NSA blames 3,000 leaked privacy violations on ‘employee mistakes’
The NSA's director of compliance, John DeLong, has held a
conference call with reporters Friday as the agency has made the
most direct effort to counter concern over its spying activities
since its classified documents began appearing in the press.
“NSA has a zero tolerance policy for willful misconduct,” DeLong is cited as saying by the Wall Street Journal. “None of the incidents that were in the document released were willful.”
However, he admitted that there was “a couple” of willful privacy violations during the past 10 years, but didn’t provide any details of those incidents.
According to DeLong, the NSA had about a 0.0005 percent error rate, with roughly 100 mistakes out of 20 million queries a month.
“No one at NSA thinks a mistake is OK, but those kinds of reports are designed and generated to make sure we understand when mistakes occur," DeLong said.
The explanations followed the publication of Snowden-leaked NSA’s internal audit report on privacy violations in The Washington Post on Thursday.
That document analyzed the different types of violations of policy or law for the year ended March 2012. The majority of the 2,776 breaches came from cases when the NSA continued monitoring foreigners through their cellphone use after they already left the United States.
The audit report said such violations were “largely unpreventable,” attributing the wave of "roamer" incidents to an increase in Chinese citizens visiting their American friends for Chinese New Year celebrations.
The document also speaks of one episode of mishandling telephone data as the NSA found out of more than 3,000 records being retained past their five-year expiration date.
DeLong claimed that the call records were deleted right after they were discovered, and that they hadn't been reviewed by the agency’s analysts.
Another “significant incident,” mentioned in the audit, occurred when an individual remained under surveillance even after obtaining a US Green Card, without the NSA having an individualized warrant to continue its spying activities on the person.
Improper granting of access to a sensitive database was also among the breaches documented in the internal audit.
The Washington Post reported a separate problem, when the NSA said that it had collected data on a “large number” of phone numbers in Washington DC because the system was incorrectly set to the 202 area code instead of the 20 country code, which is Egypt.
Another document the paper published revealed a serious constitutional violation by the agency as it established a collection program for 'Multiple Communications Transactions,' which was deemed “deficient on statutory and constitutional grounds” by the Foreign Intelligence Surveillance Court.
NSA's director of compliance said that he couldn't describe the scope of that violation on the issue, but once again repeated that it “wasn't willful.” The collection later resumed under new court-approved procedures, he added.
Answering The Washington Post’s complaint that the audit hadn't been made available to Congress, DeLong said the NSA provided this type of data to lawmakers and agencies with oversight responsibilities.
Despite this specific document being designed for internal use, its results were incorporated into other reports provided to US lawmakers, DeLong said.
The Senate Intelligence Committee, overseeing the surveillance programs, said it “has never identified an instance in which the NSA has intentionally abused its authority to conduct surveillance for inappropriate purposes.”
But the some congressmen believe they aren’t getting enough information on the NSA activities, demanding a public debate on the surveillance programs.
“We have previously said that the violations of these laws and rules were more serious than had been acknowledged, and we believe Americans should know that this confirmation is just the tip of a larger iceberg,” Democratic Senators Ron Wyden and Mark Udall said in a joint statement.
In a White House statement Friday, deputy press spokesman Josh Earnest insisted that the violations didn't reflect intentional law-breaking by the NSA, and that the detailed report showed that the agency was pro-actively monitoring its own work.
“The documents demonstrate that the NSA is monitoring, detecting, addressing and reporting compliance incidents. We have been keeping the Congress appropriately informed of compliance issues as they arise,” he said.
US President Barack Obama also fended off attacks on the surveillance programs conducted by the NSA during a press conference earlier this month.
“What you’re not reading about is the government actually abusing these programs and listening on people’s phone calls or inappropriately reading peoples’ emails,” Obama said. “What you’re hearing about is the prospect that these could be abused. The part of the reason they aren’t abused is because these checks are in place. And those abuses would be against the law.”
But leaked audit report is bringing the US president’s claims into doubt that Americans' privacy rights were safeguarded and violations by the NSA were only a possibility.