Newly
Declassified Memos Detail Improper Obama-era NSA
Spying
By John
Solomon
July
27, 2017 "Information
Clearing House"
- The National Security Agency and FBI violated
specific civil liberty protections during the
Obama administration by improperly searching and
disseminating raw intelligence on Americans or
failing to promptly delete unauthorized
intercepts, according to newly declassified
memos that provide some of the richest detail to
date on the spy agencies’ ability to obey their
own rules.
The
memos reviewed by The Hill were publicly
released on July 11 through Freedom of
Information Act litigation by the American Civil
Liberties Union.
They
detail specific violations that the NSA or FBI
disclosed to the Foreign Intelligence
Surveillance Court or the Justice Department's
national security division during President
Obama’s tenure between 2009 and 2016. The
intelligence community isn't due to report on
compliance issues for 2017, the first year under
the Trump administration, until next spring.
The NSA
says that the missteps amount to a small number
— less than 1 percent — when compared to the
hundreds of thousands of specific phone numbers
and email addresses the agencies intercepted
through the so-called Section 702 warrantless
spying program created by Congress in late 2008.
“Quite
simply, a compliance program that never finds an
incident is not a robust compliance program,”
said Michael Halbig, the NSA’s chief spokesman.
“The National Security Agency has in place a
strong compliance program that identifies
incidents, reports them to external overseers,
and then develops appropriate solutions to
remedy any incidents.”
But
critics say the memos undercut the intelligence
community’s claim that it has robust protections
for Americans incidentally intercepted under the
program.
“Americans should be alarmed that
the NSA is vacuuming up their emails and phone
calls without a warrant,” said
Patrick Toomey,
an ACLU staff attorney in New York who helped
pursue the FOIA litigation. “The NSA claims it
has rules to protect our privacy, but it turns
out those rules are weak, full of loopholes,
and violated again and again.”
Section
702 empowers the NSA to spy on foreign powers
and to retain and use certain intercepted data
that was incidentally collected on Americans
under strict privacy protections. Wrongly
collected information is supposed to be
immediately destroyed.
The
Hill reviewed the new ACLU documents as well as
compliance memos released by the NSA inspector
general and identified more than 90 incidents
where violations specifically cited an impact on
Americans. Many incidents involved multiple
persons, multiple violations or extended periods
of time.
For
instance, the government admitted improperly
searching the NSA’s foreign intercept data on
multiple occasions, including one instance in
which an analyst ran the same search query about
an American “every work day” for a period
between 2013 and 2014.
There
also were several instances in which Americans’
unmasked names were improperly shared inside the
intelligence community without being redacted, a
violation of the so-called minimization
procedures that Obama loosened in 2011 that are
supposed to protect Americans' identity from
disclosure when they are intercepted without a
warrant. Numerous times improperly unmasked
information about Americans had to be recalled
and purged after the fact, the memos stated.
“CIA
and FBI received unminimized data from many
Section 702-tasked facilities and at times are
thus required to conduct similar purges,” one
report noted.
“NSA issued a report which included the name of
a United States person whose identity was not
foreign intelligence,” said one typical incident
report from 2015, which said the NSA eventually
discovered the error and “recalled” the
information.
Likewise, the FBI disclosed three instances
between December 2013 and February 2014 of
“improper disseminations of U.S. persons
identities.”
The NSA also admitted it was slow in some cases
to notify fellow intelligence agencies when it
wrongly disseminated information about
Americans. The law requires a notification within
five days, but some took as long as 131
business days and the average was 19 days, the
memos show.
U.S.
intelligence officials directly familiar with
the violations told The Hill that the memos
confirm that the intelligence agencies have
routinely policed, fixed and self-disclosed to
the nation's intelligence court thousands of
minor procedural and more serious privacy
infractions that have impacted both Americans
and foreigners alike since the warrantless
spying program was created by Congress in late
2008.
Alexander Joel, who leads the Office of Civil
Liberties, Privacy and Transparency under the
director of national intelligence, said the
documents chronicle episodes that have been
reported to Congress and the Foreign
Intelligence Surveillance Court for years in
real time and are a tribute to the multiple
layers of oversight inside the intelligence
community.
“We
take every compliance incident very seriously
and continually strive to improve compliance
through our oversight regime and as evidence by
our reporting requirements to the FISC and
Congress,” he told The Hill. “That said, we
believe that, particularly when compared with
the overall level of activity, the compliance
incident rate is very low.”
The FBI said it believes it has
adequate oversight to protect
Americans' privacy, while signaling
it will be pushing Congress hard
this fall to renew the Section 702
law before it expires.
"The
FBI’s mission is to protect the American people
and uphold the Constitution of the United
States," the bureau said in a statement to The
Hill. "When Congress enacted Section 702, it
built in comprehensive oversight and compliance
procedures that involve all three branches of
government. These procedures are robust and
effective in identifying compliance incidents.
The documents released on July 11, 2017 clearly
show the FBI’s extensive efforts to follow the
law, and to identify, report, and remedy
compliance matters.
"Section 702 is vital to the safety and security
of the American people. It is one of the most
valuable tools the Intelligence Community has,
and therefore, is used with the utmost care by
the men and women of the FBI so as to not
jeopardize future utility. As such, we
continually evaluate our internal policies and
procedures to further reduce the number of these
compliance matters."
The new
documents show that the NSA has, on occasion,
exempted itself from its legal obligation to
destroy all domestic communications that were
improperly intercepted.
No
Advertising
- No
Government
Grants
-
This
Is
Independent
Media
|
Under
the law, the NSA is supposed to destroy any
intercept if it determines the data was
domestically gathered, meaning someone was
intercepted on U.S. soil without a warrant when
the agency thought they were still overseas. The
NSA, however, has said previously it created
“destruction waivers” to keep such intercepts in
certain cases.
The new
documents confirm the NSA has in fact issued
such waivers and that it uncovered in 2012 a
significant violation in which the waivers were
improperly used and the infraction was slow to
be reported to the court.
“In
light of related filings being presented to the
Court at the same time this incident was
discovered and the significance of the incident,
DOJ should have reported this incident under the
our immediate notification process,”
then-Assistant Attorney General Lisa Monaco
wrote the FISA court in Aug. 28, 2012, about the
episode, according to one memo released through
FOIA.
The NSA declined to say how often destruction
waivers are given. But Joel, of the Office of
the Director of National Intelligence, said the
Foreign Intelligence Surveillance Court has
supervised such waivers and affirmed they are
“consistent with the Fourth Amendment of the
Constitution and the statutory requirements of
Section 702.”
Other
violations cited in the memos:
-
Numerous “overcollection incidents” in
which the NSA gathered information about
foreigners or Americans it wasn’t entitled
to intercept
-
“Isolated instances in which NSA may not
have complied with the documentation
requests” justifying intercepts or searches
of intercepted data.
-
The misuse of “overly broad” queries or
specific U.S. person terms to search through
NSA data.
-
Failures to timely purge NSA databases of
improperly collected intelligence, such as a
2014 incident in which “NSA reported a gap
in its purge discovery processes.”
In
annual and quarterly compliance reports that
have been released in recent years, U.S.
intelligence agencies have estimated the number
of Section 702 violations has averaged between
0.3 percent and 0.6 percent of the total number
of “taskings.” A tasking is an intelligence term
that reflects a request to intercept a specific
phone number or email address.
The NSA
now targets more than 100,000 individuals a year
under Section 702 for foreign spying, and some
individual targets get multiple taskings,
officials said.
“The
actual number of compliance incidents remains
classified but from the publicly available data
it is irrefutable that the number is in the
thousands since Section 702 was fully
implemented by 2009,” said a senior U.S.
official with direct knowledge, who spoke only
on condition of anonymity.
The
increasing transparency on Section 702
violations is having an impact on both critics
and supporters of a law that is up for renewal
in Congress at the end of this year. Of concern
are the instances in which Americans’ data is
incidentally collected and then misused.
Retired
House Intelligence Committee Chairman Pete
Hoekstra, a Republican who strongly supported
the NSA warrantless spying program when it
started under President George W. Bush, said he
now fears it has now become too big and
intrusive.
“If I
were still in Congress today, I might vote with
the people today to shut the program down or
curtail it,” Hoekstra, who has been tapped by
Trump to be ambassador to the Netherlands, said
in an interview.
“One
percent or less sounds great, but the truth is
1 percent of my credit card charges don’t come
back wrong every month. And in my mind one
percent is pretty sloppy when it can impact
Americans’ privacy.”
This
article was first published by
The Hill
-
The
views expressed in this article are solely those
of the author and do not necessarily reflect the
opinions of Information Clearing House.