NSA – Rules Don’t Seem To Apply

The National Security Agency has broken privacy rules or overstepped its legal authority thousands of times each year since Congress granted the agency broad new powers in 2008, according to an internal audit and other top-secret documents.

Most Americans probably do not understand the scope and scale of the NSA’s data collection efforts.  If they did, they would understand that these numbers are almost statistically insignificant.   If the abuse of power and lack of oversight documented in this article in the Washington Post, can be termed “insignificant.”  According to anonymous N.S.A. official commenting with White House permission,

“You can look at it as a percentage of our total activity that occurs each day,” he said. “You look at a number in absolute terms that looks big, and when you look at it in relative terms, it looks a little different.”

What is more significant is the cavalier attitude and implied superiority inherent in the policies of this particular federal agency.

In one instance, the NSA decided that it need not report the unintended surveillance of Americans. A notable example in 2008 was the interception of a “large number” of calls placed from Washington when a programming error confused the U.S. area code 202 for 20, the international dialing code for Egypt, according to a “quality assurance” review that was not distributed to the NSA’s oversight staff.

Unilaterally deciding what laws it needs to concern itself with is an indication that these unelected government employees believe they know what’s best for us.  Of course, a government has to have an agency like the NSA in today’s modern age.  However, there has to be some oversight, and this agency was never intended to be employed against American citizens – in fact it is was explicitly prohibited from spying on Americans.

Despite protestations to the contrary,

“We’re a human-run agency operating in a complex environment with a number of different regulatory regimes, so at times we find ourselves on the wrong side of the line,” a senior NSA official said in an interview, speaking with White House permission on the condition of anonymity.

these aren’t all just oopses.  The information revealed by Edward Snowden indicates a much broader program of eavesdropping on American citizens than is indicated by this article.

The May 2012 audit, intended for the agency’s top leaders, counts only incidents at the NSA’s TheFort Meade headquarters and other ­facilities in the Washington area. Three government officials, speak­ing on the condition of anonymity to discuss classified matters, said the number would be substantially higher if it included other NSA operating units and regional collection centers.

According to the article, the NSA can’t not collect information about Americans.

In what appears to be one of the most serious violations, the NSA diverted large volumes of international data passing through fiber-optic cables in the United States into a repository where the material could be stored temporarily for processing and selection.The operation to obtain what the agency called “multiple communications transactions” collected and commingled U.S. and foreign e-mails, according to an article in SSO News, a top-secret internal newsletter of the NSA’s Special Source Operations unit. NSA lawyers told the court that the agency could not practicably filter out the communications of Americans.

The Post’s story explains that there are some pretty big loopholes, even in the rules that are being ignored.

The NSA uses the term “incidental” when it sweeps up the records of an American while targeting a foreigner or a U.S. person who is believed to be involved in terrorism. Official guidelines for NSA personnel say that kind of incident, pervasive under current practices, “does not constitute a . . . violation” and “does not have to be reported” to the NSA inspector general for inclusion in quarterly reports to Congress. Once added to its databases, absent other restrictions, the communications of Americans may be searched freely.

Translation: We didn’t intend to collect the information, so it’s ok. Since we have it, we might as well use it.  After all, according to the revised USSID 18, Section 6

A report based on based on communications of or concerning a United States person may be disseminated in accordance with Section 7 if the identity of the United States person is deleted and a generic term or symbol substituted so that the information cannot reasonably be connected with an identifiable United States person. Otherwise dissemination of intelligence reports based on communications of or concerning a United States person may only be made to a recipient requiring the identity of such a person for the performance of official duties but only if at least one of the following criteria is also met:

…

3.) if the information is evidence of a crime that has been, is being, or is about to be committed and is provided to appropriate federal law enforcement authorities.

and Section 6.8

the communication or information is reasonably believed to contain evident that a crime has been, is being, or is about to be committed, provided that dissemination is for law enforcement purposes and is made in accordance with Section 106(b) of the Act and crimes reporting procedures approved by the Secretary of Defense and the Attorney General.

Given the way these rules are written (even if they were being complied with), the government is free to use information it collects if there is evidence that a crime has been, is being, or is about to be committed.

Given this logic, why not just “accidentally” collect all the communications from American citizens?    Oh yeah, they are already doing that, only not by accident.  Couple this with notions like “hate speech” and the government’s desire to “nudge” us all in the proper direction, and even the most ardent skeptic might start thinking we are rapidly approaching something like the movie Minority Report.