The incidents have been briefly described in a letter to US Senator Charles Grassley, who requested information about "intentional and willful misuse of surveillance authorities".
The letter includes instances of both military and civilian contractors performing SIGINT queries on telephone numbers and emails belonging to their current or former lovers (mostly foreign nationals, but some US nationals as well), people they have met in social settings (mostly foreign nationals), a US relative of an intelligence target and, in one case, a number of (random?) telephone numbers in a country so that the military member in question could learn that country's language.
Dubbed LOVEINT, some of these violations were discovered by reviewing SIGINT audit logs, but a worrying number was revealed by the violators themselves during or before polygraph interrogations executed when they had to go through the process of renewal of a security clearance. This brings up the question of how many such violations have gone unnoticed and unreported during these ten years?
As Kevin Poulsen rightly noted, this letter is "a fascinating look at what happens when the impulse that drives average netizens to look up long-ago ex-lovers on Facebook is mated with the power to fire up a wiretap with a few keystrokes."
It is also good to note that most of the civilian employees that have been found breaking these rules have retired or resigned before they could be disciplined, and that it only a couple of the cases the Department of Justice has been notified of the misuse and has decided not to prosecute the individual in question.
Military members that engaged in these violations would usually be punished with a reduction in grade, periods of restriction and extra duty, periods of receiving only half pay, and being stripped of the security clearance they possessed and access to classified information revoked.
According to Dr. Ellard, his office is currently investigating two other alleged SIGINT misuses, and is reviewing one allegation for possible investigation.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.