Data Privacy & Protection
Agent Regulations

< Return to Dashboard - Regulations

FBI Data Privacy & Protection

Handling and Storage of Personal Data

• All personal or sensitive information collected within the FBI Discord server — including user reports, applications, disciplinary logs, and internal documentation — must be handled in accordance with Bureau policy and federal data protection principles..

• Personnel are required to:

  1. Store sensitive information only in secured FBI channels (e.g., internal logs, staff boards, or classified chat).

  2. Ensure that all ticket channels and case files remain private, visible only to authorized personnel directly involved in the case or report.

  3. Avoid sharing screenshots, transcripts, or identifying details of private server information outside of official channels.

  4. Anonymize or redact player/user identifiers when publishing case summaries or training materials for public reference.

Data Encryption and Access Control

• To protect the integrity of Bureau communications, Discord permission settings serve as the primary access control system for digital privacy.

• The following standards must be followed:

  1. Sensitive channels are restricted to need-to-know access only.

  2. Logs of edits, deletions, and message activity must be retained and regularly reviewed by the Inspection Division.

  3. All uploads containing confidential material (e.g., screenshots, IDs, private logs) must be stored only in FBI-only channels — never in general or public channels.

Data Sharing with External Bodies

• When communicating or sharing data with other departments (e.g., local law enforcement, fire, transportation, or joint-operation partners), a formal data-sharing protocol must be followed to protect both parties’ information:

  1. Any information sharing must be approved by command personnel beforehand.

  2. Sharing only through approved secure channels or temporary joint operation tickets, with administrative oversight.

  3. Clearly stating the purpose of the information exchange (e.g., warrant verification, tactical coordination, training operations).

  4. Restricting message visibility to relevant department members only.

  5. Ensuring data is “encrypted” through Discord security measures — meaning it is shared in private channels, without external reposting or screenshots.

Declassification of Data

• Certain information, previously considered restricted or confidential, may be declassified for operational, administrative, or training purposes at the discretion of FBI command personnel.

• Declassification Procedures:

  1. Only members holding the rank of Command Staff or higher (e.g., Assistant Director, Section Chief, Director) are authorized to declassify data.

  2. Once declassified, information may be reposted or summarized in public or semi-public FBI channels (e.g., announcements, briefings, or archives).

  3. Once information is declassified, lower-ranking personnel may reference it freely unless stated otherwise.

Whistleblower Protection

Reporting Misconduct

• FBI personnel are encouraged to report any observed misconduct, unethical behavior, or violations of regulations through the established whistleblower channels.

• Reports must be made confidentially and without fear of retaliation. The FBI is committed to ensuring that whistleblowers are protected and that their concerns are thoroughly investigated.

Safeguards Against Retaliation

• The FBI will take all necessary steps to protect whistleblowers from retaliation, including but not limited to changes in job assignments, harassment, or dismissal.

• Any act of retaliation against a whistleblower will be treated as a serious violation of FBI policies and will result in disciplinary action against the responsible parties.

• When a supervisor, command personnel, or any other employee with authority becomes aware that a subordinate has made or may have made a protected disclosure, they are strictly prohibited from engaging in or ordering any actions that could reasonably be perceived as retaliatory. Specifically:

  1. No changes to the employee’s assignment, duties, or responsibilities without written justification and approval from the Office of Professional Responsibility (OPR) or Internal Affairs.

  2. No alteration of work evaluations, ratings, or recommendations influenced by the employee’s disclosure.

  3. No verbal or written intimidation, threats, or disparaging remarks related to the disclosure.

  4. No exclusion of the employee from briefings, communications, or team operations without legitimate operational cause.

  5. No indirect retaliation, such as instructing other personnel to isolate, ridicule, or undermine the employee.

• Any of the following actions by a Special Agent or law enforcement personnel toward a civilian shall be considered retaliatory misconduct and subject to immediate investigation and disciplinary action:

  1. Threatening, intimidating, or coercive behavior toward a civilian who has reported or may report misconduct.

  2. Using official authority or access (e.g., law enforcement databases, intelligence systems, or field operations) to target, monitor, or harass a civilian.

  3. Unlawful detainment, unnecessary questioning, or selective enforcement motivated by personal animus or knowledge of a complaint.

  4. Disparaging, mocking, or attempting to discredit a civilian complainant or witness in any form, including online or through third parties.

  5. Interfering with or discouraging cooperation between a civilian and investigative bodies such as OIA, OPR, or external agencies.

Confidential Reporting Channels

• Confidential channels for reporting misconduct include designated hotlines, secure online portals, and anonymous reporting forms.

• The confidentiality of the whistleblower will be maintained throughout the investigation process, and their identity will not be disclosed without their consent, except as required by law.