The US Postal Service didn't take proper precautions with personal information obtained through its controversial "mail cover" surveillance program, according to a new internal audit. Through the program, officials can record the names and addresses on all mail sent to a certain address without obtaining a warrant, but that information is not always well guarded.

Six of nine facilities didn't safeguard information

The audit, from the Postal Service’s Office of Inspector General, focused on the Postal Service's law division, the Postal Inspection Service. Between fiscal years 2010 and 2014, the Inspection Service approved 118,577 program requests for itself and 39,966 for other law enforcement agencies. (A similar audit was done for outside law enforcement agencies last year.)

In one case, the audit found a mail cover package with sensitive information was left on top of a workstation. In another case, the audit found that a supervisor left a mail cover request sitting on top of a desk "on the workroom floor and visible to all employees." Ultimately, out of nine facilities given unannounced visits, "[p]ersonnel at six of nine facilities did not adequately safeguard accountable documents."

The USPS' mail surveillance programs have come under scrutiny in recent years as concerns over government surveillance programs have heightened. The New York Times, in a 2013 report, explained that as the mail cover program continued, the USPS had quietly expanded into a "Mail Isolation Control and Tracking program" that was photographing "every piece of paper mail that is processed in the United States."