Sure, the National Security Agency has been getting some bad press lately. Sure, an internal audit by the NSA found that the agency broke privacy rules thousands of times a year, as The Washington Post reported. But, hey, they're only human.
Among the violations?
A notable example in 2008 was the interception of a "large number" of calls placed from Washington when a programming error confused the U.S. area code 202 for 20, the international dialing code for Egypt, according to a "quality assurance" review that was not distributed to the NSA's oversight staff.
"Typographical errors or overly broad search terms" were cited in 21 violations in the first quarter of 2012 alone. Cited in 60 was "operator error."
We all know operator error. This is why, somehow, the NSA wound up with every email sent to or from the state of Georgia, after that same programming error mistook it for the former Soviet republic. The same programming error that swapped 20 and 202 also picked up every email sent to or from President Barack Obama, after mistaking him for Osama bin Laden in what the NSA probably described as a "really, really embarrassing mix-up after which the programming error had to undergo intense sensitivity training."
The NSA also picked up, in a combination of operator and typographical error, every email from Cincinnati after someone mistyped "al-Qaida" as "Cincinnati"; all communications relating to NSA employee Dave Mittne's ex-wife after someone mistyped "Yemeni al-Qaida leader Saeed al-Shihri" as "Kim Mittne"; every email from Kim Mittne's new husband after an even more confusing typographical error; and all of George Lucas' private communications because someone described him as "destroying the integrity of Star Wars," and NSA workers thought that maybe it was aimed at Ronald Reagan's missile defense program. Also, the agency picked up every email from Ke$ha "because that is clearly a made-up name."
See, there's a simple explanation for all this excessive data collection. Basically, somewhere, someone in the NSA meant to type "All Terrorist Emails" but he accidentally didn't type the word "terrorist."
A senior NSA official told The Washington Post, as an excuse: "We're a human-run agency operating in a complex environment with a number of different regulatory regimes, so at times we find ourselves on the wrong side of the line."
This is (a) exactly what a malevolent, self-aware, data-hungry computer posing as a senior NSA official would say, and (b) the worst excuse I have ever heard for anything.
"We're a human-run agency operating in a complex environment" describes every agency ever, including ones that do not routinely violate the Foreign Intelligence Surveillance Act. "If they would just let Skynet take over running this agency as it should have years ago," the agent complained, unzipping his skin suit, "things would be so much simpler for all you pitiful meatsacks."
The agent added: "You can look at it as a percentage of our total activity that occurs each day. ... You look at a number in absolute terms that looks big, and when you look at it in relative terms, it looks a little different." I am not making this up. Though I am making up the follow-up statement, in which he observed, "You know what's kind of uncool? Thousands of violations. You know what would be really uncool? A billion violations!" or tried to add into the record the statement: "For instance, the Earth has been around for millions of years, yet we have been indiscriminately and problematically gathering data from only the minuscule fraction of human history in which people have been sending emails."
But remember, we should not be concerned. After all, the NSA means well, and we have congressional oversight, which means a few security-cleared lawmakers are allowed to read notices of the violations (which otherwise just appear as big pages of redactions under the heading "Statistical Data Relating to Compliance Incidents") in a "special secure room" where they are not allowed to take notes. This is really helpful!
In other words: Don't worry. The NSA has things in hand. If it could just fix this pesky "human beings who make mistakes run the program" problem, we could be both safe and secure in the knowledge that our privacy was not being violated. And I'm sure that will happen any day.
Alexandra Petri writes the ComPost blog at The Washington Post.