Alan Raul, who served as vice chair of the President’s Privacy and Civil Liberties Oversight Board—established on the recommendation of the 9/11 Commission as an outside check on things such as the Patriot Act—says he and other members “were very surprised at how the FBI handled the NSLs. We perceived it as a debacle—a serious problem that resulted more from cultural and administrative failures than intentional abuses.”

The debacle, Raul says, stemmed from the bureau’s decentralized structure and the attitude of its agents to “get it done—‘we’re doing the right thing for the right reasons’—and the technicalities just fell by the wayside. . . . That was not acceptable, of course, because those ‘technicalities’ were actually important legal requirements imposed by Congress in exchange for the FBI’s expanded powers.

“If a private company reflected the same disregard for technical and legal compliance, the FBI and Justice would be all over them. When the board discussed the problems with Bob [Mueller], he clearly took our concerns very seriously and even proceeded to institute a corporate-type compliance program.”

The NSL case, officials now admit, was a wake-up call for Mueller and his team. They realized only belatedly that, amid the bureau’s decentralized culture, too much authority had been delegated to field offices. And because the bureau failed to give clear guidance or training to the agents using the authority, there were a lot of what general counsel Val Caproni called “sloppy-execution errors.”

Mueller, aides say, took the IG’s report hard, saying privately that he should have paid more attention to such a critical issue; the bureau’s missteps threatened what it saw as a crucial terrorism-investigation tool. It was, Mueller says, a case of his not drilling down far enough, pushing hard enough, asking the right questions, and holding people accountable: “We can’t afford to be sloppy like that—the American people expect that if they give us a tool, it’ll be used appropriately.”

In the past two years, a number of reforms and more substantive oversight—including a new Office of Integrity and Compliance—have been implemented. “Between the educational and the technical, we think we’ve solved about 99 percent of what we saw as the substantive errors,” Caproni says. The latest inspector general’s report this spring concluded that the bureau had made “significant progress” in implementing corrective actions but that “it is too soon to say that the FBI has ‘rectified’ many of the problems.”

The problems, though, raised a larger question: What other bureau screwups weren’t on management’s radar?

“NSLs are not that complicated,” Caproni says. “What else should we be looking at? What else out there is an NSL waiting to happen?”

Perhaps the most damning legacy of Louis Freeh’s tenure as FBI chief is that on 9/11 the FBI didn’t have a functional computer system. In his first days on the job, Mueller—dismayed by the poor IT infrastructure—ordered thousands of new Dells to replace aging 386 and 486 Pentium computers.

Zalmai Azmi encountered a mess when he arrived in late 2003 as the latest through the revolving door of FBI chief information officers. Mueller’s first hire for the CIO position, Wilson Lowery, hadn’t worked out, so Mueller turned to someone he knew he could trust: a fellow Marine. Azmi had been in charge of IT for the nation’s US Attorneys when Mueller was with the US Attorney’s office in San Francisco. When Mueller’s office received from Azmi’s office a computer upgrade and training that resulted in no downtime, Mueller called to offer the ultimate compliment: “This operation has been run with the precision of a Marine.”

After Azmi settled into the Hoover Building, he found hundreds of different applications, networks, and platforms—none of them cutting-edge. The Trilogy Project, a half-billion-dollar upgrade to the bureau’s system, was going south as its scope spiraled out of control after 9/11. Requirements for the program were changing daily. Budget overruns were in the hundreds of millions. “This is not a surprise,” a report on the situation concluded. “The attempt to make up for 20 years of neglect in two years of frenzied spending was destined to fail.”

The bureau ran 65 computer help desks, all of which operated only from 8 to 5 on weekdays. The post-9/11 world required that the bureau build a “top secret” computing environment, but it had budgeted only for a “secret” one.

Burned by his first early experiences with the failed Virtual Case File, which was designed to allow agents to build cases in the computer database rather than on paper, Mueller wasn’t going to let a second chance slip by. For the first year, he and Azmi met twice a day as they struggled to get control of the IT system. Azmi was usually Mueller’s last meeting. Mueller’s wife would call to ask when he’d be home, and the refrain would be “I’m here with Zal.”

Azmi and Mueller took enormous heat as the Trilogy Project—which became known as the Tragedy Project within the bureau—went under. At one point, buffeted by criticism from Capitol Hill and government auditors, Mueller turned to Azmi and said, “Welcome to the big leagues.”

In the end, two of the three sections of Trilogy were salvaged: The bureau managed to build a wide-area network and upgrade its computers. The third, the much-vaunted Virtual Case File, which had cost nearly $200 million, was scrapped entirely. Today, more than a decade after the dot-com boom and nearly a quarter of a century after Lotus revolutionized company workplaces and after hundreds of millions of dollars in development, the bureau has a largely functioning online case-file system.

Two more major upgrades to the system are expected before its completion in 2010 and will include the capability to do secure instant messaging—something the CIA has been able to do for a decade. Today the FBI has 56 major IT projects underway, including more than a dozen in which the director is personally involved.