NSA privacy violations: a spur for more checks on surveillance programs? (+video)
Documents leaked to the Washington Post show that the NSA regularly scooped up e-mails and phone-call metadata on US residents without obtaining authorization. The news may undermine White House efforts to shore up support for such sweeping surveillance programs.
(Page 2 of 3)
“The majority of incidents in all authorities were database query incidents due to human error,” the audit report said. The reported incidents were for NSA headquarters in Fort Meade, Md., and other locations near Washington, raising the prospect that an audit of the agency’s entire operation would have produced a larger number of violations.Skip to next paragraph
In Pictures Edward Snowden on the run: villain or hero?
Subscribe Today to the Monitor
Perhaps among the most serious violations, the NSA intercepted international data surging through fiber-optic cables in the US and shunted the whole lot into a database for later processing and analysis, the Post reported, citing a top-secret internal NSA newsletter. The collection included a mix of US and foreign e-mails that could not be separated, the NSA argued.
But in October 2011, several months after the program began, the Foreign Intelligence Surveillance Court, which authorizes certain NSA surveillance activities, ruled the collection program unconstitutional.
Another “incident,” in February 2012, involved the unlawful retention of 3,032 files that the FISA court had ordered the NSA to destroy after five years, according to the May 2012 audit document. Each file contained an undisclosed number of telephone-call metadata records, the document showed.
The large number of database query incidents – which by definition involve communications that were previously collected – indicate that the NSA is collecting and storing scads of information for later analysis, including data on Americans, some analysts say. The audit documents list a dozen data-collection systems with code names – among them PINWALE, MARINA, DISHFIRE, FASTSCOPE, OCTAVE, and XKEYSCORE – in which there were 119 incidents in early 2011.
For its part, the NSA said Friday in a statement to the Post that the audit shows that the agency is trying hard to ride herd on its surveillance programs and to ensure that it adheres to the law – and that it is unabashedly documenting its own failures.
“We want people [inside the agency] to report if they have made a mistake or even if they believe that an NSA activity is not consistent with the rules,” according to the NSA statement. “NSA, like other regulated organizations, also has a 'hotline' for people to report and no adverse action or reprisal can be taken for the simple act of reporting. We take each report seriously, investigate the matter, address the issue, constantly look for trends, and address them as well – all as a part of NSA’s internal oversight and compliance efforts.”
The agency reported, too, that more than 300 people are assigned to its internal privacy-compliance program, a fourfold increase since 2009. That group manages NSA’s rules, trains its personnel, develops and implements technical safeguards, and sets up systems to monitor and guide NSA activities.
“We take this work very seriously,” the statement said.
Mr. Obama noted at a news conference in June that federal judges keep a close eye on NSA activities. “We also have federal judges that we’ve put in place who are not subject to political pressure,” Obama said. “They’ve got lifetime tenure as federal judges, and they’re empowered to look over our shoulder at the executive branch to make sure that these programs aren’t being abused.”