Skip to main content

Simple typo led NSA to collect tons of extra US phone call data, secret audit shows

nsa typo phone call audit oops

A new bombshell report from the Washington Posttlkjd – whoops, had a bit of a typo there. Good thing I don’t work for the NSA, because when that happens, a whole lot of people accidentally have their privacy taken and jammed through a government-grade shredder. And by shredder, I mean a server where their once-private information is stored indefinitely.

That’s right, according to an internal National Security Agency audit (pdfleaked to the Washington Post by whistleblower Edward Snowden, a mis-entered area code resulted in the “unintended collection” of a “large number” of phone calls placed in the United States. And this is but one example out of thousands of instances in which the NSA broke “privacy rules or overstepped its legal authority” each year, for at least the past few years, according to the report.

“A notable example in 2008 was the interception of a ‘large number’ of calls placed from Washington when a programming error confused U.S. area code 202 for 20, the international dialing code for Egypt, according to a ‘quality assurance’ review that was not distributed to the NSA’s oversight staff,” writes Washington Post reporter Barton Gellman.

The author of a secret NSA memo from 2013 downplays the violation, saying, “The issue pertained to Metadata ONLY so there were no defects to report.” Because of this, it was “deemed irrelevant,” writes Gellman.

Among the 2,776 violations committed by the NSA Washington-area offices in 2012 – errors by all other NSA offices were not included in the report – “one in 10” were caused by typos. Other significant reasons for error include “insufficient or inaccurate research information,” failure to follow “standard operating procedure,” and an inability by NSA computer systems to accurately detect when a call from a foreign cell phone is placed within the United States.

In an effort to explain the thousands of errors by the NSA, an official within the agency explained to the Washington Post that, hey, we’re just a bunch of humans here. We screw up just like you!

“We’re a human-run agency operating in a complex environment with a number of different regulatory regimes, so at times we find ourselves on the wrong side of the line,” the official said.

That’s true, and totally understandable. Of course, one could argue that a “human-run agency” with tools so powerful that, when things go slightly wrong, a “large number” of unconstitutional call interceptions from Washington D.C. take place, perhaps they might add in a few more safeguards.

To be fair, typos are actually the least egregious of the violations, according to the audit. As Gellman reports, “the more serious lapses include unauthorized access to intercepted communications, the distribution of protected content and the use of automated systems without built-in safeguards to prevent unlawful surveillance.”

If more than 2,000 violations in a single year seems outlandish, the NSA has some news for you: It’s not … if you look at it the right way.

“You can look at it as a percentage of our total activity that occurs each day,” said an unnamed NSA official. “You look at a number in absolute terms that looks big, and when you look at it in relative terms, it looks a little different.”

Well, that’s reassuring. Don’t you think?

Editors' Recommendations