Forgot your password?
typodupeerror
Privacy United States

NSA Broke Privacy Rules Thousands of Times Per Year, Audit Finds 312

Posted by samzenpus
from the say-it-isn't-so dept.
NettiWelho writes "The Washington Post reports: The National Security Agency has broken privacy rules or overstepped its legal authority thousands of times each year since Congress granted the agency broad new powers in 2008, according to an internal audit and other top-secret documents. Most of the infractions involve unauthorized surveillance of Americans or foreign intelligence targets in the United States, both of which are restricted by law and executive order. They range from significant violations of law to typographical errors that resulted in unintended interception of U.S. e-mails and telephone calls."
This discussion has been archived. No new comments can be posted.

NSA Broke Privacy Rules Thousands of Times Per Year, Audit Finds

Comments Filter:
  • by puddingebola (2036796) on Friday August 16, 2013 @08:11AM (#44582241) Journal
    broad new powers
    • by TWiTfan (2887093) on Friday August 16, 2013 @08:36AM (#44582403)

      But...but...President Obama and the NSA chief assured us that abuses don't happen and that there's plenty of oversight to stop them. So surely the Washington Post MUST be mistaken!

      • by Salgak1 (20136) <salgak AT speakeasy DOT net> on Friday August 16, 2013 @09:18AM (#44582743) Homepage

        "no abuse and plenty of oversight"

        "the check is in the mail"

        I'll respect you in the morning"

        Need I go on ??? After all, they ARE from the Government, and here to help. . . .

    • The WP broke it down for you. 2776 cases includes incidence over 4 years.
      Last year there were 900-odd total including 195 FISA act violations and roughly 700 violations of executive orders.
      Of the FISA act violations: they break it down further:
      • 60 operator errors
      • 39 did not follow standard operating procedure (no news whether or not willful)
      • 21 typographical errors or overly broad search terms
      • 3 training issues
      • 67 computer errors due to failure to recognize roaming phones
      • 5 other system errors

      This

      • by Shavano (2541114) on Friday August 16, 2013 @09:07AM (#44582635)

        The WP broke it down for you. 2776 cases includes incidence over 4 years. Last year there were 900-odd total including 195 FISA act violations and roughly 700 violations of executive orders. Of the FISA act violations: they break it down further:

        • 60 operator errors
        • 39 did not follow standard operating procedure (no news whether or not willful)
        • 21 typographical errors or overly broad search terms
        • 3 training issues
        • 67 computer errors due to failure to recognize roaming phones
        • 5 other system errors

        This is not evidence of a vast conspiracy to deprive you of your rights. It's evidence of people failing to do things properly.

        I figure to come up with that many errors, there must have been several thousand searches per year that were done as intended and according to the law. If they were always ignoring the law, that means the NSA would hardly be searching anything. If they were 99.9% in compliance, there would be about 900,000 searches to get about 900 errors. I think both of those scenarios are implausible. Nobody believes there are just a couple thousand searches per year and I doubt the NSA is good enough and careful enough to get 99.9% compliance. At the very limit of plausibility, they are not listening to all your phone calls.

        My bad. Those 900 or so errors were for one quarter. The whole year is 2776, with 2012Q1 being the worst. Also, the trend is increasing.

        • by ATMAvatar (648864) on Friday August 16, 2013 @09:25AM (#44582791) Journal
          Whether it is deliberate or through incompetence is irrelevant. The NSA is still depriving US citizens of their rights on a frighteningly large scale. In addition, the director lied directly to Congress while under inquiry. Nothing is happening to the agency or its members as a result. There's plenty of reason to be upset.
          • by cpghost (719344)

            The NSA is still depriving US citizens of their rights on a frighteningly large scale.

            If they keep spying on citizens of friendly countries on a frighteningly large scale, I wouldn't wonder that they got used to it and started spying on their own citizens as well. It's the whole mindset (spying on individuals) that has to be reviewed. In the past, governments used to spy on other governments, not on unsuspecting citizens. Now, they spy on everything they can get a tap on.

          • by JWW (79176) on Friday August 16, 2013 @10:34AM (#44583497)

            Yep. Us citizens do not get a pass if we "accidentally" break the law. The NSA should not get one either. Plus their definition of "accidentally" is pretty lame and not really that far removed from intentional.

            • by wbr1 (2538558) on Friday August 16, 2013 @12:21PM (#44584561)

              Yep. Us citizens do not get a pass if we "accidentally" break the law. The NSA should not get one either. Plus their definition of "accidentally" is pretty lame and not really that far removed from intentional.

              Occidental.. we meant to say all our spying was 'occidental'!!

          • by Bodhammer (559311) on Friday August 16, 2013 @11:24AM (#44583909)
            "The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized. "

            Please sheeple, the above is not that hard to understand what the intent was of this. The contortions of logic to justify FISA and the Patriot Act are ridiculous. Call, write, and go scream in person at your congress critter. We must have our republic back!
        • by bware (148533)

          And also only for the Washington area. From TFA:

          The May 2012 audit, intended for the agency's top leaders, counts only incidents at the NSA's Fort Meade headquarters and other facilities in the Washington area. Three government officials, speaking on the condition of anonymity to discuss classified matters, said the number would be substantially higher if it included other NSA operating units and regional collection centers.

          It is a bit interesting that they got that information from "three government offic

      • by thaylin (555395) on Friday August 16, 2013 @09:10AM (#44582667)
        So you take a small subset, bout 20%, and because it *lists* personnel mistakes you assume that a lie agency is telling the truth, then with that assumption you say all is ok, while neglecting the other 80% of the cases?
      • by Opportunist (166417) on Friday August 16, 2013 @10:04AM (#44583147)

        So, in other words, my data is either in the hands of immoral or incompetent people.

        Gee, I feel safer already.

      • The WP broke it down for you. 2776 cases includes incidence over 4 years.

        Over one year. That was the 2012 audit. What previous audits (if any) show, is not the subject of the article.

        Note also that each case in question does NOT imply the violation of ONE person's privacy. From TFA: "The most serious incidents included a violation of a court order and unauthorized use of data about more than 3,000 Americans and green-card holders."

        Which implies, if not a single instance that totalled 3000 Americans,

      • by sjbe (173966) on Friday August 16, 2013 @02:09PM (#44585723)

        I figure to come up with that many errors, there must have been several thousand searches per year that were done as intended and according to the law.

        This is a secret program and the only thing you can be sure of is that your do NOT have all the facts. This is an agency and a program that has NO accountability to the electorate. They operate in secret, their findings are secret, their actions on those findings are secret, their oversight is toothless and secret, and we can't even fight against the program because we cannot prove we were harmed and thus can't prove standing in front of a judge. Exactly how stupid do you have to be to think that the NSA is to be trusted unconditionally based on a tiny bit of leaked information?

        If they were 99.9% in compliance, there would be about 900,000 searches to get about 900 errors.

        Even if they were 100% in compliance it STILL would be a violation of our 4th amendment rights. The NSA's actions have never come under serious judicial review. The FISA court is a rubber stamp fig leaf of a justification. You can loudly proclaim that this program is "legal" all you want but that doesn't make it so nor does it make it right. Jim Crow laws once were "legal" but they still were wrong and ultimately unconstitutional. Furthermore even if we take your 900 number at face value (and in reality I do not) that is 900 people who were unlawfully deprived of their civil rights in some manner. Even one is too many.

    • by mc6809e (214243)

      broad new powers

      Let me add two more words: "Went beyond".

  • by Anonymous Coward on Friday August 16, 2013 @08:12AM (#44582249)

    Now congress HAS to do something about it!

  • by O('_')O_Bush (1162487) on Friday August 16, 2013 @08:14AM (#44582265)
    We (the people) gave them a little power, and they grossly over stepped the bounds.

    Thank God Snowden exposed the NSA programs so that now they are finally being scrutinized.

    The question left is, what are we(the people) going to do about it?

    I vote for dissolving the NSA and DoHS.
    • by TWiTfan (2887093) on Friday August 16, 2013 @08:39AM (#44582419)

      The question left is, what are we(the people) going to do about it?

      Next time, they'll vote for Kodos instead.

    • by Jah-Wren Ryel (80510) on Friday August 16, 2013 @08:57AM (#44582587)

      We (the people) gave them a little power, and they grossly over stepped the bounds.

      I don't think it is useful to exaggerate. We don't have any evidence (yet) of malicious intent - almost all of the stuff in this report was just sloppiness because nobody was there to keep them in line. It isn't like they were digging up dirt on political candidates in order to sway elections or blackmailing the leaders of the Occupy movement to make them back off.

      On the flip-side it is useful to note that this was an internal report - pretty much guaranteed not to turn up anything heinous because that would be career suicide for the investigators who report to the same command-structure they are investigating. So the relatively benign level of abuse is not proof that really bad shit has not happened, it just wouldn't be in this report if it did happen.

      • by ganjadude (952775) on Friday August 16, 2013 @09:11AM (#44582681) Homepage

        It isn't like they were digging up dirt on political candidates in order to sway elections or blackmailing the leaders of the Occupy movement to make them back off.

        no but we DO know that the IRS was abusing political opponants, damn near everything that we have been told has been a lie since obama took office (and before he did to be clear) I dont know how you or anyone can still say things like "well we dont know...." we know enough to know they lied, about ALOT. I feel that we have only just begun to find the truth in this administration.

      • We don't have any evidence (yet) of malicious intent

        How often do you think abuse is required to maintain the status quo of those in power? Hardly ever, and when it does happen it won't leave much of a paper trail, if any.

        Here's something for NSA employees to think about. The Snowden leaks have made that entire org collectively shit its pants in fear. So who do you think that vast spying apparatus is now being turned on? I bet every single NSA employee that has clearance to so much as make a cup of coffee is

    • I vote for dissolving the NSA and DoHS.

      I second this. But admittedly, that's only a small start of all the parts of our government that ought to be dissolved.

  • SURPRISE! (Score:3, Interesting)

    by Thanshin (1188877) on Friday August 16, 2013 @08:16AM (#44582279)

    I would like to meet someone (adult) that's surprised by these news.

    I would like to know his answer to the question: "At which point in human history and in which location has a government not spied on its own citizens?".

    I often wonder if people understand what "secret" means.

    • Re:SURPRISE! (Score:4, Insightful)

      by gmuslera (3436) on Friday August 16, 2013 @08:45AM (#44582465) Homepage Journal
      Just walk in the street... most of them will be surprised that you tell that, and then they go back to their normal lives, forgetting about this. Even if worried, the next time Obama shows up and tell them to relax that everything is fine and give fake promises they will accept that without discussion, not doing anything against it, and surely keep voting for the same party as before, that whichever it was won't do anything against this, and a lot towards getting more power/funds to this.
      • Re:SURPRISE! (Score:4, Insightful)

        by Opportunist (166417) on Friday August 16, 2013 @10:18AM (#44583289)

        Of course they will. For a very simple reason, they have more pressing problems. They have a recession to deal with, many are busy trying to make ends meet or at least get by somehow. People don't tend to care about freedom a lot if food&shelter are on their "to be worried about" list.

        Why do you think we do everything to prolong that recession for as long as we possibly can? Think back to the 60s and realize what happens when people have time to worry about a crappy government.

    • by PraiseBob (1923958) on Friday August 16, 2013 @11:03AM (#44583729)
      Here is a person who was surprised by the audit results and had not seen them: Sen. Dianne Feinstein, Head of the Senate Intelligence committee, directly in charge of congressional oversight of the NSA.
  • Brazil (Score:5, Insightful)

    by oodaloop (1229816) on Friday August 16, 2013 @08:16AM (#44582281)
    Anyone else reminded of the Tuttle/Buttle debacle in Brazil?
    • by gweihir (88907)

      Yes, that is a nice one! Best part is the bureaucrat-speak they cover it in. The fascinating thing is that such a scenario seems to be more and more plausible.

  • “You look at a number in absolute terms that looks big, and when you look at it in relative terms, it looks a little different.” I guess this means, if you look at it from the relative perspective of how many people we spy on, over 2000 isn't really that great a number.
    • by dkleinsc (563838)

      Oh, I thought it was something different: "It looks like we got caught spying on a couple thousand Americans illegally, but if you compare how many times we were caught to how many times we committed the crime, that's a drop in the bucket."

      It's similar to how Goldman Sachs is absolutely devastated when they have to pay a $500 million fine with no admission of wrongdoing - it takes them a full 3 days to get that money back.

    • by spacepimp (664856)

      Except when they say a single violation was using Washington DC rather than Egypt. That does not necessarily imply that it was a single unique number that was analyzed. If they say were using a broad term against 202 err.. then they spied potentially on tens or hundreds of thousands of individuals privacy and data. Say they scanned for the term NSA or Secret Intelligence etc... This is why you don't give the government this much power.

  • Sneakernet (Score:2, Insightful)

    by Anonymous Coward

    Time to go back to "sneakernet" and face-to-face communications. Since we now know that even encrypting your data may not be a fool-proof way to secure our communications from prying governement/corporatocracy eyes.

    We might as well shred the Constitution and start over again. Our governement "by the people and for the people" doesn't abide by it anyway. :-(

  • by spacepimp (664856) on Friday August 16, 2013 @08:43AM (#44582451) Homepage

    2776 for one year = 27,760,000 USD fines. Although this sort of mass scale violation should be considered a larger crime.
    2776 with five years per violation is 13,880 years of jail time.

    However consider more closely that these errors likely affect thousands to tens or even hundreds of thousands citizens privacy. instead of looking at all information from Egypt they looked at all of the communications for Washington DC. Extrapolating those numbers out to the reality of how much private information and how many people were illegally spied upon by the NSA and you can safely say this would bankrupt the executive branch pretty quickly.

    • So? I forgot the numbers. Is it worse than downloading a song or not?
      • Is your data copyrighted?

        Then why do you think your privacy is by any stretch as important as Miley Cyrus' croaking?

    • by mjm1231 (751545)

      Um, when a government agency pays a fine, who do you think picks up the tab? And who are they paying the fine to?

      I can see it now: "Due to an unexpected increase in revenue of 27,760,000 dollars, the NSA budget has been increased."

  • Broke the rules? Overstepped its legal authority?

    Is that the euphemism we're using now for "broke the law"?

  • by some old guy (674482) on Friday August 16, 2013 @08:56AM (#44582573)

    Back in the day, all it took was one honest U.S. Attorney to see something like this and get a grand jury to indict the culpable officials, acting independently of corruption from above. Hell, a good lawyer could probably make a grand jury case for a RICO indictment against the whole administration.

  • Two other groups that need to be thanked for all of this is the DoJ and the journalists. If the DoJ hadn't had gone and obtained the phone records of some journalists this would have probably been quietly brushed aside. You know cause the journalists don't want to get shut out but now all bets are off and the news agencies are happy to report on things that effect them.

  • clever (Score:5, Insightful)

    by Triv (181010) on Friday August 16, 2013 @09:09AM (#44582657) Journal

    The findings conveniently move the goalposts - it implies that the issue is that the spying is being done incorrectly, not that it's being done at all; if it were done "correctly" we would never know, which was the NSA's original win condition.

    Yep. We're fucked.

  • The NSA didn't break the Holy Copyright laws. Therefore, they're safe from prosecution. It's not like they stole quadrillions of US dollars from the public by recording their private phone calls ("stealing" their conversations) without prior consent and license. Or did they? It would be interesting if people starting suing the NSA for copyright violations instead of "mere" violation of their privacy. Now that would hurt the NSA, if they got convicted.
  • ...We can do that.
  • And do they think it's mere coincidence that the current president of Russia used to be the head of the KGB?

  • by Anubis IV (1279820) on Friday August 16, 2013 @10:21AM (#44583331)

    A few interesting tidbits to share...

    1) The documents reports 2776 violations of American privacy in just the 12 months ending in May 2012. Oh, and that's only for their Fort Meade data center and a few others in D.C. area, rather than for all of their data centers across the U.S.. They acknowledge the number would be significantly higher if it included all of them. Oh, and those are the number of incidents that occurred, not the number of Americans who were violated in each incident, which is actually a much higher number but isn't reported.

    2) They quadrupled their oversight staff after a series of significant violations in 2009. And the results? Between 2011 and 2012, the number of infractions nearly doubled. Not halved, doubled.

    3) They accidentally collected a "large number" of calls for people in Washington D.C. when there was a mixup between the international code for Egypt (20) and the area code for D.C. (202). No disclosure on what they meant by "large number", but considering the severity of other infractions, it has to be pretty large.

    4) They didn't report the Egypt/D.C. mixup to the organization that oversees/audits them, nor to Congress or anyone else outside the agency, because it was deemed irrelevant to any of them. It was deemed irrelevant since "there were no defects to report", to quote a March 2013 report on the issue.

    5) "Incidental" information on Americans that is collected when targeting foreigners is regularly allowed to enter their database and is freely searchable from then on. They don't count these as violations, nor do they report them, and they are apparently pervasive under their current way of doing things.

    6) In one violation, they hijacked a fiber line going through the U.S. and temporarily held onto all data going through it so that they could process it. This went on for several months before the FISC ruled that what they were doing was a violation of the 4th Amendment since they were incapable of filtering out the communication of American citizens. FOIA requests have been submitted for the ruling, but the Obama administration is apparently working to block the requests.

    Geez. After reading something like this, I can see why no one around here reads the articles. They're way too depressing.

  • by FuzzNugget (2840687) on Friday August 16, 2013 @11:37AM (#44584065)
    National No Shit Day
  • So clearly they roll out their spy system features without seeking FISA court approval.

    I guess you can wipe your ass with the Constitution for all it's worth nowadays. :(

    Still, over time I've learned that all the NSA monitors are emails entering and leaving the US. That still concerns me because SaskTel leases server space in Florida, which means all my emails are being scanned, even though I'm a Canadian.

    I really wouldn't care if they weren't scanning my emails. I'd just snigger and laugh as the poor dumb 'mericans tromp on down the road to a full scale police state.

    The sad thing is that is what's happening, and the citizens of the US largely don't give a shit. What a pity they don't even remember what "freedom" means. It's barely been a decade since 9/11 and the majority has been brainwashed into thinking this type of spy system is the way things have always been.

  • by BobMcD (601576) on Friday August 16, 2013 @01:27PM (#44585251)

    The only important question at this point is 'who is actually in charge of this situation'?

    Note these...

    https://www.techdirt.com/articles/20130816/01174524199/simple-question-how-could-president-obama-not-know-that-inspector-generals-report-proving-him-liar-was-leaked-as-well.shtml [techdirt.com]

    https://www.techdirt.com/articles/20130816/02462124204/how-could-dianne-feinstein-not-have-seen-report-laying-out-nsa-abuses.shtml [techdirt.com]

    Both Obama and Feinstein are making themselves look STUPID, and that's not something politicians ever willingly elect to do. Now it is certainly possible that the press is capable of outmaneuvering politicians, but odds alone would dictate a different result eventually. But at every step along this garden path the figureheads have done and said the exact opposite thing as they should be doing or saying.

    It's as if this is scripted. That worries me.

APL is a write-only language. I can write programs in APL, but I can't read any of them. -- Roy Keir

Working...