The National Security Agency today released reports on intelligence collection that may have violated the law or U.S. policy over more than a decade, including unauthorized surveillance of Americans’ overseas communications.
The NSA, responding to a Freedom of Information Act lawsuit from the American Civil Liberties Union, released a series of required quarterly and annual reports to the President’s Intelligence Oversight Board that cover the period from the fourth quarter of 2001 to the second quarter of 2013.
The heavily-redacted reports include examples of data on Americans being e-mailed to unauthorized recipients, stored in unsecured computers and retained after it was supposed to be destroyed, according to the documents. They were posted on the NSA’s website at around 1:30 p.m. on Christmas Eve.
In a 2012 case, for example, an NSA analyst “searched her spouse’s personal telephone directory without his knowledge to obtain names and telephone numbers for targeting,” according to one report. The analyst “has been advised to cease her activities,” it said.
Other unauthorized cases were a matter of human error, not intentional misconduct.
Last year, an analyst “mistakenly requested” surveillance “of his own personal identifier instead of the selector associated with a foreign intelligence target,” according to another report.
Unauthorized Surveillance
In 2012, an analyst conducted surveillance “on a U.S. organization in a raw traffic database without formal authorization because the analyst incorrectly believed that he was authorized to query due to a potential threat,” according to the fourth-quarter report from 2012. The surveillance yielded nothing.
The NSA’s intensified communications surveillance programs initiated after the Sept. 11, 2001, terrorist attacks on New York and Washington unleashed an international uproar after they were disclosed in classified documents leaked by fugitive former contractor Edward Snowden last year.
No New Legislation
Congress has considered but not passed new legislation to curb the NSA’s collection of bulk telephone calling and other electronic data.
The Privacy and Civil Liberties Oversight Board, created by lawmakers under post-Sept. 11 anti-terrorism laws, issued a 238-page report in January urging the abolition of the bulk collection of Americans’ phone records. The five-member board said the program has provided only “minimal” help in thwarting terrorist attacks.
The ACLU, which filed a lawsuit to access the reports, said the documents shed light on how the surveillance policies of NSA impact Americans and how information has sometimes been misused.
“The government conducts sweeping surveillance under this authority -— surveillance that increasingly puts Americans’ data in the hands of the NSA,” Patrick C. Toomey, staff attorney with the ACLU’s National Security Project, said in an e-mail.
No Oversight
“Despite that fact, this spying is conducted almost entirely in secret and without legislative or judicial oversight,” he said.
The reports show greater oversight by all three branches of government is needed, Toomey added.
The ACLU filed suit to turn a spotlight on an executive order governing intelligence activities that was first issued by President Ronald Reagan in 1981 and has been modified many times since then.
The order allows the NSA to conduct surveillance outside the U.S. While the NSA by law can’t deliberately intercept messages from Americans, it can collect messages that get vacuumed up inadvertently as part of its surveillance of foreigners overseas.
Masking Identities
After foreign intelligence is acquired, “it must be analyzed to remove or mask certain protected categories of information, including U.S. person information, unless specific exceptions apply,” the NSA said in a statement before posting the documents.
The extent of that collection has never been clear.
The agency said today it has multiple layers of checks in place to prevent further errors in intelligence gathering and retention.
“The vast majority of compliance incidents involve unintentional technical or human error,” NSA said in its executive summary. “NSA goes to great lengths to ensure compliance with the Constitution, laws and regulations.”