Paul Pillar

Don't Surrender to Leakers

One of the best summaries of the escapade involving endlessly dribbled-out secrets stolen from the National Security Agency came this week from Representative Mike Rogers (R-MI), chairman of the House Permanent Select Committee on Intelligence. As Rogers put it:

A systems administrator with only the dimmest understanding of the legal and technical complexities of vital counterterrorism programs stole and disclosed a mountain of properly classified material. The compromised programs are authorized in law and carefully overseen by Congress, the Justice Department and the courts. Yet these selectively leaked documents, framed hyperbolically by an activist masquerading as a journalist at the Guardian, have created the dangerous misimpression that the intelligence community is lawless. The American people must not accept this absurd myth. Congress also can’t let Edward Snowden’s anarchy paralyze us from addressing real threats to our country.

The damage from the leaks, to U.S. foreign policy and U.S. national interests, mounts with each dribble, and the amount and variety of the damage are sweeping. The most recent inflictions of damage concern relations between the United States and important foreign partners ranging from Brazil to Germany. The visible part of the damage includes public expressions of disapproval by foreign governments and consumption of the valuable time and attention of the president of the United States in efforts to smooth out the ruffles. There probably are related invisible parts of the damage as well, wherever public ruffles affect the non-public work of government agencies, including work that involves international cooperation in tackling shared threats and problems.

None of this damage is due to the NSA programs that are the subjects of the leaks. All of the damage comes from the leaks themselves. Even if a foreign government somehow were to learn through its own capabilities of U.S. collection of signals intelligence aimed at its agencies or leaders, its response would be quietly to intensify efforts to bolster its own communications security. To do otherwise and to raise a stink about the matter would risk further compromising its own counterintelligence capabilities and damaging a relationship it would not be in its own interests to damage. It is only when such collection activity is made public through a leaker, with all of the embarrassment and public pressures that are triggered by such a revelation, that leaders feel obliged to take conspicuous umbrage, with all of the further damage that entails.

There is no way to undo the damage that already has occurred. The current episode is an occasion for redoubling efforts to prevent similar damage from future would-be leakers and their collaborators. This involves, among other things, ending nonsensical references to governmental efforts to preserve security as “going after whistleblowers.”

We also need to avoid compounding the damage by shying away from doing worthwhile things, either as executive branch operations or as legislation, because leakers have scared us away from doing such things. Chairman Rogers made the observation quoted above in the course of expressing disappointment with a Washington Post editorial that suggested the political atmosphere following Snowden's leaks makes it unrealistic to pass legislation enlisting government help for private companies in defending against foreign cyber espionage. Rogers is correct in stating that Congress should not be freed of its responsibilities on this subject, and that American companies should not have to fend entirely for themselves when the threat is often coming from foreign governments.

A later Post editorial, while saying several sensible things on the broader subject of foreign intelligence collection, again unfortunately exhibits a pattern of being scared by leakers. In referring to reported collection against communications involving the president of Brazil, the Post says:

But the potential benefits of collecting intelligence on nominally friendly leaders has to be weighed against the potential blowback if the operations are exposed — which in the Internet era has become increasingly likely. It seems unlikely that anything gleaned from Ms. Rousseff’s e-mail is worth the trouble it has caused.