Ed hit the big points about WaPo’s scoop in his post this morning but I want to make sure people see this too. Arguably the biggest news from the story isn’t that the NSA broke the rules; when you’ve got thousands of analysts combing through billions of communications, you’re destined to have “incidents.” If — if — you’re okay with the a massive surveillance state, then to some extent you’re accepting this as the cost of doing business, just as people who prefer bigger police forces tacitly accept that more abuses, both intentional and negligent, will occur.

The big story is that Congress, purported overseers of the NSA and guardians of the public’s privacy, seems to have zero idea of how many “incidents” there are. And that includes the congressional watchdog-in-chief — Dianne Feinstein, chairman of the Senate Intelligence Committee. The NSA, it seems, really is an island unto itself inside the federal government:

The documents, provided earlier this summer to The Washington Post by former NSA contractor Edward Snowden, include a level of detail and analysis that is not routinely shared with Congress or the special court that oversees surveillance. In one of the documents, agency personnel are instructed to remove details and substitute more generic language in reports to the Justice Department and the Office of the Director of National Intelligence…

The May 2012 audit, intended for the agency’s top leaders, counts only incidents at the NSA’s Fort Meade headquarters and other ­facilities in the Washington area. Three government officials, speak­ing on the condition of anonymity to discuss classified matters, said the number would be substantially higher if it included other NSA operating units and regional collection centers.

Senate Intelligence Committee Chairman Dianne Feinstein (D-Calif.), who did not receive a copy of the 2012 audit until The Post asked her staff about it, said in a statement late Thursday that the committee “can and should do more to independently verify that NSA’s operations are appropriate, and its reports of compliance incidents are accurate.”…

Members of Congress may read the unredacted documents, but only in a special secure room, and they are not allowed to take notes. Fewer than 10 percent of lawmakers employ a staff member who has the security clearance to read the reports and provide advice about their meaning and significance.

I’m boldfacing parts of every paragraph because there’s news in literally every paragraph of the Post’s story. And some of it’s only alluded to: Bart Gellman, the author, notes that the NSA quadrupled its oversight staff in 2009 after a “series of significant violations.” That’s … nice, I guess, that they boosted anti-abuse measures, and O will no doubt claim that as his influence at work when he’s asked about this. But it leaves open the question of how “significant” those earlier violations were and what might have gone undetected in the pre-2009 era of less oversight, and the fact remains that the most meaningful scrutiny the NSA is getting from inside government is from its own staff. How useful is that in a case like the one described by Gellman from 2011 when the NSA decided as a matter of policy, not as a clerical error, to expand the amount of data it collected from Americans? In that instance the FISA court torpedoed the new program as a violation of the Fourth Amendment, but FISA resistance to NSA data-gathering is by all accounts rare. By and large, we’re trusting one sub-branch of government to check and balance itself.

Three possibilities going forward to deal with privacy abuses. One: Scale back the NSA. Less info-harvesting means fewer opportunities to err and a smaller database to access. I’m skeptical that that’ll happen — government wants this tool and the public seems resigned to the erosion of privacy — but hope springs eternal. Two: More automation. One of WaPo’s NSA sources defends the privacy violations by saying, “We’re a human-run agency operating in a complex environment…” What if the agency were, for the most part, no longer human-run? Artificial intelligence is probably only a few decades away from replacing many NSA analysts, just as drone technology will replace human pilots sooner rather than later. Take the process out of corrupt human hands and place it in a machine’s and the public might feel better about it. Three: Either overhaul the FISA court or create a new, separate federal agency for the express purpose of checking and balancing the NSA. Obama already suggested FISA court reform and an independent panel to review NSA procedures at his presser last week but I’m imagining something more permanent, like a public defender’s office strictly for intelligence matters. That idea probably won’t fly with righties because it means a further expansion of government, but libertarians in Congress might warm to it as a fallback option if they can’t get traction to cut NSA’s budget or scale down to size.

Exit quotation from Barack “Transparency” Obama, one week ago: “[A]ll the stories that have been written, what you’re not reading about is the government actually abusing these programs and listening in on people’s phone calls or inappropriately reading people’s emails. What you’re hearing about is the prospect that these could be abused. Now, part of the reason they’re not abused is because these checks are in place, and those abuses would be against the law and would be against the orders of the FISC.”