Congress vs the President: Who Should Make the Calls on NSA?

Deputy National Security Agency Director Chris Inglis, National Security Agency Director Gen. Keith Alexander, Director of National Intelligence James Clapper and Deputy Attorney General James Cole, testify in Congress, Oct. 29, 2013.

AP Photo/ Evan Vucci

AA Font size + Print

Deputy National Security Agency Director Chris Inglis, National Security Agency Director Gen. Keith Alexander, Director of National Intelligence James Clapper and Deputy Attorney General James Cole, testify in Congress, Oct. 29, 2013.

Are the intel committees upset that the NSA tapped Merkel's phone -- or that they didn't know about it first? By Marc Ambinder

Watching the latest episode of NSA: The Reckoning, off the C-SPAN live-stream, I found myself asking this question: Do members of Congress believe that it’s a problem, really, that the National Security Agency managed to tap the cell phone of German Chancellor Angela Merkel in 2002?

Or was the problem simply that they’re members of Congress, and not members of the executive branch?

If you’re on the staff of the National Security Council, then the answer is obvious.  Not only is spying on Merkel not a problem — it’s something you absolutely need to do your job. In fact, it’s something that you probably deal with every day. So much so, that you take it for granted.

Let’s say you’re the NSC’s senior director for European affairs. When you make your daily trip to the White House Situation Room or into a Sensitive Compartmented Information Facility inside the Eisenhower Executive Office Building, you’ll come away with a document that the NSA’s National Security Operations Center has tailored directly for you, full of the choicest SIGINT (signals intelligence) cuts from the best SIGINT sources over the past 24 hours. The European States Branch of the NSA’s International Security production line — S2C32 — has selected what its analysts consider the sexiest and most relevant intercepts. You are its best customer! If you’re happy with their product, you might just pass along their work to President Obama.

Now, outsiders might think that the NSA would be vague with the White House about the source of the intercept. But you know that’s not the case. You know that the NSA goes out of its way to tell you the specific source without burdening you with irrelevant technical detail. Why? Are they covering their butts? No. They want you to know why they have so much confidence in the validity of their work. Validity correlates with reliability, with correlates with utility. And the NSA has a corporate mentality these days. It wants to add value to the work lives of its customers.

So if a telephone conversation between the chancellor of Germany and her chief economics adviser was intercepted, the words you read will include something to the effect of: “In a telephone conversation between Chancellor Merkel and her chief economics adviser…”  

Now it might occur to you, in the course of preparing the president for a briefing on his next phone call with Chancellor Merkel, that the intercepts that come from conversations with her aren’t very useful. Perhaps the NSC’s director of intelligence, who also gets the intercepts, has noticed the same thing. You’re not dumb, so you understand that every CANEX operation — a Close Access Network Exploitation operation — bears political risk, especially every CANEX operation involving a phone line belonging to an allied head of state. So maybe you mention something to the national security adviser, who also gets the intercepts. Making this call to make this call is what you’re paid to do. You and your colleagues can ask the NSA to close this operation anytime you want and they will follow your instructions. (There is no reason — not a single reason — for them not to close it unless the technical part of closing an operation risks its disclosure, in which case you would certainly be alerted).

Members of Congress do not receive the same intelligence streams that go directly to the executive branch. Why? Those executive streams are tailored to the execution of policy, and the relevant committees would find them gossipy. The cleared members of the Senate Select Committee on Intelligence and the House Permanent Select Committee on Intelligence can get the same finished reports, if they want, but the information provided to Congress on a voluntary basis by the intelligence community is often shorn of the sources and methods that the National Security Council must see on a daily basis. That’s because the SSCI and HSCI oversee the management, function, budget and processes of the information-gathering branch of the national security establishment. They do not, strictly or even loosely speaking, determine what the requirements are. They can try to write into the intelligence budget language that would prohibit any National Intelligence Program money from being used to fund collection activities against heads of state allies, but they’ve never thought it wise to do so before.

This distinction between executive and legislative disclosures, based on a long-standing argument about the control of national security information, is slowly being erased. Congress is becoming more assertive in demanding intelligence to make policy, and the intelligence committees are becoming more assertive in demanding intelligence about intelligence to make intelligence policy decisions.

That the SSCI and HSCPI were never told about the Merkel CANEX is defensible: opening the channel to Merkel’s telephone line might have been as easy as inputting a command to an implanted device on an access point inside the German telecom that processes the digital information associated with Merkel’s phone number. Yes, that’s four prepositions, but if the NSA already had an “in (that’s five!) to the German telecom network and had mapped it, turning on a spigot would not really be in any way “significant” — especially if the request came through regular channels. (State ONR has a priority requirement for SIGINT to determine German political candidate Angela Merkel’s views on the impending war in Iraq.) At NSA, the signals intelligence development supervisors would see that request and say, “Yeah, we can do that, pretty easily.” And within a day, maybe, the collection would begin.

That the committees would think they ought to have been told is understandable. That they are protesting loudly — well, it’s as much for Merkel’s consumption as it is for the NSA to stew over. Their message is this: “The U.S. Congress respects you, Madame Chancellor, and we think you’re such an important ally and we value you so much that we would never do anything to ruin our critical relationship.”  But their message also is:  The NSA has gotten out over its skis, and if the executive branch can’t figure out when an intelligence operation is risky enough to warrant Congressional notification, Congress is going to force the issue.

The truth is that Congress has neither the time nor the inclination to select and prioritize targets, and the executive branch will always be in a better position to assess risk. Neither branch assumed that they’d ever have to deal with the ramifications of a system they created, nourished and routinely endorsed.

Close [ x ] More from DefenseOne
 
 

Thank you for subscribing to newsletters from DefenseOne.com.
We think these reports might interest you:

  • Software-Defined Networking

    So many demands are being placed on federal information technology networks, which must handle vast amounts of data, accommodate voice and video, and cope with a multitude of highly connected devices while keeping government information secure from cyber threats. This issue brief discusses the state of SDN in the federal government and the path forward.

    Download
  • Military Readiness: Ensuring Readiness with Analytic Insight

    To determine military readiness, decision makers in defense organizations must develop an understanding of complex inter-relationships among readiness variables. For example, how will an anticipated change in a readiness input really impact readiness at the unit level and, equally important, how will it impact readiness outside of the unit? Learn how to form a more sophisticated and accurate understanding of readiness and make decisions in a timely and cost-effective manner.

    Download
  • Cyber Risk Report: Cybercrime Trends from 2016

    In our first half 2016 cyber trends report, SurfWatch Labs threat intelligence analysts noted one key theme – the interconnected nature of cybercrime – and the second half of the year saw organizations continuing to struggle with that reality. The number of potential cyber threats, the pool of already compromised information, and the ease of finding increasingly sophisticated cybercriminal tools continued to snowball throughout the year.

    Download
  • A New Security Architecture for Federal Networks

    Federal government networks are under constant attack, and the number of those attacks is increasing. This issue brief discusses today's threats and a new model for the future.

    Download
  • Information Operations: Retaking the High Ground

    Today's threats are fluent in rapidly evolving areas of the Internet, especially social media. Learn how military organizations can secure an advantage in this developing arena.

    Download

When you download a report, your information may be shared with the underwriters of that document.