A civil libertarian and his journey inside NSA

Share

Written by

There is nothing in Geoffrey Stone’s professional background that would lead anybody to believe he is a typical Washington, D.C., insider. In fact, for most of the last four decades he’s focused his academic career on issues related to the Constitution and civil liberties.

But the University of Chicago law professor found himself in an interesting position last August, when President Barack Obama named him to the five-member National Security Agency review board. For the first time in his life, Stone was given a top secret government security clearance and an electronic access card to get into a Sensitive Compartmented Information Facility, known as a SCIF (pronounced Skiff), in Washington, D.C.

Stone immediately thought the effort was “a waste of time,” he said, speaking Jan. 16 at an event hosted by Public Citizen, a nonprofit government watchdog group in Washington, D.C. ” I approached this with a high degree of skepticism about the NSA,” Stone said. But “we found several things that I found very heartening.”

Joining Stone on the review board were two other legal scholars, as well as Richard Clarke, former counterterrorism and cybersecurity chief in the Clinton administration, and Michael Morell, a former deputy director of the CIA. Although criticized by some civil liberties groups for not including technical experts or more staunch civil liberties proponents, the group relied comfortably on the technical and procedural expertise of Clarke and Morell, according to Stone, who is also a member of the American Civil Liberties Union National Advisory Council.

The group initially approached the legal, policy and technical issues surrounding NSA’s data collection programs from “very disparate views,” Stone said. But over time, they would “come to common understanding” about the legality, efficacy, value and future directions of NSA’s telephone metadata collection program and the Foreign Intelligence Surveillance Court.

“It was like being in a foxhole for five months,” said Stone, describing the internal deliberations of the review board. But in the end, “we came to have great trust and respect for one another,” he said. And that contributed to a group widely disparate views coming together to form unanimous conclusions on the NSA programs and what should be done to reform them.

“In all of this, the NSA does nothing illegal,” Stone said. “It is not acting beyond its authorities. There were some incidents of non-compliance with particular rules, which were important. But there was not a single instance we uncovered of NSA acting intentionally illegally.”

Stone said he was actually surprised by what he discovered during the course of the review board’s work about the culture of NSA. “The culture of the NSA, I came to conclude, is actually quite law abiding [with] a lot of integrity,” Stone said. Surprisingly, Stone came to believe NSA has not been treated fairly in the media. “I think they’ve gotten a bad deal in the public media,” he said.

For Stone and the other members of the review board, the central problems with the data collection programs are not with NSA, but with the authorities given to NSA by Congress.

“They’re just exercising the power that we give them,” Stone said. “If one wants responsibility for aspects of their activities that one might be unhappy about, it belongs with the Congress, with the executive branch and with the FISA court.”

Stone said he came to have great respect for NSA as an institution. “These are men and women who could earn 10 times as much money in the private sector, but they do what they do because they are really committed to keeping the nation safe,” he said.

The programs & the risk

According to Stone, the review board concluded the major risk in the telephone metadata collection program is not in the way NSA is currently using it under existing authorities, but in the long-term storage of the data by the government. The data, Stone said, should be moved out of the government and stored by the private sector to avoid the risk the government could use the data for nefarious purposes in the future. Moving the data to the private sector would not eliminate the risk, but would change substantially the nature of the risk, Stone said.

According to Stone, only two of the 21 NSA analysts who work with the telephone metadata collected under Section 215 of the USA Patriot Act are specially trained and authorized to determine if a particular telephone number collected is related to a terrorist and should be used in a query of the database. They must then take it to a supervisor before being granted authority to run the query, he said.

In 2012, NSA conducted a total of 288 queries of the database. “There were a few instances in which the information was useful, but no instances in which you could say … the information was essential in thwarting a terrorist attack,” Stone said. But surprisingly, the civil libertarians on the review board did not find evidence of massive sweeps of telephone numbers belonging to Americans and did not conclude the program was useless.

“Of the 288 queries in 2012, the total number of phone numbers they actually touched was only 6,000,” said Stone, acknowledging he was “quite surprised” by the small number of telephone numbers the program actually touched.

Having read all of the media reports, Stone said he assumed all of his phone calls and those belonging to everyone else were in the database. But when the review board first learned of the actual number of telephone records the program touched and how much the program cost, “Richard Clarke and I looked at each other and said, literally, ‘what the f–k?'”

Still, “if this works once a decade, even once every 20 years, that’s important,” he said. “As a civil libertarian, it is clear that nothing could do more to hurt civil liberties in this country than another 9/11.”

And that may be getting more difficult for NSA, thanks to Edward Snowden, the former NSA contractor responsible for leaking information about the programs and a wide range of other U.S. intelligence efforts. In fact, “the costs are real and many of them are not known to the public,” Stone said.

Photos



//

-In this Story-

civil liberties, Cybersecurity, Department of Defense (DOD), Departments, Geoffrey Stone, National Security Agency, NSA Review Panel, privacy, Tech
TwitterFacebookLinkedInRedditGoogle Gmail