Navy Officer Working For The NSA Caught Trying To Search Her Boyfriend's Son's Phone
from the self-starter-goes-for-illegal-snooping-right-out-of-the-gate dept
The NSA often makes statements following document leaks about its undying interest in protecting the rights of Americans, no matter how much might be swept up intentionally/incidentally by its surveillance programs. Undoubtedly, there is some sincerity in this statement. But the following story, based on information liberated by a Jason Leopold FOIA request, shows the NSA can be sincere about its desire to protect Americans’ privacy while still doing very little to uphold that ideal.
A Navy officer stationed in Iraq “deliberately and without authorization” used an NSA database to try to pry into the mobile phone of her boyfriend’s son, according to a top secret NSA inspector general report obtained by BuzzFeed News.
The NSA discovered the violation about a month after it happened. The officer was undergoing training and had already taken two courses pertaining to the search and use NSA collections. But when this violation occurred, she had been given full access to NSA data stores to complete her final course.
During a training exercise, she entered her boyfriend’s son’s telephone number into a search field and tried to access data covering the span of a month on the prepaid telephone number. That phone was also used by other members of her boyfriend’s family, the report said.
But the officer had an excuse: according to the report [PDF], she said it was the “only telephone number she could think of at the time.” The Inspector General found this excuse to be dubious at best.
“She could not explain why this telephone number came to mind instead of her own telephone number or any other number.”
Now, here’s where we get to the NSA’s professed respect for Americans’ Fourth Amendment rights. The level of respect will vary from person to person. Obviously, the Navy officer had zero respect for her boyfriend’s son’s rights. More troubling, her instructor apparently felt this violation wasn’t a big deal.
When she entered the phone number, the system displayed a “bright red warning sign.” This scared the officer but her instructor’s response showed little concern about the violation the officer was attempting to engage in.
[H]er trainer, an Army officer, told her “not to worry” and to just clear out the various search fields on the database.
Neither the Navy officer nor her trainer reported the incident.
The NSA discovered the violation during an audit and reported it. This is good, but it’s also limited to what the NSA chooses to report.
The Inspector General has noted in the past it is limited in its oversight abilities by the NSA and its reporting systems. The IG often has trouble compiling the information needed to make a determination about potential violations and there have been times where the NSA has actually destroyed information the IG has needed for investigations.
Much of what we know about the NSA’s violations is self-reported. But this relies on the agency being forthcoming — something it’s not particularly known for. The gap between what’s discovered and what’s handed over by the agency has been noticed by its Congressional oversight and the FISA court. The latter, in particular, has noted the agency often delivers notification of violations months or years after the violations occur and has been routinely unwilling to clarify technical issues when discussing violations with the court.
In this case, the Navy officer claimed the violation was an “accident” that occurred during training. The Inspector General’s office, however, viewed it as a deliberate misuse of highly-sensitive data. It appears the NSA sided with the officer. The only “punishment” handed out was another round of training. So, when the NSA claims it’s doing everything it can to protect Americans from unlawful surveillance, it’s a half-truth at best. If it was doing everything it could, it would have pushed this officer out of the rotation and replaced her with someone more likely to uphold the ideals the NSA claims it holds.
Filed Under: audits, nsa, spying, surveillance
Comments on “Navy Officer Working For The NSA Caught Trying To Search Her Boyfriend's Son's Phone”
The son was displaying the indicia of terrorists.
Y’know the one: breathing in and out. So she had to investigate.
Re: The son was displaying the indicia of terrorists.
It’s kinda sad when you joke but it doesn’t sound funny because we were joking about NSA abusive, unconstitutional surveillance not too long ago…
Still, have my funny vote.
Re: Re: The son was displaying the indicia of terrorists.
It would be too depressing to admit to "Insightful". "Funny" it is.
Ha ha. What a riot.
selective enforcement
When these disciplinary actions happen, it’s usually because the person is already on someone’s shitlist and they’re just waiting for the first opportunity to write this person up.
Maybe plausible
I can’t remember my own number (I keep it on a slip of paper in my wallet) because I never call it. I don’t remember friend’s numbers because they’re in my contact list. I can easily see this as being one of the only numbers she could recall if she had been there when they got the phone, or if she had to call that phone without contact info.
From the NSA report pdf, the phone was used by her boyfriend’s son, boyfriend, her daughter, and her sister.
I can believe that if that many folks that she knew and likely lived with used the same phone, it would be a number easily recalled.
I don’t remember my cell number, never call it.
The NSA training class should either provide a list of approved training test numbers or an instruction to use a number ONLY used by the trainee.
And Why...
… was the US citizens phone information in the NSA database in the first place? Oh yeah… ALL phones EVERYWHERE are monitored, tracked, traced, and logged.
"Cell phone located. Tasking MQ-9 Reaper, armament two GBU-12 Paveway II bombs, two AGM-114 Hellfire II missiles. ETA twenty-seven minutes."
"Defaulting to nearest Verizon device."
The problem was later reported to Verizon customer support, and logged as a probable exploding 3rd-party battery.
Sheesh, minion. Internets full of scandal, and you run this?
You (ALL but “Tom” so far!) somehow skip over this one key point: TRAINING.
Google violates my privacy more than this every day.
And doesn’t get to do a tenth of what wants.
This week tried to get a manual for an old monitor with odd features.
Soon ran into javascript / captcha by guess who? Yes, 3rd party: Google Analytics.
So I got no manual. If don’t agree to the surveillance, the web is more restricted every day.
And what right has Google, the NSA’s commercial front, to surveil me? … NONE! Just can get away with it, for now.
—
Oh, did I wander off this DULL topic? Well, I’m aware of that, so now YOU can show interest in it by long detailed comment ON-topic!
Re: Sheesh, minion. Internets full of scandal, and you run this?
The US government can use that information to arrest you, lie to the judge and your family about your location, search your house and seize your electronics…. thanks to confirmation bias based on vague data.
If you’re not a US citizen they can ship you to another country and torture you for months or years before releasing you with an “er, never mind.”
Google can’t do that just yet.
Re: Sheesh, minion. Internets full of scandal, and you run this?
Try these:
https://www.eff.org/deeplinks/2017/11/how-debug-your-content-blocker-privacy-protection
The son now can surf for all the hardcore furry scat ass to mouth donkey on sheep on squirrel lubricant action he wants and she’d be too scared to even mention it even if she saw the squirrelgasms on screen, for fear people would think she’s been spying again!
Re: Re:
I’m not overly offended by the imagery in your post, but…
…the imagined audio for this one is too much.
Re: Re: Squirrelgasms?
/me instinctively tries to hide his nuts against the impending squirrelly invasion…
Well I never
Spy getting taught how spys can spy did not realise that spys get spy’d on.
It’s almost like there is an atmosphere where they know there are rules, but even the bright red warning results in a just delete stuff and keep going. Rules without meaningful punishment are worthless. Creating “good faith” exceptions so they have an out that must be accepted worked out so well with police.
We have to stop pretending that because we declare they are wearing white hats, that we don’t need to keep an eye on them. Being a good guy doesn’t force you to follow all of the rules, but giving them the benefit of the doubt over and over shows them they can get away with most anything because they are one of the “good guys”.
Not that I think this is ok but she is a person and was in training.. from the trainings I’ve been in (not NSA training, just normal people training) the pace is way, way slow and I prefer to learn on my own anyways so I usually zone out once I can actually get into the system and learn on my own. The example numbers that the training text (hopefully) probably provided were going to be given out later and she just used the first number that came to mind.
On the positive side: the system did flash red warnings presumably bc the number was either that of a US citizen and/or not on a ‘watch list’ or both. It is good to know that privacy invasion is not ok for just anyone to do at the NSA. You have to at least pass the privacy invasion training first. Safeguards.
But seriously, this is more safeguards than I expected given what I’ve been reading about for years. And Trump.
The heroes of MyNameHere and out_of_the_blue, ladies and gentlemen. Surveillance is great when the government, the NSA and the RIAA do it, but anyone else and it’s suddenly the devil’s work.
So who should she have spied upon?
For completing her course, she had to snoop on someone’s cellphone with her advisor looking over her shoulder.
She chose a minor in her own household, as someone whose phone number she knew. Who should she have chosen? Herself, making open her own communications to her advisor? She chose a number she knew, of a person in her household that could not be held accountable as a minor. And she would have been in a position to make amends, too.
Whose Fourth Amendment rights would you rather have wanted to see violated?
Frankly, I find her personal choice much more defensible than that she was made to choose in the first place.
Re: So who should she have spied upon?
Yes, herself. Anyone and everyone has the right to violate their own rights at will, any time, anywhere. If she could not remember her own phone number, she need only look in the phone. Settings > About or something along those lines. If she does not know how to find her own phone number in her own cell phone, she is NOT qualified to snoop on anyone else’s phone.
So yes, herself. If she is so worried about what her instructor would see on her own phone, perhaps she should take a moment to reflect upon what she is training to do for a living. If doing so would make her feel violated, perhaps she should consider exactly how violated ANYONE else would feel.
And idk, maybe go shoot guns at terrorists or something, She IS already in the navy after all. They always need more guys (or gals) with guns. If she’s not the murder-y type, she could be a cook. Or a medic. Or a thousand other things. The Navy’s own TV and print marketing has been trying to sell people for 2+ DECADES on the idea that there are literally 300+ non-combat jobs available in the Navy. She could pick ANY of the other 299 if violating people’s privacy – hers or anyone else – is uncomfortable to her.
But spying on ANY third-party without consent, including her boyfriend’s son (which, as he is her boyfriend, not her husband, isn’t even a family member) is unacceptable.
No seeded data to test with
So they don’t have test data seeded into their production database that they can use for training? Why can’t they have a Mickey Mouse account?