George Ellard

If NSA Commits Database Query Violations, But Nobody Audits Them, Do They Really Happen?

Barton Gellman, at the beginning of the worthwhile video above, addresses something I addressed here: the only way the government can claim they haven’t “abused” the rules governing NSA activities is by treating all abuse done in the name of the mission as a mistake.

The President, like a lot of people who work for him, has a very narrow definition of two key words in that passage. One is “abuse” and the other is “inappropriately.” As the government depicts it — and this is language it’s using that it does not, frankly, explain.

Abuse — the only kind of abuse that exists would be if, say, an NSA employee were to stalk his ex-wife or spy on movie stars or something of that nature. If they are performing the mission that the NSA wants them to perform, and nevertheless overstep their legal authority, make unauthorized interceptions or searches or retentions or sharing of secret information, that is not abuse, that’s a mistake.

That’s how they get to pretend the 9% to 20% of violations in which a person does not follow the rules seemingly intentionally (these are distinct from human error and training violations) does not constitute an abuse.

With that in mind, I wanted to look more closely at what the audit report says about how errors are found, as shown primarily in this figure:

Screen shot 2013-08-20 at 10.21.25 AM

That looks pretty good on the face, with 64% of all violations found via automated alert, plus a few more — data flow analysis and traffic scanning — that involve technological review.

But this detail on the roamer problem (in which valid foreign targets continue to be targeted when they travel to the US) explains what that’s not all that impressive.  Continue reading

Emptywheel Twitterverse
JimWhiteGNV RT @GainesvilleSun: City may vote Thursday to avoid buying mountaintop coal http://t.co/GloyjL9lL7
17mreplyretweetfavorite
JimWhiteGNV So ready for Jeter to finally just go away.
23mreplyretweetfavorite
JimWhiteGNV @cocktailhag Pretty sure it takes both Viagra AND a war for those old codgers to get it going.
27mreplyretweetfavorite
emptywheel @normative Maybe not. But Yahoo's 3/12/08 is actually earlier than what filings show. @ramez
36mreplyretweetfavorite
emptywheel @normative I do suspect Sprint learned abt Verizon reluctance on dragnet issues in 2009; not sure how. @ramez
45mreplyretweetfavorite
emptywheel @normative No other provider complied until the declassification in 2009 (MSFT already had) @ramez
46mreplyretweetfavorite
JimWhiteGNV RT @cocktailhag: “@JimWhiteGNV: The NFL is on a mission to degrade and destroy the #NFL.” Put rich a-holes in charge of anything and looti…
46mreplyretweetfavorite
emptywheel @ramez And, of course, in secret. Where they couldn't be claimed to serve a deterrent function.
54mreplyretweetfavorite
emptywheel @dgalinko of course! moderate is all relative.
55mreplyretweetfavorite
emptywheel @dgalinko US revolutionary war. French Resistance.
1hreplyretweetfavorite
emptywheel @dgalinko Shit. That's a tough one. I think Ford is defining moderate Syrian rebel in such a way that they might be real, but not moderate.
1hreplyretweetfavorite
emptywheel @JuliaAngwin That's why it's so easy for NSA to spy on hotel travel.
2hreplyretweetfavorite
September 2014
S M T W T F S
« Aug    
 123456
78910111213
14151617181920
21222324252627
282930