« | »

NSA Often Violates Rules, FISA Has Limited Power

From the Washington Post:

NSA broke privacy rules thousands of times per year, audit finds

By Barton Gellman | August 15, 2013

The National Security Agency has broken privacy rules or overstepped its legal authority thousands of times each year since Congress granted the agency broad new powers in 2008, according to an internal audit and other top-secret documents.

Most of the infractions involve unauthorized surveillance of Americans or foreign intelligence targets in the United States, both of which are restricted by statute and executive order. They range from significant violations of law to typographical errors that resulted in unintended interception of U.S. e-mails and telephone calls.

The documents, provided earlier this summer to The Washington Post by former NSA contractor Edward Snowden, include a level of detail and analysis that is not routinely shared with Congress or the special court that oversees surveillance. In one of the documents, agency personnel are instructed to remove details and substitute more generic language in reports to the Justice Department and the Office of the Director of National Intelligence.

Notice that the Washington Post has only gotten around to trying to turn this into some kind of earth-shattering revelation, all these months later. Which tells us that neither they nor Snowden thought it was that big of a deal.

In one instance, the NSA decided that it need not report the unintended surveillance of Americans. A notable example in 2008 was the interception of a “large number” of calls placed from Washington when a programming error confused the U.S. area code 202 for 20, the international dialing code for Egypt, according to a “quality assurance” review that was not distributed to the NSA’s oversight staff.

We suspect that the bulk of the errors are things like this. Which we also suspect the NSA hates, since it ends up being a waste of time and resources. Since the material cannot be used.

In another case, the Foreign Intelligence Surveillance Court, which has authority over some NSA operations, did not learn about a new collection method until it had been in operation for many months. The court ruled it unconstitutional.

The Obama administration has provided almost no public information about the NSA’s compliance record…

This actually seems to us to be the bigger scandal here.

The NSA audit obtained by The Post, dated May 2012, counted 2,776 incidents in the preceding 12 months of unauthorized collection, storage, access to or distribution of legally protected communications. Most were unintended. Many involved failures of due diligence or violations of standard operating procedure. The most serious incidents included a violation of a court order and unauthorized use of data about more than 3,000 Americans and green-card holders…

In a statement in response to questions for this article, the NSA said it attempts to identify problems “at the earliest possible moment, implement mitigation measures wherever possible, and drive the numbers down.” The government was made aware of The Post’s intention to publish the documents that accompany this article online.

“We’re a human-run agency operating in a complex environment with a number of different regulatory regimes, so at times we find ourselves on the wrong side of the line,” a senior NSA official said in an interview, speaking with White House permission on the condition of anonymity.

“You can look at it as a percentage of our total activity that occurs each day,” he said. “You look at a number in absolute terms that looks big, and when you look at it in relative terms, it looks a little different.” …

We actually suspect this is the case.

The causes and severity of NSA infractions vary widely. One in 10 incidents is attributed to a typographical error in which an analyst enters an incorrect query and retrieves data about U.S phone calls or e-mails.

But the more serious lapses include unauthorized access to intercepted communications, the distribution of protected content and the use of automated systems without built-in safeguards to prevent unlawful surveillance…

In what appears to be one of the most serious violations, the NSA diverted large volumes of international data passing through fiber-optic cables in the United States into a repository where the material could be stored temporarily for processing and selection.

The operation to obtain what the agency called “multiple communications transactions” collected and commingled U.S. and foreign e-mails, according to an article in SSO News, a top-secret internal newsletter of the NSA’s Special Source Operations unit. NSA lawyers told the court that the agency could not practicably filter out the communications of Americans.

In October 2011, months after the program got underway, the Foreign Intelligence Surveillance Court ruled that the collection effort was unconstitutional. The court said that the methods used were “deficient on statutory and constitutional grounds,” according to a top-secret summary of the opinion, and it ordered the NSA to comply with standard privacy protections or stop the program…

But notice that the program was found to be unconstitutional in retrospect. Not from the the get-go.

Meanwhile, we have this from the Washington Post:

Court: Ability to police U.S. spying program limited

By Carol D. Leonnig | August 15, 2013

The leader of the secret court that is supposed to provide critical oversight of the government’s vast spying programs said that its ability do so is limited and that it must trust the government to report when it improperly spies on Americans.

The chief judge of the Foreign Intelligence Surveillance Court said the court lacks the tools to independently verify how often the government’s surveillance breaks the court’s rules that aim to protect Americans’ privacy. Without taking drastic steps, it also cannot check the veracity of the government’s assertions that the violations its staff members report are unintentional mistakes.

“The FISC is forced to rely upon the accuracy of the information that is provided to the Court,” its chief, U.S. District Judge Reggie B. Walton, said in a written statement to The Washington Post. “The FISC does not have the capacity to investigate issues of noncompliance, and in that respect the FISC is in the same position as any other court when it comes to enforcing [government] compliance with its orders.” …

The court’s description of its practical limitations contrasts with repeated assurances from the Obama administration and intelligence agency leaders that the court provides central checks and balances on the government’s broad spying efforts. They have said that Americans should feel comfortable that the secret intelligence court provides robust oversight of government surveillance and protects their privacy from rogue intrusions…

To our mind this is a far bigger ‘scandal.’ Apparently, the FISA court really has no way to confirm that NSA or any of the US intelligence agencies are following their orders. They have no way to verify that they are only doing what they are told to do, and no more.

Which is very troubling, if we are worried about these agencies running amuck.

This article was posted by Steve Gilbert on Friday, August 16th, 2013. Comments are currently closed.

One Response to “NSA Often Violates Rules, FISA Has Limited Power”

  1. yadayada

    if I were one of those political cartoonists I would draw nerobama saying, “we can’t possibly be doing anything wrong with her watching over us.” and have him pointing at the statue of Lady Justice closing her eyes, covering her ears, and going la la la la, and label it “Foreign Intelligence Surveillance Court”


« Front Page | To Top
« | »