The results of an internal audit of the National Security Agency (NSA) show that the NSA has committed thousands of violations where the agency broke rules and court orders for surveillance of domestic and foreign targets within the U.S. These provisions were backed by the Foreign Intelligence Surveillance Act and presidential executive orders.
The audit exposed that the NSA committed over 2,700 violations from the second quarter of 2011 to the first quarter of 2012. Deputy Attorney General James Cole, who gave testimony before Congress, said that “Every now and then, there may be a mistake.” How can one be so rejective of any discrepancies found in a system with “extensive safeguards and oversight,” as Cole has put it?
2,776 violations of federally-enacted rules and laws is more than just a mere collection of mistakes. It’s indicative of the short reach, rather than extensive, of the safeguards and oversight that are supposed to ensure such mistakes never happen.
The violations mainly consisted of “unauthorized collection, storage, access to or distribution of legally protected communication.” Though unintentional, the incompetence and lack of “due diligence” exhibited by the NSA is inexcusable, especially when dealing with private data. The data collected was that of over 3,000 natural-born Americans, as well as green-card holders.
What’s more, is that back in 2008, the NSA intercepted lots of calls in the Washington D.C. area because of a programming error. The error caused interception systems to read 202, Washington D.C.’s area code, as the international dialing code for Egypt, which is 20. The NSA chose not to report this incident.
The NSA increased its oversight staff fourfold, but their competence and efficiency continues to fall short as violations actually increased from 2011 to 2012.
After obtaining the audit report, Senate Intelligence Committee Chairperson Dianne Feinstein (D-Calif.) said the committee “can and should do more to independently verify that NSA’s operations are appropriate, and its reports of compliance incidents are accurate.”