Nearly 3,000 violations of Americans’ privacy, mentioned in the National Security Agency’s internal audit recently leaked by former contractor Edward Snowden, weren’t “willful” and are results of mistakes by employees, the agency claimed.
The NSA’s director of compliance, John DeLong, has held a conference call with reporters Friday as the agency has made the most direct effort to counter concern over its spying activities since its classified documents began appearing in the press.
“NSA has a zero tolerance policy for willful misconduct,” DeLong is cited as saying by the Wall Street Journal. “None of the incidents that were in the document released were willful.”
However, he admitted that there was “a couple” of willful privacy violations during the past 10 years, but didn’t provide any details of those incidents.
According to DeLong, the NSA had about a 0.0005 percent error rate, with roughly 100 mistakes out of 20 million queries a month.
“No one at NSA thinks a mistake is OK, but those kinds of reports are designed and generated to make sure we understand when mistakes occur,” DeLong said.
The explanations followed the publication of Snowden-leaked NSA’s internal audit report on privacy violations in The Washington Post on Thursday.
That document analyzed the different types of violations of policy or law for the year ended March 2012. The majority of the 2,776 breaches came from cases when the NSA continued monitoring foreigners through their cellphone use after they already left the United States.
The audit report said such violations were “largely unpreventable,” attributing the wave of “roamer” incidents to an increase in Chinese citizens visiting their American friends for Chinese New Year celebrations.
The document also speaks of one episode of mishandling telephone data as the NSA found out of more than 3,000 records being retained past their five-year expiration date.
DeLong claimed that the call records were deleted right after they were discovered, and that they hadn’t been reviewed by the agency’s analysts.
Another “significant incident,” mentioned in the audit, occurred when an individual remained under surveillance even after obtaining a US Green Card, without the NSA having an individualized warrant to continue its spying activities on the person.
Improper granting of access to a sensitive database was also among the breaches documented in the internal audit.
The Washington Post reported a separate problem, when the NSA said that it had collected data on a “large number” of phone numbers in Washington DC because the system was incorrectly set to the 202 area code instead of the 20 country code, which is Egypt.
Another document the paper published revealed a serious constitutional violation by the agency as it established a collection program for ‘Multiple Communications Transactions,’ which was deemed “deficient on statutory and constitutional grounds” by the Foreign Intelligence Surveillance Court.
NSA’s director of compliance said that he couldn’t describe the scope of that violation on the issue, but once again repeated that it “wasn’t willful.” The collection later resumed under new court-approved procedures, he added.