Unauthorized Access Violation: When a person who is not authorized to do so accesses data collected under Section 702, including unminimized data.
Attorney-Client Privilege Violation: Failing to establish required review teams to ensure agents involved in prosecutions did not get access to a defendant’s privileged communications, or failing to properly mark communications that are protected by attorney-client privilege.
Query Violation:Conducting a search through data collected pursuant to Section 702 that did not meet requirements in minimization procedures.
Data Retention Violation: Failing to delete data that were subject to a purge requirement because they were improperly collected or because they had exceeded the limit on how much time those data were permitted to be retained.
Documentation Violation: Failing to provide sufficient documentation to support targeting decisions.
Notification Violation: Failing to provide required notifications to the relevant entity in the timeframe specified by NSA targeting procedures.
General Minimization Violation:Violations of minimization procedures where specific details of the nature of the violation are unspecified. These violations could have pertained to requirements such as those for querying, reporting, and data retention.
Unknown Violation: Violations where information was either redacted such that the nature, scope, and remedy for the violation could not be discerned, or that were categorized as “Other” without additional details.