Billions of dollars in super-secret, extraordinarily complex equipment designed to intercept and store all kinds of communications — and some NSA analysts couldn’t resist using it to spy on their girlfriends.
National Security Agency officers on several occasions have channeled their agency’s enormous eavesdropping power to spy on love interests, U.S. officials said.
The practice isn’t frequent — one official estimated a handful of cases in the last decade — but it’s common enough to garner its own spycraft label: LOVEINT.
Spy agencies often refer to their various types of intelligence collection with the suffix of “INT,” such as “SIGINT” for collecting signals intelligence, or communications; and “HUMINT” for human intelligence, or spying.
The “LOVEINT” examples constitute most episodes of willful misconduct by NSA employees, officials said.
In the wake of revelations last week that NSA had violated privacy rules on nearly 3,000 occasions in a one-year period, NSA Chief Compliance Officer John DeLong emphasized in a conference call with reporters last week that those errors were unintentional. He did say that there have been “a couple” of willful violations in the past decade. He said he didn’t have the exact figures at the moment.
NSA said in a statement Friday that there have been “very rare” instances of willful violations of any kind in the past decade, and none have violated key surveillance laws. “NSA has zero tolerance for willful violations of the agency’s authorities” and responds “as appropriate.”
The LOVEINT violations involved overseas communications, officials said, such as spying on a partner or spouse. In each instance, the employee was punished either with an administrative action or termination.
Most of the incidents, officials said, were self-reported. Such admissions can arise, for example, when an employee takes a polygraph tests as part of a renewal of a security clearance.
It’s something of a relief to see that they may have actually fired someone for breaking the law. Previous revelations about NSA wrongdoing failed to include information about any disciplinary action against anyone for privacy violations. Given the fact that thousands of such violations occur on a yearly basis, it would be interesting to see what protocols are in place for disciplining the offenders.
The program’s defenders are assuring us that this proves the system “works” and that the safeguards in place are adequate to protect our liberties. I’m not so sure. Self-reporting of violations doesn’t prove anything as far as safeguarding our privacy. And just what constitutes “abuse” in the eyes of the NSA? If an analyst commits an unintentional violation, as occurred several thousand times a year according to the audit published in the Washington Post, the administration apparently doesn’t consider the transgression as “abuse” of the law:
The President, like a lot of people who work for him, has a very narrow definition of two key words in that passage. One is “abuse” and the other is “inappropriately.” As the government depicts it — and this is language it’s using that it does not, frankly, explain.
Abuse — the only kind of abuse that exists would be if, say, an NSA employee were to stalk his ex-wife or spy on movie stars or something of that nature. If they are performing the mission that the NSA wants them to perform, and nevertheless overstep their legal authority, make unauthorized interceptions or searches or retentions or sharing of secret information, that is not abuse, that’s a mistake.
As that post at Empty Wheel explains, the auditing methods of the NSA leave a lot to be desired. And it calls into question the procedures the NSA uses to catch violations in the first place. Is it still a “mistake” if the NSA illegally collects communications for a couple of years as they did with the email surveillance program that was eventually declared unconstitutional by the FISA court?
The concern isn’t with a few rogue, love-struck individuals who are insanely jealous and use NSA equipment inappropriately to snoop on their lovers. The problem is with analysts who make “mistakes” that no self-reporting mechanism is adequate and no audit can catch, thus, violating the privacy of thousands of Americans where no one is any the wiser.
It’s what we can’t see that’s a threat. And that should worry all of us.