National Intelligence Report Shows FBI Warrantlessly Searched Americans’ Data Millions Of Times Last Year
from the but-it's-the-smaller-numbers-that-are-more-worrying dept
Eight years ago, prompted by the Snowden revelations (and Senator Ron Wyden’s persistent questions), then-National Intelligence Director James Clapper finally provided the public with some insight into the FBI’s warrantless searches of Americans’ data collected (supposedly inadvertently) by the NSA.
The report delivered to Sen. Wyden was surprisingly redaction-free. But that didn’t mean it was filled with specifics. Clapper’s report was vague. And it was vague because the FBI deliberately made sure no one could say for sure how many warrantless searches of US persons’ data it performed.
The FBI does not track how many queries it conducts using U.S. person identifiers.
But if DNI Clapper (and the FBI) had to guess, it would be a lot.
Moreover, because the FBI stores Section 702 collection in the same database as its “traditional” FISA collection, a query of “traditional” FISA collection will also query Section 702 collection. In addition, the FBI routinely conducts queries across its databases in an effort to locate relevant information that is already in its possession when it opens new national security investigations and assessments. Therefore, the FBI believes the number of queries is substantial.
The FBI is finally tallying the number of warrantless searches it performed. And it is a lot. Here’s the Wall Street Journal’s Dustin Volz summarizing this section of the latest report from the ODNI.
An annual report published Friday by the Office of the Director of National Intelligence disclosed that the FBI conducted as many as 3.4 million searches of U.S. data that had been previously collected by the National Security Agency.
Senior Biden administration officials said the actual number of searches is likely far lower, citing complexities in counting and sorting foreign data from U.S. data. It couldn’t be learned from the report how many Americans’ data was examined by the FBI under the program, though officials said it was also almost certainly a much smaller number.
The report [PDF] offers a couple of explanations of the year-to-year increase in searches (jumping from 1.3 million in 2020 to 3.4 million in 2021). According to the FBI, some of these warrantless searches of Americans’ data was done to protect the same Americans being searched.
Particular to calendar year 2021, there were two factors that contributed to significant fluctuations throughout the year. In the first half of the year, there were a number of large batch queries related to attempts to compromise U.S. critical infrastructure by foreign cyber actors. These queries, which included approximately 1.9 million query terms related to potential victims—including U.S. persons—accounted for the vast majority of the increase in U.S. person queries conducted by FBI over the prior year.
The other explanation offered says that the number of searches could have been even higher if the FBI hadn’t changed the way it handles these searches.
Separately, in June and August, FBI made several changes to systems that store unminimized Section 702-acquired information designed to ensure compliance with FBI’s Section 702 querying procedures. Specifically, FBI added an additional approval process for batch queries involving 100 or more query terms. FBI also modified two important systems that allow FBI to query across multiple datasets to require FBI personnel to affirmatively “opt-in” to querying unminimized FISA Section 702-acquired information. Following these changes, the average monthly number of FBI U.S. person queries run against unminimized Section 702-acquired collection decreased.
This appears to show that once the FBI decided to engage in a little oversight, the end result was fewer searches. Once analysts had to answer to someone, they perhaps engaged in less abuse of the search process.
There are smaller numbers scattered throughout the report that may be less immediately eye grabbing, but are more concerning than the 3.4 million searches. The ODNI identified four instances in the last year the FBI performed searches requiring a FISA court order but did not bother to obtain one. This may seem like a small number of searches, but considering the fact thousands of records can be accessed with a single search (which includes batch queries of up to 100 search terms), the number of Americans whose data was accessed with a court order could be very large.
There were also 12 instances where the searches of the 702 collection were performed solely to obtain information for criminal cases with no apparent national security nexus. That’s not what the 702 collection is supposed to be used for, and the DOJ notes it is continuing to “assess” these searches, possibly in hopes of finding something national security related that will allow them to be justified after the fact. And, again, it’s only a small part of the 3.9 million Section 702 searches but could also have impacted hundreds of US persons.
Finally, the report shows the FBI still really likes using National Security Letters to obtain information about US persons. The FBI did this more than 12,000 times last year, at a rate of nearly 38 per day. And, as has been documented here, the FBI will use its self-issued NSLs to seek data when it’s been rebuffed by the FISA court. How many of those requests can be linked back to request FISA requests will probably never be known.
The good news is that this is the most transparent the FBI and the ODNI have been in relation to FBI searches of data collected by the NSA. The questions raised by this report will hopefully result in more hard questions from congressional oversight, which should then lead to further policy changes and more granular reporting of the FBI’s searches of Americans’ data.