To me, the law professor was in a sense describing a Lincoln moment. During the Civil War, President Lincoln violated a number of the first ten amendments to the Constitution—principles in which he believed deeply—because he thought it necessary to save the Union. What must be stressed is that these perilous decisions cannot be made at low levels. In the case of the EITs, they were not. The highest levels of the US government in both the executive branch and Congress were engaged—as they should have been.
* * *
In discussing the EIT issue, a senior British official recently told me about an incident that occurred in World War II. In June 1940 a ship named RMS Lancastria was evacuating British troops and civilians from France. An estimated six thousand to nine thousand people were aboard when a German bomber sank the ship, killing four thousand to seven thousand people. Prime Minister Winston Churchill directed that the news be withheld from the British people and the official records were ordered sealed until the year 2040. Clearly, hiding so many deaths was not the right thing to do—and Churchill knew it, but he felt that the British people could not withstand that much bad news, and for the good of the country, he kept it from them. While the decision to employ the EITs was a much different matter, I understand why those making the decision believed it was the right thing to do.
CHAPTER 12
Breach of Trust
An employee of the Central Intelligence Agency liked to frequent chat rooms. His online persona was TheTrueHOOHA. Here is a chat from January 2009:
TheTrueHOOHA: HOLY SHIT
http://www.nytimes.com/2009/01/11/washington/lliran.html?_r=1&hp
[a reference to a New York Times article on purported US operations in Iran]
TheTrueHOOHA: WTF NYTIMES?
Are they TRYING to start a war?
Jesus Christ
They’re like wikileaks
User19: they’re just reporting dude.
TheTrueHOOHA: They’re reporting classified shit.
TheTrueHOOHA: moreover, who the fuck are the anonymous sources telling them this?
TheTrueHOOHA: those people should be shot in the balls.
TheTrueHOOHA: I wonder how many hundreds of millions of dollars they just completely blew?
TheTrueHOOHA: these are the same people who blew the whole “we could listen to osama’s cell phone” thing the same people who screwed us on wiretapping and over and over again. Thank god they’re going out of business.
User19: the NYT?
TheTrueHOOHA: Hopefully they’ll finally go bankrupt this year.
Yeah.
An exchange a few minutes later:
User19: is it unethical to report on government intrigue?
TheTrueHOOHA: VIOLATING NATIONAL SECURITY. No
User19: meh.
national security
TheTrueHOOHA: Um, YEEEEEEEEEEEES
TheTrueHOOHA: that shit is classified for a reason
TheTrueHOOHA: it’s not because “oh we hope our citizens don’t find out”
TheTrueHOOHA: it’s because “this shit won’t work if Iran knows what we’re doing.”
TheTrueHOOHA was the online persona of Edward Snowden.
* * *
In the preface to this book, I explained how my final weeks as deputy director were consumed with a credible and serious threat from al Qa‘ida’s number one franchise—AQAP. Along with that threat, my final weeks in the job were also filled with another major issue. On June 5, 2013, the UK’s Guardian newspaper carried a report claiming the NSA was collecting the phone records of millions of Verizon customers daily. This, of course, was a reference to the now-declassified telephony metadata program, which operates under provisions of the Patriot Act.
Under this program the telephone companies, operating under a broad court order, provided to the NSA the following information for calls made to and from US phone numbers—the number that initiated the call, the number that was called, the time of the call, and the duration of the call. The phone companies did not provide the NSA with the identities of the callers or the content of the call—what was actually said in the conversation. It was akin to sharing what is on the outside of a letter’s envelope—minus any names—without sharing what is inside the envelope.
The next day the Washington Post ran a story saying that the NSA was intercepting the e-mail communications of persons overseas as the messages passed through the United States. This program, which operates under Section 702 of the Foreign Intelligence Surveillance Act, focused on collecting foreign-to-foreign communications that, because of the nature of the Internet, ran through the United States.
Within four days the Guardian revealed that its source had been a young man named Edward Snowden. Through the Guardian, Snowden told his story—saying that he had become increasingly concerned about the massive NSA surveillance aimed at the public both in the United States and overseas, that he wanted there to be an open debate on the issue, and that he had taken documents from his job at the NSA in order to demonstrate his concern. Snowden said he had fled to Hong Kong on May 20.
Snowden had been an NSA contractor since 2009, working as a systems administrator. His most recent job had been at an NSA facility in Hawaii. And although he was an NSA contractor at the time of his flight to Hong Kong, we quickly learned that Snowden had worked for CIA from 2006 to 2009. Prior to that he had worked as a security specialist at the Center for Advanced Study of Language—a partnership between the University of Maryland and the intelligence community. This is where he received his first security clearance.
At a briefing in mid-June, Director Brennan and I made clear that we needed to know a number of things—as soon as possible. One, were there CIA documents or information in the materials that Snowden had stolen from the NSA? Two, had he stolen any classified information when he served at CIA? Three, how had he gotten a job at CIA and what were the circumstances of his departure in 2009, when he left to become a contractor for the NSA? And four, was Snowden working with any foreign intelligence service—either wittingly or not?
The first issue—had he stolen any CIA information while at the NSA—proved maddeningly difficult at first. Snowden’s principal victim, the NSA, was understandably distraught at the massive security breach and initially refused to let CIA officers be part of its security review. It took a phone call from me to Chris Inglis, the NSA deputy director at Fort Meade (the NSA’s headquarters), to break through that barrier. Inglis, an outstanding intelligence officer and friend, understood the importance of my request immediately, and simply said, “I’ll take care of it.” Once CIA officers were given access, the news was not good. Snowden, a clever but relatively low-level computer systems administrator, had figured out how to access millions of documents. It was not clear what documents had been taken—but the scope and range of the potential loss was enormous. And as Agency officers sifted through the information to which Snowden had had access, they discovered that among the documents at risk were not just NSA secrets but CIA secrets as well.
On the issue of whether Snowden stole classified information while he worked at CIA, I am not permitted to provide the answer that was briefed to me, because of concerns about the national security implications if this information were disclosed.
I can say more about the questions involving Snowden’s CIA employment. Amazingly, in 2006, this high school dropout with a GED and less than five months in the US Army Reserve—where he did not complete basic training—was hired by CIA to be a telecommunications support officer, or TISO (pronounced tee-so)—an important job that ensures that our officers can communicate securely with one another no matter where they are on the planet. Snowden had self-taught computer skills but little else going for him. At the time the Agency was still in the middle of a massive buildup in the aftermath of 9/11, and one of the areas of greatest need was TISOs. This is why Snowden got hired.
Snowden’s employment application, work performance, and behaviors created concerns at the Agency—including security c
oncerns. Snowden was aware of this, and he departed the Agency before they could be resolved and before the Agency could take any action against him. So the guy with whom CIA had concerns left the Agency and joined the ranks of the many contractors working in the intelligence community—before CIA could inform the rest of the IC of its worries. He even got a pay raise. He was working on the rolls of Dell and later Booz Allen Hamilton for the NSA.
On the fourth major question for us—the issue of possible foreign intelligence involvement with Snowden—we learned some very interesting things that I am not permitted to share. I can say that when Snowden stopped first in Chinese-controlled Hong Kong and later in Russia there is no doubt that the intelligence services of those countries had an enormous interest in him and the information he had stolen. Both the Chinese and the Russians would have used everything in their tool kits—from human approaches to technical attacks—to get at Snowden’s stolen data as well as simply what he knew about the intelligence community.
My own view on this question is that both Chinese and Russian intelligence officers undoubtedly pitched him—offering him millions of dollars to share the documents he had stolen and to answer any questions they had about the NSA and CIA. But my guess is that Snowden said, “No, thank you,” given his mind-set and his clear dislike for intelligence services of any stripe. My concern, however, is that Snowden may have unwittingly led the Chinese or, more likely, the Russians to his treasure chest of documents. Snowden thinks he is smart, but he was never in a position in his previous jobs to fully understand the immense capabilities of our Russian and Chinese counterparts and therefore not smart enough to realize when and how he might be being used.
This is not even to mention the interest that the Chinese and Russians would obviously have in the reporters to whom Snowden provided classified information. They too are undoubtedly targets of the Chinese, Russians, and others. To their credit, these reporters have refused to publish some of the most sensitive information in their possession. But not publishing it and protecting it from intelligence services are two completely different things. How well they have protected such information is open to question. They too do not understand the capabilities of our adversaries.
* * *
In my last week as deputy director I got a call from Denis McDonough, who in early 2013 had been promoted to be the president’s chief of staff. “The president is thinking of putting together a commission to look into some of the issues raised as a result of the Snowden leaks. He’d like you to be a member.” I promised to give the request some thought, and I discussed it with one of my mentors, a veteran of the intelligence community.
“Are you nuts?” the mentor asked. “You are about to become a civilian for the first time in thirty-three years.” The last thing that I ought to do, he suggested, was agree to join a presidential commission. “Denis promises that it won’t be that onerous,” I told the mentor. “Yeah, that’s what they always say,” he advised. “Somebody needs to do this job, Michael, but as your friend, I’m telling you that it does not need to be you.”
I did not follow my mentor’s advice. In the end I decided that I could not say no to the president and to McDonough. And I could not say no given the enormous damage that Snowden had done to national security. So I found myself, before I was even off the government payroll, serving as a member of the president’s Review Group on Intelligence and Communications Technologies. Joining me on the group were three renowned law professors—Geof Stone from the University of Chicago, Cass Sunstein from Harvard, and Peter Swire from Georgia Tech. Also on the panel was Dick Clarke, a former senior government official with immense experience in terrorism, cyber security, and other national security issues. My mentor, of course, had in large measure been right. The panel soon took up much more time than McDonough had promised.
Operating from a federal office building on K Street in D.C., I began digging into the issue. The first thing that struck me was that there were a handful of causes of the “Snowden affair,” which I defined as Snowden’s successful theft over time of vast amounts of significant information coupled with the sharp negative reaction at home and abroad to the NSA’s work. The first cause was, ironically, the enormous success of the National Security Agency in collecting information. Government agencies usually get in trouble for failing to do their jobs. In this case the NSA got in trouble, at least in part, for doing its job, as Snowden had in part been motivated by the breadth and depth of the NSA’s collection capabilities.
I would argue that in the decade after 9/11, of all the agencies that make up the US intelligence community, none was more successful than the National Security Agency. And that is a significant statement for a CIA officer to make, because there is a bit of professional rivalry among intelligence organizations. In fact, I was a little chagrined by how well the NSA was doing relative to the Agency. The amount of critical intelligence the NSA was collecting was staggering, and that agency was—and remains—the collector of some of the most important pieces of the intelligence puzzle presented to the president and national security decision-makers every day.
It is important to note that all of the NSA operations that resulted in this treasure trove of intelligence collection were approved by the executive branch and overseen by Congress. Some of the operations were even overseen by the Foreign Intelligence Surveillance Court, made up of federal judges appointed by the chief justice of the Supreme Court. And the NSA did not disseminate anything to the rest of the intelligence community and to policy-makers that they had not been asked to collect by a rigorous requirement process managed by the director of national intelligence (DNI). In short, the NSA was not in any way acting as a rogue agency. Rather, it was doing the job that the DNI had given it and it was doing that job well.
Another cause of the Snowden affair was that, despite its great success, the NSA had two internal problems—one of which had contributed directly and one indirectly to Snowden’s ability to steal the amount of information he did. The first problem was that the NSA—the world’s most capable signals intelligence organization, an agency immensely skilled in stealing digital data—had had its pocket thoroughly picked. You would have thought that of all the government entities on the planet, the one least vulnerable to such grand theft would have been the NSA. But it turned out that the NSA had left itself vulnerable.
At its facility in Hawaii, where Snowden had gone to work every day, the NSA did not have the audit functions on its computer network that would have made Snowden’s theft all but impossible. Like the audit function on personal credit cards, such software raises flags when people access information outside their normal pattern of type and volume. In fairness, the NSA had safeguards at its headquarters at Fort Meade—but it was vulnerable at the outer regions of its network, in places like Hawaii, where it had not yet installed the latest security technologies. It was simply an issue of the timetable for which NSA facility received security upgrades at what time. Hawaii was low on the list.
The second internal problem was that the NSA—an organization renowned for its secrecy—was remarkably transparent among its own people. The culture at the NSA was for personnel to freely talk among themselves about issues on which they were working. The NSA had its own wikis where its employees could post, for their colleagues to see, information about their projects—including those on which they worked hand in hand with CIA officers. The idea was to spread knowledge and learn from the successes of others, but it created an enormous security vulnerability, given the always-existing risk of an insider committed to stealing secrets. Snowden took advantage of this vulnerability, scooping up much of the information on these wikis. This kind of internal openness was anathema to the typical attitude in the intelligence community that information should be shared only with those who have a legitimate need to know.
The final cause of the Snowden affair was the failure of some in the media to accurately describe what they were seeing in the Snowden documents. Many of them went to
the darkest corner of the room, and it had political impact. This was sloppy reporting. On June 6, CNN led with a story titled “Spying on Your Calls,” and the story contained the following line: “When you call Grandma in Nebraska, the NSA knows.” Fox noted that “NSA knows your calling habits.” MSNBC said that NSA is “screening your calls.” The Associated Press said, “The government knows who you are calling. Every day. Every call.” Glenn Greenwald, the reporter who broke the initial story, wrote, “Do you want to live with a government that knows everything you are doing?”
All of this was complete nonsense, but you could forgive the average citizen for not knowing that. Such reporting created the impression that NSA surveillance in the United States was much more intrusive than it really was. Media accounts created the impression that the NSA was listening to phone calls and reading e-mails—neither of which it was doing. Polling makes it clear that these inaccurate perceptions were immensely influential in shaping the ensuing political debate.
As I continued to read in our K Street office, the second thing that struck me was that the fundamental problem with which we were dealing was a loss of trust on several fronts—the loss of trust by a significant percentage of Americans in their own government, the loss of trust by some of our allies in the United States, and the loss of trust by overseas customers in a number of US companies—customers who were now concerned that the NSA had secret deals with these companies to compromise their products by placing “back doors” in their software and hardware.
The Great War of Our Time: The CIA's Fight Against Terrorism--From Al Qa'ida to ISIS Page 29