Reports in August gave the world a new word in the intelligence lexicon: LOVEINT, the act of illicitly looking up a significant other with the NSA's surveillance tech. The offenses weren't supposed to be common, but a steady trickle of them were said to have been revealed over the years. And now, a letter sent to Senator Chuck Grassley (R-IA) reveals details not only of people who violated the rules for LOVEINT, but of everyone that the NSA Office of the Inspector General has found to have willfully abused the NSA's capabilities since 2003.
The full list includes a dozen incidents, and the NSA says it has two open investigations and one case that could be investigated in the future — roughly consistent with the numbers we've been given before. But most of the violations were a far cry from "overzealous" attempts to prevent another 9/11. While some cases are nonspecific, at least eight of the twelve involved spying on wives, girlfriends, husbands, or boyfriends. In one case, a subject "queried six email addresses belonging to a former girlfriend, a US person" on the first day he got access to the system. In another, a woman tracked a number in her husband's phone contacts and listened to his conversations because she suspected him of cheating.
At least eight cases involved wives, girlfriends, husbands, or boyfriends
In some incidents, it's not clear how the NSA was notified of the abuse; in others, it was discovered in a polygraph or reported by the offender. Penalties, likewise, varied. The man who looked for his ex-girlfriend's address claimed that he was only using her name for practice; he was demoted, given half-pay for two months, and not recommended for a security clearance. The woman who tracked her husband resigned, as did several of the other people who intentionally violated procedure. One person, who had apparently looked up telephone numbers in a country "to aid in learning that country's language," was locked out of the database and any other classified resources. And the Department of Justice declined to prosecute one man, who had used the system to look up his girlfriend's phone number. The man retired a year later.
The NSA has consistently said that its analysts are ethical and reliable, and 12 names in 10 years is objectively a small number, if not an ideal one. Unfortunately, it's hard to tell how effectively the agency is able to detect intentional abuse of its system, and it sidesteps another issue: the much larger number of violations that seem to have been made unintentionally. We've heard over and over that the NSA found it difficult to manage its system, and it apparently gave the FISA Court bad information multiple times, a point of contention between the two bodies. While this transparency is reassuring, knowing who abused the system is just one part of the solution.