The Federal Bureau of Investigation's Compliance
with the Attorney General's Investigative Guidelines
(Redacted)

Special Report
September 2005
Office of the Inspector General


Chapter Five: Attorney General's Guidelines on
General Crime, Racketeering Enterprise and
Terrorism Enterprise Investigations


Of the four Investigative Guidelines, the Guidelines on General Crimes, Racketeering Enterprise and Terrorism Enterprise Investigations (General Crimes or GCI Guidelines) have the broadest scope. They govern the FBI's investigation of general crimes, racketeering enterprises, and terrorism enterprises. Below we describe the various levels of investigative activity permitted under the General Crimes Guidelines, the two types of investigations they authorize: 1) general crimes investigations and criminal intelligence investigations, and 2) the new anti-terrorism authorities that were added after September 11, 2001. We also provide our compliance findings and recommendations for each of these Guidelines activities and provisions.

  1. Levels of Investigative Activities
  2. The General Crimes Guidelines authorize three graduated levels of investigative activity. These activities are the checking of initial leads, preliminary inquiries, and full investigations. With limited exceptions, the General Crimes Guidelines provide that any lawful investigative technique may be used in preliminary inquiries and full investigations. General Crimes Guidelines, Introduction, A.280

    One level of investigative activity is the checking of initial leads, which can be undertaken after receipt of information indicating that some follow up regarding the possibility of criminal activity is warranted. Following up on such leads often is for the purpose of determining whether further investigation (either a preliminary inquiry or a full investigation) should be conducted.

    The next level of investigative activity is a preliminary inquiry. According to the General Crimes Guidelines, a preliminary inquiry is appropriate when information or an allegation indicates the possibility of criminal activity and responsible handling requires further scrutiny beyond checking initial leads. General Crimes Guidelines, Introduction, A. A preliminary inquiry allows the FBI to determine whether a full investigation should be opened.

    The range of investigative techniques in a preliminary inquiry is broad, with the Guidelines prohibiting only mail openings and nonconsensual electronic surveillance. General Crimes Guidelines, Introduction, A. The Guidelines state that the FBI should not hesitate to use any lawful techniques in a preliminary inquiry, even if "intrusive," where "the intrusiveness is warranted in light of the seriousness of the possible crime or the strength of the information indicating its existence or future commission." Id. II.B.4.

    The Guidelines define full investigations as either general crimes investigations or criminal intelligence investigations. General crimes investigations may be opened where facts or circumstances reasonably indicate that a federal crime has been, is being, or will be committed. GCI Guidelines, Introduction, B. The standard for initiating a general crimes investigation is "substantially lower than probable cause" and may be satisfied when the objective of the investigation is to prevent future criminal activity, as opposed to investigating a completed criminal act. Id. II.C.1.

    The second type of full investigation defined by the General Crimes Guidelines is a criminal intelligence investigation. There are two types of criminal intelligence investigations: racketeering enterprise investigations (REIs) and terrorism enterprise investigations (TEIs). According to the General Crimes Guidelines, a racketeering enterprise investigation may be initiated when facts or circumstances reasonably indicate that two or more persons are engaged in a pattern of racketeering activity as defined in the Racketeer Influenced and Corrupt Organizations (RICO) statute, 18 U.S.C. 1961(5). Id. III.A.2.a. A terrorism enterprise investigation may be initiated when facts or circumstances reasonably indicate that two or more persons are engaged in an enterprise for the purpose of: 1) furthering political or social goals wholly or in part through activities that involve force or violence and a federal crime, 2) engaging in terrorism as defined in 18 U.S.C. 2331(1) or (5) that involves a federal crime, or 3) committing any offense described in 18 U.S.C. 2332b(g)(5)(B). Id. III.B.1.a.

    We describe below the requirements of the General Crimes Guidelines relating to preliminary inquiries, general crimes and criminal intelligence investigations, and the new counterterrorism authorities, followed by our compliance findings and recommendations.

  3. Preliminary Inquiries
    1. Significant Requirements
    2. The General Crimes Guidelines state that the opening of a preliminary inquiry must be based on an allegation or other information that is recorded in writing and authorized by an FBI supervisor. In "sensitive criminal matters," the FBI must notify the U.S. Attorney or an appropriate Department of Justice (DOJ) official of the basis for an inquiry as soon as practicable after its opening, and must create a record of the notification. GCI Guidelines II.B.2.

      Preliminary inquiries may be authorized for up to 180 days. A Special Agent in Charge (SAC) may grant up to two 90-day extensions if the inquiry has failed to yield a "reasonable indication" of criminal activity and further investigative steps are warranted. Additional extensions require approval by FBI Headquarters. Id. II.B.3.

      When a preliminary inquiry fails to develop sufficient information to justify a full investigation, the FBI must end the inquiry and record its closing. In sensitive criminal matters, the FBI must notify the U.S. Attorney of the closing and record the fact of the notification in writing. Id. II.B.7.

    3. Major Revisions to the Guidelines
    4. The revised General Crimes Guidelines altered authorization procedures and time limits for preliminary inquiries to provide agents with greater flexibility to respond to terrorist and criminal activity. The major revisions to the preliminary inquiry provisions of the Guidelines were:

      • extending from 90 to 180 days the period for initial authorizations;

      • authorizing SACs to grant the first 2 extensions for preliminary inquiries and lengthening the duration of these extensions from 30 to 90 days;

      • permitting the use of mail covers during a preliminary inquiry;282

      • authorizing initiation of preliminary inquiries to determine whether grounds exist to initiate a racketeering enterprise or terrorism enterprise investigation; and

      • emphasizing that the FBI should not hesitate to use any lawful techniques consistent with the Guidelines, even if intrusive, where the intrusiveness is warranted in light of the seriousness of the possible crime or the strength of the information obtained.

    5. The OIG Review of Preliminary Inquiries
    6. The focus of our review was on the Guidelines' requirements for predication to initiate or extend the preliminary inquiry, and notifications to appropriate DOJ officials of the initiation and closing of sensitive criminal matters.

      In our visits to 12 FBI field divisions, we reviewed a sample of 46 preliminary inquiries at 9 FBI field office locations. From a list of over 60,000 preliminary inquiries provided to us by the FBI, we requested 6 inquiries from each of 12 field offices.283 Three offices did not identify any preliminary inquiries in general crimes cases, while others provided fewer than six. We examined key requirements of the preliminary inquiry provisions of the General Crimes Guidelines. We focused on whether the field office had complied with the following notifications and authorizations.

      • Did the SAC authorizing the preliminary inquiry ensure that the allegation or other information justifying the inquiry was recorded in writing?

      • If the preliminary inquiry remained open longer than 180 days, did the SAC timely authorize extensions?

      • Was the U.S. Attorney or appropriate DOJ official notified of the opening and closing of preliminary inquiries involving sensitive criminal matters?

    7. Compliance Findings
    8. All but one of the preliminary inquiry files we examined contained the written allegation or information justifying the inquiry. Nineteen of the preliminary inquiries extended past the initial 180-day authorization period, of which 13 continued more than 270 days and required a second extension. Of these 19 preliminary inquiries, 10 (53 percent) did not contain the necessary documentation authorizing the extensions, closings, or conversions to full investigations. Ten of the 13 files (77 percent) for preliminary inquiries that extended over 270 days contained no documentation authorizing a second extension, closing, or conversion. Thus, of the 32 instances when an extension, conversion to full investigation, or closing was appropriate, we found authorization documentation missing in 20 instances or 63 percent. The following table summarizes these findings.

      TABLE 5.1
      OIG Compliance Findings from 46 Preliminary Inquiries
      in Select FBI Field Offices
      Preliminary inquiries that extended past the initial 180-day authorization period 19

      • Preliminary inquiries extending past the initial 180-day authorization period that did not contain necessary documentation of authorization for extensions, closings, or conversions to full investigations.
      10 (53%)
      Preliminary inquiries that extended past the first extension period 13

      • Preliminary inquiries extending past the first extension period that did not contain necessary documentation of authorizations for second extensions, closings, or conversions to full investigations.
      10 (77%)

      Our review also identified six preliminary inquiries involving sensitive criminal matters. We found that all appropriate notifications to the U.S. Attorneys were made in each of these cases.

    9. OIG Analysis and Recommendations
    10. Preliminary inquiries allow FBI agents to investigate information that is ambiguous or incomplete. The limitations on the duration of preliminary inquiries ensure that a determination whether to end the inquiry or continue with a full investigation is made in a reasonable period of time.

      As we discuss in Chapter Two, abuses of the FBI's investigative authorities in conducting domestic intelligence investigations led to the first set of Attorney General Guidelines issued in 1976. Among the abuses documented by the Church Committee were the FBI's extensive use of preliminary inquiries to collect information about students, civil rights groups, and war protestors, among others.284 The 1976 Guidelines eliminated the use of certain intrusive techniques in preliminary inquiries, including the recruiting of new informants and the use of mail covers. The revisions to the Domestic Security Investigation Guidelines in 1983 eliminated preliminary inquiries in domestic security investigations, permitting them to be used only in the conduct of general crimes investigations.

      In light of the extended time periods for preliminary inquiries and the devolution of significant authority to field managers in the May 2002 revisions of the General Crimes Guidelines, we believe our findings regarding the FBI's failure to develop adequate controls to ensure that authorizations for extensions, conversions, and closings of preliminary inquiries are obtained and documented in case files merit corrective action.

      We recommend that the FBI take the following step.

      (20) Ensure compliance with the General Crimes Guidelines' requirements to obtain and document authorizations for the extension, conversion to full investigation, and closing of preliminary inquiries.

  4. General Crimes Investigations
    1. Role of General Crimes Investigations
    2. The FBI has jurisdiction to investigate federal crimes except where such responsibility is specifically assigned by statute or otherwise to another federal investigative agency. General Crimes Guidelines Preamble; see generally 18 U.S.C. 533 (2002).

      The FBI's general crimes investigations address a broad range of criminal conduct and account for the majority of FBI criminal investigations. From May 2002 through March 2004, the FBI had over 62,000 open general crimes investigations. The FBI categorizes these investigations in program classifications such as Domestic Terrorism, Organized Crime, Drug Program, White Collar Crime, Civil Rights, and Violent Crime and Major Offenders. MIOG Introduction, 2-1.285

    3. Significant Requirements
    4. The General Crimes Guidelines impose requirements for both the predication needed to open a full investigation and the authorization process that the FBI must follow. Under the Guidelines, "[a] general crimes investigation may be initiated when facts or circumstances reasonably indicate that a federal crime has been, is being, or will be committed." General Crimes Guidelines II.C.1. The Guidelines explain that information justifying the opening of an investigation "must [have] an objective factual basis" and that "a mere hunch is insufficient." Id. In making the determination whether to open a general crimes investigation, the FBI "may take into account any facts or circumstances that a prudent investigator would consider." Id.

      The approval process to open an investigation under the General Crimes Guidelines is similar to the process for opening a preliminary inquiry. The FBI supervisor authorizing an investigation must ensure that facts or circumstances satisfy the reasonable indication standard described above and that this information is recorded in writing. Id. II.C.3. In "sensitive criminal matters," written notification must be provided to the U.S. Attorney or an appropriate DOJ official, as well as to FBI Headquarters, as soon as practicable after the investigation commences. Id. When that investigation is terminated, the FBI must notify the appropriate federal prosecutor within 30 days. Id. II.C.4.

      The Guidelines also contain procedures for disseminating information regarding general crimes. With limited exceptions, in circumstances where the FBI obtains credible information concerning serious criminal activity not within its investigative jurisdiction, the Guidelines require the relevant FBI field office to promptly transmit the information, or to refer the complainant, to the law enforcement agencies having jurisdiction. Id. II.C.6. Where full disclosure is not made to these agencies within 180 days, the FBI field office is required to notify FBI Headquarters in writing of the facts and circumstances concerning the criminal activity. Id.

    5. Major Revisions to the Guidelines
    6. The May 2002 revisions to the General Crimes Guidelines did not alter the scope of general crimes investigations. As described above, the most significant changes concerning general crimes investigations involved preliminary inquiries, not full investigations. These changes were in addition to revisions that expressly recognized the fundamental shift in the FBI's focus to the detection and prevention of terrorist attacks.

    7. The OIG Review of General Crimes Investigations
    8. To examine the FBI's compliance with the general crimes provisions of the General Crimes Guidelines, we reviewed 72 general crimes files at 12 field offices. Initially, we requested that each field office provide documentation on six "sensitive criminal matters" within the meaning of II.A.2 of the Guidelines. However, many of the case files identified by the FBI did not involve circumstances that met this definition, and we were advised that it was not practicable to isolate qualifying cases from the FBI's many general crimes files during our site visits. In total, we examined 32 files involving sensitive criminal matters, which accounted for 44 percent of all the general crimes files we reviewed.

      With respect to the Guidelines' requirements in general crimes cases, we focused on the following issues.

      • Was the opening basis, including predication, in writing?

      • In sensitive criminal matters, did the FBI provide required opening notifications to the U.S. Attorney's Office or DOJ and to FBI Headquarters?

      • Did the FBI provide required closing notifications to the U.S. Attorney's Office or DOJ?

      • Did the FBI appropriately disseminate investigative information outside DOJ?

    9. Compliance Findings
    10. Of the 72 general crimes files we reviewed, we determined the following.

      • 71 of the 72 files identified the predication in the case opening or ancillary documentation.

      • Of the 32 sensitive criminal matters we examined, the FBI notified the U.S. Attorney's Office or the DOJ in all investigations for which such notification was required, although 5 of the case files did not contain the written notification mandated by the Guidelines.286 In one of the sensitive criminal matters, it was not evident that FBI Headquarters was notified of the case opening.

      • 22 of the sensitive criminal matters were still pending at the time of our site visits. Of the 10 sensitive criminal matters that had closed, the FBI notified the U.S. Attorney's Office or DOJ of the case closing within the required time in nine instances.287

      • When disseminating information regarding these general crimes investigations to other law enforcement agencies, the FBI consistently documented an adequate basis to do so, in conformity with the Guidelines.

      Predication in Opening Documentation

      We found only one matter where it was not possible to determine the predication in the opening documentation. This case was investigated in concert with another DOJ component. Later entries in the file, however, established that there was reasonable indication that a crime had been committed and that the basis for the investigation was sound.

      Notifications in Sensitive Criminal Matters

      1. Opening Notifications

        The General Crimes Guidelines require that in sensitive criminal matters, the predication for investigations be recorded in writing and provided to both DOJ and FBI Headquarters as soon as practicable after commencement of the investigation.288 Although we found that the U.S. Attorney, or DOJ, was consistently notified of the basis for sensitive criminal matter openings, in 5 of these 32 cases the written notification required by the Guidelines was not included in the case file. We therefore had to find evidence of the notification from other information in the file (such as an FBI internal memorandum indicating field discussions with a prosecutor). In one of these instances, we were unable to locate the written notification to FBI Headquarters and could not determine from other case file documentation that the notification was made.

      2. Closing Notifications

        Closing notifications were contained in every case file where appropriate.289

      Dissemination of Information to Other Law Enforcement Agencies

      Our review examined 16 instances where the FBI disseminated information developed in general crimes investigations to other law enforcement agencies pursuant to II.C.6 of the General Crimes Guidelines. We determined in each case that the FBI adhered to the applicable Guidelines' requirements.

    11. OIG Analysis and Recommendations
    12. Our review found that the FBI generally is complying with the requirements of the General Crimes Guidelines governing general crimes investigations.

  5. Criminal Intelligence Investigations
    1. Role of Criminal Intelligence Investigations
    2. In contrast to general crimes investigations, which target individuals and specific criminal acts, the focus of criminal intelligence investigations is on a group or enterprise. The purpose of these investigations is to obtain information concerning the nature and structure of an enterprise - including information relating to its membership, finances, geographical dimensions, past and future activities, and goals - with a view toward detecting and preventing the enterprise's criminal activities and prosecuting those responsible for them. There are two types of criminal intelligence investigations: racketeering enterprise investigations (REIs) and terrorism enterprise investigations (TEIs). GCI Guidelines, Introduction, B.

      Terrorism enterprise investigations, which can develop intelligence to help prevent terrorist acts, are classified as either domestic or international.290 Domestic terrorism investigations involve U.S. persons residing in the United States who are not acting on behalf of a foreign power, and who may be conducting criminal activities in support of terrorist objectives. International terrorism investigations involve U.S. persons or foreign nationals in the United States who are targeting national security interests on behalf of a foreign power.291 After the issuance of the revised Investigative Guidelines on May 30, 2002, and until a new FBI investigative classification was established effective October 1, 2003, that combined criminal and intelligence international terrorism investigations, the FBI conducted a limited number of international terrorism investigations under the terrorism enterprise investigation Guidelines.292 Since October 2003, however, the FBI has elected to use the terrorism enterprise provisions of the General Crimes Guidelines solely to investigate domestic terrorism matters, while international terrorism investigations are conducted under the Attorney General's Guidelines for FBI National Security Investigations and Foreign Intelligence Collection (NSI) Guidelines.293

    3. Significant Requirements
    4. Racketeering Enterprise Investigations

      The General Crimes Guidelines authorize the initiation of racketeering enterprise investigations "when facts or circumstances reasonably indicate that two or more persons are engaged in a pattern of racketeering activity as defined in the RICO statute, 18 U.S.C. 1961(5)." General Crimes Guidelines III.A.2.a. The Guidelines state that "[t]he standard of 'reasonable indication' is identical to that governing the initiation of a general crimes investigation." Id.

      Racketeering enterprise investigations must be approved by the SAC with notification to FBI Headquarters and must be based upon a written recommendation indicating that the standard for opening the investigation is satisfied. Id. III.A.5.a. The FBI also must notify the Organized Crime and Racketeering Section of DOJ's Criminal Division and any affected U.S. Attorney's Office of the initiation of the investigation. Id. III.A.5.b. The first authorization period may not exceed one year, and renewals may be obtained for additional periods also not to exceed one year. Renewal authorization is obtained from the SAC, with notification to FBI Headquarters and the Organized Crime and Racketeering Section of DOJ's Criminal Division. Id. III.A.5.c. The SAC must review the investigations on or before the expiration of the period for which the investigation and each renewal is authorized. Id. III.A.5.d.

      Terrorism Enterprise Investigations

      The standard for initiating a terrorism enterprise investigation also incorporates the "reasonable indication" threshold. The General Crimes Guidelines provide:

      A terrorism enterprise investigation may be initiated when facts or circumstances reasonably indicate that two or more persons are engaged in an enterprise for the purpose of: (i) furthering political or social goals wholly or in part through activities that involve force or violence and a violation of federal criminal law, (ii) engaging in terrorism as defined in 18 U.S.C. 2331(1) or (5) that involves a violation of federal criminal law, or (iii) committing any offense described in 18 U.S.C. 2332b(g)(5)(B).

      Id. III.B.1.a. As with racketeering enterprise investigations, the Guidelines provide that terrorism enterprise investigations must be authorized by the SAC with notification to FBI Headquarters, and they must be based upon a written recommendation.294 The FBI also must notify the Counterterrorism Section of DOJ's Criminal Division, DOJ's Office of Intelligence Policy and Review (OIPR), and any affected U.S. Attorney's Office of the opening of a terrorism enterprise investigation.295 General Crimes Guidelines III.B.4.a. Authorization periods and procedures in these investigations are the same as for racketeering enterprise investigations. Id. III.B.4.b and c. The FBI is required to report to DOJ's Counterterrorism Section and OIPR the progress of terrorism enterprise investigations within 180 days of their initiation and the results at the end of each year the investigation continues. Id. III.B.4.f.

    5. Major Revisions to the Guidelines
    6. The revisions to the criminal intelligence provisions of the General Crimes Guidelines emphasized the reduction of administrative requirements by devolving approval authority to FBI field offices, extending authorization periods, and expanding the scope of terrorism enterprise investigations. Major changes to the Guidelines included:

      • authorizing the SAC rather than FBI Headquarters to approve the initiation and renewal of criminal intelligence investigations;

      • extending from 180 days to 1 year the period for initial authorizations and renewals; and

      • expanding the scope of TEIs to include certain kinds of racketeering activity with a terrorism nexus.

    7. The OIG Review of Criminal Intelligence Investigations
    8. Racketeering Enterprise Investigations

      To examine the FBI's compliance with key provisions of the racketeering enterprise investigation provisions of the General Crimes Guidelines, we reviewed all REIs at the 12 FBI field offices we visited. Because 4 of the offices had no REIs, we reviewed the 14 available REI investigative files at the remaining 8 offices. The FBI provided the OIG with a list of all REIs that were open on or after May 30, 2002, which listed a total of 37 such investigations nationwide. Our review primarily focused on whether the field offices obtained the necessary authorizations and provided appropriate notifications. Specifically, we examined the following authorization and notification requirements.

      • Did the SAC authorize an investigation after finding that the facts or circumstances in the written recommendation reasonably indicated that two or more persons were engaged in a pattern of racketeering activity as defined in the RICO statute, 18 U.S.C. 1961(5)?

      • Did the SAC notify FBI Headquarters of the opening of the investigation?

      • If the investigation remained open longer than one year, did the SAC review the investigation on or before the expiration of the period for which the investigation was authorized or renewed?

      • Did the SAC notify FBI Headquarters when extensions of the REIs were authorized?

      In addition, we determined whether there was evidence that the FBI notified the Organized Crime & Racketeering Section of the DOJ Criminal Division and any affected U.S. Attorney's Office of the opening of the investigation.

      Terrorism Enterprise Investigations

      We asked the FBI to identify 6 terrorism enterprise investigative files for each of the 12 field offices we visited. Only 4 of the 12 offices had any TEIs, and, together, they had 5 TEIs. Our review focused on the following documentation and notification requirements.

      • Did the SAC authorize the terrorism enterprise investigation after finding that the facts and circumstances in the written recommendation reasonably indicated that the standard for opening such an investigation was satisfied?

      • Did the SAC notify FBI Headquarters of the opening of the terrorism enterprise investigation?

      • Was there evidence that the FBI notified the Counterterrorism Section of the DOJ Criminal Division, OIPR, and any affected U.S. Attorney's Office of the opening of the investigation?

      • Did the FBI report to the Counterterrorism Section of the DOJ Criminal Division and OIPR the progress of the investigations not later than 180 days after initiation, and the results at the end of each year that the investigation continued?

      • If the investigation remained open longer than one year, did the SAC review the investigation on or before the expiration of the period for which the investigation was authorized or renewed?

      • Did the SAC notify FBI Headquarters when extensions of the TEIs were authorized?

    9. Compliance Findings
    10. Racketeering Enterprise Investigations

      We found that documents in each of the 14 REI case files adequately stated the reasons for opening these investigations and that the authorizations were properly provided by the SAC.

      With respect to notifications of case openings, the investigative files contained documentation that the field office notified FBI Headquarters in 12 of the 14 cases, or 86 percent of the time. According to the MIOG, the initiation of a racketeering enterprise must be followed by notification, including all supporting documentation, to FBI Headquarters within 14 calendar days of receiving authorization by the SAC.296 The FBI also must notify the Organized Crime & Racketeering Section of the DOJ Criminal Division and any affected U.S. Attorney's Office. We found no evidence of notifications to DOJ in 10 of the files we examined (71 percent), while 12 of the 14 files (86 percent) lacked evidence of notification to a U.S. Attorney's Office. One field office told us that once it notifies FBI Headquarters of the opening of a REI, it relies upon Headquarters to notify the U.S. Attorney's Office and/or the Organized Crime & Racketeering Section of DOJ. This practice may account in at least some instances for the missing documentation of opening notifications.

      Notifications of renewals also were problematic. The files associated with four of the five investigations that continued beyond the initial authorization period did not contain documentation of notification to FBI Headquarters or evidence of review by the SAC on or before expiration of the initial authorization period. The table below summarizes our findings with regard to Guidelines-related documentation for racketeering enterprise investigations.

      TABLE 5.2

      Documentation of Racketeering Enterprise Investigation Predication
      and Field Office Notifications to DOJ, USAOs, and FBIHQ

      Field Office Number
      of REIs
      Reviewed
      Sufficient
      Predication
      in Opening
      Document
      Field
      Notified
      FBIHQ
      of
      Opening
      Documentation
      of Opening
      Notification to
      DOJ OCRS
      Documentation
      of Opening
      Notification to
      USAOs
      Number
      Lasting
      More
      Than 1
      Year
      SAC
      Reviewed
      Before
      Expiration
      Field
      Notified
      FBIHQ re:
      Extensions
      Field Office 2 2 2 2 2 1 1 0 0
      Field Office 3 4 4 4 0 0 1 0 0
      Field Office 6 2 2 1 1 0 0 N/A N/A
      Field Office 7 1 1 1 0 0 0 N/A N/A
      Field Office 9 1 1 1 0 0 1 1 1
      Field Office 10 2 2 1 0 0 1 0 0
      Field Office 11 1 1 1 0 1 0 N/A N/A
      Field Office 12 1 1 1 1 0 1 0 0
      TOTAL (8) 14 14 12 4 2 5 1 1

      Terrorism Enterprise Investigations

      We found that documents in the five FBI case files adequately stated the reasons for opening these investigations and that the authorizations were properly provided by the SAC. However, the files we reviewed did not consistently contain evidence of required notifications and reports.

      Opening Basis Adequately Meets Guidelines' Criteria

      A SAC may authorize a TEI (subject to FBI Headquarters' concurrence) after assuring that the facts or circumstances contained in a written recommendation reasonably indicate the existence of an enterprise as described in the Guidelines. General Crimes Guidelines III.B.1.a. We found that all five TEIs satisfied the standard to open a terrorism enterprise investigation.

      Notifications to FBI Headquarters

      The General Crimes Guidelines require notice to FBI Headquarters after a SAC authorizes a terrorism enterprise investigation. Id. III.B.4.a. We found that in all five cases we examined FBI Headquarters was appropriately and promptly notified of the case initiations.

      Notifications to the Department of Justice.

      The General Crimes Guidelines require that the FBI notify the DOJ Criminal Division's Counterterrorism Section, OIPR, and any affected U.S. Attorney's Office of the opening of a terrorism enterprise investigation. Id. We found that evidence of these notifications was not consistently present in the case documentation. Only one office's files contained notification to the U.S. Attorney's office for a case initiation. We did not find evidence of notification to the Counterterrorism Section for three of the five case initiations and to OIPR for four of the five cases. Officials from one field office told us that once it notifies FBI Headquarters of the opening of a TEI, it relies upon Headquarters to notify OIPR. This practice may account - in at least some instances - for the absence of documentation of opening notifications.

      Progress Reports to the Department of Justice

      The General Crimes Guidelines require that the FBI report to the DOJ Criminal Division's Counterterrorism Section and OIPR the progress of TEIs no later than 180 days after their initiation, and the results at the end of each year the investigation continues. Id. III.B.4.f. The MIOG states that the results of the investigation must be furnished within 180 days to FBI Headquarters with a cover communication setting forth the status of the investigation, and the memoranda must arrive at FBI Headquarters at least ten days before the due date. MIOG 100-3.1.1. We did not find documentation of this progress report in three of the four investigations that continued beyond 180 days, including one TEI that extended beyond one year. Moreover, the single field office that drafted a progress report submitted its report 39 days late.

      Investigations Extending Beyond One Year

      A TEI may be authorized initially for up to one year and may be continued for additional periods each not to exceed one year. General Crimes Guidelines III.B.4.b. Of the five cases we reviewed, only one continued for more than one year. The SAC authorized this investigation with FBI Headquarters' concurrence for periods less than one year and had approved seven extensions. In accordance with the General Crimes Guidelines, the SAC reviewed the case prior to the expiration of each extension and submitted all required authorization documentation to FBI Headquarters. However, the file did not contain evidence of either the 180-day progress report or the yearly progress reports to DOJ.

    11. OIG Analysis and Recommendations
    12. With respect to compliance with the criminal intelligence provisions of the General Crimes Guidelines, our review found that the FBI has not ensured that:

      • all required notifications to U.S. Attorneys, DOJ, and FBI Headquarters were timely made and documented in the case files;

      • reviews by SACs were documented; and

      • reports to DOJ were timely completed and included in the case files.

      Opening notifications to DOJ and U.S. Attorneys' Offices were not evident in many of the files for REIs (71 percent and 86 percent, respectively), and notifications of TEIs to DOJ's Counterterrorism Section did not appear in 60 percent of the files. Notifications for both OIPR and the U.S. Attorneys' Offices did not appear in 80 percent of the files. Although only a few files (14 percent) lacked documentation of opening notifications to FBI Headquarters, we found a general lack of consistency in the FBI's documentation practices and supervisory reviews. The MIOG does not specify what procedures should be followed in providing notifications to DOJ and U.S. Attorneys' Offices, or whether such notifications should be documented.

      We also identified compliance deficiencies with respect to renewals and reporting. In REIs, documentation of SAC reviews was missing in 80 percent of the case files we examined, as were renewal notifications to FBI Headquarters. Progress reports to DOJ in terrorism enterprise investigations were missing in 75 percent of the case files.

      In addition, our review identified a discrepancy between the requirements of the General Crimes Guidelines and the MIOG. One of the most significant changes to the criminal intelligence provisions of the General Crimes Guidelines in May 2002 was the devolution of approval authority from FBI Headquarters to SACs to initiate and renew criminal intelligence investigations. With respect to terrorism enterprise investigations, the Guidelines provide:

      A terrorism enterprise investigation may be authorized by the Special Agent in Charge, with notification to FBIHQ, upon a written recommendation setting forth the facts or circumstances reasonably indicating the existence of an enterprise. . . .

      Renewal authorization [for terrorism enterprise investigations] shall be obtained from the SAC with notification to FBIHQ.

      General Crimes Guidelines III.B.4.a and b (emphasis added). When the revised General Crimes Guidelines were issued, the Attorney General described the rationale for the change:

      [U]nnecessary procedural red tape must not interfere with the effective detection, investigation, and prevention of terrorist activities. To this end, the revised guidelines allow Special Agents in Charge of FBI field offices to approve and renew terrorism enterprise investigations, rather than having to seek and wait for approval from headquarters. I believe this responds to a number of concerns we have heard from our field agents. . . . These major changes will free field agents to counter potential terrorist threats swiftly and vigorously without waiting for headquarters to act.297

      The FBI, however, amended the MIOG to require not only notification to FBI Headquarters, but also concurrence by FBI Headquarters. Effective April 30, 2004, the MIOG provides:

      With regard to full-field terrorism enterprise investigations of domestic terrorism, it is hereby the policy of the CTD [Counterterrorism Division] that, consistent with the revised [Attorney General Guidelines] on General Crimes, Racketeering Enterprise and Terrorism Enterprise Investigations, a full-field terrorism enterprise investigation may be authorized by an SAC only with concurrence of the Domestic Terrorism Operations Section in CTD, FBIHQ.

      MIOG 100-2.3(3) (emphasis added). In light of the Attorney General's stated reasons for the revision of III.B.4.a and b of the General Crimes Guidelines, the current MIOG provision regarding authorization of terrorism enterprise investigations appears to be inconsistent with the requirements of those Guidelines and, in practice, may undercut the rationale underlying this Guidelines revision.

      Therefore, we recommend that the FBI take the following steps.

      (21) Institute measures to ensure consistency in meeting and documenting the notification and reporting requirements provided in III.A.5 and III.B.4 of the General Crimes Guidelines, including requiring FBI field offices to maintain in the relevant investigative file documentation of the notice of the opening of criminal intelligence investigations to DOJ's Counterterrorism, Organized Crime and Racketeering Sections, Office of Intelligence Policy and Review (OIPR), and the relevant U.S. Attorneys' Offices as required in racketeering enterprise investigations and terrorism enterprise investigations. The FBI should also ensure that progress reports required by the Guidelines in terrorism enterprise investigations are provided to OIPR, DOJ's Counterterrorism Section, and FBI Headquarters.

      (22) Discuss with DOJ how to reconcile 100-2.3(3) of the MIOG, requiring Headquarters' concurrence with the initiation and renewal of terrorism enterprise investigations, with III.B.4.a and b of the General Crimes Guidelines, which authorize field level initiation and renewal of these investigations.

  6. Part VI of the General Crimes Guidelines: Counterterrorism Activities and Other Authorizations
    1. Rationale for the New Part VI Authorities
    2. As we discussed earlier in this report, following the September 11 terrorist attacks the Attorney General ordered a comprehensive review of the Attorney General Guidelines. In remarks accompanying the announcement of the revised Guidelines, the Attorney General explained that the Investigative Guidelines "bar[red] FBI field agents from taking the initiative to detect and prevent future terrorist acts unless the FBI learns of possible criminal activity from external sources." His remarks focused on the absence of clear authority to be proactive in preventing terrorist attacks:

      Under the current guidelines, FBI investigators cannot surf the web the way you or I can. Nor can they simply walk into a public event or a public place to observe ongoing activities. They have no clear authority to use commercial data services that any business in America can use. These restrictions are a competitive advantage for terrorists who skillfully utilize sophisticated techniques and modern computer systems to compile information for targeting and attacking innocent Americans.298

      These restrictions led the Attorney General to conduct a reevaluation of the Investigative Guidelines and the Guidelines governing foreign intelligence and foreign counterintelligence investigations.299 Two of the four guiding principles for the Guidelines revisions identified by Attorney General Ashcroft focused on measures to enhance the FBI's authority to proactively investigate terrorist threats by, among other means, visiting public places, attending public events, and "surfing" the Internet. Specifically, the Attorney General stressed that "even absent specific investigative predicates," FBI agents were now "empowered to scour public sources for information on future terrorist threats." In addition, he noted that the FBI "will also be able to enter and observe public places and forums just as any member of the public might."300

      FBI Director Mueller also addressed the need for proactive authority to access public information in his July 2002 testimony before Congress:

      The changes in the Attorney General Guidelines . . . are designed to increase the ability of our field agents to gather the intelligence we need to prevent terrorist attacks. To that end, they reduce some of the bureaucratic hurdles requiring Headquarters' approval for certain steps, and in the provision that has gotten a great deal of attention, they permit FBI agents to go to public places where anyone else, except FBI agents, including state and local police and non-Justice Department law enforcement agents, were always free to go.

      Remember, though, that they may do so solely for the purpose of detecting and preventing terrorist activities, and there are strict limits on record-keeping in such instances.

      Now [sic] information obtained from such visits may be retained unless it relates to potential criminal or terrorist activity, and I must say and emphasize, as an institution we are and must be and continue to be deeply committed to the protection of individuals' constitutional and statutory rights. Nothing in the amended guidelines changes that.301

      Our review examined the steps the FBI took to implement the new and expanded authorities in Part VI of the General Crimes Guidelines, particularly as they relate to the FBI's authority to visit public places and attend public events for the purpose of detecting and preventing terrorist activities. We describe our findings on the FBI's use of these authorities and the internal controls in place to ensure that predication standards and record retention constraints are observed, and conclude with our recommendations. In Chapter Eight, we analyze and evaluate the FBI's steps for implementing these measures, along with other authorities contained in the revised Investigative Guidelines.

    3. New Authorities Added to the General Crimes Guidelines
    4. Part VI of the General Crimes Guidelines, entitled "Counterterrorism Activities and Other Authorizations," states that the FBI needs to be proactive in preventing terrorist acts against the United States by authorizing a number of activities "which can be carried out even in the absence of a checking of leads, preliminary inquiry, or full investigation." The new authorizations include activities specifically focused on terrorism (Subpart A) and other tools that are available to obtain information about both terrorism and non-terrorism-related crimes (Subpart B).

      Subpart A of Part VI authorizes the FBI to engage in two types of "counterterrorism activities": 1) utilizing information systems, which the FBI may operate or participate in, to identify and locate terrorists and alien supporters of terrorist activity; and 2) visiting public places and events on the same terms and conditions as members of the public "for the purpose of detecting or preventing terrorist activities."

      In Subpart B, the FBI is authorized to conduct topical research, use online resources, and prepare reports and assessments "for purposes of strategic planning or in support of investigative activities."302

    5. The OIG Review of the FBI's Use of Part VI Authorities
    6. As with other Investigative Guidelines, we first identified significant requirements of Part VI of the General Crimes Guidelines that could be tested. We focused on the following questions.

      • How frequently has the FBI utilized the authority to visit public places and attend public events for the purpose of detecting or preventing terrorist activities?

      • What internal controls are in place in the field or at FBI Headquarters to ensure that minimum predication standards and record retention guidance are followed?

      Neither the General Crimes Guidelines themselves nor the MIOG require that agents obtain supervisory approval of or document activities carried out pursuant to Part VI. In advance of our visits to 12 FBI field offices from May to August 2004, we sought to determine what data is collected about the FBI's utilization of Part VI authorities. We therefore asked the 12 field offices to provide us with documentation reflecting field office policies and procedures regarding the use of these authorities and their document retention policies pertaining to information derived from use of the authorities.

      In addition, we collected relevant guidance issued from FBI Headquarters, chiefly from the Office of the General Counsel, the Criminal Investigative Division, and the Counterterrorism Division; surveyed Division Counsel; reviewed a sample of communications between the OGC's newly established point of contact on constitutional and privacy issues and Division Counsel; examined relevant FBI and DOJ congressional testimony; conducted interviews of Headquarters officials and relevant field personnel during our visits to 12 FBI field offices; and, in March 2005, conducted interviews of the 12 SACs of those field offices.

    7. Compliance Findings
      1. The FBI's Use of Part VI Authorities Since May 30, 2002, and the FBI's Implementing Guidance
      2. Our effort to collect data from investigative files comparable to those we reviewed in connection with the Confidential Informant Guidelines, the Undercover Guidelines, the Consensual Monitoring Guidelines, and the General Crimes Guidelines was unsuccessful. Apart from the various guidance memoranda issued by FBI Headquarters that we discuss below, none of the 12 field offices we visited provided information in response to our request for documentation reflecting established procedures governing visits to public places and events. We found no forms generated by FBI Headquarters or any of the 12 field offices we visited for recording the fact of a visit to a public place or attendance at a public event pursuant to this new authority. The FBI may not retain information derived from such activities "unless it relates to potential criminal or terrorist activity."303 If the information does not relate to criminal or terrorist activities, the only information that can be retained is documentation of the fact of the visit, which, according to OGC guidance, should be maintained in a non-investigative or "zero" file.

        However, FBI policy on the maintenance and review of zero files is different from the highly regimented rules pertaining to investigative files. Zero files are created for each FBI classification number to enable the FBI to maintain information relating to that classification that does not, at the time, meet the requirements for initiating an investigation or that does not relate to an ongoing investigation.304 However, zero files must be reviewed by a supervisor at 120-day intervals, rather than every 90 days in the case of investigative files, or more frequently if deemed appropriate by the SAC.305 We were told that program coordinators are also supposed to review zero files. In addition, during the Inspection process every three years, the Inspection Division reviews zero files to ensure they do not contain work of a higher priority than other matters being addressed by the field office.

        The number of times that the FBI has used the Part VI authorities is difficult to determine. The Department of Justice advised the House Judiciary Committee in May 2003, that the FBI does not maintain centralized statistics on how many times agents attend public meetings.306 The Department further stated that fewer than 10 of the 45 field offices the FBI had informally surveyed reported that they had conducted investigative activities at mosques since September 11, 2001, and only one of the investigative activities was conducted pursuant to Part VI authorities of the General Crimes Guidelines.307

        We asked the FBI Director whether he knew how frequently these authorities are utilized. He reiterated that the FBI does not require agents to obtain supervisory approval or send a form to Headquarters, and therefore it is difficult to determine to what extent these authorities have been used.

        In addition, before our visits to 12 FBI field offices, we surveyed the FBI's Division Counsel on a variety of topics related to the Investigative Guidelines, including the subjects about which they have been consulted on Part VI authorities.308 Our survey showed that 65 percent of surveyed Division Counsel had been consulted regarding the authority to visit or attend public events. Of these inquiries, 96 percent said they were consulted about whether it is permissible to conduct surveillance of or attend such events and 86 percent also stated that they had been consulted about record retention issues.

        Our survey also revealed a need for more guidance on the appropriate use of the new authorities. For example, when we asked whether Division Counsel encountered ambiguities or interpretive questions about the General Crimes Guidelines, 23 percent of surveyed Division Counsel responded "yes." Of that number, 83 percent stated that the authority to visit public places or attend public events generated questions, while 72 percent stated that the permissibility of disseminating the information to law enforcement agencies and others generated questions.

        The responses of Division Counsel to our survey questions regarding Part VI authorities are presented below.

        TABLE 5.3

        Division Counsel's Views on Consultation
        Regarding Part VI Authorities of the General Crimes Guidelines

        Question Response
        17. Since May 30, 2002, have you been consulted regarding the authority to visit or attend any events for the purpose of detecting or preventing terrorist activities in the absence of leads, a preliminary inquiry, or a full investigation?
        [AGG Section VI.A.2.]
        Yes 51 65%
        No 28 35%
        a. Were you consulted as to whether it was permissible to conduct surveillance of, or attend, public events?
        Yes 50 96%
        No 1 2%
        b. Have you been consulted regarding the propriety of retaining information derived from surveillance or, or attendance at, public events?
        Yes 44 86%
        No 7 14%
        b-1. Describe the subject matter of the consultation you had regarding the propriety of retaining information derived from the surveillance of or attendance at public events. (Check all that apply.)
        Retaining the information 43 98%
        Placing the information in a file 40 91%
        Indexing the information 32 73%
        Uploading the information into ACS 26 59%
        19. An EC dated 03/27/03 from FBIHQ OGC notified all field offices of the designation of one attorney at FBIHQ OGC as the point of contact to coordinate OGC guidance and assistance on investigative, operational and policy matters that may have an impact on, or be perceived as having an impact on, individual rights and liberties (e.g., First Amendment or privacy issues).
        a. What is your role in advising the Special Agents and supervisors in your field office on individual rights and liberties? (Check all that apply.)
         
        I have provided advice regarding visits to any place and the attendance at any event open to the public for the purpose of detecting or preventing terrorist activities. 71 90%
        I have provided advice on issues involving the intrusiveness of various investigative techniques. 67 85%
        I have provided advice regarding online search activity and accessing online sites and forums. 51 65%
        I have provided advice regarding general topical research. 48 61%
        I have provided advice regarding the operation and participation in identification, tracking, and information systems regarding terrorist activities. 34 43%
        I have provided advice regarding the preparation of general reports and assessments concerning terrorism and other criminal activities for purposes of strategic planning. 25 32%
        Other 6 8%
         
        b. In light of hte 03/27/03 EC from FBIHQ OGC, how would you characterize the adequacy of available guidance on privacy and other civil liberties issues that arise in your field office as they relate to the revised Guidelines?
         
        Fully satisfactory 29 37%
        Somewhat satisfactory 27 34%
        Have not encountered 9 11%
        Neither satisfactory nor unsatisfactory 7 9%
        Somewhat unsatisfactory 4 5%
        Not satisfactory 3 4%
         
        c. Have you consulted the FBIHQ OGC attorney designated in the 03/27/03 EC on privary and civil liberties issues?
         
        Yes 40 51%
        No 39 49%
        28. Have you encountered any ambiguities or interpretative questions involving the Attorney General's Guidelines on General Crimes, Racketeering Enterprise and Terrorism Enterprise Investigations?
        Yes 18 23%
        No 61 77%
        a. With respect to ambiguities or interpretative issues arising under the Attorney General's Guidelines on General Crime, Racketeering Enterprise and Terrorism Enterprise Investigations, what aspect of the revised Guidelines generated the question? (Check all that apply.)
        Visits to any place and attendance at any event open to the public to detect or prevent terrorist activities and retention of information obtained
        (AGG Section VI.A.2.)
        15 83%
        Permissibility of disseminating information to law enforcement agencies and others
        (AGG Section V.)
        13 72%
        Circumstances related to public demonstrations under which a terrorism enterprise investigation may be initiated
        (AGG Section III.B.1.c.)
        8 44%
        Performing general topical research
        (AGG Section VI.B.1.)
        5 28%
        Conducting online search activity and access to online sites and forums
        (AGG Section VI.B.2.)
        5 28%
        Other 2 11%
        The choice of investigative techniques in preliminary inquiries
        (AGG Section II.B.4.)
        1 6%

        The Division Counsel survey indicates that 21 months after the effective date of the revised Guidelines, field personnel continued to struggle with questions about the use of these authorities. Only 37 percent of the survey respondents stated that they found fully satisfactory the guidance regarding privacy and other civil liberties issues that arose in their field offices in connection with use of the new Guidelines.

      3. Internal Controls Regarding Predication for the Exercise of Part VI.A.2 Authorities
      4. Under the General Crimes Guidelines, the FBI must have particularized information to justify the checking of leads or initiating a preliminary inquiry or a full investigation. By contrast, the Part VI.A.2 authorities permit the FBI to visit public places or attend public events "on the same terms and conditions as members of the public" and only "for the purpose of detecting and preventing terrorist activities." General Crimes Guidelines VI.A.2.

        The FBI relied upon OGC and its Headquarters operating divisions to develop guidance on the Investigative Guidelines. We therefore reviewed the guidance memoranda sent to the field from FBI Headquarters. The following memoranda, which we describe in more detail below, address the predication required for using these authorities.

        • October 7, 2002, guidance summarizing the revised General Crimes Guidelines (OGC - "Guidance to the Field: New Attorney General Guidelines on General Crimes, Racketeering Enterprise and Terrorism Enterprise Investigations").

        • March 27, 2003, guidance establishing a Headquarters Point of Contact (OGC - "Point of Contact for Guidance on Constitutional Rights and Privacy Issues Arising in FBI Investigations/Operations").

        • March 19, 2004, guidance emphasizing FBI policy regarding the protection of civil liberties in connection with use of authorities under both the Investigative Guidelines and the NSI Guidelines (OGC - "Protection of Civil Liberties").

        • April 26, 2004, guidance clarifying the standards for collecting, retaining, and disseminating information in connection with the FBI's "Special Events" responsibilities (CTD - "Guidance to Atlanta, Boston and New York Divisions Concerning Information Collection, Maintenance, and Dissemination for G-8, DNC and RNC Special Events, 2004").

        • September 1, 2004, guidance emphasizing the limitations on the Part VI authorities and specifying how to collect, maintain, and disseminate the information collected in connection with protest activity (CTD - "Law Enforcement Monitoring of Protest Groups for Indications of Criminal or Terrorist Activity").

        While discussing recurring questions about predication, the guidance memoranda encourage, but do not require, supervisory approval for FBI agents to attend a public event. For example, the October 7, 2002, OGC memorandum states:

        If time permits, an agent should obtain his or her supervisor's approval before visiting a public place or attending a public event to detect or prevent terrorist activity. This policy will help to ensure that the attendance is for a law enforcement purpose authorized by this section, and reflects the appropriate balance between law enforcement and First Amendment concerns. In assessing the use of this law enforcement technique, a supervisor may want to consider, for example, factors such as the potential to detect or prevent terrorist activity, and the potential chilling effect on First Amendment protected activity. Good judgment and discretion are essential to ensure that this investigative technique is in fact effective while at the same time protecting constitutional rights.

        In the March 27, 2003, guidance memorandum, the OGC designated an Assistant General Counsel as the point of contact at Headquarters to "coordinate guidance and assistance to FBI Headquarters and Field Offices on investigative, operational and policy matters that may have an impact on, or be perceived as having an impact on, constitutional and privacy rights and interests."309 Among the topics about which field agents were encouraged to consult the point of contact was "attendance at meetings and public gatherings of religious, political or other groups/organizations."310

        The Counterterrorism Division's September 1, 2004, guidance addressed the use of Part VI authorities in the context of attending and surveilling protest events. With respect to predication, it stated:

        Attendance and Surveillance at Public Events. - Agents may not conduct surveillance of individuals or groups solely for the purpose of monitoring the exercise of rights protected by the First Amendment. . . . The second broad investigative basis for attendance and surveillance is found under Part VI of the General Crimes Guidelines. Under this section, agents may attend a public event or visit a public place on the same terms as the general public. Under this authority, however, such attendance may be undertaken for the purpose of detecting or preventing terrorism, or assessing a threat to national security. Further, although the revised Guidelines permit such attendance even if neither a preliminary inquiry nor a full investigation is open, agents are reminded that this authority is limited to matters observable and obtainable in a public forum. Undercover activity, surreptitious entry into a private gathering at these events, and certain other investigative techniques (e.g., consensual recording of conversations) are not permitted under this authority. (Emphasis in original).

        We also examined a sampling of the communications between OGC's point of contact and the field divisions. We noted that OGC has urged caution with respect to use of Part VI authorities and suggested that the FBI is on firmer footing if it obtains "individualized justification" prior to visiting pubic places. The OGC guidance also reiterated the Privacy Act prohibitions against including names in the FBI's records systems based solely on the exercise of First Amendment rights.

        In a response to Congress, the Department also articulated the considerations the FBI weighed in evaluating whether to require supervisory approval prior to permitting agents to visit public places or attend public events pursuant to Part VI.A.2:

        Question. The GAO Report reflects that "FBI headquarter [sic] officials are currently considering whether to require mandatory supervisory approval prior to allowing an agent to enter a public place or attend a public meeting." Have you made any final decisions on this matter? What is the possible downside of requiring supervisory approval of this easily abused investigative technique?

        Response: In implementing this provision of the Guidelines, existing FBI policy states that, unless time does not permit seeking such approval, an agent should obtain his or her supervisor's approval before visiting a public place or attending a public event to detect or prevent terrorist activity. No final decisions have been made as to whether such prior approval should be mandatory. In considering whether such a requirement would be appropriate, the FBI does not want to discourage the effective use of this provision in the primary mission of detecting and preventing terrorism. The Guidelines are intended to "enable Agents of the FBI to perform their duties with greater certainty, confidence and effectiveness," while providing the American people with "a firm assurance that the FBI is acting properly under the law." (Guidelines, Preamble.) Any policies or procedures that are adopted must conform to this intent.311

        In our April 2005 interview of Director Mueller, he emphasized that he balanced the need to encourage use of the proactive Part VI authorities with the desire to be able to measure and evaluate their use. He said he had expected the Virtual Case File System would have been implemented and would have had features that facilitated notification to FBI Headquarters of the use of Part VI authorities. The Director stated that had that capability been available, he was prepared to require the "relatively modest imposition" on field agents of sending notice to Headquarters. However, in light of the problems in implementing the Virtual Case File, the Director said he would have to revisit the question whether to require supervisory approval and some form of documentation beyond the entries in zero files.

        Finally, it is important to remember that the FBI has multiple sources of authority to enter public places pursuant to the Investigative Guidelines, the NSI Guidelines, and other authorities.

      5. Internal Controls for Record Retention Relating to the Exercise of Part VI.A.2 Authorities
      6. Part VI contains strict limitations on the FBI's authority to retain information derived from its visits to public places and events, stating, "No information obtained from such visits shall be retained unless it relates to potential criminal or terrorist activity." General Crimes Guidelines VI.A.2. In addition to the OGC memorandum dated October 7, 2002, noted above, we identified several guidance memoranda distributed by the FBI that restate the prohibition against improperly retaining information derived from these authorities.

        However, due to the manner in which FBI field offices record and maintain information regarding the exercise of Part VI.A.2 authorities and the absence of centrally retrievable data, we were unable to determine whether the FBI is retaining information derived from these activities in conformity with the General Crimes Guidelines and implementing guidance.

        OGC guidance has noted the distinction between what the FBI may retain in full investigations and what it may retain from the exercise of Part VI authorities. On March 19, 2004, OGC guidance entitled "Protection of Civil Liberties" stated that information derived from the surveillance of subjects in the course of an open investigation "should be collected, maintained in FBI records, and disseminated in compliance with the Privacy Act and departmental policy."312 On the other hand, personal identifying information may only be retained from the surveillance of persons under Part VI authorities if the information is "relevant to an existing investigation or preliminary inquiry; by itself or in combination with other known information, justifies a new inquiry or investigation; or relates to another law enforcement activity the FBI is authorized by law or regulation to conduct."313

        Similarly, in responding to congressional concerns about record retention issues related to Part VI authorities, Director Mueller stated that "if information obtained during the visit rises to the level of a lead, such information should be properly documented, including a statement describing how the information is related to potential criminal or terrorist activity, and then filed accordingly."314

        The following diagram provides FBI Division Counsel's views regarding Part VI consultations and the clarity of guidance issued by FBI Headquarters concerning retention of information derived from use of Part VI.A.2 authorities during the period May 2002 to February 2004.315 Our survey indicated that 65 percent of Division Counsel were consulted about the FBI's authority to visit or attend public events under Part VI authority. Of that number, 96 percent said they were consulted about the permissibility of surveilling or attending public events, 86 percent said they were consulted about the propriety of retaining information derived from these visits, and 63 percent stated that they did not believe FBI guidance on information retention was clear when the revised Guidelines were issued.

        DIAGRAM 5.1

        Division Counsel's Views on Consultation Regarding
        Part VI.A.2 Authorities of the General Crimes
        Guidelines and Clarity of Related FBI Guidance

        For text only version, click on diagram.

    8. OIG Analysis and Recommendations
    9. The FBI has provided significant guidance to the field about the highly sensitive Part VI authorities. The FBI does not require advance supervisory approval or documentation of the use of the authority to visit public places or attend public events, and agents do not open a discrete investigative or administrative file in the absence of a preliminary or full investigation. Some SACs we interviewed in the 12 field offices said they require approval by or notification of a first line supervisor of an agent's use of the authority to visit public places or attend public events. However, because of the limited amount of information we were able to obtain from FBI Headquarters or field offices about their utilization of the Part VI authorities, it is unclear, even with respect to the 12 field offices we visited, how often these authorities have been used or whether the FBI is using these authorities in conformity with the Guidelines. That said, we did not find indications that these authorities are used extensively. Field agents, their supervisors, and Headquarters personnel repeatedly told us that given the many leads, inquiries, and active investigations that they must pursue, visiting public places and events absent an indication of unlawful conduct or threat potential is not a priority.

      As discussed above and in Chapter Eight, over the last three years since the revised Guidelines were issued, the Office of the General Counsel and the Counterterrorism Division have generated guidance addressing the distinctions between record retention in preliminary inquiries or full investigations, on the one hand, and the stricter limitations imposed on retaining information collected in the course of monitoring protest activities or in connection with the FBI's "special event" responsibilities, on the other.

      In our interviews of FBI Headquarters managers, our surveys of Chief Division Counsel, and our field interviews, FBI employees expressed recognition of the FBI's obligation to protect civil liberties. The FBI personnel we questioned about the Part VI authorities - from new agents through the Director - exhibited awareness of the FBI's past lapses in the area of domestic political investigations and surveillance of protesters. Specifically with respect to the authority to visit public places and attend public events, field and Headquarters personnel we interviewed said they are acutely sensitive to the need to exercise these authorities carefully and responsibly.

      What is missing, however, in the FBI's implementation of the Part VI authorities is the capability to retrieve and analyze information about when and how these authorities are used; whether information derived from visiting public places and attending public events is being inappropriately retained, indexed, or disseminated; and, for at least the first two years since the Guidelines were in effect, clear, easily accessible guidance on these authorities. Nearly two-thirds of Division Counsel who responded to our survey said they believed the guidance was unclear when the Guidelines were issued, and more than half believed the guidance was still unclear 21 months later when they responded to our survey. In our view, in light of the minimal predication standards and the potential for abuse, the FBI should reconsider whether advance supervisory approval and easily retrievable documentation should be required when Part VI authority is used.

      In evaluating the sufficiency of the Guidelines' provisions and related FBI guidance on Part VI.A authorities, we compared the internal controls for predication in the FBI's use of Part VI authorities with the FBI's parallel authorities under the NSI Guidelines. Effective October 31, 2003, the NSI Guidelines introduced a new investigative activity called "threat assessments." The NSI guidelines permit the FBI to visit public places and attend public events for the:

      proactive collection of information concerning threats to the national security, including information on individuals, groups, and organizations of possible investigative interest, and information on possible targets of international terrorist activities or other national security threats. . . . This is comparable to the authorization under Part VI of the Attorney General's Guidelines on General Crimes, Racketeering Enterprise and Terrorism Enterprise Investigations to engage in information collection for counterterrorism or other law enforcement purposes without any more specific investigative predication . . . .

      NSI Guidelines, Introduction, A.1.316 While the FBI's specific requirements for approval of threat assessments and documentation of information derived from the exercise of this authority are classified, we believe that the FBI should require at least equivalent measures for supervisory approval and documentation as are required for threat assessments under the NSI Guidelines.

      Particularly with respect to our analysis of the Part VI authorities and throughout this review, we have been mindful of the leading priority of the FBI: to "develop intelligence about terrorist activity and use that intelligence to disrupt their plans."317 We agree with the sentiments expressed by Director Mueller that a careful balance must be struck between the objectives of encouraging proactive use of the Part VI authorities and having the assurance that at least a field supervisor has approved their use. However, we believe that the FBI should reevaluate - now and in conjunction with its ongoing plans for technology improvements and contemplated revisions of the Attorney General Guidelines - its guidance with respect to the authority to visit public places and attend public events, and for retaining, indexing and disseminating information derived from those activities.

      First, the FBI's other authorities in the NSI, and investigative portion of the General Crimes Guidelines to visit public places such as religious sites are subject to layers of supervisory approval and documentation requirements. For example, a preliminary inquiry or full investigation of a religious site or its leadership under the NSI Guidelines' counterterrorism classification requires SAC approval with notice to FBI Headquarters and the DOJ. Comparable investigative activity under the General Crimes Guidelines is a "sensitive criminal matter" requiring approval by the SAC with notice to FBI Headquarters and either the U.S. Attorney's Office or the DOJ. These approvals would have to be obtained before an agent entered the religious site. A covert entry of a religious site by an undercover agent would also be classified as a sensitive circumstance under both the NSI Guidelines and the General Crimes Guidelines, requiring in either case FBI Headquarters approval. Likewise, before a source operating at the express direction of the FBI could enter a religious site, and before the FBI could open a source who is already a member of a religious organization, the SAC would have to approve the activity, as it would be classified a "sensitive circumstance" under both the Confidential Informant Guidelines and the NSI Guidelines.

      We appreciate that the new authorities to visit public places and attend public events for the purpose of detecting or preventing terrorist activities are designed to be used proactively and should not be encumbered with layers of supervisory approval. We therefore are not recommending that supervisory approval and notification for Part VI authorities be the same as that required for preliminary and full investigations. In the absence of exigent circumstances, however, we believe a field supervisor's judgment should be brought to bear on the exercise of these new authorities. In addition, we believe the FBI's use of these authorities should be documented in an easily retrievable fashion.

      Second, the FBI has already acknowledged in guidance distributed by OGC and in its response to congressional inquiries that when time permits agents should obtain supervisory approval before exercising Part VI.A.2 authorities and that documentation should be maintained in some retrievable fashion. The FBI recognizes the value of this and encourages its agents to do so. However, we believe a uniform requirement to obtain such approval, absent exigent circumstances, should be implemented.

      Third, we believe that the FBI's practice of retaining information derived from visiting public places or events in zero files does not provide the FBI with centrally retrievable information about the use of these authorities and does not facilitate compliance with the Guidelines' constraints on record retention and dissemination. A simple, standardized form or an e-mail template could be used to capture when and why these authorities are used. Such a record would serve several purposes: 1) it would enable field supervisors to conduct meaningful "file reviews" every 120 days, even in the absence of an investigative "file"; 2) it would assist the Inspection Division in performing the audit we recommend in Chapter Seven; and 3) it would also allow checks on whether the authorities are used appropriately. Since OGC has already issued guidance recommending that agents should document their attendance at public events pursuant to Part VI authorities, we believe the incremental burden of requiring standardized and easily retrievable documentation is reasonable and not significantly burdensome.

      Fourth, the added burden on case agents is not likely to be substantial. We were told in many field offices we visited that agents do not have time to visit public places or attend public events other than in connection with checking a lead, a preliminary investigation, or a full investigation. Consequently, requiring supervisory approval and easily retrievable documentation when these authorities are used should not be onerous.

      Fifth, the FBI's information architecture is under a period of fundamental transformation.318 The FBI has the opportunity now to build into its technology systems the ability to identify the source of all information it collects, stores, and disseminates. Incorporating documentation requirements for the Part VI authorities should be considered now, as the FBI upgrades its information technology systems. Whether the information is collected as evidence for a criminal trial or as part of the FBI's intelligence base, the FBI needs to be able to identify the source of information it collects and retains and be certain that field agents follow appropriate guidance with respect to the intended uses of the information.

      We therefore recommend that the FBI take the following steps.

      (23) Require field level supervisory approval prior to the exercise of Part VI.A.2 authorities to visit public places or attend public events for the purpose of detecting or preventing terrorist activities, absent exigent circumstances.

      (24) Develop a standardized form or a short e-mail template to be completed by case agents to document their use of the Part VI.A.2 authorities.

      (25) In light of the survey responses of Division Counsel, consider whether (a) field office practices since May 30, 2002, regarding predication, collection, record retention, indexing, and dissemination of Part VI.A information, and the practices regarding utilization of "zero files" or other files to capture Part VI.A information, are in conformity with the Guidelines and FBI guidance; (b) there is a need for further guidance on predication, collection, record retention, indexing, dissemination, or other issues; and (c) FBI Headquarters managers should have access to data reflecting use of Part VI.A.2 authorities in order to be satisfied that these authorities are used in conformity with the Guidelines.



Footnotes

  1. We provide a copy of the General Crimes Guidelines in Appendix B.

  2. A "sensitive criminal matter" is "any alleged criminal conduct involving corrupt action by a public official or political candidate, the activities of a foreign government, the activities of a religious organization or a primarily political organization or the related activities of any individual prominent in such an organization, or the activities of the news media; and any other matter which in the judgment of a Special Agent in Charge (SAC) should be brought to the attention of the U.S. Attorney or other appropriate official in the Department of Justice, as well as FBI Headquarters." GCI Guidelines II.A.2 at B-70.

  3. A mail cover is the recording of any data appearing on the outside cover of any class of mail. Manual of Investigative Operations and Guidelines (MIOG) II § 10-6.2.

  4. We requested a list of preliminary inquiries that were open on or opened after May 30, 2002.

  5. See "Final Report of the Select Committee to Study Governmental Operations with Respect to Intelligence Activities" (hereafter "Church Committee"), Book III, Supplementary Detailed Staff Reports on Intelligence Activities and the Rights of Americans, at 527.

  6. Domestic terrorism cases are divided between general crimes (acts of terrorism) and criminal intelligence (enterprises) investigations, which are discussed in the following section.

  7. In these five instances, the notifications were evident from other documentation contained in the investigative file.

  8. The Guidelines provide that "[i]n every sensitive criminal matter, the FBI shall notify the appropriate federal prosecutor of the termination of an investigation within 30 days of such termination." GCI Guidelines § II.C.4 at B-73.

  9. GCI Guidelines § II.C.3 at B-72.

  10. However, in one instance DOJ was not notified of the case closing until 40 days after closure - 10 days beyond the required time limit.

  11. The "Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act of 2001" (USA PATRIOT ACT) incorporates a new definition of "domestic terrorism," in order to correspond to the existing definition of "international terrorism." Domestic terrorism is defined to mean activities occurring primarily within the territorial jurisdiction of the United States involving acts dangerous to human life that are a violation of the criminal laws of the United States or any state and appear to be intended to intimidate or coerce a civilian population, influence the policy of a government by intimidation or coercion, or affect the conduct of a government by mass destruction, assassination, or kidnapping. 18 U.S.C. 2331(5).

    International terrorism involves violent acts or acts dangerous to human life that are a violation of mass destruction, assassination, or kidnapping, and occur primarily outside the territorial jurisdiction of the United States or transcend national boundaries in terms of the means by which they are accomplished, the persons they appear intended to intimidate or coerce, or the locale in which their perpetrators operate or seek asylum. 18 mass destruction, assassination, or kidnapping, and occur primarily outside the territorial jurisdiction of the United States or transcend national boundaries in terms of the means by which they are accomplished, the persons they appear intended to intimidate or coerce, or the locale in which their perpetrators operate or seek asylum. 18 U.S.C. 2331(1).

  12. See FBI Publication #0308, Terrorism 2000/2001, at iii.

  13. To formalize the merger of intelligence and criminal operations, the FBI abandoned separate case classifications for criminal international terrorism investigations and intelligence international terrorism investigations, consolidating them into a single classification for international terrorism. This reclassification officially classifies an international terrorism investigation as one that can employ intelligence tools as well as criminal processes and procedures.

  14. As noted in the Introduction to this report, the Attorney General issued the revised NSI Guidelines on October 31, 2003.

  15. The MIOG, however, provides that a full investigation of domestic terrorism may be authorized by a SAC only with concurrence of FBI Headquarters. MIOG 100-2.3(3). This inconsistency between the Guidelines and the MIOG is discussed in Chapter Eight.

  16. The Terrorism and Violent Crime Section of the DOJ was renamed the Counterterrorism Section.

  17. MOIG § 92-6(2) (imposing 14-day notification requirement). The General Crimes Guidelines require notification to FBI Headquarters but do not specify a deadline. See GCI Guidelines § III.A.5.a at B-76.

  18. Prepated Remarks of Attorney General Ashcroft Regarding the Attorney General Guidelines (May 30, 2002).

  19. Prepared Remarks of Attorney General Ashcroft Regarding the Attorney General Guidelines (May 30, 2002).

    A staff statement issued by the National Commission on Terrorist Attacks Upon the United States also stated that the pre-September 11 Guidelines were understood by some in the FBI as restricting their ability to access public places and public resources:

    The guidelines limited the investigative methods and techniques available to agents conducting preliminary investigations of potential terrorist activities or connections. They prohibited the use of publicly available source information, such as that found on the Internet, unless specified criteria were present.

    These restrictions may have had the unintended consequence of causing agents to even avoid legitimate investigative activity that might conceivably be viewed as infringing on religious liberties or lawful political protest.

    Agents we interviewed believed these limitations were too restrictive and adversely affected their intelligence investigations.

    National Commission on Terrorist Attacks Upon the United States, Staff Statement No. 9: Law Enforcement, Counterterrorism, and Intelligence Collection in the United States Prior to 9/11, at 8 (April 13, 2004).

  20. The FCI Guidelines governing foreign intelligence and foreign intelligence investigations were revised effective October 31, 2003, and were renamed the Attorney General's Guidelines for FBI National Security Investigations and Foreign Intelligence Collection.

  21. Prepared Remarks of Attorney General Ashcroft Regarding the Attorney General Guidelines (May 30, 2002). See also Statement of The Honorable John Ashcroft Attorney General United States Department of Justice before the Senate Judiciary Committee, July 25, 2002, available at: http://www.usdoj.gov/ag/testimony/2002/072502agtestimony.htm.

  22. Oversight Hearing on Counterterrorism: Hearing Before the Senate Committee on the Judiciary, 107th Cong. 11 (2002) (Statement of Robert S. Mueller, III, Director, Federal Bureau of Investigation).

  23. An OGC guidance memorandum dated October 7, 2002, suggests that the FBI may have had certain of these authorities prior to the May 2002 revisions. For example, the guidance states that the Part VI authorities "enhance the FBI's ability to visit public places and attend public events . . ."; "expand" its ability to gather investigative information from the Internet; and that the provision addressing the FBI's ability to conduct general topical research "serves to clarify pre-existing policy" (emphasis added).

  24. GCI Guidelines § VI.A.2. See also FBI Office of the General Counsel, Guidance to the Field: New Attorney General Guidelines on General Crimes, Racketeering Enterprise and Terrorism Enterprise Investigations, at 5 (October 7, 2002).

  25. See MAOP 2-4.1(2). For example, if the FBI were to receive information on a possible criminal civil rights violation (classification 44), but the required threshold to open an investigation were not present, the information would be placed in a 44-0 file and indexed for future retrieval. All information related to possible civil rights violations in that field office would be entered in this file, the hard copy of which contains cumulative information, filed chronologically, on all possible civil rights violations. In conducting a file review of the 44-0 file, it is more difficult for supervisors to evaluate at one time the related bits of information scattered in many separate files than when reviewing a discrete investigative file.

  26. See MAOP § 1-1.4(2).

  27. Letter from Jamie E. Brown, Acting Assistant Attorney General, Office of Legislative Affairs, Department of Justice, to F. James Sensenbrenner, Jr., Chairman, House Committee on the Judiciary (May 13, 2003) (Responses to Committee's Questions on U.S. PATRIOT ACT Implementation and Related Matters) (hereafter May 13, 2003 DOJ Written Responses to House Judiciary Committee Questions).

  28. The Department of Justice stated that the remaining visits were conducted pursuant either to preliminary inquiries or full investigations. May 13, 2003, Department of Justice Written Responses to House Judiciary Committee Questions.

  29. The role of Division Counsel in the FBI's 56 field offices is discussed in Chapter Three.

  30. Office of the General Counsel, Point of Contact for Guidance on Constitutional Rights and Privacy Issues Arising in FBI Investigations/Operations (March 27, 2003).

  31. Id. at 3.

  32. Letter from William E. Moschella, Assistant Attorney General, Department of Justice, to Orrin G. Hatch, Chairman, Senate Committee on the Judiciary (March 4, 2004) (Responses to Questions Posed to Robert S. Mueller, III, Director of the FBI, Before the Committee on July 23, 2003) (hereafter March 4, 2004, FBI Director Mueller's Responses to House Judiciary Committee Questions). The General Accountability Office report referenced in the question is FBI Reorganization: Progress Made in Efforts to Transform but Major Challenges Continue (hereafter "GAO Report on FBI Reorganization"), June 18, 2003, GAO-03-759T, at 29, available at: http://www.gao.gov/new.items/d03759t.pdf.

  33. This guidance stated that information retained from such surveillance should be maintained in an appropriate control file but may not contain "identifying information about individuals or groups in attendance, absent a valid law enforcement basis." An OGC official told the OIG that the guidance memorandum shoudl have referred to a "zero file" rather than a "control file." Control files are different from "zero files" in that information contained in control files is captured in the FBI's Automated Case Support (ACS) system, and leads may be assigned from control files. See MAOP § 2-4.1.5.

  34. The distinction between what the FBI is permitted to retain in the course of routine investigative activities and what it is permitted to retain when utilizing the Part VI authorities was reiterated in the Counterterrorism Division's September 1, 2004, guidance, Law Enforcement Monitoring of Protest Groups for Indications of Criminal or Terrorist Activity. Similar guidance was issued by the Counterterrorism Division on April 26, 2004, Guidance to Atlanta, Boston and New York Division Concerning Information Collection, Maintenance, and Dissemination for G-8, DNC and RNC Special Events, 2004. This guidance stated that information "which does not rise to the level of predication for a preliminary inquiry or full investigation" should be placed in a special control file, as distinguished from an investigative file, created specifically for information relating to the special event. At the end of the special events, agents were instructed to close the administrative file for the event but could distribute information collected in it "to the extent that it is pertinent to that office's special event responsibilities."

  35. March 4, 2004, Responses to House Judiciary Committee Questions.

  36. As noted above, FBI Headquarters issued additional guidance since this survey was conducted which addresses some recruiting issues arising in the exercise of Part VI authorities.

  37. The unclassified portions of the NSI Guidelines are available at: http://www.usdoj.gov/olp/nsguidelines.pdf.

  38. Testimony of Robert S. Mueller, III, Director, Federal Bureau of Investigation, Before the Senate Judiciary Committee, May 20, 2004, available at: http://www.fbi.gov/congress/congress04/mueller052004.htm.

  39. See Office of the Inspector General of the Department of Justice, Audit Report No. 05=07, The Federal Bureau of Investigation's Management of the Trilogy Information Technology Modernization Project, Feb. 2005, available at: http://www.usdoj/gov/oig/audit/FBI/0507/final.pdf.



Previous Page Back to Table of Contents Next Page