Story by the Associated Press, curated by Jason Howerton.
WASHINGTON (AP) -- The National Security Agency has broken privacy rules or overstepped its legal authority thousands of times each year since Congress granted the agency broad new powers in 2008, The Washington Post reported Thursday.
Most of the infractions involve unauthorized surveillance of Americans or foreign intelligence targets in the United States, both of which are restricted by law and executive order. They range from significant violations of law to typographical errors that resulted in unintended interception of U.S. emails and telephone calls, the Post said, citing an internal audit and other top-secret documents provided it earlier this summer from NSA leaker Edward Snowden, a former systems analyst with the agency.
A sign stands outside the National Security Administration (NSA) campus on Thursday, June 6, 2013, in Fort Meade, Md. Credit: AP
In this image provided by Human Rights Watch, NSA leaker Edward Snowden, center, attends a news conference at Moscow's Sheremetyevo Airport with Sarah Harrison of WikiLeaks, left, Friday, July 12, 2013. Credit: AP
In one of the documents, agency personnel are instructed to remove details and substitute more generic language in reports to the Justice Department and the Office of the Director of National Intelligence.
The Post cited a 2008 example of the interception of a "large number" of calls placed from Washington when a programming error confused U.S. area code 202 for 20, the international dialing code for Egypt, according to a "quality assurance" review that was not distributed to the NSA's oversight staff.
In another case, the Foreign Intelligence Surveillance Court, which has authority over some NSA operations, did not learn about a new collection method until it had been in operation for many months. The court ruled it unconstitutional.
NEW YORK, NY - AUGUST 08: General Keith B. Alexander, Director of the National Security Agency (NSA) and Commander of U.S. Cyber Command, attends the International Conference on Cyber Security (ICCS) on August 8, 2013 in New York City. The ICCS, which is co-hosted by Fordham University and the FBI, is held every 18 months; more than 25 countries are represented at this year's conference. Credit: Getty Images
The NSA audit obtained by the Post dated May 2012, counted 2,776 incidents in the preceding 12 months of unauthorized collection, storage, access to or distribution of legally protected communications. Most were unintended. Many involved failures of due diligence or violations of standard operating procedure. The most serious incidents included a violation of a court order and unauthorized use of data about more than 3,000 Americans and green-card holders.
In a statement to the newspaper, the NSA said it attempts to identify problems "at the earliest possible moment, implement mitigation measures wherever possible and drive the numbers down."
"We're a human-run agency operating in a complex environment with a number of different regulatory regimes, so at times we find ourselves on the wrong side of the line," a senior NSA official said in an interview, speaking to the newspaper with White House permission on the condition of anonymity.