The National Security Agency (NSA) concurs with the recommendations in the December 12 report by NSA’s Office of the Inspector General (OIG) on internal procedures and policy for the deletion of certain data. NSA welcomes the recommendations made by the NSA OIG, and has already taken actions to close four of the recommendations and has plans to meet the intent of the remaining recommendations.
In addition to the technical controls described in the IG’s report, NSA
has overlapping technical and policy controls to protect civil liberties and
privacy that substantially reduce the likelihood of information retained beyond
policy and legal limits being available for use.
As required by law and Agency policies, on an ongoing basis NSA deletes
data that was lawfully collected in connection with the Agency’s foreign
signals intelligence mission, balancing privacy concerns with the need to have
relevant data available for analysis in connection with national security
threats. This process is the subject of detailed, continuous and extensive
oversight – both by internal supervisory and compliance checks as well as by
external entities such as (depending on the particular type of data) the
Foreign Intelligence Surveillance Court, the Department of Justice and the
Department of Defense. As is the case with any complex data management process
that relies on computers and software programs, some error rate is possible.
The Agency’s goal is for perfect compliance.
In this case, the IG identified an error rate involving substantially less than one-tenth of 1% of items that should have been deleted. NSA treats this seriously and has implemented steps to further reduce the possibility of errors, consistent with the OIG report.
Source: NSA
By 
