Did Thomas Drake Include Privacy Concerns in His Complaints to DOD’s Inspector General?
I’ve been reviewing the docket on Thomas Drake’s case to see whether it touches on the privacy concerns Drake had about NSA’s post-9/11 activities.
It appears it doesn’t, even while there was an ongoing dispute about whether or not Drake will have access to the materials he submitted to the DOD Inspector General in support of claims that the ThinThread program operated more effectively than the Trailblazer program that Michael Hayden chose to enrich SAIC with instead (the Judge ruled that material would be admissible, but not a formal whistleblower defense, which Drake wasn’t trying to do anyway).
There are a couple of reasons why the silence, in the legal filings, about privacy concerns is interesting (aside from the fact that it’s a focus of Jane Mayer’s article.
First, because the two-sentence summary of the conclusion of the DOD IG Report on Trailblazer and ThinThread that the defense provides in a filing doesn’t address privacy.
In 2004, after more than a year of fact-finding, the Inspector General issued its initial audit findings. In a report entitled, “Requirements for the Trailblazer and Thinthread Systems,” the auditors concluded that “the National Security Agency is inefficiently using resources to develop a digital network exploitation system that is not capable of fully exploiting the digital network intelligence available to analysts from the Global Information Network . . . (T)he NSA transformation effort may be developing a less capable long-term digital network exploitation solution that will take longer and cost significantly more to develop.” The NSA continued to support the “less capable” program and its successor.
Which suggests the IG Report may not have addressed the claim that, in addition to being less efficient at “connecting the dots” than ThinThread, Trailblazer also offered none of the privacy protections ThinThread had.
That’s important because the government argued that Drake couldn’t claim to be a whistleblower because, by 2007, the issues at hand were resolved. They’re arguing both that any whistleblower claims would be mooted because Turbulence, Trailblazer’s successor, integrated “significant portions” of ThinThread, and that the debate was “over” by 2007, when Drake was (according to the indictment) serving as a source for Baltimore Sun reporter Siobhan Gorman.
In or about December 2004, the DOD IG completed its audit of [Trailblazer], including the allegations raised in the complaint letter. The NSA responded in August 2004 and February 2005, stating that based on the judgments of NSA’s experienced technical experts, the allegations were unfounded. Nonetheless, NSA agreed to incorporate significant portions of [ThinThread] into [Trailblazer] as a result of the DOD IG recommendations, thus largely mooting the issues raised in the complaint. In addition, starting in late 2005 and early 2006, the NSA transitioned away from [Trailblazer] to [Turbulence], another corporate architecture solution for Signals Intelligence collection.
[snip]
Just as importantly, by 2007, the timeframe of the charges in this case, there was no imminent harm faced by the defendant, because [Trailblazer] had incorporated elements of [ThinThread], and also because NSA had transitioned away from [Trailblazer] to [Turbulence].
[snip]
The defendant’s actions had no impact in the debate regarding the efficacy of [Trailblazer and ThinThread], because NSA had begun transitioning to [Turbulence] by 2006. Put simply, the debate was over.
There’s a lot going on in this passage. Obviously, the government is trying to claim that since Drake was allegedly collecting information for Gorman in 2007, he couldn’t claim he was whistleblowing.
Mind you he was not claiming he was whistleblowing, in the legal sense. He was only trying to get the IG materials to prove that’s why he collected three of the documents he’s accused of willingly keeping; basically, he’s arguing that if he overlooked three documents out of 5 boxes worth originally collected for the IG–and did not retain the really classified materials–that he basically just overlooked the three documents, rather than willfully retained them.
And the government is playing funny with dates. After all, they say Drake served as a source for Gorman from February 27, 2006, to November 28, 2007. The key story about ThinThread Drake served as a source for was dated May 18, 2006. And one of the charges accuses Drake of obstruction for shredding other documents. So not only is the 2007 date bogus because it igonores debates ongoing in 2006, but the government suggests that either Drake would be guilty for illegally retaining information, or obstructing an investigation. Moreover, Drake maintains he inadvertently included the three IG-related documents in the several boxes of unclassified materials, so the fact the debate was over is pointless.
Moreover, the successor to Trailblazer, Turbulence, was suffering from the same management problems Trailblazer had, as the defense notes just after citing the IG Report. The government wants to pretend the shift from Trailblazer to Turbulence ended the complaints about management problems, but it didn’t.
But then there’s the way the government portrays the IG complaint: efficacy. As I laid out the other day, there are four ways, Gorman’s sources claim, that ThinThread was better than Trailblazer:
The program the NSA rejected, called ThinThread, was developed to handle greater volumes of information, partly in expectation of threats surrounding the millennium celebrations. Sources say it bundled together four cutting-edge surveillance tools. ThinThread would have:
* Used more sophisticated methods of sorting through massive phone and e-mail data to identify suspect communications.
* Identified U.S. phone numbers and other communications data and encrypted them to ensure caller privacy.
* Employed an automated auditing system to monitor how analysts handled the information, in order to prevent misuse and improve efficiency.
* Analyzed the data to identify relationships between callers and chronicle their contacts. Only when evidence of a potential threat had been developed would analysts be able to request decryption of the records.
In other words, privacy was just one of three ways ThinThread was better than Trailblazer, according to Gorman’s sources.
But that’s not the aspect the government seems to address. That is, the government seems to be saying that, because Turbulence adopted some of the approaches of ThinThread that made it more efficient at analysis, Drake can’t complain. The suggestion is (though we can’t know because of the secrecy) privacy is not, like efficacy, an adequate reason to blow the whistle. Neither privacy, nor the Constitution.
And that’s interesting for two more reasons. First, because the government references a notebook of documents Drake provided that had nothing to do with the IG Report.
There was, for example, a notebook of documents provided by the defendant, many of which had nothing to do with the IG’s audit, but this notebook was destroyed before the case began, and after the IG completed its audit.
Is it playing games with the scope of the audit? That is, did Drake provide materials on privacy, which the IG didn’t include within the scope of its report? If so, the IG’s destruction of the notebook, in violation of DOD’s document retention policy, is all the more interesting.
Then, finally, the debates about privacy continued into 2007 and 2008. In August 2007, specifically, Mike McConnell nixed a Democratic version of the Protect America Act because it required the government to tell FISA judges what the plan for minimizing US person data is and allowed the judges to review for compliance. Debates on how to fix PAA continued throughout the fall and into the following year, with Russ Feingold and Sheldon Whitehouse both trying to make real improvements on the minimization requirements.
The government seems to want to say that Drake’s privacy concerns aren’t a valid whistleblowing concern. Because, I guess, government officials aren’t allowed to whistleblow about citizens’ rights.
I realize you are writing this statement with irony; unfortunately, it is a sad commentary on the charges against Drake which were made with the intent of acting as a tool of imposing self censorship on future whistleblowers; especially, when the concern is citizen rights and rule of law. Evidently, citizen rights and rule of law no longer serve as the bedrock of democracy. Evidently, this case will go down as THE case to show the world, our nation is no longer a democracy.
So how are we ever to lead the ME towards individual rights and democracy? Obviously not by modern example.
Having glanced thru some of the related blogposts on this topic, a rudimentary matter came to mind, an array of interconnected concepts which might be perhaps inapposite because they are by way of analogy to basic telco stuff.
The comparison would be, according to this mode of thinking, to the era of rapidly changing cellphone technology, when some incumbent international carriers had standing capital investment in gear which had limited upgradeability.
Without looking at the two platforms described in the court documents, thin and trail, I would wonder how softwere intensive they were, and whether one might satisfy an incumbent baby bellco because a low bid would be possible if it utilized already deployed and working outside plant or switch gear with minimum retrofits. Bidders have a longterm relationship with government offices, kind of like the badge of being a most favored nation. There may be many currents at play in this case; and Bushco built a bulwark of executive privileged state secrets easily invokable by Obama*s coalition*s legal minds. But there may be this mundane stuff, as I alluded. Illustrative from the antediluvial epoch referenced: which technology was handicapped to win the global mobile comms race at the most profit to its respective proponents?: cdma, gsm? Fwiw, there is a storage area in the house with an impressively unwieldy looking pre-gsm cellphone rendered obsolete when its principal exponent rolled out gsm for mobiles (cellphones). Yet another timeline worth matching to the business equations could be how many crays the thin, or trail, operator would have available as the underlying bigiron. It seems I recall some contract awards for a cray or a few, in the timeframe of the described whistler*s filing of the original request for investigation of the comparative merits of the two systems.
I’m going to write something obvious here. Sometimes stating the obvious is both necessary and illuminating.
The government must negate, dismiss, minimize, if not outright disappear any whiff of Drake’s privacy concerns for a couple of key reasons:
1. Not doing so would be a self-inflicted fatal wound to the government’s case because if, privacy concerns were included in the government’s case and allowed to be addressed from the government’s side, they would be tantamount to an admission of the government’s own illegal acts.
2. Furthermore, if the government were itself to bring Drake’s privacy concerns into its case, they would also likely destroy their own imaginary crime timeline since I have zero doubt that Drake’s privacy concerns were just as applicable with the Turbulence program, and in fact, those same American public privacy intrusions are likely still criminally in place today.
Being a former national security whistleblower myself, who worked during the Bush administration, I know what Drake faces. I have copies of government correspondence to Congress in which officials lied outrageously to U.S. senators about the facts of my case. I say outrageously because the statements were not only wrong, but easily provably wrong with other documents in the agency’s possession, mine and third parties. It’s stunning, at first, that officials would take such risks to silence a whistleblower’s disclosures; but, on reconsideration….how often have you heard about officials being punished for such offenses?
I have heard stories about officials (like prosecutors) lying in all sorts of cases, egregious lies, in sworn statements. And they are of much lesser exaltation than USG officials, who of course never get punished. Little chance the lower ones ever get caught or punished either. Most accused, guilty or not, do not have the resources to fight the govt & govt officials know it & take advantage at every turn.
Yes, few have the resources to battle the unending stream of lies and retaliation. Seldom does anything change except the whistleblowers’ lives, which are ruined.
Yes, it’s why I have such deep admiration for whistle blowers. They are willing to sacrifice their own lives for the greater good. Few volunteer for that.
Brings to mind the discussion at yesterday’s FDL Book Salon with Diane Wilson.
BTW,speaking of whistleblowers,anybody remember Sibel Edmonds?
Privacy concerns? What a quaint notion.
Freedom, justice, liberty are like steam under a continuing boil. When contained and blocked off, pressure builds and at some point will be released. It’s the lesson of the Arab Spring most recently, and many other movements in the past. All of these clampdown exercises, whether it’s state secrets, leaving Bushies in charge in the DOJ and the courts, muzzling whistleblowers (but not Rupert’s army), leaves the legitimate impression that justice is taking a longer holiday than we thought. Steam will eventually escape, whether it’s to a turbine for something useful, or in a Fukushima explosion depends upon whether Obama will provide a legit way to redress very well documented grievances.
Uh-oh… Fukushima here come, then, bc I surely do NOT see Obama, of all people, providing anything “legitmate” to redress grievances. Obama has been front & center on busting the chops of and/or torturing on US soil any whistleblower perceived to be in Obama’s way… or really: in the way of the DoD and/or the MIC and/or telling the truth about how the upper 1% are ripping off the serfs.
As I commented in the last thread on this topic, too many serfs (and they are still serfs) are getting good paychecks from the likes of SAIC and other big-money defense “firms.” Hence, a LOT of serfs are not going to like what the whistleblowers have to say… bc Drake’s truth-telling may end up in lost wages/jobs for serfs.
That’s *also* why conservatives aren’t so keen on constitution and the rule of law in instances like these: bc conservatives don’t like whistleblowers, either. Folks like Drake may get in the way of their gravy train… which is working for the so-called vaunted “private sector,” but it’s the private sector that is actually run on and fueled by YOUR tax dollars… the usual rightwing hypocrisy prevails, of course. IOKIYAR to receive corporate *welfare,* but the dog forbid that teachers get a living wage… yadda yadda b.s. etc.
And the government is playing funny with dates. After all, they say Drake served as a source for Gorman from February 27, 2006, to November 28, 2007. The key story about ThinThread Drake served as a source for was dated May 18, 2006. And one of the charges accuses Drake of obstruction for shredding other documents. So not only is the 2007 date bogus because it igonores debates ongoing in 2006, but the government suggests that either Drake would be guilty for illegally retaining information, or obstructing an investigation.EW
NOTE: Just for the record, compare the May 2006 dates in this article:
http://www.businessweek.com/bwdaily/dnflash/may2006/nf2…
President George W. Bush has bestowed on his intelligence czar, John Negroponte, broad authority, in the name of national security, to excuse publicly traded companies from their usual accounting and securities-disclosure obligations. Notice of the development came in a brief entry in the Federal Register, dated May 5, 2006, that was opaque to the untrained eye.
Unbeknownst to almost all of Washington and the financial world, Bush and every other President since Jimmy Carter have had the authority to exempt companies working on certain top-secret defense projects from portions of the 1934 Securities Exchange Act. Administration officials told BusinessWeek that they believe this is the first time a President has ever delegated the authority to someone outside the Oval Office. It couldn’t be immediately determined whether any company has received a waiver under this provision.
The timing of Bush’s move is intriguing. On the same day the President signed the memo, Porter Goss resigned as director of the Central Intelligence Agency amid criticism of ineffectiveness and poor morale at the agency. Only six days later, on May 11, USA Today reported that the National Security Agency had obtained millions of calling records of ordinary citizens provided by three major U.S. phone companies. Negroponte oversees both the CIA and NSA in his role as the administration’s top intelligence official.
…
William McLucas, the Securities & Exchange Commission’s former enforcement chief, suggested that the ability to conceal financial information in the name of national security could lead some companies “to play fast and loose with their numbers.” McLucas, a partner at the law firm Wilmer Cutler Pickering Hale & Dorr in Washington, added: “It could be that you have a bunch of books and records out there that no one knows
“Privacy was just one of three ways ThinThread was better.”
Actually, from a systems point of view, all four of the features cited are BOTH privacy and efficiency improvements, because all four focus on winnowing down the data set until only communications that have a high probability of being relevant are left.
[1] Using “more sophisticated methods of sorting through massive phone and e-mail data to identify suspect communications” reduces the amount of private information that is collected. Only communications that fit a profile are filtered out and passed on to government operatives. So better filtering means better privacy AND better data quality. Better data quality makes the collection process more efficient for its stated purpose: gathering intelligence on security threats. The signal to noise ratio of the data that goes to the analysts is better, so they waste less time on the noise (innocent third-party communications) and spend more on the meaningful signal (enemy communications). Analyst time tends to be more expensive that software filtering, and the efficiency of the analyst probably declines rapidly when he/she has to wade through reams of irrelevant material.
[2] A system that “identified U.S. phone numbers and other communications data and encrypted them to ensure caller privacy” depends on the more sophisticated filtering capabilities mentioned above. Privacy protection is a thus a side-effect of more efficient data collection. But, at the same time, it contributes to efficiency by focusing the analyst attention on foreign material that is more likely to produce valuable intelligence.
[3] Employing “an automated auditing system to monitor how analysts handled the information, in order to prevent misuse and improve efficiency,” is a huge privacy protection and also critical for data integrity and overall efficiency. Auditing keeps the the Karl Roves of this world from undetectably pressuring the analysts into using data for private or political ends. But it also keeps unauthorized persons–foreign agents, Karl Roves, crooked contractors, etc.–from deleting legitimate records or introducing false ones. All large database and computer systems that I have seen incorporate auditing capabilities. In fact, I would strongly suspect that any system that did not was quite possibly INTENDED for abuse.
[4] Analyzing “the data to identify relationships between callers and chronicle their contacts” and allowing decryption of domestic calls “only when evidence of a potential threat had been developed” is, again, at once a privacy protection and a data-quality/efficiency feature. Like features [1] and [2] above, this feature is clearly meant to, in effect, automate probable cause.
We tend to overlook the fact that probable cause and warrants are not merely individual protections in our legal system either: they safeguard data quality and integrity. Probable cause focuses law enforcement efforts on situations that have a high likelihood of being criminal. So when police are legitimately and lawfully involved, convictions are likely. From a purely law-enforcement/security point of view, the problem with current NSA eavesdropping, the No-Fly list, and the wholesale persecution of Muslim organizations is that they are too unfocused to produce results. The noise and wasted effort is such that any actual villains are almost certain to slip through the dragnet.
Which makes me suspect that the NSA preference for the allegedly less efficient, less private, less audible software is deliberate and intentional. If rapidly identifying and targeting terrorists, foreign spies, and other enemies is not the point, then the alleged defects of Trailblazer/Turbulence are features. Broadcast surveillance of whole populations is a lousy way to gather intelligence or fight crime. But it is excellent for maintaining a climate of crisis, for intimidating critics of the established order, for injecting disinformation into public discourse (think Iraq), and for selectively extorting political and economic advantage. You can’t use this technology to reliably find an unknown enemy plot. But it would be great for blackmailing an attorney general or insider trading.
Tip of the hat to you..superb commentary.
Thank you!
Thanks. Great comment.
Well said, and it points out how sloppy work leads to poor prosecutions. I’m sure everyone would agree OJ had something to do with Nicole’s murder scene [my bet is that he at least supervised if not participated], but the crappy police work made it impossible to convict. I also remember more than a few complaints from the FBI about wild goose chases generated by crappy leads.
So it appears this might have been about statistical busywork, such as “The NSA has been keeping us safe by finding 35 million security risks in the last month”, even if they went nowhere or were not feasible. All of the recent incidents, even the ones involving Muslims (and most do not, like the Hutaree) were not detected by the NSA, but by sound police work and alert citizens (and including Muslims). Notice how in the W years how the proclamations about how many plots were stopped routinely fell apart when the WH was asked for details. They frequently made stuff up or were calling debunked plots (like the LA one) as their successes.
Please considering signing the petition to demand accountability for the prosecution of Thomas Drake.
Regards,
http://www.change.org/petitions/demand-accountability-for-the-selective-prosecution-of-nsa-whistleblower-tom-drake
http://twurl.nl/zsoady