Skip navigation

Review of the Fbi Use of Exigent Letters and Other Requests for Phone Records 2010 Parth

Download original document:
Brief thumbnail
This text is machine-read, and may contain errors. Check the original document to verify accuracy.
Counsel forwarded Caproni's e-mail to Youssef and asked again for a copy of
the NSL.
On November 14, 2006, in response to the Assistant General
Counsel's inquiries about the blanket NSL that Billy had signed, a CAU SSA
informed the Assistant General Counsel in an e-mail that Cummings had
signed similar NSLs. The SSA then gave the Assistant General Counsel
copies of the Company B May 12 NSL and three of the five Operation Y
blanket NSLs that Cummings had signed.
After reviewing these four blanket NSLs, the Assistant General
Counsel expressed concern to Youssef and the CAU SSA that these NSLs
lacked required approval ECs, which were needed to document the
predication for the NSLs and the investigations to which they related. The
Assistant General Counsel also reported her concerns to her
supervisors.

B.

The CAU's Draft Memorandum to the FBI OGC Reporting
Possible Intelligence Oversight Board Violation

On February 22, 2007, the Assistant General Counsel learned from
an NSLB colleague (not from CAU personnel) about the three blanket
Operation Z NSLs, which also lacked approval ECs. She then directed
Youssef to draft a memorandum to the FBI OGC reporting the seven
after-the-fact blanket NSLs she knew about at that time as possible
Intelligence Oversight Board violations (PIOB): the Company B May 12 NSL,
three of the five Operation Y NSLs, and the three Operation Z NSLs.
FBI personnel are required by internal FBI policy to report PIOBs to
the FBI OGC within 14 days of discovery in an Electronic Communication
(EC). Executive Order 12863, which has since been modified, required the
Department to report intelligence violations to the lOB. According to
Executive Order 12863, possible intelligence violations include any activities
that "may be unlawful or contrary to Executive Order or Presidential
Directive."
The Assistant General Counsel informed Youssef that the PIOB
memorandum should address that the NSLs were issued without approval
ECs and that the NSLs did not include the appropriate non-disclosure
certification, but should not address "the exigent letter situation itself since
we approved that as a legal principle."
The efforts to draft the PIOB memorandum resulted in new
disclosures to the FBI OGC, as well as significant confusion and errors. For
example, the first draft contained a description of the seven blanket NSLs
that the Assistant General Counsel knew about and had asked to be
included in the draft. In addition, it described two blanket NSLs that

187

neither Youssef nor others in the CTD or the CAU had previously disclosed
to the FBI OGC: the Company C July 5 blanket NSL and the Company A
August 25 Operation Y blanket NSL.

The CAU Supervisory Intelligence Analyst who drafted the PIOB
memorandum told us he had never drafted a PIGB memorandum before and
"this was just very confusing for me." He said that he pulled information for
the draft from a file left behind by the CAU SSA who had drafted some of the
blanket NSLs. He said that he drafted the "bare bones" of what he knew
about the NSLs and sent the draft to Youssef. Youssef told us that he
viewed the PIOB as "a first rough draft" and the CAU's "best effort: and that
he believed that the FBI OGC was going to finalize the PIOB memorandum.
After reviewing the first draft, the Assistant General Counsel asked
CAU personnel to explain why the draft referred to NSLs which she had not
been previously told about. 225 In response, the Acting CXS Section Chief,
Youssef, and the CAU's Primary Relief Supervisor re-drafted the PIOB
memorandum on March 3, 2007. The second draft included the seven NSLs
that the Assistant General Counsel had originally asked to be addressed but
omitted any reference to the two additional NSLs included in the first draft
that she had questioned. 226
The Acting CXS Section Chief characterized his role in the second
draft as trying to explain "massive confusion." He told us that the second
draft was an attempt "to recreate a record that didn't exist." He said that he
directed that the two blanket NSLs which the Assistant General Counsel
had questioned be omitted from the second draft because the Supervisory
Intelligence Analyst who had prepared the first draft could not explain them
to him.

225

The Assistant General Counsel referred in her e-mail to:

one (NSLJ to (Company

CJ

on 7/5/2006 (WHICH I'VE NEVER HEARD OF),

one (NSLj to (Company A] on 8/25/06 (WHICH I'VE NEVER HEARD OF) ...
The 8/25/06 NSL lists 750 numbers, not a paltry sum. The 7/5/06 NSL
lists almost 50.
226 Neither draft of the possible Intelligence Oversight Board violations (PIOB)
memorandum listed the other two blanket NSLs that the CAU had drafted and the CTD had
signed: the Company C August 24 Operation Y blanket NSL, which covered 612 telephone
numbers, and the Company A September 21 blanket NSL, which covered 700 telephone
numbers. Neither of these NSLs had been disclosed to the Assistant General Counselor
other FBI OGC attorneys at the time. The OIG brought these two blanket NSLs to the FBI
OGC's attention in July 2007 during this investigation.

188

The Primary Relief Supervisor told us that he wrote the second draft
memorandum but in doing so mostly relied on information from the Acting
Section Chief and Youssef. He said that he provided input on the Operation
Z NSLs included in the memorandum "because that's the case that I
knew."227
Youssef told us that the CAU was told to draft the P[OBs but was "not
given very clear instructions as to what the [P1IOB was about." He also said,
"we did not know where to go, we did not know where to start and we put
together what we knew."
We found that for several days after the second draft was completed,
FBI OGC attorneys, including Caproni, exchanged e-mails with the Acting
Section Chief and Youssef concerning the two blanket NSLs that were
included in the first draft but omitted from the second draft. On March 6,
2007, NSLB Deputy General Counsel Thomas and the Assistant General
Counsel met with the Acting CXS Section Chief and Youssef to discuss
those NSLs. According to the Assistant General Counsel, the Acting Section
Chief and Youssef stated at the meeting that the Senior Intelligence Analyst
who prepared the first draft had mistakenly included those two NSLs, and
that those NSLs had been properly issued. The Assistant General Counsel
also said that the Acting Section Chief and Youssef told her that they could
not locate the NSLs in the file.
The Assistant General Counsel reported to her supervisors after the
meeting that Youssef had convinced her of the "incompetence of the people
who were drafting the EC' and that she now believed the two blanket NSLs
were erroneously listed in the first draft and properly omitted from the
second draft.
Ultimately, the FBI OGC decided not to formally notify the lOB of
details concerning the blanket NSLs.228 Thomas told us that she decided,

227 As described previously, the Primary Relief Supervisor had drafted the Operation
Z NSLs. He also had drafted the Company A September 21 blanket NSL (which was not
included in the draft PIOB memoranda), but told us he did not recall that NSL when he
worked on the PIOB draft memoranda.
228 Rather, on October 31, 2007, Thomas sent a letter to the lOB chainnan to
supplement information the FBI OGC had provided in earlier briefings to lOB staff on the
FBI's analysis of exigent letters and blanket NSLs. The letter stated that the FBI would be
reporting to the lOB the blanket NSLs that were issued without required approval ECs, as
well as the blanket NSLs that improperly requested records relevant to criminal
investigations. The letter also stated that the FBI will purge from FBI databases records for
which the FBI "has no legal authority" under the ECPA NSL statute or the emergency
voluntary disclosure statute. Julie F. Thomas, Deputy General Counsel, National Security
(Cont'd.)

189

and Caproni agreed, that it would not be prudent to send piecemeal
information to the lOB. She said that after the FBI fully resolves the issues
relating to the CAU's improper receipt of records, the FBI will finalize a
report to the lOB. Caproni and Thomas said that the FBI has periodically
briefed the lOB about the manner in which the CAU has improperly
obtained records from the on-site providers without process, including
through exigent letters and blanket NSLs.229
In sum, the draft PIOB memoranda were flawed and failed to identif'y
all 11 blanket NSLs that the CAU had prepared and CTD officials had
signed between May and September 2006. We concluded that these failures
occurred because CAU personnel did not maintain copies of the 11 blanket
NSLs, and because the FBI's attempts in February and March 2007 to
account for the blanket NSLs in the draft PIOB memoranda were confused,
inaccurate, and ineffective.
C.

FBI Legal Guidance Clarifying Legal Authorities

On March I, 2007, shortly before the DIG publicly issued its first NSL
report, the FBI OGC issued a guidance memorandum for FBI personnel
stating that, after reviewing information provided to the FBI in the OIG's
first NSL report, the FBI OGC was providing a "clarification of the legal
avenues available to investigators who seek to obtain subscriber information
and toll billing information from telephone companies."
The memorandum described the legal basis for employing the ECPA
NSL authority and the ECPA emergency voluntaty disclosure statute, and it
directed that FBI investigators cease the practice of using exigent,letters to
obtain subscriber or other information from communications service
providers "in advance of and upon the promise of the issuance of legal
process."

Law Branch, Federal Bureau of Investigation, letter to Intelligence Oversight Board,
October 31, 2007.
229 In the October 31,2007, letter to the lOB, Thomas stated that the failure to
issue approval ECs for these NSLs violated FBI policy, "impacts CongressionallNSL]
reporting, and hinders oversight." The letter stated that when the FBI's review is complete,
the FBI would report to the lOB the absence of ECs documenting the issuance of these
blanket NSLs. Julie F. Thomas, Deputy General Counsel, National Security Law Branch,
Federal J;Jureau of Investigation, letter to Stephen Friedman, Chairman, Intelligence
Oversight Board, October 31, 2007. After reviewing a draft of this report, the FBI stated
that on March 31, 2009, the FBI OGC formally briefed the lOB regarding the CAU's use of
exigent letters, the 11 blanket NSLs, and the FBI's subsequent corrective actions.

190

The EC stated that regardless of whether investigators seek the
information through an NSL, grand jury subpoena, or emergency voluntary
disclosure, "it is incumbent upon the employee to develop or obtain a
sufficient factual predicate to allow for the lawful acquisition of this
information." The EC also stated that the ECPA NSL statute requires that
the FBI determine that a telephone number is related to an existing national
security investigation and that the information sought is relevant to that
investigation. It further stated that investigators requesting emergency
voluntary disclosure can seek the same information - even in the absence of
an open national security or criminal investigation - if they give the provider
sufficient facts for the provider "to believe, in good faith, that disclosure of
the information sought is required without delay by an emergency situation
involving the danger of death or serious physical injury to any person." The
EC stated that the provider's "good faith belief may be based solely on a
statement from the FBI or other entity that an emergency exists," and that
while a "request to the service provider may be oral, it is preferable to make
the request in writing."
The EC also stated that requests for emergency voluntary disclosure
must be approved by officials at a level not lower than an Assistant Special
Agent in Charge for field divisions and not lower than Section Chief for a
headquarters unit. 23o It stated that regardless of whether the request is
made in writing or orally, the investigative file and a control file should
contain written documentation of the approval of the emergency voluntary
disclosure request by the appropriate FBI official, the emergency, and the
approval of the service provider. 231

D.

Relocation of Communications Service Providers'
Employees From the FBI

After the OIG issued the first NSL report, employees of the three
on-site communications service providers moved out of the FBI's offices in
December 2007 and January 2008. The FBI General Counsel told us that
in the aftermath of the OIG's first NSL report in March 2007, the FBI and
the three on-site providers concluded that while the co-location was legal
and operationally beneficial, it blurred the distinction between the providers
and the FBI. According to the FBI General Counsel, the FBI and the
providers also concluded that both sets of employees had become "too

230 The EC stated that the better practice is that the approval be in writing "in the
fonn of a signature [by the approving official] on the letter to the service provider."
231 A control file is an administrative me that is used to store various types of FBI
information unrelated to particular investigations.

191

comfortable," had started thinking they were part of "the same team," and
had failed to adhere to the internal controls established by the FBI, on the
one hand, and the providers on the other.
These moves were also accompanied by changes in the FBI's protocols
for obtaining telephone records under the contracts with the three
providers. According to the CXS Section Chief, a new protocol for
requesting records from the providers was established in December 2007
and documented in an EC dated Janu
11,2008. Under the new
rotocol,

FBI officials told us that, notwithstanding the move to off-site
locations and implementation of the new protocols, the providers remain
capable of quickly responding to the CAU's requests for telephone records in
high-threat or emergency circumstances.

E,

FBI Analysis of Whether it Will Retain or Purge Records

Beginning in late 2006 and concluding in April 2009, the FBI
analyzed whether it would retain telephone records it acquired in response
to exigent letters or records for any additional telephone numbers that were
listed in the 11 improper after-the-fact blanket NSLs described in this
report.

1.

FBI Analysis

As described above, the FBI OGC was first told about a blanket NSL
issued to address the backlog of records requests for Company B in August
2006, when Youssef informed the Assistant General Counsel that Acting
Assistant Director Billy had signed "a blanket NSL request on all backlogged
requests." Although Youssers e-mail did not further describe the blanket
NSL, Youssef told us that he was referring to the Company B May 12
blanket NSL. Eventually, the FBI OGC learned that the CAU drafted and
CTD officials signed 11 blanket NSLs between May and October 2006.
In an elaborate and time consuming process, the FBI analyzed the
4,379 unique telephone numbers listed in exigent letters and the 11 blanket
NSLs. We summarize below how the FBI organized and assigned the work
of analyzing which numbers will be retained, its legal analysis of this issue,
and the FBI's conclusion as to which telephone records it will retain and
which it will purge from its databases.

192

a.

FBI Review Team

To detennine which records to retain, under the overall direction of
NSLB Deputy General Counsel Thomas, the FBI assigned teams of
attorneys, Supervisory Special Agents. Special Agents, and Intelligence
Analysts to review the 2,222 unique telephone numbers listed in the exigent
letters and the 2,157 additional unique telephone numbers listed in the 11
blanket NSLs.
The CTD selected an Acting Assistant Section Chief from one of its
operational units to lead the FBI's analytical efforts, under the guidance of
three NSLB attorneys. The Assistant Section Chief had extensive experience
in both counterterrorism investigations and in the use of NSLs. CTD
Intelligence Analysts who were also experienced in counterterrorism
investigations assisted in this effort. During its peak, the Assistant Section
Chiefs team utilized 19 Intelligence Analysts and 7 support personnel. The
team's effort was also supported in September and October 2007 by
Intelligence Analysts based at an FBI facility in Idaho, who searched the
FBI's databases for infonnation relevant to the analysis.
The review team gave the NSLB attorneys summaries of information
collected on each telephone number, along with the team's recommendation
as to whether the records should be retained by the FBI or purged. NSLB
attorneys evaluated the data collected on each telephone number and made
a determination as to whether they concurred with the team's
recommendation.

b.

FBI "Decision Tree"

In making its determinations on record retention, the FBI developed a
5-step analytical process, referred to by FBI aGC attorneys as the "decision
tree," to assess whether the FBI would retain records obtained in response
to exigent letters or after-the-fact blanket NSLs. The FBI aGC created
Diagram 4.2 to illustrate the steps in its analysis:

193

DIAGRAM 4.2

FBI Summary Chart of Plan to Rectify the Exigent Letter Situation

Exigent Letter

Was legal process issued
subsequent to the
date ofthe letter?

~

.1 Records retained

Relevant investigation
open at issuance
and currently open?

Was there 'an emergency
situation?
Is there a relevant
open investigation?
Records removed
from FBI files
Records retained

First, the FBI determined whether legal process - an NSL or grand
juty subpoena - was issued to the on-site communications provider before
or after the records listed in exigent letters and the blanket NSLs had been
requested. 232 In instances in which a valid NSL or subpoena was issued,
the FBI concluded that it will retain the records. As described below, the
FBI further reviewed the records for which legal process was located to

232 Although the FBI's decision tree states that the FBI would determine if "legal
process (was) issued subsequent to the date of the letter," in practice, the review team
relied upon any valid legal process in determining whether to retain records, including legal
process dated before the date of the exigent letter.

194

ensure that it only retained records for the time period specifically
documented in the legal process.
Second, if the FBI was unable to identify valid legal process issued
before or after the records were requested, the FBI examined both whether
there was an investigation open at the time of the request and whether an
investigation to which the records are relevant is currently open. If both
requirements were satisfied, the FBI concluded that it would issue an NSL
from the open investigation and retain the records. The approval ECs
accompanying any such NSLs and the NSLs themselves state that the NSLs
are not seeking new telephone records but instead are issued to account for
previously acquired telephone records. If there was no investigation open at
the time of the initial request and no investigation to which the records are
relevant currently open, the FBI determined whether it had, in fact,
acquired and uploaded any records associated with the telephone number.
Third, in instances in which legal process was not served, and there
was no open investigation at the time of the initial request or there was no
currently open investigation to which the telephone number was relevant,
the FBI assessed whether there was an emergency situation at the time of
the request. The FBI decided that if a reasonable person could conclude
that an emergency situation, as defined by 18 U.S.C. § 2702(c)(4), existed at
the time of the request, the FBI would retain the records. 233
When analyzing whether a Section 2702(c)(4) "emergency
circumstance" could support retention of records, the FBI review team told
us that its attorneys, agents, and analysts attempted to engage in "time
travel" and consider the facts known at the time of the request. NSLB
Deputy General Counsel Thomas said that the team considered whether a
reasonable person "looking from the [perspective of the ]provider," could
have concluded, based upon the facts that were present at the time of the
request, that there was an "emergency circumstance" as defined in Section

233 To make this determination, the review team analyzed the investigative
information in FBI case files and used the "emergency" standard in 18 U.S.C. § 2702(c)(4),
which authorizes communications service providers to voluntarily provide non-content
telephone records to the FBI if the providers believe in good faith that "an emergency
involving danger or death or serious physical injury to any person requires disclosure
without delay of information relating to the emergency."

The Assistant Section Chief, the Intelligence Analysts, and the NSLB attorneys
described the ECPA emergency voluntary disclosure standard as the benchmark for their
analysis, but they did not assess, or conclude, that the records in fact had been requested
or received under the emergency voluntary disclosure statute in effect at the time.

195

2702(c)(4).234 If the review team deemed that emergency circumstances
existed that could have satisfied the statutory standard, the FBI would
retain the records.
Fourth, if the FBI determined that legal process was not issued and
that there was no relevant open investigation at the time of the request or
no currently open relevant investigation, and that there were no emergency
circumstances within the meaning of Section 2702(c)(4), the FBI would
purge or remove the records from all FBI databases and FBI case files.

2.

FBI Analysis of Recorcls Obtained From Exigent
Letters and 11 Improper Bisnket NSLs

The FBI identified a universe of 4,379 unique telephone numbers from
the exigent letters and blanket NSLs that it determined must be analyzed to
establish whether records related to each number should be retained or
purged. As Table 4.3 illustrates, the FBI decided it would retain the records
related to a total of 3,352 telephone numbers (76 percent) because they fell
into one of the three categories that justified retention under the decision
tree described above. The FBI determined that records for a total of 739
telephone numbers (17 percent) would be purged from FBI databases
because the records did not fall into one of the three categories for retention.
The FBI could not locate any telephone records in FBI databases for the
remaining 288 telephone numbers (7 percent) and, accordingly, no purging
was necessary.
As Table 4.3 illustrates, the FBI located "standard process" for 1,405
of the 4,379 telephone numbers (32 percent). The FBI defined "standard
process" as an NSL, a grand jury subpoena, or an administrative subpoena
that it determined was issued in connection with the record _
of
these numbers. The FBI informed us that in most cases the legal process
issued after-the-fact to cover exigent letters were NSLs, not grand jury
subpoenas. We asked the FBI to determine how many of the telephone
numbers were covered by each type of standard process and in how many
instances the standard process was issued after-the-fact. Although as of
October 2009 the FBI had not provided complete data. The FBI's partial
data indicates that 1,104 of the 1,405 telephone numbers were covered by
NSLs, which were issued after-the-fact for 946 of the telephone numbers.

234 An e-mail dated August 22, 2007, summarizing a meeting that day with the
review team and NSLB attorneys assigned to assist the team stated that the review
"[r]equires time travel. Put yourself in the position of what was occurring when events were
occurring. What did people believe at the time. BACK UP WITH DOCUMENTS.....

196

The FBI data also shows that 244 telephone numbers were covered by grand
jury subpoenas, which were issued after-the-fact for 201 of the numbers.
In Table 4.3 we summarize the review team's final determinations on
the retention of records for the 4,379 unique telephone numbers, and in the
sections that follow we describe these determinations in more detail.

197

TABLE 4.3
FBI's Analysis of Basis for Retaining Records
Listed in Exigent Letters and 11 Blanket NSLs
Providers

Blanket HSL or
Exigent Letter

Company
A

5/12/2006
7/5/2006
9/21/2006
8/24/2006
8/25/2006
9/ 19/2006
10/20/2006

Blanket NSL (1)
Blanket NSL (1)
Blanket NSL (1)
Operation Y (2)
Operation Y (1)
Operation Y (2)
Operation Z (3)

Subtotals of 11 Blanket NSL.
ent Letters
Totals

Company
C

Not Retained
No
Records

Company
B

Total
105
33
693
544
184
157
441
2,157
2222

4
1
94
0
0
0
441

34
9
172
523
140
157
0

47
6
235
12
35
0
0

5
1
133
9
9
0
0

540
865

1,035
765

335

157
131

404

•

Standard Process - Telephone records for which the FBI located an NSL, grand jury subpoena, or
FBI administrative subpoena.

•

New Legal Process Issued - Telephone records related to a currently open investigation from
which an NSL was issued with an approval EC.

•

2702(c)(4) records - Telephone records related to investigations that are now closed but for
which circumstances existed that would have satisfied the legal standard for the ECPA emergency
voluntary disclosure statute, 18 U.S.C. § 2702(c)(4).

•

Purged - Telephone records that the FBI determined it will purge records from Telephone
Applications, another telephonic database, and the investigative files.

•

No Records - Telephone numbers that were listed in exigent letters or 11 blanket NSLs, but for
which the FBI could not locate records in FBI databases. This category required no action.

198

In Charts 4.1 and 4.2 we summarize the review team's final
determinations on retention of records for the same 4,379 unique telephone
numbers, breaking down the data into the following sub-categories:
•

Exigent Letters and Blanket NSLs (combined)

•

Exigent Letters

•

Company B May 12, Company C July 5, and Company A
September 21 Blanket NSLs

•

Operation Y and Z Blanket NSLs

199

CHART 4.1

Analysis of the FBI's Baals for Retaining Recorda from ExIgent Letters and 11 Blanket NSLa

ExIgent Letters

18 U.S.C.
§ 2702(c)(4)
18 U.8.C•
• 2702«114)

Exigent Letters and 11 Blanket NSLa

200

CHART 4.2

Analysis of the FBI's Basis for Retaining Records from ExIgent Letters and 11 Blanket NSLs

Operations Y and Z NSLs

No Records
16%

No
1%
Records

Company B May 12.
Company C July 5. and
Company A September 21 Blanket NSLs

201

a.

Records Obtained in Response to Exigent
Letters

The FBI told us it identified 2,222 unique telephone numbers listed in
the 798 exigent letters which the ala identified during our investigation and
which the DIG gave to the FB!.235 The FBI told us it has made the following
determinations about these records:
•

The FBI has located legal process (NSLs, grand jury subpoenas,
or other legal process) issued either before or after the telephone
number was given to the on-site communications service
providers for 865 (39 percent) of the 2,222 unique telephone
numbers identified in exigent letters. The FBI decided that it
will retain these records because they are covered by legal
process. 236

•

The FBI identified 765 telephone numbers (34 percent) for
which it determined there were open national security
investigations to which the telephone numbers were relevant at
the time of the exigent letters and there is a currently open
national security investigation to which the numbers are
relevant. The FBI told us it issued NSLs and retained these
records.

•

The FBI determined that it obtained records on 57 telephone
numbers (3 percent) in response to exigent letters that were
issued in circumstances that would have satisfied the ECPA
emergency voluntary disclosure statute (18 U.S.C.
§ 2702(c)(4)).237 Accordingly, the FBI decided that it will retain
the records for these numbers.

235 The FBI did not retain copies of exigent letters. The DIG obtained copies of 798
exigent letters, which included a total of 3,764 telephone numbers, by serving DIG
administrative subpoenas on the three on-site communications service providers. The FBI
told us that after eliminating duplicate telephone numbers and telephone numbers listed in
any of the 11 blanket NSLs, 2,222 unique telephone numbers remained.
236 We address below the FBI's further analysis of these records to detennine
whether any of the records obtained by the FBI exceeded the date range specified in the
corresponding legal process. The FBI detennined that it will purge any such records.
237 After reviewing a draft of this report, the FBI asserted that the low percentage of
records it retained in its reconciliation project based on the emergency voluntary disclosure
provision was a consequence of the sequence of the FBI's decision tree, and that the FBI
often never reached the emergency provision as a basis for retention. The FBI also stated
that "because CAU did not have adequate documentation," the FBI chose not to rely
(Cont'd.)

202

•

The FBI determined that records for 404 telephone numbers (18
percent) would be purged from FBI databases because the
records did not qualify for retention under the categories
described in the decision tree.

•

The FBI determined that there were no records in FBI databases
for 131 telephone numbers (6 percent), and therefore no further
action was required as to these records.

Thus, with respect to the exigent letters. the FBI determined that it
would retain records for 1,687 telephone numbers, that it had no
information in its databases for 131 telephone numbers, and that it would
purge records relating to 404 telephone numbers.

b.

Actions Regarding the 11 Blanket NSLs

The FBI determined that the 11 blanket NSLs together listed an
additional 2,157 unique telephone numbers. As with the telephone
numbers listed in the exigent letters. the FBI used the decision tree
described above to decide whether it will retain records for these additional
telephone numbers.
Regarding the 11 blanket NSLs, the FBI has taken the following
actions to date:

Company B May 12, Company C July 5, and Company A
September 21 blanket NSLs (831 unique telephone numbersl:
•

The FBI determined that legal process existed for 99 telephone
numbers (12 percent), and the FBI decided that it will retain
these records.

•

The FBI determined that there were open national security
investigations to which records for 215 telephone numbers (26
percent) were relevant at the time of the requests, and there are
currently open national security investigations to which the

primarily on the emergency disclosure provision in its reconciliation project. Nevertheless,
the FBI asserted that "a substantial number" of the records were produced in qualifying
emergencies. We agree with the FBI that the lack of documentation of the requests and the
circumstances under which they were made makes reliance on Section 2702 problematic.
As described in Chapter Six, the lack of documentation and other factors made it difficult
for the DIG or the FBI to determine reliably whether and which requests without legal
process were made in qualifying emergencies.

203

numbers are relevant. The FBI has issued NSLs for these 215
telephone numbers and will retain these records.
•

The FBI determined that there were no open national security
investigations to which records for 90 telephone numbers (11
percent) were relevant at the time of the requests and the time
of the analysis but in circumstances that the FBI concluded
would have satisfied the ECPA emergency voluntary disclosure
statute (18 U.S.C. § 2702(c)(4)). The FBI decided that it will
retain these records.

•

The FBI determined that records for 288 telephone numbers (35
percent) would be purged from FBI databases because the
records did not qualify for retention under the categories
described in the decision tree.

•

The FBI determined that there were no records in FBI databases
for 139 telephone numbers (16 percent), and therefore no
further action was required.

Five Operation Y NSLs (885 unique telephone numbers):
•

The FBI determined that there were open national security
investigations to which records for 820 telephone numbers (93
percent) were relevant at the time of the requests, and there are
currently open national security investigations to which the
numbers are relevant. The FBI has issued NSLs for these 820
telephone numbers and will retain these records. 238

•

The FBI determined that records for 47 telephone numbers (5
percent) would be purged from FBI databases because the
records did not qualify for retention under the categories
described in the decision tree.

•

The FBI determined that there were no records in FBI databases
for 18 telephone numbers (2 percent), and therefore no further
action was required.

Three Operation Z NSLs (441 unique telephone numbers):
•

The FBI determined that revised NSLs were not necessary
because these three NSLs were signed by authorized FBI
officials and contained the required certifications for NSLs

238 Sixteen telephone numbers (2 percent) were relevant to open national security
investigations other than Operation Y.

204

imposing non-disclosure and confidentiality obligations on the
recipients. 239
•

On April 13, 2007, the CTD issued an EC documenting the
predication for the three NSLs. Consequently, the FBI decided
that it would retain these records.

c.

OvercollectioDs

The FBI review team also analyzed the records obtained for the
telephone numbers listed in exigent letters and the blanket NSLs to
determine if the FBI had acquired any records beyond the records specified
in the legal process that formed the basis for the decision to retain the
records. Specifically, the review team examined whether any records
obtained and uploaded into FBI databases in response to exigent letters or
listed in the blanket NSLs included records outside the date range of the
dates specified in the corresponding legal process. 240 Based on its review,
the FBI identified records related to 302 unique telephone numbers that it
decided to purge due to overcollections. 241
Of these 302 telephone numbers, the FBI identified 73 ~
numbers for which the FBI uploaded overcollections of more _
In that universe, the FBI uploaded records on 1 telephone number more
outside the date ran e in the Ie al rocess, and records on 14
telephone numbers that were
outside
the date range of the legal process.
The FBI decided to purge these overcollected records because they
exceeded the scope of the legal authority used to obtain them. For example,

239

The NSLs each included the same 445 telephone numbers, but 4 numbers were

duplicates.
240 In an August 26,2008, EC the FBI stated that it had established a 14-day
"grace period" before and after the date range specified in the after-the-fact legal process.
Overcollections that fell within the grace period were not purged from FBI databases.
241 As discussed in Chapter Two of this report, the CTD did not require until
June 1, 2007, that case agents immediately ensure that responsive records accurately
match the NSL request. The guidance issued in June 2007 required that any identified
overcollections must be sequestered with an FBI attorney before the records are uploaded
into any FBI database and must be returned to the provider, destroyed by the FBI, or
addressed in another NSL. Similarly, the FBI did not require until October 17,2007, that
CAU requesters review responsive telephone records received from the communications
service providers to ensure proper collection and then certify to the CAU's database
manager bye-mail that the responsive records had been verified as accurately
encompassing both the target telephone numbers and date ranges contained in the NSL.

205

the ECPA NSL statute requires certification that the records sought in NSLs
are relevant to an international terrorism investigation. If the NSLs used to
obtain the records certified, as required by the ECPA, that records sought
within a specified time period were relevant to authorized national security
investigations, but the FBI acquired records outside that date range, the
overcollected records were not covered by the NSL certification. Chart 4.3
illustrates the variance between the date range of the after-the-fact legal
process and the date range of uploaded records for 10 telephone numbers
with the longest periods of overcollection:

206

CHART 4.3

Records for 10 Telephone Numbers Uploaded into FBI Databases
with the Longest Periods of Overcollectlons

207

3.

Steps Taken to Purge Records

The FBI has purged records from centralized FBI databases, field
division-based databases, and hard copy files maintained by field division
personnel. Based upon the FBI review team's fmdings, the CTD directed
that records be purged either by the CAU, the Field Investigative Software
Development Upit, or various field offices. 242

4.

Records Improperly Acquired Relating to Criminal
Investigations

The FBI OGC determined that 266 telephone numbers listed in
exigent letters and in 3 of the 11 blanket NSLs were related to criminal
investigations or domestic terrorism investigations for which NSLs are not
an authorized technique under the ECPA NSL statute, the Attorney
General's NSI Guidelines, or FBI policy.
According to the FBI OGC, it located appropriate legal process (either
grand jury subpoenas or FBI administrative subpoenas) issued to the
on-site providers before or after the FBI obtained records for 16 of these 266
telephone numbers, and the FBI determined that it will retain these records.
The FBI OGC determined that it would retain records requested in grand
jury subpoenas if a grand jury had been empanelled at the time the legal
process was issued and the subpoena was served either before or after the
records were obtained. 243 Of the remaining 250 telephone numbers, the FBI
could not locate legal process for 167 telephone numbers. The FBI therefore
directed the CAU to purge the records in FBI databases on these telephone
numbers. The FBI review team informed us that there were no responsive
records in FBI databases for the remaining 83 telephone numbers.
The FBI OGC informed us that a court-ordered wiretap had been
instituted that targeted 1 of the 266 telephone numbers. The wiretap was

242 As described above and in Chapter Two of this re ort, the CAU is res onsible for
uploading telephone transactional records into a
database. The Field Investigative Software Development Unit administers an unclassified
FBI database called Telephone Applications, which is used to analyze the calling patterns of
telephone records. Telephone Applications stores raw data derived from telephone records,
known as "metadata," including the call duration. It does not store the contents of
telephone conversations.
243 Data on the FBI's retention decisions show that four grand jury subpoenas were
dated after the date when the corresponding records were uploaded into an FBI database,
while five were issued prior to uploading.

208

instituted 11 days after the date of an exigent letter seeking records on that
telephone number. The FBI aGe directed the field division "to determine
whether any information from the ... exigent letter was utilized to establish
probable cause for the [wiretap]." The FBI OGC advised us in March 2009
that the field office stated that probable cause for the wiretap was
established by independent means.
As a result of the FBI's analysis, the FBI has decided to retain records
for 16 of the 266 telephone numbers related to criminal or domestic
terrorism investigations and to purge records for 167 telephone
numbers.
5.

Other NSLs Referred by the OIG to the FBI

In the course of this investigation, the DIG identified 32 NSLs that we
believed warranted further review because they appeared to be signed by
individuals who did not have authority to sign NSLs or the NSLs had other
possible irregularities. We provided copies of these NSLs to the FBI in
September 2007. In addition to the 32 NSLs identified by the OIG, the FBI
identified 39 other NSLs with possible irregularities.

Of the 71 irregular NSLs, the FBI reported to us that it had issued
letters of censure to 6 FBI employees who together signed 14 NSLs because
they lacked the authority to sign NSLs.244 The FBI took no action against 3
other FBI employees who together signed a total of 14 NSLs while they were
serving as Acting Deputy Assistant Directors (Acting DAD), and the FBI
noted that it did not have a written policy in place expressly prohibiting
Acting DADs from signing NSLs until June 1, 2007 (after these NSLs were
signed). Moreover, in January 2009 the Department's Office of Legal
Counsel (OLC) determined that Acting DADs are authorized to sign
NSLs.
Thirty-five of the 71 irregular NSLs were unsigned. The FBI said it
was able to locate properly signed NSLs in its mes for 23 of the NSLs in this
group. The FBI said it was unable to determine who was responsible for the
other 12 unsigned NSLs, and no action was taken with regard to these
NSLs.
Of the remaining eight NSLs, the FBI said that one of the signatures
on an NSL was illegible and no action was taken, four NSLs were referred by

244 These individuals held the positions of SSA (1), Unit Chief (I), Acting Special
Agent in Charge (3), and Section Chief (1).

209

the Inspection Division to the FBI OGC for possible lOB violations, and the
FBI has not completed its research into the remaining three NSLs as of
October 2009. 245

6.

OIG Analysis of FBI Retention Decisions

In evaluating the FBI's process and decisions regarding whether to
retain or purge telephone records obtained through exigent letters and listed
in the blanket NSLs, we recognize the competing interests faced by the FBI.
On the one hand, the FBI wanted to retain records it believed were relevant
national security investigations. FBI General Counsel Caproni stated that
the FBI was concerned with losing information that could be critical to a
counterterrorism investigation. In describing the FBI's various corrective
measures, Caproni stated that the FBI cannot "put the nation at risk. So
we chose a path that we think is reasonable. n
On the other hand, FBI officials stated to Congress and publicly
following the release of the DIG's first NSL report that it would "ensure that
any telephone record we have in an FBI database was obtained because it
was relevant to an authorized investigation. "246 The FBI Director and
General Counsel Caproni stated that any records that were not associated
with authorized investigations would "be removed from our databases and
destroyed. "247
In evaluating the FBI's review efforts, we recognize that the ECPA has
no exclusionary rule for records acquired in violation of the statute. 248
Moreover, we recognize that the only duty specifically imposed on the FBI on
discovery of the ECPA violations is to report the violations to the lOB, and
that the FBI has provided periodic briefmgs to the lOB staff about exigent

245 Mter reviewing a draft of this report, the FBI stated that the NSLB reported its
findings to the Inspection Division regarding the four possible lOB violations in April 2009.
One was then reported to the lOB, and the FBI concluded that the other three NSLs were
proper.

246 Valerie E. Caproni, General Counsel, FBI, before the House Committee on the
Judiciary, U.S. House of Representatives, concerning "The Inspector General's Independent
Report on the FBI's Use of National Security Letters," (March 20, 2007),
http:j jwww.fbLgovjcongressjcongress07jcaproni032007.htm (accessed March 26, 2009);
Robert S. Mueller, III, Director, FBI, before the Senate Committee on the Judiciary, U.S.
Senate, concerning "'Oversight of the Federal Bureau of Investigation" (March 27, 2007),
http:j jwww.fbi.govjcongressjcongress07jmuelleri032707.htm (accessed March 26,
2009).
247

Id.

248

See 18 U.S.C. § 2708.

210

letters, blanket NSLs, and the FBI's ongoing analysis of the records obtained
in response to these informal means. Thus, while the FBI is not legally

required to purge records it obtained improperly, it decided to do so under
certain circumstances.
In light of these competing issues, we believe that the FBI's decision
tree and its analysis of which records to purge were reasonable responses to
our identification of the improper collection of these telephone records. The
FBI's analysis attempted to incorporate the legal standards of the ECPA NSL
statute and the ECPA emergency voluntary disclosure statute, albeit
after-the-fact. We also agree that it is reasonable to purge only those
records whose retention cannot be justified under an application of the
ECPA standards, even though the standards were applied after the
collection had already occurred.
In applying these standards, the FBI has devoted significant resources
in manpower and time to review the improperly obtained records and to
consider whether there is a basis for retaining these records. However, it is
also important to recognize, as we detailed in Chapter Two of this report,
that the FBI's inexcusable failure to document its requests for thousands of
telephone records severely hampered its ability to determine which records
should be purged.
Finally, we believe the FBI should notify the lOB of the full details of
its final record retention decisions, purging decisions, the 11 blanket NSLs,
and all other actions to address the FBI's improper acquisition of
ECPA-protected records. 249
III.

OIG Conclusions Regarding FBI Attempts at Corrective Action for
Exigent Letters

As discussed in this chapter, prior to the issuance of the OIG's first
NSL report in March 2007, from late 2003 through March 2007, the FBI
made various attempts to address issues arising from the CAU's use of
exigent letters and other informal means to obtain telephone records.
However, during this time period, the FBI's actions were seriously deficient
and ill-conceived, and the FBI repeatedly failed to ensure that it complied
with the law and FBI policy when obtaining telephone records from the
on-site communications service providers. Also during this time, the FBI

249 Mter reviewing a draft of this report, the FBI stated that it has formally briefed
the lOB on all these issues.

211

regularly issued after-the-fact NSLs, which were an inappropriate tool for
remedying the FBI's improper practices. The FBI also issued 11 improper
blanket NSLs to try to "cover" or validate the improperly obtained records.
These attempts were inconsistent with the ECPA NSL statute, the Attorney
General's NSI Guidelines, and internal FBI policy.
By contrast, after the OIG issued its first NSL report in March 2007,
the FBI took additional actions to address the problems created by exigent
letters, which we believe were appropriate. The FBI ended the use of exigent
letters; issued clear guidance on the proper use of NSLs; directed that FBI
personnel be trained on NSL authorities; agreed to the move of the
communications service providers' employees off the FBI's premises; and
expended significant effort to detennine whether improperly obtained
records should be retained or purged from FBI databases.

212

CHAPTER FIVE
OIG FINDINGS ON FBI MANAGEMENT FAILURES AND
INDIVIDUAL ACCOUNTABILITY
In this chapter. we assess the accountability of FBI employees, their
supervisors, and the FBI's senior leadership for the use of exigent letters
and other improper practices we described in this report. In Part I of this
chapter, we discuss the significant management failures that we concluded
contributed to these improper practices and to the FBI's failure to address
the improper practices in a timely manner. In Part II, we assess the
accountability of individual FBI employees for these improper practices.
I.

Management Failures

We found that numerous, repeated, and significant management
failures led to the FBI's use of exigent letters and other informal requests for
telephone transactional records over an extended period of time. The FBI
failed to follow the Electronic Communications Privacy Act (ECPA) statute, the
Attorney General's Guidelines for FBI National Security Investigations and
Foreign Intelligence Collection (NSI Guidelines), and FBI policies when
obtaining thousands of telephone records from the on-site communications
service providers. While these on-site providers provided the FBI with an
important resource in support of its counterterrorism, counterintelligence,
and criminal programs, the FBI failed to provide adequate training,
guidance, and oversight to ensure that FBI personnel used this resource in
accordance with applicable statutes, guidelines, regulations, and FBI
policies. These failures began shortly after the Communications Analysis
Unit (CAU) was established within the Counterterrorism Division (CTD) in
2002, and continued until March 2007 when the OIG issued its first NSL
report describing the use of exigent letters. We believe that every level of the
FBI, from the FBI's most senior officials, to the FBI's Office of the General
Counsel (FBI DGC), to managers in the CTD, to the supervisors in the CAU,
to the CAU agents and analysts who repeatedly signed the letters, was
responsible in some part for these failures.
As discussed in Chapter Two of this report, the concept of using
exigent letters originated as a time-saving technique in the FBI's New York
Field Division during its criminal investigations of the September 11
terrorist attacks. However, their use was transferred to the CAU at FBI
Headquarters in early 2003 and over time became one of the means by
which the FBI routinely obtained telephone records from the on-site
communications service providers. The embedding of the communications
service providers' employees in FBI work space alongside CAU employees,
coupled with the FBI's increasing reliance on telephone subscriber and toll

213

billing records information in its counterterrorism investigations, led to a
culture in which exigent letters and other even less formal and equally
inappropriate requests for information became the CAU's accepted and
customary method of conducting business. We found that a distinct lack of
oversight and scrutiny by CAU managers, CTD officials, and FBI aGC
attorneys enabled the improper practice of obtaining ECPA-protected
telephone records with the promise of future legal process to expand and
proceed virtually unchecked for over 4 years.
In reaching our conclusions, we recognize the CAU's and the FBI's
important mission to detect and prevent terrorist attacks and the challenges
the FBI faced after the September 11 attacks. After the September 11
attacks, the FBI reorganized its mission, structure, and procedures to
emphasize counterterrorism. As part of this reorganization, the FBI created
the CAD with the important mission of facilitating prompt retrieval and
analysis of telephone records from the communications service providers for
high-priority investigations. The CAU typically requested the telephone
records to pursue its critical counterterrorism mission, not with the
intention to obtain records that CAD personnel knew they were not legally
entitled to obtain. Moreover, it is important to recognize that when we
uncovered the improper exigent letter practices and reported them to the
FBI in our first NSL report, the FBI terminated these improper practices and
issued guidance to all FBI personnel about the proper means to request and
obtain telephone records under the ECPA.
However, in our view that does not excuse the extended, widespread,
and improper use of exigent letters and other informal means to obtain
telephone records that the FBI used for many years, or the FBI's
ill-conceived and ineffective attempts to cover those record requests with
after-the-fact NSLs and improper blanket NSLs. As discussed in the next
section, we believe the responsibility for these practices was widespread,
from the top of the FBI, to the supervisors who oversaw these practices, to
the FBI attorneys who failed to correct these practices in a timely way, to
the line employees who signed these letters that were inaccurate on their
face.

A.

Failure to Plan for Proper Use of the On-Site
Communications Service Providers

We found that FBI officials at all levels failed to develop a plan and
implement procedures to ensure that telephone records were properly
obtained from the on-site communications service providers. Such planning
was needed from the outset of the CAU's establishment in 2003, particularly
when employees of the communications service providers were co-located in
the CAD's work space. We also believe that the need for such planning was
obvious before the CAD began operations, not just in hindsight.

214

When the CAU began operations in 2002, a combination of factors
created clear risks for potential misuse of NSL authorities and other
authorities to obtain records in support of FBI national security
investigations. These factors included the FBI's expanded NSL authorities
in the USA PATRIOT Act250 ; the CAU's status as an operational support
unit; the establishment of contracts with the communications service
providers for on-site support at the FBI; the close proximity of the providers'
employees to CAU personnel in a common work area251 ; the assignment of
Supervisory Special Agents (SSA) and Intelligence Analysts to the CAU who
had little or no background in national security investigations or in using
NSLs; and continual and insistent demands for telephone transactional
records from FBI field and Headquarters operating units. However, FBI
managers failed to recognize these risks and take steps to avoid them.
For example, from the inception of the FBI's contractual relationships
with the three providers in 2003, senior FBI leaders knew that the CAU
would be handling telephone transactional records which the FBI could
lawfully obtain pursuant to the ECPA. However, FBI leaders and managers
failed to ensure that responsible officials in the CTn and the FBI OGC's
National Security Law Branch (NSLB) reviewed the proposed and final
contracts with the on-site providers to ensure that the agreements
conformed to the requirements of the ECPA, the Attorney General's
Guidelines for FBI National Security Investigations and Foreign Intelligence
Collection (NSI Guidelines), and other relevant laws and policies governing
the FBI's authority to obtain telephone transactional records. FBI leaders
and managers also should have recognized early on the need to train CAU
personnel on the authorized methods and procedures for requesting records
from the on-site providers, the need to clearly communicate those
procedures to the on-site providers' employees and their respective
supervisors, and the necessity of establishing oversight mechanisms to
ensure those procedures were followed.
The first CAU Unit Chief, Glenn Rogers, and most SSAs initially
assigned to the CAU had no prior experience in national security

250 As described in our fIrst NSL report, the Patriot Act significantly broadened the
FBI's authority to obtain information through NSLs by lowering the evidentiary threshold
for seeking NSLs and by extending the authority to sign NSLs to Special Agents in Charge
of the FBI's 56 field offices.
251 We found that the close proximity of the providers' employees and CAU
personnel led to a casual, informal atmosphere in the CAU, as well as friendships and
social contacts outside the office that blurred the lines between the responsibilities of FBI
personnel and the providers. We believe that atmosphere contributed to the informal and
improper use of exigent letters and other requests for telephone records.

215

investigations. The FBI's failure to provide adequate guidance on the proper
way to obtain telephone records in national security investigations had
serious consequences. We found that from the outset of the CAU's
operations, the CAU SSAs used impermissible procedures such as exigent
letters and sneak peeks to obtain ECPA-protected information and records.
These practices - some of which were copied from procedures used by FBI
personnel in the New York Field Division in connection with criminal
investigations relating to the September 11 hijackers - became standard
operating procedures for the CAU and continued throughout the 3-year
period while Rogers was the CAU Unit Chief and then the Assistant Section
Chief of the CTD's Communications Exploitation Section (CKS).
Only years later, in retrospect, a senior CTD official acknowledged the
FBI's failure to plan in advance for having the communications service
providers on-site, observing, "it [was] like having the ATM in your living
room. You know you can go to it all the time and take the overdrafts
because that was what was happening."

B.

Failure to Provide Training and Guidance to CAU
Personnel

The FBI compounded its planning failures when it did not ensure that
all CAU personnel were trained on the legal requirements for obtaining
ECPA-protected records. In particular, FBI managers from the CAU Unit
Chiefs, to the FBI OGC, to the senior leaders of the FBI failed to ensure that
CAU personnel were properly trained to request telephone subscriber and
toll billing records information from the on-site communications service
providers in national security investigations only in response to legal
process or under limited emergency situations defmed in 18 U.S.C
§ 2702(c)(4). They also failed to ensure that CAU personnel were trained to
comply with the Attorney General's NSI Guidelines and internal FBI policies
governing the acquisition of these records. This training was needed not
only for existing CAU personnel but also, in light of personnel turnover in
the unit over the 4-year period of our review, for all incoming CAU
employees.
At the most basic level, the FBI failed to instruct CAU personnel that
FBI requesters must provide NSLs or other legal process before CAU
personnel requested records from the on-site providers relevant to FBI
investigations, except in certain specified emergency situations.
Additionally, the FBI failed to train field and Headquarters requesters on
when and how true emergency requests should be handled. The FBI also
failed to advise CAU personnel of the statutes or regulations in addition to
the ECPA that limit the FBI's authority to obtain certain types of telephone
records, such as news reporters' toll billing records; the FBI's authority to
issue administrative subpoenas in certain investigations; and the FBI's

216

authority to obtain pen register/trap and trace orders for ECPA-protected
information covered by the Pen Register Act.
Even Joseph Billy, Jr., who was CTD Deputy Assistant Director (DAD)
and the CTD Assistant Director from April 2005 to March 2008, told us that
he was unaware of the ECPA emergency voluntary disclosure statute when
he was a Special Agent in Charge, a CTD DAD, or the CTD Assistant
Director. In fact, Billy said he did not know that communications service
providers did not need NSLs for records they provided to the FBI pursuant
to the ECPA emergency voluntary disclosure statute. He told us that when
he learned about the statute prior to his August 2007 OIG interview, "that
was a revelation to me."

The FBI's failures also involved senior attorneys in the FBI OGe.
NSLB attorneys failed to recognize the seriousness of the information they
learned in late 2004 and early 2005 about the "form letter" - an exigent
letter - that was being used in the CAU to obtain records from the on-site
providers that was followed by after-the-fact NSLs. From then until March
2007, when the OIG's first NSL report was issued, the FBI OGC failed to
take sufficient action to address the FBI's improper use of these exigent
letters and after-the-fact legal process.
Aggravating this failure, FBI OGC attorneys also provided flawed
guidance to CAU personnel about obtaining records from the on-site
providers. For example, in April 2005 the Assistant General Counsel who
was the NSLB point of contact for NSL-related policies and issues wrote that
exigent letters could be used in emergencies "only if it is clear to you that
the requestor cannot await an NSL." This guidance did not accurately state
the requirements of either the ECPA NSL statute (18 U.S.C. § 2709), or the
emergency voluntary disclosure statute (18 U.S.C. § 2702(c)(4)).252 However,
this flawed guidance was circulated to all CAU employees, and the CAU
continued to request information from the on-site providers first, and
addressed the need for legal process later (if at all).

252 To conform to the ECPA, proper guidance would have stated that the FBI could
either compel the production of records by fIrst serving legal process or could request
voluntary disclosure of records in the types of emergencies defmed in the emergency
voluntary disclosure statute. In April 2005, the statute authorized communications service
providers to voluntarily disclose records or information "if the provider reasonably believe[d]
that an emergency involving immediate danger or death or serious physical injury to any
person justifie[d] disclosure of the information. 18 U.S.C. § 2702(c)(4) (Supp. 2002). In
March 2006, the provision was amended to allow a communications service provider to
disclose records "if the provider, in good faith, believes that an emergency involving danger
of death or serious physical injury to any person requires disclosure without delay of
information relating to the emergency." See 18 U.S.C. § 2702(c)(4).

217

A second instance of a flawed legal response occurred in May 2006
when the NSLB again perpetuated the use of exigent letters promising
future legal process. Although NSLB attorneys were aware of the CAU's use
of exigent letters at least by December 2004, no NSLB attorney asked to see
a copy of any exigent letter until May 2006. As described in Chapter Four of
this report, we found that the Assistant General Counsel, who was involved
in advising the CAU on the use of exigent letters, first asked to see the
exigent letter on May 19, 2006, 2 days after the OIG interviewed her in
connection with our first NSL report and asked her questions about the
CAU's acquisition of records prior to issuing legal process. Mter reviewing
the exigent letter, the Assistant General Counsel modified the letter by
substituting the word "NSL" for the word "subpoena" and deleting the
reference to the U.S. Attorney's Office. This corrected the inaccurate
reference to grand jury subpoenas in many of the letters, but the advice
given by the NSLB was still flawed because the revised letter continued to
seek to obtain records with the promise of future legal process. We find it
troubling that neither the Assistant General Counsel, her immediate
supervisor, nor NSLB Deputy General Counsel Thomas reviewed an exigent
letter for more than 1 '12 years after they learned of their use.
In addition, the FBI OGC and the CTD failed to use the FBI's alternate
authority under the ECPA (18 U.S.C. § 2702(c)(4)) to request voluntary
disclosure of telephone records from the on-site providers in qualifying
emergencies. Even though FBI OGC attorneys developed the first general
guidance for all FBI divisions during the spring and summer of 2005
regarding the emergency voluntaJY disclosure statute, they failed to
coordinate with CTD management and direct that the FBI (1) stop using
exigent letters; or (2) advise CAU personnel that the emergency voluntary
disclosure statute should be used to address record requests in appropriate
circumstances. These corrective actions did not happen until 2007, shortly
before the OIG's first NSL report was issued.
The FBI OGC's failure to ensure that CAU personnel were aware of the
ECPA emergency voluntary disclosure statute had significant consequences.
Between August 25, 2005, (the date of the FBI OGC guidance on the ECPA
emergency voluntary disclosure statute), and November 13, 2006. (the date
of the last exigent letter we located), CAU personnel issued an additional 86
exigent letters seeking records for 553 telephone numbers. None of these
letters was subjected to the scrutiny or approval procedures that FBI
personnel were directed to employ when requesting emergency voluntary
disclosures under the ECPA. Moreover, as described in Chapter Two of this
report, during this same time period the FBI acquired records or calling
activity infonnation on thousands of other telephone numbers through
other informal means, such as sneak peeks, e-mail, and telephonic
requests.

218

C.

Failure to Oversee the CAU Activities

In addition to the FBI's failures in planning, training, and legal advice,
we also found that every level of FBI supervision - from the FBI's most
senior leadership to the Unit Chiefs in the CAU - failed to recognize the need
for, and assure adequate oversight of, the practices employed by the CAU to
obtain subscriber information, toll billing records, and other calling activity
information from the on-site providers.

In our review. with the exception of CXS Assistant Section Chief John
Chaddic, and Rogers (who became an Assistant Section Chief in the CXS
after serving as Unit Chief of the CAUl, no one in the CTD's supervisory
chain above the CAU Unit Chiefs said they were aware of the FBI's use of
exigent letters. As described in Chapter Two, John Pistole and Willie Hulon,
the Executive Assistant Directors of the FBI National Security Branch
during the period covered by our review; CTD Assistant Director Joseph
Billy, Jr.; and CTD Deputy Assistant Director John Lewis all said they were
unaware that the CAU was using exigent letters rather than NSLs to obtain
records from the on-site communications service providers. 253 Similarly,
Laurie Bennett, who was the CXS Section Chief, said she did not know
about the use of exigent letters. CXS Section Chief Jennifer Smith Love also
told us that she was unaware of exigent letters until after she left her
position as the Section Chief. However, Love also told us she knew the FBI
was getting records without legal process, yet she did not ensure that the
CAU's activities were legal or fully reviewed.
The one CTD manager who said he was aware of the use of exigent
letters, CXS Section Chief Chaddic, told us that he learned from Rogers that
the CAU was using exigent letters as a "placeholder" to obtain telephone
records from the on-site providers prior to the service of the appropriate
legal process. Yet, he did not ensure that Rogers sought legal guidance from
the FBI aGC about the use of the letters or implement other measures to
ensure the appropriateness of the CAU's use of these letters.
We believe that each of these CTD officials was responsible for
knowing what their subordinates were doing, ensuring that agents and
others under their command complied with applicable law and FBI policy
governing the acquisition of telephone transactional records, and ensuring
that FBI attorneys had sufficient information about the CAU's practices to
provide appropriate legal guidance and advice concerning what the CAU was

253 Pistole, Billy, and Hulon also served as Deputy Assistant Directors of the CTD
during the period covered by our review.

219