Surprise, or not so much, the NSA "has broken privacy rules or overstepped its legal authority thousands of times each year" since 2008, according to documents leaked to the Washington Post from NSA whistleblower Edward Snowden. This includes unauthorized surveillance of Americans.
That stands in stark contrast to official statements that the NSA may make a mistake "every now and then," but that it does not abuse its surveillance powers. Of course, those officials' skewed statements might be due to NSA word games. For example, the Post points out:
The NSA uses the term "incidental" when it sweeps up the records of an American while targeting a foreigner or a U.S. person who is believed to be involved in terrorism. Official guidelines for NSA personnel say that kind of incident, pervasive under current practices, "does not constitute a . . . violation" and "does not have to be reported" to the NSA inspector general for inclusion in quarterly reports to Congress. Once added to its databases, absent other restrictions, the communications of Americans may be searched freely.
The "unlawful retention of 3,032 files that the surveillance court had ordered the NSA to destroy" counted as only one "incident" that occurred as recently as February 2012; yet "each file contained an undisclosed number of telephone call records." The Post added, "NSA lawyers told the court that the agency could not practicably filter out the communications of Americans."
How odd, since NSA Chief Keith Alexander previously denied the NSA has dossiers on most all Americans; in fact, he claimed, "We don't hold data on U.S. citizens." Of course, he might view that as the truth because our definition of data is not even close to the NSA's.
Some Obama administration officials, speaking on the condition of anonymity, have defended Alexander with assertions that the agency's internal definition of "data" does not cover "metadata" such as the trillions of American call records that the NSA is now known to have collected and stored since 2006. Those records include the telephone numbers of the parties and the times and durations of conversations, among other details, but not their content or the names of callers.
The NSA's authoritative definition of data includes those call records. "Signals Intelligence Management Directive 421," which is quoted in secret oversight and auditing guidelines, states that "raw SIGINT data . . . includes, but is not limited to, unevaluated and/or unminimized transcripts, gists, facsimiles, telex, voice, and some forms of computer-generated data, such as call event records and other Digital Network Intelligence (DNI) metadata as well as DNI message text."
Some of the NSA privacy violations highlighted by The Post were from a May 2012 audit, which included "2,776 incidents in the preceding 12 months of unauthorized collection, storage, access to or distribution of legally protected communications." That number, however, was only "incidents" at NSA's Fort Meade headquarters and other facilities in the Washington area. Unnamed government officials "said the number would be substantially higher if it included other NSA operating units and regional collection centers."
The audit concluded that "most" of the unauthorized surveillance or privacy violations "were unintended. Many involved failures of due diligence or violations of standard operating procedure." 10 "incidents" were fat finger typo mistakes "in which an analyst enters an incorrect query and retrieves data about U.S phone calls or e-mails."
Another NSA official, speaking on the condition of anonymity, told The Post, "We're a human-run agency operating in a complex environment with a number of different regulatory regimes, so at times we find ourselves on the wrong side of the line."
Dianne Feinstein, chairman of the Senate Intelligence Committee, has staunchly defended NSA surveillance for national security; yet seemingly in CYOA mode, she told The Post that she had not received a copy of the leaked NSA audit until the paper asked her about it.
John DeLong, NSA director of compliance, told Reuters that "NSA analysts make 20 million queries of intelligence databases on average each month" and any mistakes made were "tiny" in the overall picture. He added, "These are not willful violations, they are not malicious, these are not people trying to break the law." He called willful violations "extremely rare." In those cases, "mistakes can lead to the removal of database access for an NSA employee." Although he promised more documents will be released "soon," that doesn't mean they will tell us anything.
We've seen how the NSA defines words differently than we might, which conveniently helps the agency step around the law and our privacy rights. Although we are supposed to be pacified with the knowledge that there is oversight, NSA documents tell analysts what to say and what not to say about its "targeting rationale" to agency's "FAA overseers."
One of those FAA overseers admitted that the court "lacks the tools to independently verify how often the government's surveillance breaks the court's rules that aim to protect Americans' privacy." U.S. District Judge Reggie B. Walton, who was deemed the "chief judge of the Foreign Intelligence Surveillance Court," said, "The FISC is forced to rely upon the accuracy of the information that is provided to the Court. The FISC does not have the capacity to investigate issues of noncompliance, and in that respect the FISC is in the same position as any other court when it comes to enforcing [government] compliance with its orders."
It is way beyond time for NSA surveillance reform legislation.
Like this? Here's more posts:
- Pro-privacy folks likened to digital al-Qaida; feds want to 'blind' hackers
- Black Hat: Smart TVs are the 'perfect target' for spying on you
- Just because you're paranoid doesn't mean THEY aren't out to get you
- Privacy & security nightmares: Hacking smart toilets, smart toys, smart homes
- Govt's $2.7 million KILL IT WITH FIRE approach to malware: Destroy all hardware
- Careful Windows Phone 8 users, connect to rogue Wi-Fi & hackers can steal passwords
- Black Hat snarky tweets as NSA Chief delivered 'Defending Freedom & Civil Liberties' keynote
- Not cyber myths: Hacking oil rigs, water plants, industrial infrastructure
- Cautionary tales: Teen beauty queen and baby spied on via hacked cameras
- Cross-platform virus spreading as Microsoft expands MAPP program
- Black Hat: It's not 'tricky' for hackers to turn your phone into a SpyPhone
- USA PRISM Plus, the perfect NSA photo-sharing app for those who have nothing to hide
Follow me on Twitter @PrivacyFanatic