|
Every other year seems to bring another high-profile leaker from the US intelligence community. This year’s celebrity intelligence officer is Reality Winner, formerly employed as a contractor by the National Security Agency (NSA). (And yes, that is apparently her real name.) There are two lessons to be drawn from the case, one reassuring, one not. The good news is that US counterintelligence seems able to find such leakers quickly and with the kind of evidence that can be presented in court. The bad news is that our contracting, hiring, and clearance process is not producing employees we can trust in the ways we need.
Winner was an employee of a government contractor called “Pluribus.”(It’s not just you; all the names in this story feel concocted by a lazy scriptwriter.) In early May 2017, Winner printed out a secret NSA document and gave it to reporters at The Intercept, an online publication devoted to, essentially, publishing leaked US intelligence files. (Who is making up these names?) Winner was motivated by concerns about Russian interference in the 2016 election, the topic of the memo.
The good news is that the NSA’s counterintelligence mechanisms worked properly, and Winner was found and arrested quickly. The Intercept story ran June 5, based on documents dated May 5, 2017. Winner was arrested on June 3, with the arrest announced two days later. That is, the FBI was able to identify her within a month of the leak and before the story based on the leak became public. This is a reasonably quick turnaround for a criminal arrest and a considerable improvement over the case of Private First Class Chelsea Manning, who was arrested four months after initially leaking to WikiLeaks. It is also a vast improvement over the FBI’s handling of Edward Snowden, who has successfully evaded prosecution to this day.
Moreover, the means by which Winner was found is reassuring. She was caught by the NSA’s internal auditing mechanisms, which record who accessed which documents and who printed what. (In contrast, Manning was caught only after confessing to ex-hacker Adrian Lamo, who notified the authorities.) The NSA is probably doing as well as any agency could: Employees do need the ability to print things, and It’s not really practical to stop them from smuggling printed paper out of the office. So “audit and prosecution”is our only technical approach to this specific threat.
The bad news is that Winner was probably a foolish person to trust. She was somebody who had strong political views, of the “Trump is a fascist”variety. Winner’s strong political antipathy to the president was known in advance of hiring and should have been a red flag. Of course the government should be happy to hire people who are politically opposed to the president, but background issues that are handled improperly may well result in dramatic and foolish incidents such as this. It is too soon to say if the use of outside technical contractors such as Winner and Snowden poses a particular risk to the government, but that possibility bears watching.
The still worse news is that cases like this are likely to become more common over time. The 2016 election has left much of the country in an extraordinary state of polarization, and “normal calm politics”do not look set to resume any time soon. The challenge facing policymakers is to set up an intelligence structure that can be trusted to obey its political leaders and that can in turn be trusted by the country as a whole. This post was originally published on TechPolicyDaily.
The NAFTA renegotiation is the best opportunity for the US to create a pro-market e-commerce trading framework.
|
