Secrecy

Resources

Edward Snowden Timeline (excerpted and archived from https://populartimelines.com/timeline/Edward-Snowden)

2004 — Snowden enlisted in the United States Army on May 7, 2004, and became a Special Forces candidate through its 18X enlistment option. He did not complete the training due to bilateral tibial stress fractures, and was discharged on September 28, 2004.

2005— Snowden was then employed for less than a year in 2005 as a security guard at the University of Maryland’s Center for Advanced Study of Language, a research center sponsored by the National Security Agency (NSA).

May 2006– After distinguishing himself as a junior employee on the top computer team, Snowden was sent to the CIA’s secret school for technology specialists, where he lived in a hotel for six months while studying and training full-time.

March 2007 —The CIA stationed Snowden with diplomatic cover in Geneva, Switzerland, where he was responsible for maintaining computer-network security. Assigned to the U.S. Permanent Mission to the United Nations, a diplomatic mission representing U.S. interests before the UN and other international organizations, Snowden received a diplomatic passport. Snowden described his CIA experience in Geneva as formative, stating that the CIA deliberately got a Swiss banker drunk and encouraged him to drive home. Snowden said that when the latter was arrested for drunk driving, a CIA operative offered to help in exchange for the banker becoming an informant. In February 2009, Snowden resigned from the CIA.

2009— Snowden began work as a contractee for Dell, which manages computer systems for multiple government agencies. Assigned to an NSA facility at Yokota Air Base near Tokyo, Snowden instructed top officials and military officers on how to defend their networks from Chinese hackers. Snowden looked into mass surveillance in China which prompted him to investigate and then expose Washington’s mass surveillance program after he was asked in 2009 to brief a conference in Tokyo. During his four years with Dell, he rose from supervising NSA computer system upgrades to working as what his résumé termed a “cyber strategist” and an “expert in cyber counterintelligence” at several U.S. locations.

2010— He had a brief stint in New Delhi, India where he enrolled himself in a local IT institute to learn core Java programming and advanced ethical hacking.

2011— In 2011, he returned to Maryland, where he spent a year as lead technologist on Dell’s CIA account. In that capacity, he was consulted by the chiefs of the CIA’s technical branches, including the agency’s chief information officer and its chief technology officer

A former NSA co-worker said that although the NSA was full of smart people, Snowden was a “genius among geniuses” who created a widely implemented backup system for the NSA and often pointed out security flaws to the agency. The former colleague said Snowden was given full administrator privileges with virtually unlimited access to NSA data. Snowden was offered a position on the NSA’s elite team of hackers, Tailored Access Operations, but turned it down to join Booz Allen. An anonymous source later said that Booz Allen’s hiring screeners found possible discrepancies in Snowden’s resume but still decided to hire him.

Snowden subsequently told Wired that while at Dell in 2011, “I would sit down with the CIO of the CIA, the CTO of the CIA, the chiefs of all the technical branches. They would tell me their hardest technology problems, and it was my job to come up with a way to fix them.”

2012— In March 2012, Dell reassigned Snowden to Hawaii as lead technologist for the NSA’s information-sharing office.

U.S. officials and other sources familiar with the investigation said Snowden began downloading documents describing the government’s electronic spying programs while working for Dell in April 2012. Investigators estimated that of the 50,000 to 200,000 documents Snowden gave to Greenwald and Poitras, most were copied by Snowden while working at Dell.2013

2013— In 2013, Snowden was hired by an NSA contractor, Booz Allen Hamilton, after previous employment with Dell and the CIA.

March 12, 2013– In January 2014, Snowden said his “breaking point” was “seeing the Director of National Intelligence, James Clapper, directly lie under oath to Congress.” This referred to testimony on March 12, 2013—three months after Snowden first sought to share thousands of NSA documents with Greenwald, and nine months after the NSA says Snowden made his first illegal downloads during the summer of 2012 —in which Clapper denied to the U.S. Senate Select Committee on Intelligence that the NSA wittingly collects data on millions of Americans. Snowden said, “There’s no saving an intelligence community that believes it can lie to the public and the legislators who need to be able to trust it and regulate its actions. Seeing that really meant for me there was no going back. Beyond that, it was the creeping realization that no one else was going to do this. The public had a right to know about these programs.”

March 15, 2013– On March 15, 2013 – three days after what he later called his “breaking point” of “seeing the Director of National Intelligence, James Clapper, directly lie under oath to Congress” – Snowden quit his job at Dell. Although he has said his career high annual salary was $200,000, Snowden said he took a pay cut to work at consulting firm Booz Allen Hamilton, where he sought employment in order to gather data and then release details of the NSA’s worldwide surveillance activity.

April 2013— Greenwald began working with Snowden in either February or April 2013, after Poitras asked Greenwald to meet her in New York City, at which point Snowden began providing documents to them. Barton Gellman, writing for The Washington Post, says his first direct contact was on May 16, 2013. According to Gellman, Snowden approached Greenwald after the Post declined to guarantee publication within 72 hours of all 41 PowerPoint slides that Snowden had leaked exposing the PRISM electronic data mining program, and to publish online an encrypted code allowing Snowden to later prove that he was the source.

On May 20, 2013, Snowden flew to Hong Kong after leaving his job at an NSA facility in Hawaii, and in early June he revealed thousands of classified NSA documents to journalists Glenn Greenwald, Laura Poitras, Barton Gellman, and Ewen MacAskill.

May 2013— At the time of his departure from the U.S. in May 2013, he had been employed for 15 months inside the NSA’s Hawaii regional operations center, which focuses on the electronic monitoring of China and North Korea, first for Dell and then for two months with Booz Allen Hamilton. While intelligence officials have described his position there as a system administrator, Snowden has said he was an infrastructure analyst, which meant that his job was to look for new ways to break into Internet and telephone traffic around the world. An anonymous source told Reuters that, while in Hawaii, Snowden may have persuaded 20–25 co-workers to give him their login credentials by telling them he needed them to do his job. The NSA sent a memo to Congress saying that Snowden had tricked a fellow employee into sharing his personal private key to gain greater access to the NSA’s computer system. Snowden disputed the memo, saying in January 2014, “I never stole any passwords, nor did I trick an army of co-workers.”

Snowden quit his job, telling his supervisors he required epilepsy treatment, but instead fled the United States for Hong Kong on May 10. He chose Hong Kong because at the time “they have a spirited commitment to free speech and the right of political dissent”. Snowden had been in his room at the Mira Hotel since his arrival in the city, rarely going out.

Snowden was permitted temporary leave from his position at the NSA in Hawaii, on the pretext of receiving treatment for his epilepsy. In mid-May, Snowden gave an electronic interview to Poitras and Jacob Appelbaum which was published weeks later by Der Spiegel.

On May 20, 2013, Snowden flew to Hong Kong, where he was staying when the initial articles based on the leaked documents were published, beginning with The Guardian on June 5. Greenwald later said Snowden disclosed 9,000 to 10,000 documents.

June 2013— On June 5, 2013, media reports documenting the existence and functions of classified surveillance programs and their scope began and continued throughout the entire year. The first program to be revealed was PRISM, which allows for court-approved direct access to Americans’ Google and Yahoo accounts, reported from both The Washington Post and The Guardian published one hour apart. Barton Gellman of The Washington Post was the first journalist to report on Snowden’s documents. He said the U.S. government urged him not to specify by name which companies were involved, but Gellman decided that to name them “would make it real to Americans.”

Reports also revealed details of Tempora, a secret British surveillance program run by the NSA’s British partner, GCHQ. The initial reports included details about NSA call database, Boundless Informant, and of a secret court order requiring Verizon to hand the NSA millions of Americans’ phone records daily, the surveillance of French citizens’ phone and Internet records, and those of “high-profile individuals from the world of business or politics.” XKeyscore, an analytical tool that allows for collection of “almost anything done on the internet,” was described by The Guardian as a program that shed light on one of Snowden’s most controversial statements: “I, sitting at my desk [could] wiretap anyone, from you or your accountant, to a federal judge or even the president, if I had a personal email.”

Booz Allen terminated Snowden’s employment on June 10, 2013, the day after he went public with his story, and 3 weeks after he had left Hawaii on a leave of absence.

Whistleblowing— Snowden says he gradually became disillusioned with the programs with which he was involved, and that he tried to raise his ethical concerns through internal channels but was ignored.

In March 2014, Snowden said he had reported policy or legal issues related to spying programs to more than ten officials, but as a contractor had no legal avenue to pursue further whistleblowing.

In May 2014, U.S. officials released a single email that Snowden had written in April 2013 inquiring about legal authorities but said that they had found no other evidence that Snowden had expressed his concerns to someone in an oversight position. In June 2014, the NSA said it had not been able to find any records of Snowden raising internal complaints about the agency’s operations. That same month, Snowden explained that he had not produced the communiqués in question because of the ongoing nature of the dispute, disclosing for the first time that “I am working with the NSA in regard to these records and we’re going back and forth, so I don’t want to reveal everything that will come out.”

 

Foreign Intelligence Law Collection — Professor Laura K. Donohue, the Agnes N. Williams Research Professor at Georgetown University Law Center, in collaboration with the Georgetown University Edward Bennett Williams Law Library, has developed a collection that includes foreign intelligence-related statutory and regulatory instruments; the legislative histories for statutory changes to the Foreign Intelligence Surveillance Act (FISA); publicly available and declassified opinions and orders issued by the Foreign Intelligence Surveillance Court (FISC) and Foreign Intelligence Surveillance Court of Review (FISCR); FISA-related cases in non-specialized Article III courts; statutorily-required reports on the operation of FISA and formal correspondence between FISC and Congress; FISC/FISCR Rules of Procedure; and an annotated bibliography of secondary sources related to FISA, FISC/FISCR, and foreign intelligence law.

ACLU Supreme Court Petition Challenging Secrecy of U.S. Surveillance Court 20 April 2021

Panel Discussions

The Patriot Act Turns 20: Taking Stock and Rethinking Surveillance Powers — What were the key civil liberties concerns back in the fall of 2001 and how have government surveillance activities changed over the last two decades? With the benefit of 20 years of experience, what authorities does the government need to keep the country safe while preserving civil liberties and civil rights in the U.S. and abroad? Should there be a comprehensive reexamination of government #surveillance authorities today? What changes should be made?

On October 5th, CDT hosted a discussion to tackle these questions and others that began with a fireside chat between former U.S. Senator Russ Feingold, the lone “no” vote in the Senate against the Patriot Act, and Laura Murphy, who managed the ACLU’s Legislative Office in Washington, D.C. during the bill’s passage. Their talk will be followed by a panel discussion and public Q&A session with:

* Laura Donohue, Director of Georgetown University’s Center on National Security and the Law, Designated FISA Court Amicus Curiae

* Chris Fonzone, General Counsel, Office of the Director of National Intelligence (ODNI)

* Sharon Bradford Franklin, Co-Director of the CDT Security & Surveillance Project, former Executive Director of the Privacy and Civil Liberties Oversight Board (PCLOB)

Moderated by Shane Harris, Washington Post intelligence and #nationalsecurity reporter and author of The Watchers: The Rise of America’s Surveillance State and @War: The Rise of the Military-Internet Complex.

Publications 

“Secrets and Lies — Exposed and Combatted: Warrantless Surveillance Under and Around the Law 2001-2017.” Secrecy and Society 2(1). https://scholarworks.sjsu.edu/secrecyandsociety/vol2/iss1/

This article was written over the period of June 2017 to March 2018.  Before June 2013, civil society and much of Congress were largely in the dark about the extent of the surveillance activities of the National Security Agency and the circumlocutions of statute undertaken by the White House and the Department of Justice. After the releases by Edward Snowden to specific journalists, the mendacity of Intelligence Community lawyers and leaders, the evasions of the law and manipulation of the FISA Court by the White House working with the Justice Department, and the scope of the violations of the Fourth Amendment protections of U.S. Persons (USPs) became increasingly apparent.

In order to understand the context for the “Snowden disclosures” and what they have meant for Executive Branch accountability, it is necessary to understand the course of efforts to rein in – or at least secure some (often minimal) oversight of – the U.S. Intelligence Community. These initiatives include the Foreign Intelligence Surveillance Act (FISA) and the amendments thereto, including, for the purposes of this article, the USA PATRIOT Act, the USA Freedom Act, and the FISA Amendments Act (FAA) and its reauthorizations. The article reviews the changes that were initiated in the Executive Branch (and to a lesser extent in the Legislative Branch), the role civil society played in pushing and utilizing greater transparency, and what the changes mean for government accountability to the public.

As news articles appear about the ongoing activities of the Intelligence Community in the areas covered in this article, they will be noted here.  It is strongly advised that one read “Secret and Lies” before taking any government statements at face value–or thinking the words necessarily mean what they appear to mean.


NSA Reports Data Deletion, NSA Press Release Release No: PA-010-18 ,28 June 2018. “…on May 23, 2018, NSA began deleting all call detail records (CDRs) acquired since 2015 under Title V of the Foreign Intelligence Surveillance Act (FISA). The Government relies on Title V of FISA to obtain CDRs, which do not include the content of any calls. In accordance with this law, the Government obtains these CDRs, following a specific court-authorized process. NSA is deleting the CDRs because several months ago NSA analysts noted technical irregularities in some data received from telecommunications service providers. These irregularities also resulted in the production to NSA of some CDRs that NSA was not authorized to receive. Because it was infeasible to identify and isolate properly produced data, NSA concluded that it should not use any of the CDRs. … The root cause of the problem has since been addressed for future CDR acquisitions, and NSA has reviewed and revalidated its intelligence reporting to ensure that the reports were based on properly received CDRs.

NSA criticized for ‘increased risk’ of jeopardizing civil liberties, Fifth Domain, Justin Lynch, 25 July 2018.  The National Security Agency is at an “increased risk” of jeopardizing civil liberties and the privacy of American citizens, according to an inspector general report that comes just months after a controversial program that collects emails and phone calls was extended. The NSA watchdog said that agency analysts performed “noncompliant” searches using the organization’s Foreign Intelligence Surveillance Act Authority, which were caused by “human error, incomplete understanding of the rules, and gaps in guidance.”According to the report, which covered the period from October 1, 2017, to March 31, 2018 the unauthorized searches were related to the FISA’s counterterrorism authority. …The inspector general also criticized the agency for “incomplete” documentation of internal processes related to foreign dissemination of FISA data, which “increases the risk of noncompliance.”In another example, the NSA watchdog said that three open-source capabilities of the agency posed similar risks to citizens, as well as spreading classified material.

 

 

Government email with the ability to disable itself — or any use of its contents? What’s to worry about?

UPDATE — We have heard about conversations with folks who use Google at their agencies. The general consensus seems to be that the new features are in conflict with records management laws and those need to be resolved before any potential implementation of these features, and it’s highly unlikely that they can be incorporated due to that.  It also sounds like there’s not a large user demand for these features (probably due to complacency and comfort with the existing set up).


On April 25, Google announced the introduction of a new approach to information protection: Gmail confidential mode.

“With confidential mode, it’s possible to protect sensitive content in your emails by

  • creating expiration dates or
  • revoking previously sent messages
  • requiring additional authentication via text message to view an email.”

But, wait, there’s more…

“Built-in Information Rights Management (IRM) controls also allow you to remove the option to

  • forward
  • copy
  • download or
  • print messages.

This helps reduce the risk of confidential information being accidentally shared with the wrong people.”

What could possibly go wrong when government employees, lobbyists, and even nefarious folks are allowed to use these options (which may be all on or all off)?

American Oversight has already sent a letter to the National Archives and Records Administration (NARA) calling for government-wide guidance to prevent officials and employees from using Gmail’s new “self-destructing” and “revoking” email feature. As they note, the feature could allow government employees to delete agency records subject to the Freedom of Information Act (FOIA).  That feature would also be a violation of the Federal Records Act.

Of equal, if not greater, concern are the other features.  Government Information Watch is working with current and former government employees to identify the bars to the use of these “information rights” features (including requiring authentication to view messages) by officials and employees.

Their implementation could have deleterious effects on whistleblowers, journalists, and the ability to use information received through FOIA releases.

Stay tuned. We will be updating you as we go forward.

Shades of Cheney

I am more and more reminded of the Bush-Cheney Administration. Not only are the (literal) war-horses being recycled, but the enormous disdain of Congress and the refusal of any accountability to the public are painfully familiar to any of us who endured that period.

To wit, the White House is stonewalling the Government Accountability Office, according to a May 30 report in Government Executive.  Not to give the current White House any ideas, but this is a mere sfumatura (as Italians would say) of the confrontation that Cheney created.  The following is excerpted from my 2007 book, Who Needs to Know?

On April 19, 2001, Representatives Dingell and Waxman launched joint requests to both the Vice President and the General Accounting Office concerning the Vice President’s Energy Task Force, its members, and its proceedings.

In response to the request by Representatives Dingell and Waxman, the General Accounting Office (GAO) issued the first demand letter ever to a sitting Vice President.  GAO considered its statutory authority to be clear.

Counsel to the Vice President David Addington responded to the Congressional request, explaining that the Energy Group was not subject to the Federal Advisory Committee Act.  As a matter of comity, though, he would provide some answers about the Energy Group’s members, staff and activities. Addington declared that GAO was seeking “to intrude into the heart of Executive deliberations, including deliberations among the President, the Vice President, members of the President’s Cabinet, and the President’s immediate assistants, which the law protects to ensure the candor in Executive deliberation necessary to effective government.”[1] GAO argued that even assuming this claim was accurate, it still had the authority to make the requests it had made.

On Sept. 27, for the first time in the 81‑year history of the agency, the comptroller general of the United States went to Federal court today to ask a judge to order a member of the executive branch to turn over records to Congress.

It was clear, even this early in this administration, that executive privilege was an issue of central importance to the Administration.  As John Dean—who, as counsel to former President Nixon might be considered to know something about the abuse of power—writes, “not since Richard Nixon stiffed the Congress during Watergate has a White House so openly, and arrogantly, defied Congress’s investigative authority. … Cheney has not claimed “Executive Privilege,” for the Vice President has no such power. Rather, Cheney has claimed ‑ and Bush has backed up his claim ‑ that GAO (and therefore the Congress, too) has no authority to seek the information they have requested.[2]

Dean also noted “the special attention” given this case:

In fact, it is unique in the history of the Department of Justice. Normally, this case would have been handled by the Civil Division of the Justice Department. But this case is one of a select few being handled by a newly created special unit under the direction of Deputy Solicitor General Paul Clement. …Not only is this nameless ad hoc group representing Vice President Cheney, but no less than the Solicitor General himself, Theodore Olson, was seated at the trial table in the Judge Bates’s courtroom during the recent augment. Typically, the Solicitor General only appears before the U.S. Supreme Court. For the SG to appear in the U.S. District Court was clearly designed to send a message to the Judge of the unusual importance the Bush‑Cheney Administration has given this case ‑‑ not to mention to prepare the SG for later arguing the case before higher courts.”[3]

On December 9, 2002, U.S District Judge John Bates, a Bush appointee and former Kenneth Starr deputy, ruled against GAO (Walker v. Cheney). The opinion reads:

“The parties agree that no court has ever before granted what the Comptroller General seeks – an order that the President (or Vice-President) must produce information to Congress (or the Comptroller General). Because the Comptroller General does not have the personal, concrete, and particularized injury required under Article III standing doctrine, either himself or as the agent of Congress, his complaint must be dismissed. Historically, the Article III courts have not stepped in to resolve disputes between the political branches over their respective Article I and Article II powers; this case, in which neither a House of Congress nor any congressional committee has issued a subpoena for the disputed information or authorized this suit, is not the setting for such unprecedented judicial action.[4]

This decision, in essence, secures the Bush Administration’s position that it has the right to withhold from the public–and Congress–any and all details of its policy-development meetings with non-governmental people. It also chills any attempt by Congress to use the GAO to monitor the executive branch.

We are not yet there, but not for the lack of trying by the Trump administration.

[1] John W. Dean. “GAO v. Cheney Is Big‑time Stalling: The Vice President Can Win Only If We Have Another Bush v. Gore ‑like Ruling .”  FindLaw, Friday, Feb. 01, 2002. http://writ.news.findlaw.com/dean/20020201.html
[2] Ibid.
[3] John W. Dean. “The Ongoing Fight Between the Supreme Court And Congress, as Illustrated by the GAO/Cheney Suit: Part Two Of A Series On Shrinking Congressional Powers.” FindLaw, Friday, October 25, 2002.  http://writ.news.findlaw.com/dean/20021025.html
[4] Memorandum Opinion and Order. Walker v. Cheney, 230 F. Supp. 2d 51 (D.D.C. 2002)

Government Reorganization still in the dark to both Congress and the public

UPDATE–The Southern Environmental Law Center is suing the Office of Management and Budget for failing to release information about efforts to fundamentally reorganize federal agencies responsible for managing federal public lands, including the United States Forest Service, the National Park Service, the Bureau of Land Management and the United States Fish and Wildlife Service.  SELC filed a request for information related to these reports in November 2017. After initially acknowledging SELC’s request, OMB has failed to provide the requested information or respond to inquiries pertaining to the request. Today’s suit challenging OMB was filed in U.S. District Court for the Western District of Virginia.


In January, I wrote about Government Reorganization in the dark and recounted the efforts of PEER and Government Executive to find the website that OMB purports to have set up to receive public comments, the 100,000 it alleges it received, and any information about the OMB’s plans for the agencies. The purported website previously at least took one to the bare bones OMB site; now it takes you on a wild goose chase.

That page cannot be found, or is located on an archived web page.

Past Administration Archives

On 2 May, Government Executive reported on the continuing saga.

…Agencies turned over initial versions of their plans to OMB in June of last year and final drafts in September. Lawmakers have not yet viewed the proposals and said they do not know if agencies met their deadlines.

The administration initially said the plans would be made fully available in Trump’s fiscal 2019 budget, though only a handful of agencies offered details in that document. Mulvaney recently told a congressional committee the White House would unveil the complete agency reform plans later this month.

As Gov Exec notes, however, Congress felt the need to mandate consultation on any consolidation or cutting of workforces:

Congress included several provisions in a recently passed governmentwide spending bill to ensure the Trump administration consults with lawmakers before consolidating offices or shedding workers. Several agencies have already risked running afoul of those provisions.

“The fact that the Republican-controlled Congress had to pass legislation to require the Trump administration to show us their secret reorganization plans is indicative of just how extensive the administration’s obstruction of congressional oversight has become,” Cummings said after the omnibus was enacted.

John Bolton Unleashed: the implications for accountability and for Congressional oversight

In a Just Security post today, Patrick Eddington provides a detailed history of John Bolton’s various stints in the Executive Branch—and his attitudes about the use of information to advance his agenda. As Eddington notes

Bolton rose to prominence in the Bush (43) administration’s first term as the Undersecretary of State for Arms Control and International Security Affairs, where he frequently clashed not only with his Bush administration colleagues but with career government servants at the State Department and the U.S. Intelligence Community. And it was those confrontations, along with credible allegations of abuse of surveillance powers [apparent attempts to obtain information on the identities of other American officials picked up in conversations by NSA] and [of] Intelligence Community analysts, that ultimately led to Bolton’s exit from the administration. [Emphasis added]

Now, Trump is putting Bolton in as the National Security Advisor, where he will not only see but be able to rouse the President to attack enemies “at home and abroad,” with

..unprecedented access to intelligence collection and surveillance authorities that routinely gobble up trillions of digital communications, including a vast (but currently undisclosed) number of text messages, emails, etc., belonging to Americans.

Bolton will also have access to FBI investigative information and capabilities, and be in a position to pressure the bureau or other federal agencies to investigate Americans in contact with foreign governments, nongovernmental organizations, foreign journalists, and more.

The problem for accountability is that

Because Bolton will be an appointee on President Trump’s staff, direct Congressional access to his communications with federal departments and agencies will likely be nonexistent, absent leaks to the media. Accordingly, the only chance of surfacing politically or legally dubious actions by Bolton or those working on his behalf will come from aggressive Congressional oversight of those same executive branch entities for any directives, taskings, or other orders that he hands down. [Emphasis added]

Eddington, a former Senior Policy Advisor to Rep. Rush Holt, identifies the tools available to the House and Senate to get information on Bolton’s activities from executive branch agencies—including Resolutions of Inquiry, appropriations riders, subpoenas, or holds on other executive branch nominations.

To be effective, such oversight must have  “at least a modicum of bipartisan cooperation.” And, in the current Congress, there’s the rub.

And, failing meaningful congressional oversight—and/or consequential internal executive branch disclosures and whistleblowing—the public will be completely in the dark.

The case for transparency if Wikileaks is a “nonstate, hostile intelligence service often abetted by state actors, like Russia”

In a post today on Lawfare, A Hard Transparency Choice: What is WikiLeaks?, Carrie Cordero raises important questions about the approach of the US government to Wikileaks.  Cordero points to the specific links that the Intelligence Community has drawn between the Russian government and Wikileaks, which are telling in themselves.  However, she notes that IC officials have openly and publicly “called out” Wikileaks as “a non state, hostile intelligence service often abetted by state actors, like Russia.”

As further revelations have been made about contacts between Julian Assange and individuals (such as Roger Stone) affiliated with the Trump campaign regarding the hacked Clinton campaign-related emails, the basis for the IC assessment of Wikileaks role remains largely hidden.  As Cordero notes, the U.S. government has not ever confirmed publicly whether it has an open counterintelligence investigation of WikiLeaks, although the Washington Post reported last spring that “the FBI has spent years investigating WikiLeaks…” and continued to do so in the context of the exfiltration of sensitive CIA hacking tools. Cordero points out that

As a result, the U.S. intelligence community has made specific statements about WikiLeaks—without really saying what it is, who funds it, who controls it and how it obtains information it releases. This makes it difficult for the public to accurately understand how to interpret WikiLeaks’ activities and releases. The current approach also makes it difficult for consumers of information released by WikiLeaks, including but not limited to professional journalists, to understand whether they are reviewing information that has been released as a public service, or as an orchestrated effort intended to manipulate, which activities may be supported, conducted or encouraged by a foreign intelligence service.

If we assume that WikiLeaks is subject to a longstanding investigation, and that there is a possibility that it or its officials have exposure to criminal charges, it may be that the FBI, Justice Department, special counsel, or all three would strongly oppose any further public disclosure by the intelligence community regarding what WikiLeaks is or how it operates. Yet, if WikiLeaks is, as director Pompeo has said, a “nonstate, hostile intelligence service often abetted by state actors, like Russia,” then there is a competing interest favoring a release of meaningful information that supports the assessment, by the intelligence community through appropriate transparency processes that have been developed in recent years. If such a public disclosure can be made, consistent with the need to protect classified information and accommodating ongoing investigative prerogatives, this seems like the right time to make it.

 

Government Information Watch joins coalition letter in opposition to nomination of Gina Haspel as CIA Director

Government Information Watch today joined 29 other civil society organizations in a letter to Senators expressing grave concerns regarding the nomination of Gina Haspel for Director of the Central Intelligence Agency (CIA), and asking that her nomination not be advanced until all of the records on her past involvement in the CIA torture program are declassified and released to the public.

The letter notes that

“[t]he Senate’s constitutional obligation to “advise and consent” on any nomination requires that it have full access to relevant information on the nominees before it. In Ms. Haspel’s case, the precise details of her role in the torture program remain classified. All senators should demand that those records be declassified and made public—before her nomination moves any further—so that they can actually discuss Ms. Haspel’s deeply disturbing background in open session, and so that the public can glean a more detailed picture of her role in one of the darkest chapters in U.S. history.

Ms. Haspel was a central figure in the torture program and the destruction of evidence of torture. Based on already available records and public reporting, it is clear by her wrongdoing that she demonstrated disregard for the rule of law and fundamental human rights.”

See also News: CIA argued torture sessions were actually business meetings so it could destroy videotapes.

Air Force’s guidance documents on public/press communications seem to be in conflict

According to several stories in Defense One, communications with the public and the press are being actively discouraged.  A March 13 story notes:

The U.S. Air Force is slashing access to media embeds, base visits and interviews as it seeks to put the entire public affairs apparatus through retraining — a move it says is necessary for operational security, but one which could lead to a broader freeze in how the service interacts with the public.

According to March 1 guidance obtained by Defense News, public affairs officials and commanders down to the wing level must go through new training on how to avoid divulging sensitive information before being allowed to interact with the press.

Before settling on retraining its public affairs corps and commanders, the service considered an even more drastic step: shutting down all engagement with the press for a 120-day period, a source with knowledge of the discussions said.

The guidance, which was marked as “for official use only,” was distributed to public affairs officials following a February 2018 memo on operational security signed by Air Force Secretary Heather Wilson and Chief of Staff Gen. Dave Goldfein. The story indicates that the guidance reflects a renewed focus on operational security that stems from the Trump administration’s recently released National Defense Strategy.

The seven-page guidance states:

In line with the new National Defense Strategy, the Air Force must hone its culture of engagement to include a heightened focus on practicing sound operational security. As we engage the public, we must avoid giving insights to our adversaries which could erode our military advantage. We must now adapt to the reemergence of great power competition and the reality that our adversaries are learning from what we say in public.

As Steve Aftergood notes, the new Air Force guidance does not distinguish between classified and unclassified information. Nor does it define the scope of “sensitive operational information” which must be protected.

Secrecy News also notes, moreover, that “As it happens, a counter-argument in favor of enhanced Air Force release of information was made just last week by Air Force Secretary Heather Wilson.” The  Public Affairs Management, Air Force Policy Directive 35-1, March 8, 2018, which notes in bold “COMPLIANCE WITH THIS PUBLICATION IS MANDATORY, states:

1. Overview.  The Air Force has an obligation to communicate with the American public, including Airmen and families, and it is in the national interest to communicate with the international public. Through the responsive release of accurate information and imagery to domestic and international audiences, public affairs puts operational actions in context, informs perceptions about Air Force operations, helps undermine adversarial propaganda efforts and contributes to the achievement of national, strategic and operational objectives. This directive establishes the framework for Air Force public affairs operations.
2. Policy.  The Air Force shall conduct comprehensive, active communication programs at all levels of command—in garrison and while deployed—to provide Airmen and their families, Congress and the American public timely, factual and accurate Department of Defense and Air Force information that contributes to awareness and understanding of the Air Force mission.
2.1. The Air Force shall respond to requests for releasable information and material. To maintain the service’s credibility, commanders shall ensure a timely and responsive flow of such information.
2.1.1.  The Secretary of the Air Force authorizes delegating the review of information proposed for public release to the lowest level competent to evaluate the content. Generally, reviewers shall assess the potential implications of releasing the information, ensuring it is not classified, does not disclose operationally sensitive elements, and does not conflict with established government policies or programs.
2.1.2.  Public affairs programs shall not practice propaganda, disinformation or activities intended to bias, mislead, misinform or deny otherwise releasable information.
2.2.  The Air Force shall develop and maintain cooperative and responsive relations with the public and media. Public affairs activities will support leaders at all levels in fostering public trust and support through active community outreach.
2.3.  The Air Force shall collect, preserve and accession visual information products to meet operational, informational, training, research, legal, historical and administrative needs.
2.4.  The Air Force shall organize, train and equip its bands to conduct appropriate engagements to foster sustained public trust and support, sustain warfighter morale, build partnerships, foster national pride, patriotism and service and recruit talented Airmen.

 

 

Consolidating classified presidential records in DC raises concerns

In Secrecy News, 5 Mar 2018, Steven Aftergood reported on a letter sent out by William J. (Jay) Bosanko, NARA’s COO, announcing NARA’s “intent to consolidate all of the classified records in the Presidential Library system in the Washington, DC area. This follows our previous consolidations of all other classified records that were previously maintained in the field.” Steve asks in the blog—and in a question he put to Mr. Bosanko—whether it really is necessary to physically move the records to DC in order to declassify them? In his email reply, Bosanko noted that the question
“comes back to age-old issues around declassification authority and third-agency referrals.  … And, bringing them here makes it much easier to address long-standing challenges such as certain topics that cut across more than one Administration.”
Given the resistance of the intelligence agencies, in particular the CIA, in letting “their” records be declassified. and a specific history of removing records from NARA—

Washington, D.C., February 21, 2006The CIA and other federal agencies have secretly reclassified over 55,000 pages of records taken from the open shelves at the National Archives and Records Administration (NARA), according to a report published today on the World Wide Web by the National Security Archive at George Washington University. Matthew Aid, author of the report and a visiting fellow at the Archive, discovered this secret program through his wide-ranging research in intelligence, military, and diplomatic records at NARA and found that the CIA and military agencies have reviewed millions of pages at an unknown cost to taxpayers in order to sequester documents from collections that had been open for years.

At issue then, and a possibility now, is that the IC agencies assert ‘equities’ in records not created by them.

An “equity” is information that was originated, classified by, or concerns the activities of another government agency or organization and only they can declassify it. Records that contain other agency “equities” must be referred to those agencies for declassification review.

A referred record becomes declassified upon final declassification action by the referring agency based upon the results of the other agency reviews, or automatically without benefit of additional review if not acted upon by those agencies within a specific time frame and after appropriate referral notification.

President Obama’s 2009 Executive Order 13526 created a National Declassification Center (NDC) at NARA and specifies that ‘If an agency fails to provide a final determination on a referral made by the Center within 1 year of referral, or by the centralized facilities referred to in section 3.7(e) of this order within 3 years of referral, its equities in the referred records shall be automatically declassified.”

It is potentially worrisome that the letter from Mr. Bosanko does not directly address the role to be played by the NDC and its responsibility for reigning in the endless foot-dragging on referrals undertaken by IC agencies.

Dam inspections to be public–in California. DHS still considers dams information SBU and keeps it off-limits

AP today reported that California Gov. Jerry Brown has signed legislation that seeks to beef up dam inspections following a near disaster that caused the evacuation of almost 200,000 people living downstream from the tallest U.S. dam. The measure sets standards for inspections and requires periodic review of dams’ original design and construction records. It also requires inspectors to consult periodically with independent experts and makes inspection reports public.

This site does not ordinarily cover state information policies, but the story brought to mind a FOIA case—from 2003 in the height of the ‘terrorists are going to get your information’ scare(-mongering) from the George W. Bush administration.  The Reporters Committee for Freedom of the Press wrote1 about in 2004, and I covered it in my 2007 book:

Glen Canyon Dam. In September 2001, a small environmental group filed a FOIA request for the federal government’s projections as to where the waters would go if the dam burst. The Bureau of Reclamation, which creates the “inundation maps” projecting what might happen, denied the request. In March 2003, the federal district court in Salt Lake City upheld2 the denial, ruling that the government could withhold the unclassified maps under an exemption to the FOIA for “law enforcement” records. One component of the law enforcement exemption protects against release of information that might help anyone circumvent the law—and the judge said that terrorists might make use of the information. The ruling included an oblique reference to “a dam failure as [seeking] a ‘weapon of mass destruction.’ ”3

Today’s story from California reminds us how far we have come—at least at the level of that state—but also what is at risk when allegations of potential threats by terrorists to Homeland Security are backed up by the courts and the Justice Department.

To this day, DHS considers information about dam safety to be “sensitive but unclassified”4 and keeps it behind a locked portal:

The HSIN-CS [Homeland Security Information Network-Critical Sectors] Dams Portal, managed by the Dams Sector-Specific Agency (SSA) within the Office of Infrastructure Protection/DHS, provides trusted and vetted public and private sector partners, including owners and operators…

https://www.rcfp.org/sites/default/files/homefront-confidential.pdf

2 Living Rivers, Inc. v. United States Bureau of Reclamation, 272 F. Supp. 2d 1313 (D. Utah 2003).  [March 2003]

U.S. Department of Justice. “Exemption 7f,”Item 14.  https://www.justice.gov/oip/foia-guide-2004-edition-exemption-7f

4 A marking for withholding information that is utilized with widely divergent ‘meanings’ by agencies. While it is (and has been since 2010) targeted for removal as an approved/recognized control designation, regrettably NARA has ceded to the agencies and “Existing agency policy for all sensitive unclassified information remains in effect until your agency implements the CUI program.”