According to Wired's Threat Level, Congress should annually be compiling reports of the number of times the U.S. Department of Justice (DOJ) allows authorities to sneakily tap into the phone line or Internet of an individual or organization. For at least four years, Congress was lax on this duty and DOJ was not ponying up the information either.
Wired reports that a Freedom of Information Act revealed that from 2004 through 2008 information about when the Federal Bureau of Investigation, the Drug Enforcement Agency, the Marshals Service and the Bureau of Alcohol, Tobacco and Firearms used a pen register or trap-and-trace was not recorded as it should have been. The reports have since been published with Wired pointing out that during that time this type of surveillance, which does not require a warrant, nearly doubled -- 10,885 in 2004 to 21,152 in 2008.
Wired has more on the FOIA and thoughts on the reporting, or lack thereof:
Pen registers obtain non-content information of outbound telephone and internet communications, such as phone numbers dialed, and the sender and recipient (and sometimes subject line) of an e-mail message. A trap-and-trace acquires the same information, but for inbound communications to a target.
Internet security researcher Christopher Soghoian recently obtained e-mails via a two-year FOIA process confirm for the first time that Congress was left out of the loop for at least the years 2004 to 2008. Using FOIA, he and others have crowbarred from the Justice Department the reports from 1999 to 2009.
“This is an important surveillance tool,” Soghoian said in a telephone interview. “In addition to showing that DOJ is lazy and not obeying the law, the most notable thing here is that Congress was asleep at the wheel.”
The handful of government e-mails (.pdf) Soghoian obtained confirm for the first time that Congress was left out of the loop for at least the years 2004 to 2008. A law review article suggests the same for years 1999 through 2003.
In the email exchange that was obtained from the FOIA, it was revealed when a congressional staffer asked for the "last few reports" that they were never actually filed.
But Wired and Soghoian seem to think it wouldn't have made any difference if the reports been filed as they should have been, citing what it considers the "woefully outdated" Electronic Privacy Protection Act as being adequate in the newer digital to protect citizens' rights. Wired also cites Congress' easy and willing extension of the Patriot Act.