A few hours before Christmas Eve, the National Security Agency released more than a decades worth of damning reports on its website. The reports, which had been submitted by the NSA to the Presidents Intelligence Oversight Board from 2001 to 2013, purport to cover any activity that could be considered unlawful or contrary to government policy. They included incidents in which individual employees abused their security clearances to target a current or former romantic partner as well as dozens of breaches that resulted from overly broad database queries, along with a lack of rigor in determining whether a foreign intelligence target had entered the United States or held US citizenship or permanent resident status. There were also numerous breaches related to poor data security.

In the documents, which were released in response to a FOIA lawsuit brought by the ACLU, NSA analysts are revealed to be all-too-human bumblers, mistakenly searching on their own information, improperly using colleagues credentials, sending highly classified information to the wrong printer, and mistyping email addresses.

There is no evidence in the reports of systematic lawbreakingnot a surprise considering the reports author. Instead, the NSA attributes most of its lapses to unintentional human error or technical mistakes. In a handful of cases, the agency points out, investigations have led to discipline or administrative action. Even so, the reports raise serious questions about the NSAs ability to protect the vast amount of personal data that is vacuumed up by its surveillance apparatus.

Courtesy: Cory Grenier

I became interested in the NSA spying program almost a decade ago when I learned about a large order AT&T had placed for Narus Semantic Traffic Analyzers. The equipment made it possible to inspect Internet traffic in real time, which made it a great tool for spying. A source had told me that the analyzers had been deployed in secret rooms around the country on behalf of the NSA. I looked into the story, but ultimately my editors chose not to pursue it. Even if I could prove it, they werent sure anyone would be interested in the specific details of how telecoms like AT&T were cooperating with the NSA. It was an era of limited newsroom resources, and we had other stories to pursue.

There was also a key question that I wasnt sure I could answer even if I confirmed my tip. Had any Americans been hurt by NSA spying? This is a concern that comes up again and again. Its raised by judges presiding over lawsuits brought by public advocates and civil libertarians. The lack of an affirmative answer is used to justify ongoing surveillance.

Yet, we still dont know if any individual has been hurt or what potential exists for someone to be hurt in the future. A lot depends on what the NSA does with information it collects on those it refers to as US Persons, or USPs, and most of that information is withheld from the public. The NSA claims it takes great pains to comply with the U.S. Constitution, as well as U.S. laws and regulations. The Christmas Eve reports are interesting because they showed where the agency, in its own opinion, has fallen short.

The agencys reports, which emphasize incidents in which US persons were improperly targeted, dont appear at first to correlate with a cache of 160,000 intercepted communications that the Washington Post obtained via Edward Snowden. The Post reporters claimed ordinary Internet users, American and non-American alike, far outnumber legally targeted foreigners in the communications intercepted by theNational Security Agency. The story, published in July, raised new questions about the collateral harm to privacy from NSA surveillance.

See the article here:

Highlights From Newly Released NSA Oversight Reports Reveal Bumbling Ineptitude But No Evidence Of Systemic Abuse