Skip navigation

Review of the Fbi Use of Exigent Letters and Other Requests for Phone Records 2010 Partj

Download original document:
Brief thumbnail
This text is machine-read, and may contain errors. Check the original document to verify accuracy.
CHAPTER SIX
CONCLUSIONS AND RECOMMENDATIONS
I.

Conclusions

The ola conducted this review of the FBI's use of exigent letters and
other informal requests for telephone records to examine the circumstances
under which they were used and to assess the accountability of FBI senior
officials, supervisors, and employees who were responsible for these
practices. This report supplements our findings on exigent letters that were
described in our first NSL report issued in March 2007, and our second NSL
report issued in March 2008.
A.

Exigent Letters and Other Informal Requests

In this report, we found widespread use of exigent letters and other
informal requests for telephone records that did not comply with legal
requirements or FBI policies governing acquisition of these records. We
determined that this practice began in 2003, when the FBI
Counterterrorism Division's (CTD) new Communications Analysis Unit
(CAU) started using exigent letters to acquire subscriber and telephone toll
billing records information from three on-site communications service
providers. Glenn Rogers, the CAU Unit Chief at the time, said he approved
the use of exigent letters in the CAU because the letters had previously been
accepted by Company A during the FBI's New York Field Division's criminal
investigations of the September 11 hijackers and because a Company A
analyst had assured him they were "approved by the lawyers." However,
Rogers did not consult with any attorneys in the FBI Office of the General
Counsel's (FBI OGq National Security Law Branch (NSLB) or other FBI
Headquarters' attorneys about whether the letters could be used in national
security investigations or other FBI investigations.
In 2003 and 2004, the FBI entered into contracts with Company A,
Company B, and Company C that established arrangements whereby these
companies placed their employees in the CAUls office space so they could
expeditiously respond to FBI requests for telephone records. For example,
pursuant to its contract with the FBI, Company A made available to the
CAU, in a readil retrievable format, toll billin records

257

We found that from March 2003 to November 2006, CAU personnel
issued 722 exigent letters for telephone records from these 3
communications service providers. One exigent letter was signed by a CXS
Assistant Section Chief, 12 were signed by CAU Unit Chiefs, 706 were
signed by CAU Supervisory Special Agents (SSA). and 3 were signed by CAU
Intelligence Analysts.

Most of the 722 CAU exigent letters stated:
Due to exigent circumstances, it is requested that records for
the attached list of telephone numbers be provided. Subpoenas
requesting this information have been submitted to the U.S.
Attorney's Office who will process and serve them formally to
[Company A, Company B, or Company C] as expeditiously as
possible.
However, in our investigation we determined that in some instances
CAU SSAs signed exigent letters even though they believed that the factual
statements in the letters were inaccurate. For example, CAU Unit Chief
Rogers and several SSAs told us they signed exigent letters even though
they recognized at the time that subpoenas requesting the records had not
been submitted to the U.S. Attorney's Office, as the letters stated.
Moreover, we found a few instances in which the signers of exigent letters
did not know whether there were exigent circumstances or signed the letters
even though they questioned the letter's accuracy about whether an
emergency existed.
When we asked FBI supervisors and employees why they issued such
letters when they knew that no subpoena had been requested, no one could
satisfactorily explain their actions. Instead, they gave a variety of
unpersuasive excuses, contending either that they thought someone else
had reviewed or approved the letters, that they had inherited the practice
and were not in a position to change it, that the communications service
providers accepted the letters, or that it was not their responsibility to follow
up with appropriate legal process.
In official memoranda distributed to all FBI personnel in January
2003, CTD managers referred to a practice whereby the CAU could obtain
records from Company A prior to service of legal process. In November
2003, Rogers issued an electronic communication to CAU personnel that
specifically mentioned exigent letters.
We determined that the FBI's use of exigent letters became so casual,
routine, and unsupervised that employees of all three communications
service providers told us that they - the company employees - sometimes
generated the exigent letters for CAU personnel to sign and return to them.

258

In fact, one of the on-site Company A analysts established an icon on his
computer desktop at the CAU so he could quickly generate exigent letters
for CAU personnel to sign.
We also found that FBI personnel routinely uploaded ~ toll
billin records obtained in response to exigent letters into a _
database where the records were available for
review and analysis by
employees throughout the
government who were authorized to access the database.
Most of the exigent letters and other infonnal requests did not include
date ranges for the records requested. Similarly, the CAU's other infonnal
requests to the on-site communications service providers (such as those
communicated bye-mail, in person, on pieces of paper, or by telephone)
frequently did not have date parameters. As a result, the FBI often obtained
substantially more telephone records, covering longer periods of time, than
FBI agents typically obtain when serving NSLs with date restrictions. In
addition, in cases where the date range established the relevance of the
infonnation sought to the investigation, its omission meant that records
were received and uploaded into a
database in violation of the ECPA's requirement that the records sought be
relevant to a national security investigation.
We also found that the FBI did not track its use of exigent letters or
even keep copies of them. When the CAU first began using exigent letters in
March 2003, it failed to establish procedures to track the letters or even
ensure that legal process was promptly obtained and served on the
providers. Instead, the CAU had to rely on the on-site providers to identify
the records for which they were still owed legal process.
In addition to exigent letters, we detennined that the FBI used other
infonnal methods to request and obtain ECPA-protected records and calling
activity infonnation from the on-site providers. These infonnal methods
included requests made bye-mail, face-to-face requests, requests on pieces
of paper (including post-it notes), and telephonic requests made without
first providing legal process or even exigent letters. As was the case with
exigent letters, these requests were not approved or signed by FBI officials
specially delegated to issue NSLs under the ECPA, were not accompanied by
the certifications required for NSLs issued under the ECPA, and were not
consistently documented or tracked in the CAU.
We concluded that the FBI's use of exigent letters and other infonnal
requests for telephone toll billing records circumvented, and in many cases
violated, the requirements of the ECPA statute.

259

As described in this report, the ECPA generally prohibits
communications service providers from disclosing toll records information
except in certain limited circumstances set forth in the statute. The
relevant exceptions require providers to disclose such infonnation in
response to legal process such as NSLs, and pennit voluntary disclosures in
emergencies involving danger of death or serious physical injury.
Yet, the exigent letters and other informal requests were not valid
legal process for compelling the disclosures pursuant to 18 U.S.C. § 2709.
Section 2709 of the ECPA authorizes the FBI to compel the production of
toll records through NSLs issued by statutorily designated high-level FBI
officials who certify that the records sought are relevant to an authorized
national security investigation. As we described in our report, the exigent
letters and verbal, e-mail, or handwritten requests routinely used by CAU
personnel to request toll billing or other calling activity infonnation from the
providers did not meet these requirements. For example, none of the
individuals who signed exigent letters issued by the CAU were among those
specially delegated officials authorized to sign NSLs.271 Further, none of the
exigent letters contained a certification that the records sought were
relevant to an authorized national security investigation or that any
investigation of a U.S. person was not conducted solely on the basis of
activities protected by the First Amendment to the Constitution of the
United States.
In response to our fmdings, the FBI asserted that its use of exigent
letters and other infonnal requests may have been justified under the
emergency voluntary disclosure provision of the ECPA, Section 2702(c)(4).
During 2003 through March 2006 - the period when most of the exigent
letters were issued - that section authorized a provider to voluntarily release
toll records infonnation to a governmental entity if the provider "reasonably

271 The ECPA NSL statute authorizes only the FBI Director or his designees in
positions not lower than Deputy Assistant Director (DAD) or field division-based Special
Agents in Charge (SAC) to sign NSLs compelling communications service providers to
produce subscriber and toll billing records information in investigations of international
terrorism or espionage. See 18 U.S.C. § 2709. As Diagram 2.2 in Chapter Two illustmtes,
by issuing exigent letters the FBI substituted a I-step process in which CAU personnel
signed requests for telephone records without supervisory review by those officials
authorized by the ECPA to approve and certify the FBI's basis for requesting these types of
records, and without the documentation of the predication for the requests that FBI policy
required.

260

believe[d} that an emergency involving immediate danger of death or serious
physical injury justifie[d] disclosure of the information. "272
We recognize that some - but not all- of the FBI's requests may have
been made in circumstances that qualified as emergencies under the
applicable emergency voluntary disclosure provision. For example, as we
described earlier, exigent letters and other informal requests were used to
obtain records in connection with Operation Y an investi ation of a terrorist
lot in
to detonate ex losives
At
least one provider's employee told us that he was informed of the nature of
the threat in that matter. 273
However, other exigent letters and informal requests were used in
circumstances that do not appear to qualify as emergencies under Section
2702. For example, as described in Chapter Four, although CAU personnel
used exigent letters and other informal requests to obtain records from all 3
providers relating to over 400 telephone numbers in connection with
"Operation Z," the Unit Chief and an SSA of the operational unit responsible
for that high-profile counterterrorism operation told us that they did not
believe the CAU requests were made in exigent circumstances. 274 In

272 18 U.S.C. § 2702(c)(4) (Supp. 2002). In March 2006, the provision was amended
to allow voluntary disclosure "if the provider, in good faith, believes that an emergency
involving "danger of death or serious physical injury to any person requires disclosure
without delay of information relating to the emergency." USA PATRIOT Improvement and
Reauthorization Act of 2005, Pub. L. No. 109-177, § 107(b)(1)(B), 120 Stat. 192 (2006). The
legislative history of a similar amendment to Section 2702(b)'s emergency voluntary
disclosure provision for content information suggests that the belief standard was relaxed
because communications service providers "expressed concern to the Committee that the
[reasonably believes) standard was too difficult for them to meet and that, as a result,
providers may not disclose information relating to emergencies." Cyber Security
Enhancement Act of 2002, H.R. Rep. No. 107-497, at 12-13 (2002). The Committee report
that accompanied the amendments to Section 2702(b) also stated that the Section was
"aimed at protecting providers who in good faith attempt to assist law enforcement with an
emergency situation." Id. at 14. However, it also stated that the amendment "does not
change the standard or lower the standard for law enforcement behavior." Id.
273 Company B's representative said he was told by CAU personnel that "it could be
the next 9/ 11." However, Company B provided the fewest records to the FBI in connection
with this operation. In contrast, one of Company A's employees told us he received no
briefmg from the CAU regarding this operation, and the other employee stated that he
worked on the matter for several weeks before becoming aware that the records he was
providing were associated with Operation Y.
274 After reviewing a draft of this report, the FBI provided the OIG with several
contemporaneous e-mails beginning on June 12,2006, which it asserted would
demonstrate the emergency nature of Operations Z. However, we concluded that those e(Cont'd.)

261

addition, an FBI e-mail shows that the Unit Chief refused to state in the EC
that was belatedly drafted to document the predication for the CAU's
Operation Z requests that the requests were made in circumstances Judged
to be exigent. "275
Several factors make it difficult to determine whether and when the
FBI's other uses of exigent letters and informal requests satisfied Section
2702's emergency disclosure exception. First, given the FBI's lack of
internal controls over the process of requesting records by exigent letters
and other informal requests, it is difficult for the OlG or the FBI to
determine with certainty today how many of the requests were made in
circumstances satisfying Section 2702(c)(4). Indeed, the FBI has conceded
that the lack of documentation for the requests and their connection to
particular investigations has impeded its efforts to demonstrate which
requests clearly were made in Section 2702 circumstances.
Second, the FBI officials who were most familiar with the exigent letter
practice at the time the letters were in use - including Glenn Rogers,
Bassem Youssef, and the NSLB Assistant General Counsel- unequivocally
stated to us that they did not consider the letters at the time they were
made to be requests for voluntary production pursuant to Section 2702.
In addition, as described in Chapter Two, the evidence shows that
CAU personnel who made the requests did not understand "exigent
circumstances' to be synonymous with the definition of qualifying
emergencies under 2702. Although some agents and analysts said an
"exigent" matter included a life-threatening matter, others described it as an
important, pressing, fast-moving, or high-priority matter, and others said it
was a matter in which a high-level FBI official demanded the
information.
Finally, even assuming that some of the investigations associated with
the exigent letter requests were qualifying emergencies under the statute,
the evidence is insufficient to determine whether the providers had the
statutorily required belief that such emergencies justified voluntary
disclosure. Relevant factors to this issue include that the exigent letters did

mails reflected the importance of the investigation, but did not convey that emergency
circumstances existed and required disclosure without waiting for legal process. Indeed,
with regard to the earliest request for records reflected in these e-mails, we found that the
operational unit issued an NSL for the records.
275 We found other examples of use in non-emergency circumstances, such as the
exigent letters used to obtain reporters' records and records relating to a fugitive
investigation described in Chapter Three.

262

not request voluntary disclosure, but instead stated that compulsory legal
process (generally grand jury subpoenas) had already been requested and
would be served "as expeditiously as possible." In addition, employees of
the on-site providers told us they usually were given no information about
the circumstances underlYing the exigent letters or other informal requests
for records, and that they "assumed" the circumstances were exigent.
Further, at least one of the provider's employees told us he had doubts
about whether the requests were trulyexigent. 276 Under these
circumstances, it is difficult to determine whether and when the providers'
employees had the statutorily required "reasonable" or "good faith" belief
that the requisite emergency circumstances existed. 277
After reviewing a draft of this report, the FBI also asserted for the first
time that as a matter of law the FBI is not re uired to serve NSLs to obtain
"records associated
in national security
investigations. According to the FBI, the majority of exigent letter and other
informal re uests discussed in this re ort were for tele hone records.
the FBI
could have obtained these records without any legal process or qualifying
emergency through voluntary production by the communications service
providers. 278

'1:76 This provider ultimately required FBI requesters to endorse a stamped
certification that tracked the statutory language in Section 2702 before the provider would
provide records in response to exigent letters.

277 Mter reviewing a draft of this report, the FBI asserted that the legal standard of
Section 2702 could be met when an FBI employee requested telephone records in a
qualifying emergency, regardless of whether the FBI employee was aware of the statute.
The FBI also asserted that the providers could form a "reasonable" or "good faith" belief that
an emergency existed without necessarily knowing the facts surrounding the emergency.
As described above, however, with some exceptions the providers frequently received no
information about the investigation for which records were requested, or even a generalized
representation that an emergency situation existed.
278 We disagree with the FBI's statement that the majority of exigent letter and
other informal requests discussed in this report were for telephone records _
In fact, we determined, based on the FBI's records that the ma'ori of its
_
exi ent letter re uests were for toll billing records associated
We were unable to reach a conclusion concerning the percentage
requested through informal means other than
exigent letters, because the records for these requests (some of which were oral or written
on post-it notes) are incomplete and therefore unreliable.

263

The FBI did not rely on this section when it requested and obtained
the records discussed in this report. However, after reviewing a draft of the
OIG report the FBI asked the Office of Legal Counsel (OLC) for a legal
opinion on this issue. 28o When makin the re uest for an OLC 0 inion, the
FBI stated that

On January 8,2010, the OLC issued its opinion, concluding that the
ECPA "would not forbid electronic communications service roviders
In
short, the OLC agreed with the FBI that under certain circumstances
allows the FBI to ask for and obtain these records on a

279 The Stored Communications Act, codified in Chapter 121 of Title 18 at 18 U.S.C.
§§ 2701-2712, was enacted in 1986 as part of the ECPA. The Stored Communications Act
contains the relevant NSL and other FBI access to toll billing records provisions at issue in

this report.
280 The FBI presented the issue to the OLC as follows: "Whether Cha ter 121 of
Title 18 of the United States Code a lies to call detail records associated

264

voluntary basis from the providers, without legal process or a qualifying
emergency.
It is important to note that the FBI acknowledged in its July 2009

comments to a draft of this re ort that it had never considered or relied
upon
when it obtained any of the telephone
records at issue in this report. Moreover, it cannot be known at th~oint
whether an rovider would have divulged such records based on •
alone, and without the FBI's representation to the
provider that an NSL or other compulsory legal process would be
served.
For the reasons discussed below, we believe the FBI's potential use of
to obtain records has significant policy implications that
need to be considered by the FBI, the Department, and the
Congress.

The FBI has stated that it does not intend to rely on
However, that could change, and we
believe that appropriate controls on such authority should be considered now, in light of
the FBI's past practices and the OLe opinion.
283

265

284 Under 18 U.S.C. § 2709(b) the FBI may only issue NSLs to obtain such records
upon the certification that the records sought are relevant to an authorized
counterterrorism or counterintelligence investigation. In the voluntary context, the FBI
may request and obtain such records under 18 U.S.C. § 2702(c)(4) only if "the provider, in
good faith, believes that an emergency involving danger of death or serious physical
injury to any person requires disclosure without delay of information relating to the
emergency."
285 For example, requests for voluntary disclosure under the emergency
circumstances provisions of the ECPA NSL statute must be approved at a level not lower
than an Assistant Special Agent in Charge in a field office and a Section Chief at
Headquarters. See FBI aGC Electronic Communication (EC) to all Divisions (March 1,
2007), at 4. The EC also advises that approval of such requests must be in writing, even if
the initial approval was oral. The rank of the approving official for NSLs is set by statute at
Special Agent in Charge in field offices and Deputy Assistant Director at Headquarters. See
18 U.S.C. § 2709(b).
286 Under the ECPA NSL statute, the FBI is required to report to certain
congressional committees, on a semiannual basis, concerning all NSL requests made under
Section 2709(b). See 18 U.S.C. § 2709(e).
287 Moreover, other collections of similar types of records for intelligence activities
contain statutorily mandated approval, minimization, and reporting requirements. For
example, the FISA business records rovisions rovide useful com arisons as to how such
intelligence activities are regulated,
Under
these provisions, the FBI may apply to the FISA Court for an order requiring the production
(Cont'd.)

266

of business records and other tangible things "to obtain foreign intelligence information not
concerning a United States person." See 50 U.S.C. § 1861. By statute, use of this
authority is subject to extensive Attorney General-approved minimization procedures
governing how information acquired concerning U.S. persons must be retained and
disseminated. Id. at § 1861(g). The FBI is also sub'ect to com rehensive con essional
~quirementsas to all orders it obtains,
~ Id. at § 1862.
288 As discussed in this report, under the ECPA NSL statute, the FBI may only seek
toll billing records when relevant to an authorized counterterrorism or counterintelligence
investigation, provided that the investigation of a U.S. person is not conducted solely on the
basis of activities protected by the First Amendment to the Constitution. See 18 U.S.C. §
2709(b). Provisions in the FISA statute similarly protect U.S. persons with respect to FBI
applications to the FISA Court seeking orders to produce business records (50 U.S.C. §
1861(a)(2)(B)) and to conduct electronic surveillance (50 U.S.C. § 1805(a)).
289 We recognize that the FBI's Domestic Investigations and Operations Guide
(DIOG) and Executive Order 12,333, as amended, contain restrictions on how the FBI can
collect, use, and disseminate intelligence, particularly with respect to the privacy and civil
liberties interests of U.S. persons. However, these constraints are not statutory.

267

We believe that
creates a significant gap
in FBI accountability and oversight that should be examined closely by the
FBI, the Department, and Congress.
It is also important to recognize that the FBI advanced the _

only after the OIG found repeated misuses of its statutory
authority to obtain telephone records through NSLs or the ECPA's
emergency voluntary disclosure provisions. We believe that, given the
abuses described in this report, it is critical for the Department and
Congress to consider appropriate controls on an use b the FBI of
its authority to obtain records voluntarily

We also recommend that the Department notify Congress of this
issue and of the OLC opinion interpretin the sco e of the FBI's authority
under it, so that Congress can consider
and the
implications of its potential use.
B.

Other Informal Requests for Telephone Records

We found that without any documentation for the requests except
possibly e-mail messages, CAU personnel routinely asked the on-site
providers' employees to provide calling activity information in response to
what were referred to as "sneak peeks." Using sneak peeks, the FBI
requested the providers' employees _
their databases and tell the
FBI whether they had any records on specified telephone numbers. At the
FBI's request, the providers would conduct sneak peeks and sometimes give
the FBI additional information about the telephone records, such as
whether there was callin activi between specified numbers or calls to or
from certain
These sneak peeks were conducted
without any legal process whatsoever.
We also concluded that many of these sneak peeks violated the ECPA,
which prohibits communications service providers from knowingly divulging
"a record or other information pertaining to a subscriber to or customer of
such service ... to any governmental entity" except pursuant to legal
process or in certain limited circumstances set forth in the statute. 18
U.S.C. § 2702(a)(3). The relevant exceptions require providers to disclose
such records or information in response to compulsory process, such as

268

NSLs, and also permit voluntary disclosure based on the providers' good
faith-belief of a qualifying emergency.291 We concluded that the FBI did not
serve legal process under the ECPA for the information it received pursuant
to sneak peeks.
In addition, we do not believe that the sneak peek practice complied
with the ECPA's emergency voluntary disclosure provision for several
reasons. First, the practice was described to us as a routine occurrence in
the CAU and not limited to "exigent" or emergency circumstances. Second,
some of the specific instances where the sneak peek practice was used
included media leak and fugitive investigations which did not meet the
emergency voluntary disclosure provision. Third, the FBI's lack of internal
controls over the sneak peek practice has made it impossible to reliably
determine how many or in what circumstances sneak peek requests were
made, and what the providers were told or believed about the reasons for
these requests.
Our review also found that the FBI improperly asked Company A's
on-site employees to conduct "community of interest" _
In response
to a communi of interest
re uest, Com an A would retrieve
records
Although we could not
determine due to the FBI's lack of documentation how often the FBI
requested these community of interest _
or how often Company A
provided such records to the FBI, we found at least 52 exigent letters, 250
NSLs, and 350 grand jury subpoenas served on the on-site providers that
included such requests.
The FBI's community of interest _
requests were often included
in the boilerplate attachments to NSLs. We found that FBI officials who
signed NSLs that contained community of interest requests often were not
aware they were making such r e ~ In such instances, the FBI issued
NSLs with community of interest _
requests without first conducting,
or documenting in the NSL approval m e ~ECs), any
assessment of the possible relevance of _
telephone
numbers to the underlying investigation. Absent such an assessment, we
believe the FBI did not satisfy the ECPA requirement to issue NSLs in
national security investigations only upon certification by those authorized

291 As described previously, prior to March 2006, this exception required the
provider to have a "reasonable belief' that a qualifying emergency existed.

269

to sign NSLs that the records sought are relevant to authorized national
security investigations. 292
We also found that the FBI's community of interest
ractices
resulted in the FBI obtaining and uploading into a
database thousands of telephone records for
telephone numbers without the advance determination
by an SES-Ievel official that the records were relevant to an authorized
international terrorism investigation. In addition, the FBI is unable with
~ f y today which records in the database are associated with
_
numbers and whether those numbers were relevant to
the underlying investigations for which they were requested. We also
concluded that the FBI did not recognize the implications of Company A's
community of interest _
capability when Company A first posted its
analysts on-site at the CAU; did not issue written guidance in coordination
with the FBI OGC about the circumstances in which such requests were
appropriate under the ECPA; did not establish an approval process for such
requests or ensure that the predication for these requests was properly
documented in approval ECs; and did not ensure that records sought in
community of interest _
requests were included in required reports to
Congress on NSL usage.
Our review also uncovered other irregularities in the manner in which
the FBI obtained toll billing records and other information from the on-site
~ . From 2004 through 2006 Company A and Company C _
calling activity by certain "hot numbers" identified to them by CAU
_
personnel. Without serving legal process or even exigent letters, CAU
personnel requested that the companies _
the calling activity
information for a total of at least 152 of these hot telephone numbers. The
on-site Company A analyst thereafter provided the FBI (either verbally or by
e-mail) calling activity information for at least 42 hot numbers during the
period covered by our review.
Based on the Office of Legal Counsel's legal analysis of the ECPA in its
November 5, 2008, opinion, we concluded that the calling activity
information provided to the FBI on the "hot numbers" constituted "a record
or other information pertaining to a subscriber or a customer," under the
ECPA.293 Therefore, we concluded that absent valid legal process or a
qualifying emergency, the FBI was not authorized to obtain this
information.

292

See 18 U.S.C. § 2709(b).

293

18 U.S.C. § 2702(a)(3).

270

We found that the FBI did not serve legal process on the providers in
advance of receiving information about hot numbers. Moreover, we found
no evidence that the FBI requested, or the providers gave the FBI, this
information pursuant to the emergency voluntary disclosure provision of the
ECPA. Instead, it appears that the information was disclosed as part of the
contractual arrangement between two of the providers and the FBI, and was
often used in connection with fugitive matters that did not qualify as
emergency situations under Section 2702.
Therefore, we concluded that the FBI's practice of requesting and
obtaining calling activity information about hot numbers without service of
legal process violated the ECPA.
We also examined whether information obtained in response to
exigent letters or other informal requests were used in applications for
electronic surveillance or pen register / trap and trace orders filed with the
Foreign Intelligence Surveillance Court (FISA Court). The Department's
National Security Division (NSD) and the FBI reviewed 37 FISA applications,
which together referenced a total of 35 unique telephone numbers, to
determine whether FBI declarations filed in support of the applications
accurately stated the basis for verifying subscriber or calling activity
information. We found five misstatements in four declarations, which were
filed under oath by FBI personnel. The declarations inaccurately stated that
the FBI had acquired subscriber or calling activity information from NSLs
when in fact the information was acquired through other means, such as
exigent letters, an emergency disclosure letter, and a verbal request to the
communications service providers. Moreover, several of the NSLs referred to
in the four applications were served at least 2 months after the FISA Court
issued the requested orders.
As a result of this review, the NSD notified the FISA Court of the
inaccurate statements. The NSD concluded that, under the ECPA, the
inaccurate statements made in the FBI declarations were non-material. Yet,
even though the inaccurate statements may have been non-material to the
FISA application, we believe that any inaccurate statements to the FISA
Court are serious and affect the credibility of representations made by the
government.
It is also important to note that we reviewed only a small percentage

of the FISA Court applications that may have relied upon information
derived from exigent letters or other improper means. Based on our results
in these cases, we believe there are likely other similar inaccurate
statements in other applications. Moreover, no one in the FBI and the NSD
who reviewed these applications prior to their submission to the Court had
identified the inaccurate statements. Thus, our review concluded that the
FBI and the NSD failed to provide adequate supervision and oversight to

271

ensure the accuracy of the FBI's declarations filed in support of applications
seeking FISA Court orders.
Our investigation also uncovered FBI misuse of administrative
subpoenas to obtain telephone records. We determined that some
administrative subpoenas served on the on-site communications service
providers were preceded by "sneak peek" requests through which the on-site
providers' employees would first check their databases to determine if
records of interest were contained in the databases. In some cases, the
providers even gave the FBI records or other calling activity information
prior to the service of administrative subpoenas.
We concluded that the ECPA was violated when the FBI obtained
ECPA-protected telephone records without first issuing appropriate legal
process. The ECPA requires communications service providers to disclose
local and long distance non-content telephone records "when [the FBI] uses
an administrative subpoena authorized by a Federal ... statute ...."294
However, the ECPA does not authorize the FBI to obtain ECPA-protected
records or information and then serve an administrative subpoena.
Accordingly, we believe that the FBI's receipt of records obtained prior to
issuance of administrative subpoenas violated the ECPA.295
We also found that from 2003 to 2006 the FBI served at least 54
administrative sUbpoenas pursuant to 21 U.S.C. § 876 for toll b i l H .
records as part of the fu~tionconducted by the FBI's
This statute authorizes the use of
Field Division regarding _
administrative subpoenas in connection with an active narcotics
investigation to which the records sought are relevant. However, some of
these sUbpoenas were issued when the FBI's _
Field Division had no
active narcotics investigation to which the requested records were relevant.
Therefore, this was an improper use of Title 21 administrative subpoenas.
Further, the CAU SSA who signed seven of the sUbpoenas was not among
those officials delegated authority under the statute to sign administrative
subpoenas.

C.

FBI Attempts at Corrective Actions

As discussed in Chapter Four of this report, from late 2003 through
March 2007 when the OIG issued its first NSL report the FBI made various

,.. 18 U.S.C. § 2703(c){2).
29S We found no evidence that these were emergency voluntary disclosures
pursuant to Section 2702.

272

attempts to address issues arising from the CAU's use of exigent letters and
other infonnal means to obtain telephone records. However, during this
time period the FBI's actions were seriously deficient and ill-conceived, and
the FBI repeatedly failed to ensure that it complied with the law and FBI
policy when obtaining telephone records from the on-site communications
service providers. For example, during this period the FBI regularly issued
after-the-fact NSLs, which were an inappropriate tool for remedying the
FBI's improper exigent letter practices. Additionally, the FBI issued 11
improper blanket NSLs to try to "cover" or validate the improperly obtained
records. These attempts were inconsistent with the ECPA NSL statute, the
Attorney General's NSI Guidelines, and FBI policy.
By contrast, after the OIG issued its first NSL report in March 2007,
the FBI took several appropriate actions to address the problems created by
exigent letters. The FBI ended the use of exigent letters; issued clear
guidance on the proper use of NSLs and the ECPA emergency voluntary
disclosure statute; and conducted an audit of NSLs issued by field and
Headquarters divisions from 2003 through 2006, the results of which were
summarized in the DIG's second NSL report released in March 2008. The
FBI also directed that its personnel be trained on NSL authorities; agreed to
the move of the communications service providers' employees off FBI
premises; and expended significant efforts to determine whether improperly
obtained records should be retained or purged from FBI databases.

1.

The FBI's Initial Attempts at Corrective Action

As detailed in Chapter Four of this report, in late-December 2004 the
CAU asked NSLB attorneys to issue an after-the-fact NSL to cover records
that had previously been provided to the CAU. By late 2004, FBI National
Security Law Branch attorneys, including Deputy General Counsel Julie
Thomas, learned about the CAU's use of exigent letters, but the NSLB failed
to examine the practice adequately to ensure that it comported with the law,
the Attorney General's NSI Guidelines, and FBI policy. Instead, the NSLB
sought to devise a process to expedite issuing after-the-fact NSLs for records
that the CAU had requested in emergency circumstances pursuant to
exigent letters.
Yet, these after-the-fact NSLs were legally flawed. Although the NSLB
accepted the CAU's use of exigent letters with the promise of future legal
process, the ECPA authorizes the FBI to compel the production of records or
other covered infonnation only upon certification in writing by specified
senior officials that the records sought "are relevant to an authorized

273

investigation to protect against international terrorism or clandestine
intelligence activities" and that any investigation of a U.S. person "is not
conducted solely on the basis of activities protected by the first
amendment."296 After-the-fact legal process, no matter how soon after the
fact, is not authorized either by the ECPA NSL statute, the Attorney
General's NSI Guidelines, or FBI policy. Additionally, none of the
after-the-fact NSLs cited the ECPA emergency voluntary disclosure statute
as authority for the previous _
Although the CAU began to obtain after-the-fact legal process more
quickly, the backlog of records requests persisted. The backlog began
during Glenn Rogers's tenure as CAU Unit Chief and continued after
Bassem Youssef became the CAU Unit Chief in November 2004. While some
after-the-fact NSLs were issued by FBI field and Headquarters divisions and
the NSLB to address the backlog. we found that neither Rogers nor Youssef
took appropriate steps to ensure that the CAU tracked or adequately
addressed the backlog. Neither supervisor ensured that FBI personnel who
had asked the CAU for records issued the appropriate NSLs or. if these
efforts were unsuccessful, alerted senior CTD managers to the problem. As
a result. by mid-2006 the FBI had a backlog of record requests for more
than 900 telephone numbers. In addition, neither Youssef nor any other
CAU personnel sufficiently informed NSLB attorneys of the full scope of the
problems the CAU was facing regarding the backlogged record requests.
The FBI attempted to address the backlog by issuing 11 blanket NSLs
that were designed to "cover" or validate telephone records that had been
provided to the FBI pursuant to exigent letters or other informal requests.
The FBI attached to the blanket NSLs signed by senior CTD officials lists
that included telephone numbers that had been _
by the on-site
providers as long as 3 years earlier.
However, these blanket NSLs were improper and flawed. and they did
not comply with the ECPA NSL statute, Attorney General's NSI Guidelines,
and FBI policy. As noted above, the ECPA does not authorize the FBI to
cover the prior production of telephone records or ECPA-protected calling
activity information by issuing after-the-fact NSLs. In addition, the blanket
NSLs included telephone numbers relevant to criminal or domestic
terrorism investigations for which NSLs were not an authorized technique
under the ECPA NSL statute, the Attorney General's NSI Guidelines, or FBI
policy. Additionally, the blanket NSLs were not accompanied by required
approval ECs, and most of them did not contain the required certifications

296

See 18 U.S.C. § 2709(b).

274

for NSLs imposing non-disclosure and confidentiality obligations on the
recipients. Finally, the after-the-fact blanket NSLs did not retroactively cure
any violations of the ECPA that occurred when the FBI requested and
received records without legal process and in the absence of a qualifying
emergency.

2.

Corrective Actions after the OIG's First NSL Report

By contrast, after the FBI received the OIG's first NSL report it began
to take appropriate steps to address the improper use of exigent letters and
other informal requests for telephone records. In March 2007, the FBI OGC
issued guidance directing that FBI personnel no longer use exigent letters.
The guidance explained the distinctions between the FBI's authority to
compel the production of ECPA-protected records or to request emergency
voluntary disclosures. The guidance made clear the legal avenues that were
available to FBI investigators who seek to obtain telephone records,
including a description of the legal basis for emergency voluntary disclosure
requests. In June 2007, the FBI issued comprehensive guidance to all FBI
personnel regarding the FBI's NSL authorities.
In 2007 and 2008, the FBI conducted three audits to assess the
extent of its errors in NSL usage. The FBI reviews generally confirmed the
OIG's findings in its first NSL report as to the types of errors made by FBI
agents in their use of NSL authorities as well as the unauthorized
collections caused by third parties who provided the FBI with information
that was not requested.
In December 2007 and January 2008, the employees of the three
on-site providers moved out of the FBI. These moves were also
accompanied by changes in the FBI's protocols for obtaining telephone
records from the three providers.
Additionally, the FBI developed a process to determine whether to
retain or purge telephone records obtained through exigent letters and those
listed in blanket NSLs. As part of this process, the FBI reviewed records for
the 4,379 unique telephone numbers listed in exigent letters and the 11
blanket NSLs to determine whether there was a basis to justify retention of
the records. In deciding whether to retain records based on the results of
that research, the FBI developed a 5-step "decision tree'" based upon the two
ECPA authorities for obtaining telephone records. Since the ECPA does not
authorize the FBI to compel the production of ECPA-protected records with
a promise of future legal process, the FBI's decision tree was used by the
FBI not as a basis for the original record requests, but as a basis upon
which to analyze whether the FBI would retain the records.

275

In a complex and time-consuming review, the FBI determined that it
would retain most of the records but purge others. In essence, the process
attempted to determine if the FBI could find legal process issued in
connection with the _
request, if the FBI would issue new legal process
modeled on the ECPA standard for issuing legal process, or if neither of
those options was available, if the FBI could justify retention under an
after-the-fact application of the ECPA emergency voluntary disclosure
statute.
Under the FBI's analysis, the FBI will retain records for 3,352
telephone numbers because it found either that (1) appropriate legal process
associated with the request was previously issued or could be issued for
these records; or (2) because the circumstances at the time of the requests
satisfied the statutory standard for emergency voluntary disclosures.
The FBI also concluded that it would purge records for 739 telephone
numbers because the circumstances under which the records were
requested did not meet any of the criteria for retention available in the FBI's
decision tree. In addition, the FBI concluded that it must purge a portion of
the records for 302 of these telephone numbers because the records
obtained were outside the time period specified in the legal process
identified by the FBI.
The FBI faced a difficult challenge in reviewing the records improperly
acquired from exigent letters or listed in the 11 blanket NSLs. However,
under the circumstances it created, we believe the FBI's approach to
determine which records to retain and which to purge was reasonable.
In sum, we concluded that the FBI initial attempts to cover the
improperly obtained records were deficient, ill-conceived, and poorly
executed. However, we believe its review process and other corrective
measures since issuance of our first NSL report in March 2007 have been
reasonable, given the difficult and inexcusable circumstances that its
deficient exigent letter practices created.

D.

Improper Requests for Reporters' Telephone Records or
Other Calling Activity In Three Media Leak Investigations

We also found that in three media leak investigations the FBI
requested, and in two of these instances obtained from on-site
communications service providers, telephone records or other calling
activity information for telephone numbers assigned to reporters. However,
the FBI did not comply with federal regulation and Department policy that
requires Attorney General approval before requesting such records and that
also requires a balancing of First Amendment interests and the interests of

276

law enforcement before issuing subpoenas for the production of reporters'
telephone toll billing records. 297
The fIrst leak investigation involved the disclosure of classilled
information in articles ublished by the Washin ton Post and The New York
Times in
about the
Without a request
from FBI investigators, and without the knowledge of any prosecutor, a CAU
SSA issued an exigent letter to an on-site Company A analyst for the
telephone records of the Post and Times reporters who wrote the articles
and their bureaus in _
Company A rovided the records to the
FBI, and the FBI uploaded the records into a
database.
The records remained in that database for over 3 years, unbeknownst
to the prosecutor, CTD management, and FBI OGC attorneys until 2008
when OIG investigators determined that the records had been improperly
acquired and notilled the FBI General Counsel. We concluded that the FBI's
acquisition of these records constituted a complete breakdown in the
required Department procedures for approving the issuance of grand jury
subpoenas to obtain reporters' toll billing records.

In August 2008, following the OIG's notifIcation to the FBI that it had
improperly acquired the reporters' records, the FBI informed the
newspapers and the reporters that their telephone records had been
obtained, as required b federal re lation. However the FBI's notifIcation
did not disclose that

297

See 28 C.F.R. § 50.10.

277

In the second media leak investigation an Assistant United States
Attorney (local AUSA) and a federal prosecutor approved grand jury
sub oenas that directed a communications service rovider to deliver I
This

After the subpoenas were served and records were sent to the FBI
case agent as e-mail attachments, the prosecutor realized by virtue of a
fortuitous conversation with an FBI S cial A ent that the rovider could
have iven the FBI re orters' records
requested. The
prosecutor took steps to sequester the telephone records and notified the
Department's Criminal Division of the issue. In our review, we found no
evidence
or that reporters' toll billing
records were provided to the FBI in response to the subpoenas.
Following consultations with the Office of Legal Counsel, the Criminal
Division concluded that it was not required to notify the reporters of the
subpoenas, even though the subpoenas, if fulfilled, would have resulted in
acquisition of reporters' records.

We concluded that the way in which the Department drafted and
issued the two subpoenas in this leak investigation was deficient. The
prosecutor drafted and approved language in the subpoena attachments
that neither the FBI agent nor the prosecutor correctly understood; the local
AUSA assigned to assist the investigation in the jurisdiction where the
grand jury was empanelled initialed the grand jury subpoenas without
reviewing the attachments, which were prepared by the prosecutor and
attached after the local AUSA initialed the subpoenas; and but for a
fortuitous conversation between a Special Agent not involved in the
investigation and the prosecutor, FBI and Criminal Division attorneys would
likely not have learned about the problems with the language in the
subpoenas.
In the third media leak investigation the Department served on an
analyst a grand'u sub oena re uesting a
the FBI believed
_
for records of a
was in telephonic contact with a reporter.
~A

278

In addition, based on information provided to the Company A analyst
by an FBI Special Agent, the Company A analyst _
Company A's
database and downloaded records for ~erJs cellular phone calling
activity. After the _
which was _
without any legal process,
the Company A analyst informed the FBI Special Agent that there were no
records of calling activity between the reporter's and the _
numbers
~ the specified date range. The Company A analyst_ _ this
_
without the knowledge of the Special Agent.
Also, at the request of the CAU's Primary Relief Supervisor, without
process, the on-site Company B and Company C employees
_
their databases for calling activity by the reporter's cellular phone
number. The Company B employee found responsive records, although
Company B reported to us that the employee did not recall whether he had
provided responsive information to the FBI. We found no evidence that
these records were uploaded into FBI databases. The on-site Company C
employee detennined that Company C had no responsive records.
~

In sum, we concluded that serious lapses in training, supervision,
and oversight led to the abuses involving the FBI's improper requests for
reporters' records in these three leak investigations. CAU personnel told us
they did not know about the special approval requirements for subpoenaing
reporters' toll billing records. The federal prosecutors involved with these
matters, said they did not know the subpoenas sought reporters' records
either because they did not see or examine the attachments or because they
did not correctly understand that the tenninology used in the subpoenas or
attachments could result in the acquisition of reporters' records. The
failures in training, the diffusion of prosecutorial responsibility for the grand
jury subpoenas, and the absence of oversight within the CAU or from the
CTD or the FBI aGC resulted in the Department not following legal
requirements and its own policies for issuing subpoenas to obtain reporters'
toll billing records.

E.

OIG Findings on Management Failures and Individual
Accountability for Exigent Letters and other Improper
Requests for Telephone Records

In Chapter Five of this report, we assessed the accountability of FBI
employees, their supervisors, and the FBI's senior leadership for the use of
exigent letters and other improper practices we described in this report.
We concluded that numerous, repeated, and significant management
failures led to the FBI's use of exigent letters and other improper requests

279

for telephone transactional records over an extended period of time. These
failures began shortly after the CAU was established within the
Counterterrorism Division (CTD) in 2002, and they continued until March
2007 when the OIG issued its first NSL report describing the improper use
of exigent letters. We believe that every level of the FBI - from the most
senior FBI officials, to the FBI's Office of the General Counsel (FBI OGC), to
managers in the CTD, to supervisors in the CAU, to the CAU agents and
analysts who repeatedly signed the letters were responsible in some part for
these failures.
FBI Director Mueller, Deputy Director Pistole, and FBI General
Counsel Caproni said they were unaware until late 2006 that the CAU was
obtaining telephone records without appropriate legal process. In addition,
all but one of the CTD supervisors we interviewed said they did not know
prior to the CIG's first NSL investigation that the CAU was using exigent
letters to obtain telephone records from the on-site providers.
We found that beginning in 2003, shortly after the CAU was
established and the FBI contracted to have Company A's employees work
on-site, FBI officials failed to recognize and address clear risks for potential
misuse of the FBI's NSL and other authorities to obtain telephone records.
These risks arose from the combination of several factors, including the
FBI's expanded authority to obtain records protected by the ECPA, the close
proximity of the on-site providers' employees to FBI personnel in a common
FBI work area, and the assignment of SSAs and Intelligence Analysts to the
CAU who had no background or training in national security investigations
or in using NSLs.
At the same time, FBI officials at ali levels failed to develop a plan and
implement procedures to ensure that telephone records were properly
obtained from the on-site communications service providers. The FBI
compounded its planning failures when it did not ensure that all CAU
personnel were trained on the legal requirements for obtaining
ECPA-protected records. In particular, FBI managers - from CAU Unit
Chiefs, to the FBI CGC, to the senior leaders of the FBI - failed to ensure
that CAU personnel were properly trained to request telephone subscriber
and toll billing records information from the on-site communications service
providers in national security investigations only in response to legal
process or under limited emergency situations defined in 18 U.S.C
§ 2702(c)(4). They also failed to ensure that CAU personnel were trained to
comply with the Attorney General's NSI Guidelines and internal FBI policies
governing the acquisition of these records. They also failed to recognize the
need for, and assure adequate oversight of, the practices employed by the
CAU to obtain subscriber information, toll billing records, and other calling
activity information from the on-site providers.

280

In reviewing the FBI's responsibility for exigent letters and other
improper requests for telephone records and the performance of FBI
personnel involved in the practices covered in this review, we recognize that
the FBI was confronting major organizational and operational challenges
during the period covered by our review. As we noted in our first NSL
report, following the September 11 attacks the FBI overhauled its
counterterrorism operations, expanded its intelligence capabilities, and
began to upgrade its information technology systems. Throughout the
4-year period covered by this review, the CTD also was responsible for
resolving hundreds of threats each year, some of which, such as bomb
threats or threats to significant national events, needed to be evaluated
quickly. Many of these threats, whether linked to domestic or international
terrorism, resulted in a large number of high-priority requests to the CAU
for analysis of telephone communications associated with the threats, which
was the CAU's core mission.
Members of the FBI's senior leadership told us that they placed great
demands on the CAU and other Headquarters' units. The FBI Director
stated that he placed "tremendous pressure" on CTD personnel to respond
to terrorism threats. Other senior FBI officials stated that there were
countless "hair on fire" days when Headquarters personnel worked through
nights and on weekends to determine whether information the FBI received
from various sources presented threats to the United States. Indeed, some
of the exigent letters and other improper practices we describe in this report
were used to obtain telephone records that the FBI used to evaluate some of
the most serious terrorist threats posed to the United States in the last few
years. In our view, these circumstances do not excuse the management and
performance failures we describe in this report, but they provide important
context to the events that led to the serious abuses we found in this
review.
We also believe the management failures we described do not explain
all the deficiencies we found in this review. In this review, we concluded
that FBI supervisors and attorneys did not take sufficient action to prevent
or promptly correct the improper use of exigent letters and other informal
requests for telephone records. We also concluded that the performance of
some FBI employees who signed letters that were inaccurate on their face
was not in accord with the high standards expected of FBI and other law
enforcement personnel.
First, we found that Glenn Rogers, the CAU's first Unit Chief,
authorized the CAU's use of exigent letters without proper legal review by
the NSLB, and failed to ensure that the personnel assigned to the CAU
received proper guidance on national security investigations and using
NSLs. Rogers also personally signed 12 exigent letters without making an
effort to confirm that exigent letters were appropriate for use by the CAU in

281

national security investigations. Moreover, he signed and allowed his
subordinates to sign letters that inaccurately stated that subpoenas
requesting the telephone records had been submitted to the U.S. Attorney's
Office and would be served expeditiously. He also instructed subordinates
who questioned him about using such inaccurate letters to continue to use
them. In addition, Rogers failed to implement a system for tracking the use
of exigent letters, which resulted in a growing backlog of _
of records
for which the providers were promised follow-up legal process. These
failures led to the routine use of exigent letters and after-the-fact NSLs, as
well as the use of sneak peeks and other improper practices detailed in this
report. Finally, Rogers failed to ensure that Bassem Youssef, his successor
as CAU Unit Chief, was adequately briefed on the unit's methods and
procedures, including the specific methods the CAU used for obtaining
records from the providers.
Second, we found that Bassem Youssef inherited the improper
practices that were in place during Rogers's tenure but that he, too, did not
do all he could have, and should have, to address the improper use of
exigent letters and other informal requests for telephone records. Youssef
failed to understand or adequately assess, in coordination with CTD
management and the NSLB, the various methods by which CAU personnel
were obtaining records from the on-site providers. Youssef told us that he
was unaware of the details of the CAU's requests for community of interest
_
sneak peek requests, hot number _
and the unauthorized
use of administrative subpoenas. In addition, Youssef personally signed 1
exigent letter, although he did not review or read the exigent letter for more
than 5 months after he signed the letter and 18 months after he became the
CAU Unit Chief.
Third, we believe Julie Thomas did not properly perform her duties as
the NSLB Deputy General Counsel with respect to the CAU's use of exigent
letters. Many of the improper practices described in this report pre-dated
Thomas's tenure in the NSLB. However, after she became the NSLB Deputy
General Counsel and became aware of exigent letters, she did not
adequately review and assess the legality of their use in a timely fashion,
halt their use, ensure in coordination with CTD officials that CAU personnel
understood the lawful methods for obtaining records from the on-site
communications service providers, or ensure that the NSLs that she
personally signed complied with the ECPA NSL statute.
We found that the Assistant General Counsel, an FBI senior line
attorney who was the NSLB point-of-contact for NSL-related policies and
issues, did not recognize that exigent letters promising future legal process
were an improper tool for obtaining ECPA-protected records and that
after-the-fact NSLs also were unauthorized. The Assistant General Counsel
also provided inaccurate guidance on the use of exigent letters, and she did

282

not review a copy of any exigent letter until May 2006, more than 18
months after first learning of their use in the CAU. After reviewing an
exigent letter, she merely revised the letter to substitute the term "NSL" for
the inaccurate reference to after-the-fact issuance of grand jury subpoenas,
and she advised the CAU that it could continue to use the revised exigent
letter. The Assistant General Counsel also did not recognize that many of
the exigent requests that came to the CAU qualified for emergency voluntary
disclosure requests under the ECPA. By these actions and inaction, the
Assistant General Counsel allowed the FBI's improper use of exigent letters
and after-the-fact NSLs to continue. Although the Assistant General
Counsel kept her supervisors informed of the advice she was giving and the
actions she was taking, we believe based on her experience in national
security investigations and the senior policy position she held in the NSLB
that she should have directly confronted the legal deficiencies in the use of
exigent letters and, through her supervisors in the NSLB and in conjunction
with CTD managers, ensured that the use of exigent letters ended.
As described in Chapter Four of this report, we found that 4 senior
CTD officials - Joseph Billy, Jr., Arthur Cummings 1Il, Michael Heimbach,
and Jennifer Smith Love - signed a total of 11 improper blanket NSLs in
2006. Each of these NSLs had multiple deficiencies. None of them was
accompanied by required approval Electronic Communications (EC)
documenting the predication for the requests, and some were issued
without the required ECPA certifications. While we recognize that each of
these four officials had other significant responsibilities in the FBI and that
they each worked in a high-pressure environment in furtherance of the
FBI's counterterrorism mission, we believe they should have taken more
care to ensure that the NSLs they signed complied with the ECPA, the
Attorney General's NSI Guidelines, and FBI policy. In signing these
improper NSLs, we believe that these CTD senior officials contributed to
misuses of NSL authorities.
As described in Chapter Two of this report, we determined that many
CAU employees signed the inaccurate and improper exigent letters issued by
the CAU. In evaluating the accountability of the CAU employees who signed
these exigent letters, we asked them whether they knew when they signed
the letters that the factual statements they contained were inaccurate. We
specifically asked whether they knew that exigent circumstances existed at
the time they signed the letters and whether they knew that requests for
grand jury subpoenas had been submitted to the U.S. Attorney's Office, as
specifically stated in the letters.
With few exceptions the CAU employees who signed the letters said
they believed exigent circumstances were present. However, most of the
CAU SSAs we interviewed told us they did not know whether grand jury
subpoenas had been requested at the time they signed the exigent letters,

283

although some said they recognized that the letters inaccurately described
the process for obtaining grand jury subpoenas. Some CAU employees
explained their signing the letters by stating they "thought it was all part of
the program coming from the phone companies themselves," and they
assumed the letters were approved by the FBI or communications service
providers' attorneys. Another CAU employee said that he knew that
subpoenas had not been issued but signed the exigent letters anyway
because he saw the letter used by other CAU personnel as a standard
practice and he received assurances from CAU Unit Chief Rogers that the
exigent letter was okay to use. Other CAU employees said they said that
they did not pay much attention to and were not concerned about the
reference to a grand jury subpoena. Still others told us that when they
signed the letters they did not know for sure what type of after-the-fact legal
process would be used by the field division or Hedquarters unit that
initiated the request. Others said that they considered the reference to
grand jury subpoenas to broadly include all categories of legal process, such
as NSLs. And others told us that they never read the exigent letters closely
enough to notice any of the statements they contained.
It is important to recognize several mitigating factors regarding these
CAU signers of exigent letters. For example, CAU Unit Chief Rogers and the
NSLB approved the use of exigent letters, the FBI failed to train CAU
personnel on the authorized means of requesting records from the on-site
providers, and the communications service providers readily accepted the
exigent letters.

However, we believe that none of these factors excuses FBI employees
who signed an exigent letter from not making the effort to confirm the
factual accuracy of the letter or, knowing the letter was inaccurate, not
raising concerns about the letter's accuracy to FBI supervisors. Simply put,
we do not believe employees of the FBI should sign their names to letters
making a statement that is not true, even if the letters are approved by
management, sanctioned by FBI attorneys, part of an established practice,
or accepted by the recipients.
We also recognize that a few SSAs raised concerns about the exigent
letters to their supervisor, CAU Unit Chief Rogers, and that he instructed
them to continue using the letters without changing the wording. Even in
this circumstance, we believe that FBI employees confronted with this
problem had options other than to simply sign the letters. They could have
sought further guidance from more senior managers in the FBI, either
directly or anonymously. They could have complained to a senior CTD
official or the FBI Inspection Division. They could have contacted the OIG.
None of them took any of these steps. Instead, they continued to sign
inaccurate exigent letters.

284

Finall~iscussed

requests to _

above, FBI personnel were involved with

reporters' toll billing records in three different media leak

investigations, without first complying with Departmental regulation or
obtaining the required Attorney General approvals. We believe that these
matters involved some of the most serious abuses of the FBI's authority to
obtain telephone records. As described in Chapter Five of this report, we
recommend that the FBI consider appropriate action for the FBI employees

who sought to obtain these records without first obtaining the required
Attorney General approval.
II.

Recommendations

As discussed above. after we issued our first NSL report in March
2007 the FBI ended the use of exigent letters and took other corrective

actions to address the improper use of exigent letters. However, as a result
of further deficiencies we uncovered in this review, we believe the FBI and
the Department need to take additional action to ensure that FBI personnel
comply with the statutes, guidelines, regulations, and policies governing the
FBI's authority to request and obtain telephone records. We therefore
provide the following recommendations to the FBI and the Department:
1. The FBI should assess this report and the information we
developed in this review to determine whether administrative or other
personnel action is appropriate for the individuals involved in the use of
exigent letters and other improper requests for telephone records.
2. The FBI should issue periodic guidance and conduct periodic
training of FBI Headquarters and field personnel engaged in national
security investigations regarding the authorities available to the FBI under
the Electronic Communications Privacy Act (ECPA) and other federal statutes
to obtain telephone subscriber and toll billing records information and other
information protected by the ECPA. Such training should cover not only the
provisions of the ECPA, but also other federal statutes and regulations
governing the FBI's authority to obtain to such records, including the Pen
Register Act, the federal regulation governing subpoenas for toll billing
records of reporters, and the FBI's administrative subpoena authorities.
3. The FBI should periodically review its existing guidance and
directives to determine if clarifications or updates are needed to describe the
authority of FBI personnel serving in "acting" positions (whether appointed
or on temporary duty assignments) to sign documents or approve activities
for which signature or approval authority is delegated by the FBI Director.
As described in Chapter Four of this report, CTD officials signed improper
blanket NSLs while serving as Acting Deputy Assistant Directors. At the
time these NSLs were signed, the FBI had not issued guidance on whether

285

FBI personnel serving in acting positions were authorized to sign NSLs. To
ensure that all FBI personnel serving in acting positions understand what
they are authorized or not authorized to approve or sign under various
federal statutes, Attorney General Guidelines, and FBI policies, we believe
the FBI should clarify the authorities of FBI personnel serving in various
acting positions.
4. The FBI aGe should review existing contracts between the FBI
and private entities or individuals that provide for the FBI's acquisition of
telephone records, e-mail records, financial records, or consumer credit
records to ensure that the methods and procedures used by the FBI for
requesting, obtaining, storing, and retaining these records are in conformity
with the NSL statutes and other applicable federal statutes, regulations,
Executive Orders, Attorney General Guidelines, and FBI policy.
5. The FBI should issue a directive requiring that FBI personnel,
including FBI aGe attorneys with expertise pertinent to the subject matter
of the contract, review contract proposals, responses to requests for contract
proposals, and proposed contracts or arrangements with wire or electronic
communications service providers. The objective of the review should be to
ensure that any records requested, obtained, stored, or retained pursuant to
any such contracts are done so in conformity with applicable federal
statutes, regulations, Executive Orders, Attorney General Guidelines, and
FBI policy.
As described in Chapter Two of this report, NSLB attorneys did not
review the contracts with the three on-site providers until after reviewing a
draft of the OW's fIrst NSL report. Although the FBI has stated that these
contracts did not require FBI aGe review, the FBI aGC informed the House
Judiciaty Committee that procurement attorneys reviewed certain portions
of the contract documents relating to the justification and approval of the
contacts. 298 The FBI also informed the Judiciaty Committee that FBI aGe
attorneys will be more involved in the contract review process in the future.
To ensure that FBI personnel who are familiar with the laws and policies
affected by such contracts review analyze these important contract
proposals and contracts before they are finalized, the FBI should require
that FBI personnel with relevant expertise - not just procurement attorneys

298 Letter to The Honorable John Conyers, Jr., Responses of the Federal Bureau of
Investigation Based Upon the March 20, 2007 Hearing Before the House Judiciary
Committee Regarding The FBI's Use of National Security Letters Requested by April 19,
2007 Letter (January 13, 2009), at 6-7.

286

- review contract proposals and approve the final wording of such
contracts.
6. If the FBI places employees of communications service providers in
the same work space as FBI employees, the FBI should establish
appropriate written guidance, supervisory and oversight procedures, and
appropriate training to ensure that the methods and procedures used to
obtain records from the providers conform to the ECPA and other applicable
federal statutes, regulations, Executive Orders, Attorney General
Guidelines, and FBI policy.
7. The FBI should issue guidance specifically directi~ersonnel
that they may not use the practices known as hot number _
to
obtain calling activity information from electronic communications service
providers.
8. The FBI should issue guidance regard~en FBI personnel may
issue
community of interest _
requests. As
described in Chapter Two, in November 2007 the FBI Counterterrorism
Division prepared draft
idance that would require advance determinations
of the relevance of
elephone numbers included in the
community of interest
requests. The draft guidance also would
require that senior FBI officials and a ~nt attorney approve such
requests and that telephone numbers _
pursuant to these requests
be documented for purposes of congressional reporting on NSL usage. We
recommend that the FBI finalize and issue this guidance to FBI personnel.
9. The FBI should carefully review the circumstances in which FBI
personnel asked the on-site communications service providers
on specified "hot numbers" to enable the Department to determine if the FBI
obtained calling activity information under circumstances that trigger
discovery or other obligations in any criminal investigations or
prosecutions.
10. The Department should determine if, in addition to the grand jury
subpoenas identified in this review, the Department has issued other grand
~ media leak investigations that include~tfor
_
community of interest or calling circle _
If so,
the Department should determine whether at the time the subpoenas were
issued responsible Department personnel were aware of or suspected
contacts between the target numbers in the subpoenas and members of the
news media and whether the Department obtained the toll billing records of
news reporters in compliance with Departmental regulations, including the
notification requirements.

287

11. The FBI, in conjunction with the National Security Division (NSD)
and other relevant Department com onents, should review current policies
and procedures governing
reporters by
Department personnel. We recommend that after conducting this review,
the FBI and the NSD consider under what circumstances FBI personnel
may
reporters, and specifically whether
approval by senior FBI officials at the level of an Assistant Director or higher
should be required for
12. The FBI, in conjunction with the NSD, should determine whether
any FISA Court orders for electronic surveillance or pen register/trap and
trace devices currently in place relied upon declarations containing FBI
statements as to the source of subscriber information for telephone
numbers listed in exigent letters or the 11 blanket NSLs. If the FBI and the
NSD identify any such pending orders, we recommend that the FBI and the
NSD determine if any of the statements characterizing the source of
subscriber information are inaccurate or incomplete. If any declarations are
identified as containing inaccurate or incomplete statements, we
recommend that the FBI and the NSD determine whether any of these
matters should be referred to the FBI Inspection Division or the
Department's Office of Professional Responsibility for further review.

We also recommend
that the Department notify Congress of this issue and of the OLC opinion
interpreting the sco e of the FBI's authority under it, so that Congress can
consider the
and the implications of its potential
use.
III.

OIG Conclusion on Exigent Letters and Other Improper Requests
for Telephone Records

In sum, in this review we found widespread use by the FBI of exigent
letters and other informal requests for telephone records. These other
requests were made bye-mail, face-to-face, on post-it notes, and by
telephone, without first providing legal process or even exigent letters. The
FBI also obtained telephone records through impr~neakpeeks,"
community of interest _ , and hot-number _
Many of these
practices violated FBI guidelines, Department policy, and the ECPA statute.
In addition, we found that the FBI also made inaccurate statements to the
FISA Court related to its use of exigent letters. Some of the most troubling
improper requests for telephone records occurred in media leak cases,
where the FBI sought and acquired reporters' telephone toll billing records

288

and calling activity information without following federal regulation or
obtaining the required Attorney General approval.
Our review also found that the FBI's initial attempts at corrective
action were seriously deficient, ill-conceived, and poorly executed. However,
after our first NSL report was issued in March 2007. the FBI took
appropriate action to stop the use of exigent letters and to address the
problems created by their use. Yet, we believe the FBI should take
additional action regarding the use of other improper requests for telephone
records. We therefore believe the FBI should implement the
recommendations in this report and ensure that similar abuses of exigent
letters or other improper requests for telephone records do not occur in the
future.

289

APPENDIX

U.S. Department of Justice
Federal Bureau of Investigation

FBIHQ

In Reply. Please Refer 10 File No.

935 Pennsylvania Avenue NW
Washington, DC 20535
Room
May 27, 2003

---_._---------_..._-----_...------_.-

RE:

Special Project /

Dear Mr.
Due to exigent circumstances, it is requested that
records for the attached list of telephone numbers be provided.
Subpoenas requesting this information have been submitted to the
U.S. Attorney's Office who will process and serve them formally
to
as expeditiously as possible.

l1li

Sincerely,
Glenn Rogers
Unit Chief
Communications Analysis Group

•

By:
Supervisory Special Agent

3020

"X

NSL.
~{\"{\,)1

....

..

_

:", .-,1.

u.s. Departme1l1 of Jutltl:

Wu1lin;toa. D. C. 2053S-0001

August 4, 2006

Attention:

Re: Special

Projec~

I SSA

Dear Mr.
Due to exigent circumstances, it is requeste~ that
records for the attached list of telephone numbers be
prmriaed. National Security Letters directing you
this informatio~ will be.processed and served upon
as
expeditiously as possible.
' .

rFuizovide

For the following

u.s. numbers:

Sincerely.
Bassem Youssef

tJn1t Chief

Communications Analysis unit

By:

.

.'~

~age259

~()()'H'O