeking an NSL
must prepare a document (an electronic communication or EC) in which
the employee lays out the factual predicate for the request. The
factual recitation must be sufficiently detailed so that the approving
official can determine that the material sought is relevant to an
investigation. Additionally, it needs to provide sufficient information
concerning the underlying investigation so that reviewing officials can
confirm that the investigation is adequately predicated and not based
solely on the exercise of First Amendment rights. Finally, the EC
includes a ``lead'' to the Office of the General Counsel (OGC) for
purposes of Congressional reporting.
OIG REPORT
As directed by Congress, we endeavored to declassify as much
information as possible concerning our use of NSLs in order to allow
the maximum amount of public awareness of the extent of our use of the
NSL tool consistent with national security concerns. To that end, for
the first time the public has a sense of the frequency with which the
FBI makes requests for data with national security letters. In the
period covered by the report, the number of NSL requests has ranged
from approximately 40,000 to 60,000 per year and we have requested
information on less than 20,000 persons per year. For a variety of
reasons that will be discussed below, those numbers are not exact.
Nevertheless, they, for the first time, allow the public to get some
sense of the order of magnitude of these requests; there are a
substantial number of requests, but we are not collecting information
on hundreds of thousands of Americans.
There are three findings by the OIG that are particularly
disturbing, and it is those three findings that I wish to address this
morning: (1) inaccurate reporting to Congress of various data points we
are obligated to report relative to NSLs; (2) the use of so-called
exigent letters that circumvented the procedures required by ECPA; and
(3) known violations (both previously self-reported by FBI and not
previously reported) of law and policy with regard to usage of NSLs.
CONGRESSIONAL REPORTING
A finding of the report that particularly distresses me is the
section that addresses the inaccuracies of the numbers we report to
Congress. That responsibility lies with my division, and we did not do
an acceptable job. The process for tabulating NSLs simply did not keep
up with the volume. Although we came to that realization prior to the
OIG report and are working on a technological solution, that
realization came later than it should have.
At some point several years before my tenure at the FBI began, our
process for tracking NSLs for Congressional reporting purposes shifted
from a totally manual process, where NSL data was written on index
cards, to a standalone Access database. This database is referred to in
the OIG report as the OGC database. While the OGC database was a giant
technological step forward from 3 x 5 index cards, it is not an
acceptable system given the significant increase in use of NSLs since
9/11. First and foremost, the OGC database is not electronically
connected to ACS, the system from which we derive the data. Instead,
there is a manual interface between ACS and the OGC database. An OGC
employee is responsible for taking every NSL lead that is sent to OGC
and manually entering the pertinent information into the OGC database.
Nearly a dozen fields must be manually entered, including the file
number of the case in which the NSL was issued (typically 15 digits and
alphanumeric identifiers).
Approximately a year ago we recognized that our technology was
inadequate and began developing an automated system to improve our
ability to collect this data. The system, in addition to improving data
collection, will automatically prevent many of the errors in NSLs that
we will discuss today. We are building an NSL system to function as a
workflow tool that will automate much of the work that is associated
with preparing NSLs and the associated paperwork. The NSL system is
designed to require the user to enter certain data before the workflow
can proceed and requires specific reviews and approvals before the
request for the NSL can proceed. Through this process, the FBI can
automatically ensure that certain legal and administrative requirements
are met and that required reporting data is accurately collected. For
example, by requiring the user to identify the investigative file from
which the NSL is to be issued, the system will be able to verify the
status of that file to ensure that it is still open and current (e.g.
request date is within six months of the opening or an extension has
been filed for the investigation) and ensure that NSLs are not being
requested out of control or administrative files. The system will
require the user to separately identify the target of the investigative
file and the person whose records are being obtained through the
requested NSL, if different. This will allow the FBI to accurately
count the number of different persons about whom we gather data through
NSLs. The system will also require that specific data elements be
entered before the process can continue, such as requiring that the
target's status as a United States Person or non-United States Person
be entered. The system will not permit requests containing logically
inconsistent answers to proceed.
The NSL system is being designed so that the FBI employee
requesting an NSL will enter data only once. For example, an agent or
analyst who wishes to get telephone toll billing records will only have
to prompt the system that he is seeking an ECPA NSL for toll records
and type the telephone number once. The system will then automatically
populate the appropriate fields in the NSL and the authorizing EC. The
system will then generate both the NSL and the authorizing EC for
signature, thereby ensuring that the two documents match exactly and
minimizing the opportunity for transcription errors that give rise to
unauthorized collections that must be reported to the Intelligence
Oversight Board (IOB). Agents and analysts will still be required to
provide the narrative necessary to explain why the NSL is being sought,
the factual basis for making a determination that the information is
relevant to an appropriately predicated national security
investigation, and the factual basis for a determination whether the
NSL should include a non-disclosure provision. In addition, this system
will have a comprehensive reporting capability.
We began working with developers on the NSL system in February 2006
and we are optimistic that we will be able to pilot it this summer and
roll it out to all field offices by the end of the year. At that point,
I will be confident the data we provide to Congress in future reports
is as accurate as humanly possible.
In the meantime, we are taking several steps to correct the numbers
we have previously reported. First, we are making data corrections in
our database. Through a computer program, we have identified all
entries that must be erroneous because there is an apparent error in
the entry (e.g., there are more NSLs reported than requests; the date
shows a year that is impossible (203)). We are manually reviewing those
entries and making corrections. We have also started a random sampling
of ten percent of the total entries in the OGC database which contains
approximately 64,000 entries. Those entries will be manually checked
against ACS. We will determine whether there is a significant
difference between the entries in our database and the actual
information in ACS. To the extent there is a difference, that will be
the factor that will be used to correct our prior reporting. While not
yielding an exact count, we believe that to be a statistically
appropriate way of correcting prior reporting. We have discussed this
methodology with the OIG and will offer it the opportunity to review
our work. We are striving to have corrected reports to Congress as soon
as possible.
As with the other shortcomings identified by the OIG, there was no
finding of an intent to deceive Congress concerning our use of NSLs. In
fact, as noted, we identified deficiencies in our system for generating
data prior to the initiation of the OIG's review and flagged the issue
for Congress almost one year ago. While we do not know the extent of
the inaccuracies in past reporting, we are confident that the numbers
will not change by an order of magnitude.
EXIGENT LETTERS
The next significant finding of the OIG involved the use within one
unit at Headquarters of so-called ``exigent letters.'' These letters,
which numbered in excess of 700, were provided to telephone companies
with requests for toll billing information regarding telephone numbers.
All of the letters stated that there were exigent circumstances. Many
of the letters stated that federal grand jury subpoenas had been
requested for the records even though in fact no such request for grand
jury subpoenas had been made, while others promised future national
security letters. From an audit and internal control perspective, the
FBI did not document the nature of the emergency circumstances that led
it to ask for toll records in advance of proper legal process, did not
keep copies of all of the exigent letters it provided to the telephone
companies, and did not keep records showing that it had subsequently
provided either the legal process promised or any other legal process.
Further, based on interviews the OIG conducted, some employees
indicated that there was not always any emergency relating to the
documents that were sought.
OGC has been working with the affected unit to attempt to reconcile
the documentation and to ensure that any telephone record we have in an
FBI database was obtained because it was relevant to an authorized
investigation and that appropriate legal process has now been provided.
As of late last week, there were still a small handful of telephone
numbers that had not been satisfactorily tied to an authorized
investigation. If we are unable to determine the investigation to which
those telephone numbers relate, they will be removed from our database
and destroyed.
The OIG rightfully objected to the FBI obtaining telephone records
by providing a telephone carrier with a letter that states that a
federal grand jury subpoena had been requested when that was untrue. It
is unclear at this point why that happened. The Director has ordered a
special inspection in order to better understand the full scope of
internal control lapses.
We also concur with the OIG that it is inappropriate to obtain
records on the basis of a purported emergency if, in fact, there is no
emergency. We continue to believe, however, that providers had the
right to rely on our representation that there was an emergency and
that the ``exigent letters''--had they been issued only when there was
an exigent circumstance and had they correctly identified the legal
process that would follow--would have been an appropriate tool to use.
In response to the obvious internal control lapses this situation
highlights, changes have already been made to ensure that this
situation does not recur. Any agent who needs to obtain ECPA-protected
records on an emergency basis must now do so pursuant to 18 U.S.C.
2702. Section 2702(c)(4) permits a carrier to provide information
regarding its customers to the government if the provider in good
faith, believes that an emergency involving danger of death or serious
physical injury to any person requires disclosure without delay of
information relating to the emergency. A request for disclosure
pursuant to that statute generally must be in writing and must clearly
state that the disclosure without legal process is at the provider's
option. The letter request must also set out the basic facts of the
emergency so that the provider can make some assessment whether it
concurs that there is an emergency.
INTELLIGENCE OVERSIGHT BOARD PROCESS
The OIG also examined misuse of NSLs that had been reported (and
some that had not been reported) as part of the IOB process. As this
committee knows, pursuant to Executive Order 12863 the President has an
Intelligence Oversight Board that receives from the agencies in the
intelligence community reports of intelligence activities that the
agency believes may have been unlawful or contrary to Executive Order
or Presidential Directive. This language is interpreted by the FBI and
DOJ to mandate the reporting of any violation of a provision of the
Attorney General's Guidelines for FBI National Security Investigations
and Foreign Intelligence Collection if such provision is designed to
ensure the protection of individual rights.
The FBI requires its employees to report any violations of law or
policy about which they are aware. We encourage employees to err on the
side of reporting so that we can be sure that all violations are
appropriately reported. In terms of process, all potential violations
(called PIOBs--or potential intelligence oversight board violations)
are reported to OGC. Lawyers within OGC are responsible for
``adjudicating'' the violation--that is, determining whether the PIOB
is an actual Intelligence Oversight Board violation. If it is, a report
is made to the IOB, a copy is provided to DOJ and a copy is provided to
the FBI's Inspection Division. If the violation involved intentional
misconduct, the Inspection Division will determine whether the matter
should be referred to the Office of Professional Responsibility for
discipline.
The OIG found that from 2003 through 2005, the FBI had self-
reported 26 potential violations involving NSL authorities. Of the 26,
OGC adjudicated 19 to be violations and reported them. The OIG agreed
with each of those determinations. Of the 7 PIOBs that OGC determined
were not violations, the OIG agreed with all but one. As to the one
determination about which we disagreed, upon re-review, the FBI
concurred with the OIG that it was a violation that should have been
reported and it has since been reported to the IOB. These 20 violations
included: third party errors (4), NSLs issued when the authority for
the investigation had lapsed (3), obtaining ECPA-protected records
without any legal process (3) and obtaining a full credit report in a
counterintelligence case (1).
The OIG also found, however, a number of potential IOBs in the
files it examined that had not been reported to OGC for adjudication.
Although press accounts of the reports have implied that the OIG found
massive abuses of the NSL authorities by the FBI, a careful read of the
report reflects a different set of facts. The OIG examined 293 NSLs--a
reasonably small sample. The sample was a judgmental sample and the
size was chosen because the audit was extremely labor intensive. We do
not suggest that the sample was not a fair sample (although it was not
random), but only that it is questionable from a statistical standpoint
to attempt to extrapolate from a very small sample to an entire
population. Moreover, there was wide variation in the number of
purported unreported violations from different field offices. The OIG
found 8 potential violations that were unreported in files in both the
Philadelphia and Chicago field offices, but only 2 unreported potential
violations from files in New York and 4 from San Francisco. We are
doing additional follow-up work, but the wide variance between field
offices may be a function of the very small sample, or it may indicate
that the percentages of potential errors detected are not constant
across all field offices.
Setting aside questions about whether the sample is representative,
I urge you to look closely at the numbers before arriving at the
conclusion that there is a systemic problem concerning the use of NSLs.
Of the 293 NSLs the OIG examined, 22 (7%) were judged to have potential
unreported IOB violations associated with them. Moreover, of that 7%,
10--or almost 50%--were third party errors--that is, the NSL recipient
provided the FBI information we did not seek. Only 12 of the NSLs
examined--4%--had mistakes that the OIG rightfully attributes to the
FBI.
Examining the 12 potential errors that were rightfully attributed
to the FBI reveals a continuum of seriousness relative to the potential
impact on individual rights. Four (or just over 1% of the sample) were
serious violations. Specifically, two of the violations involved
obtaining full credit reports in counterintelligence investigations
(which is not statutorily authorized), one involved issuing an NSL when
authorization for the investigation to which it related had lapsed, and
one involved issuing an NSL for information that was arguably content,
and therefore not available pursuant to an NSL. (In the latter case,
the ISP on which the NSL was served declined to produce the requested
material so there was, in fact, no collection of information to which
we were not entitled.) The balance of the 12 potential violations
identified by the OIG do not, in our view, rise to the same level of
seriousness as those 4. The remaining 8 involve errors that are best
characterized as arising from a lack of attention to detail, and did
not result in the FBI seeking or obtaining any information to which it
was not entitled. Those 8 potential violations involved errors such as
using the wrong certification language in an NSL (although the
appropriate certification is not materially different) and having the
NSL and the EC seeking the NSL not entirely consistent. We do not
excuse such lack of attention to detail, but we do not believe that
such mistakes result in or cause a risk to civil liberties.
In short, approximately 1% of the NSLs examined by the OIG had
significant errors that were attributable to FBI actions and that had
not been, but should have been, reported as PIOBs.
While a 1% error rate is not huge, it is unacceptable, and we have
taken steps to reduce that error rate. First, we are very concerned
that of all the potential IOBs involving mistakes in NSLs attributable
to the FBI (whether previously reported or not), 3 involved the same
mistake: namely, issuing an NSL for a full credit report in a
counterintelligence investigation. In order to ensure that this
particular error is fully rectified, the FBI ordered all field offices
to examine all counterintelligence files in which Fair Credit Report
NSLs have been issued since January 1, 2002 in order to ascertain
whether the file contains a full credit report. If it does, the credit
report must be removed from the file, sequestered with the field
office's attorney, and a PIOB must be reported to OGC. The results from
that search are due to headquarters by April 16, 2007.
Several other steps we have taken will, we believe reduce the
likelihood that the FBI will commit the other mistakes in the future.
First, as indicated previously, the FBI is developing an automated
system to prepare NSLs and their authorizing ECs. That system will
reduce to zero mistakes such as having the wrong certification language
or inconsistency between the NSL and the EC. It will also ensure that
the investigative file out of which the NSL is being issued is open.
Finally, it will ensure that an NSL for a full credit report cannot be
issued out of a counterintelligence file.
Other changes to FBI policy have been made that we believe will
facilitate better handling of IOBs and also reduce errors that lead to
IOBs. First, last fall we provided comprehensive advice to the field
regarding its responsibility towards information obtained as a result
of third party errors. That guidance requires all such information to
be sequestered and reported to OGC as a PIOB. If the ``over collected''
information is irrelevant to the investigation (e.g., the telephone
company transposed a number and provided us records on the wrong
telephone account), then it will be destroyed or returned. No such
information should be entered into FBI databases. If the information is
relevant to the investigation but simply not within the four corners of
the NSL, then the information must be sequestered until a new NSL has
been issued for the extra data. After the new NSL has been issued, the
information can be entered into FBI databases.
Secondly, we have collected all the rules and policies on NSLs into
one document which will be disseminated to the field. Those rules now
mandate that, until the deployment of the automated NSL system, all
NSLs and ECs be prepared from the exemplars that are provided on OGC's
website. That should eliminate many of the mistakes identified by the
OIG.
All of these rules will, of course, only reduce or eliminate errors
if they are followed. The OIG's report has highlighted for us that
there must be some sort of auditing function--above and beyond the IOB
process--to systematically ensure that these rules, as well as others
that govern our activities in national security investigations are
followed. The FBI has historically been very good at establishing
policy and setting rules, but we have not been as proactive as we
should have been in establishing internal controls and auditing
functions.
The full parameters of the compliance program have not been set,
although these aspects have been: the Inspection Division with
participation of DOJ's National Security Division and Privacy and Civil
Liberties Office is in the process of a special inspection of NSL usage
in all 56 field offices and headquarters. That inspection should
uncover any other significant problems with our use of this tool but
should also tell us whether there are variances between offices in
terms of the numbers and types of errors. The results of the inspection
will then inform the program that the Attorney General announced of
having teams of DOJ lawyers, FBI lawyers and the Inspection Division
periodically audit field offices' use of NSLs. That process will begin
in April and should result in at least 15 offices being audited this
year. We are also considering other proactive compliance programs in
order to develop a program that ensures, to the maximum extent
possible, that the rules and policies designed to protect privacy and
civil liberties are faithfully adhered to by all of our employees, that
we promptly identify and correct any violations of law or policy, and
that any information collected erroneously is removed from FBI
databases and destroyed. In addition, a working group co-chaired by the
Office of the Director of National Intelligence and the CPCLO has been
convened to examine how NSL-derived information is used and retained by
the FBI. The FBI and DOJ's National Security Division will have a
representative on this working group. We welcome the Committee's input
as we move forward on these initiatives.
The FBI is acutely aware that the only way that we can achieve our
mission of keeping the country safe is if we are trusted by all
segments of the American public. With events like the London terror
attacks of 2 years ago and the Canadian plot to use fertilizer bombs to
destroy buildings in Canada in 2006, we have all become worried about
the risk of a catastrophic attack from home grown terrorists. Our
single best defense against such an attack is the eyes and ears of all
Americans--but particularly of those segments of the population in
which the risk of radicalization is at its highest. We need people in
those communities to call us when they hear or see something that looks
amiss. We know that we reduce the probability of that call immeasurably
if we lose the confidence of those segments of the population. That is
one of the reasons that we are looking for ways to assure all Americans
that we are respectful of individual rights, including privacy rights,
and that we use the tools that have been provided to us consistent with
the rules set out by Congress.
I appreciate the opportunity to appear before the Committee and
look forward to answering your questions.
Mr. Conyers. Well, General Counsel Caproni, I want to thank
you for your candor and forthcomingness in coming before us
today, and we will include the rest of your testimony, of
course.
Now let me begin the questioning, and I thank both the
witnesses.
Inspector General Fine, I am curious as to how you have
come to the conclusion that these errors that have been
reported and that bring us to this chamber were sloppy--the
results of sloppy bookkeeping, recordkeeping or compliance with
the law, but none of it was intentional.
How could that be if they have known about these excesses
since the year 2004, and their Communications Analysis Unit
warned them about it in early 2005, and we have something like
at least over 700 Exigent Letters and somewhere in the
neighborhood of 40,000 to 50,000 NSL letters for 3 years?
Mr. Fine. Let me separate some of those issues.
I do not believe that they intended to go out and to obtain
information that they knew they could not obtain and said, ``We
are going to do it anyway.''
I think what they did was complete carelessness; they did
not follow the rules, did not follow appropriate procedures,
and obtained information that they could have obtained properly
but by taking shortcuts. Now, we did not do a review to ask
everybody what was in their minds and what exactly they did,
but we saw instances where people just simply did not follow
the rules and did not take appropriate action.
Mr. Conyers. But they were being warned. This did not just
come up recently. This goes back to 2004.
Mr. Fine. In 2004, it is correct that attorneys in the
Office of General Counsel had concerns about the Exigent
Letters and were not saying ``stop it,'' but were saying ``we
need to take different measures to issue these letters.''
Mr. Conyers. Do you think that the law was so complicated
that people in good faith just could not figure out what it was
we were requiring?
Mr. Fine. I think what they did was inappropriately take a
model from another context and apply it to this context, which
was wrong--it clearly was--and that they did not think
carefully, and they did not take appropriate actions. Now, I
know that the FBI is conducting a special inspection to look at
exactly what everybody knew and when they knew it and why they
took the actions that they did. We did not do that kind of
review. We did not ask everybody up and down the line, and it
is possible that people had motivations that were not
appropriate.
Mr. Conyers. But there is no way we can tell. There is no
way I can tell, but there is no way you can tell either.
Mr. Fine. It is true that we did not do a performance
review of every individual, so I think that is an appropriate
point, Mr. Chairman--I really do--and I do think it is
incumbent upon the FBI to go back and look and see exactly what
people were doing, at what stages, and why they did, what they
did and take appropriate action to hold people accountable.
Mr. Conyers. Now, do you make a distinction between the
National Security Letters and the Exigent Letters in terms of
the severity of the offense that brings us here today?
Mr. Fine. I think I do. I think the Exigent Letters were
the most troubling aspect of this.
Mr. Conyers. And why is that?
Mr. Fine. Because there is a process in the law to allow
voluntary disclosures from these telephone companies if there
is a true emergency, and we believe the FBI should have
followed that voluntary process. Instead, they went with these
Exigent Letters, which they used in a different context, and
applied it to this context which, in our view, was
inappropriate.
With regard to the National Security Letters, there were
many of them, and many of them did comply with the requirements
of the law. We saw, and we tried to do a review to see how many
did not. We found a significant number did not, but with regard
to the Exigent Letters as a whole, that whole practice was very
troubling to us in and of itself.
Mr. Conyers. Now, are you satisfied with the steps that
have been described here today by the General Counsel in terms
of how we clean this mess up?
Mr. Fine. Well, we have been briefed by the Department and
the FBI about the steps they are taking. I think they are
taking this seriously, but I am not in a position right now to
say, ``I am completely satisfied. I trust all this.'' We need
to see what happens with these steps, see whether there are
concerted efforts over time, to see whether they really are
adequately implemented. So I cannot say right now that they
have done all they can, but I think they are taking important
steps and taking this very seriously.
Mr. Conyers. I thank you so much.
I recognize Lamar Smith.
Mr. Smith. Thank you, Mr. Chairman.
Mr. Chairman, I am hoping my first question will not count
against my time.
Mr. Fine, I noticed, in reading your bio that when you were
a senior in college and co-captain of the basketball team you
were recruited by the San Antonio Spurs. They happen to be my
hometown team. My question is this: Don't you regret not
playing for the Spurs rather than becoming a Rhodes scholar and
graduating from Harvard Law School?
Mr. Conyers. The gentleman's time has expired.
Mr. Fine. Congressman, I was drafted in the 10th round by
the San Antonio Spurs, and if I were maybe a little taller than
59", I might have had a chance to play. So I do not really
regret that my future was in the law rather than in
professional basketball. But I tell people who do not believe I
actually played basketball when they see me at 59" that before
I started this job as the IG I was 69".
Mr. Smith. A very good answer.
Mr. Fine and Ms. Caproni, let me address a more serious
question to both of you, and it is this. We have unearthed
these problems that are recognized and that are being dealt
with, and some of the reasons for those problems have already
been seen, and the practice has been discontinued, but my
question is this:
Do you all feel that the problem is with how the law was
enforced rather than with the law itself? In other words, if
the law were carried out as intended, doesn't that solve our
problem? Mr. Fine first.
Mr. Fine. Congressman, I am really not in a position to say
what the law should be or if there should be modifications to
the law.
What my job is is to look at the law and to look at the
application of the law and to see the problems that occurred. I
do believe that if the FBI had assiduously and carefully
applied the law, we would not have seen as many problems as we
have, and it really was unacceptable and inexcusable what
happened here.
Mr. Smith. Ms. Caproni.
Ms. Caproni. From our perspective, the problem is not with
the law, although I would note that unlike other areas that our
agents, where they get these sorts of records, there are very
specific rules, and they have to win through those rules. That,
in my sense, is our responsibility as the lawyers to make sure
that the agents understand what they can do and what they
cannot do.
Again, there is no doubt that the problem with the National
Security Letters was a colossal failure on our part to have
adequate internal controls and compliance programs in place.
The laws, themselves, provide us with a needed tool, and it is
a tool that we should use responsibly.
Mr. Smith. Okay. Thank you.
Mr. Fine and Ms. Caproni, why are National Security Letters
important in our investigation of terrorism?
Ms. Caproni. They are critical. National Security Letters
provide us the basic building blocks that we need to build an
investigation. For those of you who had prior criminal AUSA
experience--and I know a number of you did--you are used to
issuing grand jury subpoenas to obtain telephone records and
banking records. Frequently in terrorism investigations, we do
not have an open criminal investigation. In fact, that was one
of the things that the 9/11 Commission really encouraged us to
do and that this Committee encouraged us to do and the
intelligence Committees, to move more--when we are thinking
about a terrorism case, to move from simply a criminal mindset
to thinking in an intelligence mindset. So a National Security
Letter is the tool that we use in order to get the basic
building blocks of those investigations, again, like phone
records for almost every terrorism case, financial records when
we are building terrorism financing cases. So, without National
Security Letters, our national security investigations would
really be stopped before they even got started.
Mr. Smith. Okay. Thank you.
Mr. Fine.
Mr. Fine. I do think that they are important investigative
tools. They can connect terrorist individuals with terrorist
groups. They can find out where terrorist financing can occur.
They are indispensable in counterintelligence investigations.
And the FBI did tell us, from folks in the field to
headquarters, how important they were to the investigations and
showed us examples of that. I have said that I think they are
important. There also needs to be important checks on these
tools because they are intrusive, and there is information that
is obtained and retained for significant periods of time, and
so while they are important investigative tools, there also
needs to be appropriate checks on them as well.
Mr. Smith. Mr. Fine, in your conclusions--it is the second
one--you say, ``In most but not all of the cases we examined in
this review, the FBI was seeking information that it could have
obtained properly through National Security Letters.''
What percentage would you guess is that? In other words,
what percentage of the problems could have been resolved if
they had obtained National Security Letters?
Mr. Fine. We found instances, a few instances, where they
obtained information inappropriately and could not have used
a----
Mr. Smith. How many of the 739 would you guess that is?
Mr. Fine. Well, the 739 is hard to tell because they could
not tie them to appropriate investigations all the time, and
there were many times where they could not tell us it was an
emergency, so I do not know how many in the 739. That is the
most troubling aspect of it.
With regard to the others, the National Security Letters in
the files we reviewed, I would say we found about seven where
there were illegal uses of them, where the FBI was attempting
to obtain information through confusion, through error, of
information that they were not entitled to obtain through a
National Security Letter, either an educational record or
obtaining information on a full credit report in a
counterintelligence case, which they are not allowed to obtain,
or not using it in NSL----
Mr. Smith. You said seven times?
Mr. Fine. Seven of the reviews that we found and we found
in our--seven of the individual ones, and as you will recall,
we did not do a review of every NSL that was issued. We did a
small sample of them.
Mr. Smith. Okay. Thank you, Mr. Fine.
Thank you, Mr. Chairman.
Mr. Conyers. Thank you very much.
The gentleman from New York, Jerry Nadler.
Mr. Nadler. Thank you.
Well, Mr. Fine, I suppose. You state in your report that
there were no intentional violations of NSL policy procedure,
that these were basically carelessness but that there were no
intentional violations, no crimes.
Mr. Fine. Correct.
Mr. Nadler. Okay, but we also read in the report that
agents intentionally went around the statute to provide phony
information requests to telephone companies based on false
statements.
For example, the FBI's Communications Analysis Unit went
around the NSL statute because it felt that the statute was
insufficient and contracted with the telephone companies to
access information directly. These contracts were approved by
the Office of General Counsel and were exploited by issuing
Exigent, or emergency, Letters. Well, let me ask the General
Counsel.
What is the statutory basis for an Exigent Letter? As far
as I can tell, there is no basis for it.
Ms. Caproni. Well, under 2702, we have the authority to get
records from a phone company in an emergency circumstance
without a National Security Letter. The Exigent Letters were
undoubtedly inappropriate shortcuts to the process, though.
Mr. Nadler. Well, under 2702, if you were going to get
information in an emergency, what do you have to do?
Ms. Caproni. You simply have to tell the carrier that there
is an emergency. We recommend that you explain to the carrier
what the emergency is, and it is then up to the carrier to
decide whether or not to provide us records. So it is not a
compulsive system.
Mr. Nadler. Not compulsive, but of course, the carrier has
no particular interest in protecting--if you are looking at my
records or if you want my records, for example, the phone
company has no particular interest in protecting my privacy
rights, and I will never find out about it, so I cannot go to
court to protect them, correct?
Ms. Caproni. I do not represent the carriers, but I would
disagree with the theory that they have no particular interest
in protecting your records. In fact----
Mr. Nadler. What is their interest?
Ms. Caproni. In fact, the carriers were diligent in making
sure that any record they gave to us they subsequently obtained
a National Security Letter for.
Mr. Nadler. Well, wait a minute. Mr. Fine's report says, in
many, many instances, hundreds of instances, that that never
happened.
Ms. Caproni. As of right now, there are still some numbers
that have not received National Security Letters to back up the
requests.
Mr. Nadler. But back up years later after the report, but
that is backfilling, in other words, and that is certainly not
evidence that the phone companies were diligent in seeking
these things. That is saying that, after this report was done,
someone said, ``Wow, we have got a problem on our hands. We had
better go get these letters 4 years later or 3 years later.''
That is not evidence of what we are talking about.
Ms. Caproni. Respectfully, even though I am not defending
the practice, it is not the case that it was only after Mr.
Fine's report came out that they were attempting to make sure
that the paperwork documentation was appropriate for every
record they obtained.
Mr. Nadler. You think the paperwork documentation should be
done as appropriate.
Ms. Caproni. If it is not, the records will come out of our
database and be destroyed.
Mr. Nadler. In this morning's Washington Post, it says:
Under past procedures agents sent exigent circumstances letters
to phone companies seeking toll records by asserting there was
an emergency. Then they were expected to issue a grand jury
subpoena or national security letter which legally authorizes
collection after the fact. Agents often did not follow up with
that paperwork, the Inspector General's investigation found.
The new instructions which, according to the Washington
Post, were issued to the FBI tell agents there is no need to
follow up with National Security Letters and subpoenas. The
agents are also told that the new letter template is the
preferred method in emergencies but that they may make requests
orally with no paperwork sent to phone companies.
In other words, it appears from this morning's Washington
Post that instructions are now being given to the FBI not to
bother with any backup documentation after an oral request to
the phone company for records invading people's privacy.
Ms. Caproni. Quite the contrary. The instructions are that
if they get information based on an oral request--and just to
give an example of when that might be appropriate, if a child
has been kidnapped and the ransom call comes in----
Mr. Nadler. Obviously, in those--I am not questioning the
need in an emergency like that for getting records right away.
Ms. Caproni [continuing]. And to get them on an oral
request.
Mr. Nadler. I don't doubt it. What I am questioning is
that, according to today's Washington Post, the opposite of
what the two of you are saying is the case and that now they
seem to be saying we will take care of this lack of follow-up
of documentation by simply declaring it unnecessary.
Ms. Caproni. No, Congressman, that is not the policy. The
policy now is that if a request is going to be made on an
emergency basis for records, that has to be documented. It has
to be documented in the first instance in the request. But if
there is not time to do that so that you need an oral request,
then that has to be documented to the file together with the
approval for it. So it is, again, an internal control to avoid
the problem that was existing, which was emergency had become a
flexible----
Mr. Nadler. Okay. One final question. That is to Mr. Fine.
Just a quick clarification on accessibility of PIN numbers and
Social Security numbers of individuals through this process.
On page 73 of your report, there is a discussion of a
potential Intelligence Review Board violation because an agent
accessed a bank balance by getting a person's bank account and
PIN number from the result of a FISA order. The agent was
faulted for not using an NSL but was not faulted for the fact
that the PIN number was readily available.
The reason I flagged this is because this reference makes
clear that through an NSO 215 order the Government can secretly
obtain the PIN number for someone's debit or credit account----
Mr. Conyers. The gentleman's time has expired. Finish.
Mr. Nadler. What limits are there on this and what
protections on this power to get PIN numbers and credit account
numbers?
Mr. Fine. The FBI can get bank records and records like
that. There has to be predication for it and they have to show
the need for that. That is one of the tools that the FBI has
used and can use, as we pointed out. That is one of the reasons
there needs to be controls on this.
Mr. Conyers. The gentleman's time has expired.
The Chair turns to the former Chairman, Jim Sensenbrenner
from Wisconsin, whose letter to the Department of Justice first
triggered the inquiries that have flown from this. I
congratulate him and recognize him at this time.
Mr. Sensenbrenner. Thank you very much, Mr. Chairman.
Just by way of background, we did some oversight when I was
the Chair of the Committee and received a letter in late 2005
that indicated that there were problems with National Security
Letters. The audit that the Inspector General conducted was as
a result of a provision that I put in the PATRIOT Act
reauthorization that required this audit to be made as well as
a subsequent audit that Mr. Fine is doing that I am sure we are
going to talk about extensively later when the report is
issued.
I would also like to point out that National Security
Letters were not authorized by the initial PATRIOT Act in 2001
but have been around since 1986 in legislation that was
authored by Senator Patrick Leahy of Vermont, who is the
Chairman of the Judiciary Committee on the other side of the
Capitol.
The PATRIOT Act reauthorization put in a number of civil
liberty protections relative to National Security Letters
because we knew that there were problems afoot and decided
that, even though NSLs were not a part of the PATRIOT Act, that
they needed to have civil liberties protections.
I am proud of that work that this Committee did and
eventually found its way into the PATRIOT Act Reauthorization
Act, which was signed by the President in March of last year.
One of the things, Ms. Caproni, that I am really concerned
about is that the Justice Department and the FBI in particular
have come to the Congress repeatedly over the last dozen years
asking for administrative subpoena authority, meaning that
subpoenas could be issued without judicial supervision. This
Congress has repeatedly rejected each and every one of those
requests.
Now a National Security Letter is kind of like an
administrative subpoena, although it is limited to the type of
information that can be obtained. I would like to know from
both of the witnesses whether the FBI simply turned around and
used NSLs to get huge amounts of information after Congress
said ``no'' again to administrative subpoena authority.
Ms. Caproni. No, we didn't. National Security Letters are
always focused on a particular case. There is no bulk
collection via National Security Letters. And while our
congressional reporting numbers are off, as Mr. Fine correctly
found, they are not off by an order of magnitude. That is, we
reported that we collected data on less than 20,000 people a
year. While that number may go up, it is not going to go up to
above 200,000.
Mr. Sensenbrenner. How can you account for the fact that
the number of NSLs that were issued before 9/11 was about 8,000
plus per year and then it went up to 150,000? Do we have that
many potential terrorists running around the country? If so, I
am really worried.
Ms. Caproni. I think it is a function of two things. First
off, I think it is a function of the fact that post-9/11 a
number of agents were moved into the counterterrorism area and
the Director directed that no lead in a counterterrorism case
would go unpursued. So there is a directive to agents that they
must cover all counterterrorism leads. That is point one.
I think point two was, because we were focusing much more
on an intelligence-driven reaction to counterterrorism threats,
the toolbox that we were using was focusing mostly on National
Security Letters, as opposed to the prior reaction, which would
have used grand jury subpoenas.
Mr. Sensenbrenner. Mr. Fine.
Mr. Fine. I agree with Ms. Caproni. Prior to the September
11th attacks, it was rarely used. There were delays in getting
them, and they were not following the leads that they would
have followed after the 9/11 attacks.
After the 9/11 attacks, they are attempting to connect the
dots, attempting to track down leads. When there are
indications from a terrorist overseas that there might be
connections to the United States, they try and follow that.
Mr. Sensenbrenner. My time is running out. I just make the
observation that one of the things that gets people in this
town in big trouble is overreaching. I think that, given your
report, Mr. Fine, the FBI has had a gross overreach. What this
does is it erodes support for the function that the FBI does to
protect all of us from future terrorist attacks.
I hope that this would be a lesson to the FBI that they
can't get away with this and expect to maintain public support
for the tools that they need to combat terrorism. Given the way
the FBI has acted, I have my doubts. But let this be a warning.
And my time is up.
Mr. Conyers. The Chair recognizes the gentleman from
Virginia, Bobby Scott.
Mr. Scott. Thank you, Mr. Chairman.
Mr. Fine, you suggested that there is some confusion in how
to work these things, as I understand it, representations that
there was an emergency, when in fact there was no emergency,
and representations that grand jury subpoenas had been issued,
when in fact they had not been issued. Is that right?
Mr. Fine. That is correct.
Mr. Scott. Has anyone been sanctioned?
Mr. Fine. No. The FBI, as a result of this report, is going
and looking at a special inspection to look at exactly what
happened with this, how the problems occurred, and to determine
accountability. I think that is appropriate.
Mr. Scott. To your knowledge, no one has been sanctioned so
far.
Mr. Fine. Not yet, no.
Mr. Scott. Okay. Ms. Caproni, you indicated that we need to
change our mindset from criminal investigation to intelligence
gathering.
Ms. Caproni. I am saying that, post-9/11, that has been
what the FBI has been charged with doing--really not thinking
of our terrorism investigations as wholly criminal.
Mr. Scott. Now when we use these letters, are we obtaining
information regarding United States citizens?
Ms. Caproni. Sometimes.
Mr. Scott. That is a yes? Not always, but sometimes?
Ms. Caproni. Correct. About half and half.
Mr. Scott. You are using this mindset against United States
citizens. When you get all this information like Social
Security numbers and phone records, how long is this
information retained?
Ms. Caproni. The issue of retaining national security--data
that is obtained via National Security Letters is subject to a
working group that the DNI is chairing together with the
Department of Justice and that we will participate on in terms
of how long we should keep it. As of right now, it is subject
to the normal archive rules, so we keep it for whatever the law
under our archives requires, which is typically 20 years.
Mr. Scott. Twenty years. Now how many criminal convictions
have you gotten from NSL letters? How much information from NSL
letters has resulted in criminal convictions for terrorism-
related offenses?
Ms. Caproni. That was one of the questions that the IG was
charged with answering, and I think deriving is very difficult.
Because, while National Security Letters are typically used at
the beginning of an investigation, we don't tag the data; and
so tracing it through to know whether national security data
started----
Mr. Scott. Mr. Fine.
Mr. Fine. We try, too, but you cannot tell how many
convictions as a result of that. It is not specifically
segregated or tagged. When we tried to follow through the
system, it was very hard to do that. So I can't give you a
number.
Mr. Scott. If somebody said one, would that surprise you?
Could you contest that number?
Ms. Caproni. I would.
Mr. Fine. I would think it would be higher, but I can't
tell you one way or the other.
Mr. Scott. What information is obtained through NSL letters
that could not have been gotten through going through the
normal FISA process, even in emergencies when there is an
after-the-fact process with the FISA courts?
Ms. Caproni. Anything that we can obtain through a National
Security Letter could be obtained from a FISA 215 order.
I would tell this Committee that I think if you change the
law in that way, you would be doing grave disservice. It would
essentially sink the system. We issue, as you can tell from the
report, thousands of National Security Letters to get
information. We do not have an infrastructure in place to take
every one of those to court any more than an AUSA in any
district has the infrastructure in place to go to court to get
every grand jury subpoena. It is simply--we don't have the
infrastructure to do that.
Mr. Scott. So you are not getting information you couldn't
get through FISA, but just administratively you would have a
judge looking at what you are doing and not having a process
that lacks oversight.
Ms. Caproni. Congressman, under FISA--under the FISA
statute, section 215 of the PATRIOT Act gave us the authority
to get an order for any type of record.
Mr. Scott. That is what we are talking about.
Mr. Fine, did I understand that in these cases there is an
actual ongoing investigation prior to issuing these letters or
there is not an identifiable investigation ongoing when they
issued the letters?
Mr. Fine. It has to be tied to some investigative file.
They have to open an investigative file or a threat assessment
or preliminary inquiry or full inquiry. It has to be tied to
one of those, and can't be issued out of a control file.
Mr. Scott. That is what they are supposed to be doing. Are
they doing that?
Mr. Fine. We found there were instances of they were issued
out of a controlled file.
Mr. Scott. If there is no ongoing investigation, what is
the standard for deciding when to issue one and when not to
issue one?
Ms. Caproni. The standard is that it has to be relevant to
an authorized investigation. What Mr. Fine was talking about
with the control files is, while it is a difficult situation to
understand, those NSLs were in fact--they related to an
authorized investigation. There was a bureaucratic problem,
which nobody likes to hear. There is a bureaucratic problem,
but there was a huge bureaucratic problem that we believe we
have worked out. None of the NSLs that were issued out of
control files did not relate to an authorized investigation.
They all were tied to investigations that were appropriately
open.
Mr. Conyers. The distinguished gentleman from North
Carolina, Howard Coble.
Mr. Coble. I thank the Chairman.
Good to have you all with us.
Mr. Fine, your report recommends a number of changes on the
FBI's use and tracking of National Security Letters. The
Attorney General issued a press release on March 9th responding
to those recommendations; and I presume each of you is familiar
with that report, are you not, the March 9th report?
Let me put this question to each of you: Will those
recommendations submitted by the AG restore the FBI's
accountability for its use of NSLs?
Mr. Fine, start with you.
Mr. Fine. I believe that the response to the
recommendations and what the FBI and the Department is doing is
appropriate. Is it sufficient? Is it all that needs to be done?
I am not sure. We will have to see what the results of those
steps are.
We try to provide recommendations to ensure that these very
important but sensitive tools are used in full accord with
National Security Letter authorities, AG guidelines, and
internal control policies. They hadn't been in the past.
Mr. Coble. Ms. Caproni.
Ms. Caproni. I think we are going to have to work to get
the trust of this Committee back, and we know that is what we
have to do, and we will do it.
Mr. Coble. Can the FBI implement the Attorney General's
directions within the 4 months when the AG has requested Mr.
Fine to report on your progress?
Ms. Caproni. I hope so. There are some that are going to
require some interagency work, but certainly if not all will be
implemented in 4 months, we will have made substantial
progress.
Mr. Coble. You may have addressed this earlier, Ms.
Caproni, but let me put it to you in case you did not. Does the
FBI have any discrepancy or challenge with the report that Mr.
Fine has issued?
Ms. Caproni. No, we accept the report. To the extent we had
factual quarrels, we worked those out.
Mr. Coble. You may not be able to respond to this. What do
you think, Ms. Caproni, are the greatest obstacles that your
office faces in implementing the AG's directions?
Ms. Caproni. I think that any obstacles there are the
Director is going to make sure are removed. I think it is
time--it is energy and effort; and we are going to do it.
Mr. Coble. I thank you both for being here.
Mr. Chairman, if I may, I would like to submit for the
record the March 9th press release submitted by the Attorney
General.
Mr. Conyers. Without objection, so ordered.
[The information referred to is available in the Appendix.]
Mr. Coble. I thank the Chairman. I yield back my time.
Mr. Conyers. I ask the lady--don't sit down now. I ask you
to please excuse yourself from this hearing. No visitors can
interrupt a hearing in the Congress. Just a moment. Would the
officers escort this lady out, please.
The Chair recognizes the other distinguished Member from
North Carolina, Mr. Mel Watt.
Mr. Watt. Thank you, Mr. Chairman. I thank the Chairman for
convening the hearing.
Mr. Fine, I am looking on page 7 of your testimony in which
you indicate that you reviewed 293 National Security Letters in
77 files and found 22 possible violations that had not been
identified or reported by the FBI, and I am trying to
extrapolate that, although Ms. Caproni seemed to take some
issue with whether that was a reliable sample.
I am trying to assume for the moment that it is, without
trying to figure out how many there would be of the total
National Security Letters that were possible violations.
My formula is I am starting with 143,000 National Security
Letter requests on page 5. Would that be an appropriate place
to start? Have you done the extrapolation for me?
Mr. Fine. I haven't done it, but there are 143,000
requests, and, as you know, a request--there can be multiple
requests in a letter, so there are approximately 45,000 letters
during the time period, with 143,000 requests. I think the
starting point would be about 44,000 letters during the time
period.
Mr. Watt. And if you extrapolated the possible violation
out, what would that come to, according to your math?
Mr. Fine. If you are talking about 7 percent, approximately
7 percent of the 293 had a violation, so 7 percent of 44,000
would approximately be about 3,000.
Mr. Watt. So you are telling me----
Mr. Fine. That is quick math. I hope it is correct. I think
it is.
Mr. Watt [continuing]. That it is possible my FBI and my
people who are supposed to be protecting my interest violated
the law how many times?
Mr. Fine. Well, I think there are possible violations of
either the law, the Attorney General guidelines or the FBI's
policies several thousand times, if you statistically
extrapolate. It was a small sample. We didn't think it was
skewed or biased. But if it held up through the entire
population of files, several thousand, some more serious than
others. But that is a lot.
Mr. Watt. Ms. Caproni, why ought not our public be
concerned about that kind of disregard of the law and internal
process?
Ms. Caproni. Well, I think the public should be concerned.
We are concerned, and we are going to fix it.
I would say, as Mr. Fine said, the sort of errors range
sort of on a long continuum of seriousness. The most serious
errors that Mr. Fine identified were obtaining full credit
reports in counterintelligence cases. We had a----
Mr. Watt. That is 7 of the 22 files where you say they were
real serious violations. Extrapolate that out for me, Mr. Fine.
Mr. Fine. Well, I think in Ms. Caproni's testimony she
talked about the level of seriousness and which were FBI errors
and which were company errors and came up with the figure that
a little bit over 1 percent of them were serious violations
involving FBI errors. If you extrapolate that to the entire
population, that would be about 600 cases of serious FBI
misconduct.
Mr. Watt. Ms. Caproni, is there some reason that this
Committee and the American public shouldn't be concerned about
law enforcement violating the law 600 times?
Ms. Caproni. We are quite concerned about this,
Congressman; and we are making every effort to figure out where
those errors are, to sequester the material, to pull it out of
our files and to destroy it. We will----
Mr. Watt. How many files have you all destroyed based on
this investigation up to this point?
Ms. Caproni. When we identify data that----
Mr. Watt. Isn't that a number rather than an explanation?
Ms. Caproni. Congressman, I don't know the number.
Mr. Watt. Has the FBI destroyed any files up to this point
based on this investigation?
Ms. Caproni. We destroy data all the time when we discover
it was improperly collected. So both outside of Mr. Fine's
investigation and----
Mr. Watt. Have you destroyed any files based on this
investigation?
Ms. Caproni. Again----
Mr. Watt. Have you destroyed any file?
Ms. Caproni. Not a file.
Mr. Watt. Have you destroyed any information based on this
investigation?
Ms. Caproni. Yes.
Mr. Watt. What have you destroyed?
Ms. Caproni. The full credit reports that were obtained
improperly, and I think there was also some telephone data.
Mr. Watt. How many is that?
Ms. Caproni. It is not much.
Mr. Watt. In these 600 cases that you have identified as
possible real serious areas, several hundred, do you intend to
prosecute anybody for violating the law?
Ms. Caproni. We will have to look at what the facts are. I
am not going to pre-judge.
Mr. Watt. How long is it going to take you to look at that?
Mr. Conyers. The gentleman's time has expired.
Ms. Caproni. The inspectors are in the field now, and I
think they will have completed their inspection, which is a
sampling process, but they will have completed it within a week
or so.
Mr. Watt. You have got a more reliable sampling process
than Mr. Fine.
Ms. Caproni. It is bigger, and it is across all field
offices.
Mr. Conyers. The gentleman from California, once an
attorney general for his State, Dan Lungren.
Mr. Lungren. Thank you very much, Mr. Chairman.
Ms. Caproni, I was one of the ones who have defended the
FBI and the Justice Department in the use of these as we went
through legislation the last 2 years, and to say that I am
disappointed doesn't give justice to what I feel about this.
Mr. Fine has said that this is the result of mistakes,
carelessness, confusion, sloppiness, lack of training, lack of
adequate guidance and lack of adequate oversight. That sounds
like a report about a first or second grade class. We are
talking about agents of the FBI, who are lawyers in many cases,
who have college degrees, who have other kinds of education. We
are talking about people who have gone through the FBI Academy.
We are talking about people who presumably have been trained to
go into this.
We are how many years past 9/11?
In response to the question I believe it was of Mr.--I am
not sure who asked you this, but whether you could get this
done in 4 months, you said you hoped so. I hope you will
deliver a message that we expect it will be done. Because I
don't think if you can't get it done in 4 months you are going
to have to worry about improving your procedures for NSLs
because you probably won't have NSL authority.
I just want to convey to you how upset many of us are who
have defended this program and have believed it is necessary to
the protection of our country and you in the FBI have an
obligation to try to find out who the potential terrorists are
but also to make good on the promise we have made to the people
of America that the terrorists are not going to succeed by
indirection what they can't do by direction. That is, to
destroy the constitution.
I just--I will tell you this. I talked with Mr. Mueller
yesterday. Because I have known him for 30 years. He's Mr. Fix-
it. He goes in and fixes messes. He has done it all over this
Government. I have seen his work in San Francisco. I have seen
his work here at the Department of Justice. If I didn't know
him, if I didn't know his record, if I didn't know he is the
man we have put in many places to fix things, I would have no
confidence in the FBI right now.
So I hope you will deliver a message to all your people
that it is not good enough to tell us you hope it is going to
be done in 4 months. I hope you are going to deliver a message
that it better be done in 4 months or you are not going to have
NSLs to worry about. I have to say that as someone who supports
them and will fight on the floor to have that authority given
to you if there is proper oversight. But I probably won't get a
majority of votes on the House floor if you don't fix it. So
can you tell me you are going to do better than you hope to fix
it in 4 months?
Ms. Caproni. Congressman, you are absolutely right. Yes, it
will be done.
Mr. Lungren. I appreciate that.
Now, Mr. Fine, you are the Inspector General for the FBI. I
want to congratulate you on what you have done. We say we take
some satisfaction in your carrying out the authority we gave
you, but sometimes that doesn't happen, and we appreciate the
job you have done here.
Maybe you won't want to answer this question. Maybe you can
help me. How do you explain carelessness, confusion,
sloppiness, lack of training, lack of adequate oversight with
the FBI? I just turned on television last night and watched one
or two or three of these shows that always shows the FBI as
being far better than local government. A little burr under my
saddle, because I am a former AG of California. I appreciate
the FBI, but how do you explain this? I am not sure what would
be worse, frankly.
At first, I was relieved that you said this and that it
wasn't intentional action by the FBI. At least, we haven't
found that. I would at first have been worried about that.
Now, as I think about this, should I be more worried about
the fact that the FBI now, in something as important as NSLs,
has marks of carelessness, confusion, sloppiness, lack of
training, lack of adequate guidelines and lack of adequate
oversight? Is this exceptional in your experience in your
oversight of the FBI?
Mr. Fine. I think the FBI worked hard to get these
authorities but didn't take it seriously enough putting in
controls over these authorities. I think there is often a
problem sort of between the receipt of the authority and the
execution of that authority. That is clearly what happened
here. We were very troubled by it.
We have seen problems in the FBI in terms of information
technology and trying to upgrade their information technology.
We have seen problems, but they are--these are difficult tasks,
and they are trying to do this as they are changing their
mission, and, quite honestly, there really is no excuse for it.
Mr. Lungren. Do you have any questions that the NSLs are of
some value?
Mr. Fine. Yes, I believe they are of value.
Mr. Lungren. If we lost them, that would be a loss.
Mr. Fine. I believe they are a valuable investigative tool
to counterterrorism and counterintelligence investigations, and
that is why it is so troubling.
Mr. Lungren. We better fix it so we don't lose a tool that
is truly effective.
Mr. Fine. I think they need to fix it.
Mr. Lungren. Thank you, Mr. Chairman.
Mr. Conyers. The gentlelady from Texas, Sheila Jackson Lee.
Ms. Jackson Lee. Mr. Chairman, again, my appreciation for
your continuing effort of establishing transparency in
Government.
I welcome both of the witnesses here today and recount just
limited history that troubles me as we find ourselves here
today. I know the good intentions of the witnesses, but
certainly I need not remind you of the era of McCarthyism and
certainly that role law enforcement played in that misdirected
era of the United States of America.
As a young lawyer, I participated in the investigations
into the assassination of Dr. Martin Luther King and John F.
Kennedy right here in this Congress; and what was exposed was
the extensiveness of the COINTELPRO of Dr. Martin Luther King--
wrongheadedness, as far as I am concerned--as relates to the
utilization of protecting this country. A civil rights leader
who happened to be outspoken against the heinous governmental
acts of segregation, and all of a sudden he became a major
target of the Federal Bureau of Investigation, with any number
of officers, agents, if you will, probing and looking over
paperwork that he might have generated.
That smacks, as far as I am concerned, of where we are
today, even though, Mr. Inspector General, you have indicated
that it has been without malice, without intentions. And we all
know that there is a phrase that says, a journey to a certain
place is paved on that road with good intentions.
So I am not very happy as to where we are today, because I
argued vigorously about the extensive powers that we were
giving to the President of the United States out of fear. One
thing that the Constitution reminds us and certainly the
Founding Fathers, who left a tyrannical society to be free, is
that tyranny can get the best of us. Lack of control can get
the best of us.
So I ask to the General Counsel of the FBI, did you
determine what percentages of those letters that were sent
without National Security Letters generated into terrorist
responses or terrorist incidences or terrorist prosecutions? I
would be interested in that number. Why don't you just answer
that yes or no. Do you have the percentage?
Ms. Caproni. I do not.
Ms. Jackson Lee. I would like to get the percentage,
frankly.
Ms. Caproni. The Director has ordered a special
investigation of the whole exigent letter instance. We will
brief this Committee when we have the results of that.
Ms. Jackson Lee. I will join my colleague on the other side
of the aisle. How quickly can you get that information? This is
about protecting the Constitution and securing the homeland,
two very important jurisdictional responsibilities; and I
happen to serve on both Committees, Homeland Security and this.
So my question is, how soon can you get those numbers? It makes
a real difference to know whether you generated potential
terrorist threats that would secure the homeland or whether or
not the FBI was on a fishing expedition.
Ms. Caproni. Congresswoman, let me assure you that the
group was not on a fishing expedition. Having said that, I
understand my assurance to this Committee at this point isn't
worth a lot. The Inspection Division is conducting the inquiry.
They know that they have to proceed quickly, but I regret I
can't tell you when they are going to be done. I will make sure
that the Director understands that you want it done as quickly
as possible.
Ms. Jackson Lee. Certainly we wish the Director well. We
would have wanted to have him appear before this Committee, but
we do wish him a speedy recovery.
Ms. Caproni. Thank you. I will let him know that.
Ms. Jackson Lee. Mr. Inspector General, I assume you will
say to me that you don't speculate, but let me quickly ask you
a question and will you be thinking, the General Counsel, on
this question.
The President signed on the PATRIOT Act a signing statement
which indicated that he was going to interpret or have the Act
interpreted in a manner consistent with the President's
constitutional authority to supervise a unitary executive
branch to withhold information. Just be thinking about that. I
wanted to know, did that give you free ride. That is why I have
legislation that indicates that agencies should not be running,
I must say, amok because of signing statements.
Mr. Inspector General, what you looked at and you said it
has not been intentional--help me out--however, don't you
believe there should be restraints put in place and might the
PATRIOT Act be entirely too broad to even be a valuable tool
that would restrain people in balancing both security and as
well balancing civil liberties?
Mr. Fine. I do believe that there need to be controls. I do
believe that there needs to be a balance, a balance of
effective tools to prevent terrorism, and at the same time
effective controls on the use of those tools.
What was most troubling to us was that those controls were
not implemented and not followed. I share the concerns
expressed by the Members of this Committee, and that is why we
did the report.
We were not restricted or limited in what we did, and I
know there was a Presidential signing statement, but the
Department did cooperate with us. We did provide the
information that we had. We provided it in the most
unclassified way we could, and the Department actually did
unclassify a fair amount of this information so it could be
fully aired. We also provided a classified report to this
Committee and other Committees describing the additional
information. So we did what we could to identify the problems
in this program.
Mr. Conyers. The gentleman from Florida.
Ms. Jackson Lee. Mr. Chairman, can she answer yes or no on
the signing statement? Would you indulge me?
Ms. Caproni. The signing statement had absolutely no impact
on how we secure letter authority.
Mr. Conyers. The gentleman from Florida, Mr. Ric Keller.
Mr. Keller. Thank you, Mr. Chairman.
Ms. Caproni, let me begin with you. If the FBI didn't have
National Security Letters as an investigative tool, you could
get the same information via prosecutor through a grand jury
subpoena or by going before a FISA court and getting a court
order, isn't that correct?
Ms. Caproni. Yes.
Mr. Keller. The concern that you have with those two
options is you essentially don't have the manpower. I think you
said it would sort of sink the system.
Ms. Caproni. I was responding to a suggestion that all of
these should be obtained via court order. If that were the law,
that would create substantial obstacles to our national
security program.
Mr. Keller. That is why you aren't using in all cases the
grand jury subpoena or the FISA court orders, because you don't
have the manpower power to do that and still do your
investigations?
Ms. Caproni. I would say it is perhaps slightly more
nuanced than that. On grand jury subpoenas, there are cases
where we don't have a criminal case open, so a grand jury
subpoena is not an option. Further, the whole philosophy of
making sure that we are thinking from an intelligence
perspective rather than immediately cutting to the chase of a
criminal investigation encourages agents to use national
security tools versus criminal tools.
Mr. Keller. Let me follow up, because the challenge we have
is getting this in the strike zone. We want you to have this
information that you need as an investigative tool, but we want
there to be some sort of check on your authority. To use the
grand jury subpoena, for example, to get my phone records, I
have the ability to move to quash that subpoena and have a
judge hear it.
Ms. Caproni. Only if someone tells you the subpoena has
been served, which is not the typical route of a grand jury
subpoena.
Mr. Keller. Before you went before a FISA court you would
have a set of eyes through the FISA court judge looking at it,
correct?
Ms. Caproni. That is correct.
Mr. Keller. In terms of using the National Security Letter,
let's say you served it on my phone company. The phone company
is not necessarily looking out for my personal privacy
interests, and so there is not a set of eyes looking at it, at
least from an individual perspective.
Ms. Caproni. Again, that is the same as with a grand jury
subpoena, correct.
Mr. Keller. So all we have is our Inspector General as a
check on the controls to make sure that you are applying it in
an appropriate way.
Ms. Caproni. I think this report has told us we internally
have to do a far better job at making sure that we are
maintaining internal controls over the use of this tool. I
fully expect Mr. Fine to come back to visit us in future years
and will dutifully take us to task if we have not accomplished
that.
Mr. Keller. Mr. Fine, imagine a housewife in Orlando,
Florida. She does absolutely nothing relevant to terrorism or
espionage, never met or spoken to a terrorist or spy. Based on
your investigation, does she have any reason to worry about
National Security Letters violating her privacy by looking at
her phone records, bank records or Internet search records?
Mr. Fine. I think that there are times when the FBI looks
for telephone records of potential terrorists and looks to see
who they have contacted or been in contact with. Could be
advertent, could be intentional contact, could be inadvertent
contact. As a result of that contact, there can be efforts to
look and see what telephone numbers have been called.
Now, if they had no contact whatsoever with the subject of
a potential terrorist investigation, it is less likely that the
records would be obtained here.
Mr. Keller. In framing my question, I said, no contact,
either written or spoken. So let me ask you, based on your
investigation, were there any situations where you saw National
Security Letters being used when there was no relevance
whatsoever to international terrorism or espionage?
Mr. Fine. We couldn't in our review look at all the
investigative case files and say there was an adequate
predicate. There wasn't. We looked at how they were used and
whether on their face they were improper. So it is impossible
for us to say that the relevancy standard was met.
One thing we did find and I would note, this is that, in
many cases, the counsel of the FBI field offices, either the
Chief Division Counsel or Assistant Counsel, did not
aggressively and independently look for that. And they are the
ones who should be checking on that, they are the ones who need
to ensure there is adequate predicate for this investigation.
And we saw in many cases that that didn't happen that they
acceded to the wishes or the arguments of the case agents or
special agents in charge without independently and aggressively
looking at that.
Mr. Keller. One final question. Can you give us an example
to help make your case, if you have one, as to what is a
scenario where a National Security Letter is your best
investigative tool because, for whatever reason, a grand jury
subpoena or a FISA court order is insufficient?
Ms. Caproni. Any time I would say that they were at the
very beginning of an investigation; say, for example, after the
London bombing when the British authorities provided us with
telephone numbers of the British bombers. So we were looking to
see if we have anyone in the United States that had telephone
contact with the London bombers. In my view, the appropriate
way to pursue that investigation is via National Security
Letter.
Mr. Keller. Because you wouldn't have time under the other
options?
Ms. Caproni. We wanted to know that very quickly; and,
again, I think the American people would want us to know very
quickly after the London bombings took place whether we had any
cells or groups of people tightly related to the London
bombers. So we needed to move very quickly; and, in fact, the
investigators did move very quickly on that to figure how out
who here was connected to there and was it an innocuous
connection or a dangerous connection.
Mr. Keller. My time has expired.
Mr. Conyers. The distinguished gentlelady from Los Angeles,
California, Maxine Waters.
Ms. Waters. Thank you very much, Mr. Chairman.
May I ask, were these witnesses sworn?
Mr. Conyers. They were not.
Ms. Waters. May I respectfully request that they be sworn
in?
Mr. Conyers. Too late.
Ms. Waters. Then, Mr. Chairman, I suppose we are going to
have to rely upon them, particularly the General Counsel,
continuing to tell us that they are acting within the law.
I shall proceed with my questions.
Mr. Conyers. If the gentlelady will yield, false testimony
before this Committee can constitute a violation in and of
itself, a misstatement, any deliberate misstatements.
Ms. Waters. Well, I would have preferred that they be under
oath, but--however, the Chair has made that decision; and I
shall proceed.
Let me just ask about the use of these exigent letters. As
I understand it, these letters are used basically to get around
having to get the NSL letters; is that right, Mr. Fine?
Mr. Fine. These letters were used in advance of or in lieu
of National Security Letters, that is right.
Ms. Waters. There was information collected as a result of
these letters, particularly the operation I believe that was
set up with the contract with the three telephone companies or
telecommunications companies; is that correct?
Mr. Fine. Well, there were contracts with the telephone
companies so that they would provide information to the FBI on
an expedited basis.
Ms. Waters. Ms. Caproni, do you still have contracts with
those telephone companies, any other telephone companies, or
any other private businesses to supply you information in the
manner that those companies did?
Ms. Caproni. We continue to have contracts with the
telephone carriers that obligate us to provide them with
appropriate process to get records.
I can't answer the balance of your question. I don't know
if we have other contracts with other private parties. The
telephone companies it made sense, because of the volume of our
request.
Ms. Waters. How much are the taxpayers paying the telephone
companies, that they pay to provide them services to spy on us?
Ms. Caproni. I don't know what the dollar value of the
contracts are.
Ms. Waters. You have no idea?
Ms. Caproni. I actually don't.
Ms. Waters. You have never heard any discussion about it?
Ms. Caproni. I am sorry, I don't. I just don't know the
amount.
Ms. Waters. Information was collected on millions of
Americans using this as a tool. Now that you know that they are
were innocent, they probably should not have been under
investigation. Has all of this information been purged and
gotten rid of?
Ms. Caproni. We did not collect records on millions of
Americans?
Ms. Waters. How did it work then?
Ms. Caproni. The exigent letters were provided to the
carriers, which promised future process. That future process,
unfortunately, was not always promptly provided.
Ms. Waters. What did they do?
Ms. Caproni. Who do?
Ms. Waters. The companies. How did they mine the
information and did they mine information of innocent people?
Ms. Caproni. The carriers provided us with toll billing
information, which was then placed into our databases. There is
no connection between their databases and our databases. The
information comes out electronically and moves into ours.
Again, we are talking about--I believe the number of
numbers at issue, according to the Inspector General, is
somewhere in the neighborhood of 3,000. It is my belief,
though--again, we will have to wait and see what the special
inspection finds--that all of those numbers were tied to
authorized investigations. To the extent any were not, the
records will be removed from our databases and destroyed.
Ms. Waters. When will they be removed? How long will it
take?
Ms. Caproni. Again, I am anticipating that that special
inspection will take a couple of weeks at least, but probably--
I just actually don't want to speculate.
Ms. Waters. Didn't you have a court order relative to your
contracts with these telephone companies?
Ms. Caproni. No, ma'am.
Ms. Waters. Was there a court decision relative to the
manner in which information was obtained?
Ms. Caproni. The information was obtained from the carriers
pursuant to--it was supposed to be obtained pursuant to the
laws of ACBA.
Ms. Waters. But they were not.
Ms. Caproni. Again, as Mr. Fine has indicated, there were
these exigent letters that were used. What we are trying very
hard to do is to unravel and to make sure that we do not have
the records of anyone as to which there was not--it wasn't
relevant to an authorized investigation.
Ms. Waters. How long have you been trying to do this?
Ms. Caproni. We began the process with them last fall and
we are--we within OGC are to the point that if they cannot
demonstrate to our satisfaction very quickly, then any of those
records have to be removed from the database and destroyed.
Ms. Waters. Certificate letters, are you still issuing
certificate letters?
Ms. Caproni. No.
Ms. Waters. When did you stop?
Ms. Caproni. Shortly after OGC learned about them, that
process was stopped. We entered into discussions with the Fed
over whether--Federal Reserve Bank in terms of whether or not
it required a National Security Letter. There was some back and
forth between lawyers, that the decision was made that they
would prefer a National Security Letter, so----
Ms. Waters. So you collected information using these
certificate letters. Has that information been destroyed?
Ms. Caproni. No.
Ms. Waters. When are you going to do it?
Ms. Caproni. I don't believe we are going to do it.
Ms. Waters. Why are you going to keep information that was
improperly collected on financial records of innocent people?
Why would you keep it?
Ms. Caproni. One, they are not innocent people; and two, it
wasn't improperly collected. The Federal Reserve Bank is not
directly covered by the right to financial privacy. They can
ask for a National Security Letter, which they now have done,
and because----
Ms. Waters. Why did you stop using certificate letters if
they were legal and proper?
Ms. Caproni. Because we thought the better process was a
National Security Letter, and the Fed asked us to provide
National Security Letters.
Ms. Waters. How have you determined whether or not the
information you collected was on individuals who were
suspicious, guilty, had committed a crime? How do you determine
whether or not these people are innocent and the information
should be destroyed?
Mr. Conyers. The gentlelady's time has expired. Please
answer the question.
Ms. Caproni. Certainly. The issue is whether the
information is relevant to an investigation. There are times
when we gather information that is relevant to an investigation
but it turns out that the person was not engaged, for example,
in terrorist financing. We don't then destroy the information,
though the investigation is closed. So it is much like any
other information that is gathered during the course of an
investigation.
The issue of whether that policy will continue is a matter
that is under discussion by a group that is being chaired by
the DNI in terms of whether we should or we should not continue
to retain information that is gathered via National Security
Letters after the investigation is closed.
Mr. Conyers. The gentleman from Virginia, Mr. J. Randy
Forbes.
Mr. Forbes. Thank you, Mr. Chairman.
Mr. Chairman, I hope I can emulate your very calm manner of
handling this Committee; and I just want to tell the witnesses
what I said at the beginning--I want to thank you both for
being here. We know you have a tough job, and we appreciate you
coming in here and answering our questions today.
I have listened to the Committee as we have gone through
this process, and we have had testimony from the Washington
Post, we have had testimony from members of the audience,
testimony from Members of this Committee. You are the only
witnesses we have here.
I think that you get the message, both of you, you had it
when you came in here, that no one on this Committee condones
any of these lapses or feels that it is not urgent that they be
corrected and corrected as quickly as possible. We are also
grateful that this Committee requested this audit. Because, Mr.
Fine, through your good work, we were able to find out what
these problems were so that we can correct them.
The other thing, Ms. Caproni, you have been asked to take a
lot of messages back to the FBI, all of which are good and
valid messages. But another one I want to ask you to take back
today is that, although the FBI messed up in handling the NSLs,
I want you to take a message back to those agents in the field,
who I know are working around the clock; they are away from
their families a lot of the time, and thank them for not
messing up on what Mr. Fine said was one of their key missions
and that was to detect and deter terrorism and espionage in
this country. Because if you had messed up on that one, we
would have a lot more people in this room and a much harsher
hearing than we are having today.
The other question I would like to ask either of you to
respond to: Do either of you have any evidence today that
anyone in a supervisory position gave instructions, either
expressly or impliedly, to any person under his or her
supervision to misuse the NSLs?
Ms. Caproni. Not to my knowledge.
Mr. Forbes. Mr. Fine.
Mr. Fine. We did not find that evidence. We did not find
that there was an intent by people who knew they were misusing
it to misuse it. So, no.
On the other hand, we did not do a thorough review of what
people up and down the line knew and did, so we reported what
we found.
Mr. Forbes. That is being conducted, as I understand it,
now, is that correct?
Ms. Caproni. Correct.
Mr. Forbes. And if you find that information you will
present that back to the Committee, correct?
Ms. Caproni. Absolutely.
Mr. Forbes. The second question for either of you: Is there
any evidence that any member of the FBI or the Justice
Department provided any information either orally or in writing
to this Committee or to Congress which they knew to be
inaccurate or false?
Ms. Caproni. Not to my knowledge.
Mr. Forbes. Mr. Fine, you don't have any?
Mr. Fine. I don't have that information, no.
Mr. Forbes. Just the balance that we have talked about, we
know the harm that comes from violation of privacy interests of
our citizens, that is huge. But I wish you would go back--and,
again, just take a minute--and talk about what Mr. Fine has put
in here about--says: These tools are indispensable to the FBI's
mission to detect and deter terrorism and espionage.
We know there has been a lot on your plate since 9/11 and
you have had to do that. Can you tell us, with as much
specificity as you can, exactly how these NSL letters have
helped to do and accomplish that mission?
Ms. Caproni. Again, National Security Letters provide the
basic building blocks of an investigation. Starting with phone
records, phone records are critical to the counterterrorism
agents to figuring out who was connected to whom; and that
permits us to trace foreign terror acts that have occurred,
obviously, since 9/11 and trace them in to individuals who are
in the United States and to determine whether those individuals
are up to no good or, in fact, it is just an innocent
connection. But for National Security Letters, I don't know how
we would do that.
They have also been absolutely indispensable in the area of
terrorist financing. We have done a tremendous amount of work
getting bank records on individuals we believe are funneling
money to foreign terrorist organizations overseas. Again,
without National Security Letters, could we go through a FISA
order? We probably could, but we certainly couldn't do that
very efficiently. So a National Security Letter is an efficient
way for us to get the basic building blocks of an
investigation.
Mr. Forbes. Have they stopped any terrorist attacks that
you know of that could have possibly happened in the United
States? You may not have that information.
Ms. Caproni. I am sorry, I don't.
Mr. Forbes. Thank you both.
Mr. Chairman, I yield back the balance of my time.
Mr. Conyers. I thank the gentleman.
The Chair recognizes Stephen Cohen, the gentleman from
Memphis, Tennessee.
Mr. Cohen. Thank you, Mr. Chairman. Stephen, yes. You can
call me Stephen.
Mr. Conyers. Stephen.
Mr. Cohen. Thank you, sir.
Mr. Fine, did you do any study of the people whose records
were looked at illegally for any similarity in demographics?
Mr. Fine. No. We looked at whether they were U.S. persons
or non-U.S. persons, but within those persons we did not look
at the demographics of those individuals.
Mr. Cohen. Ms. Caproni said they were all with
investigations that were ongoing. Did you find that to be true,
also?
Mr. Fine. We could not verify that they were all connected
to an ongoing investigation. I know the FBI is trying to do
that now. But as part of our audit we could not do that, all
that.
Mr. Cohen. Do you think it might be a good idea to look at
those people to see if there are any demographic consistencies,
if there is a group of the American public that might be looked
at in a closer manner than others and that might----
Mr. Fine. It is possible. That would be quite an
undertaking, and one has to realize a lot are not on
individuals but are on telephone numbers. There are certainly
consumer credit reports and other things that do relate to
individuals. So that kind of review is possible but incredibly
intensive and requires additional resources while we are trying
to comply with this Committee's and the Congress's directive to
do a review of the use of them in 2006 according to the
guidelines that were set out here.
Mr. Cohen. Thank you.
Ms. Caproni, you said that these were all tied to
investigations, is that correct?
Ms. Caproni. I said I believe that they are all tied to
investigations, and that is what we are trying to work through
with that unit now.
Mr. Cohen. If you find that they are not tied to
investigations, could you make a report to this Committee of
who those individuals were and why they were--their records
were sought when they weren't tied to investigations?
Ms. Caproni. Yes, we will provide this Committee with what
we find through the course of that special inspection.
If I could just say, though, so there is no
misunderstanding, the unit at issue typically gets simply a
telephone number. So they don't know--that is part of with what
they are charged of finding out, is who belongs to this
telephone number, what are the toll billings, records for this
number. So the name of the person associated with the phone
number is typically not part of what CAU does.
And for the exigent letters, to my knowledge--again, the
special inspection will reveal much more in terms of the ins
and outs of what they were doing--they were working off of
telephone numbers and not off of names.
Mr. Cohen. In the report, it says that some of these
violations demonstrated FBI agents' confusion and unfamiliarity
with the constraints on National Security Letter authorities.
Other violations demonstrated inadequate supervision over the
usage of these authorities.
This is from Mr. Fine's statement.
Ms. Caproni, do you think that these are maybe indices of a
systemic problem with the FBI, where the agents have confusion
and unfamiliarity with other policies and other laws? And, if
so, are you doing something about it?
Ms. Caproni. Congressman, that is exactly what I am
concerned about.
In the discussions that we have had--and I can tell you
that we have had a lot of soul searching at the FBI since then.
We got an F report card, and we are just not used to that. So
we have had a lot of discussions about this.
One concern is, are we--most of the agents grew up--the
agents my age at the FBI all grew up as criminal agents in a
system which is transparent, which if they mess up during the
course of an investigation they are going to be cross-examined,
have a Federal district judge yelling at them. The national
security side occurs largely without that level of
transparency.
Our concern is and what this report has shown us is that we
have simply got to do a better job making sure that, although
the actions that are taken in national security investigations
are typically taken in secret and they don't have the
transparency of the criminal justice system, that that imposes
upon us a far higher obligation to make sure that we have a
vigorous compliance system, that we have in place the training
that is necessary, that we restrain agents, that when agents
are working in this area we make sure they know.
Mr. Cohen. I think that is what we need. I appreciate your
candor.
There is some signage in the Capitol and one is a statement
by Brandeis, something to the effect that the greatest threats
to liberty come from insidious men of zeal, well-meaning but
without knowledge or understanding.
I think that you will find that if our agents, our FBI
agents, even though well-meaning and zealous, don't know what
they are doing, that it is a threat to people having faith in
the whole system. I hope you will correct that. I feel
confident you will.
Ms. Caproni. You are absolutely correct. We will.
Mr. Cohen. Thank you.
Mr. Conyers. I thank the gentleman, Steve Cohen.
The Chair recognizes now the gentleman from Virginia, Bob
Goodlatte.
Mr. Goodlatte. Thank you, Mr. Chairman, and thank you for
holding this hearing.
Ms. Caproni and Mr. Fine, thank you for your testimony
today. These are very serious concerns, and we appreciate your
helping us understand how they occurred, why they occurred, and
what is being done to correct them.
I have several questions I would like to ask, starting with
you, Ms. Caproni.
In Mr. Fine's report on page 8, paragraph 3, he notes, ``In
addition, we found that the FBI had no policy requiring the
retention of signed copies of National Security Letters. As a
result, they were unable to conduct a comprehensive audit.''
Can you explain why something as important and serious as a
National Security Letter would not have a signed copy retained
in the records of the Bureau?
Ms. Caproni. I can say that there were different processes
in different field offices; but, no, I cannot. I mean, there is
just no reason why there was not a policy that said you have to
keep a copy of the signed copy.
What we keep, which is typical of how our records are, is
the carbon copy, in essence, which is typically initialed.
But, no, in the world of Xerox machines, there is no reason
why we had not told people to hang on to a signed copy.
Mr. Goodlatte. Mr. Fine, did you draw any further
conclusions from that? Do you know why they were not retained?
Mr. Fine. They were not retained because there was not a
clear policy that was enforced.
Mr. Goodlatte. No ulterior motive that you know of?
Mr. Fine. I do not believe there was an ulterior motive,
but this was an example of an incredibly sloppy practice that
was unacceptable.
Mr. Goodlatte. I agree.
Let me ask you, when did you first learn of the problem
with the FBI's improper use of the exigent letters?
Mr. Fine. Well, we began our audit, as required by the
PATRIOT Reauthorization Act, around the beginning of 2006. As
you can see from this report, there are a lot of issues, and we
did interviews and document requests and field files.
I think sort of the first indications where we learn about
it were in the spring or summer of last year, where we had to
work through those issues.
Mr. Goodlatte. And who did you learn that from?
Mr. Fine. We learned it from, I believe, people in the
Office of General Counsel, the National Security Law Branch of
the FBI, about these issues. I think they are the first people
we learned it from, as well as from the review of documents and
e-mails and things like that.
Mr. Goodlatte. And what steps have you taken to ensure that
the practice was stopped?
Mr. Fine. The steps we have taken are to inform the FBI
about the unacceptability of this practice, to note it, to
report it, to let the people who are in charge of the FBI and
the General Counsel's Office know about it, and to make a
recommendation that it does stop.
Mr. Goodlatte. When did you make that recommendation?
Mr. Fine. I think we made the recommendation when our
report was issued to the FBI in draft; and I think that was in
either December or January of this year. It was December of
last year or January of this year.
Mr. Goodlatte. Ms. Caproni, has that practice been stopped?
Ms. Caproni. Yes.
Mr. Goodlatte. What steps have you taken to ensure that it
does not persist in any of the offices of the FBI?
Ms. Caproni. Well, first, we are trying to find out whether
it did happen in any office other than the unit at
headquarters, and we should know that answer probably by the
end of this week or sometime next week.
The second thing is that the practice of providing a letter
with a promise of future legal process has been banned. And,
again, we are also developing a vigorous compliance program to
make sure that we do not simply make the rule, but we actually
have in place some kind of process to make sure that the rules
are being followed.
Mr. Goodlatte. Current law authorizes a full credit report
request for only counterterrorism investigations. The Inspector
General discovered two instances in the same field office of a
full credit report request under counterintelligence
investigations.
How is this being corrected?
Ms. Caproni. This is being corrected by--the deputy
director ordered a full audit of every counterintelligence file
that has been opened since January 1, 2002. This authority went
into effect in the PATRIOT Act. So, realistically, we think the
earliest one that could have been issued would have been in
2002.
So they have to review every file since then in which a
Fair Credit Reporting Act NSL was issued and find out if they
have any full credit reports. If they do, they need to remove
them from their files and report it as a potential IOB
violation. Those will, in turn, be reported on to the IOB.
Mr. Goodlatte. One last question.
In at least one instance, a National Security Letter issued
under the Electronic Communications Privacy Act was determined
by the Inspector General to be seeking content.
How was this remedied, and what steps do your field agents
take to delineate between content and transaction information?
Ms. Caproni. In that case, there was no need to remedy it
because the Internet service provider refused to provide us
with any records, so we actually did not have an
overcollection.
Mr. Goodlatte. Have you remedied the request? I mean, they
should not be asking for that.
This was a big issue when we wrote the PATRIOT Act, and it
was the subject of a great deal of discussion with the
Administration about making sure that we had a clear line
between what could be requested and what could not be
requested.
Ms. Caproni. The statute defining electronic communications
transaction records actually does not define the term, and
there had traditionally been the debate that says that we will
leave up to the ISP what is content and what is not.
We think that is a trap for the unwary. It is bad for our
agents in that we do better with bright lines. And so OGC will
establish--we are in the process of making sure that we have a
list that makes sense of what is content and what is not.
In the abstract, that seems like a very clear line; in
practice, it is not. There are some difficult issues because
some of the answers revolve around how the ISP keeps their
records.
So we are working on it. My anticipation is that, within
the next week or two, we will have out to the field these
records you can seek, these records you cannot seek, and it
will be a very bright line.
Mr. Goodlatte. Thank you, Mr. Chairman.
Mr. Conyers. The gentleman from Georgia, Mr. Hank Johnson.
Mr. Johnson. Thank you, Mr. Chairman.
In these reports that I have read, it indicates that there
were three phone companies that the FBI, particularly the FBI
Communications Analysis Unit, the CAU, contracted with three
telephone companies between May of 2003 and March of 2004. Who
were those telephone companies?
Ms. Caproni. The telephone companies were AT&T, Verizon and
MCI, which has now been acquired by Verizon.
Mr. Johnson. Now, are those contracts still in force at
this time?
Ms. Caproni. Yes, they are.
Mr. Johnson. And are there any other phone companies that
are contracted with the FBI through the Communications Analysis
Unit or any other unit of the FBI?
Ms. Caproni. Not through the Communications Analysis Unit;
broader than that, I do not know. We may have contract--not for
this sort of information. We may have other contracts with
phone companies, but not like this.
Mr. Johnson. And nobody put a gun to these telephone
companies' heads and made them sign the contracts, did they?
Ms. Caproni. No.
Mr. Johnson. They were just simply agreements with the FBI
and with the phone company?
Ms. Caproni. Correct. From our perspective, because these
originated--given the volume of our requests, that this
permitted us to get our records very quickly.
Mr. Johnson. Well, I understand.
Then the phone companies received compensation for engaging
in this contract with the FBI; is that correct?
Ms. Caproni. That is correct.
Mr. Johnson. And this compensation, was it merely for
expenses or was there profit involved, or you have no way of
knowing?
Ms. Caproni. I do not know.
Mr. Johnson. Really, you do not really care as long as you
get the information, correct?
Ms. Caproni. Again, from our perspective, the goal was to
get the information in a form that is readily usable for us so
that we do not have--some phone companies give us paper
records. That requires a lot of data.
Mr. Johnson. Okay. All right. I understand.
Earlier in your testimony, ma'am, you stated that the phone
companies were responsible for a lot of the errors that are
cited in the compliance with the National Security Letters.
Ms. Caproni. We do see third-party errors, correct.
Mr. Johnson. You saw a substantial number, and so you are
placing upon the phone company the obligation to properly
document whether or not there has been a follow-up with an
exigent letter?
Ms. Caproni. Oh, no, sir. They are two separate things. I
do not excuse our lack of recordkeeping in connection with the
exigent letters. They did keep the records, which was
fortunate.
Mr. Johnson. And it is important to note, Mr. Fine, that
your analysis of the FBI's compliance with the PATRIOT Act
found that there were woefully inadequate mechanisms for the
collection of data on these National Security Letters. In other
words, the recordkeeping by the FBI was woefully inadequate as
far as the issuance and follow-up on these National Security
Letters and also the exigent letters; isn't that correct?
Mr. Fine. We did find serious and widespread misuse and
inadequate recordkeeping, absolutely.
Mr. Johnson. Do you have any idea, Mr. Fine, how much the
telecommunications companies were paid for their so-called
``contract'' with the Government?
Mr. Fine. I do not know, no.
Mr. Johnson. All right.
Can you, Ms. Caproni, provide my office with that
information, along with copies of the contracts between the CAU
and the phone companies?
Ms. Caproni. I have great confidence that we are going to
get a number of questions for the record after this, and I am
assuming that will be one of them, and we will respond
appropriately.
Mr. Johnson. Will it take a subpoena for us to get that
information?
Ms. Caproni. I do not believe so. I do not know what is in
the contract, so I do not know if there are any sensitive
issues.
Mr. Johnson. Will you provide it to my office?
Ms. Caproni. Again, we will respond to questions for the
record as they come in.
Mr. Johnson. All right.
Why, if the NSLs are the FBI's bread-and-butter
investigative technique, could the Inspector General only
identify one terrorism prosecution out of the 143,074 people
whose investigatory information was obtained?
Ms. Caproni. Again, Mr. Fine can explain his methodology,
but I think the issue and the difficulty of that question is
that because there was no congressional--because we were not
legally obligated to tag the data, tracing it through is
difficult.
Mr. Johnson. So 1 out of 143,000.
How does that equate to being the bread-and-butter
investigative technique for uncovering terrorism by the FBI?
Ms. Caproni. Again, we disagree that in only one case did
NSL data contribute to a criminal prosecution.
Mr. Johnson. But would you say more than 10 or less than
10?
Ms. Caproni. I do not know. It is my belief that virtually
every counterterrorism case that began in its normal course of
affairs is likely to have a National Security Letter used
sometime during it.
Mr. Johnson. And it is also----
Mr. Conyers. Your time has expired.
Mr. Johnson. Thank you.
Mr. Conyers. Mr. Johnson, any records that you request will
come to the Committee, and then you will be advised.
The Chair is pleased now to recognize the gentleman from
Florida, Mr. Tom Feeney.
Mr. Feeney. Thank you very much, Mr. Chairman.
Earlier, Mr. Smith alluded to your illustrious basketball
career. I went to the same high school as Mr. Fine. He
graduated a few years before me, and I wish I had had a jump
shot like Mr. Fine did, but not nearly so much as I wish I
would have been able to hit a fast ball like Mr. Reggie
Jackson, who graduated a few years before Mr. Fine did.
But we thank you for your work. By the way, none of us is
the most famous graduate because Benjamin Netanyahu, the former
Prime Minister of Israel, is. I had to get that plug in.
We are very grateful for your work here, because a lot of
us are supporters of the PATRIOT Act, but only with some
serious restrictions. And I guess the first question I want to
ask you--and I want to remind people that it was the
reauthorization of the PATRIOT Act that actually required the
report that you have just completed; is that right?
Mr. Fine. Yes.
Mr. Feeney. And I hope that not just your report but the
tenor of the questions from supporters of the PATRIOT Act, as
well as the critics, is being listened to very carefully in the
Justice Department and in the FBI.
We have got to get this balance correct; and nothing could
be more critical because some of the most unthoughtful critics
of the PATRIOT Act candidly will be the first ones--when there
is another 9/11 and when we do not get the information
accurately ahead of time to stop, maybe not 3,000 or 4,000
people, but 300,000 or 400,000 people, they will be the first
ones jumping on the Administration, the Justice Department and
the FBI for not doing its job.
But those of us trying to strike a thoughtful balance
between civil liberties and the need to protect America from
this new threat are very, very concerned about what we have
heard, and if the FBI does not take this to heart, we will
correct the problem.
I do not think anybody could have said it better than Jim
Sensenbrenner, who, again, is a supporter of the PATRIOT Act,
who said that the overreaching that is apparent here within the
FBI is going to erode support, if it has not already, for very
important national security initiatives. And I would hope that
everybody down at Justice is listening because these are the
supporters, people like Lungren, Feeney and Sensenbrenner, who
are telling you this is not right, that it cannot continue.
Mr. Fine, do you have an opinion as to whether or not the
serious problems that you have discovered in initial compliance
with the PATRIOT Act are largely because of ambiguities or
poorly structured legislation? Is it statutory language that is
the problem, largely, here; or is it abuses within the FBI and
compliance?
Mr. Fine. I do not think it was the statutory language that
was ambiguous. I think it was the execution of the policy by
the FBI that was woefully inadequate.
Mr. Feeney. Just to follow up, can you identify or do your
report and investigation lead you to conclude that there are
any important statutory improvements we can make?
I realize it is not your typical arena to give us advice,
but are there any specific pieces of advice that you would give
the Congress in terms of oversight or statutory reforms here?
Mr. Fine. Well, you are correct, it is not my arena to do
that. What I try to do is present the facts to this Committee
and to Congress and let the facts lead this Committee and
Congress to do what they believe is appropriate.
There is one section of the report that does talk about an
ambiguity in the meaning of toll billing records. I think there
ought to be something done about that, because that was a
concern of what that meant, and it should be clarified.
I do think----
Mr. Feeney. Could the AG do that, by opinion?
Mr. Fine. I do not think so. It has to be done by Congress.
I do think that the Committee does need to strike a balance
and to sort of balance the need for protections and controls
over civil liberties with the need for tools to prevent and
detect and deter terrorism. And that is the difficulty in this
task, and that is the real concern that we have about how the
FBI implemented this.
Mr. Feeney. You said you sampled 77 case files, the report
indicates. How many case files are there all together, roughly?
Mr. Fine. That I could not tell you.
Mr. Feeney. Do you believe that the 8,850 failed reportings
are systemic and that, if you would extrapolate, we would
probably see that elsewhere?
Mr. Fine. I do believe that the files we looked at were a
fair sample and that there is no reason to believe that it was
skewed or disproportionate. We did not cherry-pick them.
Mr. Feeney. Do you have any reason to believe that there
were more abuses in the 8,850 requests that were not properly
reported? Is it any more likely for there to be abuses of civil
liberties or of the law or of the AG's rules than the requests
that were properly recorded?
Mr. Fine. Well, we do not know how many requests were not
recorded in the FBI's database. There were problems with the
database structurally so that things were not in there. There
were delays in entering in the database, so Congress did not
get the information, and when we looked at the files, there
were NSLs that were in the files that did not go into the
database.
Approximately--I think it was 17 percent of the ones we
found were not in the database. Now, that is a significant
number; and now--I know the FBI is trying to find them in the
database as we speak, but we have no confidence in the accuracy
of that database.
Mr. Feeney. Finally, if I could, Mr. Chairman.
Ms. Caproni, you alluded to the culture of the FBI, which
traditionally, I find, is a crime-fighting institution. Some
people have called for an N15 type of intelligence agency with
a different culture, and it might be interesting that you take
back the interest that some of us in Congress have, that if the
FBI cannot change its culture or have a separate culture for
intelligence than it has had traditionally, we very much need a
different type of institution to get intelligence right, to
protect this country on a day-to-day basis.
Ms. Caproni. Again, I believe that we can do this. We are
going to do this. We can get this right. We are going to get it
right.
Mr. Feeney. Mr. Chairman, I yield back the balance of my
time.
Mr. Conyers. Thank you. There was not any left.
Mr. Feeney. That is why I did it.
Mr. Conyers. I see.
Okay, we are now going to recognize the gentleman from
California, Mr. Adam Schiff.
Mr. Schiff. Thank you, Mr. Chairman.
Inspector General Fine, you have said that you did not find
that any of the violations were deliberate or intentional, and
yet, you also report the issuance of blanket NSLs, which, to
me, appear to be an effort to cover up what was recognized to
be a flawed issuance of these exigent letters.
Given that NSL letters are supposed to be case-specific,
the NSLs were a blanket violation of the law, weren't they? How
can they be described as unintentional or anything but
deliberate?
Mr. Fine. I think what you are referring to, Congressman
Schiff, is the issuance of what we have heard about of blanket
NSLs in 2006. We have not reviewed 2006 yet. We reviewed 2003
to 2005. We have heard about this. It is past the review
period, and we are concerned about it, and we will look at
that.
Mr. Schiff. Well, Ms. Caproni, in your briefing on the Hill
last week, you acknowledged that when agents realized that they
had been issuing these letters, these exigent letters, saying
that subpoenas were forthcoming when they were never
forthcoming, that blanket NSLs were issued as a way of
basically trying to clear up or cover up or, in other words,
make up for the failure to use correct processes in the past.
Assuming those are the facts, Inspector, doesn't that show
a level of deliberateness and intention that far exceeds what
you have described in your report?
Mr. Fine. It certainly shows us concern of what were they
thinking. They clearly were not following the procedures. They
clearly were not providing NSLs in advance or even, quite
reasonably, soon thereafter; and it did give us concern.
And there were a lot of people who did this. It was done as
a sort of routine practice which is, in our view, completely
unacceptable. But I think it is important for the FBI to look
at this and to interview these people and find out what
happened up and down the line. And we will be looking at it, as
well, in 2006.
Mr. Schiff. Well, even as to the false statements
themselves, in these exigent letters that said that subpoenas
were forthcoming when they were not, let me ask you, Ms.
Caproni, if a local cop in the city of Burbank in my district
wrote letters to the phone company, or went out and served
letters on the phone company, saying that Federal grand jury
subpoenas would be forthcoming, because that local cop wanted
to get information that maybe he could not get another way, or
could not get as quickly another way, and you learned about
this practice, that cop would be under Federal investigation,
wouldn't he?
Ms. Caproni. Congressman, I really do not know that. I do
not think you have given me enough facts to say whether that
would or would not be the case.
Mr. Schiff. Well, a local police officer acting under the
color of Federal law, demanding records, claiming a Federal
process that is nonexistent, that would not be an issue for a
Federal investigation?
Ms. Caproni. It would certainly be troubling, much as the
practices that were taking place in the CAU unit are troubling.
Mr. Schiff. Well, you know, having worked in the Corruption
Section of the U.S. Attorney's Office in L.A., I can tell you
it would be more than troubling. You would have FBI agents
assigned to investigate that local cop.
It does not seem to me to be any different to have FBI
agents giving telecommunications providers letters saying that
subpoenas are forthcoming when they are not.
When did your office discover that these old New York form
letters were being used to get information?
Ms. Caproni. Sometime in 2006.
Mr. Schiff. You know, there is a report in The Washington
Post that indicates the head of the Communications Analysis
Unit, the same unit that drafted most of these letters, warned
superiors about the problems in early 2005.
Do you know anything about that?
Ms. Caproni. I know what I have read in the paper, and I
know that the Inspection Division is going to do a full
inspection of this to see what exactly the unit chief said.
Mr. Schiff. Well, I am asking you to go beyond what you
have read in the paper, and we all know what the IG is going to
do.
When did you first learn about the fact that the head of
the unit that was drafting these letters had warned superiors--
do you know who those superiors are?
Ms. Caproni. I do not know who he says he warned.
Mr. Schiff. Were you warned by him?
Ms. Caproni. No.
Mr. Schiff. Do you know if anybody in your office was
warned by him?
Ms. Caproni. I am not sure that I even necessarily agree
that there was a warning. I know that there were--and I knew
generally that there were what I understood to be bureaucratic
issues within that unit. That did not include----
Mr. Schiff. You keep on describing these bureaucratic
issues. I find an interesting kind of mix of an acceptance of
responsibility in your statement and a denial of
responsibility. You seem to accept responsibility for mistakes
others have made, but acknowledge very little responsibility on
behalf of the office you run.
It is primarily your office that is intended to advise the
agents about how to comply with the law, particularly in an
area where the courts are not scrutinizing it, as you pointed
out, in a process that lacks transparency.
Isn't that fundamentally the job of your office?
Ms. Caproni. That is fundamentally the job of my office.
Mr. Conyers. The time of the gentleman has expired.
The Chair recognizes Louie Gohmert of Texas.
Mr. Gohmert. Thank you, Mr. Chairman. I appreciate that.
I am very pleased that when we renewed the PATRIOT Act, we
did insert the provision that would require this Inspector
General report so that we could find out this information that
is so very important.
In your report, your indications, Mr. Fine, were that the
FBI did not provide adequate guidance, adequate controls, or
adequate training on the use of these sensitive authorities;
and that oversight was inconsistent and insufficient.
Ms. Caproni, as I understood Director Mueller to say last
week, he took responsibility for the lack of training and
experience, and that troubled me a great deal. You had
indicated earlier that people of, I guess, our generation and
especially those in the FBI had grown up with accountability,
knowing they could be cross-examined. And yet, it seems that
the overzealousness that Mr. Cohen spoke of often is found in
maybe new agents who do not have the time on the ground, the
experience.
Wouldn't you agree that is sometimes found in newer agents
who lack the training and experience?
Ms. Caproni. I do not know in this case if this is an issue
of young agents versus old agents. I just do not know the
answer to that.
Mr. Gohmert. Well, are you familiar with the new personnel
policy that this Director instituted in the FBI that is
affectionately, or unaffectionately, called the ``up or out
policy''?
Ms. Caproni. Yes, sir, I am.
Mr. Gohmert. You know, I appreciate the Director last week
saying that we welcome more oversight; I appreciate your
openness in that regard. But just in my couple years of being
in Congress, it seems to me that the FBI, at the very top at
least, was not interested in oversight and was set on
intimidating anybody who really wanted to pursue that.
I know we have one Member of Congress, a former FBI agent,
who had indicated to me that--because many of us who are very
familiar with many FBI agents, we have been hearing that this
policy was causing the FBI to lose some of their best
supervisors.
The policy is basically--as I understand it, once you have
been a supervisor for 5 years, then you either have to move up
to Washington or move out, that you cannot be a supervisor; and
that we have lost many of our best supervisors, and we just put
new, inexperienced people in supervisory capacities. And this
was something that Mike Rogers, a former FBI agent and a Member
of Congress, wanted to talk to someone about; and when he
finally was able to get somebody to agree, in a supervisory
position, he goes back to his office and his whole office staff
is out in the hall because the FBI has come over and done a
sweep of his office that was really unnecessary, and it seemed
to be more about intimidation.
One of the most outspoken critics of the FBI in the last
couple of years has been Curt Weldon, and we know that, back in
September-October, the FBI announced, well, gee, he is under
investigation just at a perfect time to get him defeated. And
so it seems, when we find out that there are all of these
143,000 letters that were inappropriately requested and that,
gee, somebody asked tough questions of the FBI personnel and
they may very well be the 143,000 and first letter in the next
batch inquiring about their own records, that there has not
been this desire for oversight, but there has been quite some
intimidation.
So I am curious, has there been any revisiting of this up-
or-out policy to get rid of the best trained and experienced
supervisors since this lack of training and experience and
inadequate guidance and controls have come to light?
Ms. Caproni. Congressman, the period of time covered by Mr.
Fine was at a period of time when those supervisors would have
still been in place. What we have seen, actually, is that the
5-year up-or-out has encouraged people to bid for and seek
promotion to higher positions, which has been a net positive.
Now, I know that you have an interest in this, and I know
that there were agents who were not happy about the policy. The
Director feels very strongly that it is an appropriate policy,
that it does move good supervisors up in management so that
they have a greater span of control, so that we can further
benefit from the skill sets that they have from their tenure at
the Bureau.
Mr. Gohmert. So the answer is, no, you are not revisiting
the policy? Is that your answer?
Ms. Caproni. That is correct.
Mr. Gohmert. Okay. I just wanted to weed through and get to
the answer. Thank you.
Now, with regard to these letters, it is deeply troubling
because we have been hearing about how important they were in
order to get this information. But you know--I mean, we had
assurances from everybody from the AG on down that there was
adequate oversight, that there was adequate training.
What suggestions--since you are not changing any personnel
policies, what actual structural policies within the FBI are
going to change to make sure that there would be adequate
oversight just in case the NSLs were allowed in the future?
Ms. Caproni. Again, we are going to do substantially more
training. Agents are now being placed into career paths, and
they are going to be required, after their time at Quantico, to
return to Quantico for sort of a postgraduate period. That will
have extensive training for those agents who are on the
national security career track.
We are also implementing an auditing practice that will
include Department of Justice lawyers, inspectors from the FBI,
and FBI lawyers to go out and methodically audit the use of the
National Security Letters.
More generally, we are going to create a compliance program
within the Bureau that will be interdisciplinary, and it will
make sure that--not just with National Security Letters. I
mean, this is one tool, and it is a tool that, as indicated in
this report, we need better controls on. Our concern is that
there may be other things that we need to make sure that we
have gotten better controls on, that we think we have given
perfectly clear guidance on, but in terms of execution in the
field, we have got some problems.
So, again, I cannot say enough that we take this report
extremely seriously. We know we have got issues. We know we
have got problems. The Director and upper management are
absolutely committed that we are going to fix this.
Mr. Conyers. Your time has expired.
Mr. Gohmert. Thank you, Mr. Chairman.
Mr. Conyers. Mr. Artur Davis from Alabama is recognized.
Mr. Davis. Thank you, Mr. Chairman.
Ms. Caproni, give me your best legal assessment. Would the
exclusionary rule apply to any evidence obtained from the
improper issuance of these letters?
Ms. Caproni. Probably not, but I have not, quite frankly,
given that a great deal of thought. It is not a fourth
amendment violation. The exclusionary rule clicks in when you
have got a fourth amendment violation. These records are being
held by third-party businesses, so it is not a fourth amendment
problem.
Mr. Davis. Well, would there not be fourth amendment
implications if information were obtained as a result of the
improper use of Federal statutory authority?
Ms. Caproni. There would be other problems, but I do not
think there is a fourth amendment problem.
Mr. Davis. Well, do you think that there would be a
practical problem?
A classic hypothetical: If a National Security Letter were
improperly issued, and it turned out later on there was perhaps
a valid basis for the issuance of a warrant, wouldn't that
possibly be compromised or wouldn't the emergence of a valid
basis later on be compromised by the misuse of an NSL?
Ms. Caproni. Again, I am always leery of responding to
hypotheticals. All I can say is, there is no--we are not
minimizing this. We do not want any improper use----
Mr. Davis. So you are not sure. Let me follow up on Mr.
Schiff's questions.
Are you familiar with the name Bassem Youssef?
Ms. Caproni. Yes, sir, I am.
Mr. Davis. Mr. Youssef, as I understand it, was in charge
of the Communications Analysis Unit at the Bureau; isn't that
right?
Ms. Caproni. He was, beginning in the spring of 2005.
Mr. Davis. Is it accurate that Mr. Youssef raised concerns
about the misuse of the NSLs to his superiors?
Ms. Caproni. That will have to be determined through the
inspection. I do not know the answer to that question.
Mr. Davis. Well, you know that that has been reported, and
I assume, Mr. Fine, neither you nor Ms. Caproni has any basis
to dispute what Mr. Youssef's lawyers are saying about his
making that report.
Ms. Caproni. I would note that Mr. Youssef is in litigation
with the FBI.
Mr. Davis. That is not what I asked you. I asked you if you
had any basis to dispute this report.
Ms. Caproni. I do not know one way or the other.
Mr. Davis. Mr. Fine, do you have a basis to dispute that
there were complaints raised by the former head of the
Communications Analysis Unit?
Mr. Fine. We did not review what he did, what he----
Mr. Davis. Mr. Fine, how is it possible that you did not
review the fact that the former head of the unit raised
questions about the misuse of the NSLs? How is it remotely
possible that was not reviewed?
Mr. Fine. We reviewed what happened in that unit and what
was issued; and we did review the discussions that occurred
between the Office of General Counsel, and that included----
Mr. Davis. Mr. Fine, the head of the unit--not a secretary,
not an intern, not a line officer--but the head of the unit
raised concerns. How is it possible that you did not conduct an
interview of Mr. Youssef?
Mr. Fine. We did interview Mr. Youssef, and we did not hear
that concern from him. And, in fact, from the interview of Mr.
Youssef and also from the review of the records, we saw that he
had signed a letter. And many letters were signed----
Mr. Davis. Are you disputing that Mr. Youssef complained
about the improper issuance of NSLs?
Mr. Fine. To his superiors?
Mr. Davis. Yes.
Mr. Fine. I do not know that. I do know----
Mr. Davis. Did you ask him?
Mr. Fine. I do not believe we--I am not sure whether we
asked that question, but----
Mr. Davis. Mr. Fine, how do you possibly not ask the head
of the unit if he had any concerns about whether or not the
statute was followed? How does that possibly not come up as a
question?
Mr. Fine. We did ask him, and we questioned him
extensively, our attorneys did, about the communications
between the Office of General Counsel, which was that----
Mr. Davis. Well, did he say that he raised questions?
Mr. Fine. Not that I am told, no.
Mr. Davis. Not that you remember or not that you were told?
Which one?
Mr. Fine. Well, I actually did not do the interview, but
let me just check.
[Brief pause.]
Mr. Davis. While you are working on the answer to that, Mr.
Fine, the rather obvious observation is that I hope that your
time to get the answer is not taken out of my time.
If you have the head of the Communications Analysis Unit
raising questions about how that unit does its work, it is a
little bit amazing to me that you are having to search your
memory as to what happened during the interview.
But let me move on.
Mr. Fine. Well----
Mr. Davis. Is it true--well, my time is limited, Mr. Fine.
Is it true that Mr. Youssef won the Director of Central
Intelligence Award in 1995 for his work infiltrating the group
that tried to blow up the Trade Center in 1993?
Mr. Fine. I have heard that.
Mr. Davis. Do you have any reason to dispute it?
Mr. Fine. No.
Mr. Davis. Is it true that Mr. Youssef was the legal
attache to Saudi Arabia during the time that the Khobar Towers
bombing was being investigated?
Mr. Fine. I have no reason to dispute that.
Mr. Davis. Is it true that Mr. Youssef received outstanding
personnel evaluations during that time?
Mr. Fine. I have no reason to dispute that.
Mr. Davis. So you have someone who was the head of a unit,
who had won awards for his intelligence work, who apparently
received superior evaluations, raising concerns about how his
unit was being conducted; is that accurate?
Mr. Fine. I am not sure it is accurate. I am not----
Mr. Davis. What is inaccurate about it?
Mr. Fine. What is inaccurate is that it is not clear what
concerns he raised and what he did to stop this. And we did
look----
Mr. Davis. Again, Mr. Fine--I know my time is up. If the
Chairman would indulge me for one question.
I guess I am searching for what is opaque about this. This
gentleman was in a very important position; he was in charge of
the unit. You admit that you interviewed him, but your memory
seems foggy as to what you asked him, and your memory seems
foggy as to whether or not he raised concerns to his superiors
and what the concerns were.
I cannot imagine a more important interview that you could
have conducted.
Mr. Fine. We did conduct that interview, and we went over
extensively what the concerns were between him and the General
Counsel's Office and the attempts to put the exigent letters--
--
Mr. Davis. Who did he raise these concerns with?
Mr. Conyers. The gentleman's time has just about expired.
What I would like to do is to give the Inspector General an
opportunity to fully finish his answer.
Mr. Fine. We did interview Mr. Youssef, Congressman, and we
did not find that, as a result of his actions, the problems
were corrected. We did find, through review of the NSLs, that
he signed one, that under his leadership these exigent letters
continued; and we saw the efforts between the Office of General
Counsel and the CAU to correct this, which did not occur, and
we did not see that he put a stop to this.
However, we did not do----
Mr. Davis. Was he of the power to put a stop to it?
Mr. Fine. He was the head of the unit.
Mr. Conyers. Just a moment. If my colleague will suspend, I
want him to be able to complete his answer before we go on to
the next Member.
Mr. Fine. We did not see that this practice was stopped
during his time. There was an attempt to sort of provide NSLs
reasonably soon after the exigent letters, but the exigent
letters continued.
And it is important to determine who did what, when and
how; and the FBI is going to do that, and we are going to look
at that very carefully, as well. But our review was not to look
at everybody's actions up and down the line, including his or
others' to determine what steps each one of them took.
What we tried to do is present the problem and the issue
and make sure that it stopped as a result of it.
Mr. Conyers. The gentleman's time has expired.
The Chair recognizes Darrell Issa, the gentleman from
California.
Mr. Issa. Thank you, Mr. Chairman.
I guess I will start off slowly and just follow up on Mr.
Gohmert for a second. It does seem amazing that an organization
of excellence, as the FBI has historically been, would adopt a
``We have got to get you to the Peter Principle achievement
level with this up-or-out policy,'' and I would strongly second
Mr. Gohmert, what I think he was saying, which is, if you have
people who can be very good at what they do at the beat levels,
so to speak, of the FBI in various positions--if they can, in
fact, be superb leaders at a level that they are comfortable
and, quite frankly, in a community that they are comfortable
living and working in and building more capability, rapport and
analysis capability and you adopt an up-or-out program--what
you do is, you force them either to leave because they do not
want to leave communities they are attached to or, quite
frankly, you force them to a management level they may not be
comfortable with.
It is bad enough that the Army will not allow a great
company commander to continue being a company commander and
must force them to a staff position somewhere where they
endlessly see papers in the hopes that they someday will get a
battalion command, but there is a certain amount of history
there.
I strongly suggest that the FBI should not have a history
that people doing a good job at a given level be forced on.
Having said that, that is a management decision that the next
Administration hopefully will straighten out.
Speaking of management decisions, General Fine, I am a
little shocked that under this Attorney General, this
Administration seems to look at violations of constitutional
rights for limited capabilities that we have granted from this
body, as the general counsel said, ``troubling.''
If what the FBI did was done by a private sector
individual, wouldn't the FBI be arresting them? Wouldn't the
U.S. attorneys be prosecuting people who played fast and loose
with these rules?
Mr. Fine. It depends on the intent involved and what
happened.
Mr. Issa. Okay. Let me back up.
If there were a pattern over time, as there is, of abuses
piling up to where it was clear that people knew it was
happening--even some people clearly made comments that it
should not be happening, that it was inconsistent with the law,
but it continued--isn't that a poster child for the FBI and for
the U.S. Attorney's Office to criminally prosecute people who
do these things?
Mr. Fine. Again, if there were an intent to do that as
opposed to a pattern of negligence, and also a knowledge of
this, and we went in and looked at it after the fact and found
all sorts of problems and compiled a 126-page report which lays
it out in black and white, and it is, you know, a serious,
serious abuse.
But at the time, were they aware of it? Did they know about
that and what their intent was? That is much harder to say. We
did not find evidence of criminal misconduct, but we certainly
found evidence----
Mr. Issa. Wait a second. Wait a second.
Piling up evidence that crosses the guidance we allow to
pile up that evidence, and you are saying that it is not
criminal?
Mr. Fine. Well, you have to look at the individual
allegations as well. We looked at the files. We found in
several files, in many files, that there were no abuses. We
found in others that there were problems with them.
Mr. Issa. But there are no prosecutions and no dismissals;
is that correct?
Mr. Fine. Well, there are no prosecutions. The FBI is
looking at the evidence right now to see what people knew and
what they did not, whether it was because of any intentional
conduct that they knew they were doing wrong.
We did not see that, but we did not do a review where we
asked each individual, ``What did you do and why?'' we did a
review of--an audit of this to lay out the problems for the
Congress.
Mr. Issa. Well, I would suspect that I join the Chairman
and many Members on both sides of the aisle in saying, I have
serious doubts about whether or not the Congress can continue
to extend capabilities that are not 100 percent adhered to and
there are no significant results when they are not adhered to,
and then not feel that what we are doing is giving the FBI the
ability to violate people's constitutional rights.
You know, I heard today, well, geez, we would not exclude
this--and Congressman Schiff brought it out--we will not
exclude this information even though we played fast and loose;
and we will not dismiss and we will not prosecute.
Well, with all due respect, from the Attorney General on
down, you should be ashamed of yourselves. We gave--we
stretched what we could give in the PATRIOT Act. We stretched
to try to give you the tools necessary to make America safe,
and it is very, very clear that you have abused that trust, and
when the reauthorization of the PATRIOT Act comes up or any
bill coming down the pike, if you lose some of these tools,
America may be less safe, but the Constitution will be more
secure, and it will be because of your failure to deal with
this in a serious fashion.
I yield back.
Mr. Conyers. Thank you very much.
The Chair recognizes Keith Ellison, the gentleman from
Minnesota.
Mr. Ellison. Thank you, Mr. Chair.
Mr. Fine, I want to talk to you about your report
recommendations starting with the exigent letters.
Wouldn't it be better simply to adopt the FBI's practice,
current practice, of simply banning the use of exigent letters?
I notice that in your recommendations, or in what I believe are
your recommendations, your suggestion is to take steps that the
FBI not improperly use the letters, but why not just say ``no
exigent letters''?
Mr. Fine. Well, there should not be an exigent letter of
the sort that they use. There is a process under the statute to
get emergency information under certain conditions, and that is
the way they ought to do it. So that is a proper use of such a
request.
They surely should ban the way they did it in the past.
Mr. Ellison. And that would be a change by statute or a
rule change?
Mr. Fine. Well, it does not need to be a statute. There is
a statute that allows voluntary disclosure if there is an
imminent threat and danger to the safety of an individual or
others, and if there is that exigent circumstance, they can get
the information and use such a letter. But what they should not
do is combine it with an NSL the way they did it in the past.
They ought to completely separate that and follow the statute.
Mr. Ellison. Right. So what you are saying is that the
practice in which the FBI was using the exigent letters
combined with the NSL was--if the statute were properly
followed, then there would not be the problem that we see
today; is that right?
Mr. Fine. That is correct.
Mr. Ellison. Now, what sort of sanctions do you think
should be applied, given the way that the FBI did use the NSL
and the exigent letters?
Mr. Fine. I think the FBI ought to look at this and look at
the individuals involved and find out if they inappropriately
and knowingly misused the authorities. They ought to take
appropriate action against individuals, either management
individuals who allowed it to occur or individuals in the
field; and if they had poor performance, that ought to be
assessed as well. So I think that ought to be something that
the FBI is looking at.
But I do not think they ought to say that simply because
there was a misuse of the statute inadvertently that that would
necessarily require misconduct charges against them.
Mr. Ellison. Right. Well, you know, part of the problem
here is that the very nature of the act that allows for the
expanded use of the NSL is below the radar, and so it, by
nature, lacks transparency, which is why people are so upset
that the abuses took place.
But I guess my next question is, another recommendation
that you have made is that there be greater control files for
the NSLs. How would you envision that working?
Mr. Fine. No. There should be greater controls on the use
of NSLs. They ought to make sure that the people know when they
can be used and under what statute they can be used. There need
to be signed copies of the NSLs so that there can be an audit
trail. They have to be connected to an investigative file, not
a control file.
Mr. Ellison. Excuse me. I am sorry, Mr. Fine.
Do you see this as essentially a training problem?
Mr. Fine. I think it is a training problem. I think it is a
supervision problem. I think it is an oversight problem. And I
think it is a lack of adequate internal controls and is an
auditing problem as well.
Mr. Ellison. Now, that brings me to the few questions I had
for Ms. Caproni.
Ms. Caproni, do you have the staff to make all of the
changes that are needed in order to have this program work
properly?
Ms. Caproni. I would always like more resources.
Mr. Ellison. No. I am asking you--that is not my point.
My question is, in order to--we could just simply go back
to status quo, anti--back to pre-PATRIOT Act where NSLs were
authorized, but not the expanded use of them that we have now.
That could be one way to simply solve this problem.
But my question is, at this time, do you have the staff to
provide the training, to provide the controls that are called
for by the recommendations?
Ms. Caproni. I do. We are going to get some more staff that
we have already discussed. We are going to get some analytic
help, because we think that some of this would have been
detected if we had had good analytic help so that we could see
trends.
But I think that we have enough lawyers. I think we can do
what needs to be done. We are going to have assistance from
Department of Justice lawyers for some of this, but I think we
have sufficient resources.
Mr. Ellison. Ms. Caproni, if you have the sufficient
resources, why didn't you use them before? I mean, I guess the
question that comes up in my mind is that you either do not
have the resources to effectuate the changes that have been
recommended or you do. And if you do, why weren't they applied?
Ms. Caproni. This report told us a lot that we just did not
know. I mean, I will fall on that sword again, which is that we
learned a lot from this report, and we are going to make
changes.
I think I have got the personnel to do it. I think we have
got the resources. We are going to make the resources
available.
This is important to us. It is important to us to regain
the confidence of the American people and to regain the
confidence of this Committee. You are one of our oversight
Committees, and you are very important to us, and we are not--
trust me, I am not happy that we have this report and that I am
in the position of saying, you know, we failed.
Mr. Ellison. Ms. Caproni, if I could just go back to Mr.
Fine.
Mr. Fine, one of the changes that was made in the PATRIOT
Act was to say that, I think, people other than headquarters
officials could issue these letters.
Should the authority for the issuance of the letters be
retracted to what it was before the PATRIOT Act?
Mr. Fine. I am not sure of that, and I do not want to
necessarily give legislation that should occur.
I do think it is important, if that authority is out there,
that it has to be overseen; and bringing things back to
headquarters may or may not be the answer. As you will recall
in the September 11th attacks with the Moussaoui case, one of
the concerns was headquarters was controlling the field too
much, and so there are considerations on both sides of this
issue. I do think that when it does go out there, it has to be
used appropriately and overseen appropriately.
Mr. Ellison. But if you had a narrower route through which
these letters were authorized, wouldn't you have greater
accountability?
Mr. Fine. You could. You could have greater accountability.
On the other hand, the effect of this could be diminished
significantly, so I think that is the balance that has to be
struck.
Mr. Conyers. The time of the gentleman has expired, but I
would like to say to Mr. Ellison that he has raised a point
that we need to try to figure out at this hearing: Are there in
existence the resources that are required and needed to reveal
all of these people who have been abused or who have been
violated by this system?
For this hearing to close down--the gentleman from
California, Mr. Berman, will be recognized next--without our
having figured out, for example, that we do not have anywhere
near the resources, as I have been talking with the gentleman
from California, Mr. Lungren, about, either in the Federal
Bureau of Investigation or in the Office of the Inspector
General.
If resources do not exist here, we may end up very well
correcting everything from this point on, but how many
thousands of people will have been violated to whom we will all
be saying, from now on, not to worry, that it is all over with?
That is a troubling consideration, Mr. Lungren, that we
have had under discussion, that I am still looking for the
answer to.
So I recognize the gentleman from California, Mr. Berman.
Mr. Berman. Well, thank you very much, Mr. Chairman.
Mr. Fine, section 126a of the PATRIOT Act requires that not
later than 1 year after the date of enactment of this act the
Attorney General shall submit to Congress a report on any
initiative of the Department of Justice that uses or is
intended to develop pattern-based data-mining technology.
The 1-year deadline expired on March 9th of this year. To
my knowledge, we have not received this report. Can you give us
an update on the progress of this report?
Mr. Fine. From the Attorney General, no, I cannot give you
progress. That is not my office. But I certainly can bring back
that question to the Department.
Mr. Berman. But I thought----
Ms. Caproni. Congressman, I, unfortunately, can tell you.
Yes, it was not submitted on time. I think we sent a letter
indicating that it is still being worked on. I saw a draft
going back across between us and the DOJ, so it is being worked
on.
Mr. Berman. Okay. Well, then, let me ask you.
As I understand the audit that the Inspector General has
undertaken, information from the National Security Letters is
routinely added to the FBI's internal automated case system,
which has about 34,000 authorized users; and then it is
periodically downloaded into the Investigative Data Warehouse,
which has approximately 12,000 users.
Is it possible that other agencies of the Federal
Government, or anywhere, are using information in that
Investigative Data Warehouse for data-mining purposes?
Ms. Caproni. For data-mining purposes, I do not know the
answer to that. I mean, they could get access to it as
appropriate for their agency.
Mr. Berman. So it is possible?
Ms. Caproni. I do not know the answer. I do not know.
Mr. Berman. You do not know if it is possible, or you do
not know if they are?
Ms. Caproni. I do not know what they are doing with it, and
I do not know what rules and restrictions govern them, so I
just cannot answer that question.
Mr. Berman. Well, let me get one thing clear.
Is the report that we are awaiting an Inspector General's
report or an Attorney General's report?
Ms. Caproni. An Attorney General's.
Mr. Berman. An Attorney General's report. All right.
So will that report include the data-mining of information
in the Investigative Data Warehouse by agencies not within the
Justice Department? This report that you have seen circulating,
will it include the data-mining of information by other
agencies from the Justice Department's Investigative Data
Warehouse?
Ms. Caproni. It does not, but I do not know whether that
means that no such activities are occurring or because it is
not within the scope of the request.
Mr. Berman. Well, since I was involved in this language, we
think that since the database is under the purview of the
Department of Justice, the use of it by other agencies would be
included in that report under section 126a.
Ms. Caproni. I will make sure that the people at DOJ
understand that that is your interpretation of it.
Unfortunately, I have been in the world of NSL and this
report, and I have not been in the world of the data-mining
report, so I just have not read it, so that is why I cannot
answer your question.
Mr. Berman. So you have not been personally involved in
determining whether other agencies are being cooperative on how
they are using the data from the--I take it you do not.
Ms. Caproni. I do not. I just have not been involved in it.
Mr. Berman. If you, subsequent to this hearing, could get
that information and pass it on to me, I would be very
grateful.
Ms. Caproni. Certainly, I can.
Mr. Berman. The information about whether the report will
talk about other agencies' use of the Justice Department's
Investigative Data Warehouse for data-mining purposes.
Ms. Caproni. Again, I will make sure that the Department
understands your position.
Mr. Berman. Thank you.
Mr. Lungren. Would the gentleman yield to me----
Mr. Berman. I would be happy to.
Mr. Lungren [continuing]. So I could ask a question?
Ms. Caproni, one question just came to mind, and that is,
part of this testimony today has talked about how agents in the
field and special agents in charge in the field did not get the
proper legal advice from, I presume, people who report to you,
that they were not challenged as to the legal sufficiency of
the NSLs or of the exigent letters; is that correct?
Ms. Caproni. I think that comment was relative to the
lawyers in the field, who actually do not report to me.
Mr. Lungren. Whom do they report to?
Ms. Caproni. They report to the special agents in charge.
They report to their field office head. That is one of the
things that Mr. Fine has suggested that we look at, and that is
actively under discussion at the Bureau right now, whether that
reporting structure should change.
Mr. Lungren. So they do not report to you at all?
Ms. Caproni. No, sir, they do not.
Mr. Lungren. So they were on their own in the advice they
were giving of a legal nature to the agents and to the special
agents in charge to whom they report?
Ms. Caproni. On a reporting basis, they do not report to
me. I do not supervise them.
I am in charge of the legal program. So we provide the
CDCs. That is their title. We provide them with substantial
legal advice, and they frequently call us when they have
questions, but I do not rate them, and they do not report to
me. I do not hire them; I do not fire them.
Mr. Lungren. I know, but what I am trying to figure out is,
if these attorneys report to the SAC, does that make it more
difficult for them to tell the SAC that he or she is wrong when
they are asking for one of these letters?
Ms. Caproni. That is the concern that Mr. Fine has raised.
I mean, I----
Mr. Lungren. Well, do you share that concern?
Ms. Caproni. I do share that concern.
Mr. Lungren. Could that be one of the real problems we have
got here?
Ms. Caproni. I will say there are arguments both ways,
Congressman. It is not--and the reason I say that is because I
report to the Director of the FBI, and I do not have any
problem telling the Director of the FBI my legal advice; and if
he does not like it, it is still my legal advice.
That is what the CDC should be doing, but whether they----
Mr. Lungren. My experience has been that the SACs are
pretty important people in their various offices, and most
people generally think they are the top dogs, and we have this
problem where, apparently, good legal advice either was not
given or was not accepted, and maybe that is something we ought
to look at if you folks will not look at it.
Ms. Caproni. Again, we are actively looking at that very
question of whether the CDC reporting structure should change.
Mr. Lungren. And I thank the gentleman from California for
yielding, although he is not here to receive it back.
Mr. Conyers. I thank you all.
The gentleman from Minnesota had one last question that I
have agreed to entertain, if you will.
Mr. Ellison. Thank you, Mr. Chair.
My question is, of all of the letters that have been issued
and of all of the inaccurate and improper data that has been
set forth, clearly some information came back; and in the cases
where individuals' information was obtained in violation of the
rules and of the statutes, what has happened?
Have these individuals been notified? What recourse do they
have? What is the story on the people?
Ms. Caproni. The people are not notified. Their records are
removed from our databases, and the records are destroyed.
Mr. Fine. That is correct.
Mr. Conyers. Thank you very much.
Ladies and gentlemen, this has been an excellent hearing.
We thank the witnesses for continuing in an extended period of
examination. We will all be working together. There are 5
legislative days in which Members may submit additional
questions to you and send them back as soon as you can.
We also want to enter into the record Caroline
Fredrickson's statement on behalf of the American Civil
Liberties Union, Congressman Coble's Department of Justice
facts sheet release. We also have The New York Times, which
officially alerted the FBI to rules abuse 2 years ago, dated
March 18th. And we also have a letter being hand-delivered to
the general counsel, dated today, March 20th, which asks her
for additional information.
The record will be open for 5 additional days, and without
any further business before the Committee, the hearing is
adjourned. We thank you for your attendance.
[Whereupon, at 12:45 p.m., the Committee was adjourned.]
A P P E N D I X
----------
Material Submitted for the Hearing Record
Prepared Statement of the Honorable Sheila Jackson Lee, a
Representative in Congress from the State of Texas, and Member,
Committee on the Judiciary
Prepared Statement of the Honorable Linda T. Sanchez, a Representative
in Congress from the State of California, and Member, Committee on the
Judiciary
Response to Post-hearing questions from Glenn A. Fine, Inspector
General, U.S. Department of Justice
Post-hearing questions posed to Valerie Caproni, General Counsel,
Federal Bureau of Investigation, from Chairman John Conyers, Jr.\1\
---------------------------------------------------------------------------
\1\ At the time of publication, responses to post-hearing questions
posed to Valerie Caproni had not been received by the Committee on the
Judiciary.
Letter from Richard C. Powers, Assistant Director, Office of
Congressional Affairs, Federal Bureau of Investigation
Prepared Statement of Caroline Frederickson, Director, Washington
Legislative Office, American Civil Liberties Union (ACLU)
On behalf of the American Civil Liberties Union, its more than half
a million members and activists, and 53 affiliates nationwide, I thank
Chairman Conyers and ranking member Smith for holding today's hearing
on FBI abuse of National Security Letters.
Over five years ago, in the wake of the terrorist attacks of
September 11, 2001 Congress passed the USA Patriot Act,\1\ giving the
FBI extraordinarily broad powers to secretly pry into the lives of
ordinary Americans in the quest to capture foreign terrorists. One of
the changes the Patriot Act made was to expand the circumstances in
which National Security Letters (NSLs) could be issued so that the
information sought with such letters would no longer have to pertain to
an agent of a foreign power, and would no longer be limited to the
subjects of FBI investigations.\2\ An NSL is a letter that can be
issued by Special Agents in Charge (SAC) of the FBI's 56 field
offices--without any judicial review--to seek records such as telephone
and e-mail information,\3\ financial information, and consumer credit
information.
---------------------------------------------------------------------------
\1\ Uniting and Strengthening America by Providing Appropriate
Tools Required to Intercept and Obstruct Terrorism Act of 2001, Pub.
Law No 107-56, 115 Stat. 272 (2001)[Hereinafter Patriot Act].
\2\ Id., section 505.
\3\ Telephone and e-mail information that can be obtained with NSLs
includes historical information on calls made to and from a particular
number, billing records, electronic communication transactional records
and billing records (including method of payment), and subscriber
information.
---------------------------------------------------------------------------
The four NSL authorizing statutes include the Electronic
Communications Privacy Act,\4\ the Right to Financial Privacy Act,\5\
the Fair Credit Reporting Act,\6\ and the National Security Act of
1947.\7\ Subsequent legislation expanded the types of institutions from
which records could be sought using NSLs. The Intelligence
Authorization Act for Fiscal Year 1996,\8\ amended the FCRA to give the
FBI authority to obtain credit header information with NSLs, and a
provision of the Patriot Act, expanded this power to allow the FBI and
other government agencies that investigate terrorism to obtain full
credit reports.\9\ The Patriot Act also reduced the standard necessary
to obtain information with NSLs, requiring only that an SAC certify
that the records sought are ``relevant'' to an authorized
counterterrorism or counter-intelligence investigation.
---------------------------------------------------------------------------
\4\ 18 U.S.C. section 2709 (1988).
\5\ 12 U.S.C. section 3401 (2000).
\6\ 15 U.S.C. section 1681 et seq. (1996).
\7\ 50 U.S.C. section 436(a)(1)(2000).
\8\ Pub. Law No. 104-93, section 601(a), 109 Stat. 961, codified at
15 U.S.C. section 1681u (Supp.V. 1999).
\9\ Patriot Act section 358(g)(2001).
---------------------------------------------------------------------------
The ACLU opposed these unwarranted expansions of NSL power, and
opposed making provisions of that statute permanent with the Patriot
Reauthorization Act of 2005,\10\ fearing these unnecessary and
unchecked powers could be too easily abused. When Congress reauthorized
the Patriot Act, it directed the Department of Justice Inspector
General (IG) to review the effectiveness and use of these expanded
authorities and one of the first of these reports, a review of the
FBI's use of NSLs, was released on March 9, 2007.\11\
---------------------------------------------------------------------------
\10\ USA PATRIOT Improvement and Reauthorization Act of 2005, Pub.
Law No. 109-177, 120 Stat. 192 (2006).
\11\ Office of the Inspector General, A Review of the Federal
Bureau of Investigation's Use of National Security Letters, March 2007,
http://www.usdoj.gov/oig/reports/FBI/index.htm (Hereinafter IG Report).
---------------------------------------------------------------------------
The IG's audit confirms our worst fears: that the FBI uses its NSL
authorities to systematically collect private information about people
who are not reasonably suspected of being involved in terrorism, and it
retains this information indefinitely. The FBI ignored the scant
requirements of the law and developed shortcuts to illegally gather
information the FBI wanted from telecommunications companies and
financial institutions. It did this without opening the investigations
for which, by law, this information must be sought or be relevant to,
and often without ever bothering to secure the NSLs or grand jury
subpoenas it told these telecoms and financial institutions it would
secure to support its claim of access to sensitive customer
information.\12\ This should be of great concern to all Americans,
because the IG found the FBI is increasingly using this power against
U.S. persons.\13\ And despite the issuance of more than 140,000 NSL
requests, the IG report documents only one terrorism conviction--for
providing ``material support'' for terrorism--and only 153 ``criminal
proceedings'' resulting from the extensive use of this power.\14\
``Criminal proceedings'' is defined as all federal grand jury
proceedings, as well as search warrants, indictments and trials.\15\
---------------------------------------------------------------------------
\12\ IG Report at 94.
\13\ IG Report at 38.
\14\ IG Report at 63, 64.
\15\ IG Report, footnote 103, p. 62.
---------------------------------------------------------------------------
For over five years the Federal Bureau of Investigation has
collected vast troves of data in secret and without accountability. I
hope this hearing is only one of many to reestablish checks and
balances on the executive branch and curb its many abuses of power. The
ACLU asks this committee to hold the FBI and this administration
accountable for these abuses and to make statutory changes that will
ensure that they cannot happen again.
THE INSPECTOR GENERAL'S FINDINGS
Despite statements to the contrary, the Inspector General found
much more than just sloppy management and poor record keeping. The
Inspector General's report documents systematic failures to meet
statutory requirements, and at times, intentional refusals to comply
with the law.
Intentional Violation of the NSL Statute
Most disturbingly, the Inspector General's report shows that the
FBI's Communications Analysis Unit (CAU) declared itself unconstrained
by the NSL statutes--arguing that the law was ``insufficient'' for
CAU's purposes--and it contracted directly with three telephone
companies to access information illegally.\16\ The information included
telephone toll and call detail records and the contract specified that
the telephone companies would provide ``near real-time servicing'' of
these requests. The contracts were approved by the FBI's Office of
General Counsel (OGC), and fulfilled by issuing so-called ``exigent''
letters that were used even when no exigent circumstances existed.\17\
The IG was able to confirm the use of 739 exigent letters to obtain
information on 3,000 telephone accounts, in the clear absence of
statutory authority to do so.\18\ The true number is unknown because
the FBI does not keep adequate records. That FBI Office of General
Counsel procurement attorneys were involved with these contracts
confirms that the telecommunication companies were paid for their
cooperation and silence, and confirms that contrary to the IG's
assertion that the FBI's use of ``exigent'' letters was undertaken
without the benefit of advance legal consultation,\19\ FBI lawyers were
instrumental in establishing this illegal process.
---------------------------------------------------------------------------
\16\ IG Report at 88.
\17\ IG Report at 92.
\18\ IG Report at 90.
\19\ IG Report at 97.
---------------------------------------------------------------------------
CAU staff, who were not authorized to sign NSLs, used ``exigent''
letters containing obviously false statements to obtain documents from
the telephone companies when no authorizing investigation was open,
when no NSLs or subpoenas had been requested, and when no emergency
situation existed.\20\ They then asked FBI field offices to open
investigations so NSLs could be issued without telling the field office
personnel that CAU staff had already received the records,\21\ a clear
indication that they knew what they were doing was improper. FBI
National Security Law Branch (NSLB) attorneys were made aware of this
issue in late 2004, possibly through complaints from field agents who
resisted CAU's directives, and an NSLB Assistant General Counsel
concluded that the practice of using ``exigent'' letters did not comply
with the NSL statute. Yet, rather than prohibiting the practice
outright, the NSLB attorney counseled CAU for two years regarding how
and when CAU officials should use them. Regardless of this advice, CAU
continued using these ``exigent'' letters, and the practice wasn't
``banned'' until the IG issued its report.\22\ Even today the FBI is
unable to determine whether data requested with ``exigent'' letters was
ever covered with properly issued NSLs or subpoenas.\23\
---------------------------------------------------------------------------
\20\ IG Report at 92.
\21\ Id.
\22\ FBI letter to Inspector General Glen Fine dated March 6, 2007
included in the appendix of the IG Report.
\23\ IG Report p. 91.
---------------------------------------------------------------------------
And the issuance of ``exigent'' letters was only one of the illegal
methods the FBI used to circumvent the NSL statutes. Using a similar
scheme, the Terrorist Financing Operations Unit issued ``Certificate
Letters'' to obtain the financial records of at least 244 named
individuals in violation of the Right to Financial Privacy Act.\24\
Again, agents without authority to issue NSLs used these letters to
circumvent the law and gain access to private financial records, and
then lied about it when confronted by NSLB attorneys. When the NSLB
attorneys realized they had been misled they ordered the practice
halted, but it did not stop.\25\ This sequence reveals what can only be
described as clearly intentional misconduct.
---------------------------------------------------------------------------
\24\ 12 U.S.C. section 3401 (2000). See IG Report at 115.
\25\ IG Report at 117.
---------------------------------------------------------------------------
In other instances NSLB attorneys actually signed NSLs without
reference to any authorized investigation, and more than 300 NSLs were
issued out of an FBI control file that was opened specifically because
there was not an authorized investigation from which to issue an NSL
for the data the FBI wanted.\26\
---------------------------------------------------------------------------
\26\ IG Report at 100.
---------------------------------------------------------------------------
Increasing Collection of Data on U.S. persons
When Congress expanded the FBI's authority to use NSLs, it required
FBI officials to certify that the information sought with these letters
is relevant to an authorized investigation. By instituting this
requirement, Congress clearly intended for NSLs to be a targeted
investigative power, rather than a broad power that could be used to
cast a wide net. But, the IG report makes clear this is not how the FBI
is using its NSL authorities. In one example, nine NSLs were used to
obtain records for 11,000 different telephone numbers. And, agents and
analysts often didn't even review the data they received from NSLs.
They simply uploaded it into computers.\27\ The IG found information
received from NSLs is uploaded into three separate FBI databases, where
it is retained indefinitely and retrievable by tens of thousands of FBI
and non-FBI personnel,\28\ even if the information exonerates the
subject from any involvement in terrorism.\29\ Despite this
extraordinary collection effort, the IG was able to document only one
terrorism conviction resulting from the use of NSLs.\30\ Clearly NSLs
are not being used as targeted investigative tools.
---------------------------------------------------------------------------
\27\ IG Report at 85.
\28\ IG Report at 28, 30, and 110.
\29\ IG Report at 44.
\30\ IG Report at 64.
---------------------------------------------------------------------------
The IG also expressed concern that the FBI allows agents to use
NSLs to access information about individuals who are ``two or three
steps removed from their subjects without determining if these contacts
reveal suspicious connections.'' \31\ The fact that NSLs are being
issued from control files and ``exigent'' letters are being used by
analytic units at FBI Headquarters suggests that this tool is not being
used in the manner Congress intended. Despite the FBI's claims that
NSLs are directed at suspected terrorists, the Inspector General found
that the proportion of NSLs issued to obtain information on Americans
is increasing. In fact, the majority of NSLs the FBI issued in 2005
were used to obtain information about U.S. persons (American citizens
and lawful permanent residents of the U.S.).\32\
---------------------------------------------------------------------------
\31\ IG Report at 109.
\32\ IG Report at 38.
---------------------------------------------------------------------------
Datamining
Neither the NSL statutes nor Department of Justice policy require
the FBI to purge from its databases sensitive personal information
about persons who are found to be innocent and not tied to foreign
powers.\33\ The Inspector General confirmed that the FBI has taken
advantage of this loophole and uploads all information--admittedly
innocent or not--into national databases that are indefinitely
maintained. The data received from NSLs is uploaded into a ``Telephone
Application Database'' where a link analysis is conducted, and into an
Investigative Data Warehouse where it is mixed with 560 million records
from 50 different government databases.\34\ Tens of thousands of law
enforcement and intelligence personnel have access to the information,
which is not given a disposition, leaving innocent people associated
with a terrorism investigation long after their information becomes
irrelevant. Intelligence products developed from this data do not cite
the origin,\35\ so errors in the information can never be checked
against the source documents. Instead, errors will be compounded when
intelligence products derived from this erroneous information are
distributed throughout the intelligence community and to state and
local law enforcement agencies.
---------------------------------------------------------------------------
\33\ IG Report at 110.
\34\ IG Report at 28, 30.
\35\ IG Report at 54.
---------------------------------------------------------------------------
Erroneous Reports to Congress and the Intelligence Oversight Board
The Inspector General found that statutorily required reports to
Congress excluded at least six percent of the overall number of
NSLs.\36\ The number of unreported NSLs may be higher, but record
keeping is so bad at the FBI, the Inspector General was unable to even
confirm a final number. A review of just 77 cases from four FBI field
offices found 22 percent more NSLs in case files than the FBI General
Counsel knew about. More significantly, the IG found 60% of those files
deficient in required paperwork, and his review doubled the number of
unlawful violations that needed to be reported to the President's
Intelligence Oversight Board.\37\
---------------------------------------------------------------------------
\36\ IG Report at 34.
\37\ IG Report at 78.
---------------------------------------------------------------------------
PROPOSED AMENDMENTS
Regrettably, the Inspector General's report only included
suggestions for internal changes within the FBI's discretion, and did
not include recommendations for amending the underlying statute that is
the source of these abuses. It is clear that the violations the
Inspector General uncovered were the natural consequence of a statute
that allows government agents to access sensitive information without
suspicion of wrongdoing, in the absence of court oversight, and with
complete secrecy compelled by a gag order with criminal consequences.
In fact, even if management and technology problems identified in the
IG's report are solved, hundreds of thousands of NSLs will continue to
collect information on innocent Americans because that is exactly what
the statute allows.
The ACLU recommends three statutory changes that are absolutely
necessary to ensure that the law protects privacy while permitting the
collection of information necessary to investigate terrorism.
Limit NSLs to Suspected Terrorists and Other Agents of Foreign Powers
First, Congress must repeal the expansion of the NSL power that
allows the FBI to demand information about totally innocent people who
are not the targets of any investigation. The standard should return to
the requirement that NSLs seek only records that pertain to terrorism
suspects and other agents of foreign powers.\38\ And the FBI should not
be allowed to use NSLs to investigate people two or three steps removed
from any criminal or terrorist activity.
---------------------------------------------------------------------------
\38\ Agent of a foreign power is defined in the Foreign
Intelligence Surveillance Act of 1978, 50 U.S.C. Sec. 1801 (1978).
---------------------------------------------------------------------------
Under current law, the FBI can use an NSL to obtain information
that the FBI asserts is ``relevant'' to an investigation. The FBI has
clearly taken advantage of this ``relevance'' standard and issued NSLs
to obtain information on innocent American people with no connection to
terrorism. In fact, it obtained this information without even opening
an investigation to which the information must be relevant. NSLs are
now issued to collect records just for the sake of building databases
that can be mined later. In addition to being wholly ineffective as an
investigative technique, this data collection and warehousing is an
affront to the privacy of U.S. persons.
Restrict the Gag Provisions and allow for Meaningful Challenges
The gag provisions of the NSL statutes unconstitutionally inhibit
individuals receiving potentially abusive NSLs from challenging them in
court. Congress should amend the NSL statute so that gag orders are
imposed only upon the authority of a court, and only where necessary to
protect national security. Judicially imposed gag orders should be
limited in scope and duration.
Further, gags must come with a meaningful right to challenge them
before a neutral arbiter. Last year's amendments created a sham court
proceeding, whereby a judge is powerless to modify or overturn a gag if
the federal government simply certifies that national security is at
risk, and may not even conduct any review for a full year after the NSL
is issued. Under the NSL statute, the federal government's
certification must be treated as ``conclusive,'' rendering the ability
to go before a judge meaningless. To comport with the First Amendment,
a recipient must be able to go before a judge to seek meaningful
redress.
Court Review
If there is one undeniable conclusion that Congress can draw from
the Inspector General's report, it is that the FBI cannot be left to
police itself. Allowing the FBI to keep self-certifying that it has met
the statutory requirements invites further abuse and overuse of NSLs.
Contemporaneous and independent oversight of the issuance of NSLs is
needed to ensure that they are no longer issued at the drop of a hat to
collect information about innocent U.S. persons. Court review will
provide those checks and balances as was intended by the Constitution.
CONCLUSION
The Inspector General reviewed just a tiny proportion of NSLs
issued by the FBI from 2003 through 2005, yet he found an extraordinary
level of mismanagement, incompetence, and willful misconduct that
clearly demonstrates that the unchecked NSL authorities given to the
FBI in the Patriot Act must be repealed. The FBI and Department of
Justice have shown that they cannot police themselves and need
independent oversight. The American Civil Liberties Union applauds the
Committee for holding this hearing and opening a window on these
abuses, but there is more work to be done. Congress must fully
investigate the FBI's abuse of power to insure that those responsible
for these violations are held accountable, and the innocent people who
have had their privacy invaded and their civil rights abused need to be
identified and notified, and records that have been improperly or
inappropriately seized should be purged from FBI databases. But most
importantly, Congress needs to fix the Patriot Act, which has set the
stage for all of these problems.
Letter requesting additional information submitted to Valerie Caproni,
General Counsel, Federal Bureau of Investigation
Press release by the Department of Justice from March 9, 2007,
submitted by the Honorable Howard Coble, a Represenative in Congress
from the State of North Carolina, and Member, Committee on the
Judiciary
Article entitled ``Official Alerted F.B.I. to Rules Abuse 2 Years Ago,
Lawyer Says,'' The New York Times, submitted by the Honorable John
Conyers, Jr.
�