The US Postal Service Sucks at Tracking Suspicious Mail

Ever wonder how so many of the goods bought and sold over the hidden Internet's illegal markets seemingly slip through the cracks of the US Postal Service, Postal Inspection, and, by proxy, law enforcement and federal investigations? Besides shadowy LSD chemists who are really good at coring out books?

This might have something to do with it: Turns out the Postal Service has some work to do when it comes to properly handling what are known as "mail covers," one of the mail service's primary tools for monitoring all the data on the outside of mailpieces that have been flagged for potentially furthering the investigation or providing evidence of a crime.

That's according to a new audit (pdf) from the Office of the Inspector General that sought to gauge if personnel at seven of the beleaguered mail service's facilities could "effectively and efficiently" handle mail covers as is required by federal law.

Basically, to get approved to run a mail cover, agencies must first make a good enough argument that information gleaned from running a cover would "protect national security; locate fugitives; obtain evidence; or help identify property, proceeds, or assets forfeitable under criminal law." Per the report:

The U.S. Postal Service is responsible for recording and forwarding the data to the Postal Inspection Service for further processing. Postal Service and law enforcement officials must ensure compliance with privacy policies to protect the privacy of customers, employees, and other individuals’ information.

US Postal Inspection processed roughly 49,000 of these mail covers in fiscal year 2013, according to the the OIG. The report reviewed a statistical sample of 196 of 6,391 external law-enforcement, criminal mail cover requests, before projecting the results nationally. It found that requests for mail covers weren't always handled and processed by "responsible personnel" or on time, and that case documents relating to the covers didn't always make it to the appropriate program files.

For the curious, here's how the mail cover process is supposed to work:

Of the 196 external criminal mail cover requests included in the OIG audit, 21 percent were approved despite not having written authorization, while 13 percent weren't "adequately justified" (or, the "reasonable grounds" for cover approval were transcribed inaccurately).

Fifteen percent of the inspectors who ran mail covers didn't have on file the required non-disclosure paperwork. A short description of exactly what kind of mail covers those inspectors conducted has been redacted on the version of the report I grabbed on Cryptome.

Additionally, the report states that in the past three years the Postal Inspection Service handed over evidence for just a single periodic mail covers program review, and that the service has no protocol for ensuring that it carries our the required yearly review. The OIG also found that the computer application that runs mail covers didn't always offer "accurate and reliable information" on account of controls that worked against "completeness, accuracy, and consistency" within the relevant data. (To wit: The OIG flagged 928 expired mail covers still marked "active.")

The full report is worth a read. OK, so it might not be the most Earth-shattering audit, and it's certainly not saying that the Postal Service and Inspection are sleeping on the gig. For all we know, they're busy enough as it is, working with the Feds to track all our snail mail, suspicious or not, as Forbes reports. For their part, officials at the seven facilities said the root of the cover mishandling were their "focusing on mail processing and employee turnover."

In any case, the OIG's report shows anonymous transactions over illegal dark web bazaars that end in regular old mailboxes are still far ahead of the law, even in a post-Snowden age of anxiety. The Feds don't have time to actually track you down because they're too busy spying on you. It's much harder (and riskier) than it used to be to send whatever you wanted over snail mail, though compared to other modes of communication, commerce, and crime, it's still surprisingly easy. That's if you're sly enough, but even if you aren't, mail and parcel handlers might turn a blind eye to what's very obviously a package of, say, brick hash.