How a Typo At the NSA Can Flag You As a Terrorist Threat

A recently distributed internal audit of the National Security Agency has revealed some surprising news about the nature of violations of federal laws regarding surveillance. A high nuber of infractions by the agency, it turns out, have little to do with agency efforts to push the line on privacy. Instead, they have everything to do with unintentional human error.

The report reveals that small mistakes made by bureaucrats at the NSA such as operator search errors and typographical errors violate Americans' privacy every day. While Americans can take some solace in the fact that these violations are unintended, the revelation that our privacy stands at the mercy of human error should be troubling.

The audit report, obtained by the Washington Post, reveals that the NSA violated FISA standards during the first quarter of last year 195 times, where 123 of these incidents had to do with "operator error" such as "insufficient or inaccurate research information," "training issues," and "typographical errors," and 72 were the result of "computer error." 

Most of the 2,776 total violations to legal standards identified in the audit are the result of a small, unintended mistake made by an agency official. The incidents resulting from human and computer error then lead to unauthorized collection, storage, access, or distribution of legally protected communications of Americans or foreign intelligence targets in the United States.

The White House and the NSA have both replied to recent outcry regarding the audit to claim the errors are par for the course, and a problem the administration promises to address. "The one constant," the White House responded in a statement to The Washington Post, "is a persistent, dedicated effort to identify incidents or risks of incidents at the earliest possible moment, implement mitigation measures wherever possible, and drive the numbers down."

A senior NSA official echoed these claims, and fired back that this high degree of human error is unavoidable. “We’re a human-run agency operating in a complex environment with a number of different regulatory regimes," he explained, "so at times we find ourselves on the wrong side of the line.”

But, it is frightening to imagine how a powerfully a small typo can violate American privacy. As just one example, a small programming error in 2008 revealed in the audit that the U.S. area code 202 was confused for the number 20, the international dialing code for Egypt. This small typing difference in numerical code led to the interception of a "large number" of calls placed from Washington.

All U.S. government agencies are, of course, imperfect, human-run institutions that are subject to all sorts of failures that can stem from negligence and willful misconduct. The large scale of data the NSA must monitor in its security programs is no small task for the computer and human systems sifting through the material every day, so it may not come as a surprise that the monitoring is imperfect. But as the national debate on surveillance tends to focus on broad, theoretical debates about the line between privacy and security in crafting surveillance programs, the specific details of surveillance procedures including the substantial proclivity for human error in monitoring the databases should be taken into account. If these errors can be avoided by tightened systems, more fine-tuned procedures, and better training, it would be a step in the right direction for ensuring Americans' privacy.

How likely are you to make Mic your go-to news source?

Rachel George

Rachel is a PhD candidate in International Relations at the London School of Economics. She holds a BA in Politics from Princeton and an MA in Middle Eastern Studies from Harvard. Her interests include journalism, U.S. foreign policy, human rights, and international law.

MORE FROM

'Hot Mic' podcast: Health care opposition, Trump on Russian meddling & Pakistan tanker explosion

The important stories to get you caught up for Monday morning.

Dozens missing after tourist boat carrying more than 160 passengers sinks in Colombia

At least six people are confirmed dead and dozens more unaccounted for.

Ohio Gov. John Kasich's website hacked with pro-ISIS propaganda

The same attack also hit government websites in Brookhaven, New York, and Howard County, Maryland, according to reports.

8 of the biggest moments from the 48th NYC LGBTQ Pride March

The biggest Pride event in the world was a sight to behold.

Movement for Black Lives activists disrupt Minneapolis Pride to protest Philando Castile verdict

Protesters reportedly held signs with messages like "No KKKops at Pride."

Protesters reportedly arrested near NYC's Stonewall Inn, Pride March endpoint

The reason for the arrests were not immediately known.

'Hot Mic' podcast: Health care opposition, Trump on Russian meddling & Pakistan tanker explosion

The important stories to get you caught up for Monday morning.

Dozens missing after tourist boat carrying more than 160 passengers sinks in Colombia

At least six people are confirmed dead and dozens more unaccounted for.

Ohio Gov. John Kasich's website hacked with pro-ISIS propaganda

The same attack also hit government websites in Brookhaven, New York, and Howard County, Maryland, according to reports.

8 of the biggest moments from the 48th NYC LGBTQ Pride March

The biggest Pride event in the world was a sight to behold.

Movement for Black Lives activists disrupt Minneapolis Pride to protest Philando Castile verdict

Protesters reportedly held signs with messages like "No KKKops at Pride."

Protesters reportedly arrested near NYC's Stonewall Inn, Pride March endpoint

The reason for the arrests were not immediately known.