A Department of Justice report made public Friday highlights numerous problems with FBI's use of national security letters (NSL), a controversial legal device whose use was greatly expanded by the 2001 Patriot Act. NSLs allow the FBI to demand customer records from credit bureaus, banks, phone companies, ISPs, and other organizations without judicial review.

The report by the Office of the Inspector General (OIG), led by Glenn Fine, found that due to inadequate tracking and reporting systems, the FBI had significantly understated its use of NSLs in previous reports to Congress. After auditing a small fraction of the NSLs issued, Fine's staff found 22 irregularities, some of them quite serious. That suggests that hundreds of NSLs have been issued in violation of the law. Perhaps worst of all, the report finds that the FBI sent over 700 "exigent letters" to three unidentified telephone companies requesting them to expedite the process by voluntarily handing over customer data without waiting for a formal subpoena or NSL.

Superficially, the response to the report was unanimous: everyone from Attorney General Alberto Gonzales to Democratic Senator Patrick Leahy agreed that the report revealed serious problems at the FBI that needed to be addressed. But there were a range of views about the broader implications of the report, with the White House stressing the importance of NSLs for its anti-terrorism efforts while civil-liberties groups called for sharply curtailing the use of NSLs. Leahy promised to hold extensive hearings on the subject, and his Republican counterpart, Sen. Arlen Specter, said that the FBI had apparently "badly misused national security letters."

National security letters explode

The FBI has had the power to issue national security letters since 1986, but their use was originally limited to collecting information about individuals who were believed to be agents of a foreign power. That changed with the 2001 Patriot Act, which required only that NSLs be "relevant to an authorized investigation" of international terrorism or foreign intelligence and that it not burden activities protected by the First Amendment.

National security letters require no judicial oversight. High-ranking FBI officials have the authority to sign off on NSLs drafted by their subordinates, entirely bypassing the judicial branch. Moreover, the original Patriot Act provision prohibited recipients from ever disclosing their receipt of an NSL to anyone (under the 2005 reauthorization, the gag lasts for a year, but it can be renewed indefinitely at the federal government's request).

Judicial oversight and free speech are fundamental to our system of government, so these provisions have generated quite a bit of controversy. In 2004, we reported on the ACLU's successful effort to defeat an NSL issued to a New York ISP. We've also reported on an NSL challenge by Connecticut librarians, which ended last year when the government dropped the case.

But those cases are the exceptions. The report found that the use of national security letters has exploded in recent years. The FBI issued about 8,500 NSLs in 2000, the last full year before the Patriot Act was passed. Four years later, the reported use of NSLs peaked at 56,000. It appears that the vast majority of recipients turned over the records sought and kept quiet about it. If recipients can't even talk about the letters they've received, it makes it virtually impossible for watchdog groups or ordinary Americans to monitor the program for abuses.

Abuses of power?

Luckily, Congress included a provision in the 2005 Patriot Act reauthorization directing the OIG to study the use of NSLs. That report was released on Friday. Taken individually, none of the problems the OIG found are grave threats to civil liberties. But taken together, they paint a picture of an agency with poor record-keeping, inadequate safeguards, and a cavalier attitude toward the rights of ordinary Americans. In short, the FBI does not seem to be the sort of agency we ought to be entrusting with unchecked authority to seize the records of American citizens.

Congress had previously required the FBI to submit classified reports to Congress every six months disclosing the number of NSLs issued. But an audit of 77 case files showed that a significant number of NSLs never made it into the FBI's centralized database, and others were not entered quickly enough to make it into the semi-annual report to Congress. As a result, the OIG found that thousands of NSLs had gone unreported to Congress. Overall, the report found that 143,000 NSL requests had been issued between 2003 and 2005.

More troubling, the OIG found numerous examples of irregularities in the process of approving, issuing, and complying with NSLs. The law requires that an NSL be "relevant to an authorized investigation to protect against international terrorism or clandestine intelligence activities," but in some cases, the FBI issued NSLs not tied to any ongoing investigation. In other cases, NSLs sought information that exceeded the FBI's authority under the law. And there were a large number of cases in which the recipient of the NSL provided the wrong information either based on typographical errors by the FBI or misunderstandings by the recipient.

The FBI had reported 26 such incidents to the Intelligence Oversight Board, which is charged with reviewing cases of possible violations of the law by intelligence agencies. But in the course of examining the 77 case files mentioned previously, they discovered 22 more irregularities among 293 NSLs, none of which had been previously reported. Extrapolating to the tens of thousands of NSLs issued over the last few years, this suggests that there have been hundreds of irregularities that have not been properly reported or investigated.

Perhaps most disturbing, OIG found that

On over 700 occasions the FBI obtained telephone billing

records or subscriber information from 3 telephone companies without

first issuing NSLs or grand jury subpoenas. Instead, the FBI issued

so-called "exigent letters" signed by FBI Headquarters Counterterrorism

Division personnel who were not authorized to sign NSLs. The letters

stated that the records were requested due to "exigent circumstances"

and that subpoenas requesting the information had been submitted.

In many cases, the telephone companies handed over customer records without waiting for the associated subpoena or NSL to be approved. Moreover, some "exigent letters" were issued in circumstances that would not have permitted the use of national security letters. And due to inadequate record-keeping, the FBI was "unable to provide reliable evidence to substantiate that NSLs or other legal process was issued to cover the FBI's receipt of records requested in sample exigent letters." The FBI now acknowledges that these letters were improper, and has pledged never to use them again.

Mere administrative problems?

The defenders of the Patriot Act have been quick to emphasize that the report found no evidence of malice or intentional lawbreaking in the use of NSLs. This is true. By all accounts, the problems OIG found were the result of honest mistakes on the part of FBI officials. No examples were found of FBI agents using NSLs to spy on their ex-girlfriends or blackmail their enemies.

However, OIG teams only audited 293 letters out of tens of thousands that have been issued since the Patriot Act has become law. It's quite possible that a complete audit of NSLs would uncover deliberate lawbreaking. And given the inadequate record-keeping procedures, it's far from certain that even a comprehensive audit would uncover unlawful behavior.

Moreover, the argument for judicial review does not hinge on the assumption that government officials are corrupt. Aggressive widespread use of coercive powers by well-meaning but overzealous officials can undermine American privacy rights just as effectively as actual corruption. Law enforcement agencies can make honest mistakes. Judicial review ensures that they do their homework before seeking to invade Americans' privacy.

And even if today's FBI is honest—and the OIG report gives no reason to doubt that it is—that does not prove that a future administration couldn't use its powers under the Patriot Act for nefarious purposes. One only has to remember the FBI's abuses of power under J. Edgar Hoover in the 1960s to realize that this is more than a theoretical possibility.

A system that gives good FBI agents enough latitude to accidentally issue hundreds of NSLs that violate the law certainly gives overzealous or corrupt FBI agents the ability to flout the law deliberately. It would be a mistake to wait until more serious abuses actually happen before requiring that NSLs be subject to judicial review.