The Justice Department’s Office of the Inspector General (OIG) yesterday released another report on the Federal Bureau of Investigation’s use of Section 215 of the Patriot Act between 2007 and 2009. The report was long delayed due to declassification and redaction issues, but the timing is appropriate considering that the Senate is spending the waning hours of its legislative session considering the impending expiration of Section 215.

That’s because the OIG report heightens the case for meaningful reform of the intelligence community by undermining many of the flimsy defenses offered by defenders of the status quo. Above all, the report demonstrates that secrecy and lack of oversight in the administration of surveillance laws is perhaps as significant as outright misuse.

Section 215 is most famously the authority that the National Security Agency claims allows it to conduct mass collection of Americans’ telephone records. A federal appeals court recently ruled that this interpretation was “unprecedented and unwarranted” and that the NSA’s program was illegal. However, the FBI is actually the agency that administers the law, presenting applications for the collection of information to the secretive Foreign Intelligence Surveillance Court (FISC) on behalf of NSA, as well as the FBI itself.

When the Patriot Act was reauthorized in 2005, Congress sought to address some concerns about Section 215 by mandating review by the OIG. The new report is the third to discuss the FBI’s use of Section 215, and it revisits some of the problems uncovered by the previous reports. Most egregiously, the FBI took seven years to obey a law intended to protect Americans’ privacy. The 2005 reauthorization required the FBI to adopt particularized “minimization procedures” to limit the amount of private information retained and disseminated by the FBI under Section 215 by no later than March 2006. But the FBI didn’t do so until March 2013. During that time, of course, the FBI was continually assisting the NSA by filing applications for ongoing mass collection of telephone records, using an illegal interpretation of Section 215.

But the new report also shows that government’s unauthorized interpretation of the “relevance” provision in Section 215 wasn’t the only strained statutory reading of the law. During its seven years of foot-dragging over Section 215 minimization procedures, the FBI instead used a set of “Interim Procedures” that incorporated existing FBI National Security Investigations (NSI) Guidelines and “construed” them to meet the new requirements of the 2005 reauthorization. But “FBI agents were already required to comply with the NSI Guidelines in their entirety,” so “the Interim Procedures did not add any new requirements.” In other words, the FBI unilaterally decided it could meet a new duty imposed by Congress by declaring its preexisting duty was enough.

As bad as the FBI’s years-long failure to comply with the law are the failures of the FBI’s overseers. The OIG first noted the problems with the FBI’s Interim Procedures in its 2008 report, but not until 2009 did the FISC, the court charged with evaluating the FBI’s 215 applications, take notice and ask the FBI to explain. Given that it still took another four years for the FBI to adopt the final procedures and that the FISC uniformly continued approving 215 applications all the while, it’s not clear the FISC’s involvement mattered much.

Nor does the ultimate outcome of this story instill much confidence in the process. Even the final Section 215 minimization procedures from 2013 contain key language allowing retention of information “necessary to understand foreign intelligence.” As the report notes, this standard is undefined and is subject to open-ended interpretation by government lawyers, risking undermining the minimizations procedures’ privacy protections

As we’ve described at length, the FISC is hamstrung by its secrecy and the one-sided nature of its proceedings, something this report illustrates in detail. Moreover, the OIG itself had repeated difficulty obtaining certain information for its reports because the FBI claimed that it was not allowed to disclose this information for “oversight purposes.”

The new OIG report also has large swaths of information redacted from the public version, and some of these redactions are troubling for anyone who favors robust oversight. For example, the report discusses the use of Section 215 for bulk surveillance—a fact the government only officially acknowledged after Edward Snowden disclosed proof—but the only unredacted information in this section of the report concerns the NSA’s phone records program. Despite the redactions, it is clear that Section 215 is used for bulk collection of other records, something that has been previously reported. Other examples abound: the report notes that the FBI employs a “classified directive” to define the term “U.S. Person” and that the agency cannot definitively say what information counts as “metadata.” The withholding of this information from public scrutiny confounds true oversight, including any attempt to do an accounting of how many Americans are subject to surveillance under Section 215.

Public debate about surveillance reform and Section 215 has understandably focused on the NSA and the phone records program. The OIG report, however, is an excellent reminder of several key points as we continue to fight: 1) Our concerns about the NSA should not cause us to ignore the FBI’s role in illegal surveillance; 2) Section 215 is about much more than bulk collection of phone records; and 3) so long as the intelligence and law enforcement communities can easily hide behind “it’s classified,” true reform will be a long way off.