IEyeNews

iLocal News Archives

NSA: We didn’t break rules! NSA’s own audit shows: Oh yes we did!

0611_information-securityTwo conflicting stories concerning USA’s National Security Agency’s (NSA) supposedly unauthorized collection, storage, access to or distribution of legally protected communications.

Former NSA Director Hayden to Newsmax: We did not break rules

By Todd Beamon From Newsmax

Former NSA Director Michael Hayden denied reports that the agency has repeatedly broken privacy rules or exceeded its legal authority in an exclusive interview with Newsmax late Friday.

0815-nsa-violated-privacy_full_380“If, at any step in the data-collection process, you discover that the signal you’re working is a protected signal, you’ve got to stop,” Hayden, a retired Air Force general who directed the National Security Agency from 1999 to 2005, told Newsmax in the interview. “At each step, you’ve got that requirement: Is this or is this not a communication of someone who is protected by the Fourth Amendment?”

Based on information provided earlier this summer by former NSA secrets leaker Edward Snowden, The Washington Post published details of an internal audit on Friday that purportedly showed the agency overstepped its authority thousands of times since Congress granted it broad new powers in 2008.

“If, at any step in that process, you think you have a protected communication, you stop and you report it,” Hayden countered.

The report on the audit, dated May 2012, followed assurances last week from President Barack Obama of stronger oversight of the surveillance agency.

gen-michael-haydenAccording to the Post, most of the infractions involved unauthorized surveillance of Americans or foreign intelligence targets in the United States. Both activities are restricted by statute and executive order.

They ranged from significant violations of law to typographical errors that resulted in unintended interception of U.S. emails and telephone calls.

The audit counted 2,776 incidents in the preceding 12 months of unauthorized collection, storage, and access to or distribution of legally protected communications, the Post reports.

Most were unintended — and many involved failures of due diligence or breaches of standard operating procedure.

The most serious incidents included a violation of a court order and unauthorized use of data on more than 3,000 Americans and green-card holders.

In one of the audit documents, for example, NSA personnel were instructed to remove details and substitute more generic language in reports to the Justice Department and the Office of the Director of National Intelligence, the Post disclosed. The reports are used to inform Congress.

Senate Judiciary Committee Chairman Patrick Leahy said he would hold hearings into the new disclosures, while Senate Intelligence Committee Chairwoman Dianne Feinstein said her panel had been notified of NSA compliance problems — not by seeing the internal audit but through legally required reports to her committee.

Hayden, who also served as CIA director from 2006 to 2009, told Newsmax that many of the compliance issues detailed in the audit were unintentional and were caused by human error.

“None of these were intentional,” he said. “Previous claims that the NSA was violating the law are not true. All of these are inadvertent and unintentional and corrective.

“The first line of oversight is the NSA workforce itself,” Hayden continued. “This is very complex. This is done by 35,000 people — and the good news is that every word in that report was self-reported by NSA. This was not some outside body.”

NSA employees are a key part of the quality control process, Hayden insisted.

“The first line of oversight are the people at the NSA themselves, who swear to uphold the Constitution; the leadership of the NSA, the inspector general,” he explained. “There actually is a lot of oversight, which is suggesting that this is hard to do.”

He added that the audit disclosed by the Post encompasses all data-collection activities of the NSA — not just those involving the surveillance of Americans’ telephone calls and Internet activities disclosed in May by Snowden, who was granted a year of asylum by Russia.

“This is about the totality of NSA collection globally, not these two narrowly defined programs,” Hayden said. “It’s about everything NSA does.”

Hayden acknowledged that mistakes happen.

“You don’t want to make any mistakes, but no one is claiming that the mistakes were intentional. Everyone understands that it’s complicated.”

It may not be realistic to expect the system to be error-proof.

“The NSA needs to work very, very hard. It needs to work to zero — but, realistically, anyone who understands this business knows they will never get to zero,” Hayden said.

“What’s required of them is to work to the limits of the available technology. And when a mistake is made, to recognize it, to report it, and try to correct it.”

The agency is doing its best to protect America with as few errors as possible, he said.

“What we’re talking about is a very complex undertaking in which good folks, with very difficult technology in an ever-changing global IT environment, are doing their very best to do this perfectly,” he said.

“And guess what?” Hayden said. “They don’t do it perfectly. There are, occasionally, unintended mistakes.”

Asked whether NSA employees substituted more generic language in reports to Congress and other oversight agencies, Hayden responded, “I have no reason to believe that NSA was trying to hide anything from oversight.

“My sense is the agency was looking for consistency in its reporting, but I have to admit that I don’t know. I’ve not been there — and I’ll let that agency describe what that language meant or did not mean.”

The retired four-star general said errors don’t happen often.

“There’s widespread collection. The errors are incredibly infrequent — and they’re monitored and detected, and corrective action is taken,” he explained.

“But look, we’re all Americans. You read this number (2,776 incidents), and you have the right to ask some questions. That’s good — and I think the agency is going to come out and put some of these headlines into context.”

He said there’s a danger that news reports will be taken out of context.

“The NSA revelations should be put into context,” he added. “It gives the impression that it’s constant, that it’s sloppy, that it’s a result of inattention, that the NSA people don’t care.”

For more on this story go to:

http://www.newsmax.com/Newsfront/Hayden-Newsmax-NSA-Audit/2013/08/16/id/520888?s=al&promo_code=148EC-1

Completely different take on same story:

NSA violates privacy rules thousands of times per year, according to its own audit

By Margaret Hartmann From New York Mag

While assuring Americans once again that they have little reason to worry about government surveillance, President Obama said in a press conference last Friday that the U.S. can’t spy on Americans without a warrant, and there are a “whole range of safeguards” to make sure that law is upheld. “What you’re hearing about is the prospect that these [programs] could be abused,” said Obama. “Now part of the reason they’re not abused is because they’re – these checks are in place, and those abuses would be against the law and would be against the orders of the FISC.” In yet another bombshell from the files of Edward Snowden, the Washington Post reports that both of those claims are dubious. An internal audit by the NSA found thousands of instances in which the agency broke privacy rules and overstepped its legal authority. What’s more, agency employees are instructed on how to avoid providing too much information to government oversight bodies, and the chief judge of the FISA court admits they have to trust the NSA to report its own wrongdoing.

Earlier this summer, Snowden provided the Post with several documents, including an NSA audit from May 2012 that found 2,776 incidents of “unauthorized collection, storage, access to or distribution of legally protected communications” in the preceding twelve months, most of which were unintentional.  In one notable infraction, the NSA intercepted a “large number” of calls placed from Washington when a programming error confused the area code 202 for 20, the international dialing code for Egypt. It’s unclear how many Americans were affected by the unauthorized searches covered by the audit; some produced no records, but another “incident” involved thousands of phone records. The report only counted incidents at the NSA’s Fort Meade headquarters, so presumably the number of infractions would be much higher if it included all NSA facilities.

The NSA decided it didn’t need to report the Egypt incident, and the information provided to Congress and other agencies is far more vague than what’s contained in the audit. In one document, the NSA instructs personnel on how to fill out oversight forms without giving “extraneous information” to their “overseers” at the Justice Department, the Office of the Director of National Intelligence, Congress, and the FISA court.

In a separate story, U.S. District Judge Reggie Walton, the head of the surveillance court, tells the Post that it can’t independently verify information on violations reported by the NSA. “The FISC is forced to rely upon the accuracy of the information that is provided to the Court,” he explains. “The FISC does not have the capacity to investigate issues of noncompliance, and in that respect the FISC is in the same position as any other court when it comes to enforcing [government] compliance with its orders.” In one case the FISA court didn’t learn for fourth months that the NSA was collecting large amounts of data passing through fiber-optic cables in the U.S., scooping up both foreign and domestic e-mails. The FISA court found the program unconstitutional and ordered the NSA to alter its procedures or shut it down.

While President Obama said in his address last week that “the American people need to have confidence” in the surveillance programs, the administration’s response does the exact opposite. In its rundown of all of the statements it received from the Obama administration on the matter, the Post notes that all questions were originally referred to John DeLong, the NSA’s director of compliance. Following a 90-minute interview, the NSA said he could only be quoted by name and title “after an unspecified internal review.” When the Post said it wouldn’t allow the editing of quotes, the White House and NSA said the paper couldn’t use any of his quotes, and instead provided a one-paragraph statement that doesn’t say much.

A quote from a senior NSA official “speaking with White House permission on the condition of anonymity” (so maybe DeLong?) wasn’t any more reassuring. “You can look at [the infractions] as a percentage of our total activity that occurs each day,” said the official. “You look at a number in absolute terms that looks big, and when you look at it in relative terms, it looks a little different.” So yeah, 2,776 infractions seems like a lot, but it’s really nothing compared to the massive amount of spying going on at the NSA.

For more on this story go to:

http://nymag.com/daily/intelligencer/2013/08/nsa-violated-privacy-law-thousands-of-times.html?om_rid=AACMTw&om_mid=_BSDn29B80kJ5Hj

 

LEAVE A RESPONSE

Your email address will not be published. Required fields are marked *