FBI finds it violated data collection rules

WASHINGTON -- An internal FBI audit has found that the bureau potentially violated the law or agency rules more than 1,000 times while collecting data about domestic phone calls, e-mails, and financial transactions in recent years, far more than was documented in a Justice Department report in March that ignited bipartisan congressional criticism.

The new audit covers just 10 percent of the bureau's national security investigations since 2002, and so the actual number of mistakes in the FBI's domestic surveillance efforts probably number in the several thousands, bureau officials said in interviews. The earlier report found 22 violations in a much smaller sampling.

The vast majority of the new violations were instances in which telephone companies and Internet providers gave agents phone and e-mail records the agents did not request and were not authorized to collect. The agents retained the information anyway in their files, which mostly concerned suspected terrorist or espionage activities.

But two dozen of the newly- discovered violations involved agents' requests for information that US law did not allow them to have, according to audit results provided to The Washington Post. Only two examples were identified earlier in the smaller sample.

FBI officials said the results confirmed what agency supervisors and outside critics feared. Many agents did not understand or follow the required legal procedures and paperwork requirements when collecting personal information with the National Security Letter, one of the most sensitive and powerful intelligence- gathering tools of the post-Sept. 11 era. Such letters are uniformly secret and amount to non-negotiable demands for intimate information -- demands that are not reviewed in advance by a judge. After the 2001 terrorist attacks, Congress substantially eased the rules for issuing NSLs, requiring only that the bureau certify that the records are "sought for" or "relevant to" an investigation "to protect against international terrorism or clandestine intelligence activities."

The change, combined with national anxiety about another domestic terrorist event, led to an explosive growth in the use of the letters. More than 19,000 letters were issued in 2005 seeking 47,000 pieces of data, mostly from telecommunications companies. The FBI audit will be completed in the coming weeks, and Congress will be briefed on the results, officials said.