The Justice Department's Inspector General released a stunning report with details into DEA's bulk surveillance practices. According to the report, the DEA “failed to conduct a comprehensive legal analysis” of the three bulk data gathering programs. In addition, the policies to govern data use were either non-existent or were vague, opening the opportunity for abuse.
While abusing these programs, DEA took multiple steps to make sure access to information for Inspector General was “hindered” so that the agency could cover its tracks.
To give you an example, in one program, nicknamed Program A, the DEA relied on “non-target specific” subpoenas to make telecoms give metadata for calls that were made between the US and countries DEA deemed “nexus of drugs, even if there was no specific case linked to the cause.
In another program called Program B, used equally vague subpoenas to gather data for anyone that was buying certain products through key vendors. Even worse, the agency had no plans to get rid of the data even if it was not useful.
Lastly, Program C, was where DEA bought metadata on targets through a contractor for another agency, but it was not clear if DEA's authority covered the data being retrieved.