Review of the Fbi Use of Exigent Letters and Other Requests for Phone Records 2010 Parti
Download original document:
This text is machine-read, and may contain errors. Check the original document to verify accuracy.
doing and planning to do. As CTD Assistant Director Billy stated to us, "there was never a timeout period to any of this to say, okay, let's do a check, a compliance." The failure of FBI officials to understand the practices employed within the CAU to obtain records from the on-site providers extended not only to exigent letters, but also to other improper methods described in Chapter Three this report. For example, CTD Assistant Director Billy did not know as late as April 2007 about the FBI's improper use of hot number _ - a service rovided b Com an A's and Com an C's on-site providers without any legal process. The FBI General Counsel and the Deputy General Counsel for the NSLB also told us they did not know that the FBI had used hot number _ Similarly, until this OIG investigation, we found no evidence that any responsible FBI officials or any FBI attorneys were aware that FBI agents had used inaccurate language in FISA declarations that attributed the FBI's acquisition of telephone records to NSLs when in fact the records were acquired through other means. such as exigent letters and other informal requests. As a result of these actions. the FBI violated the statutOI}' and Attorney General Guidelines' requirements for senior-level approval of requests for telephone subscriber and toll billing records information and other ECPA-protected information and the 4-step NSL approval process established by the FBI's own policy to ensure these requests were based on appropriate predication. As Diagram 2.2 from Chapter Two illustrates, the FBI substituted a I-step process by which the CAU SSAs and Intelligence Analysts signed requests for telephone records without supervisory review by those officials authorized to approve and certify the FBI's basis for requesting these types of records. In sum, we believe that FBI senior leadership, senior attorneys, and CTD supervisors failed to take adequate measures to ensure that the FBI was obtaining telephone records from the on-site communications service providers properly, that sufficient training was provided to the FBI employees who obtained these records, that the new NSL powers granted to the FBI in the Patriot Act were sufficiently monitored, and that the FBI provided sufficient oversight on these new and intrusive authorities. The need for these actions should have been particularly clear when FBI attorneys learned in late 2004 and early 2005 that the FBI was acquiring telephone records without legal process. Moreover, no one in the CAU raised concerns about these exigent letters to higher level CTD officials or other senior FBI managers. even when Unit Chief Rogers and some of the agents signing exigent letters should have realized that the letters were inaccurate on their face. 220 II. Individual Performance While the management failures described above explain in part how the FBI came to use exigent letters and other informal methods for requesting records from the on-site providers, these management failures do not explain all the deficiencies we found in this review. Rather, in this review we also concluded that FBI supervisors and attorneys did not take sufficient action to oversee or prevent the use of exigent letters and other improper requests for telephone records. We also believe that the performance of some FBI employees who signed the letters that were inaccurate on their face was not in accord with the high standards expected of FBI and other law enforcement personnel. We discuss the actions of these individuals in the sections below. A. CAU Unit Chief Glenn Rogers While Rogers served as the CAU's first Unit Chief and later as CXS Assistant Section Chief, he made several decisions that resulted in widespread use of exigent letters without adequate legal review by the NSLB, and also without an adequate system to track their use or document the many less formal requests for telephone records from the on-site providers. First, we found that in November 2003 Rogers approved an EC which instructed CAU personnel on how to handle responsive toll billing records obtained "[u]nder the authority of an Exigent Circumstances Letter." Yet, Rogers made no effort to confirm, either then or later, whether these so-called exigent letters were appropriate for use by the CAD in connection with national security investigations. As the CAD Unit Chief, Rogers was responsible for ensuring that the processes used by his unit were lawful and appropriate. Rogers said that a Company A analyst told him in May 2003 that exigent letters had been used by the FBI's New York Division and that the "lawyers" had approved the letter. His decision to rely only on a Company A analyst's vague representations as to the propriety of using such letters, and a reference to unnamed "lawyers," was imprudent and Improper. Second, we found that Rogers failed to properly discharge his duties as CAU Unit Chief and CXS Assistant Section Chief when he signed, and permitted his subordinates to sign, exigent letters that inaccurately stated that subpoenas requesting the telephone records listed in the letters had "been submitted to the U.S. Attorney's Office who will process and serve them formally ... as expeditiously as possible." When we asked Rogers why he signed his name to exigent letters containing these inaccurate statements, he said: 221 The only thing I really regret is the wording in that letter. The letter was just a placeholder and it was a bad move on my part ... It's my fault ... I relied on a flawed piece of paper to do that and I am sick by it. I am sickened. But I do not think the letter is the issue. To me the issue is the exigent circumstances and there were. Rogers's explanation is unpersuasive. He knew the letters contained statements that were inaccurate, yet he signed 12 exigent letters and allowed his subordinates to sign 678 additional exigent letters during his tenure as a supervisor in the CTD. Even if there were exigent circumstances - and we found evidence indicating that there was not exigent circumstances in all cases, let alone a qualifying emergency under Section 2702 - that does not excuse an FBI employee signing his name to a letter that contains inaccurate statements of fact. Moreover, after at least three CAU SSAs complained to Rogers about using exigent letters that contained inaccurate references to grand jury subpoenas having been requested from the U.S. Attorney's Office, Rogers told them to continue using the letters. He told one of them not to change "a single word. Rogers should have recognized and taken immediate action then to address the inaccurate statements in the letters. He should have acknowledged the SSAs' concerns and, at minimum, changed the wording of the exigent letters to make them accurate. He also should have consulted with NSLB attorneys and asked them to review the exigent letters to detennine if they could lawfully be used to support FBI investigations. He did none of these things. JJ Third, Rogers failed to ensure that the personnel assigned to his unit - many of whom had no prior experience in the FBI's national security programs - received training on the authorized methods to request and obtain telephone subscriber and toll billing records information in national security investigations. None of the CAU SSAs we interviewed who signed exigent letters said they had received training on the FBI's authorities under the ECPA to obtain records pursuant to NSLs or the emergency voluntary disclosure statute. Fourth, Rogers did not ensure that guidance was issued which, at a minimum, described in which situations exigent letters could be used. As a result, CAU personnel used exigent letters and then provided after-the-fact legal process in a wide variety of inappropriate circumstances. As described in Chapters Two, Three, and Four of this report, these included instances in which NSLs were not authorized under the ECPA, the Attorney General's NSI Guidelines, or FBI policy and also when the standards set forth in the ECPA emergency voluntary disclosure statute were not satisfied. Rogers's authorization of the CAU's use of exigent letters to obtain thousands of 222 ECPA-protected records rather than using legal process such as NSLs or emergency voluntary disclosure requests led to a serious abuse of the FBI's expanded authority to issue NSLs following enactment of the Patriot Act. Fifth, Rogers failed to ensure that Bassem Youssef, his successor as CAU Unit Chief, was briefed on the unit's methods and procedures, including the specific methods the CAU used for obtaining records from the on-site providers. Rogers told us he had objected to Youssefs selection as Unit Chief and that he had little substantive contact with Youssef after his appointment. Notwithstanding Rogers's objections to Youssefs selection, Rogers should have fully briefed Youssef upon his entry on duty as Unit Chief and should have remained engaged with Youssefs management of the unit, including Rogers's plan to implement the Tracker Database to track requests to the on-site providers and the need to issue follow-up legal process. Rogers attempted to justify his actions by stating that he regularly reminded CAU personnel to stay current on securing the after-the-fact legal process for the providers. He also said he sometimes spoke with personnel assigned to CTD operational units and at least one field division about the importance of issuing after-the-fact legal process for telephone records. However, his efforts were not sufficient to ensure that after-the-fact legal process was issued, and he never raised concerns about the practice to other managers or attorneys in the FBI. In addition, we found that Rogers's failure to clearly explain to CAU personnel what was appropriate under the law and FBI policy led to other lax and sloppy practices in the CAU, including sneak peeks and informal requests for records conveyed bye-mail, telephone calls, and face-to-face conversations. Sixth, when Rogers was the CAU Unit Chief and also when he was the CXS Assistant Section Chief, the CAU did not implement any system for tracking requests to the on-site providers, or keeping copies of the exigent letters, or ensuring that legal process was issued promptly after the records were provided to the FBI. The CAU relied on the on-site providers rather than its own internal controls to document requests for records and the need for legal process. As a result, the growing backlog o f _ or records for which the providers needed legal process went largely unnoticed and unaddressed by FBI managers for over 3 years, until mid-2006. In addition, once FBI managers focused on the improper actions, the lack of documentation of these requests greatly complicated the FBI's efforts to determine whether it had a basis for retaining these records. 223 Seventh, Rogers also did not consult with NSLB attorneys about the use of sneak peeks and other informal requests to obtain information from the on-site providers, or about the FBI's acquisition of calling activity information on _ hot numbers without legal process. As Unit Chief of the CAU, he should have consulted with NSLB attorneys about these practices to ensure that CAU personnel followed the ECPA, the Attorney General's NSI Guidelines, and other relevant laws, regulations, and FBI policies governing the acquisition of telephone records. When we questioned Rogers about these actions, he acknowledged that after a Company A analyst first told him about exigent letters in May 2003, he allowed the use of exigent letters by CAU personnel without issuing clear guidance regarding how they were to be issued. However, Rogers stated that nothing was done "to hide the fact that we were getting stuff in advance of NSLs." Rogers also stated that from the time NSLB attorneys became fully aware of the exigent letter practice in late 2004, the NSLB attorneys never sought to bring their use to a halt. When we asked Rogers about a December 2004 e-mail from the Assistant General Counsel to a CAU SSA in which the Assistant General Counsel discussed the SSA's request for an after-the-fact NSL, Rogers noted the Assistant General Counsel's statement in the e-mail, "I am realistic enough to recognize that there are emergency situations wherein we get the information on the promise of an NSL." Rogers also told us that during the time he was the CAU Unit Chief and later the CXS Assistant Section Chief he was never told by FBI attorneys or CTD management that the exigent letter practice was unacceptable. We agree that NSLB attorneys share some of the responsibility for the improper use of exigent letters when they did not end their use after learning about them. However, for the reasons stated above, we believe Rogers bears a large portion of the responsibility for the CAU's improper use of exigent letters. 254 B. CAU Unit Chief Bassem Youssef In evaluating Youssefs actions, we believe it is important to recognize that when he was assigned as CAU Unit Chief in November 2004 and Rogers became the Assistant Section Chief of the CXS (which oversaw the CAU). Youssef inherited the improper practices initiated during Rogers's tenure, including the use of exigent letters and other informal methods such 254 Rogers retired from the FBI in 2006. 224 as sneak peeks for requesting records from the on-site communications service providers. Moreover. as described in Chapter Two, the CAU's use of exigent letters was expressly approved by Rogers in an EC to CAU personnel dated November 18, 2003. 255 We also found that when Youssef frrst carne to the CAU in November 2004 and continuing thereafter, Rogers did not adequately brief Youssef about the CAU practices. Youssef stated that Rogers "bypass[ed]" him on e-mails. meetings. and other information relating to the CAU operations. Youssef also said that Rogers kept him "out of the loop" and that since Rogers was his immediate supervisor until February 2006. Youssef was not able to raise concerns he had about how the CAU was being run to Rogers because Rogers was not willing to listen to his suggestions. Youssef stated that he had a conversation with Rogers, shortly after learning about the use of exigent letters, in which Youssef raised concerns about the practice. Youssef stated that Rogers told him to continue using the letters, and Youssef said he concluded that he would be insubordinate if he failed to do so. Youssef also asserted that he was subjected to an "incredibly hostile work environment" from his chain of command above Rogers. As noted in Chapter Four, Youssef asserted that both CXS Section Chief Laurie Bennett and CTD DAD John Lewis were hostile to him and that he could not raise any concerns to them about exigent letters. 256 255 As also described in Chapter 'IWo, the previous CAU Acting Unit Chief had approved an EC dated January 6, 2003. distributed to FBI divisions which stated that the CAU could obtain telephone records in "exigent circumstances" and that legal process must follow such requests. This EC did not explicitly refer to exigent letters. 256 Mter reviewing a draft of this report, Youssef's attorney reiterated that Youssef felt he was subjected to a hostile working environment. Youssef's attorney also stated that because of a Title VII lawsuit Youssef fJ.J.ed against the FBI. he was involuntarily transferred to the position of CAU Unit Chief and that many of the CAU supervisors and staff shunned him and preferred to deal directly with Rogers. As noted here and in Chapter Four, the OIG took into account Youssef's work environment in assessing his perfonnance. Youssef's attorney made many other comments after reviewing a draft of this report. We do not address all of his comments. but respond to some of the most significant ones in this report. 225 We confirmed that Youssef was not included on some e-mails between Rogers and the Assistant General Counsel between November 2004 and February 2005. 257 With regard to Youssers claim that Rogers bypassed him, Rogers acknowledged to us that he had very little interaction with Youssef when Youssef became the CAU Unit Chief, and that Rogers never provided Youssef with any guidance on matters involving the CAU, including exigent letters. Rogers said: I didn't give him any briefings. He didn't ask for any .... He never came to me for advice. . . . The most contact I had with him was he was constantly e-mailing me to get his admin leave approved for his lawsuit. And that was the majority of my interaction with him. Rogers also said that he had recommended to the CXS Section Chief that Youssef should not be selected for the CAU Unit Chief position because Rogers did not think that he "had enough experience or understanding of what [the CAUl did." It is clear from the evidence that Rogers did not interact with Youssef or value Youssers input into the CAU operations. We believe Rogers should have risen above his disagreement about Youssers selection and ensured that, working together, they managed the unit appropriately. It is important to recognize that soon after Youssef became the CAU Unit Chief he learned about exigent letters, that NSLB attorneys were aware of the CAU's practice of using exigent letters, and that the NSLB attorneys were working with CAU personnel on a process for issuing after-the-fact NSLs more expeditiously. In addition, Youssef took steps to address the backlogged requests for legal process. For example, in approximately April 2005, after learning from a Company B employee about the backlog of legal process owed to that provider, he instructed CAU personnel to obtain the 257 We found that Youssef did not attend two important meetings with Rogers and NSLB attorneys that were held on January 6, 2005, and January 26, 2005. After reviewing a draft of this report, Youssefs attorney stated that Youssef was "excluded" from or "not invited" to these meetings. However, Youssef told us that he knew about the meetings before they were held. Youssefs attorney stated that Youssef could not attend them because he was on sick leave in one case and at a deposition in his Title VII case in the other. FBI e-mails and documents also reflect that Youssef was invited to these meetings but did not attend. Youssef acknowledged that he made no effort afterwards to learn what had occurred at these meetings. 226 necessary process for Company B. In October 2005 he instructed CAU personnel to ensure that all outstanding requests for records from all three providers were covered by legal process. Also in the fall of 2005, he worked with the FBI aGC and representatives of the CTD operational units to reduce the number of future records requests made prior to service of legal process. 258 Yet, although Youssef inherited the CAU's exigent letters practice, and NSLB attorneys condoned the use of exigent letters and after-the-fact legal process, we nonetheless found that, in several respects, Youssers actions contributed to the CAU's continued use of exigent letters and other informal requests for telephone records. First, Youssef failed to understand fully or adequately assess (in coordination with CTD management and the NSLB) all of the methods by which FBI personnel were obtaining records from the on-site providers. Even though he was in charge of the CAU, Youssef did not understand the scope of the exigent letter practice in his unit, including the routine use of after-the-fact legal process and the other improper practices within the CAU for obtaining telephone records. For instance, Youssef told us that apart from two large counterterrorism operations in 2006, he was unaware that during his tenure CAU employees had obtained records or calling activity information for over 1,000 telephone numbers prior to service of either legal process or exigent letters. In addition, Youssef told us he could not approximate how many exigent letters were issued by CAU personnel over 258 In response to a draft of this report, Youssefs attorney stated that Youssef also requested guidance from the FBI OGC regarding what constituted exigent circumstances, and that this request prompted the Assistant General Counsel's April 26, 2005, e-mail (in which she advised Youssef that exigent letters should be used "only if it is clear to you that the requestor cannot await an NSL"). Yet, we determined through contemporaneous e-mails that the Assistant General Counsel's e-mail was prompted by information she had received from another Headquarters Unit, not from any request for guidance from Youssef. Youssefs attorney also asserted that Youssefs actions in circulating this e-mail to CAD personnel "were the first actions taken by any FBI manager, Unit Chief and/or employee of the [FBII OGC to provide the CAD employees instruction" as to when an exigent letter could be used. We note that the Assistant General Counsel wrote in her e-mail to Youssef, "please make sure the people in your unit are instructed to ask for an NSL, and only if it is clear to you that the requestor cannot await an NSL ... should they be done as emergencies based on your exigent letter." Thus, while we agree that Youssef acted appropriately in following the Assistant General Counsel's advice to instruct CAD personnel, it appears that the first action prompting the instruction was taken by the Assistant General Counsel, not by Youssef. 227 his own name as Unit Chief (we found that the number was 367). Youssef also told us that he was unaware of the details of the CAU requests for community of interest _ sneak peek requests, hot number _ and the unauthorized use of administrative subpoenas. Second, like his predecessor Rogers, Youssef failed to establish an adequate tracking system for exigent letters and other means by which FBI personnel requested records from the on-site providers. Although Youssef took steps in April and October 2005 to determine tbe scope of tbe backlogged requests for legal process. he did not seek to maintain an accurate record at the time they were made of the nature, number, and origin of the requests to the on-site providers whether communicated by exigent letter. by telephone, bye-mail. on pieces of paper, or through sneak peeks. The failure to maintain such records was an internal control problem tbat greatly complicated the FBI's later efforts to determine whetber it had a basis to retain the records. Third, Youssef himself signed one exigent letter issued to Company A on November 21. 2005, that contained an inaccurate statement. Like virtually all other exigent letters signed by CAU personnel, this letter stated that a grand jury subpoena had been requested from the U.S. Attorney's Office. This was not true. When we showed Youssef this letter, he said that when a CAU Intelligence Analyst presented the letter to him for signature he did not recall noticing that the letter referred to a subpoena rather than an NSL. Youssef acknowledged that the follow-up legal process subsequently issued to cover the numbers in the exigent letter was an NSL. He added that he had not "closely" read the exigent letter before he signed it. Youssef told us tbat he should have read tbe exigent letter more closely, adding tbat he "signed this without really looking at it ... because at that time I was aware that that is the procedure in the unit." We concluded that even if Youssef believed that exigent letters were "the procedure in the unit." his failure to review any exigent letter between March 2005 (when he first learned they were used) until November 2005 was troubling. 259 259 After reviewing a draft of this report, Youssefs attorney asserted that Youssef had to sign this exigent letter because the circumstance was a true emergency, the statement about a grand jury subpoena to follow was simply a "placeholder" meaning that some legal process would follow, and that it would have hanned the national security for Youssef to take the time to determine whether the letter accurately stated that a grand jury subpoena would follow. However, Youssef could have easily and quickly ensured the letter's accuracy by revising it to state that legal process would follow. In addition, he could have ensured that the letter was accurate, either before or after he signed it. Rather his testimony was that he did not carefully review the letter and did not notice it referred to a grand jury subpoena before signing it. Finally, we note that 367 exigent letters were signed (Conl'd.) 228 Fourth, we found that Youssef did not adequately inform the Assistant General Counsel that CAU personnel were having difficulty obtaining legal process to address the backlog of record requests about which he was aware. As described in Chapter Four of this report, Youssef told us that he emphasized at the September 26, 2005, meeting with NSLB attorneys and managers of a CTD operational unit that the CAU was attempting to address the "significant backlog" of NSLs owed to the providers. However, in late 2005 and early 2006 when the Assistant General Counsel asked Youssef what the NSLB could do to assist the CAU to ensure the NSLs were issued in a timely manner, Youssef replied that the CAU was "making some reasonable headway in getting NSLs" and that the on-site providers were "happy with the results." These comments did not address the problem of the significant backlog of several hundred telephone numbers for which promised legal process had not been issued. Youssef did not at this time, or later, advise the Assistant General Counsel of the scope of this backlog or that the CAU was having difficulty obtaining after-the-fact legal process to address the backlog. By not making clear to the NSLB that the CAU was having significant difficulty in obtaining after-the-fact NSLs, Youssef contributed to an inaccurate perception that the CAU had the exigent letter matter under control. Because the NSLB was not informed of the full scope of the problems, it did not provide additional resources or issue more urgent directives in coordination with CTD officials to establish clear timetables and oversight mechanisms to address the problem. While we believe that NSLB attorneys were very slow in recognizing and correcting the core legal problem with exigent letters, we also believe Youssefs understatement of the problem contributed to the NSLB's lack of urgency in addressing the exigent letters situation. 26o by the CAU staff under his name, and he did not attempt to verify that the representations in the letter were accurate. 260 In response to reviewing a draft of this report, Youssefs attorney stated that Youssef had requested help from the FBI aGC to force the operational units to open preliminary investigations prior to the CAU requesting records from the on-site providers, but that the FBI aGC refused his request. Youssefs attorney cited two e-mails, dated April 5 and 12,2005, written by the Assistant General Counsel. According to Youssefs attorney, Youssefs request to the FBI aGC to force the operational units to open preliminary investigations, if accepted, would have "struck at the root cause of the exigent letter(s] problem." However, the April 5 and April 12 e-mails related to the umbrella preliminary investigative file plan that the NSLB had proposed in January 2005. In his OIG interviews, Youssef also portrayed the preliminary investigation suggestion as the FBI aGC's idea, not (Conl'd.) 229 As discussed above, Youssef also asserted that he was subjected to a hostile working environment from his chain of command above Rogers. However, we believe that if Youssef concluded that it would be futile to raise concerns about exigent letters with Rogers or others in the CTD chain of command, Youssef could have, and should have, raised these concerns with other FBI managers. He also could have taken the concerns he said he had in 2005 about the use of exigent letters to the FBI's Inspection Division, the FBI's Office of Professional Responsibility, the GIG, or the Department of Justice. In sum, we recognize that Youssef was placed in a difficult position when he became the Unit Chief of the CAU because the use of exigent letters and other informal means for obtaining telephone records and other ECPA-protected information from the on-site providers had been ongoing for several years. In addition, Rogers, who was the CAU's former Unit Chief and who became Youssefs first-line supervisor, did not adequately brief Youssef about the CAU practices and did not in other ways interact appropriately with Youssef. We found that Youssef took some steps to attempt to address the use of exigent letters. However, we concluded that Youssef did not do all he could have. and should have, to address the improper use of exigent letters and other informal requests for telephone records. C. NSLB Deputy General Counsel Julie Thomas As summarized in Chapter Two of this report. we found that many of the improper practices described in this report pre-dated Julie Thomas's appointment in October 2004 as Deputy General Counsel of the FBI OGC's National Security Law Branch (NSLB). Before Thomas's appointment, CAU personnel had been regularly issuing exigent letters, and CAU Unit Chief Rogers had formally recognized exigent letters as an approved method for getting records from the on-site providers without first serving legal process. his. Moreover, as described in Chapter Four, the umbrella plan was dropped because Youssef informed the FBI aGC months later at a meeting on September 26, 2005, that umbrella mes were not needed because emergency requests for records in cases where there was no case already open 'were few and far between." Therefore, Youssef's testimony does not support the assertion that forcing the operational units to open preliminary investigations would have solved the "root cause" of the exigent letters problem, or that the FBI aGe refused his request to get the operational units to open preliminary investigations. 230 However, we found that after Thomas became the NSLB Deputy General Counsel and became aware of exigent letters, she did not adequately review and assess the legality of their use in a timely fashion, halt their use, ensure in coordination with CTD officials that CAU personnel understood the lawful methods for obtaining records from the on-site communications service providers, or ensure that the NSLs that she personally signed complied with the ECPA NSL statute. As NSLB Deputy General Counsel, Thomas served as the principal legal adviser to the FBI General Counsel on FBI national security issues. After the September 11 attacks, the NSLB grew from a small unit of approximately 10 employees to a full branch within the FBI aGC consisting of 6 units staffed by over 70 attorneys, Special Agents, and support personnel. The NSLB's mission was to provide legal support throughout the FBI, including to the Counterterrorism, Counterintelligence, and Cyber Divisions, by advising on legal issues related to national security matters, ensuring an efficient and timely process for seeking FISA warrants, developing and maintaining liaison relationships within the Intelligence Community, and providing legal training on national security issues to FBI employees. Yet, beginning in December 2004 when the Assistant General Counsel first informed Thomas about a "form letter" the CAU was using to obtain records in advance of legal process, Thomas failed to directly address the fact that these letters violated the ECPA. Even though she recognized that there were only two authorities by which the FBI could obtain ECPA records in national security investigations (pursuant to legal process or the emergency voluntary disclosure statute), Thomas did not take prompt, decisive action in December 2004 when she learned that (1) the CAU was regularly obtaining records from the on-site providers by using a form letter that promised future legal process, and (2) the CAU was having difficulty obtaining after-the-fact legal process from Headquarters' operating units and FBI field divisions regarding the records it already had received from the on-site providers. In particular, Thomas did not ask to review the exigent letter; did not direct the Assistant General Counselor anyone else to review the exigent letter; did not ensure that CAU personnel were trained on the lawful methods for obtaining telephone records; did not review the FBI's contracts with the three on-site communications service providers (or the underlying contract proposals and other documents) until after the FBI received a draft of the OIG's first NSL report; and did not determine if the CAU had issued any guidance to its employees about the appropriate and legal way for FBI personnel to request records from the on-site providers. Instead, Thomas approved a recommendation from the Assistant General Counsel in January 2005 that NSLB personnel be made available to the CAU to help get NSLs 231 signed quickly after the FBI acquired records from the on-site providers in emergency situations. We concluded that after Thomas was given notice in December 2004 that exigent letters with the promise of future legal process were being used to obtain ECPA-protected records, at a minimum she should have asked an NSLB attorney to fully and promptly review with CTD's senior managers the methods and practices used by CAU personnel to request and obtain records from the on-site providers so that NSLB could determine if they were legal. A careful review would also have revealed the additional improper practices arising from the FBI's interactions with the on-site providers, such as requesting records without legal process or even exigent letters, sneak peeks, hot number _ and the use of administrative subpoenas signed by a CAU SSA. In evaluating Thomas's performance, we recognize that CAU personnel also failed to provide infonnation to the NSLB that they should have known was relevant to the NSLB's legal oversight. In particular, as discussed above, CAU Unit Chief Youssef did not adequately advise the NSLB on the extent of the backlog and the ongoing difficulties CAU personnel were encountering in getting after-the-fact NSLs issued by field and Headquarters divisions. These omissions affected Thomas's ability to fully appreciate the scope of the CAU's various problems resulting from its use of exigent letters and other improper methods to obtain telephone records. Similarly, CAU personnel did not infonn Thomas or other FBI attorneys that the CAU routinely obtained ECPA-protected information from the on-site providers by using sneak peeks. Moreover, even after FBI aGC attorneys first were told by the CAU Primary Relief Supervisor about sneak peeks in February 2007, they were not infonned of the extent of the infonnation given to CAU personnel in response to such requests. As late as 2007. when the Assistant General Counsel asked CAU personnel to prepare a memorandum reporting as possible intelligence violations the improper blanket NSLs she then knew about, the CAU personnel involved in the drafting effort failed to provide accurate and complete infonnation to the NSLB about the 11 blanket NSLs that had been drafted by CAU personnel and signed by senior CTD officials. Yet. we believe that these deficiencies in reporting these issues to the NSLB do not excuse Thomas's failure to take adequate action with the information she did have. At critical junctures throughout 2005 and 2006, when Thomas learned more about the CAU's various practices for obtaining records from the on-site providers, she did not take timely, decisive. and effective actions to ensure that the CAU obtained records from the on-site 232 providers only in accordance with the ECPA and ensure that the use of exigent letters and after-the-fact NSLs was halted. For example, after the Assistant General Counsel informed Thomas in an e-mail in April 2005 that the CAU may be handling requests from the on-site providers for records as if they were emergencies when some of the requests "were not necessarily emergencies," Thomas did not correct inaccurate guidance that the Assistant General Counsel had given to the CAU: that the CAU could continue to use exigent letters "only if it is clear to you that the requestor cannot await an NSL." As described in Chapters Four and Six of this report, this advice was inaccurate because even if the exigent letter was construed as seeking voluntary production pursuant to Section 2702, the advice would allow use of the letter in circumstances that did not meet Section 2702's definition of emergency circumstances. Thomas told us that she did not recall receiving the Assistant General Counsel's April 2005 e-mail, but after reviewing the e-mail in August 2008 she said it was consistent with her understanding of the advice that the NSLB was providing the CAU in 2005. Thomas said she understood that the Assistant General Counsel's advice was "shorthand" for the "true emergency" standard in the emergency voluntary disclosure statute (18 U.S.C. § 2702(c)(4)). However, as described above we do not believe it is reasonable to equate the words "the requestor cannot await an NSL" with the "danger of death or serious physical injury" standard in Section 2702. More significantly, FBI General Counsel Valerie Caproni and the Assistant General Counsel stated unequivocally that the FBI did not rely on that statutory authority in approving the use of exigent letters. We concluded that Thomas's recollection was mistaken and that 18 U.S.C. § 2702(c)(4) was not relied upon by the NSLB during the period that the CAU issued exigent letters. In August 2005, Thomas missed another opportunity to correct some of the CAU's improper practices when she failed to recognize that the emergency voluntary disclosure statute could be used to address some of the emergency requests coming to the CAU. At that time Thomas approved FBI-wide guidance issued by the FBI General Counsel for obtaining the content of communications pursuant to the ECPA emergency voluntary disclosure provision. The new guidance reiterated the requirements of the provision and specifically highlighted that since the disclosure was voluntary it "should not be followed with a subpoena or other compulsory process." Yet, even as she reviewed and approved new FBI policy for using this emergency authority under 18 U.S.C. § 2702(b)(8) for obtaining communications covered by the ECPA, Thomas failed to recognize a connection between a similar emergency disclosure provision under 18 U.S.C § 2702(c)(4) relating to toll billing records under the ECPA and how that authority related to the exigent letters practice. She again failed to halt 233 the use of exigent letters - which improperly combined a request for voluntary production with a promise of future compulsory process - and she also failed to identify the emergency voluntary" disclosure statute as an appropriate alternative to exigent letters in qualifying emergencies. In June 2006, when Thomas received an e-mail informing her that the Assistant General Counsel had sent a new version of a model exigent letter to the CAU in May 2006, Thomas again allowed the practice of using exigent letters to continue. The new version of the exigent letter promised that NSLs (rather than grand jury subpoenas) would be issued in the future. While the revised model exigent letter corrected an inaccurate statement in the exigent letter about grand jury subpoenas, the revised letter still did not ensure compliance with the ECPA's requirements that either (1) the FBI issue legal process in advance of obtaining records; or (2) the provider produce records voluntarily in circumstances satisfying Section 2702's emergency voluntary" disclosure provision. Consequently, the revised exigent letter did not resolve the fundamental legal problem with the letters under the ECPA. In addition, we found that Thomas herself signed seven after-the-fact NSLs in 2005. The ECPA does not authorize the issuance of retroactive legal process, and such process would not validate an improper disclosure of records under the ECPA. The NSLs and approval ECs also did not state that the FBI had already acquired the records. In evaluating Thomas's overall performance we recognized that she was also assigned to provide legal counsel to support many high-profile threats that the FBI addressed during the period covered by our review. Thomas told us that she regularly was involved with "the most emergent issues that face the intelligence community!' She said she routinely dealt with "life and death situations" that required immediate attention. Thomas also said that soon after she was appointed NSLB Deputy General Counsel in the fall of 2004, she ·came to believe that the span of control of this branch was beyond the capabilities of any human being." She said that starting in December 2004 she had requested that Section Chief positions be established in the NSLB to assist her, but that this did not occur until January or February 2008. Yet, taking all these circumstances into account, we believe Thomas inappropriately approved the use of the exigent letters practice and after-the-fact NSLs, did not promptly review an exigent letter or direct another attorney to review one, did not review the providers' contracts and 234 associated documents, repeatedly missed opportunities to halt the use of exigent letters, did not work with CTD managers to ensure CAU personnel were properly instructed on the FBI's authorities to obtain telephone records from the on-site providers, and signed improper after-the-fact NSLs.261 D. NSLB Assistant General Counsel As described in this report, the NSLB Assistant General Counsel had the most frequent contact with CAU personnel regarding exigent letters. She was an FBI senior line attorney who was the NSLB point-of-contact for NSL-related policies and issues. In that position, she was consulted when field and Headquarters personnel, including Chief Division Counsels, had questions about NSLs. She also was responsible for drafting NSL guidance, preparing or overseeing the preparation of NSL training materials, preparing congressionally mandated reports to Congress on NSL usage, and evaluating the need for legislative amendments to the FBI's NSL authorities. We determined that in December 2004, in connection with a request for an after-the-fact NSL from a CAU SSA, the Assistant General Counsel first learned that the CAU regularly used exigent letters to obtain telephone records, that these exigent letters promised after-the-fact legal process, that the CAU relied on field divisions to supply the after-the-fact legal process, and that the field divisions often did not respond to the CAU's requests for after-the-fact legal process. In response, the Assistant General Counsel promptly and appropriately notified her immediate supervisor and NSLB Deputy General Counsel Thomas about this information. We also found that she consistently kept both her immediate supervisor and Thomas informed about her interactions with the CAU concerning exigent letters and the problems the CAU was encountering in obtaining legal process after the exigent letters were issued. She also periodically advised CAU Unit Chief Youssef that she and the NSLB were available to assist the CAU in working through exigent letters problems by making NSLB resources available to assist with promptly drafting after-the-fact NSLs. Yet, while the Assistant General Counsel generally kept her supervisors informed of what she learned on a timely basis, she provided inaccurate guidance to Youssef that "we are willing to allow these requests when there really are exigent circumstances ... only if it is clear ... that the requestor cannot await an NSL." She also recommended to NSLB Deputy General Counsel Thomas that the NSLB designate attorneys to 261 Thomas resigned from the FBI in December 2008. 235 assist the CAU in preparing after-the-fact NSLs more expeditiously and over a period of nearly 9 months worked on a proposal to create "umbrella files" generic national security investigations of recurring threats - that could be used to document in NSL approval ECs the predication for NSLs (until she was informed that the umbrella files were not needed). When we asked her how she justified the use of exigent letters that promised future legal process, the Assistant General Counsel told us that the FBI had "created an exception [to the ECPA statute] in national security circumstances where we think it's absolutely necessary." However, the ECPA does not provide for such an exception. We were also troubled the Assistant General Counsel did not seek to review a copy of any exigent letter until May 2006, more than 18 months after first learning of their use in the CAU. We believe she should have asked to see an exigent letter upon hearing of its use. Even after reviewing an exigent letter, she did not recognize that the CAU was obtaining records in violation of the ECPA. Instead of recommending that their use be halted, in May 2006 she merely revised the exigent letter to substitute the term "NSL" for the inaccurate reference to after-the-fact issuance of grand jury subpoenas, and she advised the CAU that it could continue to use the revised exigent letter. By these actions, she allowed the FBI's improper use of exigent letters and after-the-fact NSLs to continue. However, it is also important to note that she forwarded the revised exigent letter to both her supervisor and Thomas, and that neither of these supervisors objected to the Assistant General Counsel's changes or otherwise questioned the CAU's continued use of exigent letters. Finally, we believe the Assistant General Counsel should have recognized that many of the exigent requests that came to the CAU qualified for emergency voluntary disclosure requests under the ECPA. Yet, like her immediate supervisor and NSLB Deputy General Counsel Thomas, the Assistant General Counsel did not ensure that CAU personnel were briefed about the circumstances in which the FBI could lawfully request voluntary disclosure without legal process. In sum, we concluded that based on the Assistant General Counsel's experience in national security investigations and the position she held in the NSLB, she should have directly confronted the legal deficiencies in use of exigent letters and, through her supervisors in the NSLB and in conjunction with CTD managers, ensured that the use of exigent letters ended, which she did not do. 236 E. General Counsel Valerie Caproni We examined the involvement of FBI General Counsel Valerie Caproni in the handling of exigent letters and determined that she first learned about the CAU's use of exigent letters or other improper requests for telephone records in late 2006, during the GIG's first NSL investigation. The only evidence that Caproni was told anything prior to this time that related to the CAU obtaining records before service of legal process was a conversation that Thomas said she had with Caproni in April 2005 when Thomas was preparing for the FBI Inspection Division's triennial inspection of the FBI OGe. Thomas said she discussed with Caproni at the time that the NSLB "had a problem delivering legal services' and that "[CAU personnel] were requesting NSLs for records they had already received." Thomas said she raised the question to Caproni whether these after-the-fact NSLs should be reported as possible intelligence violations to the President's Intelligence Oversight Board. Thomas said that Caproni agreed with Thomas's assessment that "these were likely all emergency circumstances anyway and a follow-on NSL would not be required. "262 We concluded that the information Thomas recalled sharing with Caproni was not of sufficient detail to put Caproni on notice that the CAU was obtaining records from the on-site providers with a promise of future legal process. We found no evidence that Thomas informed Caproni that the CAD was obtaining records using a letter that promised future service of legal process. Rather, Caproni first learned about the use of exigent letters in 2006 in response to the FBI Director's request that she assess whether the FBI anticipated any problems with the GIG's first NSL investigation that was ongoing at the time. Caproni asked the Assistant General Counsel in an e-mail whether, in light of the Assistant General Counsel's recent GIG interview, she anticipated "any problems/issues/concerns." In a reply on June 1, 2006, the Assistant General Counsel wrote: in emergency situations ... we have allowed CAU to get NSL information from the le]mbedded telephone companies based upon a letter promising a legally compelling process to be forthcoming, and then the NSL is supposed to be issued .... 262 However, as we discuss in Chapter Four of this report, Caproni told us in earlier interviews when we asked her if the FBI had been relying on the emergency voluntary disclosure statute in approving the use of exigent letters, "no, we had no discussions that these (exigent letter requestsJ- would qualify under that provision of the ECPA." 237 There had been some problems with the promptness or lack thereof of those NSLs, as well as figuring out a [preliminary investigation] to which to attach the NSL request. I think the problem is resolved now but we still allow the receipt of info without an actual NSL prior to the receipt. It is analogous to the 2702(d) emergency but we have never premised it on that. On July 20, 2006, NSLB Deputy General Counsel Thomas forwarded to Caproni another e-mail from the Assistant General Counsel in which the Assistant General Counsel reported that she had been asked in a recent OIG interview about the CAU's practice of issuing exigent letters "in emergency situations to get NSL infonnation." Thomas stated in her forwarding e-mail, "[w]e have done better with this [issuing NSLs prior to requests for records] but when we are sitting right next to the rep. its tough to wait the 2-3 days it takes to get" the NSL. Caproni responded to Thomas, "I think we've always done some 'paperwork to follow' requests. "263 However, Caproni said she did not see an exigent letter and was unaware of the extent to which the FBI was using exigent letters before the OIG showed her an exigent letter and informed her of the details of the practice in late 2006 in connection with the OIG's interview of her in our first NSL investigation. We concluded that the two e-mails described above did not alert Caproni of the extent of the problem and in fact suggested that the problem had been "resolved." Moreover, by the time Caproni received these e-mails the OIG investigation was ongoing within the FBI and the issuance of exigent letters had all but stopped. Under these circumstances, we do not believe she was on sufficient notice of the problem, in advance of the OIG investigation, to remedy it. 263 When the DIG asked Caproni about her reference to the FBI always doing "paperwork to follow" requests, Caproni stated that when she was an Assistant United States Attorney there were instances in which records were obtained prior to the service of legal process. Caproni told us, "in my experience it is not a particularly unusual circumstance to do a paperwork-to-follow request," as long as the process comes within "a day, or ... maybe you are going to get the records on Saturday and you are going to give them the process on Monday." Caproni added that when she was told about the CAU obtaining records prior to process, "[ilt did not surprise me or shock me," noting, however, that she believed at the time that legal process was served within a day or two. Caproni distinguished her prior experience from the sort of delays that she learned were occurring in the CAU. 238 F. Signers orthe 11 Blanket NSLs: Joseph Billy, Jr., Arthur Cummings III, Michael Heimbach, and Jennifer Smith Love As described in Chapter Four of this report, we found that 4 senior CTD officials signed a total of II improper blanket NSLs in 2006. Each of these NSLs had multiple deficiencies. We analyze below the actions of the signed these improper blanket NSLs. 1. fOUf eTn senior officials who Joseph Billy, Jr. Joseph Billy, Jr., joined the FBI in 1978. By mid-2006, Billy had been assigned to FBI national security investigations for about 20 years. Billy signed 4 of the II improper blanket NSLs: the Company B May 12 NSL and 3 Operation Z NSLs. He signed the Company B May 12 NSL when he was a CTn Deputy Assistant Director and the three Operation Z NSLs as an Assistant Director. In both of these positions, Billy was authorized to sign NSLs by virtue of the FBI Director's delegation of NSL signature authority to Deputy Assistant Directors and Assistant Directors of the Counterterrorism Division. However, all fOUf NSLs were deficient. The Company B NSL violated the ECPA because (1) it included telephone numbers relevant to closed investigations and records that were relevant to domestic terrorism and criminal investigations for which NSLs are not an authorized technique under the Attorney General's NSf Guidelines; and (2) did not contain the certifications required for NSLs imposing non-disclosure and confidentiality requirements on NSL recipients. The Company B May 12 NSL and the three Operation Z NSLs also violated FBI policy because they were not accompanied by approval ECs. Approval ECs are required in order to document that the records sought are relevant to an authorized national security investigation. Finally, all four NSLs were issued after-the-fact, and none of the NSLs disclosed that they were issued for records that had been previously obtained through exigent letters. Billy told us that he did not recall signing the Company B May 12 blanket NSL or the three Operation Z NSLs, but he did not contest that his signature was on all four NSLs. Further, although he told us that he knew that NSLs were only authorized in instances in which there was an open preliminary or full national security investigation, the Company B May 12 NSL included telephone numbers related to closed cases and domestic 239 terrorism and criminal investigations for which NSLs are not authorized. Additionally, Billy told us that signing NSLs that were not accompanied by approval ECs was "completely outside" his practice. However, we confirmed with the CAU SSAs who drafted the four blanket NSLs that Billy signed that none of these four NSLs were accompanied by approval ECs. While we developed no evidence contradicting Billy's assertion that his normal practice was to sign NSLs only if they were accompanied by approval ECs, these four NSLs were not issued with the required approval ECs. We concluded that in signing these four NSLs, Billy failed to take appropriate steps to ensure that NSLs he signed complied with the ECPA, the Attorney General's NSI Guidelines, and FBI policy. When Billy signed these NSLs he had nearly 20 years of experience with FBI national security investigations, and he knew the legal and policy requirements for using this intelligence tool. Yet, he signed these NSLs either without the required certifications or without ensuring that the requests were adequately predicated under the ECPA by examining the approval ECS.264 2. Arthur A. Cummings III Arthur A. Cummings lIljoined the FBI in 1987. By mid-2006, Cummings had worked on FBI national security investigations for about 14 years. Cummings signed 5 of the 11 improper blanket NSLs, all of which related to Operation Y. He signed these NSLs as a Special Agent in Charge (SAC) for the Washington Field Office while he was temporarily assigned to the CTD as an Acting DAD. As a SAC. Cummings was authorized to sign NSLs by the FBI Director's delegation pursuant to 18 U.S.C. § 2704(b). All of the Operation Y NSLs were deficient. These NSLs were issued after-the-fact. although the ECPA does not authorize after-the-fact process. In addition, they did not contain the certifications required for NSLs imposing non-disclosure and confidentiality requirements on NSL recipients. These NSLs also violated FBI policy because they were not accompanied by approval ECs. Finally all five NSLs were issued after-the-fact but none of the NSLs disclosed that they were issued for records that had been previously obtained through exigent letters and other informal requests. J 264 Billy retired from the FBI in March 2008. 240 Cummings said that prior to signing any of the NSLs, he had spoken with an NSLB attorney to detennine if he was authorized to sign NSLs while serving as an Acting DAD in the CTD on temporary assignment. An NSLB attorney confinned to us that she advised Cummings that he could sign NSLs in his position as a SAC. Cummings also told us that he recalled signing the Company C August 24 and Company A August 25 Operation Y blanket NSLs, which included many telephone numbers, but he did not recall signing the other three Operation Y blanket NSLs. Cummings said he believed that each of the NSLs he signed had approval ECs because it was his practice to ensure that NSLs always had approval ECs. However, we confinned with the CAD SSA who drafted the NSLs that approval ECs were not prepared for any of the five Operation Y blanket NSLs. Accordingly, we detennined that Cummings was mistaken in his belief that all the NSLs he signed were accompanied by approval ECs. We concluded that by signing these NSLs Cummings failed to take appropriate steps to ensure that the NSLs complied with the ECPA, the Attorney General's NSI Guidelines, and FBI policy. When Cummings signed these NSLs, he had about 14 years experience in conducting FBI national security investigations, yet he failed to ensure that the requests were adequately predicated under the ECPA by examining the approval ECs. 3. Michael Heimbach Michael Heimbach joined the FBI in 1988. By mid-2006, Heimbach had been assigned to FBI national security investigations for more than 3 years. Heimbach signed the Company C July 5 blanket NSL. Heimbach signed this NSL when he was a Section Chief of the International Terrorism Operations Section 1 of the CTD, but while temporarily assigned as an Acting DAD for the CTD. Similar to the Company B May 12 NSL signed by Billy, this NSL violated the ECPA because it (1) included telephone numbers relevant to closed investigations and records that were relevant to domestic terrorism and criminal investigations for which NSLs are not an authorized technique under the Attorney General's NSI Guidelines; and (2) did not contain the certifications required for NSLs imposing non-disclosure and confidentiality requirements on NSL recipients. Additionally, this NSL violated FBI policy because it was not accompanied by an approval EC. As mentioned previously, approval ECs are required in order to document that the records sought are relevant to an authorized national security investigation. 241 Finally, this NSL was issued after-the-fact, although the ECPA does not authorize retroactive legal process, and did not disclose that it was issued for records that the FBI had been previously obtained through exigent letters. Heimbach told us that prior to signing the NSL, an NSLB attorney told him that he was authorized to sign the NSL as an Acting DAD. Heimbach also told us that his practice was to require approval ECs to establish and document the predication for the NSL and the relevance of the telephone numbers to an open national security investigation. He stated that he assumed he was told when he signed the Company C July 5 NSL that the approval EC was being prepared or had already been prepared. However, we confirmed with the CAU SSA who prepared the NSL and brought it to Heimbach for signature that an approval EC was never drafted. We therefore concluded that Heimbach was mistaken in his belief that an approval EC was being prepared or had already been prepared. We concluded that by signing this NSL Heimbach failed to take appropriate steps to ensure that he complied with the ECPA, the Attorney General's NSI Guidelines, and FBI policy. When Heimbach signed this NSL, he had over 3 years experience in conducting FBI national security investigations, yet he failed to ensure that the requests were adequately predicated under the ECPA by examining the approval EC.265 4. Jennifer Smith Love Jennifer Smith Love joined the FBI in 1987. By mid-2006, Love had been assigned to FBI national security investigations for about 20 months. Love signed the Company A September 21 blanket NSL when she was a Section Chief of the Communications Exploitation Section of the CTD but temporarily assigned as an Acting DAD for the CTD. Similar to the Company B May 12 NSL signed by Billy and the Company C July 5 NSL signed by Heimbach, this NSL violated the ECPA because it (I) included telephone numbers relevant to closed investigations and records that were relevant to domestic terrorism and criminal investigations for which NSLs are not an authorized technique under the Attorney General's NSI Guidelines; and (2) did not contain the certifications required for NSLs 265 As noted above in connection with the NSL signed by Heimbach, the FBI did not issue guidance stating that Acting DADs are not authorized to sign NSLs until June I, 2007. We agree that in the absence of clear written policy on signature authority, Heimbach should not be faulted for signing the NSL while serving as an Acting DAD. 242 imposing non-disclosure and confidentiality requirements on NSL recipients. Additionally, this NSL violated FBI policy because it was not accompanied by an approval EC. Finally, this NSL was issued after-the-fact, although the ECPA does not authorize retroactive legal process, and did not disclose that it was issued for records that the FBI had been previously obtained through exigent letters and other informal requests. Love told us that she recognized her signature on the Company A September 21 NSL, but said she could not recall any details surrounding this NSL, including who gave it to her. She also told us that she did not know that NSLs required approval ECs. We concluded that by signing this NSL Love failed to take appropriate steps to ensure that she complied with the ECPA, the Attorney General's NSI Guidelines, and FBI policy. When she signed this NSL Love had about 20 months experience conducting FBI national security investigations. If Love did not know FBI policies regarding the issuance of NSLs - including the requirement that they contain approval ECs - she should not have signed any NSLs and should instead have sought appropriate legal guidance. 5. OIG Conclusion on CTD officlsls who signed improper blanket KSLa When Congress amended the Patriot Act in 200 I, it significantly expanded the FBI's preexisting authority to issue NSLs. Section 505 of the Patriot Act broadened the FBI's NSL authority by eliminating the requirement that the information sought in an NSL must pertain to a foreign power or an agent of a foreign power. This section of the Patriot Act substituted the lower threshold that the information sought must be relevant to an authorized investigation to protect against international terrorism or espionage, provided that any investigation of a U.S. person is not conducted "solely on the basis of activities protected by the first amendment of the Constitution of the United States." As a consequence of this lower threshold, the FBI can obtain information about persons who are not subjects of FBI investigations so long as the requested information is relevant to an authorized national security investigation. As we described in this chapter, we believe serious, repeated management failures by the FBI's senior leadership, the CTD, and the FBI aGC caused the breakdown in responsibility and accountability for exigent letters, other improper requests, and the attempts at corrective action such as blanket NSLs. However, we also believe that the CTD senior 243 individuals who signed these blanket NSLs contributed to misuses of these authorities. As senior CTD officials, Billy, Cummings, Heimbach, and Love were responsible for ensuring that the NSLs they signed complied with the ECPA, the Attorney General's NSI Guidelines, and FBI policy. While we recognize that each of these four officials had other significant responsibilities in the FBI and that they each worked in a high-pressure environment in furtherance of the FBI's counterterrorism mission, we believe they should have taken more care to ensure that the NSLs they signed complied with the ECPA, the Attorney General's NSI Guidelines, and FBI policy. G. CAU Personnel Who Signed Exigent Letters As described in Chapter Two of this report, we determined that many CAU employees - 2 Unit Chiefs, 15 SSAs, and 3 Intelligence Analystssigned 722 exigent letters issued by the CAU between March 2003 and November 2006. The vast majority of these exigent letters stated: Due to exigent circumstances, it is requested that records for the attached list of telephone numbers be provided. Subpoenas requesting this information have been submitted to the U.S. Attorney's Office who will process and serve them formally to [Company A, Company B, or Company C] as expeditiously as possible. As discussed above, this language came from the New York Field Division where grand jury subpoenas signed by the U.S. Attorney's Office were used to obtain telephone records related to the counterterrorism investigations in response to the September 11 attacks. This practice and the use of exigent letters were adopted by the CAU beginning in 2003. In evaluating the accountability of the CAU employees who signed these exigent letters, we asked the CAU employees who signed two or more exigent letters whether they knew when they signed the letters that the factual statements were accurate. We asked specifically whether they knew that there were exigent circumstances associated with the requests and whether they knew that requests for grand jury subpoenas had been submitted to the U.S. Attorney's Office, as specifically stated in the letters. With few exceptions the CAU SSAs who signed the letters said they believed exigent circumstances were present in every instance in which they signed an exigent letter. The only exceptions to these general statements were (1) an SSA who told us that he signed several letters when he was new to the CAU under circumstances he was "pretty sure ... could be questionable"; (2) another SSA who told us that he sometimes signed 244 exigent letters presented to him by the CAU Intelligence Analysts without requiring an explanation of the details if he was busy on other projects; and (3) CAU Unit Chief Bassem Youssef and at least two SSAs who told us they did not read the exigent letters closely or in detail, signed it "without looking at it," or "just glanced over it." Nearly all of the SSAs also told us that their primal}' concern each time they signed an exigent letter was to be responsive to the demand for telephone toll billing records as quickly as possible in order to support critical FBI investigations. The exigent letters also stated that requests for a specific form of legal process - "subpoenas" - had already been submitted to the U.S. Attorney's Office. In most cases, this was not true. As described in Chapter Four of this report, in most cases the legal process issued after-the-fact to cover exigent letters were NSLs issued by the FBI, not grand jury subpoenas. However, most of the CAU SSAs we interviewed told us they did not know whether grand jUl}' subpoenas had been requested, although some recognized that the letters inaccurately described the process for obtaining grand jul}' SUbpoenas. We sought to determine whether the signers of exigent letters knew whether the statement that requests for grand jury subpoenas had been submitted to the U.S. Attorney's Office was false when they signed the letters. One SSA who signed 139 exigent letters told us that although he recognized that the exigent letters inaccurately stated that grand jul}' subpoenas had been submitted, he signed the letters nonetheless because he "thought it was all part of the program coming from the phone companies themselves," and he assumed the letters were approved by the communications service providers' attorneys. Another SSA who signed 115 exigent letters said that he knew that subpoenas had not been issued but signed the exigent letters anyway, because he saw the letter used by other CAU personnel as a standard practice and he received assurances from CAU Unit Chief Glenn Rogers that the exigent letter was okay to use. A third SSA who signed 98 exigent letters said he was not concerned with the reference to subpoenas having been submitted to the U.S. Attorney's Office, although the language "did not make senseD because it did not correctly reflect the procedure to obtain subpoenas. This SSA said he "didn't really have any reason to question" the letters because the letters were accepted by the providers and were an established practice in the CAU. When we questioned other SSAs about their signing exigent letters which inaccurately stated that grand jury subpoenas had already been requested from the U.S. Attorney's Office, they said that they did not pay 245 much attention to and were not concerned about the reference to a grand jury subpoena. Other SSAs told us that when they signed the letters they did not know for sure what type of after-the-fact legal process would be used by the field division or Headquarters unit that initiated the request. Others told us that they considered the reference to grand jury subpoenas to broadly include all categories of legal process, such as NSLs. As noted above, a few SSAs told us that they never read the exigent letters closely enough to notice any of the statements they contained. As noted above, when we asked CAU Unit Chief and CXS Assistant Section Chief Glenn Rogers why he signed, and permitted his subordinates to sign, exigent letters containing inaccurate statements, he said he regretted the wording of the letter, but that the letters were just a "placeholder!' In response to a similar question, Youssef told us he should have read the letter more closely and did not realize that the exigent letters referred to subpoenas rather than NSLs until April or May 2006. 266 In evaluating the performance of the individual signers of the inaccurate exigent letters, it is also important to consider several mitigating circumstances. First, CAU Unit Chief Rogers approved the use of exigent letters by the CAU, and in November 2003 Rogers issued an EC to the CAU that referred to the exigent letters as a tool for obtaining telephone toll billing records from Company A, which was the only on-site provider at the time. As described in Chapter Two, three SSAs who signed exigent letters told us that they raised concerns about the wording of exigent letters to their Unit Chief at the time, Glenn Rogers. In each instance, the SSAs said that Rogers assured them that the letter was "standard operating procedure" and had been approved by "lawyers." Rogers also told one SSA that he should not change "a single word" in the letter. Although Rogers told us that he did not recall these SSAs or anyone else coming to him with complaints about the exigent letters, we concluded, based on the consistent testimony of the SSAs, that this had occurred. Second, CAU personnel were not trained on national security investigations or NSLs when they arrived in the unit until after the OIG's first NSL report was released in March 2007. Rather. newly assigned personnel - most of whom had no prior experience in national security 266 However, after this time period 28 additional exigent letters were signed by other CAU personnel with Youssef's name listed as the CAU Unit Chief, including 15 that continued to refer to grand jury subpoenas having been requested. 246 investigations - learned the procedures for requesting and obtaining records from the on-site providers' employees and from other CAU personnel. Third, by late December 2004 NSLB attorneys, including NSLB Deputy General Counsel Thomas, knew that the CAU was obtaining records prior to sexvice of legal process based on a form letter but did not probe the details or terminate the practice. Rather, in January 2005 NSLB attorneys met with Rogers and a CAU SSA to discuss how the NSLB could assist in quickly preparing NSLs after the CAU had obtained records. Thus, CAU personnel believed that the exigent letters had been approved not only by the CAU Unit Chiefs but by the NSLB. Fourth, the use of exigent letters was widespread and the accepted way of doing business in the CAU. Many CAU SSAs told us that the letters were part of the standard practice used by the CAU. Some SSAs also identified a particular Company A employee as having assured them that the exigent letter practice had been approved by "attorneys," which the SSAs said they interpreted to mean attorneys from both the FBI and Company A. Fifth, because the CAU was an operational support unit, none of its personnel had authority to sign NSLs. As a result, when CAU personnel issued exigent letters to obtain records from the on-site providers, the CAU generally depended upon the original FBI requesters in field or Headquarters operational units to issue the after-the-fact legal process. Due to the absence of a tracking system for after-the-fact legal process in the CAU, the CAU SSA who signed the exigent letters would not necessarily know what type of legal process was eventually issued or even that the request was eventually covered by the promised legal process. Additionally, due to turnover in the CAU, the CAU employee who signed the exigent letter may have rotated out of the CAU when the after-the-fact legal process was sexved on the on-site providers weeks, months, or even years later. Sixth, grand jury subpoenas in fact were subsequently issued to cover some of the exigent letter requests. Finally, employees of the on-site providers accepted exigent letters as authority for responding to FBI requests and in many instances even drafted the exigent letters. Indeed, as described in Chapter Two of this report, CAU SSAs told us that the providers' employees were sometimes the first to brief them on the exigent letters practice. The role of the on-site providers in explaining, drafting, and accepting the exigent letters, together with the fact that these SSAs saw other personnel in the unit regularly sign and issue the letters, led these SSAs to conclude that signing exigent letters to initiate _ for telephone records was an appropriate business practice within the CAU. 247 OIG Conclusion on CAU Personnel who Signed Exigent Letters First, consistent with our standard practice, we referred the evidence that we developed regarding the signing of these inaccurate exigent letters to the Public Integrity Section of the Department's Criminal Division for its determination of whether criminal prosecution was warranted. Upon evaluating the evidence referred by the OIG, the Public Integrity Section declined prosecution for the exigent letters matter. We agree that the evidence was insufficient to support a criminal prosecution. We also agree that significant mitigating circumstances, described above, must be considered in evaluating the accountability of FBI employees who signed exigent letters. However, we also believe that none of these factors, alone or in combination, excuses an FBI employee for signing an exigent letter either knowing the letter was inaccurate, not making the effort to confirm the factual accuracy of the letter, or not raising concerns about the letter's accuracy to FBI supervisors. Simply put, we do not believe employees of the FBI should sign their names to letters making a statement that is not true, even if the letters are approved by management, sanctioned by FBI attorneys, part of an established practice, or accepted by the recipients. When FBI employees signed exigent letters attesting to the fact that "subpoenas have been submitted to the U.S. Attorney's Office who will process and serve them formally" to the communications service providers, the FBI employees who signed these letters should believe that this is true. We recognize that a few SSAs raised concerns about the exigent letters to their supervisor, CAU Unit Chief Rogers, and he instructed them to continue using the letters without changing the wording. Even in this circumstance, we believe that FBI employees confronted with this problem had other options than to simply sign the letters. They could have sought further guidance from more senior managers in the FBI, either directly or anonymously. They could have requested guidance from the FBI OGe. They could have complained to a senior CTD official or the FBI Inspection Division. They could have contacted the OIG. None of them took any of these steps. Instead, they continued to sign inaccurate exigent letters. We believe that in signing these inaccurate letters the FBI employees failed to exercise sufficient care to ensure the letters were accurate or raise concerns to others. However, we also believe Rogers was most culpable for the FBI's improper use of exigent letters. Without consulting CTD supervisors or any FBI attorneys, Rogers took an exigent letter that had been used by the FBI's New York Field Division and authorized its use in the CAU to support a variety of FBI investigations. He signed exigent letters himself and permitted his subordinates to sign hundreds of exigent letters even though 248 they contained inaccurate statements of fact on their face. In clear derogation of his duties as a supervisor, Rogers also ignored complaints from at least three SSAs in the unit who complained directly to him about the inaccurate reference in the letters to grand jury subpoenas and told them not to change a word. While this does not fully excuse the CAU personnel who signed the letters, it is an important factor to consider when assessing their perfonnance. H. FBI Personnel Involved in Media Leak Investigations As described in Ch~hree of this report, FBI personnel were involved with requests to _ reporters' toll billing records in three different media leak investigations without first obtaining the required Attorney General approval. We believe that these matters involved some of the most serious abuses of the FBI's authority to obtain telephone records. First, we believe that the FBI's overall~mentfailures described in this chapter contributed to the improper _ of reporters' records. The FBI's failure to plan for the co-location of the providers' employees resulted in the CAU's extensive use of exigent letters and after-the-fact legal process beginning in 2003. The failures in planning were compounded by the failure to train CAU personnel on the authorized means to obtain telephone records under the ECPA and on the express limitations on the FBI's authority to compel the production of particular subcategories of telephone records, including subpoenas for reporters' toll billing records. As a result, we found that requests for reporters' toll billing were handled by the CAU SSAs and Intelligence Analysts as routine records requests. When the CAU received these requests, no alarm bells went off and no higher-level supervisors provided any review of these requests. Instead, the CAU SSA and Intelligence Analyst involved in requesting or analyzing the reporters' records obtained by the FBI said they were unaware of any special regulation governing SUbpoenas for reporters' records. As described below, however, in addition to these management failures we believe several FBI personnel bore some responsibility for these serious abuses in these media leak investigations. 1. First Matter In the first media leak investigation d e ~ T h r e e (concerning classified infonnation about the _ that appeared in Washington Post and New York Times news articles), an FBI case agent exchanged e-mails with a CAU Intelligence Analyst about whether the on-site providers had the capability of retrieving records of" calling activity. Yet, in the absence of any request from the case 249 agent or others to actually obtain these records, a CAU SSA issued an exigent letter to an on-site Company A analyst requesting the reporters' records. The exigent letter, which also contained no date restrictions, was issued without the knowledge of the case agent, CTD managers, or any prosecutor. It also was issued without the required Attorney General approval or compliance with Department regulations governing subpoenas of the telephone toll billing records of reporters. We found that the re orters' records were roduced to the FBI and uploaded into a _ database, where they remained for over 3 years until the OIG identified the records in connection with this investigation and informed the FBI and the Criminal Division of this fact. We believe that the CAU SSA's issuance of the December 17,2004, exigent letter for the reporter's records under these circumstances was a serious performance failure. While exigent letters were routinely used in the CAU during this period, the SSA showed poor judgment in this instance by issuing an exigent letter in the absence of a request from the FBI case agent working on the investigation. The fact that the FBI requested and obtained reporters' records without any FBI supervisor or prosecutor knowing about it reveals the lax, sloppy, and unsupervised manner in which CAU personnel obtained telephone records from the on-site providers. The CAU SSA's explanation for issuing the exigent letter - that he "had never even read the content of these [exigent] letters," but was "just using the standard forms I was provided" - underscores the FBI's failure to train CAU personnel on the proper methods for requesting telephone records, the failure to establish firewalls between FBI personnel and the providers' employees, and the failure to ensure that CTD supervisors and FBI attorneys provided oversight of the CAU's interactions with the providers. 267 The resulting violations of federal regulation and Department policy were made significantly worse because the exigent letter did not even include a date range, and therefore the provider produced records for _ telephone calls to and from reporters, a researcher for The Washington Post, and the 2 news bureaus, with only 3 calls that fell within the time frame the case agent believed to be relevant to the investigation. We also determined that the CAU Intelligence Analyst who received and analyzed the reporters' records in response to this exigent letter was never instructed about the special rules applicable to subpoenas for obtaining reporters' toll billing records. However, he received at least one e-mail prior to receipt of the records that referenced the case agent's 267 This SSA signed 115 exigent letters, the second highest number of exigent letters signed by CAU personnel. 250 expectation that a grand jury subpoena would be forthcoming. In his e-mail to the case agent forwarding the responsive records, the Intelligence Analyst even recognized that a grand jury subpoena was still needed. We also found that the case agent failed to exercise appropriate care and attention to detail. A I ~ a CAU Intelligence Analyst sent an e-mail to the agent on January 5, _ that attached reports containing toll record infonnation for the reporters' telephone numbers, the case agent said he did not open the attachments and did not realize that they included the reporters'toll billing records. In a subsequent e-mail on March 24, _ the CAU Intelligence Analyst reminded the case agent that the January 5 e-mail contain~oductswhich reflected [Company A] toll records on several of the _ numbers that you have targeted." We believe that if the agent had exercised greater care when he received these e-mails, he would have realized that the analyst had sent him reporters' telephone records without a subpoena and without obtaining Attorney General approval as required. Moreover, if the case agent had realized he had received the reporters' records and promptly alerted his supervisors, they and the Criminal Division could have undertaken corrective measures in early ~ to address the improper collection. Because he failed to do so, the reporters' records remained in the database until June 2008, when the OIG notified the FBI of the issue. Finall ,as detailed in Cha ter Three, the FBI telephone records the FBI had nse to the exi ent letter. FBI a ents When we notified the FBI leadership in 2008 that we had discovered that the FBI had obtained reporters' telephone records improperly and without required Attorney General approval, the FBI appropriately notified the affected reporters and their newspapers, as required by federal re lation. However, in that notification the FBI did not disclose that the In Chapter Six of this report, we recommend that the FBI assess the information we developed in this review regarding subpoenas and other requests for reporters' telephone records to determine whether administrative or other personnel action is appropriate for the individuals involved. We recommend that the FBI's assessment include a review of the 251 performance of the CAU SSA who signed the exigent letter, and the case agent who received the records but failed to alert his supervisors or the Assisant United States Attorney (AUSA). In addition, we recommend that the De artment re-evaluate the policies governing the re orters because of the significant First Amendment interests We believe that the FBI cannot 2. Second Matter In the second media leak investigation discussed in Chapter Three, an AUSA (local AUSA) and a federal prosecutor approved two grand jury subpoenas. The FBI case agent had forwarded to the prosecutor for his use in drafting the subpoenas text su ested b an on-site Com an A anal st, which included re uests When the subpoenas were issued, both the case agent and the prosecutor knew that the target numbers had been in telephonic contact with a reporter during the time period specified in the subpoenas. As a result, if Company A full res onded to the sub enas the res onsive records would include but also the tele hone records of reporters Yet, in the absence of Attorney General approval or compliance with the federal regulation governing subpoenas for reporters' toll billing records, the subpoenas were issued, records were roduced to the FBI and the records were uploaded into a _ database. In our investigation, we identified this problem but also determined that in this instance no reporters' telephone records were actually provided to the FBI. When we investigated how these subpoenas were issued, the case agent told us that he had merely forwarded the on-site Company A analyst's suggested language to the prosecutor for his "consideration" and was not "prescribing that the text be used." He said the prosecutors had made "unequivocal statements that ... they were the legal advisors." We believe the case agent's explanations are insufficient and that he should have determined the meaning of in the subpoena before providing it as suggested text for the subpoena attachments. At a minimum, he should have consulted with his supervisor, CAU personnel, or 252 his Chief Division Counsel about what the phrase meant in the context of seeking telephone records in a media leak investigation. We received conflicting evidence as to whether the case agent had assured the prosecutor before the subpoenas were issued that use of the language s u ~ a n yA analyst would not result in the production of _ records. The case agent said both that he did not recall any discussion with the prosecutor about the meaning of the language and that he did not tell any of the prosecutors that the language in the subpoenas or the attachments would not request telephone records of reporters. However, the prosecutor said the case a ent had assured him that the suggested language would not result in telephone records and was needed only to ensure the retrieval of incoming and outgoing calls between the target number and others. In addition, the prosecutor's notes seem to corroborate his assertion that the case agent had told him, erroneousl ,that the Ian a e in the sub oena referring to a would not records, which would have included the records The prosecutor said he realized after the s u ~ e dand responsive records were provided to the FBI t h a t _ language in the subpoenas could have resulted in the production of reporters' records. Following consultation with Criminal Division supervisors, the prosecutor sequestered a hard-copy of the records, witnessed the case agent delete the electronic records from the case agent's e-mail, and consulted with the Department's Office of Enforcement Operations about whether the reporter should be notified in accordance with federal regulations. We believe the prosecutor and the Criminal Division acted responsibly in addressing the issue once the realized that the sub oena could have generated the reporter's records However, to ensure that the FBI deleted all copies of the records, the Criminal Division and the CAU should have conferred to see if additional steps were necessary to address other FBI e-mails attaching the records. Additionally, we believe that prosecutors who approve grand jury subpoenas should review them carefully and ensure they understand what is being requested. In the case of these two subpoenas, the local AUSA who was facilitating issuance of grand jury subpoenas initialed the subpoenas, without attachments, even though the subpoenas said on their face, "Please see attachment." We believe that the local AUSA should not have initialed subpoenas without reviewing and understanding the attachments. We recommend that the FBI provide periodic guidance to FBI personnel on the special regulations and policies governing subpoenas of 253 news reporters' toll billing records. We also recommend that the FBI, in conjunction with Department of Justice attorneys, review Department policy regarding responsibility for authorizing grand jury subpoenas when prosecutors share responsibility for investigations with U.S. Attorneys' Offices. 3. Third Matter In the investigation of a third media leak matter discussed in Chapter Three, employees of Company A, Company B, and Company C _ their databases for records of telephone calls of a cellular phone number used by a reporter. However, the government served no legal process on any of the on-site providers authorizing the _ of the reporter's calling activity. We determined that prior to a gr~ena had been issued to Company A for toll billing records _ The subpoena was requested by an FBI Special Agent and was _ prepared by personnel in a U.S. Attorney's Office. Although the Special Agent said that his supervisor or one of the prosecutors associated with a related investigation probably had directed him to have the subpoena prepared, the FBI supervisor said he did not recall directing the Special Agent to do so, and the prosecutors said they knew nothing about the subpoena. 268 We determined that in res anal st _ on listed in the subpoena. In e-mail exchanges, the Special Agent informed a Company A analyst of the name and cellular phone number of a reporter, facts explaining the relevance of calling activity by the reporter to the investigation, and information indic~ularphone number of the reporter was in contact with _ of the subpoena during a articular eriod. When the Company A analyst concluded his of and did not see records of calling activity between and the reporter's cellular phone number, on his own he Company A's database for records of calling activity by the reporter's cellular phone number. The Company A analyst downloaded and reviewed the calling activity records but did not identify any calls between the reporter's cellular ~any A 268 As noted in Chapter Three, we found evidence that the S p e ~ supervisor participated in the interview of the person associated with _ _ _ _ prior to the issuance of the subpoena. 254 phone number and during the specified period. The Company A analyst reported t ~ tthat there were no records of calling activity between _ and the reporter's cellular hone number, but did not advise the Special Agent that he had the of the reporter's cellular phone number as well as • Thereafter, the Company A analyst provided the CAU Prim Relief the reporter's telephone number, _ , and a 3-day date range. Without receipt of any legal process, and in the absence of A_tome General approval, the Company B and Company C on-site employees their respective databases for both the reporter's and the calling activity during the 3-day t i m ~ identified by the Special Agent to the Company A analyst. 269 _ of the calling activity by the • specified telephone numbers appear to have been sneak peeks, a practice we describe in C ~this report. As with the CAU's use of sneak peek~, _ were conducted without any legal process. While _ its database for calling activity by the reporter, Company B identified responsive records, although we found no evidence that these records were uploaded into FBI databases. ~sor with Thus, the Company A analyst _ Company A's records for the reporter's calling activity without any legal process and absent a specific request from the Special Agent or anyone in the FBI or DOJ. In our view, this case again illustrates one of the hazards of having the providers' employees on-site and the total absence of supervision and oversight of the communications service providers' employees by CTD managers and FBI attorneys. Moreover, even if the Special Agent did not specifically ask the providers' employees to _ the reporter's calling activity, by providing the reporter's cellular phone number and details about the calling activity of interest to the compan_A anal st, the Special Agent set in motion events that led to unauthorized for the reporter's calling activity by all three providers and to of the reporter's toll billing records by Company A and Company B. We are also troubled by the fact that the on-site employees of Company C and in all likelihood Company B were asked by the CAU Primary Relief Supervisor without legal process to calling activity by the reporter's telephone number to determine whether the reporter had been 269 The Company B included 1 day before and 1 day after the 3-day period provided by the Special Agent to the Company A analyst. 255 in contact with the This is yet another example of the improper processes and lax controls in the CAU. In Chapter Six of this report, we recommend that the FBI assess the information we developed in this review regarding subpoenas and other requests for reporters' telephone records to determine whether administrative or other personnel action is appropriate for the individuals involved. III. Conclusion As discussed in this chapter, we found serious and repeated management failures that led to the FBI's use of exigent letters and other improper requests for telephone records from the on-site providers. In addition to these management failures, we identified failures on the part of FBI supervisors and attorneys who did not take sufficient action to avoid, prevent, or correct the improper use of exigent letters and other informal requests for telephone records. We recommend that the FBI review the conduct and performance of these individuals, as described in this report, and determine whether discipline or other action with regard to each of them is appropriate. 270 270 Several of the individuals whose performance we criticize have resigned or retired from the FBI, including former CTD Assistant Director Joseph Billy, Jr., former CTD Assistant Director Michael Heimbach, former CXS Assistant Section Chief Glenn Rogers, and former NSLB Deputy General Counsel Julie Thomas. 256