FBI Self-Audit Shows Improved Compliance With FISA Rules

FBI Self-Audit Shows Improved Compliance With FISA Rules
The FBI Headquarters in Washington on July 11, 2018. Samira Bouaou/The Epoch Times
Lawrence Wilson
Updated:
0:00

The FBI failed to fully comply with court-ordered rules for searching digital communications involving U.S. citizens 4 percent of the time in a sample of queries examined by the FBI Office of Internal Auditing (OIA).

The audit was intended to examine the agency’s compliance with rules for querying data the government routinely collects on U.S. citizens under Section 702 of the Foreign Intelligence Surveillance Act of 1978 (FISA).

FISA allows the government to collect electronic data, including phone calls, text messages, and emails of foreigners overseas, even if the communications involve a U.S. citizen. U.S. agencies can then search that data in connection with national security investigations.

Under rules approved by the Foreign Intelligence Surveillance Court (FISC), any search of that data involving a U.S. citizen must meet three criteria.

It must be for the purpose of retrieving foreign intelligence information or evidence of a crime, reasonably designed to avoid unnecessarily retrieving information not related to the purpose, and justified by a specific factual basis indicating that it’s likely to retrieve foreign intelligence information or evidence of a crime.

According to the OIA report released on May 10, FBI searches of FISA data did not fully meet those criteria in 20 of the 558 queries selected for audit. The queries were made between July 1, 2021, and March 31, 2022.

The audit did not sample all data queries made during that period but only those considered to be at “high risk” for non-compliance, an FBI senior advisor told The Epoch Times. The report did not include the total number of queries involving data on U.S. citizens during that time.

Of the 20 non-compliant queries, 17 were flagged for having “insufficient justification,” and three were “unreasonably designed.” In all cases, the failure stemmed from a lack of understanding of the compliance standards or how to apply them, according to the advisor.

Also, the FBI has access to data on just 3 percent of the targets of FISA 702 data collection, which amounts to about 8,000 people, the advisor said.

The audit was conducted after FBI Director Christopher Wray implemented procedural changes for FISA queries in 2021 and 2022. The agency had come under fire after the FISC found “widespread violations” of the rules. Those violations included searches for the communications of government officials, journalists, political commentators, and a member of Congress.

FISA was created in response to unjustified surveillance of U.S. citizens by the Nixon administration.

The May 10 audit report shows marked improvement over an audit of the period from April 1, 2020, to March 31, 2021, which revealed a noncompliance rate of 18 percent.

Although the FBI’s compliance rate improved, the change wasn’t enough to satisfy some privacy advocates.

“Even if the compliance rate were 100 percent, the government should not be able to access Americans’ communications without a warrant,” Elizabeth Goitein, co-director of the Liberty and National Security Program at the Brennan Center for Justice, wrote on Twitter.

Based on the audit results, the OIA recommended further changes in the procedures for querying FISA data. Those include improving the FISA query compliance monitoring program, ensuring that all users complete required training before gaining access to raw FISA data, and making system changes to notify users when they make mistakes when inputting data.

A previous version of this article incorrectly stated the number of times a FISA search was found to be noncompliant by the audit. The audit found that 4 percent of a sample of 558 queries did not meet criteria approved by the Foreign Intelligence Surveillance Court. The Epoch Times regrets the error.