WASHINGTON - The Social Security Administration has relaxed its privacy restrictions and searched thousands of its files at the request of the FBI as part of terrorism investigations since the Sept. 11, 2001, attacks, newly disclosed records and interviews show.
The Internal Revenue Service also worked with the bureau and the Social Security agency to provide income and taxpayer information in terrorism inquiries, law enforcement officials said. Officials said the IRS information was limited because legal restrictions prevented the sharing of taxpayer information except by court order or in cases of "imminent danger" or other exemptions. The tax agency refused to comment.
The Social Security memorandums were obtained through a Freedom of Information Act request by the Electronic Privacy Information Center, a civil liberties group. Copies were provided to The New York Times.
Social Security and law enforcement officials said that they were sensitive to privacy concerns and had put safeguards in place but that they believed the information gave investigators a valuable tool.
"We ran thousands of Social Security numbers," said a former senior FBI official who insisted on anonymity because the files involved internal cases.
"We got very useful information, that's for sure," the former official said. "We recognized the value of having that information to track leads, and, to their credit, so did the Social Security Administration."
Some privacy advocates and members of Congress, although sympathetic to the extraordinary demands posed by the Sept. 11 investigation, said they were troubled by what they saw as a significant shift in privacy policies.
Rep. Carolyn B. Maloney, a New York Democrat who has sought information from the Social Security agency on the issue, said the new policy had "real civil liberties implications for abuse." Maloney questioned whether Congress was adequately informed.
"If we don't know when the Social Security Administration decides to change its rules to disclose personal information," she said, "I think Americans have a right to be skeptical about their privacy."
The director of the Open Government Project at the Electronic Privacy Information Center, Marcia Hofmann, acknowledged the need for investigators to have access to vital information.
"But an ad hoc policy like this is so broad that it allows law enforcement to obtain really sensitive information by merely claiming that the information is relevant to the 9/11 investigation," Hofmann said. "There appears to be very little oversight."
In addition to easing its rules, the Social Security agency agreed to waive normal privacy restrictions for information related to the FBI investigation on the Washington region sniper attacks in 2002, the internal memos show. It does not appear that any information was ultimately turned over.
The agency agreed two days after the Sept. 11 attacks to give the FBI access to material from its files to obtain information on the hijackers, anyone with "relevant information" on the attacks and victims' relatives.
Under Social Security Administration policy, which goes beyond federal privacy law, such information cannot typically be shared with law enforcement officials unless the subject has been indicted or convicted of a crime. The loosening of the policy was updated and reauthorized last year, the internal memos show, and Social Security officials said yesterday that it remained in place.
Social Security officials said they were not aware of recent FBI requests for information from their files in the inquiry.
It appears that there was a flood of requests for at least a year after the attacks and perhaps longer, as bureau agents sought personal and financial information on illegal immigrants and other suspects who might be using fraudulent Social Security information. Some of the hijackers used fake Social Security numbers.
Officials at the Social Security Administration said the policy directives since Sept. 11 identified 11 offices - 10 in the inspector general's office and one in the privacy office - that are authorized to approve the FBI requests.
"Thankfully, these requests don't come up that often," Jonathan Cantor, the privacy officer at the agency, said. "You just have to look at each situation as it comes in, and it's my job to balance the privacy of the records against legitimate requests for that information."
Cantor said the FBI had made requests for financial and employment information from Social Security files, but that the agency had referred them to the IRS because it was not legally allowed to release taxpayer information.
James Huse, who was the inspector general at the Social Security agency until March 2004, said his agency provided relevant identifying information to the bureau on possible terrorism suspects but relied on the tax agency to determine what information it would turn over on a suspect's income and employment.
The FBI requests "came in by the thousands," Huse said in an interview. "They would give us the names of people suspected of being terrorists for whatever reason, and we'd match them against Social Security indices to see if these people were real, did they have Social Security numbers, things like that."
He said that most of the names and numbers run by the bureau did not match up to Social Security records.