Internal Audit: Despite Obama's Promises, NSA Breached Privacy

The National Security Agency has repeatedly violated privacy rules and overstepped its authority, an internal audit has revealed, despite vows from President Barack Obama to prevent abuses and protect Americans' civil rights.

The revelations cast fresh doubts on the Obama administration's reassurances that the NSA's electronic surveillance programs are tightly regulated and accountable to judicial review.

The Washington Post, citing NSA documents and an internal audit, reported the eavesdropping service had breached privacy restrictions thousands of times and in some cases withheld information from other government departments.

The Post report was based on documents leaked from Edward Snowden, the former NSA contractor who has exposed the massive scale of America's surveillance of phone records and Internet traffic in disclosures to the media.

Snowden, who has portrayed himself as a whistleblower for civil liberties, has obtained asylum in Russia, despite appeals from Washington for extradition on espionage charges.

Although the NSA tried to play down what it called its "mistakes," lawmakers vowed more hearings to learn the full extent of the privacy violations and rights advocates expressed outrage.

"I remain concerned that we are still not getting straightforward answers from the NSA," said Senate Judiciary Committee Chairman Patrick Leahy, who announced hearings for next week on the issue.

In a NSA audit dated May 2012, there were 2,776 "incidents" over the previous year in which the agency exceeded its authority in the collection, storage and distribution of communications, according to the Post. Most of the cases were unintentional but in at least one instance, the agency violated a court order.

"The number of 'compliance incidents' is jaw-dropping," said Jameel Jaffer, deputy legal director at the American Civil Liberties Union.

"The rules around government surveillance are so permissive that it is difficult to comprehend how the intelligence community could possibly have managed to violate them so often," Jaffer said.

The NSA did not deny the privacy violations but offered a more upbeat assessment, saying the agency had rigorous procedures to check for errors and that the mistakes were often due to technical glitches.

"NSA's foreign intelligence collection activities are continually audited and overseen internally and externally," the agency said in a statement.

"When we make a mistake in carrying out our foreign intelligence mission, we report the issue internally and to federal overseers and aggressively get to the bottom of it," it said.

Obama and other top officials have insisted that Americans' privacy rights have been safeguarded and that sweeping surveillance powers have not been abused as the intelligence agencies seek to track possible terror threats.

As recently as August 9, Obama said of the NSA: "I've taken steps to make sure that they have strong oversight by all three branches of government and clear safeguards to prevent abuse and protect the rights of the American people."

The Post also reported that the Foreign Intelligence Surveillance Court (FISC), which is supposed to oversee surveillance activities, lacks the tools to check on the spy agencies and must rely on the services themselves for any information on possible excesses.

"The FISC is forced to rely upon the accuracy of the information that is provided to the Court," the chief judge of the court, Reggie Walton, said in a written statement to the Post.

"The FISC does not have the capacity to investigate issues of non-compliance, and in that respect the FISC is in the same position as any other court when it comes to enforcing [government] compliance with its orders".

In some cases, the NSA was less than transparent and sometimes withheld details when reporting to the Justice Department and the Office of the National Intelligence Director, according to the Post report.

But John DeLong, the director of compliance at the NSA, said the agency was vigilant about any sign of a breach of privacy regulations and kept other government departments fully informed.

The NSA, in its statement to Agence France Presse and other news organizations, said the number of "incidents" in which privacy rules were violated has varied widely over a three-year period, ranging from 372 to 1,162 in any quarter.

New procedures or software could cause the errors as well as when foreign suspects' mobile phones are "roaming" into U.S. territory, it said.