The Canadian Privacy Law Blog: Developments in privacy law and writings of a Canadian privacy lawyer, containing information related to the Personal Information Protection and Electronic Documents Act (aka PIPEDA) and other Canadian and international laws.
The author of this blog, David T.S. Fraser, is a Canadian privacy lawyer who practices with the firm of McInnes Cooper. He is the author of the Physicians' Privacy Manual. He has a national and international practice advising corporations and individuals on matters related to Canadian privacy laws.
For full contact information and a brief bio, please see David's profile.
The views expressed herein are solely the author's and should not be attributed to his employer or clients. Any postings on legal issues are provided as a public service, and do not constitute solicitation or provision of legal advice. The author makes no claims, promises or guarantees about the accuracy, completeness, or adequacy of the information contained herein or linked to. Nothing herein should be used as a substitute for the advice of competent counsel.
This web site is presented for informational purposes only. These materials do not constitute legal advice and do not create a solicitor-client relationship between you and David T.S. Fraser. If you are seeking specific advice related to Canadian privacy law or PIPEDA, contact the author, David T.S. Fraser.
Friday, March 09, 2007
This probably isn't a big surprise to a lot of people, but I'm surprised to see it publicly disclosed:
Mueller Admits Fault in FBI Intrusions
Mar 9, 8:33 PM EST
By LARA JAKES JORDAN
Associated Press Writer
WASHINGTON (AP) -- The nation's top two law enforcement officials acknowledged Friday the FBI broke the law to secretly pry out personal information about Americans. They apologized and vowed to prevent further illegal intrusions.
Attorney General Alberto Gonzales left open the possibility of pursuing criminal charges against FBI agents or lawyers who improperly used the USA Patriot Act in pursuit of suspected terrorists and spies.
The FBI's transgressions were spelled out in a damning 126-page audit by Justice Department Inspector General Glenn A. Fine. He found that agents sometimes demanded personal data on people without official authorization, and in other cases improperly obtained telephone records in non-emergency circumstances.
The audit also concluded that the FBI for three years underreported to Congress how often it used national security letters to ask businesses to turn over customer data. The letters are administrative subpoenas that do not require a judge's approval.
"People have to believe in what we say," Gonzales said. "And so I think this was very upsetting to me. And it's frustrating."
"We have some work to do to reassure members of Congress and the American people that we are serious about being responsible in the exercise of these authorities," he said.
Under the Patriot Act, the national security letters give the FBI authority to demand that telephone companies, Internet service providers, banks, credit bureaus and other businesses produce personal records about their customers or subscribers. About three-fourths of the letters issued between 2003 and 2005 involved counterterror cases, with the rest for espionage investigations, the audit reported.
FBI Director Robert S. Mueller said many of the problems were being fixed, including by building a better internal data collection system and training employees on the limits of their authority. The FBI has also scrapped the use of "exigent letters," which were used to gather information without the signed permission of an authorized official.
The American Civil Liberties Union said the audit proves Congress must amend the Patriot Act to require judicial approval anytime the FBI wants access to sensitive personal information.
Both Gonzales and Mueller called the national security letters vital tools in pursuing terrorists and spies in the United States. "They are the bread and butter of our investigations," Mueller said.
In 2000, for example, the FBI issued an estimated 8,500 requests. That number peaked in 2004 with 56,000. Overall, the FBI reported issuing 143,074 requests in national security letters between 2003 and 2005.
But that did not include an additional 8,850 requests that were never recorded in the FBI's database, the audit found. A sample review of 77 case files at four FBI field offices showed that agents had underreported the number of national security letter requests by about 22 percent.
Additionally, the audit found, the FBI identified 26 possible violations in its use of the letters, including failing to get proper authorization, making improper requests under the law and unauthorized collection of telephone or Internet e-mail records.
The FBI also used exigent letters to quickly get information - sometimes in non-emergency situations - without going through proper channels. In at least 700 cases, these letters were sent to three telephone companies to get billing records and subscriber information, the audit found.
On the Net:
The report is at: http://www.usdoj.gov/oig/reports/FBI/index.htm
Justice Department: http://www.usdoj.gov
The Canadian Privacy Law Blog is licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works 2.5 Canada License.