An official report from the government has determined that the Department of Justice (DOJ) during the Trump administration did not secure the necessary approvals prior to requesting customer call and message data from Apple and other companies.
Moreover, the DOJ neglected to obtain authorization from the Attorney General before enforcing a gag order on Apple, which barred the company from revealing that it had been compelled to surrender personal data.
Background
In 2017, several news outlets published reports based on leaked information regarding Trump associates and their communications with Russian officials during the 2016 presidential election campaign. Some of this information was classified, leading to a DOJ investigation.
During this investigation, the DOJ employed various compulsory methods—including subpoenas, search warrants, and court orders—to gather call and message records from journalists, congressional staffers, and two members of Congress. Apple was among the primary companies compelled to turn over this data, while also being ordered not to disclose that this data was provided. In several instances, this gag order was extended multiple times, lasting up to four years in total.
Considering the potential conflicts between such inquiries and press freedom, established policies and protocols require high-level authorizations before obtaining data and issuing gag orders.
Report by the Office of the Inspector General
The Office of the Inspector General (OIG) conducted its own oversight investigation to determine if the appropriate procedures were followed and found that the DOJ did not secure the necessary authorizations before requesting the data or before implementing gag orders (Non-Disclosure Orders) on Apple and Google.
We discovered that the Department failed to convene the News Media Review Committee to evaluate the mandatory process authorization requests; it did not acquire the required Director of National Intelligence (DNI) certification in one instance, and we could not verify whether the DNI certification obtained in another instance was presented to the Attorney General before he approved the request; furthermore, the Department did not receive the Attorney General’s explicit authorization for the NDOs related to the compulsory process utilized in these investigations.
The OIG has expressed concern regarding these oversights, stressing the importance of preventing such lapses in the future.
Engadget reports that Apple did take action during that period, adopting a new policy to limit the provision of data to 25 “identifiers” (such as phone numbers and email addresses) per request. The company emphasized that it did not share photos or the content of emails.
Apple regularly publishes transparency reports detailing the data it has released in response to requests from governments across the globe.
Image: OIG
FTC: We use income earning auto affiliate links. More.
