Media sometimes try, fail to keep NSA's secrets
By RAPHAEL SATTER | The Associated Press | Published: February 8, 2014
LONDON — News organizations publishing leaked National Security Agency documents have inadvertently disclosed the names of at least six intelligence workers and other government secrets they never intended to give away, an Associated Press review has found.
The accidental disclosures illustrate the risks of even well-intentioned, public-interest reporting on highly secret U.S. programs.
In some cases, prominent newspapers including The New York Times quickly pulled down government records they published online and recensored them to hide information they accidentally exposed. On one occasion, the Guardian newspaper published an NSA document that appeared to identify an American intelligence target living abroad. Before the newspaper could fix its mistake, a curious software engineer, Ron Garret of Emerald Hills, Calif., tried to contact the man at his office.
"I figured someone ought to give him the heads up," Garret said.
The inadvertent disclosures, which include technical details and other information, are another complication in the ethically and technically challenging coverage of the NSA's surveillance programs. Journalists who have seen the unfiltered secrets leaked by former intelligence worker Edward Snowden agree that some things are off-limits for publication. But media organizations sometimes have struggled to keep them that way.
Glenn Greenwald, the reporter and columnist who has played a key role in publishing so many of Snowden's revelations, has said he wouldn't publish the names of U.S. intelligence workers unless they were top-ranking public officials. Greenwald told the AP that the mistaken disclosures of at least six names and other material were minor errors made by technical staff and quickly corrected.
"We reported on these documents with the largest and most well-respected media organizations in the world, but like all human institutions, none is perfect," Greenwald said.
It was not immediately clear what damage, if any, has come from the disclosures of the names of the six NSA employees and other secrets. The NSA would not discuss its employees. None appeared to be working undercover.
The AP was able to locate several of their home addresses and other personal details about them. The NSA said in a statement that it asks news outlets "to redact and withhold the names of employees, given the sensitive nature of the information and concerns for the safety of employees and their families."
The AP is not republishing the names of the NSA employees. It generally uses full names of government employees unless there is a specific threat or security concern. In this instance, the AP concluded the names were not vital to readers' understanding of the issues and provided no additional credibility or transparency into the issues.
The accidental disclosures — the AP counted at least eight of them — involve carelessness by some television broadcasters, sloppy digital redactions applied to copies of documents and, in the Guardian's case, an incomplete understanding of what information might be revealing.
The Canadian Broadcasting Corporation's nightly news program, "The National," revealed the names of three NSA employees when its cameras panned across NSA documents during voice-overs.
"They were scrolling through it and I thought, 'Hold on, that's an unredacted, classified document,'" said Christopher Parsons, who noticed the mistake. "It was kind of nuts. I couldn't believe that they were so cavalierly showing it on national television."
Parsons, a privacy expert at the University of Toronto's Munk School of Global Affairs, was able to read the employees' names by pausing, rewinding and replaying the video.
CBC's director of news content, David Walmsley, said the network regretted the error, pulled the video off its website and purged the material from its servers.
"It was a mistake that occurred because we had pixelated the documents and we thought we'd done it well enough. Clearly we didn't," he said. Walmsley said the CBC took responsibility for the mistake. He said Greenwald had asked that NSA employee names not be broadcast.
The same thing happened at the Brazilian television station Globo, which briefly exposed the names of two NSA employees briefly during its weekly news program "Fantastico" last year.
"We were not aware that those names belong to NSA's employees," said Ali Kamel, the network's general news director. "The image (of the two names) lasts less than a second. If there is a mistake, it appears to be a very small one, but we are going to investigate why it happened." Kamel said the network removed the footage from the Internet after the AP contacted it and was prepared to apologize if the mistake were confirmed.
The Times published an NSA presentation last month with the name of an NSA employee marked out. But a quirk of electronic documents is that information can linger even when it's invisible to the naked eye. Within minutes of the Times' report, the employee's name was circulating and someone created a parody Twitter account.
The document also revealed that a Muslim terrorist group once had a preference for a specific smartphone, potentially dropping an important hint as to how its communications had been monitored.
A spokeswoman for the newspaper blamed a production error and said the document was removed, recensored and republished.
The Washington Post tried but failed to censor some details of the NSA's internal set up. The Post did not respond to an email from the AP about the incident.
In an email response to questions about the misredaction that may have exposed an NSA target, the Guardian said it had checked the document with U.S. officials before publishing and had not been advised against it. Spokesman Gennady Kolker said the paper later decided to redact the slide on its own, but Kolker declined to elaborate.
Improper redactions are common, and even governments officials make basic mistakes.
In 2011, British officials failed to properly redact a document that discussed critical weaknesses in the nation's fleet of nuclear submarines. A couple years earlier, the U.S. Transportation Safety Administration accidentally exposed technical details of airport screening procedures.
"It's a very easy mistake to make," said Daniel Lopresti, a document analysis expert and a professor of computer science at Lehigh University in Pennsylvania.
A small but focused community of intelligence-watchers has been keeping careful track of those mistakes.
Paul Dietrich of Eugene, Ore., contributes material to the radical transparency site Cryptome and repeatedly has gleaned secret information from poorly redacted documents. He recalled, for instance, being able to correctly guess the number of communications intercepted by the NSA in Italy by counting the height of a redacted NSA bar graph, pixel by pixel.
Dietrich, who flagged nearly all the errors to AP, was able to decode the names of cities hosting NSA collection sites, based on poorly redacted slides published by Germany's Der Spiegel magazine, Italy's L'Espresso newspaper, and Holland's public broadcaster, NRC.
Spiegel Online editor-in-chief Ruediger Ditz said the material was removed within minutes. Stefania Maurizi of L'Espresso acknowledged "a very minor issue" but said the slide dated back more than a decade. An editor at NRC did not immediately respond to AP's questions.
Dietrich supports the disclosures about the NSA surveillance programs and praised Greenwald.
"He is releasing information that the public has a right to know," Dietrich said. "But his editors have often been sloppy."
Dietrich said he was bothered by the thought that names of U.S. intelligence agency employees were now in enemy hands.
"If any foreign intelligence service hasn't done what I've done," he said, "then they're not much of a foreign intelligence service."