Contrary to the assurances made by the Obama administration only one week ago, a “Top Secret” 2012 National Security Agency (NSA) report leaked by former NSA analyst Edward Snowden admits not only that the agency routinely violates federal law and its own rules, but also that the agency has been actively covering up its misdeeds from Congress and the Foreign Intelligence Surveillance Court.

According to the report, which was the result of an internal NSA audit of its domestic spying, the agency has broken the law or privacy rules thousands of times a year since 2008, when Congress passed the FISA Amendments Act to allow the NSA to expand its data collection efforts. Dated May 2012, the audit counted 2,776 incidents over the preceding 12 months—but includes only incidents at NSA’s Ft. Meade headquarters and other Washington-area facilities. Government officials privately admit that the real number, including all of NSA, would be much higher.

According to NSA, most violations were unintentional, arising from lack of due diligence or failure to follow standard operating procedure. But more serious misdeeds also occurred, including unauthorized access to intercepted communications, distribution of protected content and the use of automated systems without safeguards to prevent unlawful surveillance. In one case that occurred in February 2012, NSA violated a FISA Court order by retaining more than 3,000 files on Americans and lawful green-card holders.

The most egregious violation appears to have occurred in 2011, when NSA began diverting large amounts of international data passing through fiber-optic cables in the U.S. to a repository for storage and analysis. Although the data commingled U.S. and foreign emails, NSA waited several months—which the law says it may not do—before informing the FISA court of the operation. Informed that the agency could not practicably filter out the communications of Americans, the FISA court ruled that the program was “deficient on statutory and constitutional grounds,” and ordered NSA to fix or stop the program.

Despite insisting that his administration intends to bring transparency to the NSA spying programs, President Barack Obama has directed the Justice Department to fight a legal battle to keep the FISA court’s opinion secret.

That underscores perhaps the most troubling aspect of the revelations contained in the NSA Audit Report: the apparent existence of a culture of coverup at NSA that seeks to institutionalize and routinize the use of deception on Congress, the FISA Court and the American people.

One training document, for example, instructs NSA analysts to fill out oversight forms without giving “extraneous information” to “our F[ISA] A[mendment] A[ct] overseers,” meaning Congress, the Justice Department and the FISA court. Thus the “Target Analyst Rationale Instructions” urge NSA employees to replace actual details with generic descriptions of the evidence and analysis underlying their decisions.

Another document belies what has become a popular defense of a statement made by NSA Director Keith B. Alexander last year that “we don’t hold data on U.S. citizens.” Speaking anonymously, some administration officials have claimed that Alexander was technically telling the truth, because the NSA definition of “data” does not include “metadata.” However, the agency’s authoritative definition of data is quoted in the report, and includes “unevaluated and/or unminimized transcripts, gists, facsimiles, telex, voice, and some forms of computer-generated data, such as call event records and other Digital Network Intelligence (DNI) metadata as well as DNI message text.” (emphasis added.)

-Matt Bewig

To Learn More:

NSA Broke Privacy Rules Thousands of Times per Year, Audit Finds (by Barton Gellman, Washington Post)

NSA Report on Privacy Violations

NSA Revelations of Privacy Breaches 'the Tip of the Iceberg' – Senate Duo (by Spencer Ackerman, The Guardian)

NSA Broke Privacy Rules Thousands of Times, Contrary to Official Claims (by Kim Zetter, Wired)