recommended reading

At NSA, computers sometimes make the policy calls


John DeLong, the first-ever compliance director at the Pentagon’s spy agency, spends his days making sure analysts are not snooping on Americans.

U.S. law forbids the National Security Agency from intercepting communications between citizens. While privacy advocates argue that NSA databases nevertheless accumulate records on Americans, in fact, some of those systems are calling the shots to delete that information.

“There are times when we use technology to literally make legal and policy decisions,” said DeLong, 37, a lawyer whose additional math and physics degrees likely prepared him for the multifaceted task of policing code-breakers.

With an ever-increasing amount of messages to crack and data patterns to follow, agents have limited time to observe what he describes as “very specific procedures that govern their use and handling of that data.” So, machines sometimes patrol privacy.

“There are obviously some decisions that you can’t automate. You have to rely on a human for judgment. And we have lots of training” on foreign espionage authorizations, DeLong told Nextgov in an interview. “We have to make sure those authorizations pass from human to human from machine to machine very carefully.”

Those authorizations include minimization requirements, which tightly control any data obtained while targeting foreigners that identifies Americans. Other privacy measures include database audits and spot checking decisions about whom to pursue, according to intelligence officials.

A computer, for example, can be instructed to screen out certain types of information before it is passed on to the next stage of processing, DeLong explained. “In some cases, we literally have the legal and policy rules embedded in the technology such that the technology will only do those things,” he said.

Still, intelligence activities have broken the rules. As first reported by Wired in July, the Office of the Director of National Intelligence acknowledged in a letter to warrantless wiretap critic Sen. Ron Wyden, D-Ore., that “on at least one occasion” the judicial branch determined “that some collection carried out pursuant to the [law’s] minimization procedures used by the government was unreasonable under the Fourth Amendment.”

When asked whether the incident occurred on his watch, DeLong said, “Root cause is always difficult to figure out, so I’m very hesitant to answer on timing. I will say very clearly, though, when there are incidents we follow the reporting path.”

He then deferred to ODNI, which coordinates the work of the U.S. intelligence community. “The government has remedied these concerns, and the [Foreign Intelligence Surveillance Court] has continued to approve the collection as consistent with the statute and reasonable under the Fourth Amendment,” officials said in a statement.

DeLong added, “We’re nothing if we lose the confidence of the American people.”

(Image via VLADGRIN/

Threatwatch Alert

Thousands of cyber attacks occur each day

See the latest threats


Close [ x ] More from Nextgov

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • It’s Time for the Federal Government to Embrace Wireless and Mobility

    The United States has turned a corner on the adoption of mobile phones, tablets and other smart devices, outpacing traditional desktop and laptop sales by a wide margin. This issue brief discusses the state of wireless and mobility in federal government and outlines why now is the time to embrace these technologies in government.

  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

  • A New Security Architecture for Federal Networks

    Federal government networks are under constant attack, and the number of those attacks is increasing. This issue brief discusses today's threats and a new model for the future.

  • Going Agile:Revolutionizing Federal Digital Services Delivery

    Here’s one indication that times have changed: Harriet Tubman is going to be the next face of the twenty dollar bill. Another sign of change? The way in which the federal government arrived at that decision.

  • Software-Defined Networking

    So many demands are being placed on federal information technology networks, which must handle vast amounts of data, accommodate voice and video, and cope with a multitude of highly connected devices while keeping government information secure from cyber threats. This issue brief discusses the state of SDN in the federal government and the path forward.

  • The New IP: Moving Government Agencies Toward the Network of The Future

    Federal IT managers are looking to modernize legacy network infrastructures that are taxed by growing demands from mobile devices, video, vast amounts of data, and more. This issue brief discusses the federal government network landscape, as well as market, financial force drivers for network modernization.


When you download a report, your information may be shared with the underwriters of that document.