The National Security Agency overstepped its legal authority thousands of times over a one-year period, violating court orders and illegally spying on domestic communications, according to an internal NSA audit obtained by the Washington Post.
The audit found 2,776 "incidents" in which the agency either violated executive wiretapping orders or the Foreign Intelligence Surveillance Act, which delineates the legal boundaries governing the NSA's spying capabilities. Those incidents range from simple computer errors to deliberate infractions of established operating procedures, according to the documents, which were leaked to the Post earlier this summer by former NSA contractor Edward Snowden.
In some incidental cases, the NSA's computer systems accidentally tracked "roamers" — foreigners who traveled to the United States, where their communications could no longer be legally monitored without specific warrants. In a more serious infraction, the NSA implemented a new data collection method without prior approval from the Foreign Intelligence Surveillance Court (FISC), the body tasked with overseeing the agency's actions. The court later ruled that method unconstitutional.
The audit, dated May 2012, only included incidents at the NSA's Fort Meade headquarters in Maryland. Anonymous government officials told the Post that the number of reported incidents would be "substantially higher" if it included data from other regional offices as well.
The documents shed light on what had until now been a little-probed subject regarding the NSA: It's potential fallibility and track record of compliance with the law.
The Obama administration, under fire amid a steady trickle of embarrassing leaks, has insisted that the agency rarely overstepped its authority. Critics and privacy rights proponents, however, have questioned how a body that operates almost entirely in the dark, and with such broad powers, could possibly be trusted to keep itself in check.
In a statement, the NSA said its actions "are continually audited and overseen internally and externally."
"When N.S.A. makes a mistake in carrying out its foreign intelligence mission, the agency reports the issue internally and to federal overseers — and aggressively gets to the bottom of it," the statement said.
Yet the documents obtained by the Post also showed a pattern of cover-ups to hide violations when the agency reported back to other parts of the government that have a hand in the nation's spy programs.
From the Post:
In one of the documents, agency personnel are instructed to remove details and substitute more generic language in reports to the Justice Department and the Office of the Director of National Intelligence.
In one instance, the NSA decided that it need not report the unintended surveillance of Americans. A notable example in 2008 was the interception of a "large number" of calls placed from Washington when a programming error confused the U.S. area code 202 for 20, the international dialing code for Egypt, according to a "quality assurance" review that was not distributed to the NSA's oversight staff. [Washington Post]
Further, the head judge on the FISC, responding to questions about the audit, told the Post that the court lacked the resources to verify such incidents on its own, and had to instead take the government at its word.
"The FISC does not have the capacity to investigate issues of noncompliance, and in that respect the FISC is in the same position as any other court when it comes to enforcing [government] compliance with its orders," U.S. District Judge Reggie B. Walton told the Post.
One week ago, Obama announced four proposals for reforming the nation's spy ops. Among those suggestions, the president called for unspecified reforms to the Patriot Act's provisions regarding the collection of phone records, and said the intelligence community should disclose more information about its operations to boost transparency.