USPS Audit Report: Postal Inspection Service Mail Covers Program

Politico: Snail mail snooping safeguards not followed by Josh Gerstein:

Cutting-edge data-gathering techniques may have grabbed the spotlight lately, but it turns out the government has been playing fast and loose with a more old-school surveillance method: snail-mail snooping.

The U.S. Postal Service failed to observe key safeguards on a mail surveillance program with a history of civil liberties abuses, according to a new internal watchdog report that USPS managers tried to keep secret, citing security concerns.

USPS Audit Report: Postal Inspection Service Mail Covers Program:

In fiscal year 2013, the U.S. Postal Inspection Service processed about 49,000 mail covers. A mail cover is an investigative tool used to record data appearing on the outside of a mailpiece. Law enforcement agencies use this information to protect national security; locate fugitives; obtain evidence; or help identify property, proceeds, or assets forfeitable under criminal law.

A mail cover is justified when it will further an investigation or provide evidence of a crime. The U.S. Postal Service is responsible for recording and forwarding the data to the Postal Inspection Service for further processing. Postal Service and law enforcement officials must ensure compliance with privacy policies to protect the privacy of customers, employees, and other individuals’ information.

Our objective was to determine whether the Postal Service and Postal Inspection Service are effectively and efficiently handling mail covers according to Postal Service and federal requirements.

WHAT THE OIG FOUND:

Opportunities exist to improve controls over the mail covers program. For example, responsible personnel did not always handle and process mail cover requests in a timely manner and documents relating to the covers were not always returned to the program files as required. Of the 196 external mail cover requests we reviewed, 21 percent were approved without written authorization and 13 percent were not adequately justified or reasonable grounds were not transcribed accurately. Also, 15 percent of the inspectors who conducted mail covers did not have the required nondisclosure form on file.

Further, the Postal Inspection Service provided evidence for only one periodic review of the mail covers program over the past 3 fiscal years and did not have procedures to ensure annual reviews were performed as required. Finally, the mail cover computer application did not always provide accurate and reliable information because system controls did not ensure completeness, accuracy, and consistency of data. For example, we found 928 mail covers in active status after the cover periods ended.

Insufficient controls could hinder the Postal Inspection Service’s ability to conduct effective investigations, lead to public concerns over privacy of mail, and harm the Postal Service’s brand.

WHAT THE OIG RECOMMENDED:
We recommended management improve controls to ensure responsible personnel process mail covers in a timely manner and conduct periodic reviews of the mail covers program. Also, we recommended management implement system controls to ensure data integrity in the Postal Inspection Service mail cover application.