D. Unrestrained Data Collection and Data Mining

The FBI has also claimed the authority to sweep up voluminous amounts of information independent of assessments or investigations. The FBI obtains this data—often containing personally identifiable information—from open or public source materials; federal, state, or local government databases or pervasive information sharing programs; and private companies and then amasses it in huge data bases where it is mined for a multitude of purposes.

1. eGuardian and Suspicious Activity Reports

In 2009, the FBI established a new database called eGuardian to collect reports of “suspicious” behavior generated by state and local law enforcement agencies to be shared broadly with other federal law enforcement agencies, the Department of Homeland Security, and the intelligence community. Like many other suspicious activity reporting (SAR) programs, the standards governing the definition of “suspicious” conduct for reporting to eGuardian are extremely vague and over-broad, making it likely that reports will be based on racial or religious profiling or other bias, rather than objectively reasonable indications of wrongdoing.

The 2008 FBI press release announcing the eGuardian program suggested that people photographing the Brooklyn Bridge or the Washington Monument should be reported.108 Few eGuardian SARs have been made public, but based on what other SAR programs produce, it is likely that particular religious, racial, and ethnic communities are disproportionately targeted and inappropriately reported for engaging in so-called suspicious activity. National Public Radio and the Center for Investigative Reporting reviewed more than 1,000 pages of SARs submitted from security officials at Minnesota’s Mall of America and found that “almost two-thirds of the ‘suspicious’ people whom the Mall reported to local police were minorities.”109 It is also clear that eGuardian has become a repository for improperly collected information about First Amendment-protected activities. In 2007, the Pentagon shuttered its Threat and Local Observation (TALON) database system, which collected reports of suspicious activity near military bases, after media reportsrevealed that it included information about innocent and constitutionally-protected activity such as anti-war meetings and protests.110 The Pentagon office that ran TALON was closed, but the improperly collected data collected was turned over to the FBI, and the military now provides SARs directly to eGuardian.
111

While eGuardian has been established to collect reports “that appear to have a potential nexus to terrorism”— an already inappropriately low standard — even information the FBI deems “inconclusive” can be retained for five years, searched, and used for “pattern and trend analysis.”112 The value of retaining such innocuous data on Americans’ behavior is highly questionable and may even harm efforts to identify threats by overwhelming analysts with large volumes of irrelevant data. A George Washington University Homeland Security Policy Institute survey of state and local law enforcement officials who worked with SARs called them “white noise” that impeded effective intelligence analysis.113

Another major problem is that eGuardian effectively competes with another federal government SAR. The Intelligence Reform and Terrorism Prevention Act of 2004 established the Information Sharing Environment (ISE) to serve as the conduit for terrorism-related information sharing between state and local law enforcement and the federal government.114 A March 2013 Government Accountability Office report found that though the two programs share information between them, eGuardian uses a lower evidentiary threshold for inclusion of SARs, which
creates risks and privacy problems.

The Government Accountability Office found that “many fusion centers have decided not to automatically share all of their ISE-SARs with eGuardian” because eGuardian doesn’t meet ISE standards.115 One fusion center said it would never provide SARs to eGuardian because of the fusion center’s privacy policy.116 The Government Accountability Office also found that the two systems “have overlapping goals and offer duplicative services.”117 This duplicity wastes resources and creates a risk that potential threats fall between the cracks.
Though the SAR programs have been operational for years, neither the ISE Program Manager nor the FBI track whether SAR programs deter terrorist activities or assist in the detection, arrests, or conviction of terrorists, and they have not developed performance measures to determine whether these programs have a positive impact on homeland security.118

2. Mining Big Data

The FBI also has much larger databases, and more ambitious data mining programs, but it goes to great lengths to mask these programs from congressional and public oversight. An FBI budget request for fiscal year 2008 said the FBI had amassed databases containing 1.5 billion records, and two members of Congress described documents predicting the FBI would have 6 billion records by 2012, which they said would represent “20 separate ‘records’ for each man, woman and child in the United States.”119

On October 29, 2001, President Bush directed the attorney general to establish a Foreign Terrorist Tracking Task Force (Tracking Task Force) to deny aliens “associated with, suspected of being engaged in, or supporting terrorist activity” entry into the U.S. and to “locate, detain, prosecute and deport any such aliens” already in the country.120 But this mission quickly expanded as the Tracking Task Force was transferred to the FBI and began ingesting larger and larger data sets. The Justice Department’s 2007 data mining report, required by the Patriot Reauthorization Act of 2005, revealed the existence of the Foreign Terrorist Tracking Task Force “Data Mart.” The report said the Data Mart included data from government agencies, including the Terrorist Screening Center Database and the Department of Homeland Security’s I-94 database, and commercial data from the Airlines Reporting Corporation and private data aggregation companies Choicepoint and Accurint.121 The data mining report acknowledged these databases contained U.S. person information, but it maintained that the focus of Tracking Task Force data mining queries was on identifying “foreign terrorists.”122 The report clarified, however, that if the FBI’s data mining tools establish high “risk scores” for U.S. persons the Tracking Task Force analysts “may look at them to see if they have derogatory information.”123 But the FBI had even bigger plans. In 2007, it submitted a budget request seeking $100 million over three years to establish the National Security Analysis Center, which would combine the Tracking Task Force with the largest FBI data set, the Investigative Data Warehouse.124 The Investigative Data Warehouse contains all intelligence and investigative data collected by the FBI across all of its programs, along with “other government agency data and open source news feeds.”125 This data includes, for example, well over a million suspicious activity reports filed by financial institutions each year as required by the Bank Secrecy Act, which was expanded by the Patriot Act to include car dealerships, casinos, pawn shops, and even the post office.126 The FBI ingests this data directly from the Treasury Department for inclusion in the Investigative Data Warehouse, along with an additional 14 million currency transaction reports submitted annually to document cash transactions over $10,000.127. By combining the Investigative Data Warehouse with the Tracking Task Force, the National Security Analysis Center would have access to 1.5 billion records. And based on the budget request, the FBI clearly wanted to obtain more. Congress instead requested a Government Accountability Office audit of the National Security Analysis Center, but the FBI refused to give the auditors access to the program.128 Congress temporarily pulled funding for the National Security Analysis Center in 2008 because of this impasse, but there has been little public discussion about it since.129

A 2013 Inspector General report says the Tracking Task Force “incorporated” the National Security Analysis Center and its data sets and expanded its role.130 Today the Tracking Task Force has 360 staff members, mostly analysts and contractors, and an annual budget of $54 million.131 It runs 40 separate projects, and despite its name, no longer limits its mission to the detection of foreign terrorists. According to a 2013 Inspector General report, the Tracking Task Force runs a program called “Scarecrow” that targets “financial schemes” used by U.S. citizens who may be affiliated with the “Sovereign Citizen” movement, a “FINDUS” project to find known or suspected terrorists within the U.S, and a Traveler Assessment Project “to help identify and assess unknown individuals who may have links to terrorism.”132 According to a 2012 Systems of Records Notice covering all FBI data warehouses, the information in these systems can be shared broadly, even with foreign entities and private companies, and for a multitude of law enforcement and non-law enforcement purposes.133 But scientists challenge whether pattern-based data mining to identify potential terrorist threats is a viable methodology. A 2008 study by the National Research Council of the National Academies of Sciences funded by the Department of Homeland Security concluded that “[a]utomated terrorist identification is not technically feasible because the notion of an anomalous pattern—in the absence of some well-defined ideas of what might constitute a threatening pattern—is likely to be associated with many more benign activities than terrorist activities.”134 The National Research Council pointed out that the number of false leads produced by such a system would exhaust security resources and have severe consequences for the privacy of multitudes of innocent people. The study concluded, “[t]he degree to which privacy is compromised is fundamentally related to the sciences of database technology and statistics as well as to policy and process.135 Given these scientific limitations and privacy implications of using pattern-based data mining to identify potential terrorists, the National Research Council recommended that agencies be required to employ a systematic process to evaluate the “effectiveness, lawfulness and consistency with U.S. values” of such automated systems before they are deployed and be subjected to “robust, independent oversight” thereafter.136

Tracking Task Force operations do not appear to have been subjected to such systematic evaluation or scrutiny, and as a result the FBI wastes resources on false leads that threaten privacy and security. In a heavily redacted section of the 2013 report’s discussion of its effectiveness, the Inspector General concluded that:

• The Tracking Task Force “did not always provide FBI field offices with timely and relevant information,” which caused an “inefficient use of field office resources;”137
• The Tracking Task Force “rarely made” updates to the Traveler Assessment program (despite an FBI policy that requires them every 90 days) and “may have been providing field offices with traveler threat information that was not consistent with the FBI’s current threat picture;” 138 and
• FBI supervisors received Tracking Task Force leads based on information they had already seen, including some they had provided to Tracking Task Force in the first place.139

An intriguing redaction in the report’s discussion of a Tracking Task Force lead sent to the Phoenix FBI office appears to identify a recurring problem regarding the dissemination of a particular type of information. FBI agents investigating the lead were “unable to determine the individual’s nexus to terrorism,” and the Inspector General concluded that the Tracking Task Force should “continue to work on minimizing the dissemination of [REDACTED].” This warning about potentially inappropriate dissemination is remarkable because FBI and Justice Department officials overseeing the Tracking Task Force claimed that they have “not encountered any privacy-related issues or problems.” 140

The Inspector General’sstatement likely says more about the lack of effective oversight rather than the lack of privacy-related problems. With the plethora of information in the Data Mart and its broad dissemination throughout the law enforcement and intelligence communities, it is hard to imagine that no privacy issues were ever raised. Indeed, the Inspector General went on to describe the FBI’s four-year resistance to the Justice Department’s Acting Privacy Officer’s demands to update the Tracking Task Force’s Privacy Impact Assessment, which was required by the E-Government Act of 2002. Despite the privacy officer’s objections, the FBI continued operating the Tracking Task Force Data Mart during this period without an approved Privacy Impact Assessment, reflecting both an official disregard for privacy laws and internal oversight.141

3. Real Threats Still Slipping Through the Cracks

There is troubling evidence that the flood of information coming into the FBI as a result of its lower evidentiary requirements for investigation and intelligence collection is overwhelming its agents and analysts. Rather than helping them “connect the dots,” it appears these overbroad data collection programs are impairing the FBI’s ability to properly assess and respond to threat information it receives. While no law enforcement or intelligence agency could reasonably be expected to prevent every terrorist act, several recent attacks by individuals who were previously identified to the intelligence community or investigated by the FBI require a sober evaluation of whether the FBI’s broad information collection and data mining methodologies are inundating it with false positives that obscure real threats. In a letter to the FBI seeking records regarding its 2011 investigation of apparent Boston marathon bomber Tamerlan Tsarnaev, House Homeland Security Committee Chairman Michael McCaul (R-Texas) and Rep. Peter King (R-N.Y.) pointed out that this wasthe sixth terrorist attack by a person who was previously known to the FBI or CIA.142

These included Chicagoan David Headley, who travelled freely back and forth to Pakistani terrorist training camps over several years, and then to Mumbai, India, where he conducted surveillance in preparation for the 2008 terrorist attacks by Lashkar-e-Taiba gunmen, which
killed 166 people, including four Americans. Headley was already well-known to federal law enforcement according to an investigative report by Pro Publica, as he had felony drug convictions in the U.S. and later worked as a DEA informant.143 Pro Publica’sreporting reveals the FBI had numerous warnings from different individuals over several years that Headley was involved in terrorism. The FBI received its first tip that Headley was a terrorist shortly after 9/11, but closed its investigation based on his denials. The following year the Philadelphia FBI received a second warning from a family friend that Headley was involved with Pakistani militants. An agent performed a records check and closed the case without interviewing Headley.
In 2005, Headley’s Canadian wife called an FBI terror tip line and told the FBI about Headley’s involvement with the Pakistani terrorist group. She was interviewed several times but Headley was not. In 2007, Headley’s second wife, in Pakistan, contacted the U.S. Embassy in Islamabad and told State Department security and U.S. Customs officers about Headley’s involvement with the terrorist group, which they in turn reported to the FBI. The FBI received another tip shortly after the Mumbai attacks, from a friend of Headley’s mother. FBI attempts to interview Headley were thwarted by a relative who falsely asserted that Headley was in Pakistan. Finally, in 2009 British intelligence identified him meeting with al Qaeda associates in Britain, and the FBI tracked him across Europe and back to the U.S., where he was arrested after a few months of investigation.

The second incident involved Abdulhakim Mujahid Muhammad, also known as Carlos Bledsoe, an American citizen and former gang member with a minor criminal record. In 2009, Muhammad shot two Army recruiters in Little Rock, Ark., in a self-described terrorist attack, killing one. Muhammad was known to the FBI because he had been arrested in Yemen the year before for possessing a false Somali passport and explosives manuals.144 An FBI agent reportedly interviewed Muhammad twice, once in the Yemeni jail and again upon his return to the U.S.145 According to ABC News, the Joint Terrorism Task Force opened a preliminary investigation of Muhammad when he returned from Yemen, yet he amassed an arsenal of weapons and successfully attacked the recruiting station without being detected by the investigating agents.146 He was arrested by local police shortly after the attack. While hindsight is always 20-20, these cases show critical information is still falling through the cracks at the FBI, even after years of expanding resources and investigative authorities. These cases demonstrate that the FBI’s increased data collection activities may be doing more harm than good, asthe constant response to false leads resulting from dubious “suspicious activity reports” and data mining programs makes it more difficult for agents to identify true threats that come into the FBI.

Another example involves the 2009 shooting incident in Ft. Hood, Texas, in which Army psychiatrist Major Nidal Hasan killed 13 fellow soldiers. The FBI Joint Terrorism Task Force in Washington, D.C., conducted an assessment of Hasan earlier that year in response to a lead sent from the San Diego office after agents intercepted two e-mails he sent to Anwar al-Aulaqi beginning in late 2008. According to an analysis of the investigation conducted by former FBI and CIA director William Webster, San Diego FBI officials received, evaluated, and catalogued 14 other emailmessages from Hasan to Aulaqi, and two responses from Aulaqi, but did not recognize the link to the original e-mails that sparked the assessment of Hasan, nor advise the D.C. Task Force officer of these additional communications. The Webster Commission later determined that Hasan’s e-mails did not reveal “any suggestion of impending wrongdoing by Hasan,” though it said that knowledge of these additional e-mails “would have undermined the assumption that Hasan had contacted Aulaqi simply to research Islam,” which may have justified further investigation.147

In a section of the report subtitled “the data explosion,” the Webster Commission identified the “exponential growth in the amount of electronically stored information” as a critical challenge for the FBI.148 It concluded that the D.C. Joint Terrorism Task Force officer’s assessment of Hasan was “belated, incomplete, and rushed, primarily because of their workload.”149 Similarly, the Commission found the San Diego agent and analyst assigned to the Aulaqi investigation were responsible for evaluating almost 30,000 electronic documents by the time of the Ft. Hood shooting, which averaged over 1,500 per month, or from 70 to 130 per work day.150 The Commission called this pace “relentless” and suggested the failures in the Hasan investigation were “a stark example of the impact of the data explosion” on the FBI.151 National Counterterrorism Center (NCTC) Director Michael Leiter similarly cited the daily intake of data into intelligence community data bases in explaining why the NCTC failed to identify attempted so-called underwear bomber Umar Farouk Abdulmutallab as a threat, despite warnings it received from his father. In attempting to put the failure in “context,” Leiter said the
NCTC receives over 5,000 pieces of information and places more than 350 people on the terrorist watch list each day.152 Such a deluge of information leads to bloated watch lists that can’t be properly managed and therefore become meaningless. Abdulmutallab had been identified as a known or suspected terrorist in the FBI’s Terrorist Identities Datamart Environment (TIDE) database, but was not placed on the No Fly List or the Selectee list, which would have subjected him to additional screening. A later Senate Homeland Security Committee investigation found DHS officials “skeptical” of the value of TIDE due to concerns over the quality of data it contained, which they claimed included a two-year-old child and the Ford Motor Company.153

The FBI also conducted a three-month assessment of Tamerlan Tsarnaev based on a March 2011 warning from the Russian government that he had developed radical views and planned to travel to Russia to join “underground” groups.154 Rep. William Keating (D-Mass.), who saw the
information provided in the letter during a trip to meet with the Russian security services, said the warning contained detailed information, including that Tsarnaev “wanted to join Palestinian fighters” before deciding to go to Dagestan instead because he knew the language.155 The FBI’s assessment reportedly determined Tsarnaev was not a threat, and it closed in June 2011 (some media reports suggested that FBI rules required closing the assessment after 90 days, but neither the FBI DIOG nor the Attorney General’s Guidelines place time limits on assessments).156 The FBI did place Tsarnaev on terrorism watch lists, however, despite closing the investigation. As a result,Joint Terrorism Task Force officialsreceived alerts when Tsarnaev left for Russia in early 2012 and when he returned six months later, but the FBI did not renew its investigation.157 Predicting future dangerousness is all but an impossible task, and it is entirely possible that even Tsarnaev himself could not have predicted in 2011 that he would commit a terrorist attack in 2013. FBI agents cannot be expected to be fortune tellers. But reviewing the facts of this matter is important to determine whether current FBI practices are effective, as Rep. McCaul and Rep. King suggested. The FBI said its investigation of Tsarnaev was one of over 1,000 assessments the Boston Joint Terrorism Task Force completed in 2011 alone.158 Just as in the Hasan case, this torrid pace may have diminished the quality of the Tsarnaev assessment. The agents may have also been distracted fulfilling the data collection requirements of the FBI’s “baseline collection plan,” rather than concentrating on establishing evidence of a possible crime.

Another potentially crucial mistake is that the FBI appears to have focused more on evaluating the first allegation in the Russian warning, that Tsarnaev had developed radical views, rather than the second, which alleged that he planned to travel to Russia to join “underground” groups. Determining whether Tsarnaev held “radical” views would have been inappropriate for a U.S. law enforcement agency that respects the First Amendment and difficult to measure in any event, particularly given the FBI’s flawed model of terrorist radicalization. But the allegation regarding Tsarnaev’s plans to travel to Russia to join an underground group involved actionable
intelligence about potentially illegal activity, as U.S. law prohibits providing material support to designated international terrorist groups. This allegation presented a fact question that the FBI could determine was either true or not true. But Tsarnaev’s travel to Russia six months later inexplicably did not trigger a renewed investigation. The FBI did place Tsarnaev on the TIDE watch list, which at that point contained over 700,000 names, and on another watch list called the Treasury Enforcement Communications System (TECS), which is designed to alert Customs agents when a targeted subject travels abroad. Tsarnaev’s travel to Russia six months later reportedly “pinged” the TECS system and alerted the Joint Terrorism Task Force members, as did his July 2012 return, but neither resulted in a renewed investigation.159 This may be the most damning evidence against the FBI’s overbroad approach to watch listing. Law enforcement officers repeatedly flooded with false positives from bloated watch lists become trained to ignore hits rather than respond to them. If the FBI’s assessment of Tsarnaev was properly focused on whether he planned to join underground groups in Russia, his travel there would have raised alarms and a different result may have been possible.

Perhaps even more troubling, recent media reports indicate Tsarnaev may be implicated in a grisly triple murder in Waltham, Mass., on September 11, 2011, which occurred after the FBI assessment ended but before Tsarnaev travelled to Russia in January 2012.
160 Tsarnaev’s potential involvement in serious criminal activity years before the Boston bombing raises additional questions for policymakers about the appropriate distribution of law enforcement resources. According to FBI crime data, in 2011 less than half of the 1.2 million violent crimes in the U.S. were solved through arrest or positive identification of the perpetrator.161 Included in
these unsolved crimes were over a third of the murders committed in 2011 and over 58 percent of the forcible rapes.162 These numbers have remained fairly consistent over the last several years, even as intelligence activities directed against innocent Americans have increased. It is important to recognize that terrorism is a heinous crime with serious emotional and economic consequences, but it is still worth examining whether diverting the resources currently spent on overbroad and ineffective suspicionless intelligence collection programs to helping police solve violent crimes would make all American communities safer as a result.

It is also important to note that the FBI has successfully investigated and prosecuted hundreds of defendants charged with terrorism-related offences both before and after 9/11, so it clearly has the tools and the competence necessary to address this problem. But given the impact its increased post-9/11 domestic intelligence powers have on American liberty, we cannot just trust the FBI that these authorities are necessary or effective. What becomes clear from reviewing the terrorist events the FBI failed to interdict is that the data explosion created by its lowered investigative and intelligence collection standards often impairs rather than enhances its ability to identify real threats. As the National Research Council recommended, the government should have to demonstrate the effectiveness of new counterterrorism policies and programs before they are implemented and subject them to strict legal limits and rigorous oversight to protect constitutional rights and privacy.

Preventing every possible terrorist attack is an unrealistic and unreachable goal, yet this imperative drives many of the overzealous collection programs that threaten privacy and civil liberties, even as they fail to produce tangible security benefits. It is time for policy makers and intelligence officials to conduct evidence-based evaluations of all counterterrorism programs and policies to end any that are ineffective or improperly infringe on constitutional rights.

4. Mining Bigger Data: The NCTC Guidelines

Another sign the Foreign Terrorist Tracking Task Force data mining programs are not effective came in March 2012, when the attorney general and director of National Intelligence announced dramatic changes to the National Counterterrorism Center’s (NCTC) guidelines to allow it to collect, use, and retain records on U.S. citizens and permanent residents with no suspected ties to terrorism.163 This wholesale rewrite of intelligence policy, approved over the objection of Department of Homeland Security and Justice Department privacy officers, upended decades-old protections of U.S. person information, subjecting potentially millions of innocent Americans to unjustified scrutiny by the intelligence community.164 Under the new rules, the NCTC can swallow up entire government databases—regardless of the number of innocent Americans included—and use the information in myriad ways, including pattern-based data mining, for five years. Such unfettered collection is essentially a revival of the Bush administration's Total Information Awareness program, which Congress largely defunded in 2003 because of privacy concerns.165

These privacy concerns have only increased over the last ten years, as Americans have become even more dependent on advanced information technology. But given the FBI’s close collaboration with the NCTC, these changes also raise serious questions about whether the Foreign Terrorist Tracking Task Force program is effective. If the costly Tracking Task Force data mining programs work there would be no need for NCTC to build another system to accomplish the same task.

5. Exploitation of New Technologies

The FBI is also exploiting new technological developments in troubling ways. A tax fraud prosecution in Arizona revealed that the FBI has been failing to inform judges about the particularly invasive nature of “Stingray” devices when it seeks to obtain court orders for location information.166 Stingray is a brand name for an IMSI catcher, which is a device that obtains identifying information from mobile communication devices—known as international mobile subscriber identity information—by mimicking a cell-phone tower. The IMSI catcher
accomplishes this task in a particularly invasive way: by sending signals to all cell phones in the vicinity, including within people’s homes, and tricking them into sending signals back to the IMSI catcher. Because it mimics a cell phone tower, the IMSI catcher can intercept the content of communications in addition to the identifying information, and the precise location of the mobile device.
The ACLU of Northern California obtained Justice Department documents showing the FBI has been obtaining pen register orders—which authorize the government to obtain telephone numbers called from and received by a particular mobile device based on a relevance determination—to obtain location data using IMSI catchers, without telling the magistrate judges that this invasive technology would be used.167 The documents make clear the FBI has routinely used these misleading tactics to conceal its use of this technology over the course of several years.

6. Secret Spying and Secret Law

The public doesn’t know the full extent of the FBI’s domestic surveillance activities because so much of it takes place in secret, and Sen. Wyden has warned his colleagues that many of them don’t know either, because the government secretly interprets laws in ways that expand its collection authorities beyond the plain language in the law.168 As discussed above, we know the Justice Department has a secret interpretation of the Patriot Act and a secret OLC opinion reinterpreting Electronic Communications Privacy Act, and we know that at times the intelligence community has disregarded the law entirely.169We also know that the FBI cooperates with other federal intelligence agencies as well as state and local law enforcement agencies and private entities to enhance its ability to obtain and analyze data about Americans. But official secrecy bars us from knowing all we should—and it is not unreasonable to assume that’s exactly the way the government wants it. In a democratic society governed by the rule of law, the public has a need and a right to know the legal parameters regulating government’s surveillance of its citizenry.

Secret intelligence activities are particularly odious to a free society because they enable the circumvention of traditional legal and constitutional protections against government violations of individual rights. As the Senate Committee examining the FBI’s intelligence abuses in the 1970's explained, a victim of illegal spying “may never suspect that his misfortunes are the intended result of activities undertaken by his government, and accordingly may have no opportunity to challenge the actions taken against him.” 170 An FBI training presentation obtained by Wired Magazine entitled, “Unique Aspects of the Intelligence Profession,” provides a glimpse of the impunity from legal oversight or consequences that intelligence officers assume they possess. It states that “[u]nder certain circumstances, the FBI has the ability to bend or suspend the law and impinge on the freedom of others.”171 This attitude, combined with the FBI’s renewed embrace of a “disruption strategy,” raise serious concerns about how the FBI implements its intelligence programs that demand attention from Congress.