NSA watchdog finds 'many issues of non-compliance' in agency's data handling

The National Security Agency's (NSA) inspector general issued a rare report Wednesday condemning the administration for insufficiently protecting data gathered from U.S. citizens.

A semiannual report issued to Congress by the agency's watchdog details “many instances of non-compliance” by agency personnel dealing with rules meant to protect “computer networks, systems and data.”

ADVERTISEMENT

Other issues of noncompliance included flash drives not being scanned for viruses before being used by staff, as well as "inaccurate or incomplete” security plans.

None of the violations warranted immediate reporting to the NSA's director or Congress, the agency's inspector general concluded, but revealed "significant problems and deficiencies" within the agency.

"OIG projects during the reporting period did not reveal serious or flagrant problems or abuses related to the administration of Agency programs or operations that would require immediate reporting to [the agency's director] or Congress," the report stated.

The report comes a month after the agency announced it was purging hundreds of millions of phone records collected by American telecom companies that the agency had acquired since 2015.

The NSA said in June that it was deleting the files, known as call detail records, of millions of American-made phone calls after discovering that it had received some data for which it did not have proper authorization.

Democratic Sen. Ron Wyden (Ore.), who sits on the Senate Intelligence Committee, previously laid blame for that issue on telecom companies who provided the data to the NSA.

“Telecom companies hold vast amounts of private data on Americans,” Wyden told The New York Times. “This incident shows these companies acted with unacceptable carelessness, and failed to comply with the law when they shared customers’ sensitive data with the government."