Leaks and Consequences
It’s never easy balancing transparency and security
by JOSHUA FOUST
When Pres. Barack Obama closed 19 embassies around the Middle East last August, a miniature firestorm erupted: what sort of threat could spark such a massive response?
While there was rampant speculation about it, it seemed clear that whatever Al Qaeda chief Ayman Al Zawahiri and Al Qaeda in the Arabian Peninsula chief Nasser Al Wuhayshi were talking about when they were intercepted by U.S. intelligence, it was bad. Only a serious threat would do it, even if details about that threat remained frustratingly vague.
A new story in the New York Times suggests that Obama’s decision was deeply counterproductive:
Since news reports in early August … analysts have detected a sharp drop in the terrorists’ use of a major communications channel that the authorities were monitoring. Since August, senior American officials have been scrambling to find new ways to surveil the electronic messages and conversations of Al Qaeda’s leaders and operatives.
The Times draws a contrast with recorded behavior after the Snowden disclosures, suggesting that the “damage” from the embassy closure leaks are far worse. Because the embassy closures were a specific response to a threat and not a broad discussion of capability, the leaks specifically identified which of Al Qaeda’s communications channels had been compromised — leading to a significant drop in “chatter” from Yemen.
But the story is not as simple as comparing the two leaks. Twelve paragraphs into the story, for example, other anonymous officials note that it is difficult to pin a change in communications to a single event, considering the ongoing and increasingly detailed nature of the leaks about NSA surveillance. While terror groups will almost certainly never stop communicating electronically, it would be truly bizarre if they did not take extra steps to mask their chatter given the Snowden revelations. “The bad guys are just not going to talk operational planning electronically,” one official tells the Times.
This shows what the consequences of leaks in general can be. Few seemed to doubt that the White House’s response to the threat chatter was calibrated to do two things: protect against another attack (in particular against another diplomatic outpost like the Sept. 11, 2012 attack in Benghazi), and to publicly demonstrate why NSA surveillance is necessary to safeguard national security.
It wasn’t the first story in recent months seemingly calculated to demonstrate the value of good signals intelligence. In July, McClatchy published a story about how the Central Intelligence Agency warned Hezbollah about an incipient Al Qaeda attack on southern Beirut (a Hezbollah suburb). There was no real reason to do so publicly; but the story came just one month after Edward Snowden’s embarrassing leaks caused public outcry over the scope and intent of American surveillance programs.
“America might hate the NSA right now,” a Lebanese intelligence official told the news service, “but they were able to actually hear the calls and warn us what was said.”
Many in the information technology community have opposed the NSA’s attempts to break encryption. Speaking for many who advocate for web security, Bruce Schneier — who also sits on the board of directors at the Electronic Frontier Foundation, which is suing the NSA and sponsoring anti-NSA rallies — was aghast at the practice in a recent interview:
Those of us in the security community who watch the NSA had made assumptions along the lines of what Snowden revealed. But there was scant evidence and no proof. What these leaks reveal is how robust NSA surveillance is, how pervasive it is, and to what degree the NSA has commandeered the entire Internet and turned it into a surveillance platform.
Yet that same Internet is also what terrorists, rogue states and hostile powers that threaten national security use to plan and communicate. In the Times’ story, they note that jihadist groups are already modifying their behavior to avoid such surveillance because of what Snowden revealed:
Shortly after Mr. Snowden leaked documents about the secret N.S.A. surveillance programs, chat rooms and Web sites used by jihadis and prospective recruits advised users how to avoid N.S.A. detection, from telling them to avoid using Skype to recommending specific online software programs like MS2 to keep spies from tracking their computers’ physical locations.
In other words, broadcasting so much about how intelligence agencies gather data — whether through “official leaks” from anonymous sources, through Snowden’s stolen documents, or even through regular gumshoe journalism on the ground (which is how McClatchy got both of its stories on signals intercepts) — has consequences.
Now, those consequences can very well be worth it.
Revealing how the secretive parts of the U.S. government function in the name of transparency and civil rights might justify the risk of future attacks on embassies, people or even the country. But that choice between more transparency and more security is not a part of the debate. While the concerns over NSA spying are real and should spark discussion about the agency’s mission and scope of operations, there also must be talk of what cost limiting both will impose.
Subscribe to War is Boring here.
