Skip to main content

NSA admits 'mistakes' amid criticism after audit shows it broke privacy rules

By Ed Payne and Dan Merica, CNN
August 18, 2013 -- Updated 1620 GMT (0020 HKT)
STORY HIGHLIGHTS
  • NEW: White House: Audit shows NSA's efforts to find, address privacy violations
  • NEW: NSA admits "mistakes" do occur, insists most are quickly addressed
  • Washington Post counts 2,776 incidents -- violations of rules of court orders on surveillance
  • Congressional leaders express concern about mistakes, call for more oversight

Washington (CNN) -- The National Security Agency spent Friday on the defensive, after details got out about an internal audit that found the agency had broken privacy rules "thousands of times each year" since 2008.

The audit was first reported by the Washington Post on Thursday, setting off another round of heated discussion -- and criticism -- in Washington over how the NSA had wrongly impinged on Americans' privacy.

"I ... will continue to demand honest and forthright answers from the intelligence community," said Sen. Patrick Leahy, D-Vermont, noting the Senate Judiciary Committee he chairs will hold a hearing on the Post's revelations. "I remain concerned that we are still not getting straightforward answers from the NSA."

In a call with reporters Friday, John DeLong -- the NSA's director of compliance -- acknowledged "mistakes occur," even as he insisted only a "tiny" amount of such problems were intentional.

"No one at NSA thinks a mistake is OK," DeLong said several times in the call, which a spokesman said was conducted to "address inaccuracies."

John Walker ran a father and son spy ring, passing classified material to the Soviet Union from 1967 to 1985. Walker was a Navy communication specialist with financial difficulties when he walked into the Soviet Embassy and sold a piece of cyphering equipment. Navy and Defense officials said that Walker enabled the Soviet Union to unscramble military communications and pinpoint the location of U.S. submarines at all times. As part of his plea deal, prosecutors promised leniency for Walker's son Michael Walker, a former Navy seaman. Click through the gallery to see other high-profile leak scandals the United States has seen over the years. John Walker ran a father and son spy ring, passing classified material to the Soviet Union from 1967 to 1985. Walker was a Navy communication specialist with financial difficulties when he walked into the Soviet Embassy and sold a piece of cyphering equipment. Navy and Defense officials said that Walker enabled the Soviet Union to unscramble military communications and pinpoint the location of U.S. submarines at all times. As part of his plea deal, prosecutors promised leniency for Walker's son Michael Walker, a former Navy seaman. Click through the gallery to see other high-profile leak scandals the United States has seen over the years.
Sharing secrets: U.S. intelligence leaks
HIDE CAPTION
<<
<
1
2
3
4
5
6
7
8
9
10
>
>>
Sharing secrets: U.S. intelligence leaks Sharing secrets: U.S. intelligence leaks
Obama: Doing the dishes to regain trust

NSA leaker Edward Snowden -- whose ongoing leaks have riled the Obama administration and intelligence community -- provided the material to the Post earlier this summer.

The May 2012 audit found 2,776 incidents of "unauthorized collection, storage, access to or distribution of legally protected communications" in the preceding 12 months, the Post reported in its story.

"Most were unintended. Many involved failures of due diligence or violations of standard operating procedure," said the Post article by reporter Barton Gellman. "The most serious incidents included a violation of a court order and unauthorized use of data about more than 3,000 Americans and green-card holders."

Leahy was not the only lawmaker, nor the only member of President Barack Obama's Democratic party, to call for more oversight and hearings.

"Press reports that the National Security Agency broke privacy rules thousands of times per year and reportedly sought to shield required disclosure of privacy violations are extremely disturbing," said House Minority Leader Nancy Pelosi.

Pelosi called for "rigorous oversight" by Congress on the "incidents of non-compliance."

Another Democrat from California, Senate Intelligence Committee chairwoman Sen. Dianne Feinstein, told the Post in a statement late Thursday night that her committee "can and should do more to independently verify that NSA's operations are appropriate, and its reports of compliance incidents are accurate."

The Washington Post reported that most incidents involved unauthorized surveillance of Americans or foreign intelligence targets in the country. In one case, the NSA decided it didn't need to report the unintended surveillance.

In 2008, a "large number" of calls placed from Washington were intercepted due to a programming error that confused the capitol's 202 area code for 20, the international dialing code for Egypt. The information came from a "quality assurance" review that wasn't distributed to the NSA overnight staff, according to the Post.

Separately, an NSA new collection method went undiscovered by the Foreign Intelligence Surveillance Court for months. The court, which has authority over some of the agency's operations, ruled it unconstitutional.

Responding to the Post's story, the NSA said, "A variety of factors can cause the numbers of incidents to trend up or down from one quarter to the next."

Factors can include implementation of new procedures, technology or software changes and expanded access.

"The one constant across all of the quarters is a persistent, dedicated effort to identify incidents or risks of incidents at the earliest possible moment, implement mitigation measures wherever possible, and drive the numbers down," the agency said.

The agency released another statement Thursday night defending its programs.

"NSA's foreign intelligence collection activities are continually audited and overseen internally and externally," it said. "When NSA makes a mistake in carrying out its foreign intelligence mission, the agency reports the issue internally and to federal overseers -- and aggressively gets to the bottom of it."

On Friday, DeLong said his agency "detects and corrects mistakes" as these occur and are identified, which stops them from being "propagated."

"The NSA has zero tolerance for misconduct," he said, noting that those who make repeated mistakes lose access to key databases.

Overall, DeLong insisted, the NSA carefully adheres to privacy protections.

White House spokesman Josh Earnest offered a similar statement Friday, saying the NSA compliance office's review reflects its commitment to abiding by the law and protecting people's privacy.

"The documents demonstrate that the NSA is monitoring, detecting, addressing and reporting compliance incidents," Earnest said.

The man who leaked the audit to the Post, Snowden, stepped forward publicly in June to claim responsibility for leaking to the media that the NSA had secretly collected and stored millions of phone records from accounts in the United States. The agency also collected information from U.S. companies on the Internet activity of overseas residents, he said.

Snowden fled first to Hong Kong and then to Russia before Moscow granted him temporary asylum despite pressure from the Obama administration to return him to the United States to face charges.

He has been charged with three felony counts, including violations of the U.S. Espionage Act, for the leaks.

NSA: We read .00004% of Web traffic

Although polling shows Americans harbor skepticism of the domestic surveillance programs Snowden revealed, a majority of Americans don't approve of the actions he took and they think he, as an American citizen, should be brought to justice.

A CNN/ORC International survey released last month indicated that 52% of the public disapproved of Snowden's actions, while 44% said they approved of the leaks. Fifty-four percent of those questioned in the poll said the government should attempt to bring Snowden back to the United States and prosecute him for his leaks.

As for the program Snowden revealed, there is a noticeable generational divide on the surveillance tactics, with younger Americans more likely to support Snowden than older Americans.

CNN's Lesa Jansen and Greg Botelho contributed to this report.

ADVERTISEMENT
Part of complete coverage on
Data mining & privacy
June 23, 2013 -- Updated 1425 GMT (2225 HKT)
He's a high-school dropout who worked his way into the most secretive computers in U.S. intelligence as a defense contractor.
May 29, 2014 -- Updated 1226 GMT (2026 HKT)
Traitor or patriot? Low-level systems analyst or highly trained spy?
May 29, 2014 -- Updated 1927 GMT (0327 HKT)
What are the takeaways from Snowden's NBC interview? You might be surprised.
April 18, 2014 -- Updated 1152 GMT (1952 HKT)
Months after accepting asylum in Russia, Snowden asked Putin about Moscow's own surveillance practices.
March 12, 2014 -- Updated 1643 GMT (0043 HKT)
A federal judge has refused the Obama administration's request to extend storage of classified NSA telephone surveillance data beyond the current five-year limit.
March 10, 2014 -- Updated 0044 GMT (0844 HKT)
From his sanctuary in the Ecuadorian embassy in London, Julian Assange said that everyone in the world will be just as effectively monitored soon -- at least digitally.
March 11, 2014 -- Updated 0039 GMT (0839 HKT)
In a rare public talk via the Web, fugitive NSA leaker Edward Snowden urged a tech conference audience to help "fix" the U.S. government's surveillance of its citizens.
August 2, 2013 -- Updated 0355 GMT (1155 HKT)
The White House is "very disappointed" that National Security Agency leaker Edward Snowden has been granted temporary asylum in Russia.
December 10, 2013 -- Updated 1357 GMT (2157 HKT)
Spies with surveillance agencies in the U.S. and U.K. infiltrated video games like "World of Warcraft" in a hunt for terrorists "hiding in plain sight" online.
August 2, 2013 -- Updated 1139 GMT (1939 HKT)
Bradley Manning and Edward Snowden both held jobs that gave them access to some of their country's most secret and sensitive intelligence. They chose to share that material with the world and are now paying for it.
August 1, 2013 -- Updated 1435 GMT (2235 HKT)
The NSA's controversial intelligence-gathering programs have prevented 54 terrorist attacks around the world, including 13 in the United States.
August 1, 2013 -- Updated 1854 GMT (0254 HKT)
You've never heard of XKeyscore, but it definitely knows you. The National Security Agency's top-secret program essentially makes available everything you've ever done on the Internet.
August 18, 2013 -- Updated 1304 GMT (2104 HKT)
You may have never heard of Lavabit and Silent Circle. That's because they offered encrypted (secure) e-mail services, something most Americans have probably never thought about needing.
July 24, 2013 -- Updated 1854 GMT (0254 HKT)
"Any analyst at any time can target anyone. Any selector, anywhere ... I, sitting at my desk, certainly had the authorities to wiretap anyone."
July 2, 2013 -- Updated 1356 GMT (2156 HKT)
President Barack Obama responds to outrage by European leaders over revelations of alleged U.S. spying.
August 29, 2014 -- Updated 1954 GMT (0354 HKT)
Browse through a history of high-profile intelligence leaking cases.
July 2, 2013 -- Updated 1437 GMT (2237 HKT)
Former President George W. Bush talks Snowden, AIDS, Mandela and his legacy.
June 26, 2013 -- Updated 1304 GMT (2104 HKT)
Edward Snowden took a job with an NSA contractor in order to gather evidence about U.S. surveillance programs.
June 19, 2013 -- Updated 1047 GMT (1847 HKT)
With reports of NSA snooping, many people have started wondering about their personl internet security.
August 14, 2013 -- Updated 1352 GMT (2152 HKT)
Click through our gallery to learn about other major leaks and what happened in the aftermath.
June 9, 2013 -- Updated 2002 GMT (0402 HKT)
What really goes on inside America's most secretive agency? CNN's Chris Lawrence reports.
ADVERTISEMENT