Among other things, one of the documents showed that the NSA "had improperly queried the bulk telephony metadata by using an automated 'alert list' process that resulted in the use of selectors that had not been individually reviewed and determined to meet he required reasonable articulable suspicion standard."
As it turns out, in those three years the agency ended up monitoring some 17,835 phone accounts, when only 1,935 of these had met that standard.
Director of National Intelligence James Clapper dubbed this as "compliance incidents", which "stemmed in large part from the complexity of the technology employed in connection with the bulk telephony metadata collection program, interaction of that technology with other NSA systems, and a lack of a shared understanding among various NSA components about how certain aspects of the complex architecture supporting the program functioned. "
"Upon discovery of these incidents, which were promptly reported to the FISC, the Court, in 2009, issued an order requiring NSA to seek Court approval to query the telephony metadata on a case-by-case basis, except when necessary to protect against an imminent threat to human life," he says. "Thereafter, NSA completed its end-to-end review and took several steps to remedy these issues, including making technological fixes, improving training, and implementing new oversight procedures. These remedial steps were then reported to the Court, and in September 2009, the Court lifted the requirement for NSA to seek approval to query the telephony metadata on a case-by-case basis and has since continuously reauthorized this program."
This is not the first time that the FISC court heard from the NSA that it had been "mistakenly" siphoning data and / or communications that it had no legal permission to do.
Nevertheless, FISC judges have repeatedly proven to be sympathetic and have not decided to put a stop to the surveillance program. In this particular case, they simply temporarily restricted the access to the data to a team of NSA data integrity analysts.
EFF's Trevor Tim has also pointed out that Clapper said that they were releasing the documents because they were directed to do so by the US president.
"That statement is misleading," he pointed out. "They are releasing this information because a court ordered them to as part of EFF's Freedom of Information Act lawsuit, filed almost two years ago on the tenth anniversary of the Patriot Act."
"Incredibly, intelligence officials said today that no one at the NSA fully understood how its own surveillance system worked at the time so they could not adequately explain it to the court. This is a breathtaking admission: the NSA's surveillance apparatus, for years, was so complex and compartmentalized that no single person could comprehend it," he added.
"The intelligence officials also acknowledged that the court has to base its decisions on the information the NSA gives it, which has never been a good basis for the checks and balances that is a hallmark of American democracy."
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.