Who's to Blame at NSA for Snowden Leak?

Investigation Under Way to Determine Accountability
Who's to Blame at NSA for Snowden Leak?

The National Security Agency has neither fired nor admonished any of its personnel in connection with the leak by former contractor Edward Snowden of details about two top-secret intelligence-gathering programs, the NSA's No. 2 official told the Senate Judiciary Committee on July 31.

See Also: How Enterprise Browsers Enhance Security and Efficiency

"I think we'll know over weeks and months precisely what happened and who should then be held accountable, and we'll hold them accountable," NSA Deputy Director John Inglis said.

Inglis said the NSA is conducting an investigation to determine whether specific individuals should be held accountable for allowing Snowden, described as a systems administrator with top-secret security clearance, to have access to classified information he had no reason to see.

"At the end of the day, we'll have to look to see whether people exercised their responsibilities appropriately, whether they essentially exercised the trust accorded to them," said Inglis, whose comments came as revelation of another, previously secret NSA program surfaced based on the Snowden leak [see New Snowden Leak Details NSA Program].

Inglis also said no one at the agency had offered to resign over the leaks.

Questioned by Committee Chairman Patrick Leahy, D-Vt., on whether the NSA had a process to double-check the activities of Snowden, Inglis replied that there were multiple levels of review [see IT Tools Available to Stop NSA-Type Leak]. "In this case, I think we can say that they failed but we don't yet know where. ... We may find that they failed at multiple points in the system."

Preventing Another Snowden-Type Leak

The NSA has instituted a range of mechanisms to insure that the agency would be able to immediately catch someone who tried to repeat precisely what Snowden did, Inglis said. "We also have to be creative and thoughtful enough to understand that there are many other ways somebody can try to beat the system," he said.

The NSA deputy director did not specify what those mechanisms are. But NSA Director Keith Alexander said July 18 at a the Aspen Security Conference that the agency is piloting a new program in which systems administrators with top-secret clearance can access secret documents only with the approval of another colleague, the so-called two-person rule [see NSA Pilots 2-Person Rule to Thwart Leaks].

The Senate hearing focused on whether the federal government should limit how it collects metadata on information generated by telephone records and online communications of Americans in order to identify terrorists planning to launch attacks in the United States and abroad.

What disturbs privacy and civil liberties advocates in and out of Congress is that the program collects and stores telephone-call metadata - the phone numbers placing and receiving calls and the time and length of each call - on nearly all Americans. Authorities can only query the database after receiving permission from a so-called FISA court, established under provisions of the Foreign Intelligence Surveillance Act.

"Just because we have the ability to collect huge amounts of data does not mean that we should be doing so," Leahy said. "In fact, it has been reported that the bulk collection of Internet metadata was shut down because it failed to produce meaningful intelligence. We need to take an equally close look at the phone records program. If this program is not effective, it must end. And so far, I am not convinced by what I have seen."

Connecting the Dots or Not

But top brass from the NSA, FBI, Office of the Director of National Intelligence and Department of Justice testified that the telephone metadata collection program authorized under Section 215 of the Patriot Act played a role in preventing terrorists' attacks in the United States. They said the information culled from the metadata collection program created one of the "dots" that when connected with other dots helped lead to terrorists planning attacks.

But Leahy said there always will be more "dots" to collect, analyze and try to connect. "The government is already collecting data on millions of innocent Americans on a daily basis, based on a secret legal interpretation of a statute that does not on its face appear to authorize this type of bulk collection. What will be next? And when is enough, enough?"

FBI Deputy Director Sean Joyce responded, "We must have the dots to connect the dots."

Bringing an Adversarial Voice to FISA Courts

Another concern raised at the hearing was that only the one side is heard by a FISA judge when the government seeks permission to conduct surveillance. A former FISA judge, Senior U.S. District Court Judge James Carr, suggested that Congress enact legislation to authorize FISA judges to appoint occasionally independent lawyers with security clearances to challenge the government when an application for a FISA order raises new legal issues.

"In such circumstances, the judge may desire to hear not just the government's views in support of the request, but reasons from an independent attorney as to why the court should not issue the order in whole or part," Carr testified. "This process would give the court the benefit of the give and take that is the hallmark of the adversarial process."

Stewart Baker, a former NSA general counsel, expressed doubts about the value of an independent counsel. "Who or what is that person suppose to be representing? Are they representing the terrorists, are they representing the court, are they representing some abstract interest in civil liberties or are we going to just let them decide?

"We got rid of the independent counsel law precisely because we were uneasy about having private parties just make up their own public policy without any checks from political decision makers or without any client. I fear we're getting into the same situation if we start appointing counsel to represent something in the context of these cases."

Baker's view won't stop Sen. Richard Blumenthal, D-Conn., from introducing legislation this week to establish an Office of Special Advocate staffed by lawyers who would have security credentials similar to those possessed by prosecutors and could argue novel and significant issues of law before FISA judges. "Judges are accustomed to hearing two sides of argument so I think some of the practical objections are easily addressed," Blumenthal said.

About the Author

Eric Chabrow

Eric Chabrow

Retired Executive Editor, GovInfoSecurity

Chabrow, who retired at the end of 2017, hosted and produced the semi-weekly podcast ISMG Security Report and oversaw ISMG's GovInfoSecurity and InfoRiskToday. He's a veteran multimedia journalist who has covered information technology, government and business.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.