NSA Returns to Stealing from Yahoo and Google

/19 Comments/in /by

Screen shot 2013-10-30 at 1.23.18 PMThe entire point of the Protect America Act and FISA Amendments Act was to provide a way for NSA to collect data from Yahoo and Google without stealing it from telecom switches, which is what they had been doing for 6 years. That was the primary goal: provide a legal means, with oversight, to collect intelligence from the multinational US-based Internet companies that dominated the free email market.

Yet, as I’ve been predicting for weeks, that wasn’t good enough for NSA. In addition to all the intelligence they collect legally using PRISM under Section 702 authority, it turns out they’ve been busy returning to their thieving ways.

The National Security Agency has secretly broken into the main communications links that connect Yahoo and Google data centers around the world, according to documents obtained from former NSA contractor Edward Snowden and interviews with knowledgeable officials.

By tapping those links, the agency has positioned itself to collect at will from among hundreds of millions of user accounts, many of them belonging to Americans. The NSA does not keep everything it collects, but it keeps a lot.

According to a top secret accounting dated Jan. 9, 2013, NSA’s acquisitions directorate sends millions of records every day from Yahoo and Google internal networks to data warehouses at the agency’s Fort Meade headquarters. In the preceding 30 days, the report said, field collectors had processed and sent back 181,280,466 new records — ranging from “metadata,” which would indicate who sent or received e-mails and when, to content such as text, audio and video.

The NSA’s principal tool to exploit the data links is a project called MUSCULAR, operated jointly with the agency’s British counterpart, GCHQ. From undisclosed interception points, the NSA and GCHQ are copying entire data flows across fiber-optic cables that carry information between the data centers of the Silicon Valley giants.

Mind you, the apologists will say that breaking into Yahoo and Google’s internal clouds to steal this information isn’t stealing because it takes place overseas, and therefore doesn’t have to abide by FISA, and therefore just amounts to normal old spying.

Case in point:

Intercepting communications overseas has clear advantages for the NSA, with looser restrictions and less oversight. NSA documents about the effort refer directly to “full take,” “bulk access” and “high volume” operations on Yahoo and Google networks. Such large-scale collection of Internet content would be illegal in the United States, but the operations take place overseas, where the NSA is allowed to presume that anyone using a foreign data link is a foreigner.

Outside U.S. territory, statutory restrictions on surveillance seldom apply and the Foreign Intelligence Surveillance Court has no jurisdiction. Senate Intelligence Committee Chairwoman Dianne Feinstein has acknowledged that Congress conducts little oversight of intelligence-gathering under the presidential authority of Executive Order 12333 , which defines the basic powers and responsibilities of the intelligence agencies.

John Schindler, a former NSA chief analyst and frequent defender who teaches at the Naval War College, said it was obvious why the agency would prefer to avoid restrictions where it can.

“Look, NSA has platoons of lawyers and their entire job is figuring out how to stay within the law and maximize collection by exploiting every loophole,” he said. “It’s fair to say the rules are less restrictive under Executive Order 12333 than they are under FISA.”

But as I noted in this post, there’s at least an argument to be made that the 2011 John Bates decision ruling Section 702 upstream collection intentional and the existing FAA (that is, far more stringent than the 12333) minimization procedures insufficient under the Fourth Amendment would apply here, making the exposure of US person data under this collection a constitutional violation. And all that’s assuming there’s a purpose, like terrorism, that would warrant (heh) a special needs exception. With such bulk collection and nonexistent oversight, it’s not clear such a case could be made.

So stealing. And in the process doing enormous damage to two important American companies.

There’s one odd thing about this article though. Notice the absence of any discussion of Microsoft?

How Does NSA (and Its Partners) Catch More Terrorists in Europe with Less Metadata?

/12 Comments/in , /by

In follow-up to yesterday’s I Con, Le Monde reports that France’s spy agency, DGSE and the US, established a data sharing arrangement in 2011-2012 via which France provides call data to the US. It notes that part of the data the US gets comes from the French (apparently, Le Monde has better mastery of the conjunction than American National Security journalists) and that French citizens, as well as other targets, are included.

I suspect this is where the global dragnet may proceed: where we learn, country by country, that the US has side deals with partners, in addition to massive collections done largely (in Europe, anyway) by GCHQ, that allows it access to a lot of metadata.

But there’s something missing.

The US can, so long as it gets away with it, collect as much metadata as it can from France and other foreign countries. In the US, it has to work through the courts (well, that’s the law, one the Bush Administration flouted for 5 years).

And yet, the US collects far more metadata in the US than it does in France. In the last month of 2012, the US (and its partners, including GCHQ and DGSE) collected 70.3 million pieces of metadata in France, or roughly 1.07 piece of metadata on every French person. According to the Guardian, Boundless Informant shows the NSA (and its partners) collected 2.89 billion pieces of data in the month ending March 2013, or roughly 9.32 pieces of metadata on every American. And all that’s apparently before you consider the billions or trillions of pieces of metadata collected in the phone dragnet (which of course collects on “substantially all” the 310 million Americans (though in France, investigators can access phone metadata more readily).

That is, legally, the NSA (and its partners, including GCHQ) are not bound by legal limits on what they collect. But it collects more on Americans than it does on the French.

And yet … NSA finds more terrorists in Europe than in America.

More terrorists, less metadata.

I am sure this is a matter of comparing oranges to orange bouncey balls. Different times of the year, different numbers of terrorists in the country, different complementary tools and investigative skills. That is, there are nuances in all this data that neither the Snowden document recipients nor the NSA are going to be able to explain anytime soon. But they both seem to agree Boundless Informant does provide some picture of how much data the NSA (and its partners) collect where. And that does seem to show that NSA collects relatively more in the US than it does in Europe.

If that’s the case, then why is having a complete haystack of metadata here in the US pursuant to the Section 215 dragnet necessary? Doesn’t the European case show you can find even more terrorists without it?

In Which the I Con Uses Top Secret Spy Weapon, the “Conjunction,” Against Journalists

/26 Comments/in /by


Man, it looks Mike Rogers and Keith Alexander conducted one hell of an InfoOp against the nation’s NatSec journalists today. Congratulations, spooks, you’ve finally managed successful propaganda.

Before I explain what I understand to have happened, let me be clear: I don’t claim to know what the slides and Q&A from Boundless Informant mean. It may well be that the truth lies between what a bunch of reporters are now reporting and what a series of papers around the world have reported. What I am focusing on here is what the I Con has said as compared to how it has been reported.

As I noted last week, James Clapper used a poor translation of a French article which clearly talked about collecting metadata, denied that the NSA was collecting call content, and based on that gimmick claimed Le Monde had made an error.

Then, in remarkable timing that has been replicated several times during this scandal, the WSJ reported just before the hearing on a topic that both Mike Rogers and Keith Alexander had rehearsed answers for during the hearing. I believe the original lede of the WSJ story (it has been updated) read the same as the current article does,

Millions of phone records at the center of a firestorm in Europe over spying by the National Security Agency were secretly supplied to the U.S. by European intelligence services—not collected by the NSA, upending a furor that cast a pall over trans-Atlantic relations

I don’t think the story ever said all the records were collected by Europeans, just that millions were. But in any case, I have zero doubt that WSJ’s secret sources told them something like this, that Europeans gave us data, which got reported in a way to suggest the Europeans collected all of it.

At the end of a long sequence in the hearing itself, in a comment not read from prepared statement, Alexander said this (all transcriptions here my own — please let me know of any errors):

Those screen shots that show–or at least, lead people to believe that we, NSA, or the United States, collected that information is false. And it’s false that it was collected on European citizens. It was neither.

And that statement, which did not accord with what Alexander had just said (including a long passage read from a prepared statement), resulted in headlines like this:

NSA Chief Says Phone Records Given to Agency by Cooperating European Intelligence Services, Not Intercepted by NSA

Or, from the WSJ’s update, making this conclusion:

In a congressional hearing Tuesday, the National Security Agency director, Gen. Keith Alexander, confirmed the broad outlines of the Journal report, saying that the specific documents released by Mr. Snowden didn’t represent data collected by the NSA or any other U.S. agency and didn’t include records from calls within those countries.

I think one of the reasons this InfoOp worked so well is that reporters had almost no time between the hearing and their filing deadline to review what actually got said (I tweeted immediately that Alexander’s statement actually didn’t confirm the WSJ’s early report, but am only now getting this all down).

So let’s look carefully at what Alexander really said (this starts at 41:14).

Rogers starts by asking Alexander to elaborate, specifically with regards to the US and NSA (he may be invoking the WSJ story, but he doesn’t say so). 

Rogers: And to that end, if I can, Mr. Alexander, there was some reporting that the story about French citizens being spied on by a particular slide that was leaked on a slide deck concluded that French citizens were being spied on. Can you expound on that a little bit? By the United States, by the way, specifically the National Security Agency.

Reading from a document of some sort, Alexander repeats the gimmick Clapper used last week, suggesting that the reports said the NSA had collected phone calls (content), then “corrects” their report to say Boundless Informant actually tracks metadata (which is actually what the reports had said).

Alexander: Chairman, the assertions by reporters in France, Le Monde, Spain, El Mundo, and Italy, L’Espresso, that NSA collected tens of millions of phone calls are completely false. They cite as evidence screen shots of the results of a web tool used for data management purposes but both they and the person who stole the classified data did not understand what they were looking at. The web tool counts metadata records from around the world and displays the totals in several different formats. [my emphasis]

Alexander then adds to last week’s gimmick of claiming the Europeans reported these as calls, not metadata, by denying we, alone, collected this data.

The sources of the metadata include data legally collected by NSA under its various authorities as well as data provided to NSA by foreign partners. To be perfectly clear, this is not information that we collected on European citizens. It represents information that we and our NATO allies have collected in defense of our countries and in support of military operations.

This is not information “we” collected (on European citizens, but I’ll come back to that), it’s data “collected by NSA … as well as data provided … by foreign partners.” It’s data “we and our NATO allies have collected.”

Those conjunctions — “as well as” … “and” — which in Alexander’s written statement make it clear that both the Europeans and US collect this intelligence, disappeared from much of the reporting on this.

Read more

John Bates Intervened in the Phone Dragnet Problems

/7 Comments/in , /by

Yesterday, I Con the Record released more records in response to the ACLU FOIA for records on the Section 215 program (though once again, they didn’t mention the FOIA).

Three of the documents provide more data points for a notable progression I laid out in this post, in which Reggie Walton appears to have shut down some collection from one telecom on July 9, 2009, reapproved it (including retroactively) on September 3, 2009, just in time for the Intelligence Community to claim Section 215 collection was central to the Najibullah Zazi investigation.

First, a July 2, 2009 notice to Walton provided the End-to-End review “for the Court’s information.” It had been completed on June 25 and provided to the Intelligence and Judiciary Committees on June 30. It was also included in the formal DOJ filing to Walton on August 19, which left the impression that DOJ had held it for two months before sharing it with the court. But this notice makes it clear Walton received a copy with only a slight delay (and the day before they delivered the first weekly report he had demanded). It also makes it clear he had gotten it, and probably read it, before whatever action he took on July 9. What may be the problematic collection (see page 15-16) apparently got reported to FISC before May 29 (no mention of a formal notice is included, though it seems to be addressed in the May 29 order). But there are other violations (such as the sharing described on page 17 that may involve Homeland Security) that appear to have been newly disclosed with this report.

In a second document — a September 10 notice to just the Senate Intelligence Committee (?!) that Judge Walton had reauthorized the bulk collection program on September 3 — reveals that on August 4, FISC Chief Judge John Bates had written Eric Holder a letter raising concerns. The notice portrays a September 1 demonstration for Walton, Bates, and Judge Thomas Hogan (who I believe was the only other FISC judge from the DC Circuit at the time) apparently at NSA as a response to Bates’ concerns. But the description of the demonstration also notes that,

The information was presented in the context of a current operation that concerns a potential threat to the U.S. homeland.

Remember, this was before (by 2 days) the Zazi investigation started. So this must reference something else, though it certainly didn’t sound all that urgent.

In any case, while it is unclear who got Bates involved (after all, it could have been the Administration, complaining that some of its production had been cut off), it is noteworthy he was involved, which provides a little more background to the frustration he expressed in his October 3, 2011 opinion accusing the government of signifiant misrepresentations on 3 occasions.

Finally, on October 21, in what must have been part of the PATRIOT Act reauthorization push, National Counterterrorism Center’s Michael Leiter and the NSA’s Assistant Deputy Director for Counterterrorism addressed the House Intelligence Committee. Along with their case for the program and a heavily glossed description of the problems with it (which they indicate had already been noticed in some form to the Committee), they described how tips from the dragnet “have contributed directly to the following specific cases,” plural. It includes an entirely unredacted description of the dragnet’s role in the Zazi investigation (without, for example, disclosing FBI already knew of Adis Medunjanin through travel documents to Pakistan where he and Zazi trained with terrorists). And it includes a shorter description of what must be at least one other case, which is entirely redacted. It’s possible, after all, that that second “success” (which is so credible we can’t know about it) is the ongoing threat referred to in the September 10 notice, which NSA used to scare FISC into reauthorizing the dragnet.

One more detail about the notice to HPSCI. It fails to mention that, less than 3 weeks after he reauthorized the dragnet, Walton learned — from DOJ, not NSA — of further information sharing violations. In other words, the HPSCI witnesses falsely portrayed the problems as fixed, when there were pending violations still being discussed between NSA and FISC.

There’s nothing enormous in these revelations, but they do add to the understanding of how grave FISC took these violations to be, and how partial was Congressional briefing on them.  Read more

One Day after Rolling Out “Comprehensive Review,” Feinstein Proceeds with Mark-Up Anyway

/13 Comments/in /by

Yesterday, Dianne Feinstein announced, “a total review of all intelligence programs … so that members of the Senate Intelligence Committee are fully informed as to what is actually being carried out by the intelligence community.”

Today, her committee will nevertheless conduct a mark-up of her bill to not fix the spying targeted at Americans.

Umm, given that she just admitted she doesn’t know everything the NSA has been doing — and that she hasn’t been fully informed — don’t you think the comprehensive review should precede the new legislation?

The White House — Lisa Monaco? — “Cutting Off the Intelligence Community”

/13 Comments/in , /by

Too bad for Obama he has decided the great new way to aggressively prosecute leaks without the bad PR of doing it through the Courts is to have James Clapper’s Inspector General investigate them. Because I’m betting the IC IG will be unenthusiastic about hunting down this admitted leaker.

Some U.S. intelligence officials said they were being blamed by the White House for conducting surveillance that was authorized under the law and utilized at the White House.

“People are furious,” said a senior intelligence official who would not be identified discussing classified information. “This is officially the White House cutting off the intelligence community.”

But I’m a bit more interested in this barb, putting Homeland Security Advisor Lisa Monaco solidly in the line of communication receiving intelligence from wiretaps on foreign leaders.

Any decision to spy on friendly foreign leaders is made with input from the State Department, which considers the political risk, the official said. Any useful intelligence is then given to the president’s counter-terrorism advisor, Lisa Monaco, among other White House officials.

As I have twice noted, Monaco brings dramatically different experience to the position than her predecessor, John Brennan. Rather than being implicated in the illegal program that was the root of many of the problems as the program moved under FISA Court review, she had had to try to clean them up while Assistant Attorney General for National Security, including at least the upstream violations. She also participated in the decision to shut down the Internet dragnet collection program.

After prior bitching about her silence during this scandal, she penned an op-ed last week laying out the evolving White House position.

Today’s world is highly interconnected, and the flow of large amounts of data is unprecedented. That’s why the president has directed us to review our surveillance capabilities, including with respect to our foreign partners. We want to ensure we are collecting information because we need it and not just because we can.

[snip]

Going forward, we will continue to gather the information we need to keep ourselves and our allies safe, while giving even greater focus to ensuring that we are balancing our security needs with the privacy concerns all people share.

The implication, of course, is that the same person voicing this “because we need it and not just because we can” has been implicated by receiving intelligence with Merkel’s and other leaders names on it, and may be responsible for not alerting the President to it. The accuracy of the claim, of course, depends on whether the White House really shut down the collection on Merkel earlier this summer or only in the last week or so; remember tasking priorities are reassessed biannually. Moreover, it’s not like wiretaps on allied leaders would be the primary focus of someone whose job centers on counterterrorism.

The thing is, this attack can backfire, as having received this information puts Monaco in an appropriate position to know whether we were collecting it because we could, not because we need to.

Monaco has, in the past, been part of a team that deemed a program not valuable enough to sustain. Which means she has a little experience for the pushback the IC may be throwing at her in coming days.

Has John McCain Been Chatting Up Bibi on a Tapped Phone?

/24 Comments/in , /by

Even more than Dianne Feinstein’s so-called reversal on the NSA, I’m intrigued by  John McCain’s.

“We have always eavesdropped on people around the world. But the advance of technology has given us enormous capabilities, and I think you might make an argument that some of this capability has been very offensive both to us and to our allies,” McCain said. “Eavesdropping on someone’s private cellphone obviously is something that is offensive to the chancellor of the Federal Republic of Germany.”

[snip]

“I think it may even call for a select committee, perhaps even bicameral, when you look at the damage that this has done to our relationship with some of our closest friends and allies,” said McCain, who was the unsuccessful GOP presidential nominee pitted against Obama in 2008. Still, McCain noted that foreign governments are not “innocent” because they also have spied on the U.S. government.

 

In the past, McCain hasn’t been uncritical in his comments on NSA, but he has used it to fearmonger about terrorists. More tellingly, he favors NSA taking the lead in Internet monitoring for domestic cybersecurity, effectively advocating for domestic spying. And yet now he’s squeamish because we’re wiretapping leaders of other countries?

Sure, it may be he’s just latching onto an issue to attack Obama on. Though who needs a new one given that 60 Minutes has resuscitated the old one?

Of course, McCain is the kind of guy who likes to freelance on foreign policy issues, frequently to pressure Obama from the right. And I can’t help but note that Bibi Netanyahu and Obama spoke today for no apparent reason aside from “regular consultations.”

President Obama and Prime Minister Netanyahu spoke by phone today as part of their regular consultations.  The two leaders discussed recent developments related to Iran, Israeli-Palestinian negotiations, and other regional issues.   The two leaders agreed to continue their close coordination on a range of security issues.

While there has been no public report that we tapped Bibi, and while I’m sure the Israelis take his security very seriously, he’s precisely the kind of frenemy I could see the government prioritizing. And while I’m sure Germany spies on us (ineffectively), McCain knows that Israel spies on (and hacks) us extensively, making it a more apt reference as a country that is itself not “innocent.”

Just a gut feel: when the Section 215 database got revealed, a wide range of Senators were up in arms until, in secret briefings, they all of a sudden learned something that calmed their nerves (I strongly believe NSA strips congressional numbers from the Section 215 database on intake). And I think it not outside the realm of possibility that McCain has shown newfound concern about NSA upon learning one of his interlocutors might be targeted as well.

Civil Libertarians to Dianne Feinstein: We Told You So

/25 Comments/in /by

The moment when Dianne Feinstein should have called for a comprehensive review of NSA’s programs was no later than August 18, when she admitted the Senate Intelligence Committee doesn’t get briefed on violations that occur under Executive Order 12333, even though they constitute the bulk of violations.

The committee does not receive the same number of official reports on other NSA surveillance activities directed abroad that are conducted pursuant to legal authorities outside of FISA (specifically Executive Order 12333), but I intend to add to the committee’s focus on those activities.

The committee has been notified—and has held briefings and hearings—in cases where there have been significant FISA compliance issues. In all such cases, the incidents have been addressed by ending or adapting the activity.

[snip]

I believe, however, that the committee can and should do more to independently verify that NSA’s operations are appropriate, and its reports of compliance incidents are accurate. This should include more routine trips to NSA by committee staff and committee hearings at which all compliance issues can be fully discussed.

While at the time she bought the NSA’s roamer myth, it was already clear the NSA was spying on US persons via its bulk collection “overseas,” including via some of the more troubling violations. She should have further gotten concerned when both Keith Alexander and James Clapper dodged questions about upstream violations. But then, she was too busy reading factually inaccurate statements about the same collections.

Back in the day, though, making sure the NSA wasn’t using Article II to evade oversight used to be one of her chief concerns.

Nevertheless, it took the disclosures of spying on Angela Merkel — and, no doubt, the embarrassment of her party’s President, and perhaps growing support for a real investigation — to really rile her up.

It is abundantly clear that a total review of all intelligence programs is necessary so that members of the Senate Intelligence Committee are fully informed as to what is actually being carried out by the intelligence community.

Unlike NSA’s collection of phone records under a court order, it is clear to me that certain surveillance activities have been in effect for more than a decade and that the Senate Intelligence Committee was not satisfactorily informed. Therefore our oversight needs to be strengthened and increased.

With respect to NSA collection of intelligence on leaders of U.S. allies—including France, Spain, Mexico and Germany—let me state unequivocally: I am totally opposed.

Unless the United States is engaged in hostilities against a country or there is an emergency need for this type of surveillance, I do not believe the United States should be collecting phone calls or emails of friendly presidents and prime ministers. The president should be required to approve any collection of this sort.

It is my understanding that President Obama was not aware Chancellor Merkel’s communications were being collected since 2002. That is a big problem.

The White House has informed me that collection on our allies will not continue, which I support. But as far as I’m concerned, Congress needs to know exactly what our intelligence community is doing. To that end, the committee will initiate a major review into all intelligence collection programs. [my emphasis]

I welcome this review — by all accounts the torture review conducted under her supervision is more thorough than anything else we’ve seen.

But … ah, the torture review.

There’s one other reason DiFi should have been quicker to respond to questions Edward Snowden — whom she called a traitor — raised.

In December she finished a 6,000 page report, one key finding of which was that the CIA lied to her community.

Why did she think NSA would be any different?

The Oversight Black Hole of the Merkel Tap

/16 Comments/in /by

In one of the better pieces on White House and anonymous NSA official claims about whether President Obama knew of the wiretaps on Angela Merkel, the NSA spokesperson gets to the crux of the issue.

“NSA is not a free agent,” said NSA spokesperson Vanee Vines. “The agency’s activities stem from the National Intelligence Priorities Framework, which guides prioritization for the operation, planning, and programming of U.S. intelligence analysis and collection.” The framework is approved by the top leaders of the government, but it leaves the question of how best to gather intelligence to the individual agencies.

This statement gets at why the anonymous NSA source claims that someone — whether it be Keith Alexander or another briefer — informed Obama of the tap on Merkel in 2010 and that he authorized it continue and the White House’s rebuttal that he didn’t know about the wiretaps on world leaders.

The account suggests President Barack Obama went nearly five years without knowing his own spies were bugging the phones of world leaders. Officials said the NSA has so many eavesdropping operations under way that it wouldn’t have been practical to brief him on all of them.

They added that the president was briefed on and approved of broader intelligence-collection “priorities,” but that those below him make decisions about specific intelligence targets.

The senior U.S. official said that the current practice has been for these types of surveillance decisions to be made at the agency level. “These decisions are made at NSA,” the official said. “The president doesn’t sign off on this stuff.” That protocol now is under review, the official added.

That is, the President approves the National Intelligence Priorities Framework and gets the results of the collection authorized by it, but he may not know specifically how each piece of intelligence was collected. I have no doubt Obama approved a continued focus on EU leaders in the aftermath of the financial crisis, but find it plausible that he did not know that would include monitoring Merkel’s private cell phone.

Here’s how the NIPF describes it working.

1. The National Intelligence Priorities Framework (NIPF) is the DNI’s sole mechanism for establishing national intelligence priorities.
2. Intelligence topics reviewed by the National Security Council (NSC) Principals Committee (PC) and approved by the President semi-annually shall form the basis of the NIPF and the detailed priorities established by the DNI.
Read more

The Institutional Subjectivity of the White Affluent US Nation

/19 Comments/in , , /by

In a really worthy read, Bill Keller and Glenn Greenwald debate the future of journalism.

Sadly, however, in his first response to Keller’s self-delusion of belonging to the journalistic tradition of “newspapers that put a premium on aggressive but impartial reporting[] that expect reporters and editors to keep their opinions to themselves,” Greenwald seemed to cede that such journalism constitutes, “concealing one’s subjective perspectives.” That permitted Keller to continue his self-delusion that his journalism — at both the level of reporter and that reporter’s larger institution — achieved that silence about opinions until they started fighting about the role of national allegiance and national security.

That argument developed this way.

Greenwald: Former Bush D.O.J. lawyer Jack Goldsmith in 2011 praised what he called “the patriotism of the American press,” meaning their allegiance to protecting the interests and policies of the U.S. government. That may (or may not) be a noble thing to do, but it most definitely is not objective: it is quite subjective and classically “activist.”

[snip]

Keller: If Jack Goldsmith, the former Bush administration lawyer, had praised the American press for, in your words, “their allegiance to protecting the interests and policies of the U.S. government” then I would strongly disagree with him. We have published many stories that challenged the policies and professed interests of the government. But that’s not quite what Goldsmith says. He says that The Times and other major news outlets give serious consideration to arguments that publishing something will endanger national security — that is, might get someone killed.

For what it’s worth, I think Keller is clinging to the first thing Goldsmith said,

Glenn Greenwald complained that “the NYT knew about Davis’ work for the CIA (and Blackwater) but concealed it because the U.S. Government told it to” (my emphasis).  That is inaccurate.  The government asked the Times not to publish, as it often does, and the Times agreed to the request, which it sometimes does.  The final decision rested with the Times, which listens to the government’s claims about national security harm and risk to individual lives, and then makes its own decision.   The Timesdoes not, in my opinion, always exercise this discretion wisely.

And ignoring what Goldsmith went on to say,

I interviewed a dozen or so senior American national security journalists to get a sense of when and why they do or don’t publish national security secrets.  They gave me different answers, but they all agreed that they tried to avoid publishing information that harms U.S. national security with no corresponding public benefit. Some of them expressly ascribed this attitude to “patriotism” or “jingoism” or to being American citizens or working for American publications.   This sense of attachment to country is what leads the American press to worry about the implications for U.S. national security of publication, to seek the government’s input, to weigh these implications in the balance, and sometimes to self-censor.  (This is a natural and prudent attitude in a nation with the fewest legal restrictions in the world on the publication of national security secrets, but one abhorred by critics like Greewald.)  The Guardian, al Jazeera, and Wikileaks, by contrast, worry much less, if at all, about U.S. national security interests.

That is, Goldsmith noted both that at an institutional level US news outlets entertained the requests of the government, and that at a reportorial level, individuals prioritized US “national security.”

And from there, Keller repeatedly ignored or dismissed the efforts Greenwald, in his Edward Snowden reporting, or WikiLeaks, in its Cablegate publications, made to protect lives of individuals.

It’s not until Greenwald’s response where he gets to the crux of the issue.

As for taking into account dangers posed to innocent life before publishing: nobody disputes that journalists should do this. But I don’t give added weight to the lives of innocent Americans as compared to the lives of innocent non-Americans, nor would I feel any special fealty to the U.S. government as opposed to other governments when deciding what to publish. Read more