The National Security Agency has broken privacy rules or overstepped its legal authority thousands of times each year since Congress granted the agency broad new powers in 2008, according to an internal audit and other top-secret documents.There's a great deal to unpack in this, probably the loudest and most significant whistle blown by Edward Snowden. The May 2012 audit counted 2,776 incidents of "unauthorized collection, storage, access to or distribution of legally protected communications" in the previous year. But those 2,776 "incidents" don't mean 2,776 individual violations, but 2,776 times the NSA violated privacy rules, with an unknown number of individual violations within each infraction. That audit is only for the NSA's Fort Meade and Washington, D.C. area facilities. Three government officials who spoke with Post reporter Barton Gellman "said the number would be substantially higher if it included other NSA operating units and regional collection centers."
Most of the infractions involve unauthorized surveillance of Americans or foreign intelligence targets in the United States, both of which are restricted by statute and executive order. They range from significant violations of law to typographical errors that resulted in unintended interception of U.S. e-mails and telephone calls.
The documents, provided earlier this summer to The Washington Post by former NSA contractor Edward Snowden, include a level of detail and analysis that is not routinely shared with Congress or the special court that oversees surveillance. In one of the documents, agency personnel are instructed to remove details and substitute more generic language in reports to the Justice Department and the Office of the Director of National Intelligence.[emphasis added]
In one instance, the NSA decided that it need not report the unintended surveillance of Americans. A notable example in 2008 was the interception of a “large number” of calls placed from Washington when a programming error confused the U.S. area code 202 for 20, the international dialing code for Egypt, according to a “quality assurance” review that was not distributed to the NSA’s oversight staff.The NSA apparently unilaterally decides whether or not it needs to report its violations to its own oversight staff, to the FISA court, to the Justice Department, and to Congress. And it apparently frequently decides it just doesn't need to. Even after the court (the head judge of which admits it has limited ability to do anything about it) has ruled what it's doing is unconstitutional.
In another case, the Foreign Intelligence Surveillance Court, which has authority over some NSA operations, did not learn about a new collection method until it had been in operation for many months. The court ruled it unconstitutional.
The documents say that one in 10 incidents happens because of a typographical error when an analyst messes up a query. "But the more serious lapses include unauthorized access to intercepted communications, the distribution of protected content and the use of automated systems without built-in safeguards to prevent unlawful surveillance." Once that information is intercepted—whether intentionally or not—it can be added to the NSA's databases, and "absent other restrictions, the communications of Americans may be searched freely." This incidental collection, according to NSA official guidelines, isn't considered a violation and doesn't have to be reported internally or included in quarterly reports to Congress.
Sen. Dianne Feinstein, chair of the Senate Intelligence Committee, did not receive a copy of this audit until the Post advised her that it existed. Her reaction is underwhelming, saying the committee “can and should do more to independently verify that NSA’s operations are appropriate, and its reports of compliance incidents are accurate.” You think? On the other hand, Senate Judiciary Committee Chair Patrick Leahy is sounding a bit more alarmed, and promises more hearings.
We need a lot more hearings. We need a reconstituted Church Commission that meets, in public and in front of television cameras, and determines just what else our government is doing to us in our names. We don't need "independent" review boards hand-picked by the Director of National Intelligence James Clapper, who not only admittedly lied to Congress but who has also apparently been kept out of the loop on some of the NSA violations. It's time for some transparency, some accountability.