If you thought the DEA's mass surveillance was irresponsible, you're not the only one. The Justice Department's Inspector General has released a report showing that the DEA "failed to conduct a comprehensive legal analysis" of three bulk data gathering programs to verify they were above board. On top of this, the policies to govern data use were either vague or non-existent, opening up the potential for abuse.
There was good reason to put those efforts under tight scrutiny, the Inspector General's office said.
Under one program, nicknamed Program A, the DEA relied on "non-target specific" subpoenas to make telecoms supply metadata for calls made between the US and countries it deemed a "nexus to drugs," even when there was no apparent link to a specific case. Program B, meanwhile, used equally vague subpoenas to scoop up data for anyone buying certain products through key vendors, and had no plans to get rid of that data once it was no longer useful. Program C saw the DEA buy metadata on targets through a contractor for another agency, but it wasn't clear if the DEA's authority covered that data.
On top of this, the DEA took numerous steps that "hindered" the Inspector General's access to info.