Most of those incidents were unintended, involving either violations of standard operations or failures of due diligence. But others were more serious.
And on at least one occasion, the NSA did not need to report unintended surveillance of Americans:
A notable example in 2008 was the interception of a “large number” of calls placed from Washington when a programming error confused U.S. area code 202 for 20, the international dialing code for Egypt, according to a “quality assurance” review that was not distributed to the NSA’s oversight staff.
Obama said that wasn't supposed to happen because it would be "against the orders of the FISC." So why didn't the judges on the court catch these abuses?
In another story broken by The Post today, the chief of the Foreign Intelligence Surveillance Act (FISA) Court admits he doesn't actually have the capability to investigate the compliance record of NSA surveillance programs:
The FISC is forced to rely upon the accuracy of the information that is provided to the Court [...] The FISC does not have the capacity to investigate issues of noncompliance, and in that respect the FISC is in the same position as any other court when it comes to enforcing [government] compliance with its orders.
Under the FISA regime, the government doesn't have to seek permission for individual surveillance targets. Instead, it seeks FISC approval for broad schemes of surveillance like PRISM and the phone records program. But that makes it extremely difficult for the FISC to check the court's work, since the NSA can — and, apparently, did — hide misconduct from the court that's supposedly supervising its activities.
Correction: This story originally suggested that the '202' incident involved intercepting the contents of telephone calls. But NSA audit stated that it only involved metadata. We regret the error.