To no one's surprise, the FBI abused the expanded powers for domestic surveillance granted by the PATRIOT Act.
In a review focusing on FBI investigations in 2006, Justice Department
Inspector General Glenn A. Fine found numerous privacy breaches by the
bureau in its use of national security letters, or NSLs, which allowed
the FBI to obtain personal information on tens of thousands of
Americans and foreigners without approval from a judge.
Why NSLs are a BFD
If you need a refresher, NSLs gave the FBI the ability to poke around your personal information, such as finances, e-mail, and telephone calls, without the approval of a judge, grand jury, or even a prosecutor. Worse, if you are involved in this collection--for example, as an employee of a phone company turning over your cell phone records--you could not discuss the NSL with anyone. No asking your supervisor or lawyer whether this request was proper and legal, and most of all, no telling the target about the records search.
In 2007, a federal judge struck down the NSL portion of the PATRIOT Act. However, the decision dealt with the principle behind NSLs; it did not answer the question, How often did the FBI abuse this power?
The Inspector General's report expands the story beyond the less-than-credible internal FBI investigation:
According to Fine's report, the FBI continued to rely heavily on
national security letters in counterterrorism, counterintelligence and
cybercrime investigations, issuing nearly 50,000 of the documents in
2006 alone. Nearly 200,000 were issued from 2003 through 2006, the
report said, and were used in a third of all FBI national security
probes during that time.
Even more important than the scope of abuse is its cause:
The pattern persisted in 2006, Fine concluded in the report issued
today, in part because the FBI had not yet halted the shoddy
recordkeeping, poor oversight and other practices that contributed to
the problems. He also said it was unclear whether reforms enacted by
the Justice Department and FBI last year will address all the issues
identified by his investigators.
So much for technology
It's worth digging into some details of that "shoddy recordkeeping." A few years ago, you probably skipped any articles about the FBI's problems implementing a "case management system." However, this story, which got no attention outside a few journals that cover computer technology in the federal government, is perhaps one of the best examples of how things went horribly wrong with counterterrorism during the Bush years.
Since most people haven't heard of a case management system before, here's a quick explanation of what it is. Many legal and government jobs are all about opening and closing cases. For example, a lawyer needs an efficient way to collect and organize the information about a particular court case. At the same time, that lawyer's boss is scrutinizing how quickly and effectively the lawyer handles the case, so the case management has an important managerial function as well. The case management system, for everyone from trial lawyers to FBI agents, is where that person spends a large, important amount of time each day. (If you want more information about what these applications do, click here for the American Bar Association's ratings for various case management systems.)
For several years, the FBI tried, and ultimately failed, to implement a case management system. The following headlines from Government Computer News give a nice summary of what happened:
- FBI plans to build new case management system from scratch (12/30/04)
- Senators fume as FBI admits Trilogy foul-ups (02/04/05)
- Cold case (03/07/05)
- FBI takes another swing at case management with Sentinel system (05/24/05)
- Report: FBI ‘scrambling’ to launch case file system (06/06/05)
- Justice, FBI to overhaul fingerprint and case management systems (08/29/05)
As the FBI's case management project crashed into a brick wall, the FBI kept on issuing NSLs at a furious rate--200,000 between 2003 and 2006, according to the Inspector General's report.
Last year, the FBI finally announced that it was ready to launch the new system, six years after the 9/11 attacks. The old case management system, based on 1970s-era technology, was already a failure, since many FBI employees avoided spending time entering data into it. (That's a familiar problem, by the way, with many systems that ask people to stop what they're doing and type up their notes.) All talk about "service-oriented architecture features that facilitate information exchange among law enforcement systems" aside, there's still an open question about getting people in the FBI to use any system, new or old.
If this were the only example of information technology (IT) projects in the FBI that went south, you might chalk it up to bad luck, peculiar difficulties with this sort of system, or the team working on that particular project. However, the FBI has fumbled many IT projects, including the useless terrorist watch list database. In 2007, another Justice Department IG report found that the FBI was losing laptops at a rate of 2.6 per month.
So, let's summarize:
- The Bush Administration pushed to expand the warrantless surveillance powers of the executive branch.
- The "point of the spear," the FBI, has depended on antiquated systems to store, secure, and analyze this information--when FBI employees were using these systems at all.
- A major overhaul of the case management system, needed to track sensitive information collected via NSLs and other mechanisms, was a long, expensive failure.
- There's no evidence that the White House put pressure on the Justice Department to fix these problems.
Should the results be a surprise?
There are certainly people to blame, such as the Chief Information Officer of the FBI, Zalmai Azmi. However, as implied in the bulleted list above, it's also up to the President and his staff to pay attention to these details. It's also important for the US public to mind these details more carefully. Millions of taxpayer dollars spent, thousands of breaches of privacy, and not one terrorist attack stopped.