A curious Navy officer on deployment in Iraq in 2011 got in hot water with the National Security Agency when she used a top-secret NSA signals intelligence database to snoop on the prepaid-phone habits of boyfriend’s son, according to a just-released, heavily redacted NSA inspector general’s report.
That 2014 investigative report — one of several obtained by Buzzfeed national security reporter Jason Leopold in response to a Freedom of Information Act lawsuit against the agency — shows the unnamed officer “deliberately and without authorization queried a telephone number belonging to a U.S. person,” in violation of an executive order, DoD regulations, NSA directives, and the federal code. “A Navy Criminal Investigative Service investigation is pending,” the report added.
But Leopold’s narrative of just how the naval officer turned her U.S. Forces-Iraq deployment into a likely Article 32 should be terrifying to anyone who’s ever tried to liven up an info awareness training session:
On June 4, 2011, the first day the Navy officer was granted access to the highly classified NSA signals intelligence database, she underwent a third course on how to use it. During a training exercise, she entered her boyfriend’s son’s telephone number into a search field and tried to access data covering the span of a month on the prepaid telephone number. That phone was also used by other members of her boyfriend’s family, the report said.
“She inputted the number into the SIGINT system because it was the only telephone number she could think of at the time,” the investigator general’s report says. “She could not explain why this telephone number came to mind instead of her own telephone number or any other number.”
But she did not obtain data on the phone number because when she queried the database the computer monitor “displayed a bright red warning sign.”
The Navy officer panicked. But her trainer, an Army officer, told her “not to worry” and to just clear out the various search fields on the database. She thought her training officer would report the incident, according to the report, but he didn’t. Neither did she.
You know those “Let’s never mention this to anyone ever again” moments you sometimes have in the military? If the thing you want to never mention again involves the NSA, you’re going to need a better strategy.
Turns out the NSA still audits its database queries on a monthly basis… so, like clockwork, the agency discovered in July that this naval officer had run a query on her boyfriend’s kid’s prepaid phone that he’d gotten at Walmart. (Gotta love those unredacted report details.)
What happened next? Well, the officer had to go through SIGINT retraining, of course! Beyond that, it’s not at all clear; she got some counseling letters in her jacket, and the case was referred to NCIS; we’ll be following up with them shortly.
But we here at T&P will note that, according to the NSA IG report, the officer spent the remainder of her Iraq deployment “in a different building… at [REDACTED] headquarters.” And buddy, when you get stashed in [REDACTED] headquarters, you know you done messed up.