NSA spies confuse Washington and Egypt

From the Washington Post in the USA:

NSA broke privacy rules thousands of times per year, audit finds

By Barton Gellman, Friday, August 16, 2:48 AM E-mail the writer

The National Security Agency has broken privacy rules or overstepped its legal authority thousands of times each year since Congress granted the agency broad new powers in 2008, according to an internal audit and other top-secret documents.Most of the infractions involve unauthorized surveillance of Americans or foreign intelligence targets in the United States, both of which are restricted by statute and executive order. They range from significant violations of law to typographical errors that resulted in unintended interception of U.S. e-mails and telephone calls.

Read the documents

NSA report on privacy violations

Read the full report with key sections highlighted and annotated by the reporter.

FISA court finds illegal surveillance

The only known details of a 2011 ruling that found the NSA was using illegal methods to collect and handle the communications of American citizens.

What’s a ‘violation’?

View a slide used in a training course for NSA intelligence collectors and analysts.

What to say (and what not to say)

How NSA analysts explain their targeting decisions without giving “extraneous information” to overseers.

More on this story:

FISA court judge: Ability to police U.S. spying program limited

Carol D. Leonnig 2:48 AM ET

Spy court chief judge says it must rely on government to say when it improperly spies on Americans.

NSA statements to The Post

Barton Gellman 3:10 AM ET

The National Security Agency offered these comments on The Post’s story on privacy violations.

The documents, provided earlier this summer to The Washington Post by former NSA contractor Edward Snowden, include a level of detail and analysis that is not routinely shared with Congress or the special court that oversees surveillance. In one of the documents, agency personnel are instructed to remove details and substitute more generic language in reports to the Justice Department and the Office of the Director of National Intelligence.

In one instance, the NSA decided that it need not report the unintended surveillance of Americans. A notable example in 2008 was the interception of a “large number” of calls placed from Washington when a programming error confused the U.S. area code 202 for 20, the international dialing code for Egypt, according to a “quality assurance” review that was not distributed to the NSA’s oversight staff.In another case, the Foreign Intelligence Surveillance Court, which has authority over some NSA operations, did not learn about a new collection method until it had been in operation for many months. The court ruled it unconstitutional.[FISA judge: Ability to police U.S. spying program is limited]

The Obama administration has provided almost no public information about the NSA’s compliance record. In June, after promising to explain the NSA’s record in “as transparent a way as we possibly can,” Deputy Attorney General James Cole described extensive safeguards and oversight that keep the agency in check. “Every now and then, there may be a mistake,” Cole said in congressional testimony.

The NSA audit obtained by The Post, dated May 2012, counted 2,776 incidents in the preceding 12 months of unauthorized collection, storage, access to or distribution of legally protected communications. Most were unintended. Many involved failures of due diligence or violations of standard operating procedure. The most serious incidents included a violation of a court order and unauthorized use of data about more than 3,000 Americans and green-card holders.

In a statement in response to questions for this article, the NSA said it attempts to identify problems “at the earliest possible moment, implement mitigation measures wherever possible, and drive the numbers down.” The government was made aware of The Post’s intention to publish the documents that accompany this article online.

“We’re a human-run agency operating in a complex environment with a number of different regulatory regimes, so at times we find ourselves on the wrong side of the line,” a senior NSA official said in an interview, speaking with White House permission on the condition of anonymity. …

In the case of the collection effort that confused calls placed from Washington with those placed from Egypt, it is unclear what the NSA meant by a “large number” of intercepted calls. A spokesman declined to discuss the matter.

See also here.

Related articles

• Snowden Claims U.S. Policy Is Creating A Black Market For Digital Weapons

• Simple typo led NSA to collect tons of extra US phone call data, secret audit shows (digitaltrends.com)
• Audit Finds NSA Broke Privacy Rules Thousands Of Times Each Year (businessinsider.com)
• Remember when Obama said the NSA wasn’t “actually abusing” its powers? He was wrong. (washingtonpost.com)
• NSA broke privacy rules thousands of times per year: Report (dnaindia.com)
• Yes, the NSA Violated Surveillance Privacy Rules – at Least 2,776 Times (reason.com)
• NSA Reportedly Broke Privacy Rules Thousands Of Times Per Year (huffingtonpost.com)
• Internal audit shows NSA often breaks privacy rules, made thousands of violations a year – Boing Boing (boingboing.net)
• Snowden documents show NSA broke privacy rules (thedailystar.net)
• Internal audit confirms the NSA has been illegally spying on Americans (thenextweb.com)