Intelligence Oversight in the 113th Congress

During the last two years, the U.S. intelligence community has faced momentous challenges and experienced extraordinary upheaval, including the Snowden disclosures beginning in June 2013 and the release of a redacted summary of the Senate report on CIA interrogation practices last year.

Those episodes and others are reflected in a new report from the Senate Select Committee on Intelligence describing its oversight activities in the 113th Congress from January 2013 to January 2015.

Highlights of the new report include these:

**    Efforts to make U.S. intelligence agencies financially auditable are progressing slowly. “The CIA, NGA, NRO, and NSA conducted audits of their fiscal year 2014 financial statements,” but only the National Reconnaissance Office (NRO) completed the process successfully. The CIA, NGA, and NSA “received disclaimers of opinion,” meaning that their financial statements could not be validated by the auditors. “While the DIA and ODNI did not conduct an audit, both plan to do so in 2015,” the report said.

**    Over-control of classified information continues to hamper information sharing even within the intelligence community, the report said. “The Committee has been concerned about the IC’s misapplication and overuse of the originator control marking (ORCON), which can impede the complete and timely dissemination of intelligence, as the agency that originates the information retains control over its dissemination…. Committee staff concluded that the use of the ORCON marking by certain IC elements had increased substantially, and that in some cases classification and control marking policies had been violated.”

**    Efforts to enlist the resources of the Government Accountability Office to strengthen intelligence oversight — a move long advocated by outside observers — are continuing, as the Committee encourages “open lines of communication and collaboration” between ODNI and GAO. The new report reveals that the classified annex of the FY 2014 authorization bill “directed the development of a specific GAO review to bolster intelligence oversight and reduce unnecessary fragmentation, overlap, and duplication.”

**    The report provides some new details of the three-volume structure of the still-classified CIA “torture report”. The first volume addressed the history of CIA’s interrogation program in 1,539 pages. The second volume devoted 1,858 pages to intelligence acquired through the program and CIA’s representations of its effectiveness. And the third volume, in 2,855 pages, focused on the detention and interrogation of 119 CIA detainees.

**    The Committee report said that “Financial intelligence has emerged as a significant are of IC activity, aiming to ‘follow the money’ of adversaries. It has proven to be a powerful tool confronting a range of challenging threats including terrorism, weapons proliferation, and narcotics trafficking.”

**    “The Committee also devoted significant time and attention to lethal operations against counterterrorism targets…. The Committee has worked with the Executive Branch to understand the legal basis for these operations.”  Likewise, “The Committee seeks to ensure that covert action programs are consistent with United States foreign policy goals, and are conducted in accordance with all applicable U.S. laws.”

**    With seeming condescension, the report noted that “The Committee annually receives hundreds of phone calls, facsimiles, mail, and email communications from self-identified whistleblowers on matters they believe to be of urgent concern. Committee staff reviewed and investigated these communications.” If these investigations yielded any actionable findings, they are not mentioned in the report.

**    The report pointedly observed that “Since 1994, the Committee has held annual open hearings to review the Intelligence Community’s assessment of the current and projected national security threats to the United States.” That twenty-year tradition came to an end this year when the new Chairman, Sen. Richard Burr, decided to hold the Committee’s annual threat briefing in closed session.

The new Senate Intelligence Committee report does not contain any note of critical self-examination or any suggestion that congressional oversight itself might have been complicit in the errors and excesses of intelligence agencies. Accordingly, the report does not address any potential changes that might be made to improve the intelligence oversight process.

FRUS on Investigating Intelligence in the 1970s

“There is too much disclosure,” complained George H. W. Bush, then-Director of Central Intelligence, in a 1976 memo to President Gerald Ford.

“We are continually pressed by Congress, by the courts, by the Freedom of Information Act, to give up sensitive material,” DCI Bush added. “We are trying to hold the line but there is a continuous erosion which gives away classified information at home and complicates our liaison relationships abroad. I am frustrated by our inability to deal with the leaking of classified information.”

His memo to President Ford was presented (as document 78) in a fascinating new collection of executive branch documents on the investigations of U.S. intelligence agencies during the 1970s. The collection was assembled for the State Department’s Foreign Relations of the United States (FRUS) series (1969-1976, volume XXXVIII, part 2), which has just been published in hardcopy. It was posted in full last December on the website of the State Department historian.

In the aftermath of the Senate Church Committee investigation, “I find no degradation in the quality of intelligence analysis,” said Secretary of State Henry Kissinger at a Top Secret meeting of the National Security Council in January 1977 (document 83 in the FRUS collection).

“The opposite is true, however, in the covert action area,” Kissinger told the NSC. “We are unable to do it anymore.”

“Many things are not even proposed these days because we are afraid to even discuss them much less implement them,” Kissinger said then.

Frederick A.O. Schwarz Jr., who was the chief counsel of the Church Committee, has written a new book of his own on secrecy in the broad sweep of American history up to the present day. Democracy in the Dark: The Seduction of Government Secrecy (The New Press, 2015) was published this week. The book was welcomed by Katrina vanden Heuvel writing in the Washington Post on April 7.

DHS Seeks Increase in Domestic HUMINT Collection

The Department of Homeland Security aims to increase its domestic human intelligence collection activity this year, the Department recently told Congress.

In a question for the record from a September 2014 congressional hearing, Rep. Paul C. Broun (R-GA) asked:  “Do we currently have enough human intelligence capacity–both here in the homeland and overseas–to counter the threats posed by state and non-state actors alike?”

The Department replied, in a response published in the full hearing volume last month (at p. 64):

“DHS is working on increasing its human intelligence-gathering capabilities at home and anticipates increasing its field collector/reporter personnel by 50 percent, from 19 to approximately 30, during the coming year.”

“We are also training Intelligence Officers in State and major urban area fusion centers to do intelligence reporting. This will increase the human intelligence capability by additional 50–60 personnel.”

The projected increase in DHS HUMINT collection activity was not specifically mentioned in the Department’s FY 2015 budget request.

Human intelligence collection in this context does not necessarily mean that the Department is running spies under cover. According to a 2009 report from the Congressional Research Service (footnote 38), “For purposes of DHS intelligence collection, HUMINT is used to refer to overt collection of information and intelligence from human sources. DHS does not, generally, engage in covert or clandestine HUMINT.”

In any case, “The DHS Intelligence Enterprise has increased intelligence reporting, producing over 3,000 reports in fiscal year 2014,” DHS also told Rep. Broun.

A June 2014 report from the Government Accountability Office found fault with some of that reporting, which is generated by the DHS Office of Intelligence and Analysis (I&A).

“I&A customers had mixed views on the extent to which its analytic products and services are useful,” GAO found. See DHS Intelligence Analysis: Additional Actions Needed to Address Analytic Priorities and Workforce Challenges, GAO report GAO-14-397, June 2014.

DHS concurred with the resulting GAO recommendations.

 

Growing Data Collection Inspires Openness at NGA

A flood of information from the ongoing proliferation of space-based sensors and ground-based data collection devices is promoting a new era of transparency in at least one corner of the U.S. intelligence community.

The “explosion” of geospatial information “makes geospatial intelligence increasingly transparent because of the huge number and diversity of commercial and open sources of information,” said Robert Cardillo, director of the National Geospatial-Intelligence Agency (NGA), in a speech last month.

Hundreds of small satellites are expected to be launched within the next three years — what Mr. Cardillo called a “darkening of the skies” — and they will provide continuous, commercially available coverage of the entire Earth’s surface.

“The challenges of taking advantage of all of that data are daunting for all of us,” Mr. Cardillo said.

Meanwhile, the emerging “Internet of Things” is “spreading rapidly as more people carry more handheld devices to more places” generating an abundance of geolocation data.

This is, of course, a matter of intelligence interest since “Every local, regional, and global challenge — violent extremism in the Middle East and Africa, Russian aggression, the rise of China, Iranian and North Korean nuclear weapons, cyber security, energy resources, and many more — has geolocation at its heart.”

Consequently, “We must open up GEOINT far more toward the unclassified world,” Director Cardillo said in another speech last week.

“In the past, we have excelled in our closed system. We enjoyed a monopoly on sources and methods. That monopoly has long since ended. Today and in the future, we must thrive and excel in the open.”

So far, NGA has already distinguished itself in the area of disaster relief, Mr. Cardillo said.

“Consider Team NGA’s response to the Ebola crisis. We are the first intelligence agency to create a World Wide Web site with access to our relevant unclassified content. It is open to everyone — no passwords, no closed groups.”

NGA provided “more than a terabyte of up-to-date commercial imagery.”

“You can imagine how important it is for the Liberian government to have accurate maps of the areas hardest hit by the Ebola epidemic as well as the medical and transportation infrastructure to combat the disease,” Mr. Cardillo said.

But there are caveats. Just because information is unclassified does not mean that it is freely available.

“Although 99 percent of all of our Ebola data is unclassified, most of that is restricted by our agreements [with commercial providers],” Mr. Cardillo said. “We are negotiating with many sources to release more data.”

Last week, Director Cardillo announced a new project called GEOINT Pathfinder that will attempt “to answer key intelligence questions using only unclassified data.”

When it comes to transparency, the Office of the Director of National Intelligencerecently expressed the view that the U.S. intelligence community should make “information publicly available in a manner that enhances public understanding of intelligence activities, while continuing to protect information when disclosure would harm national security.”

But some intelligence agencies have chosen a different path.

At the CIA, for example, public access to unclassified translations and analytical products of the Open Source Center was abruptly terminated at the end of 2013. Such materials from the OSC and its predecessor, the Foreign Broadcast Information Service, had provided invaluable support to generations of scholars, students, and foreign policy specialists. But that is no longer the case.

New DNI Guidance on Polygraph Testing Against Leaks

Updated below

Director of National Intelligence James R. Clapper issued guidance this month on polygraph testing for screening of intelligence community personnel. His instructions give particular emphasis to the use of the polygraph for combating unauthorized disclosures of classified information.

Counterintelligence scope polygraph examinations “shall cover the topics of espionage, sabotage, terrorism, unauthorized disclosure or removal of classified information (including to the media), unauthorized or unreported foreign contacts, and deliberate damage to or misuse of U.S. Government information systems or defense systems,” the guidance states.

Such examinations “shall specifically include the issue of unauthorized disclosures of classified information during pre-examination explanations by incorporating a definition that explicitly states that an unauthorized disclosure means unauthorized communication or physical transfer of classified information to an unauthorized recipient.”

The polygraph administrator is further instructed to explain that an unauthorized recipient is any person without an appropriate clearance or need to know, “including any member of the media.”

See Conduct of Polygraph Examinations for Personnel Security Vetting, Intelligence Community Policy Guidance 704.6, February 4, 2015.

The use of polygraph testing to combat leaks has been a recurring theme in security policy for decades. Yet somehow neither leaks nor polygraph tests have gone away.

President Reagan once issued a directive (NSDD 84) to require all government employees to submit polygraph testing as an anti-leak measure.

In response, Secretary of State George P. Shultz famously declared in 1985 that he would quit his job rather than take the test. “The minute in this government I am told that I’m not trusted is the day that I leave,” Shultz told reporters.

Having forthrightly declared his position, Secretary Shultz was never compelled to undergo the polygraph test or to resign. “Management through fear and intimidation,” he said in 1989, “is not the way to promote honesty and protect security.”

From another perspective, the problem with polygraph testing has nothing to do with intimidation but with accuracy and reliability. There is at least a small subset of people who seem unable to “pass” a polygraph exam for reasons that neither they nor their examiners can discern. And there are others, such as the CIA officer and Soviet spy Aldrich Ames, who have been able to pass the polygraph test while in the espionage service of a foreign government.

Update: The polygraph provisions of NSDD 84 were quietly modified in 1984 and were never implemented.

Leaks Damaged U.S. Intelligence, Official Says

Unauthorized disclosures of classified information by Edward Snowden have damaged U.S. intelligence capabilities, National Counterterrorism Center director Nicholas J. Rasmussen told Congress last week.

“Due to the Snowden leaks and other disclosures, terrorists also have a great understanding of how we seek to conduct surveillance including our methods, our tactics and the scope and scale of our efforts. They’ve altered the ways in which they communicate and this has led to a decrease in collection,” Mr. Rasmussen said at a February 12 hearing of the Senate Select Committee on Intelligence.

“We have specific examples which I believe we have shared with the committee and the committee staff in classified session — specific examples of terrorists who have adopted greater security measures such as using various new types of encryption, terrorists who have dropped or changed email addresses, and terrorists who have simply stopped communicating in ways they had before, in part because they understand how we collected,” he said.

This is not terribly persuasive, particularly since Mr. Rasmussen did not specify which leaks resulted in which changes by which terrorists at what cost to U.S. security. Nor is a public statement by an intelligence official before the Senate Intelligence Committee entitled any longer to a presumption of accuracy since the Committee permits errors to stand uncorrected.

Nevertheless, it seems plausible that leaks which had the power to galvanize public debate over the scope of intelligence surveillance might also have had the power to undermine existing collection capabilities, including collection for valid and necessary purposes.

For some of Edward Snowden’s partisans and supporters, however, the possibility that his leaks had negative as well as positive consequences involves more complexity than they can tolerate. If Snowden intended to defend constitutional values, as he insists, then how dare anyone suggest that he may have also aided America’s enemies, even indirectly?

This sort of complexity does not arise in Laura Poitras’s award-winning film Citizenfour about Snowden, as its few critical reviewers have noted.

Many of the documents Snowden disclosed “go far beyond exposures of spying on Americans,” wrote Fred Kaplan in a review of the film in Slate. “If Snowden and company wanted to take down an intelligence agency, they should say so. But that has nothing to do with whistleblowing or constitutional rights.”

Likewise, wrote George Packer in The New Yorker, “Among the leaked documents are details of foreign-intelligence gathering that do not fall under the heading of unlawful threats to American democracy–what Snowden described as his only concern. [Former NSA official William] Binney, generally a fervent Snowden supporter, told USA Today that Snowden’s references to ‘hacking into China’ went too far: ‘So he is transitioning from whistle-blower to a traitor’.”

And from Michael Cohen in The Daily Beast: “What is left out of Poitras’s highly sympathetic portrayal of Snowden is so much of what we still don’t know about him. For example, why did he steal so many documents that have nothing to do with domestic surveillance but rather overseas–and legal–intelligence-gathering operations?”

But for a discussion of Citizenfour that presents no such dissonant, skeptical notes or troublesome opposing views, see the late David Carr’s final interview with Snowden, Poitras and Glenn Greenwald.

“How’d you like the movie?” Mr. Carr asked Snowden. “It’s incredible,” Mr. Snowden affirmed. “I don’t think there’s any film like it.”

DNI Issues Directive on “Critical Information”

The Director of National Intelligence last week issued a new directive on “critical information,” also denominated “CRITIC,” which refers to national security information of the utmost urgency.

“Critical information is information concerning possible threats to U.S. national security that are so significant that they require the immediate attention of the President and the National Security Council,” the directive explains.

“Critical information includes the decisions, intentions, or actions of foreign governments, organizations, or individuals that could imminently and materially jeopardize vital U.S. policy, economic, information system, critical infrastructure, cyberspace, or military interests.”

See “Critical Information (CRITIC),” Intelligence Community Directive 190, February 3, 2015.

Interestingly, any intelligence community official can designate information as “critical,” thereby hotlining it for Presidential attention. “Critical information may originate with any U.S. government official in the IC,” the DNI directive says.

Moreover, “CRITIC reporting may be based on either classified or unclassified information.” However, “CRITIC reporting should be based solely on unclassified information only if that information is unlikely to be readily available to the President and the National Security Council.”

The threshold for critical information is fairly high. It includes such things as a terrorist act against vital U.S. interests, the assassination or kidnapping of officials, a cyberspace attack that produces effects of national security significance, and so on.

Confusingly, the term critical information (CRITIC) is used differently in the Department of Defense.

According to the latest DoD Dictionary of Military Terms, “critical information” means “Specific facts about friendly intentions, capabilities, and activities needed by adversaries for them to plan and act effectively so as to guarantee failure or unacceptable consequences for friendly mission accomplishment. Also called CRITIC.”

US to Detainee: The Government “Regrets Any Hardship”

In an unusual gesture, the U.S. Government last week apologized to Abdullah al-Kidd, a U.S. citizen who was arrested in 2003 and detained as a material witness in connection with a terrorism-related case.

Mr. Al-Kidd, represented by American Civil Liberties Union attorney Lee Gelernt, challenged his detention as unconstitutional and inhumane. Now the case has been settled, with an official apology and a payment of $385,000.

“The government acknowledges that your arrest and detention as a witness was a difficult experience for you and regrets any hardship or disruption to your life that may have resulted from your arrest and detention,” wrote U.S. Attorney Wendy J. Olson in a January 15 letter.

This sort of admission of regret is rare. The government apologizes much less frequently than it perpetrates injuries that are inappropriate or unwarranted. So, for example, the recent Senate report on post-9/11 CIA interrogation practices noted that at least 26 individuals had been “wrongfully detained.” But legal attempts to recover damages are typically foreclosed by courts based on “separation of powers, national security, and the risk of interfering with military decisions.”

Why not apologize and compensate those who have been abused and mistreated, starting with those individuals who by all accounts are innocent of any wrongdoing? It would be the just and honorable thing to do, both for the intelligence community and for the country. And it would be most powerful (and most “therapeutic”) if the IC undertook this step at its own initiative, rather than waiting to be compelled by others.

“Personally I agree,” a senior U.S. intelligence community legal official said privately, “for the reasons you say and some others. [But] getting it done is a lot harder.”

And so it is. Even as it apologized to Abdullah al-Kidd, the U.S. Government insisted on a stipulation that the settlement of the case “is not, is in no way intended to be, and should not be construed as, an admission of liability or fault on the part of the United States.”

SSCI Wants Copies of Full Torture Report Returned

Updated below

There is a new sheriff in town. Is that the message that Senator Richard Burr, the new chair of the Senate Select Committee on Intelligence, is trying to send?

Senator Burr reportedly wrote to President Obama last week to ask that all copies of the classified 6,700 page Committee report on CIA interrogation practices be returned immediately to the Committee. While the redacted summary of the report has been publicly released and is even something of a bestseller for the Government Printing Office as well as a commercial publisher, the full report has not been made public. And Senator Burr seems determined to keep it that way.

Senator Burr’s letter was reported in C.I.A. Report Found Value of Brutal Interrogation Was Inflated by Mark Mazzetti, New York Times, January 20. (More: Washington Post, Huffington Post.)

Senator Dianne Feinstein, who chaired the Committee while the report was produced, scorned the request for its return.

“I strongly disagree that the administration should relinquish copies of the full committee study, which contains far more detailed records than the public executive summary. Doing so would limit the ability to learn lessons from this sad chapter in America’s history and omit from the record two years of work, including changes made to the committee’s 2012 report following extensive discussion with the CIA,” she said in a statement.

Among other things, the proposed return of the full report may be intended to prevent its potential future accessibility through the Freedom of Information Act, which does not apply to records in congressional custody.

But if so, this seems short-sighted and probably futile, given that all of the evidentiary material on which the report is based originated in the executive branch anyway. Moreover, the Committee report has spawned an entire literature of agency evaluations and responses (such as the so-called Panetta Review). That literature belongs to the agencies, and sooner or later it should be subject to public disclosure regardless of the fate of the SSCI report.

Update 1/22/15: Jason Leopold of VICE News has a thorough account of this episode to date here, including a copy of the letter from Senator Burr and a letter from Senator Feinstein in response.

“Insider Threat” Program Lags Behind Schedule

The government-wide effort to contain the threat to classified information and sensitive facilities from trusted insiders is falling behind schedule.

Currently, the anticipated achievement of an Initial Operating Capability for insider threat detection by January 2017 is “at risk,” according to a new quarterly progress report. Meanwhile, the date for achieving a Full Operating Capability cannot even be projected. See “Insider Threat and Security Clearance Reform, FY2014, Quarter 4.”

One aspect of the insider threat program is “continuous evaluation” (CE), which refers to the ongoing review of background information concerning cleared persons in order to ensure that they remain eligible for access to classified information and to provide prompt notice of any anomalous behavior.

The Office of the Director of National Intelligence was supposed to achieve “an initial CE capability for the most sensitive TS [Top Secret] and TS/SCI population” by December 2014.  The latest quarterly report on the Insider Threat program noted that this milestone is “at risk.” In fact, it was missed.

“We did not meet” the December 2014 milestone for an initial CE capability, confirmed ODNI spokesman Eugene Barlow, though he said that “we’ve made considerable progress” in the Insider Threat program overall.

Nor has a revised milestone date for the initial CE capability been set, he added. But “we continue to aggressively push forward” and the desired function will be rolled out over the next few years, he said.

The Department of Defense is “on track” to provide continuous evaluation of 225,000 agency personnel by the end of 2015, and to expand that number to 1 million employees by 2017, according to the quarterly report. Actual achievements in individual agencies are classified.

As a general matter, the Insider Threat program faces both technological and “cultural” obstacles.

The information technology structures that are in place at most executive branch agencies are not optimized to support continuous evaluation or related security policies. Adapting them to address the insider threat issue is challenging and resource-intensive. Nor are agency policies and practices consistent across the government or equally hospitable to security concerns.

But it’s worth noting that the uneven performance described in the quarterly report reflects a degree of public candor that is unusual in security policy.  Instead of presenting assurances that everything is fine in the Insider Threat program, the report acknowledges that some things are not fine and will not be fine for an unspecified time. That is refreshing and even, in its straightforward approach to the issue, somewhat encouraging.