What did the FBI spreadsheet of public tips include and how did investigators treat those tips?
Executive summary
The FBI’s public-tip intake—collected via tips.fbi.gov and related portals—produced electronic records that captured submitted content (including anonymous tips and links to publicly available social media), basic sender metadata, analyst notes and attachments, and disposition decisions; those records were vetted by Public Access Center personnel and threat‑intake examiners, checked against internal and external databases, and either routed into FBI case-management systems or referred elsewhere depending on perceived investigative merit [1] [2] [3]. Oversight has found both systematic procedures for triage and documented lapses where tips were inappropriately delayed or not referred, prompting changes such as adoption of the Guardian system to increase visibility [4] [3].
1. What the “spreadsheet” or intake record contained
The intake record created from public submissions was essentially an electronic complaint or tip form that could include the text of the tip, attachments (for example screenshots or documents), references to publicly available social media content, and whatever identity or contact information the reporter supplied (tips can be anonymous) — material the FBI treats as leads for possible investigative action [1] [3]. Project TIPLINE research and FBI descriptions show that law enforcement tip systems historically included simple spreadsheet-style entries for each submission, and modern FBI intake captures those submissions in electronic complaint forms that are migrated into internal systems like eGuardian/Guardian [5] [3].
2. How analysts vetted incoming tips
Incoming tips are first handled by the FBI’s Public Access Center and the National Threat Operations Center’s threat intake examiners, where analysts perform preliminary vetting: assessing believability and credibility, checking internal and external databases, and conducting basic research to determine if a tip has investigative merit [2] [3]. A supervisor reviews tips that show further merit before they are formatted for entry into eGuardian/Guardian or otherwise transmitted, and analysts may attach notes explaining disposition decisions and steps taken during preliminary research [2] [3].
3. Routing, referral and investigative treatment
Once a tip is deemed to have investigative merit, it is routed according to subject matter — criminal, counterterrorism, counterintelligence, cyber, etc. — and can be forwarded to a field office, to the Internet Crime Complaint Center (IC3) for cyber matters, or to state/local partners as appropriate; complaints may also be shared across the FBI’s network and with other agencies for follow-up [2] [6] [3]. The FBI publicly states it receives roughly 100 “actionable” tips daily and over time has built protocols to triage high volumes into investigative channels or partner referrals [7].
4. Documentation, disposition and transparency
Threat intake examiners document dispositions and may include user notes and attachments reflecting why a tip was closed, referred, or escalated; they also record outreach to private companies when needed to obtain information voluntarily provided for the disposition process [3]. The privacy impact assessment and FBI materials describe these practices as part of ensuring tips become part of investigative case files when relevant, while making clear not every submission becomes a full investigation [3].
5. Oversight, failures and reforms
An Office of Inspector General audit found examples where tips were inappropriately placed on inactive status or not referred to state/local partners, creating delays; that review led the FBI to emphasize improved tip management and to move more intake handling into the Guardian system to increase visibility and accountability [4]. The audit provides concrete examples of consequences when processes break down, demonstrating that while procedures exist to vet and route tips, implementation and oversight have been focal points for reform [4].
6. Context and limits of the public record
The public record from FBI materials and oversight reports establishes the content types captured, the multi-step vetting and routing process, and both the intended controls and documented lapses; however, public sources do not release the full internal spreadsheets or individual disposition records for specific tips, so analysis must rely on agency descriptions, privacy assessments and OIG audits rather than raw intake logs [1] [2] [3] [4]. Taken together, the evidence shows the FBI treats the tip spreadsheet as a working intelligence/intake tool — capturing raw submissions, annotating vetting activity, and routing items into investigative systems — while oversight has driven technical and procedural changes to reduce errors and improve tracking [3] [4].