The National Security Agency broke privacy regulations and legal limits as part of its surveillance operations thousands of times since 2008, according to an agency audit and other documents that were leaked by former NSA contractor Edward Snowden. The audit, published Thursday evening by the Washington Post, raises questions about repeated assurances from administration officials over the summer that the strict rules governing access to data protect Americans’ privacy rights.
The violations detailed in the report include the unauthorized collection and retention of Americans’ electronic communications, including one that the secret Foreign Intelligence Surveillance Court (FISC) ruled unconstitutional in October 2011. Dated May 2012 and intended for top NSA officials, the audit identified 2,776 incidents in the preceding 12 months.
The audit found that the violations are often not reported to top agency officials as well as the congressional committees tasked with overseeing the intelligence community. In one major example, a large number of domestic calls out of Washington, D.C. were collected when a computer error confused the area code 202 with 20, the international dialing code for Egypt, the Post reported. Ten percent of the incidents were due to human error in which an analyst enters a wrong number and pulls up domestic instead of foreign communications.
In one major violation, the NSA failed to report a new data collection method to the FISC for months after it was being used. The court ultimately ruled the program unconstitutional in October 2011. That opinion has been the subject of a legal battle and the Department of Justice agreed to release a version of the opinion just last week.
Though some of the violations are accidental, the serious infractions include, in the Post’s words, “unauthorized access to intercepted communications, the distribution of protected content and the use of automated systems without built-in safeguards to prevent unlawful surveillance.”
Upon seeing the audit, Sen. Dianne Feinstein, D-Calif., who heads the Senate Intelligence Committee, told the Post that her committee “can and should do more to independently verify that NSA’s operations are appropriate, and its reports of compliance incidents are accurate.” Feinstein had not seen the audit until the Post showed it to her.
Administration officials have admitted accidental infractions but have stressed the general effectiveness of the privacy regulations and the legality of the surveillance being conducted. President Obama reinforced this message at a press conference last Friday.
“We've tried to set up a system that is as failsafe as so far at least we've been able to think of to make sure that these programs are not abused,” he said. The Post’s story did not indicate whether the president had seen the audit report when he defended the agency last week.
The staggering revelations are not the first time the intelligence community has improperly collected Americans’ phone calls and emails as part of its counterterrorism efforts. The Federal Bureau of Investigation admitted years ago to having gained unauthorized access to Americans’ phone records, credit reports and Internet traffic from 2003 to 2006.