NSA admits ‘mistakes’ amid criticism after audit shows it broke privacy rules

Posted at 2:58 PM, Aug 17, 2013
and last updated 2013-08-17 16:58:26-04

By Ed Payne and Dan Merica


WASHINGTON (CNN) — The National Security Agency spent Friday on the defensive, after details got out about an internal audit that found the agency had broken privacy rules “thousands of times each year” since 2008.

The audit was first reported by the Washington Post on Thursday, setting off another round of heated discussion — and criticism — in Washington over how the NSA had wrongly impinged on Americans’ privacy.

“I … will continue to demand honest and forthright answers from the intelligence community,” said Sen. Patrick Leahy, D-Vermont, noting the Senate Judiciary Committee he chairs will hold a hearing on the Post’s revelations. “I remain concerned that we are still not getting straightforward answers from the NSA.”

In a call with reporters Friday, John DeLong — the NSA’s director of compliance — acknowledged “mistakes occur,” even as he insisted only a “tiny” amount of such problems were intentional.

“No one at NSA thinks a mistake is OK,” DeLong said several times in the call, which a spokesman said was conducted to “address inaccuracies.”

NSA leaker Edward Snowden — whose ongoing leaks have riled the Obama administration and intelligence community — provided the material to the Post earlier this summer.

The May 2012 audit found 2,776 incidents of “unauthorized collection, storage, access to or distribution of legally protected communications” in the preceding 12 months, the Post reported in its story.

“Most were unintended. Many involved failures of due diligence or violations of standard operating procedure,” said the Post article by reporter Barton Gellman. “The most serious incidents included a violation of a court order and unauthorized use of data about more than 3,000 Americans and green-card holders.”

Leahy was not the only lawmaker, nor the only member of President Barack Obama’s Democratic party, to call for more oversight and hearings.

“Press reports that the National Security Agency broke privacy rules thousands of times per year and reportedly sought to shield required disclosure of privacy violations are extremely disturbing,” said House Minority Leader Nancy Pelosi.

Pelosi called for “rigorous oversight” by Congress on the “incidents of non-compliance.”

Another Democrat from California, Senate Intelligence Committee chairwoman Sen. Dianne Feinstein, told the Post in a statement late Thursday night that her committee “can and should do more to independently verify that NSA’s operations are appropriate, and its reports of compliance incidents are accurate.”

The Washington Post reported that most incidents involved unauthorized surveillance of Americans or foreign intelligence targets in the country. In one case, the NSA decided it didn’t need to report the unintended surveillance.

In 2008, a “large number” of calls placed from Washington were intercepted due to a programming error that confused the capitol’s 202 area code for 20, the international dialing code for Egypt. The information came from a “quality assurance” review that wasn’t distributed to the NSA overnight staff, according to the Post.

Separately, an NSA new collection method went undiscovered by the Foreign Intelligence Surveillance Court for months. The court, which has authority over some of the agency’s operations, ruled it unconstitutional.

Responding to the Post’s story, the NSA said, “A variety of factors can cause the numbers of incidents to trend up or down from one quarter to the next.”

Factors can include implementation of new procedures, technology or software changes and expanded access.

“The one constant across all of the quarters is a persistent, dedicated effort to identify incidents or risks of incidents at the earliest possible moment, implement mitigation measures wherever possible, and drive the numbers down,” the agency said.

The agency released another statement Thursday night defending its programs.

“NSA’s foreign intelligence collection activities are continually audited and overseen internally and externally,” it said. “When NSA makes a mistake in carrying out its foreign intelligence mission, the agency reports the issue internally and to federal overseers — and aggressively gets to the bottom of it.”

On Friday, DeLong said his agency “detects and corrects mistakes” as these occur and are identified, which stops them from being “propagated.”

“The NSA has zero tolerance for misconduct,” he said, noting that those who make repeated mistakes lose access to key databases.

Overall, DeLong insisted, the NSA carefully adheres to privacy protections.

White House spokesman Josh Earnest offered a similar statement Friday, saying the NSA compliance office’s review reflects its commitment to abiding by the law and protecting people’s privacy.

“The documents demonstrate that the NSA is monitoring, detecting, addressing and reporting compliance incidents,” Earnest said.

The man who leaked the audit to the Post, Snowden, stepped forward publicly in June to claim responsibility for leaking to the media that the NSA had secretly collected and stored millions of phone records from accounts in the United States. The agency also collected information from U.S. companies on the Internet activity of overseas residents, he said.

Snowden fled first to Hong Kong and then to Russia before Moscow granted him temporary asylum despite pressure from the Obama administration to return him to the United States to face charges.

He has been charged with three felony counts, including violations of the U.S. Espionage Act, for the leaks.

Although polling shows Americans harbor skepticism of the domestic surveillance programs Snowden revealed, a majority of Americans don’t approve of the actions he took and they think he, as an American citizen, should be brought to justice.

A CNN/ORC International survey released last month indicated that 52% of the public disapproved of Snowden’s actions, while 44% said they approved of the leaks. Fifty-four percent of those questioned in the poll said the government should attempt to bring Snowden back to the United States and prosecute him for his leaks.

As for the program Snowden revealed, there is a noticeable generational divide on the surveillance tactics, with younger Americans more likely to support Snowden than older Americans.

CNN’s Lesa Jansen and Greg Botelho contributed to this report.

™ & © 2013 Cable News Network, Inc., a Time Warner Company. All rights reserved.