FISA-court authorizations for national security and counter-terrorism wiretaps dropped last year by almost 300, a new Justice Department report to Congress shows. But the FBI's use of "national security letters" to get information on Americans without a court order increased dramatically, from 16,804 in 2007 to 24,744 in 2008.

The 2008 requests targeted 7,225 U.S. people.

This is still much lower than the number of NSLs issued in 2006 – more than 49,000 – but indicates that the FBI's reliance on the self-authorized subpoenas is rebounding, after audits in 2006 and 2007 revealed the bureau had been abusing the tool.

The new seven-page report (.pdf) was submitted to Congress last Thursday.

National security letters (NSL) are written demands from the FBI that compel internet service providers, credit companies, financial institutions and others to hand over confidential records about their customers, such as subscriber information, phone numbers and e-mail addresses, websites visited and more.

NSLs have been used since the 1980s, but the Patriot Act expanded the kinds of records that could be obtained with an NSL. They do not require court approval, and come with a built-in lifetime gag order. With an NSL, the FBI need merely assert that the information is "relevant" to an investigation, and anyone who gets a national security letter is prohibited from disclosing that they've received the request.

The FBI's use of NSLs has been sharply criticized. In 2007, a Justice Department Inspector General audit found that the FBI, which issued almost 200,000 NSLs between 2003 and 2006, had abused its authority and misused NSLs.

The inspector general found that the FBI evaded limits on (and sometimes illegally issued) NSLs to obtain phone, e-mail and financial information on American citizens, and under-reported the use of NSLs to Congress.

About 60 percent of a sample of the FBI's NSLs did not conform to Justice Department rules, and another 22 percent possibly violated the statute because they made improper requests of businesses or involved unauthorized collections of information.

The audit also criticized the FBI for improperly tracking its use of NSLs.

Subsequently, the number of NSLs issued in 2007 dramatically dropped from 49,000 to 16,000.

The new 2009 DoJ report submitted to Congress last week and obtained by Secrecy News addresses these earlier issues by assuring legislators that the FBI has put in a number of corrective actions.

According to the report, the FBI replaced the database it used for tracking NSLs, which "has reduced errors in compiling statistics necessary for Congressional reporting."

The report says the FBI also issued a number of "corrective NSLs" to "provide legal authority to retain information it had previously received" for so-called "exigent" requests and "blanket NSLs". Exigent requests involve an informal emergency request to a business to voluntarily hand over information until a more formal NSL can be issued to cover the request.

For example, the FBI reviewed the circumstances around more than 4,000 phone numbers it obtained through NSLs to determine if proper legal process was used to obtain them. If the review team couldn't find documentation that proper legal process was followed or if the process was insufficient, but the team determined the phone number was relevant to a national security investigation, the agency issued a corrective NSL for the data. If not, then the agency purged the collected data from its database.

The DoJ report to Congress only briefly discusses FISA applications for electronic surveillance and physical surveillance related to foreign intelligence investigations. According to the document, authorities submitted 2,082 so-called "FISA applications" to the Foreign Intelligence Surveillance Court last year.

But the court, which evaluates such requests, approved 2,083 FISA applications in 2008 – the discrepancy is because two applications submitted in 2007 were approved in 2008 and are counted in 2008 figures. The court rejected one application in 2008 and made unspecified "substantive modifications" to two others.

By contrast, in 2007, the court approved 2,370 FISA applications, denied three and part of a fourth application, and modified 86 applications.

(Hat tip: Secrecy News)

See also: