George Ellard

If NSA Commits Database Query Violations, But Nobody Audits Them, Do They Really Happen?

Barton Gellman, at the beginning of the worthwhile video above, addresses something I addressed here: the only way the government can claim they haven’t “abused” the rules governing NSA activities is by treating all abuse done in the name of the mission as a mistake.

The President, like a lot of people who work for him, has a very narrow definition of two key words in that passage. One is “abuse” and the other is “inappropriately.” As the government depicts it — and this is language it’s using that it does not, frankly, explain.

Abuse — the only kind of abuse that exists would be if, say, an NSA employee were to stalk his ex-wife or spy on movie stars or something of that nature. If they are performing the mission that the NSA wants them to perform, and nevertheless overstep their legal authority, make unauthorized interceptions or searches or retentions or sharing of secret information, that is not abuse, that’s a mistake.

That’s how they get to pretend the 9% to 20% of violations in which a person does not follow the rules seemingly intentionally (these are distinct from human error and training violations) does not constitute an abuse.

With that in mind, I wanted to look more closely at what the audit report says about how errors are found, as shown primarily in this figure:

Screen shot 2013-08-20 at 10.21.25 AM

That looks pretty good on the face, with 64% of all violations found via automated alert, plus a few more — data flow analysis and traffic scanning — that involve technological review.

But this detail on the roamer problem (in which valid foreign targets continue to be targeted when they travel to the US) explains what that’s not all that impressive.  Continue reading

Emptywheel Twitterverse
bmaz RT @DVNJr: The shocking human toll of #FIFA’s corruption: http://t.co/uYkpDQTjvl http://t.co/RHihVjzBve
45mreplyretweetfavorite
bmaz RT @NYTBen: Jolani: "There is no such thing as the Khorasan group. This is something we only heard about from the Americans."
1hreplyretweetfavorite
bmaz Live by the Beard, die by the Beard
5hreplyretweetfavorite
bmaz Things people say when you are circling down the toilet into the Sepptic tank: https://t.co/lpfKLjhvXp
5hreplyretweetfavorite
bmaz @nbilka @CNN Oh crikey, don't set standards I am on the far side of the sun from.
5hreplyretweetfavorite
JimWhiteGNV Still a number of emergency vehicles at site of San Diego Fish Market fire as sun sets. News says everyone is ok. http://t.co/W6Hhac27ii
5hreplyretweetfavorite
bmaz @nbilka Brilliant of Ficker to have gone on @CNN to yak about the former client then. [I may need to hari kari now...]
5hreplyretweetfavorite
bmaz @nbilka Heh, "vouching for your client". Cause, you know, there are no stop signs that come attendant to that idea.
5hreplyretweetfavorite
bmaz @nbilka I mean, if the best you can do is make people ask what form of dope you are, you ought not have gone in front of media #MediaRuleOne
5hreplyretweetfavorite
bmaz @nbilka Yes, apparently may have been. Irrespective, that was a clown job making that media appearance. Jeebus.
5hreplyretweetfavorite
emptywheel @joshua_eaton They've said they were updating their systems. That's not nec storage, 215 part of whole. @AliWatkins
6hreplyretweetfavorite
emptywheel @joshua_eaton Remember, 215 was only ever a fraction of the metadata they get, which is less storage than content bulk. @AliWatkins
6hreplyretweetfavorite
May 2015
S M T W T F S
« Apr    
 12
3456789
10111213141516
17181920212223
24252627282930
31