A member of the National Security Administration meets with President Obama in 2009. Photo: Brooks Kraft/Corbis
If the leak of the Foreign Intelligence Surveillance Court order requiring Verizon to provide the FBI and NSA with millions of call records was the most important in advancing the debate about privacy and surveillance, Barton Gellman's report in the Washington Post about NSA's internal compliance audits should count as a close second.
For the first time, albeit inadvertently, the NSA has acknowledged the scope and depth of the agency's privacy violations and explains, in some detail, why these errors happened, how they were caught, and what might be done to correct them.
The prism of your gut will tell you what to think about all of this, and my stomach feels a little gurgley. I remain somewhat astonished at how cavalierly the administration continues to speak of rule violations as if the only type that's relevant is an advertent or deliberate attempt to intercept an American's email content or telephone call. By far, that's certainly the WORST type of rule-breaking there is, and thankfully it is extremely rare. But inadvertent collection is not insignificant. It is not, in my opinion, harmful, but it is by no means acceptable, and to treat it simply as the cost of doing (intelligence collection) business is an insufficient public defense of these problems.
Still, NSA critics, if they take the report at face value, have to acknowledge that the agency's efforts to track errors and compile them are not simply for show. As Joshua Foust points out, something called an "automated alert" flagged most of the violations found, which means that the NSA does indeed actively audit a large percentage of analytical queries or taskings. Retrospective auditing caught others, and a large number of violations were self-reported.
This paragraph I agree with in total, so I will replicate it:
It's also bizarre that the NSA does not give Congress detailed information on so-called "EO 12333" violations, which involve inadvertent or incidental collection on U.S. persons using programs which are set up only to collect information on overseas targets from collection platforms located outside the United States. The intelligence committees get basic information about these infractions, but they only get detailed breakdowns of FISA-related errors.
Here's my question: The NSA knows which documents Edward Snowden has. And it knows that collection on U.S. citizens remains the most controversial of all topics it will have to defend. Wouldn't it be in NSA's interest to proactively disclose, declassify, and release the remaining documents having to do with U.S. persons collections?
THE WEEK'S AUDIOPHILE PODCASTS: LISTEN SMARTER
- 43 TV shows to watch in 2014
- Here comes the Pentagon's newest space plane
- How to be the most productive person in your office — and still get home by 5:30 p.m.
- 3 horrific inaccuracies in Homeland's depiction of Islamabad
- The U.S. is about to sell weapons to Vietnam. That's bad news for China.
- The real story behind Deliver Us From Evil
- Gamergate has backfired spectacularly on its nincompoop perpetrators
- Did the media get Ferguson wrong?
- Extreme haunted houses: Inside Halloween's most terrifying new trend
- What the Middle Ages can tell us about the GOP's big charity myth
Subscribe to the Week