By KIMBERLY DOZIER, Associated Press
WASHINGTON (AP) — New revelations from leaker Edward Snowden that the National Security Agency has overstepped its authority thousands of times since 2008 are stirring renewed calls on Capitol Hill for serious changes to NSA spy programs, undermining White House hopes that President Barack Obama had quieted the controversy with his assurances of oversight.
An internal audit provided by Snowden to The Washington Post shows the agency has repeatedly broken privacy rules or exceeded its legal authority every year since Congress granted it broad new powers in 2008.
In one of the documents, agency personnel are instructed to remove details and substitute more generic language in reports to the Justice Department and the Office of the Director of National Intelligence — reports used as the basis for informing Congress.
Senior lawmakers said they had been unaware of the audit until they read the news on Friday.
Senate Judiciary Committee chairman Patrick Leahy announced he would hold hearings into the revelations.
"I remain concerned that we are still not getting straightforward answers from the NSA," the Vermont Democrat said in a statement.
Said Rep Mike Thompson of California, a member of the House Intelligence Committee: "Reports that the NSA repeatedly overstepped its legal boundaries, broke privacy regulations and attempted to shield required disclosure of violations are outrageous, inappropriate and must be addressed."
Obama has repeatedly said that Congress was thoroughly briefed on the programs revealed by Snowden in June. The two that were described then vacuum up vast amounts of metadata — such as telephone numbers called and called from, the time and duration of calls — from most Americans' phone records, and scoop up global Internet usage data.
Proposed legislation to dismantle the programs was narrowly defeated last month in the House, and at least 19 other pending bills are aimed at restraining NSA's powers or changing how the agency is regulated, according to a count kept by the ACLU. The July legislative effort brought together Libertarian-leaning conservatives and liberal Democrats who pressed for change against congressional leaders and lawmakers focused on security.
House Democratic leader Nancy Pelosi, who generally supports the programs, said in a statement Friday that the new revelations "are extremely disturbing."
A week ago, Obama sought to soothe concerns by promising to consider reforms to NSA surveillance.
"It's not enough for me to have confidence in these programs," he said at a White House news conference. "The American people have to have confidence in them as well."
He announced changes such as convening an outside advisory panel to review U.S. surveillance powers, although it is unclear how that would differ from the existing U.S. Privacy and Civil Liberties Oversight Board, mandated by Congress to monitor surveillance and constitutional concerns. Obama also said the NSA would hire a privacy officer — though the NSA already has a compliance office. None of those measures would seem likely to stop the kind of inadvertent collection of information that was described in the NSA audit.
Most of the infractions revealed late Thursday involve unauthorized surveillance of Americans or foreign intelligence targets in the United States, both of which are restricted by law and executive order, according to the May 3, 2012 audit, and other top-secret documents.
The May audit counted 2,776 incidents in the preceding 12 months of unauthorized collection, storage, access to or distribution of legally protected communications. Most were reported to be unintended, and many involved failures to take sufficient care or violations of standard operating procedure. They ranged from significant violations of law to typographical errors that resulted in unintended interceptions of U.S. emails and telephone calls.
The most serious incidents included a violation of a court order and unauthorized use of data about more than 3,000 Americans and green-card holders.
In the typographical error category, the Post cited a 2008 example of the collection of a "large number" of phone records from Washington, D.C., when a programming error confused the District of Columbia area code 202 for 20-2, the international dialing code for Cairo, according to a quality assurance review that was not distributed to the NSA's oversight staff.