Read more »
The following piece first appeared in the Huffington Post.
When General Michael Hayden sat down to tape Fox News Sunday, he blinked quickly and acknowledged Chris Wallace's introduction. Then, in response to Wallace's third question, he proceeded to tell a huge whopper, without ever losing eye contact with the camera and the audience. That would be us.
General Hayden disputed the fact that Edward Snowden, the former National Security Agency (NSA) contractor who disclosed the wholesale electronic surveillance of Americans, is a whistleblower. Because Snowden did not make his disclosures through internal channels at the NSA, Hayden strongly implied - without actually saying so - he is a traitor.
Look, a whistleblower is someone who raises concerns within our government in order to affect change. There is no evidence whatsoever that this young man warned anyone, went to his supervisor, his supervisor's boss, even to the congressmen. No evidence of that whatsoever. What he did was go to Glenn Greenwald and some other news outlets and publish information that he may, in his own conscience, believe we need to be concerned about. But what he did was not tell the appropriate authorities. He told the world, including our enemies. And he's made it more difficult for our security services to keep America safe.
To be sure, Snowden did not go to his supervisors or to the Congress. He did not do this because four other NSA whistleblowers (only three of whom are public) had already done it, and they had been subjected to demotion, termination and FBI raids. One of them was indicted under the Espionage Act and investigated for four years before the charges imploded. The unfortunate Congressional staffer who supported their allegations was also raided at home by the FBI and is now suing the government for the return of her personal effects.
Read more »
The following piece first appeared in the Huffington Post.
Edward Snowden told America and the rest of the world two things that really matter:
- The US government is spying on US citizens (as well as Brazilians, Australians, Germans, Brits, etc.);
- The US government is the instigator of international cyber-attacks and not the victim.
Much has been written about the first disclosure. In official US circles, there's feigned outrage: among the offended is John Kerry, who solemnly told us that terrorists are now changing their communications techniques, and "people may die as a consequence." But this makes little sense. Al Qaeda knew its operatives were under electronic surveillance. That's why they've been using human couriers for years.
The second disclosure has received less attention in the U.S., but it's equally important. As our mid-eastern wars wind down (the Iraq adventure is formally over, and Afghanistan will end next year), we've begun to hear a steady drumbeat toward cyberwar - from the White House, the Pentagon and elements in the Congress. This year and last we've heard increasingly alarmist news about cyber attacks by China, Iran, unspecified terrorist groups and hacktivists.
But Snowden revealed that China is defending itself from US cyberattacks. So is Iran. He also showed that, when it comes to hacking and cyber-terror, the United States is way out in front of hacktivist collectives and Islamic cyber jihadists.
The world is not surprised at this, although many of us are. Unlike European empire-building, our aggression is a unique phenomenon. From the 16th through the 19th centuries, the British, French, Belgians, Dutch and Portuguese took their turns unapologetically sacking Asia, Africa, Latin America and the Middle East. Come the 1950s, though, with Europe in post-war ruins, the position of senior empire builder was vacant. The US selected itself.
But there was a problem for American empire promoters: a strong strain of protectionism and isolationism in American politics. When our forebears got here, they were fleeing wars, pogroms and persecution. We have an ocean between us and that Old World madness. More recent Latin American, African, Asian and Middle Eastern immigrants are also escaping war. So corporate globalizers face stiff resistance to free trade agreements and frivolous wars. Twice in the past fifty years our presidents lied to get us into pointless wars: Johnson lied when he said our ship had been attacked in the Gulf of Tonkin, and George W. Bush lied when he said Saddam Hussein was manufacturing weapons of mass destruction. They lied because we approve war only when we believe it's defensive. The Pentagon is the Defense Department and no longer the War Department.
Soon, we'll be without a war for the first time in 13 years. Most of us find that a relief. Maybe we'll actually get the peace dividend we anticipated in the 1990s. God knows we need it. We have a huge public debt and our budget is out of control. But many "defense" contractors are not so relieved. They're on the military gravy train and they're not getting off.
And so, starting last year, we became the increasingly endangered victim of cyber-warfare.
U.S. Defense Secretary Leon Panetta said the Pentagon and American intelligence agencies are seeing an increase in cyber threats that could become as devastating as the Sept. 11, 2001, attacks if they aren't stopped.
A cyber attack perpetrated by nation states or violent extremist groups could be as destructive as the terrorist attack of 9/11," Panetta said last night. "Such a destructive cyber terrorist attack could paralyze the nation.
Then there's Michael Hayden's hysteria, displayed on the Hill a year ago: "The Most Dangerous Tools in the Most Dangerous Hands." According to Hayden, who is now a principal at the Chertoff Group, a lucrative security consulting firm run by former Secretary of Homeland Security Michael Chertoff, the most dangerous tools are cyber-weapons and the most dangerous hands are hacktivists. General Hayden, incidentally, is also the former director of the NSA and the CIA.
There's a lot of money at stake in convincing Americans that cyber-warfare is needed for protective purposes:
The United States spends far more than any other country on defense and security. Since 2001, the base defense budget has soared from $287 billion to $530 billion -- and that's before accounting for the primary costs of the Iraq and Afghanistan wars.
Edward Snowden exposed the fact that the costly new war we're about to have in cyber-space is a US production. The United States is not a helpless victim of cyber-attacks. Our posture is fundamentally aggressive, and if we don't want a cyberwar, then we could avoid starting one.
We want to believe that we're a peaceful nation, prompted to act aggressively only by deadly provocation, such as Pearl Harbor or 9/11. It's not an accident that Panetta invoked September 11. The specter of another attack is terrifying.
But we, the United States, attacked Iran with Stuxnet. We spy on our allies, help them spy on their citizens, and we steal secrets from civilian institutions in China:
Part of Snowden's revelations that are most damaging in our discussion of cybersecurity with China is his making it clear that we have gone well beyond penetrating China's government and military networks; we've gotten into their universities, their research centers and presumably into major enterprises, too.
Snowden gave us a chance to stop this before the Chertoff Group, SAIC, CACI, Lockheed and the rest of them are unstoppable. Once we're into a cyberwar, it's over. The war will be invisible, secret and eternal - conducted with our tax dollars, but without our knowledge. It will not be conducted on our behalf. And if we try to end it, we'll be unable to organize because we, too, are under surveillance. Snowden also told us that.
We should pay attention.
Bea Edwards is Executive & International Director of the Government Accountability Project, the nation's leading whistleblower protection organization.
Read more »
This month, the Business Roundtable (BRT) posted an alarming proposal: "More Intelligent, More Efficient, Cybersecurity Protection." The BRT is an association of the CEOs of the largest U.S. corporations. Its members represent companies that collect combined annual revenues of over $7.3 trillion, so when the BRT speaks, Congress tends to listen.
In brief, the 32-page declaration on cybersecurity states the BRT’s case for a legal alliance between the private sector and intelligence agencies that will exempt corporations from lawsuits as they wage cyber warfare.
The argument is simple: much of the American economy is privately owned: banks, chemical plants, toll roads, energy systems. If cyber-enemies were to attack and disable critical functions, the damage would be crippling. Therefore, government and the private sector must establish a new legal framework for cyber defense, and this arrangement will allow the fluid exchange of privileged information between the country’s intelligence agencies and the private corporations that sit at the Business Roundtable.
Here at GAP, where we work with whistleblowers from both the national security and the finance worlds, the prospect of secret collaboration between the two spheres is frightening. Over the course of the past ten years, whistleblowers have reported to us on cronyism, fraud, cover-up, illegality and corruption at the top of the National Security Agency, CIA, AIG and many of the country’s largest banks, costing taxpayers hundreds of billions of dollars.
Moreover, the self-interested crimes reported made the United States more vulnerable, not only to cyber threats, but also to economic collapse.
From one whistleblower we learned the NSA shut down an effective, inexpensive program that sorted through the sea of electronic communications washing around the world daily and found threatening email and telephone connections. The NSA preferred a costly and cumbersome program built by a well-connected private sector contractor – a program that, in the end, didn’t work and had to be abandoned.
Whistleblowers at majors US banks have produced documentation showing widespread fraud in the pre-2008 mortgage origination and servicing business that wrecked the industry. We’ve also seen far-reaching incompetence, negligence and cover-ups at financial institutions that brought on the Great Recession.
Nonetheless, the BRT and the USG are proceeding down the path toward a “partnership” between national intelligence agencies and private corporations that is virtually oversight-free. In January 2013, we’re seeing the BRT proposal in pre-publication detail for the first time. Yet a couple of weeks ago, Ellen Nakashima wrote a piece in the Washington Post indicating the collaboration between US financial institutions and the intelligence community is already well underway.
In fact, the Congress tried to set this up more officially just last year but failed: H.R. 3523, the Cyber Intelligence Sharing and Protection Act (CISPA), passed in the House last April. It would amend the National Security Act of 1947. According to the BRT, the legislation would:
[E]nable national intelligence agencies to share strategic threat assessments and other pertinent intelligence, including classified information, with private-sector entities that own or operate major information systems and other critical infrastructure systems. More important, the bill removes legal barriers to information sharing and establishes a protected framework for the bidirectional sharing of information between the public and private sectors (p. 4).
Although the legislation did not pass the Senate, the government and its private sector friends are evidently proceeding. This is never a good idea in a democracy. Insider CEOs sit down at their roundtable with select politicians and come up with a scheme for protecting and advancing their own interests, which they then announce publicly as a plan with benefits for all of us.
Because the scheme is designed to promote and protect specific interests, though, it’s not presentable in raw form. Therefore, it’s unveiled as an effort to protect us all, and it’s written in denatured bureaucratic prose that is hard to penetrate.
Let’s parse the BRT proposal just posted, for example.
The government must create a clear and concise legal framework for both private sector to private sector and private sector to public sector sharing, with appropriate liability, antitrust and freedom of information protections for those acting within the framework. All of the actions proposed by BRT depend on the advancement of information sharing and removal of current legal barriers.
“Current legal barriers” are, of course, our rights as citizens to privacy and to information about what the government is doing. What the BRT is actually proposing here is not liability, antitrust and FOIA “protections” from just anyone. The BRT is saying it needs protection from us. Although we’re all in this together, BRT firms must be protected not only from formidable cyber criminals and hostile “nation-state actors,” but also from U.S. citizens who might ask what’s going on.
John Wonderlich, Policy Director at the Sunlight Foundation, which works for transparency in government, had this to say about the prospect of public/ private cooperation on intelligence as proposed by CISPA:
Let's make something clear. The Freedom of Information Act is the law that lets the public force the government to determine whether information should be released or not. The Freedom of Information Act doesn't guarantee that information will be released, but just that anyone can request its release, and then have a legal process to try to provide a fair ruling on whether that information should be made public. Information that shouldn't be shared is already protected by law, through largely uncontroversial exemptions.
The FOIA is, in many ways, the fundamental safeguard for public oversight of government's activities.
So as it stands, FOIA does not automatically trigger the release of information from a government agency. At GAP, where we work frequently with FOIAs, we wouldn’t argue that the FOIA is an expeditious and efficient way to obtain information. For example, when Google called on our spy agencies to help with cyber attacks in 2010, the Electronic Privacy Information Center (EPIC) filed a request for data about the deal under the Freedom of Information Act. The FOIA was denied, and when EPIC appealed, it was denied again.
Nonetheless, the BRT wants even the law that permitted the request to be diluted, just in case some judge someday decides that the public has a right to information about back-channel, high-level public/private intelligence collaboration.
Since 9/11, we’ve learned the hard way that “national security” can be used to cover a multitude of sins. Think “enhanced interrogation techniques” and Abu Ghraib. Do we really want to cast the cloak of national security over credit default swaps and the shadow banking system?
Because that’s exactly what the Business Roundtable is proposing. And not just that. The BRT also wants much of the same legal immunities that the government has. If the proposal for this “More Intelligent, More Efficient Cybersecurity Protection” proceeds, we’re surrendering the right to ask anything about it: Like how much it costs and what it’s authorized to do – to us.
Bea Edwards is the Executive Director for the Government Accountability Project, the nation's leading whistleblower protection and advocacy organization.
Read more »
A Senate committee investigative report released today finds that fusion centers – massive Department of Homeland Security (DHS) undertakings touted as a solution to "information sharing" – are a colossal waste of taxpayer money and do little, if anything, to improve national security. The New York Times on the report:
The report found that the centers “forwarded intelligence of uneven quality — oftentimes shoddy, rarely timely, sometimes endangering citizens’ civil liberties and Privacy Act protections, occasionally taken from already published public sources, and more often than not unrelated to terrorism.”
The Senate report contains evidence of fusion centers' needless invasion Americans' privacy rights, useless intelligence reporting, pervasive lack of oversight, and complete inability to account for the taxpayers money. DHS can't even give a definite number about how much taxpayer money it has spent on the fusion centers, and the margin of error is way bigger than the Powerball jackpot. WaPo reported:
[the Senate report says] oversight has been so lax that department officials do not know exactly how much has been spent on the centers. The official estimates varied between $289 million and $1.4 billion.
Government could have saved American taxpayers a few hundred million by listening to the American Civil Liberties Union (ACLU) when it warned back in 2007 that the developing fusion centers lacked proper oversight and endangered Americans' privacy rights. Five years ago, the ACLU reported that fusion centers
. . . raise very serious privacy issues . . . [and] there are serious questions about whether data fusion is an effective means of preventing terrorism in the first place, and whether funding the development of these centers is a wise investment of finite public safety resources.
Read more »
Yesterday, the House of Representatives voted to re-authorize the 2008 FISA Amendments Act (FAA). The FAA Re-authorization represents the normalization of a domestic surveillance state.
The FAA was bad enough in 2008, when it "legalized" parts of the Bush warrantless wiretapping program and gave retroactive immunity to telecommunications companies that gave up customers' private data to the government, but at least it had a sunset. American Civil Liberties Union legislative counsel Michelle Richard said of the re-authorization:
Yet again, the House has rubberstamped a law so broad and vague that, despite its passage four years ago, we still have little idea how the government is using it.
Despite the facts that:
- the sunset provided Congress an opportunity to rethink the broad surveillance powers the Executive has repeatedly abused;
- even Senators - like Ron Wyden (D-OR) - cannot get a straight answer from the intelligence community about how the law is being used against Americans; and
- whistleblowers, like my client National Security Agency (NSA) whistleblower William Binney, have risked everything to expose domestic spying, the House voted to further empower the Executive's already unprecedented surveillance powers.
The House was obviously not listening to the numerous warnings about continuing unchecked domestic surveillance programs from my clients – NSA whistleblowers William Binney, J. Kirk Wiebe, and Thomas Drake – all of whom were criminally investigated in retaliation for their disclosures. (Drake was prosecuted under the Espionage Act and faced decades in prison before the Justice Department's case against him collapsed in spectacular fashion days before trial.)
Read more »
Whatever your opinion of Wikileaks founder Julian Assange, he was right when he called for an end to the war on whistleblowers in his speech outside the Ecuadorian Embassy in London yesterday:
The U.S. administration's war on whistleblowers must end. Thomas Drake, William Binney, John Kiriakou, and other heroic whistleblowers must be pardoned or compensated for the hardships they have endured as servants of the public record.
While my clients' stories differ greatly from Assange's, the Obama administration has threatened to criminally prosecute all of them with the same draconian Espionage Act, a law meant to go after spies not whistleblowers. And the effect of the Obama administration's policy – if not the goal – is the same for my clients and Assange - to silence dissent.
Despite that Assange is often attacked for only looking out for himself (who could blame him considering London police were waiting outside the Ecuadorian embassy to arrest him?), he took time in his minutes-long speech to reach out to others who have been prosecuted. He also correctly identified the Obama administration's war on whistleblowers as a war on journalists and the media, a connection made by myself, Glenn Greewald, and the US main stream media itself.
The United States must pledge before the world that it will not pursue journalists for shining a light on the secret crimes of the powerful.There must be no foolish talk about prosecuting any media organisations, be it Wikileaks or the New York Times.
Assange calls for an end to U.S.'s "witch hunt" against Wikileaks called to mind Supreme Court Louis Brandeis:
Fear of serious injury cannot alone justify suppression of free speech and assembly. Men feared witches and burnt women.
Read more »
The Washington Post reported today on the spy software (sold by SpectorSoft) dozens of federal agencies have purchases to monitor their employees' electronic activities:
Government workers have long known their bosses can look over their shoulder to monitor their computer activity. But now, prompted by the WikiLeaks scandal and concerns over unauthorized disclosures, the government is secretly capturing a far richer, more granular picture of their communications, in real time.
WaPo's report comes on the heels of the Food & Drug Administration's surveillance scandal, which revealed widespread monitoring of employees, whistleblowers' protected communications with Congress and the Office of Special Counsel, congressional staffers, and reporters.
The SpectorSoft software can do more than simply read employees' e-mails. It can:
- Take a screen shot of a computer
- Intercept a tweet or Facebook post
- Monitor keystrokes
- Retrieve hard drive files
SpectorSoft's senior marketing manager elaborated on what federal agencies can do with SpectorSoft's software:
“Think of it as someone stood behind you and put a video camera behind you while you’re working,” Catalini said. “It comes back down to: What does the agency want to record?”
Read more »
Glenn Greenwald wrote yesterday about "secrecy creep" – the retaliation against whistleblowers that has crept down from the White House into Executive branch agencies.
Whistleblowers have always been subjected to retaliation, but the retaliation used to be focused on marginalizing the whistleblower, shifting or eliminating the whistleblower's job duties, firing her, or yanking her security clearance. Now, with the Obama administration's war on whistleblowers, whistleblower retaliation includes polygraphs, systematic monitoring of whistleblowers' electronic activities, and prosecution under the Espionage Act – even at Executive agencies beyond the intelligence community.
Intelligence community whistleblowers like former National Security Agency (NSA) officials Bill Binney and J. Kirk Wiebe were targeted with criminal investigation and subjected to armed FBI raids. Even more severe, whistleblowers like former NSA official Thomas Drake and former CIA officer John Kiriakou were indicted under the Espionage Act.
Now Executive branch agencies outside the intelligence community are using the secrecy and surveillance tactics to punish whistleblowers.
Greenwald provides concrete examples of the secrecy creep resulting in increased whistleblower retaliation:
 . . . McClatchy reported on a criminal investigation launched by the Inspector General (IG) of the National Reconnaissance Office, America’s secretive spy satellite agency, against the agency’s deputy director, Air Force Maj. Gen. Susan Mashiko. After Mashiko learned that four senior NRO officials whose identities she did not know reported to the IG “a series of allegations of malfeasant actions” by another NRO official relating to large contracts, Mashiko allegedly vowed: “I would like to find them and fire them.”
 It was not until 2011 that the Interior Department . . . hired . . . a hydrologist, Dr. Paul Houser, who was previously an associate professor in George Mason University’s Geography and Geoinformation Sciences Department.
Read more »
Adding to the leak hysteria in Washington, the Senate Intelligence Committee advanced legislation purportedly to limit "leaks." WaPo reports:
The legislation, which has yet to be considered by the full Senate or House, would require the White House to notify Congress whenever it plans to share classified information with the public and would curb an increasingly common arrangement in which top national security officials take jobs as commentators on cable-television shows.
What Congress completely neglects to address in their apparent frustration that the White House leaks to the press before leaking to Congress, is that whistleblowers who are sources for Congress end up getting burned and monitored by the Executive branch.
If the Senate Intelligence Committee really wanted to stop media leaks and preserve its oversight abilities, it would enact meaningful whistleblower protections so that employees who bring concerns to Congress are adequately protected from retaliation. Such a measure would certainly give Congress more information than a head's up from the White House that the White House is planning to make public information that will no doubt benefit the administration.
UPDATE: For a full summary of the anti-leak measures in the Intelligence Authorization legislation see Steven Aftergood's analysis. Key quote:
And yet there is something incongruous, if not outrageous, about the whole effort by Congress to induce stricter secrecy in the executive branch, which already has every institutional incentive to restrict public disclosure of intelligence information.
National Security Agency (NSA) whistleblower Thomas Drake testified before two congressional committees and brought his concerns massive waste, fraud, abuse, and illegality at NSA to the House and Senate Intelligence Committees, in accordance with the Intelligence Community Whistleblower Protection Act. However, that didn't stop the Obama administration from charging him under the Espionage Act and threatening him with spending the rest of his life behind bars. (The case against Drake collapsed under the weight of the truth last summer).
Read more »
‘Chilling Effect’ Far-Reaching if Congress Fails to Act
(Washington, D.C.) – Today, the Government Accountability Project (GAP) is publicly denouncing the Food and Drug Administration’s (FDA) implementation of an invasive and potentially illegal surveillance system instituted against employees trying to blow the whistle on critical safety issues surrounding medical devices.
The New York Times revealed the in-depth surveillance program in an explosive piece this past weekend. That article detailed how the agency monitored and “secretly captured thousands” of email communications between the whistleblowers and members of the media, Congress, attorneys, other regulatory officials, and the White House. Many of these communications are protected by various whistleblower laws. Subsequent reports show that agency lawyers approved these measures.
Amanda Hitt, GAP Public Health Director, and Director of GAP’s Food Integrity Campaign (which aims to protect whistleblowers at the FDA), stated:
“While the outcry by Congress and regulators thus far against the FDA is encouraging, the damage may have already been done. It’s hard to imagine how this fiasco won’t have a chilling effect on future FDA whistleblowers, and employees from all sorts of government agencies.
“This foray into espionage is nothing more than a service the agency provides to its 'clients.' Simply put, the FDA is spying on its own to protect the financial interests of the very corporations it is bound to regulate.”
GAP National Security & Human Rights Director Jesselyn Radack, who monitors the federal government’s use of surveillance, stated: