NSA Broke Privacy Rules Thousands of Times Per Year, Audit Finds

← Back to Stories (view on slashdot.org)

NSA Broke Privacy Rules Thousands of Times Per Year, Audit Finds

Posted by samzenpus on Friday August 16, 2013 @12:09AM from the say-it-isn't-so dept.

NettiWelho writes "The Washington Post reports: The National Security Agency has broken privacy rules or overstepped its legal authority thousands of times each year since Congress granted the agency broad new powers in 2008, according to an internal audit and other top-secret documents. Most of the infractions involve unauthorized surveillance of Americans or foreign intelligence targets in the United States, both of which are restricted by law and executive order. They range from significant violations of law to typographical errors that resulted in unintended interception of U.S. e-mails and telephone calls."

1 of 312 comments (clear)

Min score:

Reason:

Sort:

One article I actually read, and now wish I hadn't by Anubis+IV · 2013-08-16 02:21 · Score: 5, Informative

A few interesting tidbits to share...
1) The documents reports 2776 violations of American privacy in just the 12 months ending in May 2012. Oh, and that's only for their Fort Meade data center and a few others in D.C. area, rather than for all of their data centers across the U.S.. They acknowledge the number would be significantly higher if it included all of them. Oh, and those are the number of incidents that occurred, not the number of Americans who were violated in each incident, which is actually a much higher number but isn't reported.
2) They quadrupled their oversight staff after a series of significant violations in 2009. And the results? Between 2011 and 2012, the number of infractions nearly doubled. Not halved, doubled.
3) They accidentally collected a "large number" of calls for people in Washington D.C. when there was a mixup between the international code for Egypt (20) and the area code for D.C. (202). No disclosure on what they meant by "large number", but considering the severity of other infractions, it has to be pretty large.
4) They didn't report the Egypt/D.C. mixup to the organization that oversees/audits them, nor to Congress or anyone else outside the agency, because it was deemed irrelevant to any of them. It was deemed irrelevant since "there were no defects to report", to quote a March 2013 report on the issue.
5) "Incidental" information on Americans that is collected when targeting foreigners is regularly allowed to enter their database and is freely searchable from then on. They don't count these as violations, nor do they report them, and they are apparently pervasive under their current way of doing things.
6) In one violation, they hijacked a fiber line going through the U.S. and temporarily held onto all data going through it so that they could process it. This went on for several months before the FISC ruled that what they were doing was a violation of the 4th Amendment since they were incapable of filtering out the communication of American citizens. FOIA requests have been submitted for the ruling, but the Obama administration is apparently working to block the requests.
Geez. After reading something like this, I can see why no one around here reads the articles. They're way too depressing.