This morning, a report from The Hill outlined President Obama’s plan to reform the NSA, which will get rolled out in the days ahead. The primary goal, according to the report, is to prevent “future Snowdens.” By clamping down on NSA employees and contractors, the administration hopes to stop unauthorized leaks.
But by misdiagnosing the situation that led Snowden to take his dramatic action, the administration will only worsen its potential leak problem. Here’s the report:
The president is embracing some of the proposals offered by an advisory panel he appointed…[which] recommended security clearances become more highly differentiated and that a new clearance level be created to limit the sensitive material that information technology workers can access. Those with security clearances may also be subject to “continuous monitoring,” with things like changes in credit ratings, arrests, or suspicious reports from fellow employees becoming incorporated regularly into a review of employees’ clearances.
So, we’ll institute NSA-style monitoring of NSA employees, in order to limit the potential for leaks. Will the NSA’s structure be changed? Nope:
Obama is expected not to adopt the panel’s suggestion that the NSA’s cyberdefense group — the Information Assurance Directorate — be moved to the Pentagon. Nor will Obama order the reassignment of missions other than foreign intelligence collection away from the agency, a source familiar with the current state of the review said. Those expectations suggest that Obama is not readying an extreme overhaul of the spy agency’s structure.
As far as reforming actual surveillance programs, like the dragnet that collects the entirety of American phone metadata, the line seems to be that would require Congressional action, which is naturally close to impossible. Jay Carney is quoted as saying that “some of these reforms and changes would require congressional action.”
These reforms are pretty small-bore, and probably won’t accomplish their objective. The problem with the NSA as currently constituted is that it extensively violates civil liberties. It has enormously expansive eavesdropping power, yet relies on secret interpretations of laws, and operates with minimal, secret oversight. That formula has led to massive abuse in recent U.S. history. What’s more, it’s hard to see how any dragnet surveillance is not a blatant violation of the Fourth Amendment, which states categorically that no warrants can be issued without probable cause and a description of what is to be searched. Such a situation is highly offensive to civil libertarians, and the fact that the dragnets have not provided much good intelligence doesn’t help matters. All this creates a seedbed for politically-inspired leaking.
Meanwhile, Obama’s “narc on your colleagues” policy will crush morale. Surveillance within the NSA is just as prone to abuse (by an unethical career climber, for example) as without. An espirit de corps is at least as important for good opsec as security protocols, especially when one’s agency consists of some of the world’s most intelligent programmers. Snowden himself used to be sneeringly anti-leak. Back in 2009, he thought they should be shot. Wonder what changed his mind?
Remember also that we’re talking about huge numbers of people with security clearances. Even if that number is cut dramatically, maintaining perfect opsec over such a large space is nigh impossible even when one’s agency isn’t littered with disgruntled computer geniuses.
Trying to reach a zero percent risk of leaks is surely very appealing to an administration badly embarrassed by the Snowden affair. But by pursuing it through the use of coercive techniques, the security state can create the situation it wishes to avoid.