Leaked audit reveals NSA broke its own privacy rules thousands of times per year

16 Aug 2013

An internal audit reveals that the US National Security Agency (NSA) broke its own privacy rules thousands of times a year in terms of records that shouldn’t have been scanned by its own systems.

According to documents obtained by The Washington Post, most of the infractions involved unauthorised surveillance of Americans or foreign intelligence targets in the US, which are restricted by law.

The documents were among those handed over to the newspaper by the rogue NSA contractor Edward Snowden, now living at a secret location in Russia, who caused a storm of controversy after revealing the existence of a system called PRISM, which allegedly gives agencies like the NSA unprecedented access to servers of popular internet services like Google, Microsoft, Facebook and others.

The audit documents counted 2,776 incidents between May 2011 and May 2012, including unauthorised collection, storage, access and distribution of legally protected communications, the newspaper reported.

The violations range from significant violations of law to typographical errors that resulted in unintended scanning or interception of US emails and phone calls.

The violations appear to have occurred since the US Congress granted the agency broad new powers in 2008.

Cyber spy image via Shutterstock

John Kennedy is a journalist who served as editor of Silicon Republic for 17 years

editorial@siliconrepublic.com