Key Loophole Allows NSA To Avoid Telling Congress About Thousands Of Abuses

from the oversight! dept

Possibility of 1000s of NSA violations unacceptable. Many intel comm members unaware of this report. In fact, we have been told no abuses. — Jim Himes (@jahimes) August 16, 2013

Since the focus of oversight efforts has been on FISA compliance, NSA gives Congress detailed narratives of violations of the FISA-authorized data sets, like when metadata about American phone records was stored too long, when a wrong set of records was searched by an analyst or when names or “selectors” not previously cleared by FISA were used to acquire information from the databases. In these cases, the NSA’s compliance staff sends incident reports to the Senate Select Committee on Intelligence and the House Permanent Select Committee on Intelligence for each “significant” FISA violation, and those reports include “significant details,” the official said.



But privacy violations of this sort comprise just one third of those analyzed by the inspector general. Of the 2,776 violations reported by the NSA from May 2011 to May 2012, more than two-thirds were counted as E.O. 12333 incidents. And the agency doesn’t provide Congress detailed reports on E.O. 12333 violations.

In some ways, it’s a distinction without a difference: it does not matter to U.S. citizens whether their phone call was accidentally intercepted by an analyst focusing on U.S.-based activities or those involving a foreign country. But the difference is relevant as it keeps Congress uninformed and unable to perform its oversight duties because the NSA doesn’t provide the intelligence committees with a detailed narrative about the latter type of transgressions.



For example, if someone’s e-mails were inadvertently obtained by the NSA’s International Transit Switch Collection programs, it would count as 12333 error and not a FISA error, even though the data was taken from U.S. communication gateways, and NSA would not notify Congress.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community. Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis. While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

As we've noted, one of the key claims by NSA surveillance defenders was that the program had strong oversight from Congress. However, with the revelations last week about thousands of abuses, it's become quite clear that this isn't true. Late on Friday, Rep. Jim Himes, who is, claimed that he wasof those violations, was told that there were "no abuses" and that these kinds of abuses are unacceptable Remember, this isn't just a Congressional Rep, but a member of the Intelligence Committee, who is in charge of overseeing the NSA surveillance program. Hell, he's even on the oversight subcommittee , and no one told him aboutabuses, despitehappening per year. That's astounding, and highlights how the claims of Congressional oversight are clearly bogus. Furthermore, it makes a mockery of the statement that House Intelligence Committee chair Mike Rogers put out on Friday, claiming that "The Committee has been apprised of previous incidents." Himes says that's completely untrue.How is this happening? Marc Ambinder explains the "loophole" that the NSA has used to avoid telling Congress about these abuses. It's a bit convoluted, but basically, the NSA believes that Congressional oversightcovers spying done-- the law that covers any spying done on Americans, for which a court order is needed. FISA doesn't cover spying on non-US persons (i.e., foreigners who are outside the country at the time of surveillance). And that's where some of the abuses came in, and the NSA believes that since those aren't "FISA" related, and Congress is only overseeing "FISA," they don't have to report those mistakes.Now, you can argue these are very different circumstances, but Ambinder points out that's not really true in many cases:So, basically, any "error" that involves spying on Americans doesn't "count" as an abuse, as far as the NSA tells Congress (who keep claiming they're in charge of oversight), because they "obtained" it outside the US, and the "error" is considered outside of FISA. That's a pretty massive loophole through which the NSA can hide its abuse of programs from Congress.

Filed Under: abuses, congress, foreign intelligence, house intelligence committee, jim himes, loopholes, nsa, nsa surveillance, oversight, violations