Brennan Was Probably Talking about the Telegram PRISM Gap as Much as Encryption
I noted the other day that at a pre-scheduled appearance Monday, Josh Rogin cued John Brennan to explain how the Paris attack happened without warning. In my opinion, the comment has been badly misreported as an indictment solely of Edward Snowden (though it is that) and encryption. I’ve put the entire exchange below but the key exchange was this:
And as I mentioned, there are a lot of technological capabilities that are available right now that make it exceptionally difficult, both technically as well as legally, for intelligence and security services to have the insight they need to uncover it. And I do think this is a time for particularly Europe, as well as here in the United States, for us to take a look and see whether or not there have been some inadvertent or intentional gaps that have been created in the ability of intelligence and security services to protect the people that they are asked to serve. And in the past several years because of a number of unauthorized disclosures and a lot of handwringing over the government’s role in the effort to try to uncover these terrorists, there have been some policy and legal and other actions that are taken that make our ability collectively internationally to find these terrorists much more challenging. And I do hope that this is going to be a wake-up call, particularly in areas of Europe where I think there has been a misrepresentation of what the intelligence security services are doing by some quarters that are designed to undercut those capabilities.
Brennan talks about technology that makes it difficult technically and legally to uncover plots. Encryption is a technical problem — one the NSA has proven its ability to overcome — that might be called a legal one if you ignore that NSA has the ability to overcome the lack of a legal requirement to provide back doors. But I agree this passage speaks to encryption, if not other issues.
In the next sentence, though, he talks about inadvertent or intentional gaps created “particularly in Europe.” He talks about plural unauthorized disclosures — as I noted, Josh Rogin’s own disclosure that the US had broken AQAP’s online conferencing technique may have been more directly damaging than most of Snowden’s leaks — and “handwringing.” Those have led to “policy and legal and other actions” that have made it harder to find terrorists. In the next sentence, Brennan again emphasizes that “particularly in areas of Europe,” there needs to be a “wake-up call” because “there has been a misrepresentation” of what the spooks are doing, which he suggests was deliberately “designed to undercut those capabilities.”
So the paragraph where he speaks of these problems, he twice emphasizes that Europe in particular needs to adjust its approach.
Last I checked, Europe didn’t pass USA Freedom Act (which would not, in any way, have restricted review of Parisian targeters). Some countries in Europe are more vigorously considering limits on encryption, but those would be just as ineffective as eliminating the code that’s already out there.
What Europe has done, however, is make it harder for our PRISM providers to share data back and forth between Europe (and with providers considering moving servers to Europe, it will raise new questions about the applicability of PRISM for that data). And Europe (not just Europe, but definitely including Europe) has created a market need for US tech companies to distance themselves from the government.
And in the case of Germany, politicians have been investigating how much its BND has done for NSA, and especially which impermissible German people and companies were targeted as part of the relationship. I noted that Brennan raised similar issues just days after the BND investigation turned scandalous in March, and recent revelations have raised new pressure on BND.
With that in mind, in particular, consider what one of the more responsible reports on Brennan’s speech, that of Shane Harris, focused on — terrorists’ use of Berlin headquartered social messaging app Telegram. If terrorists were using WhatsApp (which a lot of the fearmongering focused on), the metadata, at least, would be available via Facebook. But since Telegram is not a US company, it cannot be obliged under Section 702 of FISA, and that surely creates just the kind of gap Brennan was talking about.
Since Brennan’s speech, Telegram has started deleting the special channels set up by ISIS to communicate.
I’m sure Brennan is complaining about encryption and if he can get Congress to force domestic back doors, I’m sure he will (though ISIS reportedly shies away from Apple products, so forcing Apple to give up its encrypted iMessage won’t help track down ISIS). But his speech seemed focused much more intently on ways in which, in the aftermath of the Snowden leaks, Europeans have opportunistically localized data and, in the process, made that data far less accessible to the NSA. Brennan, as I made clear in March, definitely would prefer the Europeans rely on Americans for their SIGINT (and in the process agree to some inappropriate spying in their home country), and the gap created by terrorists’ reliance on Telegram is one way to exert pressure on that point.
Q: Good morning. My name is Josh Rogin. I’m a reporter with Bloomberg View.
Director Brennan, thank you for your time today and thank you for your service.
The Paris attacks, the blame, of course, lies primarily at the feet of the terrorists. But I think I give voice to the question a lot of us have in this room and around the country when I ask: How was this allowed to happen? We’re talking about an attack that involved dozens of people communicating from multiple countries, planning for perhaps weeks or months, and yet the world’s leading intelligence agencies didn’t even catch a whiff of it as far as we’re to understand. Is that right? What went wrong? And what needs to be done now to make sure this never happens again? Thank you.
MR. BRENNAN: Well, first of all, as I mentioned in my remarks, many of these terrorist operations are uncovered and thwarted before they’re able to be carried out. And when I think about what happened in Paris, clearly there was a(n) effort that underway for quite some time, that was fairly sophisticated because of the nature of the attacks in terms of their simultaneous nature.
We work very, very closely with our French partners. I have an exceptionally strong relationship with the heads of the external and internal services. A lot of our partners right now in Europe are facing a lot of challenges in terms of the numbers of individuals who have traveled to Syria and Iraq and back again, and so their ability to monitor and surveil these individuals is under strain.
Now, I know the French are going to be looking at what might have slipped through the cracks. But I can tell you that it’s not a surprise that this attack was carried out from the standpoint of we did have strategic warning. We knew that these plans or plotting by ISIL was underway, looking at Europe in particular as the venue for carrying out these attacks. But I must say that there has been a significant increase in the operational security of a number of these operatives and terrorist networks as they have gone to school on what it is that they need to do in order to keep their activities concealed from the authorities.
And as I mentioned, there are a lot of technological capabilities that are available right now that make it exceptionally difficult, both technically as well as legally, for intelligence and security services to have the insight they need to uncover it. And I do think this is a time for particularly Europe, as well as here in the United States, for us to take a look and see whether or not there have been some inadvertent or intentional gaps that have been created in the ability of intelligence and security services to protect the people that they are asked to serve. And in the past several years because of a number of unauthorized disclosures and a lot of handwringing over the government’s role in the effort to try to uncover these terrorists, there have been some policy and legal and other actions that are taken that make our ability collectively internationally to find these terrorists much more challenging. And I do hope that this is going to be a wake-up call, particularly in areas of Europe where I think there has been a misrepresentation of what the intelligence security services are doing by some quarters that are designed to undercut those capabilities
Some of this stems from policies in Europe which make sure the lists don’t turn into blacklists. In particular, a policy that says if there was a brief suspicion that someone was involved with a terrorist organization, but then nothing, people are dropped from the list. That’s a good thing, because list makers make mistakes (lord knows we’ve had a lot of mistakes with our no-fly lists, e.g.).
But if the authorities knew someone had gone to Syria, there didn’t seem to be a mechanism that evaluated that, for that particular reason for going blank locally, they should continue to remain on the list because they were thought to be involved up to their eyeballs elsewhere.
Several of the current and previous plotters were dropped for lack of activity in France, even though they were known to have left to fight abroad. The lack of activity drop is a good thing, except when it’s so automatic that going to fight somewhere else causes a computer to drop someone. So either a correlation automatically of the lists domestically with the lists of ISIS travellers, or a human review of a drop looks like something that doesn’t cause anybody any new pain, but might be effective.
Before any decisions make investigation. This is an old rule. Old rules are not popular in the hurrieday-world of modern propaganda-opportunism.
Another ‘old rule’ (more an aphorism) states that surveillance always plays catch-up, and surveillance fishing catches mostly red-herrings, which are as likely ‘hatchery-fish’ as ‘stream-bed population’.
If one is analyzing the Paris attack, seeking to define its true source the surprise, or ‘surprise’ of it is matter of interest, rather than ‘mark of failure’. Exploitations, and who attempts them, are also of interest.
Two factors to keep in mind as we watch the Paris Event untangle, or unravel, are that those interested in attacks know, and have known from before Snowdon, the scope of surveillance directed to them and have been working as dilligently to evade it as the surveillers have been to expand against them, and that unexpected channels are usually unwatched.
We can expect, if we expect patterns to follow as normal, effective surveillance to get worse as it becomes more proliferate: Trying to look everywhere leaves more time open where surveillance is directed. Think of a searchlight swinging to cover a wide area, instead of being fixed to one spot: The swinging provides shadow in passing through which one can pass before the swinging beam returns.
The only result the NSA et al surveillance enthusiasm is going to leave historically is going to be the destruction of the Surveillance-State’s own national society. The reason is the pressure-cooker rule: The more you tighten down the lid, the more you raise the pressure, and the bigger, and more destructive you guarantee the inevitable eventual explosion will be.
The thing I have been thinking about lately is the lack of responsibility for allowing Snowden to do what he did.
If another division of our government, especially one that whose MO was specifically to protect the safety interests of the American people, failed so miserably and allowed such a self inflicted catastrophe to happen, wouldn’t the directors ,let alone the subordinates that were in charge at the time of this disaster be held accountable?
I mean we have heard nothing but non-stop snowmen’s name as the pariah, but isn’t there at least one or two other people that should be pilloried as publicly as Snowden?
Not really. Another thing that needs to be stated as a maxim or aphorism about secure stashes of information is that if it’s being stored on computers, sooner or later security will amount to trusting someone. Snowden was employed moving files from one place to another. No matter who does that, at some point that person has to have access to those files.
Besides, regardless of what the political class and the business class do in public, firing your best expert for screwing up makes you short your best expert. “Accountability” by termination is something for directors and C-class people who make decisions based on general knowledge, and are therefore replaceable, not for people who actually do difficult to find types of work and have special skills.
Thanks for your considerate reply.
In evaluating the actions of Snowdon, or any other whistle-blower blowing whistles by ‘releasing’ information to the American public we need to begin recognizing, and factoring, that per the Preamble to the United States Constitution “The People” are who made the United States and, in creating and ratifying the United States Constitution, the supreme law for the United States (in fact, the law laid down by The People for the government and those who engage in governing The People’s United States), The People are the owners of, and the highest authorities in the United States that they Constituted.
What this means is that information secreted amongst themselves by persons employed in government in the United States, who are employees of and servants of The People, to The People, meaning released to the public of the United States, are not, and cannot be committing a wrongful act. Servants withholding information from their masters, in so doing can commit wrongful act in doing so, but servants providing information to their masters cannot, and ones of The People who share infromation with their fellow People cannot. Only sharing information with enemies of the United States is wrongful, and, in the Constitutional United States, for innocence being per Principle fundamentally assumed, for a sharing to be criminal wrongdoing it must be deliberate, intentional and willful. Accident or carelessness might do damage, but cannot constitute crime.
For this, not only is Snowdon’s, Manning’s and others’ releases of information with intent to convey that information to the United States public not criminal, the whole Espionage Act construction and all its products, from initiating statutes to enforcements, prosecutions, trials and sentencings are all, and each severally,illegal and criminal. More especially, and indefensibly for the whole being put together and put into practice, and carried forward, and today carried on along forward, and expanded, by lawyers, meaning by persons who ‘had reason to know’ and ‘have reason to know’ that the Act and all inits train is illegal, meaning criminal.
If my grandchildren do grow up to live in a world in which freedom and dignity are given any value they will laugh at the idea that journalists began interviews with greetings as obsequious and cowardly as this:
“Director Brennan, thank you for your time today and thank you for your service….”
It is sickening to read such evidence of the craven depths which individuals like Rogin inhabit.
Communications among the plotters appears to have unencrpyted.
https://theintercept.com/2015/11/18/signs-point-to-unencrypted-communications-between-terror-suspects/