On Aug. 27, Sen. Chuck Grassley (R-Iowa), the ranking memberÂ of the Senate Judiciary Committee, sent a letter toÂ Â the Inspector General of the National Security Agency seeking information about whether the Inspector General’sÂ Â office “[had] documented instances in which NSA personnel intentionally and willfully abused their surveillance authorities.” Grassley sought the information amid the privacy and civil liberties questions surroundingÂ the NSA domestic spying scandal.Â Grassley has released the response letter (original pdf; archive pdf), which is dated Sept. 11, 2013. The letter states: “Since 1 January 2003, there have been 12 substantiated instances of intentional misuse of the signals intelligence (SIGINT) authorities of the Director of the National Security Agency. The NSA Office of the Inspector General (OIG) currently has two open investigations into alleged misuse of SIGINT and is reviewing one allegation for possible investigation.” SIGINT’s dedicated purpose is to spy on foreign individuals for U.S. national security investigations.
Weâ€™ve talked before about the problems that arise when insiders abuse or misuse their access privileges to individualsâ€™ data and violate the individualsâ€™ privacy rights. Such cases have occurred in: Minnesota,Â where 104 officers from 18 agenciesÂ in the state accessed one womanâ€™s â€œdriverâ€™s license record 425 times in what could be one of the largest private data breaches by law enforcement in historyâ€; Tucson, Ariz.,Â where University Medical Center officialsÂ firedÂ three employeesÂ for violating privacy of patients connected to the shooting rampage of which Jared Loughner is accused;Â New York City, where a police sergeantÂ pleaded guiltyÂ â€œto illegally entering a federal database and giving information from a terrorist watch list to an acquaintance to use in a child-custody case in Canadaâ€; and the U.S. government, whereÂ the State DepartmentÂ found thatÂ federal employees repeatedlyÂ snoopedÂ into the passport files of entertainers, athletes and other high-profile Americans.Â The cases arenâ€™t confined to the United States; for example, theyâ€™ve occurred inÂ Canada,Â New ZealandÂ andÂ the UK.
The instances of insider misuse and abuse at the NSA are disturbing. The letter doesn’t identify the employees, but notes that at least six cases were referred to the Justice Department for further action, which could include prosecution. Here’s just one case, which occurred on the insider’s “first day of access” to SIGINT. The person, a member of the military, “queried six e-mail addresses belonging to a former girlfriend, a U.S. person, without authorization.” The insider “received a reduction in grade, 45 days restriction, 45 days of extra duty, and half pay for two months. It was recommended that the subject not be given a security clearance.” In this case, the person who abused his access privileges to the surveillance system was punished, but in several cases, the people were not for various reasons, including that they resigned before they could be punished.
Learn more in the full response from the OIG.