Audit found agency repeatedly violated privacy rules
WASHINGTON — A new report finds the National Security Agency (NSA) has broken privacy rules and overstepped its legal authority thousands of times since Congress granted the agency broad new powers in 2008.
An internal NSA 2012 audit obtained by the Washington Post shows over 2,700 incidents of privacy rules broken in just one year, ranging from significant violations of the law to typo errors resulting in intercepted phone calls and mail.
“It may just be the tip of the iceberg because we don’t know exactly how energetic NSA compliance officers are being at auditing these kinds of things,” says Christopher Slobogin of Vanderbilt University.
An NSA audit obtained by The Post from Snowden said there had been 2,776 cases in the year to May 2012 of unauthorized collection, storage, access to or distribution of legally protected communications. Most were unintended, it said.
The paper said the most serious incidents included the unauthorized use of data about more than 3,000 Americans and people with green cards, and a violation of a court order.
In a statement, the NSA said its “foreign intelligence collection activities” were “continually audited and overseen internally and externally.”
“When NSA makes a mistake in carrying out its foreign intelligence mission, the agency reports the issue internally and to federal overseers and aggressively gets to the bottom of it,” it said.
John DeLong, the NSA’s director of compliance, stressed there was a process for staff to report “if they have made a mistake or even if they believe that an NSA activity is not consistent with the rules.”