The Commerce Department will eliminate a security unit that it found improperly launched criminal investigations and collected information on hundreds of its employees and average citizens, department officials said Friday.

A nearly five-month internal review by top Commerce lawyers concluded that the Investigations and Threat Management Service, the subject of a Washington Post examination in May, did not have “adequate legal authority” to pursue criminal probes, as it had been doing for 15 years.

Operating with little oversight, the obscure unit opened cases ranging from counterespionage to background searches on U.S. residents who wrote innocuous letters to the department’s top official, the review found.

Nearly every case languished for years without resolution, leaving individuals listed internally as still under scrutiny, the review found.

The findings were detailed in a report released Friday morning that recommended shuttering the 13-person unit, discontinuing its criminal and counterintelligence functions and folding its administrative and security duties into other offices within the department.

Commerce said in a statement that it had accepted the recommendations and would close ITMS within 90 days and implement other recommendations within 180 days.

“We are committed to maintaining our security, but also equally committed to protecting the privacy and civil liberties of our employees and the public,” said Commerce Secretary Gina Raimondo.

The report followed a string of investigations and media reports on ITMS’s activities.

A Congressional investigation led by Sen. Roger Wicker (R-Miss.) of the Commerce Committee concluded in July that ITMS had evolved into a “rogue, unaccountable police force” that “opened frivolous investigations on a variety of employees without evidence suggesting wrongdoing.”

In May, the examination by The Post found that the unit had covertly searched employees’ offices at night, run broad key word searches on employee emails looking for signs of possible foreign influence and scoured Americans’ social media accounts for critical comments about the census, which falls under Commerce.

In March, the department’s internal watchdog completed an investigation that found “evidence of potential misconduct and mismanagement within ITMS occurring over several years,” prompting the Commerce Department to suspend the unit’s criminal investigations, according to the report released Friday. The findings of that inspector general’s investigation were also released Friday, although the names of individuals were redacted from the report.

Wicker said in a statement Friday that he was “encouraged” by the department’s actions but would continue to look into whether Commerce’s inspector general properly investigated previous complaints about ITMS. The inspector general’s office did not immediately respond to a request for comment.

The internal review, conducted by the department’s Office of the General Counsel, found ITMS lacked proper guidelines and training and had poor record-keeping and inadequate management. It did not find evidence, however, to substantiate allegations that ITMS opened or prolonged investigations into people based on their race or national origin.

Commerce officials would not say if any department employees face discipline as a result of the findings, citing privacy laws. But the statement said the department had “taken personnel actions in connection with findings of misconduct regarding ITMS.”

ITMS’s longtime director, George Lee, who led the unit from its inception in 2006 until last year, remained a Commerce employee as of Friday but was no longer working in ITMS, according to a Commerce official who spoke on the condition of anonymity to discuss personnel issues. Lee did not immediately respond to a message Friday seeking comment.

The department had previously said that, as of May 15, Lee was “not currently supervising the work or the employees of ITMS, and is not performing any investigatory duties.”

ITMS opened hundreds of cases each year, but most stagnated, the report states. Lawyers conducting the review found only two that resulted in criminal prosecution and “only a small number” that contributed to administrative actions against Commerce employees.

In April, when the review began, there were 1,945 open cases, the majority focused on people who wrote letters to the Secretary of Commerce. “The vast majority, if not all, of those cases should have been closed, in some cases months or years before” the internal review began, the report states.

Commerce officials are reviewing the case files in an effort to close investigations, according to the report.

The internal review was based on documents and interviews with 47 people, including current and former ITMS employees, according to the report. Lawyers overseeing the review said their task was complicated because ITMS’s “case files are not well-organized.”

The report details chronic mismanagement by ITMS supervisors and inadequate oversight from department leadership, which allowed the unit to operate with a high degree of secrecy. ITMS routinely asked Commerce officials, including lawyers and supervisors, to sign nondisclosure agreements when discussing the unit’s operations, which “contributed to a culture where supervisors felt unable to communicate with each other over issues relevant to their office and supervision.”

The report also faulted department leaders and lawyers for allowing ITMS to operate under an inappropriately broad interpretation of its legal powers. Commerce officials were aware of concerns for years about the unit exceeding its authority but did little to rein it in, the report found. “The Department had been on notice of potential issues . . . since at least 2017,” the report states, citing an Inspector General’s report that year.

ITMS agents received their police powers through written agreements with the U.S. Marshals Service. The agreements, called deputations, state that ITMS agents are to use their law enforcement authority to protect the Secretary of Commerce and the department’s “critical assets.”

Over time, ITMS and Commerce officials assumed that the language granted authority to conduct a wide range of criminal investigations, according to the report. The Marshals Service informed ITMS officials in late 2020 “that the deputation did not extend to the broad array of investigations that ITMS claimed were within its mission,” the report states.

“The U.S. Marshals Service has no comment on the internal matters of another federal agency,” spokesman James Stossel wrote in an email.

The unit’s expanded mission, according to ITMS documents, included looking for Commerce Department’s employees with possible suspicious foreign connections.

ITMS conducted broad searches on employee emails for particular Mandarin phrases and words associated with programs used by the Chinese government to recruit scientists and researchers, the report found. Some of the single-word search terms were exceedingly generic — for example, the word “thousand,” the report found.

While the broad searches did not appear to violate Justice Department guidelines, the review found, “they are understandably viewed with suspicion by employees, oversight authorities, and those outside the Department given the absence of adequate policies, procedures, and oversight governing ITMS activities.”

ITMS documents described the unit’s mission as including counterintelligence or counterespionage investigations, the review found. ITMS agents also occasionally “ran names through classified databases to learn about an individual’s background,” the report states.

The Post previously reported that ITMS agents launched probes starting in April 2020 into the authors of dozens of social media posts that questioned the integrity or fairness of the census, part of an effort to detect organized disinformation campaigns. The report stated that the Census Bureau already had a team working on that effort with other government agencies that had relevant authority and expertise.

“ITMS did not bring any new skill sets to these efforts,” the report states as an example of a lack of oversight.

The review recommended planning for the destruction of information collected by ITMS whenever permitted by record-keeping laws “to ensure that no information developed by ITMS records informs future decisions without a prior legal review and independent factual corroboration.”