In today's debate over reauthorization of the FISA Amendments Act, Sen. Saxby Chambliss deployed a familiar rhetorical move popular with supporters of broad surveillance powers. Chambliss acknowledged that there have been "a few instances" in which the law has not operated as intended, permitting "overcollection" of entirely domestic communications. But this only goes to show that the oversight mechanisms embedded in the law are working so very well! Moreover, echoing Sen. Dianne Feinstein, he asserted (though of course we can't check the claim) that the violations that have been discovered have been the result of error, not deliberate abuse.
The first thing to say about this argument is that it's something of a tautology: Violations of the law (or its spirit) that we've identified have been successfully identified! If safeguards and oversight measures discover no such violations, we're supposed to assume that everything is working great. If they do uncover violations, it's proof that current oversight is robust and no further safeguards are needed. Catch 22!
A more subtle problem, however, is that oversight of large-scale secret surveillance programs are most likely to uncover inadvertent (and so relatively benign) violations rather than deliberate ones. I think of this as the Stephen Glass Problem, after the infamous fabulist who managed to publish dozens of wholly fabricated articles in The New Republic despite the magazine's legendarily rigorous fact-checking process—a story wonderfully chronicled in the film Shattered Glass and a Vanity Fair article of the same name. The problem, as editors later realized, was that the fact checking process was very good at catching accidental errors, but not equipped to deal with a journalist who was deliberately fabricating stories, and then exploiting his knowledge of how the fact checkers worked to ensure that his fabrications would pass muster, creating phony web-sites, voice mail accounts, and e-mail addresses to "confirm" his bogus facts. Accidental violations are always easier to catch, because accidental violators are not taking steps to conceal their violations.
With traditional, individually targeted surveillance, this may be a tractable problem: When courts are reviewing applications for surveillance warrants that name specific individuals, it is relatively hard to fabricate convincing evidence of a counterterror or counterespionage reason to wiretap an innocent person for some nefarious purpose, and also pretty hard to escape consequences if such an attempt is detected.
The situation is very different with respect to warrantless dragnet surveillance that, by design, vacuums up millions or billions of communications, many if not most of which are quite innocent, stores them in a vast database indefinitely, and then relies on "minimization procedures" to ensure that only the incriminating ones are scrutinized and disseminated. Now, a bad actor doesn't need to fabricate a warrant application: He only needs to query that vast database of communications for "incidentally collected" information that serves an illegitimate purpose.
If we look at the history of intelligence abuses, in fact, this is often what we find: Sometimes they involved wholly illegal wiretaps of innocent people and groups, but just as often, surveillance conducted for some superficially valid intelligence purpose yielded information that could be used for improper political ends. But despite his name, J. Edgar Hoover never had a vacuum cleaner as massive as NSA's, or such an enormous pool of information to sift through.
A bad actor in this context need only ensure that his illegitimate queries don't raise any red flags, or that he has some facially convincing innocent pretext for those queries on the off chance they do attract scrutiny. From what we can gather from the redacted audits of FISA dragnet surveillance that have been released publicly, oversight seems to be focused on problems at the collection stage—with the understanding that broad collection of innocent communications of Americans is not in itself a violation. That means a moderately savvy bad actor may not have too much to worry about. That's why the proposal to require a warrant before the database can be queried for information about particular Americans is such an important safeguard—and the NSA's resistance to it so disturbing. Current oversight mechanisms have picked up some inadvertent violations of the rules because, like The New Republic's fact checking protocol, that's just the kind of violation they're well-designed to detect. They're far less likely to spot the intelligence community equivalent of Stephen Glass—and if they do miss him, the consequences are likely to be more serious than a few phony magazine articles.