DOJ: Operators helped FBI illegally obtain phone records
IDG News Service - The FBI was so cavalier -- and telecom companies so eager to help -- that a verbal request or even one written on a Post-it note was enough for operators to hand over customer phone records, according to a damning report released on Wednesday by the U.S. Department of Justice Office of the Inspector General.
The 289-page report details findings of the DOJ's investigation into the FBI's policies for requesting phone records from 2003 through 2006.
It found that in many cases the FBI issued written requests for telephone information, saying that it had secured the proper legal authority to make such requests, even though it didn't.
Also, the report found that the FBI used far more casual methods to obtain records, including verbal requests and requests written on Post-it notes.
When the FBI did use formal written requests, it did not track their use or keep copies of them, the report found.
Some telecom employees, who were based in FBI offices so as to quickly respond to such requests, said that they assumed that the requests were based on a critical national security investigation, although at least one expressed doubts about the circumstances surrounding requests. In fact, some telecom company employees were so enthusiastic to help that they would generate the formal written requests for telephone records on behalf of the FBI.
The report refers to three telecom providers that placed employees in FBI offices, but it does not name the operators.
When asked about internal policies for responding to such requests for customer information, AT&T and Verizon had no comment. Qwest did not respond to requests for comment.
The report also found that the FBI got records and calling-activity information on reporters from the Washington Post and the New York Times without complying with relevant laws. "We concluded that the FBI's acquisition of these records constituted a complete breakdown in the required department procedures for approving the issuance of grand jury subpoenas to obtain reporters' toll billing records," according to the report.
Following previous reports issued by the DOJ regarding FBI phone-record request policies, the agency made only halfhearted attempts to address the problem, the report said. From 2003 to 2007, "the FBI's actions were seriously deficient and ill-conceived and the FBI failed to ensure that it complied with the law and FBI policy when obtaining telephone records from the on site communications service providers," the report found.
However, after 2007, the agency made some serious changes that have helped, the DOJ said, although it recommended further action to ensure that the FBI does not continue to illegally obtain phone records.
In a statement, the FBI pointed out that the report does not find that any FBI employee obtained records for reasons other than legitimate investigative interest. It also said that it has purged records found to have been obtained without the proper process.
The Electronic Frontier Foundation criticized how long the illegal phone-record requests were allowed to continue and how much prodding it took for the FBI to change its policies. The EFF has filed a lawsuit against the government and said that the violations revealed in the DOJ document have not been disclosed by the FBI during the course of the ongoing lawsuit.
- Best iPhone, iPad Business Apps for 2014
- 14 Tech Conventions You Should Attend in 2014
- 10 Desktop Apps to Power Your Windows PC
- How to Add New Job Skills Without Going Back to School
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- What Datapipe customers need to know about the new PCI DSS 3.0 compliance standard This handy quick reference outlines what PCI DSS 3.0 is, who needs to be compliant and how Alert Logic solutions address the new...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- The Critical Role of Support in Your Enterprise Mobility Management Strategy Most business leaders underestimate the importance of tech support when they choose an EMM solution. Here's what to put on your checklist.
- Separating Work and Personal at the Platform Level: How BlackBerry Balance Works BlackBerry® Balance™ separates work from personal on the same mobile device, right at a platform level. Find out how it can work for...
- Live Webcast Best Practices for the Hyperconverged Enterprise Network To the Age of Constant Connectivity and Information overload
- Getting Ready for BlackBerry Enterprise Service 10.2 Find out how BlackBerry® Enterprise Service 10 helps organizations address the full spectrum of EMM challenges, while balancing the needs of both the...
- Containerization Options: How to Choose the Best DLP Solution for Your Organization This webcast outlines a framework for making the right choice when it comes to containerization approaches, along with the pros and cons of... All Networking White Papers | Webcasts