Leaks in 2013 helped shift FBI away from using controversial Section 215 to acquire email and other metadata, US justice department watchdog finds.
Edward Snowden’s disclosures were partially responsible for reversing a massive growth in the use of a controversial provision of the Patriot Act for acquiring email and other so-called “business records”, the US justice department’s internal watchdog has found.
The Patriot Act provision, known as Section 215, permits intelligence and law enforcement agencies to acquire from a service provider records of someone’s communications – such as phone calls or email records – that are relevant to a terrorism or espionage investigation.
In June 2013, the Guardian, based on Snowden’s leaks, revealed that the Bush and Obama administrations had secretly been using Section 215 to acquire Americans’ phone data in bulk. The revelation led Congress to significantly curtail domestic bulk phone records collection in 2015.
The new report from the justice department inspector general reveals that around 2009, the FBI began encountering resistance from email providers and others to a highly controversial nonjudicial subpoena for records, known as a National Security Letter. In the wake of this, the FBI began acquiring the information it sought through warrant requests to the Fisa court, a secret surveillance panel, using Section 215 of the Patriot Act, which the inspector general notes is a slower process.
“Transactional records for email,” says the heavily redacted report, were “the most common type of records requested” outside of bulk data collection, which the inspector general set aside.
The shift resulted in an “exponentially” increasing FBI appetite for email and other records under the Patriot Act provision. In 2009, the Fisa court approved 21 such requests. By 2012, it had approved 212. A single order can encompass many people’s records.
Between 2012 and 2014, the Fisa court issued 564 such orders, which the inspector general called “a dramatic increase”. Between 2007 and 2009, the court issued only 51 orders for domestic email and internet metadata, according to the previous inspector general’s report on Section 215 issued last year.
The Fisa court, the inspector general has now found, “did not deny any business records applications” made between 2012 and 2014.
But Snowden’s revelations, beginning in mid-2013, helped shift the FBI away from using Section 215 to acquire email and other metadata. The Fisa court approved warrants to collect non-bulk business records 179 times in 2013, a number falling to 142 times in 2015 – though this was still a vast increase on the 21 approved in 2009.
A senior national security official with the justice department told the inspector general that a “stigma” had been created around the Patriot Act provision, even outside of the bulk collection that privacy advocates rallied to stop.
“I think it’s possible that folks … have decided it’s not worth pursuing [business records orders], you know, obviously things haven’t been great since Snowden either,” the report quoted the unnamed official as saying.
The justice department disputed Snowden’s impact on the shift as “speculative” and indicated that the data collection did not stop, so much as shifted legal justifications.