The U.S. National Security Agency has broken privacy rules or overstepped its legal authority thousands of times each year since Congress granted the agency broad powers in 2008, the Washington Post reports.
Most of the infractions involve unauthorized surveillance of Americans or foreign intelligence targets in the United States, both of which are restricted by law and executive order. They range from significant violations of law to typographical errors that resulted in unintended interception of U.S. emails and telephone calls, the Post reported Thursday, citing an internal audit and other top-secret documents provided it earlier this summer from NSA leaker Edward Snowden, a former systems analyst with the agency.
In one of the documents, agency personnel are instructed to remove details and substitute more generic language in reports to the U.S. Justice Department and the Office of the Director of National Intelligence.
The Post cited a 2008 example of the interception of a "large number" of calls placed from Washington when a programming error confused U.S. area code 202 for 20, the international dialing code for Egypt, according to a "quality assurance" review that was not distributed to the NSA's oversight staff.
In another case, the Foreign Intelligence Surveillance Court, which has authority over some NSA operations, did not learn about a new collection method until it had been in operation for many months. The court ruled it unconstitutional.
The NSA audit obtained by the Post dated May 2012 counted 2,776 incidents in the preceding 12 months of unauthorized collection, storage, access to or distribution of legally protected communications. Most were unintended. Many involved failures of due diligence or violations of standard operating procedure. The most serious incidents included a violation of a court order and unauthorized use of data about more than 3,000 Americans and green-card holders.
Alexander Abdo of the American Civil Liberties Union said it is clear that oversight mechanisms for the NSA, from both the courts or Congress, have broken down.
"These documents make it clear that not only are they listening to Americans' communications and reading their emails, but they’re doing so even when the law doesn’t allow them to," Abdo said in an interview with CBC's The Lang & O'Leary Exchange.
"And that’s an important revelation because it makes clear that the government’s primary defence of these programs – that there is adequate and rigorous oversight – is simply not true."
There are almost no limits on surveillance of foreigners if they are speaking about American affairs — that includes business deals — because of a 2008 law approved by the U.S., Abdo said.
"The bigger problem, the more serious problem, is not the NSA’s failure to comply with these laws, but the NSA’s implementation of laws that allow them to do what they want," he said. "The laws give them unfettered authority to listen on Americans’ international communication en masse, without ever going to a court to get a specific order allowing them to do so."
In an emailed statement to CBC News late Thursday, John DeLong, NSA's director of compliance, said, "We want people to report if they have made a mistake or even if they believe that an NSA activity is not consistent with the rules. NSA, like other regulated organizations, also has a 'hotline' for people to report — and no adverse action or reprisal can be taken for the simple act of reporting. We take each report seriously, investigate the matter, address the issue, constantly look for trends and address them as well — all as a part of NSA's internal oversight and compliance efforts. What's more, we keep our overseers informed through both immediate reporting and periodic reporting."