Days after its sweeping covert internet surveillance operation was exposed through media reports, the United States Postal Inspection Service (USPIS) changed the program’s name and told analysts to stop monitoring the keyword “protest,” according to a recently released inspector general’s report.
The March 25 IG report comes nearly a year after the USPIS “Internet Covert Operations Program (iCOP)” was revealed by Yahoo News. The iCOP program alarmed both sides of the political aisle due to its surveillance of right- and left-wing protest movements, prompting the House Committee on Oversight and Reform to request the IG audit.
The IG report said iCOP—renamed the “Analytics Team” in April 2021, the same month as Yahoo published its exposé—used an automated intelligence tool that scoured the internet for keywords. But more than 25 percent of the cases reviewed had no relation to postal crime, the IG said.
“The keywords iCOP used for one of the profiles during this time did not include any terms related to the mail, postal crimes, or security of postal facilities or personnel,” the IG said. “Examples of the keywords include ‘protest,’ ‘attack,’ and ‘destroy.’”
One keyword that posed particular concern was “protest.” Following Yahoo’s April 21, 2021, report, a USPIS internal counsel advised nine days later for analysts to stop monitoring the term “protest.”
The IG also said the USPIS does not document the surveillance activities that underpin its various intelligence reports.
“As a result, we could not confirm whether the work associated with these reports was authorized,” the IG said.
Further, the IG criticized analysts for failing to protect privacy rights.
“Specifically, analysts stored sensitive information on their work computers and did not document how they used the information to respond to requests for assistance or develop reports,” the IG report said.
“This information frequently contained significant amounts of PII [personally identifiable information] obtained from public sources, such as social media, and from contracted investigative tools that provide detailed background information such as addresses, birth dates, and Social Security numbers.”
The USPIS vigorously disagreed with the inspector general’s findings in written comments attached to the report.
According to the USPIS, it has the authority to conduct intelligence-gathering operations, regardless of any relation to postal crime—so long as it has some connection to how the Postal Service operates.
“We strongly disagree with the overarching conclusion that the USPIS exceeded its authority and conducted improper intelligence searches,” wrote Chief Postal Inspector Gary Barksdale and general counsel Thomas Marshall.
“[USPIS] is authorized … to research a wide range of topics extending to conduct that could reasonably be said to impact or impair the proper operation of the Postal Service,” they argued.
“We therefore assert that every search conducted by the agency … had a postal nexus.”
Barksdale and Marshall also defended the practice of monitoring protests on the grounds that Postal Service property was damaged during the summer of 2020.
“By reviewing this publicly available, widely shared, non-postal term content, the Inspection Service was able to prevent mail carriers from delivering mail on routes that would be unsafe,” they said. “The search terms were not unnecessarily restricted to those only having postal terms.”
The IG report addressed the Postal Service’s criticisms of its findings, explaining why Barksdale and Marshall’s arguments are flawed.
“As noted in the report, the Postal Inspection Service does not document the purpose of proactive intelligence gathering assignments in any specific way,” the IG report said. “Without information about why the keyword search profile was developed or a direct postal nexus in the keywords, there is no evidence to support management’s claim that the Postal Inspection Service was within its law enforcement authority in carrying out these automated searches.”
The IG report noted that the USPIS did agree to review its practices.
“We will keep the recommendations open until the initial review of the online analytical support activities and procedures is conducted and changes are made,” the report said. “At that time, we will address any remaining recommendations in the audit resolution process, as appropriate.”
Along with identifying flaws within the USPIS’s surveillance operations, the IG report also provided a brief history of iCOP/Analytics Team.
According to the report, iCOP started as the “Dark Web Program,” which provided postal inspectors with open source and dark web intelligence, cryptocurrency management, online undercover methods and tools, and dark web and online undercover training.
“In October 2018, the Dark Web Program was renamed the Internet Covert Operations Program (iCOP) and expanded to provide support for all online covert operations. iCOP also began providing other analytical support, including facial recognition and social media monitoring services,” the report said.
“On April 28, 2021, the Postal Inspection Service announced internally that the group of analysts responsible for these online analytical support activities would be referred to as the Analytics Team.”
The USPIS did not respond to questions from The Epoch Times about why it changed the names and internal policies governing its surveillance operations within days of being publicized in the media.