Not every misstep was the fault of the FBI, the foundation found. Sometimes companies turned over more information than the FBI sought, contributing to the FBI's unauthorized receipt of personal information.
For example, a 2006 report says that after the FBI requested limited e-mail records from an e-mail provider, the provider twice sent a computer disc with the full contents of the customer's e-mail accounts. The FBI did not use the information improperly.
On average, two and a half years elapsed between a violation's occurrence and its eventual reporting to the oversight board, so oversight was likely "ineffectual," the foundation's report says.
Though the report focuses on conduct during the George W. Bush administration, it faults the Obama administration for refusing to say whether anyone is currently serving on the intelligence board, a failure that "continues to call into question the legitimacy of current intelligence oversight efforts."
The White House did not respond to questions about the intelligence board.
The new disclosures come as the Patriot Act is up for renewal in Congress before it expires in February. The law, enacted after the Sept. 11, 2001, terrorist attacks, has made it easier for the FBI to gather certain personal information without a warrant in national security investigations.
One senior lawmaker, Sen. Patrick J. Leahy (D-Vt.), is proposing to increase judicial oversight of government intelligence gathering.