REDACTED FOR PUBLIC RELEASE Office of the Inspector General U.S. Department of Justice OVERSIGHT* INTEGRITY* GUIDANCE A Review of the Drug Enforcement Administration's Use of Administrative Subpoenas to Collect or Exploit Bulk Data Oversight & Review Division 19-01 REDACTED FOR PUBLIC RELEASE March 2019 ••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••• NOTICE The Drug Enforcement Administration (DEA) and another government entity determined that portions of this report constitute Law Enforcement Sensitive (LES) information. Those portions have been redacted to enable the issuance of this public version of the report. Issuance of this report follows efforts by the Office of the Inspector General (OIG), the DEA, and the other government entity to agree on the scope of the redactions. The OIG continues to believe that some redacted material is not LES, but defers to the judgment of DEA and the other government entity. This public version of the report contains an Executive Summary without any redactions. Consistent with the OIG's ordinary practice, the full, unredacted report has been produced to the DEA, the Department of .Justice, and to relevant congressional oversight committees• ••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••• Executive Summary A Review of the Drug Enforcement Administration's Use of Administrative Subpoenas to Collect or Exploit Bulk Data The Department of Justice Office of the Inspector General (OIG) conducted a review of the Drug Enforcement Administration 's (DEA) use of its administrative subpoena authority under 21 U.S.C. § 876(a) to collect or exploit "bulk data." 1 Section 876(a) authorizes the DEA to issue administrative subpoenas, without court or other approval outside the agency, requiring the production of records that are " relevant or mat erial" to certain drug investigations. 21 U.S.C. § 876(a). For purposes of this review, we relied on the Department of Justice's (Department or DOJ) definition of a " bulk collection" of data as a collection of a significant amount of data that is unrelated to an individual, group, or entity that is a target of an investigation, where the data is acquired or updated periodically on an ongoing basis . Typically, a " bulk collection" of data captures records relating to broad categories of transactions, such as the non-content records of all telephone calls handled by a particular telecommunications servi ce provider. Collections of bulk data may include millions or even billions of data points and are often loaded into computers and analyzed by means of automated searches. The relevance of any individual record within the large-scale collection (such as a record of a single phone call) to a specific open investigation is typically not determined until after the bulk collection is acquired and queried. The Programs Our report addresses three programs in which the DEA has used its administrative subpoena authority to collect or exploit bulk data in recent years. The DEA has identified all of the programs discussed in this report as Law Enforcement Sensitive. Accordingly, we have removed program names and some operational details about the programs to enable issuance of this public Executive Summary. 1 Department of Justice Inspector General Michael E. Horowitz recused himself from this review because he occupied senior management positions within the Criminal Division from 1999 through 2002, a t ime period during which DEA operated, with Criminal Division involvement, one of the programs examined herein. We did not Interview Mr. Horowitz or review his conduct because of the inherent conflict for this Program A: Program A is a federal interagency data analysis program spearheaded by t he DEA, but initiated with the approval of DOJ leadership . From the 1990s until mid-2013, as part of Program A, th e DEA issued " non-target-specific" subpoenas to multiple telecommunications service providers t o amass an extremely large collection of bulk tel ephone call records ("Collection 1"). The Collection 1 subpoenas were "non­ target-specific" in that they were not directed at or related to particular ident ifiable investigations or targets. Rather, the Collect ion 1 subpoenas required the production of records for all calls made from the United States over a recip ient company's t elecommunications network to countries that th e DEA determined had a " nexus to drugs." The call records that were collected, also known as "telephone metadata," included the originating and receiving t elephone numbers and the date, time, and duration of the call, but did not include the content of any calls or subscrib er information. Under Program A, the DEA used Collection 1 data tog ether with ot her data to create analytic products for investigations. Investigators from t he DEA or other participating federal agencies contacted a Program A Staff Coordinator and provided rel evant facts regarding the connection between a target telephone number and an active case. The Staff Coordinator reviewed the request to determine if it contained a sufficient basis connecting the target number with an active case, referred to as "reasonable articulable suspicion" (RAS). Once the request was approved, the DEA created Program A investigative products by using the target number to query the Collection 1 dataset and other record s in order to identify calls made to or from that target number and in some cases a m ore in- depth analysis of a target's t elephone contacts to identify relevant investigative links. T he resulting analytical products were sent back to the requesting office for use in investigat ions. office to evaluate the role of the I nspector General. Although auditing standards are not applicable to this review, which is not an audit, they provided useful gu idance on his Issue. See Generally Accepted Government Auditing Standards (December 20 11). Executive Summary A Review of the Drug Enforcement Administration's Use of Administrative Subpoenas to Collect or Exploit Bulk Data In the summer of 2013 the Department suspended issuance of Collection 1 administrative subpoenas and usage of exist ing Collection 1 bulk data. Shortly t hereafter, Program A was significantly modified to eliminate the use of the non-target-specific Collection 1 subpoenas for bulk collection of telephone metadata. Instead, in 2014, the DEA began issuing periodic subpoenas to one or more telecommunications service provider(s) for telephone metadata related to telephone numbers that the DEA or other participating federal agency had determined was relevant to specifically identified investigations. Each such subpoena aggregates a large number of targeted requests in specific cases into a single subpoena. Under this target-specific approach (Collection 2), t he telecommunications service provider/subpoena recipient, rather than the DEA, queries a bulk t elephone metadata collecti on t hat it m aintains for its own business purposes. DEA guidance requires that investigators requesting Program A products containing Collection 2 data demonstrate that RAS exists th at a target number is being used in t he conduct of criminal activities. After the service provider delivers the responsive telephone metadata for calls to or from the target numbers, t he DEA generates similar Program A analytical products for the req uesting federal agencies as were generated during t he Collection 1 era . Program A, modified by the targ et-specific Collecti on 2 approach, remains active. administrative subpoenas in connection with this program. Program C: Program C is a contractual service program, initiated by a non-DOJ government entity in 2007, under which a telecommunications service provider maintains and analyzes its own collection of bulk telephone metadata for billions of calls to produce expedited or advanced telephone analytical products in response to target-specific administrative subpoenas from law enforcement agencies, including DEA. Program C does not include the content of calls. Among other things, upon r eceiving an administrative subpoena, the provider can analyze its own bulk data collection to generate reports that identify unique connections to target phone numbers. The provider maintains and queries the bulk collection; the DEA's administrative subpoenas for Program C products are issued for particular identifiable investigations or targets. Although this program is not one that the DEA owns, the DEA is a major customer for Program C products. Program C remains active. Findings Sufficiency of Legal Reviews Our review found that the DEA (and the Department wit h respect t o Program A, Collection 1) failed to conduct a comprehensive legal analysis of the DEA's use of its administrative subpoena authority to collect or exploit bulk data before init iating or participating in any of the three programs. We fo und this fai lure troubling with respect to Program A, Collection 1 and Program B because these programs involved a uniquely expansive use of Section 876(a) authority to collect data in bulk without m aking a prior finding that the records were, in the language of that statutory provision enabling DEA's subpoena authority, "relevant or material" t o any specific defined investigation. Several published court decisions have clearly suggested pot ential challenges to the validity of the DEA's use of its statutory subpoena power in this expansive, non-targeted manner. We also found the absence of a robust legal review troubling because the DEA utilized the bulk data collected by means of Program A, Collection 1 and Program B Program B: Program B involved the use of administrative subpoenas from 2008 to 2013 to coll ect bulk purchase data for a p articular good or service sold by selected vendors. The administrative subpoenas for Program B data were not directed at or related to particular identifiable investigations or targets. Instead, the Program B subpoenas were issued periodically to selected vendors of th e particular good or servi ce and required production of customer information for each purchase of the good or service. The DEA then queried the responsive Program B bulk purchase data provided by the vendors against various law enforcement databases to identify any matches, or "hits," in order to identify potential targ ets for further investigation. In September 2013, following inquiries from the OIG regarding Program B, the DEA stopped issuing ii Executive Summary A Review of the Drug Enforcement Administration's Use of Administrative Subpoenas to Collect or Exploit Bulk Data documentation or certification that the request was relevant to a drug investigation, as required for a Section 876(a) subpoena. subpoenas on an unknown number of occasions in support of investigations by non-DEA federal agencies that had no apparent connection to specific drug investigations. This utilization raised significant legal questions because the DEA had amassed the Program A, Collection 1 and Program B bulk data collections under its statutory authority, in 21 U.S.C. § 876(a), to require the production of data that was "relevant or material" to a drug investigation. We also fou nd that the DEA failed to establish any polices on storage or retention of the Program B bulk data at any t ime before or dur ing the operation of that program. Al though Program B is no longer active, the DEA has fai led to develop a final disposition plan regard ing tens of thousands of records of purchases t hat reside on DEA servers. Without such a plan, t here is a risk that the data will be retained for a substantial period. We found that Program C raised different kinds of challenging legal issues that the DEA also failed to fully assess. We found that the DEA failed to formalize a complete and adequate legal assessment r egarding its use of Program C to obtain reports and other advanced analytical information to ensure such use was lawful and appropriate under its administrative subpoena authority, 21 U.S.C. § 876(a), and the Electronic Communications Pri vacy Act, 18 U.S.C. § 2703(c)(2). Efficacy of Audits We determined t hat the DEA's current audit practices do not meaningfully examine whether t he Collection 2 subpoenas issued by the DEA in response to Program A product requests comply with the requirement in 21 U.S.C. § 876(a) that t he information requested be " relevant or material " to a Title 21 drug investigation. These audits consisted mainly of confir ming that each of t he thousands of requests from t he DEA and other participating federal agencies included a selection of one of the fixed drop-down selections for RAS. The DEA's current audit practices fail to scrutinize t he "Remarks" section of the form where the only substantive information about "relevance" may appear. But, as noted above, the information provided in this section often lacks specificity sufficient to establish the particularized facts or basis for connecting the target number to a drug investigation, even if such review had occurred. We determined that the current versi on of the Program A request form does identify the requester and case number, which information would enable an auditor to track a Program A product request to the case file and interview t he requester t o assess whether the necessary predication for the request existed. Adequacy of Procedural Safeguards We found that the DEA's procedural safeguards for Program A, Collection 2 are not sufficiently clear or strong enough to ensure compliance with the requirement under Section 876(a) that the informat ion being demanded is " relevant or material" to a drug investigation. The DEA's guidance document instructed users to identify RAS on an electronic request form by selecting from a fixed " drop-down" list that contains only generic categories of sources from wh ere an investigat or might have learned about the target number, such as a confidential informant. This procedure did not provide any particularized factua l basis on which to assess whether the requisite level of "relevance" under Section 876(a) exists between the target number to be included on the Collection 2 subpoena and the underlying investigation. Add itionally, the electronic form only contained one section, a " Remarks" section, where specific facts connecting the requested target number to the underlying investigation could be documented. However, the DEA's procedures lacked standard s or written guidance on what the " Remarks" section must contain. In practice, the DEA typically did not require more "particularization" than a single conclusory sentence, and did not explicitly require the Use of Parallel Construction In order to protect the unique capabilities of Program A and Program C, agents and analysts are instructed not to use the information provided in the analytical products in affidavits, pleadings, or the li ke, and to keep them isolated from t he official files. Users are iii Executive Summary A Review of the Drug Enforcement Administration's Use of Administrative Subpoenas to Collect or Exploit Bulk Data instructed to "parallel construct" the information obtained in these products before using it in reports or court proceedings. This may require, for example, issuing a new, target-specific administrative subpoena to a telephone service provider for the relevant telephone numbers identi fied in t he Prog ram A investigative product that were determin ed to be related to the investigation . conditions under which such bulk data may be shared with other federal agencies for non-drug purposes. We found that there is nothing inherently inappropriate about using parallel construction to re-create information originally derived from a confidential program for use as evidence in court filings, such as warrant applications, or even at trial. This practice is analogous to using conventional investigative t echniques to confirm a fa ct initially disclosed to a law enforcement agency in a confidential tip. However, parallel construction should not be used to prevent prosecutors from fully assessing their discovery and disclosure obligations in criminal cases. While the DEA has denied misusing parallel construction in this manner, we found some troubling statement s in the DEA's training materials and other documents, including that Program A investigative prod ucts cannot be shared with prosecutors. Such statements appear to be in tension with Department policy on a federal prosecut or's " duty to search" for discoverable information from all members of the "prosecution team," which typically includ es federal law enforcement officers who participated in the investigation of the defendant. The DEA should issue a final legal opinion and updated policy on Program C and its permissible uses. • The DEA should modify the electronic request form for Program A products to require more particularized documentation of the information to establish RAS and certification that the request pertains to a drug investigation. The DEA should develop legally supportable criteria for retention of Program B data collected by use of administrative subpoenas, and policies for the disposition of such bulk data. Recommendations In total, the OIG made 16 recommendations to the DEA to address the issues and concerns identified during our review, including the following: • • Before initiating or reinstating a "bulk collection" program by use of non-target - specific administrative subpoenas, the DEA should conduct a rig orous written legal assessment that specifically addresses whether 21 U.S.C. § 876(a) authorizes the issuance of non-targeted subpoenas for exploratory or target­ development purposes, and the permissible iv • The DEA and other participating federal agencies should conduct periodic audits, on a set schedule, of an appropriate sample of Program A product requests to confirm, by tracking to the investigation from which the request originated, that there was an adequate particularized factual basis sufficient to establish RAS that the target number was relevant or material to an ongoing drug investigation. • The Department should undertake a comprehensive review of "parallel construction" policies and practices with respect to Program A and Prog ram C invest igative products to ensure that t hese policies and practices do not conflict with th e government's discovery and disclosure obligations in cri minal cases, or Department policy on this subject, and that the Department's and DEA's guidance and training materials on t his subject be clarified as warranted. TABLE OF CONTENTS CHAPTER ONE INTRODUCTION ................................................................... 1 I. Background ..................................................................................... 1 II. Methodology .................................................................................... 4 III. Organization of the Report ................................................................. 5 IV. Access Issues .................................................................................. 5 CHAPTER TWO RELEVANT STATUTES, REGULATIONS, RULES, AND POLICIES ... 8 I. Statutory and Constitutional Provisions ............................................... 8 A. 21 U.S.C. § 876 (Administrative Subpoenas) .............................. 8 B. 18 U.S.C. § 2703 (Electronic Communications Privacy Act) ........... 9 C. Fourth Amendment and the Third-Party Doctrine ....................... 10 II. 28 C.F.R. § 0.104, App., Sec. 4 (DEA and FBI Personnel Authorized to Issue Subpoenas) ........................................................................... 12 III. DEA Agents Manual ........................................................................ 12 A. Business Records Generally .................................................... 12 B. Subscriber/Toll Records .......................................................... 14 C. Documentation Requirements ................................................. 14 CHAPTER THREE THE I. The - PROGRAM ............................................... 15 Collection ....................................................................... 15 A. The - B. The C. Use of D. Use of - E. Programmatic Safeguards ...................................................... 24 1. 2. F. Analytical Products .................................. 18 Products in Drug Investigations ............. 20 Data in Non-Drug Investigations ........................... 21 Reasonable Articulable Suspicion (RAS) .......................... 26 Auditability of Queries ................................................... 28 Legal and Legislative Oversight ............................................... 30 1. 2. 3. 4. G. Subpoenas ............................................................ 16 Early Years .................................................................. 30 The Au ust 1999 Memorandum ...................................... 31 . .............................................. 33 Congressional Oversight ................................................ 35 Termination of the - Collection ......................................... 35 V II. . .................................................................... 37 A. B. C. D. E. F. . ............................................. 39 . ........... 41 . ....... 41 . ...................... 42 . ..................................................... 42 Relevance and Reasonable Articulable Suspicion (RAS) ..... 43 ........................................................ 50 1. G.  Legal Oversight ..................................................................... 52 CHAPTER FOUR I. The - .................. 54 Collection ........................................................................ 54 A. The - B. Receipt of Data and Dissemination of Leads to Field .................. 57 1. Subpoenas ............................................................. 55 Dissemination of Raw Data (2008-2013) ........................ 57 2 . -~:~aH(~~d1\~~~~~).~~~~~--~~--~~~-~~~-~-~~~-~-~'.~.~-~~---· 61 C. Maintaining the Confidentiality of the - D. Storage and Retention ........................................................... 65 1. 2. 3. II. Program .................. 64 Bulk Data o n ~ ............................................. 65 Bulk Data in Module .................................. 66 Bulk Data Stored Elsewhere ........................................... 66 Legal Review of - ..................................................................... 66 A. Initial Review in September 2008 ............................................ 66 B. FBI Concerns at the Fusion Center in May 2013 ........................ 69 C. OCC's Review before OIG Meeting in August 2013 ..................... 71 III. DEA Stops Issuing - Subpoenas ................................................. 72 IV. DEA Assessments of Value of the Program ......................................... 73 CHAPTER FIVE ............................................... 75 I ............................................... 76 ............................... 76 ........................................ 76 ............................................................... 76 vi ........................................................ 77 ............................ 77    I  ................................. 78 ............................... 79 .............................................................. 81 ...................................................... 82 ............................................................ 83 .......................... 83 ................................. 83 ................................... 85 ...................................................... 88 CHAPTER SIX ANALYSIS AND RECOMMENDATIONS ..................................... 92 I. OIG Assessment of the Adequacy of Legal Review Conducted for the Bulk Collection Programs ........................................................................ 92 A. -···················································································93 1. Legal Validity under Section 876(a) ................................ 93 2. Querying the Data for Non-Drug Investigations ....... 98 B. -···················································································99 C. D. -··············································································100 . ........................................................................ 101 E. Recommendations Regarding Legal Review .............................. 105 1. 2. II. Bulk Collections b Administrative Subpoena .................. 105 . ............................. 106 OIG Assessment of Procedural Safeguards ........................................ 106 A. Safeguards to Ensure Compliance with Section 876(a) and to Prevent Misuse of Collections ................................................. 106 1.  3. .............................................. 109 Recommendations Regarding Procedures for Establishing Relevance under Section 876(a) .................. 112 B. . ................................................ 114 1. 2. ..................................................... 114 . ............................................................... 115 vii  III. ................. 115 OIG Assessments and Recommendations Regarding Audits ................ 117 A. . ............................................................ 117 B. . ....................................................................... 119 IV. Parallel Construction ..................................................................... 121 V. General Updates to Policies and Training ......................................... 124 VI. Conclusion .................................................................................. 125 APPENDIX A: Timeline Of Key Events ...................................................... A-1 APPENDIX B: Office of the Deputy Attorney General's Response ...................... B-1 APPENDIX C: Drug Enforcement Administration's Response ............................... C-1 viii CHAPTER ONE INTRODUCTION I. Background This report examines the Drug Enforcement Administration's (DEA) use of its administrative subpoena authority under 21 U.S.C. § 876(a) to collect or exploit "bulk data." 1 For purposes of this review, we relied on the Department of Justice's (Department or DOJ) definition of a "bulk collection" of data as a collection of a significant amount of data that is unrelated to an individual, group, or entity that is a target of an investigation, where the data is acquired or updated periodically on an ongoing basis. 2 Typically, a "bulk collection" of data (often referred to herein as "bulk data") captures records relating to broad categories of transactions, such as all purchases of a given item or all telephone calls to a broad set of geographic areas. The relevance of any individual record within the collection (such as a record of a single phone call or purchase) to a specific open investigation is not determined until after the bulk collection is acquired. Collections of bulk data may include millions or even billions of data points and are often loaded into computers and analyzed by means of automated searches. As described herein, in some cases the DEA uses its administrative subpoena authority to benefit from a company's ability to exploit collections of bulk data maintained by the company. Further, none of the bulk collections that we examined included the content of private communications. The government's use of collections of bulk data for counter-terrorism investigative purposes became the subject of great public interest when Edward J. Snowden made public disclosures in June 2013 indicating that the National Security Agency (NSA) was collecting billions of telephone call records, or telephone metadata, encompassing every call made through the systems of certain telecommunications providers where at least one end of the communication was located in the United States. 3 1 Department of Justice Inspector General Michael E. Horowitz recused himself from this review because he occupied senior management positions within the Criminal Division from 1999 through 2002, a time period during which DEA operated, with Criminal Division involvement, one of the programs examined herein. We did not interview Mr. Horowitz or review his conduct because of the inherent conflict for this office to evaluate the role of the Inspector General. Although auditing standards are not applicable to this review, which is not an audit, they provided useful guidance on his issue. See Generally Accepted Government Auditing Standards (December 2011). 2 The Office of the Deputy Attorney General used this definition to identify the scope of "bulk collection" programs in DOJ components in the wake of the Edward J. Snowden disclosures in June 2013 regarding the National Security Agency's bulk telephone metadata collection program. For purposes of this review, we applied this definition to such collections amassed by the DEA through its subpoena power, or amassed by private companies and exploited on behalf of the DEA upon receipt of a subpoena. 3 Telephone call records or telephone metadata include transactional details regarding a call, such as the date and time of a call, but do not include the content of the communications. 1 Several contemporaneous events after the Snowden disclosures led the Department of Justice Office of the Inspector General (OIG) to initiate this review. Later in the summer of 2013, the OIG learned about the DOJ/DEA's involvement in a bulk telephone metadata collection program, known as in which bulk data involving calls made from the United States to certain other countries was acquired b means of administrative sub oenas issued to tele hone carriers. Also in 2013, the OIG learned that the DEA subpoenas to collect bulk information about (National Initiative or ), and that the FBI had raised concerns about the DEA's legal authority for that collection. In each of these programs, the DEA was relying on its delegated authority under 21 U.S.C. § 876(a) to issue administrative subpoenas, without court or other approval outside the agency, requiring the production of records that are "relevant or material" to certain narcotics investigations. In prior investigations relating to the Department's use of telephone metadata, the OIG found problems with the FBI's use of National Security Letters, exigent letters, and other informal requests to obtain the production of non-content telephone records from communications service providers. 4 Also, since 2005, Congress has directed the OIG to conduct four comprehensive reviews of the FBI's use of its investigative powers under Section 215 of the Foreign Intelligence Surveillance Act (FISA) to ensure, among other things, that there has been no improper usage of this authority and to assess the adequacy of safeguards established to protect privacy. 5 The information the OIG learned about the DEA's use of its administrative subpoena authority to obtain similar non-content telephone records in bulk raised questions that we believe are of potential interest to DOJ leadership, the Congress, and the public. Among these were whether the DEA had adequately 4 See, e.g., U.S. Department of Justice Office of the Inspector General, The Federal Bureau of Investigation's Use of Exigent Letters and Other Informal Requests for Telephone Records (January 2010); U.S. Department of Justice Office of the Inspector General, A Review of the Federal Bureau of Investigation's Use of National Security Letters (March 2007). Although these investigations related to intelligence investigative authorities, the legal and policy issues addressed in them have relevance to the issues addressed in this report. 5 See, e.g., U.S. Department of Justice Office of the Inspector General, A Review of the Federal Bureau of Investigation's Use of Section 215 Orders for Business Records (March 2007); U.S. Department of Justice Office of the Inspector General, A Review of the Federal Bureau of Investigation's Use of Section 215 Orders for Business Records 2012 through 2014, Oversight and Review Report 16-04 (September 2016). Classified portions of prior OIG reports on this subject identified the NSA's bulk telephone metadata collection program through the FBI's use of its Section 215 authority. However, only a very limited number of individuals within the Department and Congress were authorized to receive that classified information prior to the Snowden disclosures. 2 confirmed that it had legal authority to collect bulk data using administrative subpoenas, and whether the DEA had implemented adequate safeguards limiting the retention of bulk data and ensuring that these data collections were protected from unauthorized use by agency employees. Additionally, the OIG had not previously reviewed the DEA's practices in this area, but had done so several times, as noted above, with regard to the FBI. Concerns regarding the government's ability, through broad subpoena power, to amass private data in bulk have also been the subject of law review commentaries for at least 50 years. 6 Apprehensions about the tension between privacy rights and legitimate and lawful government intrusions have become even more acute in today's advanced computerized society where a wealth of information on people's daily activities is stored electronically by businesses and organizations and accessible to government by subpoena. 7 Our report addresses three programs in which the DEA has used its administrative subpoena authority to collect or analyze bulk data in recent years. Two of these programs involved the collection or ex loitation of bulk tele hone meta data: 6 See, e.g., Richard S. Miller, Administrative Agency Intelligence Gathering: An Appraisal of the Investigative Powers of the Internal Revenue Service, 6 B.C. Indus. Com. L. Rev. 657, 71516 (1965) (concluding that "one must not be blind to the dangers [from] an agency [that used its investigatory powers to establish a bulk data collection for use by all other government agencies] would cause to the right to be let alone and to the concomitant protection against the tyranny of petty officialdom which that right affords, for these constitute part of the fabric of a society where governmental interference with Individual privacy has been the exception rather than the rule."); Lynn Katherine Thompson, IRS Access to Bank Records; Proposed Modifications in Administrative Subpoena Procedure, 28 Hast. Law Journal 247, 281 (1976) (concluding that vast repositories of personal information held by banks, telephone companies, and other third parties were not adequately restricted from government access by administrative subpoena in the "highly computerized society" of the 1970s); Daniel J. Solove, Digital Dossiers and the Dissipation of Fourth Amendment Privacy, 75 S. Cal. L. Rev. 1084 (2002) (expressing concern that ease of government access by subpoena to commercial digital files on people represents "one of the most significant threats to privacy of our times"); and Christopher Slobogln, Transaction Surveillance by the Government, 75 Miss. Law. J. 139 (2005) (expressing similar concerns that government access by subpoena to digital records of highly personal activities held by third parties is subject to insufficient legal restrictions). 7 See Am. Civil liberties Union, et al., v. Clapper, et al., 785 F.3d 787, 794 (2d Cir. 2015) (citing alleged privacy concerns from bulk metadata collections in today's technological capacity for automated, large-scale reviews). 3 The third program addressed in our report, , involved the use of administrative ~ a s to collect purchaser information for every sale of a by certain major sellers of such devices. 9 roach is called program remains active. DEA suspended in 2013. In examining these programs, we explored (1) the DEA's legal authority for the acquisition or use of these data collections; (2) the policies and procedural safeguards established by the DEA with respect to the collection, use, and retention of the data, including procedures to prevent misuse; (3) the DEA's creation, dissemination, and use of products generated from the data; and (4) the DEA's use of "parallel construction" or other techniques to protect the confidentiality of these programs. 10 A timeline of key events relevant to this review is provided in Appendix A to this report. II. Methodology To investigate the above issues, we reviewed more than 175,000 pages of classified and unclassified documents related to the DEA's administrative subpoena usage generally or to one or more of the three programs. These materials included analyses, briefing materials, charts, guidance documents, internal memoranda, investigative materials, policy and procedural manuals, reports, representative subpoenas, and training documents. We also obtained materials from several DOJ components besides the DEA that had materials related to the issues under investigation. These DOJ components were: the Office of the Deputy Attorney General, the Criminal Division, the Federal Bureau of Investigation, and the Office of Legal Counsel. Additionally, we reviewed thousands of pages of emails from the accounts of relevant Department personnel at the DEA and other DOJ components. 9 When we initiated this review, we sought information regarding the DEA's use of administrative subpoenas for "bulk collection" since 2008. The DEA identified and as the only programs involving the use of administrative subpoenas in this manner during this period. 10 Parallel construction is a DEA term of art that appears in DEA materials for certain DEA programs. According to the Office of the Deputy Attorney General, the Department does not generally utilize this term for this process in other contexts. 4 We also conducted more than 50 interviews over th e co urse of our review . These interviews covered a wide range of personnel w ith operational and managerial responsibility related to the DEA's use of administrative subpoenas in the programs we focused on, or generally, including Special Agents, Intelligence Analysts, Program Analysts, Division Counsel and Department lawyers, Staff Coordinators, Section Chiefs, Office Chiefs, Assistant Sp ecia l Agents-in-Charge, and several other m anagerial personnel. III. Organization of the Report This report is divided into six chapters, including this Introduction. Chapter Two describes the statutes, regulations, rules, and policies relevant to this review. In Chapter Three we describe the program, w hich over time has incorpora ted t wo different approaches for using administrative subpoenas to exploit bulk telephone metadata in support of investigations conducted by the DEA and other agencies. In Chapter Four we describe _ , a DEA program that used administrative subpoenas to collect bulk data regarding urchases of to identif tar ets for new investi ations. OIG's anal ysis and recommendations. IV. Access Issues For a substantial period after we initiated this review, the DEA took man y actions that hindered the OIG's access to information available to it that the OIG was plainly authorized to obtain under the Inspector General Act. 11 These actions included failing to produce or delaying the production of relevant and responsive materials w ithout any compelling or sufficient basis. Additionally, the DEA provided the OIG with heavily reda cted materials on several occasions and engaged in a lengthy sensitivity screening of emails prior to providing them to the OIG. Further, the OIG discovered many highly rel eva nt documents, w hich had not been produced, only a~er learning abo ut them in witness interviews. This latter issue was pa rticularly significant with respect to the dearth of 11 5 U.S.C. app. 3 §§ 4, 6. See also Select Committee to Study Governmental Operations with Respect to Intelligence Activities, S. Rep . No. 94-755, Book II, at IX, n. 7 ( 1976) (This Senate Select Committee, commonly referred to as the " Church Committee" after then-Chairman, Senator Frank Church, declared that the "most im portant lesson" derived from their review was that "effective oversight is impossible without regular access to the underlyi ng working documents of the intelligence community") (emphasis added). 5 documents containing legal reviews of programs in our review, which the DEA failed to produce to the OIG until a witness identified their existence to us. The DEA's actions significantly delayed our review and were wholly inconsistent with the requirements of the Inspector General Act. The OIG's access to information from the DEA began to improve after high-level communications between the OIG and the DEA in December 2014, and subsequent involvement by the Office of the Deputy Attorney General. Nonetheless, such actions should not have been necessary for the OIG to obtain access to information that it was lawfully authorized to obtain. However, beginning in mid-2015, the DEA demonstrated a marked improvement in its cooperation with the OIG and provided prompt and complete responses to the OIG's information requests. Additionally, some information necessary for our review was obtained from the FBI. The FBI responded fairly promptly to most of our requests for information. However, the FBI delayed producing a small amount of grand jury materials on the grounds that the OIG was not legally entitled to these materials without approval from the Attorney General or the Deputy Attorney General. The Inspector General disagreed in testimony before Congress and otherwise, noting that the FBl's legal arguments on this issue were inconsistent with the plain language of the Inspector General Act and long standing practice of the Department and the FBI prior to 2010. 12 12 In response to this issue, as part of the Department's appropriations in fiscal years (FY) 2015 and 2016, Congress prohibited the Department from denying the Inspector General timely access to records available to the Department and instructed the Inspector General to notify Congress if such denial occurred. See Department of Justice Appropriations Act, 2015, Pub. L. No. 113-235, § 218, 128 Stat. 2130, 2200 (2014); Consolidated Appropriations Act of 2016, Pub. L. No. 114-113, Division B, Title V § 540, 129 Stat. 2242, 2332 (2015). In July 2015 and April 2016, the Office of Legal Counsel (OLC) issued two opinions, the first finding that Section 218 in the Department's FY 2015 appropriations bill did not contain a "clear and unambiguous statement" from Congress to override specific limitations on disclosure, such as those for grand jury materials, and the second finding that Section 540 in the Department's FY 2016 appropriations bill did contain such a "clear and unambiguous statement," and thus the Department was prohibited for the duration of FY 2016 from denying the OIG's timely access to such materials. See The Department of Justice Inspector General's Access to Information Protected by the Federal Wiretap Act, Rule 6(e) of the Federal Rules of Criminal Procedure, and Section 626 of the Fair Credit Reporting Act, 39 Op. O.L.C. _ (July 20, 2015); https://www.justice.gov/sites/default/files/olc/opinions/attachments/2015/07 /23/2015-07-20-doj­ oig-access.pdf (accessed December 28, 2017); Authority of the Department of Justice to Disclose Statutorily Protected Materials to Its Inspector General in Light of Section 540 of the Commerce, Justice, Science, and Related Agencies Appropriations Act, 2016, 40 Op. O.L.C. _ (April 27, 2016); https://www.justice.gov/sites/default/files/olc/opinions/attachments/2016/04/28/2016-0427-disclosure-to-ig.pdf (accessed December 28, 2017). The Inspector General consistently maintained, before and after the OLC opinions, that the OIG was entitled to these materials by virtue of the plain language in Section 6(a) of the Inspector General Act, 5 U.S.C. app. 3 § 6. 6 Ultimately, the access issues faced by the OIG in this and other matters contributed to the basis for Congress's enactment of the Inspector General Empowerment Act of 2016, Pub. L. No. 114-317, 130 Stat. 1595 (2016), to avoid unnecessary and prolonged delays in completing OIG reviews, as encountered in this matter. 13 13 Section 6(a)(l) of the Inspector General Act, 5 U.S.C. app. 3 § 6(a)(l), as amended by Section 5 of the Inspector General Empowerment Act of 2016, Pub. L. No. 114-317, 130 Stat. 1595, 1603-04, provides that the Inspector General of the Department of Justice is authorized to have timely access to all records, documents, or other materials available to the Department, notwithstanding any other provision of law, except a congressional provision of law that expressly refers to the Inspector General and expressly limits the Inspector General's right of access. 7 CHAPTER TWO RELEVANT STATUTES, REGULATIONS, RULES, AND POLICIES In this chapter we describe the applicable statutes, regulations, rules, and policies that govern DEA's use of administrative subpoenas to obtain or exploit the data in the programs under review in this report. I. Statutory and Constitutional Provisions A. 21 U.S.C. § 876 (Administrative Subpoenas) By federal statutes, Congress has long granted federal agencies the power to issue subpoenas to compel the production of records (and to compel testimony) relevant to agency investigations. 14 Subpoenas issued by federal agencies within the Executive Branch are commonly referred to as administrative subpoenas because the federal agency itself can expeditiously issue the subpoena without approval by a prosecutor, grand jury, or court. Congress has delegated this power to federal agencies to enable them to fulfill their statutory mandates, which may include investigating potential violations of federal law . 15 In the Controlled Substances Act, codified at 21 U.S.C. § 801 et seq., Congress delegated to the Attorney General the power to issue subpoenas in connection with investigations into drug crimes (referred throughout this report as "Title 21" investigative authority). 16 Section 876(a) provides, in relevant part, that: 14 See, e.g., 24 Stat. 379, 383, Sec. 12 (1887) (providing the Interstate Commerce Commission the power to issue subpoenas to compel the production of records relating to any matter under investigation). 15 Indeed, when the Department of Treasury was responsible for enforcement of narcotics laws, prior to the creation of the DEA, Congress recognized the need to provide the Treasury Department with subpoena power, in 1955, to assist in the enforcement of federal narcotics laws. See H.R. Rep. No. 84-1347 (1955); S. Rep. No. 84-1247 (1955); see also 101 Cong. Rec. 10085 (1955)(remarks of Rep. Cooper noting that lack of subpoena authority "handicaps enforcement officers" in enforcement of narcotics laws); id., (remarks of Rep. Jenkins summarizing that the House bill would authorize the Secretary of the Treasury to subpoena the production of any records which the Secretary found "necessary or relevant to an investigation in connection with the enforcement of laws pertaining to narcotic drugs and marijuana"). 16 The DEA's primary enforcement mission is to enforce Titles II and III of the Comprehensive Drug Abuse Prevention and Control Act of 1970, Pub. L. No. 91-513, 84 Stat. 1236, 1242, 1285, which are cited as the Controlled Substances Act and the Controlled Substances Import and Export Act, respectively. The Controlled Substances Act is codified at Title 21, Chapter 13, Subchapter 1, Sections 801-904; 21 U.S.C. §§ 801-904; and the Controlled Substances Import and Export Act is codified at Title 21, Chapter 13, Subchapter 2, Sections 951971; 21 U.S.C. §§ 951-971. For purposes of this report, references to the DEA's "Title 21" investigative authority refers only the Controlled Substances Act, 21 U.S.C. §§ 801-904. Two years prior to enactment of the Controlled Substances Act, which placed drug enforcement laws under a single statute, many drug enforcement responsibilities were transferred 8 In any investigation relating to his functions under this subchapter with respect to controlled substances, listed chemicals, tableting machines, or encapsulating machines, the Attorney General may subpena [sic] witnesses, compel the attendance and testimony of witnesses, and require the production of any records (including books, papers, documents, and other tangible things which constitute or contain evidence) which the Attorney General finds relevant or material to the investigation. 21 U.S.C. § 876(a). B. 18 U.S.C. § 2703 (Electronic Communications Privacy Act) Title II of the Electronic Communications Privacy Act (ECPA), 18 U.S.C. §§ 2701-2711, as amended, addresses law enforcement access to stored communications. 17 ECPA generally prohibits communications service providers from "knowingly divulg[ing] a record or other information pertaining to a subscriber to or customer of" a communications service to any governmental entity. 18 However, ECPA contains exceptions to this general prohibition, which include when a federal governmental entity issues an administrative subpoena. 19 For example, Section 2703( c)(2) of EPCA requires communications service providers to disclose in response to an administrative subpoena not the content of communications, but the: (A) name; (B) address; from the Department of Treasury and the former Department of Health, Education, and Welfare to a new agency, the Bureau of Narcotics and Dangerous Drugs, within the Department of Justice. See Reorganization Plan No. 1 of 1968, 33 Fed. Reg. 5611 (1968}. In 1973, the Drug Enforcement Administration was established within the Department of Justice and the Bureau of Narcotics and Dangerous Drugs was abolished. See Reorganization Plan No. 2 of 1973, 38 Fed. Reg. 15932 (1973}. Section 1 of this reorganization plan transferred from the Treasury Department to the Attorney General "all intelligence, investigative, and law enforcement functions" relating to illicit drug activities, except those at ports of entry or borders. Reorganization Plan No. 2 of 1973, 38 Fed. Reg. 15932 (1973}. For example, the Treasury Department has administrative subpoena power under Section 967 of the Controlled Substances Import and Export Act, 21 U.S.C. § 967, with respect to investigations to enforce 18 U.S.C. § 545 relating to smuggling of unregistered controlled substances into the United States. As referenced below, the Attorney General subsequently assigned to the DEA Administrator all functions vested in the Attorney General by Section 1 of Reorganization Plan No. 2 of 1973, and not otherwise specifically assigned. 28 C.F.R. Part 0, Subpart R § 0.100(c}. 17 Pub. L. No. 99-508, § 201, 100 Stat. 1848, 1860 (1986} (sometimes referred to as the Stored Communications Act, in contrast to prospective surveillance of content and non-content information of electronic communications under Title I and Title III of the Electronic Communications Privacy Act, which contains the general federal wiretap statute, 18 U.S.C. § 2511 et seq., and the pen register statute, 18 U.S.C. § 3121 et seq., respectively}. 1s 18 U.S.C. § 2702(a}(3}. 19 18 U.S.C. § 2702(c}; 18 U.S.C. § 2703(c}(2}. 9 (C) local and long distance telephone connection records, or records of session times and durations; (D) length of service (including start date) and types of service utilized; (E) telephone or instrument number or other subscriber number or identity, including any temporarily assigned network address; and (F) means and source of payment for such service (including any credit card or bank account number), of a subscriber to or customer of such service. 18 U.S.C. § 2703(c)(2). 20 C. Fourth Amendment and the Third-Party Doctrine The Fourth Amendment protects "[t]he right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures. " 21 "Searches" are not limited to "physical intrusions" because the Fourth Amendment "protects people, not places." 22 Thus, a "search" can occur without any physical intrusion if a court finds that a "reasonable expectation of privacy" exists. 23 However, the Supreme Court typically held "that a person has no legitimate expectation of privacy in information he voluntarily turns over to third parties," and thus the Fourth Amendment does not apply in such circumstances. 24 This remains so even if a person provides information to third parties "on the assumption that it will be used only for a limited purpose and the 20 Other provisions of ECPA enable law enforcement agencies to obtain stored content or other records beyond the transactional telephone records in Section 2703(c)(2), by administrative subpoena or other means, if more stringent conditions are met. Under Section 2703(a) and (b) of ECPA, law enforcement agencies can require the disclosure of the contents of wire or electronic communications with a search warrant. See 18 U.S.C. § 2703(a) and (b). A law enforcement agency can also require the provider of "electronic communications services" to disclose the contents of wire or electronic communications that have been in electronic storage for more than 180 days by administrative subpoena, if the law enforcement agency provides prior notice to the subscriber or customer. See 18 U.S.C. § 2703(a) and (b)(l){B)(i). Further, law enforcement agencies may require the disclosure of other records or information of a subscriber or customer, not listed in Section 2703(c)(2) with a court order under Section 2703(d), where the government provides "specific and articulable facts showing that there are reasonable grounds to believe" that the records or other information sought are "relevant and material to an ongoing criminal investigation." See 18 U.S.C. § 2703(d). 21 U.S. Const. amend. IV. 22 Katz v. United States, 389 U.S. 347, 351-53 (1967). 23 Smith v. Maryland, 442 U.S. 735, 739-746 (1979) (explaining application of Katz "reasonable expectation of privacy" test). 24 Smith, 442 U.S. at 743-44 (holding that a telephone user had no reasonable expectation of privacy in the telephone numbers he dialed and conveyed to telephone company, which were recorded by government surveillance through a pen register device). 10 confidence placed in the third party will not be betrayed." 25 Subsequent court decisions have referred to this doctrine as the "third-party doctrine. " 26 Notwithstanding the foregoing, the Supreme Court recently ruled that the third-party doctrine does not extend to the government's collection of historical cell-site location information from wireless carriers. 27 The Supreme Court noted that historical cell-site location information provides a "detailed and comprehensive record" of a person's past movements from his cell phone's connections to the wireless network. 28 The Supreme Court found that given this "unique nature of cell phone location records, the fact that this information is held by the wireless carrier "does not by itself overcome the user's claim to Fourth Amendment protection." 29 The Supreme Court observed that there "was a world of difference" between the limited types of personal information addressed in older cases where the Court found that the third-party doctrine applied (business records of a bank and telephone numbers dialed) and the "exhaustive chronicle of location information casually collected by wireless carriers today." 30 Moreover, the Supreme Court noted that the underlying rationale of the third-party doctrine-voluntary exposure-did not apply to cell­ site location information because the cell phone itself sends a signal as to its location by virtue of operation without any affirmative act by the user. 31 Accordingly, the Supreme Court held that "an individual maintains a legitimate expectation of privacy in the record of his physical movements as captured through [cell-site location information]," and thus government acquisition of this information from wireless carriers constitutes a "search" for Fourth Amendment purposes. 32 However, the Supreme Court noted that its decision was a "narrow one" that did not address other matters not before it, including other types of cell-site location information or other business records that might incidentally reveal location information. 33 25 United States v. Miller, 425 U.S. 435, 440-43 (1976) (holding that individual had no reasonable expectation of privacy in his bank records, which were subpoenaed by the government, because he voluntarily conveyed the information to the bank, which was exposed to employees in the ordinary course of business, and the materials were the records of the banks). 26 See, e.g., Carpenter v. United States, 585 U.S._,_ (2018) (slip op. at 9-10). 27 Id. at 10-11, 15, 17, 22. 28 Id. at 10-11. 29 Id. at 11. 30 Id. at 13-17. 31 Id. at 17, 22. 32 Id. at 11, 15-17, 22. 33 Id. at 17-18. 11 II. 28 C.F.R. § 0.104, App., Sec. 4 (DEA and FBI Personnel Authorized to Issue Subpoenas) By regulation, the Attorney General has delegated authority to issue Title 21 administrative subpoenas to the DEA Administrator. 34 The DEA Administrator has redelegated this power, as codified by regulation, to most managers or supervisors in a field office and to certain managers and personnel in the Inspections Division at DEA headquarters. 35 These authorized personnel at field offices include: Special Agents-in-Charge, Associate Special Agents-in-Charge, Assistant Special Agents-in-Charge, Resident Agents-in-Charge, and Special Agent Group Supervisors. 36 The DEA Administrator has also redelegated the authority to issue administrative subpoenas to the Deputy Assistant Administrator of the Office of Special Intelligence within the Intelligence Division (formerly known as the Deputy Chief of Intelligence). This redelegation has existed since 1997, although it was effectuated by memorandum and is not codified by regulation. III. DEA Agents Manual The DEA Agents Manual (Manual) contains approved operational policies and procedures to guide the conduct of DEA Special Agents and other personnel in drug law enforcement operations and activities. The Manual contains several sections on the appropriate use of DEA's administrative subpoena authority, including an overview of legal requirements and policies or procedures governing the acquisition and use of certain records or information. We discuss below the sections relevant to our review. A. Business Records Generally of the Manual provide guidance on obtaining inistrative sub It also identifies the DEA personnel at headquarters or field offices who are authorized to issue administrative subpoenas, which matches the collective personnel codified in the Code of Federal Regulations listed above. 37 28 C.F.R. Part o, Subpart R § 0.100. The Attorney General has delegated concurrent authority in connection with investigations of illicit drug activities to the FBI Director, who has redelegated the authority to certain other FBI employees. See 28 C.F.R. Part 0, Subpart P § 0.85; App. to Subpart R, Sec. 1 and 4. 34 35 See 28 C.F.R. Part 0, § 0.104; App. to Subpart R, Sec. 4. 36 See id. 37 See id. 12 Most DEA administrative subpoenas do not seek bulk data . They are issued on a one-time basis to a person or organization seeking specific information relevant to a particu lar investigation. (For purposes of this report, such subpoenas will be referred to as "conventional administrative subpoenas. ") The DEA's conventional administrative sub oenas from the NSG are enerated 38 The NSG came onli ne in November 2008. Prior to then hard-copy templat es were used and OCC's Domestic Criminal Law Sect ion or Division Counsel addressed any case-specific questions. 13 B. Subscriber/Toll Records C. Documentation Requirements As noted above, the Attorney General's authority to issue Title 21 administrative subpoenas has been delegated to certain supervisors in DEA field offices, among others. DEA witnesses told us that in general, the process for line agents to obtain approvals from authorized supervisors for administrative subpoenas is informal, involving direct communications between agent and supervisor about the need for such a subpoena in a particular investigation. Although the Manual contains some provisions regarding the appropriate use of administrative subpoenas, as detailed above, there is no requirement that DEA personnel provide an internal written justification accompanying the subpoena request that demonstrates compliance with those policies. In particular, there is no requirement to document in writing the relevance or materiality of the requested information to the investigation for which it is requested. As one DEA manager explained, the DEA generally does not go through a written justification process that might address questions, such as "why do you need this, what are you looking for ... , what do you expect to get out of it?" Rather, he said "[i]t's pretty much ... on the trust system," and that if it were used inappropriately it would be tantamount to falsifying an official record. 14 CHAPTER THREE THE PROGRAM The DEA and the Department of Justice (Department or DOJ) have promoted for many years as a "critical tool" for identifying and targeting the command and control communications of transnational drug trafficking entities, whose organizations are responsible for the sig nificant percentage of illicit drugs in the United States. I. The - Collection 39 There is no standard Department (or Executive Branch) definition of " law enforcement sensitive." See 81 Fed. Reg. 63336 (Sept. 14, 2016) (promulgating the Controlled Unclassified Information Program, 32 C.F.R. Part 3200, establishing "an open and uniform program for managing [unclassified] information that requires safeguarding or dissemination controls" due to the prior "ad hoc, agency-specific approach" of more than 100 different markings for such information across the Executive Branch). The DEA uses the term " la w enforcement sensitive" for programs with other law enforcement agencies and considers the term to be similar to its definition of "DEA Sensitive" information. Under Section 3.5 of the DEA's security classification guide, "DEA Sensitive" information is information that, while not meeting the criteria for classified materials, requires contro ls and restrictions from public access. The types of information that DEA requires protection under this designation includes: information and materials that are investigative in nature and that are critical to the operation and mission of DEA. Protection of information with this designation is governed by exemptions in the Freedom of Information Act, 5 U.S.C. § 552 et seq., such as 5 U.S.C. § 552(b)(7)(E) (exempting public disclosure of information that "would disclose techniques and procedures for law enforcement investigations or prosecutions ... if such disclosure co uld reasonably be expected to risk circumvention of the law"). 15 0 These call records, also known as " telephone metadata, " included the originating telephone number, the receiving telephon e number, the date, time, and duration of the call, and the type of payment, but did not include the content of an calls or subscriber information .41 SOD is a headquarters component within the DEA's Operation s Division, wh ich is led by the DEA's Chief of Operations, who in turn serves as the principal advisor to th e DEA Administrator and Deputy Administrator on all operational matters and programs . SOD was esta blished to manage and process investigative and intelligence products from the program and other programs containing clas~onents. Details era are regarding how NS and SOD offices operated . . . . . during the provided in the subsections below. A. The - Subpoenas As deta iled below, the collection was active from 1993 to 2013. data were not directed at a articular The administrative su bpoenas for identifiable DEA investi ation or tar et. 40 As noted below, the more than 2 years old. database was routinely purged of metadata relating to calls 41 The participating carriers provided additional metadata in the form of propri etary codes that the carriers co llected for t heir own business purposes. This data was not meaningful or useful to the DEA, but the companies did not spend extra time or money to weed out the data that the DEA did not want or use. 16 The subpoenas required the production of metadata for all calls made from the United States over the recipient company's network to countries that the DEA determined had a "nexus to drugs." Although the explicit criteria used to find a "drug nexus" varied over time, DEA records reflected an emphasis on countries that had a connection to sources of illegal drugs or precursor chemicals, drug trafficking, or drug-related money laundering. By 2012, DEA had expanded the scope of "drug nexus" to include countries in which drug­ related proceeds were being used to support terrorist activities. The DEA reviewed and approved the country list for the program annually to ensure that these countries continued to have a "drug nexus," as demonstrated by the prior year's law enforcement activities and other sources on drug trafficking trends. NS completed written justification memoranda for proposed countries to retain in, add to, or delete from the bulk collection, which required written concurrence by senior managers. By 2013, the DEA had developed 10 specific criteria, derived from prior law enforcement activities and sources on drug-related tre~hat it used to justify maintaining, adding, or deleting countries from the bulk collection. DEA documents and testimony indicate that the written justification memoranda and the resulting lists were reviewed and approved at varying intervals ranging from quarterly to every 1 or 2 years by senior DEA managers. Over the years, officials in the DOJ Criminal Division, including but not limited to the Deputy Assistant Attorney General, reviewed and approved the country list at irregular intervals. Although most subpoenas sought metadata for calls made from the United States to countries on the "drug nexus" list, we learned that for some companies the DEA prepared a separate administrative subpoena to obtain bulk telephone metadata for all calls between any of the designated foreign countries that transited a telecommunications service provider's network. 42 As referenced in Chapter Two, the DEA Administrator redelegated the authority to issue administrative subpoenas to the NS Deputy Assistant Administrator in 1997. The DEA could not locate materials that identified the delegated DEA official who issued subpoenas between 1993 and 1997. 17 In each subpoena, the Department and the DEA affirmed to the company-recipient that the bulk metadata was being sought "in connection with ongoing criminal investigative activities" of the DEA and "other U.S. federal drug law enforcement authorities as authorized by law," and the responsive metadata provided by the recipient "shall be used for ~urpose only." Like the DEA's conventional administrative subpoenas, the subpoenas were issued on a which contained a footer stating that th~ena is issued under the authority of 21 U.S.C. § 876. The boilerplate does not contain statutory language or standards, such as "relevant or material." Conventional DEA administrative subpoenas typically state, "pursuant to an investigation of violations of 21 U.S.C. Section 801 et seq.," or similar phrasing, "please provi~ecified items for a referenced investigation and target, whereas the subpoenas simply stated that the recipient was required to "produce" the requested data and then "affirmed" that the data was sought "in connection with ongoing criminal investigative activities." This difference in subpoenas were not issued language can be attributed to the fact that the directly for a specific case. B. The Analytical Products 18 Coordinator's review ensured that the request contained a sufficient basis connecting the target number with an active case, referred to as "reasonable articulable suspicion" (RAS). 43 43  1111 Further information regarding the procedure for reviewing RAS and the level of detail requests to support the RAS determination is provided in subsection E.1., provided in 11111 below. In addition, further information regarding the use o f - data in support of non-drug cases is provided in subsection D below. 44 Only participating federal non-DEA agencies can submit requests for products to SOD through DICE. No state or local law enforcement agencies participate in the requests, DARTS provides investigative deconfliction program. Unrelated to functions for the DEA and DICE provides this function for non-DEA federal agencies, as well as state and local law enforcement agencies. All subsequent references to DICE in this report relate to participating federal non-DEA agencies submitting requests to SOD.  I 19 c. Use of Products in Drug Investigations The DEA has consistently stated that the program played a critical role in identifying the U.S. network for major international drug traffickin or anizations and their res ective "command and control" structures. 20 lthough the paper did not quantify the value of the data within , this paper and other DEA documents stated that federal investigators would be unable to identify, in most cases, the U.S.-based operators of these international drug trafficking entities without the component o f - · After the program was suspended as discussed below, the DEA sent documents to ODAG in 2013 advocating reinstatement of the program. It stated that without the data, the DEA's ability to comprehensively "assess the true breadth and scope" of transnational drug trafficking entities would be severely limited, particularly identification of their U.5.-based cells. The DEA provided to ODAG several examples from prior products to ~ght that the same target numbers queried without the added value of the data revealed substantially fewer links to other federal drug cases or connections between U.S.-based cells and their foreign sources and leadership network. 45 The FBI has also stated that access to data enhanced the "breadth and quality" of the FBI's investigations by prompt identification of unknown links within major drug organizations and interconnectivity with other federal drug inve~ions. In a February 2014 letter to ODAG advocating reinstatement of the program, the FBI cited several investigations of major drug organizations w ~ e s of known "command and control" target phone numbers in the database, particularly the data, resulted in the identification of other domestic connections to the organizations and many links to DEA or other federal agency investigations. The FBI stated that access to the data aided federal drug enforcement agencies in their efforts to dismantle the most significant and violent drug trafficking organizations by identifying their leadership networks, which it believed otherwise would have been "substantially more" difficult. D. 45 Use of - Data in Non-Drug Investigations  As discussed below, the DEA withdrew the request to reinstate the August 2014 in favor of t h e - - program. 21 collection in Patterson said that the standard applied for requests in non-drug investigations was essential! the same but without the connection to a narcotics case. Patterson said that this standard contained no particular limits beyond demonstrating that the request pertained to an active criminal investigation of the particular requesting agency. He said the level of specificity to justify the request in non-drug investigations would be the same as that required for DEA's requests in Title 21 cases. Patterson told us that he did not believe there were many instances of such usa e even thou h it had been done eriodicall in certain cases. Patterson also based his belief on the fact that he never heard about any significant delays for products related to increases in requests in non-drug investigations. 22 The DEA reinstatement documents did not address the legal basis for using the collection in this manner. The sample Speedway product excerpts that the DEA sent to ODAG in su ort of reinstating the program showed additional instances in which data was a arentl used ort of non-dru investi ations. was The FBI stated that access to legally permissible in these circumstances under the longstanding legal principle that evidence legally obtained by one law enforcement agency may be shared with another. 46 The FBI's letter did not cite any specific benefits derived from access to the data in these non-drug nexus circumstances. collection in a non-drug investigation One instance of using the came to light in United States v. Hassanshahi, 145 F. Supp. 3d 75 (D.D.C. ~ - In Hassanshahi, a United States District Court described a use of the collection on behalf of Homeland Security Investigations, a component of DHS ICE, to develop evidence of a criminal violation of the United States' trade embargo against Iran. DHS ICE was a participating agency in the program. The DEA submitted a declaration from then-ASAC Patterson in which he set forth t h e ~ noted above, for requests in non-drug investigations, stating that the ~ database "could be used to query a telephone number where federal law enforcement officials had a reasonable articulable suspicion that the telephone number at issue was related to an ongoing federal criminal investigation," and stating further that this standard had been met with respect to the search that returned the defendant's telephone number. 47 Quoting Jabara v. Webster, 691 F.2d 272, 277 (6th Cir. 1982), the government argued that this use was consistent with the longstanding legal rule that 46 As noted in Chapter Two, the FBI also has delegated authority to issue administrative subpoenas under 21 U.S.C. § 876(a) in FBI drug investigations. However, under Section 18.6.4 of the FBl's Domestic Investigations Operations Guide (DIOG), the FBI cannot issue an administrative subpoena unless it is relevant to an open investigation on a specific target. Accordingly, the DIOG would not permit the FBI to use its administrative subpoena authority for bulk c o l l ~ . This issue is discussed in more detail in the next chapter regarding the National - - 1 n i t i a t i v e . 47 Although it did not rule on whether Homeland Security Investigations had established "reasonable articulable suspicion" for the database query request, the court reported the following facts regarding the request: Homeland Security Investigations received an unsolicited email from a source concerning an Iranian named "Sheikhi" who contacted the source by email, seeking assistance in procuring certain electrical equipment, and provided an Iranian telephone number and business address in Tehran, Iran, and the · · • - product request was for calls to that telephone number. 145 F. Supp. 3d at 79; 75 F. Supp. 3d 101, 105 (D.D.C. 2014) (citing affidavit from Homeland Security Investigations agent).  23 "[e]vidence legally obtained by one police agency may be made available to other such agencies without a warrant, even for a use different from that for which it was originally taken." 48 As noted in subsection E . 1 . b ~ e found other examples that appeared to show similar ~ e of products in non-drug investigations during the era. However, as explained below, the written descriptions of RAS submitted by requesters were often supplemented by more detailed information provided orally or by email to SOD. This additional information might have established a drug connection not made clear in the written submission. According to the DEA, it had the ability in individual cases to determine RAS and the Title 21 nexus of individual requests. However, the DEA told us that it lacked an automated accounting capability to assess the collective use of in non-drug cases, and could only do so by undertaking a burdensome manual examination of all records. Thus, we were unable to determine the extent of this practice and whether it was consistent with the DEA's and the FBI's general statements, noted a ~that requests for products in non-drug investigations during the - - era was uncommon. 49 E. Programmatic Safeguards In 2007, in respon~tions from a congressional oversight committee regarding the program and its component, the DEA identified the following as "programmatic safeguards to ensure that the legitimate privacy and civil liberty interests of U.S. citizens were properly protected and respected:" 48 145 F. Supp. 3d 75, 83 (D.D.C. 2015). The government made this argument even though such use may not have been consistent with representations made to the subpoena recipients. As noted above, in each subpoena, the Department and the DEA affirmed to the company-recipient that the bulk metadata was being sought "in connection with ongoing criminal investigative activities" of the DEA and "other U.S. federal drug law enforcement authorities as authorized by law," and the responsive metadata provided by the recipient "shall be used for that purpose only." The court did not address substantive issues regarding the underlying subpoena or subsequent use of the responsive data because the court found that the Homeland Security Investigations's discovery of the evidence that supported Hassanshahi's arrest was sufficiently attenuated from the database query that initially identified him. See United States v. Hassanshahi, 75 F. Supp. 3d 101 (D.D.C. 2014) (order denying defendant's motion to suppress certain evidence discovered during a forensic examination of laptop computer); United States v. Hassanshahi, 145 F. Supp. 3d 75 (D.D.C. 2015) (denying motion for reconsideration to suppress the evidence based on new information regarding the DEA's database because such information did not alter prior ruling regarding the evidence being sufficiently attenuated from the query, and suppression of the evidence was not an available statutory remedy under 21 U.S.C. § 876(a) in any event). 49 In response to a draft version of this report, the DEA stated that in June 2017 it added features to the automated request process that now enables it to account for the total number of Title 21 and non-Title 21 requests received in connection with - - successor program. We did not evaluate these new features as a part of this review, but will assess them later in connection with the DEA's responses to our recommendations. 24 l. Information that identifies a particular individual, entity or address, such as names, dates of birth, Social Security account numbers, was not sought, accepted or maintained as part o f - . Rather, the DEA only sought and maintained the specific items of call metadata, described above, that were collected via subpoenas (the originating telephone number, the receiving telephone number, call date and time information, call duration information, and type of payment). 2. 3. A very limited number of p ~ i n NS] who were specifically trained for participation in were granted access to the collection. 4. All requests for products and the responses thereto were routed through SOD "to ensure that the requests originate[d] from a legitimate requestor and [were] supported by 'reasonable and articulable suspicion."' 5. Only upon receipt of a valid request received through proper program channels were NS personnel permitted to query the product. database and use the results as part of a - 6. The DEA maintained a detailed audit trail of all requests,~ and responses received, conducted and prepared by the - ­ program. so In fact, as detailed above in subsecti on D, the requirement of linkage to a " drug trafficking investigation" for • • • product requests was not always observed . 25 As detailed below, the program was suspended in 2013, and it was beyond the scope of this review to determine whether the safeguards described above were consistently and strictly enforced during the period that the program was in operation. From our interviews and the documents the DEA provided to us, we found no evidence that the DEA's general description of these safeguards was incorrect (apart from the indication that all target numbers in product requests were linked to drug trafficking investigations); many of these ~ s remain in place toda with respect to the current version of the program involving as discussed below. However, we identified two safeguards during the era to be of particular interest because of DEA's claim that they provided a safeguard against the misuse of the data that could implicate privacy or civil liberties of t e ~ r v i c e subscribers: the requirement that each request for a product be vetted by SOD to ensure they were supported by RAS and the existence of an "audit trail" for all requests. 1. Reasonable Articulable Suspicion (RAS) As noted in the prior section, the DEA described the SOD's review of this information as an important safeguard to prevent misuse of the collection and ensure the protection of the "legitimate privacy and civil liberty interests of U.S. citizens." Therefore, we discuss below the training and standards to show RAS, and examine sample SOD-approved products. a. Training and Standards A demonstration of RAS was required for obtaining - ~ containing data, and is also required today in connection with (as discussed below). Although this concept is not addressed in the DEA Agents Manual, according to the DEA, it is addressed during Basic Agent Training and other classes. 51 According to the DEA, SOD Staff Coordinators informed investigators in general training sessions or coordination meetings that any requests to SOD had to involve an active case or investigation and contain a "justification" or "basis" (or essentially RAS on how their re uests related to the res ective active case or investi ation. 51 In response to a draft version of this report, the DEA commented that the DEA Agents Manual is not the proper venue to discuss legal concepts. However, as discussed in Chapter Two, the Manual discusses several legal guidelines on appropriate use of the DEA's administrative subpoena powe, , which provides that administrative subpoenas may be used to compel many types of records that are "relevant or material to a drug investigation." 26 the RAS standard to the same level of support that field investigators had to demonstrate to their field supervisors with signatory authority on a conventional administrative subpoena. Patterson said that investigators understood the process and what information was required after submitting one or two product requests to SOD. For example, Patterson said he would deny a request that only stated "number from pocket trash" without stating whose ocket the number came from and how it connected to the associated case. SOD managers told us that, although the RAS justification (previously referred to as "remarks") auto-populated in the finished products from NS pre­ and post-DARTS, the RAS justification contained in the finished products may not necessarily reflect an SOD Staff Coordinator's comprehensive understanding of the factual basis for the request, which was often clarified through informal communications with the requester not reflected in the written request. b. Sample Products The DEA provided the OIG with sample products created during the era, which contain the information provided by the requesters in their formal written requests. The DEA described these samples to us as bein re resentative of the results of ueries that were acce ted 52 DARTS will not permit a requester to enter a case number unless it pertains to an active case number in the DEA's case system. 53 Patterson told us that prior to 2006, SOD maintained a "very hard line" that no requests would be approved without a Title 21 nexus. However, as discussed above, other participating federal agencies were sometim es permitted to make requests for products 1 in non-drug investigations after 2006.   1 27 2. - Auditability of Queries According to the DEA's records and testimony, each query of the database, includin the com onent left a record trail for otential audit oses. 28 Similarly, the DEA's written response to a congressional oversight committee in 2007 stated that the DEA maintained detailed records of incoming requests, queries, and responses for audit purposes. DEA witnesses told us that the digital footprint trail at each juncture served as a deterrent against concocting requests that were not actually supported by RAS. ~ t h e DEA acknowledged that it did not conduct any actual audits of the - - program during the era. Patterson told us that, while the DEA has had the capability to audit, the DEA never conducted audits during operations because no allegations of problems had been made. The DEA also identified si audits. Likewise, the DEA stated it lacked the ability to generate reports that identified the instances in which a product was requested in connection with a tar et number that was not related to a Title 21 dru investi ation. In short, the record trail created during the era d i ~ a r to easily permit the DEA to conduct a proactive audit of whether requests were supported by RAS or the frequency with which such requests were made in support of non-drug investigations, and no such audits were attempted or completed. Under these circumstances, there is no indication that the "auditability" of records served as a deterrent against misuse of the program as DEA had indicated to the Department and Congress, or for that matter that such "auditability" served any purpose in managing or overseeing the program. 55 Instead, the DEA appeared to rely exclusively on the existence of a record trail to serve as a general deterrence measure against misuse by ensuring that requesters (or other employees) could not obtain information surreptitiously and that several intermediaries r e v ~ e s t s for abnormalities before the requesters ultimately received products. 55 In response to a draft version of this report, the DEA commented that specific case files could be examined, if needed, based on allegations of misconduct, but did not identify any instances in which such allegations were made or investigated. 29 F. Legal and Legislative Oversight In this section we describe the legal and legislative oversight of the program during the era by the DEA and the Department. As detailed below, there is no evidence that the DEA or the Department ever fully addressed the question of whether the bulk collection was permissible under 21 U.S.C. § 876(a). 1. Early Years According to DEA and FBI memoranda and other contemporaneous records, senior Department officials sanctioned the development of in the early 1990s. The DEA's historical records reflect that in Januarv 1992 Attorney General William Barr provided approval for the program, including _ , after receiving a program briefing, which the Deputy Attorney General also attended. The FBI Director also received a program briefing during that same time period. The DEA did not provide us with any formal document codifying the Department's approval of the program (besides implicit approval in the Memorandum of Understanding (MOU) discussed below). Nor did the DEA provide us with any formal document discussing the legal basis for what were then novel aspects of the program regarding the proposed use of the DEA administrative subpoena authority for collecting bulk data through - · In June 1992, 5 months after the Attorney General's briefing, the DEA Administrator, the FBI Director, the Assistant Attorney General for the Criminal Division, and a senior Department of Defense official executed the program MOU, which set forth the terms of program's operations, including that the DEA's Deputy Assistant Administrator for NS served as the Program Manager, and the Department (without specifying a particular DOJ component) had legal oversight authority over the program. Contemporaneous documents showed that the Criminal Division filled this oversight role, which included signing the MOU on behalf of the Department. We determined that over the years since 1992, the DEA, in its role as P r o ~ g e r , briefed numerous incoming senior Department officials about the program over the course of its existence, including most of the Attorneys General and Deputy Attorneys General serving during that period. Although these briefings noted that the collection was obtained by administrative subpoena, we found no evidence that these briefings included a discussion of any legal issues raised by the DEA's use of its administrative subpoena authority to collect bulk data through the program. 56 Available 56 In response to a draft version of this report, the DEA commented that various DOJ officials over the years had many questions on this usage. To the extent this occurred, we saw no evidence of it. According to one DEA manager who provided multi~le "read on" briefings to senior Department managers over several years, the portion of the • • • briefing typically lasted only 3 to 4 minutes, and he did not recall any senior managers raising any questions regarding the collection. This DEA manager noted that thell••rbriefings were 30 records show that the d ~ o f was a small part of a much larger presentation relating to and other DEA programs. 7 According to a briefing paper by former DEA Deputy Chief Counsel John Wallace, between the late 1990s and early 2000s, OCC assumed oversight responsibilities for the program, but this function was limited primarily to the Chief Counsel and Intelligence and International Law Section Chief (CCI). 58 Despite the Department's prior legal oversight role, through the Criminal Division, at inception and for many subsequent years, we found no evidence of any written legal review by the Department that provided a basis for the DEA's use of its administrative sub oena authorit for the bulk collection of tele hone metadata, likewise found no evidence of any Department analysis of the legal basis for querying the database using target numbers having relevance only to non-drug-related investigations. Similarly, the DEA stated in response to an OIG information request that it could not find ~ m e n t s that addressed database and provide whether it would be permissible to query the investigative products in non-drug investigations. 2. The August 1999 Memorandum The DEA provided the OIG with a single memorandum prepared in August 1999 (August 1999 Memorandum) by the then-CCI Section Chief that concluded that the use of administrative subpoenas to collect bulk telephone records was constitutional and was authorized under 21 U.S.C. § 876. We determined that the August 1999 Memorandum was prepared in connection with discussions between the DEA and the FBI regarding the possible wholesale s ~ of the data collection with the FBI and potential expansion of the country list for use in a different, non-drug program of the FBI. Specifically, we found that in connection with these discussions the DEA's then-Acting Administrator, Donnie Marshall, had directed the CCI Section Chief to prepare a memorandum to "act as a counter" to legal concerns that the FBI's General Counsel had raised regarding the subpoenas. 59 There is no indication that this memorandum focused more on the program's capabilities, not on how the data was gathered. A former senior Criminal Division manager who also attended many of these briefings gave a similar account to us. 58 However, the MOU still stated the Department had legal oversight for the program. 59 In early 1999, the FBI Deputy Director asked the FBI General Counsel to review the legal issues surrounded by the proposed FBI program. The FBI General Counsel prepared a memorandum concluding, among other things, that the DEA's use of its administrative subpoena 31 was disseminated beyond a few people at the DEA and the Criminal Division, let alone formally adopted as the Department's analysis of these issues. The August 1999 Memorandum did not address key published court decisions available at the time, and at the time began, which raised potential challenges to the validity of the DEA's use of Section 876(a) to amass the collection. Most significant of these omissions was the Supreme Court's decision in United States v. Bisceglia, 420 U.S. 141 (1975), which upheld the Internal Revenue Service's use of its administrative summons authority to require a bank to produce documents evidencing transactions of a certain type during a 1-month period to aid in identifying the individual who had engaged in the transactions and might be liable for unpaid taxes. However, two concurring and two dissenting justices expressed deep concern about the permissibility of "exploratory" subpoenas lacking a connection to a genuine, extant investigation. 60 In addition, the August 1999 Memorandum failed to discuss Peters v. United States, 853 F.2d 692 (9th Cir. 1988), in which the Ninth Circuit rejected a subpoena issued by the Immigration and Naturalization Service to a farm labor camp manager for all records pertaining to residents of the camp, which had been issued in support of a criminal investigation of unknown residents who might have been undocumented aliens. The court held that "we are reluctant to assume the existence of the power to issue third-party subpoenas directed at unidentified targets where Congress has not provided for them specifically, nor provided procedural safeguards." 61 853 F.2d at 696. authority to collect the data was "legally defensible" but "founded on uncertain legal ground." The FBI General Counsel's memorandum was shared with the DEA's Chief Counsel, who strongly disagreed with several of the FBI General Counsel's characterizations of the issues raised by the program, particularly that the program may lack a solid legal foundation( and noted that the Department endorsed the manner in which the subpoenas were used for the collection. After attempting unsuccessfully to locate any analyses of the legal underpinnings of the program that might have been prepared by the DOJ Criminal Division or the DEA, the DEA's then-Acting Administrator directed the then-CCI Section Chief to prepare "a memorandum addressing the administrative subpoena issue, on the theory that such a memorandum could act as a counter to any similar but dissenting memorandum that the FBI may produce" to the Department on this issue. We found no evidence that the FBI's proposed program was ever activated or that the DEA ever transferred bulk data to the FBI for such a program. However, as detailed below, notwithstanding the concerns raised by the FBI General Counsel, the FBI ultimately supported reinstatement of the program after it was suspended. 60 The August 1999 Memorandum cited the Bisceglia decision only in a footnote for the proposition that "Congress has provided protection from arbitrary or capricious action [from an agency's subpoena powers] by placing federal courts between the Government and the person summoned." 420 U.S. at 151. As noted earlier, the DEA did not intend to enforce the subpoenas judicially, and thus the "protection" from "arbitrary or capricious action" would not exist in practice. 61 The August 1999 Memorandum cited in a footnote the then nine reported court decisions regarding the DEA's administrative subpoena authority, which included United States v. Moffett, 84 F.3d 1291 (10th Cir. 1996). The August 1999 Memorandum noted parenthetically that the Tenth Circuit in Moffett held that the defendant lacked standing to challenge a DEA administrative subpoena issued to Amtrak. However, the August 1999 Memorandum did not include any facts regarding that case or the basis for the ruling. In particular, the Tenth Circuit 32 3. The first written evidence that we found in which the Department ( or the DEA) specifically considered legal vulnerabilities posed by the use of "ex lorato " sub oenas, as done in , occurred in 2005 62 In 2005, DOJ Criminal Division attorneys in the Narcotic and Dangerous Drug Section (NDDS) and the Asset Forfeiture and ~undering Section (AFMLS) 63 prepared legal analyses of that highlighted the relevance of the Bisceglia and Peters opinions to the question of whether the DEA's subpoena authority would permit the collection of bulk, non-target-specific data for "exploratory purposes." The NDDS memorandum highlighted in bold text that the Bisceglia and Peters opinions raised "the question whether any subpoena requesting information on all customers transacting certain business with a third-party corporation would be interpreted as within the government's investigatory authority." Likewise, the AFMLS memorandum stated that "u on consideration of applicable law, and the objectives of , and available alternatives," DEA's proposed use of administrative subpoenas for exploratory purposes "would unnecessarily place one of DEA's most important information gathering tools in serious jeopardy of adverse judicial, and possibly legislative, reaction which could drastically reduce its usefulness .... " Additionally, in July 2005, an AFMLS attorney contacted the then-CCI Section Chief to notify him that the AFMLS Chief intended to meet with the DEA's NS Chief to advise against the use of administrative sub oenas for exploratory purposes as proposed for . The CCI Section Chief summarized AFMLS's concerns in a high priority email to then-Chief Counsel Wendy Goggin, then-Deputy Chief Counsel Michael Ciminelli, and other managers. In particular, the CCI Section Chief noted AFMLS's c o n ~ public disclosure of the proposed use of exploratory subpoenas in "could have a negative if not devastating effect on SOD and 5th floor projects," even if such exploratory usage survived a court challenge. The AFMLS attorney ruled that the defendant lacked standing to challenge the DEA's non-target-specific administrative subpoena, issued to Amtrak, seeking reservation records for a 1-month period, which DEA Special Agents analyzed to identify the defendant, who paid cash for his ticket, and subsequently found him traveling with a large amount of illicit drugs. See Moffett, 84 F.3d 1291 (10th Cir. 1996). Accordingly, the Tenth Circuit did "not reach the statutory construction issue defendant presses" on whether the DEA exceeded the scope of its statutory subpoena power in 21 U.S.C. § 876(a) by issuing a non-target-specific subpoena. Id. at 1293-94. 63 In November 2017, this Section was renamed the Money Laundering and Asset Recovery Section. 33 who contacted the CCI Section Chief told us that AFMLS was concerned about "negative effects" on - · The AFMLS attorney told us that he became "a sort of Cassandra" figure to the DEA and warned them that they "ran a serious risk" of Congress subsequently restricting their subpoena authority, as done to the Internal Revenue Service following the Supreme Court's ruling in B i s ~ E A persisted in their proposed use of exploratory subpoenas in - · Three months later, he expounded on these risks in the AFMLS memorandum, stating: (Emphasis added.) We determined that the memorandum's reference to "the use of ~ratory Section 876 subpoenas" to acquire this data was a reference to the collection. The AFMLS attorney told us t h a ~ u r t ruling on the DEAs' proposed ~ o r a t o r y subpoenas in risked effort and would be "throw[ing]" the baby out undercutting the whole with the bath water." Through in-person meetings and emails, AFMLS and NDDS warned DEA senior managers in the Intelligence Division and OCC about their concerns, stemming from the Bisceglia and Peters opinions, regarding the ~ e d use of its sub oena authorit to collect bulk, non-target-specific Ultimately, the Criminal Division convinced the DEA to obtain the equivalent information through alternative means. The controversy demonstrates that the Department and the DEA were aware of the existence of case law casting doubt on the use of administrative subpoenas to collect bulk data for exploratory purposes, including the collection, at least as of 2005. However, we found no evidence that the proposal caused anyone in the Department or the DEA to prepare a legal analysis of a d d ~ these issues, or to revisit the propriety of the continued use of the administrative subpoenas. 34 4. Congressional Oversight Our review found that a small number of Members of Congress or their staff knew of the program e!:!2rJo 2007. 64 Briefings provided by the DEA touched only superficially on the program. Following a Senate Select Committee on Intelligence oversight hearing in 2007, which included the program, the DEA's written resRonses to questions for the record collection, such as scope of addressed several oversight issues on the collection, data retention, internal controls (consistent with those described above), and external disputes or judicial review. We found no evidence that the DEA provided to Congress a legal analysis of whether the collection was authorized under 21 U.S.C. § 876, or that it was asked to do so during the period was in operation. G. Termination of the - Collection Shortly after the Snowden leaks in June 2013, senior DEA managers from the Intelligence Division, the Operations Division, SOD, and OCC convened to discuss the effect of these leaks on the DEA's bulk data collection activities, including the program. In July 2013, the DEA leadership met with Department senior leadership, including then-Attorney General Eric Holder and ~ t y Attorney General James Cole, to discuss the component of _ , among other programs. In the following months, the DEA briefed White House staff and Members of Congress and their staff on and other DEA programs involving bulk collection. The DEA also continued working closely with ODAG on issues related to bulk collection. DEA documents establish that, at the direction of the Department, the DEA suspended the component o f - on August 5, 2013. We found no documents, however, stating the reasons for this decision or identifying who made it. DEA witnesses involved with the program told us that they understood the decision was made by ODAG, but told us they did not know the reasons. While we believe that the individuals who made this decision are no longer with the Department, based on the timing of the decision (made in the aftermath of the Snowden disclosures), the questions presented by ODAG when the DEA sought reinstatement (discussed below), and the fact that ODAG directed that any replacement program must be target-specific, we believe that reasons for the decision likely included concerns about whether the non-target­ specific bulk collection was within the authority granted to the DEA under 21 U.S.C. § 876(a) as well as the controversy and privacy concerns generated by the Snowden disclosures about the NSA's bulk telephone metadata collection. The program continued but Quick Checks and Formal Products were processed without the use of the data tank. On September 25, llllii 64 Available records showed that only four Members of Congress received briefings between 1996 and 1997, 3 years after the program began, and then none until 10 years later in committee oversight hearings in 2007. From 1993 to 2006, we found that approximately 35 congressional committee staff received briefings. 35 2013, the DEA submitted a formal written ~ s t to the Office of the Attorney General (OAG) and ODAG to reinstate the progr~hich included among the several attachments a legal analysis in support of - - ("DEA Reinstatement Memorandum"). The DEA Reinstatement Memorandum contained a more detailed legal collection under 21 U.S.C. § 876(a) analysis of the legal authority for the than was prepared before or during the operation of the program. 65 However, like the August 1999 Memorandum, the Reinstatement Memorandum did not address the issues raised by the collection of bulk data by means of a subpoena that was unconnected to any specific suspect or investigation, and failed to identify or analyze several relevant court opinions, including Bisceglia and Peters. In defending the legality of the collection, the DEA Reinstatement Memorandum asserted that Section 876(a) provides broad subpoena power for "any investigation," without elaboration, related to a Title 21 drug nexus. The DEA Reinstatement Memorandum stated that the bulk data obtained was consistent with the type of "records" that can be obtained with an administrative subpoena and that the bulk data met the legal tests for "relevance" or "materiality" under the statute. With respect to "relevance," the DEA Reinstatement Memorandum detailed that courts have employed a broad standard to include any records that directly bear on the subject matter or could reasonably lead to other information that bears on a subject matter. The DEA Reinstatement Memorandum asserted that this broad standard does not have defined volume limits and detailed that courts have permitted production of voluminous data in circumstances where doing so requires identification of the precise information within that mass production that directly bears upon the matter being investigated. The DEA Reinstatement Memorandum noted that this broad standard of "relevance" did not mean the DEA's subpoena power to obtain bulk records was boundless. Rather, it stated that if "there is no substantial nexus to international drug trafficking activity with a connection to the United States, DEA would not seek (and DOJ would not approve) collecting telephone transactional records in bulk under its administrative subpoena authority. " 66 65 The DEA's Reinstatement Memorandum provided to OAG and ODAG did not reference the August 1999 Memorandum at all, much less as the prior official legal opinion on this matter. Nor did we find any evidence that the August 1999 Memorandum was later supplied to the Office of Legal Counsel for its review as discussed below. 66 The expression "substantial nexus" apparently refers to the evidence tyin~rticular country on the list to drug trafficking as, earlier in the Memorandum, it states: "The program gathers large amounts of data about telephone transactions that take place between telephones in the United States and telephones in countries that have been determined by DOJ and DEA to have a significant nexus to drug trafficking." The DEA's use of the expression "substantial nexus" (and earlier in the document "significant nexus") appears to be a shorthand reference to the criteria used to add or remove countries. However, we saw no use of this expression in any country reviews or in the documents discussing the country review process in the DEA's Request for Reinstatement to which the Reinstatement Memorandum was an attachment. 36 The DEA Reinstatement Memorandum further noted that the data fell within the scope of permissible transactional data that government entities can obtain by administrative subpoena under Section 2703( c)(2) of ECPA. Additionally, the DEA Reinstatement Memorandum pointed out that the DEA's administrative subpoenas are subject to court oversight any time a subpoena recipient decided not to comply and DEA sought to judicially enforce a subpoena. However, the DEA Reinstatement Memorandum also noted the DEA has opted not to pursue court enforcement against non-cooperating providers to preserve "the security of the program." In early 2014, ODAG requested assistance from the ~rtment's Office of Legal Counsel {OLC) in considering the structure of the program in connection with the DEA's proposed reinstatement. On March 20, 2014, after reviewing the DEA's Reinstatement Memorandum, OLC transmitted a list of more than 30 "Follow-up Questions" to the DEA. Among other things, OLC requested the DEA to provide its understanding of the meaning and scope of the terms "relevant or material to [an] investigation" in Section 876(a) and to identify case law shedding light on the meaning of these terms. On July 1, the DEA's OCC provided partial responses to the questions. OCC's partial response did not answer OLC's (or ODAG's) questions about the meaning and scope of "relevant or material" in Section 876(a), stating instead that such questions "require a thorough review of case law" and would take "a couple of months" to complete. II. 67 As noted above, we were not able to determine the precise reasons that were given by program. It appears from the DEA's the Department to the DEA for the suspension of the documents and the testimony of witnesses, however, that DEA officials understood that any new program to fill the void from the suspension would require ODAG approval and would have to involve target-specific subpoenas for telephone metadata rather than the non-targeted bulk collection approach o f - · 37 5?3 At the time, Wallace was serving as a contract consultant to the DEA. 38 A. B. 69 DEA documents sometimes use t he term " reasonable articulated suspicion" (emphasis added). As discussed below, we believe the correct t erm is " articulable" as expressed by the Supreme Court. 39 70 As noted earlier, SOD organizationally is classified by the DEA as a component of the Operations Division in DEA headquarters. ASACs serving at components of DEA headquarters are not currently listed as officials to whom the DEA has redelegated the authority to issue subpoenas (as opposed to ASACs at field offices) under the DEA's implementing regulations or the Agents Manual. See 28 C.F.R. Part 0, § 0.104; App. to Subpart R, Sec. 4; DEA Agents Manual Section 6614.21. According to the DEA, SOD and the Special Projects Section in particular "frequently perform DEA field operational missions and responsibilities" that "are consistent with subpoena issuance authority" in DEA's regulations and Agents Manual. Nevertheless, the DEA has not formally delegated the authority to such positions in DEA headquarters, and we recommend below that it do so if it intends that these officials execute such responsibilities. See Chapter Six, Recommendation 15. 40 SUD OpErati?r?Is include coordinating multi?national invegtigatinna against the ma'nr dru traffickin or anizations res onsible for the flow of illicit {Mi 5 into the United States 41 E. During the era, compliance with the Section 876(a) requirement that records sought by the subpoena be relevant or material to Title 21 narcotics cases was plausibly accomplished at the subpoena issuance stage by limiting the collection to "drug nexus" countries. The DEA's theory was that, once collected, this data could be shared for other matters ursuant to Jabara v. Webster 691 F.2d 272, 277 6th Cir. 1982 F. 72 42 practices with respect to these in turn below. 1. documentation of RAS and audits. We discuss Relevance and Reasonable Articulable Suspicion (RAS) As noted above, Section 876(a) requires that any information sought by an administrative subpoena be " relevant or material" to a Title 21 investigation. There are two important dimensions of this requirement: first, that there be an adequate evidentiary connection between the information requested and the criminal activity being investigated, and second, that the investigation be of the correct t ype, i.e., an authorized Title 21 (narcotics) investigation. 73 As discussed in Chapt er Two, the Electronic Communications Privacy Act (ECPA), 18 U.S.C. §§ 2701-2711, imposes certain restrictions and obligations on communications service providers to protect the privacy of subscribers. Sections 2702 and 2703 of ECPA generally place restrictions on the ability of governmental entities to obtain telephone ca ll records from service providers, but do not otherwise restrict the carri er's use or disclosure of such data to non­ governmental parties. See 18 U.S.C. §§ 2702 and 2703; S. Rep. No. 99-541 , at 38 (1986) (Senate Judiciary Committee noting that new subsection 2703(c) of ECPA permits the provider to divulge, in the normal course of business, such non-content information regarding a customer's use of the service to anyone except a government agency). 43 the standard applicable when law enforcement agents stop and question an individual or make or traffic stop. In Terry v. Ohio, 392 U.S. 1, 19-23 (1968), the Supreme Court held that a police officer's investigative stop of an individual for purposes of criminal prevention and detection is permissible under the Fourth Amendment if supported by "reasonable suspicion." The Supreme Court stated that a "police officer must be able to point to specific and articulable facts which, taken together with rational inferences from those facts, reasonably warrant that [particular] intrusion" upon constitutionally protected interests of the private citizen. Id. at 20-21. The Supreme Court expounded later that "reasonable suspicion" is simply '"a particularized and objective basis' for suspecting the person stopped of criminal activity." Ornelas v. United States, 517 U.S. 690, 696 (1996) (quoting United States v. Cortez, 449 U.S. 411, 417-18 (1981)). a. DARTS/DICE Procedure 44 Below th e free-text " remarks" box, the requester is instructed to "select justification" by choosing a selection from a drop-down menu of the following choices: 45 78 By contrast, during the era and prior to the adoption of the drop-down menu, requesters were required to demonstrate RAS in a free text box. 46 .m 4? 50 G. Legal Oversight 52 CHAPTER FOUR The second program, after_, in which the DEA used administrative ~ a s s and exploit bulk data was the - · involved the use of administrative subpoenas to collect ~urchase data for sold by selected vendors. 82 was initiated in 2008 as a result of a DEA Chicago Field Division operation in which an administrative subpoena was served on a local store for the records of all purchases during a 3-month period. The subpoena was issued after the Field Division discovered in a different case that members of a ma ·or dru traffickin or anization had purchased of the same there. The information provided in response to the subpoena led to two arrests and significant seizures of drugs and related proceeds. thus fit within a longstanding DEA strategic objective of attacking the financial infrastructure of d~afficking organizations. As detailed below, the DEA stopped issuing subpoenas in 2013, shortly after the program was terminated. I. The - Collection The purpose of the bulk data collection was to develop potential targets associated with drug trafficking by cross-referencing the purchaser data through various law enforcement databases, such as the DEA's Narcotics and Dangerous Drugs Information System (NADDIS), an internal database for reporting drug enforcement activity. The Office of Financial Operations (FO), a component of DEA headquarters formall announced as a head uarters ro ram under eneral file FO informed the field divisions that FO would obtain the bulk purchaser data from companies by administrative subpoena, develop investigative intelligence 84 FO's mission includes providing headquarters expertise in and oversight of the DEA's financial investigations of drug trafficking, particularly drug-money laundering activities, and leading national program initiatives targeting these illicit acts. FO's Chief reports to the DEA Operations Division Chief, who serves as the principal advisor to the DEA Administrator and Deputy Administrator on all operational matters and programs. 54 packages with other DEA offices, and disseminate these packages to the field for follow-up investigation. Jennings told the OIG that the Chicago Field Division's enforcement results "really opened our eyes to what we already thought was ha enin " and rovided the DEA with a successful example of how to use as another method to target the major drug trafficking organizations. was in operation, the DEA used During most of the time that administrative subpoenas to collect information about each from the recipient vendors during a designated period, and disseminated the raw information to the field offices where the purchasers were located. The field offices then were responsible for establishing connections to illicit drug activity, typicall b runnin the data throu h NADDIS or other law enforcement data bases. data on a continuous basis (biThe DEA collected the bulk weekly, quarterly, or bi-annually) until the program was suspended indefinitely in August 2013 for reasons we discuss below. A. The - Subpoenas The administrative subpoenas for the were not directed at or related to a particular identifiable investi ation or tar et. Instead the subpoenas were issued periodically to under a "general file" number as describ following customer information for each : (1) last name, (2) first name, (3) customer's company (if applicable), ( 4) billing address, (5) shippin address, (6) telephone number(s), and (7) date of purchase. The first Staff Coordinator told us that he identified the five largest based on "open-source" research and secured each company's advance consent to provide the requested bulk data, without any payment, in response to a subpoena. 85 He said that none of the companies raised any issues or concerns regarding the volume of information requested or the frequency of the DEA's requests. We saw no evidence that any company objected to the subpoenas. program's inception in 2008 to August 2013, the From the subpoenas were generated and signed by the Assistant Special Agent-in-Charge (or a Group Supervisor) at the Washington, D.C., Field Division (Washington Field Division). As discussed in Chapter Two, the DEA has not delegated the authority to issue administrative subpoenas to positions in FO, an office in DEA headquarters. After the Assistant Special Agent-in-Charge ( or a Group Supervisor) signed the subpoenas, a DEA Special Agent in the Washington Field 85 FO Staff Coordinators are DEA Special Agents who serve as the staff lead on FO's programs and provide operational support to the DEA field offices, among other duties. There were three Staff Coordinators in FO over the life of the program. 55 Division sent the originals and copies to the the comp_anies. Staff Coordinator to issue to The first subpoena for was issued shortly after the cable of June 3, 2008. Consistent with the cable, the subpoena stated that it was issued "[i]n the matter of the investigation of Case No: ." The ending code referred to the headquarters general file code that was created for and was unrelated to a specific drug trafficking investigation or target. Jennings told the OIG that was the first time that he used administrative subpoenas to request information under a general file that was not particularized to a specific target. Similarly, Kevin J. Powers, the DEA Division Counsel in the Chicago Field Division, told the OIG that Chicago's regional operation and its national counterpart, _ , represented "the first occasion that I ever had ... where we were operating under a general file and sort of using the admin subpoena as a form of target development." Powers said that "in all other instances" that he could recall the DEA already had an open investigative or general file on a particular target when it issued an administrative subpoena. Other DEA managers and Special Agents gave similar accounts. The standard subpoenas stated that the purchase data was being sought "[p]ursuant to an official criminal investigation being conducted by the Drug Enforcement Administration of a suspected felony." As discussed below, the DEA's Office of Chief Counsel (OCC) reviewed and approved a sample subpoena with this language in mid-September 2008. Witnesses told us that the DEA's view was that there was a n ~ investigation under the general file-general investigation of used to facilitate illicit drug/money laundering offenses. However, DEA witnesses acknowledged that at the time any subpoena was served, there was no open "criminal investigation" on an identifiable subject or specific "suspected felony" to which the subpoena related. We were unable to determine who developed this language or mandated its use, but as discussed in more detail below, it already was present in a s a m ~ subpoena when OCC approved it and the DEA required its inclusion in - - ­ subpoenas in September 2008. When asked about the meaning of the phrase "pursuant to an official criminal investigation," the first Staff Coordinator stated "that's a le~uestion" that was "beyond [his] scope," though he believed that the subpoenas either used standard language or language approved by OCC. 86 86 However, other witnesses, including Powers (the DEA Chicago Division Counsel) and the DEA's head of the Domestic Criminal Law Section, a component of ace which has responsib~or addressing internal questions on administrative subpoenas, told us they had not seen the subpoena language on other subpoenas. As noted in Chapter Two, conventional administrative subpoenas reference a specific case number and target by name, phone number or some other identifier, even if they contain the phrase "pursuant to an investigation" or similar language. 56 Former FO Acting Chief Jennings told us that the "official criminal investigation" language referred to the general file because the DEA can open a general file on activity and seek to develop information related to suspected criminal activity. He said that the "suspected felony" would be money l a u ~ trafficking, and thus, is "the investigation into the use o f - for money laundering or drug trafficking activities." Powers told us that the "official criminal investigation" at the time the subpoena is issued refers to the general file in the heading "In the Matter of Investigation ." He noted that it is "absolutely not the [DEA's] traditional use of the administrative~oena" but the "general file covers it." Like Jennings, Powers said that the general file was f ~ targets" of drug traffickers and money launderers who u s e - · Maura Quinn, then-DEA Deputy Chief Counsel for International and Intelligence law, gave similar testimony and noted that, except for and _ , the DEA's administrative subpoena authority is "typically used narrowly" without collecting large amounts of information and is "typically connected to a specific case." B. Receipt of Data and Dissemination of Leads to Field As detailed below, the DEA primarily sent all of the raw data received from the vendors regarding thousan~hases of directly to the field offices, notwithstanding cable that investigative packages would be developed by FO and then disseminated to the field for follow-up investigation. In practice, the DEA left it to the field offices to determine how to use the raw information. After field offices reported that this information was too voluminous to use efficiently, or simply disregarded it, in 2013 DEA began comparing the raw purchaser information with other criminal databases to identify "hits" and develop intelligence products for dissemination to the field for further investigation. This substantially reduced the number of leads sent to the field while increasing their potential value. 1. Dissemination of Raw Data (2008-2013) The first Staff Coordinator told the OIG that he received the bulk data res~ve to the DEA's administrative subpoenas. He provided the incoming bulk data to an FO Program Analyst for formatting without any review of it. He told us that he had assumed the companies would not produce non-responsive data because the DEA only requested "limited things." However, the Program Analyst explained to us that she reviewed the i n c o m ~ removed items that were not , such as , before uploading the bulk data to DEA databases. Initially, FO was responsible for disseminating the bulk data to the field divisions where the purchases had occurred for follow-up action. FO sent these "raw lists" of data to the Special Agents-in-Charge by cover memoranda from ( t h e " - cover memoranda"), which stated that FO would 57 subsequently send a target list for follow-up action after running database checks on the data. As detailed below, however, we found little evidence that such target lists were regularly prepared by FO. The Program Analyst told us that the "raw lists" received from the vendors contained too much information for her to continually format. The first Staff Coordinator told us that the field divisions did not have the time to review it all, and further explained that Jennings asked the DEA's Office of Special Intelligence (NS~hnical support staff to create a computer program that could manage the data and automatically disseminate it to the field divisions. As a result, sometime between late 2008 a n ~ technical su ort staff created the module in the , which automatically disseminated the bulk data as leads, after FO uploaded it, to the relevant DEA field division contact, typically the Field Intelligence Manager. The module also provided a means for the field divisions to electronicall ort results from the leads. Access to the bulk data in the module was limited to FO personnel who uploaded data, the Staff Coordinator, and NS technical support staff. We received conflicting information regarding the extent to which FO or other DEA offices a ~ generated target lists for dissemination to the field by comparing the raw data with NADDIS or other law enforcement databases during the early years of the program, as promised in the memoranda. The first Staff Coordinator told us He told us that this process existed until he left FO in 2010. The first Staff Coordinator's account on this subject was not consistent with the other information that the DEA provided to the OIG. Nor did he have a recollection of the module generally, which was ~ e d during his tenure as Staff Coordinator. While the module in may have had the capability to send NADDIS "hits" to the DEA field divisions, as we found was implied in some DEA records, we did not find any evidence that this actually occurred. To the contrary, the DEA's responses to the OIG's information requests unequivocally stated that raw data was disseminated to the field divisions to conduct checks in NADDIS and other law enforcement databases before and after the creation of the module. DEA records provided to the OIG included only one memorandum disseminating a target list of NADDIS hits sent to a field division along the lines set forth in Jennings cable during the period module. In contrast, the DEA provided before the initiation of the us with several hundred pages of "raw lists" sent to field divisions through the Jennings cover memoranda prior to the module. Further, the Program Analyst and the second Staff Coordinator both told us that only raw data was disseminated to the field divisions from the module in -· 58 The first Staff Coordinator stated that after FO sent leads to the field his role was mainly to obtain division reports of any successes-arrests, drug seizures, or any other asset seizures obtained from the information. He told us that field divisions sent emails or significant activity reports to him in which they reported the number of arrests, amount of drugs seized, amount of drug-related cash seized, and other property seizures. 87 FO compiled the statistical results reported to them in a spreadsheet using the following metrics: (1) number of arrests, (2) value of cash seized, (3) number/value of vehicles seized, (4) value of dollar of real property seized, (5) number of firearms seized, (6) amount of crack seized, (7) amount of cocaine seized, (8) amount of ecstasy seized, (9) amount of methamphetamine seized, (10) amount of marijuana seized, and (11) amount of heroin seized. FO's spreadsheet showed results on fiscal year (FY) and cumulative basis from FY 2008 through FY 2014. 88 The first Staff Coordinator told us that Jennings frequently contacted field division management to find out w~me offices did not send any responses on results to FO. However, the first Staff Coordinator stated that FO took "a hands­ off approach to these things, g[ave] information to the field, and it [was] up to the field to either do or not do." In October 2010, the first Staff Coordinator left FO and a new one replaced him. The second Staff Coordinator told us that he did not receive any written protocols or checklists for the program from his predecessor or elsewhere. The second Staff Coordinator said that he learned about the mechanics of through discussions with the first Staff Coordinator before his departure. The second Staff Coordinator told us that, after he started, the automated process of disseminating all raw purchaser data, by zip code, through to the relevant field divisions continued for several years. He said that, prior to August 2013, FO did not perform any review of the raw data for matches in NADDIS or other law enforcement databases before it was automatically disseminated to the field. Rather, he said that FO expected the field divisions to do that work and determine "if there's something there." 89 The second Staff Coordinator told us that he was not aware of any official directive for the field divisions to report results. He said that he endeavored to check for results 87 As noted above, the first Staff Coordinator had no recollection of an Module in • • and thus did not recall obtaining any results that might have been reported in the Module from field divisions. 88 However, the DEA informed the OIG that FY 2010 through FY 2013 contained the combined totals of both and the non-subpoena operational component of the which could not be separately reported. 89 However, the second Staff Coordinator noted that he initiated some review of the raw data earlier in his tenure. Specifically, by the end of 2010 or early 2011, he began reviewing the voluminous raw data more closely after he noticed that it contained purchase data for federal credit unions, churches, and colleges. He said that from that point on he tried to sift through every upload and remove obvious "dead-end leads" from the raw data before it was disseminated to the field divisions. 59 in the module at least on a quarterly basis, but that he found the process cumbersome and that it was not easy to access the results. Some field offices raised concerns with the quality of the leads from data given the large volume. For example, a DEA manager in one field division wrote in an email to FO that "the field has limited resources to conduct the proper investigative follow-up on the voluminous leads received from FO each month. The leads should be about quality, not quantity." Likewise, the second Staff Coordinator acknowledged in an email to a DEA colleague in July 2012 that: "[T]here are so many [leads] we put out, we don't know what's being done, and why some are better than others." Other field offices expressed related concerns regarding the poor quality of the leads. For instance, Brian McKnight was a Group Supervisor in the Miami Field Division from approximately 2006 to 2011, and later served as an FO Section Chief and then Acting Chief of FO between August 2012 and January 2014. He told us that leads were not "a high priority" if the purchasers were not active targets. Specifically, he stated: [A]gents are very busy [and] unless it directly relates to an [active] case ... there wasn't a lot of w ~ o knock on his door because the person bought a - · That's, you know, you have to have some reasonable suspicion that a person was involved in illicit activity [before doing that]. [But] it all kind of was put in the system .... McKnight told us that, after he became Acting Chief of FO, he tried to improve by establishing protocols for sending out quality leads, as described in the next subsection versus simply sending a name to the field because someone bought a McKnight also stated that the information could be many months old before his field office received it. McKnight told us that FO was insufficiently staffed to process the large volume of bulk data when he first arrived as an FO Section Chief in August 2012. Powers, the DEA Division Counsel in Chicago where the concept began, stated that his agents thought "was a resounding failure at the headquarters level," in part, because of delays in purchase information reaching the field. Powers said that the Chicago Field 60 Division started issuing its own subpoenas shortly after began because "headquarters was so slow" and the "national [program] wasn't working. 1190 2. Ex~d Headquarters Efforts to Enhance the Value o f - Data (2013-2014) Beginning in May 2013, DEA headquarters made efforts to enhance the value of the data it was receiving pursuant to subpoenas by creating intelligence products for the field rather than disseminating raw data. a. Organized Crime Drug Enforcement Task Forces Fusion Center (May to August 2013) From May 2013 through August 2013, FO arranged for the Organized Crime Drug Enforcement Task Forces (OCDETF) Fusion Center to query the incoming bulk data for possible matches to information in the Fusion Center's database, which contains over 500 million records of investigative data from member agencies. The Fusion Center is a multi-agency operational intelligence center that was established under the OCDETF program in 2004 to support member agencies in their cases against the most significant drug trafficking and money laundering organizations by providing "fused" intelligence products. 91 More than 15 federal agencies are Fusion Center members each of whom provide their respective criminal case reporting data, pursuant to Memoranda of Understanding, for incorporation into the Fusion Center database. These federal member agencies include the: DEA; FBI; Bureau of Alcohol, Tobacco, Firearms and Explosives; Federal Bureau of Prisons; the U.S. Marshals Service; Department of Homeland Security Immigration and Customs Enforcement (DHS ICE); Department of the Treasury Financial Crimes Enforcement Network; and the U.S. Secret Service. According to the Chief Counsel for the Fusion Center, most fused intelligence products are enerated for use in o en investi ations as re uested b member a encies. Duri~e period these checks were done with regard to , FO stopped sending data indiscriminately to the field divisions where the purchases took place. 90 Powers told the OIG that he was unaware that his field division had been Issuing administrative subpoenas locally for records o f · · • - purchases due to significant delays until shortly before his interview with us. He also discovered, shortly before his interview with us, that the Chicago Field Division continued to issue these subpoenas even after the Washington Field Division stopped issuing them for FO, as detailed below.  91 See U.S. Department of Justice Office of the Inspector General, Review of the Organized Crime Drug Enforcement Task Forces Fusion Center, 1-2014-002, March 2014 at 1-2 (discussing background, mission, and organization of Fusion Center). 61 McKnight told us ~hat both he (as ~ a ~ d his the_n-FO Chief thought that running checks of the m the Fusion Center database would reduce the hi hest ualit leads with limited resources because the The DEA told the OIG that the Fusion Center subsequently generated 62 intelligenc~ducts for DEA and other member agencies based on its querying of the purchase data in the Fusion Center database from May through August 2013. rovided a narrative summary and information in the The Fusion Center intelligence regarding the "match" between the Fusion Center database and rovid We found at least five instances where the Fusion Center created non-DEA member agencies based on "matches" of with investigative material in the Fusion Center database that had no apparent drug nexus. Specifically, the Fusion Center created four intelligence products for DHS ICE on "matches" of in the Fusion Center database with DHS ICE investi atio ~ for The Fusion Center Chief Counsel stated that the Fusion Center accepts member-agency supplied data and does not independently assess an agency's acquisition of data, which DEA officials represented orally was lawfully obtained by subpoena. We found no evidence that any guidance or training was provided to Fusion Center personnel limiting the use of data to drug cases. 62 The Fusion Center's brief utilization o f - data ended in August 2013, just 2 ½ months after it began, in large part due to the FBI's concerns about the -~Y of the program, which are detailed in Section II below on legal review of b. Internal Review by FO (August 2013 to April 2014) Sometime between August and October 2013, after the Fusion Center ~ e d utilizing data, the DEA began performing its own anal sis of the data before disseminating leads. FO queried the in NADDIS and other law enforcement databases FO sent these investigative leads directly to the field divisions by email. McKnight told us that he instituted these practices because "you need to send the best product available"~ e n t s who "have enough to do" and not simply send the names of without any connection to illicit activit . McKnight said he were instructed his staff to send leads where identified in NADDIS, particularly as a target, or in other databases reflecting a criminal drug history. A former DEA manager of a financial investigative group, who had a lead role developing investigative leads as an FO contractor, explained this protocol. He stated to us that agents "don't have time" to review random names unless the lead is meaningful, p - · Accordingly, he sought to send leads that "hit" a target in an active case or prefe~ had a "hit" in more than one law enforcement database. The second Staff Coordinator and the third Staff Coordinator (who began in August 2013) told us that they agreed with this approach. They also told us that they requested the field divisions provide responses on any results, positive or negative, on these leads and followed-up at least on a quarterly basis. According to the DEA's records and testimony, FO sent the first lead by email in October 2013. As detailed below in subsection I.D., the DEA stopped serving subpoenas in September 2013. However, FO finished reviewing the last subpoena returns in April 2014. FO's statistical spreadsheet for showed that the results for this 7-month period in FY 2014, containing FY results from subpoenas only, exceeded or roughly equaled the results of several metrics for all of FY 2013, containing FY results from both subpoenas and the other operational non-subpoena component. Specifically, FO reported that the refined leads that FO disseminated during this limited period 63 resulted in more arrests (10 versus 6), vehicles seized (5 versus 0), firearms seized ( 4 versus 2), and 80 per cent of the value of cash seized ($1.2 million versus $1.5 million). However, FY 2013 results were greater for seizures of cocaine (137 kilograms versus 2.2 kilograms) and mariju~12 pounds versus 3.1 pounds). (No other drug seizures were attributed to leads during this period.) C. Maintaining the Confidentiality of the - Program program from becoming publicly known DEA sought to prevent the because the were concerned that criminals would take steps to conceal their if they knew that data regarding such was being collected. The cover memorandum that was used beginning in 2008 to disseminate the data to the field instructed DEA personnel "not to disclose the source of names" identified via subpoenas when documenting their investigations. The memorandum also stated that "[p]robable cause must be developed independently." The first Staff Coordinator told us that the first instruction was intended to protect the program's sources and methods; criminals would obtain money counters by other means if they knew that the DEA collected this data. He said that DEA personnel were therefore told not to write on a DEA Form 6 that the DEA received the names in response to subpoena. 92 DEA documents showed that DEA personnel were instructed to state in reports, such as a DEA Form 6, that the "received a lead from a source of information that indicated that the may be involved in drug trafficking and money laundering." The first Staff Coordinator told us that the directive on using independent sources to corroborate the tips from the ensured that the DEA pursued genuine illicit drug activities. This instruction was maintained as the evolved. The cover email and cover page to the Fusion Center products contained standard caveats that the product was sent for lead purposes only, should be segregated from official files, and should not be used in court proceedings. The cover email and summary page to the FO-generated products did as well. FO therefore included as a standard ~ice caveats that the field should develop their own probable cause for the leads and not incorporate the leads data or source into official files. As discussed above, the DEA typically searched for a potential connections to illicit drug activities through NADDIS and other law enforcement database checks. DEA documents and testimony showed that the DEA sought to determine whether those potential indicators of illicit drug activity could then be corroborated through traditional investigative techniques, such as plain-view surveillance, to warrant initiating a conventional 92 A "DEA Form 6," as described in the Manual, is "a general purpose form used to report investigative activities and intelligence information to investigative files." · · • - of the Manual.  64 particularized investigation. In this manner, the DEA could use the same independent evidence that served as the basis to open specific cases as evidence in court without disclosing _ , which functioned essentially as an anonymous tip and not as evidentiary foundation for the case. 93 DEA documents also showed examples where DEA divisions had alrea~geted the for investi ation rior to receiving the lead. In these circumstances, the data could provide additional evidence regarding the nature and scope of illicit activities in addition to that which already existed. DEA witnesses told us that the requirement to develop "independent probable cause" ensured that the DEA did not random! investigate innocent parties because is not a criminal act. D. Storage and Retention The bulk data (includin stored in three rima elsewhere in the DEA, or the Fusion Center. In this section, we discuss how DEA addressed the question of retention of the bulk data stored in these locations. 1. Bulk Data on Original CDs The first and second Staff Coordinators both told us ~ e r e unaware of any retention policies that the DEA developed for the bulk data during their respective tenures. The first Staff Coordinator told us that the DEA did not have an olicies on retention of the He said that "we didn't know what to do with them ... they're not evidence .... " He told us that he k ~ in a locked cabinet and informed the second Staff Coordinator of location . He stated that "we weren't until FO could figure out what to do with interested in establishing any kind of database of, you know, anything other than having this [data] to send leads to the field to investi ate." The second Staff Coordinator stated that the After the OIG initiated this review, the DEA told us that no subpoenaed information received by DEA had been purged or destroyed since the program began in 2008. In addition, the DEA stated that it was working to develop a retention and destruction schedule for such materials. One DEA 93 However, FO notified field investigators that they would have to reveal the original subpoenas if the question ever arose in actual testimony. We source of information from found no evidence that the DEA ever revealed in live testimony or elsewhere. However, Powers told the OIG that in approximately three to four cases a judge required the government to disclose in camera how a defendant originally was targeted through subpoenas without requiring disclosure to defense counsel. 65 attorney working on this issue told us that FO had not contemplated a retention schedule for the bulk data until the OIG raised this issue. In June 2015, the DEA received approval from the National Archives and Records Administration for a retention and destruction schedule, submitted in March 2015, relating to "non-actionable information obtained pursuant to service of a DEA Administrative Subpoena." Although the retention and destruction schedule description appears to apply to data held in a// locations without distinction, the DEA's testimony and i n f o ~ showed that the DEA intended for this schedule to pertain Under this disposition schedule, DEA received approval to destroy the original CDs within 3 years after date of receipt. 2. Bulk Data in Module The second Staff Coordinator stated that he had no knowled what the retention olic would be for the Then-DEA Deputy Chief Counsel Quinn told the OIG that she did not know if the DEA had the resources or technical ability to identify the specific data in that has investigative value. 3. Bulk Data Stored Elsewhere The DEA stated in response to an OIG information re headquarters program general files , are destroyed or deleted 25 years after the cutoff date (which is 6 years after the last activity or corres.22!l5!.ence). Therefore, under current policy and practice, all non-~ecific data stored by FO or elsewhere at the DEA ( other than i n ~ , i.e., purchaser data that was never connected to a specific investigation, will be retained for at least 25 more years (though Quinn did not think it would be accessed, in part due to the speed with which drug trafficking organizations change and the historical nature of the data). II. Legal Review of - In this section we describe three occasions in which questions were raised regarding whether the program was a permissible use of DEA's administrative subpoena authority under 21 U.S.C. § 876(a). A. Initial Review in September 2008 In early July 2008, 1 month after began, Powers sent an email inquiry requesting a legal review of the subpoenas to two OCC managers, Michael Ciminelli and Donna Sanger, who oversaw the Domestic Criminal Law 66 Section (referred to as CCM). 94 Powers's request arose after he briefed two Assistant U.S. Attorneys (AUSAs) in the Northern District of Illinois on - · Powers told us that he informed the AUSAs that the DEA's use of a general file to issue administrative subpoenas to develop targets was "out of the ordinary," but he was comfortable with the subpoena use based on Chicago's success before FO launched - · Powers's email request to Ciminelli and Sanger stated that the AUSAs inquired whether anyone at OCC "had consulted with FO on the scope of the administrative subpoenas to be sure that they were in compliance with 21 U.S.C. § 876." . Powers's email added that the Chicago Field Division decided to send the question from the AUSAs to Ciminelli and Sanger "to be on the safe side, given the recent scrutiny regarding admin[istrative] subpoenas." Powers told us that the "recent scrutiny" referred to an internal review of the DEA's use of administrative subpoenas in the wake of the OIG's report of the FBI's misuse of National Security Letters in 2007. 95 Ciminelli replied by email the next day that "we do not believe that CCM has ever reviewed the subpoena," and would obtain "a copy from FO to review it now." Two months later, however, OCC had not responded to Powers's email inquiry. In early September 2008, Sanger notified Ciminelli that she assigned a senior attorney in CCM (Senior Attorney 1) to review the "subpoena question." Sanger also remarked that she saw "nothing wrong with it on the surface, but [hasn't] seen the actual subpoena." 94 CCM is the unit within OCC responsible for addressing administrative subpoena issues. 95 See U.S. Department of Justice Office of the Inspector General, A Review of the Federal Bureau of Investigation's Use of National Security Letters, March 2007. Following this OIG report, OCC conducted an internal review in May 2007 of its documented legal advice and guidance regarding administrative subpoenas for the prior 5 years, including a review of training and materials in the DEA Agents Manual relating to administrative subpoenas. OCC's summary report concluded that its substantive legal advice regarding administrative subpoenas had been correct. However, OCC found that the DEA Agents Manual omitted some important procedural guidelines, such as restrictions imposed by other federal statutes on the use of administrative subpoenas, and actions to be taken if the DEA received unauthorized information in response to an administrative subpoena. ace also found that its training academy failed to have OCC attorneys provide the training on legal rules for administrative subpoenas to new agents and new group supervisors who would have authority to sign subpoenas. OCC's internal report documented the measures taken or to be taken to address the deficiencies that were found. OCC's report noted, without discussion, that "specialized legal support for certain DEA intelligence, programs utilizing administrative subpoenas," a description that possibly included was supervised by the Deputy Chief Counsel for International and Intelligence Law. Significantly, the OCC report did not address the issue of whether Section 876(a) authorized DEA to collect bulk data by administrative or for subsequent exploitation in subpoena for target deve~nt purposes as done in specific cases as done in - · 67 On September 9, 2008, Sanger sent Powers's July 2008 email inquiry to Senior Attorney 1. Senior Attorney 1 responded 2 days later to Sanger, copying Ciminelli and Powers, stating that she had "no legal objections" after review~ sample subpoena. Senior Attorney l's response, which attached a sample subpoena, also noted that the subpoenas requested raw data from companies that was disseminated to the field divisions as leads to develop their own probable cause. 96 Senior Attorney 1 separately forwarded her le~nclusion to Jennings and a former FO Section Chief, who notified the first Staff Coordinator by forwarding the email to him. Senior Attorney 1 told us that she did not have an independent recollection of this issue. 97 However, she remarked that on current reflection the subpoena language appeared fine because it seemed to her that the DEA had a specific target or was investigating a specific crime. She added that if she had understood at the time that the DEA was merely issuing "blanket" subpoenas on purchases between certain dates without connection to an open case then she likely would have advised against it (despite her email reflecting that she knew the raw data was being disseminated to the field as leads to develop their own probable cause). After Senior Attorney 1 replied "no objection," Sanger emailed Powers that "my view is probably the same as yours. Unless a federal court tells us we can't do this, I think we can continue this project." made None of the 2008 emails regarding the legal underpinnings of reference to the fact that a very similar question had been raised ~ l i e r , in connection with a ro osal to use administrative sub oenas to . As detailed in Chapter Three, in 2005, the DOJ Criminal Division Narcotic and Dangerous Drug Section (NODS) and Asset Forfeiture and Mone Laundering Section (AFMLS) both prepared legal analyses of that highlighted the relevance of United States v. Bisceglia, 420 U.S. 141 (1975), and Peters v. United States, 853 F.2d 692 (9th Cir. 1988), to the question of whether the DEA's administrative subpoena authority in 21 U.S.C § 876(a) permitted the collection of bulk, non-target-specific data for "exploratory purposes." The AFMLS memorandum opined that the DEA's proposed use of its administrative subpoena authority for exploratory purposes to gather bulk wire remitter records 96 Senior Attorney 1's "no objection" response stated that she had conferred with a more senior CCM line attorney. Powers pointed out to us that the DEA headquarters delays on even extended to his legal questions-noting that it took 2 months before headquarters responded with a "one-liner, yes." 97 However Senior Attorne collection because whereas in more recent Department projects she recalled much discussion on how to avoid "retain[ing] information on innocent people." 68 in "entail[ed] significant risk of adverse consequences" from both courts and Congress to such use. The absence of any reference to this analysis was particularly noteworthy given that Ciminelli and others in ace had been alerted to the Criminal Division's concerns about . In July 2005, the then-OCC Section Chief of International Law (CCI Section Chief) sent a high priority email to then-Chief Counsel Wendy Goggin, then-Deputy Chief Counsel Michael Ciminelli, and other managers to notify them that the AFMLS Chief intended to meet with the DEA's Office of Special Intelligence Chief to ~ h e use of administrative subpoenas for exploratory purposes, like - · Among other concerns, the CCI Section Chief noted that AFMLS was concerned that Congress might substantially restrict the DEA's administrative subpoena authority, as it had done with the Internal Revenue Service after the Bisceglia opinion, even if such exploratory usage survived a court challenge. In any event, we found no evidence that Ciminelli or anyone else in ace recognized that raised the same issues about the scope of Section 876(a) that arose in the proposed operation. B. FBI Concerns at the Fusion Center in May 2013 As noted above, beginning in May 2013, DEA sent data to the OCDETF Fusion Center for analysis. On May 15, 2013, then-FO Section Chief McKnight reported to ace that FBI agents had raised questions to DEA management at the Fusion Center about "the leg~ of the subpoenas and utilization of the Fusion Center to query the data, which FO recently had started to send there. McKnight requested guidance from OCC, noting that his then-FO Chief had received a telephone inquiry on this issue from Fusion Center Chief Counsel. One week later, a DEA attorney in CCM provided McKnight the September 2008 response to Powers's inquiry, discussed above. The FBI agents we interviewed described their concerns at the time. First, they were concerned about the broad scope of the "blanket" ~ n a s to obtain information simply because somebody purchased a - · They told us that in their collective experience at the FBI they could not issue an administrative subpoena without it being based on a specific target or case. Some of them also noted that the FBl's policy governing use of administrative subpoenas did not permit "blanket" usage. 98 As one FBI agent subpoenas: explained the concern about the "blanket" - 98 Under Section 18.6.4 of the FBI's Domestic Investigations Operations Guide (DIOG), the FBI cannot issue an administrative subpoena under 21 U.S.C. § 876(a) unless it is relevant to a predicated drug investigation. Also, under Section 6.9 of the DIOG, the FBI has authority to issue administrative subpoenas in Preliminary Investigations. Section 6.1 of the DIOG provides that a Preliminary Investigation "may be opened on the basis of any 'allegation or information' indicative of possible criminal activity or threats to national security." Section 6.5 of the DIOG describes the predication required in this circumstance as particularized to a specific criminal activity or national security threat and the involvement or role of specific individuals, groups, organizations, or entities in such activity. 69 [I]t wasn't predicated on individual cases or individual suspicions. Rather, it [was] just a general fishin ex edition because one had] a good sense that some people that may also be using [them] for illicit purposes. . . . [But] you can't just take any [kind of] innocent activity that Americans engage in and go grab all their records knowing that a small percentage of it is potentially connected to illegal activity. And that sounded exactly like what DEA was looking to do. Second, the FBI a ents were concerned about the Fusion Center personnel running all through the Fusion Center database to mine for potential connections to an actual investigation. They explained that running all of these names, which had been collected without foundation, through a massive government database and producing comprehensive intelligence products on any "hits," which included detailed information on family members and pictures, "didn't sit right with any of [them]." The FBI agents' concerns were raised to the Fusion Center Deputy Director, an FBI employee (FBI Deputy), who told us that he shared the same concerns. The FBI Deputy told us that underlying part of the FBI's concerns was that DEA and Fusion Center management tried "to push very quickly," but it "needed to be really vetted and looked at by [FBI headquarters management] seven ways to Sunday" to ensure that it was consistent with the FBI's policies and protocols. The FBI Deputy told us that he notified the Fusion until he Center Director that the FBI was not going to participate in received approval from FBI headquarters because "it just didn't seem right" in his experience. The Fusion Center Chief Counsel stated that the FBI's dataset is a significant part of the Fusion Center database, but it was not included in the data due to the FBI's objection to - · queries of the The FBI Deputy related to us that a meeting was held with then-FBI Deputy Assistant Director of the FBI's Criminal Investigative Division, after the FBI Deputy raised the collective concerns on to the then-Section Chief of the FBI's Criminal Investigative Division and an FBI Office of General Counsel (OGC) attorney. The FBI OGC attorney told us that after reviewing the statute and the DIOG it was clear to her that in "the FBI world you have to have a specific predicated investigation" to issue an administrative subpoena, but the DEA was not necessarily subject to the same constraints. 99 The FBI OGC attorney said that she informed the FBI Deputy Assistant Director that the FBI could not have used its administrative subpoena authority for_, if it was an FBI program, "unless we had an individual [or organization] that we're trying to target" because of the DIOG's requirements. However, the FBI OGC attorney stated that she also explained to the Deputy Assistant Director that the FBI 99 The FBI OGC attorney told us that the FBI lawyers who wrote the DIOG interpreted the statute, 21 U.S.C. § 876(a), to require an open investigation, or in FBI policy a "predicated investigation" particularized to a target. However, she told us that she understood that the DEA did not have such policy constraints. 70 could use the --subpoenaed data because the DEA collected the data under its authority (and not at the FBI's direction). The FBI OGC attorney told us that after hearing these points the FBI Deputy Assistant Director decided that the FBI would not participate in the Fusion Center. at The FBI Deputy said that he notified the Fusion Center management and it was "not received about the FBI's decision not to participate in well," particularly by DEA as the "parent agency" pushing the initiative. According to Fusion Center Chief Counsel, the FBl's decision not to participate in at the Fusion Center was the primary reason why the Fusion Center's then-Acting Director (not a DEA employee) decided not to make a permanent part of the Fusion Center operations after the pilot project ended. FO ceased sending --subpoenaed data to the Fusion Center in August 2013. We turn next to the DEA's legal review o f - in late July 2013 in response to the OIG's inquiries. C. OCC's Review before OIG Meeting in August 2013 Two months after McKnight reported the FBl's concerns on _ , OCC initiated a legal review of the program in response to inquiries that DEA had recently received about the program from the OIG. Specifically, in late July 2013, DEA's CCM Section Chief assigned a senior CCM attorney (Senior Attorney 2) to review whether the DEA's use of administrative subpoenas in was overbroad in preparation for an upcoming meeting with the OIG. Senior Attorney 2 sent his legal assessment in two lengthy emails to the CCM Section Chief and OCC senior manager, Maura Quinn. 100 In the first email, Senior Attorne 2 discussed at length the 2005 NODS memorandum regarding which, as described in Chapter Three, highlighted the relevance of the court opinions in Bisceglia and Peters to the question of whether the DEA's Section 876(a) authority would permit the collection of bulk, non-target-specific data for "exploratory purposes." Senior Attorney 2 noted that the 2005 NODS memorandum was "directly on ~ ' to analyze the use of "exploratory" or non-target-specific subpoenas in - · His review of the memorandum's in-depth analysis of court rulings subpoenas" concluded that it was "unclear what a court would do with the because of conflicting court rulings in the most comparable cases. In the second email, Senior Attorney 2 addressed Quinn's question on whether the language in the administrative subpoenas was "legally sufficient." He responded to Quinn that the DEA had a "good-faith belief that the subpoen~stainable," even if not directed to a particular suspect, based on foun