Review of the Fbi Use of Exigent Letters and Other Requests for Phone Records 2010 Parth
Download original document:
This text is machine-read, and may contain errors. Check the original document to verify accuracy.
Counsel forwarded Caproni's e-mail to Youssef and asked again for a copy of the NSL. On November 14, 2006, in response to the Assistant General Counsel's inquiries about the blanket NSL that Billy had signed, a CAU SSA informed the Assistant General Counsel in an e-mail that Cummings had signed similar NSLs. The SSA then gave the Assistant General Counsel copies of the Company B May 12 NSL and three of the five Operation Y blanket NSLs that Cummings had signed. After reviewing these four blanket NSLs, the Assistant General Counsel expressed concern to Youssef and the CAU SSA that these NSLs lacked required approval ECs, which were needed to document the predication for the NSLs and the investigations to which they related. The Assistant General Counsel also reported her concerns to her supervisors. B. The CAU's Draft Memorandum to the FBI OGC Reporting Possible Intelligence Oversight Board Violation On February 22, 2007, the Assistant General Counsel learned from an NSLB colleague (not from CAU personnel) about the three blanket Operation Z NSLs, which also lacked approval ECs. She then directed Youssef to draft a memorandum to the FBI OGC reporting the seven after-the-fact blanket NSLs she knew about at that time as possible Intelligence Oversight Board violations (PIOB): the Company B May 12 NSL, three of the five Operation Y NSLs, and the three Operation Z NSLs. FBI personnel are required by internal FBI policy to report PIOBs to the FBI OGC within 14 days of discovery in an Electronic Communication (EC). Executive Order 12863, which has since been modified, required the Department to report intelligence violations to the lOB. According to Executive Order 12863, possible intelligence violations include any activities that "may be unlawful or contrary to Executive Order or Presidential Directive." The Assistant General Counsel informed Youssef that the PIOB memorandum should address that the NSLs were issued without approval ECs and that the NSLs did not include the appropriate non-disclosure certification, but should not address "the exigent letter situation itself since we approved that as a legal principle." The efforts to draft the PIOB memorandum resulted in new disclosures to the FBI OGC, as well as significant confusion and errors. For example, the first draft contained a description of the seven blanket NSLs that the Assistant General Counsel knew about and had asked to be included in the draft. In addition, it described two blanket NSLs that 187 neither Youssef nor others in the CTD or the CAU had previously disclosed to the FBI OGC: the Company C July 5 blanket NSL and the Company A August 25 Operation Y blanket NSL. The CAU Supervisory Intelligence Analyst who drafted the PIOB memorandum told us he had never drafted a PIGB memorandum before and "this was just very confusing for me." He said that he pulled information for the draft from a file left behind by the CAU SSA who had drafted some of the blanket NSLs. He said that he drafted the "bare bones" of what he knew about the NSLs and sent the draft to Youssef. Youssef told us that he viewed the PIOB as "a first rough draft" and the CAU's "best effort: and that he believed that the FBI OGC was going to finalize the PIOB memorandum. After reviewing the first draft, the Assistant General Counsel asked CAU personnel to explain why the draft referred to NSLs which she had not been previously told about. 225 In response, the Acting CXS Section Chief, Youssef, and the CAU's Primary Relief Supervisor re-drafted the PIOB memorandum on March 3, 2007. The second draft included the seven NSLs that the Assistant General Counsel had originally asked to be addressed but omitted any reference to the two additional NSLs included in the first draft that she had questioned. 226 The Acting CXS Section Chief characterized his role in the second draft as trying to explain "massive confusion." He told us that the second draft was an attempt "to recreate a record that didn't exist." He said that he directed that the two blanket NSLs which the Assistant General Counsel had questioned be omitted from the second draft because the Supervisory Intelligence Analyst who had prepared the first draft could not explain them to him. 225 The Assistant General Counsel referred in her e-mail to: one (NSLJ to (Company CJ on 7/5/2006 (WHICH I'VE NEVER HEARD OF), one (NSLj to (Company A] on 8/25/06 (WHICH I'VE NEVER HEARD OF) ... The 8/25/06 NSL lists 750 numbers, not a paltry sum. The 7/5/06 NSL lists almost 50. 226 Neither draft of the possible Intelligence Oversight Board violations (PIOB) memorandum listed the other two blanket NSLs that the CAU had drafted and the CTD had signed: the Company C August 24 Operation Y blanket NSL, which covered 612 telephone numbers, and the Company A September 21 blanket NSL, which covered 700 telephone numbers. Neither of these NSLs had been disclosed to the Assistant General Counselor other FBI OGC attorneys at the time. The OIG brought these two blanket NSLs to the FBI OGC's attention in July 2007 during this investigation. 188 The Primary Relief Supervisor told us that he wrote the second draft memorandum but in doing so mostly relied on information from the Acting Section Chief and Youssef. He said that he provided input on the Operation Z NSLs included in the memorandum "because that's the case that I knew."227 Youssef told us that the CAU was told to draft the P[OBs but was "not given very clear instructions as to what the [P1IOB was about." He also said, "we did not know where to go, we did not know where to start and we put together what we knew." We found that for several days after the second draft was completed, FBI OGC attorneys, including Caproni, exchanged e-mails with the Acting Section Chief and Youssef concerning the two blanket NSLs that were included in the first draft but omitted from the second draft. On March 6, 2007, NSLB Deputy General Counsel Thomas and the Assistant General Counsel met with the Acting CXS Section Chief and Youssef to discuss those NSLs. According to the Assistant General Counsel, the Acting Section Chief and Youssef stated at the meeting that the Senior Intelligence Analyst who prepared the first draft had mistakenly included those two NSLs, and that those NSLs had been properly issued. The Assistant General Counsel also said that the Acting Section Chief and Youssef told her that they could not locate the NSLs in the file. The Assistant General Counsel reported to her supervisors after the meeting that Youssef had convinced her of the "incompetence of the people who were drafting the EC' and that she now believed the two blanket NSLs were erroneously listed in the first draft and properly omitted from the second draft. Ultimately, the FBI OGC decided not to formally notify the lOB of details concerning the blanket NSLs.228 Thomas told us that she decided, 227 As described previously, the Primary Relief Supervisor had drafted the Operation Z NSLs. He also had drafted the Company A September 21 blanket NSL (which was not included in the draft PIOB memoranda), but told us he did not recall that NSL when he worked on the PIOB draft memoranda. 228 Rather, on October 31, 2007, Thomas sent a letter to the lOB chainnan to supplement information the FBI OGC had provided in earlier briefings to lOB staff on the FBI's analysis of exigent letters and blanket NSLs. The letter stated that the FBI would be reporting to the lOB the blanket NSLs that were issued without required approval ECs, as well as the blanket NSLs that improperly requested records relevant to criminal investigations. The letter also stated that the FBI will purge from FBI databases records for which the FBI "has no legal authority" under the ECPA NSL statute or the emergency voluntary disclosure statute. Julie F. Thomas, Deputy General Counsel, National Security (Cont'd.) 189 and Caproni agreed, that it would not be prudent to send piecemeal information to the lOB. She said that after the FBI fully resolves the issues relating to the CAU's improper receipt of records, the FBI will finalize a report to the lOB. Caproni and Thomas said that the FBI has periodically briefed the lOB about the manner in which the CAU has improperly obtained records from the on-site providers without process, including through exigent letters and blanket NSLs.229 In sum, the draft PIOB memoranda were flawed and failed to identif'y all 11 blanket NSLs that the CAU had prepared and CTD officials had signed between May and September 2006. We concluded that these failures occurred because CAU personnel did not maintain copies of the 11 blanket NSLs, and because the FBI's attempts in February and March 2007 to account for the blanket NSLs in the draft PIOB memoranda were confused, inaccurate, and ineffective. C. FBI Legal Guidance Clarifying Legal Authorities On March I, 2007, shortly before the DIG publicly issued its first NSL report, the FBI OGC issued a guidance memorandum for FBI personnel stating that, after reviewing information provided to the FBI in the OIG's first NSL report, the FBI OGC was providing a "clarification of the legal avenues available to investigators who seek to obtain subscriber information and toll billing information from telephone companies." The memorandum described the legal basis for employing the ECPA NSL authority and the ECPA emergency voluntaty disclosure statute, and it directed that FBI investigators cease the practice of using exigent,letters to obtain subscriber or other information from communications service providers "in advance of and upon the promise of the issuance of legal process." Law Branch, Federal Bureau of Investigation, letter to Intelligence Oversight Board, October 31, 2007. 229 In the October 31,2007, letter to the lOB, Thomas stated that the failure to issue approval ECs for these NSLs violated FBI policy, "impacts CongressionallNSL] reporting, and hinders oversight." The letter stated that when the FBI's review is complete, the FBI would report to the lOB the absence of ECs documenting the issuance of these blanket NSLs. Julie F. Thomas, Deputy General Counsel, National Security Law Branch, Federal J;Jureau of Investigation, letter to Stephen Friedman, Chairman, Intelligence Oversight Board, October 31, 2007. After reviewing a draft of this report, the FBI stated that on March 31, 2009, the FBI OGC formally briefed the lOB regarding the CAU's use of exigent letters, the 11 blanket NSLs, and the FBI's subsequent corrective actions. 190 The EC stated that regardless of whether investigators seek the information through an NSL, grand jury subpoena, or emergency voluntary disclosure, "it is incumbent upon the employee to develop or obtain a sufficient factual predicate to allow for the lawful acquisition of this information." The EC also stated that the ECPA NSL statute requires that the FBI determine that a telephone number is related to an existing national security investigation and that the information sought is relevant to that investigation. It further stated that investigators requesting emergency voluntary disclosure can seek the same information - even in the absence of an open national security or criminal investigation - if they give the provider sufficient facts for the provider "to believe, in good faith, that disclosure of the information sought is required without delay by an emergency situation involving the danger of death or serious physical injury to any person." The EC stated that the provider's "good faith belief may be based solely on a statement from the FBI or other entity that an emergency exists," and that while a "request to the service provider may be oral, it is preferable to make the request in writing." The EC also stated that requests for emergency voluntary disclosure must be approved by officials at a level not lower than an Assistant Special Agent in Charge for field divisions and not lower than Section Chief for a headquarters unit. 23o It stated that regardless of whether the request is made in writing or orally, the investigative file and a control file should contain written documentation of the approval of the emergency voluntary disclosure request by the appropriate FBI official, the emergency, and the approval of the service provider. 231 D. Relocation of Communications Service Providers' Employees From the FBI After the OIG issued the first NSL report, employees of the three on-site communications service providers moved out of the FBI's offices in December 2007 and January 2008. The FBI General Counsel told us that in the aftermath of the OIG's first NSL report in March 2007, the FBI and the three on-site providers concluded that while the co-location was legal and operationally beneficial, it blurred the distinction between the providers and the FBI. According to the FBI General Counsel, the FBI and the providers also concluded that both sets of employees had become "too 230 The EC stated that the better practice is that the approval be in writing "in the fonn of a signature [by the approving official] on the letter to the service provider." 231 A control file is an administrative me that is used to store various types of FBI information unrelated to particular investigations. 191 comfortable," had started thinking they were part of "the same team," and had failed to adhere to the internal controls established by the FBI, on the one hand, and the providers on the other. These moves were also accompanied by changes in the FBI's protocols for obtaining telephone records under the contracts with the three providers. According to the CXS Section Chief, a new protocol for requesting records from the providers was established in December 2007 and documented in an EC dated Janu 11,2008. Under the new rotocol, FBI officials told us that, notwithstanding the move to off-site locations and implementation of the new protocols, the providers remain capable of quickly responding to the CAU's requests for telephone records in high-threat or emergency circumstances. E, FBI Analysis of Whether it Will Retain or Purge Records Beginning in late 2006 and concluding in April 2009, the FBI analyzed whether it would retain telephone records it acquired in response to exigent letters or records for any additional telephone numbers that were listed in the 11 improper after-the-fact blanket NSLs described in this report. 1. FBI Analysis As described above, the FBI OGC was first told about a blanket NSL issued to address the backlog of records requests for Company B in August 2006, when Youssef informed the Assistant General Counsel that Acting Assistant Director Billy had signed "a blanket NSL request on all backlogged requests." Although Youssers e-mail did not further describe the blanket NSL, Youssef told us that he was referring to the Company B May 12 blanket NSL. Eventually, the FBI OGC learned that the CAU drafted and CTD officials signed 11 blanket NSLs between May and October 2006. In an elaborate and time consuming process, the FBI analyzed the 4,379 unique telephone numbers listed in exigent letters and the 11 blanket NSLs. We summarize below how the FBI organized and assigned the work of analyzing which numbers will be retained, its legal analysis of this issue, and the FBI's conclusion as to which telephone records it will retain and which it will purge from its databases. 192 a. FBI Review Team To detennine which records to retain, under the overall direction of NSLB Deputy General Counsel Thomas, the FBI assigned teams of attorneys, Supervisory Special Agents. Special Agents, and Intelligence Analysts to review the 2,222 unique telephone numbers listed in the exigent letters and the 2,157 additional unique telephone numbers listed in the 11 blanket NSLs. The CTD selected an Acting Assistant Section Chief from one of its operational units to lead the FBI's analytical efforts, under the guidance of three NSLB attorneys. The Assistant Section Chief had extensive experience in both counterterrorism investigations and in the use of NSLs. CTD Intelligence Analysts who were also experienced in counterterrorism investigations assisted in this effort. During its peak, the Assistant Section Chiefs team utilized 19 Intelligence Analysts and 7 support personnel. The team's effort was also supported in September and October 2007 by Intelligence Analysts based at an FBI facility in Idaho, who searched the FBI's databases for infonnation relevant to the analysis. The review team gave the NSLB attorneys summaries of information collected on each telephone number, along with the team's recommendation as to whether the records should be retained by the FBI or purged. NSLB attorneys evaluated the data collected on each telephone number and made a determination as to whether they concurred with the team's recommendation. b. FBI "Decision Tree" In making its determinations on record retention, the FBI developed a 5-step analytical process, referred to by FBI aGC attorneys as the "decision tree," to assess whether the FBI would retain records obtained in response to exigent letters or after-the-fact blanket NSLs. The FBI aGC created Diagram 4.2 to illustrate the steps in its analysis: 193 DIAGRAM 4.2 FBI Summary Chart of Plan to Rectify the Exigent Letter Situation Exigent Letter Was legal process issued subsequent to the date ofthe letter? ~ .1 Records retained Relevant investigation open at issuance and currently open? Was there 'an emergency situation? Is there a relevant open investigation? Records removed from FBI files Records retained First, the FBI determined whether legal process - an NSL or grand juty subpoena - was issued to the on-site communications provider before or after the records listed in exigent letters and the blanket NSLs had been requested. 232 In instances in which a valid NSL or subpoena was issued, the FBI concluded that it will retain the records. As described below, the FBI further reviewed the records for which legal process was located to 232 Although the FBI's decision tree states that the FBI would determine if "legal process (was) issued subsequent to the date of the letter," in practice, the review team relied upon any valid legal process in determining whether to retain records, including legal process dated before the date of the exigent letter. 194 ensure that it only retained records for the time period specifically documented in the legal process. Second, if the FBI was unable to identify valid legal process issued before or after the records were requested, the FBI examined both whether there was an investigation open at the time of the request and whether an investigation to which the records are relevant is currently open. If both requirements were satisfied, the FBI concluded that it would issue an NSL from the open investigation and retain the records. The approval ECs accompanying any such NSLs and the NSLs themselves state that the NSLs are not seeking new telephone records but instead are issued to account for previously acquired telephone records. If there was no investigation open at the time of the initial request and no investigation to which the records are relevant currently open, the FBI determined whether it had, in fact, acquired and uploaded any records associated with the telephone number. Third, in instances in which legal process was not served, and there was no open investigation at the time of the initial request or there was no currently open investigation to which the telephone number was relevant, the FBI assessed whether there was an emergency situation at the time of the request. The FBI decided that if a reasonable person could conclude that an emergency situation, as defined by 18 U.S.C. § 2702(c)(4), existed at the time of the request, the FBI would retain the records. 233 When analyzing whether a Section 2702(c)(4) "emergency circumstance" could support retention of records, the FBI review team told us that its attorneys, agents, and analysts attempted to engage in "time travel" and consider the facts known at the time of the request. NSLB Deputy General Counsel Thomas said that the team considered whether a reasonable person "looking from the [perspective of the ]provider," could have concluded, based upon the facts that were present at the time of the request, that there was an "emergency circumstance" as defined in Section 233 To make this determination, the review team analyzed the investigative information in FBI case files and used the "emergency" standard in 18 U.S.C. § 2702(c)(4), which authorizes communications service providers to voluntarily provide non-content telephone records to the FBI if the providers believe in good faith that "an emergency involving danger or death or serious physical injury to any person requires disclosure without delay of information relating to the emergency." The Assistant Section Chief, the Intelligence Analysts, and the NSLB attorneys described the ECPA emergency voluntary disclosure standard as the benchmark for their analysis, but they did not assess, or conclude, that the records in fact had been requested or received under the emergency voluntary disclosure statute in effect at the time. 195 2702(c)(4).234 If the review team deemed that emergency circumstances existed that could have satisfied the statutory standard, the FBI would retain the records. Fourth, if the FBI determined that legal process was not issued and that there was no relevant open investigation at the time of the request or no currently open relevant investigation, and that there were no emergency circumstances within the meaning of Section 2702(c)(4), the FBI would purge or remove the records from all FBI databases and FBI case files. 2. FBI Analysis of Recorcls Obtained From Exigent Letters and 11 Improper Bisnket NSLs The FBI identified a universe of 4,379 unique telephone numbers from the exigent letters and blanket NSLs that it determined must be analyzed to establish whether records related to each number should be retained or purged. As Table 4.3 illustrates, the FBI decided it would retain the records related to a total of 3,352 telephone numbers (76 percent) because they fell into one of the three categories that justified retention under the decision tree described above. The FBI determined that records for a total of 739 telephone numbers (17 percent) would be purged from FBI databases because the records did not fall into one of the three categories for retention. The FBI could not locate any telephone records in FBI databases for the remaining 288 telephone numbers (7 percent) and, accordingly, no purging was necessary. As Table 4.3 illustrates, the FBI located "standard process" for 1,405 of the 4,379 telephone numbers (32 percent). The FBI defined "standard process" as an NSL, a grand jury subpoena, or an administrative subpoena that it determined was issued in connection with the record _ of these numbers. The FBI informed us that in most cases the legal process issued after-the-fact to cover exigent letters were NSLs, not grand jury subpoenas. We asked the FBI to determine how many of the telephone numbers were covered by each type of standard process and in how many instances the standard process was issued after-the-fact. Although as of October 2009 the FBI had not provided complete data. The FBI's partial data indicates that 1,104 of the 1,405 telephone numbers were covered by NSLs, which were issued after-the-fact for 946 of the telephone numbers. 234 An e-mail dated August 22, 2007, summarizing a meeting that day with the review team and NSLB attorneys assigned to assist the team stated that the review "[r]equires time travel. Put yourself in the position of what was occurring when events were occurring. What did people believe at the time. BACK UP WITH DOCUMENTS..... 196 The FBI data also shows that 244 telephone numbers were covered by grand jury subpoenas, which were issued after-the-fact for 201 of the numbers. In Table 4.3 we summarize the review team's final determinations on the retention of records for the 4,379 unique telephone numbers, and in the sections that follow we describe these determinations in more detail. 197 TABLE 4.3 FBI's Analysis of Basis for Retaining Records Listed in Exigent Letters and 11 Blanket NSLs Providers Blanket HSL or Exigent Letter Company A 5/12/2006 7/5/2006 9/21/2006 8/24/2006 8/25/2006 9/ 19/2006 10/20/2006 Blanket NSL (1) Blanket NSL (1) Blanket NSL (1) Operation Y (2) Operation Y (1) Operation Y (2) Operation Z (3) Subtotals of 11 Blanket NSL. ent Letters Totals Company C Not Retained No Records Company B Total 105 33 693 544 184 157 441 2,157 2222 4 1 94 0 0 0 441 34 9 172 523 140 157 0 47 6 235 12 35 0 0 5 1 133 9 9 0 0 540 865 1,035 765 335 157 131 404 • Standard Process - Telephone records for which the FBI located an NSL, grand jury subpoena, or FBI administrative subpoena. • New Legal Process Issued - Telephone records related to a currently open investigation from which an NSL was issued with an approval EC. • 2702(c)(4) records - Telephone records related to investigations that are now closed but for which circumstances existed that would have satisfied the legal standard for the ECPA emergency voluntary disclosure statute, 18 U.S.C. § 2702(c)(4). • Purged - Telephone records that the FBI determined it will purge records from Telephone Applications, another telephonic database, and the investigative files. • No Records - Telephone numbers that were listed in exigent letters or 11 blanket NSLs, but for which the FBI could not locate records in FBI databases. This category required no action. 198 In Charts 4.1 and 4.2 we summarize the review team's final determinations on retention of records for the same 4,379 unique telephone numbers, breaking down the data into the following sub-categories: • Exigent Letters and Blanket NSLs (combined) • Exigent Letters • Company B May 12, Company C July 5, and Company A September 21 Blanket NSLs • Operation Y and Z Blanket NSLs 199 CHART 4.1 Analysis of the FBI's Baals for Retaining Recorda from ExIgent Letters and 11 Blanket NSLa ExIgent Letters 18 U.S.C. § 2702(c)(4) 18 U.8.C• • 2702«114) Exigent Letters and 11 Blanket NSLa 200 CHART 4.2 Analysis of the FBI's Basis for Retaining Records from ExIgent Letters and 11 Blanket NSLs Operations Y and Z NSLs No Records 16% No 1% Records Company B May 12. Company C July 5. and Company A September 21 Blanket NSLs 201 a. Records Obtained in Response to Exigent Letters The FBI told us it identified 2,222 unique telephone numbers listed in the 798 exigent letters which the ala identified during our investigation and which the DIG gave to the FB!.235 The FBI told us it has made the following determinations about these records: • The FBI has located legal process (NSLs, grand jury subpoenas, or other legal process) issued either before or after the telephone number was given to the on-site communications service providers for 865 (39 percent) of the 2,222 unique telephone numbers identified in exigent letters. The FBI decided that it will retain these records because they are covered by legal process. 236 • The FBI identified 765 telephone numbers (34 percent) for which it determined there were open national security investigations to which the telephone numbers were relevant at the time of the exigent letters and there is a currently open national security investigation to which the numbers are relevant. The FBI told us it issued NSLs and retained these records. • The FBI determined that it obtained records on 57 telephone numbers (3 percent) in response to exigent letters that were issued in circumstances that would have satisfied the ECPA emergency voluntary disclosure statute (18 U.S.C. § 2702(c)(4)).237 Accordingly, the FBI decided that it will retain the records for these numbers. 235 The FBI did not retain copies of exigent letters. The DIG obtained copies of 798 exigent letters, which included a total of 3,764 telephone numbers, by serving DIG administrative subpoenas on the three on-site communications service providers. The FBI told us that after eliminating duplicate telephone numbers and telephone numbers listed in any of the 11 blanket NSLs, 2,222 unique telephone numbers remained. 236 We address below the FBI's further analysis of these records to detennine whether any of the records obtained by the FBI exceeded the date range specified in the corresponding legal process. The FBI detennined that it will purge any such records. 237 After reviewing a draft of this report, the FBI asserted that the low percentage of records it retained in its reconciliation project based on the emergency voluntary disclosure provision was a consequence of the sequence of the FBI's decision tree, and that the FBI often never reached the emergency provision as a basis for retention. The FBI also stated that "because CAU did not have adequate documentation," the FBI chose not to rely (Cont'd.) 202 • The FBI determined that records for 404 telephone numbers (18 percent) would be purged from FBI databases because the records did not qualify for retention under the categories described in the decision tree. • The FBI determined that there were no records in FBI databases for 131 telephone numbers (6 percent), and therefore no further action was required as to these records. Thus, with respect to the exigent letters. the FBI determined that it would retain records for 1,687 telephone numbers, that it had no information in its databases for 131 telephone numbers, and that it would purge records relating to 404 telephone numbers. b. Actions Regarding the 11 Blanket NSLs The FBI determined that the 11 blanket NSLs together listed an additional 2,157 unique telephone numbers. As with the telephone numbers listed in the exigent letters. the FBI used the decision tree described above to decide whether it will retain records for these additional telephone numbers. Regarding the 11 blanket NSLs, the FBI has taken the following actions to date: Company B May 12, Company C July 5, and Company A September 21 blanket NSLs (831 unique telephone numbersl: • The FBI determined that legal process existed for 99 telephone numbers (12 percent), and the FBI decided that it will retain these records. • The FBI determined that there were open national security investigations to which records for 215 telephone numbers (26 percent) were relevant at the time of the requests, and there are currently open national security investigations to which the primarily on the emergency disclosure provision in its reconciliation project. Nevertheless, the FBI asserted that "a substantial number" of the records were produced in qualifying emergencies. We agree with the FBI that the lack of documentation of the requests and the circumstances under which they were made makes reliance on Section 2702 problematic. As described in Chapter Six, the lack of documentation and other factors made it difficult for the DIG or the FBI to determine reliably whether and which requests without legal process were made in qualifying emergencies. 203 numbers are relevant. The FBI has issued NSLs for these 215 telephone numbers and will retain these records. • The FBI determined that there were no open national security investigations to which records for 90 telephone numbers (11 percent) were relevant at the time of the requests and the time of the analysis but in circumstances that the FBI concluded would have satisfied the ECPA emergency voluntary disclosure statute (18 U.S.C. § 2702(c)(4)). The FBI decided that it will retain these records. • The FBI determined that records for 288 telephone numbers (35 percent) would be purged from FBI databases because the records did not qualify for retention under the categories described in the decision tree. • The FBI determined that there were no records in FBI databases for 139 telephone numbers (16 percent), and therefore no further action was required. Five Operation Y NSLs (885 unique telephone numbers): • The FBI determined that there were open national security investigations to which records for 820 telephone numbers (93 percent) were relevant at the time of the requests, and there are currently open national security investigations to which the numbers are relevant. The FBI has issued NSLs for these 820 telephone numbers and will retain these records. 238 • The FBI determined that records for 47 telephone numbers (5 percent) would be purged from FBI databases because the records did not qualify for retention under the categories described in the decision tree. • The FBI determined that there were no records in FBI databases for 18 telephone numbers (2 percent), and therefore no further action was required. Three Operation Z NSLs (441 unique telephone numbers): • The FBI determined that revised NSLs were not necessary because these three NSLs were signed by authorized FBI officials and contained the required certifications for NSLs 238 Sixteen telephone numbers (2 percent) were relevant to open national security investigations other than Operation Y. 204 imposing non-disclosure and confidentiality obligations on the recipients. 239 • On April 13, 2007, the CTD issued an EC documenting the predication for the three NSLs. Consequently, the FBI decided that it would retain these records. c. OvercollectioDs The FBI review team also analyzed the records obtained for the telephone numbers listed in exigent letters and the blanket NSLs to determine if the FBI had acquired any records beyond the records specified in the legal process that formed the basis for the decision to retain the records. Specifically, the review team examined whether any records obtained and uploaded into FBI databases in response to exigent letters or listed in the blanket NSLs included records outside the date range of the dates specified in the corresponding legal process. 240 Based on its review, the FBI identified records related to 302 unique telephone numbers that it decided to purge due to overcollections. 241 Of these 302 telephone numbers, the FBI identified 73 ~ numbers for which the FBI uploaded overcollections of more _ In that universe, the FBI uploaded records on 1 telephone number more outside the date ran e in the Ie al rocess, and records on 14 telephone numbers that were outside the date range of the legal process. The FBI decided to purge these overcollected records because they exceeded the scope of the legal authority used to obtain them. For example, 239 The NSLs each included the same 445 telephone numbers, but 4 numbers were duplicates. 240 In an August 26,2008, EC the FBI stated that it had established a 14-day "grace period" before and after the date range specified in the after-the-fact legal process. Overcollections that fell within the grace period were not purged from FBI databases. 241 As discussed in Chapter Two of this report, the CTD did not require until June 1, 2007, that case agents immediately ensure that responsive records accurately match the NSL request. The guidance issued in June 2007 required that any identified overcollections must be sequestered with an FBI attorney before the records are uploaded into any FBI database and must be returned to the provider, destroyed by the FBI, or addressed in another NSL. Similarly, the FBI did not require until October 17,2007, that CAU requesters review responsive telephone records received from the communications service providers to ensure proper collection and then certify to the CAU's database manager bye-mail that the responsive records had been verified as accurately encompassing both the target telephone numbers and date ranges contained in the NSL. 205 the ECPA NSL statute requires certification that the records sought in NSLs are relevant to an international terrorism investigation. If the NSLs used to obtain the records certified, as required by the ECPA, that records sought within a specified time period were relevant to authorized national security investigations, but the FBI acquired records outside that date range, the overcollected records were not covered by the NSL certification. Chart 4.3 illustrates the variance between the date range of the after-the-fact legal process and the date range of uploaded records for 10 telephone numbers with the longest periods of overcollection: 206 CHART 4.3 Records for 10 Telephone Numbers Uploaded into FBI Databases with the Longest Periods of Overcollectlons 207 3. Steps Taken to Purge Records The FBI has purged records from centralized FBI databases, field division-based databases, and hard copy files maintained by field division personnel. Based upon the FBI review team's fmdings, the CTD directed that records be purged either by the CAU, the Field Investigative Software Development Upit, or various field offices. 242 4. Records Improperly Acquired Relating to Criminal Investigations The FBI OGC determined that 266 telephone numbers listed in exigent letters and in 3 of the 11 blanket NSLs were related to criminal investigations or domestic terrorism investigations for which NSLs are not an authorized technique under the ECPA NSL statute, the Attorney General's NSI Guidelines, or FBI policy. According to the FBI OGC, it located appropriate legal process (either grand jury subpoenas or FBI administrative subpoenas) issued to the on-site providers before or after the FBI obtained records for 16 of these 266 telephone numbers, and the FBI determined that it will retain these records. The FBI OGC determined that it would retain records requested in grand jury subpoenas if a grand jury had been empanelled at the time the legal process was issued and the subpoena was served either before or after the records were obtained. 243 Of the remaining 250 telephone numbers, the FBI could not locate legal process for 167 telephone numbers. The FBI therefore directed the CAU to purge the records in FBI databases on these telephone numbers. The FBI review team informed us that there were no responsive records in FBI databases for the remaining 83 telephone numbers. The FBI OGC informed us that a court-ordered wiretap had been instituted that targeted 1 of the 266 telephone numbers. The wiretap was 242 As described above and in Chapter Two of this re ort, the CAU is res onsible for uploading telephone transactional records into a database. The Field Investigative Software Development Unit administers an unclassified FBI database called Telephone Applications, which is used to analyze the calling patterns of telephone records. Telephone Applications stores raw data derived from telephone records, known as "metadata," including the call duration. It does not store the contents of telephone conversations. 243 Data on the FBI's retention decisions show that four grand jury subpoenas were dated after the date when the corresponding records were uploaded into an FBI database, while five were issued prior to uploading. 208 instituted 11 days after the date of an exigent letter seeking records on that telephone number. The FBI aGe directed the field division "to determine whether any information from the ... exigent letter was utilized to establish probable cause for the [wiretap]." The FBI OGC advised us in March 2009 that the field office stated that probable cause for the wiretap was established by independent means. As a result of the FBI's analysis, the FBI has decided to retain records for 16 of the 266 telephone numbers related to criminal or domestic terrorism investigations and to purge records for 167 telephone numbers. 5. Other NSLs Referred by the OIG to the FBI In the course of this investigation, the DIG identified 32 NSLs that we believed warranted further review because they appeared to be signed by individuals who did not have authority to sign NSLs or the NSLs had other possible irregularities. We provided copies of these NSLs to the FBI in September 2007. In addition to the 32 NSLs identified by the OIG, the FBI identified 39 other NSLs with possible irregularities. Of the 71 irregular NSLs, the FBI reported to us that it had issued letters of censure to 6 FBI employees who together signed 14 NSLs because they lacked the authority to sign NSLs.244 The FBI took no action against 3 other FBI employees who together signed a total of 14 NSLs while they were serving as Acting Deputy Assistant Directors (Acting DAD), and the FBI noted that it did not have a written policy in place expressly prohibiting Acting DADs from signing NSLs until June 1, 2007 (after these NSLs were signed). Moreover, in January 2009 the Department's Office of Legal Counsel (OLC) determined that Acting DADs are authorized to sign NSLs. Thirty-five of the 71 irregular NSLs were unsigned. The FBI said it was able to locate properly signed NSLs in its mes for 23 of the NSLs in this group. The FBI said it was unable to determine who was responsible for the other 12 unsigned NSLs, and no action was taken with regard to these NSLs. Of the remaining eight NSLs, the FBI said that one of the signatures on an NSL was illegible and no action was taken, four NSLs were referred by 244 These individuals held the positions of SSA (1), Unit Chief (I), Acting Special Agent in Charge (3), and Section Chief (1). 209 the Inspection Division to the FBI OGC for possible lOB violations, and the FBI has not completed its research into the remaining three NSLs as of October 2009. 245 6. OIG Analysis of FBI Retention Decisions In evaluating the FBI's process and decisions regarding whether to retain or purge telephone records obtained through exigent letters and listed in the blanket NSLs, we recognize the competing interests faced by the FBI. On the one hand, the FBI wanted to retain records it believed were relevant national security investigations. FBI General Counsel Caproni stated that the FBI was concerned with losing information that could be critical to a counterterrorism investigation. In describing the FBI's various corrective measures, Caproni stated that the FBI cannot "put the nation at risk. So we chose a path that we think is reasonable. n On the other hand, FBI officials stated to Congress and publicly following the release of the DIG's first NSL report that it would "ensure that any telephone record we have in an FBI database was obtained because it was relevant to an authorized investigation. "246 The FBI Director and General Counsel Caproni stated that any records that were not associated with authorized investigations would "be removed from our databases and destroyed. "247 In evaluating the FBI's review efforts, we recognize that the ECPA has no exclusionary rule for records acquired in violation of the statute. 248 Moreover, we recognize that the only duty specifically imposed on the FBI on discovery of the ECPA violations is to report the violations to the lOB, and that the FBI has provided periodic briefmgs to the lOB staff about exigent 245 Mter reviewing a draft of this report, the FBI stated that the NSLB reported its findings to the Inspection Division regarding the four possible lOB violations in April 2009. One was then reported to the lOB, and the FBI concluded that the other three NSLs were proper. 246 Valerie E. Caproni, General Counsel, FBI, before the House Committee on the Judiciary, U.S. House of Representatives, concerning "The Inspector General's Independent Report on the FBI's Use of National Security Letters," (March 20, 2007), http:j jwww.fbLgovjcongressjcongress07jcaproni032007.htm (accessed March 26, 2009); Robert S. Mueller, III, Director, FBI, before the Senate Committee on the Judiciary, U.S. Senate, concerning "'Oversight of the Federal Bureau of Investigation" (March 27, 2007), http:j jwww.fbi.govjcongressjcongress07jmuelleri032707.htm (accessed March 26, 2009). 247 Id. 248 See 18 U.S.C. § 2708. 210 letters, blanket NSLs, and the FBI's ongoing analysis of the records obtained in response to these informal means. Thus, while the FBI is not legally required to purge records it obtained improperly, it decided to do so under certain circumstances. In light of these competing issues, we believe that the FBI's decision tree and its analysis of which records to purge were reasonable responses to our identification of the improper collection of these telephone records. The FBI's analysis attempted to incorporate the legal standards of the ECPA NSL statute and the ECPA emergency voluntary disclosure statute, albeit after-the-fact. We also agree that it is reasonable to purge only those records whose retention cannot be justified under an application of the ECPA standards, even though the standards were applied after the collection had already occurred. In applying these standards, the FBI has devoted significant resources in manpower and time to review the improperly obtained records and to consider whether there is a basis for retaining these records. However, it is also important to recognize, as we detailed in Chapter Two of this report, that the FBI's inexcusable failure to document its requests for thousands of telephone records severely hampered its ability to determine which records should be purged. Finally, we believe the FBI should notify the lOB of the full details of its final record retention decisions, purging decisions, the 11 blanket NSLs, and all other actions to address the FBI's improper acquisition of ECPA-protected records. 249 III. OIG Conclusions Regarding FBI Attempts at Corrective Action for Exigent Letters As discussed in this chapter, prior to the issuance of the OIG's first NSL report in March 2007, from late 2003 through March 2007, the FBI made various attempts to address issues arising from the CAU's use of exigent letters and other informal means to obtain telephone records. However, during this time period, the FBI's actions were seriously deficient and ill-conceived, and the FBI repeatedly failed to ensure that it complied with the law and FBI policy when obtaining telephone records from the on-site communications service providers. Also during this time, the FBI 249 Mter reviewing a draft of this report, the FBI stated that it has formally briefed the lOB on all these issues. 211 regularly issued after-the-fact NSLs, which were an inappropriate tool for remedying the FBI's improper practices. The FBI also issued 11 improper blanket NSLs to try to "cover" or validate the improperly obtained records. These attempts were inconsistent with the ECPA NSL statute, the Attorney General's NSI Guidelines, and internal FBI policy. By contrast, after the OIG issued its first NSL report in March 2007, the FBI took additional actions to address the problems created by exigent letters, which we believe were appropriate. The FBI ended the use of exigent letters; issued clear guidance on the proper use of NSLs; directed that FBI personnel be trained on NSL authorities; agreed to the move of the communications service providers' employees off the FBI's premises; and expended significant effort to detennine whether improperly obtained records should be retained or purged from FBI databases. 212 CHAPTER FIVE OIG FINDINGS ON FBI MANAGEMENT FAILURES AND INDIVIDUAL ACCOUNTABILITY In this chapter. we assess the accountability of FBI employees, their supervisors, and the FBI's senior leadership for the use of exigent letters and other improper practices we described in this report. In Part I of this chapter, we discuss the significant management failures that we concluded contributed to these improper practices and to the FBI's failure to address the improper practices in a timely manner. In Part II, we assess the accountability of individual FBI employees for these improper practices. I. Management Failures We found that numerous, repeated, and significant management failures led to the FBI's use of exigent letters and other informal requests for telephone transactional records over an extended period of time. The FBI failed to follow the Electronic Communications Privacy Act (ECPA) statute, the Attorney General's Guidelines for FBI National Security Investigations and Foreign Intelligence Collection (NSI Guidelines), and FBI policies when obtaining thousands of telephone records from the on-site communications service providers. While these on-site providers provided the FBI with an important resource in support of its counterterrorism, counterintelligence, and criminal programs, the FBI failed to provide adequate training, guidance, and oversight to ensure that FBI personnel used this resource in accordance with applicable statutes, guidelines, regulations, and FBI policies. These failures began shortly after the Communications Analysis Unit (CAU) was established within the Counterterrorism Division (CTD) in 2002, and continued until March 2007 when the OIG issued its first NSL report describing the use of exigent letters. We believe that every level of the FBI, from the FBI's most senior officials, to the FBI's Office of the General Counsel (FBI DGC), to managers in the CTD, to the supervisors in the CAU, to the CAU agents and analysts who repeatedly signed the letters, was responsible in some part for these failures. As discussed in Chapter Two of this report, the concept of using exigent letters originated as a time-saving technique in the FBI's New York Field Division during its criminal investigations of the September 11 terrorist attacks. However, their use was transferred to the CAU at FBI Headquarters in early 2003 and over time became one of the means by which the FBI routinely obtained telephone records from the on-site communications service providers. The embedding of the communications service providers' employees in FBI work space alongside CAU employees, coupled with the FBI's increasing reliance on telephone subscriber and toll 213 billing records information in its counterterrorism investigations, led to a culture in which exigent letters and other even less formal and equally inappropriate requests for information became the CAU's accepted and customary method of conducting business. We found that a distinct lack of oversight and scrutiny by CAU managers, CTD officials, and FBI aGC attorneys enabled the improper practice of obtaining ECPA-protected telephone records with the promise of future legal process to expand and proceed virtually unchecked for over 4 years. In reaching our conclusions, we recognize the CAU's and the FBI's important mission to detect and prevent terrorist attacks and the challenges the FBI faced after the September 11 attacks. After the September 11 attacks, the FBI reorganized its mission, structure, and procedures to emphasize counterterrorism. As part of this reorganization, the FBI created the CAD with the important mission of facilitating prompt retrieval and analysis of telephone records from the communications service providers for high-priority investigations. The CAU typically requested the telephone records to pursue its critical counterterrorism mission, not with the intention to obtain records that CAD personnel knew they were not legally entitled to obtain. Moreover, it is important to recognize that when we uncovered the improper exigent letter practices and reported them to the FBI in our first NSL report, the FBI terminated these improper practices and issued guidance to all FBI personnel about the proper means to request and obtain telephone records under the ECPA. However, in our view that does not excuse the extended, widespread, and improper use of exigent letters and other informal means to obtain telephone records that the FBI used for many years, or the FBI's ill-conceived and ineffective attempts to cover those record requests with after-the-fact NSLs and improper blanket NSLs. As discussed in the next section, we believe the responsibility for these practices was widespread, from the top of the FBI, to the supervisors who oversaw these practices, to the FBI attorneys who failed to correct these practices in a timely way, to the line employees who signed these letters that were inaccurate on their face. A. Failure to Plan for Proper Use of the On-Site Communications Service Providers We found that FBI officials at all levels failed to develop a plan and implement procedures to ensure that telephone records were properly obtained from the on-site communications service providers. Such planning was needed from the outset of the CAU's establishment in 2003, particularly when employees of the communications service providers were co-located in the CAD's work space. We also believe that the need for such planning was obvious before the CAD began operations, not just in hindsight. 214 When the CAU began operations in 2002, a combination of factors created clear risks for potential misuse of NSL authorities and other authorities to obtain records in support of FBI national security investigations. These factors included the FBI's expanded NSL authorities in the USA PATRIOT Act250 ; the CAU's status as an operational support unit; the establishment of contracts with the communications service providers for on-site support at the FBI; the close proximity of the providers' employees to CAU personnel in a common work area251 ; the assignment of Supervisory Special Agents (SSA) and Intelligence Analysts to the CAU who had little or no background in national security investigations or in using NSLs; and continual and insistent demands for telephone transactional records from FBI field and Headquarters operating units. However, FBI managers failed to recognize these risks and take steps to avoid them. For example, from the inception of the FBI's contractual relationships with the three providers in 2003, senior FBI leaders knew that the CAU would be handling telephone transactional records which the FBI could lawfully obtain pursuant to the ECPA. However, FBI leaders and managers failed to ensure that responsible officials in the CTn and the FBI OGC's National Security Law Branch (NSLB) reviewed the proposed and final contracts with the on-site providers to ensure that the agreements conformed to the requirements of the ECPA, the Attorney General's Guidelines for FBI National Security Investigations and Foreign Intelligence Collection (NSI Guidelines), and other relevant laws and policies governing the FBI's authority to obtain telephone transactional records. FBI leaders and managers also should have recognized early on the need to train CAU personnel on the authorized methods and procedures for requesting records from the on-site providers, the need to clearly communicate those procedures to the on-site providers' employees and their respective supervisors, and the necessity of establishing oversight mechanisms to ensure those procedures were followed. The first CAU Unit Chief, Glenn Rogers, and most SSAs initially assigned to the CAU had no prior experience in national security 250 As described in our fIrst NSL report, the Patriot Act significantly broadened the FBI's authority to obtain information through NSLs by lowering the evidentiary threshold for seeking NSLs and by extending the authority to sign NSLs to Special Agents in Charge of the FBI's 56 field offices. 251 We found that the close proximity of the providers' employees and CAU personnel led to a casual, informal atmosphere in the CAU, as well as friendships and social contacts outside the office that blurred the lines between the responsibilities of FBI personnel and the providers. We believe that atmosphere contributed to the informal and improper use of exigent letters and other requests for telephone records. 215 investigations. The FBI's failure to provide adequate guidance on the proper way to obtain telephone records in national security investigations had serious consequences. We found that from the outset of the CAU's operations, the CAU SSAs used impermissible procedures such as exigent letters and sneak peeks to obtain ECPA-protected information and records. These practices - some of which were copied from procedures used by FBI personnel in the New York Field Division in connection with criminal investigations relating to the September 11 hijackers - became standard operating procedures for the CAU and continued throughout the 3-year period while Rogers was the CAU Unit Chief and then the Assistant Section Chief of the CTD's Communications Exploitation Section (CKS). Only years later, in retrospect, a senior CTD official acknowledged the FBI's failure to plan in advance for having the communications service providers on-site, observing, "it [was] like having the ATM in your living room. You know you can go to it all the time and take the overdrafts because that was what was happening." B. Failure to Provide Training and Guidance to CAU Personnel The FBI compounded its planning failures when it did not ensure that all CAU personnel were trained on the legal requirements for obtaining ECPA-protected records. In particular, FBI managers from the CAU Unit Chiefs, to the FBI OGC, to the senior leaders of the FBI failed to ensure that CAU personnel were properly trained to request telephone subscriber and toll billing records information from the on-site communications service providers in national security investigations only in response to legal process or under limited emergency situations defmed in 18 U.S.C § 2702(c)(4). They also failed to ensure that CAU personnel were trained to comply with the Attorney General's NSI Guidelines and internal FBI policies governing the acquisition of these records. This training was needed not only for existing CAU personnel but also, in light of personnel turnover in the unit over the 4-year period of our review, for all incoming CAU employees. At the most basic level, the FBI failed to instruct CAU personnel that FBI requesters must provide NSLs or other legal process before CAU personnel requested records from the on-site providers relevant to FBI investigations, except in certain specified emergency situations. Additionally, the FBI failed to train field and Headquarters requesters on when and how true emergency requests should be handled. The FBI also failed to advise CAU personnel of the statutes or regulations in addition to the ECPA that limit the FBI's authority to obtain certain types of telephone records, such as news reporters' toll billing records; the FBI's authority to issue administrative subpoenas in certain investigations; and the FBI's 216 authority to obtain pen register/trap and trace orders for ECPA-protected information covered by the Pen Register Act. Even Joseph Billy, Jr., who was CTD Deputy Assistant Director (DAD) and the CTD Assistant Director from April 2005 to March 2008, told us that he was unaware of the ECPA emergency voluntary disclosure statute when he was a Special Agent in Charge, a CTD DAD, or the CTD Assistant Director. In fact, Billy said he did not know that communications service providers did not need NSLs for records they provided to the FBI pursuant to the ECPA emergency voluntary disclosure statute. He told us that when he learned about the statute prior to his August 2007 OIG interview, "that was a revelation to me." The FBI's failures also involved senior attorneys in the FBI OGe. NSLB attorneys failed to recognize the seriousness of the information they learned in late 2004 and early 2005 about the "form letter" - an exigent letter - that was being used in the CAU to obtain records from the on-site providers that was followed by after-the-fact NSLs. From then until March 2007, when the OIG's first NSL report was issued, the FBI OGC failed to take sufficient action to address the FBI's improper use of these exigent letters and after-the-fact legal process. Aggravating this failure, FBI OGC attorneys also provided flawed guidance to CAU personnel about obtaining records from the on-site providers. For example, in April 2005 the Assistant General Counsel who was the NSLB point of contact for NSL-related policies and issues wrote that exigent letters could be used in emergencies "only if it is clear to you that the requestor cannot await an NSL." This guidance did not accurately state the requirements of either the ECPA NSL statute (18 U.S.C. § 2709), or the emergency voluntary disclosure statute (18 U.S.C. § 2702(c)(4)).252 However, this flawed guidance was circulated to all CAU employees, and the CAU continued to request information from the on-site providers first, and addressed the need for legal process later (if at all). 252 To conform to the ECPA, proper guidance would have stated that the FBI could either compel the production of records by fIrst serving legal process or could request voluntary disclosure of records in the types of emergencies defmed in the emergency voluntary disclosure statute. In April 2005, the statute authorized communications service providers to voluntarily disclose records or information "if the provider reasonably believe[d] that an emergency involving immediate danger or death or serious physical injury to any person justifie[d] disclosure of the information. 18 U.S.C. § 2702(c)(4) (Supp. 2002). In March 2006, the provision was amended to allow a communications service provider to disclose records "if the provider, in good faith, believes that an emergency involving danger of death or serious physical injury to any person requires disclosure without delay of information relating to the emergency." See 18 U.S.C. § 2702(c)(4). 217 A second instance of a flawed legal response occurred in May 2006 when the NSLB again perpetuated the use of exigent letters promising future legal process. Although NSLB attorneys were aware of the CAU's use of exigent letters at least by December 2004, no NSLB attorney asked to see a copy of any exigent letter until May 2006. As described in Chapter Four of this report, we found that the Assistant General Counsel, who was involved in advising the CAU on the use of exigent letters, first asked to see the exigent letter on May 19, 2006, 2 days after the OIG interviewed her in connection with our first NSL report and asked her questions about the CAU's acquisition of records prior to issuing legal process. Mter reviewing the exigent letter, the Assistant General Counsel modified the letter by substituting the word "NSL" for the word "subpoena" and deleting the reference to the U.S. Attorney's Office. This corrected the inaccurate reference to grand jury subpoenas in many of the letters, but the advice given by the NSLB was still flawed because the revised letter continued to seek to obtain records with the promise of future legal process. We find it troubling that neither the Assistant General Counsel, her immediate supervisor, nor NSLB Deputy General Counsel Thomas reviewed an exigent letter for more than 1 '12 years after they learned of their use. In addition, the FBI OGC and the CTD failed to use the FBI's alternate authority under the ECPA (18 U.S.C. § 2702(c)(4)) to request voluntary disclosure of telephone records from the on-site providers in qualifying emergencies. Even though FBI OGC attorneys developed the first general guidance for all FBI divisions during the spring and summer of 2005 regarding the emergency voluntaJY disclosure statute, they failed to coordinate with CTD management and direct that the FBI (1) stop using exigent letters; or (2) advise CAU personnel that the emergency voluntary disclosure statute should be used to address record requests in appropriate circumstances. These corrective actions did not happen until 2007, shortly before the OIG's first NSL report was issued. The FBI OGC's failure to ensure that CAU personnel were aware of the ECPA emergency voluntary disclosure statute had significant consequences. Between August 25, 2005, (the date of the FBI OGC guidance on the ECPA emergency voluntary disclosure statute), and November 13, 2006. (the date of the last exigent letter we located), CAU personnel issued an additional 86 exigent letters seeking records for 553 telephone numbers. None of these letters was subjected to the scrutiny or approval procedures that FBI personnel were directed to employ when requesting emergency voluntary disclosures under the ECPA. Moreover, as described in Chapter Two of this report, during this same time period the FBI acquired records or calling activity infonnation on thousands of other telephone numbers through other informal means, such as sneak peeks, e-mail, and telephonic requests. 218 C. Failure to Oversee the CAU Activities In addition to the FBI's failures in planning, training, and legal advice, we also found that every level of FBI supervision - from the FBI's most senior leadership to the Unit Chiefs in the CAU - failed to recognize the need for, and assure adequate oversight of, the practices employed by the CAU to obtain subscriber information, toll billing records, and other calling activity information from the on-site providers. In our review. with the exception of CXS Assistant Section Chief John Chaddic, and Rogers (who became an Assistant Section Chief in the CXS after serving as Unit Chief of the CAUl, no one in the CTD's supervisory chain above the CAU Unit Chiefs said they were aware of the FBI's use of exigent letters. As described in Chapter Two, John Pistole and Willie Hulon, the Executive Assistant Directors of the FBI National Security Branch during the period covered by our review; CTD Assistant Director Joseph Billy, Jr.; and CTD Deputy Assistant Director John Lewis all said they were unaware that the CAU was using exigent letters rather than NSLs to obtain records from the on-site communications service providers. 253 Similarly, Laurie Bennett, who was the CXS Section Chief, said she did not know about the use of exigent letters. CXS Section Chief Jennifer Smith Love also told us that she was unaware of exigent letters until after she left her position as the Section Chief. However, Love also told us she knew the FBI was getting records without legal process, yet she did not ensure that the CAU's activities were legal or fully reviewed. The one CTD manager who said he was aware of the use of exigent letters, CXS Section Chief Chaddic, told us that he learned from Rogers that the CAU was using exigent letters as a "placeholder" to obtain telephone records from the on-site providers prior to the service of the appropriate legal process. Yet, he did not ensure that Rogers sought legal guidance from the FBI aGC about the use of the letters or implement other measures to ensure the appropriateness of the CAU's use of these letters. We believe that each of these CTD officials was responsible for knowing what their subordinates were doing, ensuring that agents and others under their command complied with applicable law and FBI policy governing the acquisition of telephone transactional records, and ensuring that FBI attorneys had sufficient information about the CAU's practices to provide appropriate legal guidance and advice concerning what the CAU was 253 Pistole, Billy, and Hulon also served as Deputy Assistant Directors of the CTD during the period covered by our review. 219