NYT: Postal Service Failed to Protect Personal Data in Mail Surveillance, Report Says

http://www.nytimes.com/2015/09/25/us/postal-service-failed-to-protect-personal-data-in-mail-surveillance-report-says.html

SEPT. 24, 2015

Postal Service Failed to Protect Personal Data in Mail Surveillance, Report Says

By RON NIXON

WASHINGTON -- Employees of the United States Postal Service failed to properly safeguard documents that included the names, addresses and financial information used by its law enforcement arm to monitor the mail of people suspected of criminal activities or for national security purposes, an internal investigation found.

The information, which is collected as part of the Postal Service's mail cover surveillance program, [1] could potentially reveal personally identifiable information and compromise the privacy of the mail, according to the report, [2] which was conducted by the Postal Service's Office of Inspector General and released Thursday.

A mail cover is a surveillance tool used by the service to monitor the mail of a person suspected of criminal activity by recording the information on the outside of all letters and packages delivered to a home or business. Law enforcement officials say it is an important investigative tool, but privacy advocates say the practice is ripe for abuse because it does not have judicial oversight and is shrouded in secrecy.

The report released Thursday follows a similar audit last year that examined the use of mail covers by outside law enforcement agencies.

The most recent report examines the internal use of the program by the Postal Inspection Service, the law enforcement arm of the Postal Service, and found similar problems.

According to the report, the Postal Inspection Service approved 118,577 mail covers requested by its postal inspectors and 39,966 requested by external law enforcement authorities in fiscal years 2010 through 2014.

Auditors said they found numerous problems with the way the agency handled mail covers. According to the report, Postal Service personnel at six of nine postal facilities visited by auditors did not adequately safeguard the collected documents.

For example, at a postal facility in the New York District, a carrier placed a mail cover package, with names, address and other information, on top of his workstation, where it was accessible to other employees. The information was supposed to be secured.

During a visit to a facility in the Chicago District, auditors found that a form used to record the name and address of the subject of an investigation was posted on a mail carrier's workstation and could be seen by other employees.

Postal Service auditors said managers at the postal facilities failed to "provide adequate oversight to ensure employees followed the procedures."

The problems identified by the inspector general also were not limited to internal mail covers.

In one instance, Postal Inspection Service personnel did not notify a requesting law enforcement agency in one of the 11 episodes where the mail cover was compromised. In the other 10 episodes, postal managers informed local law enforcement about the breaches and took disciplinary action against employees for publicly disclosing the mail cover.

Although the postal auditor noted that the Post Office has taken steps to address some of the issues it identified in the May 2014 audit, [3] problems persist. The audit found that the agency still had trouble collecting information from the law enforcement agencies that requested mail covers.

The mail cover program has received the attention of privacy advocates and some members of Congress.

Last week, Senator Thomas R. Carper, Democrat of Delaware, introduced a postal reform bill [4] that would make a number of changes to the program, including providing statistics regarding the mail covers program, which includes the number of external and internal requests, as well as approvals.

[1] http://www.nytimes.com/2015/08/14/us/copy-of-postal-service-audit-shows-extent-of-mail-surveillance.html

[2] https://www.uspsoig.gov/sites/default/files/document-library-files/2015/hr-ar-15-007.pdf

[3] https://www.uspsoig.gov/story/audit-report/protecting-mail-covers-law-enforcement-investigations

[4] http://www.carper.senate.gov/public/_cache/files/8950b792-457b-4277-a508-16e93343f36a/postal-bill.pdf