Skip navigation
Disciplinary Self-Help Litigation Manual - Header

Review of the Fbi Use of Exigent Letters and Other Requests for Phone Records 2010 Partb

Download original document:
Brief thumbnail
This text is machine-read, and may contain errors. Check the original document to verify accuracy.
The on-site Company A analyst told us that he
therefore began to provide records in response to a letter from the FBI called an "exigent letter" - which stated that exigent circumstances had
prompted the request and that
subpoenas requesting this information have been submitted to
the U.S. Attorney's Office who will process and serve them
formally to Company A as expeditiously as possible.
According to the SSA who signed the first of these exigent letters in
November 2002, the exigent letters were issued as "placeholders" to enable
the FBI to secure the records promptly. However, the letters still committed
the FBI to serve grand jury subpoenas on Company A after the records were
provided, which the FBI did.
We identified a total of 37 exigent letters issued by the New York Field
Division between November 2002 and April 2003. 15 The SSA who signed the
first exigent letter and 11 other exigent letters issued on New York Field
Division letterhead said that he signed these letters because he understood
that the concept had been approved by Company A attorneys and he never
thought about the legal authority for the letters. A Company A analyst told
us that the exigent letter was drafted by someone in the FBI, and that
Company A thereafter accepted the letters. However, we were not able to
determine who initially drafted or approved the New York Field Division's
use of these fIrst exigent letters.
In 2002, the FBI reassigned several SSAs who had been working in
the New York Field Division to temporary duty assignments at FBI
Headquarters to help set up the CAU as a new unit in the FBI Headquarters'
Counterterrorism Division (CTD). In 2003, one of the Company A analysts
who had worked at the FBI's New York Field Division's offices was also
reassigned to work in the CAU. The overlap in Company A personnel who
worked in the New York Field Division and later at FBI Headquarters
contributed to the migration of the exigent letter practice to FBI
Headquarters in 2003.

1S New York Field Division personnel issued at least 20 additional exigent letters
from October 2004 to September 2006. Although an SSA assigned to work in the New York
Field Division estimated that he signed at least 50 to 60 exigent letters, the OIG identified
only 19 exigent letters signed by this SSA. Based on this statement and other information
developed in our investigation, we believe more exigent letters than the 798 we identified in
our investigation were issued by the FBI. However, because of the FBI's inadequate record
keeping practices, we could not determine how many more were issued.

13

The Work of the Communications Analysis Unit (CAUl and
the FBI's Contracts with the Three Communications
Service Providers

B.

As part of a reorganization of the CTD following the September 11
attacks, the FBI created the Communications Exploitation Section (CXS) in
2002. The mission of the CXS was to support the FBI's investigative and
intelligence missions by analyzing terrorist communications. As noted in
Chart 2.1 one of the four units created within the CXS was the CAU.
J

14

CHART 2.1

Organizational Chart of Communications Exploitation Section

Executive Assistant
Director for
Counterterrorism and
Counterintelligence
I

Counterterrorism
Division
(CTD)

Operations II
(OPS II)

Communications
Exploitation Section
(CXS)

Document
Exploitation Unit
(DocEx)

Electronic
Communication
Analysis Unit (ECAU)

Communication
Analysis Unit (CAUl

Electronic Surveillance
Operations & Sharing
Unit (EOPS)

*The Document Exploitation Unit became the Diji{ital Media Exploitation Unit (DMXj on March 26. 2006.

15

In 2003, the FBI entered into a contract with Company A pursuant to
which a Company A analyst was located in the CAU's office space. The FBI
also entered into separate contracts in 2003 with Company C and in 2004
with Company B to locate one of their analysts in the CAU's office space.
We determined that a CAU SSA issued the CAU's first exigent letter to
the Company A analyst, then still located at the New York Field Division, on
March 14,2003. When the three communications service providers'
employees were located in the CAU, CAU personnel issued similar exigent
letters to these individuals. These exigent letters issued by CAU personnel
were for the most part identical to the exigent letters issued by the New York
Field Division in its criminal investigations after the September 11 attacks.
As described below, we determined that from March 14, 2003, through
November 13, 2006, CAU personnel issued a total of 722 exigent letters to
the 3 on-site communications service providers.
1.

The CAU's Mission and Organizational Structure

The CAU's mission is to analyze telephone communications and
provide actionable intelligence to the appropriate operational units in the
FBI.16 The CAU was established as an "operational support unit" rather
than an operational unit. Under FBI internal policy, as operational support
components, neither the CXS nor CAU personnel could initiate national
security investigations or sign NSLs.
From 2003 through 2006, the CAU was organized into teams, each of
which was led by an SSA and included other SSAs, Supervisory Intelligence
Analysts, Intelligence Analysts, and Technical Information Specialists. Each
team supported specific FBI field and Headquarters operational divisions,
legal attaches, and classified special projects.
Following its establishment in late 2002, the CAU initially was
supervised by Acting Unit Chiefs. Two SSAs served as the Acting Unit
Chiefs from September 2002 to March 2003. In March 2003, Glenn Rogers
was appointed as the first permanent CAU Unit Chief.

16 The CAU's mission was described in a January 6,2003, FBI Electronic
Communication (EC). This EC, which was drafted by the CAU's Acting Unit Chief and sent
to all FBI divisions, described the CAU's mission:

CAU facilitates the prevention and prosecution of international and domestic
terrorism activities through the relevant collation, incisive analysis, and
timely dissemination of high-quality intelligence identified through telephone
calling activity.

16

In November 2004. Rogers was promoted to Assistant Section Chief
for the CXS.17 Bassem Youssef succeeded Rogers as the CAU Unit Chief
and remained the CAU's Unit Chief throughout the period covered by our
review.

Chart 2.2 shows the personnel who held key positions in the FBI's
senior leadership, the FBI Office of the General Counsel (FBI OGC), and the
Counterterrorism Division during the period covered by our review.

17

Rogers retired from the FBI in November 2006.

17

CHART 2.2

FBI OGC, Senior Leadership, and Counterterrorism Division Officials Management
(2003 through 2007)
3003

aoo4

~

30011

3007

JrMAMJJA80BDJrMAMJJA80.DJrMAMJJABOBDJrMAMJJA80.DJrMAMJJA80BD

IUeba~

a_"....10

Mar 05 - Jan 06

D Acting

•

Data NOT Provided

L.M. = Larry Mefford

18

J.P. = John Pistole

J.B. = James Bernazzani

We interviewed 15 SSAs and 10 Intelligence Analysts who were
assigned to the CAD beginning in March 2003. They stated that their duties
consisted chiefly of responding to requests from field divisions, legal
attaches, and operational Headquarters units. These requests included
asking the CAD to obtain and analyze telephone numbers related to ongoing
FBI investigations and to report back to the requester with telephone
records and analysis.
CAD personnel analyzed the telephone numbers by obtaining
information from numerous databases and other resources, including
information from the three on-site communications service providers. One
SSA from a CTD operational unit who frequently requested CAD support
characterized the CAD's role as having "a phone database on steroids; to
identify 'good' versus 'bad' numbers; to provide. charts and analysis;
and to get numbers in a usable format for the field."
Nearly all of the 15 SSAs we interviewed who worked in the CAD told
us that when they arrived at the CAD they had little or no experience in
national security investigations. 18 In addition, all but 2 of the 29 FBI
employees we interviewed who were assigned to work in the CAD said they
had limited or no prior experience working with NSLs. None of the SSAs we
interviewed said that the FBI provided them training on the legal and
internal FBI requirements for issuing NSLs until after the OIG's first NSL
report was issued in March 2007. 19

2.

Terminology Used in this Report for Non-Content
Telephone Transactional Records

As described above, the ECPA generally prohibits communications
service providers from divulging "a record or other information pertaining to
a subscriber to or a customer of' their services. 2o However, in authorized

18 Virtually all of these SSAs had extensive experience in conducting or supporting
criminal investigations, which were governed by a different set of Attorney General
Guidelines than the Attorney General's Guidelines for FBI National Security Investigations
and Foreign Intelligence Collection (NSI Guidelines), which applied to the conduct of
national security investigations.
19 In response to the OIG's recommendations in our fIrst NSL report, the FBI is now
providing mandatory NSL training to FBI employees involved in the use of NSLs. This
training, as well as the NSL guidance and other corrective actions implemented by the FBI
and the Department in response to our fIrst NSL report, is described in Chapter Four of our
second NSL report.

20

18 U.S.C. § 2702(a)(3).

19

international terrorism and espionage investigations, the ECPA created an
exception to this general prohibition, which allows the FBI to request "the
name, address, length of service, and local and long distance toll billing
records of a person or entity" upon written certification by the FBI Director
or his designee that the records sought are relevant to an authorized
international terrorism investigation, provided that any investigation of a
United States person "is not conducted solely on the basis of activities
protected by the first amendment. "21
In this report we generally use the term "toll records" to refer to the
non-content records of telephone calls that the three communications
service providers provided to the FBI in response to exigent letters and other
informal requests. 22
Toll records in this context are the date, time, duration, and the
originating and terminating numbers to a telephone call. These records are
also sometimes referred to as "transactional" records, as distinguished from
the content of telephone calls. The FBI is not authorized to collect the
content of any telephone calls through NSLs.

3.

FBI Contracts with the Three Communications
Service Providers

In 2003 and 2004 the FBI entered into contracts with three
communications service providers requiring the communications service
providers to place their employees in the CAU's office space and to give
these employees access to their companies' databases so they could
immediately service FBI requests for telephone records. 23 These employees
were also on call to the FBI after business hours. The contracts required

"

18 U.S.C. § 2709(b)(I).

22 FBI personnel and employees of the on-site communications service providers
sometimes referred to these records by using other industry terms such as "call records,"
"call detail records," "calling activity information," or "tolls." In addition, the terminology
used in the contract documents to describe records provided to the FBI by the
communications service providers varied, and there were somt; differences among the three
providers as to the types of records available to the FBI. Accordingly, while we generally
use the term "toll records," we use other terminology when quoting from contract
documents or witness interviews.
23 During the period covered by our review, Company B and Company C each
assigned one full-time employee to service their respective contracts with the FBI.
Company A rotated four analysts through two full-time positions.

20

the providers to deliver the toll records to the FBI in a specific electronic
format that was compatible with the FBI's databases. 24
CTn officials told us that the ability to have requests for toll records
serviced immediately by the communications service providers and to
receive the records in an electronic format that could be immediately
uploaded into FBI databases improved the CAU's ability to support FBI
counterterrorism investigations in a timely fashion. A CTn memorandum
requesting approval to obligate funds for the contract with Company A
described the contract as providing for "near real-time servicing" of legal
process by Company A analysts.
In 2003, the FBI entered into a contract with Com
to its contract, Com an

_

In addition to providing toll records, the Company A analysts could
the telephone toll data for the FBL26 According to the Company A

24 A May 28, 2003, EC from the CAU described problematic delays with toll records
received through conventional channels that were "often via hard copy reports that had to
be retyped into FBI databases."

26 Company B and Company C did not perform _
provided to the CAU.

21

of the records they

employees, the types of
FBI were: (S)

that Company A analysts performed for the

•

community of interest
this chapter), when requested;

(described later in

•

alerting CAD requesters if the Company A analysts noticed that
the data reflected i n ~ h tmake it a priority (such
as calls to or from a _ ;

•

evaluating telephone data to eliminate unnecessary follow-up
on telephone numbers that were of no investigative value;
and

•

preparing visual~entations such as
charts showing
communication _
between telephone numbers of
interest.

The FBI's contract with Company A significantly exceeded the scope of
the services that were provided to the FBI by Company B and C ~
From 2003 to March 2007, the FBI paid Company A more than _
under this contract.
In 2003, the FBI entered into a contract with Company C under which
an on-site Company C employee assigned exclusively to service the CAll's
requests provided toll records to the FBI on an expedited basis. From A ril
2004 to September 2008, the FBI has paid Company Cover
under this contract. Similar to the Com an A contract, the Com an C

In
addition, the on-site Company C employee told us that he could provide to
the FBI subscriber data, which consisted of names and addresses of
Company C customers. Company C's contract proposal stated that it would
maintain
of telephone data storage. 27
In 2004, the FBI entered into a contract with Company B, under
which Company B agreed to provide the CAD with the same types of records
it would provide to the FBI in response to an NSL. These records included:
(1) subscriber and billing information, which included telephone numbers

27 The on-site Company C em 10 ee told us in 2007 that in some instances
Company C could provide records

22

and subscriber names and addresses for both listed and non-published
numbers; and (2) calling records for numbers dialed long distance, collect,
or third party and, if available, local calls and calling card information. The
om any B contract provided for making records available
As of March 2007, the FBI had paid Company B more than
under this contract.

K

In most instances, the toll records delivered by the three
communications service providers to the FBI consisted of the originating
and terminating telephone numbers and the date, time, and duration of the
tele hone calls. In addition, Com an A and Com an C could rovide the

Company A did not provide subscriber data as part of its services
under its contract with the CAU.28 Companies Band C were able to, and
sometimes did, provide the CAU with subscriber data for their customers.
However, the FBI typically did not obtain subscriber data from Companies B
andC.
Glenn Rogers, the CAU's Unit Chief from March 2003 to November
2004, told us that a significant reason for the three contracts was the speed
with which the on-site employees of the three communications service
providers could respond to the CAU's requests.
Documents associated with the Company A and Company C contracts
described additional resources and capabilities of the on-site providers,
some of which were relevant to our review. For example, Company A's
description of its capabilities in a March 2004 contract proposal stated that
its database could "be customized specifically for the FBI based upon input
data such as hot target list, significant numbers, secure data etc." This
contract roposal also referred
"Community of Interest." Company C's cost assessment
dated Ma 23 2003 stated that Com an C
The FBI's Electronic
Communication (EC) seeking approval to obligate funds for the Company C

28 The on-site Company A employees told us that they referred FBI personnel
seeking subscriber information to a Company A subpoena management centers.

23

contract in 2003 noted that the statement of work for the contract would
allow for
As described in Chapters Three, Four, and Five of this report, we
found that the only FBI attorneys who reviewed the three contracts prior to
late 2006 were FBI OGC attorneys who specialized in procurement law.
Marion Bowman, who served as Deputy General Counsel for the FBI aGC
National Security Law Branch (NSLB) when the contracts were executed,
told us that he was unaware of and never reviewed the contracts. Julie
Thomas, who was the NSLB Deputy General Counsel from October 2004
until December 2008, told us that she first reviewed the contracts in late
2006 after she reviewed a draft of the OIG's first NSL report.

4.

Location of the Three Communications Service
Providers

From April 2003 through January 2008, employees of one or more of
the three communications service providers were located in the CAU's office
space. The CAU's office space was arranged in an open manner, with no
walls or partitions to set these employees apart from CAU personnel. The
work stations for the providers' employees consisted of a desk, at which the
employee had access to an FBI computer, an FBI telephone, and a
separately networked computer that provided access to the records of the
communications service provider. These work stations were located nearest
the entry door to the CAU and were immediately adjacent to the CAU Unit
Chiefs office. The work stations of CAU's SSAs and Intelligence Analysts
were located further inside the CAU's suite. All of the work stations in the
CAU's suite, including the work stations for the three communications
service providers, were integrated in one common area.
The FBI issued FBI e-mail accounts to employees of the three
communications service providers for their use at the FBI. The providers'
employees also had access to the CAU computer share drive. 30 The FBI
e-mail accounts enabled them to communicate with FBI employees inside

29 As described later in this chapter, we believe that the FBI's community of interest
_
practices were inappropriate under the ECPA and FBI policy. Further, as described
in Chapter Three of this report, we found that, pursuant to the FBI's contracts with
Company A and Company C, the FBI impro~ed ECPA-protected calling activity
information through the use of hot number _ _
30 Employees from Company A and Company B told us that they accessed the
CAU's share drive to review the exigent letter template because they were often asked about
the template by FBI personnel who wanted to request records.

24

and outside the CAU. The roviders' em 10 ees also communicated.
As
described below, many requests for telephone records were conveyed to the
communications service providers through e-mails sent on the FBI e-mail
accounts.

5.

Relationship between CAU Personnel and the
Providers' Employees

We found that the on-site providers' employees regularly attended
CAU unit meetings and were treated by CAU personnel as "team" members.
This team identification also was evidenced by the on-site employees' e-mail
communications. When the FBI established FBI e-mail accounts for the
providers' employees, one of the Company A analysts created a folder
entitled "TEAM USA," and many of his outgoing e-mails began with a
greeting to "Team," or "Team CAU."31 CAU personnel and the on-site
providers also socialized outside the office such as at "happy hour"
celebrations for CAU SSAs who were transferring out of the unit.
To some degree, the collegial relationship between the providers'
employees and CAU personnel fostered a productive working relationship. If
the FBI had properly trained its personnel on the lawful methods for
obtaining telephone records from the on-site providers and if the
interactions between CAU personnel and the providers' employees were
properly supervised, our observations about the team identity and informal
social interactions would not be remarkable. However, we found that the
proximity of the on-site providers' employees to CAU personnel, combined
with the lack of guidance, supervision, and oversight of their interactions
with FBI employees (which we discuss in Chapters Three and Four of this
report), contributed to some of the serious abuses identified in this review.

III.

Exigent Letters Issued by CAU Personnel

We determined that CAU personnel issued at least 722 exigent letters
to the 3 on-site communications service providers from March 14,2003,

31 One on-site Company A analyst signed his e-mails with the following signature
block: [Name], CTD/FBIHQ, Communications Analysis Unit.

25

through November 13, 2006, the date of the last exigent letter that we
found. 32
Table 2.1 shows the number of exigent letters we identified as issued
by the CAU from 2003 through 2006.

TABLE 2.1
Exigent Letters Issued by CAU Personnel by Calendar Year
(2003 through 20061
CALENDAR
IlUIIBEROF
YEAR
EXIGENT LETTERS
2003
70
2004
323
2005
294
2006
35
TOTAL
722
Source: Company A, Company B, and Company C

Most of these letters were identical to the exigent letters that were first
issued by the New York Field Division beginning in November 2002,
discussed above.
Table 2.2 shows the number of exigent letters CAU personnel issued
to each of the three communications service providers during the 4-year
period.

TABLE 2.2
Exigent Letters Issued by CAU Personnel to the
Three On-Site Communications Service Providers
(2003 through 20061
COIiIlUNICATIOIl'B
Il'UIIIIER OF
PROVIDER
EXIGENT LETTERS
Company A
514
Company B
146
Company C
62
TOTAL
722
Source. Company A, Company B, and Company C

32 As described below, the use of exigent letters that promised future legal process
was formally barred (in a directive issued by the FBI's Deputy Director) in March 2007 >
when the oro issued our first NSL report.

26

In addition to the CAU personnel who signed these 722 exigent
letters, from 2002 to 2006, 76 other exigent letters were signed by FBI
personnel not assigned to the CAU. Fifty-eight of these exigent letters were
signed by FBI personnel assigned to the FBI's New York Field Division. The
remaining 18 exigent letters were signed by FBI personnel in FBI
Headquarters and field divisions who told us they learned about CAU's
resources either through briefings, previous assignment in the CAU, or their
own initiative. Because exigent letters were primarily issued by the CAU,
however, our review focused on the CAU's use of the 722 exigent letters and
other informal methods of obtaining non-content telephone records from the
on-site providers, rather than the use of exigent letters by other FBI
offices.

A.

Text of the CAU Exigent Letters

The 722 CAU exigent letters were all drafted on official FBI letterhead.
All but 17 of the 722 exigent letters signed by CAU personnel contained the
following two sentences:
Due to exigent circumstances, it is requested that records for
the attached list of telephone numbers be provided. Subpoenas
requesting this information have been submitted to the U.S.
Attorney's Office who will process and serve them formally to
[the communications service provider) as expeditiously as
possible.
Of the 17 exigent letters that did not contain this language, 11 promised a
follow-up NSL rather than a subpoena, 2 promised to follow up with either a
subpoena or an NSL, and 4 did not mention any follow-up legal process.
The appendix to this report includes examples of two exigent letters issued
by CAU personnel during the period covered by our review.
Of the 722 exigent letters, 75 specified in either the body of the letter
or in an attachment to the letter the types of records sought - either toll
billing or subscriber records, or both. Most of the other exigent letter
requests included only the generic request for "records" quoted above.
Some of the 722 exigent letters also instructed the recipient to
conduct a "communi of interest" or "callin circle"
A community
of interest

27

Some of the 722 exigent letters also had an attachment l i s ~
categories of records requested, such as subscriber information, _
data, and community of interest reports. However, we found that, as with
the case with NSLs that had similar attachments, the FBI did not
consistently obtain all records listed on the attachments to the exigent
letters.
Of the 722 exigent letters issued by the CAU, onl 77 letters included
the date range for the request, which ranged
_
Several CAU SSAs and intelligence analysts told us that they
sometimes requested whatever records the communications service provider
had on a particular telephone number, regardless of the time
period.
In addition, employees of the on-site communications service
providers told us that CAU requesters would often come to their work
stations and tell them the specific records they needed and the date
parameters for their requests. When they did so, CAU personnel sometimes
provided exigent letters to cover the request at that time or at a later time if
responsive records were located. For example, we reviewed entries in the
.on-site Company C employee's log in which he noted references t o _
requested. However, the log also noted that the Company C employee only
needed an exigent letter for those instances in which he located responsive
records, not for all _
he

B.

Counterterrorism Division's and CAU's Recognition of the
Use of Exigent Letters

The first document we identified relating to the FBI's ability to obtain
telephone records from the three on-site communications service providers
without first serving legal process was a January 6,2003, EC from the
Acting Unit Chief of the CAU that was distributed to all FBI divisions. 34 It
described the CAU's mission and processes, and stated that the CAU could
obtain telephone records in "exigent circumstances" and that "[a]ppropriate
legal authority (Grand Jury subpoena or NSL) must follow these requests."

33

We describe community of interest requests in more detail below.

34 This EC predated the contracts between the FBI and the three communications
service providers.

28

This EC was approved by the CXS's Section Chief, the CTD's Deputy
Assistant Director, and the CTD's Assistant Director. The EC made no
explicit reference to exigent letters.

The first EC we identified that mentioned exigent letters was an EC to
CAU personnel dated November 18, 2003, approved by CAU Unit Chief
Glenn Rogers. The EC described how CAU personnel processed records
received from the on-site Company A analyst in response to exigent letters.
The EC stated:

Neither the CTD nor the CAU EC provided guidance regarding the
circumstances in which these exigent letters were appropriate.
C.

CAU's Exigent Letters Practice

This section provides further details on the exigent letters used by
CAU personnel and their explanations for issuing these letters.
Of the 722 exigent letters issued by CAU personnel from March 14,
2003, through November 13, 2006, 1 was signed by an Assistant Section
Chief, 12 were signed by 2 CAU Unit Chiefs, 706 were signed by 15 SSAs,
and 3 were signed by 3 Intelligence Analysts.

29

CHART 2.3
Exigent Letters Issued by CAU Personnel to the Three On-Site Communications Service Providers
(2003 through 2006)
60

-'=='l"""

40

30

20

CO)

;:,

;;:

0)
..,

L-2_0_0_3~(7_0.!.....)

C-

c:

(J)

CD

"0

z

o
<

CO)

;:,

;;:

CO)'

0)
..,

;:,

;;:

0)
..,

1_2_0_0_5~(2_9__'4)'_

1_2_0_04----:,...(3_2-'3)'---

30

C-

5..

en
CD

"0

CO)

;:,

1_2_0_06----:,...(3_5-'----)

C-

c:

en
CD

"0

z

o
<

_

Rogers, the CAU's first permanent Unit Chief, acknowledged to us
that he was aware of and approved the use of exigent letters. He said that
before he became the CAU Unit Chief in March 2003 he did not know about
exigent letters. He said he first learned about exigent letters from an on-site
Company A analyst on May 27, 2003, while the CAU was working on an
investigation of a bomb threat. 35 Rogers said that the Company A analyst
told him that exigent letters had been previously approved by Company A
and government attorneys for use in the New York Field Division for
emergency situations. Rogers said he was not sure whether the attorneys
referred to by the Company A analyst were from the FBI's New York Field
Division or possibly from the U.S. Attorney's Office. Rogers said he did not
seek any further details about the identity of any FBI attorneys who may
have approved the use of exigent letters.

Rogers said that based on what the Company A analyst told him
about the prior use of exigent letters by the New York Field Division, he
signed the exigent letter that requested records for four telephone numbers
in the bomb threat matter. We determined that Rogers personally signed 10
more exigent letters while serving as the CAU's Unit Chief and 1 exigent
letter after he was promoted to Assistant Section Chief for the CXS in
November 2004. In addition, we identified a total of 355 other exigent
letters that were issued by CAU personnel, listing 1,375 telephone numbers,
while Rogers was the CAU Unit Chief. 36
Rogers acknowledged that he was responsible for the use of exigent
letters at the CAU. He said that he never established any unit policy for the
use of exigent letters, and he provided only very general verbal guidance to
CAU employees. Rogers stated that he told CAU personnel that if requesters
"state that it's exigent," or "have circumstances they describe as 'exigent'
and they promise the grand jury subpoena or NSL," then the exigent letter
was authorized. Rogers said that incoming CAU employees usually learned
about exigent letters when they received on-the-job training from more
senior CAU employees.

35 We determined that after Rogers became the Unit Chief in March 2003, CAU
personnel issued eight exigent letters, dated between May 14 and May 27, 2003, that had
Rogers's name typed in the signature block. The fIrst exigent letter Rogers signed was
dated May 27, 2003.
36 The 1,375 total includes some duplicate telephone numbers. We identified 15
telephone numbers that were listed on exigent letters sent to more than one of the on-site
providers.

31

Rogers distinguished exigent letters from the FBI's so-called "Patriot
Act" letters requesting voluntary disclosure pursuant to the ECPA
emergency voluntary disclosure provision. 37 Rogers told the OIG that he
had used "Patriot Act letters" to obtain voluntary disclosures in other
circumstances, and that the exigent letters used by the CAU were not
Patriot Act letters. He said that exigent letters were used for "something
that was not routine and needed immediate attention. When asked whether
he was referring to instances in which there was an emergency that involved
a threat of immediate death or serious injury, he responded, "No, no it just
meant ... that these were rapidly moving events ... that required
immediate attention."
Rogers told us that he was aware from the time he first learned about
exigent letters from the on-site Company A analyst that follow-up legal
process would be required whenever exigent letters were used. Rogers told
us that he regularly reminded CAU personnel who issued exigent letters to
stay current on securing the after-the-fact legal process owed to the
providers. He also said he sometimes spoke with personnel assigned to CTD
operational units and at least one field division about the importance of
issuing after-the-fact legal process. Rogers asserted that he regularly
checked with CAU personnel and with the on-site providers' employees to
ensure that the after-the-fact legal process was being provided.
In November 2004, Rogers was promoted to be Assistant Section Chief
of the CTD's Communications Exploitation Section (CXS), and Bassem
Youssef was appointed as the CAU Unit Chief replacing Rogers. Youssef
signed 1 exigent letter, and, while he was the CAU Unit Chief, 367 exigent
letters listing 2,046 telephone numbers were issued under his name. 38

37 "Patriot Act letters" was the name FBI personnel used to refer to letters
requesting emergency disclosure pursuant to the ECPA. As noted previously, from
April 20, 2003, to March 8, 2006, 18 U.S.C. § 2702(c)(4) authorized a provider to
voluntarily release customers' records to a governmental entity if the provider "reasonably
believe[d) that an emergency involving immediate danger of death or serious physical injury
to any person justifie(dJ disclosure of the information." As discussed in Chapter Four, the
FBI issued detailed guidance in August 2005 concerning the FBI's authority to request
emergency voluntary disclosures.
38 Company A records show that the CAU issued 11 exigent letters to Company A in
2006 and a total of239 exigent letters to Company A during Youssers tenure as CAU Unit
Chief. We identified 367 exigent letters issued under Youssef's name as CAU Unit Chief
and 1 signed by him.

The total of 2,046 telephone numbers in the 367 exigent letters includes some
duplicate telephone numbers. We identified 97 telephone numbers that were listed on
exigent letters sent to more than one of the on-site providers. We also identified 224
(Cont'd.)

32

Youssef told us that when he became the CAU Unit Chief he inherited
the exigent letter practice from Rogers and that since Rogers was still his
immediate supervisor as the Assistant Section Chief of CXS, Youssef felt he
was not in a position to change the exigent letters practices then in
place.

We asked Youssef about the one exigent letter he personally signed in
November 2005. He stated that when he signed the letter he was unaware
that the exigent letter he signed referred to an after-the-fact grand jury
subpoena instead of an NSL, and he told us that it was not until April 2006
that he closely reviewed any exigent letter and learned of the reference to
subpoenas.

CAU SSAs told us that most of the exigent letters signed by CAU
personnel related to international terrorism investigations. 39 As discussed
in Chapter Four of this report, the FBI has determined that a majority of
these record requests were covered by NSLs, not by grand jury
subpoenas.
The on-site providers' employees told us they were concerned only
that the requests were followed up by some legal process - subpoenas or
NSLs - and did not care about what type of process the letter promised.
The on-site providers' employees also told us that they sometimes
generated the exigent letters themselves and gave them to CAU personnel to
sign and provide back to them. One of the Company A on-site analysts told
us that to facilitate his preparation of exigent letters for the FBI to use, he
established a short-cut in the fonn of an icon on his FBI-issued computer
desktop that enabled him to quickly generate exigent letters, which he gave
to the CAU employees to sign.40

additional telephone numbers that were submitted to the same provider on multiple exigent
letters.
39 These statements by CAU SSAs were confrrmed by the FBI's review team that
researched, under the direction of the FBI OGC, all of the telephone numbers in exigent
letters and 11 blanket NSLs in order to determine whether the FBI will retain records. As
described in detail in Chapter Four of this report, the review team determined that nearly
all of the 4,379 telephone numbers were relevant to national security investigations, while
266 were relevant to criminal or domestic terrorism investigations.
40 None of the employees of the three on-site communications service providers or
any FBI employees we interviewed said they could estimate the total number of exigent
letters prepared by the three providers.

33

For much of the period when exigent letters were used, we found that
there was no written guidance for CAU personnel regarding the
circumstances under which exigent letters could be used. We found that
there was only a general understanding among CAU employees that there
had to be "exigent" or emergency circumstances for them to use an exigent
letter. We also found that there was no process whereby a supervisor
reviewed and approved the issuance of the exigent letters. Further, there
was no requirement to document the circumstances under which the
exigent letters were issued or the investigation to which the requested
telephone number was related. In fact, CAU personnel were not even
required to retain copies of the exigent letters and, as described below and
in Chapter Four, for the most part were not required to track or otherwise
account for the exigent letters issued to the on-site communications service
providers.
1.

Signers of Exigent Letters In the CAU

We determined that three SSAs assigned to the CAU from 2003 to
2005 signed nearly 50 percent of the 722 exigent letters issued by CAU
personnel. One of these 3, an SSA who signed 139 exigent letters, told us
that the communications service providers' employees often gave him
exigent letters to sign after he had already been given the requested records
- and he simply signed the letters. This SSA also said that while he realized
the exigent letters inaccurately stated that grand jury subpoenas had been
submitted, he signed the letters because he "thought it was all part of the
program coming from the phone companies themselves," and he assumed
the letters were approved by the communications service providers'
attorneys. This SSA said that each time he issued an exigent letter, it was
in response to a request from a field division or headquarters unit for
records, and he believed that exigent circumstances were present.
Another SSA, who signed 115 exigent letters, said he learned about
the letters from the same Company A analyst who initially had told Rogers
about the letters. This SSA said the Company A analyst told him that the
letter had been approved for use by both Company A and FBI aGC
attorneys. The SSA said he went to Rogers and asked about the exigent
letters, and Rogers told him that they were "standard operating procedure."
This SSA also said that he knew that subpoenas had not been requested
but signed the exigent letters anyway, based on the assurances of the
Company A analyst and Rogers as well as his awareness that the letters
were a standard practice in the CAU when he began his assignment there in
September 2003. The SSA said that while most of the exigent letters he
signed related to counterterrorism investigations, some were related to
criminal and counterintelligence investigations. He also told us that in
some instances, due to the exigent nature of the request, he did not believe
there were open investigations when he issued an exigent letter.

34

A third SSA, who signed 98 exigent letters, said he learned of exigent
letters from the Company A analyst shortly after he arrived at the CAU in
September 2003. The SSA said he read the exigent letter but was not
concerned with the reference to a subpoena being requested from the
U.S. Attorney's Office. He said he assumed that the letter was a legitimate
document because he saw other CAU personnel using exigent letters. The
SSA also said that at one point either Rogers or a Company A analyst told
him not to change the language in the exigent letter because attorneys for
both Company A and the FBI had already agreed to the wording. This SSA
told us that exigent letters were typically prepared by employees of the
on-site communications service providers, who would forward the exigent
letters to him bye-mail for his signature at the same time they furnished
him the requested telephone data. 41 He said that on other occasions one of
the intelligence analysts on his team would prepare the exigent letters. The
SSA told us that he was not concerned with whether an incoming request
was made pursuant to an open FBI investigation, because a case would
eventually be opened even if it lagged behind the exigent letter process.
This SSA also told us that he used exigent letters only under exigent
circumstances and that he would not sign his name to letters containing
false statements. When we asked him about the inaccurate statements in
the exigent letters that subpoenas had been submitted to the U.S.
Attorney's Office, he said the language "did not make sense" since that
language did not reflect how the process to obtain records and to issue
after-the-fact legal process actually worked in the CAU. Yet, although he
said he thought at the time that the language in the exigent letters did not
make sense, he said he nevertheless signed the letters because he thought
the letter was accepted by the providers and was an established practice in
the CAU. He said his overriding concern was the fear that "something
would blow up in the U.S." if he did not aggressively respond to requests for
telephone data in support of FBI terrorism investigations.
While most SSAs told us they believed exigent circumstances were
present when they signed the letters, we found contrary evidence regarding
some of these letters. For example, an SSA who signed 34 exigent letters
told us that he was "pretty sure" that some of the exigent letters he signed
when he first joined the CAU "could be questionable" in terms of whether
there were exigent circumstances. Another SSA who signed 61 exigent
letters said that Intelligence Analysts on this team would sometimes
describe the situations prompting the requests, but if he was busy, "they'll

41 Other CAU personnel, documents, and e-mails confIrmed that telephone records
were often provided to the FBI before exigent letters were issued.

35

just hand me the letter, and ... I'll sign it." We also identified an e-mail
dated April 26, 2005, in which an FBI OGC National Security Law Branch
(NSLB) Assistant General Counsel (the Assistant General Counsel) who was
the NSLB point of contact for NSL-related policies and issues, expressed to
Youssef that "on occasion, CAU is presuming that someone who comes to
them [seeking records from the on-site providers] has an emergency."
The CAU SSAs who signed exigent letters gave us various descriptions
about the matters for which exigent letters were used. Some said an exigent
circumstance involved a life-threatening matter. Others described it as an
important, pressing, or high-priority matter. Others said it was a matter
related to an important case or one in which a high-level FBI official
demanded the information.
Most of the CAU SSAs and Intelligence Analysts who signed exigent
letters also said they were unconcerned about the letters' reference to
subpoenas. Some SSAs asserted that they broadly read the reference of
subpoenas in the exigent letters to include grand jury subpoenas,
administrative subpoenas, or NSLs. One SSA stated that "for me everything
was a subpoena." Other SSAs stated that they were unaware of the type of
legal process that would follow because it was the responsibility of the FBI
requester, not CAU personnel, to follow up with appropriate process. A few
signers, including Youssef, told us that they did not closely read the exigent
letters when they signed them.
Almost all of the SSAs who signed exigent letters told us that they did
not give much thought to the underlying legal authority for the exigent
letters. Rather, they said that they assumed the exigent letter was a legal
instrument that had been reviewed by the appropriate authorities, including
CTD management and attorneys from both the FBI and from the
communications service providers. They stated that they used the exigent
letters because they assumed that the letter was an authorized tool for
requesting records from the on-site communications service providers. For
example, one SSA stated that exigent letters were the "business process" in
place when he came to the CAU.
CAU Unit Chief Glenn Rogers (who later served as Assistant Section
Chief of the Communications Exploitation Section (CXS), which supervised
the CAU) told us that he signed exigent letters even though he recognized at
the time that subpoenas requesting the records had not been submitted to
the U.S. Attorney's Office, as the letters stated. When we asked Rogers to
explain this statement in the exigent letters, Rogers said that the exigent
letter was "poorly worded" and should have been revised earlier to state that
NSLs would be the after-the-fact legal process to be served on the providers.
Rogers also stated that nothing was done "to hide the fact that we were

36

getting stuff in advance of NSLs" and that "nobody ever told me to cease"
using exigent letters.
We found that the practice of obtaining records and providing
after-the-fact legal process was so common in the FBI that it was mentioned
in a CTn training video created in 2004. In the video, a CAU SSA speaks
with a field agent by telephone and makes arrangements to provide
telephone records that the SSA had already received from a communications
service provider. The SSA says to the field agent, "I'll just need you to send
me an NSL to cover the books."
As discussed in Chapter Three of this report, we found other irregular
practices concerning the CAU's interaction with the on-site providers. One
of our findings in that chapter has a bearing on the issue whether signers of
exigent letters knew that exigent circumstances were present. In one of
three instances involving subpoenas or other requests for the toll billing
records of news reporters, a CAU SSA signed an exigent letter seeking toll
billing records for reporters for the Washington Post and The New York
Times. Yet, the case agent told us he did not inform either the CAU SSA
who signed the exigent letter or anyone in his management chain that
exigent circumstances existed. Similarly, the CAU SSA said he did not
recall anyone informing him that exigent circumstances were present.
None of the CAU SSAs or Intelligence Analysts who signed the exigent
letters received training on NSLs upon entering the CAU. In addition, these
SSAs did not have prior national security investigation experience. Many
told us that in their prior experience in criminal investigations field-based
SSAs were authorized to sign administrative subpoenas for telephone toll
billing records, and they therefore did not believe the exigent letter practice
to be extraordinary.

Three of the SSAs who together signed 114 of the 722 exigent letters
issued by the CAD told us that they were concerned with the use of exigent
letters and separately brought their concerns to Rogers when he was the
CAU Unit Chief.'2 Two of these SSAs said that Rogers assured them that
the exigent letters were proper and had been approved by "lawyers." The
three SSAs told us they were directed by Rogers to continue using the
exigent letters. One SSA said he had also expressed concern to Rogers
about the reference in the exigent letters to follow-up subpoenas when he
became aware that after-the-fact process was more often NSLs than

42 These SSAs are not the same SSAs described above who together had signed
nearly 50 percent of the exigent letters signed by CAU personnel.

37

subpoenas. This SSA said Rogers told him not to change "a single word" in
the letter because it had previously been reviewed and approved. 43
Rogers told us that he did not recall any of the SSAs in the CAU
coming to him with concerns about the wording of the exigent letter. Rogers
also said that he never spoke to any attorneys from either the FBI or the
communications service providers about the use of exigent letters. Rogers
said that he accepted the validity of the exigent letter based on the briefing
he received from the Company A analyst who told him in May 2003 that the
letter had previously been approved for use in the New York Field Division
in 2002. Rogers, who signed 12 exigent letters, told us that he took "full
responsibility for that letter - that it wasn't worded properly, [and] that it
took so long to change the wording" to refer to NSLs rather than
subpoenas.
2.

CTD Supervisors

In addition to our interviews of CAU personnel and supervisors, we
also interviewed supervisors in the CTD who served during the 2003
through 2006 time period about the use of exigent letters. These officials
included FBI Assistant Section Chiefs, Section Chiefs, Deputy Assistant
Directors, and Assistant Directors who had responsibility either for
oversight of the CAU or the other CTD units whose frequent requests for
telephone records resulted in the CAU's issuance of the exigent letters. All
but one of them told us they were unaware before the OIG's first NSL
investigation that the CAU was using exigent letters to obtain telephone
records from the three on-site communications service providers.
The one FBI official who told us that he knew about exigent letters at
the time they were used was John Chaddic, the Assistant Section Chief of
CXS from June 2003 to October 2004 44 Chaddic told us that in
approximately June 2003 Rogers briefed him about exigent letters and
described them as a "placeholder so that we could get the toll records and
analyze them while we waited on the NSL." Chaddic said he never saw an
exigent letter but "wasn't surprised" when he learned about the exigent
letter process because the FBI could not afford to wait for the appropriate
legal process in emergency situations when lives might be at risk. Chaddic
also told us that he had assumed the use of exigent letters was addressed in
the FBI's contracts with the communications service providers. He also said

43 None of the other SSAs we interviewed who signed exigent letters said they
brought concerns about the use of exigent letters to either Rogers or Youssef.
44

Chaddic is currently a Unit Chief in the FBI's Counterintelligence Division.

38

that the concept seemed consistent with at least one classified FBI program
ongoing at the time. Chaddic added that since Rogers and most of the SSAs
assigned to the CAU had previous experience with FBI drug investigations
for which SSAs were authorized to obtain telephone records by signing
administrative subpoenas, the exigent letter tool would not be a departure
from their prior FBI experience in securing telephone records.
Other CTD officials told us they were not aware of the use of exigent
letters until the DIG's investigation. For example, Laurie Bennett and
Jennifer Smith Love, two of the FBI officials who served as the Section Chief
of the CXS from 2004 through 2006, told us that they did not know about
the letters until the details of the practice emerged during the DIG's first
NSL investigation in 2006. 45 Bennett, who was the CXS Section Chief from
August 2004 to April 2006, told us that she expected that information from
the communications service providers was obtained legally and that the
CAU would have informed her if they could not obtain the information
legally. Love, who was the CXS Section Chief from April 2006 to December
2006, told us that she did not know about exigent letters, although she was
aware that the CAD had obtained records from the providers prior to issuing
legal process, and that the CAU had ongoing problems obtaining NSLs to
cover telephone records that the FBI had previously received from the
on-site providers.
Similarly, former CTD Deputy Assistant Directors John Lewis,
Thomas Harrington, and Arthur Cummings 111 told us that they did not
know about the exigent letters practice. 46 However, Lewis said he was "not
surprised that Ithe FBl]lwas] dealing with the phone companies in as
aggressive a manner as possible." Cummings told us that he believed the
use of the letters must have been approved by the FBI.
Former Assistant Directors in charge of the CTD also told us they
were unaware of the exigent letter practice. LaTty Mefford served as
Assistant Director of the CTD from July 2002 until July 2003 and as
Executive Assistant Director of the FBI National Security Branch from July
2003 until his retirement in October 2003. Mefford said that he was

45 The official who selVed as the first Section Chief of CXS from 2002 until April
2004 has retired from the FBI and declined our request for an interview.
46 Lewis selVed as a Deputy Assistant Director in the CfD from April 2004 to June
2006, and retired from the FBI in February 2009. Harrington selVed as a Deputy Assistant
Director in the CfD from December 2002 until March 2008. Harrington currently serves as
the Executive Assistant Director of the FBI's Cyber Division. Cummings, who selVed as a
Deputy Assistant Director in the CfD from August 2006 to November 2007, is currently the
FBI's Executive Assistant Director for the National Security Branch.

39

 

 

Prisoner Education Guide side
Advertise here
Prison Phone Justice Campaign