NSA Violated Privacy Rules Because It Lacked 'Full Understanding' of Its Program
Thousands of documents, released at the DNI's declassification Tumblr, detail a massive overhaul of the agency's collection of phone metadata in 2009 following the discovery that the NSA was improperly checking phone numbers.
"There was nobody in NSA who really had a full understanding of how the program was operating at the time." That's an intelligence official's one-line summary of thousands of documents released by the Office of the Director of National Intelligence in a briefing on Tuesday. The documents, released at the DNI's declassification Tumblr, detail a massive overhaul of the agency's collection of phone metadata in 2009 following the discovery that the NSA was improperly checking phone numbers against the database.
The violations occurred between May 2006 and January 2009 and involved checks on as many as 16,000 phone numbers, including some based in the U.S., said two senior intelligence officials with direct knowledge of how the program operated.
Those checks came from a pre-determined list including numbers that should not have been included. Of the 17,000-plus numbers on the list, only about 10 percent met the necessary standard for inclusion. For a limited time, the FISA Court, which approves any surveillance by the NSA, mandated that any checks against the database be conducted on a case-by-case basis. That database contains data collected under Section 215 of the Patriot Act, the phone metadata gathering that first came to light following the leak by Edward Snowden of a FISA Court document related to the collection of records from Verizon.
Officials were quick to note that the violations were unintentional and the problem has since been remedied. A substantial part of the DNI's letter explaining the release of the documents is predicated on exhaustively articulating that response. Among the fixes: "making technological fixes, improving training, and implementing new oversight procedures." The DNI also explains how the technology got out ahead of the ability of staff to understand how it exceeded authorization. "NSA also recognized that its compliance and oversight infrastructure had not kept pace with its operational momentum and the evolving and challenging technological environment in which it functioned."
Since the Snowden leaks began, we've been assured that violations have been addressed with a (newly) robust system of checks and balances. The Wall Street Journal contrasts the document release with the language the NSA has used to describe its surveillance.
Top U.S. officials, including NSA Director Keith Alexander, have repeatedly reassured lawmakers and the public that the phone-records program has been carefully executed under oversight from the secret Foreign Intelligence Surveillance Court court.
"This is not a program where we are out freewheeling it," Gen. Alexander said in June. "It is a well-overseen and a very focused program."
In addition to assurances that these violations have been addressed, the DNI's blog post offers an explanation for its impetus for the release.
Release of these documents reflects the Executive Branch’s continued commitment to making information about this intelligence collection program publicly available when appropriate and consistent with the national security of the United States.
Not exclusively. As with the release last month of documents related to a 2011 violation of the Foreign Intelligence Surveillance Act, this most recent release stems primarily from a Freedom of Information Act request filed by the Electronic Frontier Foundation. At its site, the organization made this clear last week:
Like our lawsuit over that 2011 FISA opinion—where the government posted the results on Director of National Intelligence’s new Tumblr account—the Justice Department may attempt to portray this release as being done out of the goodness of its heart and as a testament to its commitment to transparency. While we applaud the government for finally releasing the opinions, it is not simply a case of magnanimity. The Justice Department is releasing this information because a court has ordered it to do so in response to EFF’s FOIA lawsuit, which was filed on the tenth anniversary of the enactment of the Patriot Act—nearly two years ago.
Presumably, the NSA is now fully aware of how its various programs are operating.