Schneier on Security
A blog covering security and security technology.
« Security in a Reputation Economy |
| Beyond Security Theater »
November 12, 2009
FBI/CIA/NSA Information Sharing Before 9/11
It's conventional wisdom that the legal "wall" between intelligence and law enforcement was one of the reasons we failed to prevent 9/11. The 9/11 Comission evaluated that claim, and published a classified report in 2004. The report was released, with a few redactions, over the summer: "Legal Barriers to Information Sharing: The Erection of a Wall Between Intelligence and Law Enforcement Investigations," 9/11 Commission Staff Monograph by Barbara A. Grewe, Senior Counsel for Special Projects, August 20, 2004.
The report concludes otherwise:
"The information sharing failures in the summer of 2001 were not the result of legal barriers but of the failure of individuals to understand that the barriers did not apply to the facts at hand," the 35-page monograph concludes. "Simply put, there was no legal reason why the information could not have been shared."
The prevailing confusion was exacerbated by numerous complicating circumstances, the monograph explains. The Foreign Intelligence Surveillance Court was growing impatient with the FBI because of repeated errors in applications for surveillance. Justice Department officials were uncomfortable requesting intelligence surveillance of persons and facilities related to Osama bin Laden since there was already a criminal investigation against bin Laden underway, which normally would have preempted FISA surveillance. Officials were reluctant to turn to the FISA Court of Review for clarification of their concerns since one of the judges on the court had expressed doubts about the constitutionality of FISA in the first place. And so on. Although not mentioned in the monograph, it probably didn't help that public interest critics in the 1990s (myself included) were accusing the FISA Court of serving as a "rubber stamp" and indiscriminately approving requests for intelligence surveillance.
In the end, the monograph implicitly suggests that if the law was not the problem, then changing the law may not be the solution.
James Bamford comes to much the same conclusion in his book, The Shadow Factory: The NSA from 9/11 to the Eavesdropping on America: there was no legal wall that prevented intelligence and law enforcement from sharing the information necessary to prevent 9/11; it was inter-agency rivalries and turf battles.
Posted on November 12, 2009 at 2:26 PM
• 31 Comments
To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter.
"Although not mentioned in the monograph, it probably didn’t help that public interest critics in the 1990s (myself included) were accusing the FISA Court of serving as a “rubber stamp” and indiscriminately approving requests for intelligence surveillance."
Except that they pretty much were just a rubber stamp.
Not to mention that they could approve a wiretap up to 72 hours AFTER it had been tapped.
And what have the turned up? Nothing that they've revealed so far. And given what instances they HAVE revealed and how they're claiming those as successes I'm sure they'd reveal anything more substantial.
I'd like to agree with Brandioch Conner, anyway I've never seen any more than from Schneier on this topic, but , seen as such an hot argument and a security issue, I really like to read more thought about that, because I've really read all sort of security failures about that, from both sides (you know what I mean).
Please, Mr. Schneier, some more technical thoughts will be really appreciated.
@: "The information sharing failures in the summer of 2001 were not the result of legal barriers but of the failure of individuals to understand that the barriers did not apply to the facts at hand. Simply put, there was no legal reason why the information could not have been shared."
I perused the document on break, picking out parts about "the wall." A couple things are not clear to me.
I have not been convinced whether they didn't share because they thought they could not do so legally (even though they could have), or if they knew they could do so legally but didn't bother (perhaps using "maybe illegal" as a shield for not doing due dillegence).
It's amazing how often lawyers on our team, all for the same entity nonetheless, can look at a contract or legislation and can come up with completely different interpretations of it. Many times, even if something is legal, if there is an even remote chance it could be argued as illegal then they don't do it.
I wish we really knew the opinions of the decision makers at the time information was not shared (not what they say now to cover their rears after the fact).
Unfortunately, looking back before 9/11, I could see where I would actually have felt less secure if varous intelligence entities could share information (considering personal risks to liberty as opposed to rare physical risks from attacks). I'm sure the mindset over such information was much different before we saw the planes destroy the towers.
If I can get my little girls asleep early enough, I'll read the entire document tonight. Parts I did read were interesting.
"It's amazing how often lawyers on our team, all for the same entity nonetheless, can look at a contract or legislation and can come up with completely different interpretations of it. Many times, even if something is legal, if there is an even remote chance it could be argued as illegal then they don't do it."
More to the point - another agency won't know what data you have (because you didn't share). And when you have a preponderance of data, not only do you have an analysis bottleneck, I expect you would also have a legal analysis bottleneck.
Data wasn't shared because nobody knew the exact legal status as regards sharing. Getting the status question answered for all data would consume more resources than were at hand.
Data wasn't requested, because until someone knew the legal status of their data, they don't inform others that they have it.
More to the point - this problem is well known to anyone working in a very large corporation that has to "run things by Legal".
When I first read your comment, I read the last line as 'things (are) run by Legal' rather than 'run things by Legal'.
Granted, in many cases, there's not a whole lot of difference.
@Chris S: "Data wasn't shared because nobody knew the exact legal status as regards sharing. "
And, back then given the mindset, it wouldn't be unreasonable for them to be more afraid of releasing something they shouldn't. If someone told them in August 2001 "if you don't share this document with another agency, 3,000 could die!" no one would have believed it.
A more likely scenario in their perception (not necessarily the reality) would be reprimand or termination for releasing documents illegally.
It's not really surprising that the "wall" was more of an ex-post-facto excuse than an actual, conscious, legally-principled policy.
Above and beyond any muddles over the FISA law, US government departments and agencies are pretty well insulated from each other. There's no natural outlet for collaboration and information-sharing between organizations, nor much incentive. It isn't just FBI/Justice, and CIA. EPA doesn't talk to Agriculture, Labor doesn't talk to Justice or Education, etc.
No legal wall is required to keep agencies apart. To the contrary, special intense and sustained bureaucratic effort is required to foster communication. Since there weren't senior, well-budgeted-and-staffed offices in the various security/intelligence/law-enforcement agencies to make sure information was passed along, ordinary bureaucratic intertia would have been all that was required to keep everyone in the dark about each other's intelligence.
"It's conventional wisdom..."
Yeah, I suppose that's one way of putting it. :-/
Cyber Security state-of-art today is like National Security was discovered to be in the analysis of 9-11.
What the crooks and our enemies are up to, is like a jigsaw puzzle, where different people and agencies each have pieces of that puzzle, and jealously guard those pieces, keeping secret what they have, so that no one can put the pieces together to thwart our enemies.
In 9/11 the puzzle pieces were in the hands of CIA, FBI, Secret Service, Immigration Service, Military Intelligence, NSA, and similar agencies in the nations that are supposedly our allies.
With Cyber Security today, the puzzle pieces are in the hands of government agencies, private companies, C-level executives, computer professionals, infrastructure service providers, consultants.
It is the same thing ... the crooks and enemies do as they please, while the people, who could put a stop to this, fail to share information about what puzzle pieces they have, so that the big picture can be combined, and the crooks and enemies captured, and brought to justice.
Yeah, but Jamie Gorelick served on the commission, and she was the one who set up "the wall". Popular media didn't pick up on the obvious conflict-of-interest. No surprise her fact-finding group didn't discover it!
"Gorelick said she did not know anything about how the wall was structured within the FBI. She did not believe that the FBI was required to erect a wall between intelligence and criminal agents, particularly those on the same squad and working related intelligence and criminal cases.
She said she was surprised that the FBI interpreted the provisions that way."
Didn't you read the original article? There was no wall, except in the muddled minds of the federal bureaucrats who tried to use it as an excuse for their massive intelligence failure.
Don't you think it's possible Gorelick said they couldn't find a wall because there was no wall?
HJohn: How many have been terminated for improperly sharing information? How serious have reprimands been? Would a single reprimand kill your career, if you hadn't already killed it?
There are lots of rationalizations at hand. But were they reasonable rationalization? Is everyone at the FBI and CIA acting as if they were afraid of their own shadows?
Knowing now what we do regarding very shady CIA practices afterwards, was it ever really their state of mind, or was it an excuse to avoid some unpleasant bureaucracy?
It's not good enough to have a semblance of an excuse. It has to be a reasonable belief, backed by a reasonable threat of punishment in light of the kind of work they were doing -- which wasn't stopping mobsters from transferring exotic animals, or even dealing with high-ranking narcotrafficers with important government positions.
The old CW rule of: do not get in the way of the revolving door, is a critical foundation to start with the intel failures.
Perhaps someday, there will be some books worth the marked price.
The legal wall as a problem? Naw, just an easy scapegoat.
It is good to see such critical subjects as intel failures being raised here.
'It's conventional wisdom that the legal "wall" between intelligence and law enforcement was one of the reasons we failed to prevent 9/11.'
Perhaps if more people were aware that the CIA trained Bin Laden - to help Mujahadeen fight the Russians - they'd be aware that Obama had implemented 'best practice' as defined by the CIA and there were other, more compelling, reasons why we were powerless to prevent 9/11.
> The information sharing failures in the summer
> of 2001 were not the result of legal barriers but
> of the failure of individuals to understand that
> the barriers did not apply to the facts at hand
Yeah, people are never going to understand every nuance of the law. Why is this surprising? How long did it take the commission to *determine* that there was no actual legal barrier in the case in question? Nobody's ever going to fully understand the law in a legal system where it's customary to A) build up large and elaborate coral-reef-like structures out of case law that takes precedence over the actual law as written and B) continuously add new wrinkles to the law every year without ever simplifying it.
Gorelick said she did not know anything about how the wall was structured within the FBI. She did not believe that the FBI was required to erect a wall between intelligence and criminal agents, particularly those on the same squad and working related intelligence and criminal cases.
She said she was surprised that the FBI interpreted the provisions that way."
The "wall" theory is convenient. That way you can allocate more money and contracts to take down the "wall". But there really was no wall. It's called a "stand down order". My apologies if this doesn't fit into your neat little category of "conventional wisdom."
@kangaroo at November 12, 2009 9:45 PM
Perhaps, I don't pretend to know what they were thinking back then.
But I will say this -- reprimands can be very serious, and not just at work. Government entities deal with a great deal of information that is tied to serious financial and criminal penalties as well. I work in the government sector (not for any of the agencies in question here, my agency has never been mentioned on this blog or site), and every year I have to sign acknowledgements that I understand the penalties for misuse and willful disclosure, which include hefty fines and possible imprisonment.
I don't know how many have been fired over violations, but if it is anything like my experience, most will resign to avoid termination. The penalties serve as a deterent, of that I know first hand.
I'm not going to pretend to know what they were thinking, and as it turns out what they could have shared was legal to share. But I do know from my own experience that if someone has doubts about the legality of sharing some information, they are unlikely to go out of their way to share it with the CIA or FBI of all entities. (After all, if I doubt the legality of something, the police are the last people I would risk it with.)
This would have been considered a movie plot threat before it happened, so one thing I won't due is take someone's pre-9/11 actions and judge them on a post-9/11 mindset.
The important lesson here is information was not shared that should have been, and whatever the reasons, most of which are not valid, they need to fix it.
@Jonadab the Unsightly One: "How long did it take the commission to *determine* that there was no actual legal barrier in the case in question? "
I think that is a very fair question.
The discussion about Jamie Gorelick and the "wall" is probably the most important aspect of this.
A 1995 Department of Justice memorandum states that the procedures her memorandum put in place, for the investigation of the first WTC bombing "go beyond what is legally required...[to] prevent any risk of creating an unwarranted appearance that FISA is being used to avoid procedural safeguards which would apply in a criminal investigation." The wall intentionally exceeded the requirements of FISA (Foreign Intelligence Surveillance Act of 1978) for the purposes of criminal investigations, and the then-existing federal case law. These rules were, shortly after their creation, expanded to regulate such communications in future counter-terrorism investigations.
However, the "Gorelick Wall" barred anti-terror investigators from accessing the computer of Zacarias Moussaoui, the 20th hijacker, already in custody on an immigration violation.
The 1995 memo: http://media.collegepublisher.com/media/paper441/...
As far as I can tell, the failure to predict 9/11 was because people weren't expecting anything like it to happen. If anybody had realized that an attack was going to kill three thousand people, they wouldn't have just have continued on with the routine. No legal wall was necessary, only inconvenience.
There is the growing issue of whether we know all there is to know about 9/11 and whether we should find out more.
New evidence of controlled demolition has been found.
Please see http://www.ae911truth.org/
@Karin Wells: New evidence of controlled demolition has been found.
Puh-lease. Talk about a movie plot.
These things are so ridiculous that al Queda spokesmen actually get mad when refuting them because they want credit for what they did.
I think it's unlikely 9/11 could have been seen coming. There are billions of pieces of data and someone has to line them up perfectly just to see their might be a plot... and then it has to be a real plot... not just some guys talking in a bar.
That seems like finding a needle in a haystack.
That said, this seems like semantics. Sure, the law may not have ACTUALLY prevented the sharing, but it seems the law was complex enough that no one could figure it out. Sounds like the law was actually the problem. If it's too complex to figure out, what you think it might prevent is what it is actually preventing.
Generally speaking... who cares? If we stopped our witch hunt mentality, maybe we could learn from this and improve our investigation techniques. But all we're looking for is someone's career to ruin.
"But all we're looking for is someone's career to ruin."
I'm not sure that is what they are trying to do. In fact it may be the oposit.
If they blaim something abstract like legal interpretation then nobody is realy to blaim, so nobody gets a mild rebuke let alone their career ruined. In fact from a burecratic point of view the cautious aproach might actually enhance a career based on the "safe pair of hands" myth.
Grewe says the failure to share info was due to "the failure of individuals to understand that the barriers did not apply to the facts at hand,"
Schneier cites Bamford's conclusion as, "it was inter-agency rivalries and turf battles."
Bamford's take squares better with the facts already in the public record- but review the rest the facts published in government reports and mainstream media, and see if you think "inter-agency rivalries and turf battles" really explain the big picture:
The Complete 9/11 Timeline
The Kennedy assassination is an excellent example of FBI-CIA cooperation and lawlessness that has had exactly the results they intended: Kennedy and his peace-loving crowd are long gone, and the war-mongers rule so completely that few still wonder and fewer can find out the truth about why and by whom the assassination was planned, carried out, and so successfully covered up.
The only laws that are a problem are those that allow such coverups. There are plenty of good laws that should be applied to objectively investigating events like the Kennedy assassination and 9/11 and to prosecuting those found actually responsible, no matter who they are or who they work for or where they live.
Jimmy Carter tried to reign in the FBI/CIA/NSA complex, but they overwhelmed him. If we are still a democracy, the people can do it, but only by consistently (and peaceably) demanding reform and by voting for reformist candidates.
@CBailey at November 14, 2009 4:48 PM
You can't possibly believe that. Conspiracy theories drive me crazy.
Just look at our last two former presidents. Clinton couldn't keep information about an intern from leaving his office, and Bush could break wind without someone doing an expose on his contributions to global warming.
The thought that massive "inside job" conspiracies on a level like 9/11 could be kept a secret amongst thousands of people, many of whom were hired by and loyal to an administration/party other than the one they supposedly were conspiring with, is ludicrous.
Regardless of what one believes regarding 9/11, the "too many people to keep a conspiracy secret" argument is a red herring. The "truthers" don't believe it was a "massive" inside job involving "thousands of people." Rather, that a few key people capitalized on the infrastructure, so to speak, provided by bin Laden and the rest. So, instead of thousands having to somehow keep their mouths shut about the biggest con ever, the theory boils down to something more like 30-50 people "in the know" tops.
@ HJohn, Anklebitersaurus,
"So, instead of thousands having to somehow keep their mouths shut about the biggest con ever, the theory boils down to something more like 30-50 people "in the know" tops."
Probably less than that. Irespective of what or who was actually behind 9/11 etc, there are three essentials requires before any plans can get of the ground,
All of which (in theory only) are tracable back to a point of origin.
The problem is "no questions asked" mentality that pervades all organisations that depend on secrecy for their existance (that is both three letter agencies and criminal/terrorist groups).
It prohibits the working of another triad,
Worse in three letter agencies there is "buracratic malaize" and "routien" which propergates the "no questions" issue. Along with this is the "greasy pole" mentality in a promotion restricted and (office) political environment.
If you remember back not so long ago a there was an operation that came to the attention of the media where arms dealing and other activities where being used to raise finances for other operations.
It involved amongst others two improbably named people, Lt. Colonel Oliver North and his photogenic secretary Fawn Hall in what became known as the Iran-Contra affair.
So yes there are "black ops" and "terrorist attacks" that are related to each other, such is the underpinings of "The Great Game".
Schneier.com is a personal website. Opinions expressed are not necessarily those of Co3 Systems, Inc.