FBI misused surveillance data, spied on its own, FISA ruling finds

  News
image_pdfimage_print
FBI agents ran queries across thousands of US individuals, including potential sources and anyone with access to FBI facilities, against raw metadata from FISA-authorized bulk collection databases.
Enlarge / FBI agents ran queries across thousands of US individuals, including potential sources and anyone with access to FBI facilities, against raw metadata from FISA-authorized bulk collection databases.
Bloomberg via Getty Images

In an October 2018 ruling unsealed and posted on October 8, 2019 by the Office of the Director of Intelligence, the United States Foreign Intelligence Surveillance Court (FISC) found that the employees of the Federal Bureau of Investigation had inappropriately used data collected under Section 702 of the Foreign Intelligence Surveillance Act (FISA). The FBI was found to have misused surveillance data to look into American residents, including other FBI employees and their family members, making large-scale queries that did not distinguish between US persons and foreign intelligence targets.

The revelation drew immediate outcry from privacy advocates and renewed calls for the termination of FISA and USA FREEDOM Act that authorized bulk intelligence collection. President Donald Trump signed a bill extending Section 702 collection authorizations for six years in 2018; the Office of the Director of National Intelligence announced earlier this year that the administration would seek the extension of authority for collection of call data granted under the USA FREEDOM Act.

In a statement emailed to Ars Technica, ACLU Senior Legislative Counsel Neema Singh Guliani, said:

The government should not be able to spy on our calls and emails without a warrant. Any surveillance legislation considered by Congress this year must include reforms that address the disturbing abuses detailed in these opinions. Congress and the courts now have even more reason to prohibit warrantless searches of our information, and to permanently close the door on any collection of information that is not to or from a surveillance target.

Let me Intel-Google that

The Foreign Intelligence Surveillance Court ruling found that the FBI’s “querying procedures” for intelligence data did not properly record when the database of intelligence data was searched for information about US persons. “The querying procedures did not require FBI personnel to document the basis for finding that each United States-person query term satisfied the relevant standard—i.e., that queries be reasonably designed to return foreign-inteligence information or evidence of crime,” the FISC opinion stated. “Without such documentation and in view of reported instances of non-compliance with that standard, the procedures seemed unreasonable under FISA’s definition of ‘minimization procedures’ and possibly the Fourth Amendment.”

Among those instances of “non-compliance” were:

  • Between March 24 and 27, 2017, the FBI ran queries against intelligence data “using identifiers for over 70,000 communications facilities ‘associated with’ persons with access to FBI facilities and systems,” the court noted, “notwithstanding advice from the FBI Office of General Counsel (OGC) that they should not be conducted without the approval of the OGC and the National Security Division of the Department of Justice.”
  • On December 1, 2017, a redacted FBI division “conducted over 6,800 queries using the Social Security Numbers of individuals” against raw, unredacted FISA data. A week later, the same unit conducted 1,600 queries using another set of identifiers for US persons. The person who conducted the queries “advised he did not intend to run them against raw FISA information, but nonetheless reviewed raw FISA information returned by them.”
  • In February of 2018, the FBI searched raw FISA data for information, with about 30 queries regarding “potential [redacted] sources,” and conducted about 45 other queries on people “under consideration as potential sources of information.”
  • In an undated event, reported to the Department of Justice’s National Security Division in April of 2018, the FBI ran queries against raw FISA metadata using identifiers for “approximately 57,000 individuals” where it was not clear that the information would return foreign intelligence information.
  • Queries against individual US persons were run against the FISA data on a number of occasions, including people about to be served a FISA order—and “a small number of cases in which FBI personnel apparently conducted queries for improper personal reasons—for example, a contract linguist who ran queries on himself, other FBI employees, and relatives.”

The court found a huge lack of oversight over the FBI’s querying of FISA metadata and ordered the FBI to revise its search procedures. The FISC ruling said that the FISA statutory and Fourth Amendment concerns regarding warrantless searches would be cleared if all queries required written documentation of the basis for a belief by the FBI that searching against a US person’s metadata would be “reasonably likely to return foreign-intelligence information or evidence of crime” before anyone at the FBI was allowed access to the contents of FISA data that would be returned by such a search.

https://arstechnica.com/?p=1582117