But mistakes do happen in data-sifting conducted mostly by machines, not humans. Sometimes, former intelligence officials say, that means intelligence agencies destroy material they should not have seen, passed to them by the Fort Meade, Md.-based National Security Agency.
The eavesdropping, code-breaking agency is fighting back after last week’s revelations in the media of two surveillance programs that have raised privacy concerns.
One program collects hundreds of millions of U.S. phone records. The second gathers audio, video, email, photographic and Internet search usage of foreign nationals overseas, and probably some Americans in the process, who use major providers such as Microsoft, Google, Apple, and Yahoo.
The programs were first reported in a series of articles published by The Guardian newspaper. On Sunday it identified Edward Snowden, a 29-year-old American who works as contract employee at the National Security Agency, as the source of the disclosures. The newspaper said it was publishing the identity of Snowden, a former technical assistant for the CIA and current employee of defense contractor Booz Allen Hamilton, at his request.
“I have no intention of hiding who I am because I know I have done nothing wrong,” he was quoted as saying.
The National Security Agency filed a criminal report with the Justice Department earlier this week in relation to the leaks. The director of national intelligence, James Clapper, has stated repeatedly that the NSA’s programs do not target U.S. citizens and that the agency uses a process known as “minimization” to sift out data from “any U.S. persons whose communications might be incidentally intercepted.”
His statement Saturday said that “the dissemination of information about U.S. persons is expressly prohibited unless it is necessary to understand foreign intelligence ... is evidence of a crime or indicates a threat of death or serious bodily harm.”
While the NSA has deferred any public comment to Clapper, it did offer an internal article written by director of compliance John DeLong, who is in charge of making sure the NSA protects Americans’ privacy.
DeLong writes that privacy protections are being written into the technology that sifts the information, “which allows us to augment — not wholly replace — human safeguards.”
The NSA also uses “technology to record and review our activities. ... Sometimes, where appropriate, we even embed legal and policy guidance directly into our IT architecture.”
What that means is that the data sifting is mostly done not by humans, but by computers, following complicated algorithms telling them what to look for and who has a right to see it, according to Ronald Marks, a former CIA official.
“Through software, you can search for key words and key phrases linking a communication to a particular group or individual that would fire it off to individual agencies that have interest in it,” just like Amazon or Google scans millions of emails and purchases to track consumer preferences, explained Marks, author of “Spying in America in the Post 9/11 World.”
Detailed algorithms try to determine whether something is U.S. citizen-related or not. “It shows analysts, ‘we’ve got a U.S. citizen here, so we’ve got to be careful with it,’” he said.
But the process isn’t perfect, and sometimes what should be private information reaches agencies not authorized to see it.