Friday, August 16, 2013

Are 2,776 incidents too many?

The Snowden reports continue.  The Washington Post has revealed the result of an internal audit conducted by NSA in May 2012 of the previous 12 months of activities at its offices in the DC area.  The audit found 2,776 incidents of unauthorized collection, storage, access to or distribution of legally protected communications. If it had audited all of its offices, I'm sure that there would have been a lot more.  

But the NSA is run by humans and uses devices and software made by humans.  Ergo, it will screw up. So, do we believe a NSA person who says,“You can look at it as a percentage of our total activity that occurs each day. You look at a number in absolute terms that looks big, and when you look at it in relative terms, it looks a little different.”?  Or, do we think that maybe the NSA has overstepped its boundaries?

Yes, 10% of the incidents were due to typos.  Some were failures of due diligence or violations of standard operating procedure.  Some violated a court order or did not have authorized use of data about more than 3,000 Americans and green-card holders. And at least one violated the Fourth Amendment, which prohibits unreasonable searches and seizures.

It looks to me that not all of these incidents could be attributed to the normal screw-ups made by humans.  Clearly, management was at fault in the matters of due diligence and violating SOP.  I would doubt that lower management would be so stupid as to violate court orders or the Constitution. But, NSA did these things.  Would we have known if Snowden had not opened the curtain?

How transparent is our government?  Maybe we should ask Winston Smith?

No comments: