Schneier on Security
A blog covering security and security technology.
« World War II Anecdote about Trust and Security |
| Friday Squid Blogging: Squid Bow Tie »
December 13, 2013
President Obama and the Intelligence Community
Really good article from the New Yorker.
Posted on December 13, 2013 at 1:24 PM
• 38 Comments
To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter.
gotta love Feinstein's doublespeak:
"It’s not a surveillance program—it is a data-collection program."
"Let's call the turd chocolate cake - there, problem solved!"
It may be naive, but I can't begin to tell you how heartbreaking that article is: to see people decry something really, really *evil* when out of government and then just accept it once in. I know I will never be faced with the choices any president faces; I know there are lots of reasons people go along with things and change their mind; I don't think people sit around twirling their moustaches, stroking white cats and saying "Because I'm an evil stooge...". But it's just so very, very sad.
quote: There’s a Google Map that allows somebody to burgle my house, it’s so clear and defined, and I can’t do anything about it.” end quote.
You gotta love the 'loaded'-ness of the statement, and the devious speculation on carefully chosen ambiguous wording, of what is really a notorious lie "There’s a Google Map that allows somebody to burgle my house". She needs one fork in that ambiguity to apologize for and defend the real thugs and burglars of our time. To which thus will be counted that Fine Gem of Linguistic Smoke and Mirrors.
While I hate the surveillance program, I think it's beneficial to the understanding of politics to try and understand the process that Obama went through.
As senator, he threatened (but didn't, that's important) to vote against the Patriot Act extension. He was against the horrible things that were happening to the US democracy.
And then he became president. I'm sure he went into office fully intending to make good on all of his campaign promises. But then Keith Alexander and the rest of them come to him, and put things like this:
"This is what we're doing, this is what we've achieved with it, this is what will happen if you cancel our operations. The lives lost will be on you!"
What would you do if your entire consulting group said something like that? If you knew real lives were at stake? Do you trust your ideology enough to make the hard choice, knowing that no one will back you up if things go wrong?
Sachar: I don't believe in the legend of the post-electoral "magic information." I think it's more likely that the Presidential campaigns are advertising a misrepresentation, just as Obama's Senatorial comments (if not votes) were. It's lies all the way down.
@Shachar Shemesh "If you knew real lives were at stake?"
It's a bit simplistic. It's always an opportunity cost: What does it cost us to make these things? What does it cost us to don't?
And no, the argument "lives are saved" does not trump every other costs. If it did, we wouldn't have due process and defense: it would always be worth it to put any number of innocents in prison if that allowed us to avoid having one potential murderer walk free. But it doesn't. So there's a line dividing the costs somewhere, and we do disagree on where it stands.
As we all know, talk is cheap, actions count. Obama's talk may have netted him a Nobel Peace Prize, but his actions would never.
Lives lost will be on the president's head? Guilt trips? No no. You're not thinking like they do in Washigton. If you shut down these programs, we'll go to the press and tell them how you undermined our security. We'll blame you for future attacks. Every unemployed disgruntled former intelligence employee will come after your national security credentials.
Still not convinced? Well, we also might have recorded those phone conversations you made on the campaign trail. Accidentally, of course. And that Secret Service guy protecting Malia went to West Point with me.
I rather liked the remark "Until leaked, it was an excellent example of how our system of checks and balances work..." (lightly paraphrased). Actually, it was a beautiful example of them NOT WORKING...
I am very disappointed with Obama. He campaigned to stop this monster but he actually strengthened it!
[The New Yorker]
"Obama’s objections to domestic surveillance stretched back even further. In 2003, as a Senate candidate, he called the Patriot Act “shoddy and dangerous.” And at the 2004 Democratic Convention, in the speech that effectively launched his eventual campaign for President, he took aim at the “library records” provision of the law… on the Senate floor, Obama said that the provision “seriously jeopardizes the rights of all Americans and the ideals America stands for.”
"It was the first in a series of decisions by Obama to institutionalize some of the most controversial national-security policies of the Bush Administration… Any doubts about the new Administration’s position were removed when Obama turned down a second chance to stop the N.S.A. from collecting domestic phone records… Obama also became more determined to keep the programs secret. On January 5, 2010, Holder informed Wyden that the Administration wouldn’t reveal to the public details about the N.S.A.’s programs. He wrote, “The Intelligence Community has determined that information that would confirm or suggest that the United States engages in bulk records collection under Section 215, including that the Foreign Intelligence Surveillance Court (FISC) permits the collection of ‘large amounts of information’ that includes ‘significant amounts of information about U.S. Persons,’ must remain classified.” Wyden, in his reply to Holder a few weeks later, expressed his disappointment with the letter…In practice, Obama has not wavered from the position taken by the N.S.A.’s lawyers and embraced by Feinstein and the majority of the Intelligence Committee..."
Maybe being disappointed in Obama isn't the right emotion. Maybe the president doesn't really have the power to keep the intelligence community in check anymore. Maybe the right emotion is horror.
"Maybe the president doesn't really have the power to keep the intelligence community in check anymore." Bay of Pigs, etc.
@ Tyco Bass
Perhaps. When the laws are so complicated that everyone's a felon, digging up dirt on anyone is available with one shovel.
“The fifteen-member Intelligence Committee was created in the nineteen-seventies, after a series of investigations revealed that the N.S.A. and the C.I.A. had, for years, been illegally spying on Americans,” says the New Yorker article.
Useful reminder. Plus ça change, plus c’est la même chose, as the surrender monkeys say.
Did anyone else catch this?
"futures market in which anonymous users could place bets on events such as assassinations and terrorist attacks, and get paid on the basis of whether the events occurred. "
My reaction is "Holy shit, that's ripped straight from the Assassination Politics essay made to keep government in check with assassinations!" Dude took quite a lot of heat from many Cypherpunks for it. Then, I see it in this story about the government's TIA program. Wow.
That futures market idea sounds awful. Especially considering that if there ever was a too large amount of money at stake, that could lead to some vested interests in getting someone killed or some attack to occur. Completely moral-less IMHO.
Thats actually the whole point of it. The idea was a deniable and democratic way to contract hits. It required anonymous messaging and cash too. Makes it even more disturbing that the govt had a use for it.
It is not just the NSA that should take serious pause with respect to its
mission--and--specifically its funding. All federal agencies with any charge
(whether rational or not) must be cognizant of the fallacy that is the
long-term prospects of budgets and economic health. Let me put this into
- $17,500,000,000,000.00 plus federal debt
(this is a cost and efficiency of money issue)
- $4,000,000,000,000.00 plus in off book federal reserve balance sheet
(QE-? is the transfer of public liability to corporations
and has extremely serious implications for the future)
- 2,700,000,000,000.00 in social security balance sheet deficiency
(Payroll taxes currently PAY for this program
why is this being attacked--simply--it has a
Responsible and reasonable persons would understand the direct threat that the long term federal spending and revenue is to ALL AGENCIES AND PROGRAMS and are inn serious jeopardy. Selling out today for the convenience of ignoring the future is completely idiotic. Until we, the people of this country, can address the fundamental problems of a complete and utter failure of representative democracy, we are destine for a bleak future...
I just cannot believe that the intelligentsia is either so apathetic or
duplicitous in this conundrum but that their failure is EPIC.
One word. Blackmail.
Having once held a rather high clearance, I kinda understand the corporate culture.
Feinstein, for example, is married to a stock trader who clearly has access to inside info. All NSA has to do to own her is remind her they could have that come out.
Ditto the other 535 or so other douches who pretend to hold power.
All negated by blackmail.
Anyone who pays attention to what they want to know about a prospective clearance holder knows blackmail is almost the primary concern they have. Projection..they know how THEY work, after all.
We have a one branch, nonelected government now. Explains a lot, simply.
The use of a futures market to make predictions that can aggregate more information and achieve better overall accuracy than the advice of experts is pretty well established in other arenas. A situation where you're trying to integrate a vast amount of sparsely distributed information amid a lot of random noise is exactly what futures markets are designed to address.
Preventing such markets from being abused is arguably much easier than preventing fixing in regular gambling operations, since a futures market isn't intended to be a profitable business: one can limit betting (and anonymity along with it) in ways that reduce the amount of money changing hands to the point that illegal operations aren't worth much effort.
It strikes me as very plausible that a government-instituted operation of this kind would be poorly implemented, resulting in the various kinds of insider scams and general corruption that can accompany large-scale gambling operations if they're not carefully monitored (with the additional bonus of possibly causing assassinations and acts of terrorism). Indeed, any government operation that passes money to imperfectly documented parties is likely to be abused in one way or another, but that doesn't seem to be the reason the proposal was shot down: Ironically, the futures market idea was considered the most obviously offensive component of TIA (i.e. more offensive than the various types of mass surveillance and record-keeping that were the primary goals of the project) on the basis that rewarding people for accurate assessments of risk amounted to paying ghouls.
I agree with your assessment but it doesn't really apply here so much b/c what I was saying is it isn't a real future's market. The system outlined in Assassination Politics was a way to contract kill people while saying you were just gambling.
One or more people would place bets on a politicians death (date, time and optionally method). Whoever bets on the correct details gets the money in the pot. The hitman himself would obviously have the most accurate information. He or she would be paid for the hit with gamblers luck (wink). So remember that purpose of the system when you guess what govt would have done with it.
To me the whole scheme is a bunch of BS because I'm sure such people would be convicted under flexible interpretations of conspiracy to commit murder charges (or others). DOD or NSA, on other hand, have been very successful getting away with more brazen assassination and espionage schemes.
Maybe the right emotion is horror.
Yes, horror is good. And P.O’d is better.
The economic damage will be huge. Nobody will what US made (and NSA perverted) technology. The US tech industry will suffer. Other players will fill the vacuum.
"Perhaps. When the laws are so complicated that everyone's a felon, digging up dirt on anyone is available with one shovel."
And the NSA is one BIG assed shovel.
It looks to me like it's cheap and low-risk to make bold statements and promises when you're in opposition government, and you ultimately aren't held accountable for what happens. But once you win government, then suddenly the cost, risk and accountability of what you do and say go up.
So on that basis, it doesn't really surprise me that so many politicians talk big when they're not in power, and then backtrack when they're elected to power.
@ Nick P
The mechanics of running anonymized assassination payoffs through what appear to be investments/bets and returns/payoffs is clear enough, as are other potential money-laundering and corrupt exploits. If several people have developed the specific idea of 'assassination politics' in detail, and included it in essays and the like, that doesn't mean that this was the intention of the people who proposed the inclusion of a futures market in TIA. It looks to me as if the intent of that proposal was meant to achieve what was stated: an innovative way to identify risks and predict problems.
I would argue that if one were setting out to establish a money-laundering scheme that covers assassinations (or for anything else, really), this would be an astonishingly bad choice: a 'futures market' would entail a lot of public information about the transactions, and a lot of people keeping track and looking for interesting patterns or inconsistencies. A much better scheme would be to move money through a system with substantially less public scrutiny, and no attention-getting controversy.
On the other hand, since the stated purpose of the market is actually the sort of task for which futures markets have had some success, I would suggest that by Occam's Razor the intent of the proposal was just what they said: to establish a predictive futures market.
Such a system might well be a bad idea anyway, because any new, large-scale government-managed forum in which money is moving around freely (and at least nominally 'anonymously') would be a lightning rod for opportunistic abuse by colluding insiders and participants,. This activity would be too limited in both scale and success-rate to be a viable tool, but big enough to be a problem.
My small input: to be in position of making group decisions (in legislature - Senator, Congressman) is different than making personal decisions (in executive branch - President, Governor, Cabinet member, etc.) having same input and same good intentions. Level of risk acceptance/responsibility is not the same due to different paradigm of decision making. It is similar as opinion of the legal scholar and actual decision by the judge in real trial on the same legal issue.
Lawfare post cited in the first comment is a useful corrective to some inaccuracies in the New Yorker article. Both are worth reading.
As to some of the comments here re: President being blackmailed...
Two Presidents, from both parties, majorities of Senators and Representatives, from both parties, and multiple independent federal judges, have all endorsed either the practical need for the program, or the legality of the program, or both.
Isn't it possible, just possible, that becoming familiar with the institutional safeguards in place against abuse, and that becoming familiar with the use for this type of program, might lead one to conclude as the President clearly has?
The alternative explanations are all variations on "government is evil" (agencies are blackmailing politicians, etc.) or "government is incompetent" (the intelligence agencies and law enforcement agencies are idiots when it comes to anti/counter terrorism).
Neither is terribly satisfying as an explanation.
But once you admit that there is room for reasonable disagreement on this issue, you've made the activity of leaking highly classified documents on this issue much less defensible, while also removing the right to be indignantly outraged by the program (if the program is a reasonable choice, it would be odd to be "outraged" at those who chose it, even if one's own choice would have been different).
As much as I enjoyed Lizza's article, one of its real deficiencies (the Lawfare post identified others) is its nearly complete omission of procedural safeguards as part of the story. Lizza covers the court-ordered and court-monitored safeguards on the telephone metadata by writing that the "court required some new oversight by the Justice Department and new rules for accessing the database, but it was a nearly complete victory for the agency." Unfortunately it is impossible to assess these programs, and particularly the telephone metadata program, without understanding the safeguards in place. Those safeguards are an enormous part of why, and how, the FISC approved the metadata program as legal. Glossing over them with the barest of vague references isn't enough to inform the reader of an essential part of the story.
Isn't it possible, just possible, that becoming familiar with the institutional safeguards in place against abuse
What safeguards? As the FISA documents show the NSA was willingly violating the orders it was given. And that's before you get to the LOVEINT and other scandals.
That should have been "willfully".
Isn't it possible, just possible, that becoming familiar with the institutional safeguards in place against abuse, and that becoming familiar with the use for this type of program, might lead one to conclude as the President clearly has?
Perhaps. But the only way we are ever going to get conclusive answers is by having a full public debate and instating a new Church Committee with full investigatory powers. The fact that this is not happening to me indicates that quite some people in Congress, the government and the private sector have a lot to hide they really don't want the general public to know about. It also raises serious questions about whether the US still is a functioning democracy or has become a capitalist plutocracy where those in power can govern at will through secret interpretations of the law by secret courts issuing secret orders to secret agencies executing secret programs.
Which personally makes me wonder how far-fetched it is to consider the possibility that the US from a purely political perspective is just on its way to becoming another China or Russia.
@ Dirk Praet
"Which personally makes me wonder how far-fetched it is to consider the possibility that the US from a purely political perspective is just on its way to becoming another China or Russia. "
Nah, there not another Russia or China: much more unique. The brilliance of those at center of power in US is that they do it while maintaining a partial democracy with the illusion of a better one which citizens buy into. Prevents their loss of power due to revolution. The base controls in their system have evolved to be subtle, pervasive and autonomous. It's a horrifyingly effective accomplishment.
Such a strong system can't be beaten by a political discussion, a series of leaks, etc. We've seen these and more recently. System is still in full swing. The sooner people who care realize how the system works and how effective it is the sooner they'll come up with newer, better plans for dealing with it.
"Isn't it possible, just possible, that becoming familiar with the institutional safeguards in place against abuse, and that becoming familiar with the use for this type of program, might lead one to conclude as the President clearly has?"
"Clearly?" You're "clearly" wrong. See how I just made the exact same argument you did? Just baldly asserting the thesis without actually citing any evidence? You don't have access to the president's mind. You "clearly" just made this up.
Of course, it's more comforting to tell ourselves these programs are just dandy, and all the safeguards in place make it all okay. But we don't actually know they're okay. The only facts we have about the programs were leaked against the president's and intelligence community's will. In a democracy, we have a responsibility to make informed decisions. Blindly trusting that everything is okay is lazy and irresponsible.
YOU are lazy and irresponsible. Pull your head out of your ass. Stop making excuses. If this program was what the American people wanted, they wouldn't be hiding it.
"It also raises serious questions about whether the US still is a functioning democracy or has become a capitalist plutocracy where those in power can govern at will through secret interpretations of the law by secret courts issuing secret orders to secret agencies executing secret programs".
1. Current model of representative democracy is power of money.
2. In democracy the key is not election, but political regime after election (freedoms, law-guided government, due process, transperancy,
no selective application of laws, etc).
3. The more is inequality in income, the less is #2 (e.g. US v. Norway). I mean not absence of very reach and very poor, but erosion of middle class as the core for democracy. See related posting on this blog about crimes in Iceland. Very informative.
To my mind it hinges on a key question - does the market pay out on an unsuccessful attempt?
Anon, What safeguards? As the FISA documents show the NSA was willingly violating the orders it was given.
Violations that NSA themselves disclosed to the court. Violations which the court was extremely unhappy about, which required a thorough investigation, which required remedies which the court approved.
The safeguards in place require that certain standards of suspicion be met before the database can be accessed. To ensure that those standards are being observed, there is monitoring by the Department of Justice, the NSA's Inspector General, continued reporting to the FISC, and continued reporting to Congress.
Look, no one at NSA wants to be the subject of a federal prosecution or congressional hearing. They actually do want to play inside the confines of the law. And everyone in the IC is all too aware of how quickly conduct winked at by one administration can turn into scandal under another administration. The only real shield they have against politics is the law.
Dirk, But the only way we are ever going to get conclusive answers is by having a full public debate and instating a new Church Committee with full investigatory powers.
We're going to dump tons of classified information into the public domain in order to discuss whether it was legitimately classified? Come on. We agree that a lot of signals intelligence work is legitimately classified, right?
As to the Church Committee... the Church Committee was created during a time when there was very little - none, really - congressional oversight of the intelligence agencies. And intelligence work in those days was bound by little more than the Keith decision. Today though, partly as a result of those days, there's a robust mechanism of congressional oversight (they were aware of the metadata program), and signals intelligence within the United States and in connection with US persons is subject to judicial approval and oversight, all within a framework of law.
I don't think this is true in your case, but some people I suspect carry in their heads a picture of intelligence agencies from the 50s and 60s, when the institutional reality today is dramatically different. And I suspect that is why the myriad institutional safeguards put in place after the Church hearings are discounted for those people.
It also raises serious questions about whether the US still is a functioning democracy or has become a capitalist plutocracy where those in power can govern at will through secret interpretations of the law by secret courts issuing secret orders to secret agencies executing secret programs.
Well let's see. The agencies aren't secret, of course. "No Such Agency" hasn't existed as such for decades. The courts aren't secret either. You can see who sits on them, when they were appointed, when their term expires. Now, some of the court decisions and of course the programs on which the court is deciding are kept classified. But that's no different than any other federal court. Nor is anything "at will." The courts are independent; the judges are independent; Congress is independent. If you want to implement a program, there are a variety of legal and political loops to jump through first. The government IS very powerful, but it's a power constrained by and divided by (deliberately so) multiple institutions, rules, and interests.
The idea that the US is not a representative democracy is absurd. That some legal opinions are classified (as they are everywhere) has no bearing on that question.
Blagotag, "Clearly?" You're "clearly" wrong. See how I just made the exact same argument you did? Just baldly asserting the thesis without actually citing any evidence? You don't have access to the president's mind. You "clearly" just made this up.
Except you missed everything before "clearly". You missed the fact that so many other persons, from both parties, have in fact decided that these programs are legal, or prudent, or both. If you want to believe that someone is blackmailing the President, or that he has some nefarious reason for holding on to these programs, go right ahead.
In a democracy, we have a responsibility to make informed decisions.
Which includes decisions as to how to empower governments to keep certain matters confidential from the public. Which we've done through law. And by the same means, we've put in place a system of checks and balances, and oversight, to ensure that the necessity of confidentiality for some matters does not become a cloak of criminality. Your level of comfort or discomfort with the secrecy we've empowered certain parts of the government to have should depend on your level of knowledge about those checks, balances, and oversight mechanisms.
If this program was what the American people wanted, they wouldn't be hiding it.
That's an astonishing assertion. Do you really believe that? No program kept classified is wanted by the American people - for if it were wanted, then it would be revealed?
??? Are you trolling, playing devil's advocate, or just plain ignorant? Your "factual" assertions fail the sniff test--even from a parsec away.
1. You proffer (a source would be good) the following:
"Violations which the court was extremely unhappy about, which required a thorough investigation, which required remedies which the court approved."
1a. Which violations, section 702 or 215? The NSA has not just violated the language of the FAA...and that to me implies contempt. Authority offered in FAA law as stated by Sensenbrenner in detailing the intent and letter in a presentation Georgetown University at the University Law Center.
1b. The court found, FISC April 2011 Opinion, that the NSA provided less than ethical behavior respecting orders and requests from the court. Resolving one issue regarding an order (one order--this is a dedicated court, their not adjudicating federal or state civil or criminal law and it wasn't the court that was failing) The order in question by the court made repeated requests from NSA for justification starting in Feb of 2011, and didn't become clarified until Dec of 2011. The transcript of this one order and ruling reads like a formula for being found in contempt.
1c. The NSA operates on the principal that asking for forgiveness doesn't require asking for permission.
2. You stated that--"The safeguards in place require that certain standards of suspicion be met before the database can be accessed. To ensure that those standards are being observed, there is monitoring by the Department of Justice, the NSA's Inspector General, continued reporting to the FISC, and continued reporting to Congress."
2a.) The IG's at both DNI and NSA report "performance" metrics--it's perspective is how well the NSA is managing its internal processes...it does nothing to reflect the difference between lawful acts (under statue) and rulings (opinions).
2b.) This requires a quote from Hamlet; "Of carnal, bloody, and unnatural acts, Of accidental judgments, casual slaughters, Of deaths put on by cunning and forced cause." Where does the acquisition/collection/surveillance of all phone records meet a federal rule or even a presidential directive or EO? The rational that Smith V Maryland is instructive, let alone relevant, is laughable in the extreme.
2c.) Opinions are not law--or statue--the FISC should not be in the business of approving authorities (only in the case of completely internal affairs). Congress is the owner of this process--it is congress that has managed to achieve an EPIC fail.
The topper though...
"That some legal opinions are classified (as they are everywhere) has no bearing on that question."
ARE YOU JOKING??? Please bound this statement, you can use a non-euclidean geometry if that's useful. Willful blindness is not useful in democratic republics, but works well under crypt-o-fascism.
I don't have the energy to finish this now--but I believe that your comments were made as part of an April fools' joke--just delivered too early.
@Skeptical & @name.withheld.for.obvious.reasons:
Let's be clear on definition just to be on the same page:
Democracy is not equal republican form of Government and democracy can't be reduced to republican form of ruling only.
Democracy as regime can be more representative in current constitutional monarchy (Norway, Sweden, Nethrelands you name it) then in Presidential republic (you know examples as well). Not to see that is just political blindness. So, republican form or monarchy is just shell, political regime (see previous posting) is the core. And finally, democracy is not the goal, but rather the tool making conditions to achive not only general Welfare, but personal happyness as well for the most of population, not chosen minority/winners 'who takes it all'. That is the path to domestic Tranquility in real life.
In countries with federal structure, regime of democracy is also applies to balance of states (parts) and federal (cental) powers and their fair distribution with elimination as much as possible collisions due to ovelapping areas of jurisdictions.
Maybe we should start posting URLs of things like the Google view of DiFi's home on public web sites. That might teach her a lesson about the value of privacy.
Of course, something tells me there may already be a law banning such exposure, but only of the rich and powerful. Which just makes her one more kind of hypocrite (and means that such posts should be made anonymously).
Schneier.com is a personal website. Opinions expressed are not necessarily those of Co3 Systems, Inc.